Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Microsoft SQL Server Management Studio (SSMS)

Integration with CipherTrust Manager

search

Integration with CipherTrust Manager

This section outlines the steps to integrate Microsoft SSMS with CipherTrust Manager.

Prerequisite

  • CADP KSP (32 bit) and SSMS v17.6 must be installed on the target machine. Verify that msvcp100.dll and msvcr100.dll file is available at C:\Windows\System32 for CADP KSP Installation.

  • Ensure adding the IP of CipherTrust Manager instance in ProtectAppICAPI.properties file.

Integrating Microsoft SQL Server Management Studio with the CipherTrust Manager

To integrate Microsoft SQL Server Management Studio with the CipherTrust Manager:

Creating Always Encrypted Column Master Key

After installation of CADP Key Storage Provider_32 bit, you need to configure Always Encrypted.

  1. From the Start menu, select the Microsoft SQL Server Management Studio, and connect to the desired database.

  2. Once connected, select and expand Databases > expand <your_database_name> > expand Security > expand Always Encrypted Keys.

  3. From the Key store drop-down list, select the Key Storage Provider (CNG).

  4. From the Select a provider drop-down list, select CADP Key Storage Provider.

    Note

    If the CADP Key Storage Provider is not visible, ensure that you have correctly installed and registered the CADP Key Storage Provider (32 bit).

  5. In the Name field, enter a name for the CMK. Click on Generate Key to create a new CMK.

You can also view the generated CMK under Keys & Access Management > Records in the CipherTrust Manager.

!!! note For CipherTrust Manager, irrespective of the name provided for the CMK in the Name field, internally CMK is always requesting with Always-Encrypted-Auto 1 Name.

Generate Column Encryption Key

You can enable Always Encrypted Keys and generate a Column Encryption Key (CEK). To generate CEK, select the database.

  1. Click Security > Always Encrypted Keys > Column Encryption Keys, right-click and select New Column Encryption Key

  2. Specify a Name for the CEK.

  3. From the Column master key drop-down, select the CMK using which CEK will be encrypted and Click OK.

This generates a CEK that is Encrypted and signed using the above specified CMK.

Encrypt Table Data

  1. Right click on the table and select Encrypt Columns option.

    Column Selection screen is displayed.

  2. Select the column(s) on which you want to apply the encryption (Name, in this case), and select the Encryption Type as Deterministic or Randomized.

  3. Select the column encryption key from the Encryption Key drop-down, and click Next to proceed further.

  4. Click Next to view the summary, and click Finish to complete the encryption process.

Following snapshot shows the result of pass or failure:

On this page