Activity No.

9
Protecting Data by Encryption
Course Code: CPE011 Program:
Course Title: Database Management System Date Performed:
Section: Date Submitted:
Name: Instructor:
1. Objective(s):

This activity aims to implement encryption to protect data.

2. Intended Learning Outcomes (ILOs):

The students should be able to:
2.1. Demonstrate encryption and decryption of a column or row level data.
2.2. Create SQL server master key to perform encryption

3. Discussion :
Encryption is the process of obfuscating data by the use of a key or password. This can make the data useless
without the corresponding decryption key or password. Encryption does not solve access control problems. However,
it enhances security by limiting data loss even if access controls are bypassed.

SQL Server uses encryption keys to help secure data, credentials, and connection information that is stored in a
server database. SQL Server has two kinds of keys: symmetric and asymmetric. Symmetric keys use the same
password to encrypt and decrypt data. Asymmetric keys use one password to encrypt data (called the public key)
and another to decrypt data (called the private key).

In SQL Server, encryption keys include a combination of public , private, and symmetric keys that are used to protect
sensitive data. The symmetric key is created during SQL Server initialization when you first start the SQL Server
instance. The key is used by SQL Server to encrypt sensitive data that is stored in SQL Server. Public and private keys
are created by the operating system and they are used to protect the symmetric key. A public and private key pair is
created for each SQL Server instance that stores sensitive data in a database.

There are two different kinds of encryptions available in SQL Server:

• Database Level – This level secures all the data in a database. However, every time data is written or read from
database, the whole database needs to be decrypted. This is a very resource-intensive process and not a
practical solution.
• Column (or Row) Level – This level of encryption is the most preferred method. Here, only columns
containing important data should be encrypted; this will result in lower CPU load compared with the whole
database level encryption. If a column is used as a primary key or used in comparison clauses (WHERE
clauses, JOIN conditions) the database will have to decrypt the whole column to perform operations involving
those columns.

4. Resources:
Personal Computer with installed SQL Server

5. Procedure:
 Step 1. Create MariaShopDB database.

Step 2. Input the

following data in the
Customer table.

To check SQL
Server Master
Key
Step 1. In
Object Explorer, connect to an instance of Database Engine. On the Standard bar, click New Query.

Step 2. Copy and paste the following example into the query window and click Execute.
To create SQL Server Database Master Key
Step 1. In Object Explorer, connect to an instance of Database Engine. On the Standard bar, click New Query.
Step 2. Copy and paste the following example into the query window and click Execute.

To encrypt a column of data using simple symmetric encryption

Step 1. In Object Explorer, connect to an instance of Database Engine. On the Standard bar, click New Query.
Step 2. Copy and paste the following example into the query window and click Execute.
 To decrypt a column of data using simple symmetric encryption

Step 1. In Object Explorer, connect to an instance of Database Engine. On the Standard bar, click New Query.
Step 2. Copy and paste the following example into the query window and click Execute.
6. Database Output

Copy screenshot(s) of your database after completing the procedures provided in Part 5.

7. Supplementary Activity

Do the following tasks and copy screenshot(s) of your output.

1. Modify Customer table of MariaShopDB. Add SSS number . Use varchar(50) as data type.
2. Encrypt the SSS number column.
3. Decrypt the SSS number column.

8. Conclusion
9. Assessment (Rubric for Laboratory Performance):