Previous Topic: Define a Credential in SQL Server 2008

Next Topic: Define a Database in SQL Server 2008

Define a SQL Server 2008 Cryptographic Provider

The SQL Server 2008 Extensible Key Management enables third-party EKM/HSM vendors to register their modules in SQL Server. When registered, SQL Server users can use the encryption keys stored on EKM modules. This enables SQL Server to access the advanced encryption features these modules support such as bulk encryption and decryption, and key management functions such as key aging and key rotation.

To define the attributes of an external Extensible Key Management provider, which provides cryptographic functionality for SQL Server, use the SQL Server Cryptographic Provider Editor to define a cryptographic provider in a SQL Server 2008 physical model.

To define a SQL Server cryptographic provider

  1. Click Target - SQL Server, Security, Cryptographic Properties on the Model menu.

    The SQL Server Cryptographic Provider Editor opens.

  2. Select the cryptographic provider in the Navigation Grid that you want to define and work with the following options:

    Note: Click New New icon in property editors to create a new object on the toolbar to create a new cryptographic provider. Use the Enter filter text box to filter a very large list of cryptographic providers to quickly locate the one that you want to define.

    Name

    Specifies the name of the cryptographic provider. You can change the name of the cryptographic provider in this field.

    File

    Specifies the file type of the file that implements the SQL Server Extensible Key Management interface.

    Enabled

    Specifies whether the status of the cryptographic provider is enabled.

    Generate

    Generates SQL during forward engineering. Clear the check box if you do not want to generate SQL.

  3. (Optional) Click the Comment tab and enter any comments that you want to associate with the cryptographic provider.
  4. (Optional) Click the Where Used tab to view where the cryptographic provider is used in the model.
  5. (Optional) Click the UDP tab to work with user-defined properties for the cryptographic provider.
  6. (Optional) Click the Notes tab to view history information and view or edit user notes.
  7. Click Close.

    The cryptographic provider is defined and the SQL Server Cryptographic Provider Editor closes.