Encrypted columns in Adaptive Server version 15.0.2 allows Component Integration Services (CIS) to establish connections to servers that require user-specified passwords to decrypt data. Adaptive Server forwards the user encryption key passwords from the CIS-enabled server to the remote Adaptive Server.
For example, to process a customer’s credit card data, execute:
set encryption passwd 'MotherofSecrets' for customer.cust_cc
When you select data from the table:
select cust_cc from customer where custid = 99
CIS forwards the user encryption key passwords to the remote servers.
If CIS connections are not currently established – if the remote server is version 15.0.2 or later, when the “local” server (the server originating the CIS connections) receives a set encryption passwd statement, information contained in the statement is stored in the current thread’s session context. When the local server makes a CIS connection, all context relating to encryption passwords is forwarded to the remote server.
If CIS connections are established – CIS maintains session-state variables to be synchronized between the local and the remote server. CIS tracks which encrypted passwords are sent to the remote server. Each time it accesses the remote server, CIS compares the state information with the local thread’s context, and forwards only those encryption passwords set since the last interaction with the remote server.
