set  setuser

Chapter 1: Commands

set encryption passwd

Description

Sets the encryption password.

Syntax

set encryption passwd 'password_phrase'
	for {key | column} {keyname | column_name}

Parameters

password_phrase

is the explicit password specified with the create encryption key or alter encryption key command to protect the key

key

indicates that Adaptive Server uses this password to decrypt the key when accessing any column encrypted by the named key

keyname

may be supplied as a fully qualified name. For example:

[[database.][owner].]keyname
column

specifies that Adaptive Server uses this password only in the context of encrypting or decrypting the named column. End users do not necessarily know the name of the key that encrypts a given column

column_name

name of the column on which you are setting an encryption password. Supply column_name as

[[database.][ owner ]. ]table_name.column_name

Examples

Example 1

The key custodian shares the password required to access employee.ssn with “susan”. He does not need to disclose the name of the key to do this:

Example 2

If “susan” has select and decrypt permission on employee, she can select employee data using the password given to her for employee.ssn:

set encryption passwd "Ynot387" for column employee.ssn
select ename from employee where ssn = '111-22-3456'

ename
-----------------------
Priscilla Kramnik

Example 3

If “susan” attempts to select data from payroll without specifying the password for payroll.ssn, the following select fails (even if “susan” has select and decrypt permission on payroll):

select base_salary from payroll where ssn = '111-22-3456'

You cannot execute 'SELECT' command because the user encryption password
has not been set.

To avoid this error, “susan” must first enter:

set encryption passwd "Ynot387" for column
payroll.ssn

Usage




Copyright © 2008. Sybase Inc. All rights reserved. setuser

View this document as PDF