Sybase SQL Anywhere 11. We have to secure a lot of our tables within our database. I adopted the instruction and made it happen. We selected the "strong" option with encryptionKey and AES256_FIPS formula. But you will find something I'm not obvious about the subject.
It may need encryptonKey whenever we produce the database, take away the database and begin the database server but it won't require encryptionKey whenever we steer clear of the database server and fasten towards the server to produce tables and add data. Why there's NO encryptionKey requested whenever we connect with it or attempt to steer clear of the server? I'm doing a problem?
don't understand how to test the file encryption? I still can easily see all plain text within the encoded tables after i use Sybase Central tool. If somebody knows the database user title and password, he/she will connect with the database and browse this content with no encryptionKey. is right?
I can not speak particularly to Sybase's system, but database file encryption generally is made to secure in the file system level to avoid backdoor accessibility database's data (i.e. reading through the binary file and parsing it yourself instead of studying the RDBMS), not to avoid access or obfuscate data with the standard database interface (it's expected that you will make use of your RDBMS's security systems to get this done).
Possibly the SQL Anywhere tool captures the file encryption key when you initially come in (i.e. at server startup) after which stores it in memory to decrypt for other procedures. As @Adam Robinson stated, the information must be encoded within the filesystem or there is a mystery if you take the "analog solution" and merely parsing the raw file, the industry nice segue for your second question...
If you wish to test the file encryption, try finding and opening the file outdoors from the Sybase tools and try to place any identifiable data. I'd begin with an easy text look for a string (produce a cell having a unique string searching for) and make certain it is not there within the encoded file. To ensure, you might parse a non-encoded version from the database and make certain that you simply can discover the string there.