Product Documentation

SQL Operations Guide

Previous Topic

Next Topic

Advanced Encryption for FairCom DB SQL Tables

FairCom DB SQL supports the ability to encrypt tables from the CREATE TABLE command. Advanced encryption, including standard AES (Rijndael), Twofish, Blowfish, and DES, is available for industry-standard hardening of data. The AES encryption standard may be required with some forms of data, such as that used in the health care industry (for example, to conform to U.S. HIPAA regulations) and the financial industry.

The following encryption options can be used with the STORAGE_ATTRIBUTES keyword:

STORAGE_ATTRIBUTES 'ENCR=crypt'

crypt can be one of the following:

  • AES16 (Rijndael)
  • AES24
  • AES32
  • DES8
  • DES16
  • DES24
  • BLF8 through BLF56 (Blowfish)
  • TWF16 (Twofish)
  • TWF24
  • TWF32

Deprecated

The following is also supported, but not recommended:

STORAGE_ATTRIBUTES 'CAMO'

CAMO or "Camouflage" is an older, legacy method of hiding data, which is not a standards-conforming encryption scheme, such as AES. It is not intended as a replacement for Advanced Encryption or other security systems.

Example

CREATE TABLE encrypted_table (name CHAR(10), age SMALLINT) STORAGE_ATTRIBUTES 'ENCR=AES32' ;

To combine STORAGE_ATTRIBUTE options, separate them with a semicolon (;). For example, to create a non-HUGE, AES32 encrypted table, you would issue a statement such as the following:

CREATE TABLE small_camo_table (name CHAR(10), age SMALLINT) STORAGE_ATTRIBUTES 'ENCR=AES32;NOHUGE' ;

FairCom DB SQL must have the ADVANCED_ENCRYPTION configuration keyword specified in the ctsrvr.cfg configuration file. The table creation will fail with FairCom DB SQL error -17454 (feature not supported) if you request an encryption option without this server configuration option enabled.

Using an encryption mode not listed above will also result in the FairCom DB SQL error -17454 (not supported).

TOCIndex