Create a cryptographic specification for Column Level Encryption

  • Release version: Xanadu
  • Updated October 22, 2024
  • 1 minute to read

    • After you create a cryptographic module, access the corresponding cryptographic specification to define the algorithm.

    Before you begin

    Role required: sn_kmf.cryptographic_manager or sn_kmf_admin and security_admin or admin

    About this task

    This procedure describes options that are available with Column Level Encryption with the base system and additional configuration options that become available with Column Level Encryption Enterprise functionality. Column Level Encryption Enterprise functionality is available with a paid subscription. Refer to Encryption and Key Management subscription bundle for supported features and options available with each offering. See Activate Column Level Encryption Enterprise for more information on obtaining Column Level Encryption Enterprise.

    A cryptographic specification will be created by the system when you create a cryptographic module for Column Level Encryption Enterprise.

    .

    Procedure

    1. Navigate to System Security > Field Encryption Modules > All.
    2. Select the cryptographic module to open the configuration options.
      Cryptographic module information is displayed at the top of the screen. A Symmetric Data Encryption/Decryption crypto specification is auto-created with an AES 256 CBC algorithm.
    3. Select the crypto specification from the table to open the Algorithm Definition.
      For Column Level Encryption Enterprise see Configure advanced algorithms for Column Level Encryption Enterprise.
    4. Click Next to access the Key Lifecycle.

    What to do next

    Perform one of the following operations: