SQL Server utilizes an encryption hierarchy that enables databases to be shared within a cluster or migrated to other instances without re-encrypting them. These encryption keys are encrypted using the database server master key and are stored in a dictionary table in the database. The same key is used to encrypt columns in a table, regardless of the number of columns to be encrypted. Keys for TDE can be stored in an HSM to manage keys across servers, protect keys with hardware, and introduce a separation of duties. Oracle Advanced Security TDE tablespace encryption and support for hardware security modules (HSMs) were introduced with Oracle Database 11gR1. Oracle Advanced Security TDE column encryption was introduced in Oracle Database 10g Release 2. Oracle TDE addresses encryption requirements associated with public and private privacy and security mandates such as PCI and California SB 1386. Oracle requires the Oracle Advanced Security option for Oracle 10g and 11g to enable TDE. It is also supported in cloud versions of the product by default, Db2 on Cloud and Db2 Warehouse on Cloud. IBM offers TDE as part of Db2 as of version 10.5 fixpack 5. SQL TDE is supported by hardware security modules from Thales e-Security, Townsend Security and SafeNet, Inc.
TDE was only supported on the Evaluation, Developer, Enterprise and Datacenter editions of Microsoft SQL Server, until it was also made available in the Standard edition for 2019. Enterprises typically employ TDE to solve compliance issues such as PCI DSS which require the protection of data at rest. It does not protect data in transit nor data in use. TDE solves the problem of protecting data at rest, encrypting databases both on the hard drive and consequently on backup media. Transparent Data Encryption (often abbreviated to TDE) is a technology employed by Microsoft, IBM and Oracle to encrypt database files. ( March 2015) ( Learn how and when to remove this template message) Please help to improve this article by introducing more precise citations. This article includes a list of general references, but it lacks sufficient corresponding inline citations.