Implementing Transparent Data Encryption
Like many encryption scenarios, TDE is dependent on an encryption key. The TDE database encryption key is a symmetric key that secures the encrypted database. The DEK is protected using a certificate stored in the
master database of the SQL Server instance where the encrypted database is installed.
Implementing TDE for a specific database is accomplished by following these steps:
Create a master key.
Create or obtain a certificate protected by the master key.
Create a database encryption key and protect ...