With the release of Always Encrypted, sensitive data such as credit card numbers, personal addresses, salaries and national identification numbers (i.e. Brazil's CPFs or U.S. SSNs) can be protected from high-privileged users such as DBAs and System Administrators. But how does this feature work under the covers? Could it prevent data exposure from Memory Dumps Attacks? Can it keep sensitive data safe from Man In The Middle Attacks?
In this session, we'll walkthrough Always Encrypted architecture and put it to the test. We'll simulate a Memory Dump Attack and look into the data pages dumped from memory. We'll sniff the network to see if sensitive data is encrypted inside TDS packets. Are you curious about the results? Then, come and join us!
Prerequisites: Understanding how SQL Server stores data and manages the buffer pool. Basic understanding of the Tabular Data Stream protocol is recommended.