Difference between Cell- level Encryption and Transparent Data Encryption (TDE)
|
Cell- level Encryption
|
Transparent Data Encryption (TDE)
|
|
Granular control over which data is encrypted
|
Encrypts the
entire database
|
|
User‐aware encryption can control access on a need‐to‐know basis
|
Encryption is not user‐aware; data is open to all users who have
permission to access the database
|
|
Requires analysis to find sensitive data
|
No analysis required because entire database is encrypted
|
|
Affect table structure because encrypted data can only be stored
in varbinary data type columns.
|
No change is
required in table structure.
|
|
Database applications need to be modified to use specific
functions to encrypt and decrypt data.
|
No database application change needed.
|
|
Indexes, primary keys, and foreign keys cannot be encrypted.
|
No impact on indexing, primary keys, or foreign keys
|
|
Potential
impact on performance because indexes on encrypted columns are not used while
searching a value.
|
Small impact
on performance (up to 5%)
|
