skip to main content
Using the driver : Data encryption : Always Encrypted : Caching column encryption keys
  

Try DataDirect Drivers Now
Caching column encryption keys
Caching column encryption keys improves performance by reducing the overhead associated with fetching and decrypting the keys for the same data multiple times. For security purposes, the driver empties keys from the cache when a connection closes; however, for applications that remain connected for long periods of time, you may want to delete the keys before the connection ends. You can determine the length of time the driver caches keys by specifying the following values for the AEKeyCacheTTL property:
*If set to -1, the driver caches column encryption keys for the life of the connection. The keys are deleted when the connection is closed or added to the connection pool.
*If set to 0, the driver does not cache column encryption keys.
*If set to x, the driver caches column encryption keys for the specified number of seconds before deleting them. The timer starts for a key when it is first accessed and added to the cache. The timer does not reset if you access it after it has been added to the cache. The keys are deleted when the timer expires, or the connection is closed or added to the connection pool.
By default, the driver caches keys for 7200 seconds. See "AEKeyCacheTTL" for details.