Skip to Content

Encrypting Columns in Data Services

Hi Experts,

                Im new to SAP Data Services.

                I would like to know about encrypting certain columns of my Databbase.

                Please help me to mask certain attributes in my database.

                Thanks in advance.

You must be Logged on to comment or reply to a post.
    • Hi Mohan,

                     Thanks a lot. But we need encryption to be done in data services itself. Since we cant update our db. I saw encryption method in Data Services tutorial. But it was not clear.

      Can you please help me in encrypting via data services.



  • Hi,

    I have no idea to do this from data service,as i have done this from DB level.

    If u have no access to DB level,then u can ask your DB team to do this.



    • Hi Mohan,

                      That is the problem now. I don’t have access to my DB. Hence looking for Data Services Encryption method.



  • Depends what version of Data Services you have available.  In Data Services v3.x I do not believe any encryption methods were provided natively.  In Data Services v4.x there are specific encryption (encrypt_aes) and decryption (decrypt_aes) functions provided standard and these are fully documented in terms of syntax and applicable options.

    Good luck

  • Hi Chuck Schardong,

    Thank you for your valuable information.

    Can you please elaborate me about where this encryption method is available?

    and How to use this in our data services 4.x?



  • They are standard functions included in all v4x Data Services installs and you can find them under the function group “Cryptographic Functions”.  They are actually quite easy to define and use with a Data Services job.

    Keep in mind that these functions do not encrypt columns in a database in situ.  Similar to other string functions, these functions need to be part of Data Services job — they can be called as custom functions or in the column mappings or in scripts.  For each function you declare the input_string, a security passphrase, and the key length in bits (e.g. 128).  The function then returns the encrypt/decrypt string which you can then add to your target database.

    For security purposes SAP does recommend that you secure the passphrase in a database and read it using a sql() function into a local or global variable. Then you can pass the variable to the passphrase parameter.

    For more details I recommend that you use the Data Services integrated help manual (simply go to Help/Technical Manuals) and click on the “Search” tab to search on the specific function names I mentioned (encrypt_aes or decrypt_aes) and drill down into the topic.  There you will find detailed descriptions on how to use these functions.