Revoking Encrypt and Decrypt Permissions

From InterBase

Go Up to Using isql to Enable and Implement Encryption


There are two revoke commands associated with the InterBase encryption feature:

  • Revoke ENCRYPT ON ENCRYPTION is used to revoke encryption permission. Only the SYSDSO can revoke encryption permission.
  • Revoke DECRYPT can be used by the database or table owner to revoke decrypt permission from a user, role, or view.

To revoke encryption permission, the SYSDSO uses the following syntax:

revoke ENCRYPT ON ENCRYPTION key-name from user-name;

To revoke decrypt permission, the database or table owner uses the following syntax:

revoke decrypt[(column-name, )] on table-name from {user-name {{!}} role- name {{!}} public}

Advance To: