When you create or modify a
metadata-bound library and specify AES encryption, you can specify an encryption key to be stored in the
library’s metadata. The stored
key is used to attempt to open the library’s AES-encrypted data sets when no key is
supplied by the user. If a table has a different encryption key, it cannot be opened
unless the user supplies the correct key.
You can specify that AES encryption is required for the tables in a library. In this
case, the stored encryption key
is used to encrypt every
data set that is bound in the library. You cannot specify different encryption keys for individual
tables if encryption is required.
If encryption is not required, the stored key is used to encrypt new tables when AES
encryption
is specified in SAS code but no key is supplied.
To simplify administration, we strongly recommend that all AES-encrypted tables within
a metadata-bound library be encrypted with the same key.