AUTHLIB Procedure

Example 11: Binding a Library When Existing Data Sets Are AES-Encrypted

Features:
PROC AUTHLIB statement options:
CREATE statement options:
PW=
SECUREDLIBRARY=
SECUREDFOLDER=
TABLES statement option:
ENCRYPTKEY=

Details

This example demonstrates how to bind data sets that are AES-encrypted. None of the data sets have passwords.
CAUTION:
SAS strongly recommends that you not have AES-encrypted data sets with different encryption keys in metadata-bound libraries, like this example creates.
Instead, SAS recommends that you record a default encryption key in metadata and convert all AES-encrypted data sets to use that key. Doing this, your users, and programs do not have to specify the key when opening the data sets. The examples following this example show you how to do this process.

Program

proc authlib lib=klmno;    
    create securedlibrary="KLMNOEmps"
        securedfolder="Department XYZZY" 
        pw=pqrstuvw;
    tables employees / 
        encryptkey=lmno; 
    tables empinfo / 
        encryptkey=abcd;  
    tables product; 
run;
quit;
  

Program Description

Library KLMNO has three data sets: Employees, EmpInfo, and Product.In this library, the Employees data set is AES-encrypted and has the ENCRYPTKEY= value lmno. The EmpInfo data set is AES-encrypted and has the ENCRYPTKEY= value abcd. The Product data set is not protected.
proc authlib lib=klmno;    
Using the CREATE statement, enter the name of the metadata folder and name the secured library object in the SAS Metadata Server.Set the library password to pqrstuvw.
    create securedlibrary="KLMNOEmps"
        securedfolder="Department XYZZY" 
        pw=pqrstuvw;
Using the TABLES statements, specify the encrypt key for each data set. A TABLES statement must be specified for all data sets.
    tables employees / 
        encryptkey=lmno; 
    tables empinfo / 
        encryptkey=abcd;  
    tables product; 
run;
quit;
Results:The library KLMNO is bound. All three data sets are bound. The Employees and EmpInfo data sets remain AES-encrypted. The Product data set is not encrypted. The encrypt key values for the Employees and Empinfo data sets are different. SAS strongly recommends that you not have AES-encrypted data sets with different encryption keys in metadata-bound libraries, like this example created.
  

Log Examples

TABLES Statement for the KLMNO Library Containing AES-Encrypted Data Sets
351  proc authlib lib=klmno;
352  create securedlibrary="KLMNOEmps"
353  securedfolder="Department XYZZY"
354  pw=XXXXXXXX;
355  tables employees /
356  encryptkey=XXXX;
357  tables empinfo /
358  encryptkey=XXXX;
359  tables product;
360  run;

NOTE: Successfully created a secured library object for the physical library KLMNO and recorded its location as:
           SecuredFolder:      /System/Secured Libraries/Department XYZZY
           SecuredLibrary:     KLMNOEmps
           SecuredLibraryGUID: 48E2C4C7-ADE1-49D2-BBFE-14E5EAAB8961
NOTE: Successfully added new secured table object "EMPLOYEES.DATA" to the secured library object at path "/System/Secured
      Libraries/Department XYZZY/KLMNOEmps" for data set KLMNO.EMPLOYEES.DATA.
NOTE: The passwords on KLMNO.EMPLOYEES.DATA were successfully modified.
NOTE: Successfully added new secured table object "EMPINFO.DATA" to the secured library object at path "/System/Secured
      Libraries/Department XYZZY/KLMNOEmps" for data set KLMNO.EMPINFO.DATA.
NOTE: The passwords on KLMNO.EMPINFO.DATA were successfully modified.
NOTE: Successfully added new secured table object "PRODUCT.DATA" to the secured library object at path "/System/Secured
      Libraries/Department XYZZY/KLMNOEmps" for data set KLMNO.PRODUCT.DATA.
NOTE: The passwords on KLMNO.PRODUCT.DATA were successfully modified.
361  quit;