TLS (Transport Layer Security Protocol) and TDE (Transparent Data Encryption) are two key data protection technologies that differ in the stages and ways they protect data.

TLS is a widely adopted security protocol that is primarily used to ensure the security and privacy of Internet communications, especially between Web applications and servers. TLS ensures the security of data in transit through encryption, authentication, and integrity protection. This includes HTTPS encryption, email transfer (SMTP, POP3, IMAP),  traffic encryption, instant messaging and VoIP call security, and data transfer for API and Web services.

TDE is a database-level storage encryption technology used to protect data at rest in a database from unauthorized access. TDE encrypts data before it is written to disk, decrypts it when it is read from disk into memory, and is transparent to the application system without changing the application code.

The TLS encryption principle can be summarized in two processes, the first is the handshake process: the client sends a "ClientHello" message, proposing the supported TLS version and encryption suite; The server responds to "ServerHello", selects the protocol version and encryption suite, and provides a certificate and random number. The client verifies the server certificate, generates a Premaster secret, and sends it to the server. The server decrypts the "Premaster secret" and both parties calculate the session key based on this and previous random numbers.

The second is encrypted communication. The change cipher spec message enables the client and server to use the session key for encrypted communication. Data transmission adopts IV, encrypted data and TAG formats to ensure data confidentiality and integrity; TLS tags data to verify data integrity and prevent tampering. After the handshake is complete, the client and server enter the encrypted communication phase to ensure the security of data transmission.

Both TLS and TDE are important technologies to protect data security, but TLS focuses on data security during transmission, while TDE focuses on the protection of data at rest in the database. The two differ in the stage and level of data protection, but both are crucial.