Home > Archive > MS SQL Server security > February 2006 > SQL 2005 - Encryption of a distributed application database









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author SQL 2005 - Encryption of a distributed application database
Schulz666

2006-02-28, 8:24 pm

Hi,
We are creating a distributed app (VS 2005) which will ship with SQL server
express. The database will reside on the client environment and contain very
sensitive data. Is it possible to create an environment where this data will
not be available to anyone - except through the application. I have been
looking at encryption but it appears that a dba would be able to use existing
stored procedures or views within the db to get at the data.

Thanks
Andrew J. Kelly

2006-02-28, 8:24 pm

Sure, if you do the encryption and decryption in the app itself. Now that
may not stop someone from reverse engineering the app but that takes the
DBA's permissions out of the picture.

--
Andrew J. Kelly SQL MVP


"Schulz666" < Schulz666@discussion
s.microsoft.com> wrote in message
news:DF6F60FA-32F7-440A-8F4C- 7E8AE6C686C6@microso
ft.com...
> Hi,
> We are creating a distributed app (VS 2005) which will ship with SQL
> server
> express. The database will reside on the client environment and contain
> very
> sensitive data. Is it possible to create an environment where this data
> will
> not be available to anyone - except through the application. I have been
> looking at encryption but it appears that a dba would be able to use
> existing
> stored procedures or views within the db to get at the data.
>
> Thanks


Sponsored Links





Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive | Programming forum archive

Copyright 2008 droptable.com