Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
AskSQLTeam
Ask SQLTeam Question
0 Posts |
 Posted - 2005-10-06 : 07:54:25
|
| Pramod Kumar Mallick writes "Hi Gurus,I had read out the security articles in this site.Many of those explains about the logical security, likeusers, groups, passwords, granting access, revoking access etc.One article I found which explains about the physical security using EFS, this is only for Windows 2000 and above using Windows Security.I have a clarification in sql server security.I have a product with VB and MSDE 2000.I want to distribute to the users. The users platforms are strating from Windows 98 to Windows 2003.I want to secure the data files and physically and also the table data and stored procedures. Stored procedures are encrypted. The table data (important data) has been encrypted/decrypted by front end DLL.I want to secure this data base such a way that, no hackers can copy the data/procedure, except the application with a valid login id / password / certificate.From my knowledge, The hacker may follow the ways given below.1) If he does not know, sa password,reinstall SQL Server, with mixed mode (windows authentication)and restore the databae backup available.2) Copy the physical files, and reattach to his SQL Server.3) Can use sql server easy to use tools (export/import) usinga low level user account / windows account, to export the data to any other odbc database.So, my question is : Can I stop this to do all such kind of nonsense, so that I can say "CAN NOT BREAK IT, CAN NOT BREAK IN"Thank for your time.I am sorry for any inconvenience.Regards,Pramod.POLARIS SOFTWARE LABChennai, India" |
|
|
|
|
|
|
|
SQL Server Physical Security