Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
river31
Starting Member
2 Posts |
 Posted - 2009-11-09 : 12:26:06
|
| Hi, i have a big problem.I have some sites in some countries. This sites have a person that have full previl. over the systems (windows and SQL Server).I what that this people can not, see of change the data inside my database.They should only do that (read and change information inside database) through my APPs.I have seen SQL Server 2005 encyptation and it seems that i will have to change a lot of sings in my apps so they can funtion with that.Are there any GOOD third party tools that can do this without i need to change my app?thank you. |
|
|
sagitariusmzi
Posting Yak Master
113 Posts |
Posted - 2009-11-12 : 02:26:24
|
| If you apply the encryption and decrypt the data in your SP's OR views and use the SP's and Views in your application, in this you don't need to change your application.Only your application will get slow. |
 |
|
|
vishal.todkar
Starting Member
20 Posts |
Posted - 2009-11-12 : 05:05:34
|
| If you use column level encryption in SQL Server 2005/2008, You need to change datatypes of encrypted/decrypted columns to varbinary. In this case your application will change significantly. Also there are other cons such as, those columns you cant use in where clauses..search operations etc. and those columns cant use for indexing or indexes cant be created on those columns.If you use database level encryption then your application wont change at all. but this adds significant overhead and affects performance.But as you are saying the users have full access to SQL Server and Windows then (I am not sure), they can easily break encryption.If they have full access of SQL Server and Windows then they can do anything !! Guys Correct me if I am wrong !!Vishal |
|
|
|
sagitariusmzi
Posting Yak Master
113 Posts |
Posted - 2009-11-12 : 06:39:37
|
| i thinkif you have the master key then you can do anything with data but if you don't have then nothing can happen to datayou need to keep your master key in your hands |
|
|
|
|
|
|
SQL Server 2005 encryptation