I've search on field level encryption and most the stuff i find is for
passwords, I.E. not reversable. I need to protect the payrate field
from dba's and sa's, but I need to allow the authorized users to see
the contents.
Any ideas? Does 2005 handle this?
I don't have a web app, per se, that access's this information. however
I am using Cognos' Report Net.
thanks in advance
RobThe most common solution is to use some kind of encryption library in
your client application or middle-tier, and encrypt/decrpyt the data as
people enter it or retrieve it. In SQL2005, you could use the .NET
crypto libraries within a .NET stored proc, but you can use them
already in a .NET client application regardless of the database.
So it probably depends on what your development environment and
language are. These links might give you some ideas:
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=22
http://www.aspfaq.com/show.asp?id=2536
Simon|||SQL2005 actually has encryption built-in using either shared key or
certificates (which it can generate). Alternatively, for SQL2000 look
at xp_crypt from http://www.activecrypt.com/.
No comments:
Post a Comment