Hi,
I have a SSN field that I need to encrypt. Only persons who wants to get information about a user should be able to decrypt that field. What is the best way to encrypt and decrypt the ssn field? Thanks
Maybe you can write a UDF which uses some encryption algorithm to generate the encrypted data from SSN and something known by only the user and DBA (something like password salt). However there're some available softwares, for example:
http://www.appsecinc.com/products/dbencrypt/mssql/
orhttp://www.activecrypt.com/products.html
|||I wouldn't use SQL Server to do the encrypt/decrypt for a number of reasons (It's unencrypted when sent from the web server to the database server, it's viewable with trace utilities like SQL Profiler, and you would either need to store the encrption key in the database unencrypted, or send it and then the encryption/decryption key is sent unencrypted).
I would look into the encryption stuff that .NET has built in to start.
No comments:
Post a Comment