I need to replicate some Oracle functionality that allows
a text column to be encripted in the database and
decripted by a JSP web application. Anyone have any
suggestions on how to go about this?You can find several third party products that have encryption options
listed in the Encryption section of the faq at:
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=22
-Sue
On Thu, 10 Jun 2004 09:21:55 -0700, "Amy Thropp"
<athropp@.thinksmartps.com> wrote:
>I need to replicate some Oracle functionality that allows
>a text column to be encripted in the database and
>decripted by a JSP web application. Anyone have any
>suggestions on how to go about this?|||SQL Server 2000 does not natively support in-database cryptographic
operations. It has been announced by Microsoft that SQL Server 2005 will
support encryption and key management. One article that reports on this
announcement can be found @.
http://www.internetnews.com/dev-new...cle.php/3358991
Mark Shlimovich
"Amy Thropp" <athropp@.thinksmartps.com> wrote in message
news:239401c44f07$0bb652c0$7d02280a@.phx.gbl...
> I need to replicate some Oracle functionality that allows
> a text column to be encripted in the database and
> decripted by a JSP web application. Anyone have any
> suggestions on how to go about this?|||Have a look at
www.whamware.com - Whamware.Crypt
www.appsecinc.com - dbEncrypt
www.netlib.com - Encryptionizer for SQL Server
Tom
"Amy Thropp" wrote:
> I need to replicate some Oracle functionality that allows
> a text column to be encripted in the database and
> decripted by a JSP web application. Anyone have any
> suggestions on how to go about this?|||www.xpcrypt.com
Showing posts with label encription. Show all posts
Showing posts with label encription. Show all posts
Friday, March 9, 2012
encription in stored procedures
Hi All!
I'm a newby in SQL Server and I've got a question.
Is it really helps for securing to use encripted stored procedures and what
kind of problems it causes for me as a DBA and as a client apps developer?
Thanks for any advice!
DmitryThe answer depends on how you view the stored procedure. If you feel that
the procedure is so important that you do not want anyone to see it
(including yourself), then you can encrypt it. Encrypting a stored procedure
ensure that no one can see it. This includes, the user, the owner/creator
and the system administrator. Encrypting a stored procedure also ensures
that it does not get published in SQL Server Replication.
That said, from an application point of view and the DBA, the only advantage
that I see is that your procedure cannot be viewed by others. I'm not aware
of any performance issues because of encrypting a stored procedure and the
only problem that I see is, in case you want to view the source, you have to
do so from your source-control tool or from a local copy of the procedure
source.
--
HTH,
SriSamp
Please reply to the whole group only!
http://www32.brinkster.com/srisamp
"Dmitry Karneyev" <karneyev@.msn.com> wrote in message
news:uudfaIivDHA.2448@.TK2MSFTNGP12.phx.gbl...
> Hi All!
> I'm a newby in SQL Server and I've got a question.
> Is it really helps for securing to use encripted stored procedures and
what
> kind of problems it causes for me as a DBA and as a client apps developer?
> Thanks for any advice!
> Dmitry
>|||Hi,
Encryption of stored procedure is useful only when you don't want your clients or others to view the stored procedure script (basically using SP_HELPTEXT <SPName>). Disadvantage is that, even the creator will not be able to see the script, hence the creator should have an copy of the SP script to make modification at the later stage
Hope this help
Thank
GYK|||Just be aware that there are, unfortunately, tools "out there" to decrypt
encrypted procedures etc.
--
Tibor Karaszi, SQL Server MVP
Archive at:
http://groups.google.com/groups?oi=djq&as_ugroup=microsoft.public.sqlserver
"Dmitry Karneyev" <karneyev@.msn.com> wrote in message
news:uudfaIivDHA.2448@.TK2MSFTNGP12.phx.gbl...
> Hi All!
> I'm a newby in SQL Server and I've got a question.
> Is it really helps for securing to use encripted stored procedures and
what
> kind of problems it causes for me as a DBA and as a client apps developer?
> Thanks for any advice!
> Dmitry
>
I'm a newby in SQL Server and I've got a question.
Is it really helps for securing to use encripted stored procedures and what
kind of problems it causes for me as a DBA and as a client apps developer?
Thanks for any advice!
DmitryThe answer depends on how you view the stored procedure. If you feel that
the procedure is so important that you do not want anyone to see it
(including yourself), then you can encrypt it. Encrypting a stored procedure
ensure that no one can see it. This includes, the user, the owner/creator
and the system administrator. Encrypting a stored procedure also ensures
that it does not get published in SQL Server Replication.
That said, from an application point of view and the DBA, the only advantage
that I see is that your procedure cannot be viewed by others. I'm not aware
of any performance issues because of encrypting a stored procedure and the
only problem that I see is, in case you want to view the source, you have to
do so from your source-control tool or from a local copy of the procedure
source.
--
HTH,
SriSamp
Please reply to the whole group only!
http://www32.brinkster.com/srisamp
"Dmitry Karneyev" <karneyev@.msn.com> wrote in message
news:uudfaIivDHA.2448@.TK2MSFTNGP12.phx.gbl...
> Hi All!
> I'm a newby in SQL Server and I've got a question.
> Is it really helps for securing to use encripted stored procedures and
what
> kind of problems it causes for me as a DBA and as a client apps developer?
> Thanks for any advice!
> Dmitry
>|||Hi,
Encryption of stored procedure is useful only when you don't want your clients or others to view the stored procedure script (basically using SP_HELPTEXT <SPName>). Disadvantage is that, even the creator will not be able to see the script, hence the creator should have an copy of the SP script to make modification at the later stage
Hope this help
Thank
GYK|||Just be aware that there are, unfortunately, tools "out there" to decrypt
encrypted procedures etc.
--
Tibor Karaszi, SQL Server MVP
Archive at:
http://groups.google.com/groups?oi=djq&as_ugroup=microsoft.public.sqlserver
"Dmitry Karneyev" <karneyev@.msn.com> wrote in message
news:uudfaIivDHA.2448@.TK2MSFTNGP12.phx.gbl...
> Hi All!
> I'm a newby in SQL Server and I've got a question.
> Is it really helps for securing to use encripted stored procedures and
what
> kind of problems it causes for me as a DBA and as a client apps developer?
> Thanks for any advice!
> Dmitry
>
Encription for MDF files
Dear Friends
I want to use the encryption for the MDF files so that no one can just copy
the data and attach the MDF files to access the database.
When i have done the same the database is in Suspect Mode. Please suggest
what can be the reason.
I also have the following questions.
1. Can another user restore the database backup for the encrypted MDF files.
Thanks in advance.
Best regards
ShaileshI don't believe SQL Server supports encrypted files. If you don't want
someone to get ahold of your files then set the security on the box so that
only the people who need access have it. As for backups you should look at
SQL LiteSpeed from www.imceda.com . It allows you to encrypt the backup on
the fly.
Andrew J. Kelly SQL MVP
"Sharad2005" <niitmalad@.yahoo.co.uk> wrote in message
news:9667DEDF-C6BD-4817-BC5E-88941ABE10D2@.microsoft.com...
> Dear Friends
> I want to use the encryption for the MDF files so that no one can just
> copy
> the data and attach the MDF files to access the database.
> When i have done the same the database is in Suspect Mode. Please suggest
> what can be the reason.
> I also have the following questions.
> 1. Can another user restore the database backup for the encrypted MDF
> files.
> Thanks in advance.
> Best regards
> Shailesh|||Hi
Did you encrypt the file/directory when logged in as the SQL Server Service
Account? If not, you need to as the encryption/decryption can only be done b
y
one account.
Just be aware, if you change the user's password from Computer Manager / AD
User Manager, the encryption certificate becomes invalid and you loose total
access to the data on the encrypted file/directory.
If you do a SQL Server BACKUP, the resultant backup can be restored by
someone else, as long as it is not encrypted.
Copying the encrypted file to a different location, will result in it being
decrypted.
--
Mike Epprecht, Microsoft SQL Server MVP
Zurich, Switzerland
MVP Program: http://www.microsoft.com/mvp
Blog: http://www.msmvps.com/epprecht/
"Sharad2005" wrote:
> Dear Friends
> I want to use the encryption for the MDF files so that no one can just cop
y
> the data and attach the MDF files to access the database.
> When i have done the same the database is in Suspect Mode. Please suggest
> what can be the reason.
> I also have the following questions.
> 1. Can another user restore the database backup for the encrypted MDF file
s.
> Thanks in advance.
> Best regards
> Shailesh|||Hi,
You can use the Encrypted File System Support on Windows 2000
Windows 2000 support encrypted file system property.
Below are the steps encrypt the data files:
1) Logon with the SQL Server startup account
2) Stop SQL Server and sql agent service
3) Right click the data files, select properties, click Advance button,
check the "Encrypt contents to secure data"
4) Start the SQL Server service
See the below KB for more information:-
HOW TO: Encrypt Data Using EFS in Windows 2000
http://support.microsoft.com/defaul...kb;en-us;230520
Note:
If you change the SQL Server startup accout you have to redo the same,
otherwise SQL Server service will not start.
"With EFS, database files are encrypted under the identity of the account
running SQL Server. Only this account can decrypt the files. If you need to
change the account that runs SQL Server, you should first decrypt the files
under the old account, then re-encrypt them under the new account."
Thanks
Hari
SQL Server MVP
"Sharad2005" <niitmalad@.yahoo.co.uk> wrote in message
news:9667DEDF-C6BD-4817-BC5E-88941ABE10D2@.microsoft.com...
> Dear Friends
> I want to use the encryption for the MDF files so that no one can just
> copy
> the data and attach the MDF files to access the database.
> When i have done the same the database is in Suspect Mode. Please suggest
> what can be the reason.
> I also have the following questions.
> 1. Can another user restore the database backup for the encrypted MDF
> files.
> Thanks in advance.
> Best regards
> Shailesh|||Respectfully, EFS by itself is not a complete solution.
If the box is stolen - including the EFS recovery keys, then you are no
better off as the system administrator password can be hacked, the filestore
accessed and viola!
If you want to protect against this, then research the syskey command and
also read up about EFS recovery agents and make sure you know the full in's
and out's of it as otherwise it could cost you all your data. It is common
for people to lose data by losing EFS keys.
If some of your data is critical - e.g. columns containing say credit card
numbers, then encrypt it before it is stored and decrypt it when retrieving.
It is easy to code using .Net. This is not an easy solution tho' as you also
have to protect the keys used for encryption and decryption here. If you
want to store some type of passwords - use hashing instead - it is a one way
process. Research SHA1, SHA256 etc.
HTH
"Hari Prasad" <hari_prasad_k@.hotmail.com> wrote in message
news:ut72iu6kFHA.2396@.TK2MSFTNGP12.phx.gbl...
> Hi,
> You can use the Encrypted File System Support on Windows 2000
> Windows 2000 support encrypted file system property.
> Below are the steps encrypt the data files:
> 1) Logon with the SQL Server startup account
> 2) Stop SQL Server and sql agent service
> 3) Right click the data files, select properties, click Advance button,
> check the "Encrypt contents to secure data"
> 4) Start the SQL Server service
> See the below KB for more information:-
>
> HOW TO: Encrypt Data Using EFS in Windows 2000
> http://support.microsoft.com/defaul...kb;en-us;230520
> Note:
> If you change the SQL Server startup accout you have to redo the same,
> otherwise SQL Server service will not start.
>
> "With EFS, database files are encrypted under the identity of the account
> running SQL Server. Only this account can decrypt the files. If you need
> to
> change the account that runs SQL Server, you should first decrypt the
> files under the old account, then re-encrypt them under the new account."
> --
> Thanks
> Hari
> SQL Server MVP
>
> "Sharad2005" <niitmalad@.yahoo.co.uk> wrote in message
> news:9667DEDF-C6BD-4817-BC5E-88941ABE10D2@.microsoft.com...
>
I want to use the encryption for the MDF files so that no one can just copy
the data and attach the MDF files to access the database.
When i have done the same the database is in Suspect Mode. Please suggest
what can be the reason.
I also have the following questions.
1. Can another user restore the database backup for the encrypted MDF files.
Thanks in advance.
Best regards
ShaileshI don't believe SQL Server supports encrypted files. If you don't want
someone to get ahold of your files then set the security on the box so that
only the people who need access have it. As for backups you should look at
SQL LiteSpeed from www.imceda.com . It allows you to encrypt the backup on
the fly.
Andrew J. Kelly SQL MVP
"Sharad2005" <niitmalad@.yahoo.co.uk> wrote in message
news:9667DEDF-C6BD-4817-BC5E-88941ABE10D2@.microsoft.com...
> Dear Friends
> I want to use the encryption for the MDF files so that no one can just
> copy
> the data and attach the MDF files to access the database.
> When i have done the same the database is in Suspect Mode. Please suggest
> what can be the reason.
> I also have the following questions.
> 1. Can another user restore the database backup for the encrypted MDF
> files.
> Thanks in advance.
> Best regards
> Shailesh|||Hi
Did you encrypt the file/directory when logged in as the SQL Server Service
Account? If not, you need to as the encryption/decryption can only be done b
y
one account.
Just be aware, if you change the user's password from Computer Manager / AD
User Manager, the encryption certificate becomes invalid and you loose total
access to the data on the encrypted file/directory.
If you do a SQL Server BACKUP, the resultant backup can be restored by
someone else, as long as it is not encrypted.
Copying the encrypted file to a different location, will result in it being
decrypted.
--
Mike Epprecht, Microsoft SQL Server MVP
Zurich, Switzerland
MVP Program: http://www.microsoft.com/mvp
Blog: http://www.msmvps.com/epprecht/
"Sharad2005" wrote:
> Dear Friends
> I want to use the encryption for the MDF files so that no one can just cop
y
> the data and attach the MDF files to access the database.
> When i have done the same the database is in Suspect Mode. Please suggest
> what can be the reason.
> I also have the following questions.
> 1. Can another user restore the database backup for the encrypted MDF file
s.
> Thanks in advance.
> Best regards
> Shailesh|||Hi,
You can use the Encrypted File System Support on Windows 2000
Windows 2000 support encrypted file system property.
Below are the steps encrypt the data files:
1) Logon with the SQL Server startup account
2) Stop SQL Server and sql agent service
3) Right click the data files, select properties, click Advance button,
check the "Encrypt contents to secure data"
4) Start the SQL Server service
See the below KB for more information:-
HOW TO: Encrypt Data Using EFS in Windows 2000
http://support.microsoft.com/defaul...kb;en-us;230520
Note:
If you change the SQL Server startup accout you have to redo the same,
otherwise SQL Server service will not start.
"With EFS, database files are encrypted under the identity of the account
running SQL Server. Only this account can decrypt the files. If you need to
change the account that runs SQL Server, you should first decrypt the files
under the old account, then re-encrypt them under the new account."
Thanks
Hari
SQL Server MVP
"Sharad2005" <niitmalad@.yahoo.co.uk> wrote in message
news:9667DEDF-C6BD-4817-BC5E-88941ABE10D2@.microsoft.com...
> Dear Friends
> I want to use the encryption for the MDF files so that no one can just
> copy
> the data and attach the MDF files to access the database.
> When i have done the same the database is in Suspect Mode. Please suggest
> what can be the reason.
> I also have the following questions.
> 1. Can another user restore the database backup for the encrypted MDF
> files.
> Thanks in advance.
> Best regards
> Shailesh|||Respectfully, EFS by itself is not a complete solution.
If the box is stolen - including the EFS recovery keys, then you are no
better off as the system administrator password can be hacked, the filestore
accessed and viola!
If you want to protect against this, then research the syskey command and
also read up about EFS recovery agents and make sure you know the full in's
and out's of it as otherwise it could cost you all your data. It is common
for people to lose data by losing EFS keys.
If some of your data is critical - e.g. columns containing say credit card
numbers, then encrypt it before it is stored and decrypt it when retrieving.
It is easy to code using .Net. This is not an easy solution tho' as you also
have to protect the keys used for encryption and decryption here. If you
want to store some type of passwords - use hashing instead - it is a one way
process. Research SHA1, SHA256 etc.
HTH
"Hari Prasad" <hari_prasad_k@.hotmail.com> wrote in message
news:ut72iu6kFHA.2396@.TK2MSFTNGP12.phx.gbl...
> Hi,
> You can use the Encrypted File System Support on Windows 2000
> Windows 2000 support encrypted file system property.
> Below are the steps encrypt the data files:
> 1) Logon with the SQL Server startup account
> 2) Stop SQL Server and sql agent service
> 3) Right click the data files, select properties, click Advance button,
> check the "Encrypt contents to secure data"
> 4) Start the SQL Server service
> See the below KB for more information:-
>
> HOW TO: Encrypt Data Using EFS in Windows 2000
> http://support.microsoft.com/defaul...kb;en-us;230520
> Note:
> If you change the SQL Server startup accout you have to redo the same,
> otherwise SQL Server service will not start.
>
> "With EFS, database files are encrypted under the identity of the account
> running SQL Server. Only this account can decrypt the files. If you need
> to
> change the account that runs SQL Server, you should first decrypt the
> files under the old account, then re-encrypt them under the new account."
> --
> Thanks
> Hari
> SQL Server MVP
>
> "Sharad2005" <niitmalad@.yahoo.co.uk> wrote in message
> news:9667DEDF-C6BD-4817-BC5E-88941ABE10D2@.microsoft.com...
>
Subscribe to:
Posts (Atom)