February 20, 2009 at 3:47 am
I have a question about securing SQL Server (2005 or 2008) data from DBA :). What do suggest what is the best way for securing data; without larger impact on developers; which will had to redesign all tables and used procedures; if we decided to go with cell level encryption (for example: how to encrypt nationalId number so db administrator could not query the table; and find out all numbers). This is a request from management ;)…
February 20, 2009 at 4:23 am
If you wish to obscure data from a DBA then I would suggest using a CLR procedure to manage the encryption/decryption rather than a stored procedure implementation.
Provided the DBA does not have access to the source, he/she would not have direct visibility of the method used to encrypt/decrypt the data. The ability to call the CLR procedure could be restricted to your application only so that the DBA could not invoke method call.
Make sense?
Cheers,
February 20, 2009 at 6:15 am
Thank you for quick answer!
Yes it sounds very good; although it will require application changes (development) it looks possible.
February 20, 2009 at 6:34 am
You're most welcome.
I would be interested to know how you get on and no doubt so too would others. If it's not too much trouble keep us posted.
Cheers,
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply