Re: MDF file level security from copying

From: BP Margolin (bpmargo@attglobal.net)
Date: 05/29/02 

From: "BP Margolin" <bpmargo@attglobal.net>
Date: Wed, 29 May 2002 14:50:08 -0400

Ayman,

Sorry, but I have not personally used either of them.

-------------------------------------------
BP Margolin
Please reply only to the newsgroups.
When posting, inclusion of SQL (CREATE TABLE ..., INSERT ..., etc.) which
can be cut and pasted into Query Analyzer is appreciated.

"Ayman" <aimaimoni@hotmail.com> wrote in message
news:7bce01c20629$f29bfc90$9ee62ecf@tkmsftngxa05...
Margolin,
Related to the same point ,can you tell me your opinion
about :-
www.protegrity.com
www.netlib.com

Regarding the DB files encryption,
Regards,

>-----Original Message-----
>Ayman,
>
>There is very little one can do to hide a database's
schema.
>If you wish to ensure that the data is secure, then you
might consider
>adding encryption to your application. Take a look at
the "encrypt" entry in
>the SQL Server FAQ at www.sqlserverfaq.com.
>
>If you want to protect your database's schema, then I
suggest that you
>contact a lawyer well-versed in intellectual property
rights, and enforce
>your intellectual property via legal means.
>
>-------------------------------------------
>BP Margolin
>Please reply only to the newsgroups.
>When posting, inclusion of SQL (CREATE TABLE ...,
INSERT ..., etc.) which
>can be cut and pasted into Query Analyzer is appreciated.
>
>"Ayman" <aimaimoni@hotmail.com> wrote in message
>news:71c601c20497$2f568f90
$2ae2c90a@hosting.microsoft.com...
>> Thanks for the reply,
>> as a matter of fact , my case is that I am selling a
>> package (vb application running on MSDE2000 as back-
end),
>> this application can be installed on win9x or winme or
>> win2000 or xp.and I want to maximize the security of the
>> database (schema and data)...
>> Thanks,,,
>> >-----Original Message-----
>> >Ayman,
>> >
>> >Sounds to me as if your first issue is the physical
>> security of the machines
>> >hosting SQL Server. Security starts with making sure
that
>> it is impossible
>> >for unauthorized personnel to physically or logically
>> access the MDF files.
>> >
>> >Neither Windows 98 nor Windows ME were meant as
>> enterprise level operating
>> >systems.
>> >
>> >-------------------------------------------
>> >BP Margolin
>> >Please reply only to the newsgroups.
>> >When posting, inclusion of SQL (CREATE TABLE ...,
>> INSERT ..., etc.) which
>> >can be cut and pasted into Query Analyzer is
appreciated.
>> >
>> >"Ayman" <aimaimoni@hotmail.com> wrote in message
>> >news:7e7301c203b7$7ef689a0$3bef2ecf@TKMSFTNGXA10...
>> >> Hi All,
>> >> I have the same concern of Stephen, I thought that
there
>> >> is a way to protect the MDF files , specially in
those
>> >> located on FAT like Windows 98 and Windows ME , but
it
>> >> seems that the only way is to put it in EFS (NTFS) of
>> >> Windows 2000, which I think it is not 100% secure as
the
>> >> recovery agent of that system could de-crypt it.
>> >>
>> >> Is there are any other ways ??
>> >> Best Regards,
>> >>
>> >>
>> >>
>> >> >-----Original Message-----
>> >> >Stephen,
>> >> >
>> >> >If you can restrict the application to Windows 2000,
>> then
>> >> you can use
>> >> >Encrypted File System. For additional information,
see
>> >> section "Using
>> >> >Encryption Methods"
>> (adminsql.chm::/ad_security_93u6.htm)
>> >> in the SQL Server
>> >> >2000 Books Online.
>> >> >
>> >> >BTW, if you are concerned about the database
schema, as
>> >> opposed to the
>> >> >actual data, then you are essentially out of luck.
If a
>> >> competitor can
>> >> >purchase your product, then they can see your
database
>> >> schema.
>> >> >
>> >> >Bottom line: the protection of intellectual
property is
>> >> best addressed via
>> >> >legal mechanisms rather than trying to rely upon
>> >> technical solutions.
>> >> >
>> >> >-------------------------------------------
>> >> >BP Margolin
>> >> {w||',T'  >Please reply only to the
newsgroups.
>> >> >When posting, inclusion of SQL (CREATE TABLE ...,
>> >> INSERT ..., etc.) which
>> >> >can be cut and pasted into Query Analyzer is
>> appreciated.
>> >> >
>> >> >"Stephen Schmid" <steve_schmid@msn.com.au> wrote in
>> >> message
>> >> >new

Relevant Pages