Re: Cryptography in SQL Server 2000
From: Tom O (tomo@tomo.com)
Date: 08/24/02
- Next message: Richard Waymire [MS]: "Re: Login with no Fixed Server Role and DB Role can stop SQL Agent Service?"
- Previous message: BP Margolin: "Re: Login with no Fixed Server Role and DB Role can stop SQL Agent Service?"
- In reply to: Christian Olsson: "Re: Cryptography in SQL Server 2000"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Tom O" <tomo@tomo.com> Date: Sat, 24 Aug 2002 14:19:56 -0500
There is another product called wiCrypt, by Whamware (www.whamware.com) that
provides both a COM library and ODS (Extended Stored Procedure) library for
performing encryption.
Tom
"Christian Olsson" <christian.olsson@protegrity.com> wrote in message
news:bae8d647.0208222134.1365db24@posting.google.com...
> I would like to introduce you to Protegrity and its Secure.Data for
> SQL Server 2000 Out-of-the-Box database security solution.
>
> Often forgotten, the protection, audit and segregation of duties for
> sensitive data at rest within the database level are key elements of
> security because most data remains at rest in databases for more than
> 90 percent of its life. A company is vulnerable when its security
> solutions focus on perimeter and network, and overlook databases.
>
> Secure.DataT for SQL Server 2000 is an "out-of-the-box" automated
> database encryption solution with protected key-management software
> for selectively encrypting, securing and controlling access to
> enterprise relational database information at the data-item level.
> This database security solution is application transparent, which
> allows for fast integration, rapid execution, cost-effective security
> and privacy compliance. The Solution provides an effective last line
> of defense:
>
> · Selective and highly secure, column-level data item
> encryption
>
> · Cryptographically enforced authorization
>
> · Comprehensive key management
>
> · Secure audit and reporting facility
>
> · Enforced separation of duties
>
> · Interoperability with other security technologies
>
> · Operational transparency to applications
>
> Protegrity developed Secure.Data for SQL Server 2000 in close
> co-operation with Microsoft to meet the growing corporate, legislative
> and industry-wide privacy and security requirements for securing
> content in databases from unauthorized and un-auditable access. For
> example, there are industry-wide mandates, such as local privacy laws,
> VISA USA Cardholder Information Security Program and also the U.S.
> Software and Information Industry Association method of securing
> credit card and private consumer data in E-Business sites. It is built
> specifically for Internet business solutions using Commerce Server.
> The software is interoperability certified for Windows Server 2000;
> passed the Commerce Server 2000 Integration Test; and was performance
> tested by the SQL Server Test Lab.
>
> Companies select Secure.Data from Protegrity because it delivers an
> out-of-the-box security solution that completely protects the
> database, is easily implemented in one to three days, and works with
> no changes to underlying applications. Protegrity's Secure.Data
> database protection and privacy software is an industry-proven
> solution for any organization that requires the highest level of
> database protection and secure audit trail -- that is why many of the
> largest and most successful Fortune 500 companies in the commercial
> and consumer finance, investment banking, healthcare, pharmaceutical,
> consumer products, and E-Business sectors, including credit card
> issuers and processors, are using Secure.Data from Protegrity for
> securing information, such as: credit cards, financial, compensation,
> secret formulas and patient records in their databases.
>
> Further information about Protegrity's Secure.Data solution for
> Microsoft SQL Server 2000, as well as more information about other
> Secure.Data information-privacy products and services is available by
> contacting Protegrity at:
> www.protegrity.com/microsoft
>
>
>
> "Anith Sen" <anith@bizdatasolutions.com> wrote in message
news:<ONeDVgeSCHA.1496@tkmsftngp11>...
> > SQL Server does not provide any inbuilt encyption method.
> > You have to use MS Crypto APIs from your front-end to
> > develop your own methods to implement encryption solutions.
> > If this is for password encryptions, I guess, there are a few
> > undocumented methods like PWDENCRYPT, PWDCOMPARE etc which
> > you may use (not recommended). Also check out
> > http://www.sqlsecurity.com/DesktopDefault.aspx?tabindex=1&tabid=2
- Next message: Richard Waymire [MS]: "Re: Login with no Fixed Server Role and DB Role can stop SQL Agent Service?"
- Previous message: BP Margolin: "Re: Login with no Fixed Server Role and DB Role can stop SQL Agent Service?"
- In reply to: Christian Olsson: "Re: Cryptography in SQL Server 2000"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
