Re: Secure a SQL-Server 2000 database.

From: Carlos Y. Maldonado, Ph.D. (cmaldonado@earthlink.net)
Date: 01/26/03 

From: "Carlos Y. Maldonado, Ph.D." <cmaldonado@earthlink.net>
Date: Sun, 26 Jan 2003 17:27:48 GMT

How about?

http://www.netlib.com/products.htm

Look at the SQL encryption product there.

"Ingar Eide" <ingar@eide.gs> wrote in message
news:306133a8.0301230004.28fae6db@posting.google.com...
> Mary Chipman <mchip@nomail.please> wrote in message
news:<d4au2v4ntkrg0n1pf3nrl9u1v3thsc0lq0@4ax.com>...
> > >Yes, if they is an administrator they can do anything. But SQL
> > >Anywhere does not have any logins to the server, they log in to the DB
> > >instead, and the users/logins are stored in the DB instead of the
> > >server.
> >
> > And what makes you think this is secure? I don't even know SQL
> > Anywhere, and I'd be willing to bet almost any amount of money that
> > whatever encryption algorithm used on these logins/passwords has
> > already been cracked. If an attacker has physical access to a file,
> > any file, you have no security at all if that person is sufficiently
> > motivated and has the right knowledge/tools.
> >
>
> I'm sure everything can be or has been cracked, but I feel that with
> SQLServer, there is nothing I can do to protect my data/structure if I
> don't have control over the machine. The DB is "complete open".
> If the logins were in the DB instead of the SQLserver, there was at
> least a chance to protect the DB.
>
> I hope Microsoft will come up with a better solution for us that use
> SQLserver for applications who is ment for mass distribution where we
> don't have control over the DBserver (machine).
>
> But as you say, if a person has the file and is motivated to crack it
> he can do that.
>
> So all in all, I think we have to write something about it in the
> license agreement.
>
> -Ingar.
>

Relevant Pages

  • Re: Secure a SQL-Server 2000 database.
    ... >>Anywhere does not have any logins to the server, they log in to the DB ... I don't even know SQL ... SQLServer, there is nothing I can do to protect my data/structure if I ... don't have control over the DBserver. ...
    (microsoft.public.sqlserver.security)
  • RE: SQL SERVER 2000 Integraion
    ... It will integrate with stored procedures. ... how it can provide version control for user defined functions. ... > control on my Store Procedures in SQL 2000? ... > SQLSERVER? ...
    (microsoft.public.vstudio.sourcesafe)
  • Re: Simple Insert Into...
    ... it is in a control on the form; and is unbound (it's actually a combo ... box that is used as a dropdown list, values taken from a different table; SQL ... I need this value to assign a unique ID to the entire recordset being ... In your form's Sub, you'll wind up with something like the following: ...
    (microsoft.public.access.modulesdaovba)
  • Re: Simple Insert Into...
    ... The form is based on an SQL in the form's Record Source property, ... holds the current text in the control, ... Sometimes the unbound controls do have a value (such as when they are set ... I need this value to assign a unique ID to the entire recordset being ...
    (microsoft.public.access.modulesdaovba)
  • Re: Simple Insert Into...
    ... You can store unbound control data in a variable, ... in the sql. ... Dim strSQL As String ... In your form's Sub, you'll wind up with something like the following: ...
    (microsoft.public.access.modulesdaovba)
Loading