Re: Ecrypting a database

From: Nick (anonymous_at_discussions.microsoft.com)
Date: 11/06/03

  • Next message: Nick: "SQL 2000 Security" 
    Date: Thu, 6 Nov 2003 14:08:42 -0800

    Um... What if the user/intruder takes the system offline
    and boots into another OS and pulls the information? ACL's
    arn't going to help there.
    Windows comes with a native file/folder encryption, EFS.
    EFS, does allow either the local administrator or the
    domain admin default privilages, but you can remove this
    even though it's not recommended. But, yes the service
    account would need access to the database to unencrypt the
    information. Or, you can use something like pgp.

    Nick
    DCRM - Does Certifications Really Matter
    >-----Original Message-----
    >I am not sure why you want to encrypt the folder. You can
    have proper ACL's
    >to block the user from listing or viewing your database
    files. And you can
    >restrict using database roles security features by giving
    access to your
    >application only.
    >
    >--
    >HTH,
    >Vinod Kumar
    >MCSE, DBA, MCAD, MCSD
    >http://www.extremeexperts.com
    >
    >Books Online for SQL Server SP3 at
    >http://www.microsoft.com/sql/techinfo/productdoc/2000/book
    s.asp
    >
    >
    >"krygim" <krygim@hotmail.com> wrote in message
    >news:OzkwbK3oDHA.1072@TK2MSFTNGP09.phx.gbl...
    >> I have a SQL database which will only be accessed only
    by an application
    >> (written by me). I want to put the database into a
    Windows 2000 encrypted
    >> folder so that even the network domain administrator
    will not be able to
    >> view the content (bypassing my application). Is this
    viable? If so, which
    >> Windows account do I need to log in to encrypt the
    folder? Do I need to
    >log
    >> in as the SQL service account to do the encryption?
    >>
    >>
    >>
    >> TIA
    >>
    >>
    >
    >
    >.
    >

  • Next message: Nick: "SQL 2000 Security"

    Relevant Pages

    • File Ownership failing for Domain Accounts
      ... I am having a consistent problem on several instances of SQL 2005 setting ... the ownership of database files to a windows user. ... Right-click on any user database, ...
      (microsoft.public.sqlserver.security)
    • Re: Connection to SQL Server CE Windows Service via C# - Error 250
      ... This is probably 3rd time I am hereing to a case the encryption related ... In SQL CE v3.1 case, can you try using Crypto API under the same credentials ... specific to your database or if it's really the password itself. ... connect to it via the windows service under the Local Service ...
      (microsoft.public.sqlserver.ce)
    • Re: Help encrypt conn string - no ASP, no server, cant protect keys, cant use Windows Authentica
      ... I want to deploy a .NET 2.0 Windows Forms application that uses an MS ... The database has been encoded and password ... I need a way to encrypt the connection string, ... The samples I've seen on the Internet use DPAPI and other encryption ...
      (microsoft.public.dotnet.security)
    • Re: An Encryption Strategy - Comments Please
      ... If that is a concern then use a secure connection to SQL. ... >>> I posted in this forum not long ago regarding encryption. ... >>> list in this same database. ... >>> DPAPI encryption is account dependent. ...
      (microsoft.public.dotnet.security)
    • Re: SQL web application fails at login. Need help.
      ... >to open a connection to the database, ... >SQL authentication). ... >>from console and windows applications. ... >>and windows applications can run the SQL tables. ...
      (microsoft.public.sqlserver.programming)