Re: How to Encrypt a SQL Server 2000 Database

From: Steve Thompson (stevethompson_at_nomail.please)
Date: 07/22/04

• Next message: Kevin McDonnell [MSFT]: "RE: SQL Server & SSL & Fully Qualified Domain Name"
• Previous message: Steve Thompson: "Re: import user list"
• In reply to: Kaustav: "How to Encrypt a SQL Server 2000 Database"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 22 Jul 2004 14:27:52 -0400

"Kaustav" <Kaustav@discussions.microsoft.com> wrote in message
news:E805034F-39E2-433C-A171-818B1D30C95C@microsoft.com...
> I am looking for some hint and help on how to go about encrypting a SQL
Server 2000 Database. So far I have looked into the possibility of
encrypting data in tables using my custom functions, however this process
seems pretty slow and resource intensive. Ideally I would want a solution
where in the whole DB can be encrypted so that I don't have to make any
changes to my stored procedures, functions etc.

You can use EFS, just be sure to encrypt the mdf & ldf files under the
credentials (logged in as) the account running MSSQLServer service. Also,
you'd need to use the same account to decrypt the files.

> In case someone manages to login to EM or Query Analyzer, would he be able
to access data or modify stored procedures in such a scenario. Also would he
be able to restore the DB from a backup copy and misuse it ?

You can properly secure SQL Server, use Windows Authentication, so you can
"lock down" who gets and does not get access. Here's a starting point with
one good link to the security white paper:
http://www.microsoft.com/sql/techinfo/administration/2000/security/securingsqlserver.asp

> Also what are the pros and cons of using EFS on Win 2k.

Slight degradation in performance.

Steve

• Next message: Kevin McDonnell [MSFT]: "RE: SQL Server & SSL & Fully Qualified Domain Name"
• Previous message: Steve Thompson: "Re: import user list"
• In reply to: Kaustav: "How to Encrypt a SQL Server 2000 Database"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: User Passwords and Crypto API ... Be careful where you look for examples of using CryptoAPI. ... into the trap of encrypting text in the ANSI code page, ... > Currently users of our system which is built using VB 6.0 and SQL ... > 2000 need to enter a username and password before they can use the system. ... (microsoft.public.vb.general.discussion) Re: What is the best practices are supposed to be for MS SQL authentication? ... Microsoft SQL Server 2000 SP3 Security Features and Best Practices ... For encrypting client->server communication ... (microsoft.public.sqlserver.server) Data Security ... Is there a way to provide the security to the data present in the SQL ... Server, like encrypting the entire data? ... Sheshadrinath R ... (microsoft.public.sqlserver.security) Re: how to insert xml into sql 2005 ... If you set up a linked server on the SQL side or as linked tabels on the ... Access side the DBMS (SQL or Access) will see the other's tables as local ... like "pass-through" queries. ... I would recommend loading your Access data into tables located on SQL Server ... (microsoft.public.sqlserver.xml) criticism of web based password manager requested ... browser using javascript before being pased to the server. ... password for encrypting all of these is never sent to the server or ... Everything is associated with a user identified by an MD5 hash of their ... created a verification string is generated on the client browser using ... (sci.crypt)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint