Decryption within an application
- From: "Chuck Reif" <creif@xxxxxxxxxxxxxxxxxxx>
- Date: Wed, 16 May 2007 15:31:21 -0700
I need to encrypt one column of data in a single table and I pretty much
have all the operations figured out, including maintaining both the
encrpyted data and a one way hash for searches. I have a view which
decrypts the data properly when the symmetric key has been opened (and
obviously returns null when the key is not open).
I want the view to return the decrypted data only when the user is accessing
the database from a single application. This application maintains a single
database connection per session. My thought was to open the key when the
database connection is established by the application and close it when the
application exits, thereby granting access only through the application. Is
that an acceptable practice?
If I do that, should I protect the key with a password that is then compiled
in the application so that I can open the key? This means that every
installation will have a key protected by the same password. Or is there a
better way to do that?
Thanks for any help.
.
- Follow-Ups:
- Re: Decryption within an application
- From: Mike C#
- Re: Decryption within an application
- Prev by Date: Roles in 2005
- Next by Date: Re: Thousands of Login failed for user 'sa'
- Previous by thread: Roles in 2005
- Next by thread: Re: Decryption within an application
- Index(es):
Relevant Pages
|
