Re: How to protect SQL Server Express database from reverse engineerin
- From: Erland Sommarskog <esquel@xxxxxxxxxxxxx>
- Date: Sat, 02 Aug 2008 15:00:09 -0700
Leto (Leto@xxxxxxxxxxxxxxxxxxxxxxxxx) writes:
We ship SQL Server Express with our application. I would like to
prevent anyone from reverse engineering our database. The names of the
tables, names of the columns, relationships, and data they contain
represent a large part of our intellictual property and there doesn't
seem to be any way to protect it. Is there any way to obfuscate this or
lock the local system administrator out of the database? We use a lot
of stored procs so Compact Edition is not an option.
That is correct, there is no way to this. You can add the WITH ENCRYPTION
clause to stored procedures, views and triggers, but that is no real
encryption, but only obfustication, and it takes a Google search to
find out how to resurrect the source code.
As for tables, you can always make things difficult by using cryptic or
misleading names, but that is far as you can go.
Instead, you need to talk to a lawayer, to help you to write a license
agreement which disallows the user within reasonable limits to sticking
in his nose. I say within reasonable limits, because within three years
the application may be very important to the user, and he runs into a
problem, whereas your company has evaporated into the blue.
--
Erland Sommarskog, SQL Server MVP, esquel@xxxxxxxxxxxxx
Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx
.
- References:
- Prev by Date: How to protect SQL Server Express database from reverse engineerin
- Next by Date: Re: Minimum permissions for Backup/Restore
- Previous by thread: How to protect SQL Server Express database from reverse engineerin
- Index(es):
Relevant Pages
|
