I have a requirement to encrypt a number of database columns (in Sql Server 2012). It has been decided that we should use column level encryption (implemented in sql server). On the application side i will be building a web api on top of some complex domain models. I really want to utilize Entity Framework's code first approach, to maintain a clean domain model). Does anyone have a workable solution here that does not involve resorting back to stored procedures? Ideally I would like to somehow manipulate the sql generated by entity framework to wrap certain fields to do the sql encryption / decryption functions.
我需要加密许多数据库列(在Sql Server 2012中)。已经决定我们应该使用列级加密(在sql server中实现)。在应用程序方面,我将在一些复杂的域模型之上构建一个web api。我真的想利用Entity Framework的代码第一种方法来维护一个干净的域模型。有没有人在这里有一个可行的解决方案,不涉及诉诸存储过程?理想情况下,我想以某种方式操纵实体框架生成的sql来包装某些字段来执行sql加密/解密功能。
Ideally , something like:
理想情况下,例如:
modelBuilder.Entity<MyTable>().ToTable("Table1").Property(p => p.SensativeData).encrypt("keyName",authenticatorFunc);
2 个解决方案
#1
3
In SQL Server 2012, column level encryption can be done mainly in two ways ie,
在SQL Server 2012中,列级加密主要可以通过两种方式完成,即:
- Defining Custom Encryption function in Entity framework. this blog
- SQL Cell Level Encryption implementation done in entity framework in dbcontext Class (execute open symmetric key code here) using this blog and using stored procedure (which contain decryption code for specified field in tables ) retrieve result sets.
在Entity框架中定义自定义加密功能。这个博客
SQL单元级加密实现在dbcontext类的实体框架中完成(此处执行开放对称密钥代码),使用此博客并使用存储过程(包含表中指定字段的解密代码)检索结果集。
In SQL server 2016 there is new feature ie, Always encrypted and has its implementation in entity framework here.
在SQL Server 2016中有一个新功能,即始终加密,并在此处实体框架中实现。
#2
1
Crypteron has a free Entity Framework adapter, CipherDb, that can work with any SQL Server. In fact, Crypteron CipherDb works with any Entity Framework compatible database - even MySQL, PostGreSQL and more.
Crypteron有一个免费的实体框架适配器CipherDb,可以与任何SQL Server一起使用。事实上,Crypteron CipherDb可以与任何与实体框架兼容的数据库 - 甚至MySQL,PostGreSQL等等。
You can annotate the data model with [Secure] or name a property to something like Secure_SocialSecurityNumber (the Secure_ is the key part) and CipherDb automatically performs data encryption, tamper protection, secure key storage, secure key distribution, caching, key roll overs, ACLs and more. You can also use Crypteron to protect streams, files, objects, message queues, noSQL etc.
您可以使用[Secure]注释数据模型或将属性命名为Secure_SocialSecurityNumber(Secure_是关键部分),CipherDb自动执行数据加密,篡改保护,安全密钥存储,安全密钥分发,缓存,密钥滚动, ACL等等。您还可以使用Crypteron来保护流,文件,对象,消息队列,noSQL等。
You can find the sample apps on GitHub at https://github.com/crypteron/crypteron-sample-apps
您可以在GitHub上找到示例应用程序,网址为https://github.com/crypteron/crypteron-sample-apps
Disclaimer: I work there and we do have a free community edition which anyone can use.
免责声明:我在那里工作,我们有一个任何人都可以使用的免费社区版。
#1
3
In SQL Server 2012, column level encryption can be done mainly in two ways ie,
在SQL Server 2012中,列级加密主要可以通过两种方式完成,即:
- Defining Custom Encryption function in Entity framework. this blog
- SQL Cell Level Encryption implementation done in entity framework in dbcontext Class (execute open symmetric key code here) using this blog and using stored procedure (which contain decryption code for specified field in tables ) retrieve result sets.
在Entity框架中定义自定义加密功能。这个博客
SQL单元级加密实现在dbcontext类的实体框架中完成(此处执行开放对称密钥代码),使用此博客并使用存储过程(包含表中指定字段的解密代码)检索结果集。
In SQL server 2016 there is new feature ie, Always encrypted and has its implementation in entity framework here.
在SQL Server 2016中有一个新功能,即始终加密,并在此处实体框架中实现。
#2
1
Crypteron has a free Entity Framework adapter, CipherDb, that can work with any SQL Server. In fact, Crypteron CipherDb works with any Entity Framework compatible database - even MySQL, PostGreSQL and more.
Crypteron有一个免费的实体框架适配器CipherDb,可以与任何SQL Server一起使用。事实上,Crypteron CipherDb可以与任何与实体框架兼容的数据库 - 甚至MySQL,PostGreSQL等等。
You can annotate the data model with [Secure] or name a property to something like Secure_SocialSecurityNumber (the Secure_ is the key part) and CipherDb automatically performs data encryption, tamper protection, secure key storage, secure key distribution, caching, key roll overs, ACLs and more. You can also use Crypteron to protect streams, files, objects, message queues, noSQL etc.
您可以使用[Secure]注释数据模型或将属性命名为Secure_SocialSecurityNumber(Secure_是关键部分),CipherDb自动执行数据加密,篡改保护,安全密钥存储,安全密钥分发,缓存,密钥滚动, ACL等等。您还可以使用Crypteron来保护流,文件,对象,消息队列,noSQL等。
You can find the sample apps on GitHub at https://github.com/crypteron/crypteron-sample-apps
您可以在GitHub上找到示例应用程序,网址为https://github.com/crypteron/crypteron-sample-apps
Disclaimer: I work there and we do have a free community edition which anyone can use.
免责声明:我在那里工作,我们有一个任何人都可以使用的免费社区版。