I don't want customers to be able to make backups of my sql server database and access the tables data etc.
我不希望客户能够备份我的sql server数据库并访问表数据等。
I know there are some products that will encrypt the data in the tables, and their product will decrypt it when displaying in my application.
我知道有些产品会加密表格中的数据,而他们的产品会在我的应用程序中显示时解密。
What products do you guys know of? What options do I have?
你们知道什么产品?我有什么选择?
(This is a business requirement, however silly it might seem to some hehe).
(这是一项业务要求,但有些嘿嘿似乎很愚蠢)。
Update
This is for sql server 2008 express
这是针对sql server 2008 express的
6 个解决方案
#1
2
There is the 3rd party xp_crypt. It's been around for years. It's an extended stored proc (that is, DLL)
有第三方xp_crypt。它已经存在多年了。这是一个扩展的存储过程(即DLL)
#2
3
The problem with encrypting data inside the database is that as long as the database lives on the client's machine (as you indicated, they're running SQL 2008 Express, so I'm betting it lives on the client's desktops or laptops) then they can get into the data. They can set up security on the instance so that they have SA privileges, and from there, they can get the data, period. There's no way around that.
加密数据库内部数据的问题是,只要数据库存在于客户端的计算机上(如您所示,它们运行SQL 2008 Express,所以我认为它存在于客户端的台式机或笔记本电脑上)然后它们可以进入数据。他们可以在实例上设置安全性,以便他们具有SA权限,从那里,他们可以获取数据,期间。没有办法解决这个问题。
What you have to do is encrypt the data before it hits the database: encrypt it in your application. Inside the app, encrypt the data that you want to store in each sensitive field. As another poster indicated, you don't want to encrypt ID fields because those are used for indexing.
您需要做的是在数据到达数据库之前加密数据:在应用程序中加密数据。在应用程序内部,加密要存储在每个敏感字段中的数据。正如另一张海报所示,您不希望加密ID字段,因为它们用于索引。
#3
0
SQL Server 2008 supports database encryption natively. Check the documentation for Transparent Data Encryption (TDE).
SQL Server 2008本机支持数据库加密。查看透明数据加密(TDE)的文档。
#4
0
You can encrypt stored procedures, which can protect your logic.
您可以加密存储过程,这可以保护您的逻辑。
TDE is available only Enterprise edition.
TDE仅适用于企业版。
I can't find if it supports native sql encryption - but you could find this out with a little searching. But if it did you could probably set the database master key with your application and keep all of the decryption/encryption code in your application.
我找不到它是否支持本机sql加密 - 但你可以通过一点搜索找到它。但如果确实如此,您可以使用您的应用程序设置数据库主密钥,并将所有解密/加密代码保留在您的应用程序中。
If it doesn't support native encryption, you might want to creat/find your own encryption functions in your application language and lock away the keys in your code.
如果它不支持本机加密,您可能希望使用应用程序语言创建/查找自己的加密函数,并锁定代码中的密钥。
#5
0
Transparent Data Encryption will encrypt the database on disk, but is unencrypted in memory, so appropriate security would also be necessary to ensure unauthorised users cannot access the table. As it's an Enterprise-only feature, you can safely move away from it.
透明数据加密将对磁盘上的数据库进行加密,但在内存中未加密,因此还需要适当的安全性以确保未经授权的用户无法访问该表。由于它是仅限企业版的功能,因此您可以安全地远离它。
SQL Server 2005 and above have built-in encryption features - have a look at Books Online, and especially Chapter 5 - Encryption of Adam Machanic's Expert SQL Server 2005 Development book (technically, Lara Rubbelke wrote chapter 5 though).
SQL Server 2005及更高版本具有内置加密功能 - 查看联机丛书,特别是第5章 - 加载Adam Machanic的Expert SQL Server 2005开发书(技术上,Lara Rubbelke写了第5章)。
Note that you'll only want to encrypt some columns - those that you'll never try to look up, as encrypted columns are pretty much useless for indexing. Adam Machanic's book suggests ways to solve this problem.
请注意,您只想加密某些列 - 那些您永远不会尝试查找的列,因为加密列对于索引几乎没用。 Adam Machanic的书提出了解决这个问题的方法。
#6
0
Another solution for transparent SQL Server encryption is DbDefence Free for databases less than 77 MBs.
对于小于77 MB的数据库,透明SQL Server加密的另一个解决方案是DbDefence Free。
#1
2
There is the 3rd party xp_crypt. It's been around for years. It's an extended stored proc (that is, DLL)
有第三方xp_crypt。它已经存在多年了。这是一个扩展的存储过程(即DLL)
#2
3
The problem with encrypting data inside the database is that as long as the database lives on the client's machine (as you indicated, they're running SQL 2008 Express, so I'm betting it lives on the client's desktops or laptops) then they can get into the data. They can set up security on the instance so that they have SA privileges, and from there, they can get the data, period. There's no way around that.
加密数据库内部数据的问题是,只要数据库存在于客户端的计算机上(如您所示,它们运行SQL 2008 Express,所以我认为它存在于客户端的台式机或笔记本电脑上)然后它们可以进入数据。他们可以在实例上设置安全性,以便他们具有SA权限,从那里,他们可以获取数据,期间。没有办法解决这个问题。
What you have to do is encrypt the data before it hits the database: encrypt it in your application. Inside the app, encrypt the data that you want to store in each sensitive field. As another poster indicated, you don't want to encrypt ID fields because those are used for indexing.
您需要做的是在数据到达数据库之前加密数据:在应用程序中加密数据。在应用程序内部,加密要存储在每个敏感字段中的数据。正如另一张海报所示,您不希望加密ID字段,因为它们用于索引。
#3
0
SQL Server 2008 supports database encryption natively. Check the documentation for Transparent Data Encryption (TDE).
SQL Server 2008本机支持数据库加密。查看透明数据加密(TDE)的文档。
#4
0
You can encrypt stored procedures, which can protect your logic.
您可以加密存储过程,这可以保护您的逻辑。
TDE is available only Enterprise edition.
TDE仅适用于企业版。
I can't find if it supports native sql encryption - but you could find this out with a little searching. But if it did you could probably set the database master key with your application and keep all of the decryption/encryption code in your application.
我找不到它是否支持本机sql加密 - 但你可以通过一点搜索找到它。但如果确实如此,您可以使用您的应用程序设置数据库主密钥,并将所有解密/加密代码保留在您的应用程序中。
If it doesn't support native encryption, you might want to creat/find your own encryption functions in your application language and lock away the keys in your code.
如果它不支持本机加密,您可能希望使用应用程序语言创建/查找自己的加密函数,并锁定代码中的密钥。
#5
0
Transparent Data Encryption will encrypt the database on disk, but is unencrypted in memory, so appropriate security would also be necessary to ensure unauthorised users cannot access the table. As it's an Enterprise-only feature, you can safely move away from it.
透明数据加密将对磁盘上的数据库进行加密,但在内存中未加密,因此还需要适当的安全性以确保未经授权的用户无法访问该表。由于它是仅限企业版的功能,因此您可以安全地远离它。
SQL Server 2005 and above have built-in encryption features - have a look at Books Online, and especially Chapter 5 - Encryption of Adam Machanic's Expert SQL Server 2005 Development book (technically, Lara Rubbelke wrote chapter 5 though).
SQL Server 2005及更高版本具有内置加密功能 - 查看联机丛书,特别是第5章 - 加载Adam Machanic的Expert SQL Server 2005开发书(技术上,Lara Rubbelke写了第5章)。
Note that you'll only want to encrypt some columns - those that you'll never try to look up, as encrypted columns are pretty much useless for indexing. Adam Machanic's book suggests ways to solve this problem.
请注意,您只想加密某些列 - 那些您永远不会尝试查找的列,因为加密列对于索引几乎没用。 Adam Machanic的书提出了解决这个问题的方法。
#6
0
Another solution for transparent SQL Server encryption is DbDefence Free for databases less than 77 MBs.
对于小于77 MB的数据库,透明SQL Server加密的另一个解决方案是DbDefence Free。