[AccessD] SQL Server Encrypted field

jwcolby jwcolby at colbyconsulting.com
Thu Jun 7 23:53:51 CDT 2012


I just want to discuss ideas of how to do this at all.  The built-in SQL Server methods appear to be 
aimed at entire tables or columns.  Obviously for what I want to do I need to encrypt each field of 
a specific column.  Fairly different.

John W. Colby
Colby Consulting

Reality is what refuses to go away
when you do not believe in it

On 6/7/2012 9:54 AM, Charlotte Foust wrote:
> So do you want to discuss how to do this using the built in SQL Server
> features or through encryption/decription at the UI level?
>
> Charlotte Foust
> On Wed, Jun 6, 2012 at 10:08 AM, jwcolby<jwcolby at colbyconsulting.com>wrote:
>
>> I need to store sensitive data in specific fields of specific tables.  I
>> find things like:
>>
>> http://msdn.microsoft.com/en-**us/library/ms179331.aspx<http://msdn.microsoft.com/en-us/library/ms179331.aspx>
>>
>>
>>
>> Which discusses creating a certificate etc.  Hmm... what happens if the
>> database is backed up?  What happens if I need to move the database?
>>
>> And of course my favorite SQL guy (Pinal Dave):
>>
>> http://blog.sqlauthority.com/**2009/04/28/sql-server-**
>> introduction-to-sql-server-**encryption-and-symmetric-key-**
>> encryption-tutorial-with-**script/<http://blog.sqlauthority.com/2009/04/28/sql-server-introduction-to-sql-server-encryption-and-symmetric-key-encryption-tutorial-with-script/>
>>
>>
>>
>> In the end however what I want do (in this case) is to allow specific
>> information to be encrypted / decrypted on a user specific basis, i.e.
>> based on something user specific.
>>
>> Assume that users need to store their own Email Address, username and
>> password in my database and then use that to send email "on their behalf"
>> from my system.  The database is used for generating Community Volunteer
>> passes, and when the pass is created it is printed to PDF, attached to an
>> email and mailed to one or more email address at a specific prison.  I have
>> created a new GMail account with a username and password but it would be
>> nice to allow each user to enter their own email address / username /
>> password to send from so that if there are issues and the prison replies to
>> the email, it gets back to them directly.  Using my current system it would
>> come back to my general address.  Of course I can do a "do not respond to
>> this email" kind of thing but I have already been asked if they can get
>> responses.
>>
>> Obviously if I am going to store a user's email address, username and
>> password it has to be encrypted, but furthermore it has to be retrievable
>> only by that user.
>>
>> --
>> John W. Colby
>> Colby Consulting
>>
>> Reality is what refuses to go away
>> when you do not believe in it
>>
>> --
>> AccessD mailing list
>> AccessD at databaseadvisors.com
>> http://databaseadvisors.com/**mailman/listinfo/accessd<http://databaseadvisors.com/mailman/listinfo/accessd>
>>
>>
>> Website: http://www.databaseadvisors.**com<http://www.databaseadvisors.com>
>>
>>
>>



More information about the AccessD mailing list