William Benson
vbacreations at gmail.com
Sat Jun 9 03:43:09 CDT 2012
Surely you can create a table per user without difficulty? On Jun 8, 2012 12:56 AM, "jwcolby" <jwcolby at colbyconsulting.com> wrote: > I just want to discuss ideas of how to do this at all. The built-in SQL > Server methods appear to be aimed at entire tables or columns. Obviously > for what I want to do I need to encrypt each field of a specific column. > Fairly different. > > John W. Colby > Colby Consulting > > Reality is what refuses to go away > when you do not believe in it > > On 6/7/2012 9:54 AM, Charlotte Foust wrote: > >> So do you want to discuss how to do this using the built in SQL Server >> features or through encryption/decription at the UI level? >> >> Charlotte Foust >> On Wed, Jun 6, 2012 at 10:08 AM, jwcolby<jwcolby@**colbyconsulting.com<jwcolby at colbyconsulting.com> >> >wrote: >> >> I need to store sensitive data in specific fields of specific tables. I >>> find things like: >>> >>> http://msdn.microsoft.com/en-****us/library/ms179331.aspx<http://msdn.microsoft.com/en-**us/library/ms179331.aspx> >>> <http**://msdn.microsoft.com/en-us/**library/ms179331.aspx<http://msdn.microsoft.com/en-us/library/ms179331.aspx> >>> > >>> >>> >>> >>> Which discusses creating a certificate etc. Hmm... what happens if the >>> database is backed up? What happens if I need to move the database? >>> >>> And of course my favorite SQL guy (Pinal Dave): >>> >>> http://blog.sqlauthority.com/****2009/04/28/sql-server-**<http://blog.sqlauthority.com/**2009/04/28/sql-server-**> >>> introduction-to-sql-server-****encryption-and-symmetric-key-**** >>> encryption-tutorial-with-****script/<http://blog.** >>> sqlauthority.com/2009/04/28/**sql-server-introduction-to-** >>> sql-server-encryption-and-**symmetric-key-encryption-** >>> tutorial-with-script/<http://blog.sqlauthority.com/2009/04/28/sql-server-introduction-to-sql-server-encryption-and-symmetric-key-encryption-tutorial-with-script/> >>> > >>> >>> >>> >>> In the end however what I want do (in this case) is to allow specific >>> information to be encrypted / decrypted on a user specific basis, i.e. >>> based on something user specific. >>> >>> Assume that users need to store their own Email Address, username and >>> password in my database and then use that to send email "on their behalf" >>> from my system. The database is used for generating Community Volunteer >>> passes, and when the pass is created it is printed to PDF, attached to an >>> email and mailed to one or more email address at a specific prison. I >>> have >>> created a new GMail account with a username and password but it would be >>> nice to allow each user to enter their own email address / username / >>> password to send from so that if there are issues and the prison replies >>> to >>> the email, it gets back to them directly. Using my current system it >>> would >>> come back to my general address. Of course I can do a "do not respond to >>> this email" kind of thing but I have already been asked if they can get >>> responses. >>> >>> Obviously if I am going to store a user's email address, username and >>> password it has to be encrypted, but furthermore it has to be retrievable >>> only by that user. >>> >>> -- >>> John W. Colby >>> Colby Consulting >>> >>> Reality is what refuses to go away >>> when you do not believe in it >>> >>> -- >>> AccessD mailing list >>> AccessD at databaseadvisors.com >>> http://databaseadvisors.com/****mailman/listinfo/accessd<http://databaseadvisors.com/**mailman/listinfo/accessd> >>> <http:**//databaseadvisors.com/**mailman/listinfo/accessd<http://databaseadvisors.com/mailman/listinfo/accessd> >>> > >>> >>> >>> Website: http://www.databaseadvisors.****com<http://www.** >>> databaseadvisors.com <http://www.databaseadvisors.com>> >>> >>> >>> >>> > -- > AccessD mailing list > AccessD at databaseadvisors.com > http://databaseadvisors.com/**mailman/listinfo/accessd<http://databaseadvisors.com/mailman/listinfo/accessd> > Website: http://www.databaseadvisors.**com<http://www.databaseadvisors.com> >