[dba-SQLServer] RE: Security & encryption

John W. Colby jwcolby at colbyconsulting.com
Wed May 11 09:04:42 CDT 2005 

And if it hasn't been mentioned already, sorts by those values won't work,
at least at the query level.  You may get it to work at the report level
after the data has been unencrypted.

John W. Colby
www.ColbyConsulting.com 

Contribute your unused CPU cycles to a good cause:
http://folding.stanford.edu/

-----Original Message-----
From: dba-sqlserver-bounces at databaseadvisors.com
[mailto:dba-sqlserver-bounces at databaseadvisors.com] On Behalf Of Roz Clarke
Sent: Wednesday, May 11, 2005 10:00 AM
To: 'mailto:sql2k at ls.sswug.org'
Cc: 'dba-sqlserver at databaseadvisors.com'
Subject: [dba-SQLServer] RE: Security & encryption


I think we will go with encryption at the field level - realistically, we
need to be able to access the table structure, but not to see certain peices
of information. Nothing that they want to keep us away from will involve
relationships so encrypting the data on entry shouldn't cause us any
problems.

-----Original Message-----
From: Steve Carter [mailto:steve.carter at donnslaw.co.uk] 
Sent: 11 May 2005 11:49
To: roz.clarke at donnslaw.co.uk
Subject: Fw: Security & encryption


 
----- Original Message ----- 
From: Francisco Tapia <mailto:fhtapia at gmail.com>  
To: SQL Server 2k List <mailto:sql2k at ls.sswug.org>  
Cc: roz.clarke at donnslaw.co.uk <mailto:roz.clarke at donnslaw.co.uk>  ;
dba-sqlserver at databaseadvisors.com
<mailto:dba-sqlserver at databaseadvisors.com>  
Sent: Tuesday, May 10, 2005 5:25 PM
Subject: Re: Security & encryption

Oh, I hadn't thought of that.  If it is encrypted at the Front end, as a DBA
you'd still be able to get to the data tho...



On 5/10/05, Gavin <gavin at cobraball.co.uk <mailto:gavin at cobraball.co.uk> >
wrote: 

It could very easily be done if the encryption is handled purely in the
front end application.
 
While possible to encrypt a whole table you'd need to ask yourself how you'd
join on its columns or write your where clauses and still benefit from the
client/server model.
 
You could even encrypt everything in your SQL Server database but the
overhead in network traffic and client processing would be huge.
 
 
 
 
 


----- Original Message ----- 
From: Francisco Tapia <mailto:fhtapia at gmail.com>  
To: SQL Server 2k List <mailto:sql2k at ls.sswug.org>  
Cc: roz.clarke at donnslaw.co.uk <mailto:roz.clarke at donnslaw.co.uk>  
Sent: Tuesday, May 10, 2005 5:14 PM 
Subject: Fwd: Security & encryption

I'm forwarding this message on to this list because I think the author of
the original post would receive a better response from this group... I am
also curious how a dba could encrypt a whole table (or set of tables) and
lock themselves out of it.. :|


---------- Forwarded message ----------
From: Roz Clarke <roz.clarke at donnslaw.co.uk
<mailto:roz.clarke at donnslaw.co.uk> >
Date: May 10, 2005 2:04 AM 
Subject: Security & encryption 
To: 
Hi all

This may or may not be slightly OT... We have been asked by our HR
department whether it's possible for us to build a storage facility for
confidential data (such as salary information), that is encrypted and that 
neither we nor the network administrators could get into once it's gone
live. Ideally it would be integrated with their current application which is
Access 2002 FE / SQL Server 7.0 BE.

How do I build an encrypted database that I can then lock myself out of 
completely?! Without locking everyone else out too (that I've done before).

Management are willing to spend some money if necessary.

TIA

Roz




-- 
-Francisco
http://pcthis.blogspot.com <http://pcthis.blogspot.com>  |PC news with out
the jargon! http://sqlthis.blogspot.com  <http://sqlthis.blogspot.com> |
Tsql and More...

More information about the dba-SQLServer mailing list