Results 1 to 2 of 2

Thread: Database Encryption

  1. #1
    Join Date
    Jul 2004
    Posts
    2

    Database Encryption

    We want to encrypt our entire database in SQL Server using RC4 algorithm.

    We have achieved this database encryption .But we are facing a new problem.We want to use the database for insert ,update,delete operations .Also we want to use data via select queries etc.

    But we do not want to use a middle tier which can exchange data between our application and the database.We also do not want to decrypt the database while modifying/using it because it will defeat the purpose of encryption.

    What shall we do to ensure usage of encryted database while not modifying either the front end application nor using a middle tier?

    Can we go beyond the limits of SQL Server?

  2. #2
    Join Date
    Sep 2002
    Location
    Fantasy
    Posts
    4,254
    1. How about creating stored procedures for insert update and delete. Also encrypt the procedure (with harcoded key)


    http://www.databasejournal.com/img/RC4_enhanced.sql

    2. Limit the permission of your RC4 encrption procedure.

    3. If you like to query some information and do updates you have to decrypt to find what is in the table.

    Server Level
    1 SQL Server uses SSL for transmitting data and retrieving. you can also use multiprotocol to have encryption.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •