data encryption in SQL Server 2005 - protect from SQL Admnis

data encryption in SQL Server 2005 - protect from SQL Admnis

Post by RG9u » Tue, 06 Mar 2007 13:49:13


I need to store some sensitive data in SQL 2005.
Stored procedures will encrypt & decrypt the data. The client app is written
in .NEt using a specific user (belonging to a specific - custom role).

However, inspite of the above, the local Admin can always view the code in
the decription stored procedure & decrypt & hence view the data.

How can i prevent the administrator (everyone) except for the application
from being able to view the data.
Is it possible to remove access to a stored procedure even from an
administrator & give access to a special user (the password of which is know
only by the application)??

Then again the owner of the above role will have access to the stored
procedures!!
 
 
 

data encryption in SQL Server 2005 - protect from SQL Admnis

Post by Tibor Kara » Tue, 06 Mar 2007 16:04:32

This is a good backgrounder on the topic:
http://www.yqcomputer.com/

--
Tibor Karaszi, SQL Server MVP
http://www.yqcomputer.com/
http://www.yqcomputer.com/