[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

microsoft.public.sqlserver.programming

I need to hide datas on [database].MDF file on other MSSQL server. HELP!!!

Orgil

3/22/2007 4:58:00 AM

Hi.
I have a database named SUTDNet on a server on my computer. I created
a few users for this database and i restricted any one's interests for
this database. However, i can't hide my database's datas when anyone
copies SUTDNet.mdf database file from my computer and attaches this
file on other server on other computer. The thief of data file can
enter my computer. When it goes, all user rights for the database on
my server are ineffective on other server.

How do I keep my datas from a theft like copying my data files.

Really appreciate any help and advice offered. Thank you.
Regards
Orgil.
4 Answers

masri999

3/22/2007 5:21:00 AM

0

On Mar 22, 9:58 am, "Orgil" <orgi...@yahoo.com> wrote:
> Hi.
> I have a database named SUTDNet on a server on my computer. I created
> a few users for this database and i restricted any one's interests for
> this database. However, i can't hide my database's datas when anyone
> copies SUTDNet.mdf database file from my computer and attaches this
> file on other server on other computer. The thief of data file can
> enter my computer. When it goes, all user rights for the database on
> my server are ineffective on other server.
>
> How do I keep my datas from a theft like copying my data files.
>
> Really appreciate any help and advice offered. Thank you.
> Regards
> Orgil.

How can thief enter into your computer . Provide NT security access
on the folder where database files are residing .

Orgil

3/22/2007 6:31:00 AM

0


M A Srinivas wrote:
> On Mar 22, 9:58 am, "Orgil" <orgi...@yahoo.com> wrote:
> > Hi.
> > I have a database named SUTDNet on a server on my computer. I created
> > a few users for this database and i restricted any one's interests for
> > this database. However, i can't hide my database's datas when anyone
> > copies SUTDNet.mdf database file from my computer and attaches this
> > file on other server on other computer. The thief of data file can
> > enter my computer. When it goes, all user rights for the database on
> > my server are ineffective on other server.
> >
> > How do I keep my datas from a theft like copying my data files.
> >
> > Really appreciate any help and advice offered. Thank you.
> > Regards
> > Orgil.
>
> How can thief enter into your computer . Provide NT security access
> on the folder where database files are residing .

the thief has a valid user right. The thief is coworker for example.
Only way that hide my datas is the thief hasn't any chanse to enter
into database after attaching data file.

Razvan Socol

3/22/2007 7:12:00 AM

0

Hello, Orgil

I'm afraid that it's not possible to have a secure database without
having a secure computer. The SQL Server security is based on the OS
security, which in turn is based on the physical security. Even if you
encrypt all data, the key must be stored somewhere on the server
(unless the decryption key is entered by the user, when he connects to
the database), so that the system can decrypt and use the data. So you
must ensure that you trust the users who have administrative rights on
that computer and you do not allow physical access to the computer to
untrusted persons.

Razvan

Orgil

3/22/2007 7:34:00 AM

0

Thank you Razvan Socol. I have a valuable advise from you.

Razvan Socol wrote:
> Hello, Orgil
>
> I'm afraid that it's not possible to have a secure database without
> having a secure computer. The SQL Server security is based on the OS
> security, which in turn is based on the physical security. Even if you
> encrypt all data, the key must be stored somewhere on the server
> (unless the decryption key is entered by the user, when he connects to
> the database), so that the system can decrypt and use the data. So you
> must ensure that you trust the users who have administrative rights on
> that computer and you do not allow physical access to the computer to
> untrusted persons.
>
> Razvan