Razvan Socol
3/22/2007 7:12:00 AM
Hello, Orgil
I'm afraid that it's not possible to have a secure database without
having a secure computer. The SQL Server security is based on the OS
security, which in turn is based on the physical security. Even if you
encrypt all data, the key must be stored somewhere on the server
(unless the decryption key is entered by the user, when he connects to
the database), so that the system can decrypt and use the data. So you
must ensure that you trust the users who have administrative rights on
that computer and you do not allow physical access to the computer to
untrusted persons.
Razvan