Showing posts with label protect. Show all posts
Showing posts with label protect. Show all posts

Friday, March 30, 2012

Protect DataBAse which is distributed on many SQL Servers

Hi,
I need to protect SQL Server 2000 database which I will distrubute to many
of my customers on their own SQL Servers. Unfortunately I still can't find a
way to solve this issue. Would you please help me with this?
Many thanks in advance!
Best regards,
Mariyan GotsevProtect in what way? What is it exactly you wish to prevent?
Andrew J. Kelly SQL MVP
"Mariyan" <mgms@.dir.bg> wrote in message
news:OblbpQPxDHA.2340@.TK2MSFTNGP12.phx.gbl...
quote:

>
> --
> Hi,
> I need to protect SQL Server 2000 database which I will distrubute to many
> of my customers on their own SQL Servers. Unfortunately I still can't find

a
quote:

> way to solve this issue. Would you please help me with this?
> Many thanks in advance!
> Best regards,
> Mariyan Gotsev
>
>
|||If you want to protect sql code of your procedures, triggers and views you
can use SQL Shield. http://www.activecrypt.com/sqlshield_howto.html|||Hi,
I have an application true which I want database to be available only. I
need to prevent every one of my customers from any access to the data in
the database, as there I put important customer information and customer
related restrictions - do the customer have rights to use some application
modules or not like example. What I need is very similar to MS Access
database password. You just can't open the database on every one machine if
you have not the database password. But for SQL Server this simple
protection seems to be much more difficult to implement. Please help me.
Many thanks!
Best regards,
Mariyan Gotsev
"Andrew J. Kelly" <sqlmvpnoooospam@.shadhawk.com> wrote in message
news:%2344QlrRxDHA.4060@.TK2MSFTNGP11.phx.gbl...
quote:

> Protect in what way? What is it exactly you wish to prevent?
> --
> Andrew J. Kelly SQL MVP
>
> "Mariyan" <mgms@.dir.bg> wrote in message
> news:OblbpQPxDHA.2340@.TK2MSFTNGP12.phx.gbl...
many[QUOTE]
find[QUOTE]
> a
>
|||Hi,
I have an application true which I want database to be available only. I
need to prevent every one of my customers from any access to the data in
the database, as there I put important customer information and customer
related restrictions - do the customer have rights to use some application
modules or not like example. What I need is very similar to MS Access
database password. You just can't open the database on every one machine if
you have not the database password. But for SQL Server this simple
protection seems to be much more difficult to implement. Please help me.
Many thanks!
Best regards,
Mariyan Gotsev
"Andrey Kubyshev" <email.ANTISPAM@.vtc.ru> wrote in message
news:brrq4s$ep3$02$1@.news.t-online.com...
quote:

> If you want to protect sql code of your procedures, triggers and views you
> can use SQL Shield. http://www.activecrypt.com/sqlshield_howto.html
>
|||To gain access to the database, you need a login defined with access
granted to a particular database. This is similar to Accessing
a secured Access database. Local machine admins by default have sysadmin
permission. You can change this:
http://www.microsoft.com/sql/techin...ration/May3.asp
If you're distributing your application with MSDE, you can disable all
network protocols during the install.
This means that only a locally logged on user can access the database.
See: DISABLENETWORKPROTOCOLS
810826 INF: New Switches in MSDE Service Pack 3 Setup
http://support.microsoft.com/?id=810826
You may want to consider using Application Roles to control security to the
database.
See: Establishing Application Security and Application Roles in SQL Books
Online.
In addition you should read this technet article before deploying your
application.
http://www.microsoft.com/technet/tr...chnet/prodtechn
ol/sql/maintain/security/sp3sec/SP3SEC03.ASP
Some addtional checklists :
http://msdn.microsoft.com/library/d...-us/dnnetsec/ht
ml/CL_SecDBSe.asp
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.
Posted by entrenchvbni at 6:41 AM 0 comments
Labels: , , , , , , , , , , , , ,

Protect Data and Schema SQL SERVER 2005 EXPRESS

We have a commercial VB.NET winforms client/server application that utilizes SQL Server 2005 express edition. The schema and data that the application utilizes is proprietary and could be very damaging if it got into a competitors hands.

Is there any way to protect the data and schema of a sql server 2005 express edition database?

Will this functionality ever be added?

Thanks

As long as youhand over the database to someone, he will have full control over the database, attaching it to its own server and reading the schema from the database. What you can do is to encrypt data as well as stored procedures with certificates. But the schema won′t be hideable as the database will be given to the other party.

HTH, Jens Suessmeyer.

http://www.sqlserver2005.desql

Posted by entrenchvbni at 6:40 AM 0 comments
Labels: , , , , , , , , , , , , , , ,

Protect and invirible Database from each other

Hi,
I'm using Windows 2000 Server + SQL Server 2000 + updated SP
This server is our Web Hosting services and we have many database in SQL Ser
ver.
Each databases are belonged to each customer domains in this Server.
All customers work with SQL Server by using SQL Enterprise Manage to connect
to the Server via TCP/IP.
My problem is that, after customers connect to the SQL Server, they can see
every Databases' name and table name although I'd set the right of each cust
omer to be able to see only their own database.
I'd ask many SQL Experts but they said that if I used SQL Enterprise manager
to remote connect to the SQL Server, this senario could not be protected an
d let me ask Microsoft.
Using SQL Enterprise Manager is the easiest way for my customer to manage th
eir database, so if I let them use the SQL command line to connect to the SQ
L Server, no customers will use my service.
Please help.
Regards,
NeungThere is no way currently to stop them from seeing the other databases. But
unless you give them specific permissions they can not access or view the
data in them.
Andrew J. Kelly SQL MVP
"Neung" <Neung@.discussions.microsoft.com> wrote in message
news:F5F3F38C-8F8B-499F-8C9C-7BE19D350C9A@.microsoft.com...
> Hi,
> I'm using Windows 2000 Server + SQL Server 2000 + updated SP
> This server is our Web Hosting services and we have many database in SQL
Server.
> Each databases are belonged to each customer domains in this Server.
> All customers work with SQL Server by using SQL Enterprise Manage to
connect to the Server via TCP/IP.
> My problem is that, after customers connect to the SQL Server, they can
see every Databases' name and table name although I'd set the right of each
customer to be able to see only their own database.
> I'd ask many SQL Experts but they said that if I used SQL Enterprise
manager to remote connect to the SQL Server, this senario could not be
protected and let me ask Microsoft.
> Using SQL Enterprise Manager is the easiest way for my customer to manage
their database, so if I let them use the SQL command line to connect to the
SQL Server, no customers will use my service.
> Please help.
> Regards,
> Neung|||Thanks and hope it will be solved in the next version.
Regards,
Neung
"Andrew J. Kelly" wrote:

> There is no way currently to stop them from seeing the other databases. B
ut
> unless you give them specific permissions they can not access or view the
> data in them.
> --
> Andrew J. Kelly SQL MVP
>
> "Neung" <Neung@.discussions.microsoft.com> wrote in message
> news:F5F3F38C-8F8B-499F-8C9C-7BE19D350C9A@.microsoft.com...
> Server.
> connect to the Server via TCP/IP.
> see every Databases' name and table name although I'd set the right of eac
h
> customer to be able to see only their own database.
> manager to remote connect to the SQL Server, this senario could not be
> protected and let me ask Microsoft.
> their database, so if I let them use the SQL command line to connect to th
e
> SQL Server, no customers will use my service.
>
>|||Yes, SQL 2005 has a lot of improvements in this area.
Andrew J. Kelly SQL MVP
"Neung" <Neung@.discussions.microsoft.com> wrote in message
news:032A5CFE-D0D9-4727-8032-707D90436D80@.microsoft.com...[vbcol=seagreen]
> Thanks and hope it will be solved in the next version.
> Regards,
> Neung
>
> "Andrew J. Kelly" wrote:
>
But[vbcol=seagreen]
the[vbcol=seagreen]
SQL[vbcol=seagreen]
can[vbcol=seagreen]
each[vbcol=seagreen]
manage[vbcol=seagreen]
the[vbcol=seagreen]|||> My problem is that, after customers connect to the SQL Server, they can
see every Databases' name and table name although I'd set the right of each
customer to be able to see only their own database.
Although database names are visible, I would not expect users to be able to
see other database contents unless they have explicitly been granted access
or the 'guest' user is enabled in the other databases.
Hope this helps.
Dan Guzman
SQL Server MVP
"Neung" <Neung@.discussions.microsoft.com> wrote in message
news:F5F3F38C-8F8B-499F-8C9C-7BE19D350C9A@.microsoft.com...
> Hi,
> I'm using Windows 2000 Server + SQL Server 2000 + updated SP
> This server is our Web Hosting services and we have many database in SQL
Server.
> Each databases are belonged to each customer domains in this Server.
> All customers work with SQL Server by using SQL Enterprise Manage to
connect to the Server via TCP/IP.
> My problem is that, after customers connect to the SQL Server, they can
see every Databases' name and table name although I'd set the right of each
customer to be able to see only their own database.
> I'd ask many SQL Experts but they said that if I used SQL Enterprise
manager to remote connect to the SQL Server, this senario could not be
protected and let me ask Microsoft.
> Using SQL Enterprise Manager is the easiest way for my customer to manage
their database, so if I let them use the SQL command line to connect to the
SQL Server, no customers will use my service.
> Please help.
> Regards,
> Neung
Posted by entrenchvbni at 6:40 AM 0 comments
Labels: , , , , , , , , , , , ,

Protect .rdl-files from being extracted from the Report Server

Hello,
is there any way to protect our .rdl-files on a Report Server of a customer
to be extracted from the Report Server by one of our customer's
administrators? Our customers should not be able to modify or develop further
the reports developed by us.
Kind regards,
RalphNot that I am aware of. You can use roles to limit users from doing this but
an admin on the box is an admin of RS automatically and can do anything.
Bruce Loehle-Conger
MVP SQL Server Reporting Services
"wbiRalph" <wbiRalph@.discussions.microsoft.com> wrote in message
news:48506776-7600-47F6-97A6-9391131E14E7@.microsoft.com...
> Hello,
> is there any way to protect our .rdl-files on a Report Server of a
> customer
> to be extracted from the Report Server by one of our customer's
> administrators? Our customers should not be able to modify or develop
> further
> the reports developed by us.
> Kind regards,
> Ralph
>
Posted by entrenchvbni at 6:39 AM 0 comments
Labels: , , , , , , , , ,

Proprietary data in SQL2005

I'm trying to understand what I can do to protect proprietary data in SQL
2005. I have an application that currently uses Paradox and I plan to move
it to SQL 2005. Most users will start off with SQL 2005 Express, but will
eventually move to a 'full' version of SQL Server. Paradox allows me to
encrypt whole tables. I know it's not very good security because someone
can still do memory dumps etc. but in combination with licensing agreements
it's probably sufficient in my case to protect proprietary data stored in
the database. Can I achieve something similar in SQL 2005?
I see that I can encrypt data in specific columns, but I'm guessing that
those columns can't be indexed? (Or if they were indexed, it would have to
be the encrypted values rather than the original unencrypted values that
would actually be indexed thus making the indexing less useful)? It doesn't
seem like there's any way to encrypt a whole table?
In some of the stuff I've read, I get the sense that if I create a named
instance of a new SQL Server (Standard or Express), I can set up my instance
to only use SQL Authentication. Then I can prevent the Computer Admin of
the machine where SQL Server is installed from using his/her Windows
Authentication to access the database or named instance of the server. The
only way to configure the server or it's databases would be to know the SA
password and use SQL Authentication to log into the SQL server instance. Is
this correct? And, what does this gain me? How hard would it be to take
the database from my named instance and move it to a different SQL Server
Instance and then gain access to it?Hi,
Thanks for using Microsoft Online Managed Newsgroup.
From your description, I understand that:
You wanted to know:
1. if you can encrypt a whole table in SQL Server 2005;
2. if you can set up your SQL Server instance only use SQL Authentication;
3. how you can move your database from your named instance to a different
SQL Server instance and gain access to it.
If I have misunderstood, please let me know.
For your first question, by now there has been no such setting to encrypt a
whole table in SQL Server. You can encrypt a particular column in a table
by using a key or a certificate. You may refer to:
Improving Data Security by Using SQL Server 2005
http://www.microsoft.com/technet/it...tsec.mspx#EYAAC
For your second question, I would like to let you know that SQL Server has
only two authentication mode: one is Windows Authentication mode; the other
is Mixed Authentication mode (include Windows Authentication and SQL
Authentication). So Windows authentication will be always used by SQL
Server. Any trusted connections or local users can access your SQL Server,
however they will not have permissions to access databases if they are not
members of local administrators group and if you do not assign permissions
to them.
For your last question, I recommend that you:
1. Fully backup all of your user databases and logs;
2. Restore the databases to your new SQL Server instance;
3. Transfer SQL Server logins and passwords to the new SQL Server instance.
Please refer to:
How to transfer logins and passwords between instances of SQL Server
http://support.microsoft.com/kb/246133/en-us
Also, I strongly recommend that you refer to this article for more
information:
How to move databases between computers that are running SQL Server
http://support.microsoft.com/kb/314546/en-us
Besides, for SQL Server 2005 instance, you can also use Copy Database to
move the databases:
Using the Copy Database Wizard
http://msdn2.microsoft.com/en-us/library/ms188664.aspx
If you are very concerned with the table level encryption, I recommend that
you give Microsoft feedback via the link:
https://connect.microsoft.com/SQL
Your feedback will be routed to SQL team so that this feature will probably
be included in the next release.
Look forward to your reply. If you have any other questions or concerns,
please feel free to let me know. It is my pleasure to be of assistance.
Charles Wang
Microsoft Online Community Support
========================================
==============
When responding to posts, please "Reply to Group" via your newsreader
so that others may learn and benefit from this issue.
========================================
==============
This posting is provided "AS IS" with no warranties, and confers no rights.
========================================
==============|||Hi,
What is everything going on? Please feel free to let me know if you need
further assistance.
Have a great day!
Sincerely yours,
Charles Wang
Microsoft Online Community Support
Posted by entrenchvbni at 6:19 AM 0 comments
Labels: , , , , , , , , , , ,
Subscribe to: Posts (Atom)