I'm considering writing an offline application that will replicate a local
msde with a central sql server.
I'm wondering if there's any way of securing the msde? What's to stop
someone from taking the mdf file and loading it up on a different machine?
Can I encrypt.
hi Tom,
"TomB" <shuckle@.hotmailXXX.com> ha scritto nel messaggio
news:O7wPcDNnEHA.3684@.TK2MSFTNGP10.phx.gbl...
> I'm considering writing an offline application that will replicate a local
> msde with a central sql server.
> I'm wondering if there's any way of securing the msde? What's to stop
> someone from taking the mdf file and loading it up on a different machine?
> Can I encrypt.
>
you have the same possibilities offered by the full blown SQL Server
edition... actually none =;-D
ok, in order to protect the physical files, you can protect the folder(s)
hosting the files them self, restricting physical access, but a Windows
admin could move them at desire, as, implementing the required SQL Server
privileges managements, a malicious sysadmin can do...
but in such circumstances I'd argue you should consider to fire your
sysadmins...
direct encryption is not included in SQL Server/MSDE, but you can resort on
3rd parties external tools like http://www.activecrypt.com/index.htm ,
http://www.netlib.com/ , google for further...
Andrea Montanari (Microsoft MVP - SQL Server)
http://www.asql.biz/DbaMgr.shtmhttp://italy.mvps.org
DbaMgr2k ver 0.9.1 - DbaMgr ver 0.55.1
(my vb6+sql-dmo little try to provide MS MSDE 1.0 and MSDE 2000 a visual
interface)
-- remove DMO to reply
|||Andrea thanks for your response.
So, there's no built in encryption. That's what I suspected.
Any suggestions on securing the msde files on a laptop?
My thinking is that if someone stole the laptop they could access the files
(*.mdf), copy them and remount them on their own sql server, and therefore
have sa access.
Makes me think that maybe using xml files and encrypted folders would be
safer.
Thanks
TomB
"Andrea Montanari" <andrea.sqlDMO@.virgilio.it> wrote in message
news:2r0hkfF14i6i4U1@.uni-berlin.de...[vbcol=seagreen]
> hi Tom,
> "TomB" <shuckle@.hotmailXXX.com> ha scritto nel messaggio
> news:O7wPcDNnEHA.3684@.TK2MSFTNGP10.phx.gbl...
local[vbcol=seagreen]
machine?
> you have the same possibilities offered by the full blown SQL Server
> edition... actually none =;-D
> ok, in order to protect the physical files, you can protect the folder(s)
> hosting the files them self, restricting physical access, but a Windows
> admin could move them at desire, as, implementing the required SQL Server
> privileges managements, a malicious sysadmin can do...
> but in such circumstances I'd argue you should consider to fire your
> sysadmins...
> direct encryption is not included in SQL Server/MSDE, but you can resort
on
> 3rd parties external tools like http://www.activecrypt.com/index.htm ,
> http://www.netlib.com/ , google for further...
> --
> Andrea Montanari (Microsoft MVP - SQL Server)
> http://www.asql.biz/DbaMgr.shtmhttp://italy.mvps.org
> DbaMgr2k ver 0.9.1 - DbaMgr ver 0.55.1
> (my vb6+sql-dmo little try to provide MS MSDE 1.0 and MSDE 2000 a visual
> interface)
> -- remove DMO to reply
>
|||hi Tom,
"TomB" <shuckle@.hotmailXXX.com> ha scritto nel messaggio
news:eblalEOnEHA.3564@.tk2msftngp13.phx.gbl...
> Andrea thanks for your response.
> So, there's no built in encryption. That's what I suspected.
> Any suggestions on securing the msde files on a laptop?
> My thinking is that if someone stole the laptop they could access the
files
> (*.mdf), copy them and remount them on their own sql server, and therefore
> have sa access.
> Makes me think that maybe using xml files and encrypted folders would be
> safer.
>
hey, you are living in a bad metropolitan area, isn't it? =;-D
ok.. no joke...
as already said, you can resort on external crypting tecnologies... you
could even write your own cypher .Net algorithm and pass your data in and
out befor saving and after reading... but nothing out of the box...
and xml + encrypted folders suffer the same problems... nothing is
uncrackable
Andrea Montanari (Microsoft MVP - SQL Server)
http://www.asql.biz/DbaMgr.shtmhttp://italy.mvps.org
DbaMgr2k ver 0.9.1 - DbaMgr ver 0.55.1
(my vb6+sql-dmo little try to provide MS MSDE 1.0 and MSDE 2000 a visual
interface)
-- remove DMO to reply
|||"hey, you are living in a bad metropolitan area, isn't it? =;-D"
It's a health agency, and they are a touch paranoid about security.
Thanks for all of your input. I'll have to do some thinking about what to
do.
Again...thanks
TomB
"Andrea Montanari" <andrea.sqlDMO@.virgilio.it> wrote in message
news:2r12bsF14p7mjU1@.uni-berlin.de...[vbcol=seagreen]
> hi Tom,
> "TomB" <shuckle@.hotmailXXX.com> ha scritto nel messaggio
> news:eblalEOnEHA.3564@.tk2msftngp13.phx.gbl...
> files
therefore
> hey, you are living in a bad metropolitan area, isn't it? =;-D
> ok.. no joke...
> as already said, you can resort on external crypting tecnologies... you
> could even write your own cypher .Net algorithm and pass your data in and
> out befor saving and after reading... but nothing out of the box...
> and xml + encrypted folders suffer the same problems... nothing is
> uncrackable
> --
> Andrea Montanari (Microsoft MVP - SQL Server)
> http://www.asql.biz/DbaMgr.shtmhttp://italy.mvps.org
> DbaMgr2k ver 0.9.1 - DbaMgr ver 0.55.1
> (my vb6+sql-dmo little try to provide MS MSDE 1.0 and MSDE 2000 a visual
> interface)
> -- remove DMO to reply
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment