Sean Lange (7/20/2016)
Eric M Russell (7/20/2016)
Within the stored proceure, you could contain most of your T-SQL, or at least the most sensive parts, encrypted in a varbinary(max) variable. The symmetric key could then be supplied by the application as an input parameter. Use the key to decrypt the contents of the variable, and then execute the decrypted T-SQL text dynamically. However, even that could be defeated by the DBA using a SQL Profiler or SQL Audit event trace.And seriously...what t-sql could really be so sensitive? If there are business rules buried in there it is a good sign the business rules are in the wrong place.
Yeah, it's sort of like the owner of a sandwhich shop who thinks his business has some unique and innovative way of slicing bread or dicing vegetables that gives them a competitive advantage over the deli across the street, so they paper over the windows and make all their kitchen staff sign a nondisclosure form.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho