Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase ««12

How to prevent our database to access any person Expand / Collapse
Author
Message
Posted Sunday, September 19, 2010 11:18 AM
SSC Journeyman

SSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC Journeyman

Group: General Forum Members
Last Login: Tuesday, September 10, 2013 10:49 PM
Points: 92, Visits: 340
[quote]Lowell (9/19/2010)


the technology already exists. you can load/unload an xml file to and from your datasets (dataset.ReadXML and dataset.WriteXml methods), and encrypt/decrypt the xml file so no one can look at it.


Can u please make sure which tecnology u are talking .Net or SQL Server, if SQL Server , I don't have any idea about this syntax . Can u go through step by step by which i can learn somethin new concept from you. This will totally new for me and I will obliged to you for your gracious hospitality.
Post #988959
Posted Sunday, September 19, 2010 11:25 AM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: General Forum Members
Last Login: Today @ 4:49 AM
Points: 39,952, Visits: 36,307
kumar.sachu08 (9/19/2010)
Other Person (Client) not give me permission to access own server for the security point of view.


No, I don't imagine he would.

he is self sql administrator. So, we can't do any such activity. we only give .bak file nothing more.


What I'm saying is if you want to completely control the SQL database, you must host the SQL server, put the SQL database on there and only let the client access it, not administer it.
Your server.
Your database.

If you can't do that, and are giving someone else the backup file, you are giving them complete and total control over that database.



Gail Shaw
Microsoft Certified Master: SQL Server 2008, MVP
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

We walk in the dark places no others will enter
We stand on the bridge and no one may pass

Post #988961
Posted Sunday, September 19, 2010 11:41 AM
SSC Journeyman

SSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC JourneymanSSC Journeyman

Group: General Forum Members
Last Login: Tuesday, September 10, 2013 10:49 PM
Points: 92, Visits: 340
GilaMonster (9/19/2010)[hr

If you can't do that, and are giving someone else the backup file, you are giving them complete and total control over that database.


That's why i am saying microsoft should be work for the same. Provide password facility on backup file, by which no one can execute any command when i set password. Only he can restore database in own SSMS.

Regards,
Sachin
Post #988969
Posted Sunday, September 19, 2010 11:47 AM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: General Forum Members
Last Login: Today @ 4:49 AM
Points: 39,952, Visits: 36,307
kumar.sachu08 (9/19/2010)
That's why i am saying microsoft should be work for the same. Provide password facility on backup file, by which no one can execute any command when i set password. Only he can restore database in own SSMS.


If that was possible, how would the administrator be able to do maintenance (backups, index rebuilds, stats updates)?

Even if that were possible, an admin could still extract code from the database caches, use SQL Trace to see what's been run by the application and reset your application's password (or maybe even see what it is, depending how you create it) and gain access that way.

If you think it's such an essential feature, go tell Microsoft: http://connect.microsoft.com/



Gail Shaw
Microsoft Certified Master: SQL Server 2008, MVP
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

We walk in the dark places no others will enter
We stand on the bridge and no one may pass

Post #988972
« Prev Topic | Next Topic »

Add to briefcase ««12

Permissions Expand / Collapse