How to prevent our database to access any person

SQLServerCentral is supported by Red Gate Software Ltd.

Popular Topics

Home

Members

Calendar

Who's On

Home » SQL Server 7,2000 » Administration » How to prevent our database to access any...

14 posts, Page 2 of 2

««1 2

How to prevent our database to access any person

Rate Topic

Display Mode

Topic Options

Author

Message

dsachu

Posted Sunday, September 19, 2010 11:18 AM

SSC Journeyman

Group: General Forum Members
Last Login: Monday, May 13, 2013 3:45 AM
Points: 90, Visits: 335

[quote]Lowell (9/19/2010)

the technology already exists. you can load/unload an xml file to and from your datasets (dataset.ReadXML and dataset.WriteXml methods), and encrypt/decrypt the xml file so no one can look at it.

Can u please make sure which tecnology u are talking .Net or SQL Server, if SQL Server , I don't have any idea about this syntax . Can u go through step by step by which i can learn somethin new concept from you. This will totally new for me and I will obliged to you for your gracious hospitality.

Post #988959

GilaMonster

Posted Sunday, September 19, 2010 11:25 AM

SSC-Dedicated

Group: General Forum Members
Last Login: Today @ 6:38 AM
Points: 37,659, Visits: 29,910

kumar.sachu08 (9/19/2010)

Other Person (Client) not give me permission to access own server for the security point of view.

No, I don't imagine he would.

he is self sql administrator. So, we can't do any such activity. we only give .bak file nothing more.

What I'm saying is if you want to completely control the SQL database, you must host the SQL server, put the SQL database on there and only let the client access it, not administer it.
Your server.
Your database.

If you can't do that, and are giving someone else the backup file, you are giving them complete and total control over that database.

Gail Shaw
Microsoft Certified Master: SQL Server 2008, MVP
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

We walk in the dark places no others will enter
We stand on the bridge and no one may pass

Post #988961

dsachu

Posted Sunday, September 19, 2010 11:41 AM

SSC Journeyman

Group: General Forum Members
Last Login: Monday, May 13, 2013 3:45 AM
Points: 90, Visits: 335

GilaMonster (9/19/2010)[hr

If you can't do that, and are giving someone else the backup file, you are giving them complete and total control over that database.

That's why i am saying microsoft should be work for the same. Provide password facility on backup file, by which no one can execute any command when i set password. Only he can restore database in own SSMS.

Regards,
Sachin Smile

Post #988969

GilaMonster

Posted Sunday, September 19, 2010 11:47 AM

SSC-Dedicated

Group: General Forum Members
Last Login: Today @ 6:38 AM
Points: 37,659, Visits: 29,910

kumar.sachu08 (9/19/2010)

If that was possible, how would the administrator be able to do maintenance (backups, index rebuilds, stats updates)?

Even if that were possible, an admin could still extract code from the database caches, use SQL Trace to see what's been run by the application and reset your application's password (or maybe even see what it is, depending how you create it) and gain access that way.

If you think it's such an essential feature, go tell Microsoft: http://connect.microsoft.com/

Gail Shaw
Microsoft Certified Master: SQL Server 2008, MVP
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

We walk in the dark places no others will enter
We stand on the bridge and no one may pass

Post #988972

« Prev Topic | Next Topic »

14 posts, Page 2 of 2

««1 2

Permissions