SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


"Column encryption" software recommendations?


"Column encryption" software recommendations?

Author
Message
Barkingdog
Barkingdog
Hall of Fame
Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)

Group: General Forum Members
Points: 3559 Visits: 926

I am testing software to encrypt columns in sql tables. It's an interesting experience. Typically such software renames the base table containing encrypted columns and creates a VIEW having the name of the original table. The idea is to make the transformation have as little impact as possible at the source code level. I applied one company's package to a test databases (pretyy complex ones) and found out... after much trouble .... that I couldn't de-crypt the very columns I had encryped! Yes, I can encrypt\decrypt Northwind with their product, I am working with the company on this one.

I also found that DTS no longer recognized the table name and that QA, expecting to display text, would sometimes freak out when it hit an encrypted (binary) field.

That's my sob story. Now I'm chechking out the products of Protegrity hoping to have greatr success.

Can you recommed database encryption software for me to test?

TIA,

Bill





Site Owners
Site Owners
SSChampion
SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)SSChampion (12K reputation)

Group: Administrators
Points: 12731 Visits: 24
No one has responded to this topic yet. Even if you don't have a complete answer, the original poster will appreciate any thoughts you have!
Scott McGarrell
Scott McGarrell
Forum Newbie
Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)Forum Newbie (6 reputation)

Group: General Forum Members
Points: 6 Visits: 1
Check out Imceda Software.
Barkingdog
Barkingdog
Hall of Fame
Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)Hall of Fame (3.6K reputation)

Group: General Forum Members
Points: 3559 Visits: 926

Just FYI I am testing two SQL Encryption packages, once called NetLIB and the other SecureData (by Protegrity). Both promise do do column-level encryption.

From the limited response to this quesiotn I take it that most DBA's don't use such software. Be forwarned that such software does not support all SQL datatypes and can conflict with triggers.

Bill





Jason Hall
Jason Hall
Ten Centuries
Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)Ten Centuries (1.1K reputation)

Group: General Forum Members
Points: 1064 Visits: 82
Be wary of column level encryption. It sounds like a great idea but is miserable on performance. I also know that it is very difficult and potentially impossible to create an index on an encrypted column.
DAVNovak
DAVNovak
Right there with Babe
Right there with Babe (766 reputation)Right there with Babe (766 reputation)Right there with Babe (766 reputation)Right there with Babe (766 reputation)Right there with Babe (766 reputation)Right there with Babe (766 reputation)Right there with Babe (766 reputation)Right there with Babe (766 reputation)

Group: General Forum Members
Points: 766 Visits: 210

I have had some success working with a product called 'xp_Crypt'.

If you would like to look into this product, check out 'www.activecrypt.com'.

I had a need to encrypt account numbers that where to be accessed from an in-store kiosk. I found this product very easy to work with and understand. The nicest thing about it was the Free Ware version worked just fine for my requirements. However there is a expanded version that you can by that gives you better performance and capabilities.

Dave





bruce sherwood-232207
bruce sherwood-232207
Valued Member
Valued Member (65 reputation)Valued Member (65 reputation)Valued Member (65 reputation)Valued Member (65 reputation)Valued Member (65 reputation)Valued Member (65 reputation)Valued Member (65 reputation)Valued Member (65 reputation)

Group: General Forum Members
Points: 65 Visits: 28
I too have used XP_crypt.

Great tool for field level encryption. Its a good way to encrypt a field (which becomes a column) so that someone who gets the table can;t use it with out the right way to decrypt it.

But there in lies a trap. Unless the database engine itself knows how to work inside the encrypted data, you can't sort it or select by it without decrypting it first. Big performance hit overall.

my use? I use it to store passwords for a web application using one way encryption. I never search by them, I don't sort by them. I just encrypt my incoming value and test for equality. very little impact from that.
Hans Lindgren
Hans Lindgren
SSCrazy
SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)SSCrazy (2.9K reputation)

Group: General Forum Members
Points: 2922 Visits: 366

Albeit SQL Server 2005 wasn't out when you guys were writing these comments; do you now see anything against using SQL Server 2005 encryption? That is, if you can migrate your data without too much hustle?

Regards,

Hanslindgren





Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search