How can i prevent the client to open or see the sql dataBase file (mdf) out of the application

Question

How can i prevent the client to open or see the sql dataBase file (mdf) out of the application

Viewing 4 posts - 16 through 20 (of 20 total)

You must be logged in to reply to this topic. Login to reply

Joe Clifford SSCrazy Eights Points: 8789 More actions · Answer 1

Given that we're talking about SQL 2005 there are various encryption options available to prevent exactly what the original poster was asking about - the risk that someone could get ahold of the .MDF/database files and then mount them elsewhere... sounds like a case for an encrypted database (and backups).

Though I very seriously doubt if I'd let a vendor install an encrypted database anywhere without providing us with the key(s).

Joe

Matt Miller (4) SSC Guru Points: 124210 More actions · Answer 2

Joe Clifford (3/20/2008)
Given that we're talking about SQL 2005 there are various encryption options available to prevent exactly what the original poster was asking about - the risk that someone could get ahold of the .MDF/database files and then mount them elsewhere... sounds like a case for an encrypted database (and backups).
Though I very seriously doubt if I'd let a vendor install an encrypted database anywhere without providing us with the key(s).
Joe

Or...run profiler, and it would pick up the unencrypted version of the SP's..

Never mind the performance hit that happens when EVERY call to EVERY procedure, and EVERY table requires decryption. Might as well go back to using Access at that point, because your typical database app will be unusable.

Also - you'd better have a good support team in place, since the on-site DBA's won't be able to do ANYTHING. That will go over like a lead balloon there.

By the way - when you encrypt your key data, range searching only applies to encrypted ranges, so you end up with VERY interesting results.

----------------------------------------------------------------------------------
Your lack of planning does not constitute an emergency on my part...unless you're my manager...or a director and above...or a really loud-spoken end-user..All right - what was my emergency again?

WILLIAM MITCHELL SSChampion Points: 13766 More actions · Answer 3

I'd like to add that there could be legal implications to locking a customer out of the database - I understand the intention is to protect the code, but the data inside the db belongs to the customer. You can't deny them access to their own data.

MsCode_Pro Say Hey Kid Points: 690 More actions · Answer 4

MR William thanks for replaying but there are not just one costumer the costumer is a company so alot of employees has different permissions to see data so i want to prevent all to access the mdf file itself to see its data and its structure out of its priveldge:)

YoU CaN't LoSe WhAt YoU NeVeR HaD;)