Re: SQL 2005 Encryption questions
- From: Erland Sommarskog <esquel@xxxxxxxxxxxxx>
- Date: Wed, 26 Apr 2006 21:57:41 +0000 (UTC)
rcamarda (rcamarda@xxxxxxxxxxxxxx) writes:
What I want:
1. our social security field to be encrypted so that only the person(s)
that need it can decrypt it.
2. prevent DBA's from decrypting the data themselfs
3. Simple way to encrypt the data on the table (maybe a trigger?)
Nothing is simple when it comes to encryption. For starters, I hope that
you are perfectly aware of that if you encrypt the SSN, you cannot
use it to find a person, at least not effeciently?
I thought I would use asymmetric keys, this way I can embed the public
key into my data warehouse process to encrypt the data.
I thought I would prompt the user for the private key when the report
runs, that way I wont store the key on the server.
Cryptography is not my best game, but I thought you needed the private
key to encrypt something?
And I as I understand the topic for CREATE ASYMMETRIC KEY, you always
create or load a key-pair into the database.
I think what you should prompt the user for is the password to the
key. And the user will have to specify the password to encrypt the
data as well. At least, that is my understanding of it. But as I said,
I don't know cryptography too well.
--
Erland Sommarskog, SQL Server MVP, esquel@xxxxxxxxxxxxx
Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx
.
- Follow-Ups:
- Re: SQL 2005 Encryption questions
- From: rcamarda
- Re: SQL 2005 Encryption questions
- References:
- SQL 2005 Encryption questions
- From: rcamarda
- SQL 2005 Encryption questions
- Prev by Date: Re: sql query help
- Next by Date: Re: SQL 2005 Encryption questions
- Previous by thread: SQL 2005 Encryption questions
- Next by thread: Re: SQL 2005 Encryption questions
- Index(es):
Relevant Pages
|
