Reputation: 958
SQL Server 2008 Encryption Lost
I have read a lot of things in SO but I still cannot figure out the whole mechanism of the encryption thing...
I want my site to write data in an SQL Server. Where should the encryption function be? What does my database need?
I want a webservice of mine to get that data, process them and insert them to another SQL Server decrypted. Should I declar the same protocols there as well? How will know the encryption, keys in order to decrypt? What is the circuit like?
Sorry for being SO FADE (mods you can reject the post) but I cannot follow the logic behing the SQL encryption/decryption mechanism...
Upvotes: 1
Views: 101
Answers (1)
Reputation: 88092
There are different points at which you need to encrypt data.
The first is "in motion". Meaning you encrypt the data while it is in transit between two machines. The common points include between the browser and web server (typically using SSL) and between the web server and database server (Kerberos is the common one for Windows machines). The purpose is to prevent someone from eavesdropping on the wire.
The second is "at rest". This means the data should be encrypted while it is in the storage facility: namely SQL server. The purpose here is to prevent the data from being decrypted should a hacker obtain a copy of the database file. The easiest mechanism by far is to utilize SQL Servers built in encryption mechanisms.
Another option for "at rest" encryption that is sometimes employed is to have the web server encrypt the data prior to sending it to the SQL server. Generally speaking this is no more effective than simply allowing the database server handle the encryption/decryption itself. However it does have several drawbacks such as making it near impossible to query the data from SQL servers tools. Further the keys have a wider distribution as every application that needs to touch the data must have access to the keys in order to work. This can be somewhat limited by using a service layer on top of SQL server to handle data management.. but, again, this doesn't provide any more security than what you have right out of the box.
Upvotes: 1
Related Questions
- Restoring SQL Server Database - Master Key Not Opening
- SQL Server Migration and Encryption issue
- Sql Server can't see my certificate
- string value is lost after encryption
- Sql Server 2008R2 enterprise with data encryption - backup and restore
- How to Encrypt SQL Server 2008 Database
- SQL Server symmetric key is lost, how to decrypt the data?
- SQL 2008 Encryption Scan
- having problems trying to restore encrypted database
- SQl server 2008 permission and encryption