Reputation: 587
Entity Framework with Sql Server Column Level Encryption
I have a requirement to encrypt a number of database columns (in Sql Server 2012). It has been decided that we should use column level encryption (implemented in sql server). On the application side i will be building a web api on top of some complex domain models. I really want to utilize Entity Framework's code first approach, to maintain a clean domain model). Does anyone have a workable solution here that does not involve resorting back to stored procedures? Ideally I would like to somehow manipulate the sql generated by entity framework to wrap certain fields to do the sql encryption / decryption functions.
Ideally , something like:
modelBuilder.Entity<MyTable>().ToTable("Table1").Property(p => p.SensativeData).encrypt("keyName",authenticatorFunc);
Upvotes: 17
Views: 21700
Answers (2)
Reputation: 13722
Crypteron has a free Entity Framework adapter, CipherDb, that can work with any SQL Server. In fact, Crypteron CipherDb works with any Entity Framework compatible database - even MySQL, PostGreSQL and more.
You can annotate the data model with [Secure] or name a property to something like Secure_SocialSecurityNumber (the Secure_ is the key part) and CipherDb automatically performs data encryption, tamper protection, secure key storage, secure key distribution, caching, key roll overs, ACLs and more. You can also use Crypteron to protect streams, files, objects, message queues, noSQL etc.
You can find the sample apps on GitHub at https://github.com/crypteron/crypteron-sample-apps
Disclaimer: I work there and we do have a free community edition which anyone can use.
Upvotes: 3
Reputation: 2719
In SQL Server 2012, column level encryption can be done mainly in two ways ie,
- Defining Custom Encryption function in Entity framework. this blog
- SQL Cell Level Encryption implementation done in entity framework in dbcontext Class (execute open symmetric key code here) using this blog and using stored procedure (which contain decryption code for specified field in tables ) retrieve result sets.
In SQL server 2016 there is new feature ie, Always encrypted and has its implementation in entity framework here.
Upvotes: 11
Related Questions
- Data Encryption in Data Layer with ASP.NET Core Entity Framework
- Column encryption in ASP MVC app with SQL Server 2016 using .net Core / EF Core
- EF Core Decryption of SQL Column Level Encryption
- Encrypted columns with Entity Framework
- Encrypt/Decrypt column in sql server using entity framework
- SQL Server Consistent Column Encryption
- SQL Server 2008 R2 Encryption - with Entity Framework
- Entity Framework and Encrypted Database
- SQL column encryption
- Encryption of a field's value in a Linq-to-Sql Entity