to customers. We add users to a user table to allow
access to the web application only. How can I protect the
database with a secret password that only we know and the
customer can only access the data and use the database
but cannot get to the database using EM or Query Analyser
unless he knwos the password.
Help is appreciated.
I am new to all this so if some one could please guide me
to the right direction.
Thansk a lot.If they own the server and are sa then you can't. sa can see or do
everything on the server.
Andrew J. Kelly
SQL Server MVP
"HP" <anonymous@.discussions.microsoft.com> wrote in message
news:a26901c3eb2c$e9d5d7e0$a601280a@.phx.gbl...
quote:|||We are the sa. We give to the customer MSDE with an added
> We have a database that we distribute for our application
> to customers. We add users to a user table to allow
> access to the web application only. How can I protect the
> database with a secret password that only we know and the
> customer can only access the data and use the database
> but cannot get to the database using EM or Query Analyser
> unless he knwos the password.
> Help is appreciated.
> I am new to all this so if some one could please guide me
> to the right direction.
> Thansk a lot.
user in the user table which will let them get to the
application if a valid user.
If they plan on buying sql server on thir own and putting
in our database is their a way we can stop them from
reading the database and egtting to its structure by
password protecting the database on the msde or by
encrypting the database.
quote:
>--Original Message--
>If they own the server and are sa then you can't. sa
can see or do
quote:
>everything on the server.
>--
>Andrew J. Kelly
>SQL Server MVP
>
>"HP" <anonymous@.discussions.microsoft.com> wrote in
message
quote:|||By default there is a local NT admin account that is also sa. If they log
>news:a26901c3eb2c$e9d5d7e0$a601280a@.phx.gbl...
application[QUOTE]
the[QUOTE]
the[QUOTE]
Analyser[QUOTE]
me[QUOTE]
>
>.
>
on to their box as the local admin they are essentially sa. You can remove
that account but that won't really stop someone from getting at it if they
want and have rights to the physical machine. The real answer here has
always been to make sure you have a good copywrite, NDA etc to cover this
area. There are some 3rd party tools to encrypt the db but it can be a real
hassle and in the long run I am not sure how effective it is. Take a look
on google for past posts regarding encryption and sql server for more
details.
Andrew J. Kelly
SQL Server MVP
<anonymous@.discussions.microsoft.com> wrote in message
news:a63401c3eb5b$e253f450$a601280a@.phx.gbl...[QUOTE]
> We are the sa. We give to the customer MSDE with an added
> user in the user table which will let them get to the
> application if a valid user.
> If they plan on buying sql server on thir own and putting
> in our database is their a way we can stop them from
> reading the database and egtting to its structure by
> password protecting the database on the msde or by
> encrypting the database.
>
> can see or do
> message
> application
> the
> the
> Analyser
> me|||It is a serious weakness in MSSQL. There is no answer as far as we know.
"Andrew J. Kelly" <sqlmvpnooospam@.shadhawk.com> wrote in message
news:u25zg#16DHA.2472@.TK2MSFTNGP10.phx.gbl...
> By default there is a local NT admin account that is also sa. If they log
> on to their box as the local admin they are essentially sa. You can
remove
> that account but that won't really stop someone from getting at it if they
> want and have rights to the physical machine. The real answer here has
> always been to make sure you have a good copywrite, NDA etc to cover this
> area. There are some 3rd party tools to encrypt the db but it can be a
real
> hassle and in the long run I am not sure how effective it is. Take a look
> on google for past posts regarding encryption and sql server for more
> details.
> --
> Andrew J. Kelly
> SQL Server MVP
>
> <anonymous@.discussions.microsoft.com> wrote in message
> news:a63401c3eb5b$e253f450$a601280a@.phx.gbl...
>
No comments:
Post a Comment