August 2, 2005 at 11:52 pm
I plan to use an MSDE (or Sql Server Express) database in my single-user
application. My problem is that the mdf file will be accessible (at least
readonly) to anyone using the application. How can I be sure that the user
cann't copy the mdf file and attach it to another server and view all the
information he wants to?
August 3, 2005 at 7:41 am
Nitin, could you please explain the issue in detail.
If you do not want others to have access to your database, remove the database access to those logins and they will not be able to access your database.
August 3, 2005 at 11:15 pm
I plan to use an MSDE (or Sql Server Express) database in my single-user
application. My problem is that the mdf file will be accessible (at least
readonly) to anyone using the application. How can I be sure that the user
cann't copy the mdf file and attach it to another server and view all the
information he wants to?
Also tell me how can i Encrypt Database in SQL server 2000 & MSDE2000.
Thanks
August 4, 2005 at 5:14 am
You need to protect MDF files using the NTFS Secutiry. Grant access rights on the SQL Server Data Folder to the SQL Server Startup Account only and Remove access rights to all other users. Application users / any other SQL Server users do not require access to the Data Files / Log files.
Protect your Backups with Password
Create a Login for your Application and grant only necessary rights to this login and make your application to use this login to connect to the SQL Server. Application Users can be validated by the Application and may not be granted access to SQL Server
use With Encryption option while defining Stored Procs, Views, Triggeres to avoid others from viewing your TSQL Code
Hope this helps
M.S. Reddy
August 4, 2005 at 11:22 am
Here's some useful information:
http://www.sql-server-performance.com/ck_database_encryption.asp
Unfortunately, physical access will trump this protection method. As long as I can log in as the same user that runs the SQL service, I can detach and copy the MDF. I think....
August 5, 2005 at 3:42 am
As long as the SQL Server is running, no body can copy the files, even if I login with the SQL Server Startup account. If the SQL Server is stopped, one logged in with the SQL Server startup account can decrypt and copy the files to a non encrypted location.
we can remove the "Login Locally" right to the SQL Server startup account, so that no one can login to the server and protect the files to certain extent.
They should strictly control the password of this account.
August 17, 2005 at 7:58 am
U can try whatever u want!
Reboot the system from DOS. Use NTFS Reader and copy the MDF to a FAT32. NTFS Encryption and all possible login protection will automatically be removed!
Solution: Use a different DBMS...
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply