Protecting Proprietary SQL code

Question

Post reply

Protecting Proprietary SQL code

Viewing 6 posts - 46 through 50 (of 50 total)

You must be logged in to reply to this topic. Login to reply

Ken Klaft SSC Veteran Points: 225 More actions · Answer 1

Ken Klaft

SSC Veteran

Points: 225

March 10, 2003 at 8:44 am

#450690

Brendon:

To achieve the level of security you are looking for, I think you would need to run [your software] on [your server] at [your site], and have your clients email you requests. You could reply with reports or screenshots.

Anything less (aka releasing the software to the public) is a security risk.

David Wyche Newbie Points: 6 More actions · Answer 2

David Wyche

Newbie

Points: 6

March 13, 2003 at 6:58 am

#450981

very interesting thread...

nobody's mentioned xp's yet.

i've never used them so i don't really know, but it seems to me that your proprietary logic might be embedded into an extended stored procedure and thereby obfuscated the same as in the middle tier.

David.Poole SSC Guru Points: 75656 More actions · Answer 3

I would love to see a good article/book on xp's.

There is a good example on this site to read an external text file. Note that it uses SQL2000 libraries!

I've a feeling that using xp's in this case would be going around the sun to meet the moon because you would effectively be submitting dynamic SQL to be run by the server.

I would imagine that this would have a performance hit similar to having your app running dynamic SQL within its exe/dll, although xp's run in the same memory space as SQL itself.

Also, you need good C++ skills to write xp's. I don't think you can write them using VB.

LinkedIn Profile

tcartwright SSCertifiable Points: 5573 More actions · Answer 4

Ken Klaft mentioned xp's on page 2 of this monster post. And yes you can NOT do xp's in VB. AFAIK

C++

is the only weapon of choice. Yo might be able to use Delphi, but I have never seen an example. The reason you can not do it in VB is because the dll that is used for XP's is a win32 dll. You can't do those in VB. Well there is a 3rd party software package out there that DOES let you do it, have used their other products, but not this one, so I can not recommend it. (http://www.desaware.com/ExportedFunctionsL3.htm)

Heres a good article that takes you a bit betond the xp_hello in SQL BOL :

http://www.devarticles.com/art/1/74

How about writing your own .DLL and calling a set of extended stored procedures? Any of you guys have any comments on that?

[/quote

Tim C.

//Will write code for food

Tim C //Will code for food

omen SSC Enthusiast Points: 198 More actions · Answer 5

omen

SSC Enthusiast

Points: 198

March 13, 2003 at 1:22 pm

#451042

For those interested in writing extended stored procedures the easy way, see: http://www.bramc.ru/soft/xproc.html. I havent used it personally but it allows the creation of extended stored procedures in Delphi

Gabor Nyul SSCrazy Eights Points: 9459 More actions · Answer 6

Gabor Nyul

SSCrazy Eights

Points: 9459

March 14, 2003 at 9:27 am

#451128

Yes I did mention the xp so 13 thread ahead .

I've just called it a DLL because an xp is in fact a dll which has to be registered by

sp_addextendedproc. Like: sp_addextendedproc 'xp_hello', 'xp_hello.dll'

Bye
Gabor