SQL Server 2008加密-问题... [英] SQL Server 2008 Encryption - question...

问题描述

嗨
我们已经实现了一个带有SQL Server后端数据库的网站.我们在数据库中使用了对称列加密.存储过程在进行任何读或写操作之前先打开和关闭密钥.
所有这些的确确实很好用，我们可以看到所有数据都经过了精美的加密.

我真的对一般加密有一个一般性问题.
如果有人通过登录Windows来访问服务器(不必说我们已经锁定并进行了防火墙保护！)，那么他们可以打开SQL Server Studio并根据我们的存储过程简单地发出查询，并且-瞧-他们拥有-加密的数据.

有没有更好的方法进行列级加密，或者有更标准的方法来避免所描述的情况?这样密钥就不会存储在数据库本身中吗?也许以某种方式从加密的混淆过的asp.net .dll的字符串中传递密钥.

有没有我尚未发现的标准?我不想走一条特定的路线来发现一种更简单的方法，或者新的方法存在漏洞...

非常感谢您的宝贵时间

朱利安

Hi
We have implemented a web site with a SQL server backend database. We have used symmetric column encryption in the database. The stored procedures open and close the key prior to any read or write.
All this works very well indeed, and we can see that all the data is beautifully encrypted.

I have a general question about the encryption in general really.
If someone gains access to the server via logging in to windows (needless to say we have everything locked down and firewalled up!) they can then open SQL Server Studio and simply issue queries based on our stored procedures and - voila - they have the un-encrypted data.

Is there an even better way of doing column level encryption or a more standard way to avoid the scenario described? So that the key is not stored within the DB itself? Somehow passing the key in from a string encrypted obfuscated asp.net .dll perhaps.

Is there a standard that I haven''t discovered yet? I didn''t want to go down a certain route to discover there''s an easier way, or the new way has a hole in it...

Many thanks for your time

Julian

推荐答案

现实是，数据库越安全，性能就越差.数据库中需要一定级别的安全性，我想您已经拥有了.如果您的想法是在有人可以拿起您的存储设备的情况下保护数据，那么您的解决方案就可以很好地工作.如果有人可以以某种方式侵入您的服务器并登录到SQL控制台，那么他们可以看到"您的数据，那么您就无能为力了.即使您设置了通过加密接口访问方案的方案，他们仍然可以通过其他方式删除数据或破坏数据库(因为它们已经在控制台中).我还没有听说过100％安全，可靠和可靠的方案.让我知道你是否遇到过.

The hard reality is that the more secure you make your database, the less performant it becomes. There''s a certain level of security required in database and I think you have it. If the idea is to protect data if someone can get hold of your storage devices, then your solutions works perfectly well. If someone can somehow hack into your server and login to a SQL console, then they can ''see'' your data, there''s not much you can do about it. Even if you setup a scheme to access it via an encrypted interface, they can still delete the data or sabotage the database in other ways (since they''re already in the console). I haven''t heard of a scheme that is 100% safe, secure and reliable. Let me know if you come across one.

这篇关于SQL Server 2008加密-问题...的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！