SQL Server 2005中数据库加密的最佳实践 [英] Best Practice for Database Encryption in SQL Server 2005
问题描述
我需要开发一个将数据存储在SQL Server 2005数据库中的应用程序(应用程序本身将是WCF服务或Asp.Net Web服务)。
I need to develop an application which stores data in a SQL Server 2005 database (the app itself will be either a WCF Service or an Asp.Net Web Service).
现在,这些数据是非常保密的,我需要以数据库中的加密形式存储。
Now, this data is supremely confidential, and I need to have it stored in an encrypted form in the database.
所以,我想知道最好的做法是什么围绕这一点。我知道SQL Server内置了一些加密功能。有没有为这个资源的虚拟类型,以便我可以快速地去。
So, I am wondering what the best practices are around this. I know that there is some encryption capabilities that SQL Server has in-built. Is there a 'for dummies' type of resource for this so that I can quickly get going.
或者,我在想我可以加密/解密我的C#代码和不在数据库中 - 可能有一个处理数据访问层上方的层(这是一个好主意)?
Alternatively I was thinking that I could encrypt/decrypt in my C# code and not in the database - maybe have a layer which handles this just above the data access layer (is that a good idea)?
推荐答案
查看此链接用于样本的良好介绍。
Look at this link for a good introduction with samples.
我认为在应用程序中进行数据加密更好,因为在这种情况下传输的数据已被加密。否则你必须在应用程序和数据库服务器之间使用一个安全的渠道。
I think doing the data encryption in the application is better, because in that case the transferred data is already encrypted. Otherwise you have to use a secure channel between your app and the database server.
这取决于你的需要,我会说。
It depends on your needs, i would say.
这篇关于SQL Server 2005中数据库加密的最佳实践的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!