An application uses a database table having proprietary information. We do not want our customer to be able to look at that.
This being a real-time application, performance can not be sacrificed. What is the best way to keep the table data non-viewable without sacrificing the performance?
The easiest way to do this without sacrificing performance is to use permissions and deny select or view permissions on the table in question. Create a special group and only grant that one group access to the table.
This, of course, only protects against an online attack (i.e. the server is running). To protect your database against an offline attack (i.e. someone steals your hard drive), you will need to use some form of encryption. Unfortunately, this does require a performance hit. Depending on how you structure your data, this could be either very large or pretty minor.
If your customer is a database admin, the only way to secure against this would be to use encryption.
Sung
|||I think Rajeev is looking for some DRM type of solution, in which case this has already been discussed on threads like http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=52094&SiteID=1.
Thanks
Laurentiu
No comments:
Post a Comment