I'm new to SQL Sever Express and wondering about using it for a desktop app.
I have a web server and SQL2005 with some web apps, and I'm thinking about
making desktop versions of some.
But, I want to protect the db structure and the way everything hangs
together. Assuming I can make a SQL Express version of the 2005 db, can I
combine that with something like a Flash front end and distribute it to
desktops without risking nosy people looking into what make them tick?
What would be great would be encryption of the db, and some lock to prevent
people from opening it in Enterprise mgr/SQL mgr.
CS
hi,
catsailor wrote:
> I'm new to SQL Sever Express and wondering about using it for a
> desktop app. I have a web server and SQL2005 with some web apps, and
> I'm thinking about making desktop versions of some.
> But, I want to protect the db structure and the way everything hangs
> together. Assuming I can make a SQL Express version of the 2005 db,
> can I combine that with something like a Flash front end and
> distribute it to desktops without risking nosy people looking into
> what make them tick?
> What would be great would be encryption of the db, and some lock to
> prevent people from opening it in Enterprise mgr/SQL mgr.
> CS
http://msdn.microsoft.com/library/de...xpuserinst.asp
http://msdn.microsoft.com/library/de...LExCustApp.asp
as regards encrition, you can use the native features provided by SQL Server
2005 it self, as indicated in
http://msdn.microsoft.com/msdnmag/is...s/default.aspx
http://msdn2.microsoft.com/en-us/library/ms189586.aspx
Andrea Montanari (Microsoft MVP - SQL Server)
http://www.asql.biz/DbaMgr.shtmhttp://italy.mvps.org
DbaMgr2k ver 0.18.0 - DbaMgr ver 0.62.0
(my vb6+sql-dmo little try to provide MS MSDE 1.0 and MSDE 2000 a visual
interface)
-- remove DMO to reply
|||Thanks very much for the articles. I have read through them quickly and see
that I may be able to embed an SQL Express db in my app, and I can encrypt
the data.
But, if a user had Admin privileges and SQL Server Management Studio,
couldn't she still open the SQL Express db and see the structure? Is there
any way to prevent anyone but me from opening the db at all, even if they
are sa?
CS
"Andrea Montanari" <andrea.sqlDMO@.virgilio.it> wrote in message
news:47q45jFgufr7U1@.individual.net...
> hi,
> catsailor wrote:
> http://msdn.microsoft.com/library/de...xpuserinst.asp
> http://msdn.microsoft.com/library/de...LExCustApp.asp
> as regards encrition, you can use the native features provided by SQL
> Server 2005 it self, as indicated in
> http://msdn.microsoft.com/msdnmag/is...s/default.aspx
> http://msdn2.microsoft.com/en-us/library/ms189586.aspx
> --
> Andrea Montanari (Microsoft MVP - SQL Server)
> http://www.asql.biz/DbaMgr.shtmhttp://italy.mvps.org
> DbaMgr2k ver 0.18.0 - DbaMgr ver 0.62.0
> (my vb6+sql-dmo little try to provide MS MSDE 1.0 and MSDE 2000 a visual
> interface)
> -- remove DMO to reply
>
|||hi,
catsailor wrote:
> Thanks very much for the articles. I have read through them quickly
> and see that I may be able to embed an SQL Express db in my app, and
> I can encrypt the data.
> But, if a user had Admin privileges and SQL Server Management Studio,
> couldn't she still open the SQL Express db and see the structure? Is
> there any way to prevent anyone but me from opening the db at all,
> even if they are sa?
the encription protection available in SQL Server 2005 is for data only...
at the schema level you can prevent, via GRANT/DENY statement permissions on
"VIEW DEFINITION" at the objects level as at the schema level it self,
http://msdn2.microsoft.com/en-us/library/ms176128(SQL.90).aspx , but a
sysadmin member can not be cut off...
you say:
>Is
> there any way to prevent anyone but me from opening the db at all,
> even if they are sa?
but ... "who are you?"... when you distribute a database to end users they
will not care about "you"... their system will care about their
acconts/logins... or better.. their principals
(http://msdn2.microsoft.com/en-us/library/ms181127(SQL.90).aspx)... and you
will not be enlisted there at all..
Andrea Montanari (Microsoft MVP - SQL Server)
http://www.asql.biz/DbaMgr.shtmhttp://italy.mvps.org
DbaMgr2k ver 0.18.0 - DbaMgr ver 0.62.0
(my vb6+sql-dmo little try to provide MS MSDE 1.0 and MSDE 2000 a visual
interface)
-- remove DMO to reply
|||I think if you carry this through to it's logical conclusion you won't want
to totally block access. If you did, that would mean you would be
responsible for all backup and restore, maintenance, patching, upgrading,
etc. If the customer had a SQL Server problem, you would have to fix it
because CSS wouldn't be able to access their database to fix it. Are you
really willing to sign up for that?
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"catsailor" <hullflyer at gmail.com> wrote in message
news:e27f3$441833a9$48f535c4$29530@.msgid.meganewss ervers.com...
> Thanks very much for the articles. I have read through them quickly and
> see that I may be able to embed an SQL Express db in my app, and I can
> encrypt the data.
> But, if a user had Admin privileges and SQL Server Management Studio,
> couldn't she still open the SQL Express db and see the structure? Is
> there any way to prevent anyone but me from opening the db at all, even if
> they are sa?
> CS
> "Andrea Montanari" <andrea.sqlDMO@.virgilio.it> wrote in message
> news:47q45jFgufr7U1@.individual.net...
>
|||yeppers, that would be part of the deal.
CS
"Roger Wolter[MSFT]" <rwolter@.online.microsoft.com> wrote in message
news:OfVy9NGSGHA.4944@.TK2MSFTNGP10.phx.gbl...
>I think if you carry this through to it's logical conclusion you won't want
>to totally block access. If you did, that would mean you would be
>responsible for all backup and restore, maintenance, patching, upgrading,
>etc. If the customer had a SQL Server problem, you would have to fix it
>because CSS wouldn't be able to access their database to fix it. Are you
>really willing to sign up for that?
> --
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
> Use of included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
> "catsailor" <hullflyer at gmail.com> wrote in message
> news:e27f3$441833a9$48f535c4$29530@.msgid.meganewss ervers.com...
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment