SQL Server Performance Forum – Threads Archive
High Security Level Needed – How to Approach?
Not sure if this is the right place for this post or not. I’m developing an application that has sensitive data stored in a few tables. There are also procedures and functions that contain sensitive calculations (this is related to salary information, etc). I need to figure out a security model that is restrictive to the point where not even DBAs can access the tables, procedures, or execute any code in this database. There are a small handful of individuals in the organization who should have access. I’ve never developed something with this level of security before and wanted to reach out here to see if anyone had any insight. I think there is a way to encrypt code relatively easily, right? As far as executing, how do you prevent sysadmins from executing procedures as well? Thanks!Hi,
AFAIK you can not prevent sysadmins, you may go for Encrypting data. Hemantgiri S. Goswami
MS SQL Server MVP
————————-
"Humans don’t have Caliber to PASS TIME , Time it self Pass or Fail Humans" – by Hemantgiri S. Goswami http://hemantgirisgoswami.blogspot.com
As Hemanth mentioned it is not possible to hide the data from sql server but you can do the auditing who is peeping into it…
And best approach would be data encrption which is fully supported in SQL 2005.
MohammedU.
Moderator
SQL-Server-Performance.com All postings are provided “AS IS†with no warranties for accuracy.
Aah, sounds like the typical HR dilemma. [<img src=’/community/emoticons/emotion-5.gif’ alt=’
![Wink ;) ;)](styles/default/xenforo/smilies/wink.png)
![Smile :) :)](styles/default/xenforo/smilies/smile.png)
]]>