Protect your SQL Server database from unauthorized access, modification and distribution! Hides schema!
 
Home    DbDefence Help - SQL Server Encryption Prev Next
About DBDefence
System Requirements
Installation
Configuration and Startup
DBDefence Configurator
Starting DBDefence
Database Encryption
Introduction
Encryption Tools
Exceptions
Database decryption
FIPS 140-2 Information
Database Access
Introduction
Using SQL commands
DBDefence Client DLL
Reporting Services Extension
Editing Database with SQL Studio
Service Broker Access
Backup, Distribution ...
Replication
Backup
Distribution
DBDefence SQL functions
dbd_listdb
dbb_on
dbd_reg_info
dbd_status
Sales questions
Purchase and support
Activation
Acknoledgements
DBDefence 2.4 Reference

DBDefence v2

What is this ?

DBDefence is an Easy-to-use, affordable, and effective security solution for encrypting complete databases and protecting it's schema within the MS SQL Server. It allows database administrators and developers to encrypt databases completely. DBDefence uses a server side encryption to allow you to encrypt and decrypt data without having to change your applications in any way.

DBDefence is the program designed exclusively for SQL Servers. DBDefence prevents access to the database tables completely until a specific SQL statement containing the password is run. Even DBA can't access tables or execute procedures. Each application which wants to access the database must execute the special statement with the correct password at least once once for the session to access the database. After the application has supplied the correct password everything is accessible as normal.

Features

Effectively encrypts entire database, log and backup files

Existing 3rd party encryption solutions for SQL Server use extended procedures to call functions in DLLs. The call to external processes for SQL Server 2005 uses a lot of system resources. Additionally, any such procedures can't handle large binary types. Our solution uses a completely different approach. You do not need to call UDFs to encrypt values. Instead SQL Server encrypts all information in the protected database. It does not matter which type or what table. It also does not matter if it is data or a stored procedure.

Works transparently

DBDefence does not use UDFs for encryption. As a result, you do not need to wrap any fields into UDF calls. Everything in the database encrypted automatically. To unlock access to the database you need to execute one SQL statement with the correct password.

FIPS 140-2 Validated encryption

DBDefence is built using OpenSSL FIPS 140-2 validated module. Read more.

Hides schema of the database!

DBDefence completely protects system tables as well so you can't access database or even browse it's catalog. It is also possible to encrypt databases for 3rd party applications too. For example,
You have a 3rd party application and you do not have the source code or can't insert the unlocking SQL statement. In this case it is possible to intercept the database connection. After successful login to the protected database the whole application works as per normal. We are also interested in exploring the market better.

Passwords not traceable with the profiler

Currently, calls to any extended procedures of 3rd party encryption solutions can be traced with the Profiler and an Administrator can catch the password easily. DBDefence uses an OPEN MASTER KEY statement which is not displayed by the Profiler.

Supported Platforms

DBDefence currently supports SQL SQL Server 2005 and SQL Express on X86 and X64 Platforms on all Windows OS.

Easy integration into existing projects.

To install DBDefence on the client side you need to copy dbdefence.dll, set one key in the registry and run very short SQL script on the target SQL Server. These easy steps can be done from any of the main installer systems. Secure database distribution You can create the database, protect it and include in your installer. In the installer, you install DBDefence and attach protected database with a single CREATE DATABASE .. FOR ATTACH statement. Database schema and data are never exposed to DBA.

Affordable prices

There is no need to buy a license for each and every client application. Once you have bought One Redistribution license you may install DBDefence with your application for all your clients.

support@dbdefence.com
Copyright Elitude Software, 2009-2010