Protect your SQL Server database from unauthorized access, modification and distribution! Hides schema!
 
Home    DbDefence Help - SQL Server Encryption Prev Next
About DBDefence
System Requirements
Installation
Configuration and Startup
DBDefence Configurator
Starting DBDefence
Database Encryption
Introduction
Encryption Tools
Exceptions
Database decryption
FIPS 140-2 Information
Database Access
Introduction
Using SQL commands
DBDefence Client DLL
Reporting Services Extension
Editing Database with SQL Studio
Service Broker Access
Backup, Distribution ...
Replication
Backup
Distribution
DBDefence SQL functions
dbd_listdb
dbb_on
dbd_reg_info
dbd_status
Sales questions
Purchase and support
Activation
Acknoledgements
DBDefence 2.4 Reference

Using SQL commands

DBDefence encrypts database and allows access only for authorized connections. By default and as it was primarily designed DBDefence allows access to CONNECTION which successfully executed command OPEN SYMMETRIC KEY DBDX DECRYPTION BY PASSWORD = ‘...’

3 restriction levels:

Single Connection

Access is allowed only for the connection which successfully executed OPEN SYMMETRIC KEY statement. In case of reconnection, you need to re-open the key again. This is the most secure way comparing with next two. You can explicitly call CLOSE SYMMETRIC KEY statement to close access. The key is closed automatically when connection is closed.

Host+Process

Access is allowed for all connections from host and process which successfully executed OPEN SYMMETRIC KEY statement. This is useful when your application consists of many DLLs which make their own connections to the database and you do not want to modify them. Also it can be used for web application. Important: For better security you need to isolate your application into separate process. This can be very easily done with IIS settings. When your application initialized, it connected to the database one and all other connections works usually. You do not need to change a line of code! To allow such access you need to get access to the database first and then call function:

exec dbd_unlock_for_host @proc=1

You need explicitly call

exec dbd_lock_for_host @proc=1

to close access. It is not closed automatically. Those two functions automatically created in the protected database.

Host

Access is allowed for all connections from host which successfully executed OPEN SYMMETRIC KEY statement. For better security we recommend to use it for debugging only. For example if you want to have temporary access from SQL Server Management Studio to edit the database. To allow such access you need to get access to the database first and then call function:

exec dbd_unlock_for_host @proc=0

You need explicitly

call exec dbd_lock_for_host @proc=0

to close access. It is not closed automatically. Those two functions automatically created in the protected database

support@dbdefence.com
Copyright Elitude Software, 2009-2010