加密SQL Server 2005
[英]Encryption SQL Server 2005
问题描述
I have a SQL Server 2005 Database and I am planning to encrypt some of my columns using PassByPhrase. 
我有一个SQL Server 2005数据库,并计划使用PassByPhrase加密某些列。 But these columns have to be displayed in the original form on my ASP.Net web pages and on some Crystal Reports. 但是这些列必须以原始形式显示在我的ASP.Net网页和某些Crystal Reports上。 Now I know that I will have to create a Stored Procedure to decrypt the columns and run this stored procedure every time my classes (which display the data) hit the database. 现在我知道,每次我的类(显示数据)访问数据库时,我都必须创建一个存储过程来解密列并运行此存储过程。 But if I store my passphrase in some stored procedure, then anybody who has access to the database can open the stored procedure and get the value of the pass phrase. 但是,如果我将密码短语存储在某个存储过程中,那么任何有权访问数据库的人都可以打开该存储过程并获取密码短语的值。 Then what's the point of encryption? 那加密的重点是什么?
So my questions are: 所以我的问题是:
How would I display my Encrypted columns(in their original form) on a ASP webpage or a Crystal Report?
如何在ASP网页或Crystal Report上显示加密的列(以其原始形式)? How should I store my Passphrase?
我应该如何保存密码?
1 个解决方案
解决方案1
1 已采纳 2013-09-17 18:32:26
There is no magic bullet. 没有魔术子弹。 the problem you see is always there when a service has to access data on an user behalf. 当服务必须代表用户访问数据时,您始终会看到您遇到的问题。 Encryption is not a substitute for access protection. 加密不能替代访问保护。 If you need to display encrypted data then you must present the decryption key. 如果需要显示加密的数据,则必须出示解密密钥。 There are only two possibilities: 只有两种可能性:
- you ask the user for the password. 您要求用户输入密码。 The user enters the password (in web, or in crystal) and then you use the password to decrypt data. 用户输入密码(在Web或Crystal中),然后使用该密码解密数据。 this works perfectly if the user wants to protect the data against you . 如果用户想要保护数据免受您的侵害, 这将非常有效 。 Data is protected cryptographycally, even users that do have read access to the data still cannot decrypt the data w/o knowing the password. 数据受到密码学的保护,即使对数据具有读取访问权限的用户仍然无法在不知道密码的情况下解密数据。 Is also basically impossible to implement in practice. 在实践中也基本上不可能实现。
- you store the encryption key in a key hierarchy (symmetric key->certificate->master key->service master key) ultimately rooted in the service master key, therefore in the OS DPAPI. 您将加密密钥存储在最终植根于服务主密钥(因此位于OS DPAPI)中的密钥层次结构(对称密钥->证书->主密钥->服务主密钥)中。 See Encryption Hierarchy . 请参阅加密层次结构 。 This gives access to decryption key to the SQL Server service itself and therefore any user with access to the server can decrypt the data by simply asking the server to decrypt it for him. 这样就可以访问SQL Server服务本身的解密密钥,因此, 任何有权访问服务器的用户都可以通过简单地要求服务器为他解密数据来解密数据。 While on the server, the data is protected only by access protection (grant/deny/revoke SELECT permissions). 在服务器上时,数据仅受访问保护(授予/拒绝/撤消SELECT权限)保护。 However the data is protected against accidental media loss, which is often the true requirement anyway. 但是, 可以保护数据免受意外媒体丢失的影响,无论如何这通常是真正的要求。 This is often used as a poor man solution when licensing does not allow for TDE . 当许可不允许TDE时,这通常用作穷人解决方案。
That's all there is. 这就是全部。 Anything else is either a variation on the encryption hierarchy theme (eg. storing passwords in ASP.Net config files under protected sections) or plain old snake oil (like embedding passwords in app code). 其他任何事情都不是加密层次结构主题的变体(例如,将密码存储在ASP.Net配置文件中受保护的部分下),还是普通的老蛇油(例如在应用程序代码中嵌入密码)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.