简体繁体 English

如何检测到SQL Server数据库已还原

[英]How to detect a SQL Server database has been restored

原文 2013-02-02 10:14:01 1 2 sql-server/ database/ backup/ restore

Is there anything unique to a SQL Server database instance which makes it possible to detect it has been restored. SQL Server数据库实例是否具有唯一的东西，可以检测到它是否已还原。 If a client is using a database and decides to restore and run another copy of the same database on a different server - is there a way to tell the difference between the two with a t-sql query? 如果客户端正在使用数据库，并决定在另一台服务器上还原并运行同一数据库的另一个副本-是否可以通过t-sql查询来区分两者之间的区别？

2 个解决方案

There are several ways to identify a database as a restore/copy of another database: 有几种方法可以将一个数据库标识为另一个数据库的还原/副本：

service_broker_guid is usually the easiest way. service_broker_guid通常是最简单的方法。 It is generated when the database was created and is preserved during restore/attach operations. 它是在创建数据库时生成的，并在还原/附加操作期间保留。 It can be changed explicitly using ALTER DATABASE ... SET NEW_BROKER; 可以使用ALTER DATABASE ... SET NEW_BROKER;显式ALTER DATABASE ... SET NEW_BROKER; so different GUIDs do not necessarily imply different DBs. 因此，不同的GUID不一定表示不同的DB。 But identical GUIDs imply a common origin of the databases. 但是，相同的GUID暗示着数据库的共同起源。
dbi_familyGUID is an undocumented boot page field that is preserved on restore. dbi_familyGUID是还原时保留的未记录的启动页字段。
the recovery path and recovery fork LSNs are documented and can be used to identify a common origin, but they diverge fast and a database that was restored even recently will soon lose trace of a common origin with another db by simply using the fork LSNs. 恢复路径和恢复分支LSN都有文档记录，可用于标识一个共同的起源，但是它们之间的差异很快，即使是最近恢复的数据库，只要使用分支LSN即可很快失去与另一个数据库的共同起源的踪迹。
encrypted databases ( TDE can easily be identified through the page nonce (undocumented method, requires expert knowledge) as long as the encryption key is not changed (ie. no total re-encryption is not forced, losing all nonces). 只要不更改加密密钥（即不强行进行完全重新加密，就不会丢失所有随机数），就可以通过页面随机数（未记录的方法，需要专业知识）轻松地识别加密的数据库（ TDE可以很容易地识别出来。
application layer methods can use code signing: generate a key pair, sign a dummy module, drop the private key. 应用程序层方法可以使用代码签名：生成密钥对，对虚拟模块进行签名，删除私钥。 Since the signature can never be re-generated (private key was dropped forever) a copy of the database cannot hide its origin w/o dropping the signature, which is obviously tamper evident . 由于永远无法重新生成签名（永久删除了私钥），因此数据库副本无法隐藏其源头而不会删除签名，这显然是显而易见的。

As you see there are several ways, varying in level of expertise required and in the degree of tampering evidence they provide. 如您所见，有几种方法，所需的专业知识水平和提供的篡改证据的程度各不相同。 It boils down to your requirements and real use case. 它归结为您的要求和实际用例。 Ultimately, remember that SQL Server is not a DRM product. 最终，请记住，SQL Server 不是 DRM产品。 If you have some code/design which you believe is invaluable and must be protected then you should provide the application as a hosted service so that this perceived IP never leaves your physically controlled environment. 如果您认为某些代码/设计非常宝贵且必须受到保护，则应将应用程序作为托管服务提供，以使该感知IP永远不会离开您的物理控制环境。

Database developers and administrators often use GUIDs as primary keys for database tables to ensure uniqueness between databases. 数据库开发人员和管理员经常使用GUID作为数据库表的主键，以确保数据库之间的唯一性。 This material in about comparing GUIDs: http://msdn.microsoft.com/en-us/library/ms254976.aspx 有关比较GUID的材料： http : //msdn.microsoft.com/zh-cn/library/ms254976.aspx