Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
Author |
Topic |
kjbalvin
Starting Member
2 Posts |
Posted - 2010-01-28 : 23:54:33
|
Hi,I have been trying to find a way to encrypt stored Procedure in SQL Server. I have found that by using a Encrypt key word the procedure is encryptedIn Oracle we have a funciton called WRAP using which we can encrypt the Procedure locally and only the encrypted file needs to be deployed into Produciton Environment. where as in case of SQL, the whole file with the encrypted key word needs to be deployed for it to get encrypted. Is there any other way in SQL Server, jus as in Oracle, where we can get the encrypted the file first locally and then just deploy the encrypted file.Thanks in advance.With regards,Balvin. |
|
Kristen
Test
22859 Posts |
Posted - 2010-01-29 : 02:24:07
|
"Is there any other way in SQL Server, jus as in Oracle, where we can get the encrypted the file first locally and then just deploy the encrypted file"No. Also beware (unless it has improved in SQL 2008) that the Encryption is very weak, so if your objective is to prevent casual viewing of your SProcs that's fine, if you want to totally protect your know-how and prevent it being stolen then that won't work (unless, as I said, it has improved in SQL 2008) |
|
|
kjbalvin
Starting Member
2 Posts |
Posted - 2010-01-29 : 02:49:57
|
Thanks Kristen,Does this mean that there is no way of Securing our Stored Proc in SQL Server?Is there any other way by which encryption or Protection of Stored Proc be done in SQL Server?Regards,Balvin. |
|
|
Kristen
Test
22859 Posts |
Posted - 2010-01-29 : 04:38:25
|
If you mean that no one can reverse engineer your code? then I am not aware of anything (unless something added in SQL 2008).We secure our code by the licence agreement ... most of our clients require source code in escrow anyway, all their support would be invalidated if they breached the licence terms, unless we do a really piss-poor job I don't think they would want that!And nowadays, with web based solutions, we are hosting most of the kit that our databases run on, so client's can't get to them anyway. |
|
|
|
|
|
|
|