We have migrated a CRM Database from SQLServer 2000 to SQLServer 2005.
Database contains very sensitive data about customer in text format (Datatype varchar(20)) how can i encrypt the same without any change in the table design.
We like to secure datas. Only a few people are autorized to read this information, but today, these informations are readable with a simple query with a query analyzer for exemple.
I'd like to encrypt datas with reversible function in one field of a table
Is there a function able to do this kind of work in SQLServer V7 or 2000 ?
Hi folks, I'm trying to encrypt a small token of data on my client c# application and have it decrypted by SQL on the server side, the problem is i cannot find articles on the subject. I don;t really want to get involved with certificates but base the system on a simple symmetric key that is shared by both parties.
I'm attempting to use the TRIPLE_DES algorithm on both sides and thus far have used the decryptbypassphrase on the server side with the data encrypted on the client side by .Net with no initialization vector setup.
If anyone can recommend any articles or have example (client and server side) code for this situation it would be greatly appreciated.
Does anyone know what my .net app guys need to share with me if encryption was done in the .net app but decryption needs to occur in certain sql queries? I read about master keys, certificates, symmeteric keys, algorithms etc but dont know how that stuff would carry over from the framework into sql. All I know is that the algorithm is AES_256, they must be adding authentication to the encryption and i know the hash algorithm, and symmetric keys are involved. Will they be sharing certain kinds of files with me that need to be registered in the db? Will I have to use CLR if I want the two worlds to come together?
hi, in my login form i have the password field.so i am sending password to my database table but while sending password has to be encrypted and while returning it has to be decrypted,is it possible to do in database if means please show me some example please
I can sucessfully encrypt/ decrypt 1 column, but Im under the impression there is also a way to encrypt the data being sent over the network by using a certificate? I can find lots of info, but no starting point or clear cut instructions. Could someone please assist?
Using symmetric keys and certificates in SQL2005, can one assign users permission to only decrypt or encrypt data?
Reason would be say data capturer and data reader type roles. I tried to create some with the GRANT CONTROL and GRANT VIEW for certificates and definitions on Symmetric keys, but havent been to successfull.
Would be great if someone here can offer some advise on it, and if it's possible using SQL rights.
I've got a field I'm trying to convert into a date format as it currently sits as a text field. The date setup is of the format DD/MM/YYYY. Some of the fields are NULL, however for the sake of filling in gaps I've just set the nulls to '01-01-1905'.
I've tried to use CAST to change the data into a readable format for SQL Server however I tend to get one of two messages:
Conversion failed when converting date and/or time from character string.
I want the users of my site to be able to write a couple of paragraphs, save it to SQL Server and then have it read back and look the same. I don't want the users to be able to add any html to the text they submit. I just want them to be able to seperate or indent their paragraphs.
At one point, I had a textbox that saved text to the server and read it back the same way it was originally inputed. However, I can't figure our what I had done to make it work.
Hi. Im new to SQL and I need to export a SQL table as a comma delimited text file which is straight forward. However two of the fields are integers and I need these to be right justified with zero's. In Access I would use something like format(columnname, "00000000") to get it to work, but SQL Server doesn't like this. How can I do this?
Hi... I want to encrypt data using a symmetric key + certificate, but it appears anyone with simply "db_datareader" can view the decrypted data? Is this correct?
Recreation steps:
1. As a System Admin, log into a SQL 2005 Database Engine. 2. Create some login that you also have access to. Ensure it does not already exist, or inherit any permissions from some existing NT-group. (From here on out, I will refer to it as the "underpriveleged user".) 3. Create a new database of any name. 4. Run the following query against the database:
CREATE TABLE [dbo].[MyTable]( [MyColumn] [varbinary](50) NULL ) ON [PRIMARY] GO CREATE USER [DOMAINUserName] FOR LOGIN [DOMAINUserName] WITH DEFAULT_SCHEMA=[dbo] sp_addrolemember 'db_owner', 'DOMAINUserName'
5. Now open another SSMS and connect as that underpriveleged user. 6. Change the database to the name you provided in Step 3. 7. Run these commands as the underpriveleged user...
CREATE MASTER KEY ENCRYPTION BY PASSWORD='DbMK_pwd'
CREATE CERTIFICATE MyCertificate WITH SUBJECT='Some Text' CREATE SYMMETRIC KEY MyKeyName WITH ALGORITHM = DESX ENCRYPTION BY CERTIFICATE MyCertificate
OPEN SYMMETRIC KEY MyKeyName DECRYPTION BY CERTIFICATE MyCertificate INSERT INTO MyTable(MyColumn) VALUES (EncryptByKey(Key_GUID('MyKeyName'), 'MyValue')) SELECT Convert(varchar,DecryptByKey(MyColumn)) FROM MyTable CLOSE SYMMETRIC KEY MyKeyName
8. Now switch back to the System Admin session, and revoke most of the underpriveleged account's permissions...
sp_droprolemember 'db_owner', 'DOMAINUserName' GRANT SELECT ON dbo.MyTable TO [DOMAINUserName]
9. Switch once again to the underpriveleged session, and run the following:
OPEN SYMMETRIC KEY MyKeyName DECRYPTION BY CERTIFICATE MyCertificate SELECT *, Convert(varchar,DecryptByKey(MyColumn)) FROM MyTable CLOSE SYMMETRIC KEY MyKeyName
Why does this work? The user only has select access against the table, and no explicit permissions to the certificate or key. I have even disconnected as this user, tried again, restarted SQL Server... it is still able to decrypt the text.
Or what should I be doing to ensure only those with access to the key/certificate can decrypt the cipher text?
I have a set of Password data in a table which is encrypted e.g. UOTYoeUK8ae89IM6PKButX5ssew= , i was wondering how to decryted it so that it reveals the passwords.
Hi All, In SQL 2000, i need to Export Data,so that datashould be encrypted.When i try to import that in any database it should authenticate the user and should get decrypted.IZAT Possible.
Hi,I have a .net application and i added a code that encrypts data saved in database. However, there is already data in the fields that was entered before this change.I know need to check if the values in those fields are encrypted and if not i need to encrypt them.How can I perform such a check and update the relevant data?I use TrippleDES in .net to encrypt/decrypt the data.Thanks
Does SQL Server 2000 provide any data encryption/decryption functionality so that certain fields (e.g. SSN, Age and Salary) will be encrypted before writing into the table and decrypted once loading out of the table?
I want to encrypt certain data like password, ssn, credit card info etc before saving in database. Also, this encrypted data can be queried using standard SQL statements like:
select * from users where userid=454 and password = 'encrypted data'
The mechanism to encrypt data could be in a .net application. The code that does encryption/decryption should also be protected so that it doesnt work if it falls in wrong hands.
Can anyone suggest what would be the best way to accomplish above?
Hopefully this makes sense, not sure what to even begin researching...
I'm trying to optimize all facets of this process, as it will take over the resources on my server if not done efficiently.
I have CSV files containing INTs that I need to upsert (match to an existing/earlier imported array or create a new record set) millions of times a day. To be clear, this data is a small subset of the actual import, this arrays contents are not the main data of the process, and the value of the entire array is meant to be related to higher level tables.
The contents of the CSV array are 99.9+% repeating, meaning they will very often share the exact same contents as a a previously imported array. A rough guess is there are 20k combinations existing, and less than 1k new per month, and will range from 6 cols x 15 rows to 6 cols x 50 rows.
So current plan is to use a MD5 hash during the (not SQL related) export process to identify the contents of this CSV file, and export only the md5 (32 digit hex) as a lookup to identify the contents. If the SQL import process finds a new (unknown) MD5 it will request the actual contents, otherwise it will simply use the MD5 as a key/id/code for the actual array contents that are already stored.
There's probably a certain terminology I'm not familiar with for this type of thing.. I've never heard of something like this. I realize collision is a threat, but I'm unsure how much I should be worried about it with this type of data (similar size/contents, but a relatively small amount of possibilities). I think up to even 0.1% collision would be acceptable which is probably way more than enough.
Does this sound like a bad idea to anyone? Are there certain hash functions I should use for this type of thing? Anyone have suggestions of where to look next?
hi siri have table hh .it has two columnsone is hhno is integer datatype another hhdoc is xml data type likehh tablehhno hhdoc---------------------------------------------------------------------------------------------100<suresh>sfjfjfjfjf</suresh>....................................101<ramesh>hhfhfhf</ramesh>..................................how to convert the xml data format into the general data format plshelp me with examples
Hi there ,1. i have a database and i want to encrypt my passwords before storing my records in a database plus i will later on would require to authenticate my user so again i have to encrypt the string provided by him to compare it with my encrypted password in database below is my code , i dont know how to do it , plz help 2. one thing more i am storing IP addresses of my users as a "varchar" is there a better method to do it , if yes plz help me try { SqlConnection myConnection = new SqlConnection(); myConnection.ConnectionString = ConfigurationManager.ConnectionStrings["projectConnectionString"].ConnectionString; SqlDataAdapter myAdapter = new SqlDataAdapter("SELECT *From User_Info", myConnection); SqlCommandBuilder builder = new SqlCommandBuilder(myAdapter); DataSet myDataset = new DataSet(); myAdapter.Fill(myDataset, "User_Info"); //Adding New Row in User_Info Table DataRow myRow = myDataset.Tables["User_Info"].NewRow(); myRow["user_name"] = this.user_name.Text; myRow["password"] = this.password.Text; // shoule be encrypted //not known till now how to do it myRow["name"] = this.name.Text; myRow["ip_address"] = this.ip_address.Text; myDataset.Tables["User_Info"].Rows.Add(myRow); myAdapter.Update(myDataset, "User_Info"); myConnection.Close(); myConnection.Dispose(); } catch (Exception ex) { this.error.Text = "Error ocurred in Creating User : " + ex.Message; }
Hi, How can I convert a text file (.txt) into SQL in ASP.net 2.0 ? The sample of the file format is like that ... 09/03/2007 08:41 "Fung, Kitty" Granted Access D1 Main 2354 111 09/03/2007 08:42 "Ng, Jaclyn" Granted Access D1 Main 21906 18 09/03/2007 08:42 "Leung, Agnes" Granted Access D1 Main 21920 18 Cheers
I have the following Query which gives the output in XML format. select * from <Table_Name> For XML auto I wanted to store this output in a .Xml file at my local machine. I would prefer to have a proc when called generates the xml and stores it on the local m/c. Any ideas ? Thanks,
I have a database of over 200 tables. I want to delete data in about 100 tables. It's hard for me to delete because there are so many dependencies. I wind up tracing each table until I find the end and then deleting backwards. Is there a script I can run where I can get a textual view of which tables are related to which tables (foreign key constraints). I don't want to hit 'display dependencies' on each table. I know I can look at logical diagram but with a database of over 200 tables, it is hard to look at it.