Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.databases.ms-sqlserver > #754

Re: obfuscation of SQL Server deployments?

From Erland Sommarskog <esquel@sommarskog.se>
Newsgroups comp.databases.ms-sqlserver, microsoft.public.sqlserver.programming
Subject Re: obfuscation of SQL Server deployments?
Followup-To comp.databases.ms-sqlserver
Date 2011-10-26 23:57 +0200
Organization Erland Sommarskog
Message-ID <Xns9F8AF3A496B53Yazorman@127.0.0.1> (permalink)
References <131787bf-2b5d-4bb6-bbef-9a0ba148a3ca@n18g2000vbv.googlegroups.com>

Cross-posted to 2 groups.

Followups directed to: comp.databases.ms-sqlserver

Show all headers | View raw

Mad Scientist Jr (mad.scientist.jr@gmail.com) writes:
> Any idea what kind of obfuscation MS supports for SQL deployments for
> the current generation of SQL Server (2008)?
> 
> I am interested in developing a database and assorted packages which
> would be hosted on a client site, with the data available to the
> client and their applications, but the client should not be able to
> view the table definitions, stored procedures, or SSIS, SSRS, SSAS
> packages.
> 
> Is this possible without locking the entire server down?
 
First of all, you need a license agreement that controls what the customer
can do legally.

But if you don't believe in legalese, and want something technical, no
there is not much you can do. You can create stored procedures WITH 
ENCRYPTION, but that is only obfustication, and you can easily find 
code out there that gives you the clear text. 

You can hide table definitions from plain users, but not an administrator.
You could deliver a pre-installed machine with all users etc, and not
reveal the passwords for Administrator. But disk could be moved. You 
could put a seal on the machine, which at least would reveal that is
has been tampered with and on.

The only reasonable option is to host the machine outside the client's
premises. On your own, on a hosting service, or for that matter in
Azure.

I should add that I don't know much about SSIS, SSRS and SSAS, but
I see no reason that the same thing applies here.


-- 
Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se

Links for SQL Server Books Online:
SQL 2008: http://msdn.microsoft.com/en-us/sqlserver/cc514207.aspx
SQL 2005: http://msdn.microsoft.com/en-us/sqlserver/bb895970.aspx

Back to comp.databases.ms-sqlserver | Previous | NextPrevious in thread | Find similar

Thread

obfuscation of SQL Server deployments? Mad Scientist Jr <mad.scientist.jr@gmail.com> - 2011-10-26 11:42 -0700
  Re: obfuscation of SQL Server deployments? Erland Sommarskog <esquel@sommarskog.se> - 2011-10-26 23:57 +0200

csiph-web