SQL Server 2016, encrypted with always encrypted, using certificate. In order for the client application to receive the decrypted data, it is enough to have a certificate installed on the PC, and connection string with ColumnEncryption = Enabled;.
But that means that on that PC can any application access database - just know the connection string. How do I make sure that on PC with the certificate installed - has only one / certain application access to database and his decrypted data?
there is a way, Application Name in Connection String .restricting-access-to-database-by-application-name-andor-host-name-in-sql-server
CREATE TRIGGER RestrictAccessPerApplication
ON ALL SERVER
FOR LOGON
AS
BEGIN
IF
(PROGRAM_NAME() = 'Microsoft® Access' AND HOST_NAME() = 'WORKSTATION_01')
BEGIN
ROLLBACK;
END
END
But i don't think this is good for this type of sensitive applications.
Related
My name is Hari varma, I am working as a SQL DBA.
Currently I am facing issues with Always Encryption in SQL Server 2017 Development Edition in our testing server.
I don't have any experience in Always Encryption and TDE. One of my client asked me to do encryption on database.
I have done some testing on Always Encryption and I was able to encrypt and decrypt the column data by using doing the following:
On the SQL Server instance
-->Options-->Additional connection Parameter-->Column Encryption Setting = Enabled
After I enabled the column encryption I am able to view the encrypted data in the table.
However I am not able to insert, update, and delete data in this encrypted column.
Also I need to be able to set permissions on users who are allowed / not allowed to view the data on this encrypted column.
Which permissions I need to give on a particular user and provide any prerequisites for Always Encryption and TDE.
First of all it's important to understand that your SQL Server instance does not know the keys used for encrypting and decrypting data when using Always Encrypted. The keys are kept externally, usually in a key store such as Windows Certificate Store or Azure Key Vault. This means that SQL Server itself cannot encrypt or decrypt the data - this instead has to be done by a client application that has access to the keys.
However I am not able to insert, update, and delete data in this encrypted column.
I assume you are attempting to insert, update, and delete data directly through SSMS or something similar. This is only possible to a limited extent. This is because SSMS (which is your client application in this case) needs to be able to encrypt the data before sending it to your SQL Server.
Read more about inserting data into columns that are encrypted via Always Encrypted in SQL Server here (using SSMS).
A brief summary of how to insert encrypted data via SSMS:
You need to enable the column encryption setting in your connection string. This is done under Options>>Additional Connection Parameters when you connect to your SQL Server instance in SSMS. Add this text in there: Column Encryption Setting=Enabled
Once you've connected to your database and opened a query window, you need to enable parameterization for always encrypted. This is done in SSMS under Query>>Query Options>>Execution>>Advanced>>Enable Parameterization for Always Encrypted.
When you've completed the two steps above you'll be able to insert data into an encrypted column like this:
DECLARE #ParameterToBeEncrypted NVARCHAR(100) = 'Decrypt me';
INSERT INTO dbo.MyTable(MyEncryptedColumn) VALUES (#ParameterToBeEncrypted);
This works because your client application (SSMS) is able to encrypt the value that you're initializing #ParameterToBeEncrypted with before sending it to SQL Server. This only works if your current user has access to the column encryption key. SQL Server will never see the plain/non-encrypted value ('Decrypt me') - it will only see the encrypted value that should be inserted into the encrypted column.
Which permissions I need to give on a particular user and provide any prerequisites for Always Encryption
It's a combination of permissions in SQL Server and being able to access the keys used for encrypting and decrypting the data. The necessary database permissions are VIEW ANY COLUMN MASTER KEY DEFINITION and VIEW ANY COLUMN ENCRYPTION KEY DEFINITION.
You can read more about the necessary permissions here.
If you want to encrypt a set of existing data in your database, then your best bet is to write your own client application (e.g. in C# or similar) or create a SSIS package (which would serve as a client application). The client application or SSIS package should read the data from the database, encrypt the data outside of the database, and then send it back to the database as encrypted data.
I trying to identify the corporate users using the connections from the connection pool (C3P0) in a JAVA EE application. I executing the statement to set connection info before I give the connection to hibernate and setting it to empty string when the connection is returned to the pool.
For PostgreSQL:
SET application_name TO 'MyCorporateSystem - Billing - John Doe';
For Oracle:
call DBMS_SESSION.SET_IDENTIFIER('MyCorporateSystem - Billing - John Doe');
Microsoft SQL Server also has a ProgramName column on 'sp_who2', but it seems that you cannot set it after the connection has been made, only in the connection string, is that correct? The only way is to use CONTEXT_INFO ?
You are correct. This cannot be changed in t-sql. It is part of the connection string.
What we are doing is simply shutting down sql server and physically moving mssql folder to another server. After that operation service broker not working correctly. What to do to make service broker work on a new server? What's the correct way to move whole server to a new machine?
We have merge replication which we dont want to reinitiallize. So backup/restore and attach/deattach is not a good option. Any solutions for reanimation of service broker on a new machine? Recreate certificates/create new SB guid (NEW BROKER)?
Alright, we moved folder with database files to fresh new instance of sql server on another machine. After few tests we get the expected error An error occurred while receiving data: '10054(An existing connection was forcibly closed by the remote host.)'. and in SQLProfiler it shows as Connection handshake failed. Error 15581 occurred while initializing the private key corresponding to the certificate. The SQL Server errorlog and the Windows event log may contain entries related to this error. State 88..
So, i've tried to regenerate master keys on both main database and master database. And it worked. Service broker running good on both directions.
USE <dbName>;
OPEN MASTER KEY DECRYPTION BY PASSWORD = 'password';
ALTER MASTER KEY REGENERATE WITH ENCRYPTION BY PASSWORD = 'password';
CLOSE MASTER KEY;
USE master;
OPEN MASTER KEY DECRYPTION BY PASSWORD = 'password';
ALTER MASTER KEY REGENERATE WITH ENCRYPTION BY PASSWORD = 'password';
CLOSE MASTER KEY;
When im using
CREATE SYMMETRIC KEY SecureSymmetricKey
WITH ALGORITHM = DESX
ENCRYPTION BY PASSWORD = N'StrongPassword';
DECLARE #str NVARCHAR(100)
SET #str = 'lala';
OPEN SYMMETRIC KEY SecureSymmetricKey
DECRYPTION BY PASSWORD = N'StrongPassword';
Whom itrying to protect the data from ?
the data being sent from client to server ? ( the data is being sent by plaing text - i cant activate sql commands before sending the data...)
or people who has access to the sql server?
You're trying to protect your data in the database from people who either have access to any one of:
the SQL Server instance
the data files
the backup files
So if someone steals your backup tapes, they won't have a database of unencrypted SSNs or Credit Card numbers to sell on the black market.
I am migrating to Postgresql, but I am facing a problem.
A "trick" I am using with SQL Server is to login always using a single user (tipically sa) and I write the program_name in the database connection to check the number of currently logged users in the application. Everytime I do a db connection for UserX I set the program_name in the connection as "MyApp_UserX". In this way with a query like the following I can count how many users are connected to my app. I use this for license check, and it is very reliable in sql server.
select count(sp.loginame) as CNT
from Master.dbo.sysprocesses sp
join Master.dbo.sysdatabases sd on sp.dbid = sd.dbid
where sd.name = MYDATABASE and sp.program_name like 'MyApp%'
Now Postgresql doesn't allow me in the connection to specify a string like program_name. What can you suggest?
For Delphi users: Note I am using unidac, migrating from SDAC. in SDAC I had TMSConnection.ApplicationName, but there is no a Postgresql equivalent.
You could either wait for 9.0 or make a few assumptions and count (almost all) connections to the database in question.
If you login from different client computers, you could use the IP address reported in the system view pg_stat_activity. For each connection that is made to the server, the IP address of the client is shown. If different users use different computers, this might work for you (until 9.0 is out), until then it might be a workaround.
http://www.postgresql.org/docs/current/static/monitoring-stats.html