|
|
Posted by Christopher Browne on 12/10/05 02:07
> Martin wrote:
>> I'd venture to say that most db's
>> are not designed to have strong security at the file level. I understand
>> why (cpu and system load in managing constant encrypt/decrypt processing)
>> but it is disturbing nevertheless.
>>
>> -Martin
>
> SQL Server 2005 has strong encryption built in to the database. The
> user decides whether that applies to all of the database or just
> selected data.
Unfortunately, that means that you have to trust the database engine
with the cryptographic keys.
That means the DB engine is free to do whatever it likes with them,
which is an inherent, vast, gaping security hole.
It's so gaping that it obviates any value to the use of encryption.
--
output = ("cbbrowne" "@" "ntlug.org")
http://linuxdatabases.info/info/lsf.html
Rules of the Evil Overlord #114. "I will never accept a challenge from
the hero." <http://www.eviloverlord.com/>
Navigation:
[Reply to this message]
|