问题描述

我有一个使用 SQL Server 2008 数据库的 Windows 应用程序.

I have a Windows application using a database in SQL Server 2008.

我不希望用户看到数据库表.

I do not want users to see the database tables.

如何加密我的数据库中的表?

How can I encrypt tables in my database?

推荐答案

这里有不同的选择.

• 您可以对数据使用对称加密:

• You can use symmetric encryption for your data:

创建表销售 (...)

CREATE TABLE sales ( ... )

创建对称密钥:

CREATE CERTIFICATE cert_sales WITH SUBJECT = N'Sales certificate',
START_DATE = N'2009-01-01', EXPIRY_DATE = N'2018-12-31';

CREATE SYMMETRIC KEY symkey_sales WITH ALGORITHM = AES_256 
ENCRYPTION BY CERTIFICATE cert_sales

加密数据:

TRUNCATE TABLE sales;
OPEN SYMMETRIC KEY symkey_sales DECRYPTION BY CERTIFICATE cert_sales;
INSERT INTO sales() SELECT a, ENCRYPTBYKEY(Key_Guid(N'symkey_sales'), B) FROM T2;
CLOSE SYMMETRIC KEY symkey_sales;

解密数据:

OPEN SYMMETRIC KEY symkey_sales DECRYPTION BY CERTIFICATE cert_sales;
SELECT a, CAST(DecryptByKey(B) as nvarchar(100)) FROM sales;
CLOSE SYMMETRIC KEY symkey_sales;

• 您可以对数据使用非对称加密
• 您可以使用透明数据加密来加密所有数据库文件:
• You can use asymmetric encryption for your data
• You can use Transparrent Data Encryption for encrypt all database files:

创建主密钥:

USE master
go
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'My$Strong$Password$123'

创建证书:

CREATE CERTIFICATE DEK_EncCert WITH SUBJECT = 'DEK Encryption Certificate'

创建 DEK:

USE MySecretDB
go
CREATE DATABASE ENCRYPTION KEY WITH ALGORITHM = AES_256
ENCRYPTION BY SERVER CERTIFICATE DEK_EncCert

开启加密:

ALTER DATABASE MySecretDB SET ENCRYPTION ON

• 您可以使用 BitLocker - 完整的卷加密

这篇关于在 SQL Server 2008 中加密数据库表的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持编程学习网！