Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
hi guys,
after i finish my WPF application and SQL 2008 R2 Database i need to make a package to be installed to our clients i have done that using install shield 2010 and took my database as a script to be created on our user we have done all of that the problem after we create database on our client pc and the script create it in the default path of SQL Server 2008 i found that every one can stop SQL service and copy the database and stole it so how can i prevent my database from being copied or attached to keep it safe from hackers ?
Posted 23-Feb-13 1:18am

1 solution

Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

One idea
Encrypt important data in the database and obfuscate the key within your application to make it difficult for someone to find the key string.
 
See TripleDESCryptoServiceProvider Class[^]
  Permalink  
Comments
yayaNasr at 23-Feb-13 9:45am
   
i want to protect my database schema not data if any one can copy and attch my database so he will be able to see my data base schema ....
Mike Meinz at 23-Feb-13 10:01am
   
Maybe someone smarter than me will have an answer for you. In my 40+ years of software development, I have never had this requirement and I can't think of a way to keep a schema 100% secret.
yayaNasr at 23-Feb-13 10:22am
   
so your schema any one can steal it , that is doesn't make you wary ?
Mike Meinz at 23-Feb-13 10:47am
   
Only authorized individuals at each of my customer's sites have full access to the underlying database not "anyone". There is a software license that says they cannot use my designs to build their own or a competitive product. I don't worry about it.
yayaNasr at 23-Feb-13 10:59am
   
what about a desktop application
Mike Meinz at 23-Feb-13 11:03am
   
I don't worry about someone seeing the schema of any of the databases I have designed.
 
If you have something that is so technologically revolutionary that you must protect it to the highest degree, then you should consult an attorney to develop a license agreement that will protect your intellectual property.
 
In 40+ years of IT experience, I have never run into a business application software product where I could not see (and provide support for) the underlying database. SAP R3 costs millions to license and all of our DBAs could see (and support) the underlying database. SAP wasn't worried about it because we signed their license agreement.
yayaNasr at 23-Feb-13 11:15am
   
many peoples does not respect law and or license that is make me wary
yayaNasr at 23-Feb-13 11:17am
   
so i want to put a password when some one coming to attach my database ask for password
Mike Meinz at 23-Feb-13 11:25am
   
Use "Integrated Security". If they have successfully put in their Windows username and password, then they can use the application that attaches to the database.
yayaNasr at 23-Feb-13 11:33am
   
i mean password on database level not on account level
Mike Meinz at 23-Feb-13 11:35am
   
If you use "Integrated Security", you do not have to use database usernames/passwords. It is far easier.
yayaNasr at 23-Feb-13 11:37am
   
yes , i do , and still any one can copy and attach my database without asking for password during attaching

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 OriginalGriff 7,903
1 Sergey Alexandrovich Kryukov 7,127
2 DamithSL 5,604
3 Manas Bhardwaj 4,986
4 Maciej Los 4,820


Advertise | Privacy | Mobile
Web01 | 2.8.1411023.1 | Last Updated 23 Feb 2013
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100