SQLIdeas

Getting Started with Adobe After Effects - Part 6: Motion Blur


	Blogs

Upload Image

Close it

Select File

Towards the innovative SQL ideas


	Like

Invite Friends

Browse by Tags · View All

ms sql server	119
ms sql	118
sql server	116
sql	115
database	102
tsql	81
#SQL Server	78
t-sql	75
#sql	71
sql server general	67

Archive · View All

April 2011	14
July 2011	12
May 2011	12
August 2011	11
June 2011	10
September 2011	8
December 2011	6
November 2011	6
June 2013	5
April 2013	5

Home · Posts · Most Liked · Most Discussed · Ask a Question · Fans (164) · Preferences

Stored Procedure Encryption in SQL Server

Aug 15 2011 12:00AM by Paresh Prajapati

Because of some security policies we need to require our code to be safe from Users who are going to use SQL Server database and objects of them and some outside threat. We have different different users to access the database objects or used for application.

We have so many ways to encrypt data, but here i am talkig about the code encryption. With this encryption security, Users can execute the stored procedures but can not view the code.

Let us check the how the Stored Procedures can be encrypted.

-- Creating demo objects

USE demo
GO

-- Creating table
IF (OBJECT_ID('UserMaster','U')> 0)
DROP TABLE UserMaster
GO

CREATE TABLE UserMaster
(
UserId INT,
UserName VARCHAR(100),
UserPwd NVARCHAR(100)
)

GO

-- Inserting demo records
INSERT INTO UserMaster
SELECT '1','User1','pwd1'
UNION ALL
SELECT '2','User2','pwd2'
UNION ALL
SELECT '3','User3','pwd3'

GO

Now we will create two Stored Procedures with and without encryption.

-- Creating Stored Procedure without encryption
CREATE PROCEDURE GetUserDataWithoutEncrypt
AS
BEGIN
SET NOCOUNT ON 

SELECT 
UserId,
UserName,
UserPwd
FROM UserMaster

END
GO


-- Creating Stored Procedure with encryption
CREATE PROCEDURE GetUserDataWithEncrypt
WITH ENCRYPTION
AS
BEGIN
SET NOCOUNT ON 

SELECT 
UserId,
UserName,
UserPwd
FROM UserMaster

END
GO

Executing both above created stored procedures , and you ca see there as both giving same output while users run them.

EXEC GetUserDataWithoutEncrypt
EXEC GetUserDataWithEncrypt
GO

Finally we will check the text of these both stored procedures objects.

-- Viewing text of Stored Procedure without Encrypted
EXEC SP_HELPTEXT GetUserDataWithoutEncrypt

-- Viewing text of Stored Procedure with Encrypted
EXEC SP_HELPTEXT GetUserDataWithEncrypt

Doing same thing for Encrypted Stored Procedure from UI and see what happen,

It is not showing text in sys.syscomments as well.

SELECT 
* 
FROM sys.syscomments
WHERE id = object_id('GetUserDataWithEncrypt')
GO

Let me what you think for the stored procedure encryption and share your comment if you have used it.

Tags: sql, sql server 2008, sql server 2005, tsql, sql server, ms sql, ms sql server, sql server denali, #SQL Server, mssql, #sql, sql server 2011, database, sql server general, SQL Scripts, encryption,

Previous: Take care while using SELECT Clause for Variable Assignment in SQL Server
Next: SQL Server 2008 - TSQL Debugger for Stored Procedure

Paresh Prajapati

6 · 22% · 7044

Liked

Lifesaver

Refreshed

Learned

Incorrect


Like this
Post this to my facebook wall
Tweet this
This was a true life saver
Thanks, this helped me to refresh my memory
Very informative, I just learned something new
I disagree, this information is incorrect