Although Network Administrator can use the current techniques to prevent unauthorized access to that data, hacker also can get through the limitation, and get the database data sometimes. Here are just some of the ways:
- Break through the firewall
- Admin choosing kid's birthday as a login password
- Lost laptop that contains replicated data
- Neglecting to remove a login when someone quits or is fired
- Accidentally sharing the wrong volume
- Employee copying files to a removable drive before they quit or are fired
- Stealing a backup disk or tape
If hacker can get the raw database from the server, desktop, laptop, backup media, etc., the control will be completely lost! If the raw database file is a SQL Server database, hacker can simply attach the database to his SQL Server and will have the complete access. If the data is stored in a desktop database, such as DBF or MDB, it is even easier for hacker. He can simply use Microsoft Access or any variety of file browsers to see the raw data.
So now, how to protect our database?
Currently the built-in encryptions of tools such as MS Access are not high secured, and SQL Server does offer encryption for stored procedures and scripts, however if we surf the web and download one of many free programs that can decrypt “Microsoft encrypted” stored procedures in an instant.
Current Market and Product Status
Currently, in our product, there is no available product which can protect database and its script. In GrandDog, we only supply one sample interface for Oracle. In addition, our competitors like Hasp, Rockey also have no good solution for it.
Looking at the present database protection market, there are only productions based on software which can not achieve the high security level on the theory, like http://www.netlib.com/index.html and http://www.xpcrypt.com/.
So from marketing and competitor side, we have the business opportunities to develop one new product based on the hardware.
Solution for Requirement
Based on the marketing requirement, we can develop one product based on license model which can facilitate SHK License, and implement the following features:
- Encrypt column and row data
- Protect total database file
- Encrypt some important Transact-SQL script
This solution will allow database administrators and developers to encrypt data without having to invent and develop an entire key management system themselves. It will supply some plug-in modules like as trigger and procedure to encrypt some sensitive data within database automatically without having to change applications. It also can provide a direct interface to encryption functions that allow database administrators and developers to design and build their own encryption features.
Conclusions
The above propose is just the draft propose, some features and details needs more effort to complete it. I believe it will bring us the big revenues from the new and big market if we develop such kind of product based on our technologies and advantages.