1

We are using SQL Encryption to encrypt data in the database using this approach.SQL Encryption. As the main aim is to avoid data theft when the database is compromised. We will be using HTTP(s) certificates while accessing data from Server to Client.

The data is encrypted in the table level. To access the data we have created stored procedures to access them.

We have to depend on stored procedures as we have to specifically tell the symnmetric key and certificate we are using in our DB.

GO
OPEN SYMMETRIC KEY mySymmetrickKey DECRYPTION
BY CERTIFICATE myCertificate

Instead of depending on the databse stored procedures can we specify the symmetric key and certificate name in our SQL Query(LINQ), to access the various tables in our DB.

We are using DB first Entity Framework approach for data access. Any advises on these ?

Improve this question

1 Answer 1

Reset to default
1

I also looked at this issue.

One area to be careful about is that encryption generally (of course varies between encryption) roughly adds 120% to the original data. Passing this amount of information between the sql server and http server degrades the over all performance. In comparison if the data encryption is handled by the SQL database server then the only performance hit is during encryption/decryption.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.