How do I protect my SQL Server Database code

How do I protect SQL Server 2005 database in a way that nobody can view table structure or stored procedure without using "WITH ENCRYPTION" or "SQL CLR" technique
LVL 2
yatin_81Asked:
Who is Participating?
 
dportasCommented:
The user can't see procedure definitions as long as you deny or don't grant the "VIEW DEFINITION" permission on the procs. This permission is normally denied by default unless the user owns the proc or has the ddl_admin role.
0
 
Ken FayalCTOCommented:
You would do this with the proper use of user permissions.  Is it something you deploy to customers, where you don't have control over the server?
0
 
yatin_81Author Commented:
Basically, the whole database would be lying on client's server. It would be possible for them to use Windows Authentication and Management Studio to connect and view database components. I need to avoid this. One solution I found was using SQL CLR by creating a Database Project in VS2005. But the database is such huge, it wont be easy task. Any more suggestion would be appreciated....
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
dportasCommented:
WITH ENCRYPTION will protect your code from casual users but it won't completely secure it from a user with Admin access. Nor will CLR.

The best way to protect your intellectual property is with a Licence Agreement. In my opinion you shouldn't try to hide procs from admins even if you can. It's part of their job to know what is running on their server (unless you are providing a DBA service as well).
0
 
Anthony PerkinsCommented:
You can't and should not even attempt to do so. As dportas has indicated you need to rely on EULA's.
0
 
yatin_81Author Commented:
All your answers are appreciated. But I need to clarify my situation.
All the task related to Database Administration will be done by my team only. Its a fear of our management that our code in the form of stored procedures and the logic applied will be visible to the clients. The chances may be that client might take the database to our competitor, and that would be harmful to the business.
Please suggest how to avoid these situation.
0
 
Anthony PerkinsCommented:
>>All the task related to Database Administration will be done by my team only<<
But they own the data and probably the server it runs on and there is simply nothing you can do to prevent them from viewing the stored procedures if they really wanted to.

>>The chances may be that client might take the database to our competitor, and that would be harmful to the business.<<
IMHO You have 2 choices:
1. Make the EULA rock solid.  i.e. Check with your lawyer.
2. Don't sell them the software.
0
 
yatin_81Author Commented:
Exaclty not looking for but can have to close the questions. Amongst all the answers this one was pretty straight forward near to my question
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.