Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
DB Engine
SQL ServerMSDESQL Server CE
Services
Analysis (Data Mining)Analysis (OLAP)DTSIntegration ServicesNotification ServicesReporting Services
Programming
CLRConnectivitySQLXML
Other Technologies
ClusteringEnglish QueryFull-Text SearchReplicationService Broker
General
Data WarehousingPerformanceSecuritySetupSQL Server ToolsOther SQL Server Topics
DirectoryUser Groups
Related Topics
MS AccessOther DB ProductsMS Server Products.NET DevelopmentVB DevelopmentJava DevelopmentMore Topics ...
SQL Server Forum / General / Security / October 2005

Tip: Looking for answers? Try searching our database.

Restrict Database Viewing

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
wrytat - 25 Oct 2005 10:27 GMT
One of our programmers is going to write a program that involves some
sensitive data stored in the SQL server, using visual basic. Is there a way
to restrict him from viewing the data in the database, yet allowing him to do
his programming and debugging?
Reply to this Message
Dan Guzman - 25 Oct 2005 13:47 GMT
Rather than developing against the live production database, consider
developing the application against a test database with identical schema.
You can use test data or obfuscated production data for testing.

Signature

Hope this helps.

Dan Guzman
SQL Server MVP

> One of our programmers is going to write a program that involves some
> sensitive data stored in the SQL server, using visual basic. Is there a
> way
> to restrict him from viewing the data in the database, yet allowing him to
> do
> his programming and debugging?
Reply to this Message
Don Grover - 25 Oct 2005 23:13 GMT
I spend a lot of time writing apps against sensitive data, and often have to
explain to clients that valid data is needed to test against.
If you want to limit access to certain tables just create a user with
disabled access to sensitive table and allow only access to tables they will
use.
If the tables that they need, have actual sensitive data in them, then
create a duplicate database with different user and change some data.
i.e.. if its salary then directly edit the duplicate database and change all
the names and passwords to random data.

My suggestion is to have a third reliable party to backup database change
the sensitive data and return with another database name.
Then just hand that database on cd to your programmer.

As a second thought if its only reading i.e.. reports then create required
tables and fields as views.

> One of our programmers is going to write a program that involves some
> sensitive data stored in the SQL server, using visual basic. Is there a
> way
> to restrict him from viewing the data in the database, yet allowing him to
> do
> his programming and debugging?
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2010 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.