Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
DB Engine
SQL ServerMSDESQL Server CE
Services
Analysis (Data Mining)Analysis (OLAP)DTSIntegration ServicesNotification ServicesReporting Services
Programming
CLRConnectivitySQLXML
Other Technologies
ClusteringEnglish QueryFull-Text SearchReplicationService Broker
General
Data WarehousingPerformanceSecuritySetupSQL Server ToolsOther SQL Server Topics
DirectoryUser Groups
Related Topics
MS AccessOther DB ProductsMS Server Products.NET DevelopmentVB DevelopmentJava DevelopmentMore Topics ...
SQL Server Forum / DB Engine / SQL Server / July 2008

Tip: Looking for answers? Try searching our database.

SQL DB access.

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
MJ - 11 Jul 2008 05:16 GMT
I'm relatively new to SQL, so this may be a dumb question.

I have a DB say at SiteA and a web site at SiteB (the reasons are business
related).

Anyway, can I access the data in SiteA from web pages at SiteB? My suspicion
is yes, but before I charge ahead, I'd like to make sure.

btw, the data will be encrypted prior to transmission and decrypted after
reception with crc on the DataStream.

The only data that would be clear text would be the login credential, but
that's something that I would have to live with.

Thanks.
Reply to this Message
Tibor Karaszi - 11 Jul 2008 06:42 GMT
> I have a DB say at SiteA and a web site at SiteB (the reasons are business related).
>
> Anyway, can I access the data in SiteA from web pages at SiteB? My suspicion is yes, but before I
> charge ahead, I'd like to make sure.

Yes. Or rather, you don't access the "data" directly. Your app on Site B logs on to SQL Server and
pass SQL queries to the SQL Server service on Site A, SQL Server processes the query and return
result to your app on site B. Your app uses some API for this, if .NET than you use ADO.NET, other
APIs include JDBC etc. And the tech layer, a "NetLib", or "Network Library" is used for the
interprocess communication between your app and SQL Server
(http://sqlblog.com/blogs/tibor_karaszi/archive/2008/05/28/endpoints-netlibs-ipc-
and-stuff.aspx ).

Signature

Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://sqlblog.com/blogs/tibor_karaszi

> I'm relatively new to SQL, so this may be a dumb question.
>
[quoted text clipped - 10 lines]
>
> Thanks.
Reply to this Message
MJ - 12 Jul 2008 14:38 GMT
Thanks Tibor, I should have been more correct. Yes of course I am passing
queries - not actual data. IN any case, the data being passed would be
encrypted. Also, I am using classic ASP. Does this pose a problem?

One more item, I suspect it would be best if I were to use views and stored
procedures server side to enhance, somewhat increase security (users
wouldn't actually see the queries) and speed?

Thanks
>> I have a DB say at SiteA and a web site at SiteB (the reasons are
>> business related).
[quoted text clipped - 27 lines]
>>
>> Thanks.
Reply to this Message
Tibor Karaszi - 12 Jul 2008 16:31 GMT
> IN any case, the data being passed would be encrypted.

OK... Where is the encryption and decryption performed? At the client side? If so, what type of
(encrypted) data is it that SQL server will see? I'm thinking that if you for instance encrypt a
string so the encrypted info constraint a lot of "control characters" then you might not want to use
a string datatype in SQL Server (because of these "control characters" are outside the string
datatype repertoire).

> Also, I am using classic ASP.

Which most probably mean that your API will be classic ADO - nothing strange about that.

Signature

Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://sqlblog.com/blogs/tibor_karaszi

> Thanks Tibor, I should have been more correct. Yes of course I am passing queries - not actual
> data. IN any case, the data being passed would be encrypted. Also, I am using classic ASP. Does
[quoted text clipped - 30 lines]
>>>
>>> Thanks.
Reply to this Message
MJ - 13 Jul 2008 18:54 GMT
Tibor, the data that will be stored in the tables will be encrypted, not the
queries and will be done client side prior to transmission to the server or
after transmission from the server.

Based on Josh's comment (good practice), I'll be using SPs and Views on the
server.

Thanks to all for the info and advice.

>> IN any case, the data being passed would be encrypted.
>
[quoted text clipped - 50 lines]
>>>>
>>>> Thanks.
Reply to this Message
MJ - 17 Jul 2008 15:28 GMT
Tibor, I had replied to this several days ago, but for some reason it wasn't
posted.

In any case, the data that will be stored in the tables will be encrypted,
not the
queries and will be done client side prior to transmission to the server or
after transmission from the server.

Based on Josh's comment (good practice), I'll be using SPs and Views on the
server.

Thanks to all for the info and advice
>> IN any case, the data being passed would be encrypted.
>
[quoted text clipped - 50 lines]
>>>>
>>>> Thanks.
Reply to this Message
JXStern - 12 Jul 2008 17:22 GMT
>One more item, I suspect it would be best if I were to use views and stored
>procedures server side to enhance, somewhat increase security (users
>wouldn't actually see the queries) and speed?

Yes these are good practices for many reasons.

Josh
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.