Download eBook (PDF) - Red Gate Software

10 – Layering SolutionsTo further elevate the level of overall security for the database, we deny accessto the tables within the database to all database users. Accessing the data that iscontained within the tables is granted through the creation of views. AllINSERT, UPDATE and DELETE commands are funneled through storedprocedures.Cell-Level and One-Way EncryptionWith the basic security features of SQL Server applied to the HomeLendingdatabase, the implementation of cell-level and one-way encryption can beobserved.The Borrower_Identification, Asset_Account andLiability_Account tables utilize cell-level encryption to protect theidentifying data and financial account numbers of the borrower. Thanks to theseparation that was provided by the schema design, and the limited permissionsthat have been implemented to the views that access this data, the traffic tothese columns does not have a noticeable impact on the performance of thedatabase.The cell-level encrypted columns take full advantage of the key hierarchy,including the use of the service master key, which not only providescryptography without hard-coding passwords into user defined functions andstored procedures, but also prevents decryption on another SQL Serverinstance, with a different service master key.Cell-level encryption does present a considerable performance hit when it isapplied to data that is frequently searched. The encryptedIdentification_Value column, within theBorrower_Identification table, presents such a scenario. It is notuncommon to use a Social Security Number as a searchable field in which aborrower can be recalled.The solution that we provide in the Borrower_Identification table is asecond Identification_Value column, containing a salted one-wayencrypted hash. Access to this column is provided to lower level database roles,by way of a stored procedure specifically designed to perform the hashcomparison and return the search results.202