-
1M HA TRONG SQL SERVER 2005 L do cn phi m ha thng tin:
M ha l mt phng php quantrng nhm bo mt d liu.
Nhng d liu nhy cm nh sCMND, s th tn dng, mt khucn phi c bo v trc
v vn minguy him tn cng hin nay.
-
2 L do cn phi m ha thng tin: Trong SQL Server 2000 bn c th tto
cc hm ca ring mnh hoc sdng cc DLL ngoi m ha d liu.
Trong SQL Server 2005, cc hm vphng thc ny c mc nh chophp sn.
-
3SQL Server 2005 cung cp cc kthut sau m ha d liu:
M ha bng mt khuM ha kha i xngM ha kha khng i xngM ha chng
nhn
-
4 Trong bi ny, gii thiu cch sdng k thut m ha bng mtkhu v phng
php gii m n.
SQL Server 2005 cung cp 2 hmcho vic m ha: mt cho vic mha v mt
cho vic gii m.
-
5 M ha bng mt khu l phngphp m ha d liu c bn thngqua mt khu. D
liu c th cgii m nu nhp ng mt khu s dng khi m ha.
Chng ta s th mt v d v vicm ha v gii m d liu bng kthut m ha thng
qua mt khu.
-
6select EncryptedData
=EncryptByPassPhrase(KHANG','123456789')
-
7 Kt qu:
-
8 By gi, chng ta s thc thi 3 ln hmEncryptbypassphrase trn theo v
d sau:
declare @count intdeclare @SocialSecurityNumber
varchar(500)declare @password varchar(12)set @count =1while
@count
-
9 Kt qu:
-
10
Lu : 123456789 y c th l s thtn dng v KHANG l mt khu.
Kt qu ca Encryptbypassphrase saumi ln thc thi hm l khc nhau.
Tuy nhin, khi chng ta gii m dliu th n vn ra kt qu nh banu trc
khi m ha.
By gi chng ta s th gii m d liu c m ha trn vi
hmDecryptByPassPhrase:
-
11
-
12
Th gii m d liu c m ha vi mtmt khu khc. Thc thi theo cu lnh
sau:
Kt qu cho thy SQL Server tr li gi tr NULL numt khu sai.
-
13
By gi, chng ta s th to mt bng chas th tn dng v s CMND, sau s mha
d liu ny thng qua phng php mha mt khu:
USE [master]goIF EXISTS (SELECT name FROM sys.databasesWHERE
name = N'Customer DB')DROP DATABASE [Customer DB]go
-
14
create database [Customer DB]gouse [Customer DB]gocreate table
[Customer data]([customer id] int,[Credit Card Number]
bigint,[Social Security Number] bigint)go
-
15
insert into [Customer data] values (1,1234567812345678,
123451234)insert into [Customer data] values(2,1234567812345378,
323451234)insert into [Customer data] values(3,1234567812335678,
133451234)insert into [Customer data] values(4,1234567813345678,
123351234)insert into [Customer data] values(5,1234563812345678,
123431234)go
-
16
To hai ct lu d liu c mha:use [Customer DB]goalter table
[Customer Data] add[Encrypted Credit Card
Number]varbinary(MAX)goalter table [Customer Data] add[Encrypted
Social Security Number]varbinary(MAX)go
-
17
Cp nht d liu c m ha vo hai ct vato:use [Customer DB]goupdate
[Customer Data] set [Encrypted CreditCard Number]
=EncryptByPassPhrase('Credit Card',convert(varchar(100),[Credit
Card Number]) )goupdate [Customer Data] set [Encrypted
SocialSecurity Number] =EncryptByPassPhrase('Social
Security',convert(varchar(100),[Social Security Number]))Go
-
18
Truy vn bng bng cc lnh sau:
use [Customer DB]goselect * from [customer data]go
Kt qu:
-
19
-
20
Xa b ct cha d liu cha c m ha:
use [Customer DB]goalter table [Customer Data] drop
column[Credit Card Number]goalter table [Customer Data] drop
column[Social Security Number]go
-
21
Truy vn bng theo cc lnh sau:
use [Customer DB]goselect * from [customer data]go
Kt qu:
-
22
-
23
Gii m d liu trn bng thng qua hmDecryptbypassphrase nh sau:use
[Customer DB]goselect[customer
id],convert(bigint,convert(varchar(100),decryptbypassphrase('Credit
Card',[Encrypted Credit CardNumber]) )) as[Credit Card
Number],convert(bigint,convert(varchar(100),decryptbypassphrase('Social
Security',[Encrypted Social SecurityNumber] ) )) as[Social Security
Number] from [customer data]Go
Kt qu:
-
24
-
25
Kt lunM ha d liu thc s rt quan trng.Bi ny gii thiu mt trong 4 k
thut m hasn c trong SQL Server 2005 k thut mha bng mt khu v phng
php gii mn.Ngoi ra, cn c phng php hack/khi phcd liu c m ha bng mt
khu ny.
M HA TRONG SQL SERVER 2005Slide133SQL Server 2005 cung cp cc k
thut sau m ha d
liu:Slide88Slide110Slide112Slide111Slide116Slide115Slide114Slide109Slide113Slide120Slide119Slide118Slide117Slide121Slide127Slide89Slide102Slide103Slide129Slide130Slide131Kt
lun
