SQL Server :ONE-WAY ENCRYPTION - Creating the Interface (part 1) - Creating the View, Creating the Stored Procedures

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

The sensitive data that is contained within the Borrower_Identification table is now protected with one-way encryption. Our next steps are to create the interface through which our users can access this table.

A general policy, we denied direct access to all base tables within the HomeLending database using the script shown in Listing 1.

Listing 1. Denying access to the base tables.

We adopt the same strategy here, using an interface consisting of a view and three stored procedures to mediate our users' interaction with this table. By implementing this structure we can control the access to our data at a more granular level than simply granting access to entire tables. In addition, this structure allows us the opportunity to embed cryptographic functionality and other logical methods into our views and stored procedures.

Creating the View

We created a view called vwBorrower_Identification, by which authorized users in the Sensitive_high and Sensitive_medium roles could access the values in the Borrower_Identification table . However, only members of the Sensitive_high role were able to use this view to view in decrypted form the cell-level-encrypted values.

Here, we will recreate this view in light of our new one-way encryption architecture, as shown in Listing 2. Users of the view will not gain access to the Identification_Value_H column, so that the ability to reveal the plain text through comparison of hash values is limited to the database roles that are in the Sensitive_high database role. Instead, we include our alternative Identification_Value_HT column, which contains a hash value of the original plain text truncated to its last four digits.

Listing 2. Recreating the vwBorrower_Identification view.

Creating the Stored Procedures

Having earlier restricted direct access to the Borrower_Identification table, the ability to insert, update and search records that are contained within the Borrower_Identification table will be achieved through stored procedures.

The stored procedure that will be used to perform the UPDATE methods will be called Update_Borrower_Identification and the script to create it is shown in Listing 3. The plain text value of the borrower's identification value as well as the unique identifying value for the record that is being updated in the Borrower_Identification table is passed into this stored procedure as parameters. This stored procedure then performs the necessary salting and hashing, using the GetHashSalt function and the Hashbytes method, as described earlier.

Listing 3. Creating the Update_Borrower_Identification stored procedure.

The stored procedure that will be used to perform the INSERT methods will be called Insert_Borrower_Identification. Passed into this stored procedure as parameters are:

  • The plain text value of the borrower's identification value.

  • The foreign key value that defines the identification type.

  • The foreign key value for the borrower to which the identification record is associated.

The script to create this stored procedure is shown in Listing 4.

Listing 4. Creating the Insert_Borrower_Identification stored procedure.

Again, the Hashbytes method is used to create the hash value for the plain text identification value and the salt is derived from the GetHashSalt user defined function. The SHA1 algorithm is used to create the hash value.

The final stored procedure, Select_Borrower_Identification, will be used to return filtered sets of data based upon the truncated plain text, in this case the last four digits, sent into its Identification_Value argument, as shown in Listing 5.

Listing 5. Creating the Search_Borrower_Identification stored procedure.

The plain text identification value that is passed in is salted and hashed, using the "SHA1" algorithm, and then placed in the WHERE clause of the statement to be compared with the hash value that is stored in the table.

  •  SQL Server : Implementing One-Way Encryption (part 1) - Populate the Hash Columns, Verify the Implementation, Drop the Unencrypted Column
  •  SQL Server : Implementing One-Way Encryption (part 1) - Create the Primary Hash Column,Create a Secondary Hash Column for Searching
  •  Sql Server 2012 : Hierarchical Data and the Relational Database - Hierarchical Table Indexing Strategies
  •  Sql Server 2012 : Hierarchical Data and the Relational Database - Populating the Hierarchy (part 3) - The GetAncestor Method
  •  Sql Server 2012 : Hierarchical Data and the Relational Database - Populating the Hierarchy (part 2) - The ToString Method
  •  Sql Server 2012 : Hierarchical Data and the Relational Database - Populating the Hierarchy (part 1)
  •  Sql Server 2012 : Hierarchical Data and the Relational Database - The hierarchyid Data Type, Creating a Hierarchical Table
  •  Personal Cloud WD My Cloud EX2 Review
  •  Synology DS213j Your Own Cloud Entertainment Starts Here
  •  ADATA Premier Pro SP920 256GB
    Top 10
    Free Mobile And Desktop Apps For Accessing Restricted Websites
    MASERATI QUATTROPORTE; DIESEL : Lure of Italian limos
    TOYOTA CAMRY 2; 2.5 : Camry now more comely
    KIA SORENTO 2.2CRDi : Fuel-sipping slugger
    How To Setup, Password Protect & Encrypt Wireless Internet Connection
    Emulate And Run iPad Apps On Windows, Mac OS X & Linux With iPadian
    Backup & Restore Game Progress From Any Game With SaveGameProgress
    Generate A Facebook Timeline Cover Using A Free App
    New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
    SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
    - Messages forwarded by Outlook rule go nowhere
    - Create and Deploy Windows 7 Image
    - How do I check to see if my exchange 2003 is an open relay? (not using a open relay tester tool online, but on the console)
    - Creating and using an unencrypted cookie in ASP.NET
    - Directories
    - Poor Performance on Sharepoint 2010 Server
    - SBS 2008 ~ The e-mail alias already exists...
    - Public to Private IP - DNS Changes
    - Send Email from Winform application
    - How to create a .mdb file from ms sql server database.......
    programming4us programming4us