Encryption for SQL Server 2008 stored Procedures

Stored Procedure Encryption

The reasons for use are as follows:

1, the use of stored procedures, at least in the prevention of illegal injection (inject) to provide better protection . At the very least, pre-compilation is performed first before the stored procedure executes, (if the cause of an illegal argument) is not executed, which in some way provides a layer of natural barrier.

2. Using stored procedures instead of direct access to the base table provides better security . You can control how data is modified at the row or column level. With respect to table access, you can confirm that a user with permission to execute the appropriate stored procedure. This is also the only way to access the data server. Therefore, any peeping person will not be able to see your SELECT statement. In other words, each app can only have the corresponding stored procedure to access the base table instead of "Sleect *".

The encryption of stored procedures is very simple, let's look at an example:

/********* using the database *****************/use migo/*************** to create an unencrypted stored procedure *******************/create Procedure CPP_test_ Originalasselect * from userinfogo/*************** Creating an encrypted stored procedure *******************/create Procedure cpp_test_encryption With Encryptionas----can be replaced with any logical execute CPP_TEST_ORIGINALGO

　　

After successful creation:

And this stored procedure is not open, this is the encryption

Unencrypted stored procedure:

Encrypted stored procedures:

Encryption for SQL Server 2008 stored Procedures