Use an encrypted string IUserType. http://code.google.com/p/unhaddins/source/browse/trunk/uNhAddIns/uNhAddIns/UserTypes/EncryptedString.cs?r=365
<http://code.google.com/p/unhaddins/source/browse/trunk/uNhAddIns/uNhAddIns/UserTypes/EncryptedString.cs?r=365> On Wed, Aug 25, 2010 at 9:47 AM, Sal <[email protected]> wrote: > It's not really open ended. SQL Server 2005 introduced column level > encryption. The typical way for working with encrypted columns is to > use a sql function for encryption and decryption. > > Take a simple example. I have a property "Address" which is a string. > It needs to be encrypted in the DB using column level encryption. When > I retrieve it, I somehow need to use a sql function to decrypt, and > likewise encrypt when inserting it. It's horrendously ugly because it > bleeds through and affects the application. The app has to deal with > SQLs encryption....crappy!. > > I 'could' propose that the encryption is done in the app. Using that > approach, it would be easier working with NH for sure. > > > On Aug 25, 10:38 am, John Davidson <[email protected]> wrote: > > Potentially you did not get an answer because the question is too open > > ended. > > > > Encrypting and decrypting values in an object can be easily handled in a > > number of ways, with or without NHibernate. The real issues are how are > you > > going to query the data and how do you manage relations. > > > > If you are encrypting the Id values as they are stored that creates one > set > > of problems, but as this data is not business data does it need to be > > encrypted? > > > > Encrypting the business data becomes a problem when you want to search > for > > partial string values. This can only be done if all rows are held in a > cache > > in unencrypted format. Can your system handle this kind of caching? Is it > > allowed by the business? > > > > Answering these questions will begin to put bounds on the problem space > and > > then you may get better answers. > > > > John Davidson > > > > On Wed, Aug 25, 2010 at 10:20 AM, Sal <[email protected]> wrote: > > > OK, here goes. This topic has come up several times over the past few > > > years, with no real solid answer. I'm hoping maybe this time there we > > > will be some help. > > > > > I have the unfortunate experience of dealing with a client who insists > > > on using column level encryption in sql server, not just the newer > > > TDE. This usually means using a sql function to encrypt/decrypt the > > > column during queries and inserts/updates. Is there any guidance > > > around implementing this with Nhibernate....without sprocs??? > > > > > -- > > > You received this message because you are subscribed to the Google > Groups > > > "nhusers" group. > > > To post to this group, send email to [email protected]. > > > To unsubscribe from this group, send email to > > > [email protected]<nhusers%[email protected]> > <nhusers%[email protected]<nhusers%[email protected]> > > > > > . > > > For more options, visit this group at > > >http://groups.google.com/group/nhusers?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "nhusers" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<nhusers%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/nhusers?hl=en. > > -- You received this message because you are subscribed to the Google Groups "nhusers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nhusers?hl=en.
