|
E.Nando wrote: And... about the blade and/or virtual servers.... THEY COST 300 bucks/month!!! Isn't they?
Where did you get this from? You're talking about reducing the server count in a business that usually has their own servers, not rented. In a few corporate cases around me, there's movement towards building a single large server (multi-proc, 16GB+ RAM, large drive arrays) that's running Virtual Server, on which, there's about 10 to 15 "normal" servers running. Since the bulk of a server's time usually spent idle, you can get away with running multiple virtual servers on a single physical machine.
Blade centers are just a frame to hold, power, and manage, smaller, low cost servers, offering flexible scalability.
And no, this does not cost $300 a month. Maybe in power costs, but not renting costs since you own the hardware.
You're still behind the curve with this idea. Look into "Software as a Service"...
|
|
|
|
|
Oh my...
I have a [small] business that relies on rented servers... yes... and by fact... have no intention on creating a big enterprise... nor to be surrounded with very important staff people...
I just want that "Software as a Service" thing... works for me as well... and by that... I mean that I want to try to put everything I can on WebServices... on a unique central server... just to enjoy my life better...
And thank you for give me nothing... again...
|
|
|
|
|
E.Nando wrote: I mean that I want to try to put everything I can on WebServices...
May I suggest that you put the appropriate stuff on Web Services. Don't make the mistake of pigeon-holing all your applications just to find out that Web Services wasn't the most appropriate way to do something.
E.Nando wrote: And thank you for give me nothing... again...
BTW, you started this thread by saying "datacenters". That's not exactly a "small business" term...
modified on Sunday, November 16, 2008 8:26 PM
|
|
|
|
|
Yes... thanks for your suggestion... and yes I am worryed about centralizing on one "aparently weak" or "new" tech... but I need to try...
And sorry, I really used the wrong term... "datacenter" is not the right term.
Thanks!
|
|
|
|
|
Hello there!
I want to know if there is some way to override the connection class to implement any kind of crypto desired (including custom crypto).
I say... I need a code (vb.net please) to intercept any incomming reads and any outgoing writes to implement crypto methods easily.
The benefits are enormous as we will not have to change the queries.
Thank you!
|
|
|
|
|
If you do that, how will the database be able to tell what queries you are sending? Or how will it be able to send the answers back encrypted in the way you want?
|
|
|
|
|
Thanks for your attention!
Look... The queries will not change...
When I query: "SELECT Name, Address FROM Clients WHERE Name = 'John Doe'" on the code... the server just do the thing... responsing something that is crypted without knowing that... and that IS ok...
What I need is to avoid custom code customization like this:
myQuery = "SELECT Name, Address FROM Clients WHERE Name = '" & Crypt("John Doe") & "'"
I need to develop something smart enough to intercept this message and replace only the crypted fields (I will have to inform what field are customizing the connection-or whatever class, or by informing a pattern like... all text fiels... or all fiels with fieldnames begining with "abc"... whatever) with the right values to be possible the server catch the query...
I don't need to rely on storage procedures or triggers or any database engine... I need code side solution for this... I am a developer... not a DBA... and... I dont need those crypto/decrypto methods on the hands of anybody else... nor saved on the Database trigger code... it will be not safe...
On the end I need something on the DataAdapter, or on the Connection classes to intercept this message and translate it before sending the command for the database engine...
And... on the other hand... the response will be the same....
As the server sends me something like this...
Name | Address
--------------------------------------
~4wi2.s |!´$dn8#$0z0e[´_=2^/\!%
I need those fiels automaticaly re-rendered to something readable whitout having to code, because the class translates it for me...
Name | Address
--------------------------------------
John Doe | 2540 Developers Street
Avoiding the hard code:
For each Record replace Record.value with Decipher(Record.value)... etc...
Ok?
Please... give something to begin...
Thanks...
|
|
|
|
|
The basic idea of encrypting connections is described in here: Encrypting Connections to SQL Server[^].
Beyond that, I believe you could use stored procedures that take encrypted text as parameter and return, not result sets, but encrypted text. In both ends you could then decrypt the data. But I really don't see the point in doing that:
- performance degrades
- complexity increases
- possible interpretation problems
- not likely to result any better security than those mechanisms that are supported by SQL Server
The need to optimize rises from a bad design.
My articles[ ^]
|
|
|
|
|
I see...
But I'm not interested on attaching my code on any SQL Server Engine on particular... please understand...
And... no way to write this kind of code on DBA personel public areas... nor on the client-adminstrated database servers...
And about those points you mentioned...
- performance degrades
It depends on the value of the data you are storing... in some cases it justifies this degradation...
- complexity increases
I have the custom crypto product already developed, and, i see no complexity on simplifying the code envolved on the ciphering methods... again... this fact by itself (simplifying custom ciphering code) justifies the work...
- possible interpretation problems
Problems are here to resolve... but first we need then to pop-up... And that's why I need to rewrite those connection, dataadapter and command classes...
- not likely to result any better security than those mechaninsms that are supported by SQL Server
You don't think it? Interesting! Because on my humble opinion those classic crypto methods are a kind of "boxed"... That's why I have writted my custom cyphering classes...
But please... Give me something to work on that classes... freely... not depending on a specific database engine... Because I am ready to try to rewrite those classes for each engine, one by one...
But I need to know more about rewriting those classes...
Thank You!
|
|
|
|
|
I'm having a hard time to undertstand what you're after.
If you want to communicate securely with the database server, almost all of the database systems support that (as I posted the ink regarding SQL Server)
If you want to store the data encrypted, some of the database systems support also that (for example both SQL Server and Oracle). The idea is that if you have sufficient priviliges, you'll see the actual data regardless what tool you use.
If you want to encrypt the data so that it cannot be seen anywhere but in your program, you'll encrypt the data before you send it to the database. The simpliest way could by using classes that are inherited from the actual Parameter classes (like SqlParameter). Whenever the value is set in your program, you encrypt it and when the value is retrieved, you decrypt it. This would however have a downside not seeing the data correctly in the database (using for example Enterprise Manager etc) even if you have sufficient privileges.
But if I understood you correctly, inheriting parameter and adding logic to it could be a starting point. However, I don't think you can do this so that it's usable for all databases since every database has different classes (SQL Server has SqlCOnnection, SqlParameter etc, Oracle has OracleConnection, OracleParameter etc, ODBC has OdbcConnection, OdbcParameter and so on)
The need to optimize rises from a bad design.
My articles[ ^]
|
|
|
|
|
Dear Mika Wendelius,
Thank you again for your attention! You are a kind of a person!
Let me explain myself better... as I posted to our friend, Mr.Dave Kreskowiak:
"I just like big tasks... as I sense that the basic flexibility for those classes needs to be on discussion... And I am ready to begin working on it...
Databases Engines are for help, not to orient the code... As I think that way...
And, for that... I just trying to have some flexibility on those classes"
And I think that is what "discussion foruns" about... it is not all about ourselves, our careers, jobs... it is to discuss the very basics, and it is what I am doing... questioning... trying... improving... and looking for the benefits over that...
Now... commenting your nice words....
"... almost all database systems supports that..."
Yes! But all relies on server certificates... that costs a lot for me... then I need to send those tcp-ip packs already crypted... whithout relying on thirty party security services, orders, certificates, wills, etc...
"If you want to encrypt.... if you have sufficient priviliges"
See... that's the point!!! I command the database I am responsible for BY CODE... not on the contrary... understand now? please...
"If you want to encrypt the data... inherited the actual Parameter classes. Whenever the value is set in you program, you encrypt it and when the value is retrieved, you decrypt it..."
Again... that is the point... I need those classes to do the hard work for me... not on the contrary... please... understand...
"I don't think you can do this so tha it's usable for all databases since every database has different classes..."
Lets begin coding... MySQL first... MS SQL next on the line... etc...
Please see the post I send to Mr. Colin Angus Mackay...
=========== begin copyed post =========
Thanks for your attention!
Look... The queries will not change...
When I query: "SELECT Name, Address FROM Clients WHERE Name = 'John Doe'" on the code... the server just do the thing... responsing something that is crypted without knowing that... and that IS ok...
What I need is to avoid custom code customization like this:
myQuery = "SELECT Name, Address FROM Clients WHERE Name = '" & Crypt("John Doe") & "'"
I need to develop something smart enough to intercept this message and replace only the crypted fields (I will have to inform what field are customizing the connection-or whatever class, or by informing a pattern like... all text fiels... or all fiels with fieldnames begining with "abc"... whatever) with the right values to be possible the server catch the query...
I don't need to rely on storage procedures or triggers or any database engine... I need code side solution for this... I am a developer... not a DBA... and... I dont need those crypto/decrypto methods on the hands of anybody else... nor saved on the Database trigger code... it will be not safe...
On the end I need something on the DataAdapter, or on the Connection classes to intercept this message and translate it before sending the command for the database engine...
And... on the other hand... the response will be the same....
As the server sends me something like this...
Name | Address
--------------------------------------
~4wi2.s |!´$dn8#$0z0e[´_=2^/\!%
I need those fiels automaticaly re-rendered to something readable whitout having to code, because the class translates it for me...
Name | Address
--------------------------------------
John Doe | 2540 Developers Street
Avoiding the hard code:
For each Record replace Record.value with Decipher(Record.value)... etc...
Ok?
Please... give something to begin...
Thanks...
=========== end copyed post ===========
Thanks for your support!
But... yet... I need those classes codes to ovewrite then... in VB.net...
Is there any source for it?
|
|
|
|
|
By the way... I think that your inheriting Parameter classes will do the job very nicely... without a long time development... just a few customizations on the class creation... some few methods to test if the field needs pre/post processing and we are done!...
Thanks for the tip, I think it will fit.
Thank YOU!
|
|
|
|
|
I was just testing the implemenation and I had forgotten that SqlParameter is sealed. So your class could be something like (need to implement all the properties and methods so this is just a seed):
Public Class MyParameter
Private actualParameter As System.Data.SqlClient.SqlParameter
Public Property Value() As Object
Get
If (TypeOf actualParameter.Value Is String) Then
Return Decrypt(actualParameter.Value)
Else
Return actualParameter.Value
End If
End Get
Set(ByVal value As Object)
If (TypeOf actualParameter.Value Is String) Then
actualParameter.Value = Encrypt(value)
Else
actualParameter.Value = value
End If
End Set
End Property
...
End Class
The need to optimize rises from a bad design.
My articles[ ^]
|
|
|
|
|
Yes... it is sealed...
Is there any way get the vb.net version of this class, to help me begining the task?
|
|
|
|
|
|
Yes! It will be handly!Thank you, again!
|
|
|
|
|
You're welcome.
The need to optimize rises from a bad design.
My articles[ ^]
|
|
|
|
|
That won't work unless you rewrite the connection manager in SQL Server too. Good Luck with that!
|
|
|
|
|
Yes... it will be a hard work... as a payback I promisse to publish something here after obtain some success on this enterprise...
Where I begin researching those class, methods, events, etc... in VB.net...
Thanks...
|
|
|
|
|
<Shakes head slowly>I hope you realize that this is a very LARGE undertaking for very little benefit</Shakes head slowly> You're not going to get a much more secure SQL Server connection without taking a large performance hit in the process. Good luck...
|
|
|
|
|
I understand and respect your point...
But again... you give me nothing... Please give me something (on VB.net) to begin my try...
Thank you!
|
|
|
|
|
Actually, he gave you something very valuable. It is just that you are so intent on your current target that you fail to see that best way to win over all is to aim at a different set of targets.
|
|
|
|
|
What! Besides all the criticism I don't see any code of yours anwsering my demand, or any tip of yours for that. Sorry.
|
|
|
|
|
E.Nando wrote: I don't see any code of yours anwsering my demand
I don't respond to demands. Demanding something when you are not in a position to do so is very rude.
My boss may demand something of me because he has the power and authority to do that. On the other hand, I'm giving up my free time to suggest that you may want to look at an alternative way of doing something and you get pissed off with me because it does not fit the route you want to take.
If someone says that they want to go from Glasgow to London I will suggest taking the M74, M6 then M1. If they insist on going by Inverness, Aberdeen, Newcastle, Birmingham, and Bristol en route for no good reason then I'm really at a loss as to give them an easy route. I can suggest the M8, M80, M9, A9, A96, A90, M90, A1, M1, M62, M60, M56, M6, M5, M32, and M4 but that is a heck of a long explanation when the reality is that they don't actually need to go via all these places, they just want to get to Lonodn.
As far, as I can, see attempting to make a mountain out of a mole hill. In my experience there is no good reason to do this.
|
|
|
|
|
Again, you are missing the point! My Gosh!
AS I NEVER MENTIONED DEMAND AS YOU INTERPRETED...
Don't make me laught!
But again... thanks to give me nothing!
And... Enough! While you are playing "smart guy" I got my "demands" discussed and responsed... professionally... without emotional crisis...
|
|
|
|
|