{3S} SQL Smart Security


{3S} SQL Smart Security is an add-in which can be installed in Microsoft SQL Server Management Studio (SSMS) 2005, 2008, 2008 R2, 2012 and their respective Express versions. The add-in is displayed as a standard SSMS tool window, so can be docked, auto-hidden or floated as required. It enables software companies to create a secured content for database objects (note: currently, in version 1.3 (from January 16, 2013) can be secured only the content of stored procedures, but in the future, there are considered user defined functions, triggers and views as well). It brings much higher level of protection in comparison with SQL Server built in WITH ENCRYPTION feature for software companies that want to protect their heavily acquired know-how by creation of application logic on the database server side on a daily basis. See a short story of the {3S} SQL Smart Security on the video bellow.

Note: There is no audio in this video as the video is very simple and one can understand it quite easily.


Main Idea

In most cases, software companies deliver to their customers their heavily acquired know-how in the form of a database application logic as well.
This know-how in the form of a database objects content written in the T-SQL language is either fully open to read (ideal for industrial espionage), or they are satisfied with an integrated security level provided by a mass-spread database server such as Microsoft SQL Server.
There are plenty of tutorials, that can be found on the internet by a potential attacker, dealing with how to break the built-in security with the T-SQL keyword "WITH ENCRYPTION".
In such cases, less widespread, highly specialised, and even more so unexplored software products, such as {3S} SQL Smart Security, become highly topical.


Is {3S} SQL Smart Security For You?

  • Do you want to protect (to encrypt not only to obfuscate) your T-SQL know-how?
  • Are you familiar with work in IDE SQL Server Management Studio (SSMS)?
  • Are you unable to use encryption at the level of a whole database (TDE) or at the level of a file system (FSE)?