Problem solve Get help with specific problems with your technologies, process and projects.

Concealing metadata in SQL Server 2005

Are you wondering if you can conceal your metadata in SQL Server 2005? In this expert response, SQL Server 2005 expert Adam Machanic explains the limitations of concealing metadata.

I have an application that uses a database. Access to this database should be through the application only. I would like to ensure that no one including the system administrator is able to see the metadata.

I thought of using application roles in SQL Server and encrypting the login info in the app.config file.

The problem with that is that once I install the database on the client's instance of the SQL Server, he gets administrative privileges.

Is there a way around this?

The short answer is that there is nothing you can do. If you're installing applications "behind the firewall," your customers are going to be able to see the metadata. You can encrypt the data itself in various ways using SQL Server 2005's encryption features, but the schema will still be visible.

The real question is why would you want to do this? I have never seen a situation in which a database schema alone—with no data or business logic—would provide any value. The value is in what you do with the data (or what your application does). If you must guard your metadata, I don't think SQL Server is the database management system for you. You should look into implementing an embedded database management system or building your own proprietary data persistence system.

Do you have comments on this Ask the Expert Q&A? Let us know.

Dig Deeper on Microsoft SQL Server 2005

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.