17

I have a requirement to encrypt a number of database columns (in Sql Server 2012). It has been decided that we should use column level encryption (implemented in sql server). On the application side i will be building a web api on top of some complex domain models. I really want to utilize Entity Framework's code first approach, to maintain a clean domain model). Does anyone have a workable solution here that does not involve resorting back to stored procedures? Ideally I would like to somehow manipulate the sql generated by entity framework to wrap certain fields to do the sql encryption / decryption functions.

Ideally , something like:

modelBuilder.Entity<MyTable>().ToTable("Table1").Property(p => p.SensativeData).encrypt("keyName",authenticatorFunc);
Improve this question
1
  • After some looking around , I am still left with few options for Entity Framework. NHibernate on the other hand does support this through field formulas and User Types, for read and write respectively. Commented Jan 23, 2015 at 5:41

2 Answers 2

Reset to default
11

In SQL Server 2012, column level encryption can be done mainly in two ways ie,

  1. Defining Custom Encryption function in Entity framework. this blog
  2. SQL Cell Level Encryption implementation done in entity framework in dbcontext Class (execute open symmetric key code here) using this blog and using stored procedure (which contain decryption code for specified field in tables ) retrieve result sets.

In SQL server 2016 there is new feature ie, Always encrypted and has its implementation in entity framework here.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks a lot. I am able to solve using first blog, super helpful
3

Crypteron has a free Entity Framework adapter, CipherDb, that can work with any SQL Server. In fact, Crypteron CipherDb works with any Entity Framework compatible database - even MySQL, PostGreSQL and more.

You can annotate the data model with [Secure] or name a property to something like Secure_SocialSecurityNumber (the Secure_ is the key part) and CipherDb automatically performs data encryption, tamper protection, secure key storage, secure key distribution, caching, key roll overs, ACLs and more. You can also use Crypteron to protect streams, files, objects, message queues, noSQL etc.

You can find the sample apps on GitHub at https://github.com/crypteron/crypteron-sample-apps

Disclaimer: I work there and we do have a free community edition which anyone can use.

Improve this answer

2 Comments

Hi, is it possible, to use CipherDB, without account on crypteon site ?
@TPAKTOPA It seems you can use the NuGet package ChipherDB.EF6. However it sadly seems that there's no .Net Standard support.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.