Any idea what kind of obfuscation MS supports for SQL deployments for
the current generation of SQL Server (2008)?

I am interested in developing a database and assorted packages which
would be hosted on a client site, with the data available to the
client and their applications, but the client should not be able to
view the table definitions, stored procedures, or SSIS, SSRS, SSAS
packages.

Is this possible without locking the entire server down?

Mad Scientist Jr (mad.scientist.jr (AT) gmail (DOT) com) writes:
First of all, you need a license agreement that controls what the customer
can do legally.

But if you don't believe in legalese, and want something technical, no
there is not much you can do. You can create stored procedures WITH
ENCRYPTION, but that is only obfustication, and you can easily find
code out there that gives you the clear text.

You can hide table definitions from plain users, but not an administrator.
You could deliver a pre-installed machine with all users etc, and not
reveal the passwords for Administrator. But disk could be moved. You
could put a seal on the machine, which at least would reveal that is
has been tampered with and on.

The only reasonable option is to host the machine outside the client's
premises. On your own, on a hosting service, or for that matter in
Azure.

I should add that I don't know much about SSIS, SSRS and SSAS, but
I see no reason that the same thing applies here.


--
Erland Sommarskog, SQL Server MVP, esquel (AT) sommarskog (DOT) se

Links for SQL Server Books Online:
SQL 2008: http://msdn.microsoft.com/en-us/sqlserver/cc514207.aspx
SQL 2005: http://msdn.microsoft.com/en-us/sqlserver/bb895970.aspx