mshmyob:
If you would have followed Seth's link in post #3 (...
SQL Server 2005 Database encryption step by step ...), you would have discovered that he didn't implement TDE. Instead the article implemented column/field level encryption.
Also, TDE was introduced in SQL Server 2008 and is NOT available in SQL Server 2005 which Seth's link clearly states.
So, you may very well stand by your prior post, and as far as SQLS2008 it may very well be correct; however, in this case even if Seth is using SQLS2008, TDE was not implemented and therefore not available for Seth.
The next thing is that even if Seth is using SQLS2008 with TDE enabled, there is still a need for the cell/column level encryption for sensitive information. For example, say the DBA had a bad day and didn't change the defaults (I know... just work with it ;-) ) Mr. Blackhat comes along (or young Mstr. SkrptKddy) and finds this weak link, authenticates to the server and voila - here's the sensitive information in plain text served on a platter.
As for:
z: Access front end is initially linked to only a read only table wherein the encrypted connections strings were stored requiring a user name and password to decrypt the connection
m: I have never heard that a TDE enabled database needs an encrypted connection string
I think you missed the decrypt. Actually, I'm not sure you followed what was being done... so let me try again:
In the forum I was refering to in my post (#7) the person posting had an issue wherein the connection strings for the queries are available in plain text. Those strings have the password required for the server connection.
In order to provide a higher level of security, the individual contrived a scheme wherein the user's authenticated to a database that contained only the user name and the connection string; however, they encrypted the string so as to prevent the user from seeing the database password.
--- see where this is going ? ---
the connection string is encrypted at the field/cell level using the user name and password. Once the string was/is decrypted it is pushed into the query via code; thus, never available to the end user.