Privacy

Privacy, also called connection security, is the process of preventing unauthorized users from intercepting data being passed between authorized users and the data source object. This process also includes ensuring that no unauthorized users or applications tamper with the data. Normally, this means encrypting data as it is transported across the network but can also include other methods to check the data's integrity.

Because encrypting all data transported consumes significant processing time, the most efficient implementations encrypt only selected parts of the data. If DBPROP_AUTH_INTEGRATED is set to VT_EMPTY and DBPROP_AUTH_ENCRYPT_PASSWORD is set to VARIANT_TRUE, this means encrypting the password used to authenticate a user. And whatever the setting of the DBPROP_AUTH* properties, it might be necessary to encrypt particularly sensitive fields being sent to or from the data store, such as Social Security numbers and credit card numbers.

Regardless of which parts of the data must be kept private, the technique used by the data provider to communicate with the data store is predetermined by the vendor. It is not defined here. There are no interfaces defined in OLE DB at this time to manage encryption of the data between the data store and the data provider.