We have been exploring how to use encryption to protect the sensitive data of our web application. We have seen some examples that the DB encryption key can be stored in Windows OS cert store of the application server or 3rd party HSM.
But is there a more secured approach so that it is guaranteed NO ONE EXCEPT END USER of our web application can access those encrypted data? I mean if the encryption key is stored on server-side (be it in Windows cert store or HSM, application server or any other server, or anything), some support staff must have a way to "dig" out the encryption key. Is it possible that only the end user has the encryption key?
The solution can be of any brand of hardware/software, not restricted to Windows only.