Submit Search
Upload
SQL Server Security Basics
•
1 like
•
725 views
LearnNowOnline
Follow
Understand potential data threats and how SQL Server’s design protects against them.
Read less
Read more
Technology
Report
Share
Report
Share
1 of 69
Recommended
Basics of telecommunication and networking
Basics of telecommunication and networking
Milan Padariya
Telecommunication
Telecommunication
shahryarshahzad
Telecom ppt
Telecom ppt
Vikas Saini
Basic of telecommunication presentation
Basic of telecommunication presentation
hannah05
telecommunication-ppt
telecommunication-ppt
secomps
Windows 8: Shapes and Geometries
Windows 8: Shapes and Geometries
LearnNowOnline
SQL: Permissions and Data Protection
SQL: Permissions and Data Protection
LearnNowOnline
New in the Visual Studio 2012 IDE
New in the Visual Studio 2012 IDE
LearnNowOnline
Recommended
Basics of telecommunication and networking
Basics of telecommunication and networking
Milan Padariya
Telecommunication
Telecommunication
shahryarshahzad
Telecom ppt
Telecom ppt
Vikas Saini
Basic of telecommunication presentation
Basic of telecommunication presentation
hannah05
telecommunication-ppt
telecommunication-ppt
secomps
Windows 8: Shapes and Geometries
Windows 8: Shapes and Geometries
LearnNowOnline
SQL: Permissions and Data Protection
SQL: Permissions and Data Protection
LearnNowOnline
New in the Visual Studio 2012 IDE
New in the Visual Studio 2012 IDE
LearnNowOnline
Attributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programming
LearnNowOnline
Asynchronous Programming
Asynchronous Programming
LearnNowOnline
WPF: Working with Data
WPF: Working with Data
LearnNowOnline
WPF Binding
WPF Binding
LearnNowOnline
A tour of SQL Server
A tour of SQL Server
LearnNowOnline
Introducing LINQ
Introducing LINQ
LearnNowOnline
Generics
Generics
LearnNowOnline
Object oriented techniques
Object oriented techniques
LearnNowOnline
Object-Oriented JavaScript
Object-Oriented JavaScript
LearnNowOnline
SharePoint Document Management
SharePoint Document Management
LearnNowOnline
SharePoint: Introduction to InfoPath
SharePoint: Introduction to InfoPath
LearnNowOnline
Managing site collections
Managing site collections
LearnNowOnline
Web API HTTP Pipeline
Web API HTTP Pipeline
LearnNowOnline
Web API Basics
Web API Basics
LearnNowOnline
SQL Server: Security
SQL Server: Security
LearnNowOnline
Sql 2012 development and programming
Sql 2012 development and programming
LearnNowOnline
What's new in Silverlight 5
What's new in Silverlight 5
LearnNowOnline
KnockOutJS with ASP.NET MVC
KnockOutJS with ASP.NET MVC
LearnNowOnline
Expression Blend Motion & Interaction Design
Expression Blend Motion & Interaction Design
LearnNowOnline
The Entity Data Model
The Entity Data Model
LearnNowOnline
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
More Related Content
More from LearnNowOnline
Attributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programming
LearnNowOnline
Asynchronous Programming
Asynchronous Programming
LearnNowOnline
WPF: Working with Data
WPF: Working with Data
LearnNowOnline
WPF Binding
WPF Binding
LearnNowOnline
A tour of SQL Server
A tour of SQL Server
LearnNowOnline
Introducing LINQ
Introducing LINQ
LearnNowOnline
Generics
Generics
LearnNowOnline
Object oriented techniques
Object oriented techniques
LearnNowOnline
Object-Oriented JavaScript
Object-Oriented JavaScript
LearnNowOnline
SharePoint Document Management
SharePoint Document Management
LearnNowOnline
SharePoint: Introduction to InfoPath
SharePoint: Introduction to InfoPath
LearnNowOnline
Managing site collections
Managing site collections
LearnNowOnline
Web API HTTP Pipeline
Web API HTTP Pipeline
LearnNowOnline
Web API Basics
Web API Basics
LearnNowOnline
SQL Server: Security
SQL Server: Security
LearnNowOnline
Sql 2012 development and programming
Sql 2012 development and programming
LearnNowOnline
What's new in Silverlight 5
What's new in Silverlight 5
LearnNowOnline
KnockOutJS with ASP.NET MVC
KnockOutJS with ASP.NET MVC
LearnNowOnline
Expression Blend Motion & Interaction Design
Expression Blend Motion & Interaction Design
LearnNowOnline
The Entity Data Model
The Entity Data Model
LearnNowOnline
More from LearnNowOnline
(20)
Attributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programming
Asynchronous Programming
Asynchronous Programming
WPF: Working with Data
WPF: Working with Data
WPF Binding
WPF Binding
A tour of SQL Server
A tour of SQL Server
Introducing LINQ
Introducing LINQ
Generics
Generics
Object oriented techniques
Object oriented techniques
Object-Oriented JavaScript
Object-Oriented JavaScript
SharePoint Document Management
SharePoint Document Management
SharePoint: Introduction to InfoPath
SharePoint: Introduction to InfoPath
Managing site collections
Managing site collections
Web API HTTP Pipeline
Web API HTTP Pipeline
Web API Basics
Web API Basics
SQL Server: Security
SQL Server: Security
Sql 2012 development and programming
Sql 2012 development and programming
What's new in Silverlight 5
What's new in Silverlight 5
KnockOutJS with ASP.NET MVC
KnockOutJS with ASP.NET MVC
Expression Blend Motion & Interaction Design
Expression Blend Motion & Interaction Design
The Entity Data Model
The Entity Data Model
Recently uploaded
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
HampshireHUG
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
Khem
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Katpro Technologies
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Results
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
Recently uploaded
(20)
Slack Application Development 101 Slides
Slack Application Development 101 Slides
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
SQL Server Security Basics
1.
SQL Server Security
Basics Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
2.
Objectives • Understand potential
data threats and how SQL Server’s design protects against them • Learn about SQL Server and Windows integrated authentication • See how SQL Server provides an authorization system to control access to data and objects Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
3.
Agenda • Security Overview •
Authentication • Authorization Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
4.
Security Overview • Relational
data is a tempting target for attackers • SQL Server 2008 provides plenty of features to secure your data and server • Need to understand the threats • Match countermeasures to the threats Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
5.
The Threats • Identifying
threats is a critical first step • Type of data will probably influence security measures • Sometimes the best way to protect data is to never put it in a database • Typical threats • Theft of data • Data vandalism • Protecting data integrity • Illegal storage • Understand threats to protect against them Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
6.
Security Design Philosophy •
Trustworthy Computing memo, 2002 • Four pillars of security design • Secure by design • Secure by default • Secure in deployment • Secure through communications • “It’s just secure” • Implications throughout the product • SQL Server is reasonably secure out of the box • Your job is to keep it secure Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
7.
The Two Stages
of Security • Similar to Windows security • Authentication: who are you? • Authorization: now that we know who you are, what can you do? Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
8.
Key SQL Server
Security Terms Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
9.
Key SQL Server
Security Terms • Authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
10.
Key SQL Server
Security Terms • Authentication • Authorization Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
11.
Key SQL Server
Security Terms • Authentication • Authorization • Group Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
12.
Key SQL Server
Security Terms • Authentication • Authorization • Group • Impersonation Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
13.
Key SQL Server
Security Terms • Authentication • Authorization • Group • Impersonation • Login Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
14.
Key SQL Server
Security Terms • Authentication • Permission • Authorization • Group • Impersonation • Login Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
15.
Key SQL Server
Security Terms • Authentication • Permission • Authorization • Principal • Group • Impersonation • Login Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
16.
Key SQL Server
Security Terms • Authentication • Permission • Authorization • Principal • Group • Privilege • Impersonation • Login Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
17.
Key SQL Server
Security Terms • Authentication • Permission • Authorization • Principal • Group • Privilege • Impersonation • Role • Login Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
18.
Key SQL Server
Security Terms • Authentication • Permission • Authorization • Principal • Group • Privilege • Impersonation • Role • Login • User Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
19.
Agenda • Security Overview •
Authentication • Authorization Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
20.
Authentication • Process of
verifying that a principal is who or what it claims to be • SQL Server has to uniquely identify principals in order to authorize • Two paths to authentication • Windows authentication • SQL Server authentication • Authentication modes • Mixed Mode Authentication • Windows Only Authentication Mode Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
21.
Windows Integrated •
SQL Server assumes a trust relationship with Windows Server • Windows does the heavy lifting for authentication • The SQL Server checks permissions on the principal • Advantages • Single user login • Auditing features • Simplified login management • Password policies • Changes only take effect when user connects Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
22.
Configuring SQL Server Security
Settings • Select either when install or later • Settings apply to all databases and server objects in an instance of SQL Server • Changing modes after installation may or may not cause problems • Windows to Mixed • Mixed to Windows Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
23.
SQL Server Authentication •
Client applications must provide login credentials as part of connection string • Logins stored in SQL Server • Windows authentication stronger • But must use SQL Server authentication with old versions of Windows, non- Windows systems Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
24.
Windows and SQL
Server Logins • SQL Server logins are not stored in Windows • Disabled if you select Windows authentication • Mixed mode is much more flexible • But less secure Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
25.
Beware of the
sa Login • System administrator login • Mapped to sysadmin fixed server role • Conveys full system administrator privileges • Cannot modify or delete • Must use a strong password! • Use only as access of last resort • NEVER use sa for database access through client applications Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
26.
Password Policy and Enforcement •
Before SQL Server 2005, no enforcement of passwords for SQL Server logins • No minimum strength • No expiration policy • SQL Server now hooks into Windows password policy • Windows Server 2003, Vista, and later versions • NetValidatePasswordPolicy API method Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
27.
Contained Databases • Not
a security feature per se • But introduces a new authentication scheme • Solves problem of moving databases • Past: move database plus external dependencies • Contained databases solves associated problems Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
28.
Contained Databases •
Can create a SQL user with a password • Windows user in database • Not associated with a login • Authenticate against contained database • Get a token for that database only • Security boundary is tightly scoped • If authentication fails at database, doesn’t fall back to duplicate login, if Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
29.
Contained Databases Authentication
Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
30.
Contained Databases Authentication Connection
Request Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
31.
Contained Databases Authentication Connection
Request Initial catalog specified? Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
32.
Contained Databases Authentication Connection
Request Initial catalog specified? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
33.
Contained Databases Authentication Connection
Request Initial Yes Initial catalog catalog specified? contained? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
34.
Contained Databases Authentication Connection
Request Initial Yes Initial catalog catalog specified? contained? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
35.
Contained Databases Authentication Connection
Request Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
36.
Contained Databases Authentication Connection
Matching Request user in database ? SQL Server Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
37.
Contained Databases Authentication Connection
Matching Request user in database ? SQL Server No Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
38.
Contained Databases Authentication Connection
Matching Yes Request user in Password database match? ? SQL Server No Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
39.
Contained Databases Authentication Connection
Matching Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- catalog catalog ication Authentication specified? contained? type? failure No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
40.
Contained Databases Authentication Connection
Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
41.
Contained Databases Authentication Connection
Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
42.
Contained Databases Authentication Connection
Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Windows Matching login or group? Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
43.
Contained Databases Authentication Connection
Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Windows Matching login or group? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
44.
Contained Databases Authentication Connection
Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Windows Matching Matching Yes principal login or in group? database ? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
45.
Contained Databases Authentication Connection
Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal login or in group? database ? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
46.
Contained Databases Authentication Connection
Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal Yes login or in group? database ? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
47.
Contained Databases Authentication Connection
Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- Yes catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal Yes login or in group? database ? No Server-level Database authentication authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
48.
Contained Databases Authentication Connection
Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial catalog Yes Initial catalog Yes Authent- ication * Authentication No Permis- sion in Yes specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal Yes login or in group? database ? No Server-level Database authentication authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
49.
Agenda • Security Overview •
Authentication • Authorization Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
50.
Authorization • Principals: user
or process allowed to access securable objects • Securables: protected resource • Permissions: type of access Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
51.
Principals
Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
52.
Principals • Windows-level
principals • Windows Domain Login • Windows Group • Windows Local Login • SQL Server-level principals • SQL Server Login • SQL Server Login mapped to a certificate • SQL Server login mapped to a Windows login • SQL Server Login mapped to an asymmetric key • Database-level principals • Application Role • Database Role • Database User • Database User mapped to a certificate • Database User mapped to a Windows login • Database User mapped to an asymmetric key • Public Role Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
53.
Principals • Scope of
a principal determines scope of permission • Principal can be a login, user, or role • Roles are analogous to Windows groups • Users in role inherit role’s permissions • Simplify security management • Types of roles • Fixed server roles • User-defined server roles • Fixed database roles • User-defined database roles Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
54.
Fixed Server Roles •
Cannot alter, even to add new ones, except to add logins to a role • Server roles • System administrator • Bulk insert administrator • Database creator • Disk administrator • Process administrator • Server administrator • Setup administrator • Security administrator Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
55.
User-Defined Server Roles •
Long awaited security feature • Long have had user-defined database roles • But nothing at the server level • Used to be, only way to grant some permissions was through a fixed server role • SQL Server 2012 solves these problems Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
56.
Fixed Database Roles •
Control authorization within a database • Configure each database individually • Database roles • db_accessadmin • db_backupoperator • db_datareader • db_datawriter • db_ddladmin • db_denydatareader • db_denydatawriter • db_owner • db_securityadmin Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
57.
The Public Role •
Every database user assigned to this role • Be very careful about granting permissions • Normally restrict permissions for this role Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
58.
The dbo (Database
Owner) Role • Mapped to sysadmin fixed server role • Not related to db_owner role Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
59.
User-Defined Database Roles •
Standard role • Application role Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
60.
Securable Objects • Protected
resource that you can control access to • Physical object or action Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
61.
Securable Objects
Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
62.
Securable Objects
Server Database Endpoint Remote Binding Route Server Role SQL Server Login Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
63.
Securable Objects
Server Database Database Endpoint Application Role Remote Binding Assembly Route Asymmetric Key Server Role Certificate SQL Server Database user Login Fixed Database Role Full-Text Catalog Message Type Schema Service Service Contract Symmetric Key Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
64.
Securable Objects
Server Database Database Endpoint Application Role Schema Remote Binding Assembly Default Route Asymmetric Key Function Server Role Certificate Procedure SQL Server Database user Query Stats Login Fixed Database Queue Role Rule Full-Text Synonym Catalog Table Message Type Trigger Schema Type Service View Service Contract XML Schema Symmetric Key Collection Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
65.
Learn More!
Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
66.
Learn More! • This
is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
67.
Learn More! • This
is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
68.
Learn More! • This
is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! • Learn more about about SQL Server on SlideShare Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
69.
Learn More! • This
is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! • Learn more about about SQL Server on SlideShare A Tour of SQL Server Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Editor's Notes
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
DEMO – Adding a Windows Login, Window Logins via Transact-SQL\n
DEMO – rest of section and SQL Server Logins via Transact-SQL\n
\n
\n
DEMO – rest of section\n
\n
DEMO\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
DEMO – rest of section\n
DEMMO – rest of section\n
DEMO – rest of section\n
\n
\n
DEMO – rest of section\n
\n
\n
\n
\n
\n
\n
\n
\n
DEMO: rest of section\n
DEMO: rest of section\n
DEMO: rest of section\n
DEMO: rest of section\n