SlideShare une entreprise Scribd logo

SQL Server Security: Best New Features

LearnNowOnline
LearnNowOnline

The document discusses security enhancements in SQL Server 2012. It describes how security was rebuilt from the ground up in SQL Server 2005 and how SQL Server 2012 builds on this foundation. Some of the new security features explored include default schemas for groups and users, user-defined server roles, contained database authentication, and encryption and auditing enhancements. Contained database authentication allows creating SQL users within a database that authenticate directly against that database, without an associated server login. This tightly scopes the security boundary to that individual database.

Technologie
1  sur  125
SQL Server: Security Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security in SQL Server 2012 Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security in SQL Server 2012 • Rebuilt security from the ground up in SQL Server 2005 Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security in SQL Server 2012 • Rebuilt security from the ground up in SQL Server 2005 • New version builds on that new foundation Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security in SQL Server 2012 • Rebuilt security from the ground up in SQL Server 2005 • New version builds on that new foundation • Will explore some of the best new security features Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security in SQL Server 2012 • Rebuilt security from the ground up in SQL Server 2005 • New version builds on that new foundation • Will explore some of the best new security features • Are they enough to make an upgrade mandatory? Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
What’s New in Security? Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
What’s New in Security? • Not a lot, but it’s good Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
What’s New in Security? • Not a lot, but it’s good • Security Management Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication • Contained databases Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication • Contained databases • Data Protection Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication • Contained databases • Data Protection • Encryption enhancements Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication • Contained databases • Data Protection • Encryption enhancements • Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication • Contained databases • Data Protection • Encryption enhancements • Auditing • Lots of goodies for DBAs Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • Default schema for groups Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • Default schema for groups • Fixes a big hole Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • Default schema for groups • Fixes a big hole • Avoids creating implicit schemas Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • Default schema for groups • Fixes a big hole • Avoids creating implicit schemas • Less chance of wrong schema in queries Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • Default schema for groups • Fixes a big hole • Avoids creating implicit schemas • Less chance of wrong schema in queries • Default schema for users solved a problem Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • Default schema for groups • Fixes a big hole • Avoids creating implicit schemas • Less chance of wrong schema in queries • Default schema for users solved a problem • But caused others Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • Default schema for groups • Fixes a big hole • Avoids creating implicit schemas • Less chance of wrong schema in queries • Default schema for users solved a problem • But caused others • Allowing them for groups solves it Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • User-defined server roles Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • User-defined server roles • Server-level principal Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • User-defined server roles • Server-level principal • Grant server-level permissions Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions • Permissions needed Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions • Permissions needed • CREATE SERVER ROLE permission Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions • Permissions needed • CREATE SERVER ROLE permission • IMPERSONATE on the server principal for logins Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions • Permissions needed • CREATE SERVER ROLE permission • IMPERSONATE on the server principal for logins • ALTER for server roles used as the server principal Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions • Permissions needed • CREATE SERVER ROLE permission • IMPERSONATE on the server principal for logins • ALTER for server roles used as the server principal • Others if you assign server role ownership Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Authentication • Contained databases Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Authentication • Contained databases • Can create a SQL user with a password Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Authentication • Contained databases • Can create a SQL user with a password • Windows user in database Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Authentication • Contained databases • Can create a SQL user with a password • Windows user in database • Not associated with a login Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Authentication • Contained databases • Can create a SQL user with a password • Windows user in database • Not associated with a login • Authenticate against contained database Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Authentication • Contained databases • Can create a SQL user with a password • Windows user in database • Not associated with a login • Authenticate against contained database • Get a token for that database only Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Authentication • Contained databases • Can create a SQL user with a password • Windows user in database • Not associated with a login • Authenticate against contained database • Get a token for that database only • Security boundary is tightly scoped Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Authentication • Contained databases • Can create a SQL user with a password • Windows user in database • Not associated with a login • Authenticate against contained database • Get a token for that database only • Security boundary is tightly scoped • If authentication fails at database, doesn’t fall back to duplicate login, if any Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Request Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Request Initial catalog specified? Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Request Initial catalog specified? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Request Initial Yes Initial catalog catalog specified? contained? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Request Initial Yes Initial catalog catalog specified? contained? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Request Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Request user in database ? SQL Server Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Request user in database ? SQL Server No Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Yes Request user in Password database match? ? SQL Server No Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- catalog catalog ication Authentication specified? contained? type? failure No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Windows Matching login or group? Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Windows Matching login or group? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Windows Matching Matching Yes principal login or in group? database ? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal login or in group? database ? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal Yes login or in group? database ? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- Yes catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal Yes login or in group? database ? No Server-level Database authentication authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial catalog Yes Initial catalog Yes Authent- ication * Authentication No Permis- sion in Yes specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal Yes login or in group? database ? No Server-level Database authentication authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Issues Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Issues • Security issues you have to be careful about Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Issues • Security issues you have to be careful about • Accessing other databases using the guest account Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Issues • Security issues you have to be careful about • Accessing other databases using the guest account • Duplicate logins Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Issues • Security issues you have to be careful about • Accessing other databases using the guest account • Duplicate logins • Increased access when containment status changes Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Contained Database Issues • Security issues you have to be careful about • Accessing other databases using the guest account • Duplicate logins • Increased access when containment status changes • Attaching a contained database Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Data Protection Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Data Protection • Cryptography Enhancements Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits • Passwords hashed with SHA512 Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits • Passwords hashed with SHA512 • RC4 is deprecated, supported only when compatibility set to 90 or 100. Don’t use it! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits • Passwords hashed with SHA512 • RC4 is deprecated, supported only when compatibility set to 90 or 100. Don’t use it! • Maximum certificate key length increased to 4,096 from 3,456 Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits • Passwords hashed with SHA512 • RC4 is deprecated, supported only when compatibility set to 90 or 100. Don’t use it! • Maximum certificate key length increased to 4,096 from 3,456 • Service and database master keys now use AES instead of Triple-DES (for backups too) Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits • Passwords hashed with SHA512 • RC4 is deprecated, supported only when compatibility set to 90 or 100. Don’t use it! • Maximum certificate key length increased to 4,096 from 3,456 • Service and database master keys now use AES instead of Triple-DES (for backups too) • FROM BINARY option on CREATE CERTIFICATE Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Basic server auditing supported in all SQL Server editions! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions • No longer need to rely on SQLTrace Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions • No longer need to rely on SQLTrace • Multiple audits and targets Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions • No longer need to rely on SQLTrace • Multiple audits and targets • Better performance Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions • No longer need to rely on SQLTrace • Multiple audits and targets • Better performance • Persist state Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions • No longer need to rely on SQLTrace • Multiple audits and targets • Better performance • Persist state • Audit resilience Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Resilient to failure Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Resilient to failure • Can recover from failure to write to the log Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Resilient to failure • Can recover from failure to write to the log • From most file or network errors Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Resilient to failure • Can recover from failure to write to the log • From most file or network errors • Wee bit better than shutdown on failure! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Resilient to failure • Can recover from failure to write to the log • From most file or network errors • Wee bit better than shutdown on failure! • FAIL_OPERATION option for the ON_FAILURE event in CREATE SERVER AUDIT Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Resilient to failure • Can recover from failure to write to the log • From most file or network errors • Wee bit better than shutdown on failure! • FAIL_OPERATION option for the ON_FAILURE event in CREATE SERVER AUDIT • If problem with audit initiation at startup, server instance won’t start Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Cap files without rollover Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Cap files without rollover • Formerly could have either: Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files • Rollover after predefined number of files Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files • Rollover after predefined number of files • Now can cap without rolling over Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files • Rollover after predefined number of files • Now can cap without rolling over • Control amount of information without losing audit records Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files • Rollover after predefined number of files • Now can cap without rolling over • Control amount of information without losing audit records • MAX_FILES option on CREATE SERVER AUDIT Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files • Rollover after predefined number of files • Now can cap without rolling over • Control amount of information without losing audit records • MAX_FILES option on CREATE SERVER AUDIT • Blocks and rolls back operations until clear Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • User-defined audit events Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • User-defined audit events • Write what you want to the audit log Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • User-defined audit events • Write what you want to the audit log • sp_audit_write Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • User-defined audit events • Write what you want to the audit log • sp_audit_write • @user_defined_event_id Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • User-defined audit events • Write what you want to the audit log • sp_audit_write • @user_defined_event_id • @succeeded Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • User-defined audit events • Write what you want to the audit log • sp_audit_write • @user_defined_event_id • @succeeded • @user_defined_info (custom string) Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Filter audit events Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Filter audit events • Built on extended events Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Filter audit events • Built on extended events • Pretty fine control over what gets written Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • Filter audit events • Built on extended events • Pretty fine control over what gets written • Use the WHERE clause on the CREATE SERVER AUDIT statement Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • T-SQL stack frame information Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • T-SQL stack frame information • Determine if query from stored procedure or directly from application Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Auditing • T-SQL stack frame information • Determine if query from stored procedure or directly from application • See the nested frame for the query Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Learn More! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Learn More! • This is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Learn More! • This is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Learn More! • This is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! • Learn more about SQL Server on SlideShare: Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Learn More! • This is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! • Learn more about SQL Server on SlideShare:  SQL 2012: Development & Programming Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company

Recommandé

SQL Server 2012 Security Task
SQL Server 2012 Security TaskSQL Server 2012 Security Task
SQL Server 2012 Security TaskYaakub Idris
 
Sql server security in an insecure world
Sql server security in an insecure worldSql server security in an insecure world
Sql server security in an insecure worldGianluca Sartori
 
Introduction to SQL Server Security
Introduction to SQL Server SecurityIntroduction to SQL Server Security
Introduction to SQL Server SecurityJason Strate
 
SQL Server Security
SQL Server SecuritySQL Server Security
SQL Server Securitysunitkanyan
 
SQL Server Security and Intrusion Prevention
SQL Server Security and Intrusion PreventionSQL Server Security and Intrusion Prevention
SQL Server Security and Intrusion PreventionGabriel Villa
 
SQL Server 2008 Security Overview
SQL Server 2008 Security OverviewSQL Server 2008 Security Overview
SQL Server 2008 Security Overviewukdpe
 
How to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET WebsiteHow to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET WebsiteDNN
 
Security in practice with Java EE 6 and GlassFish
Security in practice with Java EE 6 and GlassFishSecurity in practice with Java EE 6 and GlassFish
Security in practice with Java EE 6 and GlassFishMarkus Eisele
 

Recommandé

SQL Server 2012 Security Task
SQL Server 2012 Security TaskSQL Server 2012 Security Task
SQL Server 2012 Security TaskYaakub Idris
 
Sql server security in an insecure world
Sql server security in an insecure worldSql server security in an insecure world
Sql server security in an insecure worldGianluca Sartori
 
Introduction to SQL Server Security
Introduction to SQL Server SecurityIntroduction to SQL Server Security
Introduction to SQL Server SecurityJason Strate
 
SQL Server Security
SQL Server SecuritySQL Server Security
SQL Server Securitysunitkanyan
 
SQL Server Security and Intrusion Prevention
SQL Server Security and Intrusion PreventionSQL Server Security and Intrusion Prevention
SQL Server Security and Intrusion PreventionGabriel Villa
 
SQL Server 2008 Security Overview
SQL Server 2008 Security OverviewSQL Server 2008 Security Overview
SQL Server 2008 Security Overviewukdpe
 
How to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET WebsiteHow to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET WebsiteDNN
 
Security in practice with Java EE 6 and GlassFish
Security in practice with Java EE 6 and GlassFishSecurity in practice with Java EE 6 and GlassFish
Security in practice with Java EE 6 and GlassFishMarkus Eisele
 
How to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET WebsiteHow to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET WebsiteDNN
 
How to avoid top 10 security risks in Java EE applications and how to avoid them
How to avoid top 10 security risks in Java EE applications and how to avoid themHow to avoid top 10 security risks in Java EE applications and how to avoid them
How to avoid top 10 security risks in Java EE applications and how to avoid themMasoud Kalali
 
Class Project: Security in Microsoft Azure
Class Project: Security in Microsoft AzureClass Project: Security in Microsoft Azure
Class Project: Security in Microsoft Azuresaitoserge
 
ITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
ITPROCEED_WorkplaceMobility_Windows 10 in the enterpriseITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
ITPROCEED_WorkplaceMobility_Windows 10 in the enterpriseITProceed
 
BizTalk Server 2013 in Windows Azure IaaS
BizTalk Server 2013 in Windows Azure IaaSBizTalk Server 2013 in Windows Azure IaaS
BizTalk Server 2013 in Windows Azure IaaSBizTalk360
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionalityvivekbhat
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security FundamentalsLorenzo Barbieri
 
Securing Your .NET Application
Securing Your .NET ApplicationSecuring Your .NET Application
Securing Your .NET ApplicationIron Speed
 
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...Kenny Buntinx
 
IIS for Developers
IIS for DevelopersIIS for Developers
IIS for DevelopersIdo Flatow
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration TestingCheah Eng Soon
 
05 security automationwithansible
05 security automationwithansible05 security automationwithansible
05 security automationwithansibleKhairul Zebua
 
Asec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedAsec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedDinis Cruz
 
Integrating security into the application development process
Integrating security into the application development processIntegrating security into the application development process
Integrating security into the application development processJerod Brennen
 
Pricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldPricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldMichele Leroux Bustamante
 
Web hackingtools cf-summit2014
Web hackingtools cf-summit2014Web hackingtools cf-summit2014
Web hackingtools cf-summit2014ColdFusionConference
 
Programming with Azure Active Directory
Programming with Azure Active DirectoryProgramming with Azure Active Directory
Programming with Azure Active DirectoryJoonas Westlin
 
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...Kenny Buntinx
 
Managing your secrets in a cloud environment
Managing your secrets in a cloud environmentManaging your secrets in a cloud environment
Managing your secrets in a cloud environmentTaswar Bhatti
 
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftCss sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftAlert Logic
 
What's new in Silverlight 5
What's new in Silverlight 5What's new in Silverlight 5
What's new in Silverlight 5LearnNowOnline
 
SQL: Permissions and Data Protection
SQL: Permissions and Data ProtectionSQL: Permissions and Data Protection
SQL: Permissions and Data ProtectionLearnNowOnline
 

Contenu connexe

Tendances

How to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET WebsiteHow to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET WebsiteDNN
 
How to avoid top 10 security risks in Java EE applications and how to avoid them
How to avoid top 10 security risks in Java EE applications and how to avoid themHow to avoid top 10 security risks in Java EE applications and how to avoid them
How to avoid top 10 security risks in Java EE applications and how to avoid themMasoud Kalali
 
Class Project: Security in Microsoft Azure
Class Project: Security in Microsoft AzureClass Project: Security in Microsoft Azure
Class Project: Security in Microsoft Azuresaitoserge
 
ITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
ITPROCEED_WorkplaceMobility_Windows 10 in the enterpriseITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
ITPROCEED_WorkplaceMobility_Windows 10 in the enterpriseITProceed
 
BizTalk Server 2013 in Windows Azure IaaS
BizTalk Server 2013 in Windows Azure IaaSBizTalk Server 2013 in Windows Azure IaaS
BizTalk Server 2013 in Windows Azure IaaSBizTalk360
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionalityvivekbhat
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security FundamentalsLorenzo Barbieri
 
Securing Your .NET Application
Securing Your .NET ApplicationSecuring Your .NET Application
Securing Your .NET ApplicationIron Speed
 
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...Kenny Buntinx
 
IIS for Developers
IIS for DevelopersIIS for Developers
IIS for DevelopersIdo Flatow
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration TestingCheah Eng Soon
 
05 security automationwithansible
05 security automationwithansible05 security automationwithansible
05 security automationwithansibleKhairul Zebua
 
Asec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedAsec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedDinis Cruz
 
Integrating security into the application development process
Integrating security into the application development processIntegrating security into the application development process
Integrating security into the application development processJerod Brennen
 
Pricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldPricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldMichele Leroux Bustamante
 
Programming with Azure Active Directory
Programming with Azure Active DirectoryProgramming with Azure Active Directory
Programming with Azure Active DirectoryJoonas Westlin
 
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...Kenny Buntinx
 
Managing your secrets in a cloud environment
Managing your secrets in a cloud environmentManaging your secrets in a cloud environment
Managing your secrets in a cloud environmentTaswar Bhatti
 
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftCss sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftAlert Logic
 

Tendances (20)

How to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET WebsiteHow to Do a Performance Audit of Your .NET Website
How to Do a Performance Audit of Your .NET Website
 
How to avoid top 10 security risks in Java EE applications and how to avoid them
How to avoid top 10 security risks in Java EE applications and how to avoid themHow to avoid top 10 security risks in Java EE applications and how to avoid them
How to avoid top 10 security risks in Java EE applications and how to avoid them
 
Class Project: Security in Microsoft Azure
Class Project: Security in Microsoft AzureClass Project: Security in Microsoft Azure
Class Project: Security in Microsoft Azure
 
ITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
ITPROCEED_WorkplaceMobility_Windows 10 in the enterpriseITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
ITPROCEED_WorkplaceMobility_Windows 10 in the enterprise
 
BizTalk Server 2013 in Windows Azure IaaS
BizTalk Server 2013 in Windows Azure IaaSBizTalk Server 2013 in Windows Azure IaaS
BizTalk Server 2013 in Windows Azure IaaS
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionality
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
 
Securing Your .NET Application
Securing Your .NET ApplicationSecuring Your .NET Application
Securing Your .NET Application
 
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
ECMDay2015 - Kenny Buntinx - Tim De Keukelaere - Armoring your mobile workfor...
 
IIS for Developers
IIS for DevelopersIIS for Developers
IIS for Developers
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration Testing
 
05 security automationwithansible
05 security automationwithansible05 security automationwithansible
05 security automationwithansible
 
Asec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwnedAsec r01-resting-on-your-laurels-will-get-you-pwned
Asec r01-resting-on-your-laurels-will-get-you-pwned
 
Integrating security into the application development process
Integrating security into the application development processIntegrating security into the application development process
Integrating security into the application development process
 
Pricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric WorldPricing and Revenue Projection in a Cloud-Centric World
Pricing and Revenue Projection in a Cloud-Centric World
 
Web hackingtools cf-summit2014
Web hackingtools cf-summit2014Web hackingtools cf-summit2014
Web hackingtools cf-summit2014
 
Programming with Azure Active Directory
Programming with Azure Active DirectoryProgramming with Azure Active Directory
Programming with Azure Active Directory
 
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
SCUGBE_Lowlands_Unite_2017_Achieving productivity without an on premises infr...
 
Managing your secrets in a cloud environment
Managing your secrets in a cloud environmentManaging your secrets in a cloud environment
Managing your secrets in a cloud environment
 
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftCss sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
 

Similaire à SQL Server Security: Best New Features

What's new in Silverlight 5
What's new in Silverlight 5What's new in Silverlight 5
What's new in Silverlight 5LearnNowOnline
 
SQL: Permissions and Data Protection
SQL: Permissions and Data ProtectionSQL: Permissions and Data Protection
SQL: Permissions and Data ProtectionLearnNowOnline
 
Using The .NET Framework
Using The .NET FrameworkUsing The .NET Framework
Using The .NET FrameworkLearnNowOnline
 
Working with Controllers and Actions in MVC
Working with Controllers and Actions in MVCWorking with Controllers and Actions in MVC
Working with Controllers and Actions in MVCLearnNowOnline
 
Object oriented techniques
Object oriented techniquesObject oriented techniques
Object oriented techniquesLearnNowOnline
 
Introducing Deployit 3.8
Introducing Deployit 3.8 Introducing Deployit 3.8
Introducing Deployit 3.8 XebiaLabs
 
KnockOutJS with ASP.NET MVC
KnockOutJS with ASP.NET MVCKnockOutJS with ASP.NET MVC
KnockOutJS with ASP.NET MVCLearnNowOnline
 
.NET Variables and Data Types
.NET Variables and Data Types.NET Variables and Data Types
.NET Variables and Data TypesLearnNowOnline
 
.Net branching and flow control
.Net branching and flow control.Net branching and flow control
.Net branching and flow controlLearnNowOnline
 
Managing site collections
Managing site collectionsManaging site collections
Managing site collectionsLearnNowOnline
 
Asynchronous Programming
Asynchronous ProgrammingAsynchronous Programming
Asynchronous ProgrammingLearnNowOnline
 
Barracuda, AWS & Securosis: Application Security for the Cloud
Barracuda, AWS & Securosis: Application Security for the CloudBarracuda, AWS & Securosis: Application Security for the Cloud
Barracuda, AWS & Securosis: Application Security for the CloudAmazon Web Services
 
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014Kelly Grizzle
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 

Similaire à SQL Server Security: Best New Features (20)

What's new in Silverlight 5
What's new in Silverlight 5What's new in Silverlight 5
What's new in Silverlight 5
 
SQL: Permissions and Data Protection
SQL: Permissions and Data ProtectionSQL: Permissions and Data Protection
SQL: Permissions and Data Protection
 
Using The .NET Framework
Using The .NET FrameworkUsing The .NET Framework
Using The .NET Framework
 
A tour of SQL Server
A tour of SQL ServerA tour of SQL Server
A tour of SQL Server
 
Working with Controllers and Actions in MVC
Working with Controllers and Actions in MVCWorking with Controllers and Actions in MVC
Working with Controllers and Actions in MVC
 
Object oriented techniques
Object oriented techniquesObject oriented techniques
Object oriented techniques
 
Introducing Deployit 3.8
Introducing Deployit 3.8 Introducing Deployit 3.8
Introducing Deployit 3.8
 
WPF Binding
WPF BindingWPF Binding
WPF Binding
 
KnockOutJS with ASP.NET MVC
KnockOutJS with ASP.NET MVCKnockOutJS with ASP.NET MVC
KnockOutJS with ASP.NET MVC
 
Web API HTTP Pipeline
Web API HTTP PipelineWeb API HTTP Pipeline
Web API HTTP Pipeline
 
.NET Variables and Data Types
.NET Variables and Data Types.NET Variables and Data Types
.NET Variables and Data Types
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWS
 
.Net branching and flow control
.Net branching and flow control.Net branching and flow control
.Net branching and flow control
 
Web API Basics
Web API BasicsWeb API Basics
Web API Basics
 
Managing site collections
Managing site collectionsManaging site collections
Managing site collections
 
Asynchronous Programming
Asynchronous ProgrammingAsynchronous Programming
Asynchronous Programming
 
Barracuda, AWS & Securosis: Application Security for the Cloud
Barracuda, AWS & Securosis: Application Security for the CloudBarracuda, AWS & Securosis: Application Security for the Cloud
Barracuda, AWS & Securosis: Application Security for the Cloud
 
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
SCIM: Why It’s More Important, and More Simple, Than You Think - CIS 2014
 
The Entity Data Model
The Entity Data ModelThe Entity Data Model
The Entity Data Model
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 

Plus de LearnNowOnline

Windows 8: Shapes and Geometries
Windows 8: Shapes and GeometriesWindows 8: Shapes and Geometries
Windows 8: Shapes and GeometriesLearnNowOnline
 
New in the Visual Studio 2012 IDE
New in the Visual Studio 2012 IDENew in the Visual Studio 2012 IDE
New in the Visual Studio 2012 IDELearnNowOnline
 
Attributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programmingAttributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programmingLearnNowOnline
 
WPF: Working with Data
WPF: Working with DataWPF: Working with Data
WPF: Working with DataLearnNowOnline
 
Object-Oriented JavaScript
Object-Oriented JavaScriptObject-Oriented JavaScript
Object-Oriented JavaScriptLearnNowOnline
 
SharePoint Document Management
SharePoint Document ManagementSharePoint Document Management
SharePoint Document ManagementLearnNowOnline
 
SharePoint: Introduction to InfoPath
SharePoint: Introduction to InfoPathSharePoint: Introduction to InfoPath
SharePoint: Introduction to InfoPathLearnNowOnline
 
Sql 2012 development and programming
Sql 2012 development and programmingSql 2012 development and programming
Sql 2012 development and programmingLearnNowOnline
 
Expression Blend Motion & Interaction Design
Expression Blend Motion & Interaction DesignExpression Blend Motion & Interaction Design
Expression Blend Motion & Interaction DesignLearnNowOnline
 
Introducing the Entity Framework
Introducing the Entity FrameworkIntroducing the Entity Framework
Introducing the Entity FrameworkLearnNowOnline
 
Introduction to ASP.NET MVC
Introduction to ASP.NET MVCIntroduction to ASP.NET MVC
Introduction to ASP.NET MVCLearnNowOnline
 
Creating a User Interface
Creating a User InterfaceCreating a User Interface
Creating a User InterfaceLearnNowOnline
 
Building Windows 8 Metro Style Applications Using JavaScript and HTML5
Building Windows 8 Metro Style Applications Using JavaScript and HTML5Building Windows 8 Metro Style Applications Using JavaScript and HTML5
Building Windows 8 Metro Style Applications Using JavaScript and HTML5LearnNowOnline
 

Plus de LearnNowOnline (15)

Windows 8: Shapes and Geometries
Windows 8: Shapes and GeometriesWindows 8: Shapes and Geometries
Windows 8: Shapes and Geometries
 
New in the Visual Studio 2012 IDE
New in the Visual Studio 2012 IDENew in the Visual Studio 2012 IDE
New in the Visual Studio 2012 IDE
 
Attributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programmingAttributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programming
 
WPF: Working with Data
WPF: Working with DataWPF: Working with Data
WPF: Working with Data
 
Introducing LINQ
Introducing LINQIntroducing LINQ
Introducing LINQ
 
Generics
GenericsGenerics
Generics
 
Object-Oriented JavaScript
Object-Oriented JavaScriptObject-Oriented JavaScript
Object-Oriented JavaScript
 
SharePoint Document Management
SharePoint Document ManagementSharePoint Document Management
SharePoint Document Management
 
SharePoint: Introduction to InfoPath
SharePoint: Introduction to InfoPathSharePoint: Introduction to InfoPath
SharePoint: Introduction to InfoPath
 
Sql 2012 development and programming
Sql 2012 development and programmingSql 2012 development and programming
Sql 2012 development and programming
 
Expression Blend Motion & Interaction Design
Expression Blend Motion & Interaction DesignExpression Blend Motion & Interaction Design
Expression Blend Motion & Interaction Design
 
Introducing the Entity Framework
Introducing the Entity FrameworkIntroducing the Entity Framework
Introducing the Entity Framework
 
Introduction to ASP.NET MVC
Introduction to ASP.NET MVCIntroduction to ASP.NET MVC
Introduction to ASP.NET MVC
 
Creating a User Interface
Creating a User InterfaceCreating a User Interface
Creating a User Interface
 
Building Windows 8 Metro Style Applications Using JavaScript and HTML5
Building Windows 8 Metro Style Applications Using JavaScript and HTML5Building Windows 8 Metro Style Applications Using JavaScript and HTML5
Building Windows 8 Metro Style Applications Using JavaScript and HTML5
 

Dernier

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 

Dernier (20)

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 

SQL Server Security: Best New Features

  • 1. SQL Server: Security Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 2. Security in SQL Server 2012 Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 3. Security in SQL Server 2012 • Rebuilt security from the ground up in SQL Server 2005 Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 4. Security in SQL Server 2012 • Rebuilt security from the ground up in SQL Server 2005 • New version builds on that new foundation Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 5. Security in SQL Server 2012 • Rebuilt security from the ground up in SQL Server 2005 • New version builds on that new foundation • Will explore some of the best new security features Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 6. Security in SQL Server 2012 • Rebuilt security from the ground up in SQL Server 2005 • New version builds on that new foundation • Will explore some of the best new security features • Are they enough to make an upgrade mandatory? Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 7. What’s New in Security? Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 8. What’s New in Security? • Not a lot, but it’s good Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 9. What’s New in Security? • Not a lot, but it’s good • Security Management Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 10. What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 11. What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 12. What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 13. What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication • Contained databases Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 14. What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication • Contained databases • Data Protection Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 15. What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication • Contained databases • Data Protection • Encryption enhancements Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 16. What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication • Contained databases • Data Protection • Encryption enhancements • Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 17. What’s New in Security? • Not a lot, but it’s good • Security Management • Default schema for groups • User-defined server roles • Authentication • Contained databases • Data Protection • Encryption enhancements • Auditing • Lots of goodies for DBAs Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 18. Security Management Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 19. Security Management • Default schema for groups Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 20. Security Management • Default schema for groups • Fixes a big hole Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 21. Security Management • Default schema for groups • Fixes a big hole • Avoids creating implicit schemas Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 22. Security Management • Default schema for groups • Fixes a big hole • Avoids creating implicit schemas • Less chance of wrong schema in queries Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 23. Security Management • Default schema for groups • Fixes a big hole • Avoids creating implicit schemas • Less chance of wrong schema in queries • Default schema for users solved a problem Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 24. Security Management • Default schema for groups • Fixes a big hole • Avoids creating implicit schemas • Less chance of wrong schema in queries • Default schema for users solved a problem • But caused others Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 25. Security Management • Default schema for groups • Fixes a big hole • Avoids creating implicit schemas • Less chance of wrong schema in queries • Default schema for users solved a problem • But caused others • Allowing them for groups solves it Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 26. Security Management Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 27. Security Management • User-defined server roles Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 28. Security Management • User-defined server roles • Server-level principal Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 29. Security Management • User-defined server roles • Server-level principal • Grant server-level permissions Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 30. Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 31. Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 32. Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 33. Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions • Permissions needed Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 34. Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions • Permissions needed • CREATE SERVER ROLE permission Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 35. Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions • Permissions needed • CREATE SERVER ROLE permission • IMPERSONATE on the server principal for logins Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 36. Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions • Permissions needed • CREATE SERVER ROLE permission • IMPERSONATE on the server principal for logins • ALTER for server roles used as the server principal Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 37. Security Management • User-defined server roles • Server-level principal • Grant server-level permissions • Mix of GRANT and DENY permissions • T-SQL: CREATE/ALTER/DROP SERVER ROLE • Can only assign server-level permissions • Permissions needed • CREATE SERVER ROLE permission • IMPERSONATE on the server principal for logins • ALTER for server roles used as the server principal • Others if you assign server role ownership Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 38. Authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 39. Authentication • Contained databases Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 40. Authentication • Contained databases • Can create a SQL user with a password Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 41. Authentication • Contained databases • Can create a SQL user with a password • Windows user in database Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 42. Authentication • Contained databases • Can create a SQL user with a password • Windows user in database • Not associated with a login Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 43. Authentication • Contained databases • Can create a SQL user with a password • Windows user in database • Not associated with a login • Authenticate against contained database Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 44. Authentication • Contained databases • Can create a SQL user with a password • Windows user in database • Not associated with a login • Authenticate against contained database • Get a token for that database only Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 45. Authentication • Contained databases • Can create a SQL user with a password • Windows user in database • Not associated with a login • Authenticate against contained database • Get a token for that database only • Security boundary is tightly scoped Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 46. Authentication • Contained databases • Can create a SQL user with a password • Windows user in database • Not associated with a login • Authenticate against contained database • Get a token for that database only • Security boundary is tightly scoped • If authentication fails at database, doesn’t fall back to duplicate login, if any Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 47. Contained Database Authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 48. Contained Database Authentication Connection Request Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 49. Contained Database Authentication Connection Request Initial catalog specified? Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 50. Contained Database Authentication Connection Request Initial catalog specified? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 51. Contained Database Authentication Connection Request Initial Yes Initial catalog catalog specified? contained? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 52. Contained Database Authentication Connection Request Initial Yes Initial catalog catalog specified? contained? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 53. Contained Database Authentication Connection Request Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 54. Contained Database Authentication Connection Matching Request user in database ? SQL Server Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 55. Contained Database Authentication Connection Matching Request user in database ? SQL Server No Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 56. Contained Database Authentication Connection Matching Yes Request user in Password database match? ? SQL Server No Initial Yes Initial Yes Authent- catalog catalog ication specified? contained? type? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 57. Contained Database Authentication Connection Matching Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- catalog catalog ication Authentication specified? contained? type? failure No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 58. Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 59. Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 60. Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Windows Matching login or group? Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 61. Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Windows Matching login or group? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 62. Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No Windows Matching Matching Yes principal login or in group? database ? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 63. Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal login or in group? database ? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 64. Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal Yes login or in group? database ? No Server-level authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 65. Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial Yes Initial Yes Authent- No Permis- Yes catalog catalog ication Authentication sion in specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal Yes login or in group? database ? No Server-level Database authentication authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 66. Contained Database Authentication Connection Matching Yes Yes Request user in Password database match? ? SQL Server No No Initial catalog Yes Initial catalog Yes Authent- ication * Authentication No Permis- sion in Yes specified? contained? type? failure database ? No No No Windows Matching Matching Yes principal Yes login or in group? database ? No Server-level Database authentication authentication Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 67. Contained Database Issues Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 68. Contained Database Issues • Security issues you have to be careful about Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 69. Contained Database Issues • Security issues you have to be careful about • Accessing other databases using the guest account Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 70. Contained Database Issues • Security issues you have to be careful about • Accessing other databases using the guest account • Duplicate logins Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 71. Contained Database Issues • Security issues you have to be careful about • Accessing other databases using the guest account • Duplicate logins • Increased access when containment status changes Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 72. Contained Database Issues • Security issues you have to be careful about • Accessing other databases using the guest account • Duplicate logins • Increased access when containment status changes • Attaching a contained database Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 73. Data Protection Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 74. Data Protection • Cryptography Enhancements Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 75. Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 76. Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits • Passwords hashed with SHA512 Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 77. Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits • Passwords hashed with SHA512 • RC4 is deprecated, supported only when compatibility set to 90 or 100. Don’t use it! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 78. Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits • Passwords hashed with SHA512 • RC4 is deprecated, supported only when compatibility set to 90 or 100. Don’t use it! • Maximum certificate key length increased to 4,096 from 3,456 Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 79. Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits • Passwords hashed with SHA512 • RC4 is deprecated, supported only when compatibility set to 90 or 100. Don’t use it! • Maximum certificate key length increased to 4,096 from 3,456 • Service and database master keys now use AES instead of Triple-DES (for backups too) Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 80. Data Protection • Cryptography Enhancements • HASHBYTES supports SHA2 256 and 512 bits • Passwords hashed with SHA512 • RC4 is deprecated, supported only when compatibility set to 90 or 100. Don’t use it! • Maximum certificate key length increased to 4,096 from 3,456 • Service and database master keys now use AES instead of Triple-DES (for backups too) • FROM BINARY option on CREATE CERTIFICATE Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 81. Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 82. Auditing • Basic server auditing supported in all SQL Server editions! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 83. Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 84. Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions • No longer need to rely on SQLTrace Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 85. Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions • No longer need to rely on SQLTrace • Multiple audits and targets Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 86. Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions • No longer need to rely on SQLTrace • Multiple audits and targets • Better performance Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 87. Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions • No longer need to rely on SQLTrace • Multiple audits and targets • Better performance • Persist state Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 88. Auditing • Basic server auditing supported in all SQL Server editions! • Database auditing only in Enterprise, Datacenter, Developer, and Evaluation editions • No longer need to rely on SQLTrace • Multiple audits and targets • Better performance • Persist state • Audit resilience Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 89. Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 90. Auditing • Resilient to failure Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 91. Auditing • Resilient to failure • Can recover from failure to write to the log Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 92. Auditing • Resilient to failure • Can recover from failure to write to the log • From most file or network errors Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 93. Auditing • Resilient to failure • Can recover from failure to write to the log • From most file or network errors • Wee bit better than shutdown on failure! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 94. Auditing • Resilient to failure • Can recover from failure to write to the log • From most file or network errors • Wee bit better than shutdown on failure! • FAIL_OPERATION option for the ON_FAILURE event in CREATE SERVER AUDIT Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 95. Auditing • Resilient to failure • Can recover from failure to write to the log • From most file or network errors • Wee bit better than shutdown on failure! • FAIL_OPERATION option for the ON_FAILURE event in CREATE SERVER AUDIT • If problem with audit initiation at startup, server instance won’t start Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 96. Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 97. Auditing • Cap files without rollover Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 98. Auditing • Cap files without rollover • Formerly could have either: Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 99. Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 100. Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files • Rollover after predefined number of files Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 101. Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files • Rollover after predefined number of files • Now can cap without rolling over Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 102. Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files • Rollover after predefined number of files • Now can cap without rolling over • Control amount of information without losing audit records Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 103. Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files • Rollover after predefined number of files • Now can cap without rolling over • Control amount of information without losing audit records • MAX_FILES option on CREATE SERVER AUDIT Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 104. Auditing • Cap files without rollover • Formerly could have either: • Indeterminate number of log files • Rollover after predefined number of files • Now can cap without rolling over • Control amount of information without losing audit records • MAX_FILES option on CREATE SERVER AUDIT • Blocks and rolls back operations until clear Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 105. Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 106. Auditing • User-defined audit events Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 107. Auditing • User-defined audit events • Write what you want to the audit log Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 108. Auditing • User-defined audit events • Write what you want to the audit log • sp_audit_write Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 109. Auditing • User-defined audit events • Write what you want to the audit log • sp_audit_write • @user_defined_event_id Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 110. Auditing • User-defined audit events • Write what you want to the audit log • sp_audit_write • @user_defined_event_id • @succeeded Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 111. Auditing • User-defined audit events • Write what you want to the audit log • sp_audit_write • @user_defined_event_id • @succeeded • @user_defined_info (custom string) Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 112. Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 113. Auditing • Filter audit events Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 114. Auditing • Filter audit events • Built on extended events Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 115. Auditing • Filter audit events • Built on extended events • Pretty fine control over what gets written Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 116. Auditing • Filter audit events • Built on extended events • Pretty fine control over what gets written • Use the WHERE clause on the CREATE SERVER AUDIT statement Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 117. Auditing Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 118. Auditing • T-SQL stack frame information Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 119. Auditing • T-SQL stack frame information • Determine if query from stored procedure or directly from application Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 120. Auditing • T-SQL stack frame information • Determine if query from stored procedure or directly from application • See the nested frame for the query Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 121. Learn More! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 122. Learn More! • This is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 123. Learn More! • This is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 124. Learn More! • This is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! • Learn more about SQL Server on SlideShare: Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 125. Learn More! • This is an excerpt from a larger course. Visit www.learnnowonline.com for the full details! • Learn more about SQL Server on SlideShare:  SQL 2012: Development & Programming Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company

Notes de l'éditeur

  1. \n
  2. \n
  3. \n
  4. \n
  5. \n
  6. \n
  7. \n
  8. \n
  9. \n
  10. \n
  11. \n
  12. \n
  13. \n
  14. \n
  15. \n
  16. \n
  17. \n
  18. \n
  19. \n
  20. \n
  21. \n
  22. \n
  23. \n
  24. \n
  25. \n
  26. \n
  27. \n
  28. \n
  29. \n
  30. \n
  31. \n
  32. \n
  33. \n
  34. \n
  35. \n
  36. \n
  37. \n
  38. \n
  39. \n
  40. \n
  41. \n
  42. \n
  43. \n
  44. \n
  45. \n
  46. \n
  47. \n
  48. \n
  49. \n
  50. \n
  51. \n
  52. \n
  53. \n
  54. \n
  55. \n
  56. \n
  57. \n
  58. \n
  59. \n
  60. \n
  61. \n
  62. \n
  63. \n
  64. \n
  65. \n
  66. \n
  67. \n
  68. \n
  69. \n
  70. \n
  71. \n
  72. \n
  73. \n
  74. \n
  75. \n
  76. \n
  77. \n
  78. \n
  79. \n
  80. \n
  81. \n
  82. \n
  83. \n
  84. \n
  85. \n
  86. \n
  87. \n
  88. \n
  89. \n
  90. \n
  91. \n
  92. \n
  93. \n
  94. \n
  95. \n
  96. \n
  97. \n
  98. \n
  99. \n
  100. \n
  101. \n
  102. \n
  103. \n
  104. \n
  105. \n
  106. \n
  107. \n
  108. \n
  109. \n
  110. \n
  111. \n
  112. \n
  113. \n
  114. \n
  115. \n
  116. \n
  117. \n
  118. \n
  119. \n
  120. \n
  121. \n
  122. \n
  123. \n
  124. \n
  125. \n
  126. \n
  127. \n
  128. \n
  129. \n
  130. \n
  131. \n
  132. \n
  133. \n
  134. \n
  135. \n
  136. \n
  137. \n
  138. \n
  139. \n
  140. DEMO: rest of section\n
  141. DEMO: rest of section\n
  142. DEMO: rest of section\n
  143. DEMO: rest of section\n