SlideShare uma empresa Scribd logo

SQL: Permissions and Data Protection

LearnNowOnline
LearnNowOnline

Understand permissions in SQL Server and how they provide granular control over data and objects and earn how to provide a final layer of defense by encrypting data.

Tecnologia
1 de 17
SQL: Permissions & Data Protection Part 1 http://www.LearnNowOnline.com Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Objectives • Understand permissions in SQL Server and how they provide granular control over data and objects • Learn how to provide a final layer of defense by encrypting data Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Agenda • Permissions • Data Encryption • Security Epilogue Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Permissions • Like a visa for visiting a foreign country • Gives a principal some kind of access to a securable object • Follow the principle of least privilege • Major step in securing a database Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Permission Types • A few common types • IMPERSONATE • CONTROL • INSERT • CREATE • SELECT • ALTER • TAKE OWNERSHIP • ALTER ANY <objecttype> • UPDATE • DELETE • VIEW DEFINITION Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Permission Statements • Three types of statements • GRANT • REVOKE • DENY • Denying permissions is powerful Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Granting Permissions • Easiest way to grant permissions in Management Studio: modify user or role • Can also modify properties of individual objects • Same effect, but tedious Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Roles, Permissions, and Schemas • Fully qualified database object name: server.database.schema.object • Schema • Can assign permissions to schema • Can set a default schema for a user Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Default Schemas • Schema is a container for database objects • Owned by a principal • Benefit: better management of object ownership Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Default Schemas for Users • SQL Server doesn’t automatically create a schema with same name as user • Have to explicitly create it, assign ownership, and add objects • Normally, you should assign a default user Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Default Schemas for Groups • Default schemas for users solved a problem • But created a problematic side effect • Default schemas for groups solves that new problem Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Execution Context • SQL Server follows a procedure to ensure user has permissions to execute code • Exception is when code owner has permissions on underlying objects • Steps 1. Verify caller has EXECUTE permission 2. Check if code owner owns all underlying objects 3. If not, check if user has permissions 4. If have permissions, execute code 5. If doesn’t have permissions, raise error, don’t execute Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Ownership Chaining • Owner of code owns underlying objects • If not: broken ownership chain • Generally easier to write code with unbroken ownership chains • Now can change the security execution context of code Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Changing the Execution Context • Don’t always want caller’s permissions used to validate permissions in broken ownership chain • Can change in any code except inline table-valued function • Options • EXECUTE AS CALLER • EXECUTE AS <user>/<login> • EXECUTE AS SELF • EXECUTE AS OWNER • Must have IMPERSONATE permission Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Metadata Security • Earlier versions of SQL Server made it easy for an attacker to explore structure of database • Just needed any access to database • Metadata is as secure as data is Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
Agenda • Permissions • Data Encryption • Security Epilogue Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
End of Part 1 http://www.LearnNowOnline.com Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company

Recomendados

Word press as your company website
Word press as your company websiteWord press as your company website
Word press as your company websiteKelli Wise
 
Jumpstarting Your Cloud Journey with OSS on Amazon Lightsail
Jumpstarting Your Cloud Journey with OSS on Amazon Lightsail Jumpstarting Your Cloud Journey with OSS on Amazon Lightsail
Jumpstarting Your Cloud Journey with OSS on Amazon LightsailAmazon Web Services
 
Chris OBrien - Pitfalls when developing with the SharePoint Framework (SPFx)
Chris OBrien - Pitfalls when developing with the SharePoint Framework (SPFx)Chris OBrien - Pitfalls when developing with the SharePoint Framework (SPFx)
Chris OBrien - Pitfalls when developing with the SharePoint Framework (SPFx)Chris O'Brien
 
Take a load off! Load testing your Oracle APEX or JDeveloper web applications
Take a load off! Load testing your Oracle APEX or JDeveloper web applicationsTake a load off! Load testing your Oracle APEX or JDeveloper web applications
Take a load off! Load testing your Oracle APEX or JDeveloper web applicationsSage Computing Services
 
Custom Tile Generation in PCF
Custom Tile Generation in PCFCustom Tile Generation in PCF
Custom Tile Generation in PCFDustin Ruehle
 
Securing SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthSecuring SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthKashif Imran
 
Git and Github - a 90 Minute interactive workshop
Git and Github - a 90 Minute interactive workshopGit and Github - a 90 Minute interactive workshop
Git and Github - a 90 Minute interactive workshopBram Luyten
 
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developersChris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developersChris O'Brien
 

Recomendados

Word press as your company website
Word press as your company websiteWord press as your company website
Word press as your company websiteKelli Wise
 
Jumpstarting Your Cloud Journey with OSS on Amazon Lightsail
Jumpstarting Your Cloud Journey with OSS on Amazon Lightsail Jumpstarting Your Cloud Journey with OSS on Amazon Lightsail
Jumpstarting Your Cloud Journey with OSS on Amazon LightsailAmazon Web Services
 
Chris OBrien - Pitfalls when developing with the SharePoint Framework (SPFx)
Chris OBrien - Pitfalls when developing with the SharePoint Framework (SPFx)Chris OBrien - Pitfalls when developing with the SharePoint Framework (SPFx)
Chris OBrien - Pitfalls when developing with the SharePoint Framework (SPFx)Chris O'Brien
 
Take a load off! Load testing your Oracle APEX or JDeveloper web applications
Take a load off! Load testing your Oracle APEX or JDeveloper web applicationsTake a load off! Load testing your Oracle APEX or JDeveloper web applications
Take a load off! Load testing your Oracle APEX or JDeveloper web applicationsSage Computing Services
 
Custom Tile Generation in PCF
Custom Tile Generation in PCFCustom Tile Generation in PCF
Custom Tile Generation in PCFDustin Ruehle
 
Securing SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthSecuring SharePoint Apps with OAuth
Securing SharePoint Apps with OAuthKashif Imran
 
Git and Github - a 90 Minute interactive workshop
Git and Github - a 90 Minute interactive workshopGit and Github - a 90 Minute interactive workshop
Git and Github - a 90 Minute interactive workshopBram Luyten
 
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developersChris O'Brien - Best bits of Azure for Office 365/SharePoint developers
Chris O'Brien - Best bits of Azure for Office 365/SharePoint developersChris O'Brien
 
Создание API, которое полюбят разработчики. Глубокое погружение
Создание API, которое полюбят разработчики. Глубокое погружениеСоздание API, которое полюбят разработчики. Глубокое погружение
Создание API, которое полюбят разработчики. Глубокое погружениеSQALab
 
Microservices Architecture for AEM
Microservices Architecture for AEMMicroservices Architecture for AEM
Microservices Architecture for AEMMaciej Majchrzak
 
Beyond Domino Designer
Beyond Domino DesignerBeyond Domino Designer
Beyond Domino DesignerPaul Withers
 
Chris O'Brien - Modern SharePoint development: techniques for moving code off...
Chris O'Brien - Modern SharePoint development: techniques for moving code off...Chris O'Brien - Modern SharePoint development: techniques for moving code off...
Chris O'Brien - Modern SharePoint development: techniques for moving code off...Chris O'Brien
 
Designing your API Server for mobile apps
Designing your API Server for mobile appsDesigning your API Server for mobile apps
Designing your API Server for mobile appsMugunth Kumar
 
Chris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 apps
Chris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 appsChris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 apps
Chris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 appsChris O'Brien
 
Automated Testing for Websites With Selenium IDE
Automated Testing for Websites With Selenium IDEAutomated Testing for Websites With Selenium IDE
Automated Testing for Websites With Selenium IDERobert Greiner
 
Windows Azure Essentials V3
Windows Azure Essentials V3Windows Azure Essentials V3
Windows Azure Essentials V3Michele Leroux Bustamante
 
AEM Asset and Tag API
AEM Asset and Tag APIAEM Asset and Tag API
AEM Asset and Tag APILokesh BS
 
Vaadin filtering table example
Vaadin filtering table exampleVaadin filtering table example
Vaadin filtering table exampleleonardsiu
 
Active Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBMActive Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBMVan Staub, MBA
 
Selenium WebDriver - Test automation for web applications
Selenium WebDriver - Test automation for web applicationsSelenium WebDriver - Test automation for web applications
Selenium WebDriver - Test automation for web applicationsTSundberg
 
SharePoint PowerShell for the Admin and Developer - A Venn Diagram Experience
SharePoint PowerShell for the Admin and Developer - A Venn Diagram ExperienceSharePoint PowerShell for the Admin and Developer - A Venn Diagram Experience
SharePoint PowerShell for the Admin and Developer - A Venn Diagram ExperienceRicardo Wilkins
 
Cross-Platform Desktop Apps with Electron (Condensed Version)
Cross-Platform Desktop Apps with Electron (Condensed Version)Cross-Platform Desktop Apps with Electron (Condensed Version)
Cross-Platform Desktop Apps with Electron (Condensed Version)David Neal
 
Chris OBrien - Weaving Enterprise Solutions into Office Products
Chris OBrien - Weaving Enterprise Solutions into Office ProductsChris OBrien - Weaving Enterprise Solutions into Office Products
Chris OBrien - Weaving Enterprise Solutions into Office ProductsChris O'Brien
 
ECS 2018: Introduction to Azure Web Applications
ECS 2018: Introduction to Azure Web ApplicationsECS 2018: Introduction to Azure Web Applications
ECS 2018: Introduction to Azure Web ApplicationsEric Shupps
 
Automated testing APEX Applications
Automated testing APEX ApplicationsAutomated testing APEX Applications
Automated testing APEX ApplicationsRoel Hartman
 
O365Con18 - Automate your Tasks through Azure Functions - Elio Struyf
O365Con18 - Automate your Tasks through Azure Functions - Elio StruyfO365Con18 - Automate your Tasks through Azure Functions - Elio Struyf
O365Con18 - Automate your Tasks through Azure Functions - Elio StruyfNCCOMMS
 
Aws User Group Singapore Presentation Oct-21-2020
Aws User Group Singapore Presentation Oct-21-2020Aws User Group Singapore Presentation Oct-21-2020
Aws User Group Singapore Presentation Oct-21-2020Varun Manik
 
Drupal Bootcamp Mcn2008
Drupal Bootcamp Mcn2008Drupal Bootcamp Mcn2008
Drupal Bootcamp Mcn2008Robert J. Stein
 
WPF Binding
WPF BindingWPF Binding
WPF BindingLearnNowOnline
 
WPF: Working with Data
WPF: Working with DataWPF: Working with Data
WPF: Working with DataLearnNowOnline
 

Mais conteúdo relacionado

Mais procurados

Создание API, которое полюбят разработчики. Глубокое погружение
Создание API, которое полюбят разработчики. Глубокое погружениеСоздание API, которое полюбят разработчики. Глубокое погружение
Создание API, которое полюбят разработчики. Глубокое погружениеSQALab
 
Microservices Architecture for AEM
Microservices Architecture for AEMMicroservices Architecture for AEM
Microservices Architecture for AEMMaciej Majchrzak
 
Beyond Domino Designer
Beyond Domino DesignerBeyond Domino Designer
Beyond Domino DesignerPaul Withers
 
Chris O'Brien - Modern SharePoint development: techniques for moving code off...
Chris O'Brien - Modern SharePoint development: techniques for moving code off...Chris O'Brien - Modern SharePoint development: techniques for moving code off...
Chris O'Brien - Modern SharePoint development: techniques for moving code off...Chris O'Brien
 
Designing your API Server for mobile apps
Designing your API Server for mobile appsDesigning your API Server for mobile apps
Designing your API Server for mobile appsMugunth Kumar
 
Chris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 apps
Chris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 appsChris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 apps
Chris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 appsChris O'Brien
 
Automated Testing for Websites With Selenium IDE
Automated Testing for Websites With Selenium IDEAutomated Testing for Websites With Selenium IDE
Automated Testing for Websites With Selenium IDERobert Greiner
 
AEM Asset and Tag API
AEM Asset and Tag APIAEM Asset and Tag API
AEM Asset and Tag APILokesh BS
 
Vaadin filtering table example
Vaadin filtering table exampleVaadin filtering table example
Vaadin filtering table exampleleonardsiu
 
Active Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBMActive Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBMVan Staub, MBA
 
Selenium WebDriver - Test automation for web applications
Selenium WebDriver - Test automation for web applicationsSelenium WebDriver - Test automation for web applications
Selenium WebDriver - Test automation for web applicationsTSundberg
 
SharePoint PowerShell for the Admin and Developer - A Venn Diagram Experience
SharePoint PowerShell for the Admin and Developer - A Venn Diagram ExperienceSharePoint PowerShell for the Admin and Developer - A Venn Diagram Experience
SharePoint PowerShell for the Admin and Developer - A Venn Diagram ExperienceRicardo Wilkins
 
Cross-Platform Desktop Apps with Electron (Condensed Version)
Cross-Platform Desktop Apps with Electron (Condensed Version)Cross-Platform Desktop Apps with Electron (Condensed Version)
Cross-Platform Desktop Apps with Electron (Condensed Version)David Neal
 
Chris OBrien - Weaving Enterprise Solutions into Office Products
Chris OBrien - Weaving Enterprise Solutions into Office ProductsChris OBrien - Weaving Enterprise Solutions into Office Products
Chris OBrien - Weaving Enterprise Solutions into Office ProductsChris O'Brien
 
ECS 2018: Introduction to Azure Web Applications
ECS 2018: Introduction to Azure Web ApplicationsECS 2018: Introduction to Azure Web Applications
ECS 2018: Introduction to Azure Web ApplicationsEric Shupps
 
Automated testing APEX Applications
Automated testing APEX ApplicationsAutomated testing APEX Applications
Automated testing APEX ApplicationsRoel Hartman
 
O365Con18 - Automate your Tasks through Azure Functions - Elio Struyf
O365Con18 - Automate your Tasks through Azure Functions - Elio StruyfO365Con18 - Automate your Tasks through Azure Functions - Elio Struyf
O365Con18 - Automate your Tasks through Azure Functions - Elio StruyfNCCOMMS
 
Aws User Group Singapore Presentation Oct-21-2020
Aws User Group Singapore Presentation Oct-21-2020Aws User Group Singapore Presentation Oct-21-2020
Aws User Group Singapore Presentation Oct-21-2020Varun Manik
 

Mais procurados (20)

Создание API, которое полюбят разработчики. Глубокое погружение
Создание API, которое полюбят разработчики. Глубокое погружениеСоздание API, которое полюбят разработчики. Глубокое погружение
Создание API, которое полюбят разработчики. Глубокое погружение
 
Microservices Architecture for AEM
Microservices Architecture for AEMMicroservices Architecture for AEM
Microservices Architecture for AEM
 
Beyond Domino Designer
Beyond Domino DesignerBeyond Domino Designer
Beyond Domino Designer
 
Chris O'Brien - Modern SharePoint development: techniques for moving code off...
Chris O'Brien - Modern SharePoint development: techniques for moving code off...Chris O'Brien - Modern SharePoint development: techniques for moving code off...
Chris O'Brien - Modern SharePoint development: techniques for moving code off...
 
Designing your API Server for mobile apps
Designing your API Server for mobile appsDesigning your API Server for mobile apps
Designing your API Server for mobile apps
 
Chris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 apps
Chris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 appsChris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 apps
Chris O'Brien - Comparing SharePoint add-ins (apps) with Office 365 apps
 
Automated Testing for Websites With Selenium IDE
Automated Testing for Websites With Selenium IDEAutomated Testing for Websites With Selenium IDE
Automated Testing for Websites With Selenium IDE
 
Windows Azure Essentials V3
Windows Azure Essentials V3Windows Azure Essentials V3
Windows Azure Essentials V3
 
AEM Asset and Tag API
AEM Asset and Tag APIAEM Asset and Tag API
AEM Asset and Tag API
 
Vaadin filtering table example
Vaadin filtering table exampleVaadin filtering table example
Vaadin filtering table example
 
Active Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBMActive Directory Single Sign-On with IBM
Active Directory Single Sign-On with IBM
 
Selenium WebDriver - Test automation for web applications
Selenium WebDriver - Test automation for web applicationsSelenium WebDriver - Test automation for web applications
Selenium WebDriver - Test automation for web applications
 
SharePoint PowerShell for the Admin and Developer - A Venn Diagram Experience
SharePoint PowerShell for the Admin and Developer - A Venn Diagram ExperienceSharePoint PowerShell for the Admin and Developer - A Venn Diagram Experience
SharePoint PowerShell for the Admin and Developer - A Venn Diagram Experience
 
Cross-Platform Desktop Apps with Electron (Condensed Version)
Cross-Platform Desktop Apps with Electron (Condensed Version)Cross-Platform Desktop Apps with Electron (Condensed Version)
Cross-Platform Desktop Apps with Electron (Condensed Version)
 
Chris OBrien - Weaving Enterprise Solutions into Office Products
Chris OBrien - Weaving Enterprise Solutions into Office ProductsChris OBrien - Weaving Enterprise Solutions into Office Products
Chris OBrien - Weaving Enterprise Solutions into Office Products
 
ECS 2018: Introduction to Azure Web Applications
ECS 2018: Introduction to Azure Web ApplicationsECS 2018: Introduction to Azure Web Applications
ECS 2018: Introduction to Azure Web Applications
 
Automated testing APEX Applications
Automated testing APEX ApplicationsAutomated testing APEX Applications
Automated testing APEX Applications
 
O365Con18 - Automate your Tasks through Azure Functions - Elio Struyf
O365Con18 - Automate your Tasks through Azure Functions - Elio StruyfO365Con18 - Automate your Tasks through Azure Functions - Elio Struyf
O365Con18 - Automate your Tasks through Azure Functions - Elio Struyf
 
Aws User Group Singapore Presentation Oct-21-2020
Aws User Group Singapore Presentation Oct-21-2020Aws User Group Singapore Presentation Oct-21-2020
Aws User Group Singapore Presentation Oct-21-2020
 
Drupal Bootcamp Mcn2008
Drupal Bootcamp Mcn2008Drupal Bootcamp Mcn2008
Drupal Bootcamp Mcn2008
 

Destaque

WPF: Working with Data
WPF: Working with DataWPF: Working with Data
WPF: Working with DataLearnNowOnline
 
Asynchronous Programming
Asynchronous ProgrammingAsynchronous Programming
Asynchronous ProgrammingLearnNowOnline
 
New in the Visual Studio 2012 IDE
New in the Visual Studio 2012 IDENew in the Visual Studio 2012 IDE
New in the Visual Studio 2012 IDELearnNowOnline
 
Windows 8: Shapes and Geometries
Windows 8: Shapes and GeometriesWindows 8: Shapes and Geometries
Windows 8: Shapes and GeometriesLearnNowOnline
 
Attributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programmingAttributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programmingLearnNowOnline
 
Lesson 5 security
Lesson 5 securityLesson 5 security
Lesson 5 securityRam Kedem
 
SQL Tutorial - Basic Commands
SQL Tutorial - Basic CommandsSQL Tutorial - Basic Commands
SQL Tutorial - Basic Commands1keydata
 

Destaque (8)

WPF Binding
WPF BindingWPF Binding
WPF Binding
 
WPF: Working with Data
WPF: Working with DataWPF: Working with Data
WPF: Working with Data
 
Asynchronous Programming
Asynchronous ProgrammingAsynchronous Programming
Asynchronous Programming
 
New in the Visual Studio 2012 IDE
New in the Visual Studio 2012 IDENew in the Visual Studio 2012 IDE
New in the Visual Studio 2012 IDE
 
Windows 8: Shapes and Geometries
Windows 8: Shapes and GeometriesWindows 8: Shapes and Geometries
Windows 8: Shapes and Geometries
 
Attributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programmingAttributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programming
 
Lesson 5 security
Lesson 5 securityLesson 5 security
Lesson 5 security
 
SQL Tutorial - Basic Commands
SQL Tutorial - Basic CommandsSQL Tutorial - Basic Commands
SQL Tutorial - Basic Commands
 

Semelhante a SQL: Permissions and Data Protection

Introduction to cypress in Angular (Chinese)
Introduction to cypress in Angular (Chinese)Introduction to cypress in Angular (Chinese)
Introduction to cypress in Angular (Chinese)Hong Tat Yew
 
Sharing and security in Salesforce
Sharing and security in SalesforceSharing and security in Salesforce
Sharing and security in SalesforceSaurabh Kulkarni
 
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONSMarkus Eisele
 
IAM Introduction and Best Practices
IAM Introduction and Best PracticesIAM Introduction and Best Practices
IAM Introduction and Best PracticesAmazon Web Services
 
What's new in Silverlight 5
What's new in Silverlight 5What's new in Silverlight 5
What's new in Silverlight 5LearnNowOnline
 
Five Enterprise Development Best Practices That EVERY Salesforce Org Can Use
Five Enterprise Development Best Practices That EVERY Salesforce Org Can UseFive Enterprise Development Best Practices That EVERY Salesforce Org Can Use
Five Enterprise Development Best Practices That EVERY Salesforce Org Can UseSalesforce Developers
 
8 cloud design patterns you ought to know - Update Conference 2018
8 cloud design patterns you ought to know - Update Conference 20188 cloud design patterns you ought to know - Update Conference 2018
8 cloud design patterns you ought to know - Update Conference 2018Taswar Bhatti
 
DevSum - Top Azure security fails and how to avoid them
DevSum - Top Azure security fails and how to avoid themDevSum - Top Azure security fails and how to avoid them
DevSum - Top Azure security fails and how to avoid themKarl Ots
 
Object-Oriented JavaScript
Object-Oriented JavaScriptObject-Oriented JavaScript
Object-Oriented JavaScriptLearnNowOnline
 
Five Enterprise Best Practices That EVERY Salesforce Org Can Use (DF15 Session)
Five Enterprise Best Practices That EVERY Salesforce Org Can Use (DF15 Session)Five Enterprise Best Practices That EVERY Salesforce Org Can Use (DF15 Session)
Five Enterprise Best Practices That EVERY Salesforce Org Can Use (DF15 Session)Vivek Chawla
 
Introduction to IAM + Best Practices
Introduction to IAM + Best PracticesIntroduction to IAM + Best Practices
Introduction to IAM + Best PracticesAmazon Web Services
 
Oracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOsama Mustafa
 
Cloud Platforms for Java
Cloud Platforms for JavaCloud Platforms for Java
Cloud Platforms for Java3Pillar Global
 

Semelhante a SQL: Permissions and Data Protection (20)

SQL Server: Security
SQL Server: SecuritySQL Server: Security
SQL Server: Security
 
Introduction to cypress in Angular (Chinese)
Introduction to cypress in Angular (Chinese)Introduction to cypress in Angular (Chinese)
Introduction to cypress in Angular (Chinese)
 
Sharing and security in Salesforce
Sharing and security in SalesforceSharing and security in Salesforce
Sharing and security in Salesforce
 
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS
THEFT-PROOF JAVA EE - SECURING YOUR JAVA EE APPLICATIONS
 
apex security demo.ppsx
apex security demo.ppsxapex security demo.ppsx
apex security demo.ppsx
 
Cache Security- The Basics
Cache Security- The BasicsCache Security- The Basics
Cache Security- The Basics
 
IAM Introduction and Best Practices
IAM Introduction and Best PracticesIAM Introduction and Best Practices
IAM Introduction and Best Practices
 
What's new in Silverlight 5
What's new in Silverlight 5What's new in Silverlight 5
What's new in Silverlight 5
 
Oracle Database
Oracle DatabaseOracle Database
Oracle Database
 
Five Enterprise Development Best Practices That EVERY Salesforce Org Can Use
Five Enterprise Development Best Practices That EVERY Salesforce Org Can UseFive Enterprise Development Best Practices That EVERY Salesforce Org Can Use
Five Enterprise Development Best Practices That EVERY Salesforce Org Can Use
 
8 cloud design patterns you ought to know - Update Conference 2018
8 cloud design patterns you ought to know - Update Conference 20188 cloud design patterns you ought to know - Update Conference 2018
8 cloud design patterns you ought to know - Update Conference 2018
 
DevSum - Top Azure security fails and how to avoid them
DevSum - Top Azure security fails and how to avoid themDevSum - Top Azure security fails and how to avoid them
DevSum - Top Azure security fails and how to avoid them
 
Object-Oriented JavaScript
Object-Oriented JavaScriptObject-Oriented JavaScript
Object-Oriented JavaScript
 
Five Enterprise Best Practices That EVERY Salesforce Org Can Use (DF15 Session)
Five Enterprise Best Practices That EVERY Salesforce Org Can Use (DF15 Session)Five Enterprise Best Practices That EVERY Salesforce Org Can Use (DF15 Session)
Five Enterprise Best Practices That EVERY Salesforce Org Can Use (DF15 Session)
 
IAM Best Practices
IAM Best PracticesIAM Best Practices
IAM Best Practices
 
Power of Azure Devops
Power of Azure DevopsPower of Azure Devops
Power of Azure Devops
 
IAM Best Practices
IAM Best PracticesIAM Best Practices
IAM Best Practices
 
Introduction to IAM + Best Practices
Introduction to IAM + Best PracticesIntroduction to IAM + Best Practices
Introduction to IAM + Best Practices
 
Oracle database threats - LAOUC Webinar
Oracle database threats - LAOUC WebinarOracle database threats - LAOUC Webinar
Oracle database threats - LAOUC Webinar
 
Cloud Platforms for Java
Cloud Platforms for JavaCloud Platforms for Java
Cloud Platforms for Java
 

Mais de LearnNowOnline

Object oriented techniques
Object oriented techniquesObject oriented techniques
Object oriented techniquesLearnNowOnline
 
SharePoint Document Management
SharePoint Document ManagementSharePoint Document Management
SharePoint Document ManagementLearnNowOnline
 
SharePoint: Introduction to InfoPath
SharePoint: Introduction to InfoPathSharePoint: Introduction to InfoPath
SharePoint: Introduction to InfoPathLearnNowOnline
 
Managing site collections
Managing site collectionsManaging site collections
Managing site collectionsLearnNowOnline
 
Sql 2012 development and programming
Sql 2012 development and programmingSql 2012 development and programming
Sql 2012 development and programmingLearnNowOnline
 
KnockOutJS with ASP.NET MVC
KnockOutJS with ASP.NET MVCKnockOutJS with ASP.NET MVC
KnockOutJS with ASP.NET MVCLearnNowOnline
 
Expression Blend Motion & Interaction Design
Expression Blend Motion & Interaction DesignExpression Blend Motion & Interaction Design
Expression Blend Motion & Interaction DesignLearnNowOnline
 
Introducing the Entity Framework
Introducing the Entity FrameworkIntroducing the Entity Framework
Introducing the Entity FrameworkLearnNowOnline
 
Introduction to ASP.NET MVC
Introduction to ASP.NET MVCIntroduction to ASP.NET MVC
Introduction to ASP.NET MVCLearnNowOnline
 
Working with Controllers and Actions in MVC
Working with Controllers and Actions in MVCWorking with Controllers and Actions in MVC
Working with Controllers and Actions in MVCLearnNowOnline
 
Creating a User Interface
Creating a User InterfaceCreating a User Interface
Creating a User InterfaceLearnNowOnline
 
Building Windows 8 Metro Style Applications Using JavaScript and HTML5
Building Windows 8 Metro Style Applications Using JavaScript and HTML5Building Windows 8 Metro Style Applications Using JavaScript and HTML5
Building Windows 8 Metro Style Applications Using JavaScript and HTML5LearnNowOnline
 
.Net branching and flow control
.Net branching and flow control.Net branching and flow control
.Net branching and flow controlLearnNowOnline
 
Using The .NET Framework
Using The .NET FrameworkUsing The .NET Framework
Using The .NET FrameworkLearnNowOnline
 

Mais de LearnNowOnline (20)

A tour of SQL Server
A tour of SQL ServerA tour of SQL Server
A tour of SQL Server
 
Introducing LINQ
Introducing LINQIntroducing LINQ
Introducing LINQ
 
Generics
GenericsGenerics
Generics
 
Object oriented techniques
Object oriented techniquesObject oriented techniques
Object oriented techniques
 
SharePoint Document Management
SharePoint Document ManagementSharePoint Document Management
SharePoint Document Management
 
SharePoint: Introduction to InfoPath
SharePoint: Introduction to InfoPathSharePoint: Introduction to InfoPath
SharePoint: Introduction to InfoPath
 
Managing site collections
Managing site collectionsManaging site collections
Managing site collections
 
Web API HTTP Pipeline
Web API HTTP PipelineWeb API HTTP Pipeline
Web API HTTP Pipeline
 
Web API Basics
Web API BasicsWeb API Basics
Web API Basics
 
Sql 2012 development and programming
Sql 2012 development and programmingSql 2012 development and programming
Sql 2012 development and programming
 
KnockOutJS with ASP.NET MVC
KnockOutJS with ASP.NET MVCKnockOutJS with ASP.NET MVC
KnockOutJS with ASP.NET MVC
 
Expression Blend Motion & Interaction Design
Expression Blend Motion & Interaction DesignExpression Blend Motion & Interaction Design
Expression Blend Motion & Interaction Design
 
The Entity Data Model
The Entity Data ModelThe Entity Data Model
The Entity Data Model
 
Introducing the Entity Framework
Introducing the Entity FrameworkIntroducing the Entity Framework
Introducing the Entity Framework
 
Introduction to ASP.NET MVC
Introduction to ASP.NET MVCIntroduction to ASP.NET MVC
Introduction to ASP.NET MVC
 
Working with Controllers and Actions in MVC
Working with Controllers and Actions in MVCWorking with Controllers and Actions in MVC
Working with Controllers and Actions in MVC
 
Creating a User Interface
Creating a User InterfaceCreating a User Interface
Creating a User Interface
 
Building Windows 8 Metro Style Applications Using JavaScript and HTML5
Building Windows 8 Metro Style Applications Using JavaScript and HTML5Building Windows 8 Metro Style Applications Using JavaScript and HTML5
Building Windows 8 Metro Style Applications Using JavaScript and HTML5
 
.Net branching and flow control
.Net branching and flow control.Net branching and flow control
.Net branching and flow control
 
Using The .NET Framework
Using The .NET FrameworkUsing The .NET Framework
Using The .NET Framework
 

Último

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

SQL: Permissions and Data Protection

  • 1. SQL: Permissions & Data Protection Part 1 http://www.LearnNowOnline.com Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 2. Objectives • Understand permissions in SQL Server and how they provide granular control over data and objects • Learn how to provide a final layer of defense by encrypting data Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 3. Agenda • Permissions • Data Encryption • Security Epilogue Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 4. Permissions • Like a visa for visiting a foreign country • Gives a principal some kind of access to a securable object • Follow the principle of least privilege • Major step in securing a database Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 5. Permission Types • A few common types • IMPERSONATE • CONTROL • INSERT • CREATE • SELECT • ALTER • TAKE OWNERSHIP • ALTER ANY <objecttype> • UPDATE • DELETE • VIEW DEFINITION Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 6. Permission Statements • Three types of statements • GRANT • REVOKE • DENY • Denying permissions is powerful Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 7. Granting Permissions • Easiest way to grant permissions in Management Studio: modify user or role • Can also modify properties of individual objects • Same effect, but tedious Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 8. Roles, Permissions, and Schemas • Fully qualified database object name: server.database.schema.object • Schema • Can assign permissions to schema • Can set a default schema for a user Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 9. Default Schemas • Schema is a container for database objects • Owned by a principal • Benefit: better management of object ownership Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 10. Default Schemas for Users • SQL Server doesn’t automatically create a schema with same name as user • Have to explicitly create it, assign ownership, and add objects • Normally, you should assign a default user Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 11. Default Schemas for Groups • Default schemas for users solved a problem • But created a problematic side effect • Default schemas for groups solves that new problem Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 12. Execution Context • SQL Server follows a procedure to ensure user has permissions to execute code • Exception is when code owner has permissions on underlying objects • Steps 1. Verify caller has EXECUTE permission 2. Check if code owner owns all underlying objects 3. If not, check if user has permissions 4. If have permissions, execute code 5. If doesn’t have permissions, raise error, don’t execute Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 13. Ownership Chaining • Owner of code owns underlying objects • If not: broken ownership chain • Generally easier to write code with unbroken ownership chains • Now can change the security execution context of code Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 14. Changing the Execution Context • Don’t always want caller’s permissions used to validate permissions in broken ownership chain • Can change in any code except inline table-valued function • Options • EXECUTE AS CALLER • EXECUTE AS <user>/<login> • EXECUTE AS SELF • EXECUTE AS OWNER • Must have IMPERSONATE permission Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 15. Metadata Security • Earlier versions of SQL Server made it easy for an attacker to explore structure of database • Just needed any access to database • Metadata is as secure as data is Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 16. Agenda • Permissions • Data Encryption • Security Epilogue Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company
  • 17. End of Part 1 http://www.LearnNowOnline.com Learn More @ http://www.learnnowonline.com Copyright © by Application Developers Training Company

Notas do Editor

  1. DEMO – rest of section
  2. DEMO – rest of section
  3. DEMO – rest of section
  4. DEMO – rest of section
  5. DEMO – Using the EXECUTE AS Clause section
  6. DEMO – rest of section