Additional Articles


Technical Article

The Trustworthy Computing Security Development Lifecycle

This paper discusses the Trustworthy Computing Security Development Lifecycle (or SDL), a process that Microsoft has adopted for the development of software that needs to withstand malicious attack. The process encompasses the addition of a series of security-focused activities and deliverables to each of the phases of Microsoft's software development process. These activities and deliverables include the development of threat models during software design, the use of static analysis code-scanning tools during implementation, and the conduct of code reviews and security testing during a focused "security push". Before software subject to the SDL can be released, it must undergo a Final Security Review by a team independent from its development group. When compared to software that has not been subject to the SDL, software that has undergone the SDL has experienced a significantly reduced rate of external discovery of security vulnerabilities. This paper describes the SDL and discusses experience with its implementation across Microsoft software.

2005-03-28

1,230 reads

External Article

All about the 'Case'

When installing SQL Server, regardless of versions and editions, SQL Server database administrators tend to choose the default collation and sort-order, which is SQL_Latin1_General_CP1_CI_AS. Though case insensitiveness makes the life of the database developers and database administrator's easy, there are situations where case sensitivity should be enforced just as password checking is enforced.

In this article, I would like to discuss different methods for achieving case sensitivity in a case insensitive database/server.

2005-03-25

2,616 reads

External Article

SQL Server 2005 Security - Part 4

In this article, we will conclude our coverage of security related changes in SQL Server 2005 Beta 2 (although we will continue discussion of improvements in other functionality areas throughout the reminder of this series). The topics we will focus on here are code and module signing, modifications of SQL Server Agent and SQL Profiler operations, as well as monitoring and auditing changes.

2005-03-23

2,123 reads

Technical Article

Creating a User Defined Aggregate with SQL Server 2005

SQL Server doesn't have a Product aggregate function. A recent blog post by Karen Watterson pointed out that Microsoft Knowledge Base article Q89656: Simulating a PRODUCT() Aggregate Function discusses how to achieve the Product aggregate functionality using the POWER function. We e-mailed about it and she challenged me to create a Product aggregate in SQL Server 2005. I decided to accept the challenge.

2005-03-22

1,489 reads

External Article

SQL Server 2000 Security - Part 6 - Ownership and Object Permissions

We have described, so far, authorization based on a predefined fixed server (determining a set of SQL server-wide privileges) and database (applying to database objects and activities) roles. We have also discussed application roles, which makes the level of permissions independent of those assigned to a SQL Server login or a database user account. Now it is time to look into permissions from the point of view of database objects. There are two main factors that play a role in determining how access rights to them are evaluated - their ownership and custom permissions. We will discuss the first one of these topics in this article and will continue with the other one in the next installment of this series.

2005-03-22

2,349 reads

Technical Article

Exploring 'ON DELETE SET NULL' in SQL Server 2005

At first glance, the 'ON DELETE SET NULL' option in SQL Server 2005 may not seem like a big deal, but once you've seen how it can be used, I think you will be impressed. The basics? If Order.CustomerID has a foreign key to Customer.CustomerID and a customer is deleted, 'ON DELETE SET NULL' causes the CustomerID field in each of that customer's orders to be set to NULL. It allows the "parent" record to be deleted and sets the "child" record's column to NULL. A normal foreign key says Order.CustomerID must match a record in Customer. An 'ON DELETE SET NULL' foreign key says that if Order.CustomerID is not null, then its value must match a record in Customer.

2005-03-18

1,579 reads

External Article

MDX Essentials: Set and String Functions: The GENERATE() Function

In this lesson, we will introduce a function that provides us the ability to derive a set by systematically applying a set expression to each of the members of a set we define. GENERATE() is a potent function in our MDX toolset, in that it enables us to select precisely only certain members of a dimension level. It effectively operates upon two sets to create a new set, based upon the members of a second set that are also in a primary set.

2005-03-17

1,749 reads

Technical Article

Quick! Which specific SQL Server user is logged into which database?

SQL Server's master database stores tables with important and constantly updated information about the state of the SQL server. One of these tables, sysprocesses, can be used to track (in SQL Server itself) which SQL Server users are currently logged in and which database(s) they are accessing.

The quick way to find out if a particular user is accessing a particular table is with a query.

2005-03-17

2,982 reads

Blogs

Creating a GitHub Actions Self-Hosted Runner

By

I had to demo the Flyway Autopilot system recently and created a GitHub Actions...

Migrating from Azure PG Single Server to Flex with Azure VM and pg_dump/restore

By

This is more complicated than using the Azure Migration method, but because it’s maxed...

PowerShell (and T-SQL) and Elastic Jobs

By

I’ve covered how to create Elastic Jobs in the portal (this one is important...

Read the latest Blogs

Forums

Contracting DBA - Permissions for initial analysis

By StephenSQL

Accidental DBA here.  After looking at all the work that needs to be done,...

How to convert run_date and run_time columns to datetime from SQL Agent systable

By Lord Slaagh

Hello SSC, Hope you are all having a great Monday! I am trying to...

SQL Server Reporting Services 2022 Permissions Issue

By benkaz

I'm having a bit of an issue with SSRS permissions. Users (Operations Manager Report...

Visit the forum

Question of the Day

AG Rules for Databases

Which of these is not a requirement for a database to be added to an Availability Group (AG)?

See possible answers