You are working with SQL Server 2005 and...

You have created a certificate for MyUser with...

Keep Bad Guys at Bay with the Advanced Security Features in SQL Server

In this article I'll explore the most interesting security enhancements in SQL Server 2005 from a developer's viewpoint. I covered admin security features in the Spring 2005 issue of TechNet Magazine. But there are plenty of dev-specific security enhancements I can explore, such as endpoint authentication and support for the security context of managed code that executes on the server.

You are working with SQL Server 2005 and...

In SQL Server 2005, you can create and...

Managing the "Surface Area" of SQL Server 2005

As every developer knows by now, Microsoft has focused renewed attention on security in recent product releases. One of the important concepts in this effort is surface area. Roughly speaking, a piece of software has a smaller surface area if there are fewer ways to attack it: fewer open ports, fewer APIs, fewer protocols, and so on. OSQL Server 2005 takes this concept to the next level by letting you explicitly manage the software's surface area.

In SQL Server 2005, you can enforce various...

SQL Server 2005 Security - Part 4

In this article, we will conclude our coverage of security related changes in SQL Server 2005 Beta 2 (although we will continue discussion of improvements in other functionality areas throughout the reminder of this series). The topics we will focus on here are code and module signing, modifications of SQL Server Agent and SQL Profiler operations, as well as monitoring and auditing changes.

We all know (I hope) that certain formulations...

SQL Server 2000 Security - Part 6 - Ownership and Object Permissions

We have described, so far, authorization based on a predefined fixed server (determining a set of SQL server-wide privileges) and database (applying to database objects and activities) roles. We have also discussed application roles, which makes the level of permissions independent of those assigned to a SQL Server login or a database user account. Now it is time to look into permissions from the point of view of database objects. There are two main factors that play a role in determining how access rights to them are evaluated - their ownership and custom permissions. We will discuss the first one of these topics in this article and will continue with the other one in the next installment of this series.