June 21, 2010 at 7:12 pm
SQL Server offers RLS/CLS - short for Row Level Security / Cell Level Security. As I understand it RLS/CLS offers similar funtionality of what is called Virtual Private Database in other technologies.
Check it here... http://technet.microsoft.com/en-us/library/cc966395.aspx
Hope this helps.
_____________________________________
Pablo (Paul) Berzukov
Author of Understanding Database Administration available at Amazon and other bookstores.
Disclaimer: Advice is provided to the best of my knowledge but no implicit or explicit warranties are provided. Since the advisor explicitly encourages testing any and all suggestions on a test non-production environment advisor should not held liable or responsible for any actions taken based on the given advice.June 21, 2010 at 11:30 pm
Pablo thanks for your response. Yes, it is something similiar to virtual private db I'm looking for, for SQL Server đ
This link I've been searching for and haven't found it, I'm very grateful!
June 23, 2010 at 11:51 am
Last year I wrote a white paper for a project about row-level security. The info in the document is proprietary to one of our products but I do have all the references I used.
One of the reasons you will see so many links to Oracle information is because Oracle has row-level security built in. I learned a great deal about best-practices and typical usage from studying their documentation. I would definitely recommend reading their introductions to row-level security (typically the first chaper of the administrator's guide). There is a great deal of info on how its used in the marketplace.
Anyway, the links are below:
Berkus, Josh. âThinking about Row Level Securityâ (2009):
http://it.toolbox.com/blogs/database-soup/thinking-about-row-level-security-part-1-30732
Davidson, Louis. âPro SQL Server 2008 Relational Database Design and Implementationâ (2008):
Erdogan, Kemal. âA Fairly Capable Authorization Sub-System with Row-Level Security Capabilities (AFCAS)â (2008): http://www.codeproject.com/KB/database/AFCAS.aspx
Finnigan, Pete. âOracle Row Level Securityâ (2003): http://www.securityfocus.com/infocus/1743
Finnigan, Pete. âUsing Oracle VPD in the Real Worldâ (2008): http://www.petefinnigan.com/Oracle_Security_VPD6Slides.pdf
Kondreddi, Narayana Vyas. âImplementing row level security in SQL Server databasesâ (2001): http://vyaskn.tripod.com/row_level_security_in_sql_server_databases.htm
Lambert, Bob. âProtecting Your Data with Row Level Security for SQL Server Databasesâ (2009): http://www.ddj.com/database/215900773;jsessionid=HXW3NHLZHKL4FQE1GHOSKHWATMY32JVN?pgno=1
Lewis, Jonathan. âRow Level Securityâ (2006):
http://www.dbazine.com/oracle/or-articles/jlewis15
Marston, Tony. âA Role-Based Access Control (RBAC) system for PHPâ (2004): http://www.tonymarston.net/php-mysql/role-based-access-control.html
Microsoft Corporation. âBUG: Changes to the Group Membership in Windows Are Not Reflected Immediately in the SQL Server IS_MEMBER Functionâ (2009): http://support.microsoft.com/kb/812774
Oracle Corporation. âOracle Label Security Administratorâs Guide 10g Release 1 (10.1)â (2003): http://download.oracle.com/docs/cd/B19306_01/network.102/b14267.pdf
Oracle Corporation. âOracle Label Security Administratorâs Guide 11g Release 1 (11.1)â (2007): http://download.oracle.com/docs/cd/B28359_01/network.111/b28529.pdf
Oracle Corporation. âOracle Label Security in Government and Defense Environmentsâ (2009):
http://www.oracle.com/database/docs/database-govdef-label-security-whitepaper.pdf
Rask, Art et al. âImplementing Row- and Cell-Level Security in Classified Databases Using SQL Server 2005â (2005):
Viewing 3 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply