SQL Server Security Distilled

Front Cover
Apress, Apr 5, 2004 - Computers - 376 pages

SQL Server is the dominant relational database in the Windows market and data security is a huge and growing concern for all businesses. Securing SQL Server is one of the most important responsibilities of the SQL Server professional.

SQL Server Distilled, Second Edition is a very carefully researched, clearly explained book on securing SQL Server, by an author who knows SQL Server inside and out. If you follow the practical guidelines that are clearly set out in this book, then you stand a very good chance of making sure that the data stored in your database is secure and that the conversation between your applications and the database is secure (preventing SQL injection attacks, etc.). For example, any database administrator who implemented the security precautions detailed in the book would not have been affected by the infamous Slammer virus.

This second edition offers practical advice on how to implement good practices that will ward off future viruses before they are even created, and it contains new content that reflects all updates to SQL Server's security mechanisms.

 

Selected pages

Contents

A Security Roadmap
1
Options for Authorization
9
Summary
15
Authenticating Logins
17
Authentication in SQL Server 6 5
26
Authentication in SQL Server 7 0 and 2000
43
Managing Login Accounts
56
Server Roles
64
Limiting Access to the Server
188
Summary
207
Designing Security for Applications
211
The SQL Injection Attack
220
Designing Secure Applications
236
Summary
255
Securing Data Transformation Services
261
Creating DTS Packages
262

Summary
70
Database Security in SQL Server 6 5
73
Managing Database Permissions
83
Summary
106
Database Security in SQL Server 7 0
107
Managing Database Permissions
117
The Art of Assigning Permissions
130
Database Roles
137
Object Ownership
150
Summary
159
Securing Data on the Network
161
In Medias Res
166
Password Protecting DTS Packages
268
SQL Server Agent Account Permissions
281
Replication Security
285
Securing Snapshot Replication
289
Securing the Data Stream
299
Summary
305
Managing Security for SQL Server CE
307
Managing Security for SQL Server
309
Setting Up Remote Data Access
322
Appendix A References
333
Copyright

Other editions - View all

SQL Server Security Distilled
Morris Lewis
Snippet view - 2004
SQL Server Security Distilled
Morris Lewis
No preview available - 2013

Common terms and phrases

access token account and password account name administrator application role assign permissions attacker brute force attack changes Chapter client column command configuration connection create CustID database roles database server database user db_owner default DENY distributor domain account domain controller DTS packages encryption example execute firewall GRANT OPTION GRANT SELECT hashing Internet IPSec JaneD Kerberos log into SQL login account merge replication Microsoft Named Pipes NetBIOS NTLM object operating system owner PermDemo SETUSER protect protocol query REVOKE SELECT ON PermDemo SELECT permission Server authenticated logins server role Service Pack SQL Server 2000 SQL Server 7.0 SQL Server Agent SQL Server authenticated SQL Server login SS7_NT_SRV stored procedure subscribers SUID syslogins sysprotects sysusers TCP/IP TCP/IP network library transactional replication user account username Windows 2000 domain Windows account Windows authenticated logins Windows CE Windows groups

About the author (2004)

Morris Lewis has been smitten with Structured Query Language since the first time his professor wrote SELECT * FROM AUTHORS on the chalkboard 14 years ago. He has worked with no other database server since he first installed SQL Server 4.21a on his 16MHZ Intel 386 computer with all of the 32 megabytes of RAM running Windows NT 3.51 many years ago. With the mantra, "It is O.K. to worry if they really are out to get you," he has focused on all aspects of securing Windows and SQL Server since he connected his first server to the Internet. Now, he runs a training and consulting company, Holistech Inc., which focuses on helping clients create better and more secure database applications, and teaching them how to avoid the mistakes that can lead to problems in the future.

Bibliographic information

TitleSQL Server Security Distilled
AuthorMorris Lewis
PublisherApress, 2004
ISBN1430206632, 9781430206637
Length376 pages
Subjects ›  › 

Computers / Databases / General
Computers / Information Technology
Computers / Software Development & Engineering / General
  
Export CitationBiBTeX EndNote RefMan