tailieunhanh - Bài giảng Cơ sở dữ liệu nâng cao - Chapter 3: Managing security

Bài giảng Cơ sở dữ liệu nâng cao - Chapter 3: Managing security. Những chủ đề được thảo luận trong chương này gồm có: Users, users vs. login, SQL server security, SQL server authentication, securable objects in SQL Server, The fixed server-level role,. | Chapter 2 Managing Security 9/25/2011 1 Users Users are database-level principals and are created to access resources within a database. User and Log-in names should match. Users can be added to any one or more of the available database roles. 9/25/2011 2 Users vs. Login Logins: Be created at the instance level Can be mapped to a Windows user account, a domain account, a Windows group, a domain group, Provide a user access to the SQL Server instance. access to one or more databases. Do not provide access to the objects contained within the database. Permissions to access database objects are at the database user level. 9/25/2011 3 SQL Server security A user passes through 2 stages of security in SQL Server Authentication – validates that a user can connect to a SQL Server instance (Login) Authorization – permissions validation; controls the activities the user is allowed to perform in the SQL Server database (User) 9/25/2011 4 SQL Server authentication Windows Authentication Windows performs the authentication SQL Server trusts that authentication and provides access to the Windows accounts as configured. Windows user and group accounts can be mapped to SQL Server 9/25/2011 5 SQL Server authentication SQL Server specific logins: Windows user account is not required Password is passed across the network for authentication Password is encrypted automatically The primary advantage of this authentication scheme: SQL Server can authenticate any login no matter how they may have authenticated to the Windows network. This option is typically less secure because it gives access to any-one who has the SQL Server password, without regard to his or her Windows identity. 9/25/2011 6 SQL Server authentication Adding a new login Create new user in Windows. Once the users exist in the Windows user list or the Windows domain, SQL Server can recognize them. Add a new login to SQL Server. Use SSMS Use T-SQL command 9/25/2011 7 SQL Server authentication Adding a New Windows Login | Chapter 2 Managing Security 9/25/2011 1 Users Users are database-level principals and are created to access resources within a database. User and Log-in names should match. Users can be added to any one or more of the available database roles. 9/25/2011 2 Users vs. Login Logins: Be created at the instance level Can be mapped to a Windows user account, a domain account, a Windows group, a domain group, Provide a user access to the SQL Server instance. access to one or more databases. Do not provide access to the objects contained within the database. Permissions to access database objects are at the database user level. 9/25/2011 3 SQL Server security A user passes through 2 stages of security in SQL Server Authentication – validates that a user can connect to a SQL Server instance (Login) Authorization – permissions validation; controls the activities the user is allowed to perform in the SQL Server database (User) 9/25/2011 4 SQL Server authentication Windows Authentication .

TỪ KHÓA LIÊN QUAN