tailieunhanh - Hướng dẫn học Microsoft SQL Server 2008 part 123
Bảo mật cơ sở dữ liệu Khi một người dùng có quyền truy cập đến máy chủ, truy cập có thể được cấp cho các cơ sở dữ liệu người dùng cá nhân. Cơ sở dữ liệu bảo mật là có khả năng phức tạp. Người dùng được ban đầu cấp quyền truy cập cơ sở dữ liệu bằng cách thêm chúng vào cơ sở dữ liệu. | Part VII To view the assigned roles using code query the sysserver_principals catalog view to select the members joined with the sysserver_role_members and joined again to the sysserver_principals to select the roles. Database Security Once a user has gained access to the server access may be granted to the individual user databases. Database security is potentially complex. Users are initially granted access to databases by adding them to the database. EXEC Guest logins Any user who wishes to access a database but has not been declared a user within the database will automatically be granted the user privileges of the guest database user if the guest user account exists refer to Figure 49-1 . The guest user is not automatically created when a database is created. It must be specifically added in code or as a database user. The guest login does not need to be predefined as a server login sp_adduser Guest Be very careful with the guest user. While it may be useful to enable a user to access the database without setting him or her up the permissions granted to the guest user apply to everyone without access to the database. The guest user must be removed from a database when guests are no longer welcome. the role s or Granting access to the database Users must be explicitly granted access to any user database. Because this is a many-to-many relationship between logins and database you can manage database access from either the login side or the database side. When a login is granted access to the database the login is also assigned a database username which may be the same as the login name or some other name by which the login will be known within the database. To grant access to a database from the login side using Object Explorer use the User Mapping page of the Login Properties form shown in Figure 49-6 . Many security settings involve multiple objects such as users and databases or roles and object permissions. These settings can be made from either the Login .
đang nạp các trang xem trước