Sunday, March 25, 2012

Access Control and Security?

Are there any books/article/forum posts out there that document the
best practices for SQL Server security?
For example, what account should create the database?
What account should create the schema?
In a given database should there be a login that is solely responsible
for DDL and a seperate account that only does DML and Queries?
What conventions are people using?
I'm kind of clueless about this and trying to figure out where to
start.
-ThxWhat version of SQL Server are you using? Best practices for SQLS 2000
do not necessarily apply to 2005, where there are expanded options not
available in earlier versions. A good starting point is always SQLS
Books Online, supplemented with a good searh engine :)
-mary
On Wed, 22 Aug 2007 05:58:08 -0700, kilik3000@.gmail.com wrote:
>Are there any books/article/forum posts out there that document the
>best practices for SQL Server security?
>For example, what account should create the database?
>What account should create the schema?
>In a given database should there be a login that is solely responsible
>for DDL and a seperate account that only does DML and Queries?
>What conventions are people using?
>I'm kind of clueless about this and trying to figure out where to
>start.
>-Thx|||On Aug 23, 1:45 pm, "Mary Chipman [MSFT]" <mc...@.online.microsoft.com>
wrote:
> What version of SQL Server are you using? Best practices for SQLS 2000
> do not necessarily apply to 2005, where there are expanded options not
> available in earlier versions. A good starting point is always SQLS
> Books Online, supplemented with a good searh engine :)
> -mary
> On Wed, 22 Aug 2007 05:58:08 -0700, kilik3...@.gmail.com wrote:
> >Are there any books/article/forum posts out there that document the
> >best practices for SQL Server security?
> >For example, what account should create the database?
> >What account should create the schema?
> >In a given database should there be a login that is solely responsible
> >for DDL and a seperate account that only does DML and Queries?
> >What conventions are people using?
> >I'm kind of clueless about this and trying to figure out where to
> >start.
> >-Thx
SQL 2005.
-Thx|||That's a tough one. Basic information is in SQLS Books Online
(http://msdn2.microsoft.com/en-us/library/ms161948.aspx) but it
doesn't directly answer your questions, you have to infer the answers.
Also, your security architecture depends on your needs. DDL has gotten
a lot easier with user-schema separation in 2005 once you understand
it. Erland Sommarskog's web site has some good resources - see Giving
Permissions through Stored Procedures
(http://www.sommarskog.se/grantperm.html).
-mary
On Tue, 28 Aug 2007 20:01:27 -0000, kilik3000@.gmail.com wrote:
>On Aug 23, 1:45 pm, "Mary Chipman [MSFT]" <mc...@.online.microsoft.com>
>wrote:
>> What version of SQL Server are you using? Best practices for SQLS 2000
>> do not necessarily apply to 2005, where there are expanded options not
>> available in earlier versions. A good starting point is always SQLS
>> Books Online, supplemented with a good searh engine :)
>> -mary
>> On Wed, 22 Aug 2007 05:58:08 -0700, kilik3...@.gmail.com wrote:
>> >Are there any books/article/forum posts out there that document the
>> >best practices for SQL Server security?
>> >For example, what account should create the database?
>> >What account should create the schema?
>> >In a given database should there be a login that is solely responsible
>> >for DDL and a seperate account that only does DML and Queries?
>> >What conventions are people using?
>> >I'm kind of clueless about this and trying to figure out where to
>> >start.
>> >-Thx
>SQL 2005.
>-Thx

No comments:

Post a Comment