Database Activity Monitoring Part 2 - SQL Injection Attacks

If you think through the web sites you visit on a daily basis the chances are that you will need to login to verify who you are. In most cases your username would be stored in a relational database along with all the other registered users on that web site. Hopefully your password will be encrypted and not stored in plain text.

Using a Parent Child Hierarchy in SQL Server to Implement a Custom Security Scheme

I have a requirement to implement a custom security scheme where roles and the user's place in the organization hierarchy are used to determine which customers a user can access. In particular the requirements are that a sales person can only access their customers and any other role can access any customer in their level of the organization hierarchy and below. We have a simple hierarchy that is made up of regions and offices. Can you provide us with an example of how to do this?

SQL Server Impersonation

SQL Server impersonation, or context switching, is a means to allow the executing user to assume the permissions of a given user or login until the context is set back, set to yet another user, or the session is ended. Deanna Dicken shows you two mechanisms for accomplishing this task and walks through some examples.

Removing permissions

Resolving User Security Identifier (SID) Discrepancy in Read-Only Databases

Many experienced DBAs understand the issues with matching up users and logins in a restored database. But what do you do when the database is read only? New author Tychang Chen brings us a technique that can help.

Understanding SQL Server fixed database roles

I know there are fixed database roles that come with SQL Server. How do I best use them within my installations? What should I watch out for? In this tip we will cover each of the database roles and recommendations on when to and when not to use them.

Using a Certificate Signed Stored Procedure to Execute sp_send_dbmail

Learn how to create a certificate signed stored procedure to solve common permissions problems using sp_send_dbmail. MVP Jonathan Kehayias brings us a short tutorial that discusses your options and code to show you how to implement certificate security.

SQL Server Security Audit Report

If your company needs to go through a SOX (Sarbanes–Oxley) audit or any security audit, the DBA has to provide security information to them. If you have purchased third party tools to provide this information that is great. If you don't have third party tools and need to go through many servers to provide this information it can be a hassle and very time consuming. So I put together a script to generate a report that I could just review. The script generates a report of all elevated level accounts and any possible security holes.

Grant Execute Permissions to Stored Procedures using DDL Triggers

In your development environment if you have locked down permissions for developers, but still need them to execute stored procedures you will need to grant execute rights each time a new stored procedure is generated. In this tip I will show you a way of doing this automatically each time a new stored procedure is created without granting your developers additional permissions.

Role Membership