Security

External Article

Configuring Certificate-based Authentication in SQL Server Express' Distributed Service Broker Environment

  • Article

Implementing a dialog between two services residing in a distributed environment requires the presence of an authentication mechanism. Windows-based Kerberos protocol limits the scope of systems participating in a Service Broker dialog to those residing in the same or trusted Active Directory domains. This article provides an overview of how to eliminate this limitation by employing certificates.

2008-11-03

2,198 reads

External Article

Encryption Alternatives

  • Article

Databases often contain sensitive information and cell-level encryption is a very effective method to protect this information from those who should not have access to it. Although, encryption is not without its challenges.

2008-10-29

3,815 reads

Technical Article

Cryptography in SQL Server

  • Article

This white paper presents an overview of cryptographic functionality and discusses how this applies to authentication, signed procedures, permissions, and encryption. Because the target audience is the database professional and not necessarily security experts, the focus is on practical ways to use cryptography in SQL Server.

2008-09-26

3,859 reads

External Article

Configure MaxTokenSize for SQL Server Authentication

  • Article

DBA's and web developers at our company are experiencing issues with connecting to SQL instances using SQL Server Management Studio and other SQL tools using Windows Integrated Authentication. Our company is large, with well over 70,000 users and groups in Active Directory. When we look in the NT event log on the SQL Server we see both MSSQL and Kerberos errors. What could be causing this?

2008-08-25

3,296 reads

Technical Article

Recover from a SQL Injection Attack on SQL Server

  • Article

Lately it seems like SQL Injection attacks have been increasing. Recently our team has worked through resolving a few different SQL Injection attacks across a variety of web sites. Each of these attacks had a number of similarities which proved to point back to the same source. With this information in hand, the resolution should be much quicker. As such, if your web site is attacked with SQL Injection, how should you address it? How can the identification, analysis, recovery and resolution be streamlined? What are some lessons learned?

You rated this post out of 5. Change rating

2008-08-22

4,820 reads

Blogs

Understanding Lakehouse Permissions in Microsoft Fabric

By

Understanding how permissions work in Microsoft Fabric can be essential for anyone managing access...

The Cost of Not Having a DBA

By

Does skipping a DBA save money? Wait until your system grinds to a halt,...

Who are you? Building an identity map.

By

I admit that until I read the article, Who are you as a Leader?,...

Read the latest Blogs

Forums

Union where it matches against only one shared column

By ldanks

Hi folks I have two tables, both with a NAME, START and END fields...

How to update using data from three tables?

By mjdemaris

I am in the process of migrating from MySQL to SQL Server. I have...

Select Returning Blank Rows

By JP789

I have the following select statement --#1 Select supplier, s.refnum, desc from supplier as...

Visit the forum

Question of the Day

Replacing a NULL II

What is returned from this code in SQL Server 2022?

DECLARE
  @value INT = NULL
, @value2 VARCHAR(20) = NULL;
SELECT COALESCE (@value, @value2, 100.5) AS Result;
GO

See possible answers