* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download SQL Server 2005 Security - Australian SQL Server User Group
Survey
Document related concepts
Transcript
Introduction to SQL 2005 Security Nick Ward SQL Server Specialist [email protected] Database Security Prevent SQL injection attacks Encrypt data in the database Secure data over the network Secure database connection strings Handle data access exceptions SQL Server 2005 Overview SQL Server 2005 Security Initiatives Trustworthy Computing Initiative Security, privacy, reliability and business practices http://www.microsoft.com/mscorp/twc/default.mspx SD3+C Secure by design Secure by default Secure in deployment Communications Reduction in Surface Area Secure by Default More optional installation options Default: Demonstration databases not installed Default: CLR disabled Default: HTTP endpoint disabled Minimized Attack surface: Features require explicit configuration Surface Area Configuration Tool SQL Server 2005 Security Surface Area Configuration Tool Nick Ward SQL Server Technology Specialist Microsoft The Least Privilege Principal Granular permissions Security execution context Grant/revoke/deny Hierarchical permissions EXECUTE AS Functions, procedures, views and triggers DDL Triggers Security: Execution Context Execute Perms checked for User3 User 3 User2.Proc1 User1.T1 User2.Proc1 User1.T1 Execute Perms checked for User3 Select Perms checked for User3 No permission – User1.Proc1 fails ‘Execute AS ‘X’ ’ User 3 Select Perms checked for User3 User2.Proc1 Execute Perms checked for User3 User1.T1 Select Perms checked for ‘X’. Not for user3 Security: Execution Context Execute AS CALLER Execute AS SELF Last person to create or alter the module Execute AS OWNER Default – same as SQL Server 2000 behavior Execute as current owner of the module Execute AS “UserName” Execute AS “LoginName” Only for DDL triggers with server-wide execution SQL Server 2005 Security EXECUTE AS ‘x’ Nick Ward SQL Server Technology Specialist Microsoft DDL Triggers Triggers fire when Data Definition Language (DDL) is executed Used to: Fire after the statement Prevent DDL changes to your schema Cause something to occur when schema changes To record changes or events in the database schema Can roll back the statement’s effect Can run managed code SQL Server 2005 Security DDL Triggers Nick Ward SQL Server Technology Specialist Microsoft Secure in Deployment Microsoft Update services integration Automatic or manual Systems Management Server (SMS) integration Deployment security content: “Security Considerations for SQL Server” http://msdn2.microsoft.com/en-us/library/ms161948 Windows server Network Windows service accounts Surface Area All SQL Server components Authorization Enhancements Already discussed Granular permission control Module execution context Still to come… User schema separation Metadata security Encryption enhancements Security: User-Schema Separation New DDL for user and schemas CREATE/ALTER/DROP for USER, ROLE, and SCHEMA Dropping user does not require application rewrite Security Schema v object permission Default schema Contained In Table Function View Stored Procedure Owned By Owned By Bill Schema Server.Database.Schema.Object Server.Database.Owner.Object Mary SQL Server 2005 Security User-Schema Separation Nick Ward SQL Server Technology Specialist Microsoft Security: Certificates Encryption enhancements Encryption uses symmetric keys, asymmetric keys and certificates SQL Server 2005 can generate certificates for encryption RC4, RSA, Triple-DES and AES encryption supported Encryption can be used with any level of SQL Server 2005 securable Key Management Security Hierarchy SQL Server 2005 Security Data Encryption Nick Ward SQL Server Technology Specialist Microsoft Metadata No visibility without permission “VIEW DEFINITION” permission SQL Injection Consider the following: var Shipcity; ShipCity = Request.form ("ShipCity"); var sql = "select * from OrdersTable where ShipCity = '" + ShipCity + "'"; Enter “Melbourne”: select * from OrdersTable where ShipCity = ‘Melbourne' Enter “Melbourne'; drop table OrdersTable—” select * from OrdersTable where ShipCity = ‘Melbourne';drop table OrdersTable--' SQL Injection – What to do? Validate all input: length, type, ranges, valid values etc. Reject control characters: ; ‘ -- /* */ xp_ Never build T-SQL statements from user input – beware string concatenation Use stored procedures Visual Studio Team System 2005 Type-safe SQL parameters SqlDataAdapter myCommand = new SqlDataAdapter("AuthorLogin", conn); myCommand.SelectCommand.CommandType = CommandType.StoredProcedure; SqlParameter parm = myCommand.SelectCommand.Parameters.Add("@au_id", SqlDbType.VarChar, 11); parm.Value = Login.Text; © 2003-2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.