* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Securing SQL Server 2005
Survey
Document related concepts
Tandem Computers wikipedia , lookup
Concurrency control wikipedia , lookup
Oracle Database wikipedia , lookup
Microsoft Access wikipedia , lookup
Ingres (database) wikipedia , lookup
Team Foundation Server wikipedia , lookup
Microsoft Jet Database Engine wikipedia , lookup
Database model wikipedia , lookup
Relational model wikipedia , lookup
Clusterpoint wikipedia , lookup
Transcript
Securing SQL Server 2005 Anil Desai Speaker Information • Anil Desai – Independent consultant (Austin, TX) – Author of several SQL Server books – Instructor, “Implementing and Managing SQL Server 2005” (Keystone Learning) – Info: http://AnilDesai.net or [email protected] Agenda and Outline • • • • • • SQL Server Security Architecture Configuring Service Accounts Managing Logins and Server Permissions Database Users and Roles Managing Permissions Other Security Features – Encryption – DDL Triggers (Auditing) • Monitoring Security with SQL Profiler SQL Server Security Overview • Layered Security Model: – Windows Level – SQL Server Level – Database • Schemas (for database objects) • Terminology: – Principals – Securables – Permissions • Scopes and Inheritance Security Overview • (from Microsoft SQL Server 2005 Books Online) Security Best Practices • • • • • • • Make security a part of your standard process Use the principle of least privilege Implement defense-in-depth (layered security) Enable only required services and features Regularly review security settings Educate users about the importance of security Define security roles based on business rules SQL Server Service Accounts • Local Service Account – Permissions of “Users” group (limited) – No network authentication • Network Service Account – Permissions of Users group – Network authentication with Computer account • Domain User Accounts – Adds network access for cross-server functionality SQL Server Services • Instance-Specific (one service per instance): – – – – – SQL Server SQL Server Agent Analysis Services Reporting Services Full-Text Search • Instance-unaware – – – – Notification Services Integration Services SQL Server Browser SQL Server Active Directory Helper – SQL Writer SQL Server Surface Area Configuration • Default installation: Minimal services • SAC for Services and Connections – Allow Remote Connections – Access to Reporting Services, SSIS, etc. • SAC for Features – Remote queries – .NET CLR Integration – Database Mail – xp_cmdshell Managing Logins • Windows Logins – Authentication/Policy managed by Windows • SQL Server Logins – Managed by SQL Server • Based on Windows policies – Password Policy Options: • • • • HASHED (pw is already hashed) MUST_CHANGE CHECK_EXPIRATION CHECK_POLICY Creating Logins • Transact-SQL – CREATE LOGIN statement • Replaces sp_AddLogin and sp_GrantLogin – SQL Server Logins – Windows Logins • SQL Server Management Studio – Setting server authentication options – Login Auditing – Managing Logins Managing Server Roles • Built-In Server-Level Roles: – SysAdmin – ServerAdmin – SetupAdmin – SecurityAdmin – ProcessAdmin – DiskAdmin – DBCreator – BulkAdmin Database Users and Roles • Database Users – Logins map to database users • Database Roles – Users can belong to multiple roles – Guest (does not require a user account) – dbo (Server sysadmin users) • Application Roles – Used to support application code Database Roles • Built-in Database Roles: – – – – – – – – – – db_accessadmin db_BackupOperation db_DataReader db_DataWriter db_DDLAdmin db_DenyDataReader db_DenyDataWriter db_Owner db_SecurityAdmin public Creating Database Users and Roles • CREATE USER – Replaces sp_AddUser and sp_GrantDBAccess – Can specify a default schema – Managed with ALTER USER and DROP USER • CREATE ROLE – Default owner is creator of the role • SQL Server Management Studio – Working with Users and Roles Understanding Database Schemas • Schemas – Logical collection of related database objects – Part of full object name: • Server.Database.Schema.Object – Default schema is “dbo” • Managing Schemas – CREATE, ALTER, DROP SCHEMA – SQL Server Management Studio – Can assign default schemes to database users: • WITH DEFAULT_SCHEMA ‘SchemaName’ Configuring Permissions • Scopes of Securables – Server – Database – Schema – Objects • Permission Settings: – GRANT – REVOKE – DENY • Options – WITH GRANT OPTION – AS (Sets permissions using another user or role) Managing Execution Permissions • Transact-SQL Code can run under a specific execution context – By default, will execute as the caller • EXECUTE AS clause: – Defined when creating an object or procedure – Options: • CALLER (Default) • SELF: Object creator • Specified database username Getting Security Information • Procedures and Functions – – – – – – – sys.fn_builtin_permissions Has_Perms_By_Name CURRENT_USER SETUSER IS_MEMBER SUSER_NAME / SUSER_ID SCHEMA_NAME Security Catalog Views • Sys.Server_Permissions • Sys.Server_Principals • Sys.Database_Permissions • Sys.Database_Principals • Sys.Database_Role_Members Other Security Options • Encrypting Object Definitions – Use the WITH ENCRYPTION Clause – Stores the object definition in an encrypted format • SQL Server Agent – Proxies based on subsystems allow lockdown by job step types • Preventing SQL Injection attacks Understanding Encryption • Goals: – Authentication – Data Encryption • Symmetric Encryption – Uses a single key • Asymmetric Encryption – Uses a “key-pair” • Public key: Can be distributed • Private key: Stored securely – Certificates protect the public key Understanding SQL Server Certificates • Uses of Certificates – – – – Data encryption Service Broker endpoints Digital signatures for objects Web / HTTP connections • SQL Server Certificates – Stored within user databases • Notes: – Encryption overhead can be significant – Keys must be protected SQL Server Encryption • Encryption Hierarchy – Windows Level • Stores Service Master Key – SQL Server Level • Service Master Key – Database Master Key • Certificates • Asymmetric Keys – Encrypted Objects / Data (varbinary) Encryption Hierarchy • (from Microsoft SQL Server 2005 Books Online) Managing Certificates • Transact-SQL commands: – CREATE CERTIFICATE • Stored within the user database • Can use a password or a file – BACKUP CERTIFICATE • Exports to a file – DROP CERTIFICATE • Encrypting Data: – EncryptBy_____ (Cert, SymmetricKey, Passphrase, etc.) – DecryptBy_____() Getting Certificate Information • Information – Sys.Certificates – Sys.Asymmetric_Keys – Sys.Symmetric_Keys • Cert_ID returns the certificate identifier • CertProperty(Cert_ID, ‘PropertyName’) • Start_Date, Expiry_Date, etc. DDL Triggers • Respond to Data Definition Language (DDL) commands – Examples: • DROP_TABLE • ALTER_TABLE • CREATE_LOGIN • Purpose: – Preventing certain changes – Logging / sending notifications of schema changes – Can rollback changes DDL Triggers • DDL triggers do not generate inserted/deleted tables • Getting Details – EVENTDATA function returns details of the changes in XML format – Can query with XQUERY expressions • DDL Trigger Scope: – Database-Level (stored within the same database) – Server-Level (stored in the master database) Monitoring Security with SQL Profiler • Options: – Log to a trace file or to a table – Run programmatically using SQL Trace SP’s • “Security Auditing” Event Class – Audit Login / Audit Logoff – Audit Add DB User Event – Audit Addlogin Event SQL Profiler: Security Auditing For More Information • Resources from Anil Desai – Web Site (http://AnilDesai.net) – E-Mail: [email protected] – Keystone Learning Course: “Microsoft SQL Server 2005: Implementation and Maintenance (Exam 70-431)” – The Rational Guide to Managing Microsoft Virtual Server 2005 – The Rational Guide to Scripting Microsoft Virtual Server 2005