Sql Server Advanced Features MIS 424 Professor Sandvig.

Slides:



Advertisements
Similar presentations
Forms Authentication, Users, Roles, Membership Ventsislav Popov Crossroad Ltd.
Advertisements

Understand Database Security Concepts
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.
>> PHP: Access Control & Security. Authentication: Source Authentication Source Hard-coded File-Based The username and password is available inside the.
SoftLab Project Winter 2008 Supervisor: Victor Kulikov Students: Dmitry Kanevsky Nir Lev-Ari.
DotNet Market Web Site “EMarket” Milena Natanov Project Supervisor: Victor Kulikov Lab Chief Engineer: Dr. Ilana David Semester spring, – Project.
ASP.NET Security MacDonald Ch. 18 MIS 424 MIS 424 Professor Sandvig Professor Sandvig.
Fundamentals, Design, and Implementation, 9/e Chapter 11 Managing Databases with SQL Server 2000.
Stored Procedures & User Defined Functions MacDonald Ch. 23 MIS 424 MIS 424 Professor Sandvig Professor Sandvig.
Database Connectivity Rose-Hulman Institute of Technology Curt Clifton.
Fundamentals, Design, and Implementation, 9/e Chapter 7 Using SQL in Applications.
Performed by:Gidi Getter Svetlana Klinovsky Supervised by:Viktor Kulikov 08/03/2009.
3 / 12 CHAPTER Databases MIS105 Irfan Ahmed Ilyas.
Security in SQL Jon Holmes CIS 407 Fall Outline Surface Area Connection Strings Authenticating Permissions Data Storage Injections.
Chapter 7 Managing Data Sources. ASP.NET 2.0, Third Edition2.
Passage Three Introduction to Microsoft SQL Server 2000.
Database Updates Made Easy In WebFocus Using SQL And HTML Painter Sept 2011 Lender Processing Services 1.
Overview What is SQL Server? Creating databases Administration Security Backup.
CONFIGURING WINDOWS SERVER MIS 424 Professor Sandvig.
Session 5: Working with MySQL iNET Academy Open Source Web Development.
Introduction to SQL Server 2000 Security Dave Watts CTO, Fig Leaf Software
Microsoft Azure Introduction ISYS 512. Microsoft Azure Microsoft Azure is a cloud.
Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.
Forms Authentication, Users, Roles, Membership Svetlin Nakov Telerik Corporation
Online Music Store MSE Project Presentation I Presented by: Reshma Sawant Major Professor: Dr. Daniel Andresen.
Today’s Objectives Chapters 10 and 11 Security in SQL Server –Manage server logins and database users. –Manage server-level, database-level, and application.
WaveMaker Visual AJAX Studio 4.0 Training Authentication.
Entity Framework MIS 324 MIS 324 Professor Sandvig Professor Sandvig.
CS480 Computer Science Seminar Introduction to Microsoft Solutions Framework (MSF)
DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.
MICROSOFT SQL SERVER 2005 SECURITY  Special Purpose Logins and Users  SQL Server 2005 Authentication Modes  Permissions  Roles  Managing Server Logins.
CSC 386 – Computer Security Scott Heggen. Agenda A last look at OS Security Comparing Windows to Linux.
Oracle Application Express Security. © 2009 Oracle Corporation Authentication Out-of-the-Box Pre-Configured Schemes LDAP Directory credentials Oracle.
Copyright © 2013 Curt Hill Database Security An Overview with some SQL.
Dr. Mustafa Cem Kasapbaşı Security in ASP.NET. Determining Security Requirements Restricted File Types.
BA372 Stored Procedures and Triggers Lab. What needs to be done to change a customer’s credit limit? Who am I? May I? Do it Log it Display A database.
Grid Chemistry System Architecture Overview Akylbek Zhumabayev.
10/25/20151 Single Sign-On Web Service Supervisors: Viktor Kulikov Alexander Sherman Liana Lipstov Pavel Bilenko.
Module 11: Securing a Microsoft ASP.NET Web Application.
2. SQL Security Objectives –Learn SQL Server 2000 components Contents –Understanding the Authentication Process –Understanding the Authorization Process.
Permissions Lesson 13. Skills Matrix Security Modes Maintaining data integrity involves creating users, controlling their access and limiting their ability.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
SQL.. AN OVERVIEW lecture3 1. Overview of SQL 2  Query: allow questions to be asked of the data and display only the information required. It can include.
Web Technologies for Social Networking Dr Dan Everett Master of Internet Technology program University of Georgia, US.
Learningcomputer.com SQL Server 2008 –Views, Functions and Stored Procedures.
ADO.NET FUNDAMENTALS BEGINNING ASP.NET 3.5 IN C#.
Configuring and Deploying Web Applications Lesson 7.
SQL Server 2005 Implementation and Maintenance Chapter 6: Security and SQL Server 2005.
Oracle 11g: SQL Chapter 7 User Creation and Management.
Panasonic UC Pro - UC Pro Server setup with Active Directory -
SQL Query Analyzer. Graphical tool that allows you to:  Create queries and other SQL scripts and execute them against SQL Server databases. (Query window)
1 Connecting to a Database Server. 2 We all have accounts, with a single database each, on a Microsoft SQL Server on the USF network: allman.forest.usf.edu.
IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.
Dynamic SQL Writing Efficient Queries on the Fly ED POLLACK AUTOTASK CORPORATION DATABASE OPTIMIZATION ENGINEER.
7.5 Using Stored-Procedure and Triggers NAME MATRIC NUM GROUP Muhammad Azwan Bin Khairul Anwar CS2305A Muhammad Faiz Bin Badrol Shah CS2305B.
SQL Injection Attacks S Vinay Kumar, 07012D0506. Outline SQL Injection ? Classification of Attacks Attack Techniques Prevention Techniques Conclusion.
Administrating a Database
Dynamic SQL Writing Efficient Queries on the Fly
Dynamic SQL Writing Efficient Queries on the Fly
Principles of report writing
PHP-language, database-programming
Login & administration page
Web Systems Development (CSC-215)
Chapter 8 Working with Databases and MySQL
Chapter 13 Security Methods Part 3.
Chapter 7 Using SQL in Applications
Chapter 11 Managing Databases with SQL Server 2000
Administrating a Database
Presentation transcript:

Sql Server Advanced Features MIS 424 Professor Sandvig

Outline Sql Server Management Studio Security Programmability Example

Caveat Sql Server very complex & feature-rich product Many features not discussed Focus on “developer” features 1704 pages

Database Admin

SQL Server Management Studio Provides interface to Sql Server More features than Visual Studio ◦ Security  Users & permissions ◦ Programmability ◦ Diagrams  Relationships ◦ Optimization

SQL Server Management Studio Features: Visual Studio vs. SQMS

Security Authentication & Authorization Security is two step process: 1.Authentication:  Identifying user  Username & password 2.Authorization:  Check permissions for specific actions:  Select, insert, update, delete…

Authentication Sql Server supports: 1.Windows Authentication 2.Sql Server Authentication

Windows Authentication User identified by Windows OS ◦ Windows prompt Advantage: use existing Windows login Many organizations use Active Directory

Sql Server Authentication User created on SQL Server Sql Server manages username/password Benefit: ◦ Can create specialized users with limited permissions ◦ Example: ZipCodeReader

Authorization Every request must be authorized Common methods: ◦ Create limited user  ZipCodeReader ◦ Anonymous user:  Web site  Network Service  Account  Built-in Windows acct

SQL Server Authorization SQL Server allows granular control: ◦ Tables ◦ Fields ◦ Stored procedures

Programmability Store queries on database Reuse in many applications Division of duties ◦ Devs & DBAs Security options Hide underlying tables

Programmability Stored procedures ◦ Store query on database ◦ Accept arguments ◦ Assign permissions to procedure ◦ T-Sql supports complex queries ◦ CRUD support

Programmability Functions ◦ Read only ◦ Support input parameters ◦ Utilized inside sql statements: Select * FROM funGetNames Where NameF LIKE ‘s%’ Order by NameL ◦ May use in other functions, SPs, SQL queries

Example: Sql Server Management Studio: ◦ Create database ◦ Add table ◦ Create user ◦ Add user permissions to database

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.