Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing SQL Server Processes with Certificates

Published byDennis Hill Modified over 5 years ago

Similar presentations

Presentation on theme: "Securing SQL Server Processes with Certificates"— Presentation transcript:

1 Securing SQL Server Processes with Certificates
Robert L Davis Database Engineer @SQLSoldier Securing SQL Server Processes with Certificates

2 Robert L Davis @SQLSoldier PASS Security Virtual Chapter
Microsoft Certified Master Data Platform MVP @SQLSoldier Database Engineer BlueMountain Capital Management 17+ years working with SQL Server PASS Security Virtual Chapter Volunteers needed Database Engineer at BlueMountain Capital Management Foremer Principal Database Architect at DB Best Technologies Former Principal DBA at Outerwall, Inc Former Sr. Product Consultant with Idera Software Former Program Manager for SQL Server Certified Master program in Microsoft Learning Former Sr. Production DBA / Operations Engineer at Microsoft (CSS) Microsoft Certified Master: SQL Server 2008 / MCSM Charter: Data Platform Co-founder of the SQL PASS Security Virtual Chapter MCITP: Database Developer: SQL Server 2005 and 2008 MCITP: Database Administrator: SQL Server 2005 and 2008 MCSE: Data Platform MVP 2014 Co-author of Pro SQL Server 2008 Mirroring Former Idera ACE (Advisors & Community Educators) 2 time host of T-SQL Tuesday Guest Professor at SQL University, summer 2010, spring/summer 2011 Speaker at SQL PASS Summit 2010, 2011, and 2012 including a pre-con in 2012 Speaker/Pre-con at SQLRally 2012 17+ years working with SQL Server Writer for SQL Server Pro (formerly SQL Server Magazine) Member: Mensa Dog picture: Maggie and Woody SQLCruise instructor: Seattle to Alaska 2012 Speaker at SQL Server Intelligence Conference in Seattle 2012 Blog: Twitter:

3 Securing SQL Server Processes with Certificates
Managing Certificates

4 Securing SQL Server Processes with Certificates
Managing Certificates Creating Logins and Users Mapped to Certificates

5 Securing SQL Server Processes with Certificates
Managing Certificates Creating Logins and Users Mapped to Certificates Signing Procedures

6 Securing SQL Server Processes with Certificates
Managing Certificates Creating Logins and Users Mapped to Certificates Signing Procedures Signing Procedures for SQL Server Processes

7 Securing SQL Server Processes with Certificates
Managing Certificates Creating certificates

8 Securing SQL Server Processes with Certificates
Managing Certificates Creating certificates CREATE CERTIFICATE

9 Securing SQL Server Processes with Certificates
Managing Certificates Creating certificates CREATE CERTIFICATE Backing up certificates

10 Securing SQL Server Processes with Certificates
Managing Certificates Creating certificates CREATE CERTIFICATE Backing up certificates BACKUP CERTIFICATE

11 Securing SQL Server Processes with Certificates
Managing Certificates Creating certificates CREATE CERTIFICATE Backing up certificates BACKUP CERTIFICATE Restoring certificates

12 Securing SQL Server Processes with Certificates
Managing Certificates Creating certificates CREATE CERTIFICATE Backing up certificates BACKUP CERTIFICATE Restoring certificates

13 Securing SQL Server Processes with Certificates
Managing Certificates Creating certificates CREATE CERTIFICATE Backing up certificates BACKUP CERTIFICATE Restoring certificates CREATE CERTIFICATE … FROM FILE

14 Securing SQL Server Processes with Certificates
Managing Certificates Creating certificates CREATE CERTIFICATE Backing up certificates BACKUP CERTIFICATE Restoring certificates CREATE CERTIFICATE … FROM FILE Store securely

15 Securing SQL Server Processes with Certificates
Managing Certificates Creating certificates CREATE CERTIFICATE Backing up certificates BACKUP CERTIFICATE Restoring certificates CREATE CERTIFICATE … FROM FILE Store securely Demo

16 Securing SQL Server Processes with Certificates
Creating Logins and Users Mapped to Certificates Creating logins

17 Securing SQL Server Processes with Certificates
Creating Logins and Users Mapped to Certificates Creating logins CREATE LOGIN … FROM CERTIFICATE

18 Securing SQL Server Processes with Certificates
Creating Logins and Users Mapped to Certificates Creating logins CREATE LOGIN … FROM CERTIFICATE Creating users

19 Securing SQL Server Processes with Certificates
Creating Logins and Users Mapped to Certificates Creating logins CREATE LOGIN … FROM CERTIFICATE Creating users CREATE USER … FOR/FROM CERTIFICATE

20 Securing SQL Server Processes with Certificates
Creating Logins and Users Mapped to Certificates Creating logins CREATE LOGIN … FROM CERTIFICATE Creating users CREATE USER … FOR/FROM CERTIFICATE Demo

21 Securing SQL Server Processes with Certificates
Signing Stored Procedures Grant permissions for a stored procedure without granting to user

22 Securing SQL Server Processes with Certificates
Signing Stored Procedures Grant permissions for a stored procedure without granting to user Allows you to avoid common issues where you may otherwise be pressured to enable risky database options

23 Securing SQL Server Processes with Certificates
Signing Stored Procedures Grant permissions for a stored procedure without granting to user Allows you to avoid common issues where you may otherwise be pressured to enable risky database options Cross-database ownership chaining

24 Securing SQL Server Processes with Certificates
Signing Stored Procedures Grant permissions for a stored procedure without granting to user Allows you to avoid common issues where you may otherwise be pressured to enable risky database options Cross-database ownership chaining Trustworthy

25 Securing SQL Server Processes with Certificates
Signing Stored Procedures Grant permissions for a stored procedure without granting to user Allows you to avoid common issues where you may otherwise be pressured to enable risky database options Cross-database ownership chaining Trustworthy Signing the procedures

26 Securing SQL Server Processes with Certificates
Signing Stored Procedures Grant permissions for a stored procedure without granting to user Allows you to avoid common issues where you may otherwise be pressured to enable risky database options Cross-database ownership chaining Trustworthy Signing the procedures ADD SIGNATURE TO … BY CERTIFICATE … WITH PASSWORD

27 Securing SQL Server Processes with Certificates
Signing Stored Procedures Grant permissions for a stored procedure without granting to user Allows you to avoid common issues where you may otherwise be pressured to enable risky database options Cross-database ownership chaining Trustworthy Signing the procedures ADD SIGNATURE TO … BY CERTIFICATE … WITH PASSWORD Executes as certificate which is mapped to a user and/or login

28 Securing SQL Server Processes with Certificates
Signing Stored Procedures Grant permissions for a stored procedure without granting to user Allows you to avoid common issues where you may otherwise be pressured to enable risky database options Cross-database ownership chaining Trustworthy Signing the procedures ADD SIGNATURE TO … BY CERTIFICATE … WITH PASSWORD Executes as certificate which is mapped to a user and/or login Demo

29 Securing SQL Server Processes with Certificates
Signing Stored Procedures for SQL Server Processes Relies on everything we’ve learned so far

30 Securing SQL Server Processes with Certificates
Signing Stored Procedures for SQL Server Processes Relies on everything we’ve learned so far Can be used to execute signed procedure via Service Broker

31 Securing SQL Server Processes with Certificates
Signing Stored Procedures for SQL Server Processes Relies on everything we’ve learned so far Can be used to execute signed procedure via Service Broker Can be used to grant rights to CLR assemblies

32 Securing SQL Server Processes with Certificates
Signing Stored Procedures for SQL Server Processes Relies on everything we’ve learned so far Can be used to execute signed procedure via Service Broker Can be used to grant rights to CLR assemblies More work but more secure

33 Performance Tuning 101: Parallelism
Q & A

34 Thank you for attending!
Thanks! Thank you for attending! My blog: Twitter: twitter.com/SQLSoldier

Download ppt "Securing SQL Server Processes with Certificates"

Similar presentations

PASS Summit 2013 My Experiences. Who is PASS? Professional Association for SQL Server Co-founded by CA & Microsoft in 1999 Independent not-for-profit.

PASS Summit 2013 My Experiences. Who is PASS? Professional Association for SQL Server Co-founded by CA & Microsoft in 1999 Independent not-for-profit.
Chapter 9 Security. Endpoints  A SQL Server endpoint is the point of entering into SQL Server.  It is implemented as a database object that defines.

Chapter 9 Security. Endpoints  A SQL Server endpoint is the point of entering into SQL Server.  It is implemented as a database object that defines.
Brian Alderman | MCT, CEO / Founder of MicroTechPoint Pete Harris | Microsoft Senior Content Publisher.

Brian Alderman | MCT, CEO / Founder of MicroTechPoint Pete Harris | Microsoft Senior Content Publisher.
Case Study: Designing a Global Scaled-out Architecture Robert L Davis

Case Study: Designing a Global Scaled-out Architecture Robert L Davis
MCTS: Pass one of 24 exams (a few require more). Multiple counters are 70-506 70-511 70-513 70-516 70-573 70-662 70- 667 and 70-680. You can also choose.

MCTS: Pass one of 24 exams (a few require more). Multiple counters are and You can also choose.
Module 11 : Backup and Restore Jong S. Bok

Module 11 : Backup and Restore Jong S. Bok
+ Administering Microsoft SQL Server 2012 Databases Implementing a Data Warehouse with Microsoft SQL Server 2012 + = Querying Microsoft SQL.

+ Administering Microsoft SQL Server 2012 Databases Implementing a Data Warehouse with Microsoft SQL Server = Querying Microsoft SQL.
Chapter 6 : Designing SQL Server Service-Level Security MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design Study Guide.

Chapter 6 : Designing SQL Server Service-Level Security MCITP Administrator: Microsoft SQL Server 2005 Database Server Infrastructure Design Study Guide.
+ Administering Microsoft SQL Server 2012 Databases Implementing a Data Warehouse with Microsoft SQL Server 2012 + = Querying Microsoft SQL.

+ Administering Microsoft SQL Server 2012 Databases Implementing a Data Warehouse with Microsoft SQL Server = Querying Microsoft SQL.
Chokchai Junchey Microsoft Product Specialist Certified Technical Training Center.

Chokchai Junchey Microsoft Product Specialist Certified Technical Training Center.
SQL Server Security By Mattias Lind 2015-08-20 For PASS Security VC.

SQL Server Security By Mattias Lind For PASS Security VC.
INTRO TO SQL SERVER SECURITY By Robert Biddle

INTRO TO SQL SERVER SECURITY By Robert Biddle
10.07.2008BSG Group - Dau Anh Trong1 Introduction about MS SQL Server 2005.

BSG Group - Dau Anh Trong1 Introduction about MS SQL Server 2005.
Alwayson Availability Groups

Alwayson Availability Groups
SQL Server 2005 Implementation and Maintenance Chapter 6: Security and SQL Server 2005.

SQL Server 2005 Implementation and Maintenance Chapter 6: Security and SQL Server 2005.
Access The L Line The Express Line to Learning 2007 L Line L © Wiley Publishing. 2007. All Rights Reserved.

Access The L Line The Express Line to Learning 2007 L Line L © Wiley Publishing All Rights Reserved.
SQL Server Security Basics Starting with a good foundation Kenneth Fisher

SQL Server Security Basics Starting with a good foundation Kenneth Fisher
Licensing SQL Server on a Virtual Platform Robert L Davis

Licensing SQL Server on a Virtual Platform Robert L Davis
PASS Business Analytics Virtual Chapter Website: Chapter Leader: Melissa Demcsak.

PASS Business Analytics Virtual Chapter Website: Chapter Leader: Melissa Demcsak.
Strategies for Working with Texas-sized Databases Robert L Davis Database Engineer

Strategies for Working with Texas-sized Databases Robert L Davis Database Engineer

Similar presentations

Ads by Google