Presentation is loading. Please wait.

Presentation is loading. Please wait.

SQL Server Security Model In Plain English Kevin Hill Twitter: @Kevin3NF KHill@MainStreetDBAs.com www.MainStreetDBAs.com.

Published byИлияна Ляхова Modified over 6 years ago

Similar presentations

Presentation on theme: "SQL Server Security Model In Plain English Kevin Hill Twitter: @Kevin3NF KHill@MainStreetDBAs.com www.MainStreetDBAs.com."— Presentation transcript:

1 SQL Server Security Model In Plain English Kevin Hill

2 About me… 20+ years working with Microsoft databases
Long time member of PASS.org (you should join) Sr. SQL Server DBA at Main Street DBAs.com I LOVE teaching new people SQL Saturday speaker, DFW trainer 10+ years as a member of local SQL user group Now a board member, as of January 2018…again… Avid Cyclist, Dad, Husband, Grandfather and CrossFit enthusiast

3 My manager: Me: “Do I need a user or a login?”

4 If you can read this your eyes are way better than mine.
Where do you live? House? Apartment? Wilderness, out under the stars? If you can read this your eyes are way better than mine.

5 Do you lock your door at night?
Why? To keep your neighbors out? To keep your children in? Or. . .to guard against the unknown?

6 Can you walk into your neighbor’s house any time you like?

7 Things I know about your house:
Locks on the doors. Multiple rooms. Stuff in those rooms. People in various parts of the house.

8 Who has the keys? Whoever owns the house.
Most of the people that live there, if not all. A neighbor perhaps. A landlord for renters. (Apartment or house.) Basically, anyone the owner decides to give it to.

9 Assuming your key works, walk in…
Now you are in the foyer. . .and can see all sorts of stuff. As you glance around you see various rooms (Living room, bedrooms, kitchen, etc.) Without a closer look you don’t what is what, and the doors are all closed (for this analogy anyway. . .)

10 If you own the house… You can go into any room. . .
You can change the carpet. . . You can paint the walls. . . . . .or hang a ceiling fan. You can add a room if you have the $$$. . . . . .or toss some teenage boy out of your daughter’s room. YOU control what happens in your house.

11 Consider 2 rooms: Think about the master bedroom…
Residents (so to speak): You and your significant other. Visitors: Kids to ask questions. Grandkids to jump on the bed. You have full control of the master bedroom. Now Imagine your kid’s room: They have stuff. Siblings are not allowed. They have some decorating freedom, with parental override.

12 In the kids’ rooms: They have stuff—furniture, clothing, toys, too many screens, random stuff your 8 year old found on the way home. . . Each item is in a category as above. Within each category you have specifics, such as a bed or desk, shirts and socks, board games or dolls. . . Suzie’s room is quite a bit different from Little Bobby’s room. Each child has (some) control over what to add or remove, and who to allow in their room, as well as appearance.

13 Lets say you have twin boys. . .
Typically, twins grow up sharing things due to the connection they have. This often includes same room, similar outfits, similar hobbies. . . But, each has their own bed, their own specific clothing, etc. They may share some items but not others, for different reasons. Billy can look at Bobby’s books, but doesn’t have permission to take one. Bobby can’t just decide to take over Billy’s desk whenever he wants.

14 Great. . .but what does this have to do with SQL Server?

15 Let’s map the terms together…
These might be the two most important slides of the entire Security section House = an Instance of SQL Server. Lock on the door = what you need a LOGIN to get past. (Lock = Login). Foyer = you are simply authorized to CONNECT to the Instance Rooms = Databases. All have a different function. Residents = Users. Bobby uses his room/database, Suzie uses hers.

16 Let’s map the terms together…
Categories of stuff = schemas furniture schema, clothing schema. . . Individual items (bed, shirts) = database objects. (tables, views, etc.) Specific items (different books, shirts) = rows in a table.

17 We talked about people and things. . .
Lets talk roles and permissions. . . Mom and Dad—sysadmin server role. They can do whatever they want to the house. They also have default owner rights over all rooms/databases. Suzie, Billy and Bobby—They need keys (LOGINS), and also may have “db_owner” rights to their respective rooms/databases The kids can grant or deny access to their rooms to the other kids. “look but don’t touch” = db_datareader role. “Keep out”—Deny Connect to Bobby. “Sure, you can borrow my iPad, but bring it back.” db_datareader and db_datawriter

18 Wrap up The basic things you need to know as a non-DBA or new DBA:
Logins get you connected to the Instance. User accounts get you access to individual databases. Grant access to Windows groups, in an ideal situation. Limit access to the sysadmin server role. Limit db_owner access to databases. There are a number of Server and Database roles we didn’t touch. Also, there are a ton of specific permissions. . .you can get very granular.

Download ppt "SQL Server Security Model In Plain English Kevin Hill Twitter: @Kevin3NF KHill@MainStreetDBAs.com www.MainStreetDBAs.com."

Similar presentations

Using your math skills to help you design your dream bedroom. Math Skills Introduction Task Theme Dimensions Shopping Estimation Furniture Electronics.

Using your math skills to help you design your dream bedroom. Math Skills Introduction Task Theme Dimensions Shopping Estimation Furniture Electronics.
Logins, Roles and Credentials Lesson 14. Skills Matrix.

Logins, Roles and Credentials Lesson 14. Skills Matrix.
Lesson A How's your memory?Lesson B Strange dreams Vocabulary Link These people are at a college reunion. Read what the people are saying. Pay attention.

Lesson A How's your memory?Lesson B Strange dreams Vocabulary Link These people are at a college reunion. Read what the people are saying. Pay attention.
MICROSOFT SQL SERVER 2005 SECURITY  Special Purpose Logins and Users  SQL Server 2005 Authentication Modes  Permissions  Roles  Managing Server Logins.

MICROSOFT SQL SERVER 2005 SECURITY  Special Purpose Logins and Users  SQL Server 2005 Authentication Modes  Permissions  Roles  Managing Server Logins.
October 1-2 Ølensvåg. AppFrame SQL – Security Session Code: SQL-201-Security Speaker(s): Jekaterina Golouchova.

October 1-2 Ølensvåg. AppFrame SQL – Security Session Code: SQL-201-Security Speaker(s): Jekaterina Golouchova.
Copyright © 2013 Curt Hill Database Security An Overview with some SQL.

Copyright © 2013 Curt Hill Database Security An Overview with some SQL.
Homes: Find someone who… … lives in a condo … lives in a house … has moved many times … has never changed homes … lives in a dorm … lives in an apartment.

Homes: Find someone who… … lives in a condo … lives in a house … has moved many times … has never changed homes … lives in a dorm … lives in an apartment.
SQL Server 2005 Implementation and Maintenance Chapter 6: Security and SQL Server 2005.

SQL Server 2005 Implementation and Maintenance Chapter 6: Security and SQL Server 2005.
WELCOME! SQL Server Security. Scott Gleason This is my 9 th Jacksonville SQL Saturday Over ten years DBA experience Director of Database Operations

WELCOME! SQL Server Security. Scott Gleason This is my 9 th Jacksonville SQL Saturday Over ten years DBA experience Director of Database Operations
人教 PEP 四年级上册 Unit 4 MY BEDROOM. Warm-up Look carefully!

人教 PEP 四年级上册 Unit 4 MY BEDROOM. Warm-up Look carefully!
SQL IMPLEMENTATION & ADMINISTRATION Indexing & Views.

SQL IMPLEMENTATION & ADMINISTRATION Indexing & Views.
Helping Girls Combine Engineering and Fashion for Fun!

Helping Girls Combine Engineering and Fashion for Fun!
ESSENTIAL WORDS.

ESSENTIAL WORDS.
How I cope with stress - I believe you can cope too

How I cope with stress - I believe you can cope too
Coping with jealousy Simone has a baby brother. Everything was really lovely at first and Simone loved helping her mum look after him. Recently though,

Coping with jealousy Simone has a baby brother. Everything was really lovely at first and Simone loved helping her mum look after him. Recently though,
Laboratorio di lingua inglese 3

Laboratorio di lingua inglese 3
Matthew Butteri, MD. UCI School of Medicine

Matthew Butteri, MD. UCI School of Medicine
Supporting your child with literacy in Reception

Supporting your child with literacy in Reception
Language Support Unit Presents.

Language Support Unit Presents.
Learning indexing concepts with an analog phone book

Learning indexing concepts with an analog phone book

Similar presentations

Ads by Google