#Dean document db + express + angularjs + nodejs running on azure
Securing SQL Azure DB? How?
-
Upload
boris-hristov -
Category
Technology
-
view
339 -
download
0
Transcript of Securing SQL Azure DB? How?
![Page 1: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/1.jpg)
Boris Hristov, SQL Server MVP
Securing SQL Azure DB?
![Page 2: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/2.jpg)
Organizer
SQLSaturday Rheinland 201513.06.2015
![Page 3: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/3.jpg)
Bronze Sponsor
SQLSaturday Rheinland 201513.06.2015
![Page 4: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/4.jpg)
Silver Sponsor
SQLSaturday Rheinland 201513.06.2015
![Page 5: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/5.jpg)
Gold Sponsor
SQLSaturday Rheinland 201513.06.2015
![Page 6: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/6.jpg)
You rock!
SQLSaturday Rheinland 201513.06.2015
![Page 7: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/7.jpg)
That’s not a marketing talk!DISCLAIMER:
![Page 8: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/8.jpg)
So who is this guy Boris?
@BorisHristov
![Page 9: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/9.jpg)
time
cool
ness Session’s Timeline
Dynamic Data Masking Row Level Security
![Page 10: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/10.jpg)
Dynamic Data Masking
![Page 11: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/11.jpg)
“Have you ever…”
![Page 12: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/12.jpg)
SELECT * FROM dbo.Customers
custid FirstName LastName PhoneNumber EmailAddress CreditcardNumber
1 Boris Hristov +359889000000 [email protected] 1111-1111-1111-1111
2 Ivan Donev +359889000000 [email protected] 2222-2222-2222-2222
3 Stanislav Zhelyaskov +359889000000 [email protected]
3333-3333-3333-3333
4 Ivan Minchev +359889000000 [email protected] 4444-4444-4444-4444
![Page 13: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/13.jpg)
custid FirstName LastName PhoneNumber EmailAddress CreditcardNumber
1 Boris Hristov +359889000000 [email protected] xxxx-xxxx-xxxx-1111
2 Ivan Donev +359889000000 [email protected] xxxx-xxxx-xxxx-2222
3 Stanislav Zhelyaskov +359889000000 [email protected] xxxx-xxxx-xxxx-3333
4 Ivan Minchev +359889000000 [email protected] xxxx-xxxx-xxxx-4444
SELECT * FROM dbo.Customers
![Page 14: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/14.jpg)
Dynamic Data Masking
![Page 15: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/15.jpg)
DEMODynamic Data Masking
![Page 16: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/16.jpg)
Row Level Security
![Page 17: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/17.jpg)
“Have you ever…”
![Page 18: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/18.jpg)
orderid custid orderdate shipdate shipcountry
1 1 4/20/2015 20:15:49 4/20/2015 20:15:49 Bulgaria
2 1 4/20/2015 20:15:49 4/20/2015 20:15:49 Germany
3 2 4/20/2015 20:15:49 4/20/2015 20:15:49 Germany
4 2 4/20/2015 20:15:49 4/20/2015 20:15:49 Bulgaria
5 3 4/20/2015 20:15:49 4/20/2015 20:15:49 Bulgaria
SELECT * FROM dbo.Orders
![Page 19: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/19.jpg)
orderid custid orderdate shipdate shipcountry
1 1 4/20/2015 20:15:49 4/20/2015 20:15:49 Bulgaria
4 2 4/20/2015 20:15:49 4/20/2015 20:15:49 Bulgaria
5 3 4/20/2015 20:15:49 4/20/2015 20:15:49 Bulgaria
SELECT * FROM dbo.Orders
![Page 20: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/20.jpg)
How is that possible?
![Page 21: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/21.jpg)
-- user defined functionCREATE FUNCTION Security.fn_securitypredicate (@SalesRep AS sysname) RETURNS TABLE WITH SCHEMABINDINGAS RETURN SELECT 1 AS fn_securitypredicate_result WHERE @SalesRep = USER_NAME() OR USER_NAME() = 'Manager';
-- security policyCREATE SECURITY POLICY SalesFilter ADD FILTER PREDICATE Security.fn_securitypredicate(SalesRep) ON dbo.Sales WITH (STATE = ON);
No GUI, folks
![Page 22: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/22.jpg)
DEMORow Level Security
![Page 23: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/23.jpg)
Cool, huh?
![Page 24: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/24.jpg)
Not that fast…
![Page 25: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/25.jpg)
time
cool
ness
Session’s Timeline
Dynamic Data Masking Row Level Security
![Page 26: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/26.jpg)
DEMORow Level Security Issues
![Page 27: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/27.jpg)
So is that a security feature
then?
![Page 28: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/28.jpg)
Or is that a programmability
feature?
![Page 29: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/29.jpg)
Summary
There’s a lot going on in SQL Azure DB
Easily mask sensitive data with Dynamic Data Masking
Limit the rows users can see with Row Level Security
Be aware of the current issues of RLS
![Page 30: Securing SQL Azure DB? How?](https://reader033.fdocuments.net/reader033/viewer/2022042615/55ba5857bb61eb1c348b458a/html5/thumbnails/30.jpg)
Save the date!
13.06.2015 SQLSaturday Rheinland 2015