Monthly Archive for: ‘May, 2011’

  • shadowStored Procedure Signing Using Certificates
    image
    shadow

    Stored Procedure Signing Using Certificates

    In this post, Data Education founder and trainer Adam Machanic discusses stored procedure signing using certificates. Here, he explains the attractive flexibility of creating a certificate-based proxy. As mentioned in the previous post, proxy logins and users can be created based on certificates. Creating a …

    Read More

  • shadowStored Procedures and EXECUTE AS
    image
    shadow

    Stored Procedures and EXECUTE AS

    In this post, Data Education founder and trainer Adam Machanic discusses the use of stored procedures and EXECUTE AS. Here, he explains that EXECUTE AS can be used for stored procedures, functions, and triggers. As described in a previous section in this chapter, the EXECUTE …

    Read More

  • shadowPrivilege Escalation Without Ownership Chains
    image
    shadow

    Privilege Escalation Without Ownership Chains

    In this post, Data Education founder and trainer Adam Machanic discusses the use of privilege escalation without ownership chains. Here, he explains when it does not work and gives two other kinds of privilege escalation that can be used. Ownership chaining will not work if …

    Read More

  • shadowOwnership Chaining
    image
    shadow

    Ownership Chaining

    In this post, Data Education founder and trainer Adam Machanic discusses the use of ownership chaining. Here, he explains how an ownership chain provides only the access you want to grant. The most common method of securing SQL Server resources is to deny database users …

    Read More

  • shadowBasic Impersonation Using EXECUTE AS
    image
    shadow

    Basic Impersonation Using EXECUTE AS

    In this post, Data Education founder and trainer Adam Machanic discusses the use of EXECUTE AS. Here, he explains that this command can be used by any user and that access is controlled by a permissions setting rather than a fixed role. Switching to a …

    Read More

  • shadowData Organization Using Schemas
    image
    shadow

    Data Organization Using Schemas

    In this post, Data Education founder and trainer Adam Machanic continues his discussion of schemas and the difficulty that comes with maintaining a secure database. Here, he explains that by dividing your database into schemas, related objects and control permissions can be easily grouped without …

    Read More

  • shadowData Security in Layers: The Onion Model
    image
    shadow

    Data Security in Layers: The Onion Model

    In this post, Data Education founder and trainer Adam Machanic continues his discussion of security through layers. Here, he explains how to think of SQL Server security as a multi-layered schema. Generally speaking, the more levels an attacker must penetrate in order to access a …

    Read More