 |
|
 |
My Account
|
|
| Home |
|
| Events |
| Current Events |
| Past Events |
| SQL Immersion Events |
| Event Log |
|
| Services |
| Mentoring |
| Custom Courses |
|
| Resources |
| Articles |
| Blogs |
| Books |
| Event Resources |
| Knowledge Base Articles |
| Q & A |
| SQL Scripts |
| Useful Links |
| Whitepapers |
|
| Partners |
|
| Communications |
|
| Contact Us |
|
 |
|
| SQL Server 2005 Security for Database Developers | |
|
Microsoft Tech*Ed Conference Session, 75 Minutes Written/Presented by Kimberly L. Tripp, SQLskills.com and Rafal Lukawiecki, Project Bottecelli Just securing your SQL Server 2005 database is not enough, as attacks at the application level are, unfortunately, on the rise. SQL Server application developers need to follow best practices to avoid creating vulnerabilities that risk data theft. In this session we will look at object ownership chains, the impact of user/schema separation, the benefits and potential pitfalls of "execute as" and best practices in authentication. We will also tackle the issues of cryptography-based security from the application's perspective, as it is easy to misunderstand and misuse these techniques. For example, you may be using a good algorithm, but are still generating your keys using certain weak password schemes. For the benefit of those who may have not attended our earlier session on security for DBAs we will present a brief summary of the key new security issues which each developer should be aware of. Come to this session to see SQL Server 2005 security covered by both a specialist in SQL Server (Kimberly L. Tripp) and a specialist in Cryptography and Security (Rafal Lukawiecki). Get a feel for why these changes are relevant and how to best use them! |
|
Privacy Policy. All Rights Reserved. ©2007 SYSolutions, Inc. |
|