SQL Server

 logins/users  roles  certificate  assymetric key 

 Standard SQL Server login  Windows login  Windows group  Certificate  Asymmetric Key

 CREATE LOGIN loginName { WITH | FROM }  ::= PASSWORD = { 'password' | hashed_password HASHED } [ MUST_CHANGE ] [, [,... ] ]

 ::= SID = sid | DEFAULT_DATABASE = database | DEFAULT_LANGUAGE = language | CHECK_EXPIRATION = { ON | OFF} | CHECK_POLICY = { ON | OFF} | CREDENTIAL = credential_name  ::= WINDOWS [ WITH [,... ] ] | CERTIFICATE certname | ASYMMETRIC KEY asym_key_name  ::= DEFAULT_DATABASE = database | DEFAULT_LANGUAGE = language

 bulkadmin  dbcreator  diskadmin  processadmin  securityadmin  serveradmin  setupadmin  sysadmin

 CREATE LOGIN TestLogin WITH PASSWORD = ' ', CHECK_POLICY = ON, CHECK_EXPIRATION = ON GO

 CREATE USER user_name [ { { FOR | FROM } { LOGIN login_name | CERTIFICATE cert_name | ASYMMETRIC KEY asym_key_name} | WITHOUT LOGIN ] [ WITH DEFAULT_SCHEMA = schema_name ]

 db_accessadmin  db_backupoperator  db_datareader / db_datawriter  db_ddladmin  db_denydatareader / db_denydatawriter  db_owner  db_securityadmin  public

 { EXEC | EXECUTE ] AS  ::= { LOGIN | USER } = 'name' [ WITH NO REVERT ] | CALLER

 SELECT  INSERT  UPDATE  DELETE  EXECUTE  REFERENCES  CONTROL  ALTER  VIEW DEFINITION  TAKE OWNERSHIP

 GRANT EXECUTE ON Customers.asp_submitorder TO SubmitOrdersRole

 SELECT USER_NAME()  GO  EXECUTE AS USER = 'TestUser'  GO  SELECT USER_NAME()  GO  EXEC Customers.asp_submitorder 1, '1-2RB1-4RO', 5  GO  SELECT OrderID, CustomerID, OrderDate, SubTotal, TaxAmount, ShippingAmount, GrandTotal, FinalShipDate FROM Orders.OrderHeader SELECT OrderDetailID, OrderID, SKU, Quantity, UnitPrice, ShipDate FROM Orders.OrderDetail  GO  REVERT

 GRANT SELECT ON DATABASE::SQL2008SBS TO TestLogin GO  DENY VIEW DEFINITION ON DATABASE::SQL2008SBS TO TestLogin GO

 EXECUTE AS USER = 'TestLogin‘  GO  SELECT * FROM sys.objects  GO  SELECT OrderID, CustomerID, OrderDate, SubTotal, TaxAmount, ShippingAmount, GrandTotal, FinalShipDate FROM Orders.OrderHeader  GO  REVERT

 SAFE  EXTERNAL_ACCESS  UNSAFE

 1-Sided – Hashs: MD2,MD4,MD5, SHA,SHA1  2-Sided: Symetric Keys (Best Performance), Asymetric Keys(Strong),Certificates

 Service Master Key  Database Master Key  CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'password'

 OPEN MASTER KEY DECRYPTION BY PASSWORD = 'password'  BACKUP MASTER KEY TO FILE = 'path_to_file' ENCRYPTION BY PASSWORD = 'password‘  RESTORE MASTER KEY FROM FILE = 'path_to_file' DECRYPTION BY PASSWORD = ‘pwd' ENCRYPTION BY PASSWORD = ‘pwd'  CLOSE MASTER KEY

 varchar(100)  = 'SQL Server‘  SELECT  = 'SQL Server‘  SELECT

 Hash Algorithms are Case-Sensitive  MD2, MD4,SHA is also available  Remember to Salt Hashs

 CREATE SYMMETRIC KEY MySymmetricKey WITH ALGORITHM = RC4 ENCRYPTION BY PASSWORD = ‘pwd’  GO  SELECT * FROM sys.symmetric_keys  GO  CREATE TABLE SymmetricKeyDemo (ID int IDENTITY(1,1), PlainText varchar(30) NOT NULL, EncryptedText varbinary(80) NOT NULL)  GO  OPEN SYMMETRIC KEY MySymmetricKey DECRYPTION BY PASSWORD = ‘pwd’  GO

 INSERT INTO SymmetricKeyDemo (PlainText, EncryptedText) VALUES('SQL Server', EncryptByKey( Key_GUID('MySymmetricKey'),'SQL Server'))  GO  SELECT ID, PlainText, EncryptedText, cast(DecryptByKey(EncryptedText) AS varchar(30)) FROM SymmetricKeyDemo  GO  CLOSE SYMMETRIC KEY MySymmetricKey

 CREATE CERTIFICATE MyCert AUTHORIZATION dbo WITH SUBJECT = 'Test certificate‘  GO

 CREATE CERTIFICATE certificate_name [ AUTHORIZATION user_name ] { FROM | ::= ASSEMBLY assembly_name | { [ EXECUTABLE ] FILE = 'path_to_file' [ WITH PRIVATE KEY ( ) ] }

 ::= [ ENCRYPTION BY PASSWORD = 'password'] WITH SUBJECT = 'certificate_subject_name' [, [,...n ] ]  ::= FILE = 'path_to_private_key' [, DECRYPTION BY PASSWORD = 'password' ] [, ENCRYPTION BY PASSWORD = 'password' ] ::= START_DATE = 'mm/dd/yyyy' | EXPIRY_DATE = 'mm/dd/yyyy'

 CREATE TABLE CertificateDemo  (ID int IDENTITY(1,1),  PlainText varchar(30) NOT NULL,  EncryptedText varbinary(500) NOT NULL)  GO  CREATE CERTIFICATE MyCert AUTHORIZATION dbo WITH SUBJECT = 'Test certificate'

 GO  SELECT * FROM sys.certificates  GO  INSERT INTO CertificateDemo  (PlainText, EncryptedText)  VALUES('SQL Server',EncryptByCert(Cert_ID('MyCert'), 'SQL Server'))  GO  SELECT ID, PlainText, EncryptedText, CAST(DecryptByCert(Cert_Id('MyCert'),  EncryptedText) AS varchar(max))  FROM CertificateDemo