Module 13: Creating Highly Concurrent SQL Server 2012 Applications Course 10776A Module 13: Creating Highly Concurrent SQL Server 2012 Applications Securing SQL azure Database? Boris Hristov SQLSaturday #411 Cambridge
That’s not a marketing talk! DISCLAIMER: That’s not a marketing talk!
So who’s Boris? @BorisHristov
Module 4: Managing Security Course 2786B Module 4: Managing Security Session’s Timeline coolness Dynamic Data Masking Row Level Security time
Dynamic Data Masking
“Have you ever…”
SELECT * FROM dbo.Customers custid FirstName LastName PhoneNumber EmailAddress CreditcardNumber 1 Boris Hristov +359889000000 brshristov@live.com 1111-1111-1111-1111 2 Ivan Donev idonev@live.com 2222-2222-2222-2222 3 Stanislav Zhelyaskov szhelyaskov@live.com 3333-3333-3333-3333 4 Minchev iminchev@live.com 4444-4444-4444-4444
SELECT * FROM dbo.Customers custid FirstName LastName PhoneNumber EmailAddress CreditcardNumber 1 Boris Hristov +359889000000 bxx@xxxx.com xxxx-xxxx-xxxx-1111 2 Ivan Donev ixxx@xxxx.com xxxx-xxxx-xxxx-2222 3 Stanislav Zhelyaskov sxx@xxxx.com xxxx-xxxx-xxxx-3333 4 Minchev ixx@live.com xxxx-xxxx-xxxx-4444
Dynamic Data Masking
DEMO Dynamic Data Masking
Row Level Security
“Have you ever…”
SELECT * FROM dbo.Orders orderid custid orderdate shipdate shipcountry 1 4/20/2015 20:15:49 Bulgaria 2 Germany 3 4 5
SELECT * FROM dbo.Orders orderid custid orderdate shipdate shipcountry 1 4/20/2015 20:15:49 Bulgaria 4 2 5 3
How is that possible?
No GUI, folks -- user defined function CREATE FUNCTION Security.fn_securitypredicate (@SalesRep AS sysname) RETURNS TABLE WITH SCHEMABINDING AS RETURN SELECT 1 AS fn_securitypredicate_result WHERE @SalesRep = USER_NAME() OR USER_NAME() = 'Manager'; -- security policy CREATE SECURITY POLICY SalesFilter ADD FILTER PREDICATE Security.fn_securitypredicate(SalesRep) ON dbo.Sales WITH (STATE = ON);
DEMO Row Level Security
Cool, huh?
Not that fast…
Module 4: Managing Security Course 2786B Module 4: Managing Security Session’s Timeline coolness Dynamic Data Masking Row Level Security time
DEMO Row Level Security Issues
So is that a security feature then?
Or is that a programmability feature?
Take away(s) RLS is great. Just be aware of the current issues! Easily mask sensitive data with Dynamic Data Masking A lot’s going on in SQL Azure DB…
Stick around for SWAG! (Prize drawing at 5.00 p.m) All our volunteers and organisers do not get paid for running SPS SQLSaturday Cambridge and do it because they believe in the power of community (or are just plain nuts). Please show your gratitude for making this possible by: Giving them a hug Shaking their hand Saying thank you Coming back next year Consider getting your company to pay for a precon next year Speading the word Getting involved yourself But most of all, by enjoying the day! Don’t forget to thank the sponsors for their support Thank the speakers for donating their time, energy and expenses
Stick around for SWAG! (Prize drawing at 5.00 p.m) SQLCloud — XBox One!!! (make sure you know how to play the Jet Set Willy vendor competition!) SQLCloud—Dark Side Of The Moon, The Wall and Wish You Were Here Microsoft — MCP Voucher Data Idols — Supercar Driving Experience Profisee — Signed MDS Book and £50 Amazon Voucher SQLSentry — Plan Explorer PRO License Pyramid Analytics—Coffee Machine Effektor — Lego Big Ben Rencore — SPCAF Professional License (valued at $2099!) Axioworks — Amazon Fire TV and £75 Amazon Voucher DELL — Beats by Dr Dre Headphones Redgate — DLM Workshop Pluralsight — Annual Plus subscriptions All Your Base Conference — 3 x Conference Tickets VisualSP—Annual training subscription Loads of books and much much more!!!
Module 13: Creating Highly Concurrent SQL Server 2012 Applications Course 10776A Module 13: Creating Highly Concurrent SQL Server 2012 Applications Thank you! Contacts: brshristov@live.com www.borishristov.com @BorisHristov