Implementing Row Level Security in SQL Server

Slides:



Advertisements
Similar presentations
Implementing Fine Grained Access Control and Masking
Advertisements

SQL SERVER 2012 XVELOCITY COLUMNSTORE INDEX Conor Cunningham Principal Architect SQL Server Engine.
Unleashing the Power of Kinetic Bridging Ben Christenson Kinetic Data.
HOW TO OPTIMIZE A HIERARCHY IN SQL SERVER Louis Davidson (drsql.org)
ORACLE DATABASE SECURITY
Object Oriented Databases by Adam Stevenson. Object Databases Became commercially popular in mid 1990’s Became commercially popular in mid 1990’s You.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 6 Virtual Private Databases.
Vidas Matelis, Toronto SQL Server User Group November 13, 2008.
Security David Frommer Principal Architect Business Intelligence Microsoft Partner of the Year 2005 & 2007.
Microsoft SharePoint Server 2010 for the Microsoft ASP.NET Developer Yaroslav Pentsarskyy
8.1 Lawson Security Overview Del Dehn Product Manager.
October 1-2 Ølensvåg. AppFrame SQL – Security Session Code: SQL-201-Security Speaker(s): Jekaterina Golouchova.
Jennifer Widom Constraints & Triggers Triggers – Demo (Part 1)
Views Lesson 7.
1 Integration Services in SQL Server 2008 Allan Mitchell – SQLBits – Oct 2007.
SQL Server 2008 Audit by Thomas LaRock April 24 th, 2010.
Chapter 6 Virtual Private Databases
Mickey Stuewe Microsoft Junkie Red Gate Addict Creating User Friendly SSRS Reports.
Overview of Security Investments in SQL Server 2016 and Azure SQL Database Jamey Johnston 1/15/2016Security Investments in SQL Server 2016 and Azure SQL.
Chapter 9 Lecture 4. NetWare Novell’s network operating system Biggest competitor – Microsoft Windows.
Advanced Analysis Services Security Chris Webb Crossjoin Consulting Limited.
SQL Server 2016 Security Features Marek Chmel Microsoft MVP: Data Platform Microsoft MCT: Regional Lead MCSE: Data Platform Certified Ethical Hacker.
SECURING SQL AZURE DATABASE? Boris Hristov SQLSaturday #413 Copenhagen.
SQL Server Performance Tuning
Introduction to tds_fdw
Top 10 Entity Framework Features Every Developer Should Know
Telling Stories with Data
What’s new in SQL Server 2017 for BI?
Enterprise Row Level Security: SQL Server 2016 and Azure SQL DB
Thank You! #sqlsatdnipro Denis
Microsoft MB6-704 Microsoft Dynamics AX 2012 R3 CU8 Development Introduction Practice Exam Questions.
6/16/2018 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Let Me Finish... Isolating Write Operations
Solving the Hard Problems
Cameron Blashka| Informer Implementation Specialist
Managing onedrive for business
Boris Hristov, SQL Server MVP
Encryption in SQL Server
Let Me Finish... Isolating Write Operations
Let Me Finish... Isolating Write Operations
Principles of report writing
Overview of Security Investments
Constraints & Triggers
Hidden Gems of SQL Server 2014
Hidden gems of SQL Server 2016
Introduction to .NetTiers
Row Level Security in SQL Azure and in On Premise
Implementing Row Level Security (RLS)
End to End Security and Encryption in SQL Server
SQL Server Performance Tuning Nowadays
Constraints & Triggers
Boris Hristov, SQL Server MVP
Hidden Gems of SQL Server 2016
What’s new with SQL Server
Authentication and Authorization in ColdFusion
Enterprise RLS in SQL Server in Power BI
Let Me Finish... Isolating Write Operations
Hidden Gems of SQL Server 2014
Let Me Finish... Isolating Write Operations
Zero to Tabular Patrick LeBlanc Data Platform Solution Architect
Hidden Gems of SQL Server 2014
SQL Server 2016 Security Features
Databases Continued 10/18/05.
Boris Hristov, SQL Server MVP
Hybrid Power BI With the on Premise Data Gateway
Hidden Gems of SQL Server 2014
Bob Duffy 27 years in database sector, 250+ projects
Why should I care about SQL, if I have ORM?
The Ins and Outs of Indexes
Presentation transcript:

Implementing Row Level Security in SQL Server Louis Davidson, Data Architect, CBN

Data Architect; CBN, drsql.org Book Author Written 6 books on database design, along with parts of other books on DMVs, Exam Refs, MVP Deep Dives, etc. Corporate Data Architect Worked for the same company for 20 years, which has allowed me a breadth of technology experience. Louis Davidson Data Architect; CBN, drsql.org Microsoft Data Platform MVP Though I still like to call it SQL Server MVP, because I am that conservative (also known as old). /louisdavidson @drsql http://drsql.org/blog

What is Row Level Security? Hiding rows from users based on some context Implement a predicate to hide rows based on inclusion in a role, or name, or even application/time period. Unlike most security, dbo/sa are not immune to it’s effects (unless desired) Is a form of Horizontal Partitioning Filters out rows that do not meet a security oriented predicate A primary goal will be to limit effect on the application

Row Level Security Example All Data In Table CustomerId Name SalesTotal ManagedBy 1 Betty’s Bikes 200000.00 Fred 2 Cy’s Cycles 10003.21 3 Tom’s Ten Speeds 560020.00 Linda 4 Paula’s Penny-farthings 200.00 Say our predicate is: USER_NAME() = ManagedBy

Row Level Security Linda’s View 3 Tom’s Ten Speeds 560020.00 Linda 4 CustomerId Name SalesTotal ManagedBy 3 Tom’s Ten Speeds 560020.00 Linda 4 Paula’s Penny-farthings 200.00

Row Level Security Fred’s View 1 Betty’s Bikes 200000.00 Fred 2 CustomerId Name SalesTotal ManagedBy 1 Betty’s Bikes 200000.00 Fred 2 Cy’s Cycles 10003.21

Row Level Security Everyone Else’s View (Including SA and db_owner) CustomerId Name SalesTotal ManagedBy

Demo Agenda We will be covering how to implement row level security using SQL Server 2016+ methods, as well as other timeless methods Define row level security Using the Row Level Security (RLS) Feature The mechanics of implementing RLS Performance/scaling considerations Row level security without the feature Bonus: Dynamic Data Masking

Row Level Security Feature Predicate Function Simple Table Valued UDF that returns either nothing (to not allow access) or something (to allow access) UDF parameters usually map to one or more columns in the table. Security Policy Attaches the predicate function to a table Predicate functions can be applied to: Filter our data from the user’s view Block a user from performing some action

Demo Time! Row Level Security

Learn more from Louis Davidson @drsql louis@drsql.org http://drsql.org/blog

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.