Additional Security Tools Lesson 15

Skills Matrix

Guarding Your Data Maintaining data integrity can also involve data encryption and auditing.

Encryption You can put another layer, encryption, on top of all this security. SQL Server encrypts data with hierarchical encryption and key management infrastructure. Each layer encrypts the layer below it by using a combination of certificates, asymmetric keys, and symmetric keys, in scopes that parallel the permissions hierarchy

SQL Server Encryption To encrypt your connections to SQL Server, you first need to get a certificate. You can get one from one of the major vendors such as VeriSign, or you can install Windows Certificate services and supply your own. Once you have a certificate, you need to install it on the server. Finally, you need to configure the clients to request encrypted connections to the server.

SQL Server Encryption The database-level cryptographic features in SQL Server rely on a database master key. This key does not generate automatically when you create the database. –It must be created by the system administrator. You need but one master key per database.

Transparent Data Encryption SQL Server 2008 includes a new feature known as Transparent Data Encryption (TDE). This encryption is transparent to the application code as SQL Server 2008 automatically handles the encryption and decryption of all data going in to and out of the database. The primary purpose of this TDE feature is to have the entire database encrypted so that any unauthorized person having direct access to copies of the database files and / or transaction log files cannot decrypt and read the data.

Transparent Data Encryption It is critically important to understand that the database master key and the encryption certificate need to be backed up to a secure location. This location also needs to be separate from regular backups or other copies of the database files. The encryption security provided by TDE is meaningless if database files and the certificate both fall into the hands of the wrong person.

Extensible Key Management SQL Server 2008 includes a new feature known as Extensible Key Management (EKM). This is a method of providing for encryption methods using software and possibly hardware such as smart cards or USB devices provided by third-party entities. With EKM, encryption can be established using physical hardware known as a Hardware Security Module (HSM). This can be a more secure solution because the encryption keys do not reside with encrypted data in the database. Instead, the keys are stored on the hardware device.

Audits Audits keep a record of database activities. Set configuration options for the factors of concern and then review the results. If you suspect someone uses an employee’s login inappropriately, audit for logins and look for suspicious behaviors.

C2 Criteria In 1985, the Department of Defense published DOD Directive STD, Department of Defense Standard, “Department of Defense Trusted Computer System Evaluation Criteria” known familiarly as the “Orange Book” which was part of the “Rainbow Series” of security evaluation criteria. The Orange Book laid out a matrix where A was the most trusted and D the least trusted. Numbers were also used where 1 was the most stringent criteria. The resultant classes, then, are A1, B1, B2, B3, C1, C2 and D.

C2 Criteria C2 requires controlled access protection and is deemed appropriate for “business sensitive” data—less guarded then confidential, secret or top secret classifications. C2 requires individual accountability through login procedures, audit trails, object reuse and resource isolation. SQL Server provides these protections

Auditing Auditing an instance of SQL Server or a SQL Server database involves tracking and logging events that occur on the system. SQL Server Utility provides you a means to audit and manage your SQL Server environment as a whole through the concept of application and multiserver management.

SQL Server Utility SQL Server Utility provides you a means to audit and manage your SQL Server environment as a whole through the concept of application and multiserver management. The SQL Server Utility models your organization’s SQL Server-related entities in a unified view.

SQL Server Utility Architecture

SQL Server Utility Utility Explorer and SQL Server Utility viewpoints (in SSMS) provide administrators a holistic view of resource health through an instance of SQL Server that serves as a utility control point (UCP). Entities viewable in a SQL Server UCP include instances of SQL Server, data-tier applications, database files and storage volumes. Resource use can be monitored for CPU and storage use.

Summary SQL Server encryption provides an additional security protection from hackers or eavesdroppers. While someone might access your file stream or table, they will find the information undecipherable. This comes at the expense of additional overhead.

Summary With auditing you can create a record of what happens on your SQL Server instance. You can record successful connections to learn who uses what resources how often. A management report might be appropriate to reward diligent employees. With SQL Utility you can monitor the resource health of your entire enterprise and produce near real-time management and analysis reports.

Summary for Certification Examination Know how to configure encryption on a column. Understand transparent data encryption and its value. For a given situation, determine which auditing technique can be of value.