Presentation is loading. Please wait.

Presentation is loading. Please wait.

Boris Hristov, SQL Server MVP

Published byUrsula Clark Modified over 6 years ago

Similar presentations

Presentation on theme: "Boris Hristov, SQL Server MVP"— Presentation transcript:

1 Boris Hristov, SQL Server MVP
Securing SQL Azure DB? Boris Hristov, SQL Server MVP

2 Organizer SQLSaturday Rheinland 2015

3 Bronze Sponsor SQLSaturday Rheinland 2015

4 Silver Sponsor SQLSaturday Rheinland 2015

5 Gold Sponsor SQLSaturday Rheinland 2015

6 You rock! SQLSaturday Rheinland 2015

7 That’s not a marketing talk!
DISCLAIMER: That’s not a marketing talk!

8 So who is this guy Boris? @BorisHristov

9 Session’s Timeline coolness Dynamic Data Masking Row Level Security

10 Dynamic Data Masking

11 “Have you ever…”

12 SELECT * FROM dbo.Customers
custid FirstName LastName PhoneNumber Address CreditcardNumber 1 Boris Hristov 2 Ivan Donev 3 Stanislav Zhelyaskov 4 Minchev

13 SELECT * FROM dbo.Customers
custid FirstName LastName PhoneNumber Address CreditcardNumber 1 Boris Hristov xxxx-xxxx-xxxx-1111 2 Ivan Donev xxxx-xxxx-xxxx-2222 3 Stanislav Zhelyaskov xxxx-xxxx-xxxx-3333 4 Minchev xxxx-xxxx-xxxx-4444

14 Dynamic Data Masking

15 DEMO Dynamic Data Masking

16 Row Level Security

17 “Have you ever…”

18 SELECT * FROM dbo.Orders
orderid custid orderdate shipdate shipcountry 1 4/20/ :15:49 Bulgaria 2 Germany 3 4 5

19 SELECT * FROM dbo.Orders
orderid custid orderdate shipdate shipcountry 1 4/20/ :15:49 Bulgaria 4 2 5 3

20 How is that possible?

21 No GUI, folks  -- user defined function
CREATE FUNCTION Security.fn_securitypredicate AS sysname) RETURNS TABLE WITH SCHEMABINDING AS RETURN SELECT 1 AS fn_securitypredicate_result = USER_NAME() OR USER_NAME() = 'Manager'; -- security policy CREATE SECURITY POLICY SalesFilter ADD FILTER PREDICATE Security.fn_securitypredicate(SalesRep) ON dbo.Sales WITH (STATE = ON);

22 DEMO Row Level Security

23 Cool, huh?

24 Not that fast…

25 Session’s Timeline coolness Dynamic Data Masking Row Level Security

26 DEMO Row Level Security Issues

27 So is that a security feature then?

28 Or is that a programmability feature?

29 Summary There’s a lot going on in SQL Azure DB
Easily mask sensitive data with Dynamic Data Masking Limit the rows users can see with Row Level Security Be aware of the current issues of RLS

30 Save the date! SQLSaturday Rheinland 2015

31 Thank you! Contacts: brshristov@live.com www.borishristov.com

Download ppt "Boris Hristov, SQL Server MVP"

Similar presentations

1Key – Report Creation with DB2. DB2 Databases Create Domain for DB2 Test Demo.

1Key – Report Creation with DB2. DB2 Databases Create Domain for DB2 Test Demo.
ORIENTAL BUFFET ONLINE BY MARTIN SHUEH. BACKGROUND - Family Business - Open since 1998 - locations.

ORIENTAL BUFFET ONLINE BY MARTIN SHUEH. BACKGROUND - Family Business - Open since locations.
Overview and Roadmap for Microsoft SQL Server Security

Overview and Roadmap for Microsoft SQL Server Security
ORACLE DATABASE SECURITY

ORACLE DATABASE SECURITY
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 6 Virtual Private Databases.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 6 Virtual Private Databases.
Manage & Configure SQL Database on the Cloud Haishi Bai Technical Evangelist Microsoft.

Manage & Configure SQL Database on the Cloud Haishi Bai Technical Evangelist Microsoft.
SQL SERVER 2012 FOR THE NEW WORLD OF DATA Doug Leland General Manager SQL Server Marketing.

SQL SERVER 2012 FOR THE NEW WORLD OF DATA Doug Leland General Manager SQL Server Marketing.
Pulse for TM1 Version 4 New features, improvements and lots more.

Pulse for TM1 Version 4 New features, improvements and lots more.
INSERT Statement. 2 home back first prev next last What Will I Learn? Give examples of why it is important to be able to alter the data in a database.

INSERT Statement. 2 home back first prev next last What Will I Learn? Give examples of why it is important to be able to alter the data in a database.
SQL Server User Defined Functions. CREATE FUNCTION [ schema_name. ] function_name ( [ [ AS ][ type_schema_name. ] parameter_data_type.

SQL Server User Defined Functions. CREATE FUNCTION [ schema_name. ] function_name ( [ [ AS ][ type_schema_name. ] parameter_data_type.
Drilling down Restrictions on data interaction between browser and server a new connection has to be made for each interaction Solution: break up the data.

Drilling down Restrictions on data interaction between browser and server a new connection has to be made for each interaction Solution: break up the data.
Ch 3. Working with Tables and Views. Data type Specify type of data to be entered into a column (text, number, datetime, etc) Unicode (National) Datatypes.

Ch 3. Working with Tables and Views. Data type Specify type of data to be entered into a column (text, number, datetime, etc) Unicode (National) Datatypes.
SQLintersection Session: Tuesday, 12:00-1:00pm NEW SECURITY FEATURES IN SQL SERVER 2016 & AZURE SQL DB Aaron Bertrand

SQLintersection Session: Tuesday, 12:00-1:00pm NEW SECURITY FEATURES IN SQL SERVER 2016 & AZURE SQL DB Aaron Bertrand
#SQLSAT454 SQL Server 2016 New Security Features Gianluca

#SQLSAT454 SQL Server 2016 New Security Features Gianluca
Overview of Security Investments in SQL Server 2016 and Azure SQL Database Jamey Johnston 1/15/2016Security Investments in SQL Server 2016 and Azure SQL.

Overview of Security Investments in SQL Server 2016 and Azure SQL Database Jamey Johnston 1/15/2016Security Investments in SQL Server 2016 and Azure SQL.
Securing Data on your Terms Kristina Rumpff SQL Saturday #464, Melbourne 20 th February 2016.

Securing Data on your Terms Kristina Rumpff SQL Saturday #464, Melbourne 20 th February 2016.
Reactor An ORM framework for ColdFusion Presentation By: Doug Hughes

Reactor An ORM framework for ColdFusion Presentation By: Doug Hughes
SQL Server 2016 Security Features Marek Chmel Microsoft MVP: Data Platform Microsoft MCT: Regional Lead MCSE: Data Platform Certified Ethical Hacker.

SQL Server 2016 Security Features Marek Chmel Microsoft MVP: Data Platform Microsoft MCT: Regional Lead MCSE: Data Platform Certified Ethical Hacker.
Putting Your Head in the Cloud Working with SQL Azure David Postlethwaite 18/06/2016David Postlethwaite.

Putting Your Head in the Cloud Working with SQL Azure David Postlethwaite 18/06/2016David Postlethwaite.
Carlos Bossy Quanta Intelligence SQL Server MCTS, MCITP BI CBIP, Data Mining Real-time Data Warehouse and Reporting Solutions.

Carlos Bossy Quanta Intelligence SQL Server MCTS, MCITP BI CBIP, Data Mining Real-time Data Warehouse and Reporting Solutions.

Similar presentations

Ads by Google