Presentation is loading. Please wait.

Presentation is loading. Please wait.

Implementing Row Level Security in SQL Server

Published byΑταλάντη Δαμασκηνός Modified over 6 years ago

Similar presentations

Presentation on theme: "Implementing Row Level Security in SQL Server"— Presentation transcript:

1 Implementing Row Level Security in SQL Server
Louis Davidson, Data Architect, CBN

2 Data Architect; CBN, drsql.org
Book Author Written 6 books on database design, along with parts of other books on DMVs, Exam Refs, MVP Deep Dives, etc. Corporate Data Architect Worked for the same company for 20 years, which has allowed me a breadth of technology experience. Louis Davidson Data Architect; CBN, drsql.org Microsoft Data Platform MVP Though I still like to call it SQL Server MVP, because I am that conservative (also known as old). /louisdavidson @drsql

3 What is Row Level Security?
Hiding rows from users based on some context Implement a predicate to hide rows based on inclusion in a role, or name, or even application/time period. Unlike most security, dbo/sa are not immune to it’s effects (unless desired) Is a form of Horizontal Partitioning Filters out rows that do not meet a security oriented predicate A primary goal will be to limit effect on the application

4 Row Level Security Example
All Data In Table CustomerId Name SalesTotal ManagedBy 1 Betty’s Bikes Fred 2 Cy’s Cycles 3 Tom’s Ten Speeds Linda 4 Paula’s Penny-farthings 200.00 Say our predicate is: USER_NAME() = ManagedBy

5 Row Level Security Linda’s View 3 Tom’s Ten Speeds 560020.00 Linda 4
CustomerId Name SalesTotal ManagedBy 3 Tom’s Ten Speeds Linda 4 Paula’s Penny-farthings 200.00

6 Row Level Security Fred’s View 1 Betty’s Bikes 200000.00 Fred 2
CustomerId Name SalesTotal ManagedBy 1 Betty’s Bikes Fred 2 Cy’s Cycles

7 Row Level Security Everyone Else’s View (Including SA and db_owner)
CustomerId Name SalesTotal ManagedBy

8 Demo Agenda We will be covering how to implement row level security using SQL Server methods, as well as other timeless methods Define row level security Using the Row Level Security (RLS) Feature The mechanics of implementing RLS Performance/scaling considerations Row level security without the feature Bonus: Dynamic Data Masking

9 Row Level Security Feature
Predicate Function Simple Table Valued UDF that returns either nothing (to not allow access) or something (to allow access) UDF parameters usually map to one or more columns in the table. Security Policy Attaches the predicate function to a table Predicate functions can be applied to: Filter our data from the user’s view Block a user from performing some action

10 Demo Time! Row Level Security

11 Learn more from Louis Davidson
@drsql

Download ppt "Implementing Row Level Security in SQL Server"

Similar presentations

Implementing Fine Grained Access Control and Masking

Implementing Fine Grained Access Control and Masking
SQL SERVER 2012 XVELOCITY COLUMNSTORE INDEX Conor Cunningham Principal Architect SQL Server Engine.

SQL SERVER 2012 XVELOCITY COLUMNSTORE INDEX Conor Cunningham Principal Architect SQL Server Engine.
Unleashing the Power of Kinetic Bridging Ben Christenson Kinetic Data.

Unleashing the Power of Kinetic Bridging Ben Christenson Kinetic Data.
HOW TO OPTIMIZE A HIERARCHY IN SQL SERVER Louis Davidson (drsql.org)

HOW TO OPTIMIZE A HIERARCHY IN SQL SERVER Louis Davidson (drsql.org)
ORACLE DATABASE SECURITY

ORACLE DATABASE SECURITY
Object Oriented Databases by Adam Stevenson. Object Databases Became commercially popular in mid 1990’s Became commercially popular in mid 1990’s You.

Object Oriented Databases by Adam Stevenson. Object Databases Became commercially popular in mid 1990’s Became commercially popular in mid 1990’s You.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 6 Virtual Private Databases.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 6 Virtual Private Databases.
Vidas Matelis, Toronto SQL Server User Group November 13, 2008.

Vidas Matelis, Toronto SQL Server User Group November 13, 2008.
Security David Frommer Principal Architect Business Intelligence Microsoft Partner of the Year 2005 & 2007.

Security David Frommer Principal Architect Business Intelligence Microsoft Partner of the Year 2005 & 2007.
Microsoft SharePoint Server 2010 for the Microsoft ASP.NET Developer Yaroslav Pentsarskyy

Microsoft SharePoint Server 2010 for the Microsoft ASP.NET Developer Yaroslav Pentsarskyy
8.1 Lawson Security Overview Del Dehn Product Manager.

8.1 Lawson Security Overview Del Dehn Product Manager.
October 1-2 Ølensvåg. AppFrame SQL – Security Session Code: SQL-201-Security Speaker(s): Jekaterina Golouchova.

October 1-2 Ølensvåg. AppFrame SQL – Security Session Code: SQL-201-Security Speaker(s): Jekaterina Golouchova.
Jennifer Widom Constraints & Triggers Triggers – Demo (Part 1)

Jennifer Widom Constraints & Triggers Triggers – Demo (Part 1)
Views Lesson 7.

Views Lesson 7.
1 Integration Services in SQL Server 2008 Allan Mitchell – SQLBits – Oct 2007.

1 Integration Services in SQL Server 2008 Allan Mitchell – SQLBits – Oct 2007.
SQL Server 2008 Audit by Thomas LaRock April 24 th, 2010.

SQL Server 2008 Audit by Thomas LaRock April 24 th, 2010.
Chapter 6 Virtual Private Databases

Chapter 6 Virtual Private Databases
Mickey Stuewe Microsoft Junkie Red Gate Addict Creating User Friendly SSRS Reports.

Mickey Stuewe Microsoft Junkie Red Gate Addict Creating User Friendly SSRS Reports.
Overview of Security Investments in SQL Server 2016 and Azure SQL Database Jamey Johnston 1/15/2016Security Investments in SQL Server 2016 and Azure SQL.

Overview of Security Investments in SQL Server 2016 and Azure SQL Database Jamey Johnston 1/15/2016Security Investments in SQL Server 2016 and Azure SQL.
Chapter 9 Lecture 4. NetWare Novell’s network operating system Biggest competitor – Microsoft Windows.

Chapter 9 Lecture 4. NetWare Novell’s network operating system Biggest competitor – Microsoft Windows.

Similar presentations

Ads by Google