1. What’s new in SQL Server and Azure SQL Security
Andreas Wolter

3. Agenda Always Encrypted with secure enclaves in SQL Server 2019
Private Link for Azure SQL Database
Azure Active Directory Migration Support
Data Classification & Data Discovery
Coming next

4. Always Encrypted with secure enclaves in SQL Server 2019

5. Protecting Data Through its Lifecycle
Existing
New
In use
Protect/Encrypt data that is in use during computation
Always Encrypted
At rest
Encrypt inactive data when stored in database files, backup files, log files, etc.
SQL Server Transparent Database Encryption (TDE)
In transit
Encrypt data that is flowing between applications and the database
TLS
Protective sensitive business data is more important today than ever before. Corporate trade secrets, national security information, personal medical records, Social Security and credit card numbers are all stored, used, and transmitted online and through connected devices.
Data needs to be protected in three states: at rest, in use, and in motion. Each state presents unique security challenges.
Data in transit
Data is in transit when it is being transmitted between components or tiers of a computer system, either over the public or untrusted network such as the internet or a private network such as a corporate or enterprise Local Area Network (LAN). Specifically, in the database world: when it is being transmitted between a database system and a database client (typically a middle tier in a multi-tier system). Transport Layer Security is a mechanism that is commonly used to protect data in transit – SQL Server/Azure SQL Database that support TLS 1.2.
Data at Rest
Data is at rest when it is stored on a hard drive. In SQL Server/Azure SQL Database, this means data in database files (.mdf), log files (.ldf), backup failes (.bak), bacpac, etc. Either encrypting the entire drive or encrypting particular files, e.g. by using Transparent Database Encryption (TDE), is one of the best ways to ensure the security of data at rest.
TDE ensures encryption of database files the page level. The pages in an encrypted database are encrypted before they are written to disk and decrypted when read into memory.
Data in Use
Data in use is data that is stored in a non-persistent memory, CPU caches or registers – in other words, the data used during computations. Most database systems support both encryption at rest and in transit. However, encryption of data while in use has been missing in database system. Always Encrypted, which is the main topic of this presentation, is the industry first solution that ensures protected data use by brining confidential computing capabilities to Azure SQL Database and SQL Server.

6. Current GA version in SQL Server 2016/17 and Azure SQL DB
Enhanced Client Driver
plaintext
ciphertext
SQL
C: \
Always Encrypted
Protects sensitive data in use from high- privileged yet unauthorized SQL users both on-premises and in the cloud
Client side Encryption
Client-side encryption of sensitive data using keys that are never given to the database system
Encryption Transparency
Client driver transparently encrypts query parameters and decrypts encrypted results
Queries on Encrypted Data
Support for equality comparison, including join, group by and distinct operators via deterministic encryption

7. Always Encrypted – Column-Level Encryption
Stored in an external key store:
Azure Key Vault
Windows Certificate Store
Hardware Security Module
a custom key store
Stored in the database metadata (in the encrypted form)
Column Encryption Key
(CEK)
Column Master Key
(CMK)
Sensitive
data
column
Encrypted with
Encrypted with
Always Encrypted employs a two-level key hierarchy consisting of column encryption keys (CEKs) and column master keys (CMKs). Encrypted CEKs are stored in the database metadata. CMKs are stored outside of SQL Server, in a key store available to applications expected to access the data in plaintext.

8. How Always Encrypted works
SQL Server
or Azure SQL Database
CMK Store
Client
CMK
exec sp_describe_parameter_encryption
@params = VARCHAR(11)'
= N'SELECT Name FROM Patients WHERE SSN
using (SqlCommand cmd = new SqlCommand(
"SELECT Name FROM Patients WHERE SSN
, conn)) {
cmd.Parameters.Add(new SqlParameter(
  SqlDbType.VarChar, 11).Value = 
" ");
SqlDataReader reader =
cmd.ExecuteReader(); }
CEK
Param
Encrypted CEK Value
CMK Store Provider Name
CMK Path
@SSN
AZURE_KEY_VAULT
EXEC sp_execute_sql
N'SELECT Name FROM Patients WHERE SSN =
Enhanced Client Driver
Param
Encrypted CEK Value
CMK Store Provider Name
CMK Path
@Name
AZURE_KEY_VAULT
Patients table
Result set (plaintext)
Name
SSN
0x19cae7…
0x7ff6a54…
0xfbd9ae…
0x654ae6…
Name
John Smith
Name
0x19cae706fbd9

9. Always Encrypted - Challenges
11/20/ :02 AM
Current GA version in SQL Server 2016/17 and Azure SQL DB
Always Encrypted - Challenges
Many applications require support for queries that do more than equality comparison
Data needs to be moved out of the database for initial encryption and key rotation
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10. Always Encrypted with Secure Enclaves
SQL Server 2019
Always Encrypted with Secure Enclaves
Enhanced Client Driver
plaintext
ciphertext
SQL
C: \
Protects sensitive data in use while preserving rich queries and providing in-place encryption
plaintext
Enclave
Secure computations inside an enclave
SQL Server Engine delegates operations on encrypted to a secure enclave, where the data can be safely decrypted and processed
Rich Queries
Supports pattern matching (LIKE), range queries (<, >, etc.), and indexing on encrypted columns
In-place Encryption
The secure enclave supports initial data encryption and key rotation in-place - without moving the data out of the database

11. Confidential Computing using Enclaves
11/20/ :02 AM
Confidential Computing using Enclaves
Code
Data
Enclave – an isolated region of memory
Provides a trusted execution environment
Data stored inside the enclave cannot be accessed outside of the enclave​
Code running inside enclave must be signed and cannot be modified​
Secure isolation powered by
Hardware, e.g. Intel Software Guard Extension (SGX), OR
Hypervisor, e.g. Virtualization Based Security​ in Windows Server 2019, Windows 10, v. 1809
App
App
Operating System
Hypervisor
Hardware
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12. Always Encrypted with Secure Enclaves in SQL Server 2019

13. Always Encrypted with Enclaves in Screenshots

14. Enclaves are Black Boxes to the Outside World
Browsing the memory of an enclave with a debugger reveals nothing

15. Enhanced Client Driver
11/20/ :02 AM
Enclave Attestation
How do you (and your app) know the enclave can be trusted?
By using an attestation protocol and an attestation service
Verifies the code running inside the enclave is the genuine SQL enclave code
SGX – verifies the enclave is a genuine SGX enclave
VBS – verifies Hypervisor has not been tampered with
Attestation Service
Enhanced Client Driver
plaintext
ciphertext
SQL
C: \
plaintext
Enclave
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16. Enhanced Client Driver
11/20/ :02 AM
Secure Tunnel
How does the enclave get the keys to encrypt/decrypt data?
Via a secure tunnel – the client driver and the enclave negotiate a session key
The client driver
Encrypts columns encryption key with the session key and sends to the enclave
Enhanced Client Driver
plaintext
ciphertext
SQL
C: \
plaintext
Enclave
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17. Indexing Support

18. Indexing on Columns Encrypted with Randomized Encryption
11/20/ :02 AM
Indexing on Columns Encrypted with Randomized Encryption
Index key values are encrypted while they are sorted based on plaintext
Operations on indexes use the enclave for comparisons
CREATE/ALTER INDEX
DML queries that use/update indexes
Database recovery (UNDO)
For all these operations the enclave must have the CEK for the indexed column
Supplied by the client calling the operation
Obtained from the CEK cache (populated by previous queries)
Enable role separation: DBAs can manage encrypted indexes without have access to the keys
Client
SQL Query Processor
Enclave
x < y
index
cache
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19. Indexing – User Experience
Operation
Where does the enclave get the CEK from?
Directly from Client – No role separation
(column encryption setting = enabled)
From Key Cache – Role separation
(column encryption setting = disabled)
CREATE/UPDATE INDEX X
DELETE, INSERT INTO/SELECT (no encrypted parameters)
Queries with parameters against encrypted columns (e.g. SELECT * FROM T WHERE c LIKE ‘111%’)

20. Indexing – User Experience (cont.)
11/20/ :02 AM
Indexing – User Experience (cont.)
Database Recovery
Problem: during the recovery, indexes on encrypted columns must be recovered
The enclave needs to have the keys because UNDO recovery is logical
Solution
Customers need to enable Accelerated Database Recovery (ADR) before creating an index on an encrypted column
After SQL Server restarts, the database will become available in constant time
Dirty versions in the index need to be cleaned (version cleaner running in the background)
When an app sends the keys to cache, the cleanup will succeed.
Clustered indexes not supported
Backup/Restore
Problem: What happens if I restore a database with indexes in encrypted columns and the enclave is not available?
Solution – Restoring will succeed, but the indexes will be marked as invalid
Customers need to enable Accelerated Database Recovery (ADR) before creating an index on an encrypted column
After SQL Server restarts, the database will become available in constant time
Dirty versions in the index need to be cleaned (version cleaner running in the background)
When there are no keys in the cache, version cleaner will error out, but the database availability is not affected
When an app sends the keys to cache, the cleanup will succeed.
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21. Attestation via Host Guardian Service
Host Guardian Service (HGS)
Windows Server role
Provides machine health attestation
Used by Windows Guarded Fabric, Shielded VMs, and SQL Server
HGS supports 2 attestation modes
Host Key mode - recommended use cases: Test
TPM or hardware mode - recommended use cases: Production
For production, Microsoft recommends
Running HGS in a Windows failover cluster (for high-availability)
Joining HGS machines to a separate bastion Active Directory forest (for security isolation)

22. VBS Enclave Attestation Workflow using HGS
Client machine
Server/host machine
SQL
1. query
2. sp_describe_parameter_encryption
Enhanced Client Driver
C: \
VBS Enclave
4. Get enclave report
Enclave report
(signed with host’s VBS private key)
6. Verify
Windows
Client-side verification passes if:
The host health certificate has been signed with a private key corresponding to the HGS public key.
The enclave report has been signed with a private key corresponding to the host VBS public key in the host health certificate.
The enclave report contains a specific enclave code signature.
The enclave report indicates the enclave is not a debug enclave.
Host health certificate
(signed with HGS private key,
includes host’s VBS public key)
3. Get host health certificate
5. Get HGS public key
Host Guardian Service
(HGS)
HGS public key
HGS machine

23. Always Encrypted with secure enclaves in SQL Server 2019
Supporting VBS enclaves with Host Guardian Service for attestation
Functionality:
In-place encryption (via ALTER TABLE DDL)
LIKE, range comparisons
Indexing
Drivers:
System.Data.SqlClient in .NET Framework
ODBC

24. Next Steps Try it now in SQL Server 2019 RC
Tutorial:
Documentation at
Blog:
GitHub:
Help us find early adopters
Connect with us directly at
(or:

25. Private Link for Azure SQL Database

26. SQL Database network access controls
IP based Firewall rules
VNET Firewall rules

27. What we heard from customers
We want to prevent a rouge actor inside an Azure VM from connecting to an unapproved SQL Database, while still allowing outbound connections to approved SQL Database
My customer is deploying SQL Data Warehouse in Azure, and want to connect from on-premises
Data Exfiltration
We want to shut down public endpoint access to SQL Database and not have to whitelist any IP addresses
We want to implement an NVA solution to filter and analyze traffic flows to/from SQL Database
Compliance & Monitoring

28. Microsoft Azure Confidential
VNET Integration Pattern with
Private Link (formerly known as “Private Endpoint”)
PaaS Service instances running outside customer’s VNET
Private access to PaaS resources
PaaS resource secured to customer VNet’s
Management operations done within PaaS service
PaaaS services
Microsoft Azure Confidential

29. Mapping private endpoints to Azure PaaS resources

30. Client Connectivity Scenarios to Private Endpoint
US EAST
VMVNET-EUS
Azure VM
VNET Peering
No access to Internet
SQLDBVNET-EUS
US EAST
Azure VM
US WEST
VMVNET-WUS
Azure VM
Vnet2Vnet
VNET Gateway
Private Endpoint
Connection
VNET Gateway
On-premises
P2S, S2S VPN Express Route

31. Microsoft Azure Confidential
VNet Integration Patterns
Service instances running inside customer’s VNet
Service running outside customer’s VNet
Service Management
Private access to PaaS resources
Management Isolated
PaaS resource secured to customer VNet’s
Private access to PaaS resources
Management exposed using public IP addresses
Complex network configuration
Service Public IP
VNet injection
Private Link
Microsoft Azure Confidential

32. Azure Active Directory Migration Support

33. Requirements The Windows domain is federated with AAs
Restore from Backup done
(New) Logins at Managed Instance (Server)-Scope are created

34. T-SQL DDL syntax extension
to support migration for Windows Users & Groups to MI using AAD authentication
ALTER USER [OnPremDomain\WinADUserName] WITH
ALTER USER [OnPremDomain\WinADGroupName] WITH LOGIN=[Domain\AADGroupName]
Role-memberships and permissions will be kept

35. Data Classification & Data Discovery

36. Built-in data classification tools
11/20/ :02 AM
Built-in data classification tools
New classification tool allows you to tag columns stored in a SQL Server database with pre-defined set of GDPR-related labels NEW
Get visibility into your security state and meet compliance standards with SQL Server Vulnerability Assessment
SQL Data Classification Report
SQL Data Discovery and Classification allows you to classify columns in your database that contain sensitive information. You can classify columns by the type of information they contain—names, addresses, social security numbers, and so on—and by the level of sensitivity of the data in the column—including levels such as public, general, confidential, and confidential. You can easily generate reports from the classification you have applied to enable you to meet statutory and regulatory requirements, such as EU GDPR.
Vulnerability assessment— track compliance of your SQL Server instances and Azure SQL Database instances with recognized security best practices. Vulnerability assessment gives you a simple way to proactively monitor and improve your database security posture, and to better comply with data protection regulations such as EU GDPR.
Source:
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

37. 11/20/ :02 AM
Public Preview
SQL Data Classification Discover, classify, protect and track access to sensitive data
Automatic discovery of columns with sensitive data
Add persistent sensitive data labels
Audit and detect access to the sensitive data
Manage labels for your entire Azure tenant using Azure Security Center
SQL Data Classification is a new feature in the Public Preview, that:
Automatically discovers columns containing potentially sensitive data
It provides a simple way to review and apply the classification recommendations through the Azure portal.
The sensitive data labels are persisted in the database (metadata attributes) and it audits and detects access to the sensitive data.
We offer built-in set of labels and information types, however customers can chose to define custom labels across Azure tenant using Azure Security Center
Please note that we also offer data classification for SQL on-premises SQL using the latest SQL Server Management Studio.
In the near future, we will allow managing policy for all your sensitive data ACROSS Azure integrated with MIP for holistic MS data classification story.
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

38. Auditing Sensitive Data Access

39. 11/20/ :02 AM
SQL Vulnerability Assessment Discover, track, and remediate security misconfigurations
Identify security misconfigurations
Actionable remediation steps
Security baseline tuned to your environment
Manual/periodic scans
Coherent reports for auditors 
SQL Vulnerability Assessment provides a visibility into your database security state and allows constant improvements.
In short, it runs a set of security checks that Identify security misconfigurations
It allows setting a security baseline that customize VA results matching your environment.
It provides a clear report which is very helpful for security audits.
We also support SQL Vulnerability Assessment for SQL OnPrem using the latest SQL Server Management Studio.
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

40. Advanced Threat Protection Detect unusual and harmful attempts to breach your database.
11/20/ :02 AM
(2) Possible threat to
access / breach data
Attacker
Detects potential SQL injection attacks
Detects unusual access & data exfiltration activities
Actionable alerts to investigate & remediate
View alerts for your entire Azure tenant using Azure Security Center
User
To summarize what you have seen, SQL Threat Detection allows you to respond to unusual and harmful attempts to breach your database.
1) It is super simple to enable and requires no modifications to your application code.
2) It provides you with a set of world-class algorithms that learn, profile and detect potential SQL injections and unusual behavior patterns.
3) It triggers security alerts upon detection, which include clear description and actionable investigation and remediation steps.
Developer
Apps
Azure SQL Database
Audit Log
Threat Detection
(1) Turn on Threat Detection
(3) Real-time actionable alerts
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

41. Advanced Threat Protection Suite
11/20/ :02 AM
Potential SQL injection attacks
SQLi attempt - An application generated a faulty SQL statement, which may indicate a potential vulnerability of the application to SQL injection.
SQLi attack - Potential exploitation of application code vulnerability to SQL Injection, which may indicate a SQL Injection attack.
Anomalous access patterns
Someone has logged from an unusual location - change in the access pattern from an unusual geographical location
An unfamiliar principal successfully logged- - change in the access pattern using an unusual SQL user.
Someone is attempting to brute force SQL credentials abnormally high number of failed logins with different credentials.
Someone has logged from a potentially harmful application
Anomalous queries patterns
Data exfiltration by volume - someone has extracted anomalous amounts of data in an hour or using a single query
Data exfiltration by location - someone has backup database to an unusual storage location,
Unsecure commands - Someone has executed unsecure commands (e.g. xp_cmdshell…)
SQL Threat Detection triggers the following type of security alerts:
SQL injections - indicates if someone has attempted or succeeded to attacks your database using SQL injection methods
Access anomalies - indicates a change in the access pattern to SQL server in the from of brute force, harmful application, usual location
Queries anomalies - indicates a change in the query pattern to SQL server in the from of usual data exfiltration or suspicious commands
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

42. Working on TDE TDE scan suspend and resume Networking & Connectivity
Audit logging to firewall protected storage (public preview)
Active Directory Authentication
Logins for Azure Server Principals - Azure AD logins (GA)
Seamless Windows user migration (public preview)
Separation of Duties
Ongoing work on permissions
More built-in roles coming
New server roles first to appear in Azure SQL Database to support Monitoring & Troubleshooting
Codenames: ServerStateReader, ServerStateManager, DefinitionReader
RBAC Integration
Integration of Azure RBAC with SQL Data plane to enable seamless permission control from Portal
Input-Opportunity:
This roadmap is for now – June 2019
Global service endpoint
network requirements reduction:
H1 access to internet
H2 Force to use Tunneling (I.e. for security inspection)

43. Learn more Use our free training at https://aka.ms/sqlworkshops
11/20/ :02 AM
Learn more
Use our free training at
Learn from videos and demos at
Download and try it at
What’s new for SQL 2019 documentation
Sign-up for the EAP program at
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

44. Enterprise Grade Security that is Easy-to Use
Defense-in-depth
Trusted: most secure over last 7 years 
Security Management
Vulnerability Assessment  +
SQL Threat Detection
SQL Auditing
Threat Protection
SQL Permissions
VNET
SQL Firewall (server- and database-level)
SQL Authentication
Azure Active Directory Authentication (w/ MFA)
Row-level security 
Identity & Access Management
Encryption-in-flight (Transport Layer Security TLS over TDS)
Encryption-at-rest (Transparent Data Encryption TDE)
Service- or User-managed keys
Backup encryption
Encryption-in-use (Always Encrypted)
Data Masking
Data Discovery and Classification 
Information Protection

45. Azure - The Trusted Cloud
More certifications than any other cloud provider
ISO 27001
ISO 27018
ISO 27017
ISO 22301
SOC 1 Type 2
SOC 2 Type 2
SOC 3
CSA STAR
Self-Assessment
CSA STAR
Certification
CSA STAR
Attestation
GLOBAL
Moderate
JAB P-ATO
High
JAB P-ATO
DoD DISA
SRG Level 2
DoD DISA
SRG Level 4
DoD DISA
SRG Level 5
FIPS 140-2
Section 508 VPAT
ITAR
CJIS SP
IRS 1075
US GOV
CDSA
HIPAA / HITECH Act
PCI DSS
Level 1
FACT UK
MARS-E
FERPA
GLBA
MPAA
Shared
Assessments
FISC Japan
HITRUST
GxP
21 CFR Part 11
IG Toolkit UK
FFIEC
INDUSTRY
China
DJCP EU
Model Clauses UK
G-Cloud
China
GB 18030
China
TRUCS
New Zealand
GCIO
Japan My
Number Act
ENISA
IAF
Japan CS Mark Gold
Spain
ENS
Spain
DPA
Privacy
Shield
Argentina PDPA
Singapore
MTCS
Australia
IRAP/CCSL
Germany IT
Grundschutz
workbook
India
MeitY
Canada
Privacy Laws
REGIONAL