Migrating data to the cloud is a major focus of the current discussion. You can quickly run an instance of SQL Server in Microsoft's SQL Azure cloud database and quickly load data for data analysis applications such as a new transactional application or report. However, migrating data to SQL Azure or Amazon EC2 requires great care. Protecting data in the SQL Server cloud is important because you don't want to expose customer data to unrelated people. SQL Azure Data Protection Azure Firewall first remember to start using SQL Azure instead of opening the database to the outside world. By default, SQL Azure's database can only be accessed by Microsoft's internal Azure server. For an instance of connecting directly to SQL Azure, configure your SQL Azure firewall to allow the IP addresses of your home or office to be connected. Log in to Windows Azure's management portal, and you should be able to see your SQL Azure subscription under the Subscription tab, as shown in Figure 1. 498) this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' height= ' 359 "alt=" "width=" 536 "border=" 0 "src=" http ://images.51cto.com/files/uploadimg/20110524/1022420.jpg "/> Figure 1 shows Windows Azure's subscription and firewall Rule selection Server" Fz9fnjspok ", From the subscription menu, you can see the Firewall Rules button on the right side of Figure 1. Click on it and you can view and edit the firewall rules for the SQL Azure instance. As shown in Figure 2, there are only two firewall rules in this case. Best practices think you should use as few firewall rules as possible. If later you have activities such as you need to add a rule in a meeting or vacation, delete it when it is finished. This will help prevent unauthorized people from breaking into an instance of SQL Azure, which can be very dangerous even for a short time. 498) this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' height= ' 364 "alt=" "width=" 529 "border=" 0 "src=" http ://images.51cto.com/files/uploadimg/20110524/1022421.jpg "/> The firewall rules on this instance of SQL Azure 2. Object-level permissions in addition to protecting your firewall for instances of SQL Azure, you want them to follow best practices that give users or logins the fewest privileges to complete their work. Current client tools are not easy to do this when connecting to SQL Azure's database, SQL Server Management Studio does not have a user interface to modify permissions. SQL Azure does not support database roles and object-level permissions, so the configuration account, the application consumer, connects the SQL Azure database with the least possible minimum permissions. This gives users no access to objects they don't need, which is what you do in a traditional SQL Server database instance. SQL injection and Azure hosted applications with Azure are just as vulnerable to SQL injection attacks as a traditional Web application. This data returned to the end-user browser should not be trusted, and all database calls should be set to parameterized (rather than string concatenation within the application). If you are using an object-relational mapping (ORM) Entity Framework (EF) to write your application code, ORM will parameterize the database call for you. However, if you are not using ORM, the application's parameterization of database calls must be "editorial recommendation" How to look at cloud security issues? Rising "The Best Technology Innovation Award" "Cloud Security" leading the future direction focus on the next generation of firewall Barracuda full layout "cloud security" cloud security services: WAF and DDoS attack prevention concerns about cloud security just a cloud? "Responsible editor: Chen Bowen TEL: (010) 68476606" Original: Cloud Data security: SQL Azure Data Protection return to network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.