Start with setting up SQLServer2000 Security Policy

SQLServer is a relational database management system. It was initially developed by three companies, Microsoft Sybase and Ashton-Tate. In 1988, it launched the first OS2 version. After WindowsNT was launched, Microsoft and Sybase in terms of development, Microsoft moved SQLServer to the WindowsNT system.

SQL Server is a relational database management system. It was initially developed by Microsoft Sybase and Ashton-Tate. In 1988, it launched the first OS/2 version. After Windows NT was launched, Microsoft microsoft has separated Sybase from Sybase in the Development of SQL Server. Microsoft has transplanted SQL Server to Windows NT.

SQL Server is a relational management system. It was initially developed by Microsoft Sybase and Ashton-Tate. In 1988, it launched the first OS/2 version. After Windows NT was launched, Microsoft and sybase has separated the development of SQL Server from Microsoft. Microsoft has transplanted SQL Server to the Windows NT System. It focuses on developing and promoting the Windows NT version of SQL Server. Sybase is more focused on the UNIX operating system of SQL Server. in this book, Microsoft SQL Server is referred to as SQL Server or ms SQL Server.

SQL Server 2000 is the latest version of SQL Server database management system released by Microsoft. This version inherits the advantages of SQL Server 7.0 and adds many more advanced functions than SQL Server, which is easy to use and scalable. high degree of integration with related software advantages can be used across a variety of platforms from laptops running Microsoft Windows 98 to large multi-processor running Microsoft Windows 2000.

SQL Server 2000 has four editions: Personal Edition, Standard Edition, Enterprise Edition, and development edition. SQL Server 2008 is the latest version of Microsoft SQL series.

Microsoft has established a flexible and powerful security management mechanism that comprehensively manages the security of user access to the SQL Server system and database. As described in this article, you can create a flexible and manageable security policy for SQL Server 7.0 (or 2000), and its security can withstand the test.

1. Selection of verification methods

This article explains the authentication and authorization concepts differently. Authentication is used to verify the user's identity, and authorization is used to determine what the user is allowed to do. In this article, the authentication process appears when the user logs on to SQL Server, and the authorization process appears when the user attempts to access data or execute commands.

The first step to construct a security policy is to determine which method SQL Server uses to authenticate users. SQL Server verifies that a set of accounts and passwords match a list in the Sysxlogins table of the Master database. Windows NT/2000 authentication requests the domain controller to check the legality of the user identity. Generally, if the server can access the domain controller, we should use Windows NT/2000 for verification. The domain controller can be a Win2K server or an NT server. In either case, SQL Server receives an Access Token ). An access tag is a special list constructed during verification. It contains the user's SID (Security ID) and the SID of a series of user groups. As described later in this article, SQL Server grants access permissions based on these SID. Note: It is not important for the operating system to construct an access tag. SQL Server only uses the SID in the access tag. That is to say, whether you use SQL Server 2000, SQL Server 7.0, Win2K or NT for verification, the results are the same.

If you use SQL Server-verified logon, the biggest advantage is that it is easily implemented through Enterprise Manager. The biggest disadvantage is that SQL Server-verified logon is only valid for a specific Server, that is, it is difficult to manage in a multi-server environment. The second important disadvantage of using SQL Server for verification is that we must manage permissions for each database separately. If a user has the same permission requirements for the two databases, we must manually set the permissions for the two databases or write scripts to set the permissions. If the number of users is small, for example, less than 25, and the permission changes of these users are not frequent, login verified by SQL Server may be applicable. However, in almost all other cases (with some exceptions, such as applications that directly manage security issues), the management burden of this login method will exceed its advantages.