Designing SQL Server 2000 Databases for .NET Enterprise Servers

Although data are always considered a priceless asset in most organizations, and protecting data is a high priority, new applications such as electronic commerce, or e-commerce, have opened additional pathways to the vault through public network connections such as the Internet. Even though most organizations remain unscathed by attacks, it is not without significant effort spent planning and implementing security in the organization. By combining server- and file-level security provided by Windows 2000 with SQL Server 2000 s user- and role-level security models and encrypted network communications, you can protect your data, the heart of your organization. SQL Server 2000 offers configurable user and role security levels for database and object access. With features such as replication and database access over the Internet, multiprotocol encryption and SQL Server s new support for SSL can protect your data on the wire. SQL Server 2000 s integration with Windows 2000 Active Directory adds support for Kerberos, context delegation, and centralized management.
This chapter reviews the security architecture of SQL Server 2000 and the available security modes. As you work through the chapter, you will create users and database roles and assign permissions to the database and its objects, such as tables and views. To further secure your server, you will learn the advantages and disadvantages of multiprotocol encryption and SSL support in SQL Server.
SQL Server Security, or any system s security for that matter, is easiest to manage when you start with a plan. You might be tempted to start...