Bài giảng Cơ sở dữ liệu nâng cao Chapter 3 Managing security. Những chủ đề được thảo luận trong chương này gồm có Users, users vs. login, SQL server security, SQL server authentication, securable objects in SQL Server, The fixed serverlevel role,...
1 5/15/17 Chapter Managing Security 5/15/17 Users • Users are database-level principals and are created to access resources within a database • User and Log-in names should match • Users can be added to any one or more of the available database roles 5/15/17 Users vs Login • Logins: • • • • • Be created at the instance level Can be mapped to a Windows user account, a domain account, a Windows group, a domain group, Provide a user access to the SQL Server instance access to one or more databases Do not provide access to the objects contained within the database • Permissions to access database objects are at the database user level 5/15/17 SQL Server security • A user passes through stages of security in SQL Server • • Authentication – validates that a user can connect to a SQL Server instance (Login) Authorization – permissions validation; controls the activities the user is allowed to perform in the SQL Server database (User) 5/15/17 SQL Server authentication • Windows Authentication • • • Windows performs the authentication SQL Server trusts that authentication and provides access to the Windows accounts as configured Windows user and group accounts can be mapped to SQL Server 5/15/17 SQL Server authentication • SQL Server specific logins: • • • • Windows user account is not required Password is passed across the network for authentication • Password is encrypted automatically The primary advantage of this authentication scheme: • SQL Server can authenticate any login no matter how they may have authenticated to the Windows network This option is typically less secure because it gives access to any-one who has the SQL Server password, without regard to his or her Windows identity 5/15/17 SQL Server authentication • Adding a new login • • Create new user in Windows • Once the users exist in the Windows user list or the Windows domain, SQL Server can recognize them Add a new login to SQL Server • • Use SSMS Use T-SQL command 5/15/17 SQL Server authentication • Adding a New Windows Login • Use SSMS 5/15/17 SQL Server authentication • Adding a New Login • Use T-SQL command: CREATE LOGIN [name] {WITH | FROM } • Options: contain many options The most important one is the PASSWORD option (The other possible options are DEFAULT_DATABASE, DEFAULT_LANGUAGE, and CHECK_EXPIRATION.) • Source: • WINDOWS: the login will be mapped to an existing Windows user account • CERTIFICATE: the name of the certificate to be associated with this login • ASYMMETRIC KEY: the name of the asymmetric key to be associated with this login 5/15/17 SQL Server authentication • Ex 1: Create a new SQL Server login for “Mary” USE sample; CREATE LOGIN mary WITH PASSWORD = ‘password'; • Ex 2: Creates a new login for “Bob” on the server USE sample; CREATE LOGIN Bob from Windows; • Remove an existing login: use the DROP LOGIN statement Ex: DROP LOGIN [AughtEight\Bob]; 10 25 5/15/17 Permission • Grant statement GRANT action ON object TO principal WITH {options} • Ex 1: USE master GRANT CREATE ANY DATABASE TO Ted; GO • Ex2: USE Master GRANT CREATE FUNCTION TO mary; 5/15/17 Permission • DENY statement: DENY action ON object TO principal WITH {options} • Ex 1: USE master DENY CREATE TABLE, CREATE PROCEDURE TO Peter GO 26 5/15/17 Permission • Revoke statement: REVOKE action ON object TO principal WITH {options} • Ex 1: USE master REVOKE ALTER ANY LOGIN TO Ted CASCADE; • Ex 2: REVOKE SELECT ON project From PUBLIC 27 5/15/17 Permission – action on server • SELECT • VIEW CHANGE TRACKING • UPDATE • REFERENCES • INSERT • DELETE • EXECUTE • RECEIVE • VIEW DEFINITION • ALTER • TAKE OWNERSHIP • CONTROL 28 5/15/17 29 SQL Server Encryption • A well-designed encryption method: encrypts data using symmetric keys, and encrypts the symmetric keys using asymmetric keys • A certificate is technically an asymmetric key, but there is a standard, X.509, that defines the format for a certificate 30 5/15/17 SQL Server Encryption • Setting Up an Encryption Methodology First, create a fresh database called EncryptionExample CREATE DATABASE [EncryptionExample] Create a login named LowPrivLogin with a password “pw” CREATE LOGIN LowPrivLogin WITH PASSWORD = ‘pw’ Next, grant the login access to the EncryptionExample database USE EncryptionExample CREATE USER LowPrivLogin FOR LOGIN LowPrivLogin 5/15/17 31 SQL Server Encryption • Setting Up an Encryption Methodology Create a table in the dbo schema that you’ll use throughout this example The table will hold fake credit card information Note: the credit card number is stored as a variable binary column because this column is used to store encrypted data CREATE TABLE dbo.CustomerCreditCards (CustomerID INT PRIMARY KEY, CardNumber varbinary(256)) 5/15/17 SQL Server Encryption • Setting Up an Encryption Methodology Create a master key for the database: CREATE MASTER KEY ENCRYPTION BY PASSWORD = ‘EncryptionExampleMasterKey08$’ Next, protect other keys with a certificate CREATE CERTIFICATE [CertSymmetricKey] WITH SUBJECT = ‘User defined subject This key will protect the secret data.’ 32 5/15/17 SQL Server Encryption • Setting Up an Encryption Methodology With the certificate now created, create a symmetric key CREATE SYMMETRIC KEY [SecretSymmetricKey] WITH ALGORITHM = TRIPLE_DES AES_128 Fine too ENCRYPTION BY CERTIFICATE [CertSymmetricKey] 33 5/15/17 SQL Server Encryption • Setting Up an Encryption Methodology With the certificate now created, create a symmetric key CREATE SYMMETRIC KEY [SecretSymmetricKey] WITH ALGORITHM = TRIPLE_DES AES_128 Fine too ENCRYPTION BY CERTIFICATE [CertSymmetricKey] 34 5/15/17 35 SQL Server Encryption • Encrypting the Data First, use the symmetric key that was created earlier by issuing the OPEN SYMMETRIC KEY syntax This key will remain open until your session expires or you issue the CLOSE statement: OPEN SYMMETRIC KEY [SecretSymmetricKey] DECRYPTION BY CERTIFICATE [CertSymmetricKey] 36 5/15/17 SQL Server Encryption • Encrypting the Data Encrypt data DECLARE @Key_Guid AS UNIQUEIDENTIFIER SET @Key_Guid = key_guid( ‘SecretSymmetricKey’) IF( @Key_Guid is not null ) BEGIN INSERT INTO dbo.CustomerCreditCards VALUES ( 1, encryptbykey( @Key_Guid, N‘4111-1234-1234-5678’)) INSERT INTO dbo.CustomerCreditCards VALUES ( 2, encryptbykey( @Key_Guid, N‘4111-9876-7543-2100’)) END ELSE BEGIN PRINT ‘Error retrieving key GUID’ END 37 5/15/17 SQL Server Encryption • Encrypting the Data SELECT * FROM dbo.CustomerCreditCards SELECT CustomerId, convert( NVARCHAR(100), decryptbykey( CardNumber )) as ‘CardNumber’ FROM dbo.CustomerCreditCards GO • • To close the key, use the CLOSE syntax, naming the key that you wish to close: CLOSE SYMMETRIC KEY SecretSymmetricKey 38 5/15/17 SQL Server Audit • • Server Audit can track and log events that occur at the server level or the database level • An Audit object can be created via either Management Studio or T-SQL An Audit object is a collection of one more individual actions or a group of actions to be tracked For instance, you can configure an Audit object to track all failed logins 39 5/15/17 SQL Server Audit • • After creating Audit, the next step is to create the appropriate Audit Specifications An Audit Specification tells an Audit object what to track ... access database objects are at the database user level 4 5/15/17 SQL Server security • A user passes through stages of security in SQL Server • • Authentication – validates that a user can connect... Log-in names should match • Users can be added to any one or more of the available database roles 3 5/15/17 Users vs Login • Logins: • • • • • Be created at the instance level Can be mapped to a... of logins or server principals • • • Windows domain login Windows local login SQL Server login 13 5/15/17 Principal • Windows-level principals • • • Windows Domain Login Windows local login Windows