MSDN Documentation

SQL Server Database Engine Security Architecture

The security architecture of the SQL Server Database Engine is a multi-layered system designed to protect your data from unauthorized access, modification, and disclosure. It encompasses authentication, authorization, encryption, auditing, and threat detection mechanisms.

Core Security Concepts

• Authentication: Verifies the identity of users or applications attempting to connect to SQL Server.
• Authorization: Determines what actions an authenticated user or application is permitted to perform within SQL Server.
• Auditing: Records security-relevant events, such as logins, logouts, and data modifications, for compliance and forensic analysis.
• Encryption: Protects sensitive data both in transit and at rest.

Authentication Methods

SQL Server supports several authentication methods:

• Windows Authentication: Leverages Windows user accounts and groups for authentication. This is the recommended method for most environments as it centralizes security management.

  -- Example: Granting access to a Windows group
  USE master;
  CREATE LOGIN [DOMAIN\GroupName] FROM WINDOWS WITH DEFAULT_DATABASE=[master];
  GO

• SQL Server Authentication: Uses login IDs and passwords managed directly by SQL Server. Requires careful password management and robust policies.

  -- Example: Creating a SQL Server login
  USE master;
  CREATE LOGIN [new_admin_login] WITH PASSWORD = 'ComplexPassword123!';
  GO

• Active Directory Certificate Authentication: Uses X.509 certificates for authentication.

Authorization and Permissions

Authorization is managed through a combination of server-level and database-level principals (logins and users) and their associated permissions. Permissions can be granted at various granularities:

• Server-level Permissions: Control access to server-wide objects and actions (e.g., `CREATE LOGIN`, `ALTER ANY DATABASE`).
• Database-level Permissions: Control access to objects within a specific database (e.g., `SELECT`, `INSERT`, `UPDATE`, `DELETE` on tables).
• Schema-level Permissions: Control access to schemas.
• Object-level Permissions: Control access to specific tables, views, stored procedures, etc.

Roles, both built-in and custom, are used to simplify permission management by grouping users with similar access requirements.

Security Features for Data Protection

• Always Encrypted: Protects sensitive data in transit from the client to SQL Server and at rest within SQL Server. The data is always encrypted in the database.
• Transparent Data Encryption (TDE): Encrypts data and log files at rest. The encryption is transparent to applications.

  -- Example: Enabling TDE on a database
  ALTER DATABASE MyDatabase
  SET ENCRYPTION = ON;
  GO

• Dynamic Data Masking: Limits sensitive data exposure by transforming it to non-sensitive formats for non-privileged users.
• Row-Level Security (RLS): Implements constraints on rows in a table to ensure that only authorized users can access specific rows.

Auditing and Monitoring

SQL Server Audit provides comprehensive auditing capabilities, allowing you to track events and create audit trails for compliance and security analysis. You can configure server audits and database audits to capture specific actions.

Best Practice: Regularly review audit logs and security configurations to identify and address potential vulnerabilities.

For detailed information on implementing and managing these security features, refer to the official Microsoft documentation.