A sql server 2000 hosting posses many layers of security.in its very basic form any user who wants to access the database is required to enter a username and password.there are generally two methods of sql server verification
a.windows: in this method the sql server 2000 hosting program trusts normal windows login to verify any user who has logged in and provides acces to database
b.distinguished: this method the sql server 2005 program itself is responsible for user authorization .most of the time this method is used for internet connection as there is less security in windows method as it can be easily manipulated.moreover we need some kind of role defined access system in enterprises using sql server 2000 hosting or sql server 2005 hosting where users are granted access depending on their role or quota.
the sql server hosting security methods involve defining specific user and then assigning privileges to their account and all such accounts inherit that privileges .
there are type of permissions in sql server 2005 hosting :
a.statement permission: these are permission rules of executing special type of T-SQL commands.
b.Object permission: these are set of rules which control right of user to interact with database directly.
For adding user login in sql server 2000 hosting , roles ,acces rules there are commands available which make it easy to define security levels.
For example command such as
[sp_addlogin -> name,password] will add a new user to sql database
[sp_grantlogin ‘username’] will grant access a windows login account to database
In sql database in sql server 2005 hosting there are lots of commands which provide different security features , GRANT command adds privileges to an security account.the syntax is like GRANT [insert any right here] [username] , the right are of various type as database creation , manipulation, delete etc
There are sp_addrolll command to add a specific roll to user
Similarly one can use sp_dropsrvmember is used to drop a member.
Above these permission can be applied individually to usernames roles and groups,in some cases role has a permission but the rolmember is not granted permission for a specific task .
One can use DENY instead of GRANT statement for denial of permission ,but there is difference between the two , DENY exclusively restricts user ability to access.
If you want to completely remove permission and denial you can use REVOKE statement which does this work .
Using above commands carefully makes the dedicated sql server 2000 hosting and sql server 2005 hosting more secure and less vulnerable to loopholes . thus understanding sql server security level would enable one to configure a stable and secure dedicated sol server.
{ 1 trackback }
{ 0 comments… add one now }