Geeks With Blogs
Sasha Krsmanovic Canadian Developer Community Update

Today we finished our 4th web cast, and we topped 1000 attendees for the series so far. Another stellar performance by Dan Sellers. Boelow are some questions I captured.

The recording will be available at http://msdn.microsoft.com/canada/securityonthebrain/ tomorrow.

 

Question: What is SSB?

Answer: SQL Sever Service Broker

Question: Can any user execute as another user?

Answer: No, if they are not a sysadmin they need to be granted impersonation on the user who they are executing as

Question: HOw did you get to the web interface for the Surface Area config

Answer: That was not a web interface, that is Win32 app. All options are available via SMO so you could write a web interface and manage these

Question: Will the Encryption Support Slide and explanation be available for further "study"?

Answer: Yes you will be able to download the powerpoint at the end of the presentation.

Question: How can I encrypt/decrypt implementation of stored procedures/views/triggers maybe?

Answer: Take a look at our developers blog entry on encrypting stored procedures. http://blogs.msdn.com/lcris/archive/2005/06/15/429631.aspx

Question: where are all those certs stored?

Answer: They are stored in the database

Question: Is there a significant decrease in performance when using encrypted data?

Answer: Depends on two things, the algorithm you use to encrypt/decrypt and how large the data you are encrypting/decrypting. A 100 byte text string is a lot quicker than a 1 MB varbinary

Question: How to protect database from being stolen, restore of backup file or detach and attach database files from unauthorized person, including system administrators?

Answer: We are looking into exposing functions to sign the database.

Question: How do you recover data where the key might be lost (like a forgotten password)?

Answer: If you encrypted using the database master key or server master key you should be able to decrypt it. If you did not, I am not sure of the solution.

Question: Does SQL Server 2005 support row level security similar to Oracle label security?

Answer: Check out this whitepaper on row level security in SQL2K5: http://www.microsoft.com/technet/prodtechnol/sql/2005/multisec.mspx

Question: If we encrypt one data column, and would like to use the column in the where clause for filtering data, how bad the decryption process is going to impact my query performance?

Answer: Check out http://blogs.msdn.com/lcris/archive/2005/12/22/506931.aspx

Question: is there other row-level security you have w/o using encrypting the data

Answer: We have a whitepaper that describes how to do row level security functionality in SQL2K5: http://www.microsoft.com/technet/prodtechnol/sql/2005/multisec.mspx

Posted on Wednesday, March 22, 2006 11:57 AM | Back to top


Comments on this post: Security on the Brain Web cast series - we have over 1000 attendees so far

No comments posted yet.
Your comment:
 (will show your gravatar)


Copyright © Sasha Krsmanovic | Powered by: GeeksWithBlogs.net