Mike Young is the co-founder of Softouch Inc. Mike has spent the last sev-
eral years teaching, consulting, and developing training materials about
Microsoft products. Mike has spent the majority of his time over the years
supporting and consulting about Microsoft SQL Server. He has a back-
ground in database administration and is concerned that his clients meet
their expectations for the product. Mike’s primary areas of expertise are
Data Transformation Services (DTS), Analysis Server, and all areas related
to security.
Curtis W. Young is the other co-founder of Softouch Inc. Curtis has a deep
love for training and education. Curtis’ background is on the program-
ming side. He has taught and consulted regarding Visual Basic, Visual
Interdev, Visual C++, and Java. Curtis has spent a significant amount of
time designing and developing applications that use SQL Server as the
back-end database. He receives the most satisfaction from providing sys-
tems solutions to business obstacles.
About the Authors
xxxi
Mike Young
Curtis W.Young
Mastering SQL
Server

2000 Security
Gearhead Press


Mastering SQL
Server

2000 Security

Mike Young
Curtis W.Young
Mastering SQL
Server

2000 Security
Gearhead Press

Publisher: Robert Ipsen
Editor: Ben Ryan
Consulting Editor: Donis Marshall
Managing Editor: Angela Smith
New Media Editor: Brian Snapp
Text Design & Composition: Wiley Composition Services
Designations used by companies to distinguish their products are often claimed as
trademarks. In all instances where Wiley Publishing, Inc., is aware of a claim, the
product names appear in initial capital or all capital letters. Readers, however,
should contact the appropriate companies for more complete information regard-
ing trademarks and registration.
This book is printed on acid-free paper. ∞
Copyright © 2002 by Mike Young, Curtis Young. All rights reserved.
Published by Wiley Publishing, Inc., Indianapolis, Indiana
Published simultaneously in Canada.
No part of this publication may be reproduced, stored in a retrieval system or
transmitted in any form or by any means, electronic, mechanical, photocopying,
recording, scanning or otherwise, except as permitted under Sections 107 or 108
of the 1976 United States Copyright Act, without either the prior written permis-
sion of the Publisher, or authorization through payment of the appropriate per-
copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA

01923, (978) 750-8400, fax (978) 750-4744. Requests to the Publisher for permission
should be addressed to the Legal Department, Wiley Publishing, Inc., 10475
Crosspointe Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4447,
E-mail:
This publication is designed to provide accurate and authoritative information in
regard to the subject matter covered. It is sold with the understanding that the
publisher is not engaged in professional services. If professional advice or other
expert assistance is required, the services of a competent professional person
should be sought.
The Gearhead Press trademark is the exclusive property of Gearhead Group
Corporation.
Library of Congress Cataloging-in-Publication Data:
ISBN: 0-471-21970-3
Wiley also publishes its books in a variety of electronic formats. Some content that
appears in print may not be available in electronic versions. For more information
about Wiley products, visit our web site at www.wiley.com.
Printed in the United States of America.
10 9 8 7 6 5 4 3 2 1
A Note from Gearhead Press
Gearhead Press is dedicated to publishing technical books for experienced
Information Technology professionals—network engineers, developers,
system administrators, and others—who need to update their skills, learn
how to use technology more effectively, or simply want a quality reference
to the latest technology. Gearhead Press emerged from my experience with
professional trainers of engineers and developers: people who truly under-
stand first-hand the needs of working professionals. Gearhead Press
authors are the crème de la crème of industry trainers, working at the com-
panies that define the technology revolution. For this reason, Gearhead
Press authors are regularly in the trenches with the developers and engi-
neers that have changed the world through innovative products. Drawing

from this experience in IT training, our books deliver superior technical
content with a unique perspective that is based on real-world experience.
Now, as an imprint of Wiley Publishing, Inc., Gearhead Press will con-
tinue to bring you, the reader, the level of quality that Wiley has delivered
consistently for nearly 200 years.
Thank you.
Donis Marshall
Founder, Gearhead Press
Consulting Editor, Wiley Publishing, Inc.

Gearhead Press Books in Print
(For complete information about current and upcoming titles, go to
www .wiley.com/compbooks)
Books in the Gearhead Press Point to Point Series
Migrating to Microsoft Exchange 2000 by Stan Reimer
ISBN: 0-471-06116-6
Installing and Configuring Web Servers Using Apache by Melanie Hoag
ISBN: 0-471-07155-2
VoiceXML: 10 Projects to Voice Enable Your Website by Mark Miller
ISBN: 0-471-20737-3
Books in the Gearhead Press In the Trenches Series
Windows 2000 Automated Deployment by Ted Malone and Rolly Perraux
ISBN: 0-471-06114-X
Robust Linux: Assuring High Availability by Iain Campbell
ISBN: 0-471-07040-8
Programming Directory Services for Windows 2000 by Donis Marshall
ISBN: 0-471-15216-1
Programming ADO.NET by Richard Hundhausen and Steven Borg
ISBN: 0-471-20187-1
Designing .NET Web Services Using ADO.NET and XML by Richard

Hundhausen and Steven Borg
ISBN: 0-471-20186-3
Making Win32 Applications Mobile: Porting to Windows CE by Nancy Nicolaisen
ISBN: 0-471-21618-6
Programming Windows CE Wireless Applications by Barry Shilmover and
Derek Ball
ISBN: 0-471-21469-8
Mastering SQL Server 2002 Security by Mike Young and Curtis Young
ISBN: 0-471-21970-3
Microsoft.NET Security Programming by Donis Marshall
ISBN: 0-471-22285-2

Acknowledgments xix
Introduction xxi
About the Authors xxxi
Chapter 1 Introducing SQL Server Security 1
Security Overview 2
Requirements Analysis 2
The Critical Nature of the Data 3
Auditing Requirements 3
Who Will Administer the Server? 4
Access to SQL Server 5
Windows Authentication 5
SQL Server Authentication 6
Accessing Databases on a SQL Server 2000 Instance 7
Permissions to Objects in a SQL Server Database 8
Object Ownership 8
Object Dependencies 9
Installation Security 10
Installation Permissions 10

Installation Parameters 11
Initial Services 13
Application Security Overview 14
Interfacing with SQL Server 14
Application Programming Interfaces 14
Contents
ix
Client Net-Libraries and Authentication 16
Application Design with Security in Mind 16
Views 16
Stored Procedures 17
Application Roles 18
Front-End Application Security 19
Distributed Data Management 19
Data Transformation Services 20
Packages 21
Data Transformation Services Task 22
Data Transformation Services Security Concerns 22
Linked Servers 23
Replication 24
Benefits of Replication 25
When to Use Replication 26
Security Concerns with Replication 26
Analysis Services 27
Online Analytical Processing 27
Data Mining 28
Analysis Services Security 29
Auditing 30
SQL Server Auditing 30
Application Auditing 32

Chapter 2 Designing a Successful Security Model 35
Server Architecture 36
The Production Server 37
The Test Server 38
The Development Server 38
Scripts 39
Administrative Roles 42
Database Administrator Functions 42
Installation and Configuration 42
Security 44
Operations 45
Service-Level Maintenance 46
Database Developer Functions 47
Physical Design Requirements 48
Windows 2000 Versions 49
SQL Server Versions 50
Multiple Instances of SQL Server 51
Application Purpose 53
Online Transaction Processing Systems 53
Online Analytical Processing Systems 54
Batch Processing Systems 54
Overview of Microsoft Clustering Services 55
x Contents
Clustering Defined 55
Cluster Types 56
Clustering Service Advantages 57
Clustering Modes 58
SQL Server Cluster Configuration 59
Planning Your Deployment 59
Setting the Recovery Time 60

Configuring Min Server Memory 60
Installing SQL Server for Clustering 61
Documentation 62
Server Architecture 63
Roles and Responsibilities 63
Physical Implementation 64
Best Practices 65
Chapter 3 Exploring Initial Security Parameters 67
SQL Services Account 68
Using a Local System Account 69
Using a Domain User Account 69
Requirements for Domain User Account 70
Changing User Accounts 71
Installation Security 73
Installation Permissions 74
Locating Files and Folders and Rebuilding Registry Keys 74
Shared Files for All Instances of SQL Server 2000 74
Program and Data Files for the
Default Instance of SQL Server 2000 75
Registering Servers 77
Removing Registered Servers 80
Best Practices 82
Chapter 4 Establishing Login Security 85
Introduction to the Authentication Process 86
Windows Authentication 86
Kerberos Authentication 87
Windows NT LAN Manager Authentication 87
The Authentication Process of a Windows Login 88
SQL Authentication 88
Comparing Windows Authentication with SQL Authentication 89

The Advantages of Windows Authentication 89
Justification of SQL Authentication 90
Configuring Authentication Modes 91
Windows Authentication Mode 92
Mixed Mode Authentication 92
Encryption 93
Local Encryption 93
Network Encryption 94
Contents xi
Impersonation and Delegation 94
Impersonation 94
Delegation 94
Client Account Settings 95
Server Settings 96
Service Principal Name 96
Server Roles 97
Creating Login Accounts 98
Built-In Accounts 98
Creating Windows Login Accounts 99
Windows Authentication Guidelines 99
Managing Windows Authentication Logins 100
Creating SQL Server Login Accounts 102
SysxLogins System Table 103
Database Access 104
Database Users 105
Database Roles 106
Public Role 107
Other Fixed Roles 107
User-Defined Roles 108
Best Practices 110

Chapter 5 Managing Object Security 113
Types of Permissions 114
Object Permissions 114
Statement Permissions 116
Implied Permissions 118
Implementing Permissions 120
Granting Permissions 121
Denying Permissions 121
Revoking Permissions 122
Permission Conflicts 123
Setting Permissions 123
GRANT Permission 125
DENY Permission 126
REVOKE Permission 126
Object Ownership Chains 127
Database Owner Ownership Context 130
Defining Ownership 130
Assumed Ownership 130
Best Practices 131
Chapter 6 Designing Application Security 133
Analyzing System Requirements 134
Protecting Your Tables 135
Stored Procedures 135
Performance 136
xii Contents
Programming Framework 136
Security 137
Views 137
Data Access Strategies 138
Windows Authentication 138

SQL Server Authentication 139
Application Roles 140
Change Management 146
ALTER TABLE Statement 149
ALTER PROCEDURE Statement 150
ALTER VIEW Statement 150
Best Practices 151
Chapter 7 Implementing Front-End Application Security 155
Managing Connections from the Client Tools 156
Client Net-Libraries and Network Protocols 156
Net-Libraries 157
Client Network Utility 159
Server Network Utility 160
Application Connections 161
Connection Security 162
Creating Connections with ODBC 163
Creating a Data Source Name 164
Remote Data Objects 170
Creating Connections with OLE DB 171
Best Practices 173
Chapter 8 Implementing Microsoft’s Enterprise Development Strategy 175
Client/Server Architecture and Terms 176
The Client/Server Model 177
Services and Tiers 177
Two-Tier Client/Server Architecture 178
Three-Tier Client/Server Architecture 180
Application Infrastructure 180
Introduction to Security 182
Security in Two-Tier Applications 182
Security in Three-Tier Applications 182

Security in COM+ 184
Multitier Application Security 185
Implementing Security in COM+ Applications 186
Role-Based Security 187
Declarative Security 191
Configuring Default COM+ Settings 191
Configuring Component Identity 194
Programmatic Security 195
Best Practices 197
Contents xiii
Chapter 9 Introducing the SQL Server Agent Service 201
SQL Server Agent Service Account 202
Jobs, Operators, and Alerts 206
Jobs 206
Defining Alerts 208
Operators 208
Job Security 210
Implementing Jobs 211
Types of Job Steps 211
Permissions and Ownership of Jobs 212
Configuring the Proxy Account 212
Multiple Job Steps and Job Responses 213
Reviewing Jobs and Job History 214
Job Properties 214
Job History Log 215
Setting SQL Server Mail Services 216
Configuring a Messaging (Mail) Profile 217
Setting up SQL Mail 217
Setting Up SQLAgentMail 218
Replication 219

Replication Components 219
Publisher 219
Distributor 219
Subscribers 220
Types of Replication 220
Snapshot Replication 220
Transactional Replication 220
Merge Replication 221
Security Considerations 221
SQL Server Agent Service Configuration 222
Replication Agent Login Security 223
Snapshot Folder Security 225
Location of Snapshot Files 225
Alternative Snapshot Locations 225
Security Mode of the Publisher 226
Publication Access Lists 226
Best Practices 228
Chapter 10 Managing Distributed Data Security 231
Linked Servers 232
Linked Server Overview 232
Reference Objects on Linked Servers 234
Linked Server Security Requirements 235
Log Shipping 237
Security Suggestions 238
Log Shipping Configuration 238
xiv Contents
Changing Log Shipping Roles 245
Secondary Server Maintenance Plan 246
Transfer Logins Package 246
Changing Roles 247

Federated SQL Server 2000 Servers 249
Creating a Partitioned View 250
Updateable Partitioned Views 252
Table Rules 253
Column Rules 253
Partitioning Column Rules 253
Distributed Partition View Rules 254
Data Modification 254
INSERT Statements 255
UPDATE Statements 255
DELETE Statements 256
Security Considerations for Federated Servers 256
Best Practices 257
Chapter 11 Managing Data Transformation Services 259
DTS Packages 260
DTS Connections 261
DTS Tasks 265
DTS Transformations 266
DTS Package Workflow 267
DTS Tools 268
Management Tools 268
Execution Tools 269
dtsrun 269
dtsrunui 270
DTS Security Concerns 271
DTS Package Passwords 271
Package Execution Scheduling 273
Data Link Files 274
Connection Security 275
Best Practices 276

Chapter 12 Exploring Analysis Services Security 279
Analysis Server 280
OLAP Databases 281
Data Mining 282
Microsoft Clustering 282
Microsoft Decision Trees 283
Key Terms 284
Data Warehousing and OLAP 284
Data Warehouse Design 285
Star Schema 286
Fact Table 287
Contents xv
Dimension Tables 288
Introduction to Cubes 289
Cube Storage 291
Cube Processing 293
OLAP Security 294
Administrator Security 294
User Authentication Security 295
Roles 296
Database Roles 296
Cube Roles 298
Dimension and Cell Security 299
Dimension Security 299
Cell Security 301
Best Practices 302
Chapter 13 Managing Current Connections 305
Security Concerns 306
Transaction Log Overview 307
Transaction Log Architecture 309

Logical Archictecture 309
Physical Architecture 310
Write-Ahead Transaction Log 312
Checkpoints 312
SQL Server Recovery Models 313
Full Recovery 314
Bulk-Logged Recovery 314
Simple Recovery 316
Log Maintenance 316
Truncating the Transaction Log 316
Shrinking the Transaction Log 316
Concurrency Architecture 318
Locking Architecture 319
Current Activity 321
Enterprise Manager 321
Stored Procedures 324
Best Practices 325
Chapter 14 Creating an Audit Policy 327
Built-in Auditing Options 328
Server Auditing 328
C2-Mode Auditing 331
SQL Profiler 332
SQL Trace 333
SQL Profiler Utility 333
Audit Log Files 333
Using the SQL Profiler Utility 334
Application Auditing 341
xvi Contents
New Record Tracking 342
Modification Tracking 344

The User Who Made the Most Recent Modification 344
The User Who Made the Most Recent Modification
Is Stored with the Creator of the Record 345
All Modifications Are Stored 345
Deletion Tracking 347
Best Practices 348
Chapter 15 Managing Internet Security 351
Overview of Internet Integration Features of SQL Server 2000 352
Integration with Other Products 352
SQL Server Engine Enhancements 353
Connections to SQL Server from the Internet 355
A Direct Connection to SQL Server 355
Client Tools 356
A Connection through OLE DB 359
Connections through Firewalls and Proxy Servers 360
Using a Firewall System with SQL Server 360
Connections to SQL Server through a Proxy Server 361
Reverse-Publishing with a Proxy Server 362
Connecting to SQL Server through a Web Server 363
Using Active Data Objects with Active Server Pages 364
Using Java Database Connectivity to Access SQL Server 366
Using the Web Assistant Wizard 367
Best Practices 368
Appendix A XML for SQL Server 2000 371
Introduction to XML and SQL Server 371
Configuring SQL Server Support in
Internet Information Server 373
Accessing SQL Server Using HTTP 377
Using the FOR XML Clause to Retrieve Data 380
RAW, AUTO, and EXPLICIT Modes 380

RAW Mode 380
AUTO Mode 381
EXPLICIT Mode 381
Optional Keywords with FOR XML Clause 382
Best Practices 383
Appendix B Third-Party SQL Server Security Management Tools 385
Omni Audit 386
OmniAudit and SQL Server 386
Getting Started 387
More Information 391
Lumigent Log Explorer 392
Getting Started 392
Contents xvii
More Information 394
Best Practices 394
Appendix C Answers to Review Questions 395
Chapter 1: Introducing SQL Server Security 395
Chapter 2: Designing a Successful Security Model 397
Chapter 3: Exploring Initial Security Parameters 398
Chapter 4: Establishing Login Security 399
Chapter 5: Managing Object Security 401
Chapter 6: Designing Application Security 402
Chapter 7: Implementing Front-End
Application Security 403
Chapter 8: Understanding Microsoft’s
Enterprise Development Strategy 403
Chapter 9: Introducing the SQL Server
Agent Service 405
Chapter 10: Managing Distributed Data Security 406
Chapter 11: Managing Data Transformation Services 408

Chapter 12: Exploring Analysis Services Security 408
Chapter 13: Managing Current Connections 410
Chapter 14: Creating an Audit Policy 411
Chapter 15: Managing Internet Security 413
Index 415
xviii Contents
xix
This book was only made possible by the dedication and patience of sev-
eral individuals. First has been the work of J.W. Olsen as editor. Jerry has
been very patient and informative as we struggled to learn the nuances of
writing and publishing this book. He has also made up for our lack of writ-
ing skills to help us create a book worthy of publishing. We would also like
to acknowledge and thank the entire staff at Gearhead Press and Wiley
Publishing, Inc., particularly Donis Marshall, for giving us the support
necessary to get this book off the ground.
Finally and most importantly, we want to acknowledge the employees of
Softouch, who have had to put up with our constant discussions pertaining
to this publication. Without their support and ability to fill in where neces-
sary, this book would never have become a reality.
Acknowledgments

Over the past several years I have developed an interest in security and the
protection of data. Several tools and books are available that introduce
security, but there is no comprehensive SQL Server security manual. This
book is written out of a desire to see that type of a reference available to all
administrators and developers of SQL Server.
As a reader of this book, your feedback is highly useful. If you have any
suggestions or have had personal experiences that are not addressed by
this book, I would appreciate your comments to help ensure that I can
include them in an updated version. Any comments or suggestions can be

sent to
Throughout this book you will be introduced to the security concerns
related to SQL Server. In working with the product over the years, I have
come to realize that managing security is as much about what you can’t do
as it is about what you can do. You need to know the features and the lim-
itations of the product. Through an understanding of the limitations, you
can account for these items in some other manner. SQL Server security, if
designed and implemented correctly, is easy to manage and troubleshoot.
Overview of This Book and Technology
Microsoft SQL Server 2000 is continuing to grow in market share. Microsoft
has positioned it as a robust, fast, easy-to-use relational database management
Introduction
xxi