Changes in SQL Server 2005 help make SQL Server more secure and security more approachable for the developer and the administrator. An entire new set of security requirements when hosting .NET code inside SQL Server are addressed by using traditional role-based security combined with .NET hosting API and attribute-based security. Classic SQL security is improved by separating users from schemas and integrating password management with Windows 2003 Server. And the security of SQL Server in general is enhanced by having options turned off by default.

Learn all about it in Chapter 6, 'Security,' from Bob Beauchemin, Niels Berglund and Dan Sullivan's book "A First Look at Microsoft SQL Server 2005 for Developers" with this series of book excerpts, courtesy of Addison-Wesley.

Chapter 6 excerpts: 'Security'

1. New security features in SQL Server 2005
2. Optional features are turned off by default
3. A quick review of SQL Server security concepts with enhancements
4. SQL Server password policies and credentials
5. Separation of users and schemas
6. Specifying execution context for procedural code
7. SQL Server permissions and new objects
8. Assembly permissions -- Who can catalog and use an assembly?
9. Permissions, visibility, UDTs and user-defined aggregates
10. What can .NET code do from within SQL Server: Safety levels

To download the complete chapter, click for the .pdf.

About the book

Written by authors Bob Beauchemin, Niels Berglund and Dan Sullivan, this book describes the new technologies being added to SQL Server 2005, the problems they are intended to solve and the entirely new data models they represent. Topics include the service broker, transact-SQL enhancements, security features, .NET-based procedures, functions and user-defined types, built-in XML data type and queries, and Web services.

Click here to return to the SearchWindowsSecurity.com Book Excerpts Library.