Friday, February 24, 2012


Hi Guys,

Today i wanna share an interesting topic called security in SQL SERVER.

At present in the web security plays a very major important role because to secure the confidential information from the threat of hackers as on the same way SQL SERVER also providing the great security feature called logins and users.

In general SQL SERVER having two types of authentication
  1. windows level authentication
  2. SQL level authentication
In the windows level authentication no need of providing any password to the sql server to connect,directly we can access the sql server by using the windows level credentials.where as in the SQL level authentication we must have to provide the password to get connect to the sql server.In this scenario sql server never use the default credentials user defined credentials are must.

The default LOGIN for sql server is [DBO]
He can access any databases and also having all the privileges to work on sql server.He was allowed to perform some interesting operation called creating the login and specifying the privileges.

In the server level we do have roles for specific privileges to Logins.
  • sysadmin:Any type of operation on entire application
  • server admin:Any operations on entire server.
  • security admin:Provide permissions/access to other logins and users.
  • process admin: Deal with spid s , processes and system-level session audits.
  • bulk admin: Can make any Bulk operations like copy,import and export and select into
  • disk admin: Can perform any disk level operations.
  • db creator:can make any operations DDL statements.
  • public: Having the limited access to the server like METADATA.
That s all the security for Server level.

We do have one more security concept for database users. Followed on Next blog.

Thanks guys hope u got the basic idea about sql server security.

No comments: