SQL Server安全选项 [英] SQL Server Security Options

问题描述

Hai Friends，

我使用Sql Server 2005，我想从其他用户保护我的数据库.我更改了服务器验证模式"SQL Server和Windows身份验证模式"，并配置了用户"sa"，但我不知道设置权限和设置用户的规则，任何主体帮助SQL Server的最佳安全方法?

谢谢adv

Hai Friends,

Iam using Sql Server 2005, I want to secure my database from other users.I changed the Server Othentication Mode "SQL Server And Windows Authentication Mode" and configure the user "sa" i dont know set permissions and rules to set users , any body help best security methods of sql server ?

Thanks adv

推荐答案

希望此链接有所帮助
SQL Server中的安全性和管理

Hope this links help
Security and Administration in SQL Server

含义

所有权与模式的分离具有重要意义:

模式和模式拥有的对象的所有权是可转让的.这是使用ALTER AUTHORIZATION命令完成的.
可以在模式之间移动对象.这是使用ALTER SCHEMA命令完成的.
从SQL Server 2005开始，Microsoft引入了数据库架构的概念.模式现在是一个独立的实体-与创建那些对象的用户不同的对象容器.以前，用户"和数据库对象所有者"这两个术语是同一件事，但现在两者是分开的.

单个模式可以包含多个数据库用户拥有的对象.
多个数据库用户可以共享一个默认模式.
与早期版本相比，可以更精确地管理模式和包含模式的对象的权限.这是通过使用架构GRANT权限对象GRANT权限来实现的.
模式可以由任何数据库主体拥有.这包括角色和应用程序角色.
可以删除数据库用户而无需在相应的架构中删除对象.
如果代码假定架构与数据库用户等效，则为SQL Server的早期版本编写的代码可能会返回错误的结果.
为早期版本的SQL Server设计的目录视图可能返回错误的结果.这包括sysobjects.
对象访问和操作现在变得更加复杂，并且更加安全，因为它们涉及了附加的安全层.

使用架构的优势

除了具有现在可以独立于用户操作对象的明显好处之外，使用模式还具有以下优点:

在一个物理数据库中管理逻辑实体:模式通过允许将数据库对象或实体逻辑分组在一起，提供了简化安全性，备份和还原以及数据库管理的机会.在那些对象经常被应用程序作为一个单元使用的情况下，这是特别有利的.例如，酒店管理系统可以细分为以下逻辑实体或模块:房间，酒吧/餐厅和厨房用品.这些实体可以存储为三个单独的物理数据库.但是，使用模式，可以将它们组合为一个物理数据库中的三个逻辑实体.这降低了管理三个独立数据库的管理复杂性.架构有助于相互独立地管理逻辑实体，但仍然允许对象在需要时一起工作.

请参考此链接以获取架构:< a href ="http://msdn.microsoft.com/en-us/library/ms189462.aspx"> http://msdn.microsoft.com/en-us/library /ms189462.aspx</a>[<a href ="http://msdn.microsoft.com/zh-cn/library/ms189462.aspx" target ="_ blank" title ="New Window"> ^< ;/a>]

Implications

The separation of ownership from schemas has important implications:

Ownership of schemas and schema-owned objects is transferable. This is accomplished using the ALTER AUTHORIZATION command.
Objects can be moved between schemas. This is accomplished using the ALTER SCHEMA command.
Beginning with SQL Server 2005, Microsoft introduced the concept of database schemas. A schema is now an independent entity- a container of objects distinct from the user who created those objects. Previously, the terms ‘user’ and ‘database object owner’ meant one and the same thing, but now the two are separate.

A single schema can contain objects owned by multiple database users.
Multiple database users can share a single default schema.
Permissions on schemas and schema-contained objects can be managed with greater precision than in earlier releases. This is accomplished using schema GRANT permissions object GRANT permissions.
A schema can be owned by any database principal. This includes roles and application roles.
A database user can be dropped without dropping objects in a corresponding schema.
Code written for earlier releases of SQL Server may return incorrect results, if the code assumes that schemas are equivalent to database users.
Catalog views designed for earlier releases of SQL Server may return incorrect results. This includes sysobjects.
Object access and manipulation are now more complex as well as more secure since they involve an additional layer of security.

Advantages of using schemas

Apart from the obvious benefit that objects can now be manipulated independently of users, usage of schemas also offers the following advantages:

Managing logical entities in one physical database: Schemas provide the opportunity to simplify administration of security, backup and restore, and database management by allowing database objects, or entities, to be logically grouped together. This is especially advantageous in situations where those objects are often utilized as a unit by applications. For example, a hotel-management system may be broken down into the following logical entities or modules: Rooms, Bar/Restaurant, and Kitchen Supplies. These entities can be stored as three separate physical databases. Using schemas however, they can be combined as three logical entities in one physical database. This reduces the administrative complexity of managing three separate databases. Schemas help to manage the logical entities separately from one another, but still allow objects to work together where required.

Please Refer this link for Schema:<a href="http://msdn.microsoft.com/en-us/library/ms189462.aspx">http://msdn.microsoft.com/en-us/library/ms189462.aspx</a>[<a href="http://msdn.microsoft.com/en-us/library/ms189462.aspx" target="_blank" title="New Window">^</a>]

这篇关于SQL Server安全选项的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！