SQL Server扫盲系列——安全性专题——SQL Server 2012 Security Cookbook
2014-07-17 15:08
399 查看
由于工作需要,最近研究这本书:《Microsoft SQL Server 2012 Security Cookbook》,为了总结及分享给有需要的人,所以把译文公布。预计每周最少3篇。如有兴趣可自行下载英文原版。本系列不保证完全一致。
免责声明:
请尊重原创,本系列文章为翻译,但是并不直译,会根据自己理解适当增删,而且截图也并不直接拿来用。任何人不得把译文用于商业用途。不得在转载过程中作为原创形式发布,否则本人将委托CSDN追究法律责任。
本文只列出目录,对应文章请点击标题链接,已写完的文章会有超链接,没超链接的代表未完成:
Managing service SIDs (管理服务的SIDs)
Using a managed service account (使用托管服务帐号)
Using a virtual service account (使用虚拟服务帐号)
Encrypting the session with SSL (使用SSL加密会话)
Configuring a firewall for SQL Server access (为SQL Server访问配置防火墙)
Disabling SQL Server Browser (禁用SQL Server Browser)
Stopping unused services (停止未使用的服务)
Using Kerberos for authentication (使用Kerberos用于身份验证)
Using extended protection to prevent authentication relay attacks (使用扩展保护避免授权中继攻击)
Using transparent database encryption (使用透明数据库加密)
Securing linked server access (保护链接服务器)
Configuring endpoint security (配置端点安全性)
Limiting functionalities – xp_cmdshell and OPENROWSET (限制功能——xp_cmdshell 和OPENROWSET)
Creating logins (创建登录帐号)
Protecting your server against brute-force attacks (保护服务器避免暴力攻击)
Limiting administrative permissions of the SA account (限制sa帐号的管理权限)
Using fixed server roles (使用固定服务器角色)
Giving granular server privileges (服务器权限授予粒度)
Creating and using user-defined server roles (创建和使用用户自定义服务器角色)
Creating database users and mapping them to logins (创建映射到登录名的数据库用户)
Preventing logins and users to see metadata (防止登录名和用户查看元数据)
Creating a contained database (创建包含数据库)
Correcting user to login mapping errors on restored databases (在已还原的数据库中修正登录映射错误)
Assigning column-level permissions (分配列级权限)
Creating and using database roles (创建和使用数据库角色)
Creating and using application roles (创建和使用应用程序角色)
Using schemas for security
Managing object ownership
Protecting data through views and stored procedures
Configuring cross-database security
Managing execution-plan visibility
Using EXECUTE AS to change the user context
Creating and using symmetric encryption keys
Creating and using asymmetric keys
Creating and using certificates
Encrypting data with symmetric keys
Encrypting data with asymmetric keys and certificates
Creating and storing hash values
Signing your data
Authenticating stored procedure by signature
Using module signatures to replace cross-database ownership chaining
Encrypting SQL code objects
Protecting SQL Server against Denial of Service
Protecting SQL Server against SQL injection
Securing dynamic SQL from injections
Using a SQL firewall or Web Application Firewall
Allowing users to create and run their own SQL Agent jobs
Creating SQL Agent proxies
Setting up transport security for Service Broker
Setting up dialog security for Service Broker
Securing replication
Securing SQL Server Database Mirroring and AlwaysOn
Using DML trigger for auditing data modification
Using DDL triggers for auditing structure modification
Configuring SQL Server auditing
Auditing and tracing user-configurable events
Configuring and using Common Criteria Compliance
Using System Center Advisor to analyze your instances
Using the SQL Server Best Practice Analyzer
Using Policy Based Management
Managing Analysis Services HTTP client authentication
Securing Analysis Services access to SQL Server
Using Role-Based Security in Analysis Services
Securing Reporting Services Server
Managing permissions in Reporting Services with roles
Defining access to data sources in reporting services
Managing Integration Services password encryption
本系列文章属于《SQL Server扫盲系列》,转载请引用 http://blog.csdn.net/dba_huangzj/article/details/19118121
免责声明:
请尊重原创,本系列文章为翻译,但是并不直译,会根据自己理解适当增删,而且截图也并不直接拿来用。任何人不得把译文用于商业用途。不得在转载过程中作为原创形式发布,否则本人将委托CSDN追究法律责任。
本文只列出目录,对应文章请点击标题链接,已写完的文章会有超链接,没超链接的代表未完成:
Chapter 1: Securing Your Server and Network
Choosing an account for running SQL Server (选择SQL Server运行账号)Managing service SIDs (管理服务的SIDs)
Using a managed service account (使用托管服务帐号)
Using a virtual service account (使用虚拟服务帐号)
Encrypting the session with SSL (使用SSL加密会话)
Configuring a firewall for SQL Server access (为SQL Server访问配置防火墙)
Disabling SQL Server Browser (禁用SQL Server Browser)
Stopping unused services (停止未使用的服务)
Using Kerberos for authentication (使用Kerberos用于身份验证)
Using extended protection to prevent authentication relay attacks (使用扩展保护避免授权中继攻击)
Using transparent database encryption (使用透明数据库加密)
Securing linked server access (保护链接服务器)
Configuring endpoint security (配置端点安全性)
Limiting functionalities – xp_cmdshell and OPENROWSET (限制功能——xp_cmdshell 和OPENROWSET)
Chapter 2: User Authentication, Authorization, and Security
Choosing between Windows and SQL authentication (选择Windows和SQL 身份验证)Creating logins (创建登录帐号)
Protecting your server against brute-force attacks (保护服务器避免暴力攻击)
Limiting administrative permissions of the SA account (限制sa帐号的管理权限)
Using fixed server roles (使用固定服务器角色)
Giving granular server privileges (服务器权限授予粒度)
Creating and using user-defined server roles (创建和使用用户自定义服务器角色)
Creating database users and mapping them to logins (创建映射到登录名的数据库用户)
Preventing logins and users to see metadata (防止登录名和用户查看元数据)
Creating a contained database (创建包含数据库)
Correcting user to login mapping errors on restored databases (在已还原的数据库中修正登录映射错误)
Chapter 3: Protecting the Data
Understanding permissions (理解权限)Assigning column-level permissions (分配列级权限)
Creating and using database roles (创建和使用数据库角色)
Creating and using application roles (创建和使用应用程序角色)
Using schemas for security
Managing object ownership
Protecting data through views and stored procedures
Configuring cross-database security
Managing execution-plan visibility
Using EXECUTE AS to change the user context
Chapter 4: Code and Data Encryption
Using service and database master keysCreating and using symmetric encryption keys
Creating and using asymmetric keys
Creating and using certificates
Encrypting data with symmetric keys
Encrypting data with asymmetric keys and certificates
Creating and storing hash values
Signing your data
Authenticating stored procedure by signature
Using module signatures to replace cross-database ownership chaining
Encrypting SQL code objects
Chapter 5: Fighting Attacks and Injection
Defining Code Access Security for .NET modulesProtecting SQL Server against Denial of Service
Protecting SQL Server against SQL injection
Securing dynamic SQL from injections
Using a SQL firewall or Web Application Firewall
Chapter 6: Securing Tools and High Availability
Choosing the right account for SQL AgentAllowing users to create and run their own SQL Agent jobs
Creating SQL Agent proxies
Setting up transport security for Service Broker
Setting up dialog security for Service Broker
Securing replication
Securing SQL Server Database Mirroring and AlwaysOn
Chapter 7: Auditing
Using the profiler to audit SQL Server accessUsing DML trigger for auditing data modification
Using DDL triggers for auditing structure modification
Configuring SQL Server auditing
Auditing and tracing user-configurable events
Configuring and using Common Criteria Compliance
Using System Center Advisor to analyze your instances
Using the SQL Server Best Practice Analyzer
Using Policy Based Management
Chapter 8: Securing Business Intelligence
Configuring Analysis Services accessManaging Analysis Services HTTP client authentication
Securing Analysis Services access to SQL Server
Using Role-Based Security in Analysis Services
Securing Reporting Services Server
Managing permissions in Reporting Services with roles
Defining access to data sources in reporting services
Managing Integration Services password encryption
本系列文章属于《SQL Server扫盲系列》,转载请引用 http://blog.csdn.net/dba_huangzj/article/details/19118121
相关文章推荐
- SQL Server扫盲系列——安全性专题——SQL Server 2012 Security Cookbook
- SQL Server扫盲系列——安全性专题——SQL Server 2012 Security Cookbook
- rsync - Linux Security Cookbook - Recipe 1.6 Remote Integrity Checking
- Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast
- 微软BI 之SSAS 系列 - 在 SQL Server 2012 下查看 SSAS 分析服务的模型以及几个模型的简单介绍
- SCCM 2012 R2 实战系列之一:安装SQL Server
- Windows Server 2003 Security Cookbook
- SQL Server 2008 R2 安全性专题(一):安全原则
- SQL Server 2012 系列简介
- SCCM2012系列之四,SCCM2012部署前的SQL Server准备
- Yii框架官方指南系列51——专题:安全措施 (Security)
- ANDROID Porting系列三、Build Cookbook
- 2012数据中心建设安全性与可靠性专题座谈会
- AQA(www.AutomationQA.com)开始连载《Web Security Testing Cookbook》学习笔记
- SQL Server 2012安全性:功能更新
- rsync - Linux Security Cookbook - Recipe 6.3 Copying Files Remotely
- 《Web Security Testing Cookbook》学习笔记
- SQL Server 2008 R2 安全性专题(一):安全原则
- Nginx 1 Web Server Implementation Cookbook系列--(1)debug mode