Skip to main content
SpringerLink
Log in
Apress
Book cover

Securing SQL Server

DBAs Defending the Database

  • Book
  • © 2018

Overview

Authors:
  1. Peter A. Carter

    1. London, UK

    View author publications

    You can also search for this author in PubMed   Google Scholar

  • Promotes compliance with regulatory requirements such as GDPR
  • Teaches counter-measures against common forms of attack
  • Demonstrates how to implement SQL Server’s rich security model

This is a preview of subscription content, log in via an institution to check access.

Access this book

Log in via an institution
eBook USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

Table of contents (14 chapters)

  1. Front Matter

    Pages i-xvii
    Download chapter PDF

  2. Database Security

    1. Front Matter

      Pages 1-1
      Download chapter PDF

    2. Threat Analysis and Compliance

      • Peter A. Carter
      Pages 3-21

    3. SQL Server Security Model

      • Peter A. Carter
      Pages 23-49

    4. SQL Server Audit

      • Peter A. Carter
      Pages 51-76

    5. Data-Level Security

      • Peter A. Carter
      Pages 77-96

    6. Encryption in SQL Server

      • Peter A. Carter
      Pages 97-131

    7. Security Metadata

      • Peter A. Carter
      Pages 133-157

    8. Implementing Service Accounts for Security

      • Peter A. Carter
      Pages 159-174

    9. Protecting Credentials

      • Peter A. Carter
      Pages 175-192

    10. Reducing the Attack Surface

      • Peter A. Carter
      Pages 193-217

  3. Threats and Countermeasures

    1. Front Matter

      Pages 219-219
      Download chapter PDF

    2. SQL Injection

      • Peter A. Carter
      Pages 221-245

    3. Hijacking an Instance

      • Peter A. Carter
      Pages 247-274

    4. Database Backup Theft

      • Peter A. Carter
      Pages 275-306

    5. Code Injection

      • Peter A. Carter
      Pages 307-324

    6. Whole Value Substitution Attacks

      • Peter A. Carter
      Pages 325-339

  4. Back Matter

    Pages 341-349
    Download chapter PDF
Back to top

Keywords

About this book

Protect your data from attack by using SQL Server technologies to implement a defense-in-depth strategy for your database enterprise. This new edition covers threat analysis, common attacks and countermeasures, and provides an introduction to compliance that is useful for meeting regulatory requirements such as the GDPR. The multi-layered approach in this book helps ensure that a single breach does not lead to loss or compromise of confidential, or business sensitive data.


Database professionals in today’s world deal increasingly with repeated data attacks against high-profile organizations and sensitive data. It is more important than ever to keep your company’s data secure. Securing SQL Server demonstrates how developers, administrators and architects can all play their part in the protection of their company’s SQL Server enterprise.


This book not only provides a comprehensive guide to implementing the security model in SQLServer, including coverage of technologies such as Always Encrypted, Dynamic Data Masking, and Row Level Security, but also looks at common forms of attack against databases, such as SQL Injection and backup theft, with clear, concise examples of how to implement countermeasures against these specific scenarios. Most importantly, this book gives practical advice and engaging examples of how to defend your data, and ultimately your job, against attack and compromise.





What You'll Learn
  • Perform threat analysis
  • Implement access level control and data encryption
  • Avoid non-reputability by implementing comprehensive auditing
  • Use security metadata to ensure your security policies are enforced
  • Mitigate the risk of credentials being stolen
  • Put countermeasures in place against common forms of attack




Who This Book Is For


Database administrators who need to understand and counteract the threat of attacks against their company’s data, and useful for SQL developers and architects



Authors and Affiliations

  • London, UK

    Peter A. Carter

About the author

Peter Carter is a SQL Server expert with over 15 years of experience in database development, administration, and platform engineering. He is currently a consultant, based in London, England, UK. Peter has written several books across a variety of SQL Server topics, including security, high availability, automation, administration, and working with complex data types.

Bibliographic Information

Publish with us

Policies and ethics

Back to top

Search

Navigation