TechEd '04: DAT330 SQL Server 2005 (code named "Yukon"): Security Enhancements
- Endpoints based on transport and protocol
- The security model changes a bit. SQL Brower Service is separated out
and can be stopped without stopping SQL Engine
- Discussion of how the login process works
- Standard SQL Logings
- Enforcement based on strenght, expirations and lockouts
- Follows local NT password policy on Windows 2003 Server only
- Talked about using SSL encryption
- User and Schema Separation
- Principal is essentially the users context, schema is the collection
of objects
- So instead of an user own objects, schemas own objects which can be
owed by a user.
- Not all users need to own a schema. This separation allows for
lower-privledge
- sp_CreateLogin becomes Create Login
- BLUE SCREEN OF DEATH! Oh no!
- Yukon will allow an "impersonation" context for certain activities
Due to the on-going problems with the presentation and depth of the
materials, I'm going to stop gathering notes here and
point
you at this instead.