October 2006 - Posts

Anonymous comments are now disabled

Due to the large amount of spam comments that I received over the last weeks, I decided to disable anonymous comments. Read More...

Posted 31 October 06 12:21 by lcris | 0 Comments   
Filed under announcements

SQL Server 2005: Demo for enabling database impersonation for cross database access

There is an excellent article on this topic in Books Online: Extending Database Impersonation by Using Execute As . I just wrote a small demo to illustrate the techniques described in that article. It can be used as a companion to that article, if you're Read More...

Posted 24 October 06 07:23 by lcris | 0 Comments   
Filed under SQL Server - security, SQL Server, computer security

SQL Server 2005: An example for how to use counter signatures

A while ago, I wrote a post showing how signatures can be used to allow users to perform operations without explicitly granting them the permissions required for that operation. In this post I'll present more details about the use of signatures. One important Read More...

Posted 19 October 06 06:27 by lcris | 0 Comments   
Filed under SQL Server - cryptography, SQL Server - security, SQL Server, computer security

Search

This Blog

• Home
• About

Tags

• announcements
• basic SQL Server security concepts
• bing
• computer security
• encryption
• Microsoft products
• search engines
• software engineering
• SQL Server
• SQL Server - cryptography
• SQL Server - general
• SQL Server - security

Archives

• October 2009 (3)
• August 2009 (2)
• July 2009 (1)
• June 2009 (1)
• August 2008 (2)
• June 2008 (1)
• May 2008 (1)
• April 2008 (1)
• March 2008 (1)
• February 2008 (5)
• January 2008 (4)
• November 2007 (2)
• October 2007 (4)
• September 2007 (3)
• July 2007 (1)
• April 2007 (2)
• March 2007 (1)
• February 2007 (2)
• December 2006 (1)
• November 2006 (1)
• October 2006 (3)
• July 2006 (2)
• May 2006 (1)
• April 2006 (2)
• March 2006 (2)
• January 2006 (1)
• December 2005 (5)
• October 2005 (3)
• September 2005 (5)
• July 2005 (1)
• June 2005 (4)

Security related links

• NSA Security Configuration Guides
• Bruce Schneier's blog
• Bruce Schneier's Crypto-Gram newsletter
• RISKS Digest

Software engineering links

• Motley says

SQL Server security links

• Raul Garcia's blog (SQL Server Security)
• SQL Server Security Team blog
• SQL Server Security forum on MSDN
• SQL Injection Watch List

Useful Microsoft links

• Product Feedback site
• Microsoft Technical Forums
• Security Vulnerabilities reporting site
• Security Development Lifecycle blog
• Secure Windows Initiative blog
• Microsoft Security Advisories

Syndication

• RSS 2.0
• Atom 1.0