Tuesday, August 23, 2011

Row/Cell Level Security for SQL Server 2008 and you (without expensive add-on's too)

Public Sector Developer Weblog - Row Level Security for SQL Server 2008

"An important challenge for some public sector developers is providing label-based row level security in database-centric applications. Such systems require that classified and/or compartmented data be tagged with security labels and that access to data at the row level be mediated by the DBMS based on the permissions of the end user. These requirements are especially common in military and other security-related
customer environments.

Implementing row level security based on security labels is possible in SQL Server 2008 – but you won’t need separately priced add-on to do it. A revised whitepaper has just been released by Microsoft detailing a design framework for row (and cell) level security in SQL Server. This whitepaper is accompanied by a free toolkit on Codeplex, which provides a robust code-gen tool for implementing the framework based on your needs, as well as samples and additional documentation. Both the whitepaper and the toolkit are revisions to original versions released a few years back (on this very blog). The new version incorporates lessons learned and streamlines some complex scenarios. It also removes the requirement to use the SQLCLR - which was an obstacle in some cases – and includes full source for the toolkit.

Whitepaper: Implementing Row and Cell Level Security in Classified Databases

..." [GD:Post Leach Level: 99.9%]

Here's a snap of the 46 page Docx;

image

If you're looking to implement cell/row level security in SQL Server 2008, this article and associated free toolkit might be what you're looking for...

 

Related Past Post XRef:
Implementing Row- and Cell-Level Security in Classified Databases Using SQL Server 2005

7 comments:

TEger said...

Document can't be loaded from Microsoft. Give a worked link to you copy of this document, please..

Greg said...

Yep it's gone and unfortunately since it's not content I control, there's not much I can do to fix it.

That said, I do have a copy of it, but since it's not mine to redistribute I'm leery of sharing it (maybe there's a reason it's offline, etc)...

There's already a comment on the original post noting the same thing (that the doc is gone) and I've just emailed the author, via the "Email Post Author" link on the blog, about the broken link.

Best bet would be to keep an eye on that post and see if they can fix it...

Thanks

Neurmon01 said...

You can find the document here: http://download.microsoft.com/download/4/7/a/47a548b9-249e-484c-abd7-29f31282b04d/RowCellLvlSecSQL.doc

Greg said...

@Neurmon01: That's the 2005 version of the document. The one that's missing was updated for SQL Server 2008...

Anonymous said...

I think this document is not secret.. Some web-master may kill this document when web-site was changed. Hackers may kill it too. Customers must know about product security. If Microsoft dos't wont distribute this document they may informate about this. Origin copy of this document dos't change Microsoft copyright.
Help, please.. Thank's TEger.

Greg said...

Forget it... I was going to ask you to email me, but that's a pain.

I've posted the copy I have on SkyDrive here...

Anonymous said...

Than's Greg Duncan.
This will help me. Good article.