| |
Home |
![[Table of Contents]](/dwicons/b_toc.gif)
|
Security Features User's Guide |
![[-]](/dwicons/i_colpse.gif)
| Glossary |
An instruction that specifies an operation to be performed by the computer. Each command or SQL statement begins with a keyword, such as insert, which names the basic operation performed. Many SQL commands have one or more keyword phrases, or clauses, that tailor the command to meet a particular need.
Context-sensitive protection provides certain permissions or privileges, depending on the identity of the user. This type of protection can be provided by SQL Server using a view and the user_id built-in function.
A set of related data tables and other database objects that are organized and presented to serve a specific purpose.
A database object is one of the components of a database: table, view, index, procedure, trigger, column, default, constraint, or rule.
The user who creates a database becomes the Database Owner. A Database Owner has control over all the database objects in that database. The login name for the Database Owner is "dbo".
In a user's own database, SQL Server recognizes the user as "dbo". A database owner logs into SQL Server using his or her assigned login name and password. See also Database Owner.
The option chosen by the system when no other option is specified.
The database that a user gets by default when he or she logs in.
1. The default language of a user is the language (such as U. S. English) that displays that user's prompts and messages. It can be set with sp_modifylogin or the language option of the set command.
2. The SQL Server default language is the language that is used to display prompts and messages for all users unless a user chooses a different language.
Restricts access to objects based on identity and/or group membership. The controls are discretionary in the sense that a user with a certain access permission (for example, an object owner) is capable of passing access permission on to any other user, such as with the grant command.
The name a user uses to log into SQL Server. A login is valid if SQL Server has an entry for that user in the system table master..syslogins.
Restricts access to objects based on the sensitivity (as represented by a label) of the information contained in the objects and the formal authorization (that is, clearance) of users to access information of such sensitivity. This security feature is available with Secure SQL ServerTM, but not with the standard SQL Server.
Controls the user databases and the operation of SQL Server as a whole. Known as master, it keeps track of such things as user accounts, ongoing processes, and system error messages.
A passive entity that contains or receives information and that cannot change the information it contains. In SQL Server, objects can include rows, tables, databases, stored procedures, and views.
Permissions that regulate the use of certain commands (data modification commands plus select and execute) to specific tables, views, columns, or procedures. These permissions are granted and revoked by the owner of the object, who can grant them to other users. See also object creation permissions.
Permissions that regulate the use of commands that create objects (for example, create table, create procedure, and create database). These permissions can be granted only by a System Administrator or a Database Owner. See also object access permissions.
The authority to perform certain actions on certain database objects or to run certain commands. See also object access permissions and object creation permissions.
Permission to read an object (for example, to select rows from a table).
A stored procedure executed on a server different from the server the user is logged into.
Privileges granted to identified users to perform various administrative, operational, and security-related tasks. In SQL Server, the available roles are System Administrator, System Security Officer, and Operator.
See System Administrator.
A multilevel trusted database management system that is targeted for evaluation at the Class B1 criteria. It is an enhanced version of the standard SQL Server, which is targeted for evaluation at the Class C2 criteria. The requirements for both criteria are given by the Department of Defense in DOD 52.00.28-STD, Department of Defense Trusted Computer System Evaluation Criteria (TCSEC), also known as the "Orange Book." The Secure SQL Server adds security functions to those offered by the standard server, including mandatory access controls. See also SQL Server and mandatory access controls.
The ID number by which a user is known to SQL Server.
The server in the Sybase client-server architecture. SQL Server manages multiple databases and multiple users, keeps track of the actual location of data on disks, maintains a mapping of logical data descriptions to physical data storage, and maintains data and procedure caches in memory. SQL Server supports security features such as discretionary access controls and division of roles. SQL Server is targeted to evaluate at the Class C2 criteria.
See System Security Officer.
A statement begins with a keyword that names the basic operation or command to be performed.
A collection of SQL statements and optional control-of-flow statements stored under a name. SQL Server-supplied stored procedures are called system procedures.
An active entity that can manipulate database objects. In SQL Server, subjects include users and processes acting on behalf of users.
A user authorized to handle SQL Server system administration, including installing SQL Server, creating databases, managing disk storage, and fine-tuning SQL Server by changing the configurable system parameters.
The four databases on a newly installed SQL Server: the master database, which controls user databases and the operation of SQL Server; the temporary database (tempdb), which is used for temporary tables; the system procedures database (sybsystemprocs), and the model database (model), which is used as a template to create new user databases. If auditing is installed, SQL Server also includes the sybsecurity database, which contains the audit trail.
Stored procedures that SQL Server supplies as shortcuts for retrieving information from the system tables, or mechanisms for accomplishing database administration and other tasks that involve updating system catalogs.
A user who controls security-related operations in SQL Server, including auditing, password management, creating server login accounts, and granting and revoking the System Security Officer and Operator roles.
A special form of stored procedure that goes into effect when a user gives a change command such as insert, delete, or update to a specified table or column. Triggers are often used to enforce referential integrity.
The ID number by which a user is known in a specific database. Distinct from server user ID.
An alternative way of looking at the data in one or more tables. Usually created as a subset of columns from one or more tables.
Permission to write an object (for example, to update a row or to add a row to a table).
|
|