Secure data in Azure SQL Database with authentication, authorization, and encryption

15 października 2015

Azure SQL Database offers a set of built-in features to help secure your data from malicious and unauthorized users. You can choose from a portfolio of simple to implement features that help you protect your data and build more secure applications within Azure. New features include:
  • SQL Database support for Azure Active Directory (Azure AD) authentication Azure AD authentication is a mechanism for connecting to SQL Database by using identities in Azure AD for managed and federated domains. It is now available in public preview. With Azure AD authentication, you can manage the identities of database users and other Microsoft services in one central location.
  • Row-Level Security Row-Level Security is now generally available. It allows you to restrict access to rows of data based on a user’s identity, role memberships, or query execution context. It centralizes your access logic within the database, which simplifies your application code and reduces the risk of accidental data disclosure. Row-Level Security supports filter predicates (which restrict row-level read access) and block predicates (which restrict row-level write access).      Note  Block predicates are now in public preview.
  • Dynamic data masking Dynamic data masking limits sensitive data exposure by masking it to nonprivileged users. Dynamic data masking helps prevent unauthorized access to sensitive data by enabling customers to designate how much of the sensitive data to reveal, with minimal impact on the application layer. It operates by hiding the sensitive data in the result set of a query over designated database fields, while leaving the underlying database operations unaffected.
  • Transparent data encryption Transparent data encryption is now generally available. It helps you meet compliance requirements by encrypting your databases, associated backups, and transaction log files at rest without requiring changes to your applications. It is based on SQL Server transparent data encryption technology, which encrypts the storage of an entire database by using an industry standard AES-256 symmetric database encryption key. SQL Database protects this database encryption key with a service-managed certificate. All key management for database copying, geo-replication, and database restores anywhere in SQL Database is handled by the service. To enable it on your database,  in  the Azure preview portal, click ON, and then click Save.
These features are available for your applications leveraging SQL Database. Many more security features are available in SQL Database.

Bezpłatne konto

Uzyskaj $200 środków na korzystanie z platformy Azure i bezpłatny dostęp do popularnych usług przez 12 miesięcy

Rozpocznij bezpłatnie

Visual Studio

Subskrybenci uzyskują do $1800 za rok korzystania z usług platformy Azure

Aktywuj teraz

Programy próbne

Dołącz do programu BizSpark i uzyskaj bezpłatnie usługi systemu Azure

Dowiedz się więcej