Databases Reference
In-Depth Information
INTRODUCTION
Data access is critical to any database design. This means ensuring that users can
get to the data they need and that the data is protected against mistakes, malicious
actions, and equipment failures. This chapter begins by introducing data server and
database connectivity concepts and requirements. From there, it moves on to includ-
ing server and database access requirements in your database design and imple-
mentation. Finally, it introduces access permissions and data protection methods.
It is important to note that you cannot guarantee a completely secure data-
base or server. No matter what safeguards you implement, given enough time,
patience, and technical expertise, someone can eventually find a way to com-
promise your database server and data. Because of this, it is important that your
security plans focus not just on protection, but also on detecting and recover-
ing from security breaches.
11.1 Understanding Database Connections
Data is useless if your users can't access it. There are two basic access methods,
direct access like you have with a Sqlcmd prompt or query window, and indi-
rect access through a database application. There is one common factor with
either access method—you must make a connection to the database server before
you can access any data.
You can see this when you launch SQL Server Management Studio. Before
you are allowed to do anything else, you are prompted for connection informa-
tion so you can establish a connection with the server. Each time you launch
Management Studio, you are prompted with a dialog box like the one shown in
Figure 11-1, requesting the server name and login credentials. The
login cre-
dentials
are used to identify you to the server and set your level of access. The
server uses the information provided to validate your access permissions and
establish the connection.
Even though you never see a connection dialog box, the process is similar
when an application connects to a database server. The application passes its
connection criteria to the database server and the server allows (or denies,
depending on the credentials), the connection.
11.1.1 Understanding Connectivity Concepts
The client/server model is the most basic connectivity model. Most advanced,
multitier connection models still have, somewhere at their core, an aspect of the
client/server model. Let's begin our look at connectivity and connectivity issues
with a look at the classic client/server model as a way of introducing connec-
tivity concepts.
