The Schwartz Report

Blog archive

Microsoft's Cloud SQL Database Gets Row Level Security

Microsoft's cloud-based SQL Database now supports row level security (RLS), a feature offered in a number of other databases. RLS lets administrators provide row-level access to data based on a user's identity or role.

The company released the RLS feature in its Azure SQL Database last week. RLS will appeal to organizations looking to restrict access to financial data based on an employee's region and role, ensure specific tenants of a multitenant app can only access their own roles of data and it allows analysts to query various subsets based on their position, according to Tommy Mullaney, Microsoft's program manager for SQL Database.

"RLS enables you to store data for many users in a single database and table, while at the same time restricting row-level access based on a user's identity, role, or execution context," Mullaney said in a blog post. "RLS centralizes access logic within the database itself, which simplifies and reduces the risk of error in your application code."

In his post, Mullaney shared how SharePoint workflow vendor K2 Architect Grant Dickinson was able to ensure it was enforcing security and policies across all database vectors. Before implementing RLS, his team had to use query predicates but that mode of enforcing security was "onerous and prone to bugs," according to Dickinson.

"Furthermore, the data access layer and business logic are able to evolve independently from the RLS policy logic; this separation of concerns improves code quality," he said. "The developers could use a policy language they were familiar with -- T-SQL  -- and as such we were productive on RLS from day one."

Microsoft's Mullaney said it plans to add new RLS capabilities through its iterative development and deployment process.

Posted by Jeffrey Schwartz on 08/24/2015 at 1:26 PM


Featured

  • OneDrive Users To Get Storage Options, Plus New Personal Vault

    Microsoft announced a few OneDrive enhancements, including storage-option additions, plus a new "Personal Vault" feature for added security assurance.

  • Cloud Services Starting To Overtake On-Prem Database Management Systems

    Database management system (DBMS) growth is happening more on the cloud services side than on the traditional "on-premises" side, according to a report by Gartner Inc.

  • How To Replace an Aging Domain Controller

    If the hardware behind your domain controllers has become outdated, here's a step-by-step guide to performing a hardware refresh.

  • Azure Backup for SQL Server 2008 Available at Preview Stage

    Microsoft added the option of using the Azure Backup service to provide recovery support for SQL Server 2008 and SQL Server 2008 R2 when those workloads are hosted on Azure virtual machines.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.