The Schwartz Report

Blog archive

Microsoft's Cloud SQL Database Gets Row Level Security

Microsoft's cloud-based SQL Database now supports row level security (RLS), a feature offered in a number of other databases. RLS lets administrators provide row-level access to data based on a user's identity or role.

The company released the RLS feature in its Azure SQL Database last week. RLS will appeal to organizations looking to restrict access to financial data based on an employee's region and role, ensure specific tenants of a multitenant app can only access their own roles of data and it allows analysts to query various subsets based on their position, according to Tommy Mullaney, Microsoft's program manager for SQL Database.

"RLS enables you to store data for many users in a single database and table, while at the same time restricting row-level access based on a user's identity, role, or execution context," Mullaney said in a blog post. "RLS centralizes access logic within the database itself, which simplifies and reduces the risk of error in your application code."

In his post, Mullaney shared how SharePoint workflow vendor K2 Architect Grant Dickinson was able to ensure it was enforcing security and policies across all database vectors. Before implementing RLS, his team had to use query predicates but that mode of enforcing security was "onerous and prone to bugs," according to Dickinson.

"Furthermore, the data access layer and business logic are able to evolve independently from the RLS policy logic; this separation of concerns improves code quality," he said. "The developers could use a policy language they were familiar with -- T-SQL  -- and as such we were productive on RLS from day one."

Microsoft's Mullaney said it plans to add new RLS capabilities through its iterative development and deployment process.

Posted by Jeffrey Schwartz on 08/24/2015 at 1:26 PM


Featured

  • Microsoft Nabs IoT Platform Provider Express Logic

    As part of its plan to invest $5 billion in IoT technologies, Microsoft this week acquired Express Logic, which provides real-time operating systems for industrial embedded and IoT devices.

  • Dealing with Broken Dependencies in SCVMM

    Brien shows you how to resolve some broken, template-related dependencies in Microsoft's System Center Virtual Machine Manager.

  • AzCopy Preview Adds AWS S3 Data Transfer Improvements

    Microsoft announced this week that it has improved the preview version of its AzCopy tool to better handle Amazon Web Services (AWS) S3 data.

  • Microsoft Adding Google G Suite Migration in Exchange Admin Center

    Microsoft's Exchange Admin Center will be getting the ability to move Google G Suite calendar, contacts and e-mail data over to the Office 365 service "in the coming weeks."

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.