The Schwartz Report

Blog archive

Microsoft's Cloud SQL Database Gets Row Level Security

Microsoft's cloud-based SQL Database now supports row level security (RLS), a feature offered in a number of other databases. RLS lets administrators provide row-level access to data based on a user's identity or role.

The company released the RLS feature in its Azure SQL Database last week. RLS will appeal to organizations looking to restrict access to financial data based on an employee's region and role, ensure specific tenants of a multitenant app can only access their own roles of data and it allows analysts to query various subsets based on their position, according to Tommy Mullaney, Microsoft's program manager for SQL Database.

"RLS enables you to store data for many users in a single database and table, while at the same time restricting row-level access based on a user's identity, role, or execution context," Mullaney said in a blog post. "RLS centralizes access logic within the database itself, which simplifies and reduces the risk of error in your application code."

In his post, Mullaney shared how SharePoint workflow vendor K2 Architect Grant Dickinson was able to ensure it was enforcing security and policies across all database vectors. Before implementing RLS, his team had to use query predicates but that mode of enforcing security was "onerous and prone to bugs," according to Dickinson.

"Furthermore, the data access layer and business logic are able to evolve independently from the RLS policy logic; this separation of concerns improves code quality," he said. "The developers could use a policy language they were familiar with -- T-SQL  -- and as such we were productive on RLS from day one."

Microsoft's Mullaney said it plans to add new RLS capabilities through its iterative development and deployment process.

Posted by Jeffrey Schwartz on 08/24/2015 at 1:26 PM


Featured

  • What Does Office 365 Support for New Surface Hardware Actually Mean?

    Microsoft has spilled a lot of ink touting the ways that its new Surface-branded peripherals will be bring Office 365 features to life.

  • Azure Active Directory ID Protection 'Refresh' Now Available

    Microsoft's enhancements to the Azure Active Directory Identity Protection service are now said to be "generally available" (GA), or ready for commercial use, per a Wednesday announcement.

  • Microsoft Releases Windows 10 Version 1909

    Microsoft on Tuesday announced the release of Windows 10 version 1909, a new operating system product that's also known as the "Windows 10 November 2019 Update."

  • November Microsoft Security Bundle Addresses 75 Vulnerabilities

    Of that number, 13 vulnerabilities are rated "Critical" to patch, while 62 vulnerabilities are deemed "Important."

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.