Solved

Security aspect of views in SQL Server

Posted on 2011-03-25
2
231 Views
Last Modified: 2012-06-21
Hi

I was reading an article on views. How they are useful and in what scenarios. My query is what is the security aspect of view. Is it safe and how can you justify it.


Regards
Karan  
0
Comment
Question by:KaranGupta
2 Comments
 
LVL 3

Assisted Solution

by:kumarnimavat
kumarnimavat earned 150 total points
ID: 35214414
0
 
LVL 28

Accepted Solution

by:
Ryan McCauley earned 350 total points
ID: 35215163
Views can ensure that people have easy access to only the data that they have rights to see. For example, if you grant a person rights to see only 3 of a table's 5 columns, you can create a view so they can do a "select *" from the view and see what they're allowed to see. In the same way, I person is only allowed to see HOUR details for full-time employees, you could add a where clause to the view "where emptype='FT'" and they'd just see those people.

They still have access to the tables, but it just makes viewing what they have access to easier, as opposed to forgetting to filter their results and being greeted with an "access denied" message constantly.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article I will describe the Copy Database Wizard method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question