| description | title | ms.custom | ms.date | ms.service | ms.reviewer | ms.suite | ms.topic |
|---|---|---|---|---|---|---|---|
Learn more about: Secure your SQL applications |
Secure your SQL applications |
06/08/2017 |
biztalk-server |
article |
SQL Server databases often contain sensitive business information such as customer account details. Applications that use the [!INCLUDEadaptersql] to access and modify this information either locally or across a distributed network might inadvertently expose it to access by unauthorized actors, unless efforts are made to protect and secure the data during transmission. Data protection and security are usually thought of in the following terms:
-
Authorization controls access to a resource based on the identity of the requestor.
-
Authentication provides mechanisms for verifying the identity of a requestor.
-
Data confidentiality provides mechanisms for protecting the privacy of data through encryption.
-
Data integrity provides mechanisms to digitally sign data, so that the receiver can ensure that the data has not been altered in-transit.
Another important area of concern is the user-name password credentials that you supply to the [!INCLUDEadaptersqlshort]. The adapter uses these credentials to open connections to the SQL system. The [!INCLUDEadaptersqlshort] does not allow credentials to be supplied in the connection URI. This prevents the credentials from getting exposed inadvertently. The [!INCLUDEadaptersqlshort] provides two alternative methods to supply these credentials in a more secure manner:
Integrated Security. In this case, the [!INCLUDEadaptersqlshort] uses the Microsoft [!INCLUDEadapterpacknoversion] credentials. You must configure the SQL server to accept these credentials for this method to work.
Enterprise Single Sign-on (SSO). For more information about using SSO, see Security with the SQL adapter and BizTalk Server .
The topics in this section provide guidelines to help you better secure the solutions that you develop with the [!INCLUDEadaptersqlshort].