Securing Database Objects

SQL Server's security mechanism is both elegant and flexible. When SQL Server first came to be, it included a role-based security model where all roles and logins were defined within the database server. Users are similar to logins but defined at the database level. Users could be made members of a role and then permissions for various database objects could be assigned at the individual or role level. This approach met all of the necessary requirements except that it duplicated much of the security assignments managed by the network system. As SQL Server was integrated into the Windows platform, it made sense to integrate the existing Windows security model. Today, you have the option to use either Windows Integrated Security or both Wind....