SQL Server 2016 a des nouveautés très intéressantes comme le dynamic data masking et le row level security ou encore les stretch tables qui vous permettent l’extension d’une ou plusieurs tables vers une base Azure SQL. Découvrez ces fonctionnalités à travers des exemples d'utilisation.Comment cela fonctionne t-il? Comment peut-il influer sur l'administration de votre base de données? Nous allons essayer de répondre à toutes ces questions ...
5. #JSS2015
• Experts At Your Service
– 40 specialists in IT infrastructure
– Certified, experienced, passionate
• Based In Switzerland
– 100% self-financed Swiss company
– Over CHF6 mio. turnover
• Leading In Infrastructure Services
– More than 100 customers in CH, D, & F
– Over 40 SLAs dbi FlexService contracted
dbi services
9. #JSS2015
Introduction - Focus
Temporal Table
Tracking data changes
over time
Auditing all changes to
data
Recovering from
accidental data changes
Security Update
Always encrypted
Dynamic data masing
Row Level Security
Stretch Database
Migrating local table to
Azure SQL Database
Archiving historical data
to the Cloud
Reducing local complexity
11. #JSS2015
• How its work?
– Current Table with the current value for each records
called System-Versioned Table
– History table with all previous values for each records
called History Table
Temporal Table - Concept
12. #JSS2015
• CREATE/ALTER TABLE
– [StartDate] [datetime2](0) GENERATED ALWAYS AS
ROW START NOT NULL
– [EndDate] [datetime2](0) GENERATED ALWAYS AS
ROW END NOT NULL
– PERIOD FOR SYSTEM_TIME([StartDate],[EndDate]))
– WITH (SYSTEM_VERSIONING=ON(HISTORY_TABLE =
[dbo].[History]))
Temporal Table - DDL
13. #JSS2015
AnimalId Name Genus Species Number StartDate EndDate
AnimalId Name Genus Species Number StartDate EndDate
• INSERT
• UPDATE
• DELETE
Temporal Table - DML
Animals Table (System-Versioned)
AnimalsHistory Table (History)
30 Giraffe Giraffe camelopardalis 5 8/14/2014 1:35:24 12/31/9999 11:59:59
30 Giraffe Giraffe camelopardalis 5 8/14/2014 1:35:24 11/11/2015 10:25:18
30 Giraffe Giraffe camelopardalis 6 11/11/2015 10:25:18 12/31/9999 11:59:59
30 Giraffe Giraffe camelopardalis 6 11/11/2015 10:25:18 28/11/2015 09:10:29
14. #JSS2015
• SELECT * FROM "Table" FOR SYSTEM_TIME
– AS OF "date_time "
– FROM "start_date_time" TO "end_date_time"
– BETWEEN "start_date_time" AND "end_date_time"
– CONTAINED IN ("start_date_time" , "end_date_time")
– ALL (new in CPT3)
Temporal Table - SELECT
15. #JSS2015
• Create temporal table
• Insert – Update – Delete
• Select options
• Metadata
• In CTP 3.0: Support for using temporal
system-versioning with In-Memory OLTP
Temporal Table - DEMO
18. #JSS2015
Stretch Database - Concept
SQL Server
SQL Database
Insert
Stores data locally1.
On-premises
Local Data
Eligible Data
Remote Data
Removes migrated rows3.
26. #JSS2015
Always Encrypted- Concept
CREATE TABLE dbo.EncryptedTable
(
ID INT IDENTITY(1,1) PRIMARY KEY,
LastName NVARCHAR(32) COLLATE Latin1_General_BIN2
ENCRYPTED WITH
(
ENCRYPTION_TYPE = DETERMINISTIC,
ALGORITHM = 'AEAD_AES_256_CBC_HMAC_SHA_256',
COLUMN_ENCRYPTION_KEY = ColumnKey
) NOT NULL,
......
27. #JSS2015
• Limits sensitive data exposure by masking it
to non-privileged users
Dynamic Data Masking - Concept
28. #JSS2015
• 4 masking functions available
– Default:
ALTER COLUMN a ADD MASKED WITH (FUNCTION = 'default()')
– Email:
ALTER COLUMN b ADD MASKED WITH (FUNCTION = 'email()')
– Custom String:
ALTER COLUMN c ADD MASKED WITH (FUNCTION = 'partial(1,"XXXXXXX",0)')
– Random: (new in CTP3)
ALTER COLUMN d ADD MASKED WITH (FUNCTION = 'random(1, 100)')
Dynamic Data Masking - Concept
29. #JSS2015
Title FirstName LastName BirthDate EmailAddress Phone
Production Technician - WC60 Guy Gilbert 5/15/1976 guy1@adventure-works.com 320-555-0195
Marketing Assistant Kevin Brown 6/3/1981 kevin0@adventure-works.com 150-555-0189
Engineering Manager Roberto Tamburello 12/13/1968 roberto0@adventure-works.com 212-555-0187
Senior Tool Designer Rob Walters 1/23/1969 rob0@adventure-works.com 612-555-0100
Senior Tool Designer Daniel Obry 1/23/1969 daniel0@adventure-works.com 612-555-0100
Tool Designer Thierry D'Hers 8/29/1953 thierry0@adventure-works.com 168-555-0183
Marketing Manager David Bradley 4/19/1969 david0@adventure-works.com 913-555-0172
Marketing Manager David Bradley 4/19/1969 david0@adventure-works.com 913-555-0172
Production Supervisor - WC60 JoLynn Dobney 2/16/1950 jolynn0@adventure-works.com 903-555-0145
Production Technician - WC10 Ruth Ellerbrock 7/6/1950 ruth0@adventure-works.com 145-555-0130
• Implement restrictions on data row access
Row Level Security - Concept
GRANT SELECT (Title, FirstName,LastName,BirthDate) on Employees to User11. Create a function with conditions
2. Create a Security Policy associated to this function
30. #JSS2015
• Table Employee
• Logins
– sql login u1 with the db_owner role
– sql login u2 with the db_datareader role
DEMO
32. #JSS2015
• Easy to create
– just add a Start Date and the End Date with a DateTime2 data type
– a temporal table have (System-Versioned) and the associated history table have
(History)
• Easy to INSERT data (classical way)
• Update and DELETE puts old values in the Historic table
• SELECT have 5 options to read temporal table
– FOR SYSTEM_TIME AS OF…
– FOR SYSTEM_TIME FROM… TO…
– FOR SYSTEM_TIME BETWEEN… AND…
– FOR SYSTEM_TIME CONTAINED IN(…,…)
– FOR SYSTEM_TIME ALL
• Start and End DateTime are set to the UTC Time in the History
table
• Enable for In-Memory
Temporal Table
33. #JSS2015
• New hybrid Cloud architecture
• Designed for tables
– With large volumes
– Archived oriented
• Reduce complexity management
Stretch Database
34. #JSS2015
• Always Encrypted
– Client side encryption and decryption
– Protect data per column
• Dynamic Data Masking
– Limits sensitive data exposure by masking it to non-privileged
users
– 4 masking functions available:
• default, email, custom string & random
• Row Level Security
– Implement restrictions on data row access
– Create a function with conditions and a Security Policy associated
to this function
Security Update
35. #JSS2015
• SQL Server 2016 CTP3 download
https://www.microsoft.com/en-us/evalcenter/evaluate-sql-
server-2016
• What's New in SQL Server 2016
https://msdn.microsoft.com/en-us/library/bb500435.aspx
• dbi services blogs
http://blog.dbi-services.com/tag/sql-server-2016/
References
Default
Full masking according to the data types of the designated fields.
Email
Masking method which exposes the first letter of an email address, the "@" character and the constant suffix ".com"
Custom String
Masking method which exposes the first and last letters and adds a custom padding string in the middle
Random:
A random masking function for use on any numeric type to mask the original value with a random value within a specified range.
On parlait des speakers, il y a une chose qui leur tient à cœur !