Session

Let's crack (bypass) some new security features!

SQL Server 2016 provides several new data security features like Dynamic Data Masking (DDM) and Row-Level Security (RLS). Implementing DDM and RLS internally in the SQL Server, aims to bring us better security.

DDM based on user level rules, is aims to prevent users without granted permission "UNMASK" to expose the original value of a column. RLS based on security policy which uses inline function in order to implement filter predicate on rows.

Are those features really keep your data secure as expected?

During this session we will discuss the limitations of those features, and we will show how simple it is to bypass(crack) the security features and expose the data, by any user that has simple select permission.

The ability to implement security features gives nothing without recognizing the limitations and its vulnerability. This is a must session for anyone who uses or intend to use the new security features!

Ronen Ariely

Senior consultant and architect, data platform and application development.

Tel Aviv, Israel

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top