Secure your SQL applications

Overview

SQL Server databases often contain sensitive business information such as customer account details. Applications that use the Microsoft BizTalk Adapter for SQL Server to access and modify this information either locally or across a distributed network might inadvertently expose it to access by unauthorized actors, unless efforts are made to protect and secure the data during transmission. Data protection and security are usually thought of in the following terms:

  • Authorization controls access to a resource based on the identity of the requestor.

  • Authentication provides mechanisms for verifying the identity of a requestor.

  • Data confidentiality provides mechanisms for protecting the privacy of data through encryption.

  • Data integrity provides mechanisms to digitally sign data, so that the receiver can ensure that the data has not been altered in-transit.

    Another important area of concern is the user-name password credentials that you supply to the SQL adapter. The adapter uses these credentials to open connections to the SQL system. The SQL adapter does not allow credentials to be supplied in the connection URI. This prevents the credentials from getting exposed inadvertently. The SQL adapter provides two alternative methods to supply these credentials in a more secure manner:

    Integrated Security. In this case, the SQL adapter uses the Microsoft BizTalk Adapter Pack credentials. You must configure the SQL server to accept these credentials for this method to work.

    Enterprise Single Sign-on (SSO). For more information about using SSO, see Security with the SQL adapter and BizTalk Server .

    The topics in this section provide guidelines to help you better secure the solutions that you develop with the SQL adapter.

In This Section