Dela via


Securables

Securables are the resources to which the SQL Server Database Engine authorization system regulates access. For example, a table is a securable. Some securables can be contained within others, creating nested hierarchies called "scopes" that can themselves be secured. The securable scopes are server, database, and schema.

Securable scope: Server

The server securable scope contains the following securables:

  • Endpoint

  • Login

  • Server role

  • Database

Securable scope: Database

The database securable scope contains the following securables:

  • User

  • Database role

  • Application role

  • Assembly

  • Message type

  • Route

  • Service

  • Remote Service Binding

  • Fulltext catalog

  • Certificate

  • Asymmetric key

  • Symmetric key

  • Contract

  • Schema

Securable scope: Schema

The schema securable scope contains the following securables:

  • Type

  • XML schema collection

  • Object – The object class has the following members:

    • Aggregate

    • Function

    • Procedure

    • Queue

    • Synonym

    • Table

    • View

Controlling Access to a Securable

The entity that receives permission to a securable is called a principal. The most common principals are logins and database users. Access to securables is controlled by granting or denying permissions, or by adding logins and user to roles which have access. For information about controlling permissions, see GRANT (Transact-SQL), REVOKE (Transact-SQL), DENY (Transact-SQL), sp_addrolemember (Transact-SQL), and sp_droprolemember (Transact-SQL).

Securing SQL Server

sys.database_principals (Transact-SQL)

sys.database_role_members (Transact-SQL)

sys.server_principals (Transact-SQL)

sys.server_role_members (Transact-SQL)

sys.sql_logins (Transact-SQL)