Вы находитесь на странице: 1из 10

SQL Server Overview

The diagram shows the relationships among SQL Server 2005 components and identifies interoperability between
components.
Microsoft SQL Server 2005 is a database platform for large-scale online transaction processing (OLTP), data
warehousing, and e-commerce applications; it is also a business intelligence platform for data integration, analysis,
and reporting solutions.

Components in SQL Server 2005:

1. Database Engine
2. Analysis Services
3. Integration Services
4. Replication
5. Reporting Services
6. Notification Services
7. Full-Text Search
8. Service Broker

SQL Server 2005 introduces "studios" to help you with development and management tasks:
SQL Server Management Studio and Business Intelligence Development Studio.
In Management Studio, you develop and manage SQL Server Database Engine and notification solutions, manage
deployed Analysis Services solutions, manage and run Integration Services packages, and manage report servers and
Reporting Services reports and report models.

In BI Development Studio, you develop business intelligence solutions using Analysis Services projects to develop
cubes, dimensions, and mining structures; Reporting Services projects to create reports; the Report Model project to
define models for reports; and Integration Services projects to create packages.

Both of these studios are closely integrated with Microsoft Visual Studio and the Microsoft Office System.
In the studios, SQL Server 2005 provides the graphical tools you need to design, develop, deploy, and administer
relational databases, analytic objects, data transformation packages, replication topologies, reporting servers and
reports, and notification servers. Additionally, SQL Server 2005 includes command prompt utilities to perform
administrative tasks from the command prompt. SQL Server 2005 provides a number of ways to submit feedback
about the product and the documentation, as well as ways to send error reports and feature usage data automatically
to Microsoft.

Database Engine

The Database Engine is the core service for storing, processing, and securing data. The Database Engine provides
controlled access and rapid transaction processing to meet the requirements of the most demanding data consuming
applications within your enterprise.

Use the Database Engine to create relational databases for online transaction processing or online analytical
processing data. This includes creating tables for storing data, and database objects such as indexes, views, and
stored procedures for viewing, managing, and securing data. You can use SQL Server Management Studio to
manage the database objects, and SQL Server Profiler for capturing server events.

Analysis Services

Analysis Services is the core service for supporting rapid analysis of business data, delivering online analytical
processing (OLAP) and data mining functionality in business intelligence applications.

OLAP
Analysis Services allows you to design, create, and manage multidimensional structures that contain detail and
aggregated data from multiple data sources, such as relational databases, in a single unified logical model supported
by built-in calculations. Analysis Services provides fast, intuitive, top-down analysis of large quantities of data built
on this unified data model, which can be delivered to users in multiple languages and currencies. Analysis Services
works with data warehouses, data marts, production databases and operational data stores, supporting analysis of
both historical and real time data.

Data Mining
Analysis Services contains the features and tools you need to create complex data mining solutions.

• A set of industry-standard data mining algorithms.


• The Data Mining Designer, which you can use to create, manage, explore, and create predictions from
mining models.
• The DMX language, which you can use to manage mining models and to create complex prediction
queries.

You can use a combination of these features and tools to discover trends and patterns that exist in your data, and
then use the trends and patterns to make intelligent decisions about difficult business problems.

Integration Services

SQL Server 2005 Integration Services (SSIS) is the extract, transform, and load (ETL) component of SQL Server
2005. It replaces the earlier SQL Server ETL component, Data Transformation Services (DTS).
Integration Services is a platform for building enterprise-level data integration and data transformations solutions.
You use Integration Services to solve complex business problems by copying or downloading files, sending e-mail
messages in response to events, updating data warehouses, cleaning and mining data, and managing SQL Server
objects and data. The packages can work alone or in concert with other packages to address complex business needs.
Integration Services can extract and transform data from a wide variety of sources such as XML data files, flat files,
and relational data sources, and then load the data into one or more destinations.

Integration Services includes a rich set of built-in tasks and transformations; tools for constructing packages; and the
Integration Services service for running and managing packages. You can use the graphical Integration Services
tools to create solutions without writing a single line of code; or you can program the extensive Integration Services
object model to create packages programmatically and code custom tasks and other package objects.

Replication

Replication is a set of technologies for copying and distributing data and database objects from one database to
another, and then synchronizing between databases to maintain consistency. Using replication, you can distribute
data to different locations and to remote or mobile users over local and wide area networks, dial-up connections,
wireless connections, and the Internet. SQL Server provides three types of replication, each with different
capabilities: transactional replication, merge replication, and snapshot replication.

Transactional replication is typically used in server-to-server scenarios that require high throughput, including:
improving scalability and availability; data warehousing and reporting; integrating data from multiple sites;
integrating heterogeneous data; and offloading batch processing. Merge replication is primarily designed for mobile
applications or distributed server applications that have possible data conflicts. Common scenarios include:
exchanging data with mobile users; consumer point of sale (POS) applications; and integration of data from multiple
sites. Snapshot replication is used to provide the initial data set for transactional and merge replication; it can also be
used when complete refreshes of data are appropriate. With these three types of replication, SQL Server provides a
powerful and flexible system for synchronizing data across your enterprise.

Reporting Services

SQL Server 2005 Reporting Services (SSRS) is a server-based reporting platform that provides comprehensive data
reporting from relational and multidimensional data sources. Reporting Services includes processing components, a
complete set of tools that you can use to create and manage reports, and an application programming interface (API)
that allows developers to integrate or extend data and report processing in custom applications. The reports that you
build can be based on relational or multidimensional data from SQL Server, Analysis Services, Oracle, or any
Microsoft .NET Framework data provider, such as ODBC or OLE DB.

With Reporting Services, you can create interactive, tabular, or free-form reports that retrieve data at scheduled
intervals or on-demand when the user opens a report. Reporting Services also enables users to create ad hoc reports
based on predefined models, and to interactively explore data within the model. All reports can be rendered in both
desktop and Web-oriented formats. You can choose from a variety of viewing formats to render reports on demand
in preferred formats for data manipulation or printing.

Reporting Services is a server-based solution, and thus provides a way to centralize report storage and management,
provide secure access to reports, models, and folders, control how reports are processed and distributed, and
standardize how reports are used in your business.

Notification Services

SQL Server 2005 Notification Services is a platform for developing applications that generate and send
notifications, and it is also an engine that runs those applications. You can use Notification Services to generate and
send timely, personalized messages to thousands or even millions of subscribers, and deliver the messages to a wide
variety of applications and devices.

The Notification Services platform enables the development of rich notification applications. Subscriptions, which
express subscribers' interest in specific information (called events), can be evaluated based on the arrival of events
or based on a schedule. The event data itself can originate from within the database, from other databases, or from
external sources. Notifications, which result from the matching of events and subscriptions, can be richly formatted
before being sent to the subscriber.

The Notification Services engine works in concert with the SQL Server Database Engine. The Database Engine
stores the application data and performs the matching between events and subscriptions. The Notification Services
engine controls the flow and processing of data, and can be scaled-out across multiple computers. This can improve
the performance of very large and demanding applications.

Full-Text Search

SQL Server contains the functionality you need to issue full-text queries against plain character-based data in SQL
Server tables. Full-text queries could include words and phrases or multiple forms of a word or phrase. Full-Text
Search allows fast and flexible indexing for keyword-based query of text data stored in a Microsoft SQL Server
database. In SQL Server 2005, Full-Text Search delivers enterprise-level search functionality.

Use Full-Text Search to search for plain, character-based data, in multiple fields in multiple tables at the same time.
The performance benefit of using Full-Text Search can be best realized when querying against a large amount of
unstructured text data. For example, a Transact-SQL LIKE query against millions of rows of text data can take
minutes to return; whereas a full-text query may take only seconds or less against the same data, depending on the
number of rows that are returned. You can build full-text indexes on data stored in a char, varchar or nvarchar
column or formatted binary data, such as Microsoft Word documents, stored in a varbinary(max) or image column.

Service Broker

SQL Server 2005 Service Broker provides the SQL Server Database Engine native support for messaging and
queuing applications. This makes it easier for developers to create sophisticated applications that use the Database
Engine components to communicate between disparate databases. Developers can use Service Broker to easily build
distributed and reliable applications.

Application developers who use Service Broker can distribute data workloads across several databases without
programming complicated communication and messaging internals. This reduces development and test work
because Service Broker handles the communication paths within the context of a conversation. It also improves
performance. For example, front-end databases supporting Web sites can record information and send process
intensive tasks to queue in back-end databases. Service Broker ensures that all tasks are managed in the context of
transactions to ensure reliability and technical consistency.

Microsoft SQL Server's Security Model

An Overview of SQL Server's Security Model


SQL Server's security model comprises the following components:

• SQL Server login


• Database user
• guest user
• Permissions
• Roles

SQL Server Login


The SQL Server login model supports two security modes:

• Windows Authentication
• Mixed Security

Windows Authentication
Windows Authentication takes advantage of Windows NT user security and account mechanisms. This security
mode allows SQL Server to share the username and password used for Windows NT and allows the user to bypass
the SQL Server login process. Users with a valid Windows NT account can log in to SQL Server without supplying
a username and password.

Some benefits of Windows Authentication are as follows:

• A user does not have to remember a separate password and username.


• When the password changes in Windows NT, the user does not have to change the password in SQL
Server.

How does Windows Authentication work? When a user accesses SQL Server, SQL Server obtains the user and
password information from the user's NT network security attributes. These attributes are established when the user
logs in to Windows NT. If the user has been granted access to SQL Server, the user is automatically logged in to
SQL Server. Using Windows Authentication allows you to take advantage of Windows NT features such as
password aging and login auditing.

Windows Authentication requires more NT hands-on experience or working closely with the NT system
administrator when setting up user accounts and groups. Setting up Windows Authentication requires a few more
steps than setting up SQL Server Authentication, but the benefits outweigh the additional configuration steps.

Mixed Security
In mixed mode security, both Windows Authentication and SQL Server Authentication are enabled. When using
SQL Server Authentication, an individual logging in to SQL Server must supply a username and a password that
SQL Server validates against a system table. When using Windows Authentication (see the earlier section
"Windows Authentication" for more information), users can log in to SQL Server without being prompted for a
login ID and password.
Database User
The database user concept defines the database(s) an individual can access. After an individual has successfully
logged in to SQL Server, either through Windows Authentication or SQL Server Authentication, SQL Server
determines whether the user is a valid user for the database he is accessing. Regardless of the security mode, a user
must be permitted to access the database. If the user is not permitted in the database, SQL Server returns an error
message.

The only exception to the database user concept is the guest user. See the next topic for more information on the
guest user.

guest User
A special username, guest, can be added to a database to allow anyone with a valid SQL Server login to access the
database. The guest username is a member of the public role. After the guest user has been added to a database, any
individual with a valid SQL Server login[md]regardless of security mode[md]can access the database as the guest
user. A guest user works as follows:

1. SQL Server checks to see whether the login ID has a valid username or alias assigned. If so, SQL Server
grants the user access to the database as the username or aliases. If not, go to step 2.
2. SQL Server checks to see whether a guest username exists. If so, the login ID is granted access to the
database as guest. If the guest account does not exist, SQL Server denies access to the database.

Permissions

A permission allows someone to do something within a database. There are two types of permissions: object and
statement. Object permissions control who can access and manipulate data in tables and views and who can run
stored procedures. Statement permissions control who can drop and create objects within a database.

SQL Server uses the commands GRANT, REVOKE, and DENY to manage permissions.

GRANT - When you GRANT a permission to an object, you allow someone to perform an action against the object
(for example, SELECT, UPDATE, INSERT, DELETE, or EXECUTE). When you GRANT permission to a
statement, you allow someone to run the statement (for example, CREATE TABLE).

REVOKE - When you REVOKE a permission from an object, you prevent someone from performing an action
against the object (for example, SELECT, UPDATE, INSERT, DELETE, or EXECUTE). When you REVOKE
permission from a statement, you take away a user's ability to run the statement (for example, CREATE TABLE).
DENY - When you DENY a permission from an object, you explicitly prevent someone from using the permission
(for example, SELECT, UPDATE, INSERT, DELETE, or EXECUTE), whereas REVOKE actually removes the
permission.

Object Permissions
Object permissions control access to objects within SQL Server. You can grant and revoke permissions to tables,
table columns, views, and stored procedures through the Enterprise Manager or through system procedures. A user
who wants to perform an action against an object must have the appropriate permission. For example, when a user
wants to SELECT * FROM table1, she must have SELECT permission for the table. Table 1 summarizes the types
of object permissions.

Table 1 - Summary of Object Permissions

Object Type Possible Actions

Table SELECT, UPDATE, DELETE, INSERT, REFERENCE

Column SELECT, UPDATE

View SELECT, UPDATE, INSERT, DELETE

stored procedure EXECUTE

Statement Permissions
Statement permissions control who can perform administrative actions such as creating or backing up a database.
Only the sa, members of the sysadmin role, or database owner can administer statement permissions. I advise
prudence in granting access to statement permissions such as CREATE DATABASE, BACKUP DATABASE, and
BACKUP LOG. Usually, the best approach is to let the sa, a member of the sysadmin role, or the database owner
manage these statements. Following is a list of statement permissions that can be granted or revoked:

• CREATE DATABASE - Creates a database. This permission can be granted only by the sa and only to
users in the master database.
• CREATE DEFAULT - Creates a default value for a table column.
• CREATE PROCEDURE - Creates a stored procedure.
• CREATE RULE - Creates a table column rule.
• CREATE TABLE - Creates a table.
• CREATE VIEW - Creates a view.
• BACKUP DATABASE - Backs up the database.
• BACKUP TRANSACTION - Backs up the transaction log.

Roles
Roles provide a logical way to group users with permissions. The following are the types of roles found in SQL
Server:

• Server roles
• Database roles

Server Roles
Server roles provide levels of access to server operations and tasks. If an individual is placed in a certain role, he can
perform the function permitted by the role. For example, an individual who is member of the sysadmin role can
perform any type of action in SQL Server.

Server roles are predefined and are serverwide. These roles are not database specific and cannot be customized.
Table 2 provides a listing and explanation for each type of server role.

Table 2 - Server Roles

Server Role Description

sysadmin Able to do anything in SQL Server

serveradmin Able to modify SQL Server settings and shut down SQL Server

setupadmin Able to install replication and control extended stored procedures

securityadmin Able to control server logins and create database permissions

processadmin Able to control SQL Server processes

dbcreator Able to create and modify databases


diskadmin Able to manage disk files

bulkadmin Able to execute bulk insert statements

Database Roles
Database roles provide the assignment of a set of database-specific permissions to an individual or a group of users.
Database roles can be assigned to NT Authenticated logins or SQL Server Authenticated logins. Roles that are
assigned to NT Authenticated logins can be assigned to NT users and NT groups. Roles can also be nested so that a
hierarchical group of permissions can be assigned to logins.

Database roles are database specific. SQL Server provides three types of roles:

• Predefined database roles


• User-defined database roles
• Implicit roles

Predefined Database Roles


Predefined database roles are standard SQL Server database roles. Each database in SQL Server has these roles.
Predefined database roles make it easy to delegate responsibility. For example, a developer might be assigned the
db_ddladmin role in a development database. This role would allow a developer to create and drop objects (tables,
stored procedures, views, and so on) on an as-needed basis.

Predefined database roles are database specific and cannot be customized. Table 3 provides a description of each
predefined database role.

Table 3 - Predefined Database Roles

Database Role
Description

Has complete access to all objects within the database, can drop and re-create objects, and has
the capability to assign object permissions to other users. It can modify database settings and
db_owner
perform database maintenance tasks. This role encompasses all functionality listed in the other
predefined database roles.
Controls access to the database by adding or removing Windows Authentication users and SQL
db_accessadmin
Server users.

Has complete access to SELECT data from any table in the database. This role does not grant
db_datareader
INSERT, DELETE, or UPDATE permissions on any table in the database.

Can perform INSERT, DELETE, or UDPATE statements on any table in the database. This
db_datawriter
role does not grant SELECT permission on any table in the database

db_ddladmin Has the capability to create, modify, and drop objects in the database.

Performs security management within the database. This role manages statement and object
db_securityadmin
permissions and roles within the database.

db_backupoperator Has the capability to back up the database.

Denies SELECT permission on all tables in the database. However, this role does allow users
db_denydatareader
to modify existing table schemas. It does not allow them to create or drop existing tables.

Denies data modification statements (INSERT, DELETE, or UPDATE) from being performed
db_denydatawriter
against any tables in the databases

Every database user is a member of the public role. A user automatically becomes part of the
Public
public role when she is permitted access to the database.