Summit video library
Side Channel Attacks in SQL Server
Ben Johnston
Expanded data access and data democratization has introduced the need for advanced security mechanisms. Row level security (RLS) and dynamic data masking (Masking) are both available in SQL Server to allow enterprises and architects to manage data security at a more granular level. While these patterns are helpful in some situations, they are vulnerable to side-channel attacks. These are mentioned briefly in the Microsoft documentation, but without extensive examples.
This session is a demonstration of implementing data masking, row level security, along with a discussion of use cases for each and how they work together. After showing how they work, this will be an active demonstration of each pattern getting broken using various methods, primarily side-channel attacks. Finally, mitigations to these attacks will be discussed and demonstrated.
This will end with an assessment of how each strategy fits into a project and suitability for various types of projects.
A Simple Talks session.
Get the Latest
Sign up to stay up to date with news, special announcements and educational content.
Redgate will only contact you about PASS Data Community Summit (in line with our Privacy Policy) unless you separately request emails about Redgate. You can unsubscribe from these updates at any time.
Thanks for submitting! We'll be in touch soon.