Data Scrambling: Developing Databases without Compromising Private Data

The article deals with data scrambling process and describes how to prevent private data compromising.

Continue reading “Data Scrambling: Developing Databases without Compromising Private Data”

Database optimization tips for Developers and SQL Server DBAs

Database Optimization for Developers:

  1. If your application stops working suddenly, it may not be a database issue. For example, maybe you have a network problem. Investigate a bit before you accuse a DBA!
  2. Even if you’re a ninja SQL data modeler, ask a DBA to help you with your relational diagram. They have a lot to share and offer.
  3. DBAs don’t like rapid changes. This is natural: they need to analyze the database as a whole and examine the impact of any changes from all angles. A simple change in a column can take a week to be implemented—but that’s because an error could materialize as huge losses for the company. Be patient!
  4. Do not ask SQL DBAs to make data changes in a production environment. If you want access to the production database, you have to be responsible for all your own changes.

Database Optimization for SQL Server DBAs:

  1. If you don’t like people asking you about the database, give them a real-time status panel. Developers are always suspicious of a database’s status, and such a panel could save everyone time and energy.
  2. Help developers in a test/quality assurance environment. Make it easy to simulate a production server with simple tests on real-world data. This will be a significant time-saver for others as well as yourself.
  3. Developers spend all day on systems with frequently-changed business logic. Try to understand this world being more flexible, and be able to break some rules in a critical moment.
  4. SQL databases evolve. The day will come when you have to migrate your data to a new version. Developers count on significant new functionality with each new version. Instead of refusing to accept their changes, plan ahead and be ready for the migration.

Continue reading “Database optimization tips for Developers and SQL Server DBAs”

How to reduce index size and free up space in a SQL database.

First, run this script to figure out the worst offenders:

create table #t
  name nvarchar(128),
  rows varchar(50),
  reserved varchar(50),
  data varchar(50),
  index_size varchar(50),
  unused varchar(50)

declare @id nvarchar(128)
declare c cursor for
select name from sysobjects where xtype='U'

open c
fetch c into @id

while @@fetch_status = 0 begin

  insert into #t
  exec sp_spaceused @id

  fetch c into @id

close c
deallocate c

select * from #t
order by convert(int, substring(data, 1, len(data)-3)) desc

drop table #t

Continue reading “How to reduce index size and free up space in a SQL database.”

Microsoft Exam 70-487 Study Notes

Estimate of Number of Exam Questions per Module

Module Qs 1:Overview of Service and Cloud Technologies 1
2: Querying and Manipulating Data Using Entity Framework 4
3: Creating and Consuming ASP.NET Web API Services 3
4: Extending and Securing ASP.NET Web API Services 3
5: Creating WCF Services 7
6: Hosting Services 3
7: Windows Azure Service Bus 1
8: Deploying Services 4
9: Windows Azure Storage 2
10: Monitoring and Diagnostics 1
12: Scaling Services 1
A: Designing and Extending WCF Services 4
B: Implementing Security in WCF Services 2
C: “Classic” XML and ADO.NET 4

Total questions in exam 42 Continue reading “Microsoft Exam 70-487 Study Notes”

Encrypting Databases with Transparent Data Encryption

Quantum-Encryption-640x353 Transparent Data Encryption (TDE) enables you to encrypt an entire database.
TDE protects the database against unauthorized third parties gaining access to the hard disks or backups on which the database is stored. TDE encrypts the database by using a Database Encryption Key (DEK) that is stored in the database boot record.
The DEK is in turn protected by the database master key, which is in turn protected by the service master key. You can use BitLocker Drive Encryption, a full-volume encryption method supported by Windows Server 2008 and Windows Server 2008 R2, although this will not ensure that database backups are encrypted.

If any database on the instance uses TDE, the tempdb system database will also be encrypted.
To use TDE to encrypt a database, you must perform the following steps:

1. Create the master encryption key.

2. Create the certificate protected by the master key.

3. Create a DEK and protect it by using the certificate.

4. Encrypt the database.

The first step in deploying TDE involves creating a master encryption key. You do this by using the CREATE MASTER KEY ENCRYPTION BY PASSWORD statement. For example, you can accomplish that by using the following query:

USE master;

After you have created the master encryption key, the next step involves creating the certificate that will be used to encrypt the database. You can accomplish this by using the CREATE CERTIFICATE statement. For example, to create a certificate named ServerCertificate that uses the subject name Server Certificate, use the following query:

CREATE CERTIFICATE ServerCertificate WITH SUBJECT = ‘Server Certificate’;

When the master key and certificate are in place, you can create the DEK for the specific database. You do this by using the CREATE DATABASE ENCRYPTION KEY statement. For example, the following query creates a DEK for the AdventureWorks2012 database:

USE AdventureWorks2012;

After all the appropriate keys and certificates are in place, you can encrypt the database by using the ALTER DATABASE statement. For example, to encrypt the AdventureWorks2012 database, use the following query:

ALTER DATABASE AdventureWorks2012

When using TDE, you should create a backup of the server certificate in the master database. If you lose the database server without backing this up, you cannot access data in a database protected by TDE. You can use the BACKUP CERTIFICATE statement to cre- ate a backup of the certificate and private key, both of which are required for certificate recovery. The private key password does not have to be the same as the database master key password. For example, the following code, when run from the master system database, creates a backup of the ServerCertificate certificate to a file called ServerCertExport and a PrivateKeyFile private key:

TO FILE = ‘ServerCertExport’
FILE = ‘PrivateKeyFile’,

SQL Server will write these backup files to the MSSQLDATA directory of the instance.