• What we'll do
Module Signing is the method of extending permissions that is preferred over using EXECUTE AS (i.e. Impersonation) and/or cross-DB ownership chaining and/or TRUSTWORTHY as it is more flexible and more secure. This approach uses Certificates and/or Asymmetric Keys to create the signatures. Unfortunately, due to a lack of thorough documentation on Certificates and Asymmetric Keys (especially with regards to SQL Server), they are perceived as being complex and mysterious.
Come take a look behind the green curtain and learn about Certificates, Asymmetric Keys, and Strong Name Keys. We will look at various options for creating them in SQL Server and exporting them, as well as how to create them outside of SQL Server and import them. We will see how they can be used with built-in functions for encryption and signing strings, as well as how they are used with SQLCLR, both with and without Visual Studio. And probably more.
Solomon Rutzky has been working with computers since the mid 1980s. He has experience with a variety of hardware platforms, OSs, programming languages, and RDBMSs. He has focused on SQL Server since 2002, and has written articles for SQL Server Central, including the Stairway to SQLCLR series, and SimpleTalk.
Solomon is the founder / owner of Sql Quantum Lift, and is the creator of the popular SQL# SQLCLR library. He answers questions on a few StackExchange sites and Ask.SqlServerCentral.com, and occasionally blogs: Sql Quantum Leap.
• Important to know
We are on the bottom floor in the back right corner in the ChannelAdvisor Cafe.