Download eBook (PDF) - Red Gate Software

9 – Honeycombing a DatabaseUse HomeLending;GOCREATE TABLE dbo.Customer_Information(Customer_ID bigint IDENTITY(100,1) NOT NULL,First_Name varchar(50) NOT NULL,Last_Name varchar(50) NOT NULL,Social_Security_Number varchar(12) NOT NULL,Address_Street varchar(250) NOT NULL,Address_City varchar(150) NOT NULL,Address_State varchar(2) NOT NULL,Address_Zipcode varchar(10) NOT NULL);GOListing 9-1: The Customer_Information Honeycomb table.One of the goals in honeycombing a database is to capture the casualexploration of data by users who have limited authorized access to thedatabase. To open this decoy table to all levels of curiosity, we will grantSELECT, INSERT, UPDATE and DELETE permissions to the public databaserole, using the GRANT statement, as shown in Listing 9-2. All database usersare members of the public database role by default.Use HomeLending;GOGRANT SELECT, INSERT, UPDATE, DELETEON dbo.Customer_InformationTO public;GOListing 9-2: Open season on the Honeycomb table.Simply having an empty decoy table in your database will not be sufficient todraw activity its way. It must be filled with alluring, but bogus, data. The firstrule in populating this decoy table is obviously never to use actual data.Data scrambling techniques can be applied, as described in Chapter 8, or youcan generate decoy data using a data generator, such as Red Gate's SQL DataGenerator. It is recommended that you populate the decoy table with a numberof rows that is consistent with the non-decoy tables. In our HomeLendingdatabase, SQL Data Generator was used to populate five thousand rows of data,a sample of which are shown in Figure 9-1.189