Download eBook (PDF) - Red Gate Software

3 – Schema Architecture StrategiesAn example of the data that would be contained within theBorrower_Identification table is shown in Table 3-1.Borrower_ID Identification_Type_ID Identification_Value103 2 R7KFU413243TDDIN103 1 555-08-4862103 3 6311791792GBR6819855M297028731Table 3-1: Sample data from the Borrower_Identification table.One benefit of this column reuse is flexibility. This design allows quickimplementation of new forms of identification validation; it simply involvescreating a new record in the Identification_Type_ID column.Another benefit to column reuse is the obscurity that this approach introducesto the column's data. If the contents of this table were disclosed, the viewerwould still need to gain additional information, in this case the contents of theIdentification_Type table, as well as the contents of the Borrowertable, in order to make the disclosure useful for fraudulent purposes.Separating sensitive data from the object to which it relates, usingnormalization, is a fundamental security strategy. However, we can go evenfurther than that. A single SQL Server installation, also known as an instance,can hold up to 32,767 databases. We can strategically place blocks of sensitivedata in their own databases to provide a layer of obscurity and separation thatextends to the physical data files, transaction logs and back up files.Querying data across multiple databases within an instance of SQL Serverrequires the use of the fully qualified object names, as demonstrated by thequery in Listing 3-1.SELECTbnam.Last_Name,ident.Identification_ValueFROMDatabase1.dbo.Borrower borINNER JOIN Database1.dbo.Borrower_Name bnamON bor.Borrower_ID = bnam.Borrower_IDINNER JOIN Database2.dbo.Borrower_Identification biON bor.Borrower_ID = bi.Borrower_ID;GOListing 3-1: Qualifying object names in cross-database queries.69