When I first started at Microsoft, I worked a couple of projects with the SQL Server Security team – and I really enjoyed that group. They are a very smart, fun group of folks to hang around with. Plus, they are really good at math!
Anyway, they wrote some whitepapers recently that are a great set of links to have:
- Engine Separation of Duties for the Application Developer – discusses how to build applications that support role separation.
- Database Encryption in SQL Server 2008 Enterprise Edition – in depth treatise on Transparent Database Encryption.
- Cryptography in SQL Server – Survery of all the cryptography features in SQL Server 2008.