book

Expert SQL Server 2005 Development

Name: Expert SQL Server 2005 Development
ISBN: 9781590597293

by Adam Machanic, Hugo Kornelis, Lara Rubbelke

May 2007

Intermediate to advanced

471 pages

12h 17m

English

Apress

Read now

Unlock full access

Foreword
About the Authors
About the Technical Reviewer
Acknowledgments
Introduction
1. Software Development Methodologies for the Database World
Architecture RevisitedCoupling, Cohesion, and EncapsulationInterfacesThe Central Problem: Integrating Databases and Object-Oriented SystemsWhere Should the Logic Go?The Object-Relational Impedance MismatchORM: A Solution That Creates Many ProblemsIntroducing the Database-as-API MindsetThe Great Balancing ActTestabilityMaintainabilitySecurityPerformanceCreeping FeaturismSummary
2. Testing Database Routines
Introduction to Black Box and White Box TestingUnit and Functional TestingUnit Testing FrameworksThe Importance of Regression TestingGuidelines for Implementing Database Testing Processes and ProceduresWhy Is Testing Important?What Kind of Testing Is Important?How Many Tests Are Needed?Will Management Buy In?Performance Testing and Profiling Database SystemsCapturing Baseline MetricsProfiling Using Traces and SQL Server ProfilerEvaluating Performance CountersBig-Picture AnalysisGranular AnalysisFixing Problems: Is Focusing on the Obvious Issues Enough?Introducing the SQLQueryStress Performance Testing ToolSummary
3. Errors and Exceptions
Exceptions vs. ErrorsHow Exceptions Work in SQL ServerStatement-Level ExceptionsBatch-Level ExceptionsParsing and Scope-Resolution ExceptionsConnection and Server-Level ExceptionsThe XACT_ABORT SettingDissecting an Error MessageSQL Server's RAISERROR FunctionMonitoring Exception Events with TracesException HandlingWhy Handle Exceptions in T-SQL?Exception "Handling" Using @@ERRORSQL Server's TRY/CATCH SyntaxTransactions and ExceptionsThe Myths of Transaction AbortionXACT_ABORT: Turning Myth into (Semi-)RealityTRY/CATCH and Doomed TransactionsSummary
4. Privilege and Authorization
The Principle of Least PrivilegeCreating Proxies in SQL ServerData Security in Layers: The Onion ModelData Organization Using SchemasBasic Impersonation Using EXECUTE ASOwnership ChainingPrivilege Escalation Without Ownership ChainsStored Procedures and EXECUTE ASStored Procedure Signing Using CertificatesSummary

5. Encryption
What to ProtectEncryption Terminology: What You Need to KnowSQL Server 2005 Encryption Key HierarchyService Master KeyDatabase Master KeySQL Server 2005 Data ProtectionHashBytes()Asymmetric Key and Certificate EncryptionSymmetric Key EncryptionEncryptByPassphraseSecuring Data from the DBAArchitecting for PerformanceSetting Up the Solution and Defining the ProblemSearching Encrypted DataSummary
6. SQLCLR: Architecture and Design Considerations
Bridging the SQL/CLR Gap: the SqlTypes LibraryWrapping Code to Promote Cross-Tier ReuseA Simple Example: E-Mail Address Format ValidationSQLCLR Security and Reliability FeaturesThe Quest for Code SafetySelective Privilege Escalation via Assembly ReferencesGranting Cross-Assembly PrivilegesEnhancing Service Broker Scale-Out with SQLCLRExtending User-Defined AggregatesSummary
7. Dynamic T-SQL
Dynamic T-SQL vs. Ad Hoc T-SQLThe Stored Procedure vs. Ad Hoc SQL DebateWhy Go Dynamic?Compilation and ParameterizationAuto-ParameterizationApplication-Level ParameterizationPerformance Implications of Parameterization and CachingSupporting Optional ParametersOptional Parameters via Static T-SQLGoing Dynamic: Using EXECUTESQL Injectionsp_executesql: A Better EXECUTEDynamic SQL Security ConsiderationsPermissions to Referenced ObjectsInterface RulesSummary
8. Designing Systems for Application Concurrency
The Business Side: What Should Happen When Processes Collide?A Brief Overview of SQL Server Isolation LevelsConcurrency Control and SQL Server's Native Isolation LevelsPreparing for the Worst: Pessimistic ConcurrencyEnforcing Pessimistic Locks at Write TimeApplication Locks: Generalizing Pessimistic ConcurrencyHoping for the Best: Optimistic ConcurrencyEmbracing Conflict: Multivalue ConcurrencyExtending Scalability Through QueuingSummary
9. Working with Spatial Data
Representing Geospatial Data by Latitude and LongitudeSetting Up Sample DataCalculating the Distance Between Two PointsMoving from Point to PointSearching the NeighborhoodThe Bounding BoxFinding the Nearest NeighborThe Dynamic Bounding BoxConclusionRepresenting Geospatial Data by Using the Hierarchical Triangular MeshA Simplified Description of HTMImplementing the HtmIDFunctions in the Spatial DatabaseConclusionOther Types of Spatial DataThree-Dimensional DataAstronomical DataVirtual SpaceRepresenting Regions As PolygonsSummary
10. Working with Temporal Data
Representing More Than Just TimeSQL Server's Date/Time Data TypesInput Date FormatsOutput Date FormattingEfficiently Querying Date/Time ColumnsDate/Time CalculationsDefining Periods Using Calendar TablesDesigning and Querying Temporal Data StoresDealing with Time ZonesWorking with IntervalsModeling DurationsManaging Bitemporal DataSummary
11. Trees, Hierarchies, and Graphs
Terminology: Everything Is a GraphThe Basics: Adjacency Lists and GraphsConstraining the EdgesBasic Graph Queries: Who Am I Connected To?Traversing the GraphAdjacency List HierarchiesQuerying Adjacency List Hierarchies: The BasicsFinding Direct DescendantsTraversing down the HierarchyTraversing up the HierarchyInserting New Nodes and Relocating SubtreesDeleting Existing NodesConstraining the HierarchyPersisting Materialized PathsFinding SubordinatesNavigating up the HierarchyOptimizing the Materialized Path SolutionInserting NodesRelocating SubtreesDeleting NodesConstraining the HierarchyNested Sets ModelFinding SubordinatesNavigating up the HierarchyInserting NodesRelocating SubtreesDeleting NodesConstraining the HierarchySummary

Overview

While building on the skills you already have, Expert SQL Server 2005 Development will help you become an even better developer by focusing on best practices and demonstrating how to design high-performance, maintainable database applications.

This book starts by reintroducing the database as a integral part of the software development ecosystem. You'll learn how to think about SQL Server development as you would any other software development. For example, there's no reason you can't architect and test database routines just as you would architect and test application code. And nothing should stop you from implementing the types of exception handling and security rules that are considered so important in other tiers, even if they are usually ignored in the database.

You'll learn how to apply development methodologies like these to produce high-quality encryption and SQLCLR solutions. Furthermore, you'll discover how to exploit a variety of tools that SQL Server offers in order to properly use dynamic SQL and to improve concurrency in your applications. Finally, you'll become well versed in implementing spatial and temporal database designs, as well as approaching graph and hierarchy problems.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781590597293Purchase book

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills