Bit of a clue as to the mystery in the previous post, but people who work with Oracle tend to have a pretty good idea what a database schema is for – I find SQL Server people are a bit less clear (I include myself in this – I think the problem is that we’re not quite sure which problem they solve).
Trying to write about SQL Server security I came up with the following definitions:
- A ‘Namespace’ (or a way of creating self-describing objects).
- A way of giving users a shorthand by which they can access an object (think: a Users’ default schema).
- A layer of abstraction with regard to database object ownership.
- A dynamic security boundary, or a container on which users can be granted or denied permissions.
I think 3 & 4 stand out as the most compelling – especially given that no. 3 solves a problem that used to cause real administrative headaches when it came to dropping users that owned objects.