Assume that we have a network deployed desktop application written in .NET. We don’t want any users (except admins) to be able to manipulate data outside of the application. For example, normal users should not be able to use SQL Server Management Studio to modify/read data.

I know of 3 ways to authenticate to SQL Server, but which one would be the most secure for this situation?

1) Windows Authentication (Trusted Connection) – Authentication is done based on Windows user account, which means that we can’t restrict access to the application only. SSMS could be used by any Windows user who has DB permissions.

2) SQL Server Authentication (User/Password) – We can create one login for the application which isn’t tied to any specific user, but the Username/Password must be stored and used by the application, which, from what I understand, makes it difficult (maybe impossible) to completely secure them.

3) Using an Approle – Has the same problem as #2 in that a password must be stored by the application.

Which of these 3 would be the most secure for this situation, or is there another option that is better?