I have a rich client program installed on users PCs where I want to start storing some user created data on SQL Azure/SQL Server. The potential anonymous-to-me users would key in their name, email account and a password which would get stored on SQL Azure/SQL Server. Then they would start generating their own data. I’m anticipating volumes of maybe 1000 users.

There are times when those users would like to run their own queries against their own data but, obviously, I must ensure that they can never view other users data.

I’m thinking the best way to ensure security of data is for each user to be issued their own SQL Azure account and password. I will setup a SQL Azure user and long password, known only to me, which only has permissions to execute several stored procedures with appropriate parameters being passed to those SPs which will create the SQL Server accounts, logins and add the users to a role which I have created.

Obviously someone running debugging tools could figure out the user name and password but I’m thinking this isn’t a big deal. If all that particular SQL Azure account can do is execute a few SPs so what if a malicious individual starts doing that. I will only allow a very limited amount of data to be uploaded before I require payment.

The users can only insert records using stored procedures which use the following:

SELECT @uName=SYSTEM_USER 

and only select appropriate parent records. All stored procedures which users can execute would have the above as required to ensure they can only work with their own records.

All views will have embedded with them WHERE clauses such as

WHERE tbLoginName = SYSTEM_USER.

I’m new to SQL Server so I may be missing some fundamental concepts so I’d appreciate any and all comments.