Authentication;Authentication data which is stored in the database when

Authentication;Authentication is the basic and initial security process, authentication is the process of identifying the appropriate user when they try to access the database or data which is stored in the database when the user try to identify himself his identity will be verified against the user details in the application and authentication is provided to access or make a connection with the database to access or use the data in the database. Note that irrespective of the person true identity with the login credentials any one can login to the database, for sql server we have two modes of authentication windows level and sql level,  where in windows level the authentication done based the windows user,  whereas in the sql level the authentication done based on the uses in the sql.Encryption;This can be said to be 2nd layer of security, if the authentication is perfectly implemented thus the inappropriate user cannot enter into sql environment but what if he would like steal the data,  to prevent this the Sql server has built in option to encrypt the data this is based on the certification and key by applying this encryption mechanism the data backup data cannot be used even if it stolen this mechanism called as transparent databases encryption (TDE) which is based on the certificate and key.Authorization;This is the other layer of security on the authentication success, even a user is provided authentication for the access of the database or data it might not necessary for that user to access entire database or he might not be using the insert update or deletion commands then why that user should have such features enabled as his role or tasks he was assigned to is restricting him to use only certain amount of data and only fetching the data, in such cases the authorization concepts will be handy by applying the authorization we can limit the user to access certain database and to perform certain tasks , i.e. assigning permissions at the users level which is of role based, Permissions to access the encapsulated data like stored procedures,  functions, ownership permissions.Change tracking;Again change tracking is built in feature, out of all above security precautions or preventions implemented we don’t know anything can happen at any time to know what happen happened at what time we use the change tracking feature, we tried our best to eradicate the mall practice whereas if any this new way to crack the security applied and a manipulation in the data done,  at least after event happened we can identify by Auditing the changes made to database if they are unusable,  this can be done with the change tracking feature