SQL Server 2000 achieved National Security Agency C2 certification. C2 security is a government rating for security in which a system is certified for discretionary resource protection and auditing capabilities. This is the highest security certification level available. A report issued by the National Security Agency outlines SQL Server 2000’s environmental strengths. The report notes that SQL Server enforces a discretionary access control (DAC) policy on its database objects through the standard SQL grant and remove mechanism. SQL Server performs identification using an already established Windows NT logon, creating a seamless login for users and permitting easier administration. SQL Server supplies an auditing capability to track user logins, object accesses, and administration actions. Other architectural strengths of SQL Server include an on-demand disk by which files grow and shrink automatically, dynamic memory to optimize memory use, full row-level locking, centralized administration of replicated databases, and fully integrated identification and authentication with Windows NT.
