Planning Server Security
Connectivity between Microsoft SQL Server 2005 Compact Edition (SQL Server Compact Edition) and an instance of SQL Server relies completely upon correctly configuring the security models for both Microsoft Internet Information Services (IIS) and SQL Server.
SQL Server Compact Edition Connectivity Scenario
In the SQL Server Compact Edition connectivity scenario, an application initiates synchronization by invoking the appropriate connectivity solution: either replication or remote data access (RDA). Before you access a SQL Server database using replication or RDA through HTTP, you must set up an IIS virtual directory that contains the SQL Server Compact Edition Server Agent, and configure the appropriate NTFS File System permissions. Configuring IIS authentication and authorization specifies the clients that can invoke the SQL Server Compact Edition Server Agent. Implementing this layer of security controls the clients that can perform database synchronization or remote database access.
Note
You can configure IIS to use Secure Sockets Layer (SSL) encryption. This safeguards the data sent between the device and IIS when database synchronization or remote database access is performed. For more information, see Configuring SSL Encryption.
After you invoke the SQL Server Compact Edition Server Agent, it connects to an instance of SQL Server. SQL Server Authentication and authorization can be configured to control access to SQL Server and SQL Server publications.
The following topics describe how IIS and SQL Server are configured to support security for the SQL Server Compact Edition connectivity solutions (replication and RDA):
For more information about SQL Server Compact Edition database security, see Securing Databases (SQL Server Compact Edition).
See Also
Concepts
IIS Security
SQL Server Security
Configuring the IIS Server Environment
Configuring the SQL Server Environment