A SQL Server 2022 and Azure SQL Database feature that provides cryptographically verifiable, tamper-evident data history, ensuring that historical records cannot be altered without detection.
- Cryptographic protection: Ledger tables use blockchain-style cryptographic hashing to create an immutable chain of evidence for all data changes, enabling organizations to verify that records have not been tampered with.
- Ledger table types: SQL Server supports two types of ledger tables: Updatable Ledger Tables, which allow data modifications while preserving a protected history, and Append-Only Ledger Tables, which permit only insert operations and are ideal for audit logs.
- Database digests: Cryptographic hashes, known as database digests, can be generated and stored externally in services such as Azure Confidential Ledger or Azure Blob Storage to provide independent proof of data integrity.
- Compliance benefits: Ledger tables help organizations meet regulatory requirements for data immutability and auditability by providing stronger protection than traditional audit logs, which may be altered by privileged users.
- Ledger vs. temporal tables: Unlike temporal tables, which preserve history but can still be modified by database administrators, ledger table history is cryptographically sealed to detect any unauthorized modifications.
- Relevant Idera tools: SQL Compliance Manager complements ledger tables by auditing user access, tracking activity on ledger tables, and recording executed queries.
- Related terms: Temporal Tables, Compliance, Database Forensics, Transparent Data Encryption.
