Ownership chaining is a key security feature in SQL Server and Azure SQL Database that facilitates encapsulation of access permissions when executing stored procedures. When a stored procedure is created, it inherits the permissions of its owner but not necessarily the permissions of the caller. This means that as long as the ownership of the stored procedure and the tables it references is the same, a user can execute the stored procedure without needing direct access to the underlying tables.
This feature helps maintain security by allowing users to execute complex logic encapsulated within stored procedures while limiting their direct access to the data. Essentially, it allows for more controlled access to data, enhancing security without making the individual data tables themselves accessible to all users.
In contrast, stored procedure privileges relate to the permissions granted directly to users on the stored procedures themselves, while role membership involves assigning users to predefined roles that grant specific permissions. Data masking is a technique used to protect sensitive data by obscuring it and does not pertain directly to accessing stored procedures or tables.