CSA Preface
Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T).
This International Standard was reviewed by the CSA TCIT under the jurisdiction of the Strategic Steering Committee on Information Technology and deemed acceptable for use in Canada. (A committee membership list is available on request from the CSA Project Manager.) From time to time, ISO/IEC may publish addenda, corrigenda, etc. The CSA TCIT will review these documents for approval and publication. For a listing, refer to the CSA Information Products catalogue or CSA Info Update or contact a CSA Sales representative. This Standard has been formally approved, without modification, by the Technical Committee and has been approved as a National Standard of Canada by the Standards Council of Canada.
Scope
This International Standard, Remote Database Access for SQL (RDA), defines a model for the remote interaction of an SQL-client and one or more SQL-servers through communication media, and defines the encoding of messages, the semantics of messages and associated facilities for mediating the interaction between one SQL-client and one SQL-server.
This International Standard also defines a mapping of the RDA Protocol to the specific communication infrastructures TCP/IP and Transport Layer Security (TLS).
This International Standard relies upon the facilities provided by ISO/IEC 9075 (SQL) and ISO/IEC 9075-3 (SQL/CLI).
This International Standard also:
- identifies potential security vulnerabilities in remote database access using RDA,
- defines RDA facilities which protect against the potential vulnerabilities.
Normative annexes provide: .
- a Conformance Proforma,
- an optional language independent Application Programming Interface defined in the notational conventions of ISO/IEC 9075-3 (SQL/CLI) for invoking RDA Operations,
- an optional mapping of ISO/IEC 9075-3 (SQL/CLI) functions to RDA Operations,
- definitions of optional SQL-servers, the RDA Location Server and the RDA Support Server, to facilitate interoperation and data distribution in a heterogeneous environment,
- a set of security profiles that identify which RDA facilities and other security facilities are required for different levels of protection against potential vulnerabilities.
Informative annexes provide:
- an analysis of security service requirements,
- an ASN.1 specification for the RDA Protocol,
- an ASN.1 specification for the encoding of multiple rows.
This International Standard does not constrain:
- conforming RDA-client environments to be implemented using any particular processor decomposition,
- conforming RDA-server environments to be implemented using any particular processor decomposition.
This International Standard refers to but does not define:
- protocols and security mechanisms for communication confidentiality, integrity and authentication of communicating peers,
- digital signature and authentication mechanisms supported by protocol elements of RDA.
This International Standard does not define:
- algorithms for query decomposition or for the combining of results in a distributed database environment,
- mechanisms for recovery in the event that transaction co-ordination fails,
- mechanisms for storage integrity and confidentiality using cryptography,
- mechanisms to counter Denial of Service attacks.