CAN/CSA-ISO/IEC 9579-04 (R2018)
Information Technology - Remote Database Access for SQL with Security Enhancement (Adopted ISO/IEC 9579:2000, second edition, 2000-02-15)
This International Standard, Remote Database Access for SQL (RDA), defines a model for the remote interaction of an SQL-client and one or more SQL-servers through communication media, and defines the encoding of messages, the semantics of messages and associated facilities for mediating the interaction between one SQL-client and one SQL-server.
This International Standard also defines a mapping of the RDA Protocol to the specific communication infrastructures TCP/IP and Transport Layer Security (TLS).
This International Standard relies upon the facilities provided by ISO/IEC 9075 (SQL) and ISO/IEC 9075-3 (SQL/CLI).
This International Standard also:
- identifies potential security vulnerabilities in remote database access using RDA,
- defines RDA facilities which protect against the potential vulnerabilities.
Normative annexes provide: .
- a Conformance Proforma,
- an optional language independent Application Programming Interface defined in the notational conventions of ISO/IEC 9075-3 (SQL/CLI) for invoking RDA Operations,
- an optional mapping of ISO/IEC 9075-3 (SQL/CLI) functions to RDA Operations,
- definitions of optional SQL-servers, the RDA Location Server and the RDA Support Server, to facilitate interoperation and data distribution in a heterogeneous environment,
- a set of security profiles that identify which RDA facilities and other security facilities are required for different levels of protection against potential vulnerabilities.
Informative annexes provide:
- an analysis of security service requirements,
- an ASN.1 specification for the RDA Protocol,
- an ASN.1 specification for the encoding of multiple rows.
This International Standard does not constrain:
- conforming RDA-client environments to be implemented using any particular processor decomposition,
- conforming RDA-server environments to be implemented using any particular processor decomposition.
This International Standard refers to but does not define:
- protocols and security mechanisms for communication confidentiality, integrity and authentication of communicating peers,
- digital signature and authentication mechanisms supported by protocol elements of RDA.
This International Standard does not define:
- algorithms for query decomposition or for the combining of results in a distributed database environment,
- mechanisms for recovery in the event that transaction co-ordination fails,
- mechanisms for storage integrity and confidentiality using cryptography,
- mechanisms to counter Denial of Service attacks.