标准摘要
[中文适用范围]: SQL 远程数据库访问 (RDA) 这一国际标准定义了 SQL 客户端和一个或多个 SQL 服务器通过通信媒体进行远程交互的模型,并定义了消息编码、消息语义和相关设施用于协调一个 SQL 客户端和一个 SQL 服务器之间的交互。 该国际标准还定义了 RDA 协议到特定通信基础设施 TCP/IP 和传输层安全 (TLS) 的映射。 本国际标准依赖于 ISO/IEC 9075 (SQL) 和 ISO/IEC 9075-3 (SQL/CLI) 提供的设施。 该国际标准还: ——识别使用 RDA 的远程数据库访问中的潜在安全漏洞; ——定义防止潜在漏洞的 RDA 设施。 规范性附录提供: ——一致性形式; ——在 ISO/IEC 9075-3 (SQL/CLI) 符号约定中定义的可选语言独立应用程序编程接口,用于调用 RDA 操作; ——ISO/IEC 9075-3 的可选映射RDA 操作的 (SQL/CLI) 功能; ——可选 SQL 服务器、RDA 位置服务器和 RDA 支持服务器的定义,以促进异构环境中的互操作和数据分发; ——一组标识哪些 RDA 设施的安全配置文件以及其他安全设施需要针对潜在漏洞提供不同级别的保护。 资料性附件提供: ——安全服务要求分析; ——RDA 协议的 ASN.1 规范; ——多行编码的 ASN.1 规范。 本国际标准不限制: ——使用任何特定处理器分解来实现的符合 RDA 客户端环境; ——使用任何特定处理器分解来实现的符合 RDA 服务器环境。 本国际标准涉及但不定义: ——用于通信对等体的通信保密性、完整性和认证的协议和安全机制; ——RDA 协议元素支持的数字签名和认证机制。 本国际标准没有定义: ——分布式数据库环境中查询分解或结果组合的算法; ——事务协调失败时的恢复机制; ——使用加密技术实现存储完整性和机密性的机制; ——机制以对抗拒绝服务攻击。 [外文原描述]: This International Standard, Remote Database Access for SQL (RDA), defines a model for the remote interaction of an SQL-client and one or more SQL-servers through communication media, and defines the encoding of messages, the semantics of messages and associated facilities for mediating the interaction between one SQL-client and one SQL-server. This International Standard also defines a mapping of the RDA Protocol to the specific communication inhastructures TCPIIP and Transport Layer Security (TLS). This International Standard relies upon the facilities provided by ISOIIEC 9075 (SQL) and ISOIIEC 9075-3 (SQLICLI). This International Standard also: - identifies potential security vulnerabilities in remote database access using RDA, - defines RDA facilities which protect against the potential vulnerabilities. Normative annexes provide: - a Conformance Proforma, - an optional language independent Application Programming Interface defined in the notational conventions of ISOIIEC 9075-3 (SQLICLI) for invoking RDA Operations, - an optional mapping of ISOIIEC 9075-3 (SQLICLI) functions to RDA Operations, - definitions of optional SQL-servers, the RDA Location Server and the RDA Support Server, to facilitate interoperation and data distribution in a heterogeneous environment, - a set of security profiles that identify which RDA facilities and other security facilities are required for different levels of protection against potential vulnerabilities. Informative annexes provide: - an analysis of security service requirements, - an ASN. 1 specification for the RDA Protocol, - an ASN. 1 specification for the encoding of multiple rows. This International Standard does not constrain: - conforming RDA-client environments to be implemented using any particular processor decomposition, - conforming RDA-server environments to be implemented using any particular processor decomposition. This International Standard refers to but does not define: - protocols and security mechanisms for communication confidentiality, integrity and authentication of communicating peers, - digital signature and authentication mechanisms supported by protocol elements of RDA. This International Standard does not define: ? algorithms for query decomposition or for the combining of results in a distributed database environment, ? mechanisms for recovery in the event that transaction co-ordination fails, ? mechanisms for storage integrity and confidentiality using cryptography, ? mechanisms to counter Denial of Service attacks.
英文名称Information technology - Remote database access for SQL with security enhancement