The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Security Considerations for SQL-based Implementations of STEP

Author

Lawrence E. Bassham, W. Timothy Polk

Entry type

techreport

Abstract

the database Language SQL (SQL) is a widely used language for accessing and manipulating relational databases. Assuch, SQL can be of use in many different operational environments, with correspondingly different needs for security. One specific application of this standard is in Product Data Exchange using STEp (PDES).[PDE93a] This paperexamines the security implications of the versions of the SQL standard as used to implement STEP. STEP does not imply any particular security policy, so a variety of security policies are examined. The paper has been written as a companion document to NIST\'s general SQL security document, Security ISSUES in the Database Language SQL [PB93], and references that document frequently.

Date

1993

Key alpha

Bassham, Polk

Publisher

U.S. Department of Commerce

Publication Date

0000-00-00

Contents

1. Introduction 2. SQL/STEP Architecture 3. Applicable Security Controls 4. Security Polics

Keywords

SQL

Language

English

Subject

Database language

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.