The Database Language SQL (SQL) is a widely used language for accessing and manipulating relational databases. As such, SQL can be of use in many different operational environments, with correspondingly different needs for security. One specific application of this standard is in Product Data Exchange using STEP (PDES) [STEP: Standard for the Exchange of Product Model Data].
This paper examines the security implications of the versions of the SQL standard as used to implement STEP. STEP does not imply any particular security policy, so a variety of security policies are examined. The paper has been written as a companion document to NIST’s general SQL security document. Security Issues in the Database Language SQL [PB93], and references that document frequently.
The Database Language SQL (SQL) is a widely used language for accessing and manipulating relational databases. As such, SQL can be of use in many different operational environments, with correspondingly different needs for security. One specific application of this standard is in Product Data...
See full abstract
The Database Language SQL (SQL) is a widely used language for accessing and manipulating relational databases. As such, SQL can be of use in many different operational environments, with correspondingly different needs for security. One specific application of this standard is in Product Data Exchange using STEP (PDES) [STEP: Standard for the Exchange of Product Model Data].
This paper examines the security implications of the versions of the SQL standard as used to implement STEP. STEP does not imply any particular security policy, so a variety of security policies are examined. The paper has been written as a companion document to NIST’s general SQL security document. Security Issues in the Database Language SQL [PB93], and references that document frequently.
Hide full abstract