ISO IEC 9579-2000 Information technology - Remote database access for SQL with security enhancement《信息技术 对带有安全增强SQL的远程数据库访问》.pdf

1、Reference number ISO/IEC 9579:2000(E) ISO/IEC 2000 INTERNATIONAL STANDARD ISO/IEC 9579 Second edition 2000-02-15 Information technology Remote database access for SQL with security enhancement Technologies de linformation Accs la base de donnes distance pour SQL avec scurit accrueISO/IEC 9579:2000(E

2、) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file

3、, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info rel

4、ative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. ISO/

5、IEC 2000 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in t

6、he country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 734 10 79 E-mail copyrightiso.ch Web www.iso.ch Printed in Switzerland ii ISO/IEC 2000 All rights reserved ISO/IEC ISO/IEC 9579:2000 (E)Remote Database Access for SQL (RDA/SQL) iii

7、Contents Contents . . iii Tables . . viii Figures . i x Forewor d . . x Introductio n . . xi 1 Scop e . . 1 2 Normative Reference s . . 3 2.1 International Standards . . 3 2.2 Internet Engineering Task Force . . 3 2.3 Institute of Electrical and Electronics Engineer s . . 4 3 Interoperabilit y . . 5

8、 3.1 Interoperability between implementation s . 5 3.2 Interope rability with conforming OSI implementation s . 5 3.3 Interoperability with future edition s . . 5 4 Definitions, Conventions and Notation s . . 6 4.1 Definition s . . 6 4.2 Convention s . . 7 4.2.1 Convention for Figure s . 7 4.2.2 Nam

9、ing of Concept s . 7 4.2.3 Naming of Parameter s . 7 4.2.4 Specifica tion of RDA Protocol, RDA Operations and RDA encoding element s . 7 4.2.5 Evaluation of Rule s . 7 ISO/IEC 9579:2000 (E) ISO/IEC iv Contents 4.3 Notation s . . 9 4.3.1 SQL/CLI function s . 9 4 .3.2 Implicit encoding definition s .

10、9 4.3.3 Encoding Attribute s . . 9 4.3.4 Notation for encoding synta x . . 9 5 Model and Facilitie s . 10 5.1 Mode l . 10 5.2 The RDA - client environmen t . . 11 5.2.1 Service Use r . 11 5.2.2 SQL - client Service s . . 11 5.2.3 RDA - client Service s . 12 5.2.4 Transport Mappin g . 12 5.2.5 RDA -

11、clien t . 12 5.2.6 RDA Location Server . . 13 5.3 The RDA - server environmen t . 14 5.3.1 Transpo rt Mappin g . 14 5.3.2 RDA - server Service s . . 14 5.3.3 RDA - serve r . . 15 5.3.4 SQL - serve r . 15 5.3.5 RDA Support Serve r . 15 5.4 RDA concepts and the mapping of SQL/CLI concept s . . 16 5.4.

12、1 Application Communication Area s . . 16 5.4.1.1 Attribute s . . 16 5.4.1.2 Diagnostics area s . . 16 5.4.1.3 Descriptor area s . . 16 5.4.2 SQL_TEX T . . 17 5.4.3 SQL - session and SQL - connectio n . 17 5.4.4 SQL User Name and Password . . 17 5.4.5 Multi - site Transactions . . 17 5.4.6 SQL/CLI H

13、andle s . 17 5.4.7 Connection Iden t . 18 5.4.8 Statement Iden t . 18 5.4.9 Request Iden t . . 18 5.4.10 Encoding s . 18 5.5 RDA Model of Transpor t . . 19 5.5.1 Transport Provide r . . 19 5.5.2 Transport Addres s . 19 5. 5.3 Destination SQL - server Nam e . 19 5.5.4 Transport Connectio n . . 19 5.5

14、.5 Transport Facilitie s . 19 5.6 RDA Facilities for Transport Connection s . 21 5.6.1 RDA Suspend and Resume Facilit y . 21 5.6.2 RDA Encoding Facilit y . 21 5.7 RDA Facilities for Transaction Co - ordinatio n . 22 5.7.1 RDA Transaction Co - ordination Facilit y . 22 ISO/IEC ISO/IEC 9579:2000 (E) R

15、emote Datab ase Access for SQL (RDA/SQL) v 5.8 RDA Facilities for Securit y . 23 5.8.1 RDA Security Service s . 23 5.8.2 Use of Transport Provider security facilitie s . . 23 5. 8.3 Use of Authentication in RDAConnec t . . 24 5.8.4 Use of MessageAuthentication in RDAMessag e . . 24 6 RDA Protoco l .

16、 26 6.1 The RDA Protocol Exchang e . . 26 6.2 RDAMessag e . . 27 6.2.1 RDAMessage protocol elemen t . 27 6.2.2 MessageAuthentication encoding elemen t . 30 6.3 Invocation of RDA Operation s . . 32 6.3.1 Invocation of the Request in the RDA - client environmen t . 32 6.3.2 Evaluation of the Request i

17、n the RDA - server environmen t . . 33 6.3.3 Invocation of the Response in the RDA - server en vironmen t . . 34 6.3.4 Evaluation of the Response in the RDA - client environment . 35 6.3.5 Transport Fail Indicatio n . 35 7 RDA Operations . 37 7. 1 RDA request operation s . . 37 7.1.1 RDAConnect Oper

18、atio n . . 37 7.1.2 RDADisconnect Operation . . 40 7.1.3 RDAEndTran Operatio n . 41 7.1.4 RDAClient Attribute Operatio n . . 43 7.1.5 RDAStatementPrepare Operatio n . . 44 7.1.6 RDAStatementDeallocate Operatio n . 45 7.1.7 RDAStatementExecute Operatio n . 46 7.1.8 RDAStatementExecDirect Operatio n .

19、 . 49 7.1.9 RDAStatementFetchRows Operatio n . . 50 7.1.10 RDAStatementCloseCursor Operatio n . . 52 7.1.11 RDAStatementCancel Operat io n . 53 7.1.12 RDASetCursorName Operatio n . . 54 7.1.13 RDAGetCursorName Operatio n . . 55 7.1.14 RDAGetInfo Operatio n . 56 7.1.15 RDAGetTypeInfo Op eratio n . 57

20、 7.2 RDA response encoding elemen t . 58 7.3 Encoding component s . 62 7.3.1 RDAAttribute encoding elemen t . 62 7.3.2 RDADiagnostic an d RDADiagnosticStatus encoding elements . . 65 7.3.3 RDAItemDescriptor encoding elemen t . . 66 7.3.4 RDARow and RDAValue encoding element s . . 68 8 Exception s .

21、. 69 8.1 Exception codes for RDA - specific Condition s . 69 ISO/IEC 9579:2000 (E) ISO/IEC vi Contents 8.2 Exception Behaviou r . 70 9 Encoding s . 71 9.1 The Base Encodin g . 72 9.2 The ASN.1 PER Encodin g . . 73 10 Transport Mapping s . . 74 10.1 Mapping to TCP/I P . 75 10.1.1 Transport Addres s .

22、 75 10.1.2 Mapping of Transport Con nec t . . 75 10.1.3 Mapping of Transport Disconnec t . 75 10.1.4 Mapping of Transport Fai l . . 75 10.1.5 Mapping of Transport Sen d . 75 10.1.6 Mapping of Transport Receiv e . . 75 10.1.7 Mapping of Transport Error s . 75 10.1.8 Default Encodin g . . 75 10.2 Mapp

23、ing to TLS . . 76 10.2.1 Mapping of Trans port Connec t . . 76 10.2.2 Mapping of encoding s . 76 10.2.3 Mapping of Transport Error s . 76 10.2.4 Provision of mandatory security facilitie s . . 76 10.2.5 Provision of optional security facilitie s . . 76 11 Conformanc e . . 77 11.1 RDA - client Confor

24、manc e . 77 11.2 RDA - server Conformanc e . 77 11 .3 Claims of Conformanc e . . 77 Annex A Conformance Proform a . 79 A.1. Identificatio n . . 79 A.2. Supplier Detail s . . 79 A.3. Implementation Detail s . 80 A.4. RDA Suppor t . . 80 A.5. Optional facilities for RDA - clients onl y . . 81 A.6. Opt

25、ional facilities for RDA - servers onl y . 82 Annex B RDA Pro gramming Interfac e . 83 B.1. Notation for defining RDA/API function s . 84 B.2. Mapping RDA/API to a programming languag e . . 84 B.3. Transport Handle s . 84 ISO/IEC ISO/IEC 9579:2000 (E) Remote Datab ase Access for SQL (RDA/SQL) vii B.

26、4. Transport Mapping Code s . 84 B.5. Transport Connection Managemen t . 85 B.6. RDA/API function s . 85 B.7. RDA/API function invocatio n . 85 B.8. RDA/API function parameter s . . 86 Annex C Mapping of SQL/CL I . 93 C.1. SQLDisconnec t . 94 C.2. SQLEndTra n . . 94 C.3. SQLSetConnectAtt r, SQLSetSt

27、mtAttr and SQLSetEnvAtt r . 94 C.4. . 95 Annex D RDA Location Serve r . 97 D.1. RDA Location Server name and schem a . 97 D.2. Server Location Tabl e . 98 Annex E RDA Support Serve r . . 99 E.1. RDA Support Server name and schem a . 99 E.2. Server Information Tabl e . . 99 E.3. Request Log Tabl e .

28、. 101 Annex F Security Service Requirement s . . 103 F.1. Potential Vulnerabilitie s . . 103 F.2. Authenticatio n . . 104 F.3. Access Contro l . . 105 F.4. Transfer Integrit y . . 106 F.5. Transfer Confidentialit y . . 106 F.6. Storage Integrit y . 106 F.7. Storage Conf identialit y . 107 F.8. Non -

29、 repudiatio n . . 107 Annex G Security Profile s . . 109 Annex H RDA Operations and Protocol in ASN.1 notatio n . 111 Annex I Encoding of Multiple Row s . . 115 ISO/IEC 9579:2000 (E) ISO/IEC viii Tables Tables Table 1 Codes used to identify the protoco l . 27 Table 2 Codes used to identify the proto

30、col versio n . 27 Table 3 Codes used to identify an RDA message type . . 28 Table 4 Use of MessageAuthenticateParameter s . . 31 Table 5 Extension to Table 14 of ISO/IEC 9075 - 3 . 41 Table 6 Codes used for attribute type s . 62 Table 7 Codes used for RDA defined Connection Attribute s . . 62 Table

31、8 Prohibited attribute s . . 63 Table 9 Extension to Table 19 of ISO/IEC 9075 - 3 . 63 Table 10 Values of Statement Iden t . 64 Table 11 RDADescriptorEntries required for SQL Data Type s . . 66 Table 12 SQLSTATE class and subclass values for RDA - specific condi tion s . . 69 Table 13 RDAResponse Pa

32、rameter settings for RDA generated condition s . . 70 Table 14 Codes used to identify TCP/IP encodin g . 71 Table 15 Transport Mapping s . . 74 Table 16 Transport Mapping Code s . 84 Table C.1 RDA Operations invoked when evaluating an SQL/CLI function . 93 Table G.1 Security Profiles Facilities Use

33、d 109 Table G.2 Security Profile Services Provided . 109 ISO/IEC ISO/IEC 9579:2000 (E) Remote Datab ase Access for SQL (RDA/SQL) ix Figures Figure 1 RDA model of SQL - environmen t . . 10 Figure 2 Model of the RDA - client environmen t . 11 Figure 3 Model of the RDA server environmen t . . 14 ISO/IE

34、C 9579:2000 (E) ISO/IEC x Foreword Foreword ISO(theInternationalOrganizationforStandardization)andIEC(theInternationalElectrotechnical Commission)formthespecializedsystemforworldwidestandardization.Nationalbodiesthatare membersofISOorIECparticipateinthedevelopmentofInternationalStandardsthroughtechn

35、ical committeesestablishedbytherespectiveorganizationtodealwithparticularfieldsoftechnicalactivity. ISOandIECtechnicalcommitteescollaborateinfieldsofmutualinterest.Otherinternational organizations,governmentalandnon-governmental,inliaisonwithISOandIEC,alsotakepartinthe work. InternationalStandardsar

36、edraftedinaccordancewiththerulesgivenintheISO/IECDirectives,Part3. Inthefieldofinformationtechnology,ISOandIEChaveestablishedajointtechnicalcommittee, ISO/IECJTC1.DraftInternationalStandardsadoptedbythejointtechnicalcommitteearecirculatedto nationalbodiesforvoting.PublicationasanInternationalStandar

37、drequiresapprovalbyatleast75%of thenationalbodiescastingavote. AttentionisdrawntothepossibilitythatsomeoftheelementsofthisInternationalStandardmaybethe subjectofpatentrights.ISOandIECshallnotbeheldresponsibleforidentifyinganyorallsuchpatent rights. InternationalStandardISO/IEC9579waspreparedbyJointT

38、echnicalCommitteeISO/IECJTC1, Informationtechnology,SubcommitteeSC32,Datamanagementandinterchange. Thissecondeditioncancelsandreplacesthefirstedition(ISO9579:1999),whichhasbeentechnically revised. AnnexesAtoEandGformanormativepartofthisInternationalStandard.AnnexesF,HandIarefor informationonly. ISO/

39、IEC ISO/IEC 9579:2000 (E) Remote Datab ase Access for SQL (RDA/SQL) xi Introduction Remote Database Access for SQL (RDA/SQL) International Standard is a member of a set of International Standards produced to facilitate the interworking of computer systems. This Interna tional Standard conforms to th

40、e model defined in ISO/IEC 10032, Information technology Reference Model of Data Management . Remote Database Access for SQL can be used to provide remote data access to a database management system conforming to ISO/IEC 9075 (Database Language SQL). The goal of Remote Database Access for SQL is to

41、allow, with a minimum of technical agreement outside this International Standard, the interconnection of applications and database systems: from different manufacturers, under diffe rent managements, of different levels of complexity, exploiting different technologies. An application may itself be a database system and therefore this International Standard can be used to support multi - database system interworking.