Sybase Replication Server (SRS) version 15.2 is designed to replicate data in multiple databases in order to provide database clients local access even to data that would otherwise be remote. SRS maintains replicated data in multiple databases and provides clients using databases in the replication system with local data access, thereby reducing load on the network and centralized computer systems. The SRS has the following features:
\r\n\r\n
\r\n
SRS is an Open Server application. SRS uses the Sybase Open Client/Server (OC/S) for network communication and other platform dependent functions, such as connection management, login protocol, data transmission, T-SQL interface, inter-process communication, etc. SRS uses operating system services for process creation and manipulation, device and file processing, memory management and security requests such as inter-process communication, albeit indirectly through the OC/S. The hardware upon which the operating system runs is transparent to SRS which sees only the operating system’s user interfaces.
\r\n\r\n
SRS maintains replicated data in multiple databases. Data in the replicate database is ‘loosely consistent’ with the data in the primary database, lagging behind primary data by the amount of time it takes to distribute updates from the primary to the replicate databases. Note that the notion of primary data server is data dependent. At any given time, all data servers known to SRS could be the primary for some data that they host.
\r\n\r\n
As indicated above, the SRS uses a basic publish and subscribe model for replicating data across networks. Users ‘publish’ data in a primary database, and other users ‘subscribe’ to the data for delivery into a replicate database. Changes to both data and stored procedures can be replicated. Instructions to publish and subscribe to data are given at replication servers that control or have a connection to each database. Users create replication definitions at the primary Replication Server, which controls the primary database with the data to be published. The user creates a subscription at the replicate Replication Server, which controls the replicate database that will receive the information.
\r\n\r\n
Connections and routes define the structure of the replication system. A connection conveys messages from a SRS to a database. A route transfers requests from a source SRS to a destination SRS.
\r\n\r\n
The set of operating systems included in the evaluation include the following: Sun Sparc 32 (version 8, 9, 10, 32 bit & 64 bit), Sun X64 (version 10, 32 bit & 64 bit), HP Itanium (version 11.23, 11.31, 64 bit), Microsoft Windows (2003 SP2, XP, Vista, Longhorn, 32 bit & 64 bit), IBM AIX (version 5.3, 32 bit & 64 bit), IBM P-Series (RHEL 4.4, SuSE SLES 10, 64 bit), and Linux X86 (RHEL 4.4, RHEL 5.0, SuSE SLES 10, 32 bit & 64 bit).
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Sybase Replication Server TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is EAL 2. The product, when configured as identified in either the Installation Guide Replication Server 15.2 for UNIX or the Installation Guide Replication Server 15.2 for Windows, satisfies all of the security functional requirements stated in the Sybase Replication Server Security Target (Version 1.0). The project underwent two Validation Oversight Panel (VOR) panel reviews. The evaluation was completed in June 2009. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, (report number CCEVS-VR-VID10227-2009, dated 30 July 2009) prepared by CCEVS.
","environmental_strengths":"Replication Server supports three security functions:
\r\n\r\n
User data protection: SRS controls the flow of information among associated data sources. An authorized administrator can define primary data sources, replicate data sources, and the replication routes that will be used to replicate data throughout the replication system represented by one or more SRS products working in concert.
\r\n\r\n
Identification and authentication: SRS maintains login information for its own access to other components so it can perform its functions, but also requires users and other components to be identified and authenticated prior to offering any of its services. Users are required to login before they can manage aspects of the replication system and other components must be identified and authenticated before SRS will interact (e.g., accept or provide data) with that other component.
\r\n\r\n
Security management: SRS restricts its own management functions by requiring users to be logged in before they can access security management functions. Users are associated with a set of roles defined within SRS and once logged in the functions available to the user are restricted based on their associated role. While SRS supports multiple roles for its own management for the purposes of this ST, they are treated abstractly as an authorized administrator due to the substantial overlap in authority. In general, SRS provides functions to monitor and manage the replication of data throughout the replication system.
","features":[]}