Adaptive Server Enterprise is a relational database management system (RDBMS) server that operates in the context of a commercial operating system, providing services to local and remote clients via the Tabular Data Stream (TDS) protocol.
\r\nThe ASE Server runs as an application on top of an operating system and depends on the services exported by the operating system to function. ASE uses operating system services for process creation and manipulation; device and file processing; shared memory creation and manipulation; and security requests such as inter-process communication. The hardware upon which the operating system runs is completely transparent to ASE - ASE sees only the operating system’s user interfaces.
\r\nThe ASE Server is one or more operating system processes that service client requests. Although not tested by the evaluation lab, m ultiple processes can be configured to enhance performance on multiprocessor systems. An ASE process has two distinct components, a DBMS component and a kernel component. The DBMS component manages the processing of SQL statements (data manipulation language - DML, data definition language - DDL, stored procedures and administrative commands), accesses data in a database, and manages different types of Server resources. The kernel component performs low-level functions for the DBMS component, such as task and engine management; network and disk I/O; and low-level memory management. Note that the TDS engine, that part of ASE that processes a TDS request, also uses the kernel component for low-level services.
\r\nAll of the ASE processes attach to one or more shared memory segments. The shared memory contains data structures that relate to task management and operating system services, caches of database buffers, object descriptors, and other resources (e.g., other caches, queues, and stream I/O buffers) required to manage and process database commands.
\r\nEach client is associated with its own ASE task. In addition, there are several system tasks that perform specific services (e.g., tasks to write buffers to disk, tasks to write audit data to disk, and tasks to communicate with the network.)
\r\nThe set of operating systems included in the evaluation Microsoft Windows 2000 (SP4), Microsoft Windows Server 2003, Sun Solaris version 8 (32- and 64-bit), IBM AIX 5L (32- and 64-bit), Hewlett-Packard HP-UX 11i (32- and 64-bit), Linux AS 2.1, and Silicon Graphics IRIX version 6.5.13 (32- and 64-bit).
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which Adaptive Server Enterprise TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1 and International Interpretations effective on April 1, 2004. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is EAL 4 augmented with ALC_FLR.2. The product, when configured as specified in the Supplement for Installing Adaptive Server for Common Criteria Configuration, Document ID: DC00080-01-1252-01, Last revised: November 2004, satisfies all of the security functional requirements stated in the Sybase Adaptive Server Enterprise Security Target (Version 1.0). One validator and a technical Oversight Panel (TOP) on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in November 2004. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, CCEVS-VR-04-0091, dated 20 January 2005 prepared by CCEVS.
","environmental_strengths":"Adaptive Server Enterprise is a DBMS designed to execute as a set of applications in the context of commercially available operating systems. ASE supports seven security functions:
\r\nSecurity audit : ASE has an audit mechanism that is invoked for access checks, authentication attempts, administrator functions, and at other times during its operation. When invoked, the date, time, responsible individual and other details describing the event are recorded to the audit trail.
\r\nThe Audit log is stored as tables within ASE itself so that audit records can be protected from unauthorized access or modification. Furthermore, the SQL select command provided by ASE can be used by authorized administrators to effectively review the audit trail, including searching and sorting by user identities and other audit record attributes.
\r\nUser data protection: ASE implements a Discretionary Access Control Policy over applicable database objects - databases, tables, views, and stored procedures. Note that there are other database objects that are either always private, always public, or are part of one of the afore-mentioned objects. In each case, the objects each have an owner which is initially the creator of the object. Object owners have special permissions, while other users can subsequently be granted specific access permissions based on user identity, group memberships and active roles allowing applicable operations on objects.
\r\nASE also implements a Policy-based Access Control Policy over the content of database tables. This policy controls access based on Application Contexts of the current subject in conjunction with Access Rules associated with columns in database tables. This policy effectively allows access to be controlled on very specific and widely varying information about users.
\r\nIdentification and authentication: ASE provides its own identification and authentication mechanism in addition to the underlying operating system. Users must provide a valid username and password before they can access any security-related functions. Once identified and authenticated, all subsequent actions are associated with that user and policy decisions are based on the users identity, group memberships and active roles.
\r\nSecurity management: ASE provides functions necessary to manage users and associated privileges, access permissions, and other security functions such as audit. The functions are restricted based on Discretionary Access Control Policy rules including role restrictions. While all of the administrative functions are available through and restricted at the TDS ASE Server interface, an application (isql) is provided to support ASE administrators. ASE defines a number of roles, but for the purpose of this security target every role that can manage the behavior of the applicable security functions is considered an authorized administrator (or trusted user) and all other users are simply referred to as users (or untrusted users).
\r\nProtection of the TSF: ASE protects itself and ensures that its policies are enforced in a number of ways. While there is dependence on the underlying operating system to separate its process constructs, enforce file and memory access restrictions, and to provide communication services, ASE protects itself by keeping its context separate from that of its users and also by making effective use of the operating system mechanisms to ensure that memory and files used by ASE have the appropriate access settings. Furthermore, ASE interacts with users through well-defined interfaces designed to ensure that the ASE security policies are always enforced.
\r\nResource utilization: ASE provides resource limits to help authorized administrators prevent queries and transactions from monopolizing server resources. Specifically, authorized administrators can configure ASE to prevent queries and transactions that: exceed estimated or actual I/O costs, return too many rows, exceed the temporary database space allocated, and/or exceed a specified elapsed time.
\r\nTOE access: ASE allows authorized administrators to construct login triggers that can be used to restrict logins to a specific number of sessions as well as to restrict access based on time. ASE also allows authorized administrators to restrict access based on user identities.
\r\n","features":[]}