S 5.58 Selection and installation of database interface drivers

Initiation responsibility: IT Security Officer, Head of IT

Implementation responsibility: Administrator

Database interface drivers such as ODBC (Open Database Connectivity), IDAPI (Integrated Database Application Programming Interface), or JDBC drivers (Java Database Connectivity), for example, install an additional software layer between the database applications and the respective database protocol. By installing the appropriate driver for a database, a uniform interface is created between the application and the database itself that can be used to perform the communication (issuing database queries, reading data) with the database. The corresponding ANSI SQL-compliant SQL interface allows for creating applications without having to take into consideration the particular features of different database products. Therefore , the application does not have to be modified (ideally) if the database software is changed, and it will only be necessary to replace the driver instead. Originally developed for products from Microsoft, Sun, and other companies, database interface drivers have now become a standard feature and are available for all commonly used database products.

When selecting a driver, various criteria must be taken into consideration. The most important criteria are listed in the following:

A suitable driver should be selected based on these criteria and, if necessary, based on additional requirements that depend on the operating scenario. The choice of the driver should be examined regularly after initial selection. Triggers for such checks could be routine system checks, upgrades of the database software or of the operating system, and/or upgrades to new driver versions, amongst others things.

When installing database interfaces drivers, it must be ensured that no security gaps are created in the access control system of the database system due to errors or carelessness.

In order to connect an application to a database, a "data source" must be configured using the database interface driver and this source of data then supports communication between the application and the database. This installation should only be performed by an administrator.

Some applications install data sources for sample databases or unused database interface drivers. To prevent undesired and possibly uncontrolled access to these data sources or drivers, all data sources and drivers not needed should be deleted.

Example:

In Microsoft Access databases, the use of user IDs is optional and must be enabled explicitly by the developer. If access control is enabled, the user IDs and group memberships are administrated in a separate Microsoft Access database referred to as the workgroup information file, which is stored as a separate file (default name in Microsoft Access 97 and higher: system.mdw, and system.mda for earlier versions).

The workgroup information file is not integrated automatically during the installation of an ODBC driver to access a Microsoft Access database. The default settings for installation will ignore any existing workgroup information files, if any exist. For example, if the workgroup information file is not specified explicitly during the installation of the ODBC driver, this may enable users under certain circumstances to access the database via ODBC without having to provide any identification using a certain workgroup information file. It may therefore be possible to circumvent the access control system of the database.

To prevent such access, the rights should be set in the particular Access application in such a way that access to the Microsoft Access database is only possible using the specified workgroup information file.

In addition, checks to see if the workgroup information file is integrated can be performed regularly, since it is possible to reset or manipulate this mechanism at any time.

Review questions:

© Federal Office for Information Security. All rights reserved.