Feeds

MySQL to fortify defenses with Citadel

Hop, skip and an upgrade

SANS - Survey on application security programs

MySQL User Conference MySQL is targeting improved security and privacy with a version of its database codenamed Citadel due in 2009 that’ll also see MySQL speed up product release cycles.

Citadel will try to close the gap on IBM and Oracle with security and privacy capabilities in the areas of group-level access privileges and transparent data encryption at the table and column level.

Management permissions are currently set at an individual level with data encryption set using functions. Also due in Citadel is auditing and external authentication.

The changes are designed to help bring existing, web-centric MySQL customers inline with governments' regulatory and privacy rules, while also bringing MySQL to big, established businesses users tasked with meeting security and compliance demands.

MySQL hopes to bypass established rivals by adopting new techniques, particularly in encryption.

Zack Urlocker, vice president of products for Sun's database group, told Reg Dev: "There are standards we have to respect with privacy rules and encryption. MySQL has gone from a nice, speedy database to: 'I'm betting my database on MySQL'.

"Web sites are becoming more enterprisey and the enterprises are becoming more scale and web oriented."

Citadel will mark the latest phase in growth for a database that made its name on the web and by being embedded with ISV applications. Already The Sun-Microsystems-owned MySQL plans updates this year to boost its credentials in the fields of performance and scale.

To get there, MySQL plans to make greater use of parallel release schedules for the different projects that comprise the database, enabling more frequent releases - every 12 months - and simplified adoption.

Urlocker said parallel release cycles would mean fewer jumps for users upgrading.

The roadmap currently includes MySQL version 5.1 this June with version 6.0 hitting soon after, in the fourth quarter. Version 6.x has no due date but alpha testing is scheduled for "late" 2008, with Citadel following in the middle of next. By the time version 5.1 ships, it'll be more than two and a half years since the last big release, version 5.0, shipped.

MySQL 6.0 will include the highly anticipated Falcon transactional storage engine. Despite apparently out performing and "leap frogging" InnoDB on scale out, and despite the fact Falcon runs most InnoDB engines, MySQL was at pains to stress Falcon is no InnoDB replacement - InnoDB was purchased by Oracle in 2005 forcing MySQL to seek alternatives as Oracle's plans were unclear. Falcon, it seems, is being aimed at large, parallel, multi-core systems. Automated back up, meanwhile, is another key feature planned for MySQL 6.0 to remove the need for file dumps.

Also due in the fourth quarter of this year with MySQL 6.0 and Falcon is a new load balancer and connection manager. It's hoped, meanwhile, the Maria storage engine will make it in time for the version 6.0 release. Ahead of the fourth quarter, MySQL this year plans updates to MySQL clustering, the LDAP interface and data warehousing.

MySQL version 6.x will see updates to management and performance tuning. Planned changes include foreign keys for the database's many storage engines, improvements to prepared statements and replication with the addition of check sums, improvements in optimizers with faster check-sum queries, enhanced online back-up catalogues and changes to stored procedures with signal/resignal.

For database developers and DBAs, meanwhile, MySQL has opened early talks with the NetBeans and Eclipse communities over open source tools for MySQL.®

High performance access to file storage

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.