Data
Reader small image

You're reading from  MySQL 8 Administrator???s Guide

Product typeBook
Published inFeb 2018
Reading LevelBeginner
PublisherPackt
ISBN-139781788395199
Edition1st Edition
Languages
SQL
Tools
MySQL
Concepts
Database Administration
Right arrow
Authors (4):
Chintan Mehta
Chintan Mehta
author image
Chintan Mehta

Chintan Mehta is a co-founder of KNOWARTH Technologies and heads the cloud/RIMS/DevOps team. He has rich, progressive experience in server administration of Linux, AWS Cloud, DevOps, RIMS, and on open source technologies. He is also an AWS Certified Solutions Architect. Chintan has authored MySQL 8 for Big Data, Mastering Apache Solr 7.x, MySQL 8 Administrator's Guide, and Hadoop Backup and Recovery Solutions. Also, he has reviewed Liferay Portal Performance Best Practices and Building Serverless Web Applications.
Read more about Chintan Mehta

Ankit K Bhavsar
Ankit K Bhavsar
author image
Ankit K Bhavsar

Ankit Bhavsar is a senior consultant leading a team working on ERP solutions at KNOWARTH Technologies. He received an MCA from North Gujarat university. He has had dynamic roles in the development and maintenance of ERP solutions and astrology portals Content Management that including OOP, technical architecture analysis, design, development as well as database design, development and enhancement process, data and object modeling, in order to provide technical and business solutions to clients.
Read more about Ankit K Bhavsar

Hetal Oza
Hetal Oza
author image
Hetal Oza

Hetal Oza an MCA from a reputable institute of India, is working as a lead consultant at KNOWARTH Technologies. She has rich experience in Java-based systems with various databases. Her 10 years of experience covers all stages of software development. She has worked on development of web-based software solutions on various platforms. She has good exposure to integration projects with web-service-based and thread-based architecture. Her knowledge is not bound to any single field because she has worked on wide range of technologies and tools.
Read more about Hetal Oza

Subhash Shah
Subhash Shah
author image
Subhash Shah

Subhash Shah is an experienced solution architect. With 14 years of experience in software development, he works as an independent technical consultant now. He is an advocate of open source development and its utilization in solving critical business problems. His interests include Microservices architecture, Enterprise solutions, Machine Learning, Integrations and Databases. He is an admirer of quality code and test-driven development (TDD). His technical skills include translating business requirements into scalable architecture and designing sustainable solutions. He is a co-author of Hands-On High Performance with Spring 5, Hands-On AI for Banking and MySQL 8 Administrator's Guide. He has also been a technical reviewer for other books.
Read more about Subhash Shah

View More author details
Right arrow

MySQL 8 – Security

In previous chapters, we learned about the scalability of MySQL 8 and how to troubleshoot challenges when scaling MySQL 8. Apart from that, we also learned how to make MySQL 8 highly available for use. Nowadays, security is important for any application, right? When we talk about security, it includes account management, roles, privileges, and more. Considering these aspects, we will cover all of these topics in this chapter. This chapter mainly focuses on MySQL 8 database security and its related features. The following topics are covered in this chapter:

  • Overview of security for MySQL 8
  • Common security issues
  • Access control in MySQL 8
  • Account management in MySQL 8
  • Encryption in MySQL 8
  • Security plugins

Overview of security for MySQL 8

The term security is not bound to a specific topic; it covers a wide range of topics related to MySQL 8. Before starting a detailed discussion on it, let's mention some important points related to security:

  • Consider security within a database where users and their privileges related to various database objects need to manage.
  • Password security for users.
  • Security configuration during the installation process, which includes various types of files, such as log files, data files, and many more. These files must be protected for their read/write operations.
  • To handle system level failure scenarios, you must have a backup and recovery plan. This includes all the required files, such as database files, configuration files, and many more.
  • Manage network security of the system where MySQL 8 was installed, which permits a limited number of hosts...

Common security issues

Before going into detail on complex issues, you must first understand some basic points that will help you prevent misuse or attacks.

General guidelines

In MySQL 8, all connections, queries, and operations performed by the user are based on the Access Control Lists (ACLs) security. The following are some general guidelines related to security:

  • Don't allow access to the user table to any user except the root account. Manage user privileges with GRANT and REVOKE statements.
  • Use encrypted protocol, such as SSH or SSL, in the case of data transfer over the internet. MySQL 8 supports SSL connections for that.
  • Use proper defensive programming techniques at the time when the client is entering data into...

Access control in MySQL 8

Privileges are mainly used to authenticate users and will verify user credentials and check if a user is allowed for the requested operation or not. When we connect with the MySQL 8 server, it will first check the identity of the user by the provided host and user name. After connection, when a request comes in, the system will grant privileges according to the user's identity. Based on this understanding, we can say that access control contains two stages when we try to connect with the MySQL 8 server using the client program:

  • Stage 1: The MySQL server will either accept or reject the connection, based on the provided identity
  • Stage 2: After getting a connection from the MySQL server, when the user sends a request for performing any operation, the server will check whether sufficient privileges are available for the user or not

There are some...

Account management in MySQL 8

As the name implies, this topic describes how to manage user accounts in MySQL 8. We will describe how to add new accounts, how to remove accounts, how to define usernames and passwords for the accounts, and more.

Add and remove user accounts

MySQL 8 provides two different ways to create accounts:

  • Using account management statements: These statements are used to create users and set their privileges; for example, with CREATE USER and GRANT statements, which inform the server to perform modifications on the grant table
  • Using manipulation of grant tables: Using INSERT, UPDATE, and DELETE statements, we can manipulate the grant table

Out of these two approaches, account management statements...

Encryption in MySQL 8

When there is a need to transfer data over the network, it is a must to use encryption for the connection. If you are using unencrypted data, then someone who has access to the network can easily watch all of your traffic and can see what data is transferred between the client and server. To protect your data over the network, use encryption. Make sure the encryption algorithm used contains security elements to protect your connection from known attacks, like changing the order of a message or replay twice on data. Based on your application requirements, you can choose either an encrypted or unencrypted type connection. MySQL 8 performs encryption per connection using Transport Layer Security (TLS) protocol.

Configuring MySQL 8 to use encrypted connections

...

Security plugins

MySQL 8 provides several plugins to implement security. These plugins provide various features related to authentication protocols, password validation, secure storage, and much more. Let's discuss the various types of plugins in detail.

Authentication plugins

The following list of authentication plugins, with their details:

  • Native pluggable authentication: To implement native authentication, MySQL 8 uses the mysql_native_password plugin. This plugin uses a common name in server and client both the side and inbuilt provided by MySQL 8 for both the server and client program.
  • SHA-256 pluggable authentication

To implement SHA-256 hashing MySQL 8 provides two different plugins:

  1. sha256_password: This...

Summary

In this chapter, we started with an overview of security, and then the ride began with the MySQL 8 security related features. First we discussed some common security issues, then we showed how to assign privileges and how to manage access control in MySQL 8. Encryption was also covered in this chapter, to secure your sensitive data. And finally, we covered some important security plugins, which are useful to implement security in MySQL 8.

It's now time to move on to our next chapter, where we will be configuring MySQL 8 for optimization. For optimization, we will cover different areas of the database, such as optimizing queries, optimizing tables, optimizing buffering and caching, and much more. Apart from server configuration, it also covers how to configure a client for optimization.

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 12 of 17
Next Chapter
You have been reading a chapter from
MySQL 8 Administrator???s Guide
Published in: Feb 2018Publisher: PacktISBN-13: 9781788395199
© 2018 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Authors (4)

author image
Chintan Mehta

Chintan Mehta is a co-founder of KNOWARTH Technologies and heads the cloud/RIMS/DevOps team. He has rich, progressive experience in server administration of Linux, AWS Cloud, DevOps, RIMS, and on open source technologies. He is also an AWS Certified Solutions Architect. Chintan has authored MySQL 8 for Big Data, Mastering Apache Solr 7.x, MySQL 8 Administrator's Guide, and Hadoop Backup and Recovery Solutions. Also, he has reviewed Liferay Portal Performance Best Practices and Building Serverless Web Applications.
Read more about Chintan Mehta

author image
Ankit K Bhavsar

Ankit Bhavsar is a senior consultant leading a team working on ERP solutions at KNOWARTH Technologies. He received an MCA from North Gujarat university. He has had dynamic roles in the development and maintenance of ERP solutions and astrology portals Content Management that including OOP, technical architecture analysis, design, development as well as database design, development and enhancement process, data and object modeling, in order to provide technical and business solutions to clients.
Read more about Ankit K Bhavsar

author image
Hetal Oza

Hetal Oza an MCA from a reputable institute of India, is working as a lead consultant at KNOWARTH Technologies. She has rich experience in Java-based systems with various databases. Her 10 years of experience covers all stages of software development. She has worked on development of web-based software solutions on various platforms. She has good exposure to integration projects with web-service-based and thread-based architecture. Her knowledge is not bound to any single field because she has worked on wide range of technologies and tools.
Read more about Hetal Oza

author image
Subhash Shah

Subhash Shah is an experienced solution architect. With 14 years of experience in software development, he works as an independent technical consultant now. He is an advocate of open source development and its utilization in solving critical business problems. His interests include Microservices architecture, Enterprise solutions, Machine Learning, Integrations and Databases. He is an admirer of quality code and test-driven development (TDD). His technical skills include translating business requirements into scalable architecture and designing sustainable solutions. He is a co-author of Hands-On High Performance with Spring 5, Hands-On AI for Banking and MySQL 8 Administrator's Guide. He has also been a technical reviewer for other books.
Read more about Subhash Shah

Other recommended products

Related to this chapter

MySQL 8 for Big Data

MySQL 8 for Big Data

MySQL is one of the most popular relational databases in the world today, and has become a popular choice of tool to handle vast amounts of structured data - that is, structured Big Data. This book will demonstrate how you can dabble with large amounts of data using MySQL 8. It also highlights topics such as integrating MySQL 8 and a Big Data solution like Apache Hadoop using different tools like Apache Sqoop and MySQL Applier. With practical examples and use-cases, you will get a better clarity on how you can leverage the offerings of MySQL 8 to build a robust Big Data solution.

BookOct 2017296 pages
MySQL 8 Cookbook

MySQL 8 Cookbook

MySQL is one of the most popular and widely used relational databases in the World today. This book contains everything you need to know to be the go-to person in your organization when it comes to MySQL. Starting with a quick installation and configuration of your MySQL 8 instance, the book contains recipes that give you hands-on experience in developing and administering your database solution. You will get hands-on experience in using MySQL 8 and will learn to handle production setups. By the end of this book, you will be a maestro in the field of performance tuning, troubleshooting, and security.

BookJan 2018446 pages
Advanced MySQL 8

Advanced MySQL 8

Businesses, right from small-sized to large giants are using MySQL to access and manipulate their enterprise database across the world. Advanced MySQL 8 will be your one-stop destination in how to implement and manage large-scale MySQL distributed clusters to run high-volume websites, enterprise systems, and packaged software.

BookJan 2019286 pages
Learn SQL Database Programming

Learn SQL Database Programming

SQL is a powerful querying language used to store, manipulate, and retrieve data. This is a comprehensive guide for who are new to SQL, which will have you up-to-speed and using SQL to streamline your work in no time. It gives users enough confidence to use SQL queries for retrieving and manipulating data relevant to their work-related tasks.

BookMay 2020564 pages5
Learning PostgreSQL 10

Learning PostgreSQL 10

This book will familiarize you with the latest new features released in PostgreSQL 10, and get you up and running with building efficient PostgreSQL database solutions from scratch. You will get a complete overview of SQL, client and server side programming in PostgreSQL, as well as some important administration tasks.

BookDec 2017488 pages

Personalised recommendations for you

Based on your interests and search pattern

Et al.

Et al.

Ever wonder why speech recognition systems don't understand the Scottish accent, or what would happen if an astronaut only ate mac 'n' cheese, or other spurious reflections you'd have at a bar? We did, then collated those deliberations into absurd research articles with fake figures and methodologies inspired by even more fictionally absurd studies.

BookAug 2023230 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages4
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages1
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Mastering Tableau 2023

Mastering Tableau 2023

This book is a comprehensive resource to mastering your Tableau skills and becoming a BI expert. As you progress, you will learn how to build advanced dashboards and improve your storytelling to derive key business insight, as well as make you well-versed with advanced functionalities of Tableau in the business intelligence domain.

BookAug 2023684 pages
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages5
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages2
Data Engineering with AWS

Data Engineering with AWS

Embark on a journey to master data engineering pipelines on AWS! Our book offers a hands-on experience of AWS services for ingesting, transforming, and consuming data. Whether you're an absolute beginner or someone with basic data engineering experience, this guide is an indispensable resource.

BookOct 2023636 pages5
Modern Data Architecture on AWS

Modern Data Architecture on AWS

Every organization wants an agile, performant, and cost-effective data platform that meets all their current and future business needs. Purpose-built AWS analytics services and their features play a big part in building such a modern data platform. This book brings to you all the design and architectural patterns that’ll help you achieve this goal.

BookAug 2023420 pages5
Practical Guide to Applied Conformal Prediction in Python

Practical Guide to Applied Conformal Prediction in Python

Discover the power of Conformal Prediction with the "Practical Guide to Applied Conformal Prediction in Python." Master the latest techniques to quantify uncertainty in machine learning and computer vision models, and seamlessly apply them to your industry applications.

BookDec 2023240 pages
TinyML Cookbook

TinyML Cookbook

With over 70 project-based recipes, the TinyML Cookbook is a practical guide that will help you to get the most out of your microcontrollers. It provides a comprehensive understanding of the theoretical foundations while giving you hands-on experience training ML models for deployment on Arduino Nano 33 BLE Sense, Raspberry Pi Pico, and SparkFun RedBoard Artemis Nano microcontrollers.

BookNov 2023664 pages