Securing MySQL with a Focus on SSL

Because of the potential effects of either data loss or exposure, database security and administration is a necessity in today’s world. As a world leader in database solutions, MySQL has gained a large user base. These users are of varying skill level, some of which have focused heavily on database security and some who have never given it a second thought. This presentation will give users an overview of MySQL security practices with a main focus on configuring and building MySQL with SSL. It will provide an introductory walkthrough in MySQL security for the new MySQL admin and offer a refreshing review for the seasoned MySQL expert.

yaSSL focuses on security for embedded devices. With a product lineup including an SSL/TLS library and an embedded web server, yaSSL is an expert in SSL/TLS and embedded security. The yaSSL embedded SSL library is included as a build option in MySQL.

This presentation will touch on several aspects of MySQL database security, including:

• Setting Appropriate Passwords
• Securing Test Databases, mysqld
• mysql_secure_installation script
• Privileges

• An Overview of SSL, x509
• Configuring and Building MySQL with SSL
• MySQL SSL Command Options
• SSL Certificate Creation
• Performance Comparison

• Data Storage and Encryption (Client Side, Server Side)