Secure and Portable Database Extensibility
Michael Godfrey (Cornell University)
Tobias Mayr (Cornell University)
Praveen Seshadri (Cornell University)
Thorsten von Eicken (Cornell University)
The functionality of extensible database servers can be augmented by
user-defined functions (UDFs). However, the server's security and stability
are concerns whenever new code is incorporated. Recently, there has been
interest in the use of Java for database extensibility. This raises
several questions: Does Java solve the security problems? How does it
affect efficiency?
We explore the tradeoffs involved in extending the
PREDATOR object-relational database server using Java. We also
describe some interesting details of our implementation.
The issues examined in our study are security, efficiency, and
portability. Our performance experiments compare Java-based extensibility with
traditional alternatives in the native language of the server. We explore
a variety of UDFs that differ in the amount of computation involved and in
the quantity of data accessed. We also qualitatively compare the security
and portability of the different alternatives. Our conclusion is that
Java-based UDFs are a viable approach in terms of performance. However,
there may be challenging design issues in integrating Java UDFs with existing
database systems.