Information security for any database system, not just MySQL, starts with a layered approach. Information systems are built in layers, and each has its own vulnerabilities.
In this article, we'll take a look at some general principles for securing MySQL servers. Then we'll focus on three layers: the configuration of MySQL itself, and its two main models of MySQL security: Authentication (connections) and Authorization (permissions).
A layered approach
Bruce Schneier, in his book Secrets and Lies: Digital Security in a Networked World, writes that "threat modeling is the first step in any security solution." If you don't know how someone might compromise the system, how can you design ways to prevent them from doing so?
Also, no single method of security is perfect: each has gaps and flaws. By layering multiple methods, the combination is much stronger. An attacker has to cross multiple barriers to compromise the system. Table A illustrates some of these security layers.
The foundation layer is the physical security of the machine. An attacker who can access the machine itself and its console can circumvent all the other layers. It's tempting to put up a MySQL Server at someone's desk because it's easy to download and install, and the community version is free. Some servers start out that way, as test and development boxes. But desktop machines must support many purposes, and are not likely to be configured securely. They're not backed up as regularly, may not have reliable power, and are more exposed to physical damage as well as passersby. Any system with data worth protecting needs to be located in a secure server room.