Title :
An Appraisal to Assess the Security of Database Configurations
Author :
Neto, Afonso Araujo ; Vieira, Marco ; Madeira, Henrique
Author_Institution :
Dept. of Inf. Eng., Univ. of Coimbra, Coimbra, Portugal
Abstract :
Database management systems (DBMS) have a long tradition in high security and several mechanisms needed to protect data have been proposed/consolidated in the database arena. However, the effectiveness of those mechanisms is very dependent on the actual configuration chosen by the database administrator. Tuning a large database is quite complex and achieving high security is a very difficult task that requires a lot of expertise and continuous and proactive work. In this paper we present an assessment tool aimed at evaluating the security of DBMS configurations. The proposed tool is simple and effective, and can be used by administrators with very little security knowledge. We evaluate the tool by performing the assessment of four different real database installations based on four well-known and widely used DBMS engines.
Keywords :
database management systems; security of data; DBMS configuration; assessment tool; data protection; database administrator; database configuration; database management system; knowledge security; Appraisal; Computer hacking; Computer security; Data engineering; Data security; Database systems; Feedback; Informatics; Information security; Protection; DBMS; database security; security assessment; system configuration;
Conference_Titel :
Dependability, 2009. DEPEND '09. Second International Conference on
Conference_Location :
Athens, Glyfada
Print_ISBN :
978-0-7695-3666-8
DOI :
10.1109/DEPEND.2009.17
