Title :
Benchmarking Untrustworthiness in DBMS Configurations
Author :
Neto, Afonso Araújo ; Vieira, Marco
Author_Institution :
Dept. of Inf. Eng., Univ. of Coimbra, Coimbra, Portugal
Abstract :
Database Management Systems (DBMS) are usually immersed in a so complex environment that assessing the security impact of any particular configuration choice is an extremely hard task. DBMS configuration untrustworthiness can be defined as a measure of how much one should distrust a given configuration to be able to prevent the manifestation of the most common security threats as real attacks. In this paper we propose an approach to benchmark untrustworthiness in DBMS configurations. This benchmark allows database administrators to compare the trustworthiness of individual configuration choices from several perspectives and taking into account the threats that are meaningful for a particular environment. The paper discusses the characteristics of this type of tools and presents a preliminary untrustworthiness comparison of four real database installations (based on four different DBMS engines). Results show that untrustworthiness benchmarking can easily be used to compare and enhance the security of database systems.
Keywords :
database management systems; security of data; DBMS configuration untrustworthiness; DBMS configurations; DBMS engines; benchmarking untrustworthiness; database administrators; database management systems; real database installations; security impact; security threats; Data engineering; Data security; Database systems; Engines; Environmental management; Informatics; Information security; Operating systems; Scholarships; Spatial databases; DBMS; Security; benchmarking; configurations; trust-based metrics; trustworthiness;
Conference_Titel :
Dependable Computing, 2009. LADC '09. Fourth Latin-American Symposium on
Conference_Location :
Joao Pessoa
Print_ISBN :
978-1-4244-4678-0
Electronic_ISBN :
978-0-7695-3760-3
DOI :
10.1109/LADC.2009.23
