Title :
Towards a security benchmark for database management systems
Author :
Vieira, Marco ; Madeira, Henrique
Author_Institution :
CISUC, Coimbra Univ., Portugal
fDate :
28 June-1 July 2005
Abstract :
One of the main problems faced by organizations is the protection of their data against unauthorized access or corruption due to malicious actions. Database management systems (DBMS) constitute the kernel of the information systems used today to support the daily operations of most organizations and represent the ultimate layer in preventing unauthorized access to data stored in information systems. Nevertheless, in spite of the key role played by the DBMS in the overall data security, no practical way has been proposed so far to characterize the security in such systems or to compare alternative solutions concerning security features. This paper proposes an approach to characterize the security mechanisms in database systems and database applications, according to a set of security classes. The proposed approach is generic and can be applied to both DBMS (relevant for system integrators) and real database installations (relevant for database administrators and end-users).
Keywords :
authorisation; database management systems; DBMS security benchmark; data protection; database installations; database management systems; information systems; system integrators; unauthorized access; Computer crime; Data security; Database systems; Information management; Information security; Internet; Kernel; Management information systems; Protection; Spatial databases;
Conference_Titel :
Dependable Systems and Networks, 2005. DSN 2005. Proceedings. International Conference on
Print_ISBN :
0-7695-2282-3
DOI :
10.1109/DSN.2005.93
