By Topic

Selecting Software Packages for Secure Database Installations

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Afonso Araujo Neto ; CISUC, Univ. of Coimbra, Coimbra, Portugal ; Marco Vieira

Security is one of the biggest concerns of database administrators. Most marketed software products announce a variety of features and mechanisms designed to improve security. However, that same variety largely complicates the process of selecting the adequate set of software products (i.e., a software package) for a given installation. In this paper we propose an approach that can be used to fairly compare alternative software packages regarding security capabilities in database environments. We focus specifically on the two main software systems required for a new installation: the Operating System and the Database Management System (DBMS). We carefully explain and discuss our method, which is based on the idea of evaluating the characteristics of software packages against a comprehensive list of security concerns that are universally accepted as vital to any database installation. We created an actual benchmark, and used it to assess seven software packages composed by four different DBMS engines and two different operating systems. Results show that alternative software packages allow fulfilling different security concerns and that the proposed benchmark is quite effective in identifying the main differences regarding the capabilities of the systems evaluated.

Published in:

Availability, Reliability and Security (ARES), 2011 Sixth International Conference on

Date of Conference:

22-26 Aug. 2011