摘要
数据库安全功能独立性测试是评估者使用代表性测试用例在被测数据库管理系统(DBMS)上执行,并将DBMS内部数据修改和系统输出同预期结果作比较,完成DBMS安全功能实现的评估。给出一种DBMS安全测试自动化模型及基于STAF/STAX开源框架的实现方法。最后以安全审计组件的实现为例,在Oracle和国产DBMS上给出了其用例测试及实验方法,证明了该框架的可用性。
Security function independent testing for DBMS is an security function evaluation process during which an evaluator runs typical test cases against the DBMS under test and compares DBMS internal metadata and actual outputs with expected outputs to accomplish the evaluation on DBMS security function implementation.This paper presented a DBMS security test automation framework and its implementation which is based on an open-source framework called STAF/STAX.We practiced the audit component security test case implementation against Oracle and a domestic-produced DBMS which well proves the usability of this framework.
出处
《计算机科学》
CSCD
北大核心
2012年第2期183-186,共4页
Computer Science
基金
国家"核高基"科技重大专项(2009ZX01045-004-001-03)资助
