| Most multi-user applications today use a form of | | | | The best resources for checking the security of your |
| persistence, and most often, that the persistence is | | | | database are the developers / database |
| done using a relational database (RDBMS), such as | | | | administrators, and management tools provided by |
| Oracle, SQL Server, MySQL or DB2. This article will | | | | your RDBMS. Developers can tell you how the |
| discuss a test that quickly and easily begin to make | | | | database is accessible, and the RDBMS can provide |
| "gray zone" or "white box" against the bases of test | | | | information about the privileges associated with your |
| data in their application, enabling them to more easily | | | | accounting application uses. |
| discover the problems with the database . | | | | Interfaces |
| Referential Integrity: | | | | Given the complexity of applications, data must pass |
| As its name suggests, relational databases store data | | | | between one or more (usually more) of interfaces. |
| as well as information on the relationships between | | | | Some of these types of interface between the user |
| different data. Data records frequently contain | | | | to enter data or reading, and the database of May |
| references to other data records in other tables. | | | | include, but are not limited to:o Graphical user interfaces |
| Maintaining the integrity of these relationships is | | | | (GUI) on the web or desktopo Java, COM or. Net |
| essential if the relationship between the data are | | | | classeso Web Serviceso Screen-scraping a legacy |
| disaggregated, the function of your application May be | | | | mainframe applicationo Application programming |
| compromised. | | | | interfaces (APIs) to access the database, such as |
| Database developers use a number of tools for | | | | ODBC, JDBC, OLE DB and |
| referential integrity, including the constraints (the rules in | | | | Bugs can be introduced to one of these interfaces, |
| the database that require updated references), triggers | | | | regardless of whether you are reading, writing, |
| (procedures that are "triggered" by changes in data) | | | | updating or deleting data. |
| and the application code (logic contained in the | | | | Testing the interaction between all these interfaces |
| application that describes how to manipulate the data). | | | | can be very complex, but I would say that you have |
| According to the methods of your database | | | | at least: |
| developers have used the database will be vulnerable | | | | 1. Include all data interfaces, which passes through, |
| to different types of referential integrity issues. The | | | | between the user and database. |
| constraints are the most effective way to maintain | | | | 2. Learn more about the technologies used to |
| integrity, since the database will prevent anyone from | | | | implement each interface, and bugs are due to the |
| making changes that will break the integrity. Maintaining | | | | interface. |
| referential integrity by the application code is the most | | | | Data Formats |
| risky (but also more flexible), since you are relying on | | | | Data in a database entry from May and be posted on |
| the developers to code each change correctly. | | | | a number of different types of systems, including Web |
| As a tester, the first thing to do is how to maintain | | | | applications, desktop applications and handheld devices. |
| referential integrity in your database. One of the best | | | | Each of these types of unique limitations, may dictate |
| ways to achieve this is through a regime, which is a | | | | how data must be stored and / or formatting in your |
| visual diagram of all tables in the database. You can | | | | database. |
| ask your database administrator (DBA) or the | | | | Again, you can test data for each of the interfaces, |
| development team of a system, or you can create | | | | but it requires programming in May. At a minimum, you |
| one by using tools like Visio. | | | | should be able to identify all the formats used to |
| Security: | | | | transfer data between each interface, and understand |
| There are a number of ways that the security of the | | | | some of the fundamental limitations of the technologies |
| database is maintained. The most common are the | | | | used. This will create a better test case, smarter and |
| means by usernames and passwords, or via | | | | analyze data on bugs that appear during testing or pop |
| integration with LDAP, such as. Some key issues to | | | | up in production. |
| consider are:o Does each user for a password for the | | | | Conclusion |
| database, or a shared database for all users of the | | | | Database testing is one of the most difficult tasks |
| application?o What level of authorization of the | | | | facing a team of software quality assurance. At a |
| account (s) used to access the database?o What is | | | | minimum, team members must understand the |
| the interface used to manage the accounts used to | | | | referential integrity and database security, and have a |
| access the database? What other ways are there to | | | | good knowledge of different technologies and data |
| access the database using the same information as | | | | formats used to transfer data between the user and |
| the application? | | | | the database. |