Difference between revisions of "Project Information:Sqlibench - 50 Review - Self Evaluation - A"

From OWASP
Jump to: navigation, search
Line 34: Line 34:
 
3. What kind of help is required either from the Reviewers or from the OWASP Community?
 
3. What kind of help is required either from the Reviewers or from the OWASP Community?
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
Little to none actually. However, they can comment on the criteria list we have produced  
+
We'd love to hear comments on the criteria list we have produced  
 
(http://code.google.com/p/sqlibench/wiki/BenchmarkingCriteria).  
 
(http://code.google.com/p/sqlibench/wiki/BenchmarkingCriteria).  
 
  |-
 
  |-
 
|}
 
|}

Revision as of 05:05, 7 July 2008

.

50% REVIEW PROCESS

Project Deliveries & Objectives

Sqlibench Project's Deliveries & Objectives

QUESTIONS ANSWERS

1. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please exemplify writing down those of them that haven't been realised.

%50 of the deliverables are finished. The two unfinished jobs we have are; creating videos of the preparing the environment (nevertheless written documentation has been produced) and integrating the vulnerable application into OWASP Site Generator, (we won't pursue this).

1. test environment and documented it in detail (http://code.google.com/p/sqlibench/wiki/PrepareTheEnvironment), however, we haven't created the videos yet.

2. the benchmarking list, plus an interactive criteria listing application (http://code.google.com/p/sqlibench/wiki/BenchmarkingCriteria, http://www.webguvenligi.org/sqlibench/web).

3. the vulnerable application supporting all of the dbmss, injection types. Additionally we utilized nHibernate in the same application for all of the dbmss and injection types. But we won't (can't) incorporate this application in OWASP Site Generator (It seems pretty hard if not impossible and adds little value to the work).

4. the sql injectors that will be benchmarked (http://code.google.com/p/sqlibench/wiki/Specification).

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please quantify in terms of percentage.

Four of the four objectives are accomplished. %50 of the deliverables are finished with only one empty spot (creating videos of the preparing the testing environment). We've also contacted the most of the sql injectors authors. They'll send us the non-published new versions of their tools.

3. What kind of help is required either from the Reviewers or from the OWASP Community?

We'd love to hear comments on the criteria list we have produced (http://code.google.com/p/sqlibench/wiki/BenchmarkingCriteria).