Shulou(Shulou.com)06/01 Report--

Database security includes two aspects: system operation security and system information security. Database security protection technologies include: database encryption (core data storage encryption), database firewall (anti-loophole, anti-attack), data desensitization (sensitive data anonymization) and so on.

Database security has two meanings:

The first layer refers to the safe operation of the system, which is usually threatened as follows. Some network criminals invade the computer through the network, local area network and other ways to make the system unable to start normally, or overload to make the machine run a large number of algorithms, and turn off the cpu fan, causing the cpu to overheat and burn out and other destructive activities.

The second layer refers to the system information security, the system security is usually threatened as follows, hackers invade the database and steal the desired data. The security features of database system are mainly for data, including data independence, data security, data integrity, concurrency control, fault recovery and so on.

Database security protection technologies include: database encryption (core data storage encryption), database firewall (anti-loophole, anti-attack), data desensitization (sensitive data anonymization) and so on.

Security issues:

There are two trends in information disclosure:

The main results are as follows: (1) hackers use Web server as a springboard to steal data from database through Bramp S application; traditional solutions do not have any control over application access and database access protocols, for example: SQL injection is a typical database hacker attack.

(2) data leakage often occurs internally, a large number of operation and maintenance personnel have direct access to sensitive data, and the traditional external-based network security solutions have lost the opportunity to exert their talents.

The database has become the protagonist in these leaks, which is related to the neglect of database security in the traditional security construction. in the traditional information security protection system, the database is in the core position of being protected and is not easy to be attacked by external hackers. at the same time, the database itself already has strong security measures, which appear to be secure enough, but this traditional security defense idea has fatal defects.

Features

The security features of database system are mainly for data, including data independence, data security, data integrity, concurrency control, fault recovery and so on. Let's introduce them respectively.

Data independence

Data independence includes physical independence and logical independence. Physical independence means that the user's application and the data stored in the database on disk are independent of each other; logical independence means that the logical structure of the user's application and the database are independent of each other.

Data security

The objects in the operating system are generally files, while the application requirements supported by the database are more elaborate. Usually more complete databases take the following measures for data security:

(1) separate the parts of the database that need to be protected from other parts.

(2) access control methods such as account, password and access control are adopted.

(3) the data is encrypted and stored in the database.

Data integrity

Data integrity includes the correctness, validity and consistency of the data. Correctness means that the input value of the data is the same as the type of the corresponding field of the data table; validity means that the theoretical values in the database meet the constraints of the numerical segment in practical applications; consistency means that the same data used by different users should be the same. To ensure the integrity of the data, it is necessary to prevent legitimate users from adding non-semantic data to the database when using the database.

Concurrency control

If the database application wants to achieve multi-user sharing of data, it is possible for multiple users to access data at the same time, which is called concurrent events. When a user takes out the data for modification, if another user fetches the data before the modification is stored in the database, then the data read out is incorrect. At this time, we need to control this kind of concurrent operation, eliminate and avoid this kind of error, and ensure the correctness of the data.

Fault recovery

A set of methods are provided by the database management system, which can find and repair faults in time, so as to prevent data from being destroyed. The database system can recover the failure when the database system is running as soon as possible, which may be a physical or logical error. For example, data errors caused by misoperation of the system and so on.

What are the two aspects of database security? For more details, please pay attention to other related articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.