Shulou(Shulou.com)05/31 Report--

This article shows you what the solution for cloud database security is. The content is concise and easy to understand, which will definitely brighten your eyes. I hope you can gain something through the detailed introduction of this article.

Summary

I. background of the project

It means to vigorously promote the informationization of business, production, life and other fields, and promote the all-round development of the information industry, information technology, information resources and information environment, build an important global R & D and manufacturing base for the information industry, an important e-commerce center in Asia, a national network demonstration zone for people's livelihood and a gathering place for network entrepreneurship and innovation, and become an information regional center facing the whole world and serving the whole country.

It is worth noting that in the construction of information digital platform, people often pay more attention to the availability and security of the server, while ignoring the data security protection. In fact, data is the hub of all kinds of applications. When a disaster occurs, hardware resources such as servers, routers and storage devices are easy to recover or reconfigure quickly, but if the data is damaged or lost, the information system still can not provide services normally. At the same time, with the advent of big data era, data has become the most valuable core asset. Big data platform system provides strategic planning and decision-making for accurate management and business optimization of various industries and departments, as well as timely, accurate and powerful data support. At the same time, all kinds of trade secrets and sensitive data information also face the security risk of data information leakage such as unauthorized use or illegal use in the process of processing, sharing and use. Therefore, data information has become the core asset in the construction of information platform, especially the frequent leakage of sensitive data information, which seriously affects the interests of the country and the people.

II. Project analysis

1. Data security policy analysis

With the in-depth construction of the information platform, various services and information support systems within the cloud platform are increasing, and the scale of the network is also expanding rapidly. As the core and foundation of information technology, database carries more and more key business systems and gradually becomes the most important asset in information security. the safe and stable operation of the database also directly determines whether the project can create its due value. To sum up, data security has also become a major issue to be considered. In addition, the state, the Secrets Commission and the national grade protection system have all made clear requirements for database security, among which:

On November 7, 2016, the Cyber Security Law of the people's Republic of China (hereinafter referred to as "Cyber Security Law") was formally adopted and came into force on June 1, 2017. The Network Security Law consists of seven chapters and 79 articles, which stipulate the level protection system of network security, the protection of key information infrastructure and the protection system of users' personal information. The Network Security Law especially emphasizes the security of data, and clearly points out the need to protect the collection, use, transmission and storage of data. The specific provisions are as follows:

1) Article 21: the State implements a hierarchical protection system for network security. Network operators shall, in accordance with the requirements of the network security level protection system, perform the following security protection obligations to protect the network from interference, destruction or unauthorized access, prevent network data from leaking or being stolen or tampered with.

(1) formulate internal security management system and operating procedures, determine the person in charge of network security, and implement the responsibility for network security protection.

(2) to take technical measures to prevent computer viruses, network attacks, network intrusion and other acts endangering network security.

(3) take technical measures to monitor and record network operation status and network security events, and retain relevant network logs for not less than six months in accordance with the regulations.

(4) take measures such as data classification, important data backup and encryption.

(5) other obligations prescribed by laws and administrative regulations.

The interpretation is as follows:

(1) this article makes it clear that the hierarchical protection system of network security (that is, "equal protection") is the basic requirement of the construction of information security.

(2) to clarify the content of data security: to protect network data from being leaked, stolen or tampered with.

(3) in the previous equal insurance, data security was often optional and often not selected. Through this article, it can be considered that data security is no longer an "optional", but a required option. This will greatly change the implementation of insurance.

(4) many of the current network attacks and network intrusions are for the purpose of stealing data, so it is necessary to take technical measures to prevent data theft. The log of network security events should be kept for no less than six months. This makes a clear requirement for the log retention time of data access records, which is more than 6 months.

(5) the data should be classified and classified according to sensitivity, so as to carry out fine-grained access control to the data.

(6) backup and encryption of important data are explicitly required.

2) Article 42: network operators shall not divulge, tamper with or destroy the personal information collected by them, and shall not provide personal information to others without the consent of the collectors. However, the exception is that a specific individual cannot be identified and cannot be recovered after processing.

The interpretation is as follows:

(1) this article requires that the personal information collected must be "processed, unidentifiable and irrecoverable" to others. Technically, this means desensitization of sensitive data.

(2) this article expressly requires the network operator to take technical measures to prevent the disclosure, destruction and loss of data.

(3) this article requires that in the event of a data security incident, the network operator shall take the initiative to report and take remedial measures. But the reality is that many data leaks and data tampering events occurred long after the network operators know. Therefore, more technical investment is needed in actively discovering data security events. And in terms of remedy, how to find the attack path is also a big problem. Qualified database audit products can actively find data security events to a certain extent, and can provide help in tracing the source of data security events.

3) basic requirements of Information system Security level Protection issued by the Ministry of Public Security

Network security requirements:

(1) logging the operation status of network equipment, network traffic, user behavior and so on in the network system.

(2) the audit record shall include the date and time of the event, the user, the event type, the success of the event and other information related to the audit.

(3) should be able to analyze according to recorded data and generate audit statements.

(4) Audit records should be protected from unexpected deletions, modifications or overwrites.

Host security requirements:

(1) the audit scope should cover every operating system user and database user on the server and important clients.

(2) the audit content should include important security-related events in the system, such as important user behavior, abnormal use of system resources and use of important system commands.

(3) the audit record should include the date, time, type, subject identification, object identification and result of the event.

(4) should be able to analyze according to recorded data and generate audit statements.

(v) the audit process should be protected from unexpected disruptions

(6) to protect audit records from unexpected deletions, modifications or overwrites, etc.

(7) centralized audit should be realized according to the unified security policy of the information system.

Data security requirements:

(1) encryption or other effective measures should be adopted to realize the confidentiality of system management data, authentication information and important business data transmission.

Other industry regulations and standards have also been introduced and implemented one after another. For example: "computer Information system Security Protection level Classification guidelines", "Database Management system Security Technical requirements", "Technical requirements for hierarchical Protection of Information Systems involving State Secrets", "Management Standards for hierarchical Protection of Information Systems involving State Secrets", "regulations on Security and secrecy of computer Information Systems of the Chinese people's Liberation Army", "China Saibanes Act (SOX)", "Credit Card Standards (PCI)" And electric power SG168, Ministry of Health prevention and control side, Internet financial security basic law, regulations on the protection of commercial secrets of central enterprises.

These regulations and standards put forward clear requirements and corresponding practical standards for the protection of structured data and databases.

2. Risk analysis

The following figure is a typical schematic diagram of information systems and security precautions, describing the current information security situation. As can be seen from the figure, there are many means of protection from the user terminal browser or APP user to the Web/APP server. However, after the Web/APP server, the means of protection are quite limited. In this case, the database and the data in it are extremely vulnerable to various attacks from external and internal sources. External attackers can bypass the front-end protection system or penetrate the application to access the database directly. The deliberate unauthorized access, misoperation, or media theft by insiders are the common ways of data disclosure. Although the reported data leaks are mainly from external attacks, according to a number of survey results, internal data leaks account for more than 70%.

According to the data breach investigation and analysis report released by Verizon in 2017 and the technical analysis of information security incidents, the top 4 attack modes (various errors, criminal software, insider / privilege abuse, physical theft / loss) cover 90% of data leakage incidents, and 3 of these four types are caused by human factors. Data leakage often occurs internally, a large number of operation and maintenance personnel have direct access to sensitive data, and the traditional external-based network security solutions have lost the opportunity to show their talents.

In the course of many years of project practice, China Anvis has investigated the problems of data security management and database security in the network environment, and summarized the main leakage risks faced by the database and its managed data, as shown in the following figure. In a specific network environment diagram, we can see:

1) the database is equivalent to a black box, we cannot visually understand the access status of the database, cannot view the risk, cannot alarm the risk, and lack of detailed audit.

2) in the business server area, there are system vulnerabilities that can not be cleaned up, backdoors left by developers and SQL injection vulnerabilities, etc., so client area, business office area, and operation and maintenance area may take advantage of these vulnerabilities to attack the database.

3) there is also a great risk that business personnel and insiders can use the intranet for data export.

4) the ultra vires access of the operation and maintenance personnel, or the privilege is too high, for example, when DBA creates a new user, it does not have detailed permissions, resulting in users who should only have query rights to delete data, or update operations, or DBA uses administrative permissions to steal data

5) it is also possible for insiders to misoperate the database, resulting in production accidents.

Through the analysis of the above scenario, China Anvis summarizes the main risks faced by the database based on years of project experience in data security:

1) abuse of ultra vires authority: the setting of database permissions violates the "principle of minimum permissions", which is common in many information systems. If these excess permissions are abused, sensitive data disclosure events can easily occur.

2) abuse of legal rights: there are always some users in the system who legally have larger or even super-administrative rights. If these rights are abused, serious consequences can easily occur.

3) privilege embezzlement: because the user authentication of commercial database is mainly based on a single password, permission embezzlement is easy to occur, which can easily lead to serious data leakage.

4) Database platform loopholes: database management system is a complex software system. From the patches issued by database manufacturers, database systems without exception have serious security vulnerabilities. Such as buffer injection vulnerabilities or authentication, rights management vulnerabilities. These vulnerabilities can be easily exploited by attackers to steal data.

5) risk of SQL injection and buffer overflow: the database itself does not have the ability to detect SQL injection attacks. By inserting malicious statements through Web/APP or launching buffer overflow attacks using connection tools, attackers have a chance to gain access to the entire database.

6) weak authentication mechanism: the basic management mechanism provided by commercial database systems is mainly discretionary access control (DAC) and role-based access control (RBAC). There is no mandatory access control (MAC) to authenticate permissions based on the sensitivity level of users and data. This makes it easy for low-level users to access high-level data.

7) lack of detailed audit: audit is a standard security feature of every database management system, which is used to record access to data, thus providing a deterrent to illegal access. However, the audit function of the database itself is weak in visualization, intelligence and intrusion detection, which usually can not meet the actual security requirements.

3. Demand analysis

In the information assets, there are a lot of government data and citizen information, including name, identity card number, address, bank card number, contract number and other personal privacy information. These data are used in many work scenarios of government affairs, such as business analysis, development testing, audit supervision, and even some outsourced business, using real business data and information. Once the information is leaked, it will have a serious impact on both the company and managers. The protection of sensitive information is a risk management work with high urgency and great influence, which directly affects the reputation construction and business development.

Through the analysis of the risks existing in the database and the relevant regulatory and standard requirements, Zhong Anwei summarizes the real requirements of database security into three points:

1) Visualization of data security risk

Understand the distribution of data assets. It is necessary to automatically discover the distribution of database servers and sensitive data so as to define the goal for subsequent security reinforcement.

Grasp the availability of the database system in real time. It is required to monitor the running status of the database in real time, to give early warning when the state is abnormal, to prevent business paralysis in advance and to ensure the continuous availability of the business system.

Grasp the risk status of the database in real time. It is required to evaluate the risk of enterprise database system statically by scanning, including weak password detection, system vulnerability, configuration risk and so on.

Data activity monitoring is required. Monitor data activity in real time and record data access behavior, especially for sensitive data. It is required to achieve direct access to the database and comprehensive monitoring of indirect access to the database through Web and applications.

Call the police for high-risk risks. Through the policy configuration to identify the database operation statements in the network, whether there is a risk, manage the risk level and alarm processing.

2) controllability of data

In the daily use of database, technical measures should be taken to reduce the risk caused by data leakage, data damage, data tampering, etc., caused by abuse of legal authority, embezzlement, etc.

Database attack detection and protection are needed. Due to the possible loopholes in the communication protocol and database platform of the database system, the risk of data leakage and damage caused by malicious attacks such as SQL injection attacks, buffer overflow attacks and other malicious attacks outside the daily use boundaries of the database.

3) data Compliance

The information system needs to pass all kinds of security inspection and evaluation. Such as equal insurance, reinsurance evaluation, or the inspection of industry regulations and standards.

Overall plan

I. Overview of the programme

Aiming at the database security requirements, in order to strengthen the access security audit monitoring of sensitive information of the business system, prevent the high-risk operation of the database, and prevent SQL attacks. China Anvis provides a comprehensive data security solution based on database audit and database firewall to meet the requirements of "visibility", "controllability" and "compliance". As shown in the figure below, it is proposed to conduct a key audit of the database that stores sensitive information. the core database is blocked at high risk by firewall. To ensure that database access is legal and compliant, with emphasis on "retrospective forensics after database operation", "real-time early warning of database illegal access", and "anti-leakage, tamper-proof and attack prevention of core data assets".

1. Generally speaking, the solution is to cage the data so that the data can be accessed in the sun, which is divided into two progressive levels:

1) put the data in the cage

Through database firewall products, based on automatic learning and rule configuration, generate fine-grained access control rules, block abnormal queries and access, and prevent sensitive data leakage. Block abnormal and illegal data modification and deletion operations to prevent sensitive data from being illegally tampered with.

2) Let the data be accessed in the sun

Through the database audit products, we can monitor and record the distribution, performance, access and activities of the data in an all-round way, so that which user, when and what statements in which database are accessed, which is convenient for post-audit and tracking. Discover the abnormal activity and risk of the data in time, and give an alarm. Output visual reports for easy analysis.

II. Principles of construction

In order to achieve the construction goal, China an Visa makes a comprehensive consideration in terms of resource integration and future expansion, and carries out project construction suggestions and product selection in accordance with the following principles:

1. Technological advancement

In the design process, international advanced technology, mature products and design standards should be adopted to ensure the stable and efficient operation of the system, and select technologies and products that meet international standards to ensure the consistency of the system. and ensure that in the future development process can adapt to the development trend of information technology, the use of technology and products can provide a clear development route, a good guarantee of the overall rate of return on investment in project construction.

2. Practicability and maturity

Design the scheme according to the actual application requirements of the system, adopt the mature standard of high performance technology, select the equipment with high performance-to-price ratio, and build a good database audit and database protection wall system. it should not only meet the database audit protection needs of the business system, but also adapt to the expansion of future application requirements, so that the system can be easily upgraded and fully protect the original architecture.

3. Openness and standardization

Our company is mainly concerned about the investment protection of users and a good upgrade path, the adoption of standardized and open standards can make a flexible choice in the selection of hardware, software and service products, in order to obtain more cost-effective products and services.

4. the rationality of the structure.

Using a reasonable and efficient system structure, the designed database audit and firewall system structure should be able to reasonably arrange redundancy and load, avoid investment waste and ensure the total cost of ownership.

5. High reliability

In database audit and firewall system design, especially in the design of key nodes, high reliability products are selected, and reasonable redundancy and reliable system backup and upgrade design strategies are selected to ensure that the system has the ability of fault self-recovery. ensuring the reliable operation of the system is also the key to ensure the normal operation of the system.

6. High performance

Build a high-quality database audit service platform to provide a highly reliable database audit platform for key business, and meet the needs of database audit access of core systems and database application systems during the business characteristics (peak and trough). And ensure a fast response speed.

7. Security

The designed database audit and firewall system has sufficient security, which can prevent malicious damage from inside the system and malicious attacks from outside the system, and can effectively prevent the impact caused by human misoperation. Provide effective disaster tolerance, fault tolerance and other risk protection mechanism, there should be good prevention and recovery measures for unpredictable problems such as human misoperation.

8. Scalability

The equipment, technology and other products adopted must be standardized, the system structure and equipment should be easy to expand, and the development of technology and products should be sustainable and expandable. the scheme design can ensure that the original system can be upgraded and updated conveniently and smoothly, and the continuity, expansibility and high security of data can be ensured to the maximum extent.

Third, integration mode

In view of the existing network structure, we choose the best deployment method through practical research, and the deployment method is based on the principles of "maximum unchanged topology", "minimizing business impact" and "minimizing performance impact". To provide customers with the most appropriate way to achieve data security protection work.

1. Database audit

1) deploy high-performance database audit systems in the Internet cloud resource area, cloud resource area, and operation and maintenance management area respectively, deploy database audit to all databases, effectively monitor database access behavior, accurately grasp the security status of the database system, timely find events that violate the database security policy, record them in real time, and realize the location and analysis of security events, and trace and collect evidence afterwards.

2) in the case of redundant deployment of two switches with the same function, deploy a high-performance audit system to mirror the database traffic ports of the two switches and send them to the audit equipment. The audit equipment deploys the corresponding database engine for the two traffic ports to audit the data.

2. Database firewall

1) for the protection of the database, it is necessary to deploy the database firewall in combination with the policy routing of the switch, and deploy the database firewall system in the Internet resource area and the government external network area respectively. Take the government affairs external network resource area as an example, do the policy routing to the two switches respectively, and send the resources accessing the database to the database firewall. After receiving the data, the firewall system matches the policy. Block the high-risk operation, reinjection the non-dangerous behavior through the routing function of the firewall or the switch, inject it back to the switch with routing, and then send it to the database for business interaction through the routing strategy.

2) the database firewall is deployed in a purely transparent manner, and the high availability of the link does not affect the original throughput through software bypass and hardware bypass.

IV. functional deployment recommendations

1. Audit all databases and deploy firewalls to sensitive databases

The database of the project is mainly deployed in the government external network cloud resource area and the Internet cloud resource area. according to the principle of data security, it is necessary to audit the access behavior of all the databases here to leave traces and trace afterwards. In the whole system, it is necessary to sort out the databases that are considered to be more important, and the data here is considered to be sensitive data, so it is necessary to deploy the database firewall. Realize the protection of sensitive data.

2. Performance monitoring of database

Through the performance monitoring function of database audit, the running status of the data is monitored in real time, and the threshold limit is set. When the threshold is exceeded, we think that the health status of the database is dangerous. This function can alarm the behavior that exceeds the threshold and prevent downtime in advance.

The specific monitoring contents are as follows:

1) support to monitor the CPU, memory, hard disk and network status of the device itself to ensure the stable operation of the system.

2) support comprehensive state monitoring of the database system, and real-time monitor the running parameters of the database system, including monitor information, connection time, user activity, tablespace status, SGA status, data file performance, rollback segment, buffer, lock statistics, cache information, thread information and other parameters to ensure the stable operation of the database system.

3) Database status monitoring all indicators, supporting alarm

3. Risk assessment of database

Through the auxiliary function of the audit product, database risk scanning, you can scan the designated database, give the risk report through the scan, assist the database administrator, and better optimize the database loopholes. The specific settings for risk scanning are as follows:

1) through weak password detection, the strong robustness of password is guaranteed.

2) through the risk scan of the user rights assignment in the database system, it is found whether the rights assignment is reasonable or not.

3) check the security configuration of database and operating system, including system class, authorization class and authentication class. This project can be customized according to the actual situation.

4) after the completion of the scan, generate the scan report, analyze the scan results, and provide repair suggestions in the report. The scan results are shown in the following figure:

4. Database audit strategy support.

Comprehensive use of the basic audit rules of database audit, default high-risk audit rules, SQL injection rules, whitelist rules, access behavior baseline rules, through the understanding of the characteristics of the business system, targeted policy configuration, while the policy is running, it is revised regularly to make the policy reach the best state.

Custom rules can be configured from the following angles:

Provide flexible audit policy configuration through database audit to ensure that security auditors can define accurate hierarchical audit policies. The conditions that can be defined by audit policy include, but are not limited to: policy effective time period, source target IP, destination port, audited service, client program, operation rule set, response mode, response time, number of affected lines, etc.

The default set of action rules can be classified from the perspective of security risks, and security auditors can also customize the set of action rules. The definition scope of operation rules should include: database, table, operation type (command), SQL, etc., and support non-regular expressions such as equals and inclusions.

The parsing and restoring of the above database protocol is accurate, the integrity is not lost, and there are no problems such as garbled truncation. Parsing fine granularity must cover source IP, destination port, user name, client tool name, hostname, operating system user name, SQL statement, operation type, table object, error code, execution time, result set, number of rows returned, binding variables, etc., and ensure lossless recovery of some features in the protocol.

Complete and reliable log; support all records and row parsing, column value parsing of the returned result set, and support retrieval of the returned result set.

Commands such as the creation and execution of audit stored procedures can also be learned automatically to prevent people from using stored procedures to perform some sensitive operations to evade audit system monitoring; generate structured and semi-structured log records that meet audit requirements.

Based on a wealth of project experience, Zhong Anwei summed up a set of default risk behavior handling rules, which can be quickly deployed and applied by customers. As shown in the following figure:

5. High-risk blocking support of database protection wall

Through the audit results of the database audit for a certain period of time, the risk behavior faced by the database is summarized.

According to the risk behavior, the risk behavior is blocked according to the corresponding policy settings in the database firewall.

The policy configuration of database firewall is basically consistent with that of audit.

6. Strengthen the real-time early warning of database illegal operation.

Mainly for internal and external personnel and business systems access to the database system violations through the preset rules of real-time early warning, real-time through e-mail, text messages, syslog timely notification to security auditors to ensure that the first time to understand the status of database violations.

1) built-in vulnerability identification attack strategy: built-in common database vulnerability attack strategy, including SQL injection, buffer overflow and other rules, can detect hacker attacks and generate alarms.

2) Custom rules: support custom security audit rules and support blacklist and whitelist system to ensure that blacklist and whitelist can be used as a supplement and improvement of custom rules as a whole.

3) Custom rule conditions: support rules such as client tool, hostname, operating system user name, table object, operation type, SQL message, execution time, number of rows returned, etc.

4) support audit filtering function: do not audit the data extraction access behavior between trusted database servers.

5) Real-time early warning notification: the alarm log is sent out in real time by email, SMS, syslog, ftp and other methods, and the frequency of alarm outgoing log is controlled to avoid overwriting the existing audit log information because of malicious attacks.

7. Build the tracing ability of database audit afterwards.

The database audit system logs the database operations and results of all application and maintenance personnel, and the log retention period is 6 months to ensure that the logs within 6 months can be quickly forensics and traceability. audit forensics performance not less than 100 million data retrieval time not more than 1 minute, provided to security auditors for compliance analysis.

1) Traffic resolution and restore processing and log recording guarantee.

(1) restore the mirrored traffic according to different database protocol parsing engines through the database audit collector to ensure that it is restored to standard audit record events without losing any audit log records.

(2) parse the source IP, user name, client tool name, host name, operating system user name, SQL statement, operation type, table object, error code, execution time, result set and number of rows in the log, and ensure the lossless restoration of some features in the protocol to ensure the integrity and credibility of the log.

(3) all records and rows of the returned result set are analyzed, and the returned result set is retrieved.

2) automatic identification of audit objects: automatically identify the target database IP, port, version and other information from the mirror traffic to ensure that all database access automatically discovers and records logs.

3) distributed deployment, centralized management: the management center can carry out unified configuration management, policy distribution, data query, report generation and so on.

4) Audit support for indirect access database scenarios: audit the following indirect access database scenarios, directly tracking to the real source IP and client accounts.

(1) through the audit of the access behavior of the application server to the database server, the client needs to transform the record source IP and the client account through the application cooperation.

(2) the client indirectly accesses the database server through the fortress machine, which needs to be associated with the fortress machine log.

(3) the client audit the database indirectly through the fortress machine and then through the springboard machine, which needs to be associated with the fortress machine log.

5) Log association analysis: real-time association processing of audit logs to ensure that each audit log is associated with the corresponding responsible person's name and department to ensure accurate and searchable.

6) Log storage: the retention period of the audit log is not less than three months to ensure that the log cannot be tampered with or deleted. The system supports automatic cleaning policy to ensure the normal operation of the system.

7) data statistical reports: establish multi-dimensional statistical reports, and automatically export reports in word, pdf, excel, HTML and other formats with multiple audit dimensions.

8. Audit logs are sent out

Audit logs can be sent automatically in a variety of ways on a regular and regular basis, and the query results can be exported on demand with Cramp S client tool or WEB query results, and log files in excel, text and other formats can be exported. The exported log contains all the dimensional elements of the audit. At the same time, you can customize the data export dimensions and send the required audit data as needed.

9. Data statistics report

The concept of comprehensive report, in the form of daily, monthly, weekly and custom reports, makes a systematic analysis based on system performance, high risk risks, conversational sentences and other dimensions, and establishes multi-dimensional audit data analysis reports with built-in data analysis templates, which can show the operation and access status of the database from different dimensions, and export reports in word, pdf, excel and other formats.

The report customization condition supports full audit dimension, automatic report export, automatic mail delivery, and automatic sending by day, week and month.

The report results are shown in the following figure:

Support 40 default reports, support custom reports, support SOX anti-control reports, and so on.

5. Results of function deployment

1. Through the combined deployment of database audit and firewall, the requirements of visualization, control and compliance can be well realized, and the risks faced in the following figure can be well solved. When we return to the risk diagram, we can see that our specific solutions are as follows:

1) the database is equivalent to a black box, we cannot visually understand the access status of the database, cannot view the risk, cannot alarm the risk, and lack of detailed audit.

Solution: through the deployment of the database audit system, the access behavior of the database is recorded in detail, and a visual interface log is formed for viewing. At the same time, the performance monitoring and risk scanning of the database are carried out to prevent the downtime of the database. And if you want to know the risk of the database, the high-risk behavior carries on the alarm processing, and forms the visual report for viewing.

2) in the business server area, there are system vulnerabilities that can not be cleaned up, backdoors left by developers and SQL injection vulnerabilities, etc., so client area, business office area, and operation and maintenance area may take advantage of these vulnerabilities to attack the database.

Solution: through the deployment of database firewall system to protect against SQL injection and vulnerability attacks.

The specific protective measures are:

(1) enable the SQL injection rule of the database, which contains a large number of injection templates to block matching data injection attacks.

(2) vulnerabilities, backdoors and other behaviors, reflected in the database, are some unconventional operation statements, which can be matched by manually configuring rules and automatic learning strategies.

3) there is also a great risk that business personnel and insiders can use the intranet for data export.

Solution: through the database audit system, operation and maintenance audit function, internal personnel to audit the database exp,imp and other behavior. Through the deployment of the database firewall system, according to the manual configuration rules, block the exp,imp and other operations, to prevent business personnel and internal personnel from exporting data.

4) the ultra vires access of the operation and maintenance personnel, or the privilege is too high, for example, when DBA creates a new user, it does not have detailed permissions, resulting in users who should only have query rights to delete data, or update operations, or DBA uses administrative permissions to steal data

Solution: through the database firewall system, the user + operation policy is realized according to the manual policy setting, and the secondary authentication is carried out on the basis of DBA authority, so as to prevent the authority from being too high and abused because the distribution of DBA authority is not detailed.

5) it is also possible for insiders to misoperate the database, resulting in production accidents.

Solution: through the database firewall system, according to manual policy settings to achieve the default high-risk blocking policy, such as: prohibit DROP, TRUNCATE, ALTER and other operations, prevent malicious deletion, or misoperation.

VI. Functional advantages

1. Protect core data assets and prevent internal ultra vires access

2. Prevent internal personnel from leaking secrets, illegal backup, abuse of authority, misoperation, etc.

3. Prevent operation and maintenance personnel and third-party personnel from illegally accessing sensitive data.

4. Protect core data assets and prevent external attacks

5. Prevent external hackers from attacking and stealing data

6. Prevent SQL injection attacks, buffer overflows and permission embezzlement.

7. Be transparent to legitimate applications and users

8. Intelligent learning to automatically generate security baselines without the need for manual configuration of complex rules

9. High stability and high performance, supporting dual-computer hot backup to ensure continuous business

10. No audit changes need to be made to the current network environment and application configuration

11. It has no effect on the access and management process of authorized users.

Scheme value

I. value of the scheme

1. Through the above solutions, the threats to the data security of the government cloud have been effectively resolved:

1) make data activities visible. Real-time display the distribution, access and risk status of the sensitive data of the government cloud, find the abnormal activity and risk of the data in time, and achieve the most basic requirements of database security.

2) make the data safe and controllable. That is, by controlling the activities and access to the data of the government cloud, we can prevent some or all of the sensitive information in the database from being peeped, dragged or mirrored, and prevent the sensitive information in the database from being illegally modified or deleted.

3.) meet the compliance requirements and pass the evaluation quickly. The products achieve independent audit and access control, directly output compliance reports, and meet the requirements of multiple regulations and standards of the government cloud. It can help the government cloud to quickly pass a variety of security checks and evaluations, such as security evaluation.

2. Specifically, the database security reinforcement system brings the following value to customers:

1) simplify business governance and improve data security management capabilities

Because the database system is a complex software "black box", its visualization degree is very low. It is difficult for a database administrator to tell when data is accessed at any time. This brings great difficulties to business governance. Especially in the cloud environment, the degree of invisibility is even more serious. Data security solutions comprehensively monitor data access through a variety of means, and provide rich preset statistical reports to graphically visualize data access and risks, greatly simplifying business governance and improving data security management capabilities.

2) reduce the infringement of core data assets and ensure business continuity

Data is the most valuable asset, and it is also the ultimate goal for attackers to peep, tamper, and even delete. The violation of core data may lead to business interruption, serious information disclosure and tampering, and a serious threat to national information security. The separation of management and ownership in the application system also greatly increases the risk of data infringement. Data security solutions closely fit the data, achieve the visibility and control of data security, and ultimately reduce the possibility of core data assets being violated, and ensure normal business continuity.

3) improve the defense system in depth and improve the overall security protection capability.

It is the consensus of information security construction to establish an in-depth defense system. The section from database to application system is the last kilometer and the last line of defense of information security, which involves the most direct security management of sensitive data and is directly related to the security of sensitive data. At the same time, strengthening security protection in the data / business layer has gradually become a new direction of information security. The company's system is close to the core data and provides a wealth of protection means for the last kilometer of information security and the data / business layer, which is conducive to the government cloud to improve the defense system in depth and enhance the overall security protection capability. Through the combination of database audit and firewall, the main risks faced by the database can be solved perfectly.

(1) abuse of ultra vires authority: the setting of database permissions violates the principle of "minimum authority". It is common in many information systems. If these excess permissions are abused, sensitive data disclosure events can easily occur.

(2) abuse of legal rights: there are always some users in the system who legally have larger or even super-administrative rights. If these rights are abused, serious consequences can easily occur.

(3) privilege embezzlement: because the user authentication of commercial database is mainly based on a single password, permission embezzlement is easy to occur, which can easily lead to serious data leakage.

(4) Database platform loopholes: database management system is a complex software system. From the patches issued by database manufacturers, database systems without exception have serious security vulnerabilities. Such as buffer injection vulnerabilities or authentication, rights management vulnerabilities. These vulnerabilities can be easily exploited by attackers to steal data.

(5) risk of SQL injection and buffer overflow: the database itself does not have the ability to detect SQL injection attacks. By inserting malicious statements through Web/APP or launching buffer overflow attacks using connection tools, attackers have a chance to gain access to the entire database.

(6) weak authentication mechanism: the basic management mechanism provided by commercial database systems is mainly discretionary access control (DAC) and role-based access control (RBAC). There is no mandatory access control (MAC) to authenticate permissions based on the sensitivity level of users and data. This makes it easy for low-level users to access high-level data.

(VII) lack of detailed audit: audit is a standard security feature of each database management system, which is used to record access to data, thus providing a deterrent to illegal access. However, the audit function of the database itself is weak in visualization, intelligence and intrusion detection, which usually can not meet the actual security requirements.

4) meet the compliance requirements and pass the evaluation quickly

Achieve independent audit and access control, directly output compliance reports, meet the requirements of multiple regulations and standards in many industries, and help enterprises quickly pass a variety of security inspection and evaluation.

The above content is what is the solution of cloud database security? have you learned the knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.