华中电网水电优化调度系统的安全性分析

Analysis on the security of the Huazhong Hydropower Optimized Dispatch Control System

提及网络安全,很多人就会联想到系统漏洞与技术高深的黑客,然而有一类安全性问题却并非是由系统漏洞造成的,而是由软件系统的某些特性造成的,如果程序员不了解这些特性,那么编出来的程序就很容易受到攻击,而实施这些攻击并不需要用户有很高深的计算机知识。本文通过对SQL-SERVER的一个特性的分析,来向读者展示它对整个系统所造成的潜在危害。

Speaking of network security, it reminds us software weakness and illegal hackers.However, there is akind of security problem which is not caused by system weakness but the result of some special characteristics ofthe software. If programmers don't have a deep understanding about these characteristics, the programs that theydesign would easily be under attack, even attacked by unprofessional users. This essay focuses on one of suchcharacteristics of SQL-SERVER to demonstrate its potential threat to the whole system.