摘要
提出了一种综合的数据库安全结构,该结构利用密码学知识,设计了加密认证模块,实现了数据的完整性、机密性,并保证了源数据的合法性。该结构还具有单一错误检测修正功能,单一错误的纠正,可以容忍在数据传输过程中的错误,实现了数据库的外部级入侵容忍。内部容忍模块给出了一种基于入侵容忍的内部数据库结构,提高数据库的柔性和抵御入侵的能力。该系统不仅具有入侵容忍功能,而且还具有加密认证功能,适用于安全需求较高的领域。
An integrated database security architecture is proposed. The encryption/authentication component, making use of cryptographic knowledge, not only makes the database integrity and confidentiality, but also have the function of detecting and correcting the single error. The single error correction tolerate the transfer's intrusion, and this enables the outer-level intrusion-tolerance. Inner intrusion-tolerant component provides an intrusion-tolerance based database security structure. The flexibility and the ability of protecting from attacks are improved. This system has the functions of not only intrusion-tolerance, but also encryption and authe-ntication. So it can apply to fields where the higher security level is needed.
出处
《计算机工程与设计》
CSCD
北大核心
2006年第22期4291-4293,4373,共4页
Computer Engineering and Design
关键词
入侵容忍
加密
认证
数据库安全
错误纠正
intrusion tolerance
encryption
authentication
database security
error correction
