摘要
数据库审计是数据库安全的重要组成部分。它包括了日志记录和日志分析两个部分。然而传统的数据库审计系统往往只是一个简单的日志系统,而并不具备对日志进行分析的能力。即使存在审计分析能力,也往往具有语义不足,不易定义的特点。DBIDAUD模型使用入侵检测方法来实现数据库的审计分析能力,在DBIDAUD模型中存在一个规则库,其中定义了入侵检测知识,审计员通过定制规则库来定制系统的安全策略。模型具有丰富的语义和较高的效率,能够用来实现高安全数据库的审计系统。国产OSCARSEC安全数据库使用DBIDAUD实现了审计中心子系统。满足了国家安全标准四级的要求,在航天内部得到了充分的应用。
Database audit is an important part of database security. It contains both log system and audit system. But the traditional database audit system is always only a simple Log system without the ability of analyzing the log records. There exists some methods to implement database audit, but all of these methods have not enough semantics and are hard to define audit rule, DBIDAUD is a database audit model which uses an intrusion - detection method to implement the audit system. There includes a rule warehouse in the DBIDAUD, where the intrusion detection knowledge is defined. Auditor defines the secure policy by customizing the rule warehouse. The DBIDAUD model has richer semantics and higher efficiency and is used to implement the audit system of secure DBMS. The audit center of OSCARSEC SECURE DBMS is an implementation of DBIDAUD, which qualifies the level 4 of National Standard and is widely used in aerospace area.
出处
《计算机仿真》
CSCD
2007年第2期33-36,共4页
Computer Simulation
基金
国家发改委大型通用数据库管理系统神舟OSCAR研发及产业化
国家高技术研究发展计划(863计划)大型通用数据库管理系统OSCARV6.5研发及应用(2005AA4Z3020)
关键词
数据库审计
入侵检测
审计阈值
Database audit
Intrusion detection
Audit threshold
