摘要
为保护医院信息系统(HIS)中SQL Server数据库系统的安全性,可在将软件升级至最新版本和安装所有已发布更新的基础上,采取以下方法进一步强化数据库系统的安全性:删除或保护含有敏感信息的安装文件,尽量采用基于WINDOWS的登录方式,慎用SA帐户并限制域用户帐号的权限,防止跨越数据库权链骗取数据,加密数据库对象定义,使用C2级审核,使用MBSA扫描出不安全的配置和使用防火墙保护数据库服务器。
In order to strengthen the security of SQL Server database system in HIS system, some measures could be taken on the base of software upgraded to the latest edition and installation of all released patches. These measures are as followings: to delete installation flies which contain sensitive information, to the best of one's abilities to adopt the way of logging based on Windows authentication, to be cautious to use SA account and limit domain users, to prevent the data cheating from span of database authority chain, to encrypt database object definition, to use Auditing of C2 level, to scan unsafe configuration using MBSA and betake the firewall to keep the security of database server.
