数据库安全技术分析及改进策略

Analysis on Technology and Improvement Strategy of Database Security

研究数据库的安全性就是为了保护数据库,以防止其中的数据被泄露、更改或破坏.基于Oracle数据库系统,对数据库存储及传输加密、用户口令认证,安全审计机制等给出了技术实现,并通过存储过程、函数和程序包的方法对现有的数据库系统安全功能加以改进,并给出了一种将冗余和多样性技术相结合,有效整合入侵检测和容忍入侵的技术整体部署,外层防御,中间入侵检测,内层容忍入侵的安全增强数据库系统的模型.

Research on the security of the database is to protect the database, in order to prevent the data from disclosure, alteration of destruction. Based on Oracle database, database storage and transmit authentication, users password authentication, and secure audit are realized. Database security functions improve by procedure, function and program packages. A model, which is to defend intrusion in outer layer, to detect intrusion in the middle layer and to tolerate intrusion in the inner layer, is given. It utilizes the techniques of both redundancy and diversity and integrates the techniques of detection intrusion and intrusion tolerant.