基于网络侦听的数据库审计方法

DBMS Audit Based on Network Listener

目前,在我国广泛使用的数据库管理系统中存在着监管失效,内部操作不透明,安全保护手段滞后等问题.而系统自带的数据库审计服务也存在着审计日志格式繁多难于维护,长期使用审计服务后导致系统性能下降等缺陷.因此,本文提出一种基于网络侦听技术的数据库审计方法,该方法通过监听分析数据来获取数据库操作指令,不改变现有网络结构,也不影响网络的性能,能够有效的审计监管外部入侵和内部的违规操作,为事后责任认定提供证据,可以有效的克服传统审计技术的不足.

At present, widely used DBMS in our country, which has generally exist some problems. Because of regul-atory failure, opaque internal operations, the lag of security measures, We can not guarantee that our database is secure. Although DBMS has provided audit services that also have many problems, such as most DBMS has different audit log format and difficult to maintain, low capability when audit server used long-term. So this paper presents a database audit method based on network monitoring technology. We can use it to collect database operations command by analyzing the monitoring data .It works without changing the existing network structure and effecting network performance, and it can effectively record external invasion or internal irregularities to provide evidence to legal responsibility. This appro-ach overcomes the shortcomings of traditional audit techniques.