摘要
在广泛使用的多层结构数据库系统中,应用系统独立维护终端用户信息,致使终端用户身份不能传递到数据库管理系统,从而带来诸多安全问题。为解决这一问题,提出了数据库连接池上的终端用户追踪算法,通过分析Web日志来识别终端用户身份,根据Web请求和提交数据库执行的SQL语句间的对应关系建立SQL语句与终端用户的映射,并以此为基础进行终端用户追踪。基于所提出算法设计和实现了数据库安全审计系统,表明数据库连接池上的终端用户追踪算法可行有效。
In the widely used multi-layer database system, appl ication system can maintain terminal users infor-mation by itelf. This prevents user transporting identity from terminal user to database management system, and brings a lot of security problems of database. In order to solve this problem, the algorithm of tracing terminal us-er in database connection pool is proposed. This algorithm identifies the identity of terminal user by analyzing Web log of application server. Through matching the relationship between Web request and SQL statements sub-mitting to execute in database, the algorithm can map SQL statements to terminal user. The audit system desig-ning based on the algorithm and its implementation shows that the terminal user tracing algorithm in database connection pool is feasible and valid.
作者
谢统义
马岩
黄保华
XIE Tong-yi Ma Yan HUANG Bao-hua(School of Computer and Electronic Information, Guangxi University, Nanning 530004, China Library, Guangxi College of Education, Nanning 530023 , China)
出处
《桂林理工大学学报》
CAS
北大核心
2017年第1期203-207,共5页
Journal of Guilin University of Technology
基金
国家自然科学基金项目(61262072)
广西中青年教师基础能力提升项目(KY2016YB578)
南宁市科学研究与技术开发计划项目(20125258
20131052)
关键词
数据库
连接池
终端用户追踪
安全审计
database
connection pool
termin al user tracing
security audit
