摘要
目前国内各类计算机信息系统在行业应用中普遍使用国外厂商开发的数据管理系统,但这类系统普遍存在用户操作不透明、审计效率低等问题。为了实现高效安全的细粒度实时审计功能,提出了一种基于访问标记的安全数据库审计方法,针对普通数据和高安全级别数据分别采用基于角色权限和基于访问凭证的标记方法,实现了高效安全的细粒度权限实时审计功能。该审计方案已应用于国网数据库管理软件SG-RDB中,系统测试和实际应用结果表明,该方案能够提供高性能的实时审计服务,可满足行业应用要求。
At present, DBMS developed by foreign manufacturer are mostly used in our country. Because of the opacity of user operation and the overhead of system, we propose a new auditing method based on access attribute in security database in this paper. On the basis of traditional auditing methods, our method uses the attribute of role privileges for common data and uses the attribute of access credentials for secure data, achieving the balance of authentication control and system performance and providing fine-grained permission auditing. It works perfectly in SG-RSB system without the system overhead. The security analysis and practical application show that this method has high availability and security.
出处
《电力信息与通信技术》
2017年第12期41-46,共6页
Electric Power Information and Communication Technology
关键词
数据库审计
访问标记
安全数据库
实时审计
database auditing
access attribute
security database
real-time audit
