摘要
访问控制技术已广泛应用于数据库安全领域,但是它无法防范SQL注入、内部人员权限滥用等非法行为。针对这些问题,提出可信计算环境下的数据库强制行为控制(MBC)模型,判断用户提交事务的可信性;设计并实现了可信数据库控制基(TDCB)原型对行为策略进行完整性度量。实验结果显示,MBC能够阻止不可信的事务执行,有效解决内部人员运行非法事务的问题;TDCB能够检测出MBP被后门用户非法篡改,并禁止执行相应的事务以免造成损失。
Access control technology has been widely applied in the field of database security, but it cannot prevent illegal behavior such as SQL injection and privilege abusing by internal users. In order to solve these problems, we proposed the database mandatory behavior control (MBC) model in the trusted computing environment to determine the trustiness of transactions submit by users, and then designed and implemented the prototype of trusted database control base (TDCB) to perform integrity measurement on the behavior policies. The experimental results show that MBC can prevent untrusted transaction execution and effectively solve the problem of illegal transactions running by internal users. TDCB can detect the illegal modification of MBP by backdoor users and prohibit the execution of corresponding transactions to avoid loss.
作者
李晔锋
公备
徐达文
乐嘉锦
Li Yefeng1,2,Gong Bei1,Xu Dawen2,Le Jiajin3(1.School of Computer Science and Technology, Beijing University of Technology, Beijing 100124,China;2.School of Electronic and Information Technology, Ningbo University of Technology, Ningbo 315211, Zhejiang,China;3.School of Computer Science and Technology, Donghua University, Shanghai 201620, Chin)
出处
《计算机应用与软件》
北大核心
2018年第8期66-72,共7页
Computer Applications and Software
基金
国家自然科学基金青年科学基金项目(61501007)
关键词
数据库安全
强制行为控制
可信计算
可信数据库控制基
Database security
Mandatory behavior control
Trusted computing
Trusted database control base
