On the Security Management of Computer Database

Abstract: With the wide use of computers and networks, people or enterprises store more and more information through databases. The security of computer database involves personal privacy or enterprises and other stakeholders. By combing the concept and characteristics of computer database, on the basis of clarifying the security problems of database, the security management objectives of computer database are set, and the database security management system model is formulated.

Keywords: computer; Database; Security; model

Since 1980s and 1990s, the use of computers has become more and more common. Individuals and enterprises tend to use the Internet to handle personal affairs, and store a lot of materials and information on the Internet for convenience. Computer database is the technical support for this activity.

For convenience and security, people usually store personal data in computer databases. These personal data often contain personal privacy, which is very important. Only people with relevant rights can view the relevant data. Similarly, modern enterprises almost all store and manage all kinds of business data through computer databases. Through the specific database access mode, it can provide enterprises with convenient query and application of data in various regions and periods, and improve enterprise management efficiency. Enterprise database is very important for enterprises. However, if the database is attacked by people or viruses, personal privacy or important information of enterprises will be in danger of being stolen or lost, causing losses to the interests of individuals or enterprises.

Combined with the concept and characteristics of computer database, this paper sets the goal of database management, analyzes the problems existing in database management, and puts forward the security management model of computer database.

First, the concept of computer database and its security management characteristics

(A) the concept of computer database

A computer database is a collection of data (records, files, etc.). ) organized and stored in a computer for a certain purpose. Model is the core and foundation of database system. According to the way that computers store and operate data, and from the perspective of database development forms and model characteristics, databases are divided into three categories: mesh databases, hierarchical databases and relational databases. Computer database has a wide range of applications. According to the application field and scope of the database, the database is divided into: statistical database system, Haihe River basin database system, geological database system, ecological environment database system, local records database system and so on.

Generally speaking, with the popularization of computer and the continuous development of database technology, the application scope of computer database is expanding, more and more attention is paid to it, and its security is constantly being optimized and strengthened.

(B) the characteristics of database security management

Database security management usually includes four aspects: data security, data integrity, concurrency control and fault recovery;

1. Data security

Data security is the premise of ensuring data use. Data security involves the security of data itself and the security of data protection. Pay attention to prevent data damage or loss caused by data entry, processing, statistics or printing; And data damage or loss caused by people, programs, viruses or hackers. In order to ensure the security of data, it is usually necessary to classify data, that is, to separate the information that needs to be protected from other information; Set user access rights to control different users' access to different data; Audit and encrypt data.

2. Data integrity

Data integrity is to ensure the comprehensiveness of the received information, including the accuracy and reliability of the data. Data integrity usually includes entity integrity, domain integrity, referential integrity and user-defined integrity. Whether the data is complete usually involves data entry and other aspects. Due to various reasons such as data input, there will be problems such as invalid input or wrong information. In order to ensure the integrity of data, foreign keys, constraints, rules and triggers are usually used. The system well deals with the relationship between the four, and adopts different methods according to different specific situations, which intersect and complement each other.

3. Concurrency control

The data information resources in the database can be said to be one? Information base? Access to data should not only meet the needs of one user, but also allow multiple users to access data at the same time. In order to ensure the consistency of users accessing data, concurrency control is involved. Concurrency control refers to various technologies used to protect database integrity when multiple users update at the same time. Incorrect concurrency mechanism may lead to dirty reading, phantom reading and unrepeatable reading. The purpose of concurrency control is to ensure that the work of one user will not have an unreasonable impact on the work of another user. In some cases, these measures ensure that when a user operates with other users, the result is the same as when she operates alone. In other cases, it means that users' work is influenced by other users in a predetermined way.

4. Fault recovery

At present, there are many measures to protect the database system from being destroyed, which can ensure that the security and integrity of the database are not destroyed and concurrent transactions can be executed correctly, but computer hardware failures and operator transactions are inevitable. The correctness of the data in the database will be affected by it, and even sometimes the database will be destroyed, resulting in the loss of some or all of the data in the database. The function of fault recovery is to restore the database from an error state to a known correct state.

Second, the database security management objectives

Safe and complete use of data is the goal of computer database management, including the following aspects:

Data sharing and unified management. Realizing data information sharing for authorized users in all regions or all time periods can improve the efficiency of information use and meet the needs of enterprises or individuals for dynamic office work. At the same time, data sharing must ensure data consistency and unified management.

Simplify data access. Applications simplify access to data, so applications can access data at a more logical level. On the one hand, data access simplification improves the efficiency of using data in the database, on the other hand, it improves the convenience of using data by individuals or enterprises and improves work efficiency.

The data is valid. On the one hand, data validity means that the data in the database should be available without too much miscellaneous data; On the other hand, it ensures the logical consistency of data.

Data independence guarantee. Data independence includes physical independence and logical independence of data. The definition of data is separated from the program, and the DBMS is responsible for data access, which simplifies the writing of application programs, greatly reduces the maintenance and modification of application programs, ensures the independence of data, and reduces the dependence of programs on data and data structures.

Data security. Is to protect the interests of data owners when the database is available. The centralized storage and management of data can ensure the security of the database. The specific goal of database security is to provide adequate services and ensure that key information is not leaked.

Third, the problems existing in database security management

From the perspective of database system security, database security issues include operation, system management and database itself.

Operational aspects. Operation often involves the association of viruses, backdoors, database systems and operating systems. In terms of viruses, some viruses can attach to the operating system, thus causing harm to the database; The back door of the operating system not only facilitates the setting of characteristic parameters, but also leaves a back door for hackers to access the database system.

Management. The awareness of database security management is weak and the degree of attention is not enough. The management of the database is usually reserved when setting access rights. The database security control measures are few or not in place, so it is impossible to detect and discover vulnerabilities and security threats in the database regularly.

Problems with the database itself. Although the relational database system has been used for a long time, its functions are relatively strong, and its products are relatively mature, in fact, some characteristics it should have, especially the more important security characteristics, have not been reflected in the operating system and widely used database systems. Therefore, most relational database systems are still immature.

Four, computer database security management measures

(1) User identification and authentication

User identification and authentication are the outermost security protection measures of database system. Database system can use a variety of identification methods to improve the security level of the system. Among them, user name input recognition, password recognition and identity recognition are commonly used security precautions.

(2) Safe mode

Judging the relationship between important aspects of security and system behavior through security mode, and meeting the requirements of critical data security. Security models usually include multilevel security models and multilateral security models. Multi-level security model is first used in military security system, including secret level, secret level and top secret level. According to different needs, set the access rights of personnel at all levels. Multilateral security model can prevent horizontal information leakage.

(3) Access control

According to the identity of users and a defined group to which they belong, users are restricted from accessing certain information items or using certain control functions. System administrators usually use access control to control users' access to network resources such as servers, directories and files. Access control ensures the normal access of users with access rights, and protects network resources through subject access settings. The main functions of access control are: preventing illegal subjects from entering protected network resources; Allow legitimate users to access protected network resources; Prevent legitimate users from accessing protected network resources without authorization. The strategies to realize access control include network access control, network permission restriction, directory-level security control, attribute security control, network server security control and so on.

(4) Safety audit

According to the relevant laws and regulations, the entrustment of property owners and the authorization of management authorities, professional auditors conduct systematic and independent inspection and verification of related activities or behaviors under the computer network environment, and make corresponding evaluations. Security audit involves four basic elements: control objectives, security loopholes, control measures and control testing. Among them, the control target refers to the safety control requirements formulated by the enterprise according to the specific computer application and the actual situation of the unit.

Verb (abbreviation of verb) conclusion

In computer systems and database systems, data security is a common and important problem. The security of database revolves around the prevention and mitigation of risks. The main purpose of database management is to ensure the safety of data on the basis of ensuring the enjoyment of data through effective plans and measures, and to ensure that potential safety hazards do not bring risks to users. On the basis of pointing out the security problems existing in the database system, this paper puts forward some measures for database security management from the perspectives of user identification, setting security mode and access control.

References:

[1] Xu Ting, Yang Xinrong. Theoretical research on database security technology [J]. Science and technology information development and economy, 2007,4.

[2] Ray. Research on Database Security Technology [J]. Computer Application Research, 2004, 9.

[3] Jun, Li, Wang Xiaolong. Analysis of the application of computer database system in information management [J]. Science and Technology Innovation Herald, 2008, 12.

[4] Liu Qiyuan, Liu Yi. Database and information system security [M]. Beijing Science Press 2000.

5000-word computer graduation thesis 4

Talking about Computer Security Technology and Protection

Internet has the characteristics of openness and anonymity, which creates opportunities for computer hackers and viruses to use the network to carry out various criminal activities, but also poses a threat to network security. In the process of using the network, we will always be infected by various web viruses, and in the process of sending and receiving emails and using QQ for instant chat, passwords will also be stolen. At the same time, due to security problems, the data of some websites have been destroyed, which has brought great losses to our work.

Keywords: computer; Network; Security technology; Protective technology

Internet is changing people's production and life with its high efficiency, rapidity and convenience, and is widely used in all fields of society. All walks of life use it to deal with all kinds of things, such as sending emails, shopping online, information processing, online stock trading and online office. These are all related to the openness and anonymity of the Internet. It is precisely because of these characteristics that there are certain security risks in the Internet. However, the insecurity of the network leads to people's fear of the network, and the above problems also cause people to suffer huge losses in the process of applying the network and computer. I will make the following analysis in computer security technology and protection.

First, there are security risks in computer network information.

(A) the problems existing in the computer itself

The weakness of computers is that they are easily destroyed or even paralyzed in the face of threats and attacks. Because of its poor self-defense ability, it is helpless when attacked by new viruses. When establishing a network protocol, some security issues are not arranged. Although many new security services and security mechanisms have been added, hacker attacks still make the computer itself hard to prevent, making some security measures look weak, so the security problems in the Internet are more serious.

(B) software vulnerabilities

All operating systems or network software will have all kinds of problems, mainly because of hacker attacks or virus invasion, so there are still defects and loopholes in operating systems and network software, which brings great danger to our computers, and computers will be attacked more when networking.

(c) The computer security configuration is incorrect.

In the process of security configuration, there are security loopholes due to incorrect configuration. For example, if you don't configure a firewall, its functions can't be played well. In this specific network application, many security vulnerabilities will be opened during the startup process, and the application software that can bind this software will be enabled. Only when the user prohibits the program from running or configures it reasonably can all kinds of security risks be eliminated.

(D) users have poor safety awareness

When users make simple password settings, they sometimes lend their accounts to others or share them with others, which poses a certain threat to network security.

Second, the threat of computer viruses.

With the wide application, there are more and more kinds of viruses, which are more and more destructive. The emergence and spread of viruses make information systems unreliable and unsafe, which poses a great threat to computers and also causes a lot of losses to various units. The invasion modes of computer viruses can be summarized as follows:

(a) fraudulent data

Invade the computer illegally, modify the data, and even take the opportunity to input false data.

② Trojan horse

Load secret instructions or programs into computers by improper means, and conduct criminal activities through computers. It is hidden in other programs through legal identity, which will attack and pose a threat at some point. When the machine completes the task, it will perform unauthorized functions. For example, copying a program beyond the authorization of the system.

(3) Intercept information

When hackers or viruses attack, it is possible to intercept important information by means of wiring or electromagnetic radiation, or analyze it by means of information flow and its own flow direction, communication frequency and length, so as to judge and retain useful information.

(4) Attacks on programs

This virus is aggressive and active. It is deeply hidden in the computer's memory, and uses Trojan horse to cheat users and activate them technically. Even with the help of logic bombs, it attacks the system and produces more harmful activities.

(5) Other cyber attacks.

Hackers or viruses destroy the network system, making it unavailable, resulting in legal users unable to access network resources and refusing various services. Some will also seriously damage the computer system and network system, making the system information incomplete, and some may pretend to be hosts and illegally invade legitimate users, resulting in the destruction of system resources.

Third, the common network security technology.

(A) operating system kernel security protection technology

Mainly through the traditional network security technology to analyze the core technology of operating system security. With the help of operating system, the network security is analyzed and assumed, and the possible security problems in the system kernel are eliminated from the kernel, further emphasizing the system security problems and continuously strengthening the technology. The security measures of operating system platform mainly include: using an operating system with high safety factor; Safely configure the operating system; Check the vulnerability of operating system with the help of security scanning system. According to the technical standards of the U.S. Department of Defense, the security level of the operating system is divided into D 1, C 1, C2, B 1, B2, B3 and A, and the security level is mainly from low to high. At present, the security level of most operating systems has reached C2 level, and its characteristics include: first, using the registered name and password of users to identify the system; Second, the system determines the user's right to access resources through the user's registered name; The third is to audit and record all events of all systems through the system; 4. Create other users with system management rights.

(B) network anti-virus technology

Computer virus destroys the system with the help of network environment, and its destructive power is very strong, and its threat and destructive power are incalculable. For example, CIH virus and love bug virus fully show that if viruses are not prevented in advance, they will cause greater losses and bring a series of problems to society. So we should strengthen virus prevention. The specific implementation methods of network anti-virus technology mainly include frequent destruction, frequent scanning and frequent monitoring of files in network servers, and strengthening the access rights setting of anti-virus chips, network directories and various files through workstations. Virus prevention mainly depends on the whole network to improve the technical and preventive awareness of managers, and often scans the clients of the whole network to monitor the virus situation; Through online alarm technology, when every machine on the network breaks down and is invaded by viruses, network administrators can find and solve these problems in time, thus minimizing the loss of network attacks.

(3) Encryption of network technology

The improvement of network encryption technology is an effective and important measure to ensure network security. Encrypted networks can prevent illegal eavesdropping and the invasion of malicious software. The encryption of network information is mainly to protect the data in the network, the files, passwords and control information in the network, and the data transmitted on the network. This network encryption is mainly realized by link encryption, endpoint encryption and node encryption. The purpose of link encryption is to protect the security of link information between network nodes; The purpose of encrypting each endpoint is to complete the encryption protection of data from the source user to the destination user; The encryption node mainly protects the transmission link between the source node and the destination node through encryption. According to the network situation, each user chooses the above three encryption methods according to his own situation.

According to the similarities and differences between the sender and the receiver, these encryption algorithms can be divided into conventional encryption algorithms and public key encryption algorithms. Through the application of this process, people mainly combine conventional cryptography with public key cryptography. For example, DES or IDEA is used to encrypt information, and RSA is used to transfer the session key. If the bits that have been encrypted for many times are classified, the encryption algorithms can be divided into sequence cipher algorithm and block cipher algorithm, while the sequence cipher algorithm encrypts only one bit at a time.

(D) to strengthen the firewall technology

Network firewall is mainly a barrier between the protected network and the outside world. With the help of the combination of computer hardware and software, it forms a relatively secure gateway to protect the internal network from illegal users. By identifying, restricting and changing it, we can cross the data flow of firewall, provide security for communication network and provide security for the development of computer communication network.

(5) Strengthen identity authentication technology.

Authentication technology is mainly the process that users display their identity certificates through the system. Prove the user's identity through authentication. Through these two processes, we can judge and verify the true identities of the two communication parties, and complete the identity verification with the help of these two tasks. The security mechanism of the computer is mainly to authenticate the identity of the requesting user and confirm its legitimacy. If it is judged to be a legitimate user, the user will be audited to judge whether it can access the requested service or host.

In a word, network security is a comprehensive and long-term work, which mainly involves many aspects such as technology, management, use and so on, including the security of information system itself, as well as the corresponding physical and logical measures. Therefore, we must gradually strengthen the confidentiality, integrity and availability of information through various preventive measures, various relatively confidential policies and clear security strategies, and provide guarantee for network security.

References:

[1] Chen. Network information security [M]. Wuhan: Wuhan University of Technology Press, 2005.

[2] Zhong, Wang Chaobin,. Network security technology [M]. Beijing: Electronic Industry Press, 2003.

[3] Zhang Qianli. Fundamentals and applications of network security [M]. Beijing: People's Posts and Telecommunications Publishing House, 2007

[4] Wu Jinlong, Cai Canhui, Wang Jinlong. Network security [M]. Beijing: Higher Education Press, 2004.

Guess you like:

1. Comments on computer professional graduation thesis

2. College computer major graduation thesis model essay

3. Computer Department graduation thesis model essay reference

4. College computer graduation thesis model essay

5. Computer professional graduation thesis model essay

6. Computer professional graduation thesis reference