Network database security paper model article 1
On the Security of Computer Network Database
This paper expounds the security factors of network database, and discusses the security precautions of network database.
Computer database; Network environment; Analysis; safe
In the current network environment, network information security is an important problem to be solved urgently, and the security of computer database is its core and key problem, which is directly related to the overall security of network information management system. Therefore, in order to ensure the efficient, stable and safe operation of network information system, scientific and reasonable preventive measures are the key content of network database technology research.
First, the model construction of network database
The network database is based on the background database, and its access control function is provided by the foreground program. Information collection, query, storage and other operations are completed by the browser. In the network environment, the characteristic of database is to realize the enjoyment of data information, at the same time, it can realize access control and minimum redundancy, and maintain the consistency and integrity of data. Figure 1 is the model diagram of network database construction as follows.
The model is based on the combination of network technology and database technology, and consists of three layers: database server, application server, WEB server and browser. The interface between the whole system and users is common browser software. As the first-tier client, the browser's function is to provide users with information input, convert codes into web pages, provide interactive functions and handle various requests at the same time. As the background, the WEB server in the second layer responds to various requests by starting corresponding processes, and generates codes to process various results. If the data access is also within the scope of the client's request, the database server must cooperate with the WEB server to complete this request. The third-tier database server can effectively manage the database and coordinate the requests sent by different SQL servers.
Second, the network database security analysis
1, analyzing data security
Network database is the core part of information management system, and its security will directly affect the security of data in the database. Because many important data are stored in the database server, such as some accounting data, financial data, some engineering data, technical data, decision-making data related to planning and strategic development, etc. , confidential information, illegal access is strictly prohibited, and external data must be kept strictly confidential. For enterprises and companies, the planning of internal resources, the conduct of external transactions, the operation of daily business and so on. , must rely on the network database, so the security of data is very important.
2. Analyze the security of the system.
The security of network database directly determines the security performance of server host and LAN, as well as the configuration of database system. Addressable from the port? That is to say, as long as you have access to data and appropriate query tools, you can directly connect to the database and server port, but you can cleverly avoid the security detection of the operating system. Most databases also have public passwords and default numbers, and this default account has a very high authority, which can not only access resources at all levels in the database, but also operate the operating system according to instructions, and even open the back door to store listening programs, so as to obtain relevant passwords and control the whole LAN, which is even more harmful.
3. Analyze the security factors that affect the database.
Database server is the core part of network information system, which contains a lot of sensitive and important information, so the security of database directly affects the security of stored data. The network database not only has large processing capacity and centralized data information, but also has very frequent data updates and huge user visits. Therefore, the factors that threaten the security of network data are:
(1) The user did not perform the correct access operation, resulting in a database error;
(2) man-made destruction of the database, resulting in the database can not be restored to normal;
(3) Illegally obtaining confidential information without leaving any trace on the surface;
(4) Users will be attacked by various eavesdropping technologies when accessing the database through the network;
(5) Users steal information resources by illegal means;
(six) unauthorized modification of the database, resulting in serious distortion of data;
In the face of the above threats, it is not enough to protect the network. Because it is fundamentally different from other systems in structure, the sensitivity and importance of various data contained in the database are also different, and it also has the function of * * * to provide services for users with various permissions, so it needs more extensive and stricter security, not only to physically protect online networks and external devices, but also to conduct illegal access to prevent sensitive data from being stolen.
Third, the implementation of network database security measures
At present, various prevention strategies are often not comprehensive and specific enough to truly realize the security of the database. Therefore, in the network environment, the security of the database should be considered and designed from the overall aspects of daily maintenance and development, system design and so on. Establish various security mechanisms to form an overall security strategy.
1.R&D information managers should change their design concepts.
First of all, the personnel who develop information management system must change their ideas, change the wrong idea that they only pay attention to the functions of information management system in the past, fully consider the security of the system, thoroughly evaluate the system and the software to be developed, and find out the potential security risks in the information system from the aspects of background database system, foreground development tools, and the implementation environment of software and hardware, so as to avoid database leakage caused by inappropriate hardware environment and development tools, and then make the whole system unstable.
2, system management and maintenance personnel should consider the database security.
System management and maintenance personnel must comprehensively consider the security of the database, including the following two points:
1) peripheral layer security
It mainly includes network security and computer system security, and the invasion from virus is the most important threat. Therefore, in order to ensure the normal operation of the whole system, it is necessary to avoid the spread, hiding and invasion of viruses in the outer layer, adopt comprehensive management means, combine prevention, killing and management, build a virtual private network of network database system, adopt technology to ensure the transmission safety and access safety of network routing, and use firewall technology to isolate network segments from the network, which not only avoids the system from being harmed.
At the same time, the peripheral security of network database focuses on the physical protection of WEB server and operating system, and at the same time, the application server should be protected to prevent data from being tampered with or monitored during transmission. Because this layer does not involve the encryption of the database itself, it is impossible to directly encrypt files and use key management. At the same time, because the running program of this layer is mainly based on the output of WEB browser service, it is necessary to realize its security performance in specific application software such as ASP.
2) Core layer security
In the whole network database system, application software and database are important core components. If software and data are abused, illegally copied, stolen, tampered with or lost, it will cause a devastating blow to the system and seriously endanger social security. Therefore, users' access rights must be controlled, and security precautions should be taken from the aspects of database encryption, recovery and backup, and data classification control. To ensure the integrity and independence of the database management system. Data classification is a simple operation method, which can control the information flow of the database. By using encryption control and encrypting database files, several encryption and decryption algorithms with different speeds and security strengths are provided to provide users with reasonable settings.
Four. conclusion
With the rapid development and continuous upgrading of computer technology, various information management systems based on the Internet and computers have become an important means to support and complete the operation of various things. In the network environment, in the process of developing and using information management system, we must pay attention to security issues, so as to ensure the data security of the whole database server, achieve the expected benefits and better serve the vast number of users.
References:
[1] Xu Li. Chun Mei. Security vulnerabilities and solutions of network database [J]. Fujian Computer, 2007( 12).
[2] Qian Jing. Research on the Security Mechanism of Network Database [J]. Research on Computer Application, 20 10( 12).
Network Database Security Model II
Security strategy of network database
This paper mainly discusses the security threats faced by the database in today's network environment, and comprehensively analyzes the solutions to improve the security of the network database.
Keywords: network; Database; Security countermeasures
With the popularization and development of the Internet in the 2 1 century society, more and more enterprises gradually participate in it, and the core of enterprises gradually turns to the Internet. Departments, companies and manufacturers scattered in geographical areas obviously have excessive demand for database applications, and the database management system has gradually expanded from single machine to the whole network environment, and the way of data collection, storage, processing and post-dissemination has changed from centralized to comprehensive distribution. Enterprises pay special attention to the security of database information when using database management system.
1 security mechanism of network database
The network database is a computer-based background database, and the access control provided by the foreground program can complete data storage, query and information collection step by step through an effective browser. In the current information processing network environment, effectively sharing a large amount of data information with multiple users is the biggest feature of the database. But at the same time, it effectively ensures the integrity and consistency of data and effectively realizes the minimum access control.
Two typical modes of network database are B/S mode and C/S mode. The mode adopted by C/S is mainly divided into three layers: ① client; ② Application server; (3) Database server, mainly in the form that the client transmits data to the application server and then to the database server. The mode adopted by B/S is mainly divided into three layers: ① browser; ② Web server; (3) Database server, the main form of expression is as mentioned above. It can be seen that the two network database models are similar in structure to a great extent, and both involve network, system software and application software.
2 Detailed description of security mechanisms at all levels
2. 1 network system security mechanism
If the database is invaded by external malicious information, the first step is to attack and invade the network system, from which we can judge that the first protective barrier of database security is the normal security of the network system. From a technical point of view, it can be roughly divided into its anti-intrusion detection and collaborative intrusion detection technology. Let's elaborate on it separately:
First of all, there are firewalls in computer systems, and the extensive use of firewalls has become the most basic preventive measures today. The main function of firewall is to effectively monitor the access channel between trusted network and untrusted network, establish an effective protective barrier between internal network and external network, effectively intercept illegal access in external network and effectively prevent internal information from flowing out. Firewall has a strong ability to prevent and control external intrusion, but it can't prevent and effectively control illegal operation inside the network.
Secondly, regarding intrusion detection, it is a powerful prevention technology that has gradually developed and expanded in recent years. It mainly adopts the preventive technology of effective integration of statistical technology and rule technology, network communication technology and artificial intelligence technology. The main function of intrusion detection is to effectively monitor the network and computer system, which can reflect whether it is invaded or abused in time and effectively.
Finally, for collaborative intrusion detection technology, collaborative intrusion detection technology makes up for the shortcomings and many defects of previous independent intrusion detection systems. In this system, IDS is based on a unified specification, and information between intrusion detection components can be exchanged automatically and effectively. Moreover, through the automatic exchange of information, intrusion information can be effectively checked and used effectively in different network environments.
2.2 server operating system security mechanism
At present, a large number of computers on the market are Windows NT and Unix operating systems, and their security levels are generally C 1 and C2. The main security technologies can be summarized as follows:
① Operating system security policy. Mainly configured in the security settings of the local computer. The main security policies include a series of security options such as password policy, account locking policy, audit policy and IP security policy, and their specific applications can be reflected in the user's account number, password and access rights.
② Safety management strategy. Mainly the methods and strategies adopted by network administrators for system security management. Because the operating system and network environment are different, there are different methods for security management, but the main core is still to effectively ensure the security of the server and allocate the rights of various users.
③ Data security strategy. This is mainly reflected in the following points: data encryption technology, data backup and data storage security. There are many technologies that can be adopted, including authentication, IPSec, SSL, TLS and so on.
2.3 Security Mechanism of Database Management System
The database system is effectively managed in the form of files in the operating system. Therefore, people who invade the database can directly steal the loopholes in the operating system and the files in the database, or they can use OS tools to carry out illegal operations and tamper with the contents of the database files. This kind of hidden danger is difficult for database users to detect, and analyzing this kind of vulnerability is considered as a BZ-level security technical measure. The hierarchical security technology of database is mainly to effectively solve the problem that the current two levels are destroyed, so as to ensure the security of database. Then the database management system must need a more powerful security mechanism.
2.4 client application security mechanism
An important aspect of network database security is client application. Its main features are powerful functions, quick and convenient implementation, and easy to make corresponding changes according to the changes in demand. The client application can not only effectively control the legal login and authentication of users, but also set data directly. In order to make the application system more secure, we must first control the application program effectively. In addition, the writing of customer-oriented applications also has great flexibility, and at the same time there are many skills, which can effectively and comprehensively realize the flexibility and security of management.
3 Using DBMS security mechanism to prevent network attacks
There are many large DBMS that are perfect in providing database security technology, and also have obvious positive effects on improving database security.
3. 1 System authentication and authorization
Authentication is the process of verifying the identity of the person or application requesting service in the system; Authorization is the process that authenticated identity mapping is granted database user rights, which limits the behavior of users allowed in the database. When setting permissions on the SQL Server database server, it is necessary to set restricted login for DPeb programs, specify that only specific databases can be accessed, add users to specific databases, connect with restricted login, and strictly set users' database permissions.
3.2 Data Backup and Recovery
Through data backup, when the system fails, the administrator can recover the data in the shortest time and keep the original state, which has a strong guarantee for data integrity and consistency. Under normal circumstances, database backup usually takes the following forms: one is static backup; Second, dynamic backup; Third, logical backup, etc. However, there are many ways to restore the database effectively, such as disk mirroring, database backup files and database online logs.
3.3 Comprehensive and effective enhanced review
Through effective audit, users can automatically record all the operations in the database, and then save all the recorded information in the audit log. Comprehensive and enhanced use of databases that can effectively track information and fully reproduce the current situation of a series of events. Therefore, clues such as who accessed data illegally, the time and content of accessing information and so on can be effectively found, and related responsibilities can be traced conveniently and effectively, and weaknesses and loopholes in system security can also be effectively found.
4 abstract
Modern society is in the stage of continuous development, and network information technology has also developed unprecedentedly. However, with the rapid development of internet technology, the security of its network database is the main problem that is constantly developing today. With the continuous improvement of modern network intrusion system, the security technology adopted by it is also further improved. Only by constantly analyzing and studying problems and summing up experience can we comprehensively and effectively deal with a series of new problems. In a word, the security of computer network database is a long-term and important issue in the new period. Only through scientific and reasonable security measures and continuous improvement and perfection in the later development process can the security and reliability of the system be effectively and comprehensively improved.
References:
[1] Zhou Shizhong, On the Research and Application of Network Database Security [J]. Computer Knowledge and Technology, 20 10(05).
[2] Dai, Network Database Security Management Based on SQL SERVER [J]. Network Security Technology and Application, 2009(04).
[3] Liang Jianmin, network database security factor analysis and preventive measures [J]. CD-ROM technology, 2008(09).
Guess you like:
1. Network Database Security Paper
2. Model essay on safety education
3. Digital Library Reference Model Papers
4. Excellent graduation thesis model essay
5. Model essay on technical papers