摘要
数据库已经越来越多的允许多用户进行访问,从而引出了多用户访问数据库的安全性审核问题,用户对数据库的访问大致分为三种:合法用户对数据库的合法操作、合法用户对数据库的非法操作以及非法用户对数据库的操作。针对这两种不同的用户对数据库的三种不同的访问文章提出了基于数据库用户行为的安全审核机制的策略。通过审计来对数据库用户行为进行监测跟踪,而后建立用户行为特征模型,用户再次访问数据库时根据该模型进行安全审核。以SQL Server2005为例,深入探讨传统数据库的安全审核机制以及成功运用基于用户行为的安全审核机制后对数据库安全的保障。
Database has been accessed by more and more multiple users, which leads to the problem of muhi-user security audit access to the database, the users access to the database is broadly divided into three categories: the legal operations to the data- base by legitimate users, the illegal operation to the database by legitimate users and the operations of the database by illegitimate users. For these three different accesses to the database by these two different users, the strategy of security audit mechanism was proposed based on user behaviors. The user behavior to be monitored and tracked by the audit, and then create a model of the user behavioral characteristics, the database will carry out safety audits according to the model when the user access to this database again. In SQL Server2005 example, further explore the security auditing mechanism of traditional database as well as the success- ful application of the protection of database security mechanisms based security auditing user behavior.
作者
武春燕
孙忠林
WU Chun-yan, SUN Zhong-lin (College of Information Science and Engineering ,Shandong University of Technology and Science, Qingdao 266590, China)
出处
《电脑知识与技术》
2015年第3期16-20,共5页
Computer Knowledge and Technology
关键词
安全措施
审计
审计记录
行为模型
分析模型
安全审核
safety measures
audit
audit records
behavioral models
analysis model
security audit
