检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]广西大学信息网络中心,广西南宁530004 [2]广西大学电气工程学院,广西南宁530004
出 处:《微机发展》2005年第10期46-48,共3页Microcomputer Development
基 金:国家计委西部大学网络工程项目(计投资20012437)
摘 要:多用户共享一个数据库必然存在一些安全隐患,须加以特定的控制措施以防止非法访问。提出一个基于视图的数据访问模型(VBAC),根据用户名创建与之联系的视图(视图成为该用户访问属于他的数据的惟一窗口),回收所有用户的权限,并将视图的访问权限授予给与之对应的用户,当一个用户登录系统,将他与对应的视图绑定起来,用户的数据访问通过视图间接完成,一旦回收视图的授权,与之对应的用户将不能对数据库进行任何存取。通过授权的数据视图,将用户对数据的操纵限定在特定的行和列,在用户和数据库之间建立信息安全防火墙。在Microsoft SQL Server 2000下测试了该模型的有效性。There are some potential damages to data security while multi - users share a database,so must take special means to prevent the data from non- permition. In this paper,propose a mode of view- based access control (VBAC),and create views according to the user name. The view is a data access wlndow,via which user can only access the data belonged to him. Revoke all users'authorizations and assign authorizations to views. Authorizations granted to a view are strictly related to the user' s name. When a user logs on system, can search the view related to his name, and hound it to this view. The user access database via view not directly but indirectly. If revoke the authorizations granted to the special view, the user related to this view will access nothing from the database. By granting authorization to data view, user's action would be restricted within narrow limits of special rows and columns when manipulating the database.So build an information security firewall between users and database system, testing VBAC in Microsoft SQL Server 2000, the experimental results show that this mode is available and effective.
分 类 号:TP309.2[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.49
