检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]南京航空航天大学计算机科学与技术学院,南京210016 [2]南京德讯科技股份公司,南京210012
出 处:《计算机系统应用》2014年第4期97-101,共5页Computer Systems & Applications
摘 要:目前,在我国广泛使用的数据库管理系统中存在着监管失效,内部操作不透明,安全保护手段滞后等问题.而系统自带的数据库审计服务也存在着审计日志格式繁多难于维护,长期使用审计服务后导致系统性能下降等缺陷.因此,本文提出一种基于网络侦听技术的数据库审计方法,该方法通过监听分析数据来获取数据库操作指令,不改变现有网络结构,也不影响网络的性能,能够有效的审计监管外部入侵和内部的违规操作,为事后责任认定提供证据,可以有效的克服传统审计技术的不足.At present, widely used DBMS in our country, which has generally exist some problems. Because of regul-atory failure, opaque internal operations, the lag of security measures, We can not guarantee that our database is secure. Although DBMS has provided audit services that also have many problems, such as most DBMS has different audit log format and difficult to maintain, low capability when audit server used long-term. So this paper presents a database audit method based on network monitoring technology. We can use it to collect database operations command by analyzing the monitoring data .It works without changing the existing network structure and effecting network performance, and it can effectively record external invasion or internal irregularities to provide evidence to legal responsibility. This appro-ach overcomes the shortcomings of traditional audit techniques.
分 类 号:TP311.13[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.7
