基于反向代理的数据库防火墙研究与应用  被引量:1

Research and Application of Database Firewall Based on Reverse Proxy

在线阅读下载全文

作  者:王忠花 张文飞 朱先清 李晖 WANG Zhonghua;ZHANG Wenfei;ZHU Xianqing;LI Hui

机构地区:[1]国网青海省电力公司信息通信公司,青海西宁810008

出  处:《青海电力》2021年第1期43-47,68,共6页Qinghai Electric Power

摘  要:近年来,数据量随着互联网技术发展出现了几何式增长,作为数据载体的数据库成为企业的核心,数据库安全面临严峻的挑战;对企业而言,运维人员的素质和水平也是决定数据库安全的重要因素。为提升数据库安全,针对运维人员的误操作等现象提出了个性化的数据库安全策略,研究了数据库防火墙系统的实现。数据库防火墙系统涉及反向代理、TNS协议解析、SQL语法树等技术,实现了个性化的防护。安全策略共涉及19种对象类型、8种操作类型,同时支持Oracle数据库和MySQL数据库。实验表明,该数据库防火墙系统针对日常运维过程中不符合安全策略的SQL语句的识别率和拦截率达到98%,有效降低了数据库的运维风险。In recent years,the amount of data has increased geometrically with the development of Internet technology.The database as a data carrier has become the core of enterprises,and database security is facing severe challenges;for enterprises,the quality and level of operation and maintenance personnel also determine the database An important factor for safety.In order to improve database security,a personalized database security strategy is proposed for the misoperation of operation and maintenance personnel,and the implementation of database firewall system is studied.The database firewall system involves technologies such as reverse proxy,TNS protocol analysis,SQL syntax tree,etc.,to achieve personalized protection.The security strategy involves 19 object types,8 operation types,and supports both Oracle and MySQL databases.Experiments show that the database firewall system has a 98% recognition and interception rate for SQL statements that do not comply with security policies in the daily operation and maintenance process,which effectively reduces the database operation and maintenance risks.

关 键 词:数据库运维安全 反向代理技术 TNS协议解析 SQL语法树 策略匹配 

分 类 号:TP393.083[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象