基于网络侦听的数据库审计方法
|
摘要
目前,在我国广泛使用的数据库管理系统中存在着监管失效,内部操作不透明,安全保护手段滞后等问题.而系统自带的数据库审计服务也存在着审计日志格式繁多难于维护,长期使用审计服务后导致系统性能下降等缺陷.因此,本文提出一种基于网络侦听技术的数据库审计方法,该方法通过监听分析数据来获取数据库操作指令,不改变现有网络结构,也不影响网络的性能,能够有效的审计监管外部入侵和内部的违规操作,为事后责任认定提供证据,可以有效的克服传统审计技术的不足.
At present, widely used DBMS in our country, which has generally exist some problems. Because of regul- atory failure, opaque internal operations, the lag of security measures, We can not guarantee that our database is secure. Although DBMS has provided audit services that also have many problems, such as most DBMS has different audit log format and difficult to maintain, low capability when audit server used long-term. So this paper presents a database audit method based on network monitoring technology. We can use it to collect database operations command by analyzing the monitoring data.It works without changing the existing network structure and effecting network performance, and it can effectively record external invasion or internal irregularities to provide evidence to legal responsibility. This appro- ach overcomes the shortcomings of traditional audit techniques.
At present, widely used DBMS in our country, which has generally exist some problems. Because of regul- atory failure, opaque internal operations, the lag of security measures, We can not guarantee that our database is secure. Although DBMS has provided audit services that also have many problems, such as most DBMS has different audit log format and difficult to maintain, low capability when audit server used long-term. So this paper presents a database audit method based on network monitoring technology. We can use it to collect database operations command by analyzing the monitoring data.It works without changing the existing network structure and effecting network performance, and it can effectively record external invasion or internal irregularities to provide evidence to legal responsibility. This appro- ach overcomes the shortcomings of traditional audit techniques.
引文
1 Khanuja HK,Adane DS.Database security threats and challenges in database forensic:A survey.Proc.2011International Conference on Advancements in Information Technology.Singapore.IACSIT Press.2011.170-175.
2 Cong QS,Huang ZM,Hu JB.A collaborative computer auditing system under SOA-based conceptual model.Proc.2011 4th IEEE International Conference on Computer Science and Information Technology.2011,10.439-443.
3 Zhu YQ,Yu H,Li H,Zeng LM.Design of a new web database security model.IEEE Computer Societyeds.Second International Symposium on Electronic Commerce and Securit.ISECS 2009.Washington.Electronic Commerce and Security.2010,1.292-295.
4 Deng L,Wang LY.Simulatable auditing in micro-databases.Proc.2011 4th IEEE International Conference on Computer Science and Information Technology.China.Academic Journal Electronic Publishing House.2011,6.364-368.
5 沈辉,张龙.基于WinPcap的网络数据监测及分析.计算机科学:2012,39(10):15-18.
6 马俊,高建瓴,孙斌,赵振民.WinPcap网络监听技术的研究与改进.2007通信理论与技术新发展.第十二届全国青年通信学术会议论文集.北京.中国学术期刊网络出版总库.2007,下册.1877-1882.
7 张运明.协议行为审计关键技术研究与实现[硕士学位论文].长沙:国防科学技术大学,2010.
8 郭丽红,吴海涛.TDS协议分析与漏洞检测.计算机工程.2009,35(18):127-129.
9 殷泰晖,李帅.基于TNS协议的Oracle数据库安全性改进方法.合肥工业大学学报(自然科学版).2012,35(2):6-9.
10 Forest JJ.Objective analysis of process safety audit data with Microsoft access.Process Safety Progress,2011,3(30):221-231.
2 Cong QS,Huang ZM,Hu JB.A collaborative computer auditing system under SOA-based conceptual model.Proc.2011 4th IEEE International Conference on Computer Science and Information Technology.2011,10.439-443.
3 Zhu YQ,Yu H,Li H,Zeng LM.Design of a new web database security model.IEEE Computer Societyeds.Second International Symposium on Electronic Commerce and Securit.ISECS 2009.Washington.Electronic Commerce and Security.2010,1.292-295.
4 Deng L,Wang LY.Simulatable auditing in micro-databases.Proc.2011 4th IEEE International Conference on Computer Science and Information Technology.China.Academic Journal Electronic Publishing House.2011,6.364-368.
5 沈辉,张龙.基于WinPcap的网络数据监测及分析.计算机科学:2012,39(10):15-18.
6 马俊,高建瓴,孙斌,赵振民.WinPcap网络监听技术的研究与改进.2007通信理论与技术新发展.第十二届全国青年通信学术会议论文集.北京.中国学术期刊网络出版总库.2007,下册.1877-1882.
7 张运明.协议行为审计关键技术研究与实现[硕士学位论文].长沙:国防科学技术大学,2010.
8 郭丽红,吴海涛.TDS协议分析与漏洞检测.计算机工程.2009,35(18):127-129.
9 殷泰晖,李帅.基于TNS协议的Oracle数据库安全性改进方法.合肥工业大学学报(自然科学版).2012,35(2):6-9.
10 Forest JJ.Objective analysis of process safety audit data with Microsoft access.Process Safety Progress,2011,3(30):221-231.