期刊文献+

MySQL数据库的安全机制分析与入侵检测开发 被引量:4

Safety Mechanism Analysis of MySQL and Intrusion Detection Development
下载PDF
导出
摘要 针对MySQL开源数据库,具体分析其内部和外部的安全机制;重点分析了如何防止未经授权的文件系统访问和网络访问。通过与其他大型数据库的对比,指出MySQL84.-4@库存在的不安全隐患;总结了各种漏洞的存在对系统构成的风险,并给出相应的防范对策。最后,在以MySQL为后台数据库的网络环境中,进行了针对多种漏洞的攻击实验。 The paper presents the open source database MySQL, about a detailed analysis of its internal and external security mechanism, for example, the user security mechanism, the security mechanism based on the authorized form, the settings and the structures of the authorized form, access mechanism, etc. Analysis focused on how to prevent unauthorized access to the file system and network access. And by contrast to other large-scale databases, it shows the hidden dangers that exist in the MySQL database. Then, it sums up the risks of a variety of loopholes and the corresponding preventive measures. Finally, it shows the experiments, which attack against all kinds of loopholes in the network environment based on MySQL. The results show that MySQL database can resist the attack after security settings and the input pa- rameters filtering.
作者 迟美霞
机构地区 同济大学
出处 《电脑知识与技术》 2012年第2期745-748,共4页 Computer Knowledge and Technology
关键词 数据库 安全机制 MYSQL 漏洞检测 注入漏洞 database security mechanism MySQL vulnerability detection injection
  • 相关文献

参考文献9

二级参考文献30

  • 1赵晓峰.基于JSP与JavaBean技术的Web应用开发[J].深圳信息职业技术学院学报,2005,3(1):39-43. 被引量:6
  • 2周彩兰,孙琳,李素芬.基于JSP的网络数据库连接技术[J].计算机技术与发展,2006,16(4):209-211. 被引量:18
  • 31,Pfleeger C P. Security in Computing, Edition 2. Prentice-Hall, 1997
  • 42,Gallagher P R. Security of electronic information. The National Computer Security Center: Technique Report NCSC-TG-021, 1991
  • 53,Castano S, Fugini M, Martella G et al. Database Security. ACM Press & Addison-Wesley, 1994
  • 6[1]Department of Defense (DOD).DoD 5200.28-STD 1985.Trusted Computer System Evaluation Criteria (TCSEC).Fort Meade,MD:Department of Defense,1985
  • 7[2]Yuan Liyan.The documentation of LogicSQL.http://www.shifang.com.cn/index.html,2005-04-18
  • 8[3]R S Sandhu,Q Munawer.How to do discretionary access using roles.In:Proc the 3rd ACM Workshop on Role Based Access Control.New York:ACM Press,1998.47-54
  • 9[4]S Osborn.Mandatory access control and role-based access control revisited.In:Proc of the 2nd ACM Workshop on Role Based Access Control.New York:ACM Press,1997.31-40
  • 10[6]P R Gallagher.Security of electronic information.The National Computer Security Center,Tech Rep:NCSC-TG-021,1991

共引文献50

同被引文献15

引证文献4

二级引证文献3

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部