Database security assessment method

A security assessment and database technology, applied in the field of database security, can solve problems such as hidden security risks and inability to understand vulnerability risk levels, and achieve the effect of reducing security risks and improving security strategies

Inactive Publication Date: 2013-12-25
福州宇科信息技术有限公司
View PDF4 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Commonly used database penetration testing tools include DSQLTools (SQL injection tool), nbsi3.0 (MSS-QL injection tool), mysqlweak (Mysql database weak password scanner), pangolin (database injection tool), db2utils (DB2 vulnerability utilization tool) , oscanner (Oracle scanning tool), oracle_check-kpwd_big (Oracle weak password guessing tool), etc., but these commercial vulnerability scanning tools have the problem of hiding test results in practical applications. If a certain vulnerability cannot be tested, it is impossible to understand There is a risk level of vulnerabilities, database administrators will mistakenly think that the database is safe, but in fact there are security risks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Database security assessment method
  • Database security assessment method
  • Database security assessment method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0044] Such as figure 1 The shown database security assessment method includes an information collection and analysis module, an audit module, a penetration testing module, a trace processing module, an assessment module, and a system control module. The system control module is implemented by a programmable controller, which is connected with other modules to control the operation and data transmission of each module.

[0045] In this embodiment, the database security assessment method is divided into the following implementation steps:

[0046] Step 1: Collect information on the target task, have a basic understanding of the target task's software and hardware environment, user settings, topology, and application conditions, and provide information for more in-depth penetration testing, and can formulate targeted penetration testing plan;

[0047] Such as figure 2 As shown, the information collection adopts the method of data synchronization between the attack server and...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a database security assessment method, belonging to the technical field of database security. In the method, the following modules are involved: (1) an information collection module, (2) an audit module, (3) a penetration testing module, (4) a trace processing module, (5) an assessment module and (6) a system control module. The system control module is implemented by the adoption of a programmable controller, is connected with other modules, and controls the operation and the data acquisition of each module. By the database security assessment method, a database security assessment report with reliability and security can be provided aiming at the problem that commercial vulnerability scanning tools hide test results in practical application, the current vulnerability risk level of the database is emphasized, the current security problems of the database are learnt by a database administrator intuitively, a security policy is completed, and security risks are lowered.

Description

technical field [0001] The invention relates to a database security assessment method, which uses scanned database loopholes to simulate attacks and provides security and reliability assessment reports, belonging to the technical field of database security. Background technique [0002] With the increasing application of databases, database security issues have attracted much attention. Vulnerabilities commonly found in databases today are low password complexity, low security settings level, enabling unnecessary database functions, data leaks, buffer overflows, etc. These security holes and improper configurations often have serious consequences. [0003] Due to the lack of database security assessment tools at this stage, the risk level of vulnerabilities continues to increase, and database administrators cannot discover security problems faced by databases in a timely manner. Penetration testing completely simulates the intrusion and attack methods of hackers, uses the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/30G06F21/57
Inventor 陈志德吴纪芸许力黄欣沂郑金花
Owner 福州宇科信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap