Database security auditing method

A security auditing and database technology, applied in the field of database security, can solve problems such as artificial intelligence auditing, inability to manage database permissions, and achieve the effect of preventing SQL injection
CN104484474AInactive Publication Date: 2015-04-01NANJING DUNLEI NETWORK TECH CO LTD
4 Cites 50 Cited by

Patent Information

Authority / Receiving Office
CN Β· China
Patent Type
Applications(China)
Current Assignee / Owner
NANJING DUNLEI NETWORK TECH CO LTD
Publication Date
2015-04-01
Estimated Expiration
Not applicable Β· inactive patent
Patent Text Reader

Abstract

The invention relates to a database security auditing method which comprises the following steps: acquiring database network communication data; parsing a database network communication protocol; carrying out self-learning digging on audit rules; detecting database risk event invasion; evaluating database user permissions; tracking the three-layer correlation of a primary user. The database security auditing method can be used for auditing and monitoring a database in real time, so that the automatic assessment, audit, protection and invasion detection operation can be realized; the method can be used for preventing, recording and tracking the complete database operation behavior so as to help an administrator to find out the internal safety problems of unauthorized use, privilege abuse, permission theft and the like of the database in time; furthermore, after the method is used, the outside attacks such as SQL (structured query language) injection and the like can be avoided.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the field of database security, in particular to a database security audit method. Background technique

[0002] In November 2009, IBM acquired the database security software Guardium, and released the upgraded product InfoSphere Guardium 8 for the first time in 2010. The functions provided by Guardium include database scanning and evaluation, detection of database transactions, tracking of user activities, monitoring of sensitive data, auditing of user behavior, automatic blocking of illegal access, complex but flexible audit reports and other functions.

[0003] Imperva SecureSphere is a data security and compliance solution launched by Imperva, a global data security leader. Imperva supports three deployment methods: offline network monitoring, transparent online protection, and agent-based monitoring. The main functions provided are: 1) Database assessment, detecting database vulnerabilities and repairing them in a virtua...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More