Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Database command line filtering and audit blocking method and device

A database and command-line technology, applied in electrical digital data processing, special data processing applications, computing, etc., can solve problems such as failure to block, include, and execute, and achieve the effect of real-time auditing

Active Publication Date: 2016-06-01
BEIJING VENUS INFORMATION SECURITY TECH +1
View PDF6 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The patent (publication number: CN103778185A) "A SQL statement parsing method and system for database auditing system" provides an audit based on the key information in the SQL statement, but does not include resource accounts in sessions, client hosts, database Name and other important information, and failed to block illegal operations
In addition, in some existing database audit methods, dangerous SQL statements are blocked, but the session is closed, so that other legal SQL statements of the user cannot be executed. A database audit method that blocks operations without interrupting session connections

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Database command line filtering and audit blocking method and device
  • Database command line filtering and audit blocking method and device
  • Database command line filtering and audit blocking method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] In order to facilitate the understanding of those skilled in the art, the present invention will be further described below in conjunction with the accompanying drawings, which cannot be used to limit the protection scope of the present invention.

[0033] The present invention proposes a database command line filtering and blocking audit method, such as figure 2 As shown, the method includes the following steps:

[0034] In step S101, the audit engine sends the database operation event of the database event to a dedicated structured query language SQL statement parsing module.

[0035] This module includes a lexical analyzer and a syntax analyzer, as well as other key information analysis, such as database name, client host name, resource account, response time, etc. The lexical analyzer mainly consists of a series of regular expressions with instructions that determine the corresponding action after the regular expression is matched. In order to improve the parsing...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a database command line filtering and audit blocking method and device. The method and device comprise: an audit engine is configured to send database operation events to a special structured query language (SQL) statement parse module; the SQL statement operation of the database events is subjected to real-time capture, identification and classification; the key information data packet of the SQL statement is sent to a detection module; the detection module is configured to compare the key information data packet of the SQL statement pre-defined blocking strategy in an audit strategy generation module; illegal key information and legal key information in the key information data packet of the SQL statement are detected; the illegal key information is sent to the data packet modification module for modification, and the legal key information is sent to a forwarding module for forwarding; and the illegal key information is modified to legal key information and then is sent to the data packet forwarding module for forwarding. The database command line filtering and audit blocking method and device are able to ensure the blocking of a special SQL statement and cannot disconnect the whole link.

Description

technical field [0001] The invention relates to a database firewall service in the technical field of information security, in particular to a database command line filtering and blocking audit method and device. Background technique [0002] Existing border defense security products and solutions all adopt passive defense technology, which cannot fundamentally solve the security threats and risks faced by the database data of various organizations. Solving database data security requires dedicated database security equipment to fundamentally solve data security problems. As a result, the database firewall, a database security active defense technology, emerged as the times require. The system is deployed between the application server and the database, and users must pass through the system to access or manage the database. The active defense technology adopted by the database firewall can proactively monitor, identify, alarm, and block external data attacks that bypass the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F17/30
Inventor 胡文广夏浩延
Owner BEIJING VENUS INFORMATION SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products