Security auditing system and method for database, and server

A security audit and database technology, applied in the field of database security audit system, can solve the problems of information leakage, no audit rules design, etc.

Active Publication Date: 2018-11-06
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF9 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] Aiming at the problems existing in the prior art, the embodiment of the present invention provides a database security audit system, method and server, which is used to solve the problem in the prior art that the database audit system does not design audit rules that conform to the database format according to the characteristics of the database. Defects, and problems that are prone to risks such as message leakage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security auditing system and method for database, and server
  • Security auditing system and method for database, and server
  • Security auditing system and method for database, and server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0043] This embodiment provides a database security audit system, such as figure 1 As shown, the security audit system is installed in the database, and the security audit function is deployed to the existing database by changing the source code of the storage engine module in the existing database or through a plug-in; including the database module, audit data collection module , audit data storage module, audit data analysis module and visualization module;

[0044] The database module is built on the storage engine module of the existing database, and is used to process the data in the database according to the command request of the client, and store the operation log in the data processing process. At the same time, the data that needs to be stored stored on disk or other media;

[0045] The database module provided in this example is the storage engine part of the self-developed database. After receiving the command request from the client, it stores the data to be stor...

Embodiment 2

[0059] Corresponding to Embodiment 1, this embodiment provides a database security audit method, the method is applied to the database, such as figure 2 As shown, the method includes the following steps:

[0060] (1) Process the data in the database according to the client's command request, and store the operation log in the data processing process, and at the same time, store the data to be stored in the disk or other media;

[0061] (2) Collect and store the operation log of the database module, and format the collected operation log, convert it into a format that can be stored, and use it as the audit data of the security audit system;

[0062] (3) Change the underlying source code of Elasticsearch and use the open source search engine Elasticsearch storage format to classify and store the audit data collected and transformed by the audit data collection module, and index the audit log information according to time, database, and user keywords;

[0063] (4) Analyzing and...

Embodiment 3

[0068] This embodiment provides a server, such as image 3 As shown, it includes a memory, a processor, and a computer program stored on the memory and operable on the processor, and the processor implements the following steps when executing the program:

[0069] (1) Process the data in the database according to the client's command request, and store the operation log in the data processing process, and at the same time, store the data to be stored in the disk or other media;

[0070] (2) Collect and store the operation log of the database module, and format the collected operation log, convert it into a format that can be stored, and use it as the audit data of the security audit system;

[0071] (3) Change the underlying source code of Elasticsearch and use the open source search engine Elasticsearch storage format to classify and store the audit data collected and transformed by the audit data collection module, and index the audit log information according to time, databas...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a security auditing system and method for a database, and a server. The security auditing system comprises a database module, an auditing data collection module, an auditing data storage module, an audit data analysis module and a visualization module; the database module processes data in the database; the auditing data collection module is used for collecting operation logs of the database module; the auditing data storage module is used for storing auditing log data, and efficient and secure processing of the auditing data is guaranteed by introducing an improved storage engine; the auditing data analysis module is used for performing analysis processing on the auditing log data; and the visualization module can visually display the auditing log data, thereby better monitoring the change situation of the database. The system can well solve the auditing problem of the database, realize the compliance check of the database, and perform early warning on the violation operation.

Description

technical field [0001] The invention belongs to the technical field of database auditing, and in particular relates to a database security auditing system, method and server. Background technique [0002] The database is the foundation of the modern information system. There are a large amount of valuable information system business data in the database. These data involve the security of the information business. It is necessary to ensure the reliability and availability of the data, so there is a database security audit system. The database audit system is used to record database operation activities in real time, perform fine-grained audit compliance check management on database operations, and issue alarms on risky behaviors encountered by databases. By recording, analyzing and reporting user access to the database, it helps users generate compliance reports afterwards and trace the source of accidents, while strengthening the security of audit data itself and improving ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62G06F17/30
CPCG06F21/6218
Inventor 曹晟蒋长红邹杰成王靖梅亚双
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap