Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method and system for detect SQL sentence security of agricultural database

A security detection and database technology, applied in the field of database security, can solve problems such as the white list cannot be exhaustive, unallowed statements release security risks, affect database performance, etc., to achieve the effect of ensuring normal operation, normal use and safety

Inactive Publication Date: 2019-03-01
HOHAI UNIV
View PDF4 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] Purpose of the invention: In order to overcome the deficiencies in the prior art, the present invention provides a method and system for detecting the security of SQL statements in agricultural databases, which solves the problem that the white list cannot be exhaustive and the potential safety hazards caused by the release of unallowed statements , Problems that affect database performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for detect SQL sentence security of agricultural database
  • A method and system for detect SQL sentence security of agricultural database
  • A method and system for detect SQL sentence security of agricultural database

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] Such as figure 1 , On the one hand, the present invention provides a kind of agricultural database SQL statement security detection method, the database described hereinafter is general MYSQL, ORACLE related relational database, what protection is the database security related to agriculture, comprises:

[0049] Step 1. Check whether there is permission to access the database table. Through a strong access strategy, perform a security check on the SQL that matches the characteristics to ensure that the safe SQL can be collected dynamically. Illegal SQL access can be intercepted normally, and the collected SQL A HASH mapping judgment can be made to safely access the agricultural background database and improve efficiency.

[0050] The present invention firstly collects the word structure information within the length range existing in the current system, splits the original structure into multiple equal-length word structures and compares and matches them, and then judge...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an agricultural database SQL sentence safety detection method, comprising the following steps: (1) extracting a source SQL sentence in the database, carrying out syntax analysis, if the syntax analysis is wrong, terminating; Otherwise, it is judged whether the source SQL statement is in the white list or not, and if the source SQL statement is already in the white list, themethod ends; Otherwise, lexical analysis is carried out; (2) if the lexical analysis is incorrect, it ends; Otherwise, the source SQL statement is added to the whitelist, and the word structure withreference count under the source SQL statement is generated. (3) Collect multiple SQL statements which contain the same table structure as the table accessed by the source SQL statement in the currentwhitelist, compare the word structure of the source SQL statement under different length with the word structure of multiple SQL statements extracted from the whitelist, and then judge whether the source SQL statement is a safe access statement or not. The invention can not only be safe but also can not block dynamically spliced SQL sentences, so as to ensure the normal use and safety of the background agricultural database.

Description

technical field [0001] The invention relates to the field of database security, in particular to an agricultural database SQL statement security detection method and system. Background technique [0002] The security of agricultural background data has always attracted much attention. The data interacts with the external network and the database, and many security products have been derived. The database firewall is one of the important security products. There are many types of database firewall implementations, most of which implement high-risk operations such as signature database, whitelist, blacklist, SQL injection defense, limited update and deletion, limited update and deletion without where, and limited create and drop. [0003] However, there are always two states that cannot be exhaustive for the whitelist: [0004] 1. There is no guarantee that all SQL statements involved in complex business systems can be recorded into a whitelist within a certain period of time...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F16/242G06F21/62
CPCG06F21/6218
Inventor 李修能赵熙杨绪高超吴问波李镕其
Owner HOHAI UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com