Database security
With the development of computers, the importance of the database has become more obvious. As a data management tool, the database manages and saves core data files such as enterprises and companies, and its security requirements are higher. There is no security guarantee. How to achieve data security, today we come to understand the security of the database
1. What is the security of the database?
Database security refers to a characteristic (mechanism or means) of the database that the DBMS should guarantee: protection from illegal and unauthorized users' use, leakage, alteration or destruction
Second, the aspect of database security management design?
- Social law and ethics: Private information is protected, and unauthorized access to private information will be illegal
- Public policy/system: For example, government or organization's information disclosure or non-disclosure system
- Security strategy: the security strategy implemented by the government, enterprise or organization, such as centralized management and decentralized management, the strategy is known to those who need it (also known as the least privilege strategy)
- Data security level: Top Secret, Secret, Confidential and Unclassified
- The security level of the database system DBS: physical control, network control, operating system control, DBMS control
Three, database security classification
- Autonomous security mechanism: Access? Control
- Through the transfer of permissions between users, users can manage database security independently
- Mandatory security mechanism
- By compulsory classification of data and users, different types of users can access different types of data
- Inferred control mechanism:
- Prevent historical information from inferring information that should not be known
- Prevent private information (individual information) from inferring private information (individual information) through public information (usually some aggregated information). This problem is usually particularly important in some public databases composed of individual data
- Data encryption storage mechanism
- Protect data through encryption and decryption, keys, encryption/decryption methods and transmission
Fourth, the way that DBMS realizes autonomous security
Five, database independent security access rules
Six, the realization of autonomous security
- Storage matrix
- view
Seven, SQL language to achieve database autonomy security
7.1, SQL user management
**SQL language includes DDL, DML and DCL. Database security control belongs to the category of DCL**
Login user
mysql -u username -p
输入密码
或
mysql --user=username -p
输入密码
One, view all users in the current database
use mysql;
select user from user;
Second, create user ms, password'ms@123
create user ms identified by 'ms@123'
Three, delete users
drop user Welkin ;
Fourth, user authority management
查看用户所拥有的权限 : select * from user where user='ms' \G;
7.2, user rights management
授权机制---自主安全性;视图的运用
关系级别(普通用户) 账户级别(程序员用户) 超级用户(DBA)
- Right level
High-level rights automatically include low-level rights. If someone has the right to update, it also automatically has the right to read. In some DBMSs, level 3 rights are called account level rights, and levels 1 and 2 are called relationship level rights.
- Database authorization commands
- Example explanation
- Withdraw order
7.3, the authorization process of autonomous security and its problems
-
The authorization process of autonomous authorization and its problems
-
Mandatory security mechanism
- Implementation of mandatory security mechanism
- Instance
Eight, the end
- Database security summary