Discussion on the Realization Principle of Database Safety Detection System

News 2023-06-12 02:42:14 views: null

1. System construction background

        Data is oil, data is blood, data is the accelerator of business, and data is the energy required for the operation of the "brain". The value generated by data in the flow process is getting higher and higher, and it is also becoming more and more diverse. As a result, the problems and risks in the data life cycle are becoming more and more serious. As a regulatory department, how to clearly understand the status of the regulated objects As for the overall protection capability of data security, as a data security construction department, how to intuitively and comprehensively display the current data security protection capabilities and clarify the direction and content of future data security construction is becoming more and more urgent.

     Article 28 of the "Data Security Law" (Draft) specifies that processors of important data should regularly conduct risk assessments of their data activities and submit risk assessment reports to relevant authorities. The risk assessment report should include the types and quantities of important data held by the organization, the collection, storage, processing, and use of data, the data security risks faced by the organization and its countermeasures, etc.

    At present, in the process of data security inspection, there are relatively few special security inspection tools for the technical side, and there are no relevant standards in the industry. Therefore, this article is also a brief discussion on the implementation of system technology, hoping to play a role in attracting ideas and jointly promote data security evaluation. Scientific and standardized.

2. Construction structure of data security detection and inspection system

The data security detection and inspection system as a whole can be divided into a support layer, a detection layer, a business layer and a display layer.

  1. The support layer is the source of the system inspection dimension, which can form a security baseline and leak inspection basis from multiple aspects such as CIS, PCI-DSS, DISA (STIG), and CVE.
  2. The detection layer can be divided into rule base, policy base, variable base and custom rule base. The rule base includes rule name, data type (MYSQL, ORACLE, SQLSERVER, etc.), detection statement, detection description, category, remedial measures, severity, etc. ; The policy library is the policy name, database type, source basis, and policy association information; the variable library is the variable name, default value, database type, script, and rule library association information.
  3. The business layer mainly provides detection scenarios, which can be divided into authentication user management, vulnerability detection, access control, system integrity detection, resource control and general data detection.
  4. The detection results are displayed in various ways such as risk visualization and risk reporting.

3. System inspection process

 The system inspection process can be divided into obtaining basic input information (such as database type, database IP, database port, database user name, database password), obtaining detection rules according to database type and version, obtaining policy information according to rule ID, and obtaining variables according to rule ID Information, pre-test, execute check rule script, form result display. The specific details are as follows.

The detailed detection results are as follows:

Here, based on the detection effect, it is enough to form a report or a visual display effect in combination with elements such as the rule library and policy library.

4. Conclusion

       The database security inspection and inspection system is an important starting point to support the data security inspection and evaluation work. Although the internal data security situation of the organization can be understood through personnel interviews, system inspections, and document inspections, there is still a lack of information that can actually reflect the organization's database security status. detection method. The above scenario is the original purpose of forming this article. Finally, through this article, you can have a relatively clear understanding of the implementation principle of the database security detection and inspection system, and provide some help for the overall system construction.

Guess you like

Origin blog.csdn.net/a59a59/article/details/109902402
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com