| 一种基于入侵检测的数据库安全审计 |
| |
| 引用本文: | 王渊,马骏. 一种基于入侵检测的数据库安全审计[J]. 计算机仿真, 2007, 24(2): 33-36 |
| |
| 作者姓名: | 王渊 马骏 |
| |
| 作者单位: | 中国航天科技集团神舟软件公司,北京,100036;中国航天科技集团神舟软件公司,北京,100036 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划) |
| |
| 摘 要: | 数据库审计是数据库安全的重要组成部分.它包括了日志记录和日志分析两个部分.然而传统的数据库审计系统往往只是一个简单的日志系统,而并不具备对日志进行分析的能力.即使存在审计分析能力,也往往具有语义不足,不易定义的特点.DBIDAUD模型使用入侵检测方法来实现数据库的审计分析能力,在DBIDAUD模型中存在一个规则库,其中定义了入侵检测知识,审计员通过定制规则库来定制系统的安全策略.模型具有丰富的语义和较高的效率,能够用来实现高安全数据库的审计系统.国产OSCARSEC安全数据库使用DBIDAUD实现了审计中心子系统.满足了国家安全标准四级的要求,在航天内部得到了充分的应用.
|
| 关 键 词: | 数据库审计 入侵检测 审计阈值 |
| 文章编号: | 1006-9348(2007)02-0033-04 |
| 修稿时间: | 2006-01-17 |
A Method of Database Secure Audit Based on Intrusion Detection |
| |
| WANG Yuan,MA Jun. A Method of Database Secure Audit Based on Intrusion Detection[J]. Computer Simulation, 2007, 24(2): 33-36 |
| |
| Authors: | WANG Yuan MA Jun |
| |
| Affiliation: | Beijing Shenzhou Aerospace Software Technology Co, Beijing 100036, China |
| |
| Abstract: | Database audit is an important part of database security. It contains both log system and audit system. But the traditional database audit system is always only a simple Log system without the ability of analyzing the log records. There exists some methods to implement database audit, but all of these methods have not enough semantics and are hard to define audit rule, DBIDAUD is a database audit model which uses an intrusion-detection method to implement the audit system. There includes a rule warehouse in the DBIDAUD, where the intrusion detection knowledge is defined. Auditor defines the secure policy by customizing the rule warehouse. The DBIDAUD model has richer semantics and higher efficiency and is used to implement the audit system of secure DBMS. The audit center of OSCARSEC SECURE DBMS is an implementation of DBIDAUD, which qualifies the level 4 of National Standard and is widely used in aerospace area. |
| |
| Keywords: | Database audit Intrusion detection Audit threshold |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
