金融数据库系统集中式安全管理研究-计算机应用技术专业论文.docxVIP

浙江大学硕士学位论文 Abs阳ct Abstract Wi由the development of computer technology and the gradual deepening of network usage in tinancial system，the computer information system has been widely used in tinancial areas. Database is the storage center for critical data and plays an important role in tinancial system，and it is the most attractive goal for the attackers. Besides，all kinds of ∞mputer crimes against tinancial databases ωme one after another. In large tinancial system，there are a large number of databases with high capacity. 叽le cu町ent security mechanism for single database cant meet 伽e requirement of this，so we have to focus on the security management for large tinancial database systems. Access con衍。l is the tirst line of defense in database security and it is precondition for database authentication and authorization. Audit plays an important role in high security-level system，which provides evidence for later followups. Attack detection is an active and positive safety mechanism ，让can prevent unauthorized access and malicious acts by monitoring database status and user activities. In this pape几 1research access control，security audit and attack detection for large tinancial database systems. First，describe the applicatio卧role based access control model ，and it can achieve unitied security management for large number of database systems. Secondl弘 design and realize a central based SQL Server database audit sysωm，which offers users a choice to select audit trace events. Besides，the system holds audit data in central server by partition tables. It not only ensures the security of audit records，but also reduces the performance impact on tinancial application databases. Finally，1describe the attack detection，including trigger-based real-time misuse detection and SQL-based association rule mining 岛r anomaly detection. In a11， we can achieve the security database management for large tinancial database system by combination ofthese three security mechanisms. Keywords: Acc