当前位置:网站首页>How to deal with data leakage and deletion related to business life and death?
How to deal with data leakage and deletion related to business life and death?
2020-11-07 20:15:00 【InfoQ】
One 、 introduction
1. What is database auditing ?
For a warehouse , If you want to guard against theft , The common practice is to install monitoring at the entrance and exit , Once there's a problem , Call the monitor to find the abnormal situation . It's similar to databases , There's also access to the database , Monitor all connections and entrances , You can record all the movements , Once there's a problem , By querying historical actions and analyzing them , You can find key information .
Therefore, database audit can be understood as recording the user's behavior of accessing the database , Positioning illegal actions , Go back to the source afterwards , The function of improving database security .
2. Common auditing methods
Common audit methods include the following categories :
(1) Application level audit
Audit directly in the application system , Before the statement is sent to the database background, the audit is done first , Does not affect database performance , I don't care what database is used at the bottom , But the pressure on the application system is relatively large , And the application system needs to parse statements , There's a certain amount of complexity .
(2) Transport layer audit
Often capture packet parsing implementation , It has no effect on the upper and lower levels , But also parse the statement , There's a certain amount of complexity , And if the transport layer is communicating through encryption , Will not be able to parse .
(3) Kernel audit
Directly on the kernel , All functions can be realized , It also minimizes performance impact , But it will have an impact on backstage stability , High requirements for developers , Whether it's open source or not , Will be very careful to support auditing directly on the kernel .
(4) Plug in audit
For open source databases , There are usually plug-ins to add functionality . Auditing can be embedded directly in the kernel as plug-ins , Of course, it will have a certain impact on database performance , But also because it's directly embedded in the kernel , A lot of first-hand information can be obtained directly , For example, if there is no way to avoid the above syntax parsing, there is no need to do , And it can also get more information about the running state directly , Can develop powerful and flexible audit functions .
Link to the original text :【https://www.infoq.cn/article/a4DNNeVBNuGqLJMR0HhK】. Without the permission of the author , Prohibited reproduced .
版权声明
本文为[InfoQ]所创,转载请带上原文链接,感谢
边栏推荐
- 使用LWA和Lync模拟外部测试无边缘单前端环境
- Don't treat exceptions as business logic, which you can't afford
- OpenCV計算機視覺學習(10)——影象變換(傅立葉變換,高通濾波,低通濾波)
- 垃圾分类知识竞赛
- Classroom exercises
- PHP security: the past and present of variables
- 编程界大佬教你:一行Python代码能做出哪些神奇的事情?
- 从技术谈到管理,把系统优化的技术用到企业管理
- Ac86u KX Online
- Exclusive interview with Yue Caibo
猜你喜欢
在pandas中使用pipe()提升代码可读性
Kubernetes (1): introduction to kubernetes
Awk implements SQL like join operation
C语言I博客作业03
vue踩坑:axios使用this指针
不懂数据库索引的底层原理?那是因为你心里没点b树
STlink下载出现st-link usb communication error解决方法
Reflection on a case of bus card being stolen and swiped
嘉宾介绍|2020 PostgreSQL亚洲大会中文分论坛:潘娟
OpenCV計算機視覺學習(10)——影象變換(傅立葉變換,高通濾波,低通濾波)
随机推荐
C enumerates the differences between permissions |, and |
C# 枚举权限 |和||,&和&&的区别
Bgfx compilation tutorial
C語言重點——指標篇(一文讓你完全搞懂指標)| 從記憶體理解指標 | 指標完全解析
CPU瞒着内存竟干出这种事
使用 Xunit.DependencyInjection 改造测试项目
深入浅出大前端框架Angular6实战教程(Angular6、node.js、keystonejs、
PHP security: the past and present of variables
工作1-3年的程序员,应该具备怎么样的技术能力?该如何提升?
Technical debt is a lack of real understanding of business functions- daverupert.com
在 Amazon SageMaker 管道模式下使用 Horovod 实现多 GPU 分布式训练
在pandas中使用pipe()提升代码可读性
chrome浏览器跨域Cookie的SameSite问题导致访问iframe内嵌页面异常
一文详解微服务架构
聊聊Go代码覆盖率技术与最佳实践
Code Review最佳实践
Vscode configuration
vscode 配置
DOM节点操作
HMS core push service helps e-commerce app to carry out refined operation