当前位置:网站首页>How to deal with data leakage and deletion related to business life and death?
How to deal with data leakage and deletion related to business life and death?
2020-11-07 20:15:00 【InfoQ】
One 、 introduction
1. What is database auditing ?
For a warehouse , If you want to guard against theft , The common practice is to install monitoring at the entrance and exit , Once there's a problem , Call the monitor to find the abnormal situation . It's similar to databases , There's also access to the database , Monitor all connections and entrances , You can record all the movements , Once there's a problem , By querying historical actions and analyzing them , You can find key information .
Therefore, database audit can be understood as recording the user's behavior of accessing the database , Positioning illegal actions , Go back to the source afterwards , The function of improving database security .
2. Common auditing methods
Common audit methods include the following categories :
(1) Application level audit
Audit directly in the application system , Before the statement is sent to the database background, the audit is done first , Does not affect database performance , I don't care what database is used at the bottom , But the pressure on the application system is relatively large , And the application system needs to parse statements , There's a certain amount of complexity .
(2) Transport layer audit
Often capture packet parsing implementation , It has no effect on the upper and lower levels , But also parse the statement , There's a certain amount of complexity , And if the transport layer is communicating through encryption , Will not be able to parse .
(3) Kernel audit
Directly on the kernel , All functions can be realized , It also minimizes performance impact , But it will have an impact on backstage stability , High requirements for developers , Whether it's open source or not , Will be very careful to support auditing directly on the kernel .
(4) Plug in audit
For open source databases , There are usually plug-ins to add functionality . Auditing can be embedded directly in the kernel as plug-ins , Of course, it will have a certain impact on database performance , But also because it's directly embedded in the kernel , A lot of first-hand information can be obtained directly , For example, if there is no way to avoid the above syntax parsing, there is no need to do , And it can also get more information about the running state directly , Can develop powerful and flexible audit functions .
Link to the original text :【https://www.infoq.cn/article/a4DNNeVBNuGqLJMR0HhK】. Without the permission of the author , Prohibited reproduced .
版权声明
本文为[InfoQ]所创,转载请带上原文链接,感谢
边栏推荐
- [漫谈] 软件设计的目标和途径
- CI / CD of gitlab continuous integrated development environment
- [graffiti footprints of Internet of things] mainstream communication mode of Internet of things
- 在pandas中使用pipe()提升代码可读性
- Tips for Mac novices
- 一种超参数优化技术-Hyperopt
- The official 1909 version of win10 cannot open the real-time protection solution of virus and threat protection in windows security center.
- Huawei HCIA notes
- bgfx编译教程
- 嘉宾专访|2020 PostgreSQL亚洲大会阿里云数据库专场:王旭
猜你喜欢
随机推荐
Mate 40系列发布 搭载华为运动健康服务带来健康数字生活
graph generation model
11.Service更新
Tips for Mac novices
盘点那些争议最大的编程观点,你是什么看法呢?
Awk implements SQL like join operation
Code Review最佳实践
GrowingIO 响应式编程探索和实践
vscode 配置
Chinese sub forum of | 2020 PostgreSQL Asia Conference: Pan Juan
嘉宾专访|2020 PostgreSQL亚洲大会阿里云数据库专场:王旭
如何以计算机的方式去思考
[note] error while loading pyv8 binary: exit code 1 solution
在 Amazon SageMaker 管道模式下使用 Horovod 实现多 GPU 分布式训练
廬山真面目之二微服務架構NGINX版本實現
Didi's distributed ID generator (tinyid), easy to use
一文详解微服务架构
不要把异常当做业务逻辑,这性能可能你无法承受
Application and principle of handlermethodargumentresolver
The samesite problem of cross domain cookie of Chrome browser results in abnormal access to iframe embedded pages