精华内容
下载资源
问答
  • 目录 一、冒泡排序 二、选择排序 三、插入排序 ...现在其实从大厂招聘需求可见,在招聘要求上有高并发经验优先,包括很多朋友之前都是做传统行业或者外包项目,一直在小公司,技术搞的比较简单,没有怎么搞过...

    目录

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    一、冒泡排序

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    二、选择排序

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    三、插入排序

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    四、快速排序

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    五、归并排序

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    六、希尔排序

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    七、堆排序

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    八、基数排序(桶排序)

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    九、递归

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    十、链表

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    十一、栈

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    十二、队列

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    十三、二叉树

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    上分工具,凭这份《数据结构与算法》核心文档,我“跳”进了字节

    最后

    现在其实从大厂招聘需求可见,在招聘要求上有高并发经验优先,包括很多朋友之前都是做传统行业或者外包项目,一直在小公司,技术搞的比较简单,没有怎么搞过分布式系统,但是现在互联网公司一般都是做分布式系统。

    所以说,如果你想进大厂,想脱离传统行业,这些技术知识都是你必备的,下面自己手打了一份Java并发体系思维导图,希望对你有所帮助。

    资料获取方式:戳这里免费下载

    手打了一份Java并发体系思维导图,希望对你有所帮助。

    资料获取方式:戳这里免费下载

    展开全文
  • mysql数据库外文文献

    2018-08-16 15:06:26
    大学生毕业论文设计所需要用到的mysql数据库外文文献
  • 文档介绍:计算机毕业设计外文参考文献计算机毕业设计外文参考文献[1]. Abdellatif,T.andF.Boyer.AnodeallocationsystemfordeployingJavaEEsystemsonGrids.2009.Hammemet,Tunisia.[2]. Bharti,A.K.andS.K.Dwivedi,E-...

    文档介绍:

    计算机毕业设计外文参考文献计算机毕业设计外文参考文献[1]. Abdellatif,T.andF.Boyer.AnodeallocationsystemfordeployingJavaEEsystemsonGrids.2009.Hammemet,Tunisia.[2]. Bharti,A.K.andS.K.Dwivedi,E-GovernanceinPublicTransportation:U.P.S.R.T.C.——ACaseStudy.2011:Kathmandu,Nepal.p.7-12.[3]. ChangChun,S.Z.C.S.,etal.,ANovelTwo-stageAlgorithmofFuzzyC-MeansClustering.2010:中国吉林长春.p.85-88.[4]. Changchun,Z.Z.H.Q.,Simulationof3-CSeismicRecordsIn2-DTIM.1991:中国北京.p.489-493.[5]. CHINA,G.C.O.M.,mendationinB-merce.2011:中国湖北武汉.p.214-217.[6]. ENGINEERING,W.C.H.X.,H.T.S.H.PROPAGATIONandXINXIANG,ACBANDSYSTEMFORIONOSPHERICSCINTILLATIONOBSERVATION.1991:中国北京.p.470-476.[7]. Henriksson,K.,K.NordlundandJ.Wallenius,Simulatingmodelsteels:Ananalyticalbond-orderpotentialforFe-C.2008:中国北京.p.138.[8]. Jiansen,Y.,etal.,SuspensionK&haracteristicsandtheEffectonVehicleSteering.2010:中国吉林长春.p.408-411.[9]. Jilin,W.G.D.O.,C.W.S.D.ChangchunandChina,RealizationandOptimizationofVideoEncoderBasedonTMS320C6455DSPs.2010:中国吉林长春.p.312-317.[10]. Juan,C.,etal.,Semi-physicalsimulationofanoptoelectronictrackingservosystembasedonCMEXSfunctions.2010:中国吉林长春.p.46-49.[11]. Kachru,S.andE.F.Gehringer.asplatformsforteachingwebservices.2004.[12]. KIM,T.,etal.,MRIImageSegmentationUsingIntuitiveFuzzyC-MeansAlgorithm.2011:中国湖北武汉.p.306-309.[13]. Li,M.andH.Wang.AdevicemanagementsystembasedonJAVAEEWeb.2009.Wuhan,China.[14]. Li,Z.andZ.Weixi.Designoftourisme-businesssystembasedonJavaEEmulti-pattern.2012.Sanya,China.[15]. Lin,P.,H.WenandS.Zhou.Designandimplementationofjob-searchsystembasedonjavaEE.2010.HongKong,China.[16]. Lv,X.,Y.QinandJ.N.G.University,2H5+bombardingamorphouscarbonsurfaces:moleculardynamicsstudy.2008:中国北京.p.148.[17]. Meyer,B..ing[MicrosoftWebservicesplatform].Computer,2001.34(8):p.92--97.[18]. Meyer,B.,R.SimonandE.Stapf,.Recherche,2003.67:p.02.[19]. Morishita,K.,etal.,icsofvacancyclustersin3C-SiCduringirradiation.2008:中国北京.p.141.[20]. Ou,J.,etal.DesignandresearchonteachingplatformofstagetaskusingJavaEE.2012.Chongqing,China.[21]. Science,J.X.Z.M.,etal.

    内容来自淘豆网www.taodocs.com转载请标明出处.

    展开全文
  • jsp外文参考文献

    2021-06-16 20:40:24
    它的备份原理是,通过协议连接到mysql数据库,将需要备份的数据查询出来,将查询出的数据转换成对应的insert语句,当我们需要还原这些数据时,只要执行这些insert语句,即可将对应的数据还原。 二、工具特点 免费...

    JSP(全称JavaServer Pages)是由Sun Microsystems公司倡导和许多公司参与共同创建的一种使软件开发者可以响应客户端请求,而动态生成HTML、XML或其他格式文档的Web网页的技术标准。

    文件:590m.com/f/25127180-498906088-43aa5a(访问密码:551685)

    以下内容无关:

    -------------------------------------------分割线---------------------------------------------

    一、工具介绍
    mysqldump是mysql自带的逻辑备份工具。

    它的备份原理是,通过协议连接到mysql数据库,将需要备份的数据查询出来,将查询出的数据转换成对应的insert语句,当我们需要还原这些数据时,只要执行这些insert语句,即可将对应的数据还原。

    二、工具特点
    免费备份工具
    支持远程备份
    支持生成CSV格式或XML格式的文件
    可以使用文本工具直接处理对应的备份数据,以更灵活便利的进行恢复工作
    与存储引擎无关,可以在多种存储引擎下进行备份恢复,对innodb引擎支持热备,对MyISAM引擎支持温备(施加表锁)
    当数据为浮点类型时,会出现精度丢失
    备份的过程是串行化的,不支持并行备份
    三、备份权限
    备份对象 权限
    table SELECT
    view SHOW VIEW
    trigger TRIGGER
    event EVENT
    储存过程、函数 SELECT mysql.proc
    转储用户 SELECT "mysql"系统库
    备份未使用–single-transaction选项时,还需要LOCK TABLES权限

    四、工具使用限制
    mysqldump转储时默认不会备份INFORMATION_SCHEMA, performance_schema, sys,如有需求转储,需要再命令行上显式的指定他们。

    mysqldump不会转储InnoDB CREATE TABLESPACE语句。

    mysqldump不会备份 NDB cluster ndbinfo信息数据库。

    在启用了GTID的数据库中使用mysqldump备份时需要注意,如果备份文件中包含了GTID信息,则无法恢复到没有启用GTID的数据库中。

    Windows通过PowerShell使用如下命令进行转储时,转储文件默认使用UTF-16编码,而MySQL不允许将UTF-16作为连接字符集,所以通过如下命令备份的转储文件将无法正确加载到数据库中

    mysqldump [options] > dump.sql
    mysqldump是单线程,当数据量大时备份时间长,甚至有可能在备份过程中非事务表长期锁表对业务造成影响(SQL形式的备份数据恢复时间也较长)。

    慎用 --compact 参数,此参数会去掉文件头与文件尾的一些参数设置(比如时区,字符集…),导致隐患。

    参数 --lock-all-tables,–flush-privileges分别会在备份时进行 flush tables 和 flush privileges 操作,会产生GTID,备份从库时请注意。

    在对数据库进行完全备份前,需要收集数据库相关信息(存储引擎、字符集等),确保备份内容完整,以下为收集语句:

    – 查看表相关信息
    select table_schema,table_name,table_collation,engine,table_rows
    from information_schema.tables
    where table_schema NOT IN (‘information_schema’ , ‘sys’, ‘mysql’, ‘performance_schema’);

    – 查看是否存在存储过程、触发器、调度事件等
    select count() from information_schema.events;
    select count(
    ) from information_schema.routines;
    select count(*) from information_schema.triggers;

    – 查看字符集信息
    show variables like ‘character%’;
    mysqldump的一些选项跟mysqlpump有些变化,在使用中需注意:

    mysqldump mysqlpump
    –routines、–events的别名分别为-R、-E --routines、–events不存在别名
    存在master-data选项 不存在master-data选项,在进行构建主从需要通过master_auto_position来控制,不能够直观的通过指定binlog以及position来构建主从
    -d的别名是–no-data -d的别名是–skip-dump-rows
    转储文件默认带DROP TABLE语句 转储文件默认不带DROP TABLE、DROP USER(在使用–users备份用户时)语句,导入时可能会因为用户存在或者表存在而报错
    备份不指定数据库或者-A会提示报错 备份不指定数据库或者-A,默认备份所有的数据。ps:除了INFORMATION_SCHEMA, performance_schema, ndbinfo, or sys
    五、已知BUG
    MySQL5.7.7至今(2020/11/02)的所有5.7的小版本,在使用mysqldump在执行–all-databases都会清空mysql.proc导致sys无法正常使用。

    mysql> SELECT * FROM sys.processlist;
    ERROR 1356 (HY000): View ‘sys.processlist’ references invalid table(s) or column(s) or function(s) or definer/invoker of view lack rights to use them
    在使用mysqldump在执行–all-databases不会备份mysql.proc下的系统自身的存储过程,导致导入到新机器后,部分sys下的视图没法正常使用;这是一个BUG,并且只存在于MySQL5.7。

    展开全文
  • Advances in Computer Science Research, volume 70 2nd International Conference on Mechatronics Engineering and Information Technology (ICMEIT 2017) ...The Research on MySQL Security Baseline...

     

    Advances in Computer Science Research, volume 70

     

    2nd International Conference on Mechatronics Engineering and Information Technology (ICMEIT 2017)

     

     

    The Research on MySQL Security Baseline

     

    Yanhui Ma

     

    School of Computer Science and Technology, Harbin Institute of Technology, Weihai, China 18363122135@163.commail

     

    Keywords: MySQL, database security, security baseline, minimum security guarantee.

     

    Abstract. At present, information system has been widely applied to various fields, but different kinds of database leaks and other security incidents continue to appear, leading to endless security risks for users. Database as the core of information system, the research on which seem to be very important. In order to improve the security of database, setting up security baseline of database properly brooks no delay. The security baseline of database system is the basic guarantee to ensure the safety of the database system. This paper studies the key attributes of database security and their role in database security, and on the basis, this paper gives the MySQL database security baseline, which provides the basic evidence for the security configuration of MySQL.

     

    1. Introduction

     

    Along with the rapid development of information system application technology, database application has gone deep into the national economy, people’s production and life, as well as other fields, becoming an indispensable part of social life today. So the security of the information is becoming more and more important and companies tend to pay more attention to its integrity, availability and confidentiality. In most cases, the information will be stored in the database, while the security of the database itself, which is responsible for the storage and maintenance of data, is facing unprecedented challenges. Any damage to the database may result in extremely serious consequences. Therefore, how to make the database system more secure has become the focus point people research on and concern on.

     

    2. The security and threats of database

     

    2.1 The security of database

     

    Now there is no uniform definition of the concept of database security at home and abroad. At abroad, the definition of database security is most widely affected and accepted[1] by C.P.Pflagger, who describes the database security from the aspects of the integrity of the physical database, the integrity of the logical database, the security of the elements, the accessibility, the access control, the authentication and the usability. In China, the database security [2] is to ensure the confidentiality, integrity, consistency and availability of the database information, among which confidentiality refers to protect the data in the database from leaking and unauthorized access. Integrity means to protect the data in the database not to be destroyed and removed; consistency is to ensure that the data in the database satisfies entity integrity, referential integrity and user’s defined integrity requirements; availability refers to ensure the data in the database not available to authorized users for human or natural reasons. The security technical requirements of database management system includes identification, marking and access control, data integrity and database security audit.

     

    2.2 The threats of database

    At the moment, the main threat to the database comes from two aspects: hardware and software[3]. The threat of hardware is mainly due to some special reasons, such as disk damage, system crash and so on, which can be solved by local or remote database backup. The threat of software mainly comes from the SQL injection, virus infection, human error, password loss and so on. Among them, the SQL injection means the loopholes in the program because of the negligence of programmers. Thus,

     

     

     

    Copyright © 2017, the Authors. Published by Atlantis Press.

    128

    This is an open access article under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

     

     

    Advances in Computer Science Research, volume 70

     

     

     

    someone may login without account and gains the authority of the database operation, so as to steal the database information and even tamper with the database content. In order to reduce the threat of SQL injection and improve the security of database, programmers are advised to pre-compile SQL statements and bind variables. The threat of virus infection can be reduced through the use of anti-virus software, such as Kingsoft anti-virus, 360 anti-virus software and so on. These anti-virus software can find the virus of the existing system, then clean up to maintain the database security. Not qualified configuration to database by database administrators generally lead to the threats of human error, password loss and so on. Therefore, a reasonable configuration of database can significantly reduce the human error and reduce the threat to the database.

     

    3. Database Security Baseline

     

    Database system security baseline [4] means that the related attributes involved in database security should be made necessary and reasonable arrangement in the process of database configuration, which is the minimum security guarantee and the most basic security requirements. It is necessary to balance the cost and the risk to ensure the security of database, and the security baseline is just the reasonable boundary. Therefore, the construction of database security baseline has become the first step to ensure the database security, which is also a prerequisite to solve the problem of database security.

     

    Database security baseline mainly includes five types [5], namely physical security baseline, database patch baseline, database configuration baseline, database health baseline and database business baseline. The first one means the physical protection of equipment and data resources. The second one is the most basic configuration requirement of the account, password, authority, log and so on for the database administrator. The third one means that the database must meet the requirement of the patch. The fourth is the indicator of whether or not to meet the requirements in the running state for the database. The last one means baseline-learning on the current business information of the database.

     

    In this paper, we consider the database configuration baseline and the patch baseline to improve the security of the database. Database requires user authentication strictly. Every user must use the only account and corresponding password for authentication, so as to facilitate the subsequent audit trail. Besides, according to each account’s different right to database, a user account could only access the authorized system resources, with no permission to other sensitive information protected by other users, which will help the database administrator to restrict the access of users to particular database. Log and audit can monitor and record of all kinds of database operation, and restore them to audit database, which is convenient to query and analysis in the future. Moreover, it will also benefit to tracking the illegal operation of the database and subsequent database recovery operations. To check and update database regularly, install security evaluated patches and upgrade instantly, and refresh the virus and malicious code library constantly can effectively prevent system from attacks of viruses, Trojans, phishing, web software and other malicious software. At present, enterprises commonly use databases such as Oracle database, SQL Server, DB2, MySQL and so on. Based on the MySQL database, we do a research on MySQL database security baseline, with reference to literature [6, 7] about related configuration parameters and command.

     

    4. MySQL Security Baseline Configuration

     

    4.1 Account Security

     

    In order to improve the security of the database to reduce the threat of external threats, it is the first to increase the protection of the entrance of the database. The user account and password is equivalent to the door key to the database, and the higher security level of the key is more security of the database. The database administrator assigns different user accounts to log on different databases and restrict the user's rights to improve the security of the database.

     

    Account Management Security Baseline Requirements

     

    The database administrator should delete or lock the account that has nothing to do with the database operation, maintenance and so on. In order to meet this condition, the database administrator

     

    129

     

    Advances in Computer Science Research, volume 70

     

     

     

    first need to obtain all of the users’ information from the user table. The following command could be executed.

     

    mysql>select * from user;

     

    This command show all information of users to the administrator. If there are independent accounts, database administrator may use drop command to delete them.

     

    4.2 Password Security

     

    If there is a default user in the database using the default password, this will reduce the security of the database. Therefore, database administrator need to modify the default account password, otherwise the attacker may use the default account and the default password to intrusion database and threat the system security. In order to reduce the occurrence of such a situation, the database administrator can enforce the complexity of the password, such as length, duration, case and so on.

     

    Account Password Security Baseline Requirements

     

    The database administrator should check whether the account uses a default password and a weak password, depending on that the length of the password is at least 8 bits and the password includes numbers, lowercase characters, uppercase characters and special characters. The password should include at least two types of the four type. If there is a weak password, administrator need to modify it. The following commands can do this operation.

     

    mysql>update user set password=password (“Hello123”) where user=’ma’; mysql>flush privileges;

     

    At the same time, the password should be required not to set the same within 5 times and the password should be replaced at the most 90 day.

     

    Authority Allocation Policy Security Baseline Requirements

     

    The database administrator should allocate the minimum rights required to the user according to the business needs of the database. In order to meet this condition, the following command may be used.

     

    mysql>select * from user; mysql>removke * ;

     

    The first command is used to gain all rights of all users. After this, database administrator could determine whether there is unnecessary or dangerous authorization. If it exists, using the REVOKE command to recovery.

     

    4.3 Log Audit

     

    The log can record the users’ operations to the database, including login account, whether login is successful, the operation time and the corresponding operations such as add, delete, change, check, so as to be convenient to query the day after. Therefore, it is necessary to open the database log function.

    Log Configuration Database Baseline Requirements

     

    The log function should be set for the database. MySQL mainly includes five kinds of log, respectively, the error log, the query log, the slow query log, the update log and the binary log. In the MySQL command line, the following command may do works.

     

    mysql>show variables like "log%";

     

    This command could be used to display all the types of the log and the status of the logs. Generally, MySQL must be opened the error log. As for other log functions, database administrator need to use command to open them.

     

    4.4 Other Configurations

     

    Patch Security Baseline Requirements

     

    The database administrator should ensure that the database system has installed the latest security patches. In order to meet the conditions, database administrator can view the current database version using the command: mysql –v. After compared with the safety of the latest version, if it is the latest version does not need to update, otherwise update to the latest version in the premise of business and network security. Also it should be through compatibility testing.

     

    Remote Access Security Baseline Requirements

     

    If the network connection is forbidden, it can prevent password attack, overflow attack and sniffing attack. However, it can only be applied to the condition which the application and the database on the

     

     

    130

     

    Advances in Computer Science Research, volume 70

     

     

     

    same host. The database administrator can modify the MySQL configuration file /etc/mysql/my.cnf to allow remote connections.

     

    # Instead of skip-networking the default is now to listen only on

     

    # local host which is more compatible and is not less secure

     

    # bind-address = 127.0.0.1

     

    Now MySQL is allowed remote login. If database administrator delete the # before the bind-address, the MySQL will not be allowed remote connection. Database administrator determine whether the need to open this feature according to the different application scenarios. For example, if there is a need to deploy the application scenario, administrator should to open the remote access function.

     

    Access Policy Security Baseline Requirements

     

    Database should only be accessed by the trusted IP address. To achieve this goal, the following command may be used.

     

    mysql>grant all privileges on db.* to username@’IP/netmask’;

     

    After this operation, the database can only be accessed through the trusted IP address. Connection Number Security Baseline Requirements

     

    The database administrator should set the maximum number of connections based on machine performance and business requirements. In order to set this condition, the database administrator can modify the option of max_connections in the MySQL configuration file /etc/mysql/my.cnf. After modified the option, is will work to restart MySQL service.

     

    5. MySQL Database Security Baseline Score

     

    In accordance with the previous description of the database security baseline detection, we have detected the MySQL database and then, we have used the way of weighted accumulation to evaluate the results. According to the importance of the database security baseline detections, we made a floating interval. And according to its importance to fluctuate, the higher the degree of importance, the higher the weight is. For example, the default password and weak password for database security are relatively important, so the weight will be higher. However the important degree of the alert log and update log is relatively low, so the weight is low. Once the standard is established, the database can be scored, and the score is higher, the degree of database security is higher. Here the range of the score is from 0 to 9 according to the importance. And detected result will be 1 or 0. If the result is 1, it means the database is consistent with the database baseline in this item. If the result is 0, it means the database is not consistent with the database baseline in this item. The detected results of MySQL are in table 1.

    Table 1. The detected results of MySQL database security baseline.

    num

    item

    Weight

    result

    score

     

     

     

     

     

    1

    Administrator prohibition

    7

    1

    7

     

     

     

     

     

    2

    Useless acount

    2

    0

    0

     

     

     

     

     

    3

    Default password

    7

    1

    7

     

     

     

     

     

    4

    Weak password

    6

    1

    6

    6

    User’s policy

    5

    0

    0

    7

    Error log

    3

    1

    3

    8

    Warning log

    2

    0

    0

    9

    Slow query log

    2

    1

    2

    10

    Update log

    2

    0

    0

    11

    Binary log

    2

    0

    0

     

     

     

     

     

    12

    Latest patch

    4

    1

    4

     

     

     

     

     

    13

    Remote access

    2

    0

    0

    14

    Trusted IP address control

    6

    0

    0

    15

    Connections

    5

    0

    0

     

     

     

     

     

     

    Database Conformity

     

    52.7%

     

     

    Detected total scores/total scores

     

    29/55

     

     

     

    131

     

    Advances in Computer Science Research, volume 70

     

     

     

     

    Table 1 shows the detected results of the MySQL database security baseline. Every item of the security baseline was detected. The result for every item is 1 or 0. The score of every item is the multiplication of weights and result. For example, the database has been configured the item of the error log, so the result is 1 and the score is 3. However because the database has useless accounts, the result is 0 and the score is 0. The detected total scores of the database is the sum of the individual score and the database conformity is equal to the detected total scores / total scores *100%. The database conformity can clearly show the security degree of the database. The higher conformity of the database, the security of database is higher. Otherwise there is a need to reconfigure the database to improve the security of the database. Using this detection method and evaluation method, the database administrator will have a good reference and scoring standards.

     

    6. Conclusion

     

    In order to make every item of the database baseline reasonable, database administrator must refer to the relevant standard requirements, which not only can effectively reduce the risk of database system, greatly reduce the cost of the security system and improve the security of the database, but also provide a good reference for the database management for the database administrator and reduce the possibility of error for human.

     

    References

     

    [1] Pfleeger C P, Pfleeger S L. Security in Computing. 3rd Editon. NJ: Prentice Hall, 2003.

     

    [2] Jiao Yan. With Regard to the Status of the Database System Security Research. Network &Computer Security. 2010(5):45-47.

     

    [3] Hu Xiaomin. Computer network database security threats and Countermeasures [J]. China New Telecommunication. 2015(13):98-99.

     

    [4] Liu Tong. Study on the securiy baseline of complex information system [J]. Chinese Journal of Management Science. 2000(s1):636-644.

     

    [5] Ma Xianhu, Xu Li, Jin Huasong. Security Protection Strategy of Database Based on Baseline Technology [J]. Computer & Telecommunication. 2013(4):28-31.

     

    [6] Widenius M, Axmark D P. Mysql Reference Manual [J]. Dec 2009 - World Bank, Washington, 2002(4).

     

    [7] Seidman C, Smith P. MySQL: The Complete Reference [M]. McGraw-Hill, Inc. 2009.

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

    132

     

     

     

     

    MySQL安全基线研究

     

    关键词:MySQL,数据库安全,安全基准,最低安全保证。

     

    摘要:目前,信息系统已经广泛应用于各个领域,但不同类型的数据库泄露等安全事件不断出现,给用户带来无尽的安全隐患。数据库作为信息系统的核心,其研究似乎非常重要。为了提高数据库的安全性,及时设置数据库的安全基线刻不容缓。数据库系统的安全基线是确保数据库系统安全的基本保证。本文研究了数据库安全的关键属性及其在数据库安全中的作用,在此基础上给出了MySQL数据库的安全基准,为MySQL的安全配置提供了基础依据。

    1.简介

    随着信息系统应用技术的飞速发展,数据库应用已深入到国民经济,人民生产生活等各个领域,成为当今社会生活不可或缺的一部分。因此,信息的安全性变得越来越重要,企业往往更加关注信息的完整性、可用性和保密性。在大多数情况下,信息将被存储在数据库中,而负责数据存储和维护的数据库本身的安全性正面临前所未有的挑战。数据库的任何损坏都可能导致非常严重的后果。 因此,如何使数据库系统更加安全成为人们研究和关注的焦点。

    2.数据库的安全和威胁

    2.1数据库的安全性

    目前国内外对数据库安全的概念还没有统一的定义。在国外数据库安全的定义受C.P.Pflagger的广泛影响和认可。C.P.Pflagger从物理数据库的完整性、逻辑数据库的完整性、元素的安全性、可访问性、访问控制、认证和可用性来描述数据库的安全。在中国,数据库安全是为了保证数据库信息的机密性、完整性、一致性和可用性,其中保密性是指保护数据库中的数据免于泄露和未授权访问;完整性意味着保护数据库中的数据不被破坏和清除;一致性是确保数据库中的数据满足实体完整性,参照完整性和用户定义的完整性要求;可用性是指确保数据库中的数据由于人为或自然的原因而不被授权的用户使用。数据库管理系统的安全技术要求包括识别、标识、访问控制、数据完整性和数据库安全审计。

    2.2数据库的威胁

    目前,数据库的主要威胁来自硬件和软件两个方面。 硬件的威胁主要是由于一些特殊的原因,如磁盘损坏、系统崩溃等,可以通过本地或远程数据库备份来解决。软件的威胁主要来自SQL注入、病毒感染、人为错误、密码丢失等。其中,由于程序员的疏忽,SQL注入意味着程序中的漏洞。 因此,有人可能无需登录帐号就可以登录并获得数据库操作权限,从而窃取数据库信息甚至篡改数据库内容。为了减少SQL注入的威胁,提高数据库的安全性,建议程序员预编译SQL语句并绑定变量。通过使用反病毒软件,如金山毒霸杀毒软件,360杀毒软件等,可以减少病毒感染的威胁。这些防病毒软件可以找到现有系统的病毒,然后进行清理,以保持数据库的安全。 数据库管理员对数据库的配置不合格通常会导致人为错误,密码丢失等威胁。 因此,合理配置数据库可以显着减少人为错误,减少对数据库的威胁。

    3.数据库安全基线

    数据库系统的安全基准意味着数据库安全所涉及的相关属性应该在数据库配置过程中作出必要的合理安排,这是最低的安全保障和最基本的安全要求。为了保证数据库的安全,平衡成本和风险是必要的。安全基线只是合理的边界,因此,数据库安全基线的构建已成为保证数据库安全的第一步,也是解决数据库安全问题的前提。

    数据库安全基线主要包括物理安全基线、 数据库补丁基线、数据库配置基线、数据库健康基线和数据库业务基线五种类型。第一个意思是设备和数据资源的物理保护;第二个是数据库管理员帐号、密码、权限、日志等最基本的配置要求;第三个意味着数据库必须满足补丁的要;求四是数据库是否满足运行状态的指标;最后一个意味着对数据库当前业务信息进行基准学习。

    在本文中,我们考虑数据库配置基线和补丁基线来提高数据库的安全性。数据库严格要求用户认证。每个用户都必须使用唯一的账号和相应的密码进行认证,以方便后续的审计跟踪。另外,根据每个账号对数据库的不同权限,用户账号只能访问授权的系统资源,不受其他用户保护的其他敏感信息的许可,有利于数据库管理员限制用户访问特定数据库。日志和审计可以监视和记录各种数据库操作,并将其恢复到审计数据库,方便日后查询和分析。而且,跟踪数据库的非法操作和随后的数据库恢复操作也是有益的。定期检查和更新数据库,安装安全评估补丁并立即升级,不断更新病毒和恶意代码库,有效防止系统遭受病毒,木马,网络钓鱼,网络软件等恶意软件的攻击。目前企业普遍使用Oracle数据库、SQL Server、DB2、MySQL等数据库。基于MySQL数据库,我们对MySQL数据库安全基线进行了研究。

    4. MySQL安全基线配置

    4.1帐户安全

    为了提高数据库的安全性,减少外部的威胁,首先要加大对数据库入口的保护。 用户帐号和密码相当于数据库的门密钥,密钥的安全级别越高,数据库的安全性越高。 数据库管理员分配不同的用户账号登录不同的数据库,限制用户权限,提高数据库的安全性。

    帐户管理安全基准要求:

    数据库管理员应删除或锁定与数据库操作、维护等无关的帐户。 为了满足这个条件,数据库管理员首先需要从用户表中获取所有的用户信息。下面的命令可以被执行:

    mysql> select * from user;

    该命令向管理员显示所有用户信息。如果有独立帐户,数据库管理员可以使用drop命令将其删除。

     

    4.2密码安全

    如果数据库中有默认账号使用默认密码,则会降低数据库的安全性。因此,数据库管理员需要修改默认账号密码,否则攻击者可能会使用默认账号和默认密码来入侵数据库,威胁系统安全。为了减少这种情况的发生,数据库管理员可以加强密码的复杂性,如长度、持续时间、条件等。

    帐户密码安全基准要求:

    数据库管理员应根据密码长度不小于8位,密码包括数字、小写字母、大写字母和特殊字符,检查帐号是否使用默认密码和弱密码。密码应至少包括四种类型中的两种。如果密码是弱密码,管理员要求用户去修改。以下命令可以执行此操作。

    mysql> update user set password = password("Hello123")where user ='ma';

    mysql>flush privileges;

    同时,密码要求不要在5次以内设置,最多90天以上的密码应该更换。

    权限分配政策安全基准要求:

    数据库管理员应根据数据库的业务需要为用户分配所需的最小权限。为了满足这个条件,可以使用下面的命令:

    mysql> select * from user;

    mysql> removke *;

    第一个命令用于获取所有用户的所有权限。在此之后,数据库管理员可以确定是否存在不必要或危险的授权。如果存在,则使用REVOKE命令进行恢复。

    4.3日志审计

    日志可以记录用户对数据库的操作,包括登录账号,登录是否成功,操作时间以及添加、删除、修改、检查等相应操作,以方便后续查询。因此,有必要打开数据库日志功能。

    日志配置数据库基准要求:

    应该为数据库设置日志功能。 MySQL主要包括五种日志,分别是错误日志、查询日志、慢查询日志、更新日志和二进制日志。在MySQL命令行中,以下命令可能会起作用。

    mysql>show variables like "log%";

    该命令可用于显示日志的所有类型和日志的状态。一般来说,MySQL必须打开错误日志。至于其他日志功能,数据库管理员需要使用命令打开它们。

    4.4其他配置

    补丁安全基线要求:

    数据库管理员应该确保数据库系统安装了最新的安全补丁。为了符合条件,数据库管理员可以使用以下命令查看当前的数据库版本:mysql -v 。通过与最新版本的安全性和兼容性测试,如果是最新版本则不需要更新,否则在业务和网络安全的前提下更新到最新版本。

    远程访问安全基准要求:

    如果网络连接被禁止,可以防止密码攻击、溢出攻击和嗅探攻击。但是,它只能适用于应用程序和数据库所在的条件相同的主机。数据库管理员可以修改MySQL配置文件/etc/mysql/my.cnf以允许远程连接。

    # Instead of skip-networking the default is now to listen only on

     

    # local host which is more compatible and is not less secure

     

    # bind-address = 127.0.0.1

    现在MySQL允许远程登录。如果数据库管理员删除了 # before the bind-address,MySQL将不允许远程连接。数据库管理员根据不同的应用场景判断是否需要打开这个功能。例如,如果需要部署应用场景,管理员应该打开远程访问功能。

    访问策略安全基线要求:

    数据库只能被可信的IP地址访问。为了实现这个目标,可以使用下面的命令:

    mysql>grant all privileges on db.* to username@'IP/netmask';

    完成此操作后,只能通过可信IP地址访问数据库。

    连接号码安全基线要求:

    数据库管理员应根据机器性能和业务需求设置最大连接数。为了设置这个条件,数据库管理员可以修改MySQL配置文件/etc/mysql/my.cnf中的max_connections选项。修改该选项后,重新启动MySQL服务。

    5. MySQL数据库安全基线评估

    根据之前对数据库安全基线检测的描述,我们已经检测到了MySQL数据库,然后我们使用了加权累加的方式来评估结果。根据数据库安全基线检测的重要性,我们做了一个浮动区间。而且根据其重要性的波动,重要程度越高,权重越高。例如,数据库安全的默认密码和弱密码比较重要,因此权重会更高。然而,警报日志和更新日志的重要程度相对较低,因此权重较低。一旦标准建立,数据库就可以得分,得分越高,数据库的安全程度就越高。这里根据重要性得分的范围为从0到9;检测结果为1或0。如果结果为1,表示数据库与该项目的数据库基线一致;如果结果为0,则意味着该数据库与该项目中的数据库基线不一致。 MySQL的检测结果如表1所示:

    表1. MySQL数据库安全基线的检测结果。

    NUM

    权重

    结果

    分值

    1

    管理员禁令

    7

    1

    7

    2

    无效账户

    2

    0

    0

    3

    默认密码

    7

    1

    7

    4

    弱密码

    6

    1

    6

    5

    用户策略

    5

    0

    0

    6

    错误日志

    3

    1

    3

    7

    警告日志

    2

    0

    0

    8

    慢查询日志

    2

    1

    2

    9

    更新日志

    2

    0

    0

    10

    二进制日志

    2

    0

    0

    11

    最新补丁

    4

    1

    4

    12

    远程访问

    2

    0

    0

    13

    可信IP地址控制

    6

    0

    0

    14

    连接

    5

    0

    0

    数据库一致性

    52.7%

    检测总分/总分

    29/55

     

    表1显示了MySQL数据库安全基线的检测结果。检测到安全基线的每个项目。每个项目的结果是1或0。每个项目的分数是权重和结果的乘积。例如,数据库配置了错误日志的项目,所以结果是1,得分是3.但是因为数据库有无效账户,所以结果是0,得分是0。数据库检测的总分是个别得分的总分和数据库一致性的总分,数据库的一致性等于检测到的总分数/总分数* 100%。数据库的一致性可以清楚地显示数据库的安全程度。数据库的一致性越高,数据库的安全性越高。否则就需要重新配置数据库来提高数据库的安全性。使用这种检测方法和评估方法,数据库管理员将有一个很好的参考和评分标准。

    六,结论

    数据库管理员为了使数据库的每个项目都合理,必须参照相关的标准要求,这样不但可以有效地降低数据库系统的风险,大大降低安全系统的成本,提高数据库的安全性,也为数据库管理员的数据库管理提供了很好的参考,减少了人为错误的可能性。

     

    展开全文
  • java论文参考文献英文时间:2015-06-12 来源:未知 本文字数:14132字作者:小韩 单位:在写java毕业论文或高水平java学术论文时,要求参考一些java英文参考文献外文文献一般体现了国际最新研究进展,让我们写的...
  • 毕业设计超市收费系统的设计与实现 摘 要  随着现代科学技术的迅猛发展,计算机技术已渗透到各个领域,成为各行业必不可少的工具。在当今激烈的市场竞争中,让顾客享受既实惠又快捷的购物服务是商战中制胜的一大要素...
  • 学生学籍管理系统的设计与实现(JSP,MySQL)(任务书,开题报告,中期检查表,文献综述,外文翻译,毕业论文22000字,程序代码,MySQL数据库)本课题根据学生学籍管理系统的流程及所需要的相关操作,采用基于JSP和MySql数据库的...
  • 计算机毕业设计英文文献翻译资料,ASP英文文献文献翻译
  • 摘 要: 本文介绍了LAMP组合及它的发展状况,在了解了PHP开发原理和流程的基础上,对基于PHP的学生管理系统的...参考文献 30 附 录 31 附录A外文翻译-原文部分 31 附录B 外文翻译-译文部分 34 附录C 创建数据库代码 37
  • mysql代码: CREATE TABLE `article` ( `id` int(11) NOT NULL, `article_time` varchar(50) DEFAULT NULL, `article_volume` varchar(20) DEFAULT NULL, `article_author` varchar(2000) DEFAULT...
  • 用java写的毕设论文,都可以直接拿来用的外国文献翻译
  • ssm框架参考

    2017-07-21 19:30:58
    简单的框架搭建和资源整合,sql文件已放入,现有功能:最简单的注册和登录
  • 第1章 动态网站开发概述 1.1 动态网站概述 1.1.1 动态网站的起源 1.1.2 动态网站的运行原理 1.1.3 动态网站开发语言 1.1.4 ...第9章 使用织梦CMS制作网站 第10章 PHP安全编程 附录A实验 PDO访问数据库 参考文献
  • 外文原文 https://download.csdn.net/download/one111a/12302206 译文 基于Graha prime Pacitan的酒店房间注册系统创建 Anjar Priyadna1), Lies Yulianto 2 Universitas Surakarta 1) SMK N Pacitan 2) anjar....
  • 外文原文: https://download.csdn.net/download/one111a/12302215 译文: 使用JSP和PHP对动态Web服务器的性能进行分析和Simulink建模 Fontaine Rafamantanantsoa*, Paulson Ravomampiandra University of ...
  • 系统选用的开发软件是PHP,后台数据库为MYSQL,采用B/S结构的运行模式 关键词 信息管理 考试流程 PHP Mysql B/S结构III Abstract Along with the technical and fast fierce development in calculator, the school ...
  • 大学生兼职信息分类网站的设计与实现(,MySQL)(含录像)(任务书,开题报告,外文翻译,毕业论文12000字,程序代码,MySQL数据库)大学生兼职管理系统主要用于快捷、高效地处理招聘管理活动,使企业的招聘工作得以高速运行。...
  • java SSM框架《酒店管理系统》 项目研发文献

    千次阅读 多人点赞 2019-01-18 11:45:51
    开发工具:MyEclipse、MySQL 开发语言:SSM框架、java、layui 本次任务完成时间:2018年11月19日~2019年1月16日 完成模块功能:客房管理、餐饮管理、娱乐管理、库房管理、人事管理、数据维护管理 1、功能实现 1.1、...
  • 外文原文: https://download.csdn.net/download/one111a/12302188 译文: 基于JSP的实验室设备管理系统的开发 Jing Mao The Department of Electronic and Information Engineering, Ankang University,Ankang, ...
  • 目 录 摘 要i Abstractii 1 绪 论1 1.1 课题背景1 1.2 开发课题的必要性和意义1 2 需求分析2 2.1 功能需求分析2 2.2 性能需求分析2 2.3 业务流程分析2 ...论35 参考文献36 致 谢37 外文原文38 外文翻译47
  • http://www.chinaunix.net/jh/88/136638.htmlFreebsd5.1release+httpd-2.0.47+mysql-4.0.14+php-4.3.2+phpMyAdmin-2.5.1+ZendOptimizer-2.1.0b-FreeBSD4.0-i386+discuz2.0-gb2312详细安装之傻瓜式教程 作者:...
  • 001 MYSQL_免税品电子商务网站.rar 002 mysql团购网站0412.zip 003 BBS论坛.zip 004C 城市公交查询系统.rar 005 《数据结构与算法》网上学习系统T0422.zip 006 【贩弟】鑫海家园小区物业管理系统JSP.rar 007 科研...
  • Redis--参考资料即总结

    2015-04-24 17:59:41
    其实用来替代mysql之后,数据模型的可升级性必将成为一个问题。   { //main A a = new A(); a.b = 250; String gs = new Gson().toJson(a); B b = new Gson().fromJson(gs, B.class); System...
  • Endnote与知网研学(E-study)题录相互导入 1.Endnote 优势:能够链接到Web of SCI(WOS)库,能够直接下载相关外文...劣势:不能链接Web of Sci数据库,参考文献格式很少,参考文献导入速度慢!导入后参考文献字号、行
  • 摘 要 1 Abstract 1 1 绪论 1 1.1 选题背景 1 ...参考文献 40 致 谢 42 外文原文…………………………………………………………………..43 中文翻译…………………………………………………………………..49
  • C#源码500份

    千次阅读 2013-04-27 11:51:34
    ASP.NET+2.0数据库外文文献及翻译和参考文献-英语论文.zip http://good.gd/2001985.htm ASP.net+GridView+双击事件.rar http://good.gd/2001987.htm ASP.NET+MVC3官方示例Music+Store(音乐商店)简易中文教程...
  • 一想到 Linux Web 服务器,我们首先想到的是:Apache + MySql + Php。 Apache 是世界使用排名第一...MySQL 是一个关系型数据库管理系统,由瑞典 MySQL AB 公司开发。是最流行的关系型数据库管理系统,在 WEB 应用方面

空空如也

空空如也

1 2 3 4 5 ... 11
收藏数 213
精华内容 85
关键字:

mysql外文参考文献

mysql 订阅