Article Directory
Preface
1. MySQL
2. Database security
1. Basic concepts
2. Database security objectives
3. Database security protection technology
4. Factors affecting database security
3. Database system security-related factors
1. Peripheral Network
2. Host
3. Database
4. Code
Supplement: sql injection
4. Methods to ensure MySQL security
Summarize
Preface
Whether for businesses or individuals, the security of data stored in databases is particularly important. Especially for companies, their business data often has great value. This articleMySQL databaseSafety has been introduced.
one,MySQL
MySQL is one of the most used databases at present, it is a completely networked cross-platform database system, and it can be regarded as the fastest running speed at present.SQL LanguageDatabases, especially in web applications, have certain advantages. MySQL database has become the most popular open source database in the world with its powerful functions, cross-platform support, fast running speed, high security, low cost and large database storage capacity.
two,Database security
1. Basic concepts
Database system security refers to the security protection measures taken for the database system, and the purpose is to prevent the system.softwareand the data in which it is corrupted, altered and leaked. Database security refers to the adoption of various security measures to protect the database and its related files and data. Database security includes two meanings: the first layer refers to the security of the system operation, and criminals can invade computers through networks, local area networks, etc. The system cannot operate normally; the second layer refers to the security of system information, and hackers may steal or destroy data from database intrusion.
2. Database security objectives
In order to maintain the security characteristics of data in storage and DBMS, including data independence,Data securityseveral aspects such as quality, data integrity, concurrency control, and failure recovery.
3. Database security protection technology
Database encryption (core data storage encryption), database firewall (vulnerability prevention, attack prevention), data desensitization (sensitive data anonymization), etc.
4. Factors affecting database security
On the one hand, it is the security of the database system; on the other hand, it is the security of its own computer system.
3. Database system security-related factors
1. Peripheral Network
Mysql should be in a protected LAN rather than a developed public network.
2. Host
The host layer defense line mainly intercepts the behavior of network (including local area networks) or directly connected unauthorized users trying to intrude the host.
3. Database
The database defense line is the access control authorization management related module of the mysql database system itself.
(MySQL's last line of defense is also the most core and most important line of defense)
MySql's access authorization-related module is mainly composed of two parts, one is the basic user management module; the other is the access authorization control module.
In the configuration database, you can make some relevant settings to ensure the security of the database. Such as database password, database login failure processing function, database account decentralization, database audit strategy, data backup, etc.
4. Code
1) SQL statement
Sql injection attack is an attack performed by inserting malicious Sql queries or addition statements into the application's input parameters, and then parsing the executed attack on the background Sql server. It is currently one of the most common methods used by hackers to attack databases. This kind of attack is very destructive and can easily cause data damage or loss.
Replenish:sql injection
1. Concept
SQL injection is a security vulnerability that occurs in the database layer in a web program, and is the most and simplest vulnerability that a website has. The main reason is that the program does not judge or process the legitimacy of the user's input data, which leads to the attacker adding additional SQL statements to the SQL statements defined in advance in the web application, and implementing illegal operations without the administrator's knowledge, in order to trick the database server into executing unauthorized arbitrary queries, thereby further obtaining data information.
Two conditions are required to be met for injection vulnerabilities
Parameters are user-controllable: The parameters passed by the front end to the back end are controllable by the user.
Parameters are brought into database query: The passed parameters are spliced into SQL statements and brought into database query.
3. Common SQL injection attacks
(1) Union injection attack
(2) Boolean blind attack
(3) Error injection attack
(4) Time blind injection attack
2) Program code
If the permission verification of the program code is not carefully enough and there are security vulnerabilities, it may also be exploited by intruders to achieve the purpose of stealing data.
4. Methods to ensure MySQL security
- Ensure access privileges for specific hosts
- Database encryption
- Forced access control
- Regularly backup database
- Disable or restrict remote access
- Reduce system privileges
- Reduce user database privileges
- Enable logging
Summarize
The above is what we are going to talk about today. This article only briefly introduces some basic knowledge of MySQL database security.