CN106372534A - Oracle database user secure login method and system - Google Patents
Oracle database user secure login method and system Download PDFInfo
- Publication number
- CN106372534A CN106372534A CN201610857033.7A CN201610857033A CN106372534A CN 106372534 A CN106372534 A CN 106372534A CN 201610857033 A CN201610857033 A CN 201610857033A CN 106372534 A CN106372534 A CN 106372534A
- Authority
- CN
- China
- Prior art keywords
- user
- login
- trigger
- log
- oracle database
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 14
- 238000004891 communication Methods 0.000 claims abstract description 21
- 238000012552 review Methods 0.000 claims description 9
- 238000012544 monitoring process Methods 0.000 claims description 3
- 230000001960 triggered effect Effects 0.000 claims description 3
- 238000012795 verification Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000000926 separation method Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses an Oracle database user secure login method and system, belonging to the field of Oracle database security, wherein a trigger is used for capturing user login information of an ORACLE database in real time, and the user login information is communicated with an external program in real time in an external calling mode, so that the login can be successful only after the permission of an external program manager is obtained, otherwise, the login cannot be performed; the method comprises the following concrete steps: establishing a login trigger in an Oracle database; when a monitored user logs in, logging in a trigger, and triggering the trigger; the login trigger sends the login user name and the user IP to the external communication module in an external communication mode; the external communication module further transmits the information to an external auditing module located on other computers or mobile phones. The invention adds a real-time auditing mechanism in the Oracle database login link, and improves the login security of Oracle users.
Description
Technical field
The present invention relates to oracle database security fields, specifically a kind of oracle database user security login
Method and system.
Background technology
Oracle database is widely used a kind of high-performance data base management system in the industry, and a lot of operation systems are all sharp
With oracle database access and management data.Access the data in oracle, need oracle the user name and password, but
Oracle the user name and password is compromised or is guessed by hacker or oracle manager logs in improperly when and where
Oracle is likely to cause database data to divulge a secret or destroyed.If link can be logged in oracle to add real-time examination & verification machine
System, directly blocks illegal register and legal register of letting pass, then can greatly increase the safety of oracle database
Property.
Content of the invention
The technical assignment of the present invention is for above weak point, provides a kind of oracle database user security login side
Method and system, logging in link in oracle database increases a kind of real-time review mechanism, improves the safety of oracle User logs in
Property.
The technical solution adopted for the present invention to solve the technical problems is:
A kind of oracle database user security login method and system, using trigger captured in real time oracle database user
Log-on message, and by external call mode and external program real-time Communication for Power, obtain ability after external program manager license
Login successfully, otherwise cannot log in;Be equivalent to and increased one layer of review mechanism, this method can prevent database user name and close
After code leakage, the login behavior of lawless people, is effectively protected data base.
It is as follows that it implements step:
1), set up in oracle database and log in trigger;
2), when the User logs in of monitoring, log in trigger, trigger is triggered;
3), log in trigger and the user name logging in and user ip will be issued external communication module with outside communication mode;
4), external communication module transmits this information to the eternal review module on other computers or mobile phone further,
Auditor knows user login information by eternal review module it is resolved that whether user can log in and feed back to external communication mould
Block;
5), log in trigger determines to User logs in it is to let pass or refuse according to the auditing result obtaining from external communication module
Log in.
By increasing manual examination and verification joint, improve the safety of oracle database User logs in.
Compared to the prior art a kind of oracle database user security login method of the present invention and system, have following
Beneficial effect:
In the method, auditor requires no knowledge about the user name and password of oracle user so that it may user in real logs in
Information, and determine whether user can log in, meet separation of the three powers principle, solve oracle database the user name and password and let out
Secure log problem when revealing or being illegally used, has reached the purpose of user security.
Specific embodiment
With reference to specific embodiment, the invention will be further described.
A kind of oracle database user security login method and system, using trigger captured in real time oracle database
User login information, and by external call mode and external program real-time Communication for Power, after obtaining external program manager license
Just can login successfully, otherwise cannot log in;Be equivalent to and increased one layer of review mechanism, this method can prevent database user name
And password reveal after lawless people login behavior, be effectively protected data base.
It is as follows that it implements step:
1), set up in oracle database and log in trigger;
2), when the User logs in of monitoring, log in trigger, trigger is triggered;
3), log in trigger and the user name logging in and user ip will be issued external communication module with outside communication mode;
4), external communication module transmits this information to the eternal review module on other computers or mobile phone further,
Auditor knows user login information by eternal review module it is resolved that whether user can log in and feed back to external communication mould
Block;
5), log in trigger determines to User logs in it is to let pass or refuse according to the auditing result obtaining from external communication module
Log in.
By increasing manual examination and verification joint, improve the safety of oracle database User logs in.
Logged in using this method and system, auditor requires no knowledge about the user name and password of oracle user, just
Can user in real log-on message, and determine whether user can log in, meet separation of the three powers principle, solve oracle number
Secure log problem when revealing or be illegally used according to storehouse the user name and password, has reached the purpose of user security.
By specific embodiment above, described those skilled in the art can readily realize the present invention.But should
Work as understanding, the present invention is not limited to above-mentioned specific embodiment.On the basis of disclosed embodiment, described technical field
Technical staff can the different technical characteristic of combination in any, thus realizing different technical schemes.
In addition to technical characteristic described in except description, it is the known technology of those skilled in the art.
Claims (1)
1. a kind of oracle database user security login method and system are it is characterised in that utilize trigger captured in real time
Oracle database user login information, and by external call mode and external program real-time Communication for Power, obtain external program
Just can login successfully after manager's license, otherwise cannot log in;Implement step as follows:
1), set up in oracle database and log in trigger;
2), when the User logs in of monitoring, log in trigger, trigger is triggered;
3), log in trigger and the user name logging in and user ip will be issued external communication module with outside communication mode;
4), external communication module transmits this information to the eternal review module on other computers or mobile phone further,
Auditor knows user login information by eternal review module it is resolved that whether user can log in and feed back to external communication mould
Block;
5), log in trigger determines to User logs in it is to let pass or refuse according to the auditing result obtaining from external communication module
Log in.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610857033.7A CN106372534A (en) | 2016-09-28 | 2016-09-28 | Oracle database user secure login method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610857033.7A CN106372534A (en) | 2016-09-28 | 2016-09-28 | Oracle database user secure login method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106372534A true CN106372534A (en) | 2017-02-01 |
Family
ID=57897093
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610857033.7A Pending CN106372534A (en) | 2016-09-28 | 2016-09-28 | Oracle database user secure login method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106372534A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101770613A (en) * | 2010-01-19 | 2010-07-07 | 北京智慧眼科技发展有限公司 | Social insurance identity authentication method based on face recognition and living body detection |
| CN101917423A (en) * | 2010-08-05 | 2010-12-15 | 上海酷族信息技术有限公司 | Operating method for safety protection of database |
| CN104318164A (en) * | 2014-10-29 | 2015-01-28 | 北京金和软件股份有限公司 | Application program verification method |
| CN104572393A (en) * | 2013-10-24 | 2015-04-29 | 世纪禾光科技发展(北京)有限公司 | Buyer and seller login monitoring method and buyer and seller login monitoring system |
| CN105320767A (en) * | 2015-10-28 | 2016-02-10 | 浪潮(北京)电子信息产业有限公司 | Audit method and system for database |
-
2016
- 2016-09-28 CN CN201610857033.7A patent/CN106372534A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101770613A (en) * | 2010-01-19 | 2010-07-07 | 北京智慧眼科技发展有限公司 | Social insurance identity authentication method based on face recognition and living body detection |
| CN101917423A (en) * | 2010-08-05 | 2010-12-15 | 上海酷族信息技术有限公司 | Operating method for safety protection of database |
| CN104572393A (en) * | 2013-10-24 | 2015-04-29 | 世纪禾光科技发展(北京)有限公司 | Buyer and seller login monitoring method and buyer and seller login monitoring system |
| CN104318164A (en) * | 2014-10-29 | 2015-01-28 | 北京金和软件股份有限公司 | Application program verification method |
| CN105320767A (en) * | 2015-10-28 | 2016-02-10 | 浪潮(北京)电子信息产业有限公司 | Audit method and system for database |
Non-Patent Citations (3)
| Title |
|---|
| 徐正雄等: "利用系统事件触发器提高"军卫一号"Oracle数据库安全性" * |
| 王建栋;: "利用Oarcle事件触发器提高"军卫一号"系统的安全性" * |
| 陈垚等: "利用触发器和IP解决B/S结构数据库安全问题" * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107241452A (en) | A kind of data destruct system and method for mobile terminal | |
| CN105553666B (en) | Intelligent power terminal safety authentication system and method | |
| CN104202338A (en) | Secure access method applicable to enterprise-level mobile applications | |
| CN104753953A (en) | Access control system | |
| CN1921390A (en) | User identification identifying method and system | |
| CN104754571A (en) | User authentication realizing method, device and system thereof for multimedia data transmission | |
| FR2871007B1 (en) | SECURE UNLOCKING OF A MOBILE TERMINAL | |
| CN1713756A (en) | Security guarantee for memory data information of mobile terminal | |
| CN103036883B (en) | A kind of safe communication method of security server and system | |
| CN104994115B (en) | A kind of login authentication method and system | |
| CN103607389A (en) | Remote wireless identity authentication system | |
| CN106921633A (en) | Calling number Verification System and method | |
| CN103188254A (en) | Network security protection method capable of giving consideration to both smoothness and safety of internal and external network information | |
| CN103686651A (en) | Emergency call based authentication method, device and system | |
| CN109672695A (en) | A kind of double factor identity identifying method and device | |
| WO2012055297A1 (en) | Authentication method and device of mobile terminal | |
| CN101119381A (en) | Method and system for preventing playback attack | |
| CN105812338B (en) | Data access control method and network management equipment | |
| CN102833067B (en) | Trilateral authentication method and system and authentication state management method of terminal equipment | |
| CN102413146A (en) | Client authorized logon method based on dynamic codes | |
| CN101247618B (en) | Terminal validity detecting method and system | |
| CN106372534A (en) | Oracle database user secure login method and system | |
| CN103036879A (en) | Method for auditing QQ chat contents | |
| CN109639695A (en) | Dynamic identity authentication method, electronic equipment and storage medium based on mutual trust framework | |
| CN115767538A (en) | Information verification method, information processing method, device and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170201 |
|
| RJ01 | Rejection of invention patent application after publication |