CN110188089A - A kind of database O&M management-control method and device - Google Patents

A kind of database O&M management-control method and device Download PDF

Info

Publication number
CN110188089A
CN110188089A CN201910467397.8A CN201910467397A CN110188089A CN 110188089 A CN110188089 A CN 110188089A CN 201910467397 A CN201910467397 A CN 201910467397A CN 110188089 A CN110188089 A CN 110188089A
Authority
CN
China
Prior art keywords
database
examination
approval
operating instruction
host
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910467397.8A
Other languages
Chinese (zh)
Other versions
CN110188089B (en
Inventor
邵宛岩
范渊
刘博�
龙文洁
莫金友
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Dbappsecurity Technology Co Ltd
Original Assignee
Hangzhou Dbappsecurity Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Dbappsecurity Technology Co Ltd filed Critical Hangzhou Dbappsecurity Technology Co Ltd
Priority to CN201910467397.8A priority Critical patent/CN110188089B/en
Publication of CN110188089A publication Critical patent/CN110188089A/en
Application granted granted Critical
Publication of CN110188089B publication Critical patent/CN110188089B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/21Design, administration or maintenance of databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2457Query processing with adaptation to user needs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Abstract

The present invention provides a kind of database O&M management-control method and devices, it is related to the technical field of information management, including obtain database operating instruction and send database operating instruction host information, according to the information of host judge host whether be preset authorization operate host;If, then corresponding business operation sentence is converted by each database operating instruction, business operation sentence is examined according to examination & approval mode and preset examination & approval rule, if examination & approval pass through, allows database operating instruction to treat control database and carries out corresponding database manipulation.It is just had permission this method limit the host of only preset authorization operation and O&M is carried out to database, and the corresponding business operation sentence of data base manipulation statement is examined with examination & approval rule according to preset examination & approval mode, only examination & approval pass through, just allow database operating instruction to treat control database and carry out corresponding database manipulation, alleviates the poor technical problem of existing database management-control method safety.

Description

A kind of database O&M management-control method and device
Technical field
The present invention relates to the technical fields of information management, more particularly, to a kind of database O&M management-control method and device.
Background technique
Currently, most enterprises all very focus on database information security, after a database is created, need by Special operation maintenance personnel carries out daily O&M to database, still, if operation maintenance personnel steals sensitive data and illegally lived There is maloperation in dynamic or daily O&M, delete information important in database, most of solution is thing at present After the database manipulation for being handled, but having been executed again of auditing certain loss can be caused to enterprise.
To sum up, the existing database management-control method technical problem poor there are safety.
Summary of the invention
The purpose of the present invention is to provide a kind of database O&M management-control method and devices, to alleviate existing data depositary management Control the poor technical problem of method security.
In a first aspect, the present invention provides a kind of database O&M management-control method, comprising:
It obtains database operating instruction and sends the information of the host of the database operating instruction, wherein the data Library operational order carries out database manipulation for treating control database, and the information of the host includes at least: the host The mac address information of IP address information and the host;
According to the information of the host judge the host whether be preset authorization operation host;
If so, converting corresponding business operation sentence for each database operating instruction;
The business operation sentence is examined according to examination & approval mode and preset examination & approval rule, wherein the examination & approval Mode includes following any: automatic examination & approval mode and artificial examination & approval mode, the examination & approval rule includes: O&M time rule And/or business operation content rule;
If examination & approval pass through, the database operating instruction is allowed to carry out corresponding database to the database to be managed Operation.
Further, converting corresponding business operation sentence for each database operating instruction includes:
Syntactic analysis is carried out to each database operating instruction, obtains analysis result, wherein the analysis result packet It includes: action message indicated by the database operating instruction and the corresponding operation object of the action message;
The analysis result is matched with operation dictionary and business dictionary respectively, and according to matching result determination and institute State the corresponding business operation sentence of analysis result, wherein the operation dictionary indicates between action message and business operating instructions Contrast relationship, the business dictionary indicates the contrast relationship between operation object and business operation object.
Further, the examination & approval mode is the automatic examination & approval mode;
Carrying out examination & approval to the business operation sentence according to examination & approval mode and preset examination & approval rule includes:
Judge whether the corresponding current operating temporal of the database operating instruction meets the O&M time rule, and/ Or, whether the business operation sentence meets the business operation content rule;
If meeting, examination & approval pass through.
Further, the examination & approval mode is the artificial examination & approval mode;
Carrying out examination & approval to the business operation sentence according to examination & approval mode and preset examination & approval rule includes:
The business operation sentence is classified based on preset examination & approval rule, obtains sorted business operation language Sentence;
The sorted business operation sentence is sent to the copending inbox of corresponding approving person, and according to pre- If advice method notifies the approving person to examine, wherein the default advice method includes at least following one: mail Mode, the mode of short message;
Receive the approval results that the approving person returns, wherein the approval results include following any: examination & approval are logical It is crossing as a result, examining unsanctioned result.
Further, the method also includes:
If examination & approval pass through, determined in the database operating instruction corresponding with the business operation sentence that examination & approval pass through Target database operational order;
The target database operational order is saved to can be in the operational order library of operation/maintenance data library.
Further, the method also includes:
After judging that the host is the host that preset authorization operates according to the information of the host, the data are judged Whether operational order corresponding current operating temporal in library meets O&M time rule;
If meeting, judgement can whether there is and the database operating instruction phase in the operational order library of operation/maintenance data library That matches can operation/maintenance data library operational order, wherein it is described can operation/maintenance data library operational order library include Authorized operation data Library operational order;
If it exists, then the database operating instruction is allowed to carry out corresponding database behaviour to the database to be managed Make.
Further, the method also includes:
If it does not exist, then library operational order determines corresponding business operation sentence based on the data;
Judge whether the business operation sentence meets the business operation content rule;
If meeting, the database operating instruction is allowed to carry out corresponding database behaviour to the database to be managed Make.
Second aspect, the present invention also provides a kind of database O&M control devices, comprising:
Module is obtained, the information of the host for obtaining database operating instruction and the transmission database operating instruction, Wherein, the database operating instruction carries out database manipulation for treating control database, and the information of the host is at least wrapped It includes: the mac address information of the IP address information of the host and the host;
Judgment module, for according to the information of the host judge the host whether be preset authorization operation host;
Conversion module, if so, converting corresponding business operation sentence for each database operating instruction;
Approval module, for being examined according to examination & approval mode and preset examination & approval rule to the business operation sentence, Wherein, the examination & approval mode includes following any: automatic examination & approval mode and artificial examination & approval mode, the examination & approval rule include: O&M time rule and/or business operation content rule;
Execution module allows the database operating instruction to carry out pair the database to be managed if examination & approval pass through The database manipulation answered.
Further, the conversion module includes:
Parsing unit, for carrying out syntactic analysis to each database operating instruction, analyzed as a result, its In, the analysis result includes: action message indicated by the database operating instruction and the corresponding behaviour of the action message Make object;
Matching unit, for by the analysis result respectively with operation dictionary and business dictionary match, and according to Business operation sentence corresponding with the analysis result is determined with result, wherein the operation dictionary indicates action message and industry Contrast relationship between business operational order, the business dictionary indicate to compare pass between operation object and business operation object System.
Further, the examination & approval mode is the automatic examination & approval mode;
The approval module includes:
Judging unit, for judging whether the corresponding current operating temporal of the database operating instruction meets the O&M Time rule, and/or, whether the business operation sentence meets the business operation content rule;
Determination unit, if meeting, examination & approval pass through.
Database O&M management-control method provided by the invention, comprising: obtain database operating instruction and send database behaviour Make the information of the host instructed, wherein database operating instruction carries out database manipulation for treating control database, host Information includes at least: the IP address information of host and the mac address information of host;According to the information of host judge host whether be The host of preset authorization operation;If so, converting corresponding business operation sentence for each database operating instruction;According to careful Batch mode and preset examination & approval rule examine business operation sentence, wherein examination & approval mode includes following any: automatic Examination & approval mode and artificial examination & approval mode, examination & approval rule includes: O&M time rule and/or business operation content rule;If examination & approval Pass through, then allows database operating instruction to treat control database and carry out corresponding database manipulation.
In the prior art, if operation maintenance personnel is stolen sensitive data and miss in unlawful activities or daily O&M Operation, deletes information important in database, most of solution is to audit afterwards to be handled again, but held Capable database manipulation can cause certain loss to enterprise.It is provided by the invention compared with processing mode in the prior art Database O&M management-control method judged according to the information of the host of transmission database operating instruction got first, if Determination is the host of preset authorization operation, the industry that the database operating instruction that just can further will acquire is converted into convenient for examination & approval Then business action statement is examined business operation sentence further according to examination & approval mode and preset examination & approval rule, is only examined Pass through, just allows database operating instruction to treat control database and carry out corresponding database manipulation.This method limit only The host of preset authorization operation, which just has permission, treats control database progress O&M, and only examines the database manipulation passed through Instruction can just treat control database and be operated, and alleviate the poor technology of existing database management-control method safety and ask Topic.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of flow chart of database O&M management-control method provided in an embodiment of the present invention;
Fig. 2 is provided in an embodiment of the present invention when examination & approval mode is automatic examination & approval mode, according to examination & approval mode and is preset Examination & approval rule flow chart that business operation sentence is examined;
Fig. 3 is the flow chart of another database O&M management-control method provided in an embodiment of the present invention;
Fig. 4 is a kind of schematic diagram of database O&M control device provided in an embodiment of the present invention.
Specific embodiment
Technical solution of the present invention is clearly and completely described below in conjunction with embodiment, it is clear that described reality Applying example is a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, the common skill in this field Art personnel every other embodiment obtained without making creative work belongs to the model that the present invention protects It encloses.
Embodiment one:
Fig. 1 is a kind of flow chart of database O&M management-control method provided in an embodiment of the present invention, and this method includes as follows Step:
Step S102 obtains database operating instruction and sends the information of the host of database operating instruction, wherein data Library operational order carries out database manipulation for treating control database, and the information of host includes at least: the IP address letter of host The mac address information of breath and host;
In embodiments of the present invention, it to treat control database and carry out O&M, database approval system is firstly the need of acquisition The information of the host of database operating instruction and transmission database operating instruction, database operation maintenance personnel can be in advance by database The information preservation of the host of operational order and transmission database operating instruction is into file destination, then log database approval system File destination is imported;Can also be after log database approval system, difference input database operational order and transmission data The information of the host of library operational order, wherein database operating instruction can be it is a plurality of be also possible to one, database examination & approval system System has also got the corresponding current operating temporal of the database operating instruction while obtaining database operating instruction, host Information can obtain return information by the way of input order automatically, and the information of host includes at least: the IP of host The mac address information of location information and host.
Step S104, according to the information of host judge host whether be preset authorization operation host;
After getting the information for sending the host of database operating instruction, first have to judge the transmission according to the information of host Whether the host of database operating instruction is the host of preset authorization operation, if it is not, then grasping without subsequent database Make.
Step S106, if so, converting corresponding business operation sentence for each database operating instruction;
If the host of the transmission database operating instruction is the host of preset authorization operation, each database is grasped Make the instruction morphing business operation sentence for that approving person can be convenient for be examined, wherein business operation sentence can be convenient for Approving person examines database operating instruction, will hereinafter describe in detail to the process of conversion.
Step S108 examines business operation sentence according to examination & approval mode and preset examination & approval rule, wherein examination & approval Mode includes following any: automatic examination & approval mode and artificial examination & approval mode, examination & approval rule include: O&M time rule and/or Business operation content rule;
After obtaining business operation sentence, according to examination & approval mode (automatic examination & approval mode or manually examine mode) and preset careful It criticizes rule to examine business operation sentence, wherein examination & approval rule includes: O&M time rule and/or business operation content Rule when approving person is busier or outgoing, can set automatic for database approval system under normal circumstances Examination & approval mode hereinafter describes the process examined to automatic examination & approval mode and artificial examination & approval mode in detail.
Step S110 allows database operating instruction to treat control database and carries out corresponding data if examination & approval pass through Library operation.
If business operation sentence meets preset examination & approval rule, examination & approval pass through, and database manipulation is allowed for refer to Order treats control database and carries out corresponding database manipulation;If business operation sentence does not meet preset examination & approval rule, Examination & approval do not pass through, that is, do not allow the database operating instruction to treat control database and operated.
In the prior art, if operation maintenance personnel is stolen sensitive data and miss in unlawful activities or daily O&M Operation, deletes information important in database, most of solution is to audit afterwards to be handled again, but held Capable database manipulation can cause certain loss to enterprise.It is provided by the invention compared with processing mode in the prior art Database O&M management-control method judged according to the information of the host of transmission database operating instruction got first, if Determination is the host of preset authorization operation, the industry that the database operating instruction that just can further will acquire is converted into convenient for examination & approval Then business action statement is examined business operation sentence further according to examination & approval mode and preset examination & approval rule, is only examined Pass through, just allows database operating instruction to treat control database and carry out corresponding database manipulation.This method limit only The host of preset authorization operation, which just has permission, treats control database progress O&M, and only examines the database manipulation passed through Instruction can just treat control database and be operated, and alleviate the poor technology of existing database management-control method safety and ask Topic.
Above the operating procedure of database O&M management-control method of the invention is briefly described, below to will be every The process that a database operating instruction is converted into corresponding business operation sentence describes in detail.
In an optional embodiment, corresponding business operation sentence packet is converted by each database operating instruction Include following steps:
Step S1061 carries out syntactic analysis to each database operating instruction, obtains analysis result, wherein analysis result It include: action message indicated by database operating instruction and the corresponding operation object of action message;
Specifically, under normal circumstances, database operating instruction is stated using the structured query language of standard, so Action message indicated by database operating instruction and the corresponding operation object of action message can be obtained by syntactic analysis, and Using content obtained above as the analysis result of syntactic analysis.
Step S1062 matches analysis result with operation dictionary and business dictionary respectively, and true according to matching result Fixed business operation sentence corresponding with analysis result, wherein operation dictionary indicates between action message and business operating instructions Contrast relationship, business dictionary indicate the contrast relationship between operation object and business operation object.
After obtaining analysis result, analysis result is matched with operation dictionary and business dictionary respectively, wherein operational word Allusion quotation is autonomous Design and maintenance, indicates the contrast relationship between action message and business operating instructions, business dictionary be by The contrast relationship between a kind of operation object and business operation object wait manage the offer of operation system corresponding to database, With end, matching result is obtained, business operation sentence corresponding with analysis result is determined according to above-mentioned matching result.
In order to make it easy to understand, below to the process for converting each database operating instruction to corresponding business operation sentence It is illustrated:
If database operating instruction is " delete from user ", analysis result is obtained indicated by database operating instruction Action message be " delete ", the corresponding operation object of action message be " user ", then will analysis result and operation dictionary It is matched, obtaining business operating instructions is " deletion ", and analysis result is matched with business dictionary, obtains business operation pair As for " user's table ", then determining that business operation sentence corresponding with result is analyzed is exactly " deletion user's table according to matching result Content ".
Above the process for converting corresponding business operation sentence for each database operating instruction has been carried out in detail Description, the process examined below to two different examination & approval modes describes in detail.
In an optional embodiment, as shown in Fig. 2, examination & approval mode is automatic examination & approval mode, according to examination & approval mode Examination & approval are carried out to business operation sentence with preset examination & approval rule to include the following steps:
Step S1081, judges whether the corresponding current operating temporal of database operating instruction meets O&M time rule, And/or whether business operation sentence meets business operation content rule;
Step S1082, if meeting, examination & approval pass through.
Specifically, O&M time rule can only be arranged or business operation content is only arranged in Design approval rule Dual examination & approval rule can also be arranged, that is, O&M time rule and business operation content rule are all judged, are needed in rule Illustrate, the judgement sequence user of O&M time rule and business operation content rule can carry out customized;
It describes in detail below to a kind of situation that dual examination & approval rule is arranged:
O&M time rule can be understood as evading O&M automatically using rush hour section by pre-defined database Personnel rush hour section treat control database carry out O&M, that is, be preferably provided with O&M time rule be rush hour section not Allowing to treat control database and carries out any operation, other O&M time rules can also be arranged in user according to the actual situation, The present invention does not carry out concrete restriction to it, in order to make it easy to understand, O&M time rule is illustrated below:
It is carried out if setting O&M time rule and cannot treat control database to 4 points to and 2 pm at 10 points as 8 a.m. O&M, it is, 8 a.m. to 10 points and 2 pm to 4 points be restricted operating time section, then examined when database and be System is when receiving database operating instruction, first determine whether current operating temporal whether in above-mentioned restricted operating time section, If current operating temporal is at 3 points in afternoon, does not allow to treat control database and carry out relevant operation, if current operating temporal For 12 noon, then further business operation sentence is judged, determines if to meet business operation content rule.
Specifically, business operation content rule can be set according to the actual situation, it is preferred that can by limited table, Restricted data and limited operation carry out logical combination, are combined result and are set as business operation content rule, for the ease of reason Solution, is below illustrated business operation content rule:
If user's table wait manage in database belongs to the higher table of security classification, the setting of business operation content rule is not permitted Perhaps operation maintenance personnel carries out any operation to it, then checking user's table, editor user's table and deleting in business operation sentence is used The operation of all about user's table such as family table will be all rejected;Or the data in pre-defined user's table about ID card information It the operation such as cannot be checked, edited or be deleted, but other data are not specifically limited in user's table, then business operation content The operation of the data of ID card information will be all rejected in all about user's table of rule settings;Again or set target data only It can be checked, cannot be edited, then check that the business operation sentence of target data meets rule in business operation sentence, it can Examination & approval pass through, and other do not pass through about the operation examination & approval of target data.
In an optional embodiment, examination & approval mode is artificial examination & approval mode, according to examination & approval mode and preset is examined Criticizing rule and carrying out examination & approval to business operation sentence includes the following contents:
Firstly, business operation sentence is classified based on preset examination & approval rule, sorted business operation language is obtained Sentence;
Then, sorted business operation sentence is sent to the copending inbox of corresponding approving person, and according to Default advice method notifies approving person to examine, wherein default advice method includes at least following one: the side of mail Formula, the mode of short message;
Simple introduction above has been carried out to the case where artificial examination & approval, in order to optimize approval process, has improved examination & approval Accuracy, business operation sentence is classified first, sorted business operation sentence is obtained, specifically how to classify User can according to the actual situation set system, and the present invention does not carry out concrete restriction to it, can be according to number to be managed It is distinguished according to the data in library, such as all operations about user's table are all arranged some specific people and examine;Or Approving person is divided into shift according to the time in advance, is distributed according to the corresponding current operating temporal of database operating instruction different Approving person, dispersion examination & approval pressure.
Further, sorted business operation sentence is sent to the copending inbox of corresponding approving person, it is special It does not point out, when approving person examines, not can be only seen business operation sentence, also can choose and check corresponding database Operational order.In order to improve the efficiency of examination & approval, database approval system will be notified according to preset advice method approving person into Row examination & approval, preset advice method can be the mode of mail, the mode of short message or other advice methods, can also be more Kind advice method is used in combination, and the present invention does not carry out concrete restriction to default advice method, and user can set according to the actual situation It is fixed.
Finally, receiving the approval results that approving person returns, wherein approval results include following any: examination & approval pass through As a result, examining unsanctioned result.
After copending personnel's examination & approval, database approval system will receive the approval results of approving person's return, if Business operation sentence meets preset examination & approval rule, then return it is that examination & approval pass through as a result, if business operation sentence do not meet it is pre- If examination & approval rule, then return to the unsanctioned result of examination & approval.
It particularly points out, when being set as manually examining mode, approving person can also according to the actual situation, to certain principles On do not meet preset examination & approval rule business operation sentence examined it is corresponding by, for example, it is assumed that database operating instruction Operating time do not meet O&M time rule, but since the situation is critical, approving person, which can make an exception, ratifies database behaviour Make, and then alleviate the emergency, that is, artificial examination & approval mode is more flexible examination & approval mode.
The process above examined to two different examination & approval modes is described in detail, below to the present invention Other content in method describes in detail.
In an optional embodiment, this method further includes following steps:
Step S112 determines the business operation sentence pair passed through with examination & approval if examination & approval pass through in database operating instruction The target database operational order answered;
Step S114 saves target database operational order to can be in the operational order library of operation/maintenance data library.
Specifically, also being needed in multiple database operating instructions if the examination & approval of some business operation sentence pass through It determines corresponding with business operation sentence target database operational order, then saves target database operational order to can In the operational order library of operation/maintenance data library, this can operation/maintenance data library operational order library be used for save it is all examine pass through databases behaviour It instructs.
A kind of embodiment of database O&M management-control method of the invention is described in detail above, below to another A kind of outer embodiment describes in detail.
In an optional embodiment, as shown in figure 3, this method further includes following steps:
Step S201 judges database after the host that the information according to host judges that host is preset authorization operation Whether the corresponding current operating temporal of operational order meets O&M time rule;
Specifically, during treating control database progress O&M, if sending the host of database operating instruction It is the host of preset authorization operation, then can further judge whether the corresponding current operating temporal of database operating instruction accords with O&M time rule is closed, detailed introduction has been carried out in the setting in relation to O&M time rule above, also no longer superfluous herein It states, and the mode judged can choose the mode or artificial judgment judged automatically by staff's self-setting Mode.
Step S202, if meeting, judgement can be in the operational order library of operation/maintenance data library with the presence or absence of referring to database manipulation Enable match can operation/maintenance data library operational order, wherein can operation/maintenance data library operational order library include Authorized operation number According to library operational order;
Step S203, and if it exists, then allow database operating instruction to treat control database and carry out corresponding database behaviour Make.
If the corresponding current operating temporal of database operating instruction meets preset time rule, further judgement can In the operational order library of operation/maintenance data library with the presence or absence of with database operating instruction match can operation/maintenance data library operational order, because For can operation/maintenance data library operational order library include Authorized operation database operating instruction, it is, all once examined By the corresponding database operating instruction of business operation sentence be saved to can in the operational order library of operation/maintenance data library, Judge whether the database operating instruction was once passed through by examination & approval, if can exist in the operational order library of operation/maintenance data library and data Library operational order is matched can operation/maintenance data library operational order, then it is not necessary to carry out subsequent approval process again, can directly allow The database operating instruction treats control database and carries out corresponding database manipulation, improves O&M efficiency.
In practical application, when can also will judge whether the corresponding current operating temporal of database operating instruction meets O&M Between regular process omitted, that is, after the host that the information according to host judges that host is preset authorization operation, directly To can in the operational order library of operation/maintenance data library with the presence or absence of with database operating instruction match can the operation of operation/maintenance data library refer to Order is judged, that is to say, that O&M time rule can be used as one and optionally judge item, be set according to practical situation It is fixed.
In an optional embodiment, this method further include:
Step S204 then determines corresponding business operation sentence based on database operating instruction if it does not exist;
Further, if can in the operational order library of operation/maintenance data library there is no with database operating instruction is matched transports Dimensional database operational order, then also needing to convert database operating instruction to corresponding business operation sentence, the side of conversion Detailed introduction above has been carried out in method, and details are not described herein again.
Step S205, judges whether business operation sentence meets business operation content rule;
Step S206 allows database operating instruction to treat control database and carries out corresponding database behaviour if meeting Make.
After obtaining business operation sentence, further judge whether it meets business operation content rule, if do not met, Do not allow database operating instruction to treat control database to be operated;If business operation sentence meets content regulation in business operation Then, then allow database operating instruction to treat control database and carry out corresponding database manipulation.Content regulation in related business operation Detailed introduction has been carried out above, also repeats no more herein for setting then, and the mode judged can be by staff Self-setting can choose the mode of the mode or artificial judgment that judge automatically.
To sum up, database O&M management-control method provided in an embodiment of the present invention has the advantage that
1. database operating instruction can be converted business operation sentence by the method for the present invention, the approving person that is more convenient for is examined Batch;
2. O&M time rule can be set in user, for example, the database manipulation of limitation peak period, evades O&M automatically Personnel treat control database in peak period and carry out O&M;
3. judging according to business operation content rule business operation sentence, complete comparison can be realized;
4. the examination & approval efficiency that automatic examination & approval mode can be improved database manipulation;
5. manually examination & approval mode is capable of the application of more flexible process database operations, the correct of examination & approval also can be improved Rate.
Embodiment two:
The embodiment of the invention also provides a kind of database O&M control device, which is mainly used In executing database O&M management-control method provided by above content of the embodiment of the present invention, below to provided in an embodiment of the present invention Database O&M control device does specific introduction.
Fig. 4 is a kind of schematic diagram of database O&M control device provided in an embodiment of the present invention, as shown in figure 4, the dress Setting main includes obtaining module 10, judgment module 20, conversion module 30, approval module 40, execution module 50, in which:
Module is obtained, the information of the host for obtaining database operating instruction and transmission database operating instruction, wherein Database operating instruction carries out database manipulation for treating control database, and the information of host includes at least: the IP of host The mac address information of location information and host;
Judgment module, for the information according to host judge host whether be preset authorization operation host;
Conversion module, if so, converting corresponding business operation sentence for each database operating instruction;
Approval module, for being examined according to examination & approval mode and preset examination & approval rule to business operation sentence, wherein Examination & approval mode includes following any: automatic examination & approval mode and artificial examination & approval mode, examination & approval rule includes: O&M time rule And/or business operation content rule;
Execution module allows database operating instruction to treat control database and carries out corresponding data if examination & approval pass through Library operation.
In the prior art, if operation maintenance personnel is stolen sensitive data and miss in unlawful activities or daily O&M Operation, deletes information important in database, most of solution is to audit afterwards to be handled again, but held Capable database manipulation can cause certain loss to enterprise.It is provided by the invention compared with processing mode in the prior art Database O&M management-control method judged according to the information of the host of transmission database operating instruction got first, if Determination is the host of preset authorization operation, the industry that the database operating instruction that just can further will acquire is converted into convenient for examination & approval Then business action statement is examined business operation sentence further according to examination & approval mode and preset examination & approval rule, is only examined Pass through, just allows database operating instruction to treat control database and carry out corresponding database manipulation.This method limit only The host of preset authorization operation, which just has permission, treats control database progress O&M, and only examines the database manipulation passed through Instruction can just treat control database and be operated, and alleviate the poor technology of existing database management-control method safety and ask Topic.
Further, conversion module includes:
Parsing unit obtains analysis result for carrying out syntactic analysis to each database operating instruction, wherein Analyzing result includes: action message indicated by database operating instruction and the corresponding operation object of action message;
Matching unit is matched respectively with operation dictionary and business dictionary for that will analyze result, and is tied according to matching Fruit determines and the corresponding business operation sentence of analysis result, wherein operation dictionary expression action message and business operating instructions it Between contrast relationship, business dictionary indicates the contrast relationship between operation object and business operation object.
Further, examination & approval mode is automatic examination & approval mode;Approval module includes:
Judging unit, for judging whether the corresponding current operating temporal of database operating instruction meets O&M time rule Then, and/or, whether business operation sentence meets business operation content rule;
Determination unit, if meeting, examination & approval pass through.
Further, examination & approval mode is artificial examination & approval mode, and approval module includes:
Taxon obtains sorted industry for business operation sentence to be classified based on preset examination & approval rule Business action statement;
Transmission unit, for sorted business operation sentence to be sent to the copending addressee of corresponding approving person Case, and notify approving person to examine according to default advice method, wherein default advice method includes at least following one: The mode of mail, the mode of short message;
Receiving unit, for receiving the approval results of approving person's return, wherein approval results include following any: Examine pass through as a result, examining unsanctioned result.
Further, which is also used to:
If examination & approval pass through, target corresponding with the business operation sentence that examination & approval pass through is determined in database operating instruction Database operating instruction;
Target database operational order is saved to can be in the operational order library of operation/maintenance data library.
Further, which is also used to:
After the host that the information according to host judges that host is preset authorization operation, database operating instruction pair is judged Whether the current operating temporal answered meets O&M time rule;
If meeting, judgement can be in the operational order library of operation/maintenance data library with the presence or absence of matching with database operating instruction Can operation/maintenance data library operational order, wherein can operation/maintenance data library operational order library include that the database manipulation of Authorized operation refers to It enables;
If it exists, then allow database operating instruction to treat control database and carry out corresponding database manipulation.
Further, which is also used to:
If it does not exist, then corresponding business operation sentence is determined based on database operating instruction;
Judge whether business operation sentence meets business operation content rule;
If meeting, allows database operating instruction to treat control database and carry out corresponding database manipulation.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution The range of scheme.

Claims (10)

1. a kind of database O&M management-control method characterized by comprising
It obtains database operating instruction and sends the information of the host of the database operating instruction, wherein the database behaviour It instructs and carries out database manipulation for treating control database, the information of the host includes at least: the IP of the host The mac address information of location information and the host;
According to the information of the host judge the host whether be preset authorization operation host;
If so, converting corresponding business operation sentence for each database operating instruction;
The business operation sentence is examined according to examination & approval mode and preset examination & approval rule, wherein the examination & approval mode Including following any: automatic examination & approval mode and artificial examination & approval mode, the examination & approval rule include: O&M time rule and/or Business operation content rule;
If examination & approval pass through, the database operating instruction is allowed to carry out corresponding database behaviour to the database to be managed Make.
2. the method according to claim 1, wherein converting each database operating instruction to corresponding Business operation sentence includes:
Syntactic analysis is carried out to each database operating instruction, obtains analysis result, wherein the analysis result includes: Action message indicated by the database operating instruction and the corresponding operation object of the action message;
The analysis result is matched with operation dictionary and business dictionary respectively, and is determined and described point according to matching result Analyse the corresponding business operation sentence of result, wherein the operation dictionary indicates pair between action message and business operating instructions According to relationship, the business dictionary indicates the contrast relationship between operation object and business operation object.
3. the method according to claim 1, wherein the examination & approval mode is the automatic examination & approval mode;
Carrying out examination & approval to the business operation sentence according to examination & approval mode and preset examination & approval rule includes:
Judge whether the corresponding current operating temporal of the database operating instruction meets the O&M time rule, and/or, institute State whether business operation sentence meets the business operation content rule;
If meeting, examination & approval pass through.
4. the method according to claim 1, wherein the examination & approval mode is the artificial examination & approval mode;
Carrying out examination & approval to the business operation sentence according to examination & approval mode and preset examination & approval rule includes:
The business operation sentence is classified based on preset examination & approval rule, obtains sorted business operation sentence;
The sorted business operation sentence is sent to the copending inbox of corresponding approving person, and according to default logical Know that mode notifies the approving person to examine, wherein the default advice method includes at least following one: the side of mail Formula, the mode of short message;
Receive the approval results that the approving person returns, wherein the approval results include following any: examining and pass through As a result, examining unsanctioned result.
5. the method according to claim 1, wherein the method also includes:
If examination & approval pass through, target corresponding with the business operation sentence that examination & approval pass through is determined in the database operating instruction Database operating instruction;
The target database operational order is saved to can be in the operational order library of operation/maintenance data library.
6. the method according to claim 1, wherein the method also includes:
After judging that the host is the host that preset authorization operates according to the information of the host, the database behaviour is judged Make to instruct whether corresponding current operating temporal meets O&M time rule;
If meeting, judgement can be in the operational order library of operation/maintenance data library with the presence or absence of matching with the database operating instruction Can operation/maintenance data library operational order, wherein it is described can operation/maintenance data library operational order library include Authorized operation database behaviour It instructs;
If it exists, then the database operating instruction is allowed to carry out corresponding database manipulation to the database to be managed.
7. according to the method described in claim 6, it is characterized in that, the method also includes:
If it does not exist, then library operational order determines corresponding business operation sentence based on the data;
Judge whether the business operation sentence meets the business operation content rule;
If meeting, the database operating instruction is allowed to carry out corresponding database manipulation to the database to be managed.
8. a kind of database O&M control device characterized by comprising
Module is obtained, the information of the host for obtaining database operating instruction and the transmission database operating instruction, wherein The database operating instruction carries out database manipulation for treating control database, and the information of the host includes at least: institute State the IP address information of host and the mac address information of the host;
Judgment module, for according to the information of the host judge the host whether be preset authorization operation host;
Conversion module, if so, converting corresponding business operation sentence for each database operating instruction;
Approval module, for being examined according to examination & approval mode and preset examination & approval rule to the business operation sentence, wherein The examination & approval mode includes following any: automatic examination & approval mode and artificial examination & approval mode, when the examination & approval rule includes: O&M Between rule and/or business operation content rule;
Execution module allows the database operating instruction to carry out the database to be managed corresponding if examination & approval pass through Database manipulation.
9. device according to claim 8, which is characterized in that the conversion module includes:
Parsing unit obtains analysis result for carrying out syntactic analysis to each database operating instruction, wherein The analysis result includes: action message indicated by the database operating instruction and the corresponding operation pair of the action message As;
Matching unit for matching the analysis result with operation dictionary and business dictionary respectively, and is tied according to matching Fruit determines business operation sentence corresponding with the analysis result, wherein the operation dictionary indicates action message and business behaviour Contrast relationship between instructing, the business dictionary indicate the contrast relationship between operation object and business operation object.
10. device according to claim 8, which is characterized in that the examination & approval mode is the automatic examination & approval mode;
The approval module includes:
Judging unit, for judging whether the corresponding current operating temporal of the database operating instruction meets the O&M time Rule, and/or, whether the business operation sentence meets the business operation content rule;
Determination unit, if meeting, examination & approval pass through.
CN201910467397.8A 2019-05-31 2019-05-31 Database operation and maintenance management and control method and device Active CN110188089B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910467397.8A CN110188089B (en) 2019-05-31 2019-05-31 Database operation and maintenance management and control method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910467397.8A CN110188089B (en) 2019-05-31 2019-05-31 Database operation and maintenance management and control method and device

Publications (2)

Publication Number Publication Date
CN110188089A true CN110188089A (en) 2019-08-30
CN110188089B CN110188089B (en) 2021-07-27

Family

ID=67719218

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910467397.8A Active CN110188089B (en) 2019-05-31 2019-05-31 Database operation and maintenance management and control method and device

Country Status (1)

Country Link
CN (1) CN110188089B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111125759A (en) * 2019-12-19 2020-05-08 上海上讯信息技术股份有限公司 Database login account shielding method and device and electronic equipment
CN111984672A (en) * 2020-08-11 2020-11-24 成都安恒信息技术有限公司 Method for providing rule matching capability for command request in operation and maintenance auditing system

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050144460A1 (en) * 2003-12-24 2005-06-30 International Business Machines Corporation Access control system, access control device, access control method, program and recording medium
US20090175509A1 (en) * 2008-01-03 2009-07-09 Apple Inc. Personal computing device control using face detection and recognition
CN101788992A (en) * 2009-05-06 2010-07-28 厦门东南融通系统工程有限公司 Method and system for converting query sentence of database
CN101867490A (en) * 2010-06-09 2010-10-20 中兴通讯股份有限公司 Maintenance operation system and method
CN102033951A (en) * 2010-12-15 2011-04-27 北京新媒传信科技有限公司 WEB database platform
CN102306258A (en) * 2011-09-23 2012-01-04 国网电力科学研究院 UNIX host safety configuration auditing method based on configurable knowledge base
CN103902542A (en) * 2012-12-25 2014-07-02 百度在线网络技术(北京)有限公司 Operating and maintaining method and system of database in testing environment
CN104090941A (en) * 2014-06-30 2014-10-08 江苏华大天益电力科技有限公司 Database auditing system and database auditing method
US20140310768A1 (en) * 2006-05-15 2014-10-16 Oracle International Corporation System and method for enforcing role membership removal requirements
CN104156439A (en) * 2014-08-12 2014-11-19 华北电力大学句容研究中心 Method for remote intelligent operation and maintenance audit
CN104391995A (en) * 2014-12-15 2015-03-04 北京趣拿软件科技有限公司 SQL (Structured Query Language) statement auditing method, and database operation and maintenance method and system
US20150143546A1 (en) * 2011-10-17 2015-05-21 Raytheon Company Service oriented secure collaborative system for compartmented networks
CN104766023A (en) * 2015-02-02 2015-07-08 苏州全维软件科技有限公司 User management method based on ORACLE database
CN105553940A (en) * 2015-12-09 2016-05-04 北京中科云集科技有限公司 Safety protection method based on big data processing platform
CN105912949A (en) * 2016-04-13 2016-08-31 北京京东尚科信息技术有限公司 Data permission management method, data permission management system and service management system
CN107656858A (en) * 2016-07-26 2018-02-02 深圳联友科技有限公司 A kind of method and system of automatic O&M monitoring oracle database

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050144460A1 (en) * 2003-12-24 2005-06-30 International Business Machines Corporation Access control system, access control device, access control method, program and recording medium
US20140310768A1 (en) * 2006-05-15 2014-10-16 Oracle International Corporation System and method for enforcing role membership removal requirements
US20090175509A1 (en) * 2008-01-03 2009-07-09 Apple Inc. Personal computing device control using face detection and recognition
CN101788992A (en) * 2009-05-06 2010-07-28 厦门东南融通系统工程有限公司 Method and system for converting query sentence of database
CN101867490A (en) * 2010-06-09 2010-10-20 中兴通讯股份有限公司 Maintenance operation system and method
CN102033951A (en) * 2010-12-15 2011-04-27 北京新媒传信科技有限公司 WEB database platform
CN102306258A (en) * 2011-09-23 2012-01-04 国网电力科学研究院 UNIX host safety configuration auditing method based on configurable knowledge base
US20150143546A1 (en) * 2011-10-17 2015-05-21 Raytheon Company Service oriented secure collaborative system for compartmented networks
CN103902542A (en) * 2012-12-25 2014-07-02 百度在线网络技术(北京)有限公司 Operating and maintaining method and system of database in testing environment
CN104090941A (en) * 2014-06-30 2014-10-08 江苏华大天益电力科技有限公司 Database auditing system and database auditing method
CN104156439A (en) * 2014-08-12 2014-11-19 华北电力大学句容研究中心 Method for remote intelligent operation and maintenance audit
CN104391995A (en) * 2014-12-15 2015-03-04 北京趣拿软件科技有限公司 SQL (Structured Query Language) statement auditing method, and database operation and maintenance method and system
CN104766023A (en) * 2015-02-02 2015-07-08 苏州全维软件科技有限公司 User management method based on ORACLE database
CN105553940A (en) * 2015-12-09 2016-05-04 北京中科云集科技有限公司 Safety protection method based on big data processing platform
CN105912949A (en) * 2016-04-13 2016-08-31 北京京东尚科信息技术有限公司 Data permission management method, data permission management system and service management system
CN107656858A (en) * 2016-07-26 2018-02-02 深圳联友科技有限公司 A kind of method and system of automatic O&M monitoring oracle database

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111125759A (en) * 2019-12-19 2020-05-08 上海上讯信息技术股份有限公司 Database login account shielding method and device and electronic equipment
CN111984672A (en) * 2020-08-11 2020-11-24 成都安恒信息技术有限公司 Method for providing rule matching capability for command request in operation and maintenance auditing system
CN111984672B (en) * 2020-08-11 2024-03-15 成都安恒信息技术有限公司 Method for providing rule matching capability for command request in operation and maintenance audit system

Also Published As

Publication number Publication date
CN110188089B (en) 2021-07-27

Similar Documents

Publication Publication Date Title
CN104732974B (en) Intelligence recording identifying system
JPH08263481A (en) Computerized document circulation system
JP3845046B2 (en) Document management method and document management apparatus
CN107633380A (en) The task measures and procedures for the examination and approval and system of a kind of anti-data-leakage system
CN104391694B (en) Intelligent mobile terminal software public service support platform system
CN101401466A (en) Content-based policy compliance systems and methods
CN104809597A (en) Data resource management platform based on data fusion
WO2006088915A1 (en) System for applying a variety of policies and actions to electronic messages before they leave the control of the message originator
CN102648464A (en) System and method for generating vocabulary from network data
CN106960030A (en) Pushed information method and device based on artificial intelligence
WO2006080078A1 (en) Work flow management device, work flow management system, and test scenario creation method
CN108011809A (en) Anti-data-leakage analysis method and system based on user behavior and document content
CN110188089A (en) A kind of database O&M management-control method and device
CN109829304A (en) A kind of method for detecting virus and device
CN108574620A (en) A kind of data subscription method, device, server and system
CN108304447A (en) Processing method, device, storage medium and the processor of exception information
CN104754374B (en) Audio-video document detection management method and device
US7590630B2 (en) Managing electronic information
CN109905403A (en) A kind of safety detecting method considering operation and maintenance
CN105471635B (en) A kind of processing method of system log, device and system
CN110928864A (en) Scientific research project management method and system
KR102189127B1 (en) A unit and method for processing rule based action
CN111325562A (en) Grain safety tracing system and method
CN107766342A (en) A kind of recognition methods of application and device
Elleuch et al. Discovering business processes and activities from messaging systems: State-of-the art

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant