CN110188089A - A kind of database O&M management-control method and device - Google Patents
A kind of database O&M management-control method and device Download PDFInfo
- Publication number
- CN110188089A CN110188089A CN201910467397.8A CN201910467397A CN110188089A CN 110188089 A CN110188089 A CN 110188089A CN 201910467397 A CN201910467397 A CN 201910467397A CN 110188089 A CN110188089 A CN 110188089A
- Authority
- CN
- China
- Prior art keywords
- database
- examination
- approval
- operating instruction
- host
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/21—Design, administration or maintenance of databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2457—Query processing with adaptation to user needs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Abstract
The present invention provides a kind of database O&M management-control method and devices, it is related to the technical field of information management, including obtain database operating instruction and send database operating instruction host information, according to the information of host judge host whether be preset authorization operate host;If, then corresponding business operation sentence is converted by each database operating instruction, business operation sentence is examined according to examination & approval mode and preset examination & approval rule, if examination & approval pass through, allows database operating instruction to treat control database and carries out corresponding database manipulation.It is just had permission this method limit the host of only preset authorization operation and O&M is carried out to database, and the corresponding business operation sentence of data base manipulation statement is examined with examination & approval rule according to preset examination & approval mode, only examination & approval pass through, just allow database operating instruction to treat control database and carry out corresponding database manipulation, alleviates the poor technical problem of existing database management-control method safety.
Description
Technical field
The present invention relates to the technical fields of information management, more particularly, to a kind of database O&M management-control method and device.
Background technique
Currently, most enterprises all very focus on database information security, after a database is created, need by
Special operation maintenance personnel carries out daily O&M to database, still, if operation maintenance personnel steals sensitive data and illegally lived
There is maloperation in dynamic or daily O&M, delete information important in database, most of solution is thing at present
After the database manipulation for being handled, but having been executed again of auditing certain loss can be caused to enterprise.
To sum up, the existing database management-control method technical problem poor there are safety.
Summary of the invention
The purpose of the present invention is to provide a kind of database O&M management-control method and devices, to alleviate existing data depositary management
Control the poor technical problem of method security.
In a first aspect, the present invention provides a kind of database O&M management-control method, comprising:
It obtains database operating instruction and sends the information of the host of the database operating instruction, wherein the data
Library operational order carries out database manipulation for treating control database, and the information of the host includes at least: the host
The mac address information of IP address information and the host;
According to the information of the host judge the host whether be preset authorization operation host;
If so, converting corresponding business operation sentence for each database operating instruction;
The business operation sentence is examined according to examination & approval mode and preset examination & approval rule, wherein the examination & approval
Mode includes following any: automatic examination & approval mode and artificial examination & approval mode, the examination & approval rule includes: O&M time rule
And/or business operation content rule;
If examination & approval pass through, the database operating instruction is allowed to carry out corresponding database to the database to be managed
Operation.
Further, converting corresponding business operation sentence for each database operating instruction includes:
Syntactic analysis is carried out to each database operating instruction, obtains analysis result, wherein the analysis result packet
It includes: action message indicated by the database operating instruction and the corresponding operation object of the action message;
The analysis result is matched with operation dictionary and business dictionary respectively, and according to matching result determination and institute
State the corresponding business operation sentence of analysis result, wherein the operation dictionary indicates between action message and business operating instructions
Contrast relationship, the business dictionary indicates the contrast relationship between operation object and business operation object.
Further, the examination & approval mode is the automatic examination & approval mode;
Carrying out examination & approval to the business operation sentence according to examination & approval mode and preset examination & approval rule includes:
Judge whether the corresponding current operating temporal of the database operating instruction meets the O&M time rule, and/
Or, whether the business operation sentence meets the business operation content rule;
If meeting, examination & approval pass through.
Further, the examination & approval mode is the artificial examination & approval mode;
Carrying out examination & approval to the business operation sentence according to examination & approval mode and preset examination & approval rule includes:
The business operation sentence is classified based on preset examination & approval rule, obtains sorted business operation language
Sentence;
The sorted business operation sentence is sent to the copending inbox of corresponding approving person, and according to pre-
If advice method notifies the approving person to examine, wherein the default advice method includes at least following one: mail
Mode, the mode of short message;
Receive the approval results that the approving person returns, wherein the approval results include following any: examination & approval are logical
It is crossing as a result, examining unsanctioned result.
Further, the method also includes:
If examination & approval pass through, determined in the database operating instruction corresponding with the business operation sentence that examination & approval pass through
Target database operational order;
The target database operational order is saved to can be in the operational order library of operation/maintenance data library.
Further, the method also includes:
After judging that the host is the host that preset authorization operates according to the information of the host, the data are judged
Whether operational order corresponding current operating temporal in library meets O&M time rule;
If meeting, judgement can whether there is and the database operating instruction phase in the operational order library of operation/maintenance data library
That matches can operation/maintenance data library operational order, wherein it is described can operation/maintenance data library operational order library include Authorized operation data
Library operational order;
If it exists, then the database operating instruction is allowed to carry out corresponding database behaviour to the database to be managed
Make.
Further, the method also includes:
If it does not exist, then library operational order determines corresponding business operation sentence based on the data;
Judge whether the business operation sentence meets the business operation content rule;
If meeting, the database operating instruction is allowed to carry out corresponding database behaviour to the database to be managed
Make.
Second aspect, the present invention also provides a kind of database O&M control devices, comprising:
Module is obtained, the information of the host for obtaining database operating instruction and the transmission database operating instruction,
Wherein, the database operating instruction carries out database manipulation for treating control database, and the information of the host is at least wrapped
It includes: the mac address information of the IP address information of the host and the host;
Judgment module, for according to the information of the host judge the host whether be preset authorization operation host;
Conversion module, if so, converting corresponding business operation sentence for each database operating instruction;
Approval module, for being examined according to examination & approval mode and preset examination & approval rule to the business operation sentence,
Wherein, the examination & approval mode includes following any: automatic examination & approval mode and artificial examination & approval mode, the examination & approval rule include:
O&M time rule and/or business operation content rule;
Execution module allows the database operating instruction to carry out pair the database to be managed if examination & approval pass through
The database manipulation answered.
Further, the conversion module includes:
Parsing unit, for carrying out syntactic analysis to each database operating instruction, analyzed as a result, its
In, the analysis result includes: action message indicated by the database operating instruction and the corresponding behaviour of the action message
Make object;
Matching unit, for by the analysis result respectively with operation dictionary and business dictionary match, and according to
Business operation sentence corresponding with the analysis result is determined with result, wherein the operation dictionary indicates action message and industry
Contrast relationship between business operational order, the business dictionary indicate to compare pass between operation object and business operation object
System.
Further, the examination & approval mode is the automatic examination & approval mode;
The approval module includes:
Judging unit, for judging whether the corresponding current operating temporal of the database operating instruction meets the O&M
Time rule, and/or, whether the business operation sentence meets the business operation content rule;
Determination unit, if meeting, examination & approval pass through.
Database O&M management-control method provided by the invention, comprising: obtain database operating instruction and send database behaviour
Make the information of the host instructed, wherein database operating instruction carries out database manipulation for treating control database, host
Information includes at least: the IP address information of host and the mac address information of host;According to the information of host judge host whether be
The host of preset authorization operation;If so, converting corresponding business operation sentence for each database operating instruction;According to careful
Batch mode and preset examination & approval rule examine business operation sentence, wherein examination & approval mode includes following any: automatic
Examination & approval mode and artificial examination & approval mode, examination & approval rule includes: O&M time rule and/or business operation content rule;If examination & approval
Pass through, then allows database operating instruction to treat control database and carry out corresponding database manipulation.
In the prior art, if operation maintenance personnel is stolen sensitive data and miss in unlawful activities or daily O&M
Operation, deletes information important in database, most of solution is to audit afterwards to be handled again, but held
Capable database manipulation can cause certain loss to enterprise.It is provided by the invention compared with processing mode in the prior art
Database O&M management-control method judged according to the information of the host of transmission database operating instruction got first, if
Determination is the host of preset authorization operation, the industry that the database operating instruction that just can further will acquire is converted into convenient for examination & approval
Then business action statement is examined business operation sentence further according to examination & approval mode and preset examination & approval rule, is only examined
Pass through, just allows database operating instruction to treat control database and carry out corresponding database manipulation.This method limit only
The host of preset authorization operation, which just has permission, treats control database progress O&M, and only examines the database manipulation passed through
Instruction can just treat control database and be operated, and alleviate the poor technology of existing database management-control method safety and ask
Topic.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art
Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below
Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor
It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is a kind of flow chart of database O&M management-control method provided in an embodiment of the present invention;
Fig. 2 is provided in an embodiment of the present invention when examination & approval mode is automatic examination & approval mode, according to examination & approval mode and is preset
Examination & approval rule flow chart that business operation sentence is examined;
Fig. 3 is the flow chart of another database O&M management-control method provided in an embodiment of the present invention;
Fig. 4 is a kind of schematic diagram of database O&M control device provided in an embodiment of the present invention.
Specific embodiment
Technical solution of the present invention is clearly and completely described below in conjunction with embodiment, it is clear that described reality
Applying example is a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, the common skill in this field
Art personnel every other embodiment obtained without making creative work belongs to the model that the present invention protects
It encloses.
Embodiment one:
Fig. 1 is a kind of flow chart of database O&M management-control method provided in an embodiment of the present invention, and this method includes as follows
Step:
Step S102 obtains database operating instruction and sends the information of the host of database operating instruction, wherein data
Library operational order carries out database manipulation for treating control database, and the information of host includes at least: the IP address letter of host
The mac address information of breath and host;
In embodiments of the present invention, it to treat control database and carry out O&M, database approval system is firstly the need of acquisition
The information of the host of database operating instruction and transmission database operating instruction, database operation maintenance personnel can be in advance by database
The information preservation of the host of operational order and transmission database operating instruction is into file destination, then log database approval system
File destination is imported;Can also be after log database approval system, difference input database operational order and transmission data
The information of the host of library operational order, wherein database operating instruction can be it is a plurality of be also possible to one, database examination & approval system
System has also got the corresponding current operating temporal of the database operating instruction while obtaining database operating instruction, host
Information can obtain return information by the way of input order automatically, and the information of host includes at least: the IP of host
The mac address information of location information and host.
Step S104, according to the information of host judge host whether be preset authorization operation host;
After getting the information for sending the host of database operating instruction, first have to judge the transmission according to the information of host
Whether the host of database operating instruction is the host of preset authorization operation, if it is not, then grasping without subsequent database
Make.
Step S106, if so, converting corresponding business operation sentence for each database operating instruction;
If the host of the transmission database operating instruction is the host of preset authorization operation, each database is grasped
Make the instruction morphing business operation sentence for that approving person can be convenient for be examined, wherein business operation sentence can be convenient for
Approving person examines database operating instruction, will hereinafter describe in detail to the process of conversion.
Step S108 examines business operation sentence according to examination & approval mode and preset examination & approval rule, wherein examination & approval
Mode includes following any: automatic examination & approval mode and artificial examination & approval mode, examination & approval rule include: O&M time rule and/or
Business operation content rule;
After obtaining business operation sentence, according to examination & approval mode (automatic examination & approval mode or manually examine mode) and preset careful
It criticizes rule to examine business operation sentence, wherein examination & approval rule includes: O&M time rule and/or business operation content
Rule when approving person is busier or outgoing, can set automatic for database approval system under normal circumstances
Examination & approval mode hereinafter describes the process examined to automatic examination & approval mode and artificial examination & approval mode in detail.
Step S110 allows database operating instruction to treat control database and carries out corresponding data if examination & approval pass through
Library operation.
If business operation sentence meets preset examination & approval rule, examination & approval pass through, and database manipulation is allowed for refer to
Order treats control database and carries out corresponding database manipulation;If business operation sentence does not meet preset examination & approval rule,
Examination & approval do not pass through, that is, do not allow the database operating instruction to treat control database and operated.
In the prior art, if operation maintenance personnel is stolen sensitive data and miss in unlawful activities or daily O&M
Operation, deletes information important in database, most of solution is to audit afterwards to be handled again, but held
Capable database manipulation can cause certain loss to enterprise.It is provided by the invention compared with processing mode in the prior art
Database O&M management-control method judged according to the information of the host of transmission database operating instruction got first, if
Determination is the host of preset authorization operation, the industry that the database operating instruction that just can further will acquire is converted into convenient for examination & approval
Then business action statement is examined business operation sentence further according to examination & approval mode and preset examination & approval rule, is only examined
Pass through, just allows database operating instruction to treat control database and carry out corresponding database manipulation.This method limit only
The host of preset authorization operation, which just has permission, treats control database progress O&M, and only examines the database manipulation passed through
Instruction can just treat control database and be operated, and alleviate the poor technology of existing database management-control method safety and ask
Topic.
Above the operating procedure of database O&M management-control method of the invention is briefly described, below to will be every
The process that a database operating instruction is converted into corresponding business operation sentence describes in detail.
In an optional embodiment, corresponding business operation sentence packet is converted by each database operating instruction
Include following steps:
Step S1061 carries out syntactic analysis to each database operating instruction, obtains analysis result, wherein analysis result
It include: action message indicated by database operating instruction and the corresponding operation object of action message;
Specifically, under normal circumstances, database operating instruction is stated using the structured query language of standard, so
Action message indicated by database operating instruction and the corresponding operation object of action message can be obtained by syntactic analysis, and
Using content obtained above as the analysis result of syntactic analysis.
Step S1062 matches analysis result with operation dictionary and business dictionary respectively, and true according to matching result
Fixed business operation sentence corresponding with analysis result, wherein operation dictionary indicates between action message and business operating instructions
Contrast relationship, business dictionary indicate the contrast relationship between operation object and business operation object.
After obtaining analysis result, analysis result is matched with operation dictionary and business dictionary respectively, wherein operational word
Allusion quotation is autonomous Design and maintenance, indicates the contrast relationship between action message and business operating instructions, business dictionary be by
The contrast relationship between a kind of operation object and business operation object wait manage the offer of operation system corresponding to database,
With end, matching result is obtained, business operation sentence corresponding with analysis result is determined according to above-mentioned matching result.
In order to make it easy to understand, below to the process for converting each database operating instruction to corresponding business operation sentence
It is illustrated:
If database operating instruction is " delete from user ", analysis result is obtained indicated by database operating instruction
Action message be " delete ", the corresponding operation object of action message be " user ", then will analysis result and operation dictionary
It is matched, obtaining business operating instructions is " deletion ", and analysis result is matched with business dictionary, obtains business operation pair
As for " user's table ", then determining that business operation sentence corresponding with result is analyzed is exactly " deletion user's table according to matching result
Content ".
Above the process for converting corresponding business operation sentence for each database operating instruction has been carried out in detail
Description, the process examined below to two different examination & approval modes describes in detail.
In an optional embodiment, as shown in Fig. 2, examination & approval mode is automatic examination & approval mode, according to examination & approval mode
Examination & approval are carried out to business operation sentence with preset examination & approval rule to include the following steps:
Step S1081, judges whether the corresponding current operating temporal of database operating instruction meets O&M time rule,
And/or whether business operation sentence meets business operation content rule;
Step S1082, if meeting, examination & approval pass through.
Specifically, O&M time rule can only be arranged or business operation content is only arranged in Design approval rule
Dual examination & approval rule can also be arranged, that is, O&M time rule and business operation content rule are all judged, are needed in rule
Illustrate, the judgement sequence user of O&M time rule and business operation content rule can carry out customized;
It describes in detail below to a kind of situation that dual examination & approval rule is arranged:
O&M time rule can be understood as evading O&M automatically using rush hour section by pre-defined database
Personnel rush hour section treat control database carry out O&M, that is, be preferably provided with O&M time rule be rush hour section not
Allowing to treat control database and carries out any operation, other O&M time rules can also be arranged in user according to the actual situation,
The present invention does not carry out concrete restriction to it, in order to make it easy to understand, O&M time rule is illustrated below:
It is carried out if setting O&M time rule and cannot treat control database to 4 points to and 2 pm at 10 points as 8 a.m.
O&M, it is, 8 a.m. to 10 points and 2 pm to 4 points be restricted operating time section, then examined when database and be
System is when receiving database operating instruction, first determine whether current operating temporal whether in above-mentioned restricted operating time section,
If current operating temporal is at 3 points in afternoon, does not allow to treat control database and carry out relevant operation, if current operating temporal
For 12 noon, then further business operation sentence is judged, determines if to meet business operation content rule.
Specifically, business operation content rule can be set according to the actual situation, it is preferred that can by limited table,
Restricted data and limited operation carry out logical combination, are combined result and are set as business operation content rule, for the ease of reason
Solution, is below illustrated business operation content rule:
If user's table wait manage in database belongs to the higher table of security classification, the setting of business operation content rule is not permitted
Perhaps operation maintenance personnel carries out any operation to it, then checking user's table, editor user's table and deleting in business operation sentence is used
The operation of all about user's table such as family table will be all rejected;Or the data in pre-defined user's table about ID card information
It the operation such as cannot be checked, edited or be deleted, but other data are not specifically limited in user's table, then business operation content
The operation of the data of ID card information will be all rejected in all about user's table of rule settings;Again or set target data only
It can be checked, cannot be edited, then check that the business operation sentence of target data meets rule in business operation sentence, it can
Examination & approval pass through, and other do not pass through about the operation examination & approval of target data.
In an optional embodiment, examination & approval mode is artificial examination & approval mode, according to examination & approval mode and preset is examined
Criticizing rule and carrying out examination & approval to business operation sentence includes the following contents:
Firstly, business operation sentence is classified based on preset examination & approval rule, sorted business operation language is obtained
Sentence;
Then, sorted business operation sentence is sent to the copending inbox of corresponding approving person, and according to
Default advice method notifies approving person to examine, wherein default advice method includes at least following one: the side of mail
Formula, the mode of short message;
Simple introduction above has been carried out to the case where artificial examination & approval, in order to optimize approval process, has improved examination & approval
Accuracy, business operation sentence is classified first, sorted business operation sentence is obtained, specifically how to classify
User can according to the actual situation set system, and the present invention does not carry out concrete restriction to it, can be according to number to be managed
It is distinguished according to the data in library, such as all operations about user's table are all arranged some specific people and examine;Or
Approving person is divided into shift according to the time in advance, is distributed according to the corresponding current operating temporal of database operating instruction different
Approving person, dispersion examination & approval pressure.
Further, sorted business operation sentence is sent to the copending inbox of corresponding approving person, it is special
It does not point out, when approving person examines, not can be only seen business operation sentence, also can choose and check corresponding database
Operational order.In order to improve the efficiency of examination & approval, database approval system will be notified according to preset advice method approving person into
Row examination & approval, preset advice method can be the mode of mail, the mode of short message or other advice methods, can also be more
Kind advice method is used in combination, and the present invention does not carry out concrete restriction to default advice method, and user can set according to the actual situation
It is fixed.
Finally, receiving the approval results that approving person returns, wherein approval results include following any: examination & approval pass through
As a result, examining unsanctioned result.
After copending personnel's examination & approval, database approval system will receive the approval results of approving person's return, if
Business operation sentence meets preset examination & approval rule, then return it is that examination & approval pass through as a result, if business operation sentence do not meet it is pre-
If examination & approval rule, then return to the unsanctioned result of examination & approval.
It particularly points out, when being set as manually examining mode, approving person can also according to the actual situation, to certain principles
On do not meet preset examination & approval rule business operation sentence examined it is corresponding by, for example, it is assumed that database operating instruction
Operating time do not meet O&M time rule, but since the situation is critical, approving person, which can make an exception, ratifies database behaviour
Make, and then alleviate the emergency, that is, artificial examination & approval mode is more flexible examination & approval mode.
The process above examined to two different examination & approval modes is described in detail, below to the present invention
Other content in method describes in detail.
In an optional embodiment, this method further includes following steps:
Step S112 determines the business operation sentence pair passed through with examination & approval if examination & approval pass through in database operating instruction
The target database operational order answered;
Step S114 saves target database operational order to can be in the operational order library of operation/maintenance data library.
Specifically, also being needed in multiple database operating instructions if the examination & approval of some business operation sentence pass through
It determines corresponding with business operation sentence target database operational order, then saves target database operational order to can
In the operational order library of operation/maintenance data library, this can operation/maintenance data library operational order library be used for save it is all examine pass through databases behaviour
It instructs.
A kind of embodiment of database O&M management-control method of the invention is described in detail above, below to another
A kind of outer embodiment describes in detail.
In an optional embodiment, as shown in figure 3, this method further includes following steps:
Step S201 judges database after the host that the information according to host judges that host is preset authorization operation
Whether the corresponding current operating temporal of operational order meets O&M time rule;
Specifically, during treating control database progress O&M, if sending the host of database operating instruction
It is the host of preset authorization operation, then can further judge whether the corresponding current operating temporal of database operating instruction accords with
O&M time rule is closed, detailed introduction has been carried out in the setting in relation to O&M time rule above, also no longer superfluous herein
It states, and the mode judged can choose the mode or artificial judgment judged automatically by staff's self-setting
Mode.
Step S202, if meeting, judgement can be in the operational order library of operation/maintenance data library with the presence or absence of referring to database manipulation
Enable match can operation/maintenance data library operational order, wherein can operation/maintenance data library operational order library include Authorized operation number
According to library operational order;
Step S203, and if it exists, then allow database operating instruction to treat control database and carry out corresponding database behaviour
Make.
If the corresponding current operating temporal of database operating instruction meets preset time rule, further judgement can
In the operational order library of operation/maintenance data library with the presence or absence of with database operating instruction match can operation/maintenance data library operational order, because
For can operation/maintenance data library operational order library include Authorized operation database operating instruction, it is, all once examined
By the corresponding database operating instruction of business operation sentence be saved to can in the operational order library of operation/maintenance data library,
Judge whether the database operating instruction was once passed through by examination & approval, if can exist in the operational order library of operation/maintenance data library and data
Library operational order is matched can operation/maintenance data library operational order, then it is not necessary to carry out subsequent approval process again, can directly allow
The database operating instruction treats control database and carries out corresponding database manipulation, improves O&M efficiency.
In practical application, when can also will judge whether the corresponding current operating temporal of database operating instruction meets O&M
Between regular process omitted, that is, after the host that the information according to host judges that host is preset authorization operation, directly
To can in the operational order library of operation/maintenance data library with the presence or absence of with database operating instruction match can the operation of operation/maintenance data library refer to
Order is judged, that is to say, that O&M time rule can be used as one and optionally judge item, be set according to practical situation
It is fixed.
In an optional embodiment, this method further include:
Step S204 then determines corresponding business operation sentence based on database operating instruction if it does not exist;
Further, if can in the operational order library of operation/maintenance data library there is no with database operating instruction is matched transports
Dimensional database operational order, then also needing to convert database operating instruction to corresponding business operation sentence, the side of conversion
Detailed introduction above has been carried out in method, and details are not described herein again.
Step S205, judges whether business operation sentence meets business operation content rule;
Step S206 allows database operating instruction to treat control database and carries out corresponding database behaviour if meeting
Make.
After obtaining business operation sentence, further judge whether it meets business operation content rule, if do not met,
Do not allow database operating instruction to treat control database to be operated;If business operation sentence meets content regulation in business operation
Then, then allow database operating instruction to treat control database and carry out corresponding database manipulation.Content regulation in related business operation
Detailed introduction has been carried out above, also repeats no more herein for setting then, and the mode judged can be by staff
Self-setting can choose the mode of the mode or artificial judgment that judge automatically.
To sum up, database O&M management-control method provided in an embodiment of the present invention has the advantage that
1. database operating instruction can be converted business operation sentence by the method for the present invention, the approving person that is more convenient for is examined
Batch;
2. O&M time rule can be set in user, for example, the database manipulation of limitation peak period, evades O&M automatically
Personnel treat control database in peak period and carry out O&M;
3. judging according to business operation content rule business operation sentence, complete comparison can be realized;
4. the examination & approval efficiency that automatic examination & approval mode can be improved database manipulation;
5. manually examination & approval mode is capable of the application of more flexible process database operations, the correct of examination & approval also can be improved
Rate.
Embodiment two:
The embodiment of the invention also provides a kind of database O&M control device, which is mainly used
In executing database O&M management-control method provided by above content of the embodiment of the present invention, below to provided in an embodiment of the present invention
Database O&M control device does specific introduction.
Fig. 4 is a kind of schematic diagram of database O&M control device provided in an embodiment of the present invention, as shown in figure 4, the dress
Setting main includes obtaining module 10, judgment module 20, conversion module 30, approval module 40, execution module 50, in which:
Module is obtained, the information of the host for obtaining database operating instruction and transmission database operating instruction, wherein
Database operating instruction carries out database manipulation for treating control database, and the information of host includes at least: the IP of host
The mac address information of location information and host;
Judgment module, for the information according to host judge host whether be preset authorization operation host;
Conversion module, if so, converting corresponding business operation sentence for each database operating instruction;
Approval module, for being examined according to examination & approval mode and preset examination & approval rule to business operation sentence, wherein
Examination & approval mode includes following any: automatic examination & approval mode and artificial examination & approval mode, examination & approval rule includes: O&M time rule
And/or business operation content rule;
Execution module allows database operating instruction to treat control database and carries out corresponding data if examination & approval pass through
Library operation.
In the prior art, if operation maintenance personnel is stolen sensitive data and miss in unlawful activities or daily O&M
Operation, deletes information important in database, most of solution is to audit afterwards to be handled again, but held
Capable database manipulation can cause certain loss to enterprise.It is provided by the invention compared with processing mode in the prior art
Database O&M management-control method judged according to the information of the host of transmission database operating instruction got first, if
Determination is the host of preset authorization operation, the industry that the database operating instruction that just can further will acquire is converted into convenient for examination & approval
Then business action statement is examined business operation sentence further according to examination & approval mode and preset examination & approval rule, is only examined
Pass through, just allows database operating instruction to treat control database and carry out corresponding database manipulation.This method limit only
The host of preset authorization operation, which just has permission, treats control database progress O&M, and only examines the database manipulation passed through
Instruction can just treat control database and be operated, and alleviate the poor technology of existing database management-control method safety and ask
Topic.
Further, conversion module includes:
Parsing unit obtains analysis result for carrying out syntactic analysis to each database operating instruction, wherein
Analyzing result includes: action message indicated by database operating instruction and the corresponding operation object of action message;
Matching unit is matched respectively with operation dictionary and business dictionary for that will analyze result, and is tied according to matching
Fruit determines and the corresponding business operation sentence of analysis result, wherein operation dictionary expression action message and business operating instructions it
Between contrast relationship, business dictionary indicates the contrast relationship between operation object and business operation object.
Further, examination & approval mode is automatic examination & approval mode;Approval module includes:
Judging unit, for judging whether the corresponding current operating temporal of database operating instruction meets O&M time rule
Then, and/or, whether business operation sentence meets business operation content rule;
Determination unit, if meeting, examination & approval pass through.
Further, examination & approval mode is artificial examination & approval mode, and approval module includes:
Taxon obtains sorted industry for business operation sentence to be classified based on preset examination & approval rule
Business action statement;
Transmission unit, for sorted business operation sentence to be sent to the copending addressee of corresponding approving person
Case, and notify approving person to examine according to default advice method, wherein default advice method includes at least following one:
The mode of mail, the mode of short message;
Receiving unit, for receiving the approval results of approving person's return, wherein approval results include following any:
Examine pass through as a result, examining unsanctioned result.
Further, which is also used to:
If examination & approval pass through, target corresponding with the business operation sentence that examination & approval pass through is determined in database operating instruction
Database operating instruction;
Target database operational order is saved to can be in the operational order library of operation/maintenance data library.
Further, which is also used to:
After the host that the information according to host judges that host is preset authorization operation, database operating instruction pair is judged
Whether the current operating temporal answered meets O&M time rule;
If meeting, judgement can be in the operational order library of operation/maintenance data library with the presence or absence of matching with database operating instruction
Can operation/maintenance data library operational order, wherein can operation/maintenance data library operational order library include that the database manipulation of Authorized operation refers to
It enables;
If it exists, then allow database operating instruction to treat control database and carry out corresponding database manipulation.
Further, which is also used to:
If it does not exist, then corresponding business operation sentence is determined based on database operating instruction;
Judge whether business operation sentence meets business operation content rule;
If meeting, allows database operating instruction to treat control database and carry out corresponding database manipulation.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent
Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to
So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into
Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution
The range of scheme.
Claims (10)
1. a kind of database O&M management-control method characterized by comprising
It obtains database operating instruction and sends the information of the host of the database operating instruction, wherein the database behaviour
It instructs and carries out database manipulation for treating control database, the information of the host includes at least: the IP of the host
The mac address information of location information and the host;
According to the information of the host judge the host whether be preset authorization operation host;
If so, converting corresponding business operation sentence for each database operating instruction;
The business operation sentence is examined according to examination & approval mode and preset examination & approval rule, wherein the examination & approval mode
Including following any: automatic examination & approval mode and artificial examination & approval mode, the examination & approval rule include: O&M time rule and/or
Business operation content rule;
If examination & approval pass through, the database operating instruction is allowed to carry out corresponding database behaviour to the database to be managed
Make.
2. the method according to claim 1, wherein converting each database operating instruction to corresponding
Business operation sentence includes:
Syntactic analysis is carried out to each database operating instruction, obtains analysis result, wherein the analysis result includes:
Action message indicated by the database operating instruction and the corresponding operation object of the action message;
The analysis result is matched with operation dictionary and business dictionary respectively, and is determined and described point according to matching result
Analyse the corresponding business operation sentence of result, wherein the operation dictionary indicates pair between action message and business operating instructions
According to relationship, the business dictionary indicates the contrast relationship between operation object and business operation object.
3. the method according to claim 1, wherein the examination & approval mode is the automatic examination & approval mode;
Carrying out examination & approval to the business operation sentence according to examination & approval mode and preset examination & approval rule includes:
Judge whether the corresponding current operating temporal of the database operating instruction meets the O&M time rule, and/or, institute
State whether business operation sentence meets the business operation content rule;
If meeting, examination & approval pass through.
4. the method according to claim 1, wherein the examination & approval mode is the artificial examination & approval mode;
Carrying out examination & approval to the business operation sentence according to examination & approval mode and preset examination & approval rule includes:
The business operation sentence is classified based on preset examination & approval rule, obtains sorted business operation sentence;
The sorted business operation sentence is sent to the copending inbox of corresponding approving person, and according to default logical
Know that mode notifies the approving person to examine, wherein the default advice method includes at least following one: the side of mail
Formula, the mode of short message;
Receive the approval results that the approving person returns, wherein the approval results include following any: examining and pass through
As a result, examining unsanctioned result.
5. the method according to claim 1, wherein the method also includes:
If examination & approval pass through, target corresponding with the business operation sentence that examination & approval pass through is determined in the database operating instruction
Database operating instruction;
The target database operational order is saved to can be in the operational order library of operation/maintenance data library.
6. the method according to claim 1, wherein the method also includes:
After judging that the host is the host that preset authorization operates according to the information of the host, the database behaviour is judged
Make to instruct whether corresponding current operating temporal meets O&M time rule;
If meeting, judgement can be in the operational order library of operation/maintenance data library with the presence or absence of matching with the database operating instruction
Can operation/maintenance data library operational order, wherein it is described can operation/maintenance data library operational order library include Authorized operation database behaviour
It instructs;
If it exists, then the database operating instruction is allowed to carry out corresponding database manipulation to the database to be managed.
7. according to the method described in claim 6, it is characterized in that, the method also includes:
If it does not exist, then library operational order determines corresponding business operation sentence based on the data;
Judge whether the business operation sentence meets the business operation content rule;
If meeting, the database operating instruction is allowed to carry out corresponding database manipulation to the database to be managed.
8. a kind of database O&M control device characterized by comprising
Module is obtained, the information of the host for obtaining database operating instruction and the transmission database operating instruction, wherein
The database operating instruction carries out database manipulation for treating control database, and the information of the host includes at least: institute
State the IP address information of host and the mac address information of the host;
Judgment module, for according to the information of the host judge the host whether be preset authorization operation host;
Conversion module, if so, converting corresponding business operation sentence for each database operating instruction;
Approval module, for being examined according to examination & approval mode and preset examination & approval rule to the business operation sentence, wherein
The examination & approval mode includes following any: automatic examination & approval mode and artificial examination & approval mode, when the examination & approval rule includes: O&M
Between rule and/or business operation content rule;
Execution module allows the database operating instruction to carry out the database to be managed corresponding if examination & approval pass through
Database manipulation.
9. device according to claim 8, which is characterized in that the conversion module includes:
Parsing unit obtains analysis result for carrying out syntactic analysis to each database operating instruction, wherein
The analysis result includes: action message indicated by the database operating instruction and the corresponding operation pair of the action message
As;
Matching unit for matching the analysis result with operation dictionary and business dictionary respectively, and is tied according to matching
Fruit determines business operation sentence corresponding with the analysis result, wherein the operation dictionary indicates action message and business behaviour
Contrast relationship between instructing, the business dictionary indicate the contrast relationship between operation object and business operation object.
10. device according to claim 8, which is characterized in that the examination & approval mode is the automatic examination & approval mode;
The approval module includes:
Judging unit, for judging whether the corresponding current operating temporal of the database operating instruction meets the O&M time
Rule, and/or, whether the business operation sentence meets the business operation content rule;
Determination unit, if meeting, examination & approval pass through.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910467397.8A CN110188089B (en) | 2019-05-31 | 2019-05-31 | Database operation and maintenance management and control method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910467397.8A CN110188089B (en) | 2019-05-31 | 2019-05-31 | Database operation and maintenance management and control method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110188089A true CN110188089A (en) | 2019-08-30 |
CN110188089B CN110188089B (en) | 2021-07-27 |
Family
ID=67719218
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910467397.8A Active CN110188089B (en) | 2019-05-31 | 2019-05-31 | Database operation and maintenance management and control method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110188089B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111125759A (en) * | 2019-12-19 | 2020-05-08 | 上海上讯信息技术股份有限公司 | Database login account shielding method and device and electronic equipment |
CN111984672A (en) * | 2020-08-11 | 2020-11-24 | 成都安恒信息技术有限公司 | Method for providing rule matching capability for command request in operation and maintenance auditing system |
Citations (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050144460A1 (en) * | 2003-12-24 | 2005-06-30 | International Business Machines Corporation | Access control system, access control device, access control method, program and recording medium |
US20090175509A1 (en) * | 2008-01-03 | 2009-07-09 | Apple Inc. | Personal computing device control using face detection and recognition |
CN101788992A (en) * | 2009-05-06 | 2010-07-28 | 厦门东南融通系统工程有限公司 | Method and system for converting query sentence of database |
CN101867490A (en) * | 2010-06-09 | 2010-10-20 | 中兴通讯股份有限公司 | Maintenance operation system and method |
CN102033951A (en) * | 2010-12-15 | 2011-04-27 | 北京新媒传信科技有限公司 | WEB database platform |
CN102306258A (en) * | 2011-09-23 | 2012-01-04 | 国网电力科学研究院 | UNIX host safety configuration auditing method based on configurable knowledge base |
CN103902542A (en) * | 2012-12-25 | 2014-07-02 | 百度在线网络技术(北京)有限公司 | Operating and maintaining method and system of database in testing environment |
CN104090941A (en) * | 2014-06-30 | 2014-10-08 | 江苏华大天益电力科技有限公司 | Database auditing system and database auditing method |
US20140310768A1 (en) * | 2006-05-15 | 2014-10-16 | Oracle International Corporation | System and method for enforcing role membership removal requirements |
CN104156439A (en) * | 2014-08-12 | 2014-11-19 | 华北电力大学句容研究中心 | Method for remote intelligent operation and maintenance audit |
CN104391995A (en) * | 2014-12-15 | 2015-03-04 | 北京趣拿软件科技有限公司 | SQL (Structured Query Language) statement auditing method, and database operation and maintenance method and system |
US20150143546A1 (en) * | 2011-10-17 | 2015-05-21 | Raytheon Company | Service oriented secure collaborative system for compartmented networks |
CN104766023A (en) * | 2015-02-02 | 2015-07-08 | 苏州全维软件科技有限公司 | User management method based on ORACLE database |
CN105553940A (en) * | 2015-12-09 | 2016-05-04 | 北京中科云集科技有限公司 | Safety protection method based on big data processing platform |
CN105912949A (en) * | 2016-04-13 | 2016-08-31 | 北京京东尚科信息技术有限公司 | Data permission management method, data permission management system and service management system |
CN107656858A (en) * | 2016-07-26 | 2018-02-02 | 深圳联友科技有限公司 | A kind of method and system of automatic O&M monitoring oracle database |
-
2019
- 2019-05-31 CN CN201910467397.8A patent/CN110188089B/en active Active
Patent Citations (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050144460A1 (en) * | 2003-12-24 | 2005-06-30 | International Business Machines Corporation | Access control system, access control device, access control method, program and recording medium |
US20140310768A1 (en) * | 2006-05-15 | 2014-10-16 | Oracle International Corporation | System and method for enforcing role membership removal requirements |
US20090175509A1 (en) * | 2008-01-03 | 2009-07-09 | Apple Inc. | Personal computing device control using face detection and recognition |
CN101788992A (en) * | 2009-05-06 | 2010-07-28 | 厦门东南融通系统工程有限公司 | Method and system for converting query sentence of database |
CN101867490A (en) * | 2010-06-09 | 2010-10-20 | 中兴通讯股份有限公司 | Maintenance operation system and method |
CN102033951A (en) * | 2010-12-15 | 2011-04-27 | 北京新媒传信科技有限公司 | WEB database platform |
CN102306258A (en) * | 2011-09-23 | 2012-01-04 | 国网电力科学研究院 | UNIX host safety configuration auditing method based on configurable knowledge base |
US20150143546A1 (en) * | 2011-10-17 | 2015-05-21 | Raytheon Company | Service oriented secure collaborative system for compartmented networks |
CN103902542A (en) * | 2012-12-25 | 2014-07-02 | 百度在线网络技术(北京)有限公司 | Operating and maintaining method and system of database in testing environment |
CN104090941A (en) * | 2014-06-30 | 2014-10-08 | 江苏华大天益电力科技有限公司 | Database auditing system and database auditing method |
CN104156439A (en) * | 2014-08-12 | 2014-11-19 | 华北电力大学句容研究中心 | Method for remote intelligent operation and maintenance audit |
CN104391995A (en) * | 2014-12-15 | 2015-03-04 | 北京趣拿软件科技有限公司 | SQL (Structured Query Language) statement auditing method, and database operation and maintenance method and system |
CN104766023A (en) * | 2015-02-02 | 2015-07-08 | 苏州全维软件科技有限公司 | User management method based on ORACLE database |
CN105553940A (en) * | 2015-12-09 | 2016-05-04 | 北京中科云集科技有限公司 | Safety protection method based on big data processing platform |
CN105912949A (en) * | 2016-04-13 | 2016-08-31 | 北京京东尚科信息技术有限公司 | Data permission management method, data permission management system and service management system |
CN107656858A (en) * | 2016-07-26 | 2018-02-02 | 深圳联友科技有限公司 | A kind of method and system of automatic O&M monitoring oracle database |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111125759A (en) * | 2019-12-19 | 2020-05-08 | 上海上讯信息技术股份有限公司 | Database login account shielding method and device and electronic equipment |
CN111984672A (en) * | 2020-08-11 | 2020-11-24 | 成都安恒信息技术有限公司 | Method for providing rule matching capability for command request in operation and maintenance auditing system |
CN111984672B (en) * | 2020-08-11 | 2024-03-15 | 成都安恒信息技术有限公司 | Method for providing rule matching capability for command request in operation and maintenance audit system |
Also Published As
Publication number | Publication date |
---|---|
CN110188089B (en) | 2021-07-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104732974B (en) | Intelligence recording identifying system | |
JPH08263481A (en) | Computerized document circulation system | |
JP3845046B2 (en) | Document management method and document management apparatus | |
CN107633380A (en) | The task measures and procedures for the examination and approval and system of a kind of anti-data-leakage system | |
CN104391694B (en) | Intelligent mobile terminal software public service support platform system | |
CN101401466A (en) | Content-based policy compliance systems and methods | |
CN104809597A (en) | Data resource management platform based on data fusion | |
WO2006088915A1 (en) | System for applying a variety of policies and actions to electronic messages before they leave the control of the message originator | |
CN102648464A (en) | System and method for generating vocabulary from network data | |
CN106960030A (en) | Pushed information method and device based on artificial intelligence | |
WO2006080078A1 (en) | Work flow management device, work flow management system, and test scenario creation method | |
CN108011809A (en) | Anti-data-leakage analysis method and system based on user behavior and document content | |
CN110188089A (en) | A kind of database O&M management-control method and device | |
CN109829304A (en) | A kind of method for detecting virus and device | |
CN108574620A (en) | A kind of data subscription method, device, server and system | |
CN108304447A (en) | Processing method, device, storage medium and the processor of exception information | |
CN104754374B (en) | Audio-video document detection management method and device | |
US7590630B2 (en) | Managing electronic information | |
CN109905403A (en) | A kind of safety detecting method considering operation and maintenance | |
CN105471635B (en) | A kind of processing method of system log, device and system | |
CN110928864A (en) | Scientific research project management method and system | |
KR102189127B1 (en) | A unit and method for processing rule based action | |
CN111325562A (en) | Grain safety tracing system and method | |
CN107766342A (en) | A kind of recognition methods of application and device | |
Elleuch et al. | Discovering business processes and activities from messaging systems: State-of-the art |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |