CN110941632A - Database auditing method, device and equipment - Google Patents
Database auditing method, device and equipment Download PDFInfo
- Publication number
- CN110941632A CN110941632A CN201911136313.9A CN201911136313A CN110941632A CN 110941632 A CN110941632 A CN 110941632A CN 201911136313 A CN201911136313 A CN 201911136313A CN 110941632 A CN110941632 A CN 110941632A
- Authority
- CN
- China
- Prior art keywords
- binding variable
- binding
- type value
- template
- identifier
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 238000012550 audit Methods 0.000 claims abstract description 67
- 238000004458 analytical method Methods 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims description 4
- 230000006399 behavior Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 238000013500 data storage Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/242—Query formulation
- G06F16/2433—Query languages
Abstract
The application discloses a database auditing method, a database auditing device and a database auditing device, wherein the method comprises the following steps: acquiring a binding variable template, a binding variable type value and a binding variable identifier of an SQL statement with a binding variable; establishing a corresponding relation between the binding variable template and the binding variable type value based on the binding variable identifier; and storing the corresponding relation between the binding variable template and the binding variable type value in an audit log, wherein the audit log is used for auditing a database. Because the binding variable template of the SQL statement with the binding variable and the binding variable type value information can be recorded in the audit log, the obtained audit log can realize the audit of the SQL statement with the binding variable received by the database server.
Description
Technical Field
The application relates to the field of data processing, in particular to a database auditing method, device and equipment.
Background
Database auditing, DBAudit for short, can record database activities on a network in real time, perform compliance management of fine-grained auditing on database operation, alarm risk behaviors suffered by the database, block attack behaviors and the like. The method is used for helping the user generate a compliance report and accident tracing and tracing sources after the user visits the database through recording, analyzing and reporting the behavior of the user accessing the database, meanwhile, network behavior records of the internal and external databases are enhanced, and the safety of data assets is improved, and the method is one of database safety technologies.
Currently, the MySQL database still belongs to one of the mainstream databases, and therefore, the auditing method for the MySQL database still is a concern for those skilled in the art. In the auditing process of the MySQL database, SQL statements with binding variables cannot be completely processed according to general SQL statements, so how to audit the SQL statements with the binding variables is a problem to be solved urgently in the auditing method of the MySQL database.
Disclosure of Invention
In view of this, the present application provides a database auditing method, apparatus and device, which can implement auditing of SQL statements with bound variables.
In a first aspect, to achieve the above object, the present application provides a database auditing method, including:
acquiring a binding variable template, a binding variable type value and a binding variable identifier of an SQL statement with a binding variable;
establishing a corresponding relation between the binding variable template and the binding variable type value based on the binding variable identifier;
and storing the corresponding relation between the binding variable template and the binding variable type value in an audit log, wherein the audit log is used for auditing a database.
In an optional embodiment, the method further comprises:
restoring the SQL statement with the binding variable based on the corresponding relation between the binding variable template and the binding variable type value;
and storing the restored SQL statement with the binding variable in the audit log.
In an optional implementation manner, before the restoring the SQL statement with the binding variable based on the corresponding relationship between the binding variable template and the binding variable type value, the method further includes:
and acquiring the corresponding relation between the binding variable template and the binding variable type value from the audit log.
In an optional implementation manner, the obtaining a binding variable template, a binding variable type value, and a binding variable identifier of an SQL statement with a binding variable includes:
after receiving an access message carrying a first preset request command, analyzing a binding variable template and a binding variable identifier from the access message, and establishing a corresponding relation between the binding variable template and the binding variable identifier; after receiving an access message carrying a second preset request command, analyzing a binding variable type value and a binding variable identifier from the access message, and establishing a corresponding relation between the binding variable type value and the binding variable identifier;
correspondingly, the establishing of the corresponding relationship between the binding variable template and the binding variable type value based on the binding variable identifier includes:
and establishing a corresponding relation for the binding variable template with the same binding variable identifier and the binding variable type value.
In a second aspect, the present application further provides a database auditing apparatus, including:
the first acquisition module is used for acquiring a binding variable template, a binding variable type value and a binding variable identifier of the SQL statement with the binding variable;
the establishing module is used for establishing the corresponding relation between the binding variable template and the binding variable type value based on the binding variable identifier;
and the first storage module is used for storing the corresponding relation between the binding variable template and the binding variable type value in an audit log, and the audit log is used for auditing the database.
In an alternative embodiment, the apparatus further comprises:
the restoring module is used for restoring the SQL statement with the binding variables based on the corresponding relation between the binding variable template and the binding variable type value;
and the second storage module is used for storing the restored SQL statement with the binding variable in the audit log.
In an alternative embodiment, the apparatus further comprises:
and the second acquisition module is used for acquiring the corresponding relation between the binding variable template and the binding variable type value from the audit log.
In an optional implementation manner, the first obtaining module includes:
the first analysis submodule is used for analyzing a binding variable template and a binding variable identifier from an access message after receiving the access message carrying a first preset request command, and establishing a corresponding relation between the binding variable template and the binding variable identifier;
the second analysis submodule is used for analyzing a binding variable type value and a binding variable identifier from an access message after receiving the access message carrying a second preset request command, and establishing a corresponding relation between the binding variable type value and the binding variable identifier;
correspondingly, the establishing module is specifically configured to:
and establishing a corresponding relation for the binding variable template with the same binding variable identifier and the binding variable type value.
In a third aspect, the present application also provides a computer-readable storage medium having stored therein instructions that, when run on a terminal device, cause the terminal device to perform the method according to any one of the above.
In a fourth aspect, the present application further provides a database auditing apparatus, including: a memory, a processor, and a computer program stored on the memory and executable on the processor, when executing the computer program, implementing the method as in any one of the above.
According to the database auditing method, the audit log of the database about the SQL statement with the binding variable is obtained by acquiring the binding variable template, the binding variable type value and the binding variable identification of the SQL statement with the binding variable, and establishing a corresponding relation for the binding variable template and the binding variable type value based on the binding variable identification. Because the binding variable template of the SQL statement with the binding variable and the binding variable type value information can be recorded in the audit log, the obtained audit log can realize the audit of the SQL statement with the binding variable received by the database server.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive labor.
FIG. 1 is a flow chart of a database auditing method provided by an embodiment of the present application;
FIG. 2 is a flow chart of another database auditing method provided by an embodiment of the present application;
fig. 3 is a schematic structural diagram of a database auditing apparatus according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a database auditing apparatus according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Based on the characteristics of a relational database, the MySQL database is used in many industries at present, and the operation of the MySQL database is submitted to a database server for processing in an SQL statement mode.
In an application scenario of the MySQL database, templates of a plurality of SQL statements that are continuously submitted to a database server are the same, but parameters are different, for example, as shown in the following code 1:
select*from table where id=1;
select*from table where id=2;
…
for the SQL statements with the above characteristics, if the SQL statements are sequentially submitted to the database server, the database server will analyze one of them, which relatively wastes system resources. In order to improve the efficiency of processing the SQL statements by the database server and save system resources, the SQL statements with the above characteristics may be rewritten into the following format of code 2:
select*from table where id=?
exec?:=1
exec?:=2
…
after the SQL sentences are submitted to the database server, the database server only needs to analyze once, and the efficiency of the database server for processing the SQL sentences can be effectively improved aiming at the scenes of frequent access of the SQL sentences to the database.
The SQL sentences with the characteristics are generally called SQL sentences with binding variables, and because the templates and the variable type values of the SQL sentences are not in the same sentence, the auditing difficulty of the database server on the MySQL database is increased.
Therefore, the application provides a database auditing method, which can audit SQL sentences with binding variables, and specifically comprises the steps of firstly obtaining a binding variable template, a binding variable type value and a binding variable identifier carried in the SQL sentences with the binding variables; secondly, establishing a corresponding relation between the binding variable template and the binding variable type value based on the binding variable identifier; and finally, storing the corresponding relation between the binding variable template and the binding variable type value in an audit log, wherein the audit log is used for auditing a database.
The following application provides a database auditing method, and refers to fig. 1, which is a flowchart of a database auditing method provided in an embodiment of the application. Specifically, the database auditing method comprises the following steps:
s101: and acquiring a binding variable template, a binding variable type value and a binding variable identifier carried in the SQL statement with the binding variable.
The SQL statement with the binding variable is the SQL statement type which is formed by rewriting a plurality of SQL statements with the same template and different parameters, wherein the value of the binding variable template and the value of the binding variable type are not in the same message. Taking the SQL statement with the binding variable in the code 2 above as an example, "select? "is a binding variable template; "exec? 1 "and" exec? "1" and "2" in "2" are binding variable type values, "? "is the binding variable identification.
In practical application, the database client is realized through the access message when accessing the database server. Since different types of databases correspond to different types of database protocols, when receiving an access packet of a database server, the database protocol of the access packet is analyzed first. Specifically, it is determined whether the database protocol of the access packet is the MySQL protocol, and if the database protocol of the access packet is the MySQL protocol, it is determined that the access packet uses the MySQL database as the access object.
And after determining that the database protocol of the access message is the MySQL protocol, determining that the access message carries SQL statement information, and further analyzing the access message. Specifically, the access message is analyzed to obtain a request command in the access message, and SQL statement information carried in the access message is determined based on the request command. In an alternative embodiment, the request command in the access message may be obtained by offsetting the request message.
In the embodiment of the application, after an access message carrying a first preset request command is received, a binding variable template and a binding variable identifier are analyzed from the access message, and a corresponding relation between the binding variable template and the binding variable identifier is established; and after receiving an access message carrying a second preset request command, analyzing a binding variable type value and a binding variable identifier from the access message, and establishing a corresponding relation between the binding variable type value and the binding variable identifier.
In an optional implementation manner, the first preset request command may be 0x16, and when the request command in the received message is 0x16, the binding variable identifier and the starting position and the template length of the binding variable template may be obtained from the access message by offsetting the request message, then the binding variable template of the SQL statement with the binding variable is obtained based on the starting position and the template length of the binding variable template, and the binding variable template and the binding variable identifier are associated with each other. If the second preset request command may be 0x17, the binding variable identifier and the start position and length of the binding variable type value may be obtained from the access packet by offsetting the request packet, then the binding variable type value of the SQL statement with the binding variable is obtained based on the start position and length of the binding variable type value, and a corresponding relationship is established between the binding variable type value and the binding variable identifier.
S102: and establishing the corresponding relation between the binding variable template and the binding variable type value based on the binding variable identifier.
In the embodiment of the application, after the binding variable template, the binding variable type value and the binding variable identifier of the SQL statement with the binding variable are obtained, the binding variable template and the binding variable type value with the same binding variable identifier are subjected to corresponding relationship establishment.
In fact, the binding variable template and the binding variable type value of the same SQL statement with the binding variable are usually respectively in a plurality of different access messages, for example, "select × from table where id? "belongs to an access message," exec? 1 belongs to another access message, "exec? 2 "belong to another access packet, that is, the binding variable template" select from table where id? ", binding variable type values" 1 "and" 2 "belong to different access messages, respectively. In order to enable information belonging to the same SQL statement with the binding variable to be recognized, the embodiment of the application binds the information in different access messages by using the binding variable identifier, and the binding variable template and the binding variable type value with the same binding variable identifier belong to the same SQL statement with the binding variable.
S103: and storing the corresponding relation between the binding variable template and the binding variable type value in an audit log, wherein the audit log is used for auditing a database.
In the embodiment of the application, after the corresponding relation between the binding variable template and the binding variable type value is established based on the fixed variable identification, the corresponding relation is stored in the audit log and is used for auditing the database.
The audit log is one of the bases of database audit, and the audit of the database is to enable a manager of the database to be capable of clearly knowing the behavior of a database user, so that the database operation behavior can be monitored really, and the illegal operation can be traced. When suspicious operation or operation violating audit rules is detected through the audit log, a database administrator can be notified through modes of monitoring center alarm, short message alarm, mail alarm, Syslog alarm and the like.
In the embodiment of the application, the audit log of the database about the SQL statement with the binding variable is obtained by obtaining the binding variable template, the binding variable type value and the binding variable identifier of the SQL statement with the binding variable and establishing a corresponding relation for the binding variable template and the binding variable type value based on the binding variable identifier. The method comprises the steps of recording binding variable templates and binding variable type value information of SQL statements with binding variables in an audit log, and auditing the SQL statements with the binding variables received by a database server based on the obtained audit log.
In order to further improve the accuracy of auditing the SQL statements with the binding variables received by the database server, an embodiment of the present application further provides a database auditing method, and with reference to fig. 2, a flowchart of another database auditing method provided by the embodiment of the present application is provided. The database auditing method comprises the following steps:
s201: and acquiring a binding variable template, a binding variable type value and a binding variable identifier of the SQL statement with the binding variables.
S202: and establishing the corresponding relation between the binding variable template and the binding variable type value based on the binding variable identifier.
S203: and storing the corresponding relation between the binding variable template and the binding variable type value in an audit log, wherein the audit log is used for auditing a database.
S201-S203 can be understood by referring to the descriptions of S101-S103 in the above embodiments, which are not described herein again.
S204: and acquiring the corresponding relation between the binding variable template and the binding variable type value from an audit log.
S205: and restoring the SQL statement with the binding variable based on the corresponding relation between the binding variable template and the binding variable type value.
In order to obtain richer audit information, the embodiment of the application can also restore the SQL statement with the binding variable, and the restored SQL statement with the binding variable is provided to a database auditor to be used as one of audit bases.
In practical application, because the binding variable template and the binding variable type value having the same binding variable identifier belong to the same SQL statement having the binding variable, the embodiment of the present application restores the SQL statement having the binding variable by using the binding variable template and the binding variable type value having the same binding variable identifier.
In the embodiment of the application, in order to reduce the pressure of the message parsing function, after the binding variable template and the binding variable type value are stored in the audit log, the SQL statement with the binding variable is restored. Specifically, the corresponding relation between the binding variable template and the binding variable type value is obtained from the audit log, and the SQL statement with the binding variable is restored based on the binding variable template and the binding variable type value.
It should be noted that, the embodiment of the present application is not limited to a manner of restoring the SQL statement with the bind variable.
S206: and storing the restored SQL statement with the binding variable in the audit log.
In order to enrich the audit basis of the SQL statement with the binding variable in the audit log, the embodiment of the application stores the restored SQL statement with the binding variable in the audit log.
In the embodiment of the application, for the auditing of the SQL sentences with the binding variables in the database auditing, not only can the binding variable templates, the binding variable type values and the binding variable identifiers of the SQL sentences with the binding variables be obtained, but also the SQL sentences with the binding variables restored based on the binding variable templates and the binding variable type values can be obtained, so that the auditing accuracy of the SQL sentences with the binding variables based on the obtained auditing logs is improved.
Based on the description of the foregoing method embodiment, the present application further provides a database auditing apparatus, and with reference to fig. 3, a schematic structural diagram of the database auditing apparatus provided in the present application embodiment is shown, where the apparatus includes:
the first obtaining module 301 is configured to obtain a binding variable template, a binding variable type value, and a binding variable identifier that are carried in an SQL statement with a binding variable;
an establishing module 302, configured to establish a corresponding relationship between the binding variable template and the binding variable type value based on the binding variable identifier;
a first storage module 303, configured to store the corresponding relationship between the binding variable template and the binding variable type value in an audit log, where the audit log is used to audit the database.
In an alternative embodiment, the apparatus further comprises:
the restoring module is used for restoring the SQL statement with the binding variables based on the corresponding relation between the binding variable template and the binding variable type value;
and the second storage module is used for storing the restored SQL statement with the binding variable in the audit log.
In addition, the apparatus further comprises:
and the second acquisition module is used for acquiring the corresponding relation between the binding variable template and the binding variable type value from the audit log.
Specifically, the first obtaining module includes:
the first analysis submodule is used for analyzing a binding variable template and a binding variable identifier from an access message after receiving the access message carrying a first preset request command, and establishing a corresponding relation between the binding variable template and the binding variable identifier;
the second analysis submodule is used for analyzing a binding variable type value and a binding variable identifier from an access message after receiving the access message carrying a second preset request command, and establishing a corresponding relation between the binding variable type value and the binding variable identifier;
correspondingly, the establishing module is specifically configured to:
and establishing a corresponding relation for the binding variable template with the same binding variable identifier and the binding variable type value.
In the embodiment of the application, the audit log of the database about the SQL statement with the binding variable is obtained by obtaining the binding variable template, the binding variable type value and the binding variable identifier of the SQL statement with the binding variable and establishing a corresponding relation for the binding variable template and the binding variable type value based on the binding variable identifier. Because the binding variable template of the SQL statement with the binding variable and the binding variable type value information can be recorded in the audit log, the SQL statement with the binding variable received by the database server can be audited based on the obtained audit log.
Furthermore, in order to enrich the content in the audit log, the SQL statement with the binding variable is restored based on the binding variable template and the binding variable type value, and is stored in the audit log. Therefore, the embodiment of the application can also audit based on the restored SQL statement with the binding variable, and a more accurate audit result is obtained.
In addition, an embodiment of the present application further provides a database audit device, as shown in fig. 4, where the database audit device may include:
a processor 401, a memory 402, an input device 403, and an output device 404. The number of processors 401 in the database auditing device may be one or more, and one processor is taken as an example in fig. 4. In some embodiments of the present invention, the processor 401, the memory 402, the input device 403, and the output device 404 may be connected by a bus or other means, wherein the connection by the bus is illustrated in fig. 4.
The memory 402 may be used to store software programs and modules, and the processor 401 executes various functional applications and data processing of the database auditing apparatus by running the software programs and modules stored in the memory 402. The memory 402 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function, and the like. Further, the memory 402 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Input means 403 may be used to receive entered numeric or character information and to generate signal inputs relating to user settings and function control of the database audit device.
Specifically, in this embodiment, the processor 401 loads an executable file corresponding to a process of one or more application programs into the memory 402 according to the following instructions, and the processor 401 runs the application programs stored in the memory 402, thereby implementing various functions in the database auditing method.
In addition, the application also provides a computer-readable storage medium, wherein instructions are stored in the computer-readable storage medium, and when the instructions are run on the terminal device, the terminal device is caused to execute the database auditing method.
It is understood that for the apparatus embodiments, since they correspond substantially to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The database auditing method, device and equipment provided by the embodiment of the application are introduced in detail, a specific example is applied in the method to explain the principle and the implementation mode of the application, and the description of the embodiment is only used for helping to understand the method and the core idea of the application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.
Claims (10)
1. A database auditing method, the method comprising:
acquiring a binding variable template, a binding variable type value and a binding variable identifier of an SQL statement with a binding variable;
establishing a corresponding relation between the binding variable template and the binding variable type value based on the binding variable identifier;
and storing the corresponding relation between the binding variable template and the binding variable type value in an audit log, wherein the audit log is used for auditing a database.
2. The method of claim 1, further comprising:
restoring the SQL statement with the binding variable based on the corresponding relation between the binding variable template and the binding variable type value;
and storing the restored SQL statement with the binding variable in the audit log.
3. The method according to claim 2, wherein before restoring the SQL statement with the bind variable based on the corresponding relationship between the bind variable template and the bind variable type value, the method further comprises:
and acquiring the corresponding relation between the binding variable template and the binding variable type value from the audit log.
4. The method of claim 1, wherein the obtaining of the bind variable template, the bind variable type value and the bind variable identifier of the SQL statement with the bind variable comprises:
after receiving an access message carrying a first preset request command, analyzing a binding variable template and a binding variable identifier from the access message, and establishing a corresponding relation between the binding variable template and the binding variable identifier; after receiving an access message carrying a second preset request command, analyzing a binding variable type value and a binding variable identifier from the access message, and establishing a corresponding relation between the binding variable type value and the binding variable identifier;
correspondingly, the establishing of the corresponding relationship between the binding variable template and the binding variable type value based on the binding variable identifier includes:
and establishing a corresponding relation for the binding variable template with the same binding variable identifier and the binding variable type value.
5. A database auditing apparatus, the apparatus comprising:
the first acquisition module is used for acquiring a binding variable template, a binding variable type value and a binding variable identifier of the SQL statement with the binding variable;
the establishing module is used for establishing the corresponding relation between the binding variable template and the binding variable type value based on the binding variable identifier;
and the first storage module is used for storing the corresponding relation between the binding variable template and the binding variable type value in an audit log, and the audit log is used for auditing the database.
6. The apparatus of claim 5, further comprising:
the restoring module is used for restoring the SQL statement with the binding variables based on the corresponding relation between the binding variable template and the binding variable type value;
and the second storage module is used for storing the restored SQL statement with the binding variable in the audit log.
7. The apparatus of claim 6, further comprising:
and the second acquisition module is used for acquiring the corresponding relation between the binding variable template and the binding variable type value from the audit log.
8. The apparatus of claim 5, wherein the first obtaining module comprises:
the first analysis submodule is used for analyzing a binding variable template and a binding variable identifier from an access message after receiving the access message carrying a first preset request command, and establishing a corresponding relation between the binding variable template and the binding variable identifier;
the second analysis submodule is used for analyzing a binding variable type value and a binding variable identifier from an access message after receiving the access message carrying a second preset request command, and establishing a corresponding relation between the binding variable type value and the binding variable identifier;
correspondingly, the establishing module is specifically configured to:
and establishing a corresponding relation for the binding variable template with the same binding variable identifier and the binding variable type value.
9. A computer-readable storage medium having stored therein instructions that, when executed on a terminal device, cause the terminal device to perform the method of any one of claims 1-4.
10. A database audit device comprising: memory, a processor, and a computer program stored on the memory and executable on the processor, when executing the computer program, implementing the method of any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911136313.9A CN110941632A (en) | 2019-11-19 | 2019-11-19 | Database auditing method, device and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911136313.9A CN110941632A (en) | 2019-11-19 | 2019-11-19 | Database auditing method, device and equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110941632A true CN110941632A (en) | 2020-03-31 |
Family
ID=69906868
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911136313.9A Pending CN110941632A (en) | 2019-11-19 | 2019-11-19 | Database auditing method, device and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110941632A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111651758A (en) * | 2020-06-08 | 2020-09-11 | 成都安恒信息技术有限公司 | Method for auditing result set of relational database of operation and maintenance auditing system |
| CN113268553A (en) * | 2021-07-21 | 2021-08-17 | 国网汇通金财(北京)信息科技有限公司 | Data auditing method, system, electronic equipment and storage medium |
| CN113641702A (en) * | 2021-10-18 | 2021-11-12 | 北京安华金和科技有限公司 | Method and device for interactive processing with database client after statement audit |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101453358A (en) * | 2007-12-06 | 2009-06-10 | 北京启明星辰信息技术股份有限公司 | Sql sentence audit method and system for oracle database binding variable |
| CN101561806A (en) * | 2008-04-17 | 2009-10-21 | 北京启明星辰信息技术股份有限公司 | Information extraction and audit method of DB2 database operation, device and system thereof |
| CN101853289A (en) * | 2010-05-26 | 2010-10-06 | 杭州华三通信技术有限公司 | Database auditing method and equipment |
| US20140230070A1 (en) * | 2013-02-14 | 2014-08-14 | Microsoft Corporation | Auditing of sql queries using select triggers |
-
2019
- 2019-11-19 CN CN201911136313.9A patent/CN110941632A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101453358A (en) * | 2007-12-06 | 2009-06-10 | 北京启明星辰信息技术股份有限公司 | Sql sentence audit method and system for oracle database binding variable |
| CN101561806A (en) * | 2008-04-17 | 2009-10-21 | 北京启明星辰信息技术股份有限公司 | Information extraction and audit method of DB2 database operation, device and system thereof |
| CN101853289A (en) * | 2010-05-26 | 2010-10-06 | 杭州华三通信技术有限公司 | Database auditing method and equipment |
| US20140230070A1 (en) * | 2013-02-14 | 2014-08-14 | Microsoft Corporation | Auditing of sql queries using select triggers |
Non-Patent Citations (3)
| Title |
|---|
| 刘宏宇: ""基于数据库审计系统的PostgreSQL协议解析的研究与实现"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
| 梁昌明: "Oracle数据库审计方法的探讨", 《中国医疗设备》 * |
| 王召: ""基于数据库审计系统TNS协议解析的研究与实现"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111651758A (en) * | 2020-06-08 | 2020-09-11 | 成都安恒信息技术有限公司 | Method for auditing result set of relational database of operation and maintenance auditing system |
| CN111651758B (en) * | 2020-06-08 | 2022-11-22 | 成都安恒信息技术有限公司 | Method for auditing result set of relational database of operation and maintenance auditing system |
| CN113268553A (en) * | 2021-07-21 | 2021-08-17 | 国网汇通金财(北京)信息科技有限公司 | Data auditing method, system, electronic equipment and storage medium |
| CN113641702A (en) * | 2021-10-18 | 2021-11-12 | 北京安华金和科技有限公司 | Method and device for interactive processing with database client after statement audit |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108881294B (en) | Attack source IP portrait generation method and device based on network attack behaviors | |
| US20180365085A1 (en) | Method and apparatus for monitoring client applications | |
| US7636919B2 (en) | User-centric policy creation and enforcement to manage visually notified state changes of disparate applications | |
| CN113489713B (en) | Network attack detection method, device, equipment and storage medium | |
| CN106960143B (en) | User account identification method and device, storage medium and electronic equipment | |
| CN111752799A (en) | Service link tracking method, device, equipment and storage medium | |
| CN112631913B (en) | Method, device, equipment and storage medium for monitoring operation faults of application program | |
| CN110941632A (en) | Database auditing method, device and equipment | |
| CN109005162B (en) | Industrial control system security audit method and device | |
| CN111866016A (en) | Log analysis method and system | |
| CN112347501A (en) | Data processing method, device, equipment and storage medium | |
| JP6282217B2 (en) | Anti-malware system and anti-malware method | |
| CN115238247A (en) | Data processing method based on zero trust data access control system | |
| CN109284331B (en) | Certificate making information acquisition method based on service data resources, terminal equipment and medium | |
| CN108650123B (en) | Fault information recording method, device, equipment and storage medium | |
| CN110442582B (en) | Scene detection method, device, equipment and medium | |
| CN111435327B (en) | Log record processing method, device and system | |
| CN111885088A (en) | Log monitoring method and device based on block chain | |
| CN111708712A (en) | User behavior test case generation method, flow playback method and electronic equipment | |
| CN111209266A (en) | Auditing method and device based on Redis database and electronic equipment | |
| CN115757318A (en) | Log query method and device, storage medium and electronic equipment | |
| CN111241547A (en) | Detection method, device and system for unauthorized vulnerability | |
| CN115658794A (en) | Data query method and device, computer equipment and storage medium | |
| CN113918204A (en) | Metadata script management method and device, electronic equipment and storage medium | |
| CN109784053B (en) | Method and device for generating filter rule, storage medium and electronic device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200331 |
|
| RJ01 | Rejection of invention patent application after publication |