CN111125759A - Database login account shielding method and device and electronic equipment - Google Patents
Database login account shielding method and device and electronic equipment Download PDFInfo
- Publication number
- CN111125759A CN111125759A CN201911322982.5A CN201911322982A CN111125759A CN 111125759 A CN111125759 A CN 111125759A CN 201911322982 A CN201911322982 A CN 201911322982A CN 111125759 A CN111125759 A CN 111125759A
- Authority
- CN
- China
- Prior art keywords
- database
- maintenance
- account
- equipment
- connection information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Abstract
The embodiment of the disclosure provides a database login account shielding method, a database login account shielding device and electronic equipment, belonging to the technical field of information security protection, wherein the method comprises the following steps: configuring database connection information and an operation and maintenance account; mapping between a database and equipment based on the connection information and the operation and maintenance account; performing operation and maintenance operation on the database through a client tool by using the operation and maintenance account; and accessing the database based on the operation and maintenance operation. By the processing scheme, the safety of the operation and maintenance of the database account is improved.
Description
Technical Field
The disclosure relates to the technical field of information security protection, in particular to a database login account shielding method and device and electronic equipment.
Background
At present, as the application of databases is more and more extensive, the operation and maintenance of databases and the security of database accounts are more and more important, and how to safely use the operation and maintenance of database accounts becomes an inevitable topic. Generally, the operation and maintenance of a database are directly performed by using database accounts through a database account creation mode, so that a plurality of users can perform the operation and maintenance of the database by creating a plurality of database accounts, and inevitable security risks are brought to the access of the database. The database account shielding uses the database account to access the database through the intermediate module, a user accesses the intermediate module through the operation and maintenance account of the intermediate module, and the intermediate module analyzes and encapsulates the operation of the database, so that the disclosure of the database account to the operation and maintenance user is completely shielded, and the operation and maintenance user can realize the access function to the database only by knowing the operation and maintenance account of the intermediate module. Therefore, the operation and maintenance user can realize the operation and maintenance operation on the database without knowing the real account number of the database, thereby realizing the function of shielding the account number of the database.
Disclosure of Invention
In view of this, embodiments of the present disclosure provide a database login account shielding method, apparatus, and electronic device, so as to at least partially solve the problems in the prior art.
In a first aspect, an embodiment of the present disclosure provides a database login account shielding method, including:
configuring database connection information and an operation and maintenance account;
mapping between a database and equipment based on the connection information and the operation and maintenance account;
performing operation and maintenance operation on the database through a client tool by using the operation and maintenance account;
and accessing the database based on the operation and maintenance operation.
According to a specific implementation manner of the embodiment of the present disclosure, the configuring the database connection information and the operation and maintenance account includes:
and setting database account connection information for a protocol communication function between the equipment and the database, wherein the connection information is only used for connection operation between the equipment and the database, and the database account is opaque to the outside.
According to a specific implementation manner of the embodiment of the present disclosure, the configuring the database connection information and the operation and maintenance account includes:
the configuration of the operation and maintenance account is realized by providing a configuration interface by the equipment, a user adds account information of the operation and maintenance database through the equipment, the added operation and maintenance account is used for the user to operate and use the database by using a client tool, the user operates the equipment through the operation of the operation and maintenance account, and the operation of the database is actually the analysis and encapsulation of the equipment on a database operation protocol.
According to a specific implementation manner of the embodiment of the present disclosure, the mapping between the database and the device based on the connection information and the operation and maintenance account includes:
and mapping the set database connection information with a port of the equipment, wherein the port is used for providing an operation and maintenance account to access the port information of the equipment during operation and maintenance.
According to a specific implementation manner of the embodiment of the present disclosure, the performing, by using the operation and maintenance account, an operation and maintenance operation on a database through a client tool includes:
when the user operates and maintains through the client tool, one or more of an operation and maintenance account number, an operation and maintenance account number password, an IP address of the device, an access port of the device and a database name are configured, so that the database can be operated conveniently.
According to a specific implementation manner of the embodiment of the present disclosure, the performing, by using the operation and maintenance account, an operation and maintenance operation on a database through a client tool includes:
the device is connected to the device through a database client tool, judges whether the connection information of the user is correct, if the connection information is correct, the device is connected to the database to provide corresponding operation of the user, if the connection information is wrong, the device directly returns the connection failure information of the database, and for the user, the operation and maintenance operation of the database can be realized only by knowing the own operation and maintenance account number and the IP and port information of the device.
According to a specific implementation manner of the embodiment of the present disclosure, the accessing the database based on the operation and maintenance operation includes:
when a user uses an operation and maintenance account to carry out database operation and maintenance, the equipment judges whether the operation and maintenance account information is valid, if so, the equipment is connected to the database through the real account of the database to provide the operation function of the operation and maintenance account, and the equipment provides the operation and maintenance operation of the database through analyzing and packaging a database protocol packet of the operation and maintenance operation.
In a second aspect, an embodiment of the present disclosure provides a database login account shielding apparatus, including:
the configuration module is used for configuring database connection information and operation and maintenance accounts;
the mapping module is used for mapping between a database and equipment based on the connection information and the operation and maintenance account;
the operation and maintenance module is used for performing operation and maintenance operation on the database through a client tool by utilizing the operation and maintenance account;
and the access module is used for accessing the database based on the operation and maintenance operation.
In a third aspect, an embodiment of the present disclosure further provides an electronic device, where the electronic device includes:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the database login account masking method of the first aspect or any implementation manner of the first aspect.
In a fourth aspect, this disclosed embodiment also provides a non-transitory computer-readable storage medium storing computer instructions for causing the computer to execute the database login account blocking method in the first aspect or any implementation manner of the first aspect.
In a fifth aspect, the present disclosure also provides a computer program product, which includes a computer program stored on a non-transitory computer-readable storage medium, where the computer program includes program instructions, and when the program instructions are executed by a computer, the computer executes the database login account blocking method in the first aspect or any implementation manner of the first aspect.
The database login account shielding scheme in the embodiment of the disclosure comprises the steps of configuring database connection information and an operation and maintenance account; mapping between a database and equipment based on the connection information and the operation and maintenance account; performing operation and maintenance operation on the database through a client tool by using the operation and maintenance account; and accessing the database based on the operation and maintenance operation. According to the scheme provided by the invention, the user only needs to know the operation and maintenance account information and does not need to know the database account, so that the shielding function of the database login account is achieved, and the safety of the operation and maintenance of the database account is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present disclosure, the drawings needed to be used in the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present disclosure, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a database login account shielding method according to an embodiment of the present disclosure;
fig. 2 is a database account shielding module diagram provided in the embodiment of the present disclosure;
fig. 3 is a flowchart of another database login account shielding method according to an embodiment of the present disclosure
Fig. 4 is a schematic structural diagram of a database login account shielding apparatus according to an embodiment of the present disclosure;
fig. 5 is a schematic view of an electronic device provided in an embodiment of the present disclosure.
Detailed Description
The embodiments of the present disclosure are described in detail below with reference to the accompanying drawings.
The embodiments of the present disclosure are described below with specific examples, and other advantages and effects of the present disclosure will be readily apparent to those skilled in the art from the disclosure in the specification. It is to be understood that the described embodiments are merely illustrative of some, and not restrictive, of the embodiments of the disclosure. The disclosure may be embodied or carried out in various other specific embodiments, and various modifications and changes may be made in the details within the description without departing from the spirit of the disclosure. It is to be noted that the features in the following embodiments and examples may be combined with each other without conflict. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
It is noted that various aspects of the embodiments are described below within the scope of the appended claims. It should be apparent that the aspects described herein may be embodied in a wide variety of forms and that any specific structure and/or function described herein is merely illustrative. Based on the disclosure, one skilled in the art should appreciate that one aspect described herein may be implemented independently of any other aspects and that two or more of these aspects may be combined in various ways. For example, an apparatus may be implemented and/or a method practiced using any number of the aspects set forth herein. Additionally, such an apparatus may be implemented and/or such a method may be practiced using other structure and/or functionality in addition to one or more of the aspects set forth herein.
It should be noted that the drawings provided in the following embodiments are only for illustrating the basic idea of the present disclosure, and the drawings only show the components related to the present disclosure rather than the number, shape and size of the components in actual implementation, and the type, amount and ratio of the components in actual implementation may be changed arbitrarily, and the layout of the components may be more complicated.
In addition, in the following description, specific details are provided to facilitate a thorough understanding of the examples. However, it will be understood by those skilled in the art that the aspects may be practiced without these specific details.
The embodiment of the disclosure provides a database login account shielding method. The database login account blocking method provided by the embodiment may be executed by a computing device, where the computing device may be implemented as software, or implemented as a combination of software and hardware, and the computing device may be integrally disposed in a server, a client, or the like.
Referring to fig. 1, fig. 2, and fig. 3, the database login account shielding method in the embodiment of the present disclosure may include the following steps:
and S101, configuring database connection information and operation and maintenance accounts.
Firstly, an administrator needs to provide database account connection information for a protocol communication function between the device and a database. The login account numbers of the equipment and the database are not provided externally and are only used for the connection operation between the equipment and the database, and the account numbers of the database are not transparent externally. The configured database connection information is as follows:
a) user names, e.g. oracle
b) Passwords, e.g. 123456
c) Database IP addresses, e.g. 192.168.1.115
d) Database access ports, e.g. 1521
e) Database names, e.g. orcl
The configuration of the operation and maintenance account is realized by providing a configuration interface by the equipment, a user adds account information of the operation and maintenance database through the equipment, the added operation and maintenance account is used for the user to operate and use the database by using a client tool, the operation of the user through the operation and maintenance account is actually the operation of the equipment, and the operation of the database is actually the analysis and encapsulation of the equipment on a database operation protocol. If the operation and maintenance account is added: user01, password 111222.
S102, mapping between a database and equipment is carried out based on the connection information and the operation and maintenance account.
And setting database connection information to be mapped with a certain port of the equipment, such as a 9000 port, wherein the port is used for providing an operation and maintenance account to access port information of the equipment during operation and maintenance.
And S103, performing operation and maintenance operation on the database through the client tool by using the operation and maintenance account.
When the user operates and maintains through the client tool, the user can operate the database only by configuring the following information.
a) Operation and maintenance account number, e.g. user01
b) Account passwords, e.g. 111222
c) IP addresses of the apparatus, e.g. 192.168.1.160
d) Access ports for the apparatus, e.g. 9000
e) Database names, e.g. oracle
The user uses the information to connect to the device through a database client tool, the device judges whether the connection information of the user is correct, if the connection information is correct, the device is connected to the database to provide corresponding operation of the user, if the connection is wrong, the device directly returns the failure information of the database connection, and for the user, the operation and maintenance operation of the database can be realized only by knowing the own operation and maintenance account number and the IP and port information of the device.
And S104, accessing the database based on the operation and maintenance operation.
The user can access the database only by logging in through the operation and maintenance account, the operation and maintenance account is the account of the user operation and maintenance database, the real account of the database is provided for the device to access the database, when the user uses the operation and maintenance account number to carry out database operation and maintenance, the equipment judges whether the operation and maintenance account number information is valid or not, if the operation is valid, the equipment is connected to the database through the real account of the database to provide the operation function of the operation and maintenance account, the equipment provides the operation and maintenance operation of the database through analyzing and packaging a database protocol packet of the operation and maintenance operation, therefore, for the fact that the database login account used by the operation and maintenance user is the operation and maintenance account of the device, the real account of the database is not visible to the user actually, and the user can only access the database through the account of the device, so that the function of shielding the account of the database is achieved.
The invention realizes the following functional effects by analyzing and packaging the database operation protocol: the database access account number shielding function improves the security of the database account number.
The method provides a database login account for the equipment through a database administrator, and the database login account is used for connection between the equipment and a database. The user can add and configure a plurality of operation and maintenance accounts through the equipment, the operation and maintenance accounts are used for logging in the equipment to carry out corresponding operation of the database, the equipment determines whether the user logs in by verifying whether the operation and maintenance accounts are logged in successfully, if the operation and maintenance accounts are logged in successfully, the equipment is connected to the database through the database login account and provides the operation related to the database to the operation and maintenance account, when the user operates and maintains through a database client tool, the operation on the database can be completed only by logging in the equipment through the operation and maintenance account, the equipment provides encapsulation for the operation of the database, corresponding protocol analysis communicated with the database client is generated, the encapsulated operation result is returned to the operation and maintenance account client of the operation and maintenance operation, the user only needs to know the operation and maintenance account information, the database account does not need to be known, the shielding function of the database login account is achieved, and the safety of the operation and maintenance of the database account is improved.
According to a specific implementation manner of the embodiment of the present disclosure, the configuring the database connection information and the operation and maintenance account includes:
and setting database account connection information for a protocol communication function between the equipment and the database, wherein the connection information is only used for connection operation between the equipment and the database, and the database account is opaque to the outside.
According to a specific implementation manner of the embodiment of the present disclosure, the configuring the database connection information and the operation and maintenance account includes:
the configuration of the operation and maintenance account is realized by providing a configuration interface by the equipment, a user adds account information of the operation and maintenance database through the equipment, the added operation and maintenance account is used for the user to operate and use the database by using a client tool, the user operates the equipment through the operation of the operation and maintenance account, and the operation of the database is actually the analysis and encapsulation of the equipment on a database operation protocol.
According to a specific implementation manner of the embodiment of the present disclosure, the mapping between the database and the device based on the connection information and the operation and maintenance account includes:
and mapping the set database connection information with a port of the equipment, wherein the port is used for providing an operation and maintenance account to access the port information of the equipment during operation and maintenance.
According to a specific implementation manner of the embodiment of the present disclosure, the performing, by using the operation and maintenance account, an operation and maintenance operation on a database through a client tool includes:
when the user operates and maintains through the client tool, one or more of an operation and maintenance account number, an operation and maintenance account number password, an IP address of the device, an access port of the device and a database name are configured, so that the database can be operated conveniently.
According to a specific implementation manner of the embodiment of the present disclosure, the performing, by using the operation and maintenance account, an operation and maintenance operation on a database through a client tool includes:
the device is connected to the device through a database client tool, judges whether the connection information of the user is correct, if the connection information is correct, the device is connected to the database to provide corresponding operation of the user, if the connection information is wrong, the device directly returns the connection failure information of the database, and for the user, the operation and maintenance operation of the database can be realized only by knowing the own operation and maintenance account number and the IP and port information of the device.
According to a specific implementation manner of the embodiment of the present disclosure, the accessing the database based on the operation and maintenance operation includes:
when a user uses an operation and maintenance account to carry out database operation and maintenance, the equipment judges whether the operation and maintenance account information is valid, if so, the equipment is connected to the database through the real account of the database to provide the operation function of the operation and maintenance account, and the equipment provides the operation and maintenance operation of the database through analyzing and packaging a database protocol packet of the operation and maintenance operation.
Corresponding to the above method embodiment, referring to fig. 4, the embodiment of the present disclosure further provides a database login account shielding apparatus 40, including:
the configuration module 401 is configured to configure database connection information and an operation and maintenance account;
a mapping module 402, configured to map between a database and a device based on the connection information and the operation and maintenance account;
the operation and maintenance module 403 is configured to perform operation and maintenance operations on the database through a client tool by using the operation and maintenance account;
an accessing module 404, configured to access the database based on the operation and maintenance operation.
For parts not described in detail in this embodiment, reference is made to the contents described in the above method embodiments, which are not described again here.
Referring to fig. 5, an embodiment of the present disclosure also provides an electronic device 60, including:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the database login account masking method of the method embodiments described above.
The disclosed embodiments also provide a non-transitory computer-readable storage medium storing computer instructions for causing the computer to execute the database login account masking method in the foregoing method embodiments.
The disclosed embodiments also provide a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a computer, cause the computer to perform the database login account blocking method in the aforementioned method embodiments.
Referring now to FIG. 5, a schematic diagram of an electronic device 60 suitable for use in implementing embodiments of the present disclosure is shown. The electronic devices in the embodiments of the present disclosure may include, but are not limited to, mobile terminals such as mobile phones, notebook computers, digital broadcast receivers, PDAs (personal digital assistants), PADs (tablet computers), PMPs (portable multimedia players), in-vehicle terminals (e.g., car navigation terminals), and the like, and fixed terminals such as digital TVs, desktop computers, and the like. The electronic device shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 5, electronic device 60 may include a processing means (e.g., central processing unit, graphics processor, etc.) 601 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage means 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data necessary for the operation of the electronic apparatus 60 are also stored. The processing device 601, the ROM602, and the RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
Generally, the following devices may be connected to the I/O interface 605: input devices 606 including, for example, a touch screen, touch pad, keyboard, mouse, image sensor, microphone, accelerometer, gyroscope, etc.; output devices 607 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 608 including, for example, tape, hard disk, etc.; and a communication device 609. The communication means 609 may allow the electronic device 60 to communicate with other devices wirelessly or by wire to exchange data. While the figures illustrate an electronic device 60 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication means 609, or may be installed from the storage means 608, or may be installed from the ROM 602. The computer program, when executed by the processing device 601, performs the above-described functions defined in the methods of the embodiments of the present disclosure.
It should be noted that the computer readable medium in the present disclosure can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device.
The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: acquiring at least two internet protocol addresses; sending a node evaluation request comprising the at least two internet protocol addresses to node evaluation equipment, wherein the node evaluation equipment selects the internet protocol addresses from the at least two internet protocol addresses and returns the internet protocol addresses; receiving an internet protocol address returned by the node evaluation equipment; wherein the obtained internet protocol address indicates an edge node in the content distribution network.
Alternatively, the computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: receiving a node evaluation request comprising at least two internet protocol addresses; selecting an internet protocol address from the at least two internet protocol addresses; returning the selected internet protocol address; wherein the received internet protocol address indicates an edge node in the content distribution network.
Computer program code for carrying out operations for aspects of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present disclosure may be implemented by software or hardware. Where the name of a unit does not in some cases constitute a limitation of the unit itself, for example, the first retrieving unit may also be described as a "unit for retrieving at least two internet protocol addresses".
It should be understood that portions of the present disclosure may be implemented in hardware, software, firmware, or a combination thereof.
The above description is only for the specific embodiments of the present disclosure, but the scope of the present disclosure is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present disclosure should be covered within the scope of the present disclosure. Therefore, the protection scope of the present disclosure shall be subject to the protection scope of the claims.
Claims (10)
1. A database login account shielding method is characterized by comprising the following steps:
configuring database connection information and an operation and maintenance account;
mapping between a database and equipment based on the connection information and the operation and maintenance account;
performing operation and maintenance operation on the database through a client tool by using the operation and maintenance account;
and accessing the database based on the operation and maintenance operation.
2. The method of claim 1, wherein configuring the database connection information and the operation and maintenance account comprises:
and setting database account connection information for a protocol communication function between the equipment and the database, wherein the connection information is only used for connection operation between the equipment and the database, and the database account is opaque to the outside.
3. The method of claim 1, wherein configuring the database connection information and the operation and maintenance account comprises:
the configuration of the operation and maintenance account is realized by providing a configuration interface by the equipment, a user adds account information of the operation and maintenance database through the equipment, the added operation and maintenance account is used for the user to operate and use the database by using a client tool, the user operates the equipment through the operation of the operation and maintenance account, and the operation of the database is actually the analysis and encapsulation of the equipment on a database operation protocol.
4. The method of claim 1, wherein the mapping between the database and the device based on the connection information and the operation and maintenance account number comprises:
and mapping the set database connection information with a port of the equipment, wherein the port is used for providing an operation and maintenance account to access the port information of the equipment during operation and maintenance.
5. The method of claim 1, wherein performing operation and maintenance operations on the database through a client tool by using the operation and maintenance account comprises:
when the user operates and maintains through the client tool, one or more of an operation and maintenance account number, an operation and maintenance account number password, an IP address of the device, an access port of the device and a database name are configured, so that the database can be operated conveniently.
6. The method of claim 1, wherein performing operation and maintenance operations on the database through a client tool by using the operation and maintenance account comprises:
the device is connected to the device through a database client tool, judges whether the connection information of the user is correct, if the connection information is correct, the device is connected to the database to provide corresponding operation of the user, if the connection information is wrong, the device directly returns the connection failure information of the database, and for the user, the operation and maintenance operation of the database can be realized only by knowing the own operation and maintenance account number and the IP and port information of the device.
7. The method of claim 1, wherein accessing the database based on the operation and maintenance operation comprises:
when a user uses an operation and maintenance account to carry out database operation and maintenance, the equipment judges whether the operation and maintenance account information is valid, if so, the equipment is connected to the database through the real account of the database to provide the operation function of the operation and maintenance account, and the equipment provides the operation and maintenance operation of the database through analyzing and packaging a database protocol packet of the operation and maintenance operation.
8. A database login account shielding device is characterized by comprising:
the configuration module is used for configuring database connection information and operation and maintenance accounts;
the mapping module is used for mapping between a database and equipment based on the connection information and the operation and maintenance account;
the operation and maintenance module is used for performing operation and maintenance operation on the database through a client tool by utilizing the operation and maintenance account;
and the access module is used for accessing the database based on the operation and maintenance operation.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the database entry account masking method of any of the preceding claims 1-7.
10. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the database login account masking method of any one of the preceding claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911322982.5A CN111125759A (en) | 2019-12-19 | 2019-12-19 | Database login account shielding method and device and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911322982.5A CN111125759A (en) | 2019-12-19 | 2019-12-19 | Database login account shielding method and device and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111125759A true CN111125759A (en) | 2020-05-08 |
Family
ID=70500546
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911322982.5A Pending CN111125759A (en) | 2019-12-19 | 2019-12-19 | Database login account shielding method and device and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111125759A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112231654A (en) * | 2020-10-16 | 2021-01-15 | 北京天融信网络安全技术有限公司 | Operation and maintenance data isolation method and device, electronic equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105139139A (en) * | 2015-08-31 | 2015-12-09 | 国家电网公司 | Data processing method, device and system for operation and maintenance audit |
| CN107122674A (en) * | 2017-04-12 | 2017-09-01 | 成都安恒信息技术有限公司 | A kind of access method of oracle database applied to O&M auditing system |
| CN107480509A (en) * | 2017-09-22 | 2017-12-15 | 携程旅游网络技术(上海)有限公司 | O&M safety auditing system logs in vessel process, system, equipment and storage medium |
| CN107634951A (en) * | 2017-09-22 | 2018-01-26 | 携程旅游网络技术(上海)有限公司 | Docker vessel safeties management method, system, equipment and storage medium |
| CN107832608A (en) * | 2017-11-29 | 2018-03-23 | 北京安华金和科技有限公司 | A kind of method for preventing artificial or application end leakage oracle database password |
| CN110188089A (en) * | 2019-05-31 | 2019-08-30 | 杭州安恒信息技术股份有限公司 | A kind of database O&M management-control method and device |
-
2019
- 2019-12-19 CN CN201911322982.5A patent/CN111125759A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105139139A (en) * | 2015-08-31 | 2015-12-09 | 国家电网公司 | Data processing method, device and system for operation and maintenance audit |
| CN107122674A (en) * | 2017-04-12 | 2017-09-01 | 成都安恒信息技术有限公司 | A kind of access method of oracle database applied to O&M auditing system |
| CN107480509A (en) * | 2017-09-22 | 2017-12-15 | 携程旅游网络技术(上海)有限公司 | O&M safety auditing system logs in vessel process, system, equipment and storage medium |
| CN107634951A (en) * | 2017-09-22 | 2018-01-26 | 携程旅游网络技术(上海)有限公司 | Docker vessel safeties management method, system, equipment and storage medium |
| CN107832608A (en) * | 2017-11-29 | 2018-03-23 | 北京安华金和科技有限公司 | A kind of method for preventing artificial or application end leakage oracle database password |
| CN110188089A (en) * | 2019-05-31 | 2019-08-30 | 杭州安恒信息技术股份有限公司 | A kind of database O&M management-control method and device |
Non-Patent Citations (1)
| Title |
|---|
| 吕宗健: "运维安全管理系统设计", 《信息系统工程》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112231654A (en) * | 2020-10-16 | 2021-01-15 | 北京天融信网络安全技术有限公司 | Operation and maintenance data isolation method and device, electronic equipment and storage medium |
| CN112231654B (en) * | 2020-10-16 | 2024-02-06 | 北京天融信网络安全技术有限公司 | Operation and data isolation method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109074265B (en) | Preformed instructions for mobile cloud services | |
| CN111177617A (en) | Web direct operation and maintenance method and device based on operation and maintenance management system and electronic equipment | |
| US9736272B2 (en) | Generation and distribution of named, definable, serialized tokens | |
| CN112015314B (en) | Information display method and device, electronic equipment and medium | |
| CN112684968A (en) | Page display method and device, electronic equipment and computer readable medium | |
| WO2023174013A1 (en) | Video memory allocation method and apparatus, and medium and electronic device | |
| CN111309304B (en) | Method, device, medium and electronic equipment for generating IDL file | |
| CN111181771B (en) | Security-changing abnormal positioning method and device based on fortress machine and electronic equipment | |
| CN112261176B (en) | Method for acquiring actual network access relationship and related equipment | |
| CN110908752A (en) | Control setting method and device, electronic equipment and interaction system | |
| CN109446081A (en) | For the test method of HTML5 webpage, system, equipment and medium | |
| CN111125759A (en) | Database login account shielding method and device and electronic equipment | |
| CN111273967A (en) | Remote hook setting method and device suitable for Android system and electronic equipment | |
| US11580210B2 (en) | Password authentication | |
| CN113391860B (en) | Service request processing method and device, electronic equipment and computer storage medium | |
| CN111935138B (en) | Protection method and device for secure login and electronic equipment | |
| CN114254347A (en) | System access method, device, electronic equipment and storage medium | |
| CN111310175A (en) | iOS application safety monitoring and protecting method and device based on plug-in | |
| CN111274551A (en) | Compiler-based java code protection method and device and electronic equipment | |
| CN111209739A (en) | Electronic form, electronic device, storage medium, and electronic form verification method | |
| CN110851185A (en) | Automatic configuration method and device for equipment, electronic equipment and storage medium | |
| CN111625326A (en) | Task pipeline execution method and device and electronic equipment | |
| CN112688863B (en) | Gateway data processing method and device and electronic equipment | |
| CN112261659B (en) | Control method and device for terminal and server, terminal and storage medium | |
| CN113641966B (en) | Application integration method, system, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |