CN117093583A - IAST technology-based method for checking behavior compliance of application program operation database - Google Patents
IAST technology-based method for checking behavior compliance of application program operation database Download PDFInfo
- Publication number
- CN117093583A CN117093583A CN202311044457.8A CN202311044457A CN117093583A CN 117093583 A CN117093583 A CN 117093583A CN 202311044457 A CN202311044457 A CN 202311044457A CN 117093583 A CN117093583 A CN 117093583A
- Authority
- CN
- China
- Prior art keywords
- database
- application program
- database table
- user
- name information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 239000000523 sample Substances 0.000 claims abstract description 51
- 238000009940 knitting Methods 0.000 claims abstract description 3
- 230000006399 behavior Effects 0.000 claims description 63
- 230000005856 abnormality Effects 0.000 claims description 3
- 230000004044 response Effects 0.000 claims description 3
- 238000000605 extraction Methods 0.000 claims description 2
- 238000009941 weaving Methods 0.000 claims description 2
- 238000012550 audit Methods 0.000 description 14
- 238000004590 computer program Methods 0.000 description 5
- 230000009286 beneficial effect Effects 0.000 description 3
- 238000001514 detection method Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 235000019800 disodium phosphate Nutrition 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
- G06F16/2282—Tablespace storage structures; Management thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/28—Databases characterised by their database models, e.g. relational or object models
- G06F16/284—Relational databases
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computational Linguistics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The application discloses a method for checking the behavior compliance of an application program operation database based on IAST technology, which comprises the following steps: creating a database table authority definition module, wherein the database table authority definition module defines authority relation of a database, a database table, an application program and a user; knitting probes into the application; acquiring user name information of a successful current login request and name information of an application program in real time; determining whether the user name information and the name information of the application program exist in a database table authority definition module; if the database name information exists, acquiring database name information and database table name information when an application program accesses a database; determining whether the database name information and the database table name information exist in a database table authority definition module; if so, determining whether the corresponding database, database table, application program and user authority relation exist in the database table authority definition module based on the data information acquired from the current database operation behavior so as to confirm whether the current database operation behavior is compliant.
Description
Technical Field
The application relates to the technical field of behavior compliance checking of an application program operation database, in particular to a method and a device for checking behavior compliance of the application program operation database based on an IAST technology.
Background
The database and the application are two independent services, and when the authority verification and the check are performed, the authority of the two services is generally checked independently. The same kind of technology is mainly used for carrying out authority verification based on code audit, log audit and the like. The code audit has the problems of high labor cost, insufficient audit range, easy omission and incapability of well associating and auditing the application program and the database.
Disclosure of Invention
The present application is directed to a method, an apparatus, an electronic device, and a computer readable storage medium for checking compliance of behavior of an application program operating database based on an IAST technique, which can solve at least one technical problem existing in the background art.
To achieve the above object, the present application provides a method for checking compliance of behavior of an application program operation database based on an IAST technique, including:
creating a database table authority definition module, wherein the database table authority definition module defines authority relationships of a database, a database table, an application program and a user;
knitting the probe into the application program by using a pile inserting tool;
acquiring user name information and name information of an application program of a current login request in real time based on the probe;
determining whether the currently acquired user name information and application name information exist in the database table authority definition module;
if the database name information exists, acquiring execution SQL information of the application program when accessing the database based on the probe in real time, and extracting database name information and database table name information from the execution SQL information;
determining whether the currently extracted database name information and database table name information exist in the database table authority definition module;
if so, determining whether the authority relation of the corresponding database, the database table, the application program and the user exists in the database table authority definition module based on the data information acquired from the current database operation behavior so as to confirm whether the current database operation behavior is compliant.
Optionally, the creating database table authority defining module includes:
creating a database and a database table sub-module, wherein the database and the database table sub-module record the association relation between the database and the database table;
creating a role module, wherein the role module records information of each role;
creating application programs and user sub-modules, wherein each application program and each user corresponding to each application program are recorded in the application programs and the user sub-modules;
creating a database, a database table and an application program and user authority association sub-module, wherein the database, the database table and the application program and user authority association sub-module associates all data information in the database and database table sub-module, the role module and the application program and user sub-module to form an authority relation of the database, the database table, the application program and the user.
Optionally, the acquiring, based on the probe, the user name information of the success of the current login request in real time includes:
acquiring user name information of a user when logging in on the basis of the probe in real time;
acquiring Set-Cookie information or token value information in a response head logged by a user in real time based on the probe;
and determining the user name information when the user logs in as the user name information of successful login request according to the Set-Cookie information or the token value information.
Optionally, the acquiring, based on the probe, the name information of the application program for which the current login request is successful in real time includes:
acquiring command line parameters or context path information of an application program when the application program is started in real time based on the probe;
and extracting the name information of the application program from the command line parameters or the context path information.
Optionally, if the authority relationship of the corresponding database, database table, application program and user does not exist in the database table authority definition module, log the current database operation behavior and report the current database operation behavior to the database table authority definition module.
Optionally, the logging the current database operation behavior includes:
logging is performed on the requesting user, the request execution stack and the execution SQL information.
Optionally, if the authority relation of the corresponding database, database table, application program and user does not exist in the database table authority definition module, an abnormality is thrown out, and the current database operation behavior is interrupted.
To achieve the above object, the present application further provides an apparatus for checking compliance of behavior of an application program operation database based on an IAST technique, including:
the system comprises a creation module, a database table authority definition module and a user management module, wherein the creation module is used for creating a database table authority definition module, and the database table authority definition module defines authority relations of a database, a database table, an application program and a user;
the weaving-in module is used for weaving the probe into the application program by using the pile inserting tool;
the acquisition module is used for acquiring user name information and name information of an application program of a current login request in real time based on the probe;
the first determining module is used for determining whether the currently acquired user name information and the name information of the application program exist in the database table authority defining module;
the extraction module is used for acquiring the execution SQL information of the application program when accessing the database in real time based on the probe and extracting database name information and database table name information from the execution SQL information if the application program exists;
the second determining module is used for determining whether the database name information and the database table name information which are currently extracted exist in the database table authority defining module;
and the third determining module is used for determining whether the authority relation of the corresponding database, the database table, the application program and the user exists in the database table authority defining module or not based on the data information acquired from the current database operation behavior if the authority relation exists, so as to confirm whether the current database operation behavior is compliant or not.
To achieve the above object, the present application also provides an electronic device, including:
a processor;
a memory having stored therein executable instructions of the processor;
wherein the processor is configured to perform a method of checking application operation database compliance based on IAST techniques as described above via execution of the executable instructions.
To achieve the above object, the present application also provides a computer-readable storage medium having stored thereon a program which, when executed by a processor, implements a method of checking compliance of application operations database behavior based on the IAST technique as described above.
The present application also provides a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the electronic device reads the computer instructions from the computer readable storage medium and executes the computer instructions to cause the electronic device to perform a method of checking the compliance of the behavior of an application operating database based on the IAST technique as described above.
The application only needs to define the authority relation of the database, the database table, the application program and the user in advance and utilize the instrumentation tool to knit the probe into the application program, then when the user logs in the application program to operate the database table, the application can acquire the user name information of the current login request and the name information of the corresponding application program based on the probe, when the user name information and the name information of the application program exist in the database table authority definition module, the application can acquire the database name information and the database table name information based on the probe, and if the database name information and the database table name information also exist in the database table authority definition module, the application can determine whether the authority relation of the corresponding database, the database table, the application program and the user exists in the database table authority definition module based on the data information acquired from the current database operation behavior, so as to confirm whether the current database operation behavior is compliant. In the application, the user does not need to care codes and related log information, which is beneficial to reducing the cost, and the technical problems of insufficient audit range and easy omission caused by log audit are avoided, and the application program and the database can be subjected to associated audit to determine the compliance of the database operation behavior of the application program. In addition, the application carries out real-time operation compliance detection based on the information acquired by the probe, thereby being convenient for timely taking countermeasures.
Drawings
FIG. 1 is a flow chart of a method of checking application operating database compliance based on IAST techniques in accordance with an embodiment of the present application.
FIG. 2 is a schematic block diagram of an apparatus for checking application operating database compliance based on IAST technology in accordance with an embodiment of the present application.
FIG. 3 is an exemplary block diagram of an electronic device in accordance with an embodiment of the application.
Detailed Description
In order to describe the technical content, the constructional features, the achieved objects and effects of the present application in detail, the following description is made with reference to the embodiments in conjunction with the accompanying drawings.
Example 1
Referring to fig. 1, the application discloses a method for checking the behavior compliance of an application program operation database based on an IAST technology, which comprises the following steps:
101. and creating a database table authority definition module, wherein the database table authority definition module defines authority relation of a database, a database table, an application program and a user.
The database table authority definition module defines the authority relation of a database, a database table, an application program and a user as follows: a database and associated database table are defined that are authorized to be accessed when a user logs into an application. For example: when the user X1 logs in the application A1, the user X1 has the database tables T1, T2, and T3 associated with the authority operation database B1, and when the user X2 logs in the application A1, the user X2 has only the database table T3 associated with the authority operation database B1.
In the application, the authority relationship of a database, a database table, an application program and a user is established based on database name information, database table name information, name information of the application program and user name information.
Specifically, the database table authority definition module is created, which comprises:
the database and database table sub-module is established, and the association relation between the database and the database table is recorded in the database and database table sub-module, and can be automatically pulled by manually inputting the association relation between the database and the database table or by inputting the access address, the user name password and other information of the database.
A character module is created, and the character module records information of each character, such as an administrator or a common user.
And creating application programs and user sub-modules, wherein each application program and each user corresponding to each application program are recorded in the application programs and the user sub-modules. It will be appreciated that when there is only one application, the settings may be made only for the user, and the user to whom the application corresponds is also considered to be recorded. When there are a plurality of applications, the applications may be set first and then the corresponding users may be set for each application.
Creating a database, a database table and an application program and user authority association sub-module, and associating all data information in the database and database table sub-module, the role module and the application program and user sub-module by the database, the database table and the application program and user authority association sub-module to form the authority relation of the database, the database table, the application program and the user. For example, the rights relation formed represents: the user X1 has authority to operate the database tables T1, T2, and T3 associated with the database B1 when logging in the application A1 in the role of an administrator, and all users of the same role (such as a general user) have authority to operate the database table T1 associated with the database B1 when logging in the application A1.
102. The instrumentation tool is utilized to knit the probes into the application.
The probe is able to acquire the context of each requested execution process of the application. Upon detecting a request by an application, the probe begins tracking the data stream. How to use the instrumentation tool to stitch probes into an application and how probes track each request of an application to perform a process and acquire its context are known to those skilled in the art and are not described in detail herein.
103. And acquiring user name information and name information of the application program of the current login request in real time based on the probe.
Specifically, acquiring user name information of successful current login request in real time based on the probe comprises the following steps:
acquiring user name information of a user during login in real time based on a probe;
acquiring Set-Cookie information or token value information in a response head logged by a user in real time based on a probe;
and determining the user name information when the user logs in as the user name information of successful login request according to the Set-Cookie information or the token value information.
Specifically, acquiring name information of an application program with a successful current login request in real time based on a probe comprises:
acquiring command line parameters or context path information of an application program when the application program is started on the basis of a probe in real time;
and extracting the name information of the application program from the command line parameters or context path information.
Thus, when the user name information of the login request is acquired, the name information of the corresponding application program can be acquired.
104. And determining whether the currently acquired user name information and the name information of the application program exist in the database table authority definition module. If so, step 105 is entered. If not, the current user behavior can be directly interrupted.
105. And acquiring the execution SQL information when the current application program operates the database based on the probe in real time, and extracting database name information and database table name information from the execution SQL information.
106. It is determined whether the currently extracted database name information and database table name information exist in the database table authority definition module, and if so, step 107 is entered. Absence means that there is an access error condition.
107. And determining whether the authority relation of the corresponding database, the database table, the application program and the user exists in the database table authority definition module based on the data information acquired from the current database operation behavior so as to confirm whether the current database operation behavior is compliant. That is, after determining that the user name information, the name information of the application program, the database name information and the database table name extracted from the current database operation behavior exist in the database table authority definition module, determining whether authority relationships of several users exist in the database table authority definition module. For example, assuming that the current database operation behavior is the user X1 logging application A1 operating database B1 associated database table T1, then there needs to be a permission relationship in the database table permission definition module that embodies such operation behavior, i.e., there is a permission relationship for user X1, application A1, database B1, and database table T1. It may be understood that the database operation behavior refers to an operation behavior that a user logs in to request to successfully operate a database table, and the behavior of logging in to operate one database table once may be regarded as one database operation behavior, and correspondingly, the behavior of logging in to operate N databases once may be regarded as N times of database operation behaviors, which is not limited.
The existence of the corresponding database, database table, application program and user authority relationship means that the operation behavior of the current database is compliant, otherwise, the operation behavior of the current database is not compliant.
Specifically, if the authority relationship (non-compliance) of the corresponding database, database table, application program and user does not exist in the database table authority definition module, the current database operation behavior is logged and reported to the database table authority definition module, and further the log record can be used for further audit.
Further, logging the current database operation behavior, including:
logging is performed on the requesting user, the requesting execution stack (based on the context acquired by the probe), and the execution SQL information.
Specifically, if the authority relation of the corresponding database, database table, application program and user does not exist in the database table authority definition module, an abnormality is thrown out, and the current database operation behavior is interrupted. Therefore, the non-compliance operation of the user is interrupted, and the safety is ensured.
It should be noted that, the execution sequence of step 102 and step 101 is not limited, and the flowchart of fig. 1 is merely a specific example.
The application only needs to define the authority relation of the database, the database table, the application program and the user in advance and utilize the instrumentation tool to knit the probe into the application program, then when the user logs in the application program to operate the database table, the application can acquire the user name information of the current login request and the name information of the corresponding application program based on the probe, when the user name information and the name information of the application program exist in the database table authority definition module, the application can acquire the database name information and the database table name information based on the probe, and if the database name information and the database table name information also exist in the database table authority definition module, the application can determine whether the authority relation of the corresponding database, the database table, the application program and the user exists in the database table authority definition module based on the data information acquired from the current database operation behavior, so as to confirm whether the current database operation behavior is in compliance. In the application, the user does not need to care codes and related log information, which is beneficial to reducing the cost, and the technical problems of insufficient audit range and easy omission caused by log audit are avoided, and the application program and the database can be subjected to associated audit to determine the compliance of the database operation behavior of the application program. In addition, the application carries out real-time operation compliance detection based on the information acquired by the probe, thereby being convenient for timely taking countermeasures.
Example two
Referring to fig. 2, the application discloses a device for checking the compliance of the behavior of an application program operation database based on an IAST technology, which comprises:
the creation module 201 is configured to create a database table authority definition module, where the database table authority definition module defines authority relationships of a database, a database table, an application program and a user;
an instrumentation module 202 for instrumentation of the probe into the application using the instrumentation tool;
the acquiring module 203 is configured to acquire, in real time, user name information and name information of an application program that a current login request succeeds based on a probe;
a first determining module 204, configured to determine whether currently acquired user name information and name information of an application program exist in the database table authority defining module;
the extracting module 205 is configured to obtain, in real time, execution SQL information when the application accesses the database based on the probe, and extract database name information and database table name information from the execution SQL information, if any;
a second determining module 206, configured to determine whether the database name information and the database table name information currently extracted exist in the database table authority defining module;
and a third determining module 207, configured to determine whether the authority relationship of the corresponding database, database table, application program and user exists in the database table authority defining module based on the data information obtained from the current database operation behavior, if so, so as to confirm whether the current database operation behavior is compliant.
The application only needs to define the authority relation of the database, the database table, the application program and the user in advance and utilize the instrumentation tool to knit the probe into the application program, then when the user logs in the application program to operate the database table, the application can acquire the user name information of the current login request and the name information of the corresponding application program based on the probe, when the user name information and the name information of the application program exist in the database table authority definition module, the application can acquire the database name information and the database table name information based on the probe, and if the database name information and the database table name information also exist in the database table authority definition module, the application can determine whether the authority relation of the corresponding database, the database table, the application program and the user exists in the database table authority definition module based on the data information acquired from the current database operation behavior, so as to confirm whether the current database operation behavior is in compliance. In the application, the user does not need to care codes and related log information, which is beneficial to reducing the cost, and the technical problems of insufficient audit range and easy omission caused by log audit are avoided, and the application program and the database can be subjected to associated audit to determine the compliance of the database operation behavior of the application program. In addition, the application carries out real-time operation compliance detection based on the information acquired by the probe, thereby being convenient for timely taking countermeasures.
Example III
Referring to fig. 3, the application discloses an electronic device, which includes:
a processor 30;
a memory 40 having stored therein executable instructions of the processor 30;
wherein the processor 30 is configured to execute the method of checking application operation database compliance based on the IAST technique as described in embodiment one via execution of the executable instructions.
Example IV
The application discloses a computer readable storage medium, wherein a program is stored, and the program is executed by a processor to realize the method for checking the behavior compliance of an application program operation database based on IAST technology according to the first embodiment.
Example five
Embodiments of the present application disclose a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the electronic device reads the computer instructions from the computer readable storage medium and executes the computer instructions to cause the electronic device to perform the above-described method of checking compliance of application program operations database behavior based on the IAST technique.
It should be appreciated that in embodiments of the present application, the processor may be a central processing module (CentralProcessing Unit, CPU), which may also be other general purpose processors, digital signal processors (DigitalSignal Processor, DSPs), application specific integrated circuits (Application SpecificIntegrated Circuit, ASICs), off-the-shelf programmable gate arrays (Field-Programmable Gate Array, FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
Those skilled in the art will appreciate that the processes implementing all or part of the methods of the above embodiments may be implemented by hardware associated with computer program instructions, and the program may be stored in a computer readable storage medium, where the program when executed may include processes of embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-only memory (ROM), a Random access memory (Random AccessMemory, RAM), or the like.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and for parts of one embodiment that are not described in detail, reference may be made to the related descriptions of other embodiments.
The foregoing disclosure is only illustrative of the preferred embodiments of the present application and is not to be construed as limiting the scope of the application, which is defined by the appended claims.
Claims (10)
1. A method for checking compliance with application program operations database behavior based on IAST technology, comprising:
creating a database table authority definition module, wherein the database table authority definition module defines authority relationships of a database, a database table, an application program and a user;
knitting the probe into the application program by using a pile inserting tool;
acquiring user name information and name information of an application program of a current login request in real time based on the probe;
determining whether the currently acquired user name information and application name information exist in the database table authority definition module;
if the database name information exists, acquiring execution SQL information of the application program when accessing the database based on the probe in real time, and extracting database name information and database table name information from the execution SQL information;
determining whether the currently extracted database name information and database table name information exist in the database table authority definition module;
if so, determining whether the authority relation of the corresponding database, the database table, the application program and the user exists in the database table authority definition module based on the data information acquired from the current database operation behavior so as to confirm whether the current database operation behavior is compliant.
2. The method for checking application operating database behavior compliance based on IAST technology of claim 1, wherein,
the database table permission creating module comprises:
creating a database and a database table sub-module, wherein the database and the database table sub-module record the association relation between the database and the database table;
creating a role module, wherein the role module records information of each role;
creating application programs and user sub-modules, wherein each application program and each user corresponding to each application program are recorded in the application programs and the user sub-modules;
creating a database, a database table and an application program and user permission association sub-module, wherein the database, the database table and the application program and user permission association sub-module associates the database and the database table sub-module, the role module and the data information in the application program and user sub-module to form a database, a database table, an application program and user permission relationship.
3. The method for checking application operating database behavior compliance based on IAST technology of claim 1, wherein,
the method for acquiring the user name information of successful current login request based on the probe in real time comprises the following steps:
acquiring user name information of a user when logging in on the basis of the probe in real time;
acquiring Set-Cookie information or token value information in a response head logged by a user in real time based on the probe;
and determining the user name information when the user logs in as the user name information of successful login request according to the Set-Cookie information or the token value information.
4. The method for checking compliance of application program operation database behavior based on IAST technique according to claim 1, wherein the acquiring of the name information of the application program for which the current login request is successful based on the probe in real time includes:
acquiring command line parameters or context path information of an application program when the application program is started in real time based on the probe;
and extracting the name information of the application program from the command line parameters or the context path information.
5. The method for checking application operating database behavior compliance based on IAST technology of claim 1, wherein,
and if the authority relation of the corresponding database, database table, application program and user does not exist in the database table authority definition module, carrying out log record on the operation behavior of the current database and reporting the operation behavior to the database table authority definition module.
6. The method for checking application operating database for compliance based on IAST techniques of claim 5, wherein,
the logging of the current database operation behavior comprises:
logging is performed on the requesting user, the request execution stack and the execution SQL information.
7. The method for checking application operating database behavior compliance based on IAST technology of claim 1, wherein,
and if the authority relation of the corresponding database, database table, application program and user does not exist in the database table authority definition module, throwing out an abnormality to interrupt the current database operation behavior.
8. An apparatus for checking compliance with application program operations database behavior based on IAST technology, comprising:
the system comprises a creation module, a database table authority definition module and a user management module, wherein the creation module is used for creating a database table authority definition module, and the database table authority definition module defines authority relations of a database, a database table, an application program and a user;
the weaving-in module is used for weaving the probe into the application program by using the pile inserting tool;
the acquisition module is used for acquiring user name information and name information of an application program of a current login request in real time based on the probe;
the first determining module is used for determining whether the currently acquired user name information and the name information of the application program exist in the database table authority defining module;
the extraction module is used for acquiring the execution SQL information of the application program when accessing the database in real time based on the probe and extracting database name information and database table name information from the execution SQL information if the application program exists;
the second determining module is used for determining whether the database name information and the database table name information which are currently extracted exist in the database table authority defining module;
and the third determining module is used for determining whether the authority relation of the corresponding database, the database table, the application program and the user exists in the database table authority defining module or not based on the data information acquired from the current database operation behavior if the authority relation exists, so as to confirm whether the current database operation behavior is compliant or not.
9. An electronic device, comprising:
a processor;
a memory having stored therein executable instructions of the processor;
wherein the processor is configured to perform the method of checking application operation database compliance based on the IAST technique of any of claims 1 to 7 via execution of the executable instructions.
10. A computer readable storage medium having stored thereon a program, wherein the program when executed by a processor implements a method of checking application operating database compliance based on the IAST technique as claimed in any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311044457.8A CN117093583A (en) | 2023-08-17 | 2023-08-17 | IAST technology-based method for checking behavior compliance of application program operation database |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311044457.8A CN117093583A (en) | 2023-08-17 | 2023-08-17 | IAST technology-based method for checking behavior compliance of application program operation database |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117093583A true CN117093583A (en) | 2023-11-21 |
Family
ID=88772697
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311044457.8A Pending CN117093583A (en) | 2023-08-17 | 2023-08-17 | IAST technology-based method for checking behavior compliance of application program operation database |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117093583A (en) |
-
2023
- 2023-08-17 CN CN202311044457.8A patent/CN117093583A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108377241B (en) | Monitoring method, device and equipment based on access frequency and computer storage medium | |
| WO2022143145A1 (en) | Over-permission loophole detection method and apparatus | |
| CN116842531B (en) | Code vaccine-based vulnerability real-time verification method, device, equipment and medium | |
| US11363054B2 (en) | Apparatus and method for analyzing security vulnerabilities | |
| US20170220805A1 (en) | Determine secure activity of application under test | |
| CN109902493B (en) | Script issuing method and server | |
| CN109815697B (en) | Method and device for processing false alarm behavior | |
| CN113342689A (en) | Automatic testing method and device for interface, electronic equipment and storage medium | |
| CN112035354A (en) | Method, device and equipment for positioning risk code and storage medium | |
| CN105740135B (en) | A kind of code audit method and apparatus | |
| CN110806980A (en) | Detection method, device, equipment and storage medium | |
| Antunes et al. | Evaluating and improving penetration testing in web services | |
| CN110309064B (en) | Unit test method, device, equipment and storage medium based on log record | |
| CN117093583A (en) | IAST technology-based method for checking behavior compliance of application program operation database | |
| Zhang et al. | Research on SQL injection vulnerabilities and its detection methods | |
| CN117093584A (en) | IAST technology-based method for checking compliance of behavior of application program accessing database | |
| JP2000222228A (en) | Deadlock preventing method by verification of resource occupation order | |
| CN115774581A (en) | Method and related apparatus for executing robot feet | |
| CN111786991B (en) | Block chain-based platform authentication login method and related device | |
| CN114443086A (en) | System software package base maintenance method and system | |
| CN113949578A (en) | Automatic detection method and device for unauthorized vulnerability based on flow and computer equipment | |
| CN111934949A (en) | Safety test system based on database injection test | |
| CN112860637A (en) | Method and system for processing log based on audit strategy | |
| CN111832030A (en) | Data security audit device and method based on domestic password data identification | |
| CN110807885A (en) | Alarm method and alarm device based on WeChat |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |