JP3902188B2 - Database security system - Google Patents

Description

  The present invention relates to a database security system for managing file access history and managing access history of data stored in a database connected to a computer network such as a local area network.

At present, the leakage of personal information from corporate databases is a problem, but it is difficult to know specific data regarding who and what the leaked information is about.
In addition, a computer system is a basic system in which a specific authorized operator inputs, deletes, and edits company information and personal information in a database under strict access control by a predetermined operation on a dedicated screen. There are a system system and an information system in which an unspecified number of people refer to a database from a wide variety of applications under relatively loose access control.

In the above core system, the person to be operated is identified and strict access control is performed as a routine work. Therefore, when personal information is leaked, it is possible to identify the leaked person and it was leaked It is also possible to check the information.
On the other hand, the information system has an unspecified number of users, and it is used from a variety of internal and external operations, so it is difficult to strictly define access authority like a core system. .
In addition, it is technically possible to implement the function of acquiring the referenced personal information as a function of an application that accesses the database. However, the information system can search a large amount of data and perform non-standard operations. Therefore, since the application is frequently changed, it is difficult to solve by the application in terms of performance and maintainability.

In order to solve the above-mentioned problem, when creating a history of file access operations for a database, there is a method for prescribing conditions for creating a history in advance and accumulating the history satisfying the data conditional expression. Yes (see, for example, Patent Document 1).
There is also a method of recording a SQL sentence including this conditional phrase in a storage area by adding a preset conditional phrase.
Japanese Patent Laid-Open No. 06-187213

However, in the above-mentioned conventional system, the access history only indicates “who”, “when”, and “table”, and it knows which record in the table is accessed. There is a problem that can not be.
In addition, it is possible to store the SQL statement in the conventional system and detect “who” and “when” access, but considering that the data in the database is constantly changed, It is not possible to know which record in the table was accessed at the time when the record was made.

  The present invention has been made in view of such circumstances, and it is possible to easily detect “who”, “when”, and “record” of a table in a database access history. The object is to provide a database security system.

The database security system of the present invention is a database security system that audits the security of a database in which data is stored corresponding to each of a plurality of data items. The SQL statement that accesses this database is parsed and referenced. An item extraction unit that extracts a data item, a data item determination unit that determines whether or not the extracted data item is included in the audit data item to be audited, and an audit data item is included depending on the determination result The SQL statement storage unit that stores the detected SQL statement as an access history and the SQL statement stored in the SQL statement storage unit are executed, and the reference data of the execution result is stored in the reference data storage unit possess a SQL auditing execution unit, the data item determining unit becomes a preset time when the database It stops the access control to, SQL auditing execution unit and performing the execution of the stored SQL statement to the SQL sentence storage unit on the same day.

The database security system according to the present invention includes a data item setting unit in which the audit data item which is a predetermined security management target is set .

The database security method of the present invention is a database security method for auditing the security of a database in which data is stored corresponding to each of a plurality of data items. The SQL statement that accesses this database is parsed and referenced. An item extraction process for extracting a data item, a data item determination process for determining whether or not the extracted data item is included in an audit data item to be audited, and an audit data item depending on the determination result The SQL statement storage process for storing the SQL statement detected as being an access history and the SQL statement stored in the SQL statement storage unit are executed, and the reference data of the execution result is stored in the reference data storage unit possess a SQL auditing execution process, when it comes to the preset time in the data item determination process de Access control is stopped for database, characterized in that the same day the SQL sentence storage section to execute the stored SQL statement is performed in SQL auditor unit process.

Profile grams of this invention is a database security program to audit the security of the database that the data corresponding to the plurality of data items each being stored, the SQL statements that accessed the database parses, reference An item extraction process for extracting a data item, a data item determination process for determining whether or not the extracted data item is included in the audit data item to be audited, and an audit data item depending on the determination result SQL statement storage processing for storing the detected SQL statement as an access history, and the SQL statement stored in the SQL statement storage unit are executed, and the reference data of the execution result is stored in the reference data storage unit to possess a SQL auditing execution process, when it comes to the preset time in the data item determination processing database Access control for is stopped, which is the profile grams executable execution computer is SQL statements stored stored SQL statements section on the same day at SQL auditor unit process.

  As described above, according to the database security system of the present invention, the database at the time of access is used by using the actually accessed SQL statement, and the referenced data is associated with this SQL statement in the reference data storage unit. Since it is stored, it is possible to know who referred to “who”, “when”, and which “record” in the table, so it is possible to clearly identify the person whose personal information was leaked and the personal information that was actually leaked The effect that it can do is acquired.

Hereinafter, a database search system using a database security system according to an embodiment of the present invention will be described with reference to the drawings.
FIG. 1 is a block diagram showing the configuration of the embodiment.
In this figure, an information system 1 includes a terminal 2 owned by an unspecified number of users in a company, a database 3 in which data related to operations of all departments of the company are stored, and a terminal 2 in the database 3. It has an access control unit 4 that controls access from a plurality of terminals 2 to the database 3 and a database security system 5 when searching for data.

As described in the conventional example, the backbone system 6 is installed in each department and has the same configuration as the terminal 7 and the database 3 that can be operated only by an authorized operator. A database 8 in which data related to the work of the department is stored, and an access control unit 9 that detects access from an authorized operator and performs access processing of a predetermined content on the database 8; have.
The operator stores new data in the database 8 and edits and deletes stored data in a predetermined format (such as data input and selection in the input field of the display screen).

In the core system 6, for example, data processing of customer information and sales results in the sales department, processing of delivery destinations and delivery results of materials in the materials department, and data processing such as personal information of employees in the personnel department, From the input screen of the determined format, the authorized operator performs processing uniformly.
On the other hand, in the information system 1, for example, future product development using the spreadsheet software using customer information and sales results created by the sales department as back data used by the planning department for meetings, etc. When the plan is established, the personal information of the customer is retrieved from the database 3 and referred to.

The rewritten content of the database 8 is reflected in the database 3 after the operation on the database 8 is completed, that is, the synchronization process between the database 8 and the database 3 is performed.
For example, the synchronization process is performed at night when the databases 3 and 8 are not used.
For this reason, the database 3 is stored by reflecting the data contents of the database 8 of the previous day.

The database security system 5 includes an item extraction unit 10, a data item setting unit 11, a data item determination unit 12, an SQL sentence storage unit 13, an SQL audit execution unit 14, and a reference data storage unit 15.
The item extraction unit 10 parses an SQL statement that accesses the database 3 from the terminal 2 and extracts a search target data item described in the select statement.
The data item setting unit 11 stores data items that are problematic when leaked in advance as audit data items to be audited.
Here, the audit data items include personal information such as name, address, telephone number, e-mail address, gender, affiliation, favorite food, and medical history.

The data item determination unit 12 compares the data item extracted by the item extraction unit 10 with the audit data item set in the data item setting unit 11 to determine whether there is an identical item. When it is detected that the same item exists, the SQL statement in which this data item exists is stored in the SQL statement storage unit 13.
The SQL audit execution unit 14 sequentially executes the SQL statements stored in the SQL statement storage unit 13 at a predetermined time, for example, at a time before the time when the synchronization process between the database 8 and the database 3 is performed. The database 3 is accessed, and the reference data retrieved corresponding to the data item is stored in the reference data storage unit 15.

Next, the operation of the database security system according to the embodiment of the present invention will be described with reference to FIGS. FIG. 2 is a flowchart showing an operation example of the database security system.
First, the daytime process will be described with reference to the flowchart of FIG.
In step S <b> 1, in the information system 1, the user searches for customer personal information from the database 3 using application software such as spreadsheet software from any of the terminals 2.
In step S2, the item extraction unit 10 inputs an SQL statement for managing the database 3 from the access control unit 4, performs a syntax analysis, and searches for data items described in the select statement of the SQL statement. To extract.

Next, in step S <b> 3, the data item determination unit 12 compares the data item extracted by the item extraction unit 10 with the audit data item set in the data item setting unit 12.
Here, the data item setting unit 12 stores a table of data items having the configuration shown in FIG. 3, and data items in which a mark “◯” is entered in the audit flag column are audit data to be audited. A data item defined as an item and marked with an “x” mark indicates that it is not subject to auditing.
The entry of the audit flag is arbitrarily performed by controlling the data item setting unit 12 by the person in charge of performing the security audit, that is, the administrator of the database security system, in accordance with the security policy.

Next, in step S4, if any one of the extracted data items is detected and matches with the audit data item to be audited, the data item determination unit 12 advances the process to step S5, and then proceeds to step S5. The SQL statement having the data item to be searched that matches the audit data item is stored in the SQL statement storage unit 13 as it is.
On the other hand, when the data item determination unit 12 detects that none of the extracted data items matches the audit data item to be audited, the data item determination unit 12 returns to step S1 and continues the audit data item detection process from the SQL statement. To do.

Next, night processing will be described with reference to the flowchart of FIG. This process is started at a predetermined time set in advance.
In step S6, if the data item determination unit 12 determines that the access control unit 4 is an access control stop time of the information system 1 (the predetermined time set in advance), the data item determination unit 12 applies to the database 3 from the terminal 2. The database access is terminated, and the process proceeds to step S7.
Next, in step S <b> 7, the SQL audit execution unit 14 sequentially executes the SQL statements stored in the SQL statement storage unit 13 as the reference history of the database 3.

In step S8, the SQL audit execution unit 14 stores the execution result as reference data in the reference data storage unit 15 in the format shown in FIG. 4, for example, for each executed SQL statement.
Here, as the reference data, as shown in FIG. 4, for each SQL sentence, the identification number of this data, the acquisition date and time, the ID of the user who referred to the data (client ID), and the reference are performed. The terminal ID, the SQL sentence (text data) used for reference, and the data of each data item actually read by the SQL sentence are shown.

Next, in step S9, the SQL audit execution unit 14 executes all the SQL statements stored in the SQL statement storage unit 13, and when the acquisition of the reference data ends, the SQL control execution unit 14 acquires it in the access control unit 4 and the access control unit 8. Notify the end.
Thereby, the access control unit 4 and the access control unit 8 reflect (copy) the change of the database 8 in the database 3 and synchronize the stored data.

  As described above, the database security system of the present invention audits reference data on the same day as the date of reference, that is, before the data content of the database is changed, by the SQL statement actually used for reference. As the history, it is stored in the reference data storage unit 15 together with the data for identifying the referred user or terminal. Therefore, when there is a leak due to leakage of personal information, “when”, “who”, and “record (who It is possible to clearly grasp whether or not the personal information) is leaked.

In addition, the database security system of the present invention can easily change a data item that is difficult to leak as an audit data item to be set or not set by an audit flag in the SQL statement, and refers only to the audit item data. If data is stored in the data storage unit 15, the data capacity can be reduced.
The reference data is stored in the reference data storage unit 15 because it is unrealistic to store it permanently. For example, a retention period such as 6 months is set as a period during which it is determined that the data has been leaked. Provide.

  1 is recorded on a computer-readable recording medium, and the program recorded on the recording medium is read into the computer system and executed, whereby personal information is recorded. The audit process may be performed. The “computer system” here includes an OS and hardware such as peripheral devices. The “computer system” includes a WWW system provided with a homepage providing environment (or display environment). The “computer-readable recording medium” refers to a storage device such as a flexible medium, a magneto-optical disk, a portable medium such as a ROM and a CD-ROM, and a hard disk incorporated in a computer system. Further, the “computer-readable recording medium” refers to a volatile memory (RAM) in a computer system that becomes a server or a client when a program is transmitted via a network such as the Internet or a communication line such as a telephone line. In addition, those holding programs for a certain period of time are also included.

  The program may be transmitted from a computer system storing the program in a storage device or the like to another computer system via a transmission medium or by a transmission wave in the transmission medium. Here, the “transmission medium” for transmitting the program refers to a medium having a function of transmitting information, such as a network (communication network) such as the Internet or a communication line (communication line) such as a telephone line. The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, and what is called a difference file (difference program) may be sufficient.

It is a block diagram which shows the structural example of the database system using the database security system by one Embodiment of this invention. It is a flowchart which shows the operation example of the database security system of FIG. It is a table which shows the audit data item memorize | stored in the data item setting part 11 of FIG. It is a conceptual diagram which shows the format of the reference data stored in the reference data storage part 15 of FIG.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ... Information system 2, 7 ... Terminal 3, 8 ... Database 4, 9 ... Access control part 5 ... Database security system 10 ... Item extraction part 11 ... Data item setting part 12 ... Data item determination part 13 ... SQL sentence storage part 14 ... SQL audit execution unit 15 ... reference data storage unit

Claims (4)

A database security system for auditing the security of a database storing data corresponding to each of a plurality of data items,
An item extraction unit that parses the SQL statement accessing the database and extracts a data item to be referenced;
A data item determination unit for determining whether or not the extracted data item is included in the audit data item to be audited;
An SQL statement storage unit that stores, as an access history, an SQL statement that is detected as containing an audit data item based on the determination result;
Run the SQL statements stored in the SQL sentence storage section, possess a SQL auditing execution unit for storing the reference data of the execution results in the reference data storage unit,
Database security characterized in that when the data item determination unit reaches a preset time, access control to the database is stopped, and the SQL audit execution unit executes the SQL statement stored in the SQL statement storage unit on the same day. system.   The database security system according to claim 1, further comprising a data item setting unit in which the audit data item that is a predetermined security management target is set. A database security method for auditing the security of a database storing data corresponding to each of a plurality of data items,
An item extraction process for parsing the SQL statement accessing this database and extracting the referenced data item;
A data item determination process for determining whether or not the extracted data item is included in the audit data item to be audited;
An SQL statement storage process for storing, as an access history, an SQL statement that is detected as containing an audit data item according to the determination result;
Run the SQL statements stored in the SQL sentence storage section, possess a SQL auditor process of storing the reference data of the execution results in the reference data storage unit,
Access control to the database is stopped at a preset time in the data item determination process, and the SQL statement stored in the SQL statement storage unit is executed on the same day in the SQL audit execution unit process. Database security method to do. A database security program for auditing the security of a database storing data corresponding to each of a plurality of data items,
An item extraction process that parses the SQL statement accessing this database and extracts the data item to be referenced;
A data item determination process for determining whether or not the extracted data item is included in the audit data item to be audited;
An SQL statement storage process for storing, as an access history, an SQL statement that is detected to contain an audit data item based on the determination result;
Run the SQL statements stored in the SQL sentence storage section, possess a SQL auditor process of storing reference data of the execution results in the reference data storage unit,
When the time set in advance in the data item determination processing is reached, access control to the database is stopped, and the SQL audit execution unit processing executes a program that can be executed by a computer that executes the SQL statement stored in the SQL statement storage unit on the same day. Russia grams.

Images