摘要
提出了一种容忍入侵的数据库安全体系结构.这种体系结构是建立在三层安全模型,即"外层防御+中间层入侵检测+内层容忍入侵"的基础上,将冗余和多样性技术相结合,采用门限秘密共享方案,实现数据库系统的可生存性及关键数据的机密性.与其他容忍入侵的数据库系统相比,文中提出的数据库安全体系结构,采用系统整体安全策略,综合多种安全措施,实现了系统关键功能的安全性和健壮性.
This paper proposes an architecture for database system security based on intrusiontolerant mechanisms. The architecture is built on three layers security model, which is to defense intrusion in the outer layer, to detect intrusion in the middle layer, and to tolerate intrusion in the inner layer. We utilize the techniques of both redundancy and diversity and threshold secret share schemes to implement the survivability of databases and to protect confidential data from compromised servers in the presence of intrusions. Compared with the existing schemes, our approach has realized the security and robustness for the key functions of a database system by using the integration security strategy and multiple secuirty measures.
出处
《西安电子科技大学学报》
EI
CAS
CSCD
北大核心
2003年第1期85-89,共5页
Journal of Xidian University
基金
中国科学院研究生院信息安全国家重点室开放课题资助
