作　　者： ; ;

机构地区： 西安电子科技大学计算机学院

出　　处： 《西安电子科技大学学报》 2003年第1期85-89,共5页

摘　　要： 提出了一种容忍入侵的数据库安全体系结构.这种体系结构是建立在三层安全模型,即"外层防御+中间层入侵检测+内层容忍入侵"的基础上,将冗余和多样性技术相结合,采用门限秘密共享方案,实现数据库系统的可生存性及关键数据的机密性.与其他容忍入侵的数据库系统相比,文中提出的数据库安全体系结构,采用系统整体安全策略,综合多种安全措施,实现了系统关键功能的安全性和健壮性. This paper proposes an architecture for database system security based on intrusiontolerant mechanisms. The architecture is built on three layers security model, which is to defense intrusion in the outer layer, to detect intrusion in the middle layer, and to tolerate intrusion in the inner layer. We utilize the techniques of both redundancy and diversity and threshold secret share schemes to implement the survivability of databases and to protect confidential data from compromised servers in the presence of intrusions. Compared with the existing schemes, our approach has realized the security and robustness for the key functions of a database system by using the integration security strategy and multiple secuirty measures.

关 键 词： 数据库 安全体系结构 容忍入侵 入侵检测

领　　域： [自动化与计算机技术] [自动化与计算机技术]