[database] must know and be able at the end of the term ----- Chapter VIII database security

Chapter viii. database security

1、 The difference between security and integrity

integrity ：

1） Prevent the existence of non semantic data in the database

2） Object of prevention ： Illogical 、 Incorrect data

Security ：

1） Protect the database , Prevent malicious damage and illegal access

2） Object of prevention ： Illegal users and illegal operations

2、 Common methods of database security control （ What are the methods , The meaning of each method ）

1） User identification and authentication ： The system checks the user's name or identity

2） Access control ： Authorize users , Only users with legal permissions can access the database

3） View mechanism ： Define views for different users , Hide the data to be confidential from users without access rights

4） Audit ： Establish audit log , Record all operations , In the event of an accident , We can find out the person, time and content of illegally accessing data

5） Data encryption ： Encrypt the stored and transmitted data

3、 Access control policy （ understand ）

Two content ：

1） Define user rights ： Register user rights in the data dictionary

2） Legal authority check ： The user sends a request to access the database ,DBMS By looking up the data dictionary , Check legal authority

There are two main strategies ：

1） Autonomous access control

2） Forced access control

4、MySQL The basic statement authorized in （ Appears in the selection 、 Judge 、 Fill in the blanks ）

// Grant authority 
GRANT EXECUTE ON PROCEDURE studentsdb.cn_proc TO [email protected];

// Recycling permissions 
REVOKE CREATE,SELECT,INSERT,DROP ON studentsdb.* FROM [email protected];