“為什么要確保數(shù)據(jù)庫服務(wù)安全呢？任何人都不能訪問-這是一個(gè)非軍事區(qū)的保護(hù)防火墻”，當(dāng)我們被建議使用一個(gè)帶有安全檢查機(jī)制的裝置時(shí)，這是通常的反應(yīng)。事實(shí)上，在防護(hù)一個(gè)組織的信息方面，數(shù)據(jù)庫的安全是至高無上的，因?yàn)樗赡軙?huì)間接接觸比我們意識(shí)到的更廣泛的用戶。
這是兩篇研究數(shù)據(jù)庫安全文章中的第一篇。在這篇文章中我們將討論一般數(shù)據(jù)庫安全概念和和比較普遍的問題。在下篇文章，我們將把焦點(diǎn)放在特定的Microsoft SQL和Oracle的安全關(guān)注上。
近來數(shù)據(jù)庫安全已成為一個(gè)熱門話題。隨著越來越多的人關(guān)注計(jì)算機(jī)安全，我們發(fā)現(xiàn)，防火墻和網(wǎng)絡(luò)服務(wù)器比以前都更加安全化了（雖然這并不等于說現(xiàn)在不再有許多不安全的網(wǎng)絡(luò)存在）。因此，重點(diǎn)是加大對(duì)技術(shù)的考慮力度，譬如以更細(xì)膩的審查態(tài)度對(duì)待數(shù)據(jù)庫。
“Why do I need to secure my database server? No one can access it — it’s in a DMZ protected by the firewall!” This is often the response when it is recommended that such devices are included within a security health check. In fact, database security is paramount in defending an organizations information, as it may be indirectly exposed to a wider audience than realized.
This is the first of two articles that will examine database security. In this article we will discuss general database security concepts and common problems. In the next article we will focus on specific Microsoft SQL and Oracle security concerns.
Database security has become a hot topic in recent times. With more and more people becoming increasingly concerned with computer security, we are finding that firewalls and Web servers are being secured more than ever(though this does not mean that there are not still a large number of insecure networks out there). As such, the focus is expanding to