Research Of Database System Security Access Control Mechanism In Web Circumstance

With the development and popularization of information technology such as computer and networks, the security of computer information becomes the key factor in the computer system. Database is the media of information, and the security mechanism of database becomes a very important aspect in the domain of information security research. At present, traditional security mechanism has some deficiencies which result in many leaks of database security in Web circumstance, so it is necessary to research and improve on the security mechanism of database.This paper researches and analyzes correlative technology and criterion of database security, and contrasts the virtues and deficiencies of security control technology. Access control, one of the security control technologies, has developed from DAC and MAC to RBAC. This paper researches, describes and analyzes the RBAC96 model which is the most representative model of RBAC, and presents an improved model according to the practice. The rule of MAC is changed, the role-based MAC is designed, and the audit function of database system is introduced into this improved model. Rational Rose is utilized to modeling the improved RBAC UML model including static and dynamic model. This paper detailed analyzes the representative scenes of assigning role to user and grant authorization to role, and researches the implement of UML classes diagram in database system. According to the method of database security audit, a scheme of database security audit is designed combating with SQL Server database, including creating trace, collecting data, analysis algorithm of data audit, and management implement of rule warehouse. Legal and illegal operations are committed to shared experiment database, and the results show that no matter legal or illegal operation, audit records are detailed recorded in audit system. The database system can be recovered in time according to the audit records.The improvement of the access control model about database system and the design of security audit system reinforce the security and secrecy of the database system in Web circumstance. Regardless of the theory in the field of the security mechanism of database system or the design and implement scheme of database system security, this paper has a reference value.