The Research And Realization Of Database Security Based On Security Socket Layer

The communication in Internet is an important method of getting information. So, the Network security is an important part in the field of information system security. Along with the rapid development of computer and network technology, the problem of information system security is increasing seriously, and a rounded net information security system is absolutely necessarily in the information system. Database is a set of information, and its' security plays a crucial role on the information system security.In order to realize the data's security, the database must have the function of user access control and data security transmission in net. The SSL can satisfy the requirements. SSL is a protocol that supports authentication and data encryption. It is realized that the certificate-based authentication method can solve the problems existing in client/password-based authentication method mentioned above. For the more, if we use certificates combined with ACL, we can well control database clients with different access authorities. For the need, the client can also require certificates of database. The SSL also can build up a cipher text communication pipe for data transferring between clients and servers of database systems to preserve data confidentiality and integrity and prevent hidden trouble during the process of data transmission in the net.In this paper, we discuss the SSL. After this work, we recommend that the SSL-based certificate authentication can be used as client access control method in database systems, and we can also use SSL to set up a safe secret communication channel to band SSL and database together. Based on above specification, we developed and realized a simple database agency system.Testing has proved that the tentative idea of using SSL in database systems is available. From this we can see that database security proxy can attain the function of accessing database and transferring data safely. This system also provides a generic design pattern for the remote applications which need linking security. With little transplanting and modification, it could be used into new application.