Based On Intrusion Tolerance Technology Enterprise Database Security System

With the rapid development of network and information technology, the computer has almost been deeply applied to every industry; the day-to-day operations and decision making of organizations or enterprises are increasingly relied on the database management technology; so the security of data becomes crucial. Damage and misuse of data affect not only a single user or application, but may have disastrous consequences on the entire organization or enterprise. The traditional research of the database security concentrates on the multi-layer safety database, access controlling, database encoding, and channel control and so on. The measures aim to defend attacks or intrusion; however, sometimes preventive measures fail to prevent malicious attacks. So we must have new technology to ensure the security of database, the livable technology of database is just what we need and it is also the new research direction of database security. The core of the livable technology is Intrusion Tolerance.This paper analyzes the database security monitoring system based on intrusion detection and intrusion tolerance technique. When the malicious transaction is defined, the IDS will immediately notify the system stop carrying on this transaction; if the intrusion behavior is not defined, the IDS can detect it and obstruct its further breakage of the database system and then control and repair all the objects that are likely to be damaged in order to avoid spread of destruction.IDS will also send a signal to the affairs analyzing machine to add the characteristics of the malicious transaction to the characteristic database. In this way, the IDS can be continuously perfected. So the confidentiality, integrity and usability of the database system are improved.Besides, this paper proposes an intrusion tolerant database security model based on trapping mechanism that is used in the network security. It adopts the trigger of intrusion detective system and intrusion deception mechanism to fool and hold off attackers, enhance the security of database system.