Research And Application Of Hardening Techniques On Health Care Database Security

As the foundation and core of the enterprise information system, database stores important information of enterprise, so the importance of protecting the database is paid more and more attention by people. The Hygeia medical insurance MIS store a lot of enterprises and individual’s sensitive and confidential data. In a city, the system has been put into use. During that time data has been changed for several times. This paper deeply investigated the problem of the database security.Based on analysis of overall structure of Hygeia MIS, the paper analysis its database architecture and simple database security precaution and points out that these methods can not guarantee data security. Hygeia use Oracle. Under the premise of not modifying the source code of the existing system, security technology of Oracle is discussed in detail.the paper presents a set of effective database security reinforcement technology.Hygeia is reinforced by four kinds of technologies. First, set up a secure account: With principle of least privilege, password security management is implemented and setting up a secure user account and limits user on the use of system resources. Second, set up a secure listener:Set password in Oracle network connection utility lsnrctl, implement secure network access control, limit the client to connect to the database server and limit other characteristics of the listener. Third, use the fine-grained audit: An effective audit strategy is designed for the important and sensitive tables in the system, audit results are stored in an xml file and database which can record data changes in row level and track the database operation process, therefore detect access to the database and the possible external invasions to the database effectively. And the paper designs an automated process, when a database access action in violation of the safety audit strategy, the system automatically send a warning message to the administrator’s mailbox in order to alert the administrator timely detect the detailed system security log. Fourth, using VPD restrict data access:with Oracle VPD technology, fine-grained access control and security application context combine to ensure that all company can only access data of their own.Four kinds of database security reinforcement technologies, which are put forward in this paper, have been successful implemented in Hygeia MIS and better results have been obtained.