Research On Database Security Enhanced Technology Based On Campus Card System

The security problems of database taking place continuously, such as dataleakage, data corrupted, data altered, etc, bring great harm to computer integratedsystem. The database security enhancement technology, which can greatly improve thedatabase security, while the efficiency of the system will not be obviously influenced, isthe focus of database security technology researching. In order to solve the problem ofinsufficient security, such as SQL fraud, abuse of authority, a database securityenhancement program is developed in this paper.A lexical and grammatical analysis method has been designed and the safety rulesof grammar have been formulated for the SQL statement, which based on LEX (lexicalanalysis tools to generate) and YACC (parser generator tool). A method of generatingsafety rule library has been designed by the way of generating rule trees. Moreover, anoptimization method for Safety rule library has been designed. The behaviors of theaccess request are analyzed by comparing with the safety rules, while the resolveprocess of the SQL statement is described.According to the classic BLP security model and UCON security model, anUCON-DBLP security model is designed, which based on the database access featuresof campus smart card system. Meanwhile, the access control rules, access control matrix,the security attributes and conditions value object are joined in this security model. TheMulti-stage flexible controlling of access permission and avoid of legitimate users rightsabusing have been implemented by the ability of mandatory access control andadjustment of the main body’s flexible access permission. According to the differentlevels of invasion, some response methods including warning, reducing the limits ofauthority, backupping sensitive data, noticing the administrator and shieldingconnection are designed for illegal acts.According to the relative test, the scheme has been proved to be achieving the desired purpose. It doesn’t bring great influence to the system efficiency, at the sametime, the authority judged and rules determined can be made flexibly, then, theresponses are made timely.