Research And Implementation Of Improving Mysql Database Security In Web System

With the rapid development of Internet and improvement of information technology, making the Web system to gain popularity and promoting the development of Web system backend database. MySQL as a multi-threaded, multi-user relational database management system, small volume, fast, open source, has become a priority selection for many Web systems of the backstage database. So, the security of MySQL database in the Web system become more and more important. According to the OWASP research, SQL injection is one of the most advanced Web vulnerabilities. And when SQL injection attack successed, malicious network attacker can carry out various operations on the Web system database, or even operate high level of the SQL command, in order to obtain sensitive data and control the backend database.This will make the users of Web system bear an immeasurable loss. Therefore, in this paper, aiming at the application of MySQL database in the Web system, research security attacks, realized the prevention of SQL injection attack. Further enhance the security of MySQL database in the Web system.This paper research the sucurity of MySQL when it as a backend database, and bases on base station inspection management system in our lab.The research including MySQL’s internal security and external security. Firstly, study the internal security mechanism of MySQL database, which is the basis of research on the external security mechanism,ensure the security of MySQL server at the file system level. The system uses JavaScript, JSP, Java Servle Web technology, to research on the common SQL injection vulnerabilities in the system.And uses a variety of methods to prevent SQL injection attacks, provides multiple security for MySQL database security. Then, simulates attacking the system by attack tools and manual injection,ensure the effectiveness of adopted prevention method in the system. Through the research and implementation, the paper in the future will provide a good reference for the security of MySQL database of Web system in the enterprise.