Design And Implementation Of Data Center Subsystem Of Database Audit System

With the rapid development of information technology, database technology has been widely used by businesses. However, in recent years, the frequent occurrence of database damage or leakage of the incident so that people have to pay attention to the problem of database security. Damage or leakage database may violate a user's personal information or privacy, more serious will bring major economic loss irreparable. Database security threats mainly are from two aspects: Firstly, from the company's internal staff responsibilities misuse or unauthorized access, and they brought a lot of serious damage or even lead to data loss database system crash. Moreover, such attacks are often very subtle and not easy to be aware of the monitoring system. On the other hand, is also a major attack outside the system from malicious intrusion, the attacker loopholes in the system for database or launch attacks, tampering or theft of data, to the security and reliability of the system pose a serious threat. The topic of this paper comes from Xi'an Jiaotong University Jump database auditing system project, the paper of this database audit system data center subsystem design and implementation.This system is mainly for the database server, and for the operation of the data analysis and mining, to control the database security risk and maintain the purpose of the health operation, in monitoring user behavior audit user operation and so on. Therefore, the system will be targeted at the user or external non-standard control or malicious destruction of the database behavior to identify the relevant historical data, such as IP address information, user accounts, etc., to provide the necessary basis for the specification and tracing the responsible person. In this paper, the advantages and disadvantages of the database security system are compared with the requirements of the database security system. Based on the existing authority database security audit system, this paper designs the demand of the system. This system uses B/S structure, do not need to install and easy to maintain. The bypass monitoring means of data acquisition system mainly four modules, respectively is packet capture engine module, strategy matching module, statements management module, the log management module. After the capture of network packet capture engine from the card, according to the functional requirements of the package flow. In accordance with the user's configuration of the audit strategy, the bottom of the data packets to match operations, if the policy is based on the strategy to respond, otherwise do not deal with. The report engine can generate the log statistics report form according to the report form. The log module mainly designs the log data's life cycle. The design of log function mainly includes the design of the log storage, backup and cleaning. After testing, the system runs stably and can meet the expected requirements.In this paper, the database audit system data center subsystem is mainly used to access the integrity of the system and the strict control of the authority to achieve information data security and confidentiality. At the same time, can be deployed in the audit security situation, the normal operation of the system does not affect the. On the other hand, the key information of the enterprise, especially the business secrets and the user confidential information for professional protection, to avoid from the external malicious attack, or the internal staff of the abuse of power leakage data and bring damage.