Security Audit Of Cloud Database Based On Docker

With the developing of cloud computing and big data technology,traditional databases are gradually developing towards virtualization and cloud database.Cloud service providers centralize resources such as servers,storage,network and application programs by virtualization and distributed computing technology,and provide efficient and economic database services for small and medium enterprise(SMEs)and users.However,data security has been exposed in the development of cloud technology.Frequent data leakage has become the main reason that restricts its development.Based on the domestic and foreign related research about cloud computing,access control and data encryption technology analysis and summary,this thesis deeply analyze the data security risks faced by cloud database and the actual data security needs of enterprises,taking the data of IC card system widely used by SMEs and users as the practical application background.In view of the fact that IC cards have sensitive data in memory and are easily cracked,a data security strategy has been put forward in the perspective of post auditing,and implementation and analysis have been carried out.This thesis has done the following work on cloud database audit.First of all,this thesis designed an auditing tool that was developed for the most widely used cloud database based on MySQL engine.It was developed using a software development kit provided by a third party to obtain data change process and operator information in the cloud database platform.Finally,a set of cloud database platform is built with Docker,and the related experiments are carried out on the platform.Experiment shows that the audit tool can correctly obtain and analyze data changes in the cloud database and match users.In the study of illegal behavior in the public transport system,the above-mentioned auditing strategy was used,and an auditing method based on the finite state machine(FSM)model was designed.Using the FSM model to simplify the user consumption simulation process,the characteristics of the simulation result set are analyzed and demonstrated.Aiming at the existence of two types of abnormal behaviors,it is proved that the method has higher detection results for these two situations,which shows that the method has practical application value.To sum up,this thesis explores and researches the security audit on cloud database based on Docker from two aspects of theory and practice,puts forward a comprehensive set of audit strategies and designs audit tools to help auditors improve their work efficiency.