摘要:移动计算技术将会大大改变我们的工作和生活环境,给人类的生活带来便利,它代表着网络发展的一种必然趋势。我们可以随时随地运用互联网发布或收取数据信息,甚至是获取因为位置移动而不断改变的动态数据信息,如何保证移动计算环境下数据库的安全问题已经成为当前研究的热点问题。
rver to execute malicious SQL command code, called SQL injection attacks. In some form input field, if the user input is directly used as input parameters for the stored procedure or construct dynamic SQL command code , in this case, the form input fields are more susceptible to SQL injection attacks .
2 ) configuration data leakage
In ASP.NET Web applications , the data access code using the most sensitive configuration data comes database connection string. If the connection string has security issues, such as database access , including user names and passwords and other important information , then the result will be more severe . Once these data are malicious people get , the database will be a serious threat to the security of data .
3 ) leakage of sensitive application data
Many database stores sensitive data , such as customer credit card numbers , bank card password. These data may encounter eavesdropping, tampering , the protection of such data privacy and integrity is important . If the user's bank card number and password without encryption directly into the database , then these data security is very fragile . As long as illegal entry into the database, you can easily obtain these data , even if not illegal invasion , the database administrator may also easily get these confidential data. Database access authorization is too fragile , leading to leakage of confidential data applications .
4 ) unauthorized access
If properly authorized , the user may be able to access other restricted data . Data access code in the absence of authorization , it will provide unlimited access.
5 ) fallibility
As good as fixed mobile client nodes and reliable, and wireless network communication is not as stable fixed network , mobile services and more error-prone.
6 ) the mobile communication terminal security threat [ 11 ]
Mobile communication terminal resources are very limited, and the data transfer rate is relatively poor. Although convenient mobile communication terminal used to carry , but also easy to loss and theft . Such an attacker to obtain the terminal device, seek and obtain such as digital certificates and other data resources, illegal access to internal network resources, or direct damage to the mobile communication terminal data.
7 ) Wireless network security threats itself
Mobile computing is a wireless networking technology and mobile information platform based on the integration of new technologies. In the wireless communication process, all communication contents are transmitted through a wireless channel open . Anyone with a certain frequency devices per capita can obtain content transmitted on the wireless channel . For wireless LAN and personal users, the content of the communication is more vulnerable to eavesdropping [ 12 ] .
Implement database security technologies: access control, user identification and authentication , database auditing , database backup and recovery , database encryption technology.
1 ) Access control
Access control policies are all database management system to achieve the main security mechanism , which is based on the concept of privilege . Only one body has been given access to the appropriate database objects when they could access the object. Access control is implemented on the basis of many security solutions , you can creat
本论文由英语论文网提供整理,提供论文代写,英语论文代写,代写论文,代写英语论文,代写留学生论文,代写英文论文,留学生论文代写相关核心关键词搜索。