英语论文网

The complete database includes physical integrity and logical integrity . Refers to the physical integrity of the data from the database to ensure the physical failures , and there may be catastrophic damage to rebuild and restore the database. Logical integrity refers to the logical structure of the database protection, including the semantic integrity and operational integrity .

2) The confidentiality of the database

数据库保密性是指只有经过授权的用户才能存取数据。

Database Confidentiality means that only authorized users can access the data .

3 ) the availability of the database

数据库的可用性是指不应拒绝授权用户对数据库的正常操作，同时保证系统的运行效率。

Availability of the database refers to the database should not refuse to authorize the user 's normal operation , while ensuring efficiency of the system .

网络数据库安全的基本要求可归纳为：数据库的完整性（物理上的完整性、逻辑上的完整性和库中元素的完整性、数据库的保密性（用户身份识别、访问控制和可审计性）和数据库的可用性（用户界面友好，在授权范围内用户可以简便地访问数据）。

The basic network database security requirements can be summarized as: database integrity ( physical integrity , logical elements of integrity and the integrity of the library , the confidentiality of the database ( user identification , access control and auditability ) and the availability of the database ( user- friendly interface, users can within the scope of authorization and easy access to data ) .

( 1 ) relatively low administrative costs : for encryption, decryption , and other special operations management should minimize costs and benefits , and to measure and estimate .
( 2 ) System Flexibility : refers to the system to perform varied, extensive safety strategies. Because in different circumstances require different security policies , so the system should be better flexibility .
( 3 ) to facilitate the security administrator to use : For a database for evaluation and safety audits, organizations need to consider data sharing , security level , access control method and cost method in order to choose the best approach , taking into account the economy and security.
( 4 ) tamper detection : security mechanisms to be able to prevent it conducted itself unauthorized modifications , because even if the security mechanism is correct, after modification of it will destroy its security.
( 5 ) Credibility : refers to the system can deal with a variety of possible attack capability , it can analyze the system , verification, testing and observation to obtain .
( 6 ) User convenience : the database system to ensure the safety of the premise, as far as possible to facilitate the user application .

Developers want to build secure data access code, the first thing to do is to understand what threats exist database access , then these threats in the data access code is how the performance . Database access are listed below some of the threats that exist in the process :

1) SQL Injection
Attacker exploit loopholes in data access code to the SQL command code into a page request query string or a Web form input fields , causing the se