With the rapid development of computer technology, the application of database is very extensive and goes deep into various fields, but there are data security problems and database access security problems. As the aggregation of information, database system is the core component of computer information system, and its security is very important. People pay more and more attention to the security of a large amount of data in the database of various application systems, and the anti theft and anti tampering of sensitive data.
The main database security risks faced by colleges and universities are as follows:
1. Access identity authentication. Students, teachers and developers of third-party business systems can access the database or access the services provided by the database. There are some problems in the traditional database management mode, such as inadequate management process, lack of technical means, and lax identity authentication and access control;
2. Database operation and maintenance control. In view of the complexity of database operators in Colleges and universities, the traditional information security construction in Colleges and universities often focuses on standardizing network layer application users and focusing on access control at the network boundary, but lacks effective behavior control for internal personnel;
3. The SQL injection problem cannot be cured by external hacker attacks.