| The most valuable resource is not the equipment or net, but the invaluable data and the place storing these data — Database. Database provides multipurpose information, for example, application parameters, private data, project records, auditing and security log, even users' access credentials. When building applications, it is essential to use a secure approach to accessing data.This paper presents recommendations and guidance that will help to develop a secure database access strategy. Topics covered mainly include securing data that flows across the network and securing database access credentials. The former pays attention to secure the channel between an application or Web server and database server, accordingly provides message confidentiality and message integrity. The later thinks much of the security of database connection strings, and how to reduce harm if ever betraying this confidential information either indeliberately or intentionally. With regard to the two aspects, this paper probes into the effective approach of database access security.Attending to practicability, all research of this paper is grounded on cryptography. Although Microsoft SQL Server 2000 is the leading database in this paper, the main recommendations and models is also effective in applications based on other database product. Finally, this paper summarizes the key security issues associated with data access, and has a view of the future of the research subsequently. Through the research, the author hopes that this paper can offer help for the application developers to realize Database Secure Access. |
PDF Full Text Request