Use Sniffer to analyze data transmission security of database application systems (Part 1)

It analyzes the characteristics of several common data application system structures, introduces the working principle of Sniffer, and proposes a method of using sniffer technology to quantitatively analyze the security of data transmission. Based on this method, a test environment is established, and experiments are used to illustrate the application of the method and analyze the guiding role of the experimental data in the application. Finally, the application of this research is summarized, which is suitable for quantitatively evaluating the security of data transmission in data application systems.

Database application system is an application software system based on database, and its security is an important evaluation criterion for the quality of the application system. If the security of the application system cannot be effectively guaranteed, the database application system established will be more of a destruction and leakage of data than a management of data. With the rapid development of Internet technology, the integration of database and Web is becoming increasingly close, and the security of data transmission is becoming increasingly important. This also brings new challenges to the security of database application systems… The security of database application system mainly includes three aspects: client, server and data transmission part. The security of the client is ensured by the authorized access and user restrictions of the operating system. Any user who wants to enter the system must log in with a user name, password and identity verification before being allowed to enter. Unauthorized users are not allowed to enter. Server-side security is mainly about the security maintenance of the database itself. Database security refers to protecting the database from data leakage, changes or damage caused by illegal use. The core issue of the database system security mechanism is: as a database management system that uses computers to save data and information records, it should provide services for secure access to information. The main means are: authentication, authorization mechanism and the use of views, triggers and stored procedures to maintain database security. In addition, the security of the database itself is also a guarantee to strengthen the security of this part; the security of the transmission part depends on the specific network environment and application. It is related to the design structure of the system itself. The design structures of currently commonly used data application systems mainly include Client/Server, Client/Server stored procedures, Client/Server three-tier structure and Browser/Server structure. At present, the transmission security analysis of these structures is only a qualitative explanation, with many subjective factors and a lack of objectivity. This article proposes a method of using sniffer technology to capture and analyze packets to quantitatively analyze the security of the system, and provides an effective quantitative analysis method for the transmission security of database application systems. This method is suitable for evaluating the data transmission of database application systems. safety.

1 Common structures of database application systems

1.1 Client/Server structure Client/Server (C/S) structure is a two-layer distributed system. Data is stored on the database server, and users directly operate the database through the client. The server side completes the core functions of DBMS and executes the storage logic and transaction logic of the database. The application program is stored on the client, completes functions such as data processing, data representation and user interface, executes application logic and provides user interface. Advantages: This C/S structure can give full play to the advantages of the computer network, maximize the use of resources on the client and server, improve computing efficiency and reduce network transmission volume; it has lower requirements for network bandwidth and delay time. The disadvantage is: in this model, the client software is not designed according to open standards. Therefore, the structures, functions, communication methods, and data structures of programs developed by different people are quite different. System integration is difficult and the maintenance workload is also large.

1.2 Client/Server Structure Stored Procedure Stored procedure is a set of SQL statements to complete specific functions, which are compiled and stored in the database. The user executes it by specifying the name of the stored procedure and giving parameters (if the stored procedure has parameters). Stored procedures can not only complete the logical processing of the application system and improve the running performance of the application, but can also be used to ensure the security and integrity of the data. In order to prohibit users from directly changing the base table, the base table can be changed through a stored procedure to protect the data of the base table, and then the user is granted the authority to execute the stored procedure. This limits the user’s improper operations on the base table, thereby ensuring The process of secure storage of data. The advantages of stored procedures: allow standard component programming; can achieve faster execution speed; can reduce network traffic; can be fully utilized as a security mechanism.

The way the Client/Server structure stores procedures is between the two-tier and three-tier structures, often called the 2.5-tier structure, which can achieve some of the characteristics of the three-tier structure and reduce the amount of development.

1.3 Client/Seiwer three-tier structure The three-tier model is an extension of the traditional C/S model and can be regarded as a combination of two c/S models. The client sends a request to the application server, the application server responds to the request and performs corresponding processing, and then returns the processing result to the client. This is the first layer of C/S mode; when the application server runs the business processing program, if it needs to access the database, it will The database server sends a request, and the database server returns the data processing results to the application server. This is the second layer C/S model. Therefore, the three-tier model has all the advantages of the traditional C/S model, and the distribution of user interface, business processing and data management is more flexible. The data of the three-tier information system is stored in the database server, and most of the business processing programs are stored and run in the application server. When the application is updated or upgraded, only the program in the application server needs to be updated. This makes application maintenance transparent to users, reduces maintenance costs, and improves system maintainability. Since the client does not store data, operators cannot see or modify the application as long as the information transmitted to the application server does not contain key program codes. As long as the security design of various types of servers is reasonable. This ensures that applications and data are not damaged.

The operating environment of the three-tier information system is generally an open network environment. System information must be transmitted on the network, and all system functions are implemented based on the network. To ensure that information is not stolen, we must not only ensure the security of data and programs in the server, but also ensure the security of the information transmission process. This is the main aspect tested in the experiments covered in this article.

1.4 Browser/Server structure Browser/Server (B/S) mode is a distributed system with a three-layer or multi-layer structure. In this mode, the client makes a request to the Web server through the browser. The Web server makes a query request to the database server. The Web server then transmits the queried data to the client in the form of a hypertext file. Its main features are: the client and the server are interconnected through the TCP/IP protocol; the client uses a browser, an application-independent hypertext information query tool. Therefore, in this mode, system integration is very easy, maintenance workload is small, and it is easy to master and upgrade. Compared with the C/S mode, it has the following advantages: Simplifying the client. You only need to install the browser software on the client, instead of installing different client applications on different clients; this simplifies system development and maintenance.

The C/S mode is used in a small and fixed location with high security requirements, strong interactivity, large amount of data processing, and flexible data query; it is used when security and interactivity are not high. Use B/S mode in a wide area with flexible location. This can give full play to their respective strengths. Develop a software system that is safe, reliable, flexible, convenient, and efficient.

Nous contacter