MySQL database security solution (4) _ MySQL

MySQL database security solution (4) tip: With the popularization of the network, there are more and more network-based applications. Network databases are one of them. One or several servers can provide services to many customers. this method brings a lot of convenience to people, but it also gives criminals a chance to take advantage of it. Because the data is transmitted over the network, it can be intercepted during the transmission process, or it can be accessed through a very convenient way.

Next let's take a look at the five most required authorization tables in MySQL.

User

The user table stores user permissions and encrypted passwords. This table determines which users and clients can connect to the server.

Host

This table assigns permissions to each client, regardless of the user permissions. When determining whether to accept or reject a connection, MySQL first considers the user table. However, using the GRANT or REVOKE command does not affect the host table. you can manually modify the content in this table.

Db

The database table stores the permissions of the database layer.

Tables_priv

This table stores the table permission information.

Columns_priv

This table stores the permission information for individual columns. With this table, you can grant the permission to operate a column to a user.

Hash Encryption

If the database stores sensitive data, such as bank card passwords and customer information, you may want to save the data in an encrypted form in the database. In this way, even if someone enters your database and sees the data, it is difficult to obtain the real information.

In the large amount of information in the application, you may only want to encrypt a small part, such as the user's password. These passwords should not be stored in plain text. they should be stored in the database in encrypted form. In general, most systems, including MySQL, use hash algorithms to encrypt sensitive data.

Hash Encryption is one-way encryption, that is, the encrypted string cannot obtain the original string. This method is very limited, generally only used in password verification or other places to verify. In comparison, the encrypted string is not decrypted, but the input string is encrypted in the same way, and then compared with the encrypted string in the database. In this way, even if the algorithm is known and the encrypted string is obtained, the original string cannot be restored. The bank card password is encrypted in this way.

MySQL provides four functions for Hash Encryption: PASSWORD, ENCRYPT, SHA1, and MD5. Next let's try these four functions to see what the results will be. The following uses the encrypted string "pa55word" as an example:

Let's take a look at the MD5 function.

　
SELECT MD5 ('pa55word ');
+ ---------------------------------- +
| MD5 ('pa55word') |
+ ---------------------------------- +
| A17a41337551d6542fd005e18b43afd4 |
+ ---------------------------------- +
1 row in set (0.13 sec)