DBSS
Database Security Service (DBSS) provides database audit, database encryption and access control functions. It records user access to the database in real time, generates fine-grained audit reports, and sends real-time alarms for risky operations and attack behaviors. As a proxy encryption gateway, the system is deployed between the database and client applications. Any access must pass through the gateway to implement data encryption and access control.
Supported Databases
- Relational Database Service (RDS)
- Databases built on ECS
- Databases built on BMS
Databases of some types and versions can be audited without using agents, as shown in Table 1.
| Type | Supported Edition |
|---|---|
| GaussDB(for MySQL) | All editions are supported by default. |
| RDS for SQLServer | All editions are supported by default. |
| RDS for MySQL |
|
| GaussDB(DWS) |
|
| PostgreSQL NOTICE: If the size of an SQL statement exceeds 4 KB, the SQL statement will be truncated during auditing. As a result, the SQL statement is incomplete. |
|
| RDS for MariaDB | All editions are supported by default. |
Database audit supports the following database types and versions.
| Database Type | Edition |
|---|---|
| MySQL |
|
| Oracle | |
| PostgreSQL |
|
| SQL Server |
|
| GaussDB(for MySQL) | 8.0 |
| DWS |
|
| DAMENG | DM8 |
| KINGBASE | V8 |
| SHENTONG | V7.0 |
| GBase 8a | V8.5 |
| GBase 8s | V8.8_3.3.0 |
| Gbase XDM Cluster | V8.0 |
| Greenplum | V6.0 |
| HighGo | V6.0 |
| GaussDB |
|
| MongoDB | V5.0 |
| DDS | 4.0 |
| Hbase (Supported by CTS instance 23.02.27.182148 and later versions) |
|
| Hive |
|
| MariaDB | 10.6 |
| TDSQL | 10.3.17.3.0 |
| Vastbase | G100 V2.2 |
| TiDB |
|
Database encryption supports the following database types and versions, as shown in Table 3.
Service Features
- Help you meet security compliance requirements.
- Comply with DJCP (graded protection) standards for database audit.
- Comply with security laws and regulations, and provide compliance reports that meet data security standards (such as Sarbanes-Oxley).
- Back up and restore database audit logs and meet the audit data retention requirements.
- Monitor risks, sessions, session distribution, and SQL distribution in real time.
- Report alarms for risky behaviors and attacks and responds to database attacks in real time.
- Locate internal violations and improper operations and keep data assets secure.
- Monitors database login, operation type (data definition, operation, and control), and operation object based on risky operations to effectively audit the database.
- Analyzes risks, sessions, and SQL injection to help you master the database situation in a timely manner.
- Provides a report template library to generate daily, weekly, or monthly audit reports according to your configurations. Sends real-time alarm notifications to help you obtain audit reports in a timely manner.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.