分割数据库是否是合法的安全措施? [英] Is splitting databases a legitimate security measure?
问题描述
当我公司以前的开发人员必须存储敏感的用户数据(例如,医疗记录)时,他们做了以下。
When previous devs at my company had to store sensitive user data (for example, medical records), they did the following. I doubt its merits.
- 有数据被视为不敏感(用户登录,个人资料信息)和敏感 )。
- 有三个数据库。
A中的不敏感数据,B中的医疗记录以及A和B在C。 - 所有三个数据库将用户(
A)绑定到医疗记录(B)。
- There is data considered "insensitive" (user login, profile info), and "sensitive" (user medical records).
- There are three databases. Insensitive data in
A, medical records inB, and the mapping betweenAandBinC. - A hacker must hack all three databases to tie users (
A) to medical records (B).
我们自己的后端代码调用 C 绑定 A 和 B 数据一起供用户显示。我认为这个代码的普遍存在无效分割数据库的好处:如果黑客访问我们的系统,他可以调用我们的逻辑。
Our own backend code calls C to tie A and B data together for user display. I think the ubiquity of this code invalidates the benefit of splitting databases: if the hacker accesses our system, he can call our logic.
上述系统的好处
推荐答案
我会说,一旦你的系统已经被入侵,攻击者超过了访问阈值,那么数据库只是时间问题。 至少可能会延迟入侵者的意图,但成本(在维护,性能,项目清晰度等方面)可能超过收益。
I'd say that once your system has been compromised and the assailant is past the threshold with access, then the databases are just a matter of time. What it is doing is at least perhaps delaying to intruder in their intent - but the cost (in terms of maintenance, performance, project clarity and so on) might outweigh the benefits.
我相信会有足够的信息让确定的人决定 X , Y 和 Z 数据库是链接的 - 除非您混淆数据库名称,表名称和其他结构指标。
I'm sure there will be sufficient information for a determined person to decide that X, Y and Z databases are linked - unless you obfuscate database names, table names and other structural indicators.
理想情况下,你应该考虑让你的系统不可渗透,除此之外的所有其他事情是缓解,治疗症状与忽视的问题(你已被利用),其中权衡必须被视为唯一的情况。
Ideally you should be looking to make your system impenetrable, all other things beyond that are mitigations, the treating of symptoms with neglect for the problem (that you've been exploited), of which the trade-off must be considered uniquely to the situation.
根据我的经验和看法,像这样分割数据库是一种奇怪的安全方法,我发现是巧妙地愚蠢。
In my experience and opinion, splitting the database like this is a strangely contrived approach to security that I find to be ingeniously silly.
这篇关于分割数据库是否是合法的安全措施?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
