数据库中的数据安全 [英] Security of data in database

问题描述

我在做一个web应用程序，我想要它是安全的，所以我将使用SSL，并将哈希密码。但我的服务器是由不同的公司管理，它是一个共享托管服务器，他们可以直接访问数据库。我想防止敏感信息的任何可能的丢失，所以我正在考虑加密数据库中的所有数据。

I am making a web application and i want it to be secure, so i ll be using SSL and, will hash passwords. But my server is managed by a different company and it's a shared hosting server, they have direct access to database. I want to prevent any possible loss of sensitive information so i am thinking about encrypting all the data in the database.

这是一个很好的方式保持数据安全吗？
有其他方法保护数据库中的数据？

Is this a good way to keep data secure? are there any other ways to protect data in database?

我使用PHP，MYSQL，Apache和Linux

I am using PHP, MYSQL, Apache, and Linux

请提供详情。

提前感谢

推荐答案

这不是一个大隐私问题

互联网是由几个使用自托管解决方案的网站/完全个人服务器（在自己的NOC中拥有和运营）。

This is not a big privacy issue

The internet is composed of some few websites / web applications using self hosted solutions with fully personal servers (owned and operated in their own NOC).

每个人都使用某种形式或另一种形式的共享，虚拟化，半私有， collocated主机。

Everyone else is using some form or another of shared, virtualized, semi-private, semi-dedicated, collocated hosting. In every case the hosting company has full access to everything, they have physical access to the servers -- no amount of protection can help you there.

共享主机可能是一个共享的主机，它可以在任何情况下都可以访问服务器。最容易从托管公司的角度访问。但这是不相关的，他们的政策应该防止他们的恶意操作，因为如果他们不会没有真正重要，如果它是最简单或最难以访问它只会是你有多么有趣的数据是他们

Shared hosting might be the easiest to access from the hosting company's perspective. But that's not relevant, their policies should prevent them from operating in bad faith because if they wouldn't it wouldn't really matter if it was the easiest or the hardest to access it would only matter how interesting the data you have is to them (or some random employee of theirs).

某些方法可能使用：

• 将加密的文件系统作为文件夹并设置MySQL以使用该文件夹来存储数据;


• MySQL加密功能用于加密特定单元格或列中的数据;


• 一个具有加密功能的SQLite顶部的库整个数据库文件;

另一方面，如果您的PHP文件将在同一服务器上，并且数据库解密密码将被存储在你的PHP文件中，任何入侵者都可以找到它，如果他们想要的话可​​以使用它。

On the other hand if your PHP files would be on the same server and the database decryption password would be stored inside your PHP files, any "intruder" could find it and use it if they wanted it.

你必须将密码存储在不同的服务器上，从用户为了没有它存在于本地PHP文件内。这显然仍然在运行时可用;如果入侵者是程序员，他将能够很容易地检索它。

You'd have to store the password on a different server or obtain it from the user in order to not have it present inside the local PHP files. This would obviously still be available at runtime; if the "intruder" is a programmer he will be able to retrieve it fairly easily.

这篇关于数据库中的数据安全的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！