数据库安全外文翻译

数据库安全

“为什么要确保数据库服务安全呢？任何人都不能访问-这是一个非军事区的保护防火墙”，当我们被建议使用一个带有安全检查机制的装置时，这是通常的反应。事实上，在防护一个组织的信息方面，数据库的安全是至高无上的，因为它可能会间接接触比我们意识到的更广泛的用户。

这是两篇研究数据库安全文章中的第一篇。在这篇文章中我们将讨论一般数据库安全概念和和比较普遍的问题。在下篇文章，我们将把焦点放在特定的Microsoft SQL和Oracle的安全关注上。

近来数据库安全已成为一个热门话题。随着越来越多的人关注计算机安全，我们发现，防火墙和网络服务器比以前都更加安全化了（虽然这并不等于说现在不再有许多不安全的网络存在）。因此，重点是加大对技术的考虑力度，譬如以更细腻的审查态度对待数据库。

◆一般安全意识

在我们讨论有关数据库安全问题之前，确保底层操作系统和支撑技术的安全是审慎而且必要的。如果一个vanilla操作系统无法为数据库提供一个稳妥可靠的安全基础，花费太多努力去确保数据库安全是不值得的。当安装操作系统时，有许多好的文献资料可以参考。

经常遇到的一个普遍问题，就是作为网络服务器托管Internet(or Intranet)的同一服务器上数据库的应用。虽然这可能节省的购买一个单独的服务器费用，但这严重影响了安全问题。如果这是确定的，当数据库开放地连接到互联网这种情况被证实了。最近的一个例子，我记得是一个Apache网络服务器系统服务组织在互联网上提供的，与Oracle数据库在互联网上提供有关端口1521。在调查这个问题时进一步被发现，访问该Oracle服务器是没有服务器加以制止之类的保护措施的（包括缺乏密码）。从互联网发展前景看，这个数据库是不被推崇的，但默认设置的使用以及粗糙的安全措施，使服务器更加脆弱。

上面提到的问题并不是严格地数据库问题，还可以被归类为构建机制和防火墙保护问题，但最终它确是数据库，这是毫不妥协的。安全方面的考虑从面向网络的各部分来看而被迫作出的。你不能依靠任何他人或任何别的事以保护你的数据库安全。

◆由于SQL和Oracle开发的漏洞给攻击工具一个得以使用的空间。

我在最近为客户做的一项安全评估中偶然发现一个数据库安全方面的有趣的是。我们正在进行对使用一个数据库后端（SQL）以存放客户端的细节的企业内部应用软件的测试。安全审查过程进展顺利，访问控制基于Windows 认证。只有通过认证的Windows用户能够看到属于他们的数据。这个应用软件本身好像对输入要求进行处理，拒绝直接进入资料库的所有尝试。

之后我们在工作的办公室偶然发现一个该应用软件的备份。这个媒体装有SQL

数据库的备份，这是我们重新存储到笔记本电脑上的。所有安全控制均到那些原先并未恢复数据库的位置上，而且我们能够在适当的位置无任何限制地浏览完整的数据库，以保护敏感的数据。这可能像是一种妥协的系统安全的方式，但确实是重要的。往往并不是采取直接的方法攻击一个目标，并且最终结果是相同的;系统妥协。数据库备份可以存储在服务器上，从而有利于间接地访问数据。

以上问题有一个简单的办法来解决。在SQL 2000可以为备份设定使用密码保护。如果备份使用了密码保护，当创建密码时就必须使用密码。这是一种有效而且不太复杂的方法阻止备份数据的简单捕获。然而这意味着密码必须记住！

◆当前趋势

在IT安全方面有许多当前趋势，这些中的不少都与数据库安全联系起来。数据库安全方面的焦点正吸引着攻击者的注意力。由于SQL和Oracle开发的漏洞给攻击工具一个得以使用的空间。这些工具的出现提高了赌注，我们已经看到，攻击主要是针对服务器暴露到互联网的特定数据库端口。

贯穿安全业的一个普遍问题是应用软件安全，特别是定制的Web应用程序。随着Web应用程序的功能变得越来越复杂，它带来了应用程序编码方面的安全漏洞的更大的潜在威胁。为了满足应用软件的功能性要求，后端数据存储通常被用来安排网页内容的格式。这就需要更复杂的后端数据编码。开发者使用不同风格的代码开发，其中一部分没有安全意识，这也许是开发错误的源头。

SQL注入就是当前IT安全业的一个热门话题。随着愈来愈多的以期缩短时间的开发数据库的方式和手段的出现，目前在技术安全论坛中，争论是很平常的。SQL 注入是一个容易让人误导的术语，因为该概念也适用于其他的数据库，包括Oracle，DB2和Sybase系统。

◆什么是SQL注入？

SQL注入的是软件开发人员所不希望出现的与资料库使用代码或指令发送手段的交流方法。这是发现在Web应用软件最常见的形式。任何用户输入应用软件所不允许的内容是攻击的一个常见来源。

在座很多朋友已经看到了当访问网站时通常的错误消息框，而且往往显示用户输入没有得到正确处理。一旦出现这种类型的错误，攻击者将把焦点放在更具体的输入字符串上。具体的与安全有关的编码技术在使用组织时应加入编码标准。由于这种类型的脆弱性所造成的损害，可以很深刻的，尽管这会取决于该应用软件与数据库关联的特权级别。如果该软件以管理者类型权限访问数据，然后恶意运行命令也会是这一级别的访问权限，此时系统妥协是不可避免的。还有这个问题类似于操作系统的安全规则，在那里，项目应该以最低的权限运行，而且这是必要的。如果是正常的用户访问，然后启用这个限制。

同样的问题，SQL的安全也不完全是一个数据库的问题。特定的数据库命令或要求，不应该允许通过应用层。这是可以通过"安全码"的方式加以预防的。这是

一个场外话题，但应该被应用的一些基本步骤的详细设计是有必要的。

第一步，在获取任何申请时须验证和控制用户输入。可能的情况下，严格的类型应被设定以控制具体数据（例如，期望得到数值数据，字符串类型数据等），并在可能实现的情况下，如果数据是以字符型为基础的，需要禁止特定的非字母数字字符。如果这是不能实现的，应该做出争取使用替代字符的考虑（例如，使用单引号，这在 SQL命令中时通常被使用的）。

在使用您的组织时具体的与安全有关的编码技术应加入编码标准。如果所有开发商都使用相同的基线标准，特定具体的安全措施，这将大大减少SQL注入妥协的风险。

能够使用的另一种简单的方法，是清除数据库中不再需要的所有程序。这些限制了数据库中不再需要的或者多于过剩的被恶意利用的程度。这类似于消除操作系统内不需要的服务程序，是一种常见的安全实践。

◆总结

总之，我已做出的以上的大多数观点是安全概念的一般意识，并没有具体到某个数据库。然而，所有这些确实应用于数据库，而且如果这些基本的安全措施被应用，你的数据库安全属性将大大改善。在下一篇关于数据库的安全的文章中，将侧重于具体的SQL和Oracle安全问题，有为DBAs和开发商提供的详细例子和意见。

在上面，我们讨论了一般数据库安全概念和共同面临的问题。在这篇文章我们将集中于特定的Microsoft SQL和Oracle的安全问题，同样重要的是缓解这些问题的解决方案。

数据库安全与一般IT安全问题有许多相似之处，都有一些简单的安全措施和步骤，容易实施，从而大大提高安全性。虽然这些看起来像普通常识，但是令人惊讶的是，我们都看到有多少次，常见的安全措施没有落实以至于造成的安全风险。

◆用户账户和密码安全

在IT安全方面的一个首要基本规则，便是“确保你有一个可靠的密码”。在此声明，我已假定首先一个密码已被设定，虽然这种情况往往并非如此。在去年的文章中，我略微谈到了关于一般安全意识的问题，但我认为再次强调这个问题是有必要的，而且至关重要。就像操作系统，人们关注的焦点是内部数据库的账号安全，其目的在于管理账户。在SQL内，这将成为SA账号，在Oracle内，这可以是SYSDBA或者是Oracle账户。

SQL SA服务账户将“SA”作为密码，这是很常见的，或者更糟糕的是一个空白密码，这同样很普遍。这类密码连最基本的安全规则都懒于限制。用户在自己的域账户上将不允许有一个空白密码，所以为什么宝贵的系统资源，例如数据库容许被毫无保障。举例来说，一个空白的“SA”密码，使含有客户端软件任何用

户（如微软的查询分析器或企业经理人去“管理”SQL Server和数据库）。

数据库被用来作为Web应用软件的后端，缺乏密码控制，将导致敏感资料的全盘妥协。随着系统级访问数据库，使得不仅要执行查询到数据库，创建/修改/删除表等，而且也要执行被称为存储程序的内容。

Database Security

“Why do I need to secure my database server? No one can access it —it’s in a DMZ protecte d by the firewall!” This is often the response when it is recommended that such devices are included within a security health check. In fact, database security is paramount in defending an organizations information, as it may be indirectly exposed to a wider audience than realized.

This is the first of two articles that will examine database security. In this article we will discuss general database security concepts and common problems. In the next article we will focus on specific Microsoft SQL and Oracle security concerns.

Database security has become a hot topic in recent times. With more and more people becoming increasingly concerned with computer security, we are finding that firewalls and Web servers are being secured more than ever(though this does not mean that there are not still a large number of insecure networks out there). As such, the focus is expanding to consider technologies such as databases with a more critical eye.

◆Common sense security

Before we discuss the issues relating to database security it is prudent to high- light the necessity to secure the underlying operating system and supporting technologies. It is not worth spending a lot of effort securing a database if a vanilla operating system is failing to provide a secure basis for the hardening of the data- base. There are a large number of excellent documents in the public domain detailing measures that should be employed when installing various operating systems.

One common problem that is often encountered is the existence of a database on the same server as a web server hosting an Internet (or Intranet) facing application. Whilst this may save the cost of purchasing a separate server, it does seriously affect the security of the solution. Where this is identified, it is often the case that the database is openly connected to the Internet. One recent example I can recall is an Apache Web server serving an organizations Internet offering, with an Oracle database available on the Internet on port 1521. When investigating this issue further it was discovered that access to the Oracle server was not protected (including lack of passwords), which allowed the server to be stopped. The database was not required from an Internet facing perspective, but the use of default settings and careless security measures rendered the server vulnerable.

The points mentioned above are not strictly database issues, and could be classified as architectural and firewall protection issues also, but ultimately it is the database that is compromised. Security considerations have to be made from all parts of a public facing net- work. You cannot rely on someone or something else within your organization protecting your database

from exposure.

◆ Attack tools are now available for exploiting weaknesses in SQL and Oracle

I came across one interesting aspect of database security recently while carrying out a security review for a client. We were performing a test against an intranet application, which used a database back end (SQL) to store client details. The security review was proceeding well, with access controls being based on Windows authentication. Only authenticated Windows users were able to see data belonging to them. The application itself seemed to be handling input requests, rejecting all attempts to access the data- base directly.We then happened to come across a backup of the application in the office in which we were working. This media contained a backup of the SQL database, which we restored onto our laptop. All security controls which were in place originally were not restored with the database and we were able to browse the complete database, with no restrictions in place to protect the sensitive data. This may seem like a contrived way of compromising the security of the system, but does highlight an important point. It is often not the direct approach that is taken to attack a target, and ultimately the endpoint is the same; system compromise. A backup copy of the database may be stored on the server, and thus facilitates access to the data indirectly.

There is a simple solution to the problem identified above. SQL 2000 can be configured to use password protection for backups. If the backup is created with password protection, this password must be used when restoring the password. This is an effective and uncomplicated method of stopping simple capture of backup data. It does however mean that the password must be remembered!

◆Curr ent tr ends

There are a number of current trends in IT security, with a number of these being linked to database security.

The focus on database security is now attracting the attention of the attackers. Attack tools are now available for exploiting weaknesses in SQL and Oracle. The emergence of these tools has raised the stakes and we have seen focused attacks against specific data- base ports on servers exposed to the Internet.

One common theme running through the security industry is the focus on application security, and in particular bespoke Web applications. With he functionality of Web applications becoming more and more complex, it brings the potential for more security weaknesses in bespoke application code. In order to fulfill the functionality of applications, the backend data stores are commonly being used to format the content of Web pages. This requires more complex coding at the application end. With developers using different styles in code development, some of which are not as security conscious as

other, this can be the source of exploitable errors.

SQL injection is one such hot topic within the IT security industry at the moment. Discussions are now commonplace among technical security forums, with more and more ways and means of exploiting databases coming to light all the time. SQL injection is a misleading term, as the concept applies to other databases, including Oracle, DB2 and Sybase.

◆ What is SQL Injection?

SQL Injection is simply the method of communication with a database using code or commands sent via a method or application not intended by the developer. The most common form of this is found in Web applications. Any user input that is handled by the application is a common source of attack. One simple example of mishandling of user input is highlighted in Figure 1. Many of you will have seen this common error message when accessing web sites, and often indicates that the user input has not been correctly handled. On getting this type of error, an attacker will focus in with more specific input strings.

Specific security-related coding techniques should be added to coding standard in use within your organization. The damage done by this type of vulnerability can be far reaching, though this depends on the level of privileges the application has in relation to the database.If the application is accessing data with full administrator type privileges, then maliciously run commands will also pick up this level of access, and system compromise is inevitable. Again this issue is analogous to operating system security principles, where programs should only be run with the minimum of permissions that is required. If normal user access is acceptable, then apply this restriction.

Again the problem of SQL security is not totally a database issue. Specific database command or requests should not be allowed to pass through the

application layer. This can be prevented by employing a “secure coding” approach.

Again this is veering off-topic, but it is worth detailing a few basic steps that should be employed.

The first step in securing any application should be the validation and control of user input. Strict typing should be used where possible to control specific data (e.g. if numeric data is expected), and where string based data is required, specific non alphanumeric characters should be prohibited where possible. Where this cannot be performed, consideration should be made to try and substitute characters (for example the use of single quotes, which are commonly used in SQL commands).

Specific security-related coding techniques should be added to coding

standard in use within your organization. If all developers are using the same baseline standards, with specific security measures, this will reduce the risk of SQL injection compromises.

Another simple method that can be employed is to remove all procedures within the database that are not required. This restricts the extent that unwanted or superfluous aspects of the database could be maliciously used. This is analogous to removing unwanted services on an operating system, which is common security practice.

◆ Overall

In conclusion, most of the points I have made above are common sense security concepts, and are not specific to databases. However all of these points DO apply to databases and if these basic security measures are employed, the security of your database will be greatly improved.

The next article on database security will focus on specific SQL and Oracle security problems, with detailed examples and advice for DBAs and developers.

There are a lot of similarities between database security and general IT security, with generic simple security steps and measures that can be (and should be) easily implemented to dramatically improve security. While these may seem like common sense, it is surprising how many times we have seen that common security measures are not implemented and so cause a security exposure.

◆User account and password security

One of the basic first principals in IT security is “make sure you have a good password”. Within this statement I have assumed that a password is set in the first place, though this is often not the case. I touched on common sense security in my last article, but I think it is important to highlight this again. As with operating systems, the focus of attention within database account security is aimed at administration accounts. Within SQL this will be the SA account and within Oracle it may be the SYSDBA or ORACLE account.

It is very common for SQL SA accounts to have a password of ‘SA’ or even worse a blank password, which is just as common. This password laziness breaks the most basic security principals, and should be stamped down on. Users would not be allowed to have a blank password on their own domain account, so why should valuable system resources such as databases be allowed to be left unprotected. For instance, a blank ‘SA’ password will enable any user with client software (i.e. Microsoft query analyser or enterprise manager to ‘manage’ the SQL server and databases).

With databases being used as the back end to Web applications, the lack of password control can result in a total compromise of sensitive information. With system level access to the database it is possible not only to execute queries into the database, create/modify/delete tables etc, but also to execute what are known as Stored Procedures.

外文翻译-数据库管理系统—剖析

Database Management System Source：Database and Network Journal Author：David Anderson You know that a data is a collection of logically related data elements that may be structured in various ways to meet the multiple processing and retrieval needs of orga nizations and individuals. There’s nothing new about data base-early ones were chiseled in stone, penned on scrolls, and written on index cards. But now database are commonly recorded on magnetically media, and computer programs are required to perform the necessary storage and retrieval operations. The system software package that handles the difficult tasks associated with created, accessing, and maintaining database records is in a DBMS package establish an interface between the database itself and the users of the database. (These users may be applications programmers, managers and others with information needs, and various OS programmers.) A DBMS can organize, process, and present selected data elements from the database. This capability enables decision makers to search. Probe, and query data contents in order to extract answers to nonrecurring and unplanned questions that aren’t available in regular reports. These questions might initially be vague and/or poorly defined, but people can “browse” through the database until they have the needed information. In short, the DBMS will “manage” the stored data items and assemble the needed items from the common database in response to the queries of those who aren’t programmers. In a file-oriented system, users needing special information may communicate their needs to a programmers, who, when time permits, will information. The availability of a DBMS, however, offers users a much faster alternative communications patch (see figure). Special, direct, and other file processing approaches ate used to organize and structure data in single files. But a DBMS is able to integrate data elements from several files to answer specific user inquiries fir information. This means that the DBMS is able to structure and tie together the logically related data from several large files. Logical structures. Identifying these logical relationships is a job of the data administrator. A data definition language is used for this purpose. The DBMS may

SQL数据库外文翻译--数据库的工作

Working with Databases This chapter describes how to use SQL statements in embedded applications to control databases. There are three database statements that set up and open databases for access: SET DATABASE declares a database handle, associates the handle with an actual database file, and optionally assigns operational parameters for the database. SET NAMES optionally specifies the character set a client application uses for CHAR, VARCHAR, and text Blob data. The server uses this information to transli terate from a database?s default character set to the client?s character set on SELECT operations, and to transliterate from a client application?s character set to the database character set on INSERT and UPDATE operations. g CONNECT opens a database, allocates system resources for it, and optionally assigns operational parameters for the database.All databases must be closed before a program ends. A database can be closed by using DISCONNECT, or by appending the RELEASE option to the final COMMIT or ROLLBACK in a program. Declaring a database Before a database can be opened and used in a program, it must first be declared with SET DATABASE to: CHAPTER 3 WORKING WITH DATABASES. Establish a database handle. Associate the database handle with a database file stored on a local or remote node.A database handle is a unique, abbreviated alias for an actual database name. Database handles are used in subsequent CONNECT, COMMIT RELEASE, and ROLLBACK RELEASE statements to specify which databases they should affect. Except in dynamic SQL (DSQL) applications, database handles can also be used inside transaction blocks to qualify, or differentiate, table names when two or more open databases contain identically named tables. Each database handle must be unique among all variables used in a program. Database handles cannot duplicate host-language reserved words, and cannot be InterBase reserved words.The following statement illustrates a simple database declaration:

外文翻译--农村金融主流的非正规金融机构

附录1 RURAL FINANCE: MAINSTREAMING INFORMAL FINANCIAL INSTITUTIONS By Hans Dieter Seibel Abstract Informal financial institutions (IFIs), among them the ubiquitous rotating savings and credit associations, are of ancient origin. Owned and self-managed by local people, poor and non-poor, they are self-help organizations which mobilize their own resources, cover their costs and finance their growth from their profits. With the expansion of the money economy, they have spread into new areas and grown in numbers, size and diversity; but ultimately, most have remained restricted in size, outreach and duration. Are they best left alone, or should they be helped to upgrade their operations and be integrated into the wider financial market? Under conducive policy conditions, some have spontaneously taken the opportunity of evolving into semiformal or formal microfinance institutions (MFIs). This has usually yielded great benefits in terms of financial deepening, sustainability and outreach. Donors may build on these indigenous foundations and provide support for various options of institutional development, among them: incentives-driven mainstreaming through networking; encouraging the establishment of new IFIs in areas devoid of financial services; linking IFIs/MFIs to banks; strengthening Non-Governmental Organizations (NGOs) as promoters of good practices; and, in a nonrepressive policy environment, promoting appropriate legal forms, prudential regulation and delegated supervision. Key words: Microfinance, microcredit, microsavings。 1. informal finance, self-help groups In March 1967, on one of my first field trips in Liberia, I had the opportunity to observe a group of a dozen Mano peasants cutting trees in a field belonging to one of them. Before they started their work, they placed hoe-shaped masks in a small circle, chanted words and turned into animals. One turned into a lion, another one into a bush hog, and so on, and they continued to imitate those animals throughout the whole day, as they worked hard on their land. I realized I was onto something serious, and at the end of the day, when they had put the masks into a bag and changed back into humans,

管理信息系统外文翻译

管理信息系统外文翻译-标准化文件发布号：（9456-EUATWK-MWUB-WUNN-INNUL-DDQTY-KII

英文文献翻译 二〇年月日

科技文章摘译 Definition of a Management Information System There is no consensus of the definition of the term "management information system". Some writers prefer alternative terminology such as "information processing system", "information and decision system", "organizational information system", or simply "information system" to refer to the computer-based information processing system which supports the operations, management, and decision-making functions of an organization. This text uses “MIS” because it is descriptive and generally understood; it also frequently uses “information system” instead of “MIS” to refer to an organizational information system. A definition of a management information system, as the term is generally understood, is an integrated, user-machine system for providing information to support operations, management, and decision-making functions in an organization. The system utilizes computer hardware and software; manual procedures; models for analysis planning, control and decision making; and a database. The fact that it is an integrated system does not mean that it is a single, monolithic structure; rather, it means that the parts fit into an overall design. The elements of the definition are highlighted below. 1 Computer-based user-machine system Conceptually, management information can exist without computer, but it is the power of the computer which makes MIS feasible. The question is not whether computers should be used in management information system, but the extent to which information use should be computerized. The concept of a user-machine system implies that some tasks are best performed by humans, while others are best done by machine. The user of an MIS is any person responsible for entering input data, instructing the system, or utilizing the information output of the system. For many problems, the user and the computer form a combined system with results obtained through a set of interactions between the computer and the user. User-machine interaction is facilitated by operation in which the user’s input-output device (usually a visual display terminal) is connected to the computer. The computer can be a personal computer serving only one user or a large computer that

计算机网络安全文献综述

计算机网络安全综述学生姓名：李嘉伟 学号：11209080279 院系：信息工程学院指导教师姓名：夏峰二零一三年十月

［摘要］ 随着计算机网络技术的快速发展，网络安全日益成为人们关注的焦点。本文分析了影响网络安全的主要因素及攻击的主要方式，从管理和技术两方面就加强计算机网络安全提出了针对性的建议。 ［关键词］ 计算机网络；安全；管理；技术；加密；防火墙 一．引言 计算机网络是一个开放和自由的空间，但公开化的网络平台为非法入侵者提供了可乘之机，黑客和反黑客、破坏和反破坏的斗争愈演愈烈，不仅影响了网络稳定运行和用户的正常使用，造成重大经济损失，而且还可能威胁到国家安全。如何更有效地保护重要的信息数据、提高计算机网络的安全性已经成为影响一个国家的政治、经济、军事和人民生活的重大关键问题。本文通过深入分析网络安全面临的挑战及攻击的主要方式，从管理和技术两方面就加强计算机网络安全提出针对性建议。

二．正文 1.影响网络安全的主要因素［1］ 计算机网络安全是指“为数据处理系统建立和采取的技术和管理的安全保护，保护计算机硬件、软件数据不因偶然和恶意的原因而遭到破坏、更改和泄漏”。计算机网络所面临的威胁是多方面的，既包括对网络中信息的威胁，也包括对网络中设备的威胁，但归结起来，主要有三点：一是人为的无意失误。如操作员安全配置不当造成系统存在安全漏洞，用户安全意识不强，口令选择不慎，将自己的帐号随意转借他人或与别人共享等都会给网络安全带来威胁。二是人为的恶意攻击。这也是目前计算机网络所面临的最大威胁，比如敌手的攻击和计算机犯罪都属于这种情况，此类攻击又可以分为两种：一种是主动攻击，它以各种方式有选择地破坏信息的有效性和完整性；另一类是被动攻击，它是在不影响网络正常工作的情况下，进行截获、窃取、破译以获得重要机密信息。这两种攻击均可对计算机网络造成极大的危害，并导致机密数据的泄漏。三是网络软件的漏洞和“后门”。任何一款软件都或多或少存在漏洞，这些缺陷和漏洞恰恰就是黑客进行攻击的首选目标。绝大部分网络入侵事件都是因为安全措施不完善，没有及时补上系统漏洞造成的。此外，软件公司的编程人员为便于维护而设置的软件“后门”也是不容忽视的巨大威胁，一旦“后门”洞开，别人就能随意进入系统，后果不堪设想。

企业数据建模外文翻译文献

企业数据建模外文翻译文献 (文档含中英文对照即英文原文和中文翻译) 翻译： 信息系统开发和数据库开发 在许多组织中，数据库开发是从企业数据建模开始的，企业数据建模确定了组织数据库的范围和一般内容。这一步骤通常发生在一个组织进行信息系统规划的过程中，它的目的是为组织数据创建一个整体的描述或解释，而不是设计一个特定的数据库。一个特定的数据库为一个或多个信息系统提供数据，而企业数据模型（可能包含许多数据库）描述了由组织维护的数据的范围。在企业数据建模时，你审查当前的系统，分析需要支持的业务领域的本质，描述需要进一步抽象的数据，并且规划一个或多个数据库开发项目。图1显示松谷家具公司的企业数据模型的一个部分。 1.1 信息系统体系结构 如图1所示，高级的数据模型仅仅是总体信息系统体系结构(ISA)一个部分或一个组

织信息系统的蓝图。在信息系统规划期间，你可以建立一个企业数据模型作为整个信息系统体系结构的一部分。根据Zachman(1987)、Sowa和Zachman（1992）的观点，一个信息系统体系结构由以下6个关键部分组成: 数据（如图1所示，但是也有其他的表示方法）。 操纵数据的处理（着系可以用数据流图、带方法的对象模型或者其他符号表示）。 网络，它在组织内并在组织与它的主要业务伙伴之间传输数据（它可以通过网络连接和拓扑图来显示）。 人，人执行处理并且是数据和信息的来源和接收者（人在过程模型中显示为数据的发送者和接收者）。 执行过程的事件和时间点（它们可以用状态转换图和其他的方式来显示）。 事件的原因和数据处理的规则（经常以文本形式显示，但是也存在一些用于规划的图表工具，如决策表）。 1.2 信息工程 信息系统的规划者按照信息系统规划的特定方法开发出信息系统的体系结构。信息工程是一种正式的和流行的方法。信息工程是一种面向数据的创建和维护信息系统的方法。因为信息工程是面向数据的，所以当你开始理解数据库是怎样被标识和定义时，信息工程的一种简洁的解释是非常有帮助的。信息工程遵循自顶向下规划的方法，其中，特定的信息系统从对信息需求的广泛理解中推导出来（例如，我们需要关于顾客、产品、供应商、销售员和加工中心的数据），而不是合并许多详尽的信息请求（如一个订单输入屏幕或按照地域报告的销售汇总）。自顶向下规划可使开发人员更全面地规划信息系统，提供一种考虑系统组件集成的方法，增进对信息系统与业务目标的关系的理解，加深对信息系统在整个组织中的影响的理解。 信息工程包括四个步骤:规划、分析、设计和实现。信息工程的规划阶段产生信息系统体系结构，包括企业数据模型。 1.3 信息系统规划 信息系统规划的目标是使信息技术与组织的业务策略紧密结合，这种结合对于从信息系统和技术的投资中获取最大利益是非常重要的。正如表1所描述的那样，信息工程方法的规划阶段包括3个步骤，我们在后续的3个小节中讨论它们。 1.确定关键性的规划因素

数据库外文参考文献及翻译.

数据库外文参考文献及翻译 数据库外文参考文献及翻译数据库管理系统——实施数据完整性一个数据库，只有用户对它特别有信心的时候。这就是为什么服务器必须实施数据完整性规则和商业政策的原因。执行SQL Server的数据完整性的数据库本身，保证了复杂的业务政策得以遵循，以及强制性数据元素之间的关系得到遵守。因为SQL Server的客户机/服务器体系结构允许你使用各种不同的前端应用程序去操纵和从服务器上呈现同样的数据，这把一切必要的完整性约束，安全权限，业务规则编码成每个应用，是非常繁琐的。如果企业的所有政策都在前端应用程序中被编码，那么各种应用程序都将随着每一次业务的政策的改变而改变。即使您试图把业务规则编码为每个客户端应用程序，其应用程序失常的危险性也将依然存在。大多数应用程序都是不能完全信任的，只有当服务器可以作为最后仲裁者，并且服务器不能为一个很差的书面或恶意程序去破坏其完整性而提供一个后门。SQL Server使用了先进的数据完整性功能，如存储过程，声明引用完整性（DRI），数据类型，限制，规则，默认和触发器来执行数据的完整性。所有这些功能在数据库里都有各自的用途;通过这些完整性功能的结合，可以实现您的数据库的灵活性和易于管理，而且还安全。声明数据完整性声明数据完整原文请找腾讯3249114六,维-论'文.网 https://www.360docs.net/doc/258935167.html, 定义一个表时指定构成的主键的列。这就是所谓的主键约束。SQL Server使用主键约束以保证所有值的唯一性在指定的列从未侵犯。通过确保这个表有一个主键来实现这个表的实体完整性。有时，在一个表中一个以上的列（或列的组合）可以唯一标志一行，例如，雇员表可能有员工编号（ emp_id ）列和社会安全号码（ soc_sec_num ）列，两者的值都被认为是唯一的。这种列经常被称为替代键或候选键。这些项也必须是唯一的。虽然一个表只能有一个主键，但是它可以有多个候选键。 SQL Server的支持多个候选键概念进入唯一性约束。当一列或列的组合被声明是唯一的， SQL Server 会阻止任何行因为违反这个唯一性而进行的添加或更新操作。在没有故指的或者合适的键存在时，指定一个任意的唯一的数字作为主键，往往是最有效的。例如，企业普遍使用的客户号码或账户号码作为唯一识别码或主键。通过允许一个表中的一个列拥有身份属性，SQL Server可以更容易有效地产生唯一数字。您使用的身份属性可以确保每个列中的值是唯一的，并且值将从你指定的起点开始，以你指定的数量进行递增（或递减）。（拥有特定属性的列通常也有一个主键或唯一约束，但这不是必需的。）第二种类型的数据完整性是参照完整性。 SQL Server实现了表和外键约束之间的逻辑关系。外键是一个表中的列或列的组合，连接着另一个表的主键（或着也可能是替代键）。这两个表之间的逻辑关系是关系模型的基础;参照完整性意味着这种关系是从来没有被违反的。例如，一个包括出版商表和标题表的简单的select例子。在标题表中，列title_id （标题编号）是主键。在出版商表，列pub_id （出版者ID ）是主键。 titles表还包括一个pub_id列，这不是主键，因为出版商可以发布多个标题。相反， pub_id是一个外键，它对应着出版商表的主键。如果你在定义表的时候声明了这个关系， SQL Server由双方执行它。首先，它确保标题不能进入titles表，或在titles表中现有的pub_id无法被修改，除非有效的出版商ID作为新pub_id出现在出版商表中。其次，它确保在不考虑titles表中对应值的情况下，出版商表中的pub_id的值不做任何改变。以下两种方法可

企业人力资源管理系统分析与设计 外文翻译

Enterprise Human Resources Management System Design And Implementation Abstract: Human resource management system is the core content of modern enterprise management. With the rapid development of the computer information technology and unprecedented prevalence of electronic commerce mode，the competition between enterprises is turning from visible economic markets to the network. Developing the human resource management system supported by computer technology，network technology and information technology can not only improve the skill of human resource management and the efficiency of the enterprises but also make human resource management modern and decision sciencefic,Modern human resource management uses B/S mode to avoid C/S modes short coming of difficult in maintdning and reusing.According to the functional requirements of the actual project,this article specificly state the analysis of system,the general desigin of the system,the detail design of system and the practice of the system. The development of the system is the practice of MVC design ideas, maing using the Jsp+Servlet+JavaBean form of development.Jsp is the practice of MVC design ideas’view,in charge of receiving/responding the request of the customer.Servlet mainly responsible for the core business control of the whole system is the practice of the vontroller of MVC design idea to take charge of the statistics and rules of the whole system. In the practice of the system, somr open-source projrcts,such as the Ajax technique,JfreChart statements,fileupload technology,has been used. Using the modern human resource management theropy and analysising the actual situation, comparing the current situation of human resource management system, a huaman resource contents of management system basied on the Internet/Intranet has been designed. The main management,attendance management training more efficient statistics. Keywords:human resource management; B/S mode; Open-source projects; MVC mode. 摘要 人力资源管理系统是现代企业管理的核心内容。随着计算机信息技术的高速发展，电子商务模式的空前盛行，企业之间的竞争也从有形的经济市场转向了网络。开发以计算机技术、网络技术、信息技术支持的现代人力资源管理系统，既能提高企业人力资源管理的技术含量和企业的办事效率，也能使人力资源管理能够进入现代化、决策科学化的进程。现代人力资源管理系统采用了B/S模式，可以避免C/S模式的重用性差、维护难度高的缺点和

网络安全外文翻译文献

网络安全外文翻译文献 (文档含英文原文和中文翻译) 翻译： 计算机网络安全与防范 1.1引言 计算机技术的飞速发展提供了一定的技术保障，这意味着计算机应用已经渗透到社会的各个领域。在同一时间，巨大的进步和网络技术的普及，社会带来了巨大的经济利润。然而，在破坏和攻击计算机信息系统的方法已经改变了很多的网络环境下，网络安全问题逐渐成为计算机安全的主流。

1.2网络安全 1.2.1计算机网络安全的概念和特点 计算机网络的安全性被认为是一个综合性的课题，由不同的人，包括计算机科学、网络技术、通讯技术、信息安全技术、应用数学、信息理论组成。作为一个系统性的概念，网络的安全性由物理安全、软件安全、信息安全和流通安全组成。从本质上讲，网络安全是指互联网信息安全。一般来说，安全性、集成性、可用性、可控性是关系到网络信息的相关理论和技术，属于计算机网络安全的研究领域。相反，狭隘“网络信息安全”是指网络安全，这是指保护信息秘密和集成，使用窃听、伪装、欺骗和篡夺系统的安全性漏洞等手段，避免非法活动的相关信息的安全性。总之，我们可以保护用户利益和验证用户的隐私。 计算机网络安全有保密性、完整性、真实性、可靠性、可用性、非抵赖性和可控性的特点。 隐私是指网络信息不会被泄露给非授权用户、实体或程序，但是授权的用户除外，例如，电子邮件仅仅是由收件人打开，其他任何人都不允许私自这样做。隐私通过网络信息传输时，需要得到安全保证。积极的解决方案可能会加密管理信息。虽然可以拦截，但它只是没有任何重要意义的乱码。 完整性是指网络信息可以保持不被修改、破坏，并在存储和传输过程中丢失。诚信保证网络的真实性，这意味着如果信息是由第三方或未经授权的人检查，内容仍然是真实的和没有被改变的。因此保持完整性是信息安全的基本要求。 可靠性信息的真实性主要是确认信息所有者和发件人的身份。 可靠性表明该系统能够在规定的时间和条件下完成相关的功能。这是所有的网络信息系统的建立和运作的基本目标。 可用性表明网络信息可被授权实体访问，并根据自己的需求使用。 不可抵赖性要求所有参加者不能否认或推翻成品的操作和在信息传输过程中的承诺。

外文文献翻译 An Introduction to Database Management System

英文翻译 数据库管理系统的介绍 Raghu Ramakrishnan 数据库（database,有时被拼作data base）又称为电子数据库，是专门组织起来的一组数据或信息，其目的是为了便于计算机快速查询及检索。数据库的结构是专门设计的，在各种数据处理操作命令的支持下，可以简化数据的存储、检索、修改和删除。数据库可以存储在磁盘、磁带、光盘或其他辅助存储设备上。 数据库由一个或一套文件组成，其中的信息可以分解为记录，每一条记录又包含一个或多个字段（或称为域）。字段是数据存取的基本单位。数据库用于描述实体，其中的一个字段通常表示与实体的某一属性相关的信息。通过关键字以及各种分类（排序）命令，用户可以对多条记录的字段进行查询，重新整理，分组或选择，以实体对某一类数据的检索，也可以生成报表。 所有数据库（除最简单的）中都有复杂的数据关系及其链接。处理与创建，访问以及维护数据库记录有关的复杂任务的系统软件包叫做数据库管理系统（DBMS）。DBMS软件包中的程序在数据库与其用户间建立接口。（这些用户可以是应用程序员，管理员及其他需要信息的人员和各种操作系统程序）DBMS可组织、处理和表示从数据库中选出的数据元。该功能使决策者能搜索、探查和查询数据库的内容，从而对正规报告中没有的，不再出现的且无法预料的问题做出回答。这些问题最初可能是模糊的并且（或者）是定义不恰当的，但是人们可以浏览数据库直到获得所需的信息。简言之，DBMS将“管理”存储的数据项和从公共数据库中汇集所需的数据项用以回答非程序员的询问。 DBMS由3个主要部分组成：（1）存储子系统，用来存储和检索文件中的数据；（2）建模和操作子系统，提供组织数据以及添加、删除、维护、更新数据的方法；（3）用户和DBMS之间的接口。在提高数据库管理系统的价值和有效性方面正在展现以下一些重要发展趋势： 1.管理人员需要最新的信息以做出有效的决策。 2.客户需要越来越复杂的信息服务以及更多的有关其订单，发票和账号的当前信息。

数据库设计外文翻译

外文翻译： 索引 原文来源：Thomas Kyte．Expert Oracle Database Architecture ．2nd Edition． 译文正文： 什么情况下使用B*树索引? 我并不盲目地相信“法则”（任何法则都有例外），对于什么时候该用B*索引，我没有经验可以告诉你。为了证明为什么这个方面我无法提供任何经验，下面给出两种等效作法：?使用B*树索引，如果你想通过索引的方式去获得表中所占比例很小的那些行。 ?使用B *树索引，如果你要处理的表和索引许多可以代替表中使用的行。 这些规则似乎提供相互矛盾的意见，但在现实中，他们不是这样的，他们只是涉及两个极为不同的情况。有两种方式使用上述意见给予索引： ?作为获取表中某些行的手段。你将读取索引去获得表中的某一行。在这里你想获得表中所占比例很小的行。 ?作为获取查询结果的手段。这个索引包含足够信息来回复整个查询，我们将不用去查询全表。这个索引将作为该表的一个瘦版本。 还有其他方式—例如，我们使用索引去检索表的所有行，包括那些没有建索引的列。这似乎违背了刚提出的两个规则。这种方式获得将是一个真正的交互式应用程序。该应用中，其中你将获取其中的某些行，并展示它们，等等。你想获取的是针对初始响应时间的查询优化，而不是针对整个查询吞吐量的。 在第一种情况（也就是你想通过索引获得表中一小部分的行）预示着如果你有一个表T （使用与早些时候使用过的相一致的表T）,然后你获得一个像这样查询的执行计划： ops$tkyte%ORA11GR2> set autotrace traceonly explain ops$tkyte%ORA11GR2> select owner, status 2 from t 3 where owner = USER; Execution Plan ---------------------------------------------------------- Plan hash value: 1049179052 ------------------------------------------------------------------ | Id | Operation | Name | Rows | Bytes | ------------------------------------------------------------------ | 0 | SELECT STATEMENT | | 2120 | 23320 | | 1 | TABLE ACCESS BY INDEX ROWID |T | 2120 | 23320 | | *2 | INDEX RANGE SCAN | DESC_T_IDX | 8 | | ------------------------------------------------------------------ Predicate Information (identified by operation id): --------------------------------------------------- 2 - access(SYS_OP_DESCEND("OWNER")=SYS_OP_DESCEND(USER@!)) filter(SYS_OP_UNDESCEND(SYS_OP_DESCEND("OWNER"))=USER@!) 你应该访问到该表的一小部分。这个问题在这里看是INDEX (RANGE SCAN) 紧跟在

农村金融小额信贷中英文对照外文翻译文献

农村金融小额信贷中英文对照外文翻译文献(文档含英文原文和中文翻译) RURAL FINANCE: MAINSTREAMING INFORMAL FINANCIAL INSTITUTIONS By Hans Dieter Seibel Abstract Informal financial institutions (IFIs), among them the ubiquitous rotating savings and credit associations, are of ancient origin. Owned and self-managed by local people, poor and non-poor, they are self-help organizations which mobilize their own resources, cover their costs and finance their growth from their profits. With the expansion of the money economy, they have spread into new areas and grown in numbers, size and diversity; but ultimately, most have remained restricted in size, outreach and duration. Are they best left alone, or should they be helped to upgrade