Skip to content

firatozz/DBShield

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

DBShield

Protects your data by inspecting incoming queries from your application server and rejecting abnormal ones. It also supports data masking to avoid data leaks.

How it works?

For example, this is how web server normally interacts with database server:

Sample Web Server and DB

By adding DBShield in front of database server we can protect it against abnormal queries and apply masking to database responses. To detect abnormal queries we first run DBShield in learning mode. Learning mode lets any query pass but it records information about it (pattern, username, time and source) into internal database.

Learning mode

After collecting enough patterns we can run DBShield in protect mode. Protect mode can distinguish abnormal query patterns, request time, user and source and take action based on configurations. It can also replace results of normal queries by applying data masking (ex. replace each digit of CC number by "X" except the last three digits)

Protect mode

Installation

$ go get github.com/nim4/DBShield

then you can execute it like:

$ $GOPATH/bin/DBShield -f $GOPATH/src/github.com/nim4/DBShield/conf/dbshield.yml

Supported Databases:

Database Protect Data Masking
MariaDB Yes Yes
MySQL Yes Yes
Oracle Yes No

To Do

  • Add Masking support for Oracle Database
  • Add Microsoft SQL Server
  • Add Postgres

About

Protects your data by inspecting database traffic

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Go 100.0%