CN104636444A - Database encryption and decryption method and device - Google Patents
Database encryption and decryption method and device Download PDFInfo
- Publication number
- CN104636444A CN104636444A CN201510016739.6A CN201510016739A CN104636444A CN 104636444 A CN104636444 A CN 104636444A CN 201510016739 A CN201510016739 A CN 201510016739A CN 104636444 A CN104636444 A CN 104636444A
- Authority
- CN
- China
- Prior art keywords
- database
- decrypted
- information
- encrypted data
- data storehouse
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/28—Databases characterised by their database models, e.g. relational or object models
- G06F16/284—Relational databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention provides a database encryption and decryption method and device. The method comprises the steps that version information, a mark and an encryption algorithm corresponding to a database are written into a preset position in a database to be encrypted, an encrypted password is calculated according to the version information and the mark corresponding to the database to be encrypted, and the encrypted password is written into a password verifying position in the database; during decryption, an encryption password in the preset position and the content of the password verifying position in a database to be decrypted are read, and the encryption password and the content of the password verifying position are compared; if the encryption password and the content of the password verifying position are consistent, the database can be opened only when a secret key is obtained according to a secondary encryption algorithm and the password verifying position is backfilled with the secret key; the file loading correctness of the database can be ensured, meanwhile, the cracking difficulty of the database can be improved, and the safety of the encrypted database is improved.
Description
Technical field
The embodiment of the present invention relates to communication technical field, particularly relates to a kind of encipher-decipher method and device of database.
Background technology
Communication facilities needs management tool such as LMT_R to carry out management and utilization as radio network controller (Radio Network Controller, RNC), for the data on the communication facilitiess such as network element RNC, usually needs to be synchronized to local data base.For local data base, need to guarantee that the data on local data and network element are consistent, prevent data to be illegally modified, therefore, protection is encrypted to database and seems very important.
Existing Oracle, SQL (a kind of program word aiming at database job system, Structure Query Language) installing DB such as server and use too complicated, use Access database, just database function can be completed, and it is easy to use, install simple, for this software lower to Database Requirements of LMT_R, use Access just can complete.But existing Access data base encryption is too simple, the common method be encrypted by revising internal memory easily causes again database file to damage, and causes instrument to use.
Summary of the invention
The invention provides a kind of encipher-decipher method and device of database, can ensure the correctness of loading of databases file, what can promote database cracks difficulty simultaneously, improves the security in encrypted data storehouse.
According to a first aspect of the invention, the invention provides a kind of encryption method of database, comprise: file modification information is written to the predeterminated position in be-encrypted data storehouse, described file modification information comprises: version information, version sign and the cryptographic algorithm corresponding with described be-encrypted data storehouse; The version information corresponding according to described and described be-encrypted data storehouse and version sign calculate Crypted password; Described Crypted password is written to the cryptographic check position in described be-encrypted data storehouse, described cryptographic check position is for storing the clear crytpographic key in described be-encrypted data storehouse.
Optionally, comprise before described predeterminated position file modification information be written in be-encrypted data storehouse: the information of check code obtaining current database to be encrypted, described information of check code is for the version of the mark and described database that identify described database.
Optionally, described be-encrypted data storehouse is Access database.
Optionally, the Data Position that described predeterminated position is is starting point with 0x300 byte.
Optionally, described checksum location is the Data Position being starting point with 0x00000042 byte in database.
Compared with prior art, the present invention has the following advantages: the encryption method of database provided by the invention, file modification information is written to the predeterminated position in be-encrypted data storehouse, described file modification information comprises: the version information corresponding with described database, mark and cryptographic algorithm, according to the version information corresponding with band encrypting database, mark calculates Crypted password, and cryptographic check position Crypted password is written in database, database file can be avoided to damage, ensure the correctness of loading of databases file, what can promote database cracks difficulty simultaneously, improve the security in encrypted data storehouse.
According to a second aspect of the invention, the invention provides a kind of decryption method of database, comprising: from the predeterminated position described database to be decrypted, read Crypted password; Read the content of the cryptographic check position in database to be decrypted, described cryptographic check position is for storing the clear crytpographic key in described be-encrypted data storehouse; The content of described Crypted password with described cryptographic check position is compared, if unanimously, then obtains key according to superencipher algorithm, and described key is backfilled to described cryptographic check position.
Optionally, comprise before described file reading amendment information: the information of check code obtaining current database to be decrypted, described information of check code is for identifying the file modification information of described database to be decrypted, and described file modification information comprises the version identifier of database to be decrypted and the version information of database to be decrypted.
Optionally, described database to be decrypted is Access database.
Optionally, the Data Position that described predeterminated position is is starting point with 0x300 byte.
Optionally, described checksum location is the Data Position being starting point with 0x00000042 byte in database to be decrypted.
Compared with prior art, the present invention has the following advantages: the decryption method of database provided by the invention, Crypted password is read from the predeterminated position database to be decrypted, read the content of the cryptographic check position in database to be decrypted, the content of described Crypted password with described cryptographic check position is compared, if consistent, then obtain key according to superencipher algorithm, and described key is backfilled to described cryptographic check position, just database can be opened, thus can promote database crack difficulty, improve the security in encrypted data storehouse.
According to a third aspect of the invention we, the invention provides a kind of encryption device of database, comprise: the first writing unit, for file modification information being written to the predeterminated position in be-encrypted data storehouse, described file modification information comprises: version information, version sign and the cryptographic algorithm corresponding with described be-encrypted data storehouse; Computing unit, for calculating Crypted password according to version information corresponding to described and described be-encrypted data storehouse and version sign; Second writing unit, for described Crypted password being written to the cryptographic check position in described be-encrypted data storehouse, described cryptographic check position is for storing the clear crytpographic key in described be-encrypted data storehouse.Optionally, meeting several pre-conditioned retrieving informations described in is: several retrieving informations inputted within the time period of presetting; Described merge cells specifically for: several retrieving informations gathered in preset time period are merged, generate compound retrieving information.
Optionally, apparatus of the present invention also comprise: acquiring unit, and for obtaining the information of check code of current database to be encrypted, described information of check code is for the version of the mark and described database that identify described database.
Compared with prior art, the present invention has the following advantages: the encryption device of database provided by the invention, file modification information is written to the predeterminated position in be-encrypted data storehouse, described file modification information comprises: the version information corresponding with described database, mark and cryptographic algorithm, according to the version information corresponding with band encrypting database, mark calculates Crypted password, and cryptographic check position Crypted password is written in database, database file can be avoided to damage, ensure the correctness of loading of databases file, what can promote database cracks difficulty simultaneously, improve the security in encrypted data storehouse.
According to a forth aspect of the invention, the invention provides a kind of decryption device of database, comprising: the first reading unit, for reading Crypted password from the predeterminated position in described database to be decrypted; Second reading unit, for reading the content of the cryptographic check position in database to be decrypted, described cryptographic check position is for storing the clear crytpographic key of described database to be decrypted; Comparing unit, for the content of described clear crytpographic key with described cryptographic check position being compared, if unanimously, then obtains key according to secondary decipherment algorithm, and described key is backfilled to described cryptographic check position.
Optionally, also comprise: acquiring unit, for obtaining the information of check code of current database to be decrypted, described information of check code is for identifying the file modification information of described database to be decrypted, and described file modification information comprises the version identifier of database to be decrypted and the version information of database to be decrypted.
Optionally, described database to be decrypted is Access database.
Optionally, the Data Position that described predeterminated position is is starting point with 0x300 byte.
Optionally, described checksum location is the Data Position being starting point with 0x00000042 byte in database.
Compared with prior art, the present invention has the following advantages: the decryption device of database provided by the invention, Crypted password is read from the predeterminated position database to be decrypted, read the content of the cryptographic check position in database to be decrypted, the content of described Crypted password with described cryptographic check position is compared, if consistent, then obtain key according to superencipher algorithm, and described key is backfilled to described cryptographic check position, just database can be opened, thus can promote database crack difficulty, improve the security in encrypted data storehouse.
Accompanying drawing explanation
Fig. 1 is the encryption method process flow diagram of prior art;
Fig. 2 is that the database password of prior art stores schematic diagram;
Fig. 3 is that superencipher data of the present invention store schematic diagram;
Fig. 4 is that superencipher data of the present invention store schematic diagram;
Fig. 5 is the encryption method process flow diagram of the embodiment of the present invention;
Fig. 6 is the another kind of encryption method process flow diagram of the embodiment of the present invention;
Fig. 7 is the encryption device structural representation of inventive embodiments;
Fig. 8 is the another kind of encryption device structural representation of inventive embodiments;
Fig. 9 is the decryption method process flow diagram of the embodiment of the present invention;
Figure 10 is the another kind of decryption method process flow diagram of the embodiment of the present invention;
Figure 11 is the decryption device structural representation of inventive embodiments;
Figure 12 is the another kind of decryption device structural representation of inventive embodiments;
Figure 13 is a kind of decryption method process flow diagram.
Embodiment
By reference to the accompanying drawings the present invention is described in further detail below by embodiment.
The cipher mode that the cipher mode that current system uses carries for Access Database Systems, the flow process of this database of code access as shown in Figure 1, comprises step: import database path-preparation connection data storehouse character string-spelling password-connection data storehouse-open database into.The shortcoming of this mode has:
1), database source file can not determine, cannot ensure that whether this database file is the database that this software provides, after password is cracked, only needs the access file taking a password identical, just can obtain data, Update Table.
2), file security can not ensure, common cryptographic algorithm, easily be cracked, for Access database, cryptographic check position is 0x00000042 position after File Open, and length is 40, as shown in Figure 2, arrange password after xor operation, the key seen after just defining File Open.
The scheme provided herein is, utilizes cipher mode to be for the first time encrypted, and premised on the adding method of first time encryption, checksum location and verification rule, Update Table library file also does two-pass cipher verification, reaches the object of superencipher.
Concrete modification mode: add verification encrypted message, database version information, mark and cryptographic algorithm (referring to Fig. 3,4) in the position of database file 0x300, this position is that database does not verify region, other regions are added or revised context, and database file can be caused to collapse.
In the present invention, provide a kind of encipher-decipher method and device of database, can ensure the correctness of loading of databases file, what can promote database cracks difficulty simultaneously, improves the security in encrypted data storehouse.
Embodiment one:
Please refer to Fig. 5, Fig. 5 is the method flow diagram of the embodiment of the present invention one.As shown in Figure 5, a kind of encryption method of database, can comprise the following steps:
101, file modification information is written to the predeterminated position in be-encrypted data storehouse.
Wherein, be-encrypted data storehouse can be Access database.
File modification information comprises: the version information corresponding with be-encrypted data storehouse, mark and cryptographic algorithm.In the embodiment of the present invention, the Data Position that predeterminated position is is starting point with 0x300 byte, the Data Position of 0x300 does not participate in the verification of database, therefore, when this position writing in files amendment information, can ensure that database file there will not be collapse, ensure the normal operation of database.
102, Crypted password is calculated according to the version information corresponding with be-encrypted data storehouse and version sign.
103, Crypted password is written to the cryptographic check position in be-encrypted data storehouse.
Wherein, above-mentioned cryptographic check position is the clear crytpographic key for storing be-encrypted data storehouse.Be understandable that, when needs open database as Access database, need input clear crytpographic key to verify.Separate dense being stored in cryptographic check position.In an embodiment, when database to be encrypted is Access database, clear crytpographic key is stored in 0x00000042 position, and the length of clear crytpographic key is 40 bytes.
The version information that above-mentioned basis is corresponding with be-encrypted data storehouse and version sign calculate Crypted password, and version information and the version sign of Crypted password and database are corresponding.This Crypted password is written in be-encrypted data storehouse, Crypted password can be revised as by the password of cryptographic check position.Because Crypted password is corresponding with the version information of database and version sign, therefore can prevent the database loaded from making a mistake, reduce the risk that password is cracked, improve security during visit data library file.
The encryption method of the database that the embodiment of the present invention provides, file modification information is written to the predeterminated position in be-encrypted data storehouse, described file modification information comprises: the version information corresponding with described database, mark and cryptographic algorithm, according to the version information corresponding with band encrypting database, mark calculates Crypted password, and cryptographic check position Crypted password is written in database, database file can be avoided to damage, ensure the correctness of loading of databases file, what can promote database cracks difficulty simultaneously, improve the security in encrypted data storehouse.
Embodiment two:
Please refer to Fig. 6, Fig. 6 is the encryption method process flow diagram of the embodiment of the present invention two.As shown in Figure 6, compared with embodiment one, the embodiment of the present invention also comprised step before file modification information being written to the predeterminated position in be-encrypted data storehouse:
201, the information of check code of current database to be encrypted is obtained.
Information of check code is for the version of the mark and described database that identify described database.After obtaining information of check code, the mark of database corresponding to be-encrypted data storehouse and the version of described database can be obtained.
The present embodiment can also comprise step:
202, file modification information is written to the predeterminated position in be-encrypted data storehouse.
203, Crypted password is calculated according to the version information corresponding with be-encrypted data storehouse and version sign.
204, Crypted password is written to the cryptographic check position in be-encrypted data storehouse.
Step 202-204 is identical with the step 101-103 embodiment in embodiment one, and the present embodiment no longer repeats these steps.
S9, connection data storehouse.
Embodiment three:
Accordingly, the present invention also provides a kind of data base encryption device, please refer to Fig. 7, and Fig. 7 is the apparatus structure schematic diagram of the embodiment of the present invention.As shown in Figure 7, data base encryption device can comprise:
First writing unit 30, for file modification information being written to the predeterminated position in be-encrypted data storehouse, described file modification information comprises: version information, version sign and the cryptographic algorithm corresponding with described be-encrypted data storehouse.
Computing unit 31, for calculating Crypted password according to version information corresponding to described and described be-encrypted data storehouse and version sign.
Second writing unit 32, for described Crypted password being written to the cryptographic check position in described be-encrypted data storehouse, described cryptographic check position is for storing the clear crytpographic key in described be-encrypted data storehouse.
Please also refer to Fig. 8, in an embodiment, data base encryption device of the present invention can also comprise:
Acquiring unit 33, for obtaining the information of check code of current database to be encrypted, described information of check code is for the version of the mark and described database that identify described database.
The above, in preferred embodiment, be-encrypted data storehouse is Access database.The Data Position that predeterminated position is is starting point with 0x300 byte.Checksum location is the Data Position being starting point with 0x00000042 byte in database.
The encryption device of the database that the embodiment of the present invention provides, file modification information is written to the predeterminated position in be-encrypted data storehouse, described file modification information comprises: the version information corresponding with described database, mark and cryptographic algorithm, according to the version information corresponding with band encrypting database, mark calculates Crypted password, and cryptographic check position Crypted password is written in database, database file can be avoided to damage, ensure the correctness of loading of databases file, what can promote database cracks difficulty simultaneously, improve the security in encrypted data storehouse.
Embodiment four:
Please refer to Fig. 9, Fig. 9 is the method flow diagram of the embodiment of the present invention four.As shown in Figure 9, a kind of decryption method of database, can comprise the following steps:
401, from the predeterminated position database to be decrypted, Crypted password is read.
402, the content of the cryptographic check position in database to be decrypted is read.
Cryptographic check position is for storing the clear crytpographic key in described be-encrypted data storehouse.
403, the content of Crypted password with cryptographic check position is compared, if unanimously, then perform step 404.
404, obtain key according to superencipher algorithm, and key is backfilled to described cryptographic check position.
Embodiment five:
Please refer to Figure 10, Figure 10 is the encryption method process flow diagram of the embodiment of the present invention five.As shown in Figure 10, compared with embodiment four, the embodiment of the present invention also comprised step before file modification information being written to the predeterminated position in be-encrypted data storehouse:
501, the information of check code of current database to be decrypted is obtained.
Information of check code is for identifying the file modification information of database to be decrypted, and file modification information comprises the version identifier of database to be decrypted and the version information of database to be decrypted.
The present embodiment can also comprise step:
502, from the predeterminated position database to be decrypted, Crypted password is read.
In an embodiment, the Data Position that predeterminated position is is starting point with 0x300 byte.
503, the content of the cryptographic check position in database to be decrypted is read.
Cryptographic check position is for storing the clear crytpographic key in described be-encrypted data storehouse.In an embodiment, checksum location is the Data Position being starting point with 0x00000042 byte in database to be decrypted.
504, the content of Crypted password with cryptographic check position is compared, if unanimously, then perform step 505.
505, obtain key according to superencipher algorithm, and key is backfilled to cryptographic check position.
Step 502-505 is identical with the step 401-404 embodiment in embodiment four, and the present embodiment no longer repeats these steps.
In an embodiment, database to be decrypted is Access database.
Embodiment six:
Accordingly, the present invention also provides a kind of database decryption device, please refer to Figure 11, and Figure 11 is the apparatus structure schematic diagram of the embodiment of the present invention.As shown in figure 12, database decryption device can comprise:
First reading unit 60, for reading Crypted password from the predeterminated position in described database to be decrypted.
Second reading unit 61, for reading the content of the cryptographic check position in database to be decrypted, described cryptographic check position is for storing the clear crytpographic key of described database to be decrypted.
Comparing unit 62, for the content of described clear crytpographic key with described cryptographic check position being compared, if unanimously, then obtains key according to secondary decipherment algorithm, and described key is backfilled to described cryptographic check position.
The Data Position that described predeterminated position is is starting point with 0x300 byte.
Described checksum location is the Data Position being starting point with 0x00000042 byte in database.
In an embodiment, as shown in figure 12, the present embodiment device also comprises:
Acquiring unit 63, for obtaining the information of check code of current database to be decrypted, described information of check code is for identifying the file modification information of described database to be decrypted, and described file modification information comprises the version identifier of database to be decrypted and the version information of database to be decrypted.
For device embodiment, due to itself and embodiment of the method basic simlarity, so description is fairly simple, relevant part illustrates see the part of embodiment of the method.
Below the decrypting process of the database after the encryption of application the present embodiment method is introduced.By the introduction of the decrypting process to database, principle and the effect of database encipher-decipher method of the present invention and device can be more clearly understood.
Please refer to Figure 13, Figure 13 is a kind of decryption method process flow diagram.As shown in figure 13, when decoding, the password (0x300 position) being database password (0x00000042 position, length is the content of 40) and encrypting of verification, detailed process following steps:
S1, open database file.
S2, reading verification encrypted message, database file is pointed to the position of 0x300 byte, and read the content of 44 bytes, this content is file modification information during data base encryption.
S3, file encryption information to be decrypted, obtain rising with 0x300 byte, 1-4 byte is the mark of current database, 5-8 byte is database version, 9-12 byte is cryptography information, by this cryptography information determination cryptographic algorithm, last 32 bytes are the encrypted message of encryption.
Enciphered message deciphering, according to cryptographic algorithm, is real password A by S4, information by reading.
S5, read 0x00000042 position, length is the content of 40.
S6, be decrypted and obtain password B.
S7, A and B to be contrasted, if unanimously, then perform step S8, otherwise terminate.
S8, by password A or B write deciphering after password to database file 0x00000042 position, length is the position of 40.
The embodiment of the present invention can describe in the general context of computer executable instructions, such as program module.Usually, program module comprises the routine, program, object, assembly, data structure etc. that perform particular task or realize particular abstract data type.Also can put into practice the present invention in a distributed computing environment, in these distributed computing environment, be executed the task by the remote processing devices be connected by communication network.In a distributed computing environment, program module can be arranged in the local and remote computer-readable storage medium comprising memory device.
Finally, also it should be noted that, in this article, the such as relational terms of first and second grades and so on is only used for an entity or operation to separate with another entity or operational zone, and not necessarily requires or imply the relation that there is any this reality between these entities or operation or sequentially.And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, commodity or equipment and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, commodity or equipment.When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, commodity or the equipment comprising described key element and also there is other identical element.
Above to a kind of encipher-decipher method provided by the present invention and device, be described in detail, apply specific case herein to set forth principle of the present invention and embodiment, the explanation of above embodiment just understands method of the present invention and core concept thereof for helping; Meanwhile, for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.
Claims (20)
1. an encryption method for database, is characterized in that, comprising:
File modification information is written to the predeterminated position in be-encrypted data storehouse, and described file modification information comprises: version information, version sign and the cryptographic algorithm corresponding with described be-encrypted data storehouse;
The version information corresponding according to described and described be-encrypted data storehouse and version sign calculate Crypted password;
Described Crypted password is written to the cryptographic check position in described be-encrypted data storehouse, described cryptographic check position is for storing the clear crytpographic key in described be-encrypted data storehouse.
2. the encryption method of database as claimed in claim 1, is characterized in that, comprise before described predeterminated position file modification information be written in be-encrypted data storehouse:
Obtain the information of check code of current database to be encrypted, described information of check code is for the version information of the version identifier and described database that identify described be-encrypted data storehouse.
3. the encryption method of database as claimed in claim 1 or 2, is characterized in that,
Described be-encrypted data storehouse is Access database.
4. the encryption method of database as claimed in claim 3, is characterized in that, the Data Position that described predeterminated position is is starting point with 0x300 byte.
5. the encryption method of database as claimed in claim 3, it is characterized in that, described checksum location is the Data Position being starting point with 0x00000042 byte in database.
6. a decryption method for database, is characterized in that, comprising:
Crypted password is read from the predeterminated position described database to be decrypted;
Read the content of the cryptographic check position in database to be decrypted, described cryptographic check position is for storing the clear crytpographic key in described be-encrypted data storehouse;
The content of described Crypted password with described cryptographic check position is compared, if unanimously, then obtains key according to superencipher algorithm, and described key is backfilled to described cryptographic check position.
7. the decryption method of database as claimed in claim 6, is characterized in that, comprise before described file reading amendment information:
Obtain the information of check code of current database to be decrypted, described information of check code is for identifying the file modification information of described database to be decrypted, and described file modification information comprises the version identifier of database to be decrypted and the version information of database to be decrypted.
8. the decryption method of database as claimed in claims 6 or 7, is characterized in that,
Described database to be decrypted is Access database.
9. the decryption method of database as claimed in claim 8, is characterized in that, the Data Position that described predeterminated position is is starting point with 0x300 byte.
10. the decryption method of database as claimed in claim 8, it is characterized in that, described checksum location is the Data Position being starting point with 0x00000042 byte in database to be decrypted.
The encryption device of 11. 1 kinds of databases, is characterized in that, comprising:
First writing unit, for file modification information being written to the predeterminated position in be-encrypted data storehouse, described file modification information comprises: version information, version sign and the cryptographic algorithm corresponding with described be-encrypted data storehouse;
Computing unit, for calculating Crypted password according to version information corresponding to described and described be-encrypted data storehouse and version sign;
Second writing unit, for described Crypted password being written to the cryptographic check position in described be-encrypted data storehouse, described cryptographic check position is for storing the clear crytpographic key in described be-encrypted data storehouse.
The encryption device of 12. databases as claimed in claim 11, is characterized in that, also comprise:
Acquiring unit, for obtaining the information of check code of current database to be encrypted, described information of check code is for the version of the mark and described database that identify described database.
The encryption device of 13. databases as described in claim 11 or 12, it is characterized in that, described be-encrypted data storehouse is Access database.
The encryption device of 14. databases as claimed in claim 13, is characterized in that, the Data Position that described predeterminated position is is starting point with 0x300 byte.
The encryption method of 15. databases as claimed in claim 13, it is characterized in that, described checksum location is the Data Position being starting point with 0x00000042 byte in database.
The decryption device of 16. 1 kinds of databases, is characterized in that, comprising:
First reading unit, for reading Crypted password from the predeterminated position in described database to be decrypted;
Second reading unit, for reading the content of the cryptographic check position in database to be decrypted, described cryptographic check position is for storing the clear crytpographic key of described database to be decrypted;
Comparing unit, for the content of described clear crytpographic key with described cryptographic check position being compared, if unanimously, then obtains key according to secondary decipherment algorithm, and described key is backfilled to described cryptographic check position.
The decryption device of 17. databases as claimed in claim 16, is characterized in that, also comprise:
Acquiring unit, for obtaining the information of check code of current database to be decrypted, described information of check code is for identifying the file modification information of described database to be decrypted, and described file modification information comprises the version identifier of database to be decrypted and the version information of database to be decrypted.
The decryption device of 18. databases as described in claim 16 or 17, is characterized in that,
Described database to be decrypted is Access database.
The decryption device of 19. databases as claimed in claim 18, is characterized in that, the Data Position that described predeterminated position is is starting point with 0x300 byte.
The decryption device of 20. databases as claimed in claim 18, it is characterized in that, described checksum location is the Data Position being starting point with 0x00000042 byte in database.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510016739.6A CN104636444B (en) | 2015-01-13 | 2015-01-13 | A kind of encryption and decryption method and device of database |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510016739.6A CN104636444B (en) | 2015-01-13 | 2015-01-13 | A kind of encryption and decryption method and device of database |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104636444A true CN104636444A (en) | 2015-05-20 |
| CN104636444B CN104636444B (en) | 2018-12-18 |
Family
ID=53215190
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510016739.6A Active CN104636444B (en) | 2015-01-13 | 2015-01-13 | A kind of encryption and decryption method and device of database |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104636444B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106250783A (en) * | 2016-08-31 | 2016-12-21 | 天津南大通用数据技术股份有限公司 | A kind of database data encryption, decryption method and device |
| CN107423631A (en) * | 2016-05-23 | 2017-12-01 | 上海神计信息系统工程有限公司 | A kind of database encipher-decipher method and device |
| CN108154040A (en) * | 2017-12-25 | 2018-06-12 | 杭州闪捷信息科技有限公司 | Database table encipher-decipher method, device and realization device based on Job |
| CN109977684A (en) * | 2019-02-12 | 2019-07-05 | 平安科技(深圳)有限公司 | A kind of data transmission method, device and terminal device |
| CN110858249A (en) * | 2018-08-24 | 2020-03-03 | 中移(杭州)信息技术有限公司 | Database file encryption method, database file decryption method and related devices |
| CN111179977A (en) * | 2018-11-09 | 2020-05-19 | 中天科技光纤有限公司 | Data storage medium, and preparation method and application method thereof |
| CN112131595A (en) * | 2020-09-30 | 2020-12-25 | 郑州信大捷安信息技术股份有限公司 | Safe access method and device for SQLite database file |
| CN113591157A (en) * | 2021-07-09 | 2021-11-02 | 厦门市美亚柏科信息股份有限公司 | Access encrypted database detection method, terminal device and storage medium |
| CN113742340A (en) * | 2021-08-17 | 2021-12-03 | 深圳Tcl新技术有限公司 | Database table processing method and related equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8532300B1 (en) * | 2007-02-13 | 2013-09-10 | Emc Corporation | Symmetric is encryption key management |
| CN103336928A (en) * | 2013-06-28 | 2013-10-02 | 贝壳网际(北京)安全技术有限公司 | Method and device for encrypting and decrypting database |
| US20140122900A1 (en) * | 2012-10-26 | 2014-05-01 | Infosys Limited | Providing searching over encrypted keywords in a database |
| CN104156451A (en) * | 2014-08-18 | 2014-11-19 | 深圳市一五一十网络科技有限公司 | Data storage managing method and system |
-
2015
- 2015-01-13 CN CN201510016739.6A patent/CN104636444B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8532300B1 (en) * | 2007-02-13 | 2013-09-10 | Emc Corporation | Symmetric is encryption key management |
| US20140122900A1 (en) * | 2012-10-26 | 2014-05-01 | Infosys Limited | Providing searching over encrypted keywords in a database |
| CN103336928A (en) * | 2013-06-28 | 2013-10-02 | 贝壳网际(北京)安全技术有限公司 | Method and device for encrypting and decrypting database |
| CN104156451A (en) * | 2014-08-18 | 2014-11-19 | 深圳市一五一十网络科技有限公司 | Data storage managing method and system |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107423631A (en) * | 2016-05-23 | 2017-12-01 | 上海神计信息系统工程有限公司 | A kind of database encipher-decipher method and device |
| CN106250783A (en) * | 2016-08-31 | 2016-12-21 | 天津南大通用数据技术股份有限公司 | A kind of database data encryption, decryption method and device |
| CN106250783B (en) * | 2016-08-31 | 2019-10-18 | 天津南大通用数据技术股份有限公司 | A kind of database data encryption, decryption method and device |
| CN108154040A (en) * | 2017-12-25 | 2018-06-12 | 杭州闪捷信息科技有限公司 | Database table encipher-decipher method, device and realization device based on Job |
| CN110858249B (en) * | 2018-08-24 | 2021-11-16 | 中移(杭州)信息技术有限公司 | Database file encryption method, database file decryption method and related devices |
| CN110858249A (en) * | 2018-08-24 | 2020-03-03 | 中移(杭州)信息技术有限公司 | Database file encryption method, database file decryption method and related devices |
| CN111179977A (en) * | 2018-11-09 | 2020-05-19 | 中天科技光纤有限公司 | Data storage medium, and preparation method and application method thereof |
| CN109977684A (en) * | 2019-02-12 | 2019-07-05 | 平安科技(深圳)有限公司 | A kind of data transmission method, device and terminal device |
| CN109977684B (en) * | 2019-02-12 | 2024-02-20 | 平安科技(深圳)有限公司 | Data transmission method and device and terminal equipment |
| CN112131595A (en) * | 2020-09-30 | 2020-12-25 | 郑州信大捷安信息技术股份有限公司 | Safe access method and device for SQLite database file |
| CN112131595B (en) * | 2020-09-30 | 2022-03-15 | 郑州信大捷安信息技术股份有限公司 | Safe access method and device for SQLite database file |
| CN113591157A (en) * | 2021-07-09 | 2021-11-02 | 厦门市美亚柏科信息股份有限公司 | Access encrypted database detection method, terminal device and storage medium |
| CN113742340A (en) * | 2021-08-17 | 2021-12-03 | 深圳Tcl新技术有限公司 | Database table processing method and related equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104636444B (en) | 2018-12-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104636444A (en) | Database encryption and decryption method and device | |
| CN1761923B (en) | Method and apparatus for encrypting database columns | |
| CN110519260B (en) | Information processing method and information processing device | |
| CN117278224A (en) | Method and system for verifying identity attribute information | |
| CN110457945B (en) | List query method, query party device, service party device and storage medium | |
| US11206134B2 (en) | System and method for protection of multipart system applications using a cryptographically protected package, a package map and a package object store for decryption and verification at runtime on the target device platform | |
| CN109429222A (en) | A kind of pair of Wireless Communication Equipment upgrade procedure and the method for communication data encryption | |
| CN102057618A (en) | Information processing device, encryption key management method, computer program and integrated circuit | |
| CN103460195A (en) | System and method for secure software update | |
| CN109308421B (en) | Information tamper-proofing method and device, server and computer storage medium | |
| CN106228084A (en) | Data guard method that the sensitive field of based role dynamically adjusts and system | |
| JP2007510209A (en) | How to ensure the integrity of a data record set | |
| CN104732159B (en) | A kind of document handling method and device | |
| CN105635144A (en) | Cloud-platform-server-based data processing method and system | |
| CN111104691A (en) | Sensitive information processing method and device, storage medium and equipment | |
| CN104484628B (en) | It is a kind of that there is the multi-application smart card of encrypting and decrypting | |
| CN102799815B (en) | A kind of method and apparatus of safe loading procedure storehouse | |
| CN110932859A (en) | User information processing method, device and equipment and readable storage medium | |
| CN110162988A (en) | A kind of sensitive data encryption method based on operation system | |
| CN112613747A (en) | Building information management method, device, equipment and storage medium | |
| CN109064596A (en) | Cipher management method, device and electronic equipment | |
| CN103403729A (en) | Secure management and personalization of unique code signing keys | |
| US20110145568A1 (en) | Handling of the usage of software in a disconnected computing environment | |
| CN115221183A (en) | Data processing method and device | |
| CN110516457B (en) | Data storage method, data reading method and storage device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |