CN109344656A - A kind of data encrypting/de-encrypling method of database, device and equipment - Google Patents
A kind of data encrypting/de-encrypling method of database, device and equipment Download PDFInfo
- Publication number
- CN109344656A CN109344656A CN201811446034.8A CN201811446034A CN109344656A CN 109344656 A CN109344656 A CN 109344656A CN 201811446034 A CN201811446034 A CN 201811446034A CN 109344656 A CN109344656 A CN 109344656A
- Authority
- CN
- China
- Prior art keywords
- data
- database
- key
- encryption
- decryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
This application discloses a kind of data ciphering methods of database, comprising: calls handler processor corresponding with the data type of first object data, device encrypts first object data with scheduled cipher mode through this process.Disclosed herein as well is a kind of data decryption methods, comprising: determines the data type of the second target data;Handler processor corresponding with data type is called, device is decrypted the second target data according to scheduled manner of decryption through this process.It can be seen that, in this programme, for the data for reading or being written from database, it is the encryption and decryption realized by handler processor to data, this encryption and decryption mode is easy to use, the encryption and decryption of data can be completed in the complex logic for making developer be not necessarily to pay close attention to bottom, while guaranteeing the high security of data.Disclosed herein as well is the data encryption/decryption devices and equipment of a kind of database, are equally able to achieve above-mentioned technical effect.
Description
Technical field
This application involves database encryption technology fields, more specifically to a kind of data encryption/decryption of database
Method, apparatus and equipment.
Background technique
With the rapidly development of internet in recent years, incident is more and more information security issues, therefore, letter
The secure access problem of breath resource becomes increasingly conspicuous.Encryption is one of key problem of database security, and database encryption technology is
A kind of effective means of sensitive information safety in the database is stored in guarantee.Although at present there are more Encryption Algorithm,
It is that current Encryption Algorithm has that access is difficult, the encryption of data could be completed by needing to do a large amount of work.
Therefore, how encryption and decryption simply and effectively to be carried out to the data of database, is that those skilled in the art need to solve
The problem of.
Summary of the invention
The data encrypting/de-encrypling method, device and equipment for being designed to provide a kind of database of the application, to realize letter
It is single that encryption and decryption effectively is carried out to the data of database.
To achieve the above object, the embodiment of the present application provides following technical solution:
A kind of data ciphering method of database, comprising:
Determine the data type of the first object data of database to be written;
Handler processor corresponding with the data type is called, is added by handler processor according to scheduled
Close mode encrypts the first object data;
Database is written into encrypted first object data.
Wherein, described to call handler processor corresponding with the data type, pass through handler processor root
The first object data are encrypted according to scheduled cipher mode, comprising:
Handler processor corresponding with the data type is called, is added by handler processor according to scheduled
Close mode obtains key from encryption key library, encrypts to the first object data.
Wherein it is determined that before the data type of the first object data of database to be written, further includes:
Judge whether data encryption mode is handler mode;
If so, the step of executing the data type of the first object data of determination database to be written;
If it is not, then calls tool class, obtains key from encryption key library by the tool-class, to the first object
Data are encrypted.
Wherein, this programme further include:
Receive the addition instruction for carrying new key;
The new key is added to encryption key library, to encrypt using new key to new data.
Wherein, this programme further include:
Being detected using scheduled duration as interval whether there is invalid key in the encryption key library;The invalid key is
Expired key or the key revealed;
If it exists, then pending data corresponding with the invalid key is determined from the database;
Decryption oprerations are executed to the pending data using the invalid key, and using in the encryption key library
After data after effective key pair decryption execute cryptographic operation, stored again to the database.
A kind of data decryption method of database, comprising:
The second target data is read from database;
Determine the data type of second target data;
Handler processor corresponding with the data type is called, by handler processor according to scheduled solution
Second target data is decrypted in close mode.
A kind of data encryption device of database, comprising:
First determining module, the data type of the first object data for determining database to be written;
Encrypting module is handled for calling handler processor corresponding with the data type by handler
Device encrypts the first object data according to scheduled cipher mode;
Data write. module, for database to be written in encrypted first object data.
A kind of data decryption apparatus of database, comprising:
Data read module, for reading the second target data from database;
Second determining module, for determining the data type of second target data;
Deciphering module is handled for calling handler processor corresponding with the data type by handler
Device is decrypted second target data according to scheduled manner of decryption.
A kind of data encryption equipment of database, comprising:
Memory, for storing computer program;
Processor, when for executing the computer program the step of realization such as data ciphering method of above-mentioned database.
A kind of data decryption apparatus of database, comprising:
Memory, for storing computer program;
Processor, when for executing the computer program the step of realization such as data decryption method of above-mentioned database.
By above scheme it is found that a kind of data ciphering method of database provided by the embodiments of the present application, comprising: determine
The data type of the first object data of database to be written;Handler processor corresponding with data type is called, is passed through
Handler processor encrypts first object data according to scheduled cipher mode;By encrypted first object data
Database is written.The embodiment of the present application also provides a kind of data decryption method of database, comprising: reads the second mesh from database
Mark data;Determine the data type of the second target data;Handler processor corresponding with data type is called, is passed through
Handler processor is decrypted the second target data according to scheduled manner of decryption.
As it can be seen that in the present solution, being by handler processor for from data database reading or be written
Realize the encryption and decryption to data, this encryption and decryption mode is easy to use, and developer is made to be not necessarily to pay close attention to the complex logic of bottom
The encryption and decryption of data can be completed, while guaranteeing the high security of data.Disclosed herein as well is a kind of data of database to add
Close/decryption device and equipment, are equally able to achieve above-mentioned technical effect.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of application for those of ordinary skill in the art without creative efforts, can be with
It obtains other drawings based on these drawings.
Fig. 1 is a kind of data ciphering method flow diagram of database disclosed in the embodiment of the present application;
Fig. 2 is the data ciphering method flow diagram of another kind database disclosed in the embodiment of the present application;
Fig. 3 is a kind of data encryption device structural schematic diagram of database disclosed in the embodiment of the present application;
Fig. 4 is a kind of data decryption method flow diagram of database disclosed in the embodiment of the present application;
Fig. 5 is the data decryption method flow diagram of another kind database disclosed in the embodiment of the present application;
Fig. 6 is a kind of data decryption apparatus structural schematic diagram of database disclosed in the embodiment of the present application.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on
Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall in the protection scope of this application.
The embodiment of the present application discloses the data encrypting/de-encrypling method, device and equipment of a kind of database, simple to realize
Encryption and decryption effectively is carried out to the data of database.
Referring to Fig. 1, a kind of data ciphering method of database provided by the embodiments of the present application, comprising:
S101, determine database to be written first object data data type;
Specifically, the first object data in this programme are the data of database to be written, to pass through JDBC (Java
DataBase Connectivity, java database connection) update or insertion etc. forms write-in database data, also
It is to say, as long as write-in database and the data for needing to encrypt, can be described as first object data;Encryption behaviour is executed in order to determine
The handler processor of work, it is thus necessary to determine that the data type of first object data, the data type can be integer, double
Etc. types, it is not specific herein to limit.
S102, handler processor corresponding with the data type is called, by handler processor according to pre-
Fixed cipher mode encrypts the first object data;
It should be noted that can be called according to different data types after the data type of determining first object data
Different handler processors, handler processor add first object data according to preset cipher mode
It is close.The preset cipher mode can be common AES (Advanced Encryption Standard, Advanced Encryption
The Encryption Algorithm such as Standard), are also possible to tool-class, not specific herein to limit.
Wherein, described to call handler processor corresponding with the data type, pass through handler processor root
The first object data are encrypted according to scheduled cipher mode, comprising: call corresponding with the data type
Handler processor obtains key from encryption key library by handler processor according to scheduled cipher mode, to institute
First object data are stated to be encrypted.
In the present embodiment, it in order to guarantee the safety of key, is not stolen by other people, all key storages is being encrypted
Cipher key store, the key for being stored in encryption key library are encrypted by special algorithm;When carrying out the encryption of data, need first from adding
The key is obtained in close cipher key store, is then executed cryptographic operation by the key pair first object data obtained, is further increased
The safety of the data stored in database.
S103, database is written into encrypted first object data.
It is understood that needing the number that will be encrypted after encrypting by handler processor to first object data
According to write-in database, such as: encrypted data are updated, are inserted into database.
As can be seen that this programme encrypts data by this mode easy to use so that developer without
The encryption of data can be completed in the complex logic that bottom need to be paid close attention to, while guaranteeing the high security of data.In addition to this, this implementation
Example in cipher mode also supports key rotate, when original key expiration or reveal after, the key of data can be changed into it is new,
Encrypted component use is not influenced.
Referring to fig. 2, the data ciphering method of a kind of database provided by the embodiments of the present application, comprising:
S201, judge whether data encryption mode is handler mode;If so, executing S202;If it is not, then executing
S204;
S202, determine database to be written first object data data type;
S203, handler processor corresponding with the data type is called, by handler processor according to pre-
Fixed cipher mode encrypts the first object data, and executes S205;
S204, calls tool class obtain key from encryption key library by the tool-class, to the first object number
According to being encrypted, and execute S205;
S205, database is written into encrypted first object data.
It should be noted that in the present embodiment, proposing two kinds of encryption modes, one kind is handler mode, another
For general mode;Therefore, before encrypting to first object data, need to judge that the cipher mode of first object data is
Which kind of encryption mode.If determining in S201, data encryption mode is handler mode, executes S202-S203, passes through
Data are encrypted in handler processor, if it is determined that not being handler mode, then explanation is general mode, is at this moment held
Row S204 encrypts data by tool-class.The determination of the encryption mode, it is preset to can be administrative staff,
It can be what system was automatically determined according to attribute informations such as size of data, the data types of first object data, so as to allow use
Family flexibly selects encryption mode, increases user experience.
Based on above-mentioned any means embodiment, in the present embodiment, this programme further include:
Receive the addition instruction for carrying new key;
New key is added to encryption key library, to encrypt using new key to new data.
In the present embodiment, it needs to detect in encryption key library by interval of scheduled duration with the presence or absence of expired close
Key or the key revealed;If it is present adding new key to encryption key library;Therefore, if this programme receives
Addition instruction then needs the new key carried in instruction being added to encryption key library, when in this way encrypting new data, just
It needs to be encrypted by this data key, to be further reduced data risk.
It should be noted that cipher mode all in this programme supports key to rotate, the original in encryption key library
After having key expiration or leakage, new key can will be converted into the key of data encryption, that is to say, that either pass through
Handler processor encrypts new data or calls tool class encrypts new data, is required to from database
Middle acquisition new key improves the safety of data encryption to not influence encrypted component use.
Based on above-mentioned any embodiment, in the present embodiment, further includes:
Being detected using scheduled duration as interval whether there is invalid key in the encryption key library;The invalid key is
Expired key or the key revealed;
If it exists, then pending data corresponding with the invalid key is determined from the database;
Decryption oprerations are executed to the pending data using the invalid key, and using in the encryption key library
After data after effective key pair decryption execute cryptographic operation, stored again to the database.
It should be noted that for storing data in the database, in order to avoid there are out of date or for its key
The problem of leakage, so that the security risk for generating data storage needs to be periodically detected in encryption key library in the present embodiment
With the presence or absence of invalid key, which is the key for having expired key or revealed in this programme;If plus
There are invalid keys in close cipher key store, then firstly the need of pending data determining from database, which is to deposit in database
The data of storage encrypted by invalid key, and then after needing through invalid key to the decryption of the pending data of acquisition, again
It is encrypted using the data of effective key pair decryption in encryption key library, and is stored again into database.
Cryptographic operation and decryption oprerations in the present embodiment, can through the foregoing embodiment in any way execute,
That is: it after decryption oprerations being executed to pending data by handler processor, then is executed and is added by handler processor
Close operation after can also executing decryption oprerations to pending data by tool-class, then by tool-class executes cryptographic operation;When
It so executes cryptographic operation by other means and decryption oprerations can also be to be only illustrated by taking above-mentioned two situations as an example herein.
It is detected it is understood that being periodically detected as by interval of scheduled duration, which can be according to reality
Situation is adaptively adjusted;Invalid key in encryption key library is the key for having expired key or having revealed, accordingly
, effective key is then key that is not out of date in encryption key library and not revealing, for invalid key, by effective
Storage after data encryption can be improved the safety of data storage by key;That is, by will data weight corresponding with invalid key
The safety of data storage can be improved, even if data are obtained by attacker, due to the encryption key of data in the mode newly encrypted
It is effective key, it is ensured that data can not be decrypted, and further improve the safety of data.
Data encryption device provided by the embodiments of the present application is introduced below, data encryption device described below with
Above-described data ciphering method can be cross-referenced.
Referring to Fig. 3, a kind of data encryption device of database provided by the embodiments of the present application, comprising:
First determining module 110, the data type of the first object data for determining database to be written;
First encrypting module 120 passes through for calling handler processor corresponding with the data type
Handler processor encrypts the first object data according to scheduled cipher mode;
Data write. module 130, for database to be written in encrypted first object data.
Wherein, the first encrypting module is specifically used for: calling handler processor corresponding with the data type, leads to
Handler processor is crossed according to scheduled cipher mode, obtains key from encryption key library, to the first object data into
Row encryption.
Wherein, this programme further include:
Command reception module is added, for receiving the addition instruction for carrying new key;
New key adds adding module, for new key to be added to encryption key library, to utilize new key to new data
It is encrypted.
Wherein, this programme further include:
First judgment module, for judging whether data encryption mode is handler mode;
First determining module, for determining database to be written when data encryption mode is handler mode
The data type of first object data;
Second encrypting module, for when data encryption mode is not handler mode, calls tool class, by described
Tool-class obtains key from encryption key library, encrypts to the first object data.
Wherein, this programme further include:
Detection module whether there is invalid key for detecting using scheduled duration as interval in the encryption key library;Institute
Stating invalid key is the key for having expired key or having revealed;
Pending data determining module, in the encryption key library there are when invalid key, from the database
Middle determination pending data corresponding with the invalid key;
Data decryption module, for executing decryption oprerations to the pending data using the invalid key;
Data encryption module, for executing encryption using the data after effective key pair decryption in the encryption key library
Operation;
Data memory module, for being stored encrypted data again to the database.
The embodiment of the present application also discloses a kind of data encryption equipment of database, comprising:
Memory, for storing computer program;
Processor is realized when for executing the computer program such as the data ciphering method in above method embodiment
Step.
The embodiment of the present application also discloses a kind of computer readable storage medium, deposits on the computer readable storage medium
Computer program is contained, is realized when the computer program is executed by processor such as the data encryption side in above method embodiment
The step of method.
Wherein, the storage medium may include: USB flash disk, mobile hard disk, read-only memory (Read-Only Memory,
ROM), random access memory (Random Access Memory, RAM), magnetic or disk etc. are various can store program
The medium of code.
Referring to fig. 4, the data decryption method of a kind of database provided by the embodiments of the present application;It should be noted that this reality
The data ciphering method applied in the data decryption method and above-described embodiment in example can be cross-referenced, and same section is herein just not
It repeats;The data decryption method specifically includes:
S301, the second target data is read from database;
S302, the data type for determining second target data;
S303, handler processor corresponding with the data type is called, by handler processor according to pre-
Second target data is decrypted in fixed manner of decryption.
Wherein, this programme calls corresponding with data type handler processor, by handler processor according to
The second target data is decrypted in scheduled manner of decryption, specifically includes: calling at handler corresponding with data type
It manages device and obtains key from encryption key library by handler processor according to scheduled manner of decryption, to first mesh
Mark data are decrypted.
Specifically, decryption method provided by the present embodiment is corresponded to each other with the encryption method in above-described embodiment, therefore,
After database the second target data of reading, also need to be called according to the data type of the second target data corresponding
Handler processor is decrypted the second target data according to scheduled manner of decryption by handler processor, also,
In order to guarantee the safety of key, do not stolen by other people, by all key storages in encryption key library, in the solution for carrying out data
When close, need first to obtain the key from encryption key library, decryption is then executed by the second target data of key pair obtained
Operation.As can be seen that this programme encrypts data by this mode easy to use, so that developer is without closing
The encryption of data can be completed in the complex logic of note bottom, while guaranteeing the high security of data.
Referring to Fig. 5, the data decryption method of another kind database provided by the embodiments of the present application, comprising:
S401, the second target data is read from database;
S402, judge whether data deciphering mode is handler mode;If so, executing S403;If it is not, then executing
S405;
S403, the data type for determining second target data;
S404, handler processor corresponding with the data type is called, by handler processor according to pre-
Second target data is decrypted in fixed manner of decryption.
S405, calls tool class obtain key from encryption key library by the tool-class, to second number of targets
According to being decrypted.
Likewise, it is similar with encryption mode, when data being decrypted in the present embodiment, equally exist two kinds of decryption
Mode, one kind are handler mode, and another kind is general mode;If determining in S402, data manner of decryption is handler mould
Formula then executes S403-S404, and data are decrypted by handler processor, if it is determined that be not handler mode,
Then explanation is general mode, at this moment executes S405, data are decrypted by tool-class.The determination of the decryption mode, can root
It is determined according to the pattern identification carried in the second target data, the pattern identification added mode mark when being the data encryption
When knowing, used encryption mode when for indicating the data encryption, therefore decrypting, decryption identical with encryption mode may be selected
Mode;Likewise, the decryption mode is also possible to that administrative staff are preset or system is according to the number of the second target data
It is automatically determined according to attribute informations such as size, data types, so as to allow the selection decryption mode of user flexibility, increases user's body
It tests.
Data decryption apparatus provided by the embodiments of the present application is introduced below, data decryption apparatus described below with
Above-described data decryption method can be cross-referenced.
Referring to Fig. 6, a kind of database provided by the embodiments of the present application wherein, comprising:
Data read module 210, for reading the second target data from database;
Second determining module 220, for determining the data type of second target data;
First deciphering module 230 passes through for calling handler processor corresponding with the data type
Handler processor is decrypted second target data according to scheduled manner of decryption.
Wherein, the first deciphering module is specifically used for: calling handler processor corresponding with the data type, leads to
Handler processor is crossed according to scheduled manner of decryption, obtains key from encryption key library, to second target data into
Row decryption.
Wherein, the data decryption apparatus further include:
Second judgment module, for judging whether data deciphering mode is handler mode;
Second determining module, for determining second number of targets when data deciphering mode is handler mode
According to data type;
Second deciphering module, for when data deciphering mode is not handler mode, calls tool class, by described
Tool-class obtains key from encryption key library, and second target data is decrypted.
The embodiment of the present application also discloses a kind of data decryption apparatus of database, comprising:
Memory, for storing computer program;
Processor is realized when for executing the computer program such as the data decryption method in above method embodiment
Step.
The embodiment of the present application also discloses a kind of computer readable storage medium, deposits on the computer readable storage medium
Computer program is contained, is realized when the computer program is executed by processor such as the data deciphering side in above method embodiment
The step of method.
Wherein, the storage medium may include: USB flash disk, mobile hard disk, read-only memory (Read-Only Memory,
ROM), random access memory (Random Access Memory, RAM), magnetic or disk etc. are various can store program
The medium of code.
As can be seen that data encrypting/de-encrypling method, device, equipment and the computer of this database that this programme proposes
Readable storage medium storing program for executing can all handle the data such as the reading, modification, insertion of Mybatis data by corresponding handler
Device carries out encryption and decryption by handler processor come the data to different types of data, developer can be made without paying close attention to bottom
Complex logic the encryption and decryption of data can be completed, while guaranteeing the high security of data.
Each embodiment in this specification is described in a progressive manner, the highlights of each of the examples are with other
The difference of embodiment, the same or similar parts in each embodiment may refer to each other.
The foregoing description of the disclosed embodiments enables those skilled in the art to implement or use the present invention.
Various modifications to these embodiments will be readily apparent to those skilled in the art, as defined herein
General Principle can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, of the invention
It is not intended to be limited to the embodiments shown herein, and is to fit to and the principles and novel features disclosed herein phase one
The widest scope of cause.
Claims (10)
1. a kind of data ciphering method of database characterized by comprising
Determine the data type of the first object data of database to be written;
Handler processor corresponding with the data type is called, by handler processor according to scheduled encryption side
Formula encrypts the first object data;
Database is written into encrypted first object data.
2. data ciphering method according to claim 1, which is characterized in that the calling is corresponding with the data type
Handler processor, the first object data are added according to scheduled cipher mode by handler processor
It is close, comprising:
Handler processor corresponding with the data type is called, by handler processor according to scheduled encryption side
Formula obtains key from encryption key library, encrypts to the first object data.
3. data ciphering method according to claim 1 or 2, which is characterized in that the of the determination database to be written
Before the data type of one target data, further includes:
Judge whether data encryption mode is handler mode;
If so, the step of executing the data type of the first object data of determination database to be written;
If it is not, then calls tool class, obtains key from encryption key library by the tool-class, to the first object data
It is encrypted.
4. data ciphering method according to claim 3, which is characterized in that further include:
Receive the addition instruction for carrying new key;
The new key is added to encryption key library, to encrypt using the new key to new data.
5. data ciphering method according to claim 3, which is characterized in that further include:
Being detected using scheduled duration as interval whether there is invalid key in the encryption key library;The invalid key is out of date
Key or the key revealed;
If it exists, then pending data corresponding with the invalid key is determined from the database;
Decryption oprerations are executed to the pending data using the invalid key, and are utilized effective in the encryption key library
After data after key pair decryption execute cryptographic operation, stored again to the database.
6. a kind of data decryption method of database characterized by comprising
The second target data is read from database;
Determine the data type of second target data;
Handler processor corresponding with the data type is called, by handler processor according to scheduled decryption side
Second target data is decrypted in formula.
7. a kind of data encryption device of database characterized by comprising
First determining module, the data type of the first object data for determining database to be written;
Encrypting module passes through handler processor root for calling handler processor corresponding with the data type
The first object data are encrypted according to scheduled cipher mode;
Data write. module, for database to be written in encrypted first object data.
8. a kind of data decryption apparatus of database characterized by comprising
Data read module, for reading the second target data from database;
Second determining module, for determining the data type of second target data;
Deciphering module passes through handler processor root for calling handler processor corresponding with the data type
Second target data is decrypted according to scheduled manner of decryption.
9. a kind of data encryption equipment of database characterized by comprising
Memory, for storing computer program;
Processor realizes that the data of database as described in any one of claim 1 to 5 add when for executing the computer program
The step of decryption method.
10. a kind of data decryption apparatus of database characterized by comprising
Memory, for storing computer program;
Processor realizes the data decryption method of database as claimed in claim 6 when for executing the computer program
Step.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811446034.8A CN109344656B (en) | 2018-11-29 | 2018-11-29 | Database data encryption/decryption method, device and equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811446034.8A CN109344656B (en) | 2018-11-29 | 2018-11-29 | Database data encryption/decryption method, device and equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109344656A true CN109344656A (en) | 2019-02-15 |
CN109344656B CN109344656B (en) | 2021-10-22 |
Family
ID=65318745
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811446034.8A Active CN109344656B (en) | 2018-11-29 | 2018-11-29 | Database data encryption/decryption method, device and equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109344656B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111079188A (en) * | 2019-12-27 | 2020-04-28 | 苏州海管家物流科技有限公司 | mybatis field encryption and decryption device and encryption and decryption system |
CN113722743A (en) * | 2021-09-14 | 2021-11-30 | 刘晓冰 | File encryption and decryption method and related equipment and system |
CN115023920A (en) * | 2021-11-05 | 2022-09-06 | 富途网络科技(深圳)有限公司 | Method and device for data processing in stock right incentive system |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101119193A (en) * | 2006-08-02 | 2008-02-06 | 成都若谷科技开发有限公司 | Digital player with copyright protection and its complement software |
CN101594229A (en) * | 2009-06-30 | 2009-12-02 | 华南理工大学 | A kind of trusted network connection system and method based on combined public key |
US20120089839A1 (en) * | 2010-10-06 | 2012-04-12 | General Instrument Corporation | Online secure device provisioning with online device binding using whitelists |
CN103036884A (en) * | 2012-12-14 | 2013-04-10 | 中国科学院上海微系统与信息技术研究所 | Data protection method and system based on homomorphic encryption |
CN105022966A (en) * | 2015-07-21 | 2015-11-04 | 郭俊雄 | Database data encryption and decryption method and system |
CN105843609A (en) * | 2016-03-18 | 2016-08-10 | 浪潮软件集团有限公司 | MVC frame based on Spring and MyBatis |
US20170104746A1 (en) * | 2015-10-08 | 2017-04-13 | American Express Travel Related Services Company, Inc. | System and method for data security on big data sets |
CN107454590A (en) * | 2017-07-26 | 2017-12-08 | 上海斐讯数据通信技术有限公司 | A kind of data ciphering method, decryption method and wireless router |
CN207083085U (en) * | 2017-08-04 | 2018-03-09 | 重庆万里高科技有限公司 | A kind of multi-standard data radio station system |
CN107995147A (en) * | 2016-10-27 | 2018-05-04 | 中国电信股份有限公司 | Metadata encryption and decryption method and system based on distributed file system |
CN108600416A (en) * | 2018-07-06 | 2018-09-28 | 杭州涂鸦信息技术有限公司 | A kind of method that internet of things equipment MAC Address dynamically distributes |
-
2018
- 2018-11-29 CN CN201811446034.8A patent/CN109344656B/en active Active
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101119193A (en) * | 2006-08-02 | 2008-02-06 | 成都若谷科技开发有限公司 | Digital player with copyright protection and its complement software |
CN101594229A (en) * | 2009-06-30 | 2009-12-02 | 华南理工大学 | A kind of trusted network connection system and method based on combined public key |
US20120089839A1 (en) * | 2010-10-06 | 2012-04-12 | General Instrument Corporation | Online secure device provisioning with online device binding using whitelists |
CN103036884A (en) * | 2012-12-14 | 2013-04-10 | 中国科学院上海微系统与信息技术研究所 | Data protection method and system based on homomorphic encryption |
CN105022966A (en) * | 2015-07-21 | 2015-11-04 | 郭俊雄 | Database data encryption and decryption method and system |
US20170104746A1 (en) * | 2015-10-08 | 2017-04-13 | American Express Travel Related Services Company, Inc. | System and method for data security on big data sets |
CN105843609A (en) * | 2016-03-18 | 2016-08-10 | 浪潮软件集团有限公司 | MVC frame based on Spring and MyBatis |
CN107995147A (en) * | 2016-10-27 | 2018-05-04 | 中国电信股份有限公司 | Metadata encryption and decryption method and system based on distributed file system |
CN107454590A (en) * | 2017-07-26 | 2017-12-08 | 上海斐讯数据通信技术有限公司 | A kind of data ciphering method, decryption method and wireless router |
CN207083085U (en) * | 2017-08-04 | 2018-03-09 | 重庆万里高科技有限公司 | A kind of multi-standard data radio station system |
CN108600416A (en) * | 2018-07-06 | 2018-09-28 | 杭州涂鸦信息技术有限公司 | A kind of method that internet of things equipment MAC Address dynamically distributes |
Non-Patent Citations (3)
Title |
---|
FANGZHOU YAO 等: "CryptVMI: Encrypted Virtual Machine Introspection in the Cloud", 《2014 IEEE 7TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING》 * |
乱舞狂刀: "mybatis进阶之typeHandler", 《HTTPS://MY.OSCHINA.NET/FIRSTBING/BLOG/1593353》 * |
谢鑫 等: "一种基于虚拟机Handler动态加解密的软件保护方法及实现", 《计算机应用与软件》 * |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111079188A (en) * | 2019-12-27 | 2020-04-28 | 苏州海管家物流科技有限公司 | mybatis field encryption and decryption device and encryption and decryption system |
CN111079188B (en) * | 2019-12-27 | 2022-04-15 | 苏州海管家物流科技有限公司 | mybatis field encryption and decryption device and encryption and decryption system |
CN113722743A (en) * | 2021-09-14 | 2021-11-30 | 刘晓冰 | File encryption and decryption method and related equipment and system |
CN115023920A (en) * | 2021-11-05 | 2022-09-06 | 富途网络科技(深圳)有限公司 | Method and device for data processing in stock right incentive system |
WO2023077445A1 (en) * | 2021-11-05 | 2023-05-11 | 富途网络科技(深圳)有限公司 | Method and apparatus for processing data in equity incentive system |
CN115023920B (en) * | 2021-11-05 | 2024-01-19 | 富途网络科技(深圳)有限公司 | Method and device for data processing in a equity incentive system |
Also Published As
Publication number | Publication date |
---|---|
CN109344656B (en) | 2021-10-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104156642B (en) | A kind of security password input system and method based on safe touch screen control chip | |
US10341091B2 (en) | Secure memory storage | |
KR101391152B1 (en) | Method and apparatus for protecting digital contents stored in USB Mass Storage device | |
CN107078904B (en) | Hybrid cryptographic key derivation | |
US7194633B2 (en) | Device and method with reduced information leakage | |
CN105450620A (en) | Information processing method and device | |
JP6046360B2 (en) | Sensitive data encryption and storage | |
Chatzikonstantinou et al. | Evaluation of cryptography usage in android applications | |
JP2019505887A (en) | Mobile device with reliable execution environment | |
TW201723920A (en) | Hardware enforced one-way cryptography | |
EP3625720B1 (en) | Reducing compromise of sensitive data in virtual machine | |
US10250387B1 (en) | Quantum computer resistant algorithm cryptographic key generation, storage, and transfer device | |
CN106416124A (en) | Semi-deterministic digital signature generation | |
CN103378971B (en) | A kind of data encryption system and method | |
CN103210396A (en) | Method and apparatus including architecture for protecting sensitive code and data | |
CN109344656A (en) | A kind of data encrypting/de-encrypling method of database, device and equipment | |
CN204242180U (en) | A kind of security password input system based on safe touch screen control chip | |
WO2016190924A2 (en) | Side channel analysis resistant architecture | |
CN110287208A (en) | The method and apparatus of database field encryption, storage medium | |
Lee et al. | Security issues on the CNG cryptography library (Cryptography API: Next Generation) | |
CN107563226B (en) | Memory controller, processor module and key updating method | |
CN106548351A (en) | A kind of optimization method and terminal of fingerprint payment flow | |
JP2010217975A (en) | Information processor, application program, and method for executing application program | |
JP6899308B2 (en) | Information processing device and data processing method of information processing device | |
US9122504B2 (en) | Apparatus and method for encryption in virtualized environment using auxiliary medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |