CN102722576A - Encipherment protection system and encipherment protection method for database in cloud computing environment - Google Patents
Encipherment protection system and encipherment protection method for database in cloud computing environment Download PDFInfo
- Publication number
- CN102722576A CN102722576A CN2012101817152A CN201210181715A CN102722576A CN 102722576 A CN102722576 A CN 102722576A CN 2012101817152 A CN2012101817152 A CN 2012101817152A CN 201210181715 A CN201210181715 A CN 201210181715A CN 102722576 A CN102722576 A CN 102722576A
- Authority
- CN
- China
- Prior art keywords
- task
- encryption
- database
- management subsystem
- encipherment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides an encipherment protection system and an encipherment protection method for a database in a cloud computing environment. The encipherment protection system provided by the invention comprises an application interface, a task management subsystem, a resource management subsystem and an encipherment engine pool. The encipherment protection system provided by the invention has the following advantages that 1. the encipherment protection system adopts the encipherment engine pool so as to avoid that the database performance is reduced by the influence of the overload operation of encipherment and decryption modules; 2. an application system is entirely transparent to final users of the database, so that the conversion between clear test and cipher text can be carried out according to the requirements; 3. the encipherment engine pool is fully independent from the database and the application system, so that the encipherment function of data can be realized without changing the database and the application system; 4. the encipherment engine pool constructed by using virtualization technologies has favorable manageability and elasticity, and can be constructed according to the requirements, the bottleneck problems of the fine granularity and the large concurrency access in the application of a relational database are solved, resources can be reasonably used, and the capability and the efficiency of a database server are enhanced.
Description
Technical field
The present invention relates to information security field under the cloud computing environment; Be particularly related to data base encryption protection system and encryption protecting method under a kind of cloud computing environment; Make up data encrypting and deciphering engine pond through Intel Virtualization Technology; According to dynamic creation of encryption and decryption loading condition and scheduling encryption and decryption engine, be applicable to the protecting data encryption of big concurrent fine granularity visit.
Background technology
Cloud computing is a kind of computation schema of the mass participation based on the internet, and its computational resource is dynamic, scalable, virtualized, and provides with service manner.The user from before purchase software, be converted under the cloud computing and lease respective application software through the internet; From before the purchase server with build machine room, transfer under the cloud computing and lease the remote dummy computing power through the internet.Be that the infotech of representative is just being impelled information industry software and hardware product trend is provided socialization, intensification and specialized information service from providing independently with the cloud computing.Database storing safety is the basis that ensures cloud computing safety.
Under the cloud computing environment, dispose traditional safety practice such as protected data storehouses such as access control, fire wall and intrusion detection, have two kinds of situation to cause confidential information to reveal easily: 1) data base administrator's authority is excessive, has the right to visit all/the part confidential data; 2) backup medium is lost; The maintenance data base security of system need be carried out schedule backup to the data in the database; The lot of data backup file is stored in unshielded magnetic and the optical medium, and the hidden danger of loss is quite big, thereby possibly cause the leakage of confidential information.
Summary of the invention
To the problem that above-mentioned traditional database safety precautions exists in cloud computing environment, the present invention provides data base encryption protection system and encryption protecting method under a kind of cloud computing environment.
The present invention mainly solves, after the enciphered data formation scale in being stored in the cloud computing database server, and the existing factually encrypt/decrypt efficiently of logarithm.On the basis of conventional security measures; Adopt data encryption technology that the confidential data in the database is encrypted; Even the invador walks around or broken through various security of system mechanism like this, what obtain also is the encrypt data after encrypting, and the loss of Backup Data can not cause the leakage of confidential information yet.
First aspect of the present invention provides data base encryption protection system under a kind of cloud computing environment, comprises application interface (1), task management subsystem (2), Resource Manager Subsystem (3), fictitious host computer encryption and decryption engine pond (4), and said system comprises:
1) application interface (1) is that task management subsystem (2) carries out mutual interface with application server; On the one hand task management subsystem (2) is submitted in the SQL request of application server, the operation result of on the other hand task management subsystem (2) being collected offers application server;
2) task management subsystem (2); Resolve various database access requests; Through access control safety audit, the SQL request that allows visit is decomposed into a plurality of subtaskings, and these subtasks are issued, safeguard, kept watch on and control and management work such as renewal;
3) Resource Manager Subsystem (3), one side is collected the information of all virtual machines and physical machine; Dispose virtual machine according to the demand of the subtasking of task management subsystem issue on the other hand, provide the encryption and decryption engine establishment, reclaim service, realize virtual encryption and decryption engine demand assignment function;
4) encryption and decryption engine pond (4); The part that system is most crucial; Form based on the dynamic encryption and decryption engine of Intel Virtualization Technology by a plurality of; These encryption and decryption engines are created in virtual machine by Resource Manager Subsystem (3), are task executions unit in the task management subsystem (2), be responsible for the user's data business encryption and decryption service and data security access services are provided.
Second aspect of the present invention provides data base encryption guard method under a kind of cloud computing environment, and avoiding influences degradation problem under the database performance because of the overwork of encryption and decryption module.Encryption and decryption engine deployment architecture is optimized, realizes the on-demand service of encryption and decryption resource according to encryption and decryption functions software implementation, distribution, the virtualized thinking of bearing mode.The data base encryption guard method may further comprise the steps:
Step 1: the SQL request of application server sends to task management subsystem (2) through application interface (1), and task management subsystem (2) carries out the statement legitimate verification to this request, judges whether its statement is legal; And it is done parallel task handle;
Step 2: task management subsystem (2) is analyzed ordering with all tasks; Send to Resource Manager Subsystem (3) to can carrying out immediately of task; Exist the task of resource contention conflict to put into the task waiting formation; Simultaneously task queue is detected, the task of wait timeout is waited for perhaps according to task implementation strategy decision continuation abandon;
Step 3: the information of physical machine in Resource Manager Subsystem (3) collection system, prognoses system is to the demand of fictitious host computer, according to the fictitious host computer of deploying virtual machine strategy deployment requirements in physical machine;
Step 4: Resource Manager Subsystem (3) will according to priority sort from the task that receive task management subsystem (2); Be chosen as its Resources allocation task; According to the virtual resource of resource allocation policy selection coupling in the virtual resource tabulation, promptly virtual machine is not enough as if virtual resource; Can not satisfy the resource requirement of task, then forward step 3 to;
Step 5: in the virtual machine of Task Distribution, detect the encryption and decryption engine program and start this program, inform that successfully task management subsystem (2) task carries out, forward step 6 to if start; Otherwise inform the task execute exception, cancel task by task management subsystem (2), execution in step seven;
Step 6: task begins to carry out, and accomplishes database access and data encryption service through the encryption and decryption engine program of creating, to task management subsystem (2) return results;
Step 7: Resource Manager Subsystem (3) reclaims the complete virtual machine of task, destroys the decryption engine program.
The invention solves data base encryption protection problem under the cloud computing environment, mainly contain following advantage:
1. adopt encryption and decryption engine pond, avoid descending because of the overwork of encryption and decryption module influences database performance;
2. application system is fully transparent to the final user of database, can carry out as required expressly and the conversion work of ciphertext;
3. the encryption and decryption engine is totally independent of database and application system, need not change database and application system and just can realize data encryption feature;
4. adopt the encryption and decryption engine pond that makes up based on Intel Virtualization Technology to have good manageability and elasticity; Can create as required; The fine granularity during relevant database is used, the bottleneck problem of large concurrent access have been solved; Resource Rationalization uses, and has improved the ability and the efficient of database server.
Description of drawings
Fig. 1 is a data base encryption protection system structural representation of the present invention;
Fig. 2 is a data base encryption guard method process flow diagram of the present invention;
Fig. 3 is the application system structural drawing according to the data protection of the cloud computing environment of the embodiment of the invention;
Fig. 4 is the workflow diagram according to the application system of the data base encryption protection of the embodiment of the invention.
Embodiment
The implementation method and the system that data base encryption under the cloud computing environment of the present invention are protected below in conjunction with accompanying drawing are described in detail explanation.Many details have been provided in the description, to guarantee the thorough of instance of the present invention.
As shown in Figure 1, according to the data base encryption protection system of the embodiment of the invention, the data base encryption protection system comprises under the cloud computing environment: application interface 1, task management subsystem 2, Resource Manager Subsystem 3, encryption and decryption engine pond 4.
Application interface 1; Offer task management subsystem 2 and carry out mutual interface with application server; On the one hand task management subsystem 2 is submitted in the SQL request of application server, the operation result of on the other hand task management subsystem 2 being collected offers application server;
Encryption and decryption engine pond 4; The part that system is most crucial; Form based on the dynamic encryption and decryption engine of Intel Virtualization Technology by a plurality of; These encryption and decryption engines are created in virtual machine by Resource Manager Subsystem 3, are task executions unit in the task management subsystem 2, be responsible for the user's data business encryption and decryption service and data security access services are provided.
As shown in Figure 2, according to the data base encryption protection system of the embodiment of the invention, the data base encryption guard method may further comprise the steps under the cloud computing environment:
Step 1: the SQL request of application server sends to task management subsystem 2 through application interface 1, and task management subsystem property is carried out the statement legitimate verification to this request, judges whether its statement is legal; And it is done parallel task handle;
Step 2: task management subsystem 2 is analyzed ordering with all tasks; Send to Resource Manager Subsystem 3 to can carrying out immediately of task; Exist the task of resource contention conflict to put into the task waiting formation; Simultaneously task queue is detected, the task of wait timeout is waited for perhaps according to task implementation strategy decision continuation abandon;
Step 3: Resource Manager Subsystem 3 is responsible for the information of physical machine in the collection system, and prognoses system is to the demand of fictitious host computer, according to the fictitious host computer of deploying virtual machine strategy deployment requirements in physical machine;
Step 4: Resource Manager Subsystem 3 will according to priority sort from the task that task management subsystem 2 is received; Be chosen as its Resources allocation task; According to the virtual resource of resource allocation policy selection coupling in the virtual resource tabulation, promptly virtual machine is not enough as if virtual resource; Can not satisfy the resource requirement of task, then execution in step three;
Step 5: in the virtual machine of Task Distribution, detect the encryption and decryption engine program and start this program, inform that successfully task management subsystem 2 tasks carry out execution in step six if start; Otherwise inform the task execute exception, cancel task, execution in step seven by task management subsystem 2;
Step 6: task begins to carry out, and accomplishes database access and data encryption service through the encryption and decryption engine program of creating, to task management subsystem 2 return results;
Step 7: 3 pairs of complete virtual machines of task of Resource Manager Subsystem, reclaim, destroy the decryption engine program.
As shown in Figure 3; According to the data base encryption protection system of the embodiment of the invention, the application system of data base encryption protection comprises under the cloud computing environment: subscriber terminal equipment 5, application portal 6, application server 7, data base encryption protection system 9, key and authentication management center 8, data accountability system 10, database 11.
Subscriber terminal equipment 5; The user is through the mode of user name, password; Perhaps the UKEY login mode carries out the service access application on subscriber terminal equipment, and subscriber terminal equipment 5 is through escape way access application door 6, and (subscription client is installed the VPN client promptly to adopt HTTPS/ tradition VPN or privately owned VPN; Push on the vpn gateway of platform, set up safe interface channel behind the authentication success)/secure communication modes such as SSL/SSH/FTPS.
Application portal 6 through calling the unified identity authentication service at key and authentication management center 8, is carried out authentication to the user capture application; Judge whether to allow access application server 7 and data server through authentication information.
Key and authentication management center 8 are for data base encryption protection system 9 provides key request, obtains service; Key and authentication management center 8 are important component parts of data base encryption protection system 9; Be responsible for providing the key such as generation (derivation), preservation, backup, renewal, recovery, inquiry, destruction of key and the safety management of self system; Formulate key management flow process and standard criterion, large-scale application key management in the cloud computing applied environment is provided.
Encrypt data after database 11, main storage are encrypted through the encryption and decryption engine.
As shown in Figure 4, according to the data base encryption protection system of the embodiment of the invention, when the user was through the client-access application server in the data base encryption protection system on the cloud computing platform, the data base encryption protection system realized that the flow process of user data protection is following:
Step 1: the user inserts personal digital certificate USBKEY to client host, through client with VPN or security protocol (for example: SSL, SSH, IPSec) access application door 6; After 6 pairs of user's input informations of application portal carry out integrity verification, with the information of user input and user the application system that will visit identify key and the authentication management center 8 of sending to; Accomplishing authentification of user by key and authentication management center 8 judges with the authority of this application server 7 of visit; Return authentication object information (comprise authentication pass through, through, permissions list, certificate information) is judged by application portal 6; If the user is illegal or do not possess authority, return abnormal prompt and give the user, finish visit; If belong to validated user and have the authority of visiting this application system, session token then is provided, change step 2 over to.
Step 2: create this application system and this user's session, and the rights token of this application system is returned to the user, later user side can pass through this this application system of rights token continuous access, until logging off or session timeout.
Step 3: the user sends services request to application server 7, and application server can be through data base encryption protection system 9 visit background data bases 11; Four types of SQL operation requests are arranged: (1) writes record, deletion, retouching operation to database 11, as uploads data; (2) database 11 is carried out query manipulation, this scene needs the backstage enciphering/deciphering; (3) data are obtained, and do not need the backstage enciphering/deciphering, need the user side enciphering/deciphering; (4) exchanges data (needing a plurality of databases to participate in).Task management subsystem 2 is decomposed into a plurality of subtaskings with the SQL request in the data base encryption protection system 9, creates several encryption and decryption engine subtaskings based on virtual machine by Resource Manager Subsystem 3.
Step 4: the encryption and decryption engine converts the SQL request to tractable tree-like formula, from tree, extracts the database encryption and decryption and handles required parameter (table name, field name, insertion data or the like).Remove this, being converted to by syntax tree can be to the SQL statement of ciphertext database operation.
Step 5: the encryption and decryption engine according to the database relation table that will operate to key and the corresponding encrypted table key of authentication management center 8 applications; The table key that key and authentication management center 8 will use this client public key to encrypt returns to user terminal through application portal 6; User terminal uses the private key of being held to being obtained showing key by the table key of public key encryption through the row deciphering, sends to data base encryption protection system 9 (being the encryption and decryption engine) by application portal 6 again; Gained table key is sent to key with the encryption and decryption engine and key confirmation is carried out at authentication management center 8; If key is illegal, returns abnormal prompt and give user, execution in step 11; Deny the person, execution in step six.
Step 6: the encryption and decryption engine carries out operational access to database 11, obtains encrypt data from database, because dissimilar SQL visit, also have difference on the details of operation: (1) writes record, deletion action to relation table, execution in step seven; (2) query manipulation, execution in step seven made amendment in record in the relation table; (3) data are obtained, execution in step nine.
Step 7: generate working key according to the table key, data are carried out the encryption and decryption operation through working key; The operation of completion corresponding business; If the SQL access type is a query manipulation, execution in step nine, otherwise execution in step eight.
Step 8: carry out the data that database 11 record deletions perhaps are written back into needs database 11, encrypt and deposit database 11 again in.
Step 9: SQL subtask execution result is sent to task management subsystem 2, operation note is sent to database auditing system 10.
Step 10: task management subsystem 2 is collected all SQL subtask execution results of this user's request, is transferred to application server 7 through the VPN passage.
Step 11: task is carried out and is finished, and closes the encryption and decryption engine, reclaims virtual resource.
Claims (2)
1. data base encryption protection system under the cloud computing environment is characterized in that, comprising:
1) application interface (1) is that task management subsystem (2) carries out mutual interface with application server; On the one hand task management subsystem (2) is submitted in the SQL request of application server, the operation result of on the other hand task management subsystem (2) being collected offers application server;
2) task management subsystem (2); Resolve various database access requests; Through access control safety audit, the SQL request that allows visit is decomposed into a plurality of subtaskings, and to issuing, safeguard, keep watch on and upgrade control and management work in these subtasks;
3) Resource Manager Subsystem (3), responsible on the one hand information of collecting all virtual machines and physical machine; Dispose virtual machine according to the demand of the subtasking of task management subsystem (2) issue on the other hand, provide the encryption and decryption engine establishment, reclaim service, realize virtual encryption and decryption engine demand assignment function;
4) encryption and decryption engine pond (4); The part that system is most crucial; Form based on the dynamic encryption and decryption engine of Intel Virtualization Technology by a plurality of; These encryption and decryption engines are created in virtual machine by Resource Manager Subsystem (3), are task executions unit in the task management subsystem (2), be responsible for the user's data business encryption and decryption service and data security access services are provided.
2. data base encryption guard method under the cloud computing environment is characterized in that: may further comprise the steps:
Step 1: the SQL request of application server sends to task management subsystem (2) through application interface (1), and task management subsystem (2) carries out the statement legitimate verification to this request, judges whether its statement is legal, and it is done parallel task handle;
Step 2: task management subsystem (2) is analyzed ordering with all tasks; Send to Resource Manager Subsystem (3) to can carrying out immediately of task; Exist the task of resource contention conflict to put into the task waiting formation; Simultaneously task queue is detected, the task of wait timeout is waited for perhaps according to task implementation strategy decision continuation abandon;
Step 3: the information of physical machine in Resource Manager Subsystem (3) collection system, prognoses system is to the demand of fictitious host computer, according to the fictitious host computer of deploying virtual machine strategy deployment requirements in physical machine;
Step 4: Resource Manager Subsystem (3) will according to priority sort from the task that receive task management subsystem (2); Be chosen as its Resources allocation task; According to the virtual resource of resource allocation policy selection coupling in the virtual resource tabulation, promptly virtual machine is not enough as if virtual resource; Can not satisfy the resource requirement of task, then execution in step three;
Step 5: in the virtual machine of Task Distribution, detect the encryption and decryption engine program and start this program, inform that successfully task management subsystem (2) task carries out execution in step six if start; Otherwise inform the task execute exception, cancel task by task management subsystem (2), execution in step seven;
Step 6: task begins to carry out, and accomplishes database access and data encryption service through the encryption and decryption engine program of creating, to task management subsystem (2) return results;
Step 7: Resource Manager Subsystem (3) reclaims the complete virtual machine of task, destroys the decryption engine program.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210181715.2A CN102722576B (en) | 2012-06-05 | 2012-06-05 | Encipherment protection system and encipherment protection method for database in cloud computing environment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210181715.2A CN102722576B (en) | 2012-06-05 | 2012-06-05 | Encipherment protection system and encipherment protection method for database in cloud computing environment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102722576A true CN102722576A (en) | 2012-10-10 |
CN102722576B CN102722576B (en) | 2014-10-15 |
Family
ID=46948337
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210181715.2A Active CN102722576B (en) | 2012-06-05 | 2012-06-05 | Encipherment protection system and encipherment protection method for database in cloud computing environment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102722576B (en) |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103001892A (en) * | 2012-12-12 | 2013-03-27 | 中国联合网络通信集团有限公司 | Network resource distribution method and system based on cloud computing |
CN103514031A (en) * | 2012-11-26 | 2014-01-15 | Tcl集团股份有限公司 | Method and system for processing file name conflict in multi-terminal concurrent operation |
CN103577937A (en) * | 2013-11-15 | 2014-02-12 | 浪潮(北京)电子信息产业有限公司 | Method and system for managing recourses in cloud computing system |
CN104104692A (en) * | 2014-08-05 | 2014-10-15 | 山东中孚信息产业股份有限公司 | Virtual machine encryption method, decryption method and encryption-decryption control system |
CN104104650A (en) * | 2013-04-02 | 2014-10-15 | 联想(北京)有限公司 | Data file visit method and terminal equipment |
CN106484542A (en) * | 2016-09-06 | 2017-03-08 | 华为技术有限公司 | The method and apparatus of overlapping nodes event in a kind of process distributed system |
CN107220114A (en) * | 2017-05-24 | 2017-09-29 | 北京计算机技术及应用研究所 | Distributed resource scheduling method based on resource United Dispatching |
CN107409126A (en) * | 2015-02-24 | 2017-11-28 | 思科技术公司 | System and method for protecting enterprise computing environment safety |
CN107959588A (en) * | 2017-12-07 | 2018-04-24 | 郑州云海信息技术有限公司 | Cloud resource management method, cloud resource management platform and the management system of data center |
CN108632276A (en) * | 2018-05-07 | 2018-10-09 | 襄阳市尚贤信息科技有限公司 | A kind of information security of computer network system |
CN109522320A (en) * | 2018-11-12 | 2019-03-26 | 杭州弗兰科信息安全科技有限公司 | A kind of optimization method for serving database homomorphic cryptography |
CN109981267A (en) * | 2019-03-22 | 2019-07-05 | 西安电子科技大学 | Large-scale consumer multi-key cipher scene cloud encrypting database system and storage querying method |
CN113177221A (en) * | 2021-05-27 | 2021-07-27 | 四川职业技术学院 | Computer software encryption system |
CN114006760A (en) * | 2021-11-01 | 2022-02-01 | 西安思源学院 | Database information security prevention and control system |
CN116405329A (en) * | 2023-06-08 | 2023-07-07 | 国网山西省电力公司晋城供电公司 | Network security risk blocking device and system for power monitoring system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101854392A (en) * | 2010-05-20 | 2010-10-06 | 清华大学 | Personal data management method based on cloud computing environment |
US20100299313A1 (en) * | 2009-05-19 | 2010-11-25 | Security First Corp. | Systems and methods for securing data in the cloud |
CN102075542A (en) * | 2011-01-26 | 2011-05-25 | 中国科学院软件研究所 | Cloud computing data security supporting platform |
CN102394894A (en) * | 2011-11-28 | 2012-03-28 | 武汉大学 | Network virtual disk file safety management method based on cloud computing |
-
2012
- 2012-06-05 CN CN201210181715.2A patent/CN102722576B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100299313A1 (en) * | 2009-05-19 | 2010-11-25 | Security First Corp. | Systems and methods for securing data in the cloud |
CN101854392A (en) * | 2010-05-20 | 2010-10-06 | 清华大学 | Personal data management method based on cloud computing environment |
CN102075542A (en) * | 2011-01-26 | 2011-05-25 | 中国科学院软件研究所 | Cloud computing data security supporting platform |
CN102394894A (en) * | 2011-11-28 | 2012-03-28 | 武汉大学 | Network virtual disk file safety management method based on cloud computing |
Cited By (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103514031A (en) * | 2012-11-26 | 2014-01-15 | Tcl集团股份有限公司 | Method and system for processing file name conflict in multi-terminal concurrent operation |
CN103514031B (en) * | 2012-11-26 | 2017-06-06 | Tcl集团股份有限公司 | The processing method and system of file name conflict in multi-terminal concurrent operation |
CN103001892A (en) * | 2012-12-12 | 2013-03-27 | 中国联合网络通信集团有限公司 | Network resource distribution method and system based on cloud computing |
CN104104650A (en) * | 2013-04-02 | 2014-10-15 | 联想(北京)有限公司 | Data file visit method and terminal equipment |
CN104104650B (en) * | 2013-04-02 | 2017-07-21 | 联想(北京)有限公司 | data file access method and terminal device |
CN103577937A (en) * | 2013-11-15 | 2014-02-12 | 浪潮(北京)电子信息产业有限公司 | Method and system for managing recourses in cloud computing system |
CN104104692A (en) * | 2014-08-05 | 2014-10-15 | 山东中孚信息产业股份有限公司 | Virtual machine encryption method, decryption method and encryption-decryption control system |
CN104104692B (en) * | 2014-08-05 | 2017-03-08 | 中孚信息股份有限公司 | A kind of virtual machine encryption method, decryption method and encryption and decryption control system |
CN107409126A (en) * | 2015-02-24 | 2017-11-28 | 思科技术公司 | System and method for protecting enterprise computing environment safety |
CN107409126B (en) * | 2015-02-24 | 2021-03-09 | 思科技术公司 | System and method for securing an enterprise computing environment |
CN106484542A (en) * | 2016-09-06 | 2017-03-08 | 华为技术有限公司 | The method and apparatus of overlapping nodes event in a kind of process distributed system |
CN106484542B (en) * | 2016-09-06 | 2020-05-19 | 华为技术有限公司 | Method and device for processing overlapping node event in distributed system |
CN107220114A (en) * | 2017-05-24 | 2017-09-29 | 北京计算机技术及应用研究所 | Distributed resource scheduling method based on resource United Dispatching |
CN107959588A (en) * | 2017-12-07 | 2018-04-24 | 郑州云海信息技术有限公司 | Cloud resource management method, cloud resource management platform and the management system of data center |
CN108632276A (en) * | 2018-05-07 | 2018-10-09 | 襄阳市尚贤信息科技有限公司 | A kind of information security of computer network system |
CN109522320A (en) * | 2018-11-12 | 2019-03-26 | 杭州弗兰科信息安全科技有限公司 | A kind of optimization method for serving database homomorphic cryptography |
CN109522320B (en) * | 2018-11-12 | 2022-08-02 | 杭州弗兰科信息安全科技有限公司 | Optimization method for serving homomorphic encryption of database |
CN109981267A (en) * | 2019-03-22 | 2019-07-05 | 西安电子科技大学 | Large-scale consumer multi-key cipher scene cloud encrypting database system and storage querying method |
CN109981267B (en) * | 2019-03-22 | 2021-06-08 | 西安电子科技大学 | Large-scale user multi-key scene cloud encryption database system and storage query method |
CN113177221A (en) * | 2021-05-27 | 2021-07-27 | 四川职业技术学院 | Computer software encryption system |
CN114006760A (en) * | 2021-11-01 | 2022-02-01 | 西安思源学院 | Database information security prevention and control system |
CN114006760B (en) * | 2021-11-01 | 2023-07-18 | 西安思源学院 | Database information security prevention and control system |
CN116405329A (en) * | 2023-06-08 | 2023-07-07 | 国网山西省电力公司晋城供电公司 | Network security risk blocking device and system for power monitoring system |
CN116405329B (en) * | 2023-06-08 | 2024-02-27 | 国网山西省电力公司晋城供电公司 | Network security risk blocking device and system for power monitoring system |
Also Published As
Publication number | Publication date |
---|---|
CN102722576B (en) | 2014-10-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102722576B (en) | Encipherment protection system and encipherment protection method for database in cloud computing environment | |
CN111488598B (en) | Access control method, device, computer equipment and storage medium | |
CN102761521B (en) | Cloud security storage and sharing service platform | |
CN105991734B (en) | A kind of cloud platform management method and system | |
Vegesna | Methodologies for Enhancing Data Integrity and Security in Distributed Cloud Computing with Techniques to Implement Security Solutions | |
CN110266639A (en) | The system and method for network firewall for the endpoint hardware auxiliary in security context | |
CN101043335A (en) | Information security control system | |
CN101833620A (en) | Custom security JDBC driver-based database protective method | |
Vegesna | Investigations on Different Security Techniques for Data Protection in Cloud Computing using Cryptography Schemes | |
CN106131225A (en) | The security system accessed for medical treatment case information | |
CN106326666A (en) | Health record information management service system | |
CN115208665A (en) | Block chain-based germplasm resource data secure sharing method and system | |
CN106301791B (en) | Method and system for realizing unified user authentication authorization based on big data platform | |
CN101408955A (en) | Method and system determining obligation base on tactic | |
US9473508B2 (en) | Method for the protected deposit of event protocol data of a computer system, computer program product and computer system | |
Waqas et al. | Fault tolerant cloud auditing | |
CN113239367B (en) | Identification data encryption access method in nuclear power networking collaborative computing environment | |
Voitovych et al. | Multilayer Access for Database Protection | |
CN113472770A (en) | Safe outsourcing computing architecture suitable for big data of power grid | |
Hammami et al. | Security issues in cloud computing and associated alleviation approaches | |
CN102098282A (en) | Secure encryption method for database | |
Mangotra et al. | Cloud reliability enhancement mechanisms: A Survey | |
Muppala et al. | Establishing Trust in Public Clouds' | |
Su et al. | Study of Cloud Computing Security Service Model | |
Brindha et al. | An Efficient Framework for Providing Secured Transaction of Data in Cloud Environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |