CN109815719A - A kind of database security encryption system that can search for - Google Patents
A kind of database security encryption system that can search for Download PDFInfo
- Publication number
- CN109815719A CN109815719A CN201910053777.7A CN201910053777A CN109815719A CN 109815719 A CN109815719 A CN 109815719A CN 201910053777 A CN201910053777 A CN 201910053777A CN 109815719 A CN109815719 A CN 109815719A
- Authority
- CN
- China
- Prior art keywords
- encryption
- key
- model
- column
- database
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention discloses a kind of database security encryption systems that can search for comprising metadata management module, key management module, encryption/decryption module, SQL statement rewriting module, database connection module, metadata table and Encryption Model.The database security encryption system that can search for of the invention adjusts encryption layer by dynamic in sentence implementation procedure, realizes and directly executes complicated SQL statement in ciphertext, avoids insincere database server exposure clear data, protects data-privacy.
Description
Technical field
The present invention relates to database information safety, belong to field of information security technology;Specifically, being related to one kind can search for
Database security encryption system.
Background technique
Since cloud computing era, many enterprise's selections beyond the clouds, are stored mass data storage due to reducing localization
And powerful cloud computing ability, enterprise can significantly reduce IT cost, it is following that there are also worries for security.It is opening
In the cloud computing environment put, enterprises employee can easily access, distort and reveal private data, the result of these behaviors
It is catastrophic for enterprise.
Currently, cloud service provider made work in terms of information security is also very limited, encrypted stored data be compared with
For a kind of method of guarantee safety of safety.After data encryption, even if " prier " of data obtains data, it can also guarantee it
In privacy information be not leaked.Then, it is stored after data encryption beyond the clouds, gives processing data bring additional expense.?
Under certain application scenarios, server needs carry out operation in the data of user, if at this time after all data all decryption
Operation again will certainly adversely affect execution efficiency.
Summary of the invention
The present invention is studied for operability after relational database character types and value type data encryption, for
Guarantee to solve the problems, such as not directly to execute SQL operation while safety in ciphertext, has designed and Implemented one kind and changed including SQL
It writes, the database security encryption system that can search for including clear data encryption and the functions such as query processing.
The purpose of the present invention adopts the following technical scheme that realization:
A kind of database security encryption system that can search for comprising metadata management module, key management module plus solution
Close module, SQL statement rewriting module, database connection module, metadata table and Encryption Model.
Further, the Encryption Model includes three kinds of cipher modes, including equivalent Encryption Model, order-preserving Encryption Model,
Homomorphic cryptography model;For numeric type data, is encrypted respectively using three kinds of Encryption Models, for character type data, use equivalence
Encryption Model encryption;
1) the equivalent Encryption Model has used two layers of encryption, and outer layer is accidental enciphering layer, and internal layer is to determine encryption layer,
First time encryption first can be carried out to plaintext using determining encryption policy when encryption, reuse second of the progress of accidental enciphering strategy and add
Close, decrypting process is opposite;
2) ciphertext under the order-preserving Encryption Model uses the sequential nature of plaintext, big when needing to carry out in SQL statement
When small, range judgement, after corresponding plaintext is encrypted by the strategy compared with the ciphertext in database, to obtain
Corresponding result;
3) the homomorphic cryptography model is for supporting SUM and AVG function;In the database, the homomorphic cryptography model pair
Multiple row ciphertext fragment is answered, column name contains " HOM1 "~" HOM5 " for storing different ciphertext fragments respectively, can search for
The number of ciphertext fragment is set 5 by database security encryption system.
Further, the metadata table is for saving the data format change information after data encryption, in the bright of int type
Wen Zhong determines that the data type of the corresponding column of Encryption Model is text type.
Further, the SQL statement that the SQL statement rewriting module submits user parses, and analyzes query type,
Including Create, Select, Insert, Update, Delete, different analytical function processing is given, analytical function can be to language
The clear data for including in sentence is encrypted, and is modified to column name.
Further, there are two the tasks of the key management module: first is that generating work for equivalent Encryption Model dynamic
Key, second is that generating key for order-preserving Encryption Model and homomorphic cryptography model;Key management module is directed to three different encryptions
Algorithm, using different Managed Solutions;
1) for equivalent Encryption Model, the ecb mode of aes algorithm is used, key generates strategy are as follows:
Kmk,c,t=KeyGen (Master (mk), Column (c));
Wherein master key is the master key of user, and c is column name, in such a way that a column one are close;When needs use
When being worth Encryption Model progress encryption and decryption, key management module is provided by one working key of master key and column name dynamic generation
To Encryption Algorithm.
2) for order-preserving Encryption Model, according to the algorithm used, key is three secret parameters, a, b, sens;It is creating
Key management module is called to generate the key by metadata table when building table, which is that a column one are close, and can not dynamically give birth to
At so needing to be stored in metadata table;
3) for homomorphic cryptography model, key is made of multiple real number tuples, these tuples are generated and deposited in creation table
Storage is in metadata table.
Further, for order-preserving Encryption Model and homomorphic cryptography model, key is stored in database server
In metadata table, in order to protect key not to be stolen, metadata table stores after the encryption of these keys;It is encrypting and is decrypting it
Before, system can obtain these keys from metadata table.
Further, the metadata management module provides the function of storage with acquisition to following data:
1) attribute information of plaintext;
2) key of order-preserving encryption and homomorphic cryptography model.
Further, the encryption/decryption module is used for:
1) clear data for submitting user encrypts, and there are three types of algorithm included in Encryption Model, works in encrypting module
It can cooperate with other modules when making;SQL statement rewrites module and can extract the plaintext value of the concerning security matters in data base manipulation statement
Come and pass to encrypting module as input, encrypting module according to plaintext value in the database corresponding column, record position and
Operation in current statement judges to need Encryption Model to be used, if needing to generate working key during this, call close
If desired key management module obtains existing key, then calls metadata management module to read key from database;Encryption is completed
Afterwards, ciphertext value is returned to SQL statement and rewrites module by module;
2) query result returned from database is ciphertext, needs that the module is transferred to decrypt;Decrypting process is needed from first number
According to the metadata information obtained in table about table where ciphertext result, the column name including data type, key and plaintext;Decrypt letter
It counts these metadata together with ciphertext to be decrypted as input, corresponding decryption function is selected according to Encryption Model.
Compared with the prior art, beneficial effects of the present invention:
The system adjusts encryption layer by dynamic in sentence implementation procedure, realizes and directly executes complexity in ciphertext
SQL statement avoids insincere database server exposure clear data, protects data-privacy.
Detailed description of the invention
Fig. 1 is the database security encryption system structure chart that the present invention can search for;
Fig. 2 is Encryption Model figure of the present invention;
Fig. 3 is Create flow of statement execution figure of the present invention;
Fig. 4 is Insert flow of statement execution figure of the present invention;
Fig. 5 is Select flow of statement execution figure of the present invention;
Fig. 6 is Update flow of statement execution figure of the present invention;
Fig. 7 is Delete flow of statement execution figure of the present invention.
Specific embodiment
The present invention will be further described in detail combined with specific embodiments below, but do not limit the invention in any way
Range.
Design philosophy of the invention: database server is considered as insincere by the database security encryption system that can search for
End.User inputs SQL statement and is stored in server end after the clear data encryption of wherein concerning security matters is become ciphertext by system.It executes
When SQL statement, sentence is rewritten by the system, hide column name and plaintext therein is encrypted, while to database
In Encryption Model dynamic adjust, so that revised sentence is directly executed in ciphertext.
Fig. 1 is the system assumption diagram for the database security encryption system that can search for.The system is made of 5 nucleus modules:
Metadata management module, key management module, encryption/decryption module, SQL statement rewriting module and database connection module.In order to match
It closes key management module to be managed static keys, database server side is provided with metadata table.Store user data
There are three types of different Encryption Models for supporting quick cryptogram search and operation for design in the database table in library.
Fig. 2 is the Encryption Model for the database security encryption system that can search for, including equivalent Encryption Model, and order-preserving encrypts mould
Type, homomorphic cryptography model.For numeric type data, encrypted respectively using three kinds of Encryption Models, and for character type data, then only
It is encrypted using equivalent Encryption Model.
Equivalent Encryption Model has used two layers of encryption, and outer layer is accidental enciphering layer, and internal layer is to determine encryption layer, in encryption
First time encryption first can be carried out to plaintext using determining encryption policy, reuse accidental enciphering strategy and carry out second of encryption, solution
Close process is opposite.
(1) accidental enciphering
The encryption policy provides highest security level, which is characterized in that identical plaintext obtains not after encryption
Same ciphertext, using the strategy in conjunction with determining encryption policy, user hides equal value informations for we.We are added using AES grouping
Close algorithm realizes the strategy, and uses the AES encryption function provided in database.Aes_encrypt is provided in MySQL
(content, salt) encryption function and aes_decrypt (content, salt) decryption function, wherein content is desirable
The content of encryption or decryption, and salt is used to generate the information of encryption and decryption keys, the same plaintext, when using different
Different results can be obtained when salt.We utilize this characteristic, use different salt to each data, each salt by
Three parts composition: master key, column name, row identifier.Row identifier therein is that the column that we create in the database increase certainly
Value, for indicating it is currently which row, this value is not reproducible.Column name is the column name of plaintext, can not directly be obtained from database
It takes.The generation of salt is completed in the client, and does not save the value of salt in database.
(2) encryption (DET:Deterministic Encryption Algorithm) is determined
The characteristics of determining encryption policy is identical plaintext encrypted by the strategy after generate identical ciphertext, by by language
Plaintext in sentence carries out equivalent matching using the ciphertext data in the encrypted ciphertext of the strategy and database, can find out
Meet the record of relation of equality.The corresponding algorithm of the strategy is AES block encryption algorithm, and selects ECB (electronic codebook mode) mould
Formula, the aes algorithm under the mode, under conditions of key is constant, the corresponding ciphertext of the equal plaintext of any two is also equal.I
The block length that selects be 128, for being unsatisfactory for the plaintext of the length, the uniform length by the way of expansion.
The model can be adjusted dynamically, as predicate (such as select ... for not including equivalent verifying in query statement
From ... where a=b) when, which is able to maintain at RND layers, when the predicate comprising equivalent verifying in query statement, then first
Outer layer is decrypted, DET layers of ciphertext is retained, the operation of equivalence verifying can be completed directly in DET layers of ciphertext, two kinds of situations
It will not expose in plain text, and if needing to decrypt at RND layers in implementation procedure, after the inquiry operation for completing user, still can
Using RND decryption policy re-encrypted, the structure of two layers of encryption is remained.If necessary to modify RND layers, then implementation procedure is
Three steps:
The first step is decrypted RND layers.One UPDATE statement is write by client, the equivalence in database is added
Close model column decryption, the result after decrypting is still ciphertext, these ciphertexts are in plain text by determining encrypted knot
Fruit.
Second step executes inquiry, and returns the result, and after removing RND layers, sentence can directly execute in DET ciphertext.
Those column for " peelling off " RND layers are used accidental enciphering strategy re-encrypted by third step.
The characteristics of order-preserving Encryption Model is the sequential nature that ciphertext keeps plaintext, i.e.,As x < y, there is OPEK(x)
< OPEK(y).Wherein OPEK(x) and OPEKIt (y) is using key K respectively to clear data x, the encrypted ciphertext of y.When SQL language
In sentence when needing to carry out the judgement of size, range, after corresponding plaintext is encrypted by the strategy with it is close in database
Relatively, corresponding result can be obtained in text.
Homomorphic cryptography model is for supporting SUM and AVG function, such as SELECT AVG (grade) FROM student.In number
According in library, which has corresponded to multiple row, and column name contains " HOM1 "~" HOM5 " respectively and is used to store different ciphertext fragments, can
The number of fragment is set 5 by the database security encryption system of search.
Data are binary systems by the encrypted ciphertext of aes algorithm, are unfavorable for transimission and storage, therefore we use
BASE64 coding, is converted to character type data for binary data.
After data are encrypted, the format of data can also change, and such as the plaintext of int type, determine Encryption Model
The data type of corresponding column is text type.This part cleartext information needs preserve, therefore we devise metadata table
These information are saved, the structure of metadata table is as shown in the table:
T1 table is made of three column, and respectively C1, C2, C3, these column names are all the column names under untreated plaintext,
The plaintext type of storage is respectively INT, DOUBLE, CHAR.For numeric type data, metadata table stores order-preserving encryption key
With homomorphic cryptography key, and for character type data, this two column is then set as NULL.
The SQL statement that SQL statement rewriting module submits user parses, analysis query type, including Create,
Select, Insert, Update, Delete give different analytical function processing, and analytical function can be bright to include in sentence
Literary data are encrypted, and are modified to column name, are illustrated by an example:
(1) it inputs: select name from student where id=1;
Output: select name_DET from student where id_DET=' Edaf/-dfgk==';
Illustrate: analytical function calls encryption/decryption module to encrypt number 1 in plain text, and column name id is rewritten as id_
DET, represents the column that DET will be used to encrypt in ciphertext, and the column name of the part select ... from will be also written over.
(2) it inputs: select sum (grade) from grade;
Output: select sum (grade_HOM1), sum (grade_HOM2), sum (grade_HOM3), sum
(grade_HOM4),sum(grade_HOM5)from grade;
Illustrate: for sum function and avg function, it would be desirable to be arranged using HOM, including 5 column ciphertext fragments, be needed
Partial results are obtained from each fragment respectively, it is therefore desirable to which a column are extended to 5 column.
There are two the tasks of key management module: first is that working key is generated for equivalent Encryption Model dynamic, second is that protect
Sequence Encryption Model and homomorphic cryptography model generate key.Different Managed Solutions is used for different algorithms:
For equivalent Encryption Model, the ecb mode of aes algorithm is used, key generates strategy are as follows:
Kmk,c,t=KeyGen (Master (mk), Column (c))
Wherein master key is the master key of user, and c is column name, in such a way that a column one are close.When needs use
When being worth Encryption Model progress encryption and decryption, key management module is provided by one working key of master key and column name dynamic generation
To Encryption Algorithm;
For order-preserving Encryption Model, according to the algorithm used, key is three secret parameters, a, b, sens.It is creating
Call key management module to generate the key by metadata table when table, which is that a column one are close, and can not dynamic generation,
So needing to be stored in metadata table.
For homomorphic cryptography model, key is made of multiple real number tuples, these tuples are generated and stored in creation table
In metadata table.
For order-preserving Encryption Model and homomorphic cryptography model, key is stored in the metadata table in database server
In, in order to protect key not to be stolen, metadata table stores after the encryption of these keys.Before encryption and decryption, system meeting
These keys are obtained from metadata table.
When creating table, we also need to rewrite sentence, and the field type of plaintext is changed to ciphertext field type, example
Such as, we create the id field of int type, in order to save the ciphertext of id, it would be desirable to by the corresponding dependent of dead military hero of Equivalent Model
Property is changed to text type.This is conducive to the attribute information for hiding plaintext, but when we need plaintext attribute information, it is close
Literary tables of data can not just provide, it would therefore be desirable to create a metadata table, and using the attribute information of plaintext as data
It is stored in metadata table.In addition, for the key of order-preserving encryption and homomorphic cryptography model, it is also desirable to be stored in metadata table
In.Metadata management module is exactly the function of providing storage to these data with obtain.
Encryption/decryption module is responsible for:
(1) clear data for submitting user encrypts, and there are three types of algorithm included in Encryption Model, works in encrypting module
It can cooperate with other modules when making.SQL statement rewrites module and can extract the plaintext value of the concerning security matters in data base manipulation statement
Come and pass to encrypting module as input, encrypting module according to plaintext value in the database corresponding column, record position and
Operation in current statement judges to need Encryption Model to be used, if needing to generate working key during this, call close
If desired key management module obtains existing key, then calls metadata management module to read key from database.Encryption is completed
Afterwards, ciphertext value is returned to SQL statement and rewrites module by module.
(2) query result returned from database is ciphertext, needs that the module is transferred to decrypt.Decrypting process is needed from first number
According to the metadata information obtained in table about table where ciphertext result, the column name including data type, key and plaintext.Decrypt letter
It counts these metadata together with ciphertext to be decrypted as input, corresponding decryption function is selected according to Encryption Model.
In order to execute conventional SQL statement in ciphertext, different action types according to different operating procedures, under
Face illustrates respectively from 5 creation table, insertion, inquiry, update, deletion parts, and illustrates to search by a specific example
Rope encryption method: having a table of a student information in database, table name student, therein to show id (student's number, number
Value type), name (name, character type), age (age, numeric type), sex (gender, character type).
(1) table (Creat) is created
Step 1: parsing create sentence, obtains the name of table, the name of all column and corresponding data class
Type, and key management module is called to generate the key of order-preserving, homomorphic cryptography model, master key encryption is used to above data,
And it constructs an insert sentence and above data is inserted into the metadatabase of server end.
Step 2: on the basis of step 1, being handled all column in new table, if the data type of column is number
Value type (int, float, double), then the column need to use equivalence, order-preserving, homomorphic cryptography model, must have in the database
Three column to store the ciphertext under this model respectively, therefore, it is necessary to which the column are extended to three column, in order to distinguish, in the name of column
It is the corresponding column of equivalent Encryption Model comprising DET representative, representing in the name of column comprising OPE is that order-preserving Encryption Model is corresponding
It arranges, representing in the name of column comprising HOM is the corresponding column of homomorphic cryptography model, in addition, corresponding data type is rewritten are as follows:
text,double,double.If the data type of column is character type (char, varchar, text), only need to use
It is worth Encryption Model, includes DET in column name, and data type is rewritten as text so only needing to be rewritten as a column.
Fig. 3 is process flow illustrated example of the system to Create sentence, first using create table sentence in data
A student table is created in library.
The read statement of user are as follows:
Create table mytable (mycolumn_1 numeric type, mycolumn_2 character type);
A1) the create sentence of user's input is parsed, the name for getting table is mytable, the name of all column
Word be mycolumn_1 and mycolumn_2, arrange corresponding data type be numeric type and character type, and will acquire these
Information is as in data deposit database.
A2 the column mycolumn_1 of numeric type) is extended to three column, respectively using equivalence, order-preserving, homomorphic cryptography model into
Row encryption, arranges entitled mycolumn_1_DET, mycolumn_1_OPE, mycolumn_1_HOM mycolumn_1_ accordingly
HOM, and text is set by the data type in equivalent Encryption Model, the data in order-preserving Encryption Model, homomorphic cryptography model
Type is set as double.The column mycolumn_2 of character type is encrypted using equivalent Encryption Model, is arranged accordingly entitled
Mycolumn_2_DET, and data type is rewritten as text.Increase by a column row identifier as major key.
Revised sentence are as follows:
create table mytable(mycolumn_1_DET text,mycolumn_1_OPE double,
Mycolumn_1_HOM double, mycolumn_2_DET text, rowid int primary key auto_
increment not null)
(2) it is inserted into data (Insert)
Step 1: first parsing sentence, gets the table of data to be inserted into and the name of column, by table name, to
Data are inquired in metadata table, and all information under the table name are all got into client and are decrypted.
Step 2: by the column name being resolved to, the data type of the column is inquired from metadata, if it is numerical value class
Type, it is meant that column needs are respectively processed using equivalence, order-preserving, homomorphic cryptography model.Parsing from values will insert
The specific data for entering the column encrypt the data using determination, order-preserving and homomorphic cryptography strategy respectively, and order-preserving and homomorphism add
The key of close strategy is obtained from metadata, and is determined the key of encryption policy and generated by key management module.If first
The data type of the column is character types (char, varchar, text) in data, then only need using determine encryption policy into
Row encryption also needs key management module and generates key, encrypts to data corresponding in values.The step terminates
The only insertion sentence containing ciphertext will be obtained afterwards, transfers to database to execute the sentence.
Step 3: being already inserted into corresponding ciphertext data after the completion of step 2, in database, but this when etc.
Data in value Encryption Model have only used determining encryption policy and have been encrypted, it is all only single layers encryption, it is also necessary to use with
Machine encryption policy carries out secondary encryption, and the process of this encryption is executed by server.A update sentence is write in client,
Include the aes encryption function in database in the sentence, secondary encryption is carried out to the data in equivalent Encryption Model.
Fig. 4 is system to the process flow example of Insert sentence, now the data line into student table:
The sentence of user's input are as follows:
insert into mytable(mycolumn_1,mycolumn_2)values(value_1,value_2);
B1) received insert sentence is parsed, obtains the name student of table, the name of column are as follows:
Mycolumn_1, mycolumn_2 arrange corresponding insertion data (value_1, value_2'), are looked into the database according to table name
The data type of all column is ask, mycolumn_1 is numeric type, and mycolumn_2 is character type;
B2) data type of mycolumn_1 column is numeric type, and corresponding insertion data are value_1, respectively using true
Determine Encryption Algorithm, order-preserving Encryption Algorithm and homomorphic encryption algorithm to encrypt the insertion data, encrypted data are
Value_1_DET, value_1_OPE, value_1_HOM, and column name is rewritten as mycolumn_1_DET, mycolumn_1_
OPE, mycolumn_1_HOM, each column name have corresponded to an individual column memory space in database.mycolumn_2
Column are character type, and corresponding insertion data are value_2, are inserted into data to it using only determining Encryption Algorithm and encrypt, add
Data after close are value_2_DET, and column name is rewritten as mycolumn_2_DET.
B3) the internal layer ciphertext (value_1_DET, value_2_DET) in equivalent Encryption Model is calculated using accidental enciphering
Method carries out outer layer encryption, forms two layers of cryptographic structure, and key is generated according to the master key of user, column name and row identifier, often
The row identifier of a line is unique.
Rewrite result:
(3) selection inquiry (Select)
Step 1: obtaining the table name of inquiry from the sentence of the input of user first, obtains from metadata table corresponding
Metadata information, including table name, all column names and corresponding data type, order-preserving Encryption Model key and homomorphic cryptography model
Key is decrypted these data and is temporarily stored in client.
Step 2: when the equivalent Encryption Model in database is in the RND layer of two layers of encryption, being unable to complete any operation,
Therefore it needs that the RND layer of the model is decrypted before inquiry.Method is one update sentence of transmission into database,
It wherein include decryption function.The step the result is that the ciphertext under all corresponding column of equivalent Encryption Model supports equivalence to look into
It askes.
Step 3: the predicate for inquiring included is divided into three classes: first is that equivalent match, such as a=b, group by;Second is that model
Enclose inquiry, such as a > b, order by;Third is that set operation, such as SUM, AVG function.This step is needed the predicate expression in sentence
Formula parses, we are divided into three kinds of situations in this way:
A) equivalent matching: column name=(constant).Under this predicate, need in the corresponding column of equivalent Encryption Model into
Row search, therefore column name is rewritten as the corresponding column name of equivalent Encryption Model, such as column_DET.Meanwhile constant needs make
With determining that encryption policy is encrypted, key used is identical as the key in the column on the expression formula left side.Existed using this ciphertext
Scanned in equivalent Encryption Model in database, ciphertext is equal represent it is equal in plain text.
B) range query: column name [<>≤>=] constant.Under this predicate, need to scan in order-preserving Encryption Model,
Therefore column name is rewritten as the corresponding column name of order-preserving Encryption Model, such as column_OPE.Meanwhile the constant on the right of expression formula makes
It is encrypted with order-preserving encryption policy, key is identical as the key in the column on the expression formula left side, this key is from metadata
It obtains.When being scanned in order-preserving Encryption Model using this ciphertext, the size that the size relation of ciphertext has corresponded to plaintext is closed
System.
C) set operation: SUM (column name), AVG (column name) function.Under this predicate, need in homomorphic cryptography model into
Row operation, it is only necessary to column name is rewritten as the corresponding column name of homomorphic cryptography model, such as column_HOM.In homomorphic cryptography mould
When type is operated, SUM and AVG is executed directly in ciphertext, and the calculated result of plaintext is corresponded to after obtained result decryption.
Step 4: after the completion of step 2 and step 3, the equivalent Encryption Model in database is in single DET layers of shape
State needs to re-start it RND encryption, the state of two layers of encryption is restored to, to guarantee safety.Specific practice is to data
Library sends a update sentence, wherein containing RND layers of encryption function and key.
Fig. 5 is process flow illustrated example of the system to select sentence.
User's input: select mycolumn or SUM (mycolumn), AVG (mycolumn) from mytable
Where condition predicate P;
C1) received select sentence is parsed, the name for obtaining table is mytable, and inquiry content is column
Mycolumn or aggregate function sum (mycolumn), avg (mycolumn), condition predicate are looked into the database according to table name
Ask the data type of all column and the key of encrypted column;
C2) outer layer (accidental enciphering layer) ciphertext of all equivalent Encryption Models in database is decrypted, key according to
Master key, column name and the row identifier of user generates, and the row identifier of every a line is unique;
C3) being divided to the condition predicate P being resolved to is equivalent matching and two class of range query, is rewritten as new condition predicate
P*。
Equivalent matching expression: column name is rewritten as the corresponding column name of equivalent Encryption Model, such as by column name=(constant)
column_DET.And encrypt constant using determining Encryption Algorithm, key adds with the determination in the column on the expression formula left side
The key of close algorithm is identical;
Range query expression formula: column name [<>≤>=] constant, column name is rewritten as the corresponding column name of order-preserving Encryption Model, such as
column_OPE.And the constant on the right of expression formula is encrypted using order-preserving Encryption Algorithm, key and the expression formula left side
The key of order-preserving Encryption Algorithm in column is identical.
C4) if inquiry content is some column mycolumn, which is rewritten as mycolumn_DET;If inquiry content is
Column name therein is rewritten as mycolumn_HOM by aggregate function sum (mycolumn) or avg (mycolumn).
C5 the internal layer ciphertext in all equivalent Encryption Models in database) is reused into accidental enciphering algorithm for encryption,
Its key is generated according to the master key of user, column name and row identifier, and the row identifier of every a line is unique.
Paraphrasing result:
Select mycolumn_DET or sum (mycolumn_HOM), avg (mycolumn_HOM) from
Student where condition predicate P*;
(4) operation (Update) is updated
Step 1: the step of obtaining metadata, inquiring with selection one is identical.
The step of step 2: being decrypted external RND layers in two layers of equivalent Encryption Model, and way and selection are inquired
Two is identical.
Step 3: the effect of update is that the data in the specific field in database are updated to another value.Its shape
Formula are as follows: " update table name set column name=constant where conditional expression ".System can call column name therein, constant, condition
Word extracts, and handles respectively.The step of processing mode of its conditional predicate is inquired with selection three is identical.For " column name=
The treatment process of constant " is similar with the step of insertion sentence two.Data type corresponding to column name is first determined whether, if it is numerical value
The part is then rewritten as three by type: " column name _ DET=DET (constant) " represents column name being rewritten as equivalent Encryption Model
Under column name, and by constant using determining that encryption policy encrypts, key is identical as the key of left-hand column;" column name _ OPE=OPE
(constant) ";" column name _ HOM=HOM (constant) ".It, only need to be according to " column name _ DET=DET (constant) " if column are character type
Form rewritten.After the completion of all rewriting, database is transferred to execute sentence.
Step 4: equivalent Encryption Model is restored to the state of two layers of encryption.The step of method and selection used is inquired
Four is identical.
Fig. 6 is process flow illustrated example of the system to update sentence;.
User's input: update mytable set mycolumn=value where condition predicate P;
D1) received update sentence is parsed, the name for obtaining table is mytable, and the name of column is
Mycolumn, updated value are value and condition predicate P, inquire the data type of all column in the database according to table name and add
The key of close column;
D2) outer layer (accidental enciphering layer) ciphertext of all equivalent Encryption Models in database is decrypted, key according to
Master key, column name and the row identifier of user generates, and the row identifier of every a line is unique;
D3) the expression formula mycolumn=value in set clause, if the corresponding data type of column mycolumn is numerical value
Type is updated three column of extension as follows respectively:
Mycolumn is changed to write the column name under equivalent Encryption Model: mycolumn_DET, and value is added using determining
Close algorithm for encryption is value_DET, and encryption key is identical as the key of determination Encryption Algorithm of left-hand column;
Column name mycolumn being changed under order-preserving Encryption Model: mycolumn_OPE, and value is encrypted using order-preserving
For algorithm for encryption at value_OPE, encryption key is identical as the key of determination Encryption Algorithm of left-hand column;
Mycolumn is changed to write the column name under homomorphic cryptography model: mycolumn_HOM, and value is added using homomorphism
Close algorithm for encryption is value_HOM, and encryption key is identical as the key of determination Encryption Algorithm of left-hand column;
If arranging corresponding data type is character type, the column name that is only rewritten as mycolumn under equivalent Encryption Model
Mycolumn_DET, and value is encrypted as value_DET using determining Encryption Algorithm, the determination of key and left-hand column adds
The key of close algorithm is identical.If there is where clause, then the predicate being resolved to is divided into equivalent matching and two class of range query
It handles respectively, forms new condition predicate P*.
D4 the internal layer of all equivalent Encryption Models in database) is reused into accidental enciphering algorithm for encryption, key
It is generated according to the master key of user, column name and row identifier, the row identifier of every a line is unique;
Result after paraphrasing:
Update mytable set mycolumn_DET=value_DET, (mycolumn_OPE=value_OPE,
Mycolumn_HOM=value_HOM) where condition predicate P*;
Fig. 7 is process flow illustrated example of the system to Delete sentence
(5) delete operation (Delete)
Step 1: the step of obtaining metadata, inquiring with selection one is identical.
Step 2: the form of cancel statement are as follows: " delete from table name where conditional expression ".Exist in while statement
When conditional expression, then external RND layers in the equivalent Encryption Model to two layers is needed to be decrypted, way and selection inquiry
Step 2 is identical.If directly sending sentence in database without expression formula and executing.
The step of step 3: when existence condition expression formula, needing to rewrite conditional expression, and process and selection are inquired
Three is identical.It sends revised sentence in database and executes.
User's input: delete from mytable (where condition predicate P);
E1) received delete sentence is parsed, the name for obtaining table is mytable, condition predicate P, according to table
Name inquires the data type of all column and the key of encrypted column in the database;
E2) if in sentence when existence condition predicate P, first by the outer layer ciphertext of all equivalent Encryption Models in database
Decryption, key are generated according to the master key of user, column name and row identifier, and the row identifier of every a line is unique;It then will solution
The predicate analysed is divided into equivalent matching and two class of range query is handled respectively, forms new condition predicate P*;Finally equivalence is added
Internal layer ciphertext encryption in close model, key are generated according to the master key of user, column name and row identifier, the rower of every a line
Know Fu Weiyi.If being not processed without expression formula.
Paraphrasing result: delete from mytable (where condition predicate P*).
The above embodiment is only the preferred embodiment of the present invention, and the scope of protection of the present invention is not limited thereto,
The variation and replacement for any unsubstantiality that those skilled in the art is done on the basis of the present invention belong to institute of the present invention
Claimed range.
Claims (8)
1. a kind of database security encryption system that can search for, it is characterised in that: including metadata management module, key management mould
Block, encryption/decryption module, SQL statement rewriting module, database connection module, metadata table and Encryption Model.
2. the database security encryption system that can search for as described in claim 1, it is characterised in that: the Encryption Model includes
Three kinds of cipher modes, including equivalent Encryption Model, order-preserving Encryption Model, homomorphic cryptography model;For numeric type data, using three
Kind Encryption Model encrypts respectively, for character type data, is encrypted using equivalent Encryption Model;
1) the equivalent Encryption Model has used two layers of encryption, and outer layer is accidental enciphering layer, and internal layer is to determine encryption layer, is encrypting
Shi Huixian reuses second of the progress of accidental enciphering strategy and encrypts using encryption policy is determined to first time encryption is carried out in plain text,
Decrypting process is opposite;
2) ciphertext under the order-preserving Encryption Model uses the sequential nature of plaintext, when needing to carry out size, model in SQL statement
It is corresponding to obtain after corresponding plaintext is encrypted by the strategy compared with the ciphertext in database when the judgement enclosed
Result;
3) the homomorphic cryptography model is for supporting SUM and AVG function;In the database, the homomorphic cryptography model is corresponding
Multiple row ciphertext fragment, column name contain " HOM1 "~" HOM5 " for storing different ciphertext fragments, the data that can search for respectively
The number of ciphertext fragment is set 5 by library secure encryption system.
3. the database security encryption system that can search for as described in claim 1, it is characterised in that: the metadata table is used for
Data format change information after saving data encryption determines the data of the corresponding column of Encryption Model in the plaintext of int type
Type is text type.
4. the database security encryption system that can search for as described in claim 1, it is characterised in that: the SQL statement is rewritten
The SQL statement that module submits user parses, analyze query type, including Create, Select, Insert, Update,
Delete gives different analytical function processing, and analytical function can encrypt the clear data for including in sentence, and to column
Name is modified.
5. the database security encryption system that can search for as described in claim 1, it is characterised in that: the key management module
Task there are two: first is that working key is generated for equivalent Encryption Model dynamic, second is that being order-preserving Encryption Model and homomorphic cryptography
Model generates key;Key management module is directed to three different Encryption Algorithm, using different Managed Solutions;
1) for equivalent Encryption Model, the ecb mode of aes algorithm is used, key generates strategy are as follows:
Kmk,c,t=KeyGen (Master (mk), Column (c));
Wherein master key is the master key of user, and c is column name, in such a way that a column one are close;When needs are added using equivalent
When close model carries out encryption and decryption, key management module is supplied to and is added by one working key of master key and column name dynamic generation
Close algorithm;
2) order-preserving Encryption Model, according to the algorithm used, key is three secret parameters, a, b, sens;When creating table by
Metadata table calls key management module to generate the key, which is that a column one are close, and can not dynamic generation, so needing
It is stored in metadata table;
3) homomorphic cryptography model, key are made of multiple real number tuples, these tuples are formed and stored in first number in creation table
According in table.
6. the database security encryption system that can search for as claimed in claim 5, it is characterised in that: for order-preserving Encryption Model
With homomorphic cryptography model, key is stored in the metadata table in database server, in order to protect key not to be stolen, member
Tables of data stores after the encryption of these keys;Before encryption and decryption, system can obtain these keys from metadata table.
7. the database security encryption system that can search for as described in claim 1, it is characterised in that: the metadata management mould
Block provides the function of storage with acquisition to following data:
1) attribute information of plaintext;
2) key of order-preserving encryption and homomorphic cryptography model.
8. the database security encryption system that can search for as described in claim 1, it is characterised in that: the encryption/decryption module is used
In:
1) clear data for submitting user encrypts, there are three types of algorithm included in Encryption Model in encrypting module, when work
It can cooperate with other modules;SQL statement rewrites module and can extract the plaintext value of the concerning security matters in data base manipulation statement simultaneously
Encrypting module is passed to as input, and encrypting module is according to plaintext value corresponding column, record position and current in the database
Operation in sentence judges to need Encryption Model to be used, if needing to generate working key during this, calls key pipe
Module is managed, existing key is if desired obtained, then calls metadata management module to read key from database;After the completion of encryption,
Ciphertext value is returned to SQL statement and rewrites module by module;
2) query result returned from database is ciphertext, needs that the module is transferred to decrypt;Decrypting process is needed from metadata table
The middle metadata information obtained about table where ciphertext result, the column name including data type, key and plaintext;Decryption function will
These metadata, as input, select corresponding decryption function according to Encryption Model together with ciphertext to be decrypted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910053777.7A CN109815719A (en) | 2019-01-21 | 2019-01-21 | A kind of database security encryption system that can search for |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910053777.7A CN109815719A (en) | 2019-01-21 | 2019-01-21 | A kind of database security encryption system that can search for |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109815719A true CN109815719A (en) | 2019-05-28 |
Family
ID=66603591
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910053777.7A Pending CN109815719A (en) | 2019-01-21 | 2019-01-21 | A kind of database security encryption system that can search for |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109815719A (en) |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110598440A (en) * | 2019-08-08 | 2019-12-20 | 中腾信金融信息服务(上海)有限公司 | Distributed automatic encryption and decryption system |
| CN111427908A (en) * | 2020-04-23 | 2020-07-17 | 北京中安星云软件技术有限公司 | Transparent encryption and decryption method, system and device based on quantum key |
| CN111639349A (en) * | 2020-05-14 | 2020-09-08 | 瀚高基础软件股份有限公司 | Data encryption processing method and device and storage medium |
| CN112016120A (en) * | 2020-08-26 | 2020-12-01 | 支付宝(杭州)信息技术有限公司 | Event prediction method and device based on user privacy protection |
| CN112380557A (en) * | 2020-12-01 | 2021-02-19 | 江西师范大学 | Relational database encryption method and encrypted database query method |
| CN112613302A (en) * | 2020-12-31 | 2021-04-06 | 天津南大通用数据技术股份有限公司 | Dynamic credibility judgment method for clauses executing select statement based on database |
| CN112685779A (en) * | 2020-12-31 | 2021-04-20 | 天津南大通用数据技术股份有限公司 | Static credibility judgment method for executing main keywords of select statement based on database |
| CN113111356A (en) * | 2021-03-09 | 2021-07-13 | 深圳市教育信息技术中心(深圳市教育装备中心) | Data encryption method, device, equipment and medium |
| CN113111357A (en) * | 2021-03-09 | 2021-07-13 | 深圳市教育信息技术中心(深圳市教育装备中心) | Field encryption method, device, equipment and medium |
| CN113111082A (en) * | 2021-03-09 | 2021-07-13 | 深圳市教育信息技术中心(深圳市教育装备中心) | Structured query statement rewriting method, device, equipment and medium |
| CN113204776A (en) * | 2021-04-30 | 2021-08-03 | 新华三大数据技术有限公司 | Method, device, equipment and storage medium for realizing column encryption |
| CN114327261A (en) * | 2021-12-06 | 2022-04-12 | 神州融安数字科技(北京)有限公司 | Data file storage method and data security agent |
| CN114513351A (en) * | 2022-02-08 | 2022-05-17 | 中国人民解放军海军军医大学 | Remote area information encryption transmission method, system and storage medium |
| CN116756760A (en) * | 2023-08-21 | 2023-09-15 | 合肥安永信息科技有限公司 | Searchable database encryption system and method thereof |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102902932A (en) * | 2012-09-18 | 2013-01-30 | 武汉华工安鼎信息技术有限责任公司 | Structured query language (SQL) rewrite based database external encryption/decryption system and usage method thereof |
| CN104881280A (en) * | 2015-05-13 | 2015-09-02 | 南京邮电大学 | Multi-search supporting design method for encrypted database middleware |
| CN105610793A (en) * | 2015-12-18 | 2016-05-25 | 江苏大学 | Outsourced data encrypted storage and cryptograph query system and application method therefor |
-
2019
- 2019-01-21 CN CN201910053777.7A patent/CN109815719A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102902932A (en) * | 2012-09-18 | 2013-01-30 | 武汉华工安鼎信息技术有限责任公司 | Structured query language (SQL) rewrite based database external encryption/decryption system and usage method thereof |
| CN104881280A (en) * | 2015-05-13 | 2015-09-02 | 南京邮电大学 | Multi-search supporting design method for encrypted database middleware |
| CN105610793A (en) * | 2015-12-18 | 2016-05-25 | 江苏大学 | Outsourced data encrypted storage and cryptograph query system and application method therefor |
Non-Patent Citations (1)
| Title |
|---|
| 汪海伟等: "可搜索数据库加密系统的设计与实现", 《计算机技术与发展》 * |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110598440A (en) * | 2019-08-08 | 2019-12-20 | 中腾信金融信息服务(上海)有限公司 | Distributed automatic encryption and decryption system |
| CN111427908A (en) * | 2020-04-23 | 2020-07-17 | 北京中安星云软件技术有限公司 | Transparent encryption and decryption method, system and device based on quantum key |
| CN111639349A (en) * | 2020-05-14 | 2020-09-08 | 瀚高基础软件股份有限公司 | Data encryption processing method and device and storage medium |
| CN111639349B (en) * | 2020-05-14 | 2022-09-06 | 瀚高基础软件股份有限公司 | Data encryption processing method and device and storage medium |
| CN112016120A (en) * | 2020-08-26 | 2020-12-01 | 支付宝(杭州)信息技术有限公司 | Event prediction method and device based on user privacy protection |
| CN112016120B (en) * | 2020-08-26 | 2024-03-26 | 支付宝(杭州)信息技术有限公司 | Event prediction method and device based on user privacy protection |
| CN112380557A (en) * | 2020-12-01 | 2021-02-19 | 江西师范大学 | Relational database encryption method and encrypted database query method |
| CN112380557B (en) * | 2020-12-01 | 2021-10-12 | 江西师范大学 | Relational database encryption method and encrypted database query method |
| CN112685779A (en) * | 2020-12-31 | 2021-04-20 | 天津南大通用数据技术股份有限公司 | Static credibility judgment method for executing main keywords of select statement based on database |
| CN112613302A (en) * | 2020-12-31 | 2021-04-06 | 天津南大通用数据技术股份有限公司 | Dynamic credibility judgment method for clauses executing select statement based on database |
| CN112613302B (en) * | 2020-12-31 | 2023-08-18 | 天津南大通用数据技术股份有限公司 | Dynamic credibility judging method for clauses of select statement based on database |
| CN113111082A (en) * | 2021-03-09 | 2021-07-13 | 深圳市教育信息技术中心(深圳市教育装备中心) | Structured query statement rewriting method, device, equipment and medium |
| CN113111357A (en) * | 2021-03-09 | 2021-07-13 | 深圳市教育信息技术中心(深圳市教育装备中心) | Field encryption method, device, equipment and medium |
| CN113111356A (en) * | 2021-03-09 | 2021-07-13 | 深圳市教育信息技术中心(深圳市教育装备中心) | Data encryption method, device, equipment and medium |
| CN113111082B (en) * | 2021-03-09 | 2022-01-14 | 深圳市教育信息技术中心(深圳市教育装备中心) | Structured query statement rewriting method, device, equipment and medium |
| CN113204776A (en) * | 2021-04-30 | 2021-08-03 | 新华三大数据技术有限公司 | Method, device, equipment and storage medium for realizing column encryption |
| CN113204776B (en) * | 2021-04-30 | 2022-08-30 | 新华三大数据技术有限公司 | Method, device, equipment and storage medium for realizing column encryption |
| CN114327261A (en) * | 2021-12-06 | 2022-04-12 | 神州融安数字科技(北京)有限公司 | Data file storage method and data security agent |
| CN114513351A (en) * | 2022-02-08 | 2022-05-17 | 中国人民解放军海军军医大学 | Remote area information encryption transmission method, system and storage medium |
| CN116756760A (en) * | 2023-08-21 | 2023-09-15 | 合肥安永信息科技有限公司 | Searchable database encryption system and method thereof |
| CN116756760B (en) * | 2023-08-21 | 2023-12-12 | 合肥安永信息科技有限公司 | Searchable database encryption system and method thereof |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109815719A (en) | A kind of database security encryption system that can search for | |
| CN103392178B (en) | Database Encrypt System, method and program | |
| US8375224B2 (en) | Data masking with an encrypted seed | |
| CN112800088B (en) | Database ciphertext retrieval system and method based on bidirectional security index | |
| US7797342B2 (en) | Database system providing encrypted column support for applications | |
| JP6048414B2 (en) | Database apparatus, method and program | |
| Popa et al. | CryptDB: A practical encrypted relational DBMS | |
| EP2241986B1 (en) | Privacy and confidentiality preserving schema mapping repository for mapping reuse | |
| CN101587479A (en) | Database management system kernel oriented data encryption/decryption system and method thereof | |
| US7930560B2 (en) | Personal information management system, personal information management program, and personal information protecting method | |
| JP2007500912A (en) | Method and apparatus for encrypting database columns | |
| JPWO2012043012A1 (en) | Encrypted database system, client terminal, encrypted database server, natural join method and program | |
| CN112583809B (en) | Data encryption and decryption method of non-immersion multiple encryption algorithms | |
| Bajaj et al. | Trust edDB: a trusted hardware based outsourced database engine | |
| CN108170753A (en) | A kind of method of Key-Value data base encryptions and Safety query in shared cloud | |
| Ciucanu et al. | : A Secure Framework for Graph Outsourcing and SPARQL Evaluation | |
| Motro et al. | Blind custodians: A database service architecture that supports privacy without encryption | |
| CN115455463A (en) | Hidden SQL query method based on homomorphic encryption | |
| Aburawi | Cryptdb mechanism on graph databases | |
| Almakdi et al. | A Secure Model to Execute Queries Over Encrypted Databases in the Cloud | |
| CN109784075B (en) | Cloud distributed database system and method for data security sharing | |
| CN111639349A (en) | Data encryption processing method and device and storage medium | |
| Rahman et al. | A novel privacy preserving search technique for stego data in untrusted cloud | |
| Carvalho et al. | On the trade-offs of combining multiple secure processing primitives for data analytics | |
| Jacobsen et al. | A literature review of Data as a Service; Defining Schools of Thought |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190528 |
|
| WD01 | Invention patent application deemed withdrawn after publication |