CN110232288A - Geographic information data complex encryption system - Google Patents

Geographic information data complex encryption system Download PDF

Info

Publication number
CN110232288A
CN110232288A CN201910553420.5A CN201910553420A CN110232288A CN 110232288 A CN110232288 A CN 110232288A CN 201910553420 A CN201910553420 A CN 201910553420A CN 110232288 A CN110232288 A CN 110232288A
Authority
CN
China
Prior art keywords
data
encryption
complex
complex encryption
geographic information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910553420.5A
Other languages
Chinese (zh)
Other versions
CN110232288B (en
Inventor
何宗
贾亚辉
张泽烈
王俊
韩维喆
金贤锋
李鸿雁
张红文
苏欣
艾道华
钱文进
舒文强
何小波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHONGQING GEOGRAPHICAL INFORMATION CENTER
Original Assignee
CHONGQING GEOGRAPHICAL INFORMATION CENTER
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHONGQING GEOGRAPHICAL INFORMATION CENTER filed Critical CHONGQING GEOGRAPHICAL INFORMATION CENTER
Priority to CN201910553420.5A priority Critical patent/CN110232288B/en
Publication of CN110232288A publication Critical patent/CN110232288A/en
Application granted granted Critical
Publication of CN110232288B publication Critical patent/CN110232288B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/25Integrating or interfacing systems involving database management systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/29Geographical information databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Abstract

The invention discloses a kind of geographic information data complex encryption systems, are respectively arranged with IT infrastructure layer, data Layer, logical layer and application layer from the bottom up, wherein the IT infrastructure layer is used to provide infrastructure device, the normal operation of safeguards system for system;The data Layer is used to provide the storage and inquiry of data file for system, and the data file includes key and operation log;The logical layer is for providing the interface of various processing business logics in application layer;The application layer is used to realize the compound encryption and decryption of geographic information data using Hybrid Encryption algorithm based on local geography information authorities' encryption system and pi intelligent lock system;The application layer includes complex encryption management module, complex encryption crypto module, complex encryption authorization module, complex encryption log module, complex encryption function library module.Its remarkable result is: realizing geographic information data dual system complex encryption, significantly improves the safety of geographic information data.

Description

Geographic information data complex encryption system
Technical field
The present invention relates to geographic information data processing technology fields, and in particular to a kind of geographic information data complex encryption System.
Background technique
Into Internet era, with the fast development of information technology and the extensive use of geography information, concerning security matters mapping ground Reason information security management faces severe situation.Part concerning security matters survey and draw geography information production and use unit confidential notions thin, Classified information is stored on non-relating computer in violation of rules and regulations, or even sends on the internet, transmit classified information;It is illegal to obtain, provide It happens occasionally with the case of dealing concerning security matters mapping geography information;Organizations and individuals overseas mostly occur and steal the important geographical letter in China Cease the case etc. of data.Currently, it is more abundant that geography information carrier and the form of expression are surveyed and drawn, digitlization achievement is answered extensively With route of transmission is more various, brings severe challenge to the safety management of concerning security matters mapping geography information.Geography information safety is increasingly The difficulties faced as each geographical chief information officer department.
But the security status of geographical chief information officer department each at present, it is found after analysis that there are following data safety is hidden Suffer from:
(1) distribution data there is by it is secondary propagate, move for it with etc. behaviors;
(2) outgoing data causes to leak in third party, can not conclude question of liability of divulging a secret;
(3) there is situations such as dispute over copyright in data, can not effective safeguard rights and interests and responsibility judgment;
(4) outgoing data encryption and decryption operation only one layer of encryption, security level coefficient is lower;
Therefore, security work is still the most important thing in each geographical chief information officer's department.
Summary of the invention
In view of the deficiencies of the prior art, the object of the present invention is to provide a kind of geographic information data complex encryption systems, should System, which passes through, combines local geography information authorities' encryption system and existing pi smart lock software, realizes geography information number According to dual system complex encryption, the safety of geographic information data is significantly improved.
In order to achieve the above objectives, The technical solution adopted by the invention is as follows:
A kind of geographic information data complex encryption system, key are: the system is respectively arranged with IT from the bottom up Infrastructure layer, data Layer, logical layer and application layer, in which:
The IT infrastructure layer is used to provide infrastructure device, the normal operation of safeguards system for system;
The data Layer is used to provide the storage and inquiry of data file for system, and the data file includes key and behaviour Make log;
The logical layer is for providing the interface of various processing business logics in application layer;
The application layer is used to combine local geography information authorities' encryption system and pi intelligent lock system, utilizes Hybrid Encryption algorithm realizes the compound encryption and decryption of geographic information data;
The application layer includes complex encryption management module, complex encryption crypto module, complex encryption authorization module, compound Encrypted logs module, complex encryption function library module:
The complex encryption management module is used to utilize Hybrid Encryption algorithm, realizes the encryption and decryption safety of geographic information data Processing, including single file encryption and decryption and file encryption and decryption;
Encrypted ones processing when the complex encryption crypto module is for realizing data encrypting and deciphering, including key it is newly-increased, Inquiry is deleted;
The complex encryption authorization module for realizing complex encryption data grant use scope and time control;
The complex encryption log module is for realizing complex encryption data encrypting and deciphering and the record of account information is authorized to look into It askes;
The complex encryption function library module for realizing complex encryption system and pi intelligent lock system integration pair It connects.
Further, the IT infrastructure layer includes communication network, operating system, application server and data service Device.
Further, the data Layer includes SQL Server database, MySQL database, in MariaDB database It is a kind of.
Further, the logical layer includes cipher key management interface, data encrypting and deciphering interface, empowerment management interface, log Management interface, database manipulation interface, wherein the cipher key management interface is corresponding with the complex encryption crypto module, institute It is corresponding with the complex encryption management module to state data encrypting and deciphering interface, the empowerment management interface is awarded with the complex encryption Power module is corresponding, and the log management interface is corresponding with the complex encryption log module, the database manipulation interface It is corresponding with the complex encryption function library module.
Further, the Hybrid Encryption algorithm includes dynamic circulation displacement algorithm, hash algorithm and DES algorithm.
Further, the Hybrid Encryption algorithm is when being encrypted geographic information data, the geodata Information successively uses dynamic circulation displacement algorithm, hash algorithm and DES algorithm to carry out staged combination and is encrypted.
Further, the Hybrid Encryption algorithm includes that ciphertext data initial encryption process and ciphertext data are secondary encrypted Journey.
Further, the ciphertext data initial encryption process adds ciphertext data using dynamic circulation displacement algorithm Close processing, the secondary ciphering process of ciphertext data carry out at secondary encryption ciphertext data using hash algorithm and DES algorithm Reason.
Further, the processing step of the ciphertext data initial encryption process is as follows:
Step 1: original geographical information data file being converted into binary system, obtains the data F of binary representation;
Step 2: from data F=(F1,F2,…,Fn) in circulation extract data block Fi(1≤i≤n), and with 0xFF and its into Row AND operation obtains data G;
Step 3: in data G=(G1,G2,…,Gn) in randomly select data block Gj(1≤j≤n), by data block GjIn preceding N The position (1≤N≤n) is moved to data end, remaining low level is mended with 0 and replaced, and binary data A is obtained, then by Gj(n-N) is displaced afterwards Data header is moved, remaining high-order mended with 0 is replaced, and binary data B is obtained;A and B is subjected to inclusive-OR operation;
Step 4: repeating step 3, completed until datacycle all in data G are displaced, obtain the close of initial encryption Literary data CF=(CF1, CF2..., CFn)。
Further, specific step is as follows for the secondary ciphering process of ciphertext data:
Step S1: the ciphertext data C that initial encryption process is obtainedFHash operations are carried out, ciphertext data C is obtainedFHash Value HC
Step S2: in ciphertext data CFIn randomly select ciphertext block data CFiAnd its corresponding hashed value HCi, with hashed value HCiAs key Keyi
Step S3: using DES symmetric encipherment algorithm to ciphertext block data CFiSecondary encryption is carried out, and records key KeyiWith Ciphertext block data CFiBetween corresponding relationship;
Step S4: repeating step S2 and S3, until ciphertext data CFIn all data all encryption is completed again, obtain It is C_C to secondary encrypted ciphertext dataF=(C_CF1,C_CF2..., C_CFk), while obtaining key KeyiWith ciphertext data Block CFiCorrespondence set Key={ key1,key2,…,keyk, wherein 1≤k≤i.
When this system encryption data, the key of use is added by the encryption system and pi of local geography information authorities Close system in combination forms;And complex encryption is carried out to data using the Hybrid Encryption algorithm, and encrypted data are necessary Possess the authorization of geography information authorities encryption system and the authorization ability normal use of pi system simultaneously, thus maximum The safety for having ensured geographic information data of limit has been prevented arbitrarily to be replicated because of data using unit, illegally propagated, storage medium Geographic information data caused by the reasons such as loss and other capsule information leak.
Remarkable result of the invention is:
(1) local geography information authorities' encryption system and pi data encryption system are combined, Hybrid Encryption is utilized Algorithm realizes the complex encryption to geographical information data file;Encryption file must obtain local geography information authorities and add It just can be used when close system and pi data encryption system dual system authorization, can not make under without authorization or single authorization environment With substantially increasing the safety of geographic information data;
(2) this system is using geography information authorities encryption system password and pi data encryption system cipher key combinations It forms, and guarantees that existing encryption safe system can be independently operated, flexibility ratio height;
(3) this system uses transparent encryption mode, and data can be in the client transactions of normal authorization environment without decryption It is used in machine, and data are encrypted state in use process;
(4) Hybrid Encryption algorithm is when carrying out data encryption, in order to not influence the outstanding original process mechanism of various algorithms, Compulsive information fusion is not taken in mixing, but by the way of staged combination, that is, dynamic circulation displacement is first passed through, then pass through Hash algorithm is crossed, finally passes through DES operation, is equivalent to and has added three locks in a data, and this three locks are interrelated, There is the order of operation of oneself, so that the Information Security after Hybrid Encryption increases in geometric multiple formula, the theory of encryption data is broken The solution time, which is promoted to have arrived, to be greater than 200,000,000,000 years.
Detailed description of the invention
Fig. 1 is the principle of the present invention block diagram.
Specific embodiment
Specific embodiment and working principle of the present invention will be described in further detail with reference to the accompanying drawing.
As shown in Figure 1, a kind of geographic information data complex encryption system, the system are respectively arranged with IT base from the bottom up Infrastructure layer, data Layer, logical layer and application layer, in which:
The IT infrastructure layer is used to provide infrastructure device, the normal operation of safeguards system, the basis IT for system Facility layer includes communication network, operating system, application server and data server;
The data Layer is mainly made of SQL data software, for providing the storage and inquiry of data file for system, The data file includes key and operation log;
The logical layer is for providing the interface of various processing business logics in application layer, including cipher key management interface, number According to encryption and decryption interface, empowerment management interface, log management interface, database manipulation interface, and the cipher key management interface and institute It is corresponding to state complex encryption crypto module, the data encrypting and deciphering interface is corresponding with the complex encryption management module, described Empowerment management interface is corresponding with the complex encryption authorization module, the log management interface and the complex encryption log mould Block is corresponding, and the database manipulation interface is corresponding with the complex encryption function library module;
The application layer is exactly encryption software used in us, can be realized the function of the compound encryption and decryption of data, including Complex encryption locks software, and pi smart lock console software, pi smart lock client software etc. can be single based on two The local geography information authorities encryption system and pi intelligent lock system solely used is realized using Hybrid Encryption algorithm The compound encryption and decryption of geographic information data.
The application layer uses modeled programming, and each module keeps certain functional independence, and is system Or other modules of system provide certain specific service.These modules can be developed individually, individually be compiled, or even individually debugging And test.Finally, all these modules construct a complete application system by collaboration.According in Chongqing City's geography information Heart real data process for using survey, research and analysis by complex encryption, compound is awarded in conjunction with pi data security system mechanism Power, the compound safety management managed to realize data, design has following functional module altogether:
The complex encryption management module is used to utilize Hybrid Encryption algorithm, realizes the encryption and decryption safety of geographic information data Processing, including single file encryption and decryption and file encryption and decryption;
Data encryption technology is most basic safe practice, is known as the core of information security, and principle is exactly according to true Sensitive clear data is transformed into the ciphertext data being difficult to by fixed cryptographic algorithm, by using different keys, can be used Same plaintext is encrypted to different ciphertexts by same Encryption Algorithm, then carries out the storage or transmission of information again.When needed, may be used Ciphertext data convert is referred to as decrypted at clear data using key.Accordingly even when encryption information is in storage or transmission process It is obtained by unauthorized personnel, it is also ensured that these information do not recognize for it, to achieve the purpose that protect information.Data add The close effective ways for being acknowledged as the protection only practical method of data transmission security and protecting storing data safety.
Therefore, in the present embodiment, data are encrypted using the Hybrid Encryption algorithm, are wanted with reaching The geographic information data safety asked.The Hybrid Encryption algorithm includes dynamic circulation displacement algorithm, hash algorithm and DES algorithm, When geographic information data is encrypted, the geodata information successively uses dynamic circulation displacement algorithm, Hash Algorithm carries out staged combination with DES algorithm and is encrypted.
For dynamic circulation displacement algorithm: that is to say dynamic circulation binary system displacement algorithm, be a kind of autonomous, low consumption Permutation algorithm.It is the operation for numerical value being become binary system and then carrying out loopy moving according to certain dynamic mode.To protect It has demonstrate,proved the final parameter for participating in DES algorithm to be converted, has been further ensured that the safety of system encryption.
For DES algorithm: the international advanced algorithm with high safety is grouped by 64, password in plain text By 56 participation DES operations, plaintext group and 56 key step-by-steps substitution or the method for exchange after grouping form ciphertext group Encryption method.Belong to symmetry algorithm, it is identical password that when encrypting and decrypting, which takes,.
For hash algorithm: " hash " is done in Hash, general translation, and it is exactly any that also having direct transliteration, which is " Hash ", The input (be called and be preliminary mapping pre-image) of length is transformed into the output of regular length by hashing algorithm, which is exactly Hashed value.This conversion is a kind of compression mapping, it is, the space of hashed value is generally much less than the space inputted, it is different Input may hash to identical output, it is impossible to unique input value is determined from hashed value.
Further, geographic information data encryption process includes ciphertext data initial encryption process and ciphertext data two Secondary ciphering process, specifically, the ciphertext data initial encryption process carries out ciphertext data using dynamic circulation displacement algorithm Encryption, the secondary ciphering process of ciphertext data carry out secondary encryption to ciphertext data using hash algorithm and DES algorithm Processing:
For the ciphertext data initial encryption process, processing step is as follows:
Step 1: original geographical information data file being converted into binary system, obtains the data F of binary representation;
Step 2: from data F=(F1,F2,…,Fn) in circulation extract data block Fi(1≤i≤n), and with 0xFF and its into Row AND operation obtains data G;
Step 3: in data G=(G1,G2,…,Gn) in randomly select data block Gj(1≤j≤n), by data block GjIn preceding N The position (1≤N≤n) is moved to data end, remaining low level is mended with 0 and replaced, and binary data A is obtained, then by Gj(n-N) is displaced afterwards Data header is moved, remaining high-order mended with 0 is replaced, and binary data B is obtained;A and B is subjected to inclusive-OR operation;
Step 4: repeating step 3, completed until datacycle all in data G are displaced, obtain the close of initial encryption Literary data CF=(CF1, CF2..., CFn)。
For the secondary ciphering process of ciphertext data, the specific steps of which are as follows:
Step S1: the ciphertext data C that initial encryption process is obtainedFHash operations are carried out, ciphertext data C is obtainedFHash Value HC
Step S2: in ciphertext data CFIn randomly select ciphertext block data CFiAnd its corresponding hashed value HCi, with hashed value HCiAs key Keyi
Step S3: using DES symmetric encipherment algorithm to ciphertext block data CFiSecondary encryption is carried out, and records key KeyiWith Ciphertext block data CFiBetween corresponding relationship;
Step S4: repeating step S2 and S3, until ciphertext data CFIn all data all encryption is completed again, obtain It is C_C to secondary encrypted ciphertext dataF=(C_CF1,C_CF2..., C_CFk), while obtaining key KeyiWith ciphertext data Block CFiCorrespondence set Key={ key1,key2,…,keyk, wherein 1≤k≤i.
In the specific application process, this system combination demand analysis and Functional Design design following encryption and decryption business Logic.
For encrypting service logic:
There are three types of the departments being related in the transmission of entire data and production process, respectively data possessing unit, data Distribute unit and data production unit.
The above two are mainly that responsibility is to complete the cryptographic tasks of data and generate corresponding authority, and the latter is mainly root The encryption data production activity with authorization is completed according to authority.First layer encryption is completed by data possessing unit, the Two layers of encryption are to distribute unit by data to complete, and the two can generate corresponding authority during encryption data. It is equivalent to a data, the double-deck key controller.It analyzes according to demand it is found that data distribute the pi intelligence that unit is possessed simultaneously It is original not encrypt number when data possessing unit issues data to distribute the data of unit that management end, which can be locked, and can be independently operated, here If, it can independently carry out single layer encryption and license.
For decryption logic:
Decryption services logic relative to encryption service logic be it is reverse, there are two the department being related to is main: one is Data possessing unit, one is that data distribute unit.Encryption data after having produced can enter data first and distribute unit, by Data distribute unit and are decrypted, if the encryption data after having produced only has one layer of encryption, only distribute unit by data The decryption work that all data can be completed is decrypted;If the encryption data after the completion of production is complex encryption, first Unit is distributed by data and carries out the work of first layer data deciphering, then gives data possessing unit, data possessing unit carries out again Second of decryption work could complete whole decryption of data.
Encrypted ones processing when the complex encryption crypto module is for realizing data encrypting and deciphering, including key it is newly-increased, Inquiry is deleted;
The complex encryption authorization module for realizing complex encryption data grant use scope and time control;
The complex encryption log module is for realizing complex encryption data encrypting and deciphering and the record of account information is authorized to look into It askes;
The complex encryption function library module for realizing complex encryption system and pi intelligent lock system integration pair It connects.
It can further be seen from figure 1 that the logical layer of this system is additionally provided with file monitor drive module, the file monitor Drive module is Windows intermediate driver, on file system.In the system service request that application program is sent Before reaching file system, it first receives system service request, therefore can request again the system service of application program It explains.File monitor driver is located at the upper surface of some other driver, can intercept and be sent to setting for lower layer's driver The request of standby object.
In client modules, system by file monitor drive in the way of, after the data used to operator carry out The automatic encryption and decryption of platform.
This system is Windows middle layer by monitoring driving by file monitor actuation techniques, what application program was sent Before document processing request reaches file system, system first intercepts and captures the service request, translates encryption data in middle layer, The data stream contents for translating into plaintext are finally returned into application program, to realize transparent encryption.Such process flow is disobeyed Rely file itself format, do not depend on file particular content, encryption and decryption is opened without data by other applications when handling, and is protected The diversity of data support is demonstrate,proved;
Meanwhile by file monitor actuation techniques, winXP, win7, win10, the systems such as win server can be supported. It ensure that the multisystem of encryption system;Can also according to this mechanism, after the specific modification of platform, be transplanted to IOS and On android system, the multi-platform property of complex encryption lock system ensure that.
In this system, the encryption system and pi intelligent lock system of local geographical information management department have respective respectively Encryption key uses respective Encryption Algorithm respectively, generates respective permission respectively, the data of encryption have respective respectively Encryption identification.In outgoing data, the encryption system encryption of local geographical information management department is first passed through, system is used when encryption Itself unique key;It is encrypted after the completion of encryption using pi data security system, when encryption uses pi data to pacify again Itself system-wide unique key has double guarantee by the data of complex encryption in this way in safety;
Along with Hybrid Encryption algorithm is by staged combination, geographic information data is first passed through into dynamic circulation position It moves, using hash algorithm, finally passes through DES operation, be equivalent to and added three locks in a data, and this three lock phases Mutual correlation has the order of operation of oneself;So that safety, at geometric increase, the theory of encryption data cracks time promotion and arrives Greater than 200,000,000,000 years.
Technical solution provided by the present invention is described in detail above.Specific case used herein is to this hair Bright principle and embodiment is expounded, method of the invention that the above embodiments are only used to help understand and its Core concept.It should be pointed out that for those skilled in the art, in the premise for not departing from the principle of the invention Under, it can be with several improvements and modifications are made to the present invention, these improvement and modification also fall into the protection of the claims in the present invention In range.

Claims (10)

1. a kind of geographic information data complex encryption system, it is characterised in that: the system is respectively arranged with IT base from the bottom up Infrastructure layer, data Layer, logical layer and application layer, in which:
The IT infrastructure layer is used to provide infrastructure device, the normal operation of safeguards system for system;
The data Layer is used to provide the storage and inquiry of data file for system, and the data file includes key and operation day Will;
The logical layer is for providing the interface of various processing business logics in application layer;
The application layer is used to combine local geography information authorities' encryption system and pi intelligent lock system, utilizes mixing Encryption Algorithm realizes the compound encryption and decryption of geographic information data;
The application layer includes complex encryption management module, complex encryption crypto module, complex encryption authorization module, complex encryption Log module, complex encryption function library module:
The complex encryption management module is used to utilize Hybrid Encryption algorithm, realizes the encryption and decryption safe place of geographic information data Reason, including single file encryption and decryption and file encryption and decryption;
Encrypted ones processing when the complex encryption crypto module is for realizing data encrypting and deciphering, including key is newly-increased, inquiry, It deletes;
The complex encryption authorization module for realizing complex encryption data grant use scope and time control;
The complex encryption log module is for realizing complex encryption data encrypting and deciphering and the record queries of authorization account information;
The complex encryption function library module docks for realizing the integration of complex encryption system and pi intelligent lock system.
2. geographic information data complex encryption system according to claim 1, it is characterised in that: the IT infrastructure layer Including communication network, operating system, application server and data server.
3. geographic information data complex encryption system according to claim 1, it is characterised in that: the data Layer includes One of SQL Server database, MySQL database, MariaDB database.
4. geographic information data complex encryption system according to claim 1, it is characterised in that: the logical layer includes close Key management interface, data encrypting and deciphering interface, empowerment management interface, log management interface, database manipulation interface, wherein described Cipher key management interface is corresponding with the complex encryption crypto module, the data encrypting and deciphering interface and the complex encryption management Module is corresponding, and the empowerment management interface is corresponding with the complex encryption authorization module, the log management interface and institute It is corresponding to state complex encryption log module, the database manipulation interface is corresponding with the complex encryption function library module.
5. geographic information data complex encryption system according to claim 1, it is characterised in that: the Hybrid Encryption algorithm Including dynamic circulation displacement algorithm, hash algorithm and DES algorithm.
6. geographic information data complex encryption system according to claim 5, it is characterised in that: the Hybrid Encryption algorithm When geographic information data is encrypted, the geodata information successively uses dynamic circulation displacement algorithm, Hash Algorithm carries out staged combination with DES algorithm and is encrypted.
7. described in any item geographic information data complex encryption systems according to claim 1~6, it is characterised in that: described mixed Closing Encryption Algorithm includes ciphertext data initial encryption process and the secondary ciphering process of ciphertext data.
8. geographic information data complex encryption system according to claim 7, it is characterised in that: the ciphertext data are initial Ciphering process is encrypted ciphertext data using dynamic circulation displacement algorithm, and the secondary ciphering process of ciphertext data is adopted Secondary encryption is carried out to ciphertext data with hash algorithm and DES algorithm.
9. geographic information data complex encryption system according to claim 8, it is characterised in that: the ciphertext data are initial The processing step of ciphering process is as follows:
Step 1: original geographical information data file being converted into binary system, obtains the data F of binary representation;
Step 2: from data F=(F1,F2,…,Fn) in circulation extract data block Fi(1≤i≤n), and carried out with 0xFF with it AND operation obtains data G;
Step 3: in data G=(G1,G2,…,Gn) in randomly select data block Gj(1≤j≤n), by data block GjIn preceding N (1≤ N≤n) position is moved to data end, and remaining low level is mended with 0 and is replaced, and binary data A is obtained, then by GjThe position (n-N) is moved to afterwards Data header, remaining high-order mended with 0 are replaced, and binary data B is obtained;A and B is subjected to inclusive-OR operation;
Step 4: repeating step 3, completed until datacycle all in data G are displaced, obtain the ciphertext number of initial encryption According to CF=(CF1, CF2..., CFn)。
10. geographic information data complex encryption system according to claim 8 or claim 9, it is characterised in that: the ciphertext data Specific step is as follows for secondary ciphering process:
Step S1: the ciphertext data C that initial encryption process is obtainedFHash operations are carried out, ciphertext data C is obtainedFHashed value HC
Step S2: in ciphertext data CFIn randomly select ciphertext block data CFiAnd its corresponding hashed value HCi, with hashed value HCiMake For key Keyi
Step S3: using DES symmetric encipherment algorithm to ciphertext block data CFiSecondary encryption is carried out, and records key KeyiWith ciphertext Data block CFiBetween corresponding relationship;
Step S4: repeating step S2 and S3, until ciphertext data CFIn all data all encryption is completed again, obtain two Secondary encrypted ciphertext data are C_CF=(C_CF1,C_CF2..., C_CFk), while obtaining key KeyiWith ciphertext block data CFi Correspondence set Key={ key1,key2,…,keyk, wherein 1≤k≤i.
CN201910553420.5A 2019-06-25 2019-06-25 Geographic information data composite encryption system Active CN110232288B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910553420.5A CN110232288B (en) 2019-06-25 2019-06-25 Geographic information data composite encryption system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910553420.5A CN110232288B (en) 2019-06-25 2019-06-25 Geographic information data composite encryption system

Publications (2)

Publication Number Publication Date
CN110232288A true CN110232288A (en) 2019-09-13
CN110232288B CN110232288B (en) 2020-10-30

Family

ID=67857399

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910553420.5A Active CN110232288B (en) 2019-06-25 2019-06-25 Geographic information data composite encryption system

Country Status (1)

Country Link
CN (1) CN110232288B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104462995A (en) * 2014-11-28 2015-03-25 福建畅云安鼎信息科技有限公司 Digital processing safety protection system
CN104978363A (en) * 2014-04-11 2015-10-14 珠海市君天电子科技有限公司 Detection method and system of encryption algorithm
CN105022769A (en) * 2015-01-07 2015-11-04 泰华智慧产业集团股份有限公司 Data interaction system of urban underground pipeline, and method thereof
CN105553940A (en) * 2015-12-09 2016-05-04 北京中科云集科技有限公司 Safety protection method based on big data processing platform
CN106713363A (en) * 2017-02-27 2017-05-24 北京亚太东方通信网络有限公司 Method for constructing interactive network service based on global transmission sharing
US20180032739A1 (en) * 2016-07-29 2018-02-01 Sap Se Encryption of application data using field-level metadata
CN109241032A (en) * 2018-08-16 2019-01-18 北京京东尚科信息技术有限公司 Account book database component, operation method and storage medium
CN109784681A (en) * 2018-12-26 2019-05-21 中国大唐集团科学技术研究院有限公司 Power engineering project investment management system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104978363A (en) * 2014-04-11 2015-10-14 珠海市君天电子科技有限公司 Detection method and system of encryption algorithm
CN104462995A (en) * 2014-11-28 2015-03-25 福建畅云安鼎信息科技有限公司 Digital processing safety protection system
CN105022769A (en) * 2015-01-07 2015-11-04 泰华智慧产业集团股份有限公司 Data interaction system of urban underground pipeline, and method thereof
CN105553940A (en) * 2015-12-09 2016-05-04 北京中科云集科技有限公司 Safety protection method based on big data processing platform
US20180032739A1 (en) * 2016-07-29 2018-02-01 Sap Se Encryption of application data using field-level metadata
CN106713363A (en) * 2017-02-27 2017-05-24 北京亚太东方通信网络有限公司 Method for constructing interactive network service based on global transmission sharing
CN109241032A (en) * 2018-08-16 2019-01-18 北京京东尚科信息技术有限公司 Account book database component, operation method and storage medium
CN109784681A (en) * 2018-12-26 2019-05-21 中国大唐集团科学技术研究院有限公司 Power engineering project investment management system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
何宗等: "基于GIS的重庆市镇街乡规划综合数据库建设", 《地理空间信息》 *
张立朝等: "地理标记语言的通用型地理信息服务平台", 《测绘科学》 *

Also Published As

Publication number Publication date
CN110232288B (en) 2020-10-30

Similar Documents

Publication Publication Date Title
CN108830601B (en) Smart city information safe use method and system based on block chain
US10348700B2 (en) Verifiable trust for data through wrapper composition
CN101504706B (en) Database information encryption method and system
CN102821096B (en) Distributed storage system and file sharing method thereof
CN101587479B (en) Database management system kernel oriented data encryption/decryption system and method thereof
CN101938497B (en) Multistage security file structure as well as file access control and secret key management user terminal, service terminal, system and method thereof
CN101710380B (en) Electronic document safety protection method
CN105426775B (en) A kind of method and system for protecting smart mobile phone information security
CN101183384B (en) Data processing method and device
CN101043326B (en) Dynamic information encrypting system and method
CN102307185A (en) Data isolation method used in storage cloud
CN105378649A (en) Multiple authority data security and access
CN102752109A (en) Secret key management method and device for encrypting data base column
CN102236766A (en) Security data item level database encryption system
CN109740363A (en) Rating documents desensitization encryption method
CN104376237A (en) Safety control method and safety control system for information in production procedures
CN104063334A (en) Encryption method and system based on data attributions
CN111008855B (en) Retrospective data access control method based on improved proxy re-encryption
CN109165526A (en) A kind of big data security and privacy guard method, device and storage medium
CN106326666A (en) Health record information management service system
CN106330934A (en) Distributed database system authority management method and device
CN113127927B (en) Attribute reconstruction encryption method and system for license chain data sharing and supervision
CN110232288A (en) Geographic information data complex encryption system
KR102258064B1 (en) System and method for providing hybrid blockchain based aircraft control service
CN107786662A (en) A kind of efficient communication message processing method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 400020 Jiangbei District, Chongqing electric measuring Village No. 231

Applicant after: Chongqing geographic information and Remote Sensing Application Center (Chongqing surveying and mapping product quality inspection and testing center)

Address before: 400000 electric survey village, Jiangbei District, Chongqing City, No. 231

Applicant before: Chongqing Geographical Information Center

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant