CN110232288A - Geographic information data complex encryption system - Google Patents
Geographic information data complex encryption system Download PDFInfo
- Publication number
- CN110232288A CN110232288A CN201910553420.5A CN201910553420A CN110232288A CN 110232288 A CN110232288 A CN 110232288A CN 201910553420 A CN201910553420 A CN 201910553420A CN 110232288 A CN110232288 A CN 110232288A
- Authority
- CN
- China
- Prior art keywords
- data
- encryption
- complex
- complex encryption
- geographic information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/29—Geographical information databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The invention discloses a kind of geographic information data complex encryption systems, are respectively arranged with IT infrastructure layer, data Layer, logical layer and application layer from the bottom up, wherein the IT infrastructure layer is used to provide infrastructure device, the normal operation of safeguards system for system;The data Layer is used to provide the storage and inquiry of data file for system, and the data file includes key and operation log;The logical layer is for providing the interface of various processing business logics in application layer;The application layer is used to realize the compound encryption and decryption of geographic information data using Hybrid Encryption algorithm based on local geography information authorities' encryption system and pi intelligent lock system;The application layer includes complex encryption management module, complex encryption crypto module, complex encryption authorization module, complex encryption log module, complex encryption function library module.Its remarkable result is: realizing geographic information data dual system complex encryption, significantly improves the safety of geographic information data.
Description
Technical field
The present invention relates to geographic information data processing technology fields, and in particular to a kind of geographic information data complex encryption
System.
Background technique
Into Internet era, with the fast development of information technology and the extensive use of geography information, concerning security matters mapping ground
Reason information security management faces severe situation.Part concerning security matters survey and draw geography information production and use unit confidential notions thin,
Classified information is stored on non-relating computer in violation of rules and regulations, or even sends on the internet, transmit classified information;It is illegal to obtain, provide
It happens occasionally with the case of dealing concerning security matters mapping geography information;Organizations and individuals overseas mostly occur and steal the important geographical letter in China
Cease the case etc. of data.Currently, it is more abundant that geography information carrier and the form of expression are surveyed and drawn, digitlization achievement is answered extensively
With route of transmission is more various, brings severe challenge to the safety management of concerning security matters mapping geography information.Geography information safety is increasingly
The difficulties faced as each geographical chief information officer department.
But the security status of geographical chief information officer department each at present, it is found after analysis that there are following data safety is hidden
Suffer from:
(1) distribution data there is by it is secondary propagate, move for it with etc. behaviors;
(2) outgoing data causes to leak in third party, can not conclude question of liability of divulging a secret;
(3) there is situations such as dispute over copyright in data, can not effective safeguard rights and interests and responsibility judgment;
(4) outgoing data encryption and decryption operation only one layer of encryption, security level coefficient is lower;
Therefore, security work is still the most important thing in each geographical chief information officer's department.
Summary of the invention
In view of the deficiencies of the prior art, the object of the present invention is to provide a kind of geographic information data complex encryption systems, should
System, which passes through, combines local geography information authorities' encryption system and existing pi smart lock software, realizes geography information number
According to dual system complex encryption, the safety of geographic information data is significantly improved.
In order to achieve the above objectives, The technical solution adopted by the invention is as follows:
A kind of geographic information data complex encryption system, key are: the system is respectively arranged with IT from the bottom up
Infrastructure layer, data Layer, logical layer and application layer, in which:
The IT infrastructure layer is used to provide infrastructure device, the normal operation of safeguards system for system;
The data Layer is used to provide the storage and inquiry of data file for system, and the data file includes key and behaviour
Make log;
The logical layer is for providing the interface of various processing business logics in application layer;
The application layer is used to combine local geography information authorities' encryption system and pi intelligent lock system, utilizes
Hybrid Encryption algorithm realizes the compound encryption and decryption of geographic information data;
The application layer includes complex encryption management module, complex encryption crypto module, complex encryption authorization module, compound
Encrypted logs module, complex encryption function library module:
The complex encryption management module is used to utilize Hybrid Encryption algorithm, realizes the encryption and decryption safety of geographic information data
Processing, including single file encryption and decryption and file encryption and decryption;
Encrypted ones processing when the complex encryption crypto module is for realizing data encrypting and deciphering, including key it is newly-increased,
Inquiry is deleted;
The complex encryption authorization module for realizing complex encryption data grant use scope and time control;
The complex encryption log module is for realizing complex encryption data encrypting and deciphering and the record of account information is authorized to look into
It askes;
The complex encryption function library module for realizing complex encryption system and pi intelligent lock system integration pair
It connects.
Further, the IT infrastructure layer includes communication network, operating system, application server and data service
Device.
Further, the data Layer includes SQL Server database, MySQL database, in MariaDB database
It is a kind of.
Further, the logical layer includes cipher key management interface, data encrypting and deciphering interface, empowerment management interface, log
Management interface, database manipulation interface, wherein the cipher key management interface is corresponding with the complex encryption crypto module, institute
It is corresponding with the complex encryption management module to state data encrypting and deciphering interface, the empowerment management interface is awarded with the complex encryption
Power module is corresponding, and the log management interface is corresponding with the complex encryption log module, the database manipulation interface
It is corresponding with the complex encryption function library module.
Further, the Hybrid Encryption algorithm includes dynamic circulation displacement algorithm, hash algorithm and DES algorithm.
Further, the Hybrid Encryption algorithm is when being encrypted geographic information data, the geodata
Information successively uses dynamic circulation displacement algorithm, hash algorithm and DES algorithm to carry out staged combination and is encrypted.
Further, the Hybrid Encryption algorithm includes that ciphertext data initial encryption process and ciphertext data are secondary encrypted
Journey.
Further, the ciphertext data initial encryption process adds ciphertext data using dynamic circulation displacement algorithm
Close processing, the secondary ciphering process of ciphertext data carry out at secondary encryption ciphertext data using hash algorithm and DES algorithm
Reason.
Further, the processing step of the ciphertext data initial encryption process is as follows:
Step 1: original geographical information data file being converted into binary system, obtains the data F of binary representation;
Step 2: from data F=(F1,F2,…,Fn) in circulation extract data block Fi(1≤i≤n), and with 0xFF and its into
Row AND operation obtains data G;
Step 3: in data G=(G1,G2,…,Gn) in randomly select data block Gj(1≤j≤n), by data block GjIn preceding N
The position (1≤N≤n) is moved to data end, remaining low level is mended with 0 and replaced, and binary data A is obtained, then by Gj(n-N) is displaced afterwards
Data header is moved, remaining high-order mended with 0 is replaced, and binary data B is obtained;A and B is subjected to inclusive-OR operation;
Step 4: repeating step 3, completed until datacycle all in data G are displaced, obtain the close of initial encryption
Literary data CF=(CF1, CF2..., CFn)。
Further, specific step is as follows for the secondary ciphering process of ciphertext data:
Step S1: the ciphertext data C that initial encryption process is obtainedFHash operations are carried out, ciphertext data C is obtainedFHash
Value HC;
Step S2: in ciphertext data CFIn randomly select ciphertext block data CFiAnd its corresponding hashed value HCi, with hashed value
HCiAs key Keyi;
Step S3: using DES symmetric encipherment algorithm to ciphertext block data CFiSecondary encryption is carried out, and records key KeyiWith
Ciphertext block data CFiBetween corresponding relationship;
Step S4: repeating step S2 and S3, until ciphertext data CFIn all data all encryption is completed again, obtain
It is C_C to secondary encrypted ciphertext dataF=(C_CF1,C_CF2..., C_CFk), while obtaining key KeyiWith ciphertext data
Block CFiCorrespondence set Key={ key1,key2,…,keyk, wherein 1≤k≤i.
When this system encryption data, the key of use is added by the encryption system and pi of local geography information authorities
Close system in combination forms;And complex encryption is carried out to data using the Hybrid Encryption algorithm, and encrypted data are necessary
Possess the authorization of geography information authorities encryption system and the authorization ability normal use of pi system simultaneously, thus maximum
The safety for having ensured geographic information data of limit has been prevented arbitrarily to be replicated because of data using unit, illegally propagated, storage medium
Geographic information data caused by the reasons such as loss and other capsule information leak.
Remarkable result of the invention is:
(1) local geography information authorities' encryption system and pi data encryption system are combined, Hybrid Encryption is utilized
Algorithm realizes the complex encryption to geographical information data file;Encryption file must obtain local geography information authorities and add
It just can be used when close system and pi data encryption system dual system authorization, can not make under without authorization or single authorization environment
With substantially increasing the safety of geographic information data;
(2) this system is using geography information authorities encryption system password and pi data encryption system cipher key combinations
It forms, and guarantees that existing encryption safe system can be independently operated, flexibility ratio height;
(3) this system uses transparent encryption mode, and data can be in the client transactions of normal authorization environment without decryption
It is used in machine, and data are encrypted state in use process;
(4) Hybrid Encryption algorithm is when carrying out data encryption, in order to not influence the outstanding original process mechanism of various algorithms,
Compulsive information fusion is not taken in mixing, but by the way of staged combination, that is, dynamic circulation displacement is first passed through, then pass through
Hash algorithm is crossed, finally passes through DES operation, is equivalent to and has added three locks in a data, and this three locks are interrelated,
There is the order of operation of oneself, so that the Information Security after Hybrid Encryption increases in geometric multiple formula, the theory of encryption data is broken
The solution time, which is promoted to have arrived, to be greater than 200,000,000,000 years.
Detailed description of the invention
Fig. 1 is the principle of the present invention block diagram.
Specific embodiment
Specific embodiment and working principle of the present invention will be described in further detail with reference to the accompanying drawing.
As shown in Figure 1, a kind of geographic information data complex encryption system, the system are respectively arranged with IT base from the bottom up
Infrastructure layer, data Layer, logical layer and application layer, in which:
The IT infrastructure layer is used to provide infrastructure device, the normal operation of safeguards system, the basis IT for system
Facility layer includes communication network, operating system, application server and data server;
The data Layer is mainly made of SQL data software, for providing the storage and inquiry of data file for system,
The data file includes key and operation log;
The logical layer is for providing the interface of various processing business logics in application layer, including cipher key management interface, number
According to encryption and decryption interface, empowerment management interface, log management interface, database manipulation interface, and the cipher key management interface and institute
It is corresponding to state complex encryption crypto module, the data encrypting and deciphering interface is corresponding with the complex encryption management module, described
Empowerment management interface is corresponding with the complex encryption authorization module, the log management interface and the complex encryption log mould
Block is corresponding, and the database manipulation interface is corresponding with the complex encryption function library module;
The application layer is exactly encryption software used in us, can be realized the function of the compound encryption and decryption of data, including
Complex encryption locks software, and pi smart lock console software, pi smart lock client software etc. can be single based on two
The local geography information authorities encryption system and pi intelligent lock system solely used is realized using Hybrid Encryption algorithm
The compound encryption and decryption of geographic information data.
The application layer uses modeled programming, and each module keeps certain functional independence, and is system
Or other modules of system provide certain specific service.These modules can be developed individually, individually be compiled, or even individually debugging
And test.Finally, all these modules construct a complete application system by collaboration.According in Chongqing City's geography information
Heart real data process for using survey, research and analysis by complex encryption, compound is awarded in conjunction with pi data security system mechanism
Power, the compound safety management managed to realize data, design has following functional module altogether:
The complex encryption management module is used to utilize Hybrid Encryption algorithm, realizes the encryption and decryption safety of geographic information data
Processing, including single file encryption and decryption and file encryption and decryption;
Data encryption technology is most basic safe practice, is known as the core of information security, and principle is exactly according to true
Sensitive clear data is transformed into the ciphertext data being difficult to by fixed cryptographic algorithm, by using different keys, can be used
Same plaintext is encrypted to different ciphertexts by same Encryption Algorithm, then carries out the storage or transmission of information again.When needed, may be used
Ciphertext data convert is referred to as decrypted at clear data using key.Accordingly even when encryption information is in storage or transmission process
It is obtained by unauthorized personnel, it is also ensured that these information do not recognize for it, to achieve the purpose that protect information.Data add
The close effective ways for being acknowledged as the protection only practical method of data transmission security and protecting storing data safety.
Therefore, in the present embodiment, data are encrypted using the Hybrid Encryption algorithm, are wanted with reaching
The geographic information data safety asked.The Hybrid Encryption algorithm includes dynamic circulation displacement algorithm, hash algorithm and DES algorithm,
When geographic information data is encrypted, the geodata information successively uses dynamic circulation displacement algorithm, Hash
Algorithm carries out staged combination with DES algorithm and is encrypted.
For dynamic circulation displacement algorithm: that is to say dynamic circulation binary system displacement algorithm, be a kind of autonomous, low consumption
Permutation algorithm.It is the operation for numerical value being become binary system and then carrying out loopy moving according to certain dynamic mode.To protect
It has demonstrate,proved the final parameter for participating in DES algorithm to be converted, has been further ensured that the safety of system encryption.
For DES algorithm: the international advanced algorithm with high safety is grouped by 64, password in plain text
By 56 participation DES operations, plaintext group and 56 key step-by-steps substitution or the method for exchange after grouping form ciphertext group
Encryption method.Belong to symmetry algorithm, it is identical password that when encrypting and decrypting, which takes,.
For hash algorithm: " hash " is done in Hash, general translation, and it is exactly any that also having direct transliteration, which is " Hash ",
The input (be called and be preliminary mapping pre-image) of length is transformed into the output of regular length by hashing algorithm, which is exactly
Hashed value.This conversion is a kind of compression mapping, it is, the space of hashed value is generally much less than the space inputted, it is different
Input may hash to identical output, it is impossible to unique input value is determined from hashed value.
Further, geographic information data encryption process includes ciphertext data initial encryption process and ciphertext data two
Secondary ciphering process, specifically, the ciphertext data initial encryption process carries out ciphertext data using dynamic circulation displacement algorithm
Encryption, the secondary ciphering process of ciphertext data carry out secondary encryption to ciphertext data using hash algorithm and DES algorithm
Processing:
For the ciphertext data initial encryption process, processing step is as follows:
Step 1: original geographical information data file being converted into binary system, obtains the data F of binary representation;
Step 2: from data F=(F1,F2,…,Fn) in circulation extract data block Fi(1≤i≤n), and with 0xFF and its into
Row AND operation obtains data G;
Step 3: in data G=(G1,G2,…,Gn) in randomly select data block Gj(1≤j≤n), by data block GjIn preceding N
The position (1≤N≤n) is moved to data end, remaining low level is mended with 0 and replaced, and binary data A is obtained, then by Gj(n-N) is displaced afterwards
Data header is moved, remaining high-order mended with 0 is replaced, and binary data B is obtained;A and B is subjected to inclusive-OR operation;
Step 4: repeating step 3, completed until datacycle all in data G are displaced, obtain the close of initial encryption
Literary data CF=(CF1, CF2..., CFn)。
For the secondary ciphering process of ciphertext data, the specific steps of which are as follows:
Step S1: the ciphertext data C that initial encryption process is obtainedFHash operations are carried out, ciphertext data C is obtainedFHash
Value HC;
Step S2: in ciphertext data CFIn randomly select ciphertext block data CFiAnd its corresponding hashed value HCi, with hashed value
HCiAs key Keyi;
Step S3: using DES symmetric encipherment algorithm to ciphertext block data CFiSecondary encryption is carried out, and records key KeyiWith
Ciphertext block data CFiBetween corresponding relationship;
Step S4: repeating step S2 and S3, until ciphertext data CFIn all data all encryption is completed again, obtain
It is C_C to secondary encrypted ciphertext dataF=(C_CF1,C_CF2..., C_CFk), while obtaining key KeyiWith ciphertext data
Block CFiCorrespondence set Key={ key1,key2,…,keyk, wherein 1≤k≤i.
In the specific application process, this system combination demand analysis and Functional Design design following encryption and decryption business
Logic.
For encrypting service logic:
There are three types of the departments being related in the transmission of entire data and production process, respectively data possessing unit, data
Distribute unit and data production unit.
The above two are mainly that responsibility is to complete the cryptographic tasks of data and generate corresponding authority, and the latter is mainly root
The encryption data production activity with authorization is completed according to authority.First layer encryption is completed by data possessing unit, the
Two layers of encryption are to distribute unit by data to complete, and the two can generate corresponding authority during encryption data.
It is equivalent to a data, the double-deck key controller.It analyzes according to demand it is found that data distribute the pi intelligence that unit is possessed simultaneously
It is original not encrypt number when data possessing unit issues data to distribute the data of unit that management end, which can be locked, and can be independently operated, here
If, it can independently carry out single layer encryption and license.
For decryption logic:
Decryption services logic relative to encryption service logic be it is reverse, there are two the department being related to is main: one is
Data possessing unit, one is that data distribute unit.Encryption data after having produced can enter data first and distribute unit, by
Data distribute unit and are decrypted, if the encryption data after having produced only has one layer of encryption, only distribute unit by data
The decryption work that all data can be completed is decrypted;If the encryption data after the completion of production is complex encryption, first
Unit is distributed by data and carries out the work of first layer data deciphering, then gives data possessing unit, data possessing unit carries out again
Second of decryption work could complete whole decryption of data.
Encrypted ones processing when the complex encryption crypto module is for realizing data encrypting and deciphering, including key it is newly-increased,
Inquiry is deleted;
The complex encryption authorization module for realizing complex encryption data grant use scope and time control;
The complex encryption log module is for realizing complex encryption data encrypting and deciphering and the record of account information is authorized to look into
It askes;
The complex encryption function library module for realizing complex encryption system and pi intelligent lock system integration pair
It connects.
It can further be seen from figure 1 that the logical layer of this system is additionally provided with file monitor drive module, the file monitor
Drive module is Windows intermediate driver, on file system.In the system service request that application program is sent
Before reaching file system, it first receives system service request, therefore can request again the system service of application program
It explains.File monitor driver is located at the upper surface of some other driver, can intercept and be sent to setting for lower layer's driver
The request of standby object.
In client modules, system by file monitor drive in the way of, after the data used to operator carry out
The automatic encryption and decryption of platform.
This system is Windows middle layer by monitoring driving by file monitor actuation techniques, what application program was sent
Before document processing request reaches file system, system first intercepts and captures the service request, translates encryption data in middle layer,
The data stream contents for translating into plaintext are finally returned into application program, to realize transparent encryption.Such process flow is disobeyed
Rely file itself format, do not depend on file particular content, encryption and decryption is opened without data by other applications when handling, and is protected
The diversity of data support is demonstrate,proved;
Meanwhile by file monitor actuation techniques, winXP, win7, win10, the systems such as win server can be supported.
It ensure that the multisystem of encryption system;Can also according to this mechanism, after the specific modification of platform, be transplanted to IOS and
On android system, the multi-platform property of complex encryption lock system ensure that.
In this system, the encryption system and pi intelligent lock system of local geographical information management department have respective respectively
Encryption key uses respective Encryption Algorithm respectively, generates respective permission respectively, the data of encryption have respective respectively
Encryption identification.In outgoing data, the encryption system encryption of local geographical information management department is first passed through, system is used when encryption
Itself unique key;It is encrypted after the completion of encryption using pi data security system, when encryption uses pi data to pacify again
Itself system-wide unique key has double guarantee by the data of complex encryption in this way in safety;
Along with Hybrid Encryption algorithm is by staged combination, geographic information data is first passed through into dynamic circulation position
It moves, using hash algorithm, finally passes through DES operation, be equivalent to and added three locks in a data, and this three lock phases
Mutual correlation has the order of operation of oneself;So that safety, at geometric increase, the theory of encryption data cracks time promotion and arrives
Greater than 200,000,000,000 years.
Technical solution provided by the present invention is described in detail above.Specific case used herein is to this hair
Bright principle and embodiment is expounded, method of the invention that the above embodiments are only used to help understand and its
Core concept.It should be pointed out that for those skilled in the art, in the premise for not departing from the principle of the invention
Under, it can be with several improvements and modifications are made to the present invention, these improvement and modification also fall into the protection of the claims in the present invention
In range.
Claims (10)
1. a kind of geographic information data complex encryption system, it is characterised in that: the system is respectively arranged with IT base from the bottom up
Infrastructure layer, data Layer, logical layer and application layer, in which:
The IT infrastructure layer is used to provide infrastructure device, the normal operation of safeguards system for system;
The data Layer is used to provide the storage and inquiry of data file for system, and the data file includes key and operation day
Will;
The logical layer is for providing the interface of various processing business logics in application layer;
The application layer is used to combine local geography information authorities' encryption system and pi intelligent lock system, utilizes mixing
Encryption Algorithm realizes the compound encryption and decryption of geographic information data;
The application layer includes complex encryption management module, complex encryption crypto module, complex encryption authorization module, complex encryption
Log module, complex encryption function library module:
The complex encryption management module is used to utilize Hybrid Encryption algorithm, realizes the encryption and decryption safe place of geographic information data
Reason, including single file encryption and decryption and file encryption and decryption;
Encrypted ones processing when the complex encryption crypto module is for realizing data encrypting and deciphering, including key is newly-increased, inquiry,
It deletes;
The complex encryption authorization module for realizing complex encryption data grant use scope and time control;
The complex encryption log module is for realizing complex encryption data encrypting and deciphering and the record queries of authorization account information;
The complex encryption function library module docks for realizing the integration of complex encryption system and pi intelligent lock system.
2. geographic information data complex encryption system according to claim 1, it is characterised in that: the IT infrastructure layer
Including communication network, operating system, application server and data server.
3. geographic information data complex encryption system according to claim 1, it is characterised in that: the data Layer includes
One of SQL Server database, MySQL database, MariaDB database.
4. geographic information data complex encryption system according to claim 1, it is characterised in that: the logical layer includes close
Key management interface, data encrypting and deciphering interface, empowerment management interface, log management interface, database manipulation interface, wherein described
Cipher key management interface is corresponding with the complex encryption crypto module, the data encrypting and deciphering interface and the complex encryption management
Module is corresponding, and the empowerment management interface is corresponding with the complex encryption authorization module, the log management interface and institute
It is corresponding to state complex encryption log module, the database manipulation interface is corresponding with the complex encryption function library module.
5. geographic information data complex encryption system according to claim 1, it is characterised in that: the Hybrid Encryption algorithm
Including dynamic circulation displacement algorithm, hash algorithm and DES algorithm.
6. geographic information data complex encryption system according to claim 5, it is characterised in that: the Hybrid Encryption algorithm
When geographic information data is encrypted, the geodata information successively uses dynamic circulation displacement algorithm, Hash
Algorithm carries out staged combination with DES algorithm and is encrypted.
7. described in any item geographic information data complex encryption systems according to claim 1~6, it is characterised in that: described mixed
Closing Encryption Algorithm includes ciphertext data initial encryption process and the secondary ciphering process of ciphertext data.
8. geographic information data complex encryption system according to claim 7, it is characterised in that: the ciphertext data are initial
Ciphering process is encrypted ciphertext data using dynamic circulation displacement algorithm, and the secondary ciphering process of ciphertext data is adopted
Secondary encryption is carried out to ciphertext data with hash algorithm and DES algorithm.
9. geographic information data complex encryption system according to claim 8, it is characterised in that: the ciphertext data are initial
The processing step of ciphering process is as follows:
Step 1: original geographical information data file being converted into binary system, obtains the data F of binary representation;
Step 2: from data F=(F1,F2,…,Fn) in circulation extract data block Fi(1≤i≤n), and carried out with 0xFF with it
AND operation obtains data G;
Step 3: in data G=(G1,G2,…,Gn) in randomly select data block Gj(1≤j≤n), by data block GjIn preceding N (1≤
N≤n) position is moved to data end, and remaining low level is mended with 0 and is replaced, and binary data A is obtained, then by GjThe position (n-N) is moved to afterwards
Data header, remaining high-order mended with 0 are replaced, and binary data B is obtained;A and B is subjected to inclusive-OR operation;
Step 4: repeating step 3, completed until datacycle all in data G are displaced, obtain the ciphertext number of initial encryption
According to CF=(CF1, CF2..., CFn)。
10. geographic information data complex encryption system according to claim 8 or claim 9, it is characterised in that: the ciphertext data
Specific step is as follows for secondary ciphering process:
Step S1: the ciphertext data C that initial encryption process is obtainedFHash operations are carried out, ciphertext data C is obtainedFHashed value
HC;
Step S2: in ciphertext data CFIn randomly select ciphertext block data CFiAnd its corresponding hashed value HCi, with hashed value HCiMake
For key Keyi;
Step S3: using DES symmetric encipherment algorithm to ciphertext block data CFiSecondary encryption is carried out, and records key KeyiWith ciphertext
Data block CFiBetween corresponding relationship;
Step S4: repeating step S2 and S3, until ciphertext data CFIn all data all encryption is completed again, obtain two
Secondary encrypted ciphertext data are C_CF=(C_CF1,C_CF2..., C_CFk), while obtaining key KeyiWith ciphertext block data CFi
Correspondence set Key={ key1,key2,…,keyk, wherein 1≤k≤i.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910553420.5A CN110232288B (en) | 2019-06-25 | 2019-06-25 | Geographic information data composite encryption system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910553420.5A CN110232288B (en) | 2019-06-25 | 2019-06-25 | Geographic information data composite encryption system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110232288A true CN110232288A (en) | 2019-09-13 |
CN110232288B CN110232288B (en) | 2020-10-30 |
Family
ID=67857399
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910553420.5A Active CN110232288B (en) | 2019-06-25 | 2019-06-25 | Geographic information data composite encryption system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110232288B (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104462995A (en) * | 2014-11-28 | 2015-03-25 | 福建畅云安鼎信息科技有限公司 | Digital processing safety protection system |
CN104978363A (en) * | 2014-04-11 | 2015-10-14 | 珠海市君天电子科技有限公司 | Detection method and system of encryption algorithm |
CN105022769A (en) * | 2015-01-07 | 2015-11-04 | 泰华智慧产业集团股份有限公司 | Data interaction system of urban underground pipeline, and method thereof |
CN105553940A (en) * | 2015-12-09 | 2016-05-04 | 北京中科云集科技有限公司 | Safety protection method based on big data processing platform |
CN106713363A (en) * | 2017-02-27 | 2017-05-24 | 北京亚太东方通信网络有限公司 | Method for constructing interactive network service based on global transmission sharing |
US20180032739A1 (en) * | 2016-07-29 | 2018-02-01 | Sap Se | Encryption of application data using field-level metadata |
CN109241032A (en) * | 2018-08-16 | 2019-01-18 | 北京京东尚科信息技术有限公司 | Account book database component, operation method and storage medium |
CN109784681A (en) * | 2018-12-26 | 2019-05-21 | 中国大唐集团科学技术研究院有限公司 | Power engineering project investment management system |
-
2019
- 2019-06-25 CN CN201910553420.5A patent/CN110232288B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104978363A (en) * | 2014-04-11 | 2015-10-14 | 珠海市君天电子科技有限公司 | Detection method and system of encryption algorithm |
CN104462995A (en) * | 2014-11-28 | 2015-03-25 | 福建畅云安鼎信息科技有限公司 | Digital processing safety protection system |
CN105022769A (en) * | 2015-01-07 | 2015-11-04 | 泰华智慧产业集团股份有限公司 | Data interaction system of urban underground pipeline, and method thereof |
CN105553940A (en) * | 2015-12-09 | 2016-05-04 | 北京中科云集科技有限公司 | Safety protection method based on big data processing platform |
US20180032739A1 (en) * | 2016-07-29 | 2018-02-01 | Sap Se | Encryption of application data using field-level metadata |
CN106713363A (en) * | 2017-02-27 | 2017-05-24 | 北京亚太东方通信网络有限公司 | Method for constructing interactive network service based on global transmission sharing |
CN109241032A (en) * | 2018-08-16 | 2019-01-18 | 北京京东尚科信息技术有限公司 | Account book database component, operation method and storage medium |
CN109784681A (en) * | 2018-12-26 | 2019-05-21 | 中国大唐集团科学技术研究院有限公司 | Power engineering project investment management system |
Non-Patent Citations (2)
Title |
---|
何宗等: "基于GIS的重庆市镇街乡规划综合数据库建设", 《地理空间信息》 * |
张立朝等: "地理标记语言的通用型地理信息服务平台", 《测绘科学》 * |
Also Published As
Publication number | Publication date |
---|---|
CN110232288B (en) | 2020-10-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108830601B (en) | Smart city information safe use method and system based on block chain | |
US10348700B2 (en) | Verifiable trust for data through wrapper composition | |
CN101504706B (en) | Database information encryption method and system | |
CN102821096B (en) | Distributed storage system and file sharing method thereof | |
CN101587479B (en) | Database management system kernel oriented data encryption/decryption system and method thereof | |
CN101938497B (en) | Multistage security file structure as well as file access control and secret key management user terminal, service terminal, system and method thereof | |
CN101710380B (en) | Electronic document safety protection method | |
CN105426775B (en) | A kind of method and system for protecting smart mobile phone information security | |
CN101183384B (en) | Data processing method and device | |
CN101043326B (en) | Dynamic information encrypting system and method | |
CN102307185A (en) | Data isolation method used in storage cloud | |
CN105378649A (en) | Multiple authority data security and access | |
CN102752109A (en) | Secret key management method and device for encrypting data base column | |
CN102236766A (en) | Security data item level database encryption system | |
CN109740363A (en) | Rating documents desensitization encryption method | |
CN104376237A (en) | Safety control method and safety control system for information in production procedures | |
CN104063334A (en) | Encryption method and system based on data attributions | |
CN111008855B (en) | Retrospective data access control method based on improved proxy re-encryption | |
CN109165526A (en) | A kind of big data security and privacy guard method, device and storage medium | |
CN106326666A (en) | Health record information management service system | |
CN106330934A (en) | Distributed database system authority management method and device | |
CN113127927B (en) | Attribute reconstruction encryption method and system for license chain data sharing and supervision | |
CN110232288A (en) | Geographic information data complex encryption system | |
KR102258064B1 (en) | System and method for providing hybrid blockchain based aircraft control service | |
CN107786662A (en) | A kind of efficient communication message processing method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 400020 Jiangbei District, Chongqing electric measuring Village No. 231 Applicant after: Chongqing geographic information and Remote Sensing Application Center (Chongqing surveying and mapping product quality inspection and testing center) Address before: 400000 electric survey village, Jiangbei District, Chongqing City, No. 231 Applicant before: Chongqing Geographical Information Center |
|
CB02 | Change of applicant information | ||
GR01 | Patent grant | ||
GR01 | Patent grant |