CN110287208A - The method and apparatus of database field encryption, storage medium - Google Patents

The method and apparatus of database field encryption, storage medium Download PDF

Info

Publication number
CN110287208A
CN110287208A CN201910448034.XA CN201910448034A CN110287208A CN 110287208 A CN110287208 A CN 110287208A CN 201910448034 A CN201910448034 A CN 201910448034A CN 110287208 A CN110287208 A CN 110287208A
Authority
CN
China
Prior art keywords
encryption
encrypted
packet
field
sql statement
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910448034.XA
Other languages
Chinese (zh)
Inventor
张适石
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Sankuai Online Technology Co Ltd
Original Assignee
Beijing Sankuai Online Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Sankuai Online Technology Co Ltd filed Critical Beijing Sankuai Online Technology Co Ltd
Priority to CN201910448034.XA priority Critical patent/CN110287208A/en
Publication of CN110287208A publication Critical patent/CN110287208A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/242Query formulation
    • G06F16/2433Query languages
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Mathematical Physics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

This disclosure relates to which a kind of method and apparatus of database field encryption, storage medium, are easy to produce omission, mistake and quite time-consuming technical problem to the ciphering process of field sensitive in database in the related technology for solving.The method of the database field encryption includes: when being inserted into SQL statement in the data base persistence layer frame for supporting SQL, to call encryption alias packet that field to be encrypted in the SQL statement is marked;Call encryption packet that the field to be encrypted after label is encrypted;Execute the SQL statement.

Description

The method and apparatus of database field encryption, storage medium
Technical field
This disclosure relates to field of information security technology, and in particular, to a kind of method and apparatus of database field encryption, Storage medium.
Background technique
With the continuous propulsion of IT application process, information assets becomes one of core asset of enterprise, how to use skill The safety of art means maintaining enterprise business datum has become enterprise's question of common concern.And as data storage and management Core component, the safety of Database Systems is extensive caused by being even more to be paid attention to.
Summary of the invention
The disclosure provides a kind of method and apparatus of database field encryption, storage medium, right in the related technology to solve The ciphering process of sensitive field is easy to produce omission, mistake and quite time-consuming technical problem in database.
To achieve the above object, the embodiment of the present disclosure in a first aspect, provide a kind of method of database field encryption, institute The method of stating includes:
When being inserted into SQL statement in the data base persistence layer frame for supporting SQL, call encryption alias packet to the SQL language Field to be encrypted is marked in sentence;
Call encryption packet that the field to be encrypted after label is encrypted;
Execute the SQL statement.
With reference to first aspect, in the first possible implementation of the first aspect, the calling encrypts alias packet pair Field to be encrypted is marked in the SQL statement, comprising:
Field to be encrypted is identified in xml by the encryption class in the encryption alias packet;
Increase marker code after the field to be encrypted identified in xml.
With reference to first aspect, in the second possible implementation of the first aspect, the calling encryption packet pair Field to be encrypted after label is encrypted, comprising:
Encrypted fields are treated by the general encryption class in the encryption packet to be encrypted.
With reference to first aspect or the first possible implementation of first aspect or second of possible realization side Formula, in a third possible implementation of the first aspect, further includes:
The encryption alias packet and encryption encapsulating are attached to jar packet so that other systems use;Wherein, described Jar packet is equipped with interface.
The third possible implementation with reference to first aspect, in the 4th kind of possible implementation of first aspect In, further includes:
The encryption alias packet and encryption encapsulating are attached to jar packet so that other systems use;Wherein, described Jar packet is equipped with interface.
The second aspect of the embodiment of the present disclosure, provides a kind of device of database field encryption, and described device includes:
Mark module when for being inserted into SQL statement in the data base persistence layer frame for supporting SQL, calls encryption alias Field to be encrypted in the SQL statement is marked in packet;
Encrypting module, for calling encryption packet that the field to be encrypted after label is encrypted;
Execution module, for executing the SQL statement.
In conjunction with second aspect, in the first possible implementation of the second aspect, the mark module includes:
Submodule is identified, for identifying field to be encrypted in xml by the encryption class in the encryption alias packet;
Submodule is marked, increases marker code after the field to be encrypted for identifying in xml.
In conjunction with second aspect, in a second possible implementation of the second aspect, the encrypting module is also used to:
Encrypted fields are treated by the general encryption class in the encryption packet to be encrypted.
In conjunction with the possible implementation of the first of second aspect or second aspect or second of possible realization side Formula, in the third possible implementation of the second aspect, further includes:
Package module, for the encryption alias packet and encryption encapsulating to be attached to jar packet for other systems It uses;Wherein, the jar packet is equipped with interface.
In conjunction with second aspect, in the fourth possible implementation of the second aspect, the mark module further include:
Confirm submodule, there are encrypted fields in the SQL statement for confirming;
Submodule is decrypted, for decrypting the encrypted fields.
The third aspect of the embodiment of the present disclosure provides a kind of computer readable storage medium, is stored thereon with computer journey The step of sequence, which realizes any one of above-mentioned first aspect the method when being executed by processor.
The fourth aspect of the embodiment of the present disclosure provides a kind of device of database field encryption, comprising:
Memory is stored thereon with computer program;And
Processor, it is any in above-mentioned first aspect to realize for executing the computer program in the memory The step of item the method.
By adopting the above technical scheme, following technical effect can at least be reached:
The disclosure by calling encryption alias packet and encryption respectively in the data base persistence layer frame for supporting SQL Packet, is marked field to be encrypted in the SQL statement and encryption, since encryption alias packet and encryption packet are treated Encrypted fields treatment process in bottom layer realization, does not need modification program, avoids directly changing code, avoid the case where changing because of leakage And cause to report an error on line, safety and efficiently realization database sensitivity field encryption, faster, it is right in the related technology to solve for access The ciphering process of sensitive field is easy to produce omission, mistake and quite time-consuming technical problem in database.
Other feature and advantage of the disclosure will the following detailed description will be given in the detailed implementation section.
Detailed description of the invention
Attached drawing is and to constitute part of specification for providing further understanding of the disclosure, with following tool Body embodiment is used to explain the disclosure together, but does not constitute the limitation to the disclosure.In the accompanying drawings:
Fig. 1 is a kind of method flow diagram of database field encryption shown in one exemplary embodiment of the disclosure.
Fig. 2 is the method flow diagram of another database field encryption shown in one exemplary embodiment of the disclosure.
Fig. 3 is the method flow diagram of another database field encryption shown in one exemplary embodiment of the disclosure.
Fig. 4 is the method flow diagram of another database field encryption shown in one exemplary embodiment of the disclosure.
Fig. 5 is a kind of device block diagram of database field encryption shown in one exemplary embodiment of the disclosure.
Fig. 6 is a kind of mark module frame of the device of database field encryption shown in one exemplary embodiment of the disclosure Figure.
Fig. 7 is the device block diagram of another database field encryption shown in one exemplary embodiment of the disclosure.
Fig. 8 is the mark module frame of the device of another database field encryption shown in one exemplary embodiment of the disclosure Figure.
Fig. 9 is a kind of device block diagram of database field encryption shown in one exemplary embodiment of the disclosure.
Specific embodiment
It is described in detail below in conjunction with specific embodiment of the attached drawing to the disclosure.It should be understood that this place is retouched The specific embodiment stated is only used for describing and explaining the disclosure, is not limited to the disclosure.
The safety of Database Systems is mainly the confidentiality issue for being sensitive data, and most effective means are exactly to carry out Encryption.In the related technology, it is the code block for combing sensitive field insertion and inquiry to the encryption method of sensitive data, successively carries out Modification carries out encryption and decryption.And the scheme encrypted in the related technology is in service layers (service layers) or manager layers of (management Layer) modification code, being easy to produce omission leads to mistake on line, and quite time-consuming.
Fig. 1 is a kind of method flow diagram of database field encryption shown in one exemplary embodiment of the disclosure, to solve Omission, mistake and quite time-consuming technical problem are easy to produce to the ciphering process of field sensitive in database in the related technology. As shown in Figure 1, the method for the database field encryption may comprise steps of:
S11 when being inserted into SQL statement in the data base persistence layer frame for supporting SQL, calls encryption alias packet to described Field to be encrypted is marked in SQL statement.
S12 calls encryption packet that the field to be encrypted after label is encrypted.
S13 executes the SQL statement.
The technical solution of the disclosure can be realized based on Mybatis bottom extension function, wherein MyBatis is to support to determine Inhibition and generation SQL, storing process and the outstanding Persistence Layer Framework of advanced mapping.MyBatis avoids almost all of JDBC generation Code and manual setting parameter and acquisition result set.MyBatis can use simple XML or note to configuration and primary Map, The POJOs (Plain Old Java Objects, common Java object) of interface and Java are mapped to the note in database Record.
In step s 11, when being inserted into SQL statement in the data base persistence layer frame for supporting SQL, encryption alias packet is called Field to be encrypted in the SQL statement is marked.Wherein, the encryption alias packet is provided in the Persistence Layer Framework, It can be called to identify the field to be encrypted in the SQL statement in Persistence Layer Framework, and then in the SQL statement The field to be encrypted be marked.
After field to be encrypted is marked in the SQL statement, step S12 is executed, calls encryption packet to label Field to be encrypted afterwards is encrypted.Wherein, the encryption packet is provided in the Persistence Layer Framework, can held In long layer frame it is called to that the field to be encrypted marked in the SQL statement is encrypted.The encryption packet It treats after encrypted fields are encrypted, executes step S13, execute the SQL statement.
The disclosure by calling encryption alias packet and encryption respectively in the data base persistence layer frame for supporting SQL Packet, is marked field to be encrypted in the SQL statement and encryption, since encryption alias packet and encryption packet are treated Encrypted fields treatment process in bottom layer realization, does not need modification program, avoids directly changing code, avoid the case where changing because of leakage And cause to report an error on line, safety and efficiently realization database sensitivity field encryption, faster, it is right in the related technology to solve for access The ciphering process of sensitive field is easy to produce omission, mistake and quite time-consuming technical problem in database.
It is worth noting that for simple description, therefore, it is stated as a systems for embodiment of the method shown in FIG. 1 The combination of actions of column, but those skilled in the art should understand that, the disclosure is not limited by the described action sequence.Its It is secondary, those skilled in the art should also know that, the embodiments described in the specification are all preferred embodiments, related dynamic Make necessary to the not necessarily disclosure.
Fig. 2 is a kind of method flow diagram of database field encryption shown in one exemplary embodiment of the disclosure, to solve In the related technology to the ciphering process of field sensitive in database be easy to produce omission, mistake than with and quite time-consuming technology ask Topic.As shown in Fig. 2, the method for the database field encryption may comprise steps of:
S21, when being inserted into SQL statement in the data base persistence layer frame for supporting SQL, by the encryption alias packet Encryption class identifies field to be encrypted in xml.
S22 increases marker code after the field to be encrypted identified in xml.
S23 treats encrypted fields by the general encryption class in the encryption packet and is encrypted.
S24 executes the SQL statement.
The technical solution of the disclosure can be realized based on Mybatis bottom extension function, wherein MyBatis is to support to determine Inhibition and generation SQL, storing process and the outstanding Persistence Layer Framework of advanced mapping.MyBatis avoids almost all of JDBC generation Code and manual setting parameter and acquisition result set.MyBatis can use simple XML or note to configuration and primary Map, The POJOs (Plain Old Java Objects, common Java object) of interface and Java are mapped to the note in database Record.
In the step s 21, when being inserted into SQL statement in the data base persistence layer frame for supporting SQL, encryption alias packet is called In encryption class field to be encrypted is identified in xml.Wherein, the encryption alias packet is provided in the Persistence Layer Framework, can With the field to be encrypted for being called to identify in Persistence Layer Framework in the SQL statement, and then in the SQL statement The field to be encrypted is marked.
When initializing SessionFactory in Mybatis, while initializing encryptAliasesPackage and (adding Mi Biemingbao) and encryptHandlersPackage (encryption packet) two attributes.When being inserted into SQL statement, firstly, Encryption class (i.e. Encrypt) in encryptAliasesPackage in xml for identifying encrypted fields;
After identifying encrypted fields in xml, step S22 is executed, increases mark after the field to be encrypted identified in xml Remember code.For example, increasing marker code after wanting the field encrypted in xml: javaType=" encrypt " be can be completed Label.
After field to be encrypted is marked in the SQL statement, step S23 is executed, it is logical in the encryption packet It is encrypted with encryption class by calling encryption base class to treat encrypted fields.Wherein, the encryption packet It is provided in the Persistence Layer Framework, can be called in Persistence Layer Framework to be encrypted to what is marked in the SQL statement Field is encrypted.For example, can be by encryptHandlersPackage (encryption packet) CommonEncryptHandler class (general encryption class) calls EncryptBaseTypeHandler<String>(to add Close processing base class) realize the encryption of field to be encrypted.
The encryption packet is treated after encrypted fields are encrypted, and is executed step S24, is executed the SQL statement.
The disclosure by calling encryption alias packet and encryption respectively in the data base persistence layer frame for supporting SQL Packet, is marked field to be encrypted in the SQL statement and encryption, since encryption alias packet and encryption packet are treated Encrypted fields treatment process in bottom layer realization, does not need modification program, avoids directly changing code, avoid the case where changing because of leakage And cause to report an error on line, safety and efficiently realization database sensitivity field encryption, faster, it is right in the related technology to solve for access The ciphering process of sensitive field is easy to produce omission, mistake and quite time-consuming technical problem in database.
It is worth noting that for simple description, therefore, it is stated as a systems for embodiment of the method shown in Fig. 2 The combination of actions of column, but those skilled in the art should understand that, the disclosure is not limited by the described action sequence.Its It is secondary, those skilled in the art should also know that, the embodiments described in the specification are all preferred embodiments, related dynamic Make necessary to the not necessarily disclosure.
Fig. 3 is a kind of method flow diagram of database field encryption shown in one exemplary embodiment of the disclosure, to solve Omission, mistake and quite time-consuming technical problem are easy to produce to the ciphering process of field sensitive in database in the related technology. As shown in figure 3, the method for the database field encryption may comprise steps of:
S31, when being inserted into SQL statement in the data base persistence layer frame for supporting SQL, by the encryption alias packet Encryption class identifies field to be encrypted in xml.
S32 increases marker code after the field to be encrypted identified in xml.
S33 treats encrypted fields by the general encryption class in the encryption packet and is encrypted.
S34 executes the SQL statement.
The encryption alias packet and encryption encapsulating are attached to jar packet so that other systems use by S35;Wherein, The jar packet is equipped with interface.
The technical solution of the disclosure can be realized based on Mybatis bottom extension function, wherein MyBatis is to support to determine Inhibition and generation SQL, storing process and the outstanding Persistence Layer Framework of advanced mapping.MyBatis avoids almost all of JDBC generation Code and manual setting parameter and acquisition result set.MyBatis can use simple XML or note to configuration and primary Map, The POJOs (Plain Old Java Objects, common Java object) of interface and Java are mapped to the note in database Record.
In step S31, when being inserted into SQL statement in the Persistence Layer Framework for supporting SQL, adding in encryption alias packet is called Close class identifies field to be encrypted in xml.Wherein, the encryption alias packet is provided in the Persistence Layer Framework, can held Be called to identify the field to be encrypted in the SQL statement in long layer frame, so to described in the SQL statement to Encrypted fields are marked.
When initializing SessionFactory in Mybatis, while initializing encryptAliasesPackage and (adding Mi Biemingbao) and encryptHandlersPackage (encryption packet) two attributes.When being inserted into SQL statement, firstly, Encryption class (i.e. Encrypt) in encryptAliasesPackage in xml for identifying encrypted fields;
After identifying encrypted fields in xml, step S32 is executed, increases mark after the field to be encrypted identified in xml Remember code.For example, increasing marker code after wanting the field encrypted in xml: javaType=" encrypt " be can be completed Label.
After field to be encrypted is marked in the SQL statement, step S33 is executed, it is logical in the encryption packet It is encrypted with encryption class by calling encryption base class to treat encrypted fields.Wherein, the encryption packet It is provided in the Persistence Layer Framework, can be called in Persistence Layer Framework to be encrypted to what is marked in the SQL statement Field is encrypted.For example, can be by encryptHandlersPackage (encryption packet) CommonEncryptHandler class (general encryption class) calls EncryptBaseTypeHandler<String>(to add Close processing base class) realize the encryption of field to be encrypted.The encryption packet is treated after encrypted fields are encrypted, and is held The row SQL statement.
In view of the disclosure is applicable in all systems, optionally, step S35 is can also be performed in the disclosure, and the encryption is other Name packet and encryption encapsulating are attached to jar packet so that other systems use;Wherein, the jar packet is equipped with interface.For example, EncryptHandlersPackage and encrptAliasesPackage two packets are extracted and be encapsulated into individual jar Packet facilitates other systems to use.Consider that the encryption method of each system is different simultaneously, jar packet only provides interface, really adds Decryption method is defined in each system, and encrypted code (i.e. encryption method) can be injected by each system by the interface of jar packet In jar packet, so that the encryption packet in jar packet is treated encrypted fields according to the encryption method of injection and is encrypted.
The disclosure is attached in jar packet by that will encrypt alias packet and encryption encapsulating, and then can be able to use all System improves user experience so that different systems can use the encipherment scheme of the disclosure.
It is worth noting that for simple description, therefore, it is stated as a systems for embodiment of the method shown in Fig. 3 The combination of actions of column, but those skilled in the art should understand that, the disclosure is not limited by the described action sequence.Its It is secondary, those skilled in the art should also know that, the embodiments described in the specification are all preferred embodiments, related dynamic Make necessary to the not necessarily disclosure.
Fig. 4 is a kind of method flow diagram of database field encryption shown in one exemplary embodiment of the disclosure, to solve Omission, mistake and quite time-consuming technical problem are easy to produce to the ciphering process of field sensitive in database in the related technology. As shown in Figure 1, the method for the database field encryption may comprise steps of:
S41 confirms and exists in the SQL statement when being inserted into SQL statement in the data base persistence layer frame for supporting SQL Encrypted fields.
S42 decrypts the encrypted fields.
S43 identifies field to be encrypted by the encryption class in the encryption alias packet in xml.
S44 increases marker code after the field to be encrypted identified in xml.
S45 treats encrypted fields by the general encryption class in the encryption packet and is encrypted.
S46 executes the SQL statement.
The encryption alias packet and encryption encapsulating are attached to jar packet so that other systems use by S47;Wherein, The jar packet is equipped with interface.
In view of the old data of some in database or unencryption, in order to realize compatibility, step S41 is first carried out, confirms There are encrypted fields in the SQL statement, that is, it is overstocked to first determine whether old data have added, if encryption thens follow the steps S42 decrypts the encrypted fields;Otherwise, step S43 is executed.
It specifically can be by two attribute isEncrypt and isHaveEncryptJudge in bean (class) come real It is existing: where isEncrypt is for judging whether to encrypt, and when gray scale is online in order to prevent, the machine that do not issue, which is found out, have been added Close data, setting false (decryption but do not encrypt) when can be online for the first time, second online to be changed to true (encryption solves again It is close);IsHaveEncryptJudge is overstocked for judging whether to have added before decrypting, after gray scale is online, it can be provided False, when decryption, determine whether to have added overstocked, do not encrypt then directly return, realize the compatibility of decryption, logic therein It may is that a character string includes more than two letters, be taken as encrypted (considering that identity card may include a letter).
It is worth noting that for simple description, therefore, it is stated as a systems for embodiment of the method shown in Fig. 4 The combination of actions of column, but those skilled in the art should understand that, the disclosure is not limited by the described action sequence.Its It is secondary, those skilled in the art should also know that, the embodiments described in the specification are all preferred embodiments, related dynamic Make necessary to the not necessarily disclosure.
Fig. 5 is a kind of device of database field encryption shown in one exemplary embodiment of the disclosure.As shown in figure 5, institute The device 300 for stating database field encryption includes:
Mark module 310 when for being inserted into SQL statement in the data base persistence layer frame for supporting SQL, calls encryption other Field to be encrypted in the SQL statement is marked in name packet;
Encrypting module 320, for calling encryption packet that the field to be encrypted after label is encrypted;
Execution module 330, for executing the SQL statement.
Optionally, as shown in fig. 6, the mark module 310 includes:
Submodule 311 is identified, for identifying field to be encrypted in xml by the encryption class in the encryption alias packet;
Submodule 312 is marked, increases marker code after the field to be encrypted for identifying in xml.
Optionally, the encrypting module 320 is also used to:
Encrypted fields are treated by the general encryption class in the encryption packet to be encrypted.
Optionally, as shown in fig. 7, the device 300 of the database field encryption is in addition to including mark module 310, encryption Outside module 320 and execution module 330, further includes:
Package module 340, for the encryption alias packet and encryption encapsulating to be attached to jar packet for other systems System uses;Wherein, the jar packet is equipped with interface.
Optionally, as shown in figure 8, the mark module 310 is in addition to including identification submodule 311 and label submodule 312 Outside, further includes:
Confirm submodule 313, there are encrypted fields in the SQL statement for confirming;
Submodule 314 is decrypted, for decrypting the encrypted fields.
About the device in above-described embodiment, wherein modules execute the concrete mode of operation in related this method Embodiment in be described in detail, no detailed explanation will be given here.
The disclosure also provides a kind of computer readable storage medium, is stored thereon with computer program, and the program is processed The method and step of database field encryption described in any of the above-described alternative embodiment is realized when device executes.
The disclosure also provides a kind of device of database field encryption, comprising:
Memory is stored thereon with computer program;And
Processor, for executing the computer program in the memory, to realize the optional implementation of any of the above-described The method and step of the example database field encryption.
Fig. 9 is a kind of block diagram of the device 400 of database field encryption shown according to an exemplary embodiment.Such as Fig. 9 Shown, which may include: processor 401, memory 402, multimedia component 403, input/output (I/O) interface 404 and communication component 405.
Wherein, processor 401 is used to control the integrated operation of the device 400, to complete above-mentioned database field encryption Method in all or part of the steps.Memory 402 is for storing various types of data to support the behaviour in the device 400 Make, these data for example may include the instruction of any application or method for operating on the device 400, Yi Jiying With the relevant data of program.The memory 402 can by any kind of volatibility or non-volatile memory device or they Combination realize that such as static random access memory (Static Random Access Memory, abbreviation SRAM), electricity can Erasable programmable read-only memory (EPROM) (Electrically Erasable Programmable Read-Only Memory, referred to as EEPROM), Erasable Programmable Read Only Memory EPROM (Erasable Programmable Read-Only Memory, abbreviation EPROM), programmable read only memory (Programmable Read-Only Memory, abbreviation PROM), read-only memory (Read-Only Memory, abbreviation ROM), magnetic memory, flash memory, disk or CD.Multimedia component 403 can wrap Include screen and audio component.Wherein screen for example can be touch screen, and audio component is used for output and/or input audio signal. For example, audio component may include a microphone, microphone is for receiving external audio signal.The received audio signal can To be further stored in memory 402 or be sent by communication component 405.Audio component further includes at least one loudspeaker, For output audio signal.I/O interface 404 provides interface, other above-mentioned interfaces between processor 401 and other interface modules Module can be keyboard, mouse, button etc..These buttons can be virtual push button or entity button.Communication component 405 is used for Wired or wireless communication is carried out between the device 400 and other equipment.Wireless communication, such as Wi-Fi, bluetooth, near-field communication (Near Field Communication, abbreviation NFC), 2G, 3G or 4G or they one or more of combination, therefore The corresponding communication component 405 may include: Wi-Fi module, bluetooth module, NFC module.
In one exemplary embodiment, device 400 can be by one or more application specific integrated circuit (Application Specific Integrated Circuit, abbreviation ASIC), digital signal processor (Digital Signal Processor, abbreviation DSP), digital signal processing appts (Digital Signal Processing Device, Abbreviation DSPD), programmable logic device (Programmable Logic Device, abbreviation PLD), field programmable gate array (Field Programmable Gate Array, abbreviation FPGA), controller, microcontroller, microprocessor or other electronics member Part realization, the method for executing above-mentioned database field encryption.
In a further exemplary embodiment, a kind of computer readable storage medium including program instruction, example are additionally provided It such as include the memory 402 of program instruction, above procedure instruction can be executed above-mentioned to complete by the processor 401 of device 400 The method of database field encryption.
The preferred embodiment of the disclosure is described in detail in conjunction with attached drawing above, still, the disclosure is not limited to above-mentioned reality The detail in mode is applied, in the range of the technology design of the disclosure, a variety of letters can be carried out to the technical solution of the disclosure Monotropic type, these simple variants belong to the protection scope of the disclosure.
It is further to note that specific technical features described in the above specific embodiments, in not lance In the case where shield, it can be combined in any appropriate way.In order to avoid unnecessary repetition, the disclosure to it is various can No further explanation will be given for the combination of energy.
In addition, any combination can also be carried out between a variety of different embodiments of the disclosure, as long as it is without prejudice to originally Disclosed thought equally should be considered as disclosure disclosure of that.

Claims (10)

1. a kind of method of database field encryption, which is characterized in that the described method includes:
When being inserted into SQL statement in the data base persistence layer frame for supporting SQL, call encryption alias packet in the SQL statement Field to be encrypted is marked;
Call encryption packet that the field to be encrypted after label is encrypted;
Execute the SQL statement.
2. the method according to claim 1, wherein the calling encrypt alias packet in the SQL statement to Encrypted fields are marked, comprising:
Field to be encrypted is identified in xml by the encryption class in the encryption alias packet;
Increase marker code after the field to be encrypted identified in xml.
3. the method according to claim 1, wherein the calling encryption packet is to the word to be encrypted after label Section is encrypted, comprising:
Encrypted fields are treated by the general encryption class in the encryption packet to be encrypted.
4. according to the method in any one of claims 1 to 3, which is characterized in that further include:
The encryption alias packet and encryption encapsulating are attached to jar packet so that other systems use;Wherein, the jar Packet is equipped with interface.
5. the method according to claim 1, wherein the calling encrypt alias packet in the SQL statement to Encrypted fields are marked, further includes:
Confirm that there are encrypted fields in the SQL statement;
Decrypt the encrypted fields.
6. a kind of device of database field encryption, which is characterized in that described device includes:
Mark module when for being inserted into SQL statement in the data base persistence layer frame for supporting SQL, calls encryption alias packet pair Field to be encrypted is marked in the SQL statement;
Encrypting module, for calling encryption packet that the field to be encrypted after label is encrypted;
Execution module, for executing the SQL statement.
7. device according to claim 6, which is characterized in that the mark module includes:
Submodule is identified, for identifying field to be encrypted in xml by the encryption class in the encryption alias packet;
Submodule is marked, increases marker code after the field to be encrypted for identifying in xml.
8. device according to claim 6, which is characterized in that the encrypting module is also used to:
Encrypted fields are treated by the general encryption class in the encryption packet to be encrypted.
9. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the program is held by processor The step of any one of claims 1 to 5 the method is realized when row.
10. a kind of device of database field encryption characterized by comprising
Memory is stored thereon with computer program;And
Processor, for executing the computer program in the memory, to realize any one of claims 1 to 5 institute The step of stating method.
CN201910448034.XA 2019-05-27 2019-05-27 The method and apparatus of database field encryption, storage medium Pending CN110287208A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910448034.XA CN110287208A (en) 2019-05-27 2019-05-27 The method and apparatus of database field encryption, storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910448034.XA CN110287208A (en) 2019-05-27 2019-05-27 The method and apparatus of database field encryption, storage medium

Publications (1)

Publication Number Publication Date
CN110287208A true CN110287208A (en) 2019-09-27

Family

ID=68002595

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910448034.XA Pending CN110287208A (en) 2019-05-27 2019-05-27 The method and apparatus of database field encryption, storage medium

Country Status (1)

Country Link
CN (1) CN110287208A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111079188A (en) * 2019-12-27 2020-04-28 苏州海管家物流科技有限公司 mybatis field encryption and decryption device and encryption and decryption system
CN111125224A (en) * 2019-12-21 2020-05-08 广州鲁邦通物联网科技有限公司 Method and system for realizing automatic encryption and decryption of database data in Java program
CN111552698A (en) * 2020-04-21 2020-08-18 重庆富民银行股份有限公司 SQL version control system and method for solving environmental difference

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105022966A (en) * 2015-07-21 2015-11-04 郭俊雄 Database data encryption and decryption method and system
CN107239476A (en) * 2016-03-29 2017-10-10 上海琨视电子科技有限公司 A kind of development approach of lightweight SQL database website
CN109284302A (en) * 2018-08-10 2019-01-29 新华三大数据技术有限公司 Data processing method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105022966A (en) * 2015-07-21 2015-11-04 郭俊雄 Database data encryption and decryption method and system
CN107239476A (en) * 2016-03-29 2017-10-10 上海琨视电子科技有限公司 A kind of development approach of lightweight SQL database website
CN109284302A (en) * 2018-08-10 2019-01-29 新华三大数据技术有限公司 Data processing method and device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111125224A (en) * 2019-12-21 2020-05-08 广州鲁邦通物联网科技有限公司 Method and system for realizing automatic encryption and decryption of database data in Java program
CN111125224B (en) * 2019-12-21 2021-07-16 广州鲁邦通物联网科技有限公司 Method and system for realizing automatic encryption and decryption of database data in Java program
CN111079188A (en) * 2019-12-27 2020-04-28 苏州海管家物流科技有限公司 mybatis field encryption and decryption device and encryption and decryption system
CN111079188B (en) * 2019-12-27 2022-04-15 苏州海管家物流科技有限公司 mybatis field encryption and decryption device and encryption and decryption system
CN111552698A (en) * 2020-04-21 2020-08-18 重庆富民银行股份有限公司 SQL version control system and method for solving environmental difference

Similar Documents

Publication Publication Date Title
EP3474209A1 (en) Storing blockchain private keys in a sim card
CN106599629B (en) Android application program reinforcing method and device
CN110287208A (en) The method and apparatus of database field encryption, storage medium
CN103907308A (en) Host device, semiconductor memory device, and authentication method
CN113010856A (en) Dynamic asymmetric encryption and decryption JavaScript code obfuscation method and system
CN107196907A (en) A kind of guard method of Android SO files and device
CN103971034A (en) Method and device for protecting Java software
CN102799815B (en) A kind of method and apparatus of safe loading procedure storehouse
CN105975867A (en) Data processing method
CN103929312A (en) Mobile terminal and method and system for protecting individual information of mobile terminal
CN103853943A (en) Program protection method and device
CN105653902B (en) Software registration method and device register code generating method and device
CN107423583B (en) A kind of software protecting device remapping method and device
CN107871066A (en) code compiling method and device based on Android system
CN100367144C (en) Architecture for encrypted application progam installation
CN108416224A (en) A kind of data encryption/decryption method and device
EP2689367B1 (en) Data protection using distributed security key
CN117592069A (en) Encryption and decryption method and system for external mobile storage medium
CN109344656A (en) A kind of data encrypting/de-encrypling method of database, device and equipment
CN109977692B (en) Data processing method and device, storage medium and electronic equipment
CN110008724B (en) Solid state hard disk controller safe loading method and device and storage medium
CN111859226A (en) Page jump method, device and related equipment
CN108234125A (en) For the system and method for authentication
CN108881106B (en) System and method for network electronic identity verification
CN115809480A (en) Privacy protection method for fine-grained cross-chain transaction data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination