CN114282268A - Database integrity checking method and device based on SM3 algorithm - Google Patents
Database integrity checking method and device based on SM3 algorithm Download PDFInfo
- Publication number
- CN114282268A CN114282268A CN202111509489.1A CN202111509489A CN114282268A CN 114282268 A CN114282268 A CN 114282268A CN 202111509489 A CN202111509489 A CN 202111509489A CN 114282268 A CN114282268 A CN 114282268A
- Authority
- CN
- China
- Prior art keywords
- integrity
- row
- database
- algorithm
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004422 calculation algorithm Methods 0.000 title claims abstract description 38
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000003780 insertion Methods 0.000 claims abstract description 18
- 230000037431 insertion Effects 0.000 claims abstract description 18
- 238000004364 calculation method Methods 0.000 claims description 4
- 238000012795 verification Methods 0.000 claims description 4
- 238000004590 computer program Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
Images
Abstract
The invention discloses a database integrity checking method and a device based on SM3 algorithm, wherein the method comprises the steps of obtaining a database insertion row, calculating the Hash value of all data in the row, and writing the Hash value into the integrity field of the row; updating the database, calculating the Hash values of all the affected row data, and updating the Hash values into the integer fields of the corresponding affected rows; inquiring all fields, calculating the Hash values of all data except the integer field in each row, judging whether the calculated Hash values are consistent with the values of the integer field in the original database, if so, judging the integrity is correct, otherwise, the integrity is damaged.
Description
Technical Field
The invention relates to a database integrity checking method and device based on SM3 algorithm, belonging to the technical field of power system automation.
Background
With the strong support of the state on the smart grid, the application proportion of the information network in the power system is increasing. The relational database is used as an important storage carrier in the power grid operation equipment, great convenience is brought to business application, data writing and reading are more efficient, and the structure is clearer. But the database is easy to be attacked due to the security vulnerability of the database. Important data stored in the database also has a risk of being tampered, fatal influence is brought to upper-layer business application once the data is tampered, and great potential safety hazard is brought to power grid operation when wrong data is used for calculation and analysis.
Disclosure of Invention
The invention aims to overcome the defects in the prior art, and provides a database integrity verification method and device based on an SM3 algorithm, so that the problem that upper-layer application cannot be known due to data tampering is solved, and the safety, stability and reliability of the operation of the whole power grid are improved.
In order to achieve the purpose, the invention is realized by adopting the following technical scheme:
in a first aspect, the present invention provides a database integrity checking method based on SM3 algorithm, including:
acquiring a database insertion row, calculating Hash values of all data in the row, and writing the Hash values into an integrity field of the row;
updating the database, calculating the Hash values of all the affected row data, and updating the Hash values into the integer fields of the corresponding affected rows;
inquiring all fields, calculating the Hash values of all data except the integer field in each row, judging whether the calculated Hash values are consistent with the values of the integer field in the original database, if so, judging that the integrity is correct, otherwise, the integrity is damaged.
Further, the obtaining the database insertion row, calculating a Hash value of all data of the row, and writing the Hash value into the integrity field of the row includes:
database insertion operation;
acquiring the ID of the insertion line;
inquiring all field values of the row according to the ID;
calculating the Hash value of all data of the row based on SM3 algorithm;
the Hash value is written to the integer field of the row.
Further, the updating the database, calculating Hash values of all affected row data, and updating the Hash values into the integer fields of the corresponding affected rows includes:
updating the database;
acquiring all the affected row IDs through the condition of the update statement;
acquiring all data of all affected rows;
calculating Hash values of all affected row data based on an SM3 algorithm;
and updating the Hash value calculated by each row into the integer field of the corresponding affected row.
Further, the calculating of the Hash value of all data of the row based on the SM3 algorithm includes: all fields except the integer field are concatenated into a string, and the Hash value of the string is calculated using the SM3 algorithm.
Further, when fields are queried, if some fields are queried, all fields are converted into queries.
Further, the method also comprises the following steps: and when the calculated Hash value is judged to be inconsistent with the value of the integrity field in the original database, giving a prompt of integrity damage on the human-computer interface.
In a second aspect, the present invention provides a database integrity checking apparatus based on SM3 algorithm, including:
the integrity Hash value generating unit is used for acquiring a database insertion row, calculating Hash values of all data of the row and writing the Hash values into an integrity field of the row;
the integrity Hash value updating unit is used for updating the database, calculating Hash values of all the affected row data and updating the Hash values into the integrity fields of the corresponding affected rows;
and the integrity Hash value verification unit is used for inquiring all the fields, calculating the Hash values of all the data of each row except the integrity field, judging whether the calculated Hash values are consistent with the values of the integrity field in the original database or not, if so, judging that the integrity is correct, otherwise, the integrity is damaged.
Further, the method also comprises the following steps: and the prompting unit is used for giving an integrity damaged prompt on a human-computer interface when the calculated Hash value is judged to be inconsistent with the value of the integrity field in the original database.
In a third aspect, the present invention provides a database integrity checking apparatus based on SM3 algorithm, including a processor and a storage medium;
the storage medium is used for storing instructions;
the processor is configured to operate in accordance with the instructions to perform the steps of the method according to any of the above.
In a fourth aspect, the invention provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of any of the methods described above.
Compared with the prior art, the invention has the following beneficial effects:
the invention provides a database integrity checking method and device based on SM3 algorithm, which effectively ensure the integrity of data in a relational database, can give an alarm to the last service application after the data integrity operation is damaged, prevent the tampered data from being used for service logic analysis and processing, and ensure the safety and reliability of the operation of a power grid.
Drawings
Fig. 1 is a diagram of integrity Hash generation provided by an embodiment of the present invention.
Fig. 2 is a diagram of integrity Hash update provided by an embodiment of the present invention.
Fig. 3 is a diagram of integrity Hash check according to an embodiment of the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings. The following examples are only for illustrating the technical solutions of the present invention more clearly, and the protection scope of the present invention is not limited thereby.
Example 1
The embodiment introduces a database integrity checking method based on an SM3 algorithm, which includes:
acquiring a database insertion row, calculating Hash values of all data in the row, and writing the Hash values into an integrity field of the row;
updating the database, calculating the Hash values of all the affected row data, and updating the Hash values into the integer fields of the corresponding affected rows;
inquiring all fields, calculating the Hash values of all data except the integer field in each row, judging whether the calculated Hash values are consistent with the values of the integer field in the original database, if so, judging that the integrity is correct, otherwise, the integrity is damaged.
The application process of the database integrity checking method and device based on the SM3 algorithm provided by the embodiment specifically involves the following steps:
firstly, generating an integrity Hash value:
1) database insertion operation;
2) acquiring the ID of the insertion line;
3) inquiring all field values of the row according to the ID;
4) calculating the Hash value of all data of the row based on SM3 algorithm;
5) writing the Hash value to the integer field of the row;
II, updating the integrity Hash value:
6) updating the database;
7) acquiring all the affected row IDs through the condition of the update statement;
8) acquiring all data of all affected rows;
9) calculating Hash values of all affected row data based on an SM3 algorithm;
10) updating the Hash value calculated by each line into the integer field of the corresponding affected line;
thirdly, verifying the integrity Hash value:
11) inquiring all fields, if not, converting into inquiring all fields;
12) calculating the Hash value of all data except the integer field of each line;
13) the calculated Hash value is compared with the value of the integrity field in the original database, and if the calculated Hash value is consistent with the value of the integrity field in the original database, the integrity is correct, otherwise, the integrity is damaged.
Specifically, the insertion operation in step 1) is implemented as follows: executing Insert insertion statements of the database;
specifically, the obtaining of the insertion row ID in step 2) is implemented as follows: the ID of the latest inserted row can be acquired by a LAST _ INSERT _ ID () function;
specifically, the implementation of acquiring all field values of the row where the ID is located in step 3) is as follows: acquiring all data of the line by using a select from table where ID;
specifically, in the step 4), the Hash value of all the data in the row is calculated based on the SM3 algorithm, and the calculation is implemented as follows: connecting all fields except the integer field into a character string, and calculating the Hash value of the character string by using an SM3 algorithm;
specifically, the writing of the Hash value into the integrity field of the row in the step 5) is implemented as follows: writing the Hash value calculated in 4) to the integer field of the row;
specifically, in the step 6), the database updating operation is implemented as follows: executing database update operation;
specifically, in the step 7), obtaining all the affected row IDs by updating the condition of the statement is implemented as follows: analyzing the update statement in the step 6) to obtain the ID of the updating line;
specifically, the implementation of acquiring all data of all affected rows in step 8) is as follows: acquiring the ID according to the step 7), and acquiring data of all rows through a select statement;
specifically, in the step 9), calculating the Hash values of all the affected line data based on the SM3 algorithm is implemented as follows: connecting other field values into a character string according to the integer field value of each row of all the data acquired in the step 8), and calculating the Hash value of each row by using an SM3 algorithm;
specifically, the implementation of updating the Hash value calculated by each line into the integrity field of the corresponding affected line in the step 10) is as follows: updating the Hash value of the content of each line calculated in 9) into the integrity field of the corresponding line through update operation;
specifically, all fields are queried in the step 11), and if not, the implementation of converting into querying all fields is as follows: using select to inquire all data, if some fields are inquired, processing according to select;
specifically, the calculation of the Hash value of all data except the integer field in each row in the step 12) is implemented as follows: removing the integer field of each line according to all the inquired data in 11), connecting other fields into a character string, and calculating the Hash value of the character string by using an SM3 algorithm;
specifically, the Hash value calculated in the step 13) is compared with the value of the integrity field in the original database, and if the Hash value is consistent with the value of the integrity field in the original database, the integrity is correct, otherwise, the integrity is destroyed, and the method is implemented as follows: and (4) comparing the calculated Hash with the value stored in the integrity field of the original database according to 12), if the Hash is consistent with the value stored in the integrity field of the original database, the integrity is not damaged, and otherwise, giving an integrity damage prompt on a human-computer interface.
The contents designed in the above embodiments will be described below with reference to a preferred embodiment.
Firstly, newly creating a user, namely storing a user data finger database user table;
calculating the Hash value of the storage integrity of the user name, the password and other field values by adopting an SM3 algorithm, and storing the Hash value into the integrity field of the user report;
destructively modifying any field in the user table including the integer field manually or by using a script;
logging in by using a user logging tool, reading all data of the line where the user is located, calculating the Hash values of other fields except the integer field by using the SM3 again, and giving an alarm if the calculated Hash value is inconsistent with the integer field value in the database user table, wherein the information of the user is tampered, and the data is not credible any more.
Example 2
The embodiment provides a database integrity checking device based on SM3 algorithm, including:
the integrity Hash value generating unit is used for acquiring a database insertion row, calculating Hash values of all data of the row and writing the Hash values into an integrity field of the row;
the integrity Hash value updating unit is used for updating the database, calculating Hash values of all the affected row data and updating the Hash values into the integrity fields of the corresponding affected rows;
and the integrity Hash value verification unit is used for inquiring all the fields, calculating the Hash values of all the data of each row except the integrity field, judging whether the calculated Hash values are consistent with the values of the integrity field in the original database or not, if so, judging that the integrity is correct, otherwise, the integrity is damaged.
Further, the method also comprises the following steps: and the prompting unit is used for giving an integrity damaged prompt on a human-computer interface when the calculated Hash value is judged to be inconsistent with the value of the integrity field in the original database.
Example 3
The embodiment provides a database integrity checking device based on SM3 algorithm, which comprises a processor and a storage medium;
the storage medium is used for storing instructions;
the processor is configured to operate in accordance with the instructions to perform the steps of the method according to any of embodiment 1.
Example 4
The present embodiment provides a computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, carries out the steps of the method of any of the embodiment 1.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.
Claims (10)
1. A database integrity checking method based on SM3 algorithm is characterized by comprising the following steps:
acquiring a database insertion row, calculating Hash values of all data in the row, and writing the Hash values into an integrity field of the row;
updating the database, calculating the Hash values of all the affected row data, and updating the Hash values into the integer fields of the corresponding affected rows;
inquiring all fields, calculating the Hash values of all data except the integer field in each row, judging whether the calculated Hash values are consistent with the values of the integer field in the original database, if so, judging that the integrity is correct, otherwise, the integrity is damaged.
2. The SM3 algorithm-based database integrity checking method according to claim 1, wherein: the method for acquiring the database insertion row, calculating the Hash value of all data in the row, and writing the Hash value into the integrity field of the row comprises the following steps:
database insertion operation;
acquiring the ID of the insertion line;
inquiring all field values of the row according to the ID;
calculating the Hash value of all data of the row based on SM3 algorithm;
the Hash value is written to the integer field of the row.
3. The SM3 algorithm-based database integrity checking method according to claim 1, wherein: the updating operation of the database is carried out, the Hash values of all the affected row data are calculated, and the Hash values are updated to the integer fields of the corresponding affected rows, and the updating operation comprises the following steps:
updating the database;
acquiring all the affected row IDs through the condition of the update statement;
acquiring all data of all affected rows;
calculating Hash values of all affected row data based on an SM3 algorithm;
and updating the Hash value calculated by each row into the integer field of the corresponding affected row.
4. The SM3 algorithm-based database integrity checking method according to claim 2, wherein: the SM3 algorithm-based calculation of the Hash value of all the data in the row includes: all fields except the integer field are concatenated into a string, and the Hash value of the string is calculated using the SM3 algorithm.
5. The SM3 algorithm-based database integrity checking method according to claim 1, further comprising converting to query all fields if some fields are queried when fields are queried.
6. The SM3 algorithm-based database integrity checking method of claim 1, further comprising: and when the calculated Hash value is judged to be inconsistent with the value of the integrity field in the original database, giving a prompt of integrity damage on the human-computer interface.
7. A database integrity checking apparatus based on SM3 algorithm, comprising:
the integrity Hash value generating unit is used for acquiring a database insertion row, calculating Hash values of all data of the row and writing the Hash values into an integrity field of the row;
the integrity Hash value updating unit is used for updating the database, calculating Hash values of all the affected row data and updating the Hash values into the integrity fields of the corresponding affected rows;
and the integrity Hash value verification unit is used for inquiring all the fields, calculating the Hash values of all the data of each row except the integrity field, judging whether the calculated Hash values are consistent with the values of the integrity field in the original database or not, if so, judging that the integrity is correct, otherwise, the integrity is damaged.
8. The SM3 algorithm-based database integrity checking device of claim 7, further comprising: and the prompting unit is used for giving an integrity damaged prompt on a human-computer interface when the calculated Hash value is judged to be inconsistent with the value of the integrity field in the original database.
9. A database integrity verifying device based on SM3 algorithm is characterized in that: comprising a processor and a storage medium;
the storage medium is used for storing instructions;
the processor is configured to operate in accordance with the instructions to perform the steps of the method according to any one of claims 1 to 6.
10. A computer-readable storage medium having stored thereon a computer program, characterized in that: the program when executed by a processor implements the steps of the method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111509489.1A CN114282268A (en) | 2021-12-10 | 2021-12-10 | Database integrity checking method and device based on SM3 algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111509489.1A CN114282268A (en) | 2021-12-10 | 2021-12-10 | Database integrity checking method and device based on SM3 algorithm |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114282268A true CN114282268A (en) | 2022-04-05 |
Family
ID=80871741
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111509489.1A Pending CN114282268A (en) | 2021-12-10 | 2021-12-10 | Database integrity checking method and device based on SM3 algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114282268A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115828322A (en) * | 2022-11-25 | 2023-03-21 | 中电金信软件(上海)有限公司 | Method and device for verifying integrity of data storage, electronic equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105989044A (en) * | 2015-02-04 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Database verification method and system |
| CN111625540A (en) * | 2020-05-11 | 2020-09-04 | 福建慧政通信息科技有限公司 | Method and device for verifying data synchronization integrity of relational database |
| CN111831997A (en) * | 2020-06-18 | 2020-10-27 | 华东师范大学 | Method for establishing credible relationship between client and database |
| CN113065151A (en) * | 2020-08-27 | 2021-07-02 | 开鑫金服(南京)信息服务有限公司 | Relational database information security enhancement method, system, terminal and storage medium |
| CN113704255A (en) * | 2021-08-04 | 2021-11-26 | 深圳市蜜蜂互联网络科技有限公司 | Data insertion method and device, and data verification method and device |
-
2021
- 2021-12-10 CN CN202111509489.1A patent/CN114282268A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105989044A (en) * | 2015-02-04 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Database verification method and system |
| CN111625540A (en) * | 2020-05-11 | 2020-09-04 | 福建慧政通信息科技有限公司 | Method and device for verifying data synchronization integrity of relational database |
| CN111831997A (en) * | 2020-06-18 | 2020-10-27 | 华东师范大学 | Method for establishing credible relationship between client and database |
| CN113065151A (en) * | 2020-08-27 | 2021-07-02 | 开鑫金服(南京)信息服务有限公司 | Relational database information security enhancement method, system, terminal and storage medium |
| CN113704255A (en) * | 2021-08-04 | 2021-11-26 | 深圳市蜜蜂互联网络科技有限公司 | Data insertion method and device, and data verification method and device |
Non-Patent Citations (1)
| Title |
|---|
| 徐立新等: "同时保护数据库数据保密性和完整性的方法", 《计算机工程》, 31 May 2007 (2007-05-31) * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115828322A (en) * | 2022-11-25 | 2023-03-21 | 中电金信软件(上海)有限公司 | Method and device for verifying integrity of data storage, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8782609B2 (en) | Test failure bucketing | |
| US11716349B2 (en) | Machine learning detection of database injection attacks | |
| WO2019019640A1 (en) | Simulated processing method and apparatus for order information, and storage medium and computer device | |
| CN109165209B (en) | Data verification method, device, equipment and medium for object types in database | |
| JP2003091432A (en) | Software evaluation system and software evaluation tool | |
| CN110704428A (en) | Data indexing method and device for block chain, computer equipment and storage medium | |
| CN110222028B (en) | Data management method, device, equipment and storage medium | |
| CN112039900B (en) | Network security risk detection method, system, computer device and storage medium | |
| CN103761095B (en) | Method for generating universal upgrade file head data information | |
| CN110866258A (en) | Method for quickly positioning bug, electronic device and storage medium | |
| CN108388606B (en) | Method for checking base table field names in Sql sentences and computer equipment | |
| CN114650163A (en) | Stateful network protocol-oriented fuzzy test method and system | |
| CN114282268A (en) | Database integrity checking method and device based on SM3 algorithm | |
| CN114090671A (en) | Data import method and device, electronic equipment and storage medium | |
| CN107302530B (en) | Industrial control system attack detection device based on white list and detection method thereof | |
| CN110427757A (en) | A kind of Android leak detection method, system and relevant apparatus | |
| CN108196975B (en) | Data verification method and device based on multiple checksums and storage medium | |
| CN111857860A (en) | Method and system for realizing safe loading of plug-in | |
| CN111898126B (en) | Android repackaging application detection method based on dynamically acquired user interface | |
| CN112256532A (en) | Test interface generation method and device, computer equipment and readable storage medium | |
| CN107092557A (en) | A kind of database schema upgrade script verification method and device | |
| CN106934045B (en) | System and method for migration evaluation of database | |
| CN109933351A (en) | A kind of method and apparatus of reparation and upgrading linux system | |
| CN110572371B (en) | Identity uniqueness check control method based on HTML5 local storage mechanism | |
| CN106547756B (en) | Database creation method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |