CN116956319A - Non-relational database data security protection method and system - Google Patents
Non-relational database data security protection method and system Download PDFInfo
- Publication number
- CN116956319A CN116956319A CN202310830558.1A CN202310830558A CN116956319A CN 116956319 A CN116956319 A CN 116956319A CN 202310830558 A CN202310830558 A CN 202310830558A CN 116956319 A CN116956319 A CN 116956319A
- Authority
- CN
- China
- Prior art keywords
- data
- ciphertext
- plaintext
- operation request
- relational database
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 33
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 52
- 238000004590 computer program Methods 0.000 claims description 5
- 238000012795 verification Methods 0.000 claims description 4
- 238000013500 data storage Methods 0.000 abstract description 3
- 239000003795 chemical substances by application Substances 0.000 description 25
- 238000013473 artificial intelligence Methods 0.000 description 5
- LMDZBCPBFSXMTL-UHFFFAOYSA-N 1-ethyl-3-(3-dimethylaminopropyl)carbodiimide Chemical compound CCN=C=NCCCN(C)C LMDZBCPBFSXMTL-UHFFFAOYSA-N 0.000 description 4
- 241001178520 Stomatepia mongo Species 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 3
- 238000013475 authorization Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000000605 extraction Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 241001441724 Tetraodontidae Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/06—Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
- G06F3/0601—Interfaces specially adapted for storage systems
- G06F3/0602—Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
- G06F3/062—Securing storage systems
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Human Computer Interaction (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
Abstract
The application discloses a data security protection method and system of a non-relational database, wherein the method comprises the steps of obtaining a write operation request of a data owner, encrypting written plaintext data to obtain ciphertext data, and uploading the ciphertext data to a database server; obtaining a plaintext read operation request of a data user, converting the plaintext read operation request into a ciphertext read operation request, submitting the ciphertext read operation request to a database server to obtain ciphertext data, decrypting the obtained ciphertext data, recovering the plaintext data and presenting the plaintext data to the data user. The encryption and decryption method of the data is realized by adopting an encryption and decryption algorithm (KW-ABE) based on the keyword attribute base. The application has the advantages of transparently providing data encryption storage service for the data owner and improving the security of data storage.
Description
Technical Field
The application relates to the technical field of information security, in particular to a method and a system for protecting data security of a non-relational database.
Background
With the continuous advancement of non-relational database cloud service, many users began storing data to cloud databases, including NoSQL databases, where the non-relational database MongoDB is widely used. However, the NoSQL database was developed to solve the storage and concurrent access requirements of massive data, and the security problem of the data was not considered in the design, so that the storage did not involve effective security protection measures. There are also many data security problems with mongo db, for example, early mongo db does not provide security protection for its data storage, all data is stored in plaintext form, and a super administrator can directly perform access operations such as querying, modifying, etc. on a user's data file without consent from a data source user, and there is a security risk of data leakage. The field level encryption was not introduced until the MongoDB4.2 Enterprise edition was introduced in 2019, but the automatic encryption functionality of this field level encryption was only available in MongoDB4.2 Enterprise and MongoDB Atlas 4.2 clusters, and only supported the combination of HMAC-SHA-512MAC and AES-256-CBC encryption algorithms. In order to protect the security and access controllability of the user data of the NoSQL database, a security mechanism and a protection method for data encryption storage are required to be provided for research aiming at a non-relational database (NoSQL) so as to ensure confidentiality, integrity and availability of the data stored in the non-relational database.
Disclosure of Invention
The application provides a data security protection method and system for a non-relational database, which have the advantages of transparently providing data encryption storage service for data owners and improving the security of data storage.
The technical scheme of the application is as follows:
the application provides a data security protection method for a non-relational database, which comprises the following steps of
Acquiring a write operation request of a data owner, encrypting written plaintext data to obtain ciphertext data, and uploading the ciphertext data to a database server;
obtaining a plaintext read operation request of a data user, converting the plaintext read operation request into a ciphertext read operation request, submitting the ciphertext read operation request to a database server to obtain ciphertext data, decrypting the obtained ciphertext data, recovering the plaintext data and presenting the plaintext data to the data user.
Further, encrypting the plaintext data by an encryption and decryption algorithm (KW-ABE) based on a keyword attribute base, comprising the following steps:
generating a main public key MPK and a main private key MSK associated with the key attribute through a given security parameter lambda and a key attribute set U;
generating a public key PK and a private key SK associated with the user identification ID according to the master public key MPK, the master private key MSK and the user identification ID;
generating a digital fingerprint h associated with the keyword attribute set U according to the keyword attribute set U;
and encrypting the plaintext data M according to the plaintext data M, the public key PK and the access structure T, and outputting ciphertext data C containing the access structure T.
Further, the access structure T corresponds to the plaintext data M, and the access structure T includes at least one keyword.
Further, when the ciphertext data is uploaded to the database server, the data operation request is rewritten, the encrypted ciphertext data C, the keyword digital fingerprint h and the access structure T are uploaded to the database server, and the encrypted ciphertext data C, the keyword digital fingerprint h and the access structure T are stored in the non-relational database in a ciphertext mode.
Further, in encrypting the plaintext data, any plaintext M provided by the data owner is divided into a plurality of units M i (i=1, 2,3 …, n0, and encrypting to generate the corresponding ciphertext unit c i (i=1,2,3…,n)。
Further, after obtaining a plaintext read operation request of the data user, verifying the user identification ID:
if the public key PK and the private key SK corresponding to the user identification ID exist, the user identification ID passes verification;
and if the public key PK and the private key SK corresponding to the user identification ID do not exist, rejecting the request of the data user.
Further, after a plaintext read operation request of a data user is obtained, a keyword in the plaintext read operation request is identified, a ciphertext read operation request associated with a keyword attribute set is generated, and the ciphertext read operation request is submitted to a non-relational database server to obtain a ciphertext C.
Further, the decryption method for the ciphertext data comprises the following steps:
inputting ciphertext data C, a private key SK and a public key PK, and decrypting and outputting plaintext data M if a user identification ID corresponding to the private key SK of a data user meets an access structure T in the ciphertext C; otherwise, the decryption fails.
The application provides a data security protection system of a non-relational database, which comprises a data owner, a data user, an agent component and a non-relational database server; the agent component is configured to execute the method for protecting data security of the non-relational database according to any one of the above.
The application provides a computer readable medium storing a computer program which, when invoked and run by a computer, performs any one of the above-described non-relational database data security protection methods.
In summary, the beneficial effects of the application are as follows:
1. the application can transparently provide data encryption and storage service for users, and encryption and decryption steps are carried out outside the database, so that the encryption and decryption algorithm can be flexibly selected, expanded and expanded; after encryption processing, the data is stored in a database in a ciphertext mode;
2. the user data is encrypted before entering the database, and is decrypted after being returned from the database, so that even a system administrator with the highest access right and a database administrator are difficult to identify the data information in the database system, and the safety risk that the administrator with the highest access right possibly leaks data is effectively solved;
3. the data in the database is always stored and processed in a ciphertext mode, and the database user can decrypt the data only under the condition of passing verification, so that confidentiality, integrity and availability of the user data are practically ensured.
Drawings
FIG. 1 is a schematic diagram of a non-relational database data security system of the present application;
FIG. 2 is a schematic diagram of a non-relational database data security system model of the present application;
FIG. 3 is a schematic flow chart of the key attribute-based encryption and decryption algorithm of the application;
FIG. 4 is a flow chart of the encryption and decryption agent component of the present application.
Detailed Description
The following describes in detail the embodiments of the present application with reference to the drawings.
The embodiment of the application is illustrated by taking a text MongoDB database as a specific example.
Examples: as shown in FIG. 1, the present application provides a non-relational database data security protection system, which comprises a client user, an encryption and decryption agent component, a database cluster (database server) and a non-relational database (NoSQL). The client user comprises a data owner and a data user, the database is configured with a NoSQL database firewall and a database vulnerability scanning system, the firewall is used for carrying out series analysis on access data of the client user, solving the problems of identity authentication, fine-granularity access control and the like, and simultaneously limiting the login times in unit time of the user to inhibit the database from being attacked or refused by exhaustion; meanwhile, specific characteristics can be refined based on the grammar analysis of the NoSQL database by the firewall so as to prevent NoSQL injection and CVE vulnerability attack and prevent unauthorized operation of users; and simultaneously, the encryption and decryption agent component is linked with the NoSQL firewall to ensure that only the return value acquired by the user with the access target value is plaintext, and other users can acquire the data and also are unidentifiable characters in the ciphertext form. The database vulnerability scanning system is mainly used for monitoring and sensing the security risk of the database system in real time and providing basis for timely patching or protecting by a vulnerability protection technology for an operation and maintenance management and control center.
After the database data safety protection system is started to operate, the main working steps are as follows: (1) the client user logs in and interacts with the encryption and decryption agent component; (2) the encryption and decryption agent component processes the request initiated by the client user and interacts with the database cluster, and the processed result is returned to the client user. If the MongoDB database needs to be accessed in the processing process, the encryption and decryption agent component initiates a corresponding data operation request to the database cluster; (3) the database cluster stores and manages the encrypted data, and responds to the data operation submitted by the encryption and decryption agent component.
As shown in fig. 2, the Data security protection system for the non-relational Database involves a Data Owner (DO), a Data User (DU), a non-relational Database Server (DS), and an encryption and decryption agent component (Encrypt and Decrypt the Agent Component, EDAC).
(1) DO represents a group of data owners that primarily encrypt and submit self-contained data information to a database store.
(2) DU represents a data user population. When the DU needs to retrieve data information in the database, the data stored in the database is decrypted to obtain plaintext data.
(3) The DS is used as a semi-trusted third party platform, has strong storage capacity and calculation capacity, and is mainly used for storing user data.
(4) EDAC is a core entity for realizing MongoDB database data security protection, and comprises a user access strategy authorization center, a key manager, an encryption and decryption strategy generation module and an encryption and decryption module. The encryption and decryption module is a key component thereof, and mainly performs encryption and decryption operation on data. The encryption and decryption strategy generation module can generate encryption and decryption strategies by using a supervised learning algorithm, wherein the encryption and decryption strategies comprise aggregate encryption, file encryption, field encryption and the like which are respectively judged and generated in an automatic or manual mode. The key manager is used as a trusted third party of the whole system to provide service, and the key manager has the main functions of generating and issuing a unique data encryption and decryption key PK and SK according to the keyword attribute set and the user identifier. The authorization center may be a third party trusted entity such as Public Key Infrastructure (PKI) responsible for providing security services for the client user, including registration of the user and configuration and management of its information, such as roles, access structures, etc. Multiple users may share the same key through a secure authorization. The module entities are mutually connected, for example, an encryption and decryption strategy generation module can use an algorithm and data in the encryption and decryption module.
And setting an encryption and decryption module in the proxy component, and executing encryption and decryption operation on the plaintext data of the user. The encryption and decryption module is an important module of the encryption and decryption agent component, and can execute various encryption and decryption algorithms, such as random encryption (RND), order-preserving encryption (OPE), semi-homomorphic encryption (PHE) algorithms and the like, according to encryption and decryption strategies. The application also provides an encryption and decryption algorithm (KW-ABE) based on the keyword attribute base, which aims to realize one-time encryption multi-user sharing of plaintext data through Attribute Base Encryption (ABE), and refers to FIG. 3, and the method comprises the following steps:
(1) System initialization algorithm: setup (λ, U) → { MPK, MSK }. The algorithm is executed by a key manager. Given the security parameter lambda and the key attribute set U, the algorithm is operated to generate a system master public key MPK and a master private key MSK, so that the key is associated with the key attribute.
(2) Key extraction algorithm: keyGen (MPK, MSK, ID) → { PK, SK }. The algorithm is executed by a key manager or trusted authority. The system master keys MPK, MSK and user identification ID are input, the algorithm is operated to generate a public key PK and a private key SK which are associated with the user identification ID, and the keys are associated with the user identification.
(3) Generating a digital fingerprint algorithm: SHA (U) → { h }. Given the set of key attributes U, the key manager runs the algorithm to generate a digital fingerprint h associated with the set of plaintext file key attributes U.
(4) Encryption algorithm: enc (PK, M, T) → { C }. The algorithm is executed by a data owner, a plaintext M, a public key PK and an access structure T are input, and a ciphertext C containing the access structure T is output after the plaintext M is encrypted. Only data users meeting a specific attribute set can access the data, and ciphertext is associated with an access structure.
(5) Decryption algorithm: dec (SK, C, PK) → { M }: the algorithm is executed by a data user, a ciphertext C, a private key SK and a public key PK are input, and if an ID corresponding to the private key SK of the data user meets an access structure T in the ciphertext C, the plaintext M can be correctly decrypted and output; otherwise, the decryption fails.
The method for protecting the data security of the non-relational database comprises the following steps:
acquiring a write operation request of a data owner, encrypting written plaintext data to obtain ciphertext data, and uploading the ciphertext data to a database server;
obtaining a plaintext read operation request of a data user, converting the plaintext read operation request into a ciphertext read operation request, submitting the ciphertext read operation request to a database server to obtain ciphertext data, decrypting the obtained ciphertext data, recovering the plaintext data and presenting the plaintext data to the data user.
The encryption method for the plaintext data comprises the following steps:
generating a main public key MPK and a main private key MSK associated with the key attribute through a given security parameter lambda and a key attribute set U;
generating a public key PK and a private key SK associated with the user identification ID according to the master public key MPK, the master private key MSK and the user identification ID;
generating a digital fingerprint h associated with the keyword attribute set U according to the keyword attribute set U;
and encrypting the plaintext data M according to the plaintext data M, the public key PK and the access structure T, and outputting ciphertext data C containing the access structure T. The access structure T corresponds to the plaintext data M, and the access structure T includes at least one key.
When the ciphertext data is uploaded to the database server, the data operation request is rewritten, the encrypted ciphertext data C, the keyword digital fingerprint h and the access structure T are uploaded to the database server, and the encrypted ciphertext data C, the keyword digital fingerprint h and the access structure T are stored in the non-relational database in a ciphertext mode.
In encrypting plaintext data, any plaintext M provided by a data owner is split into a number of units M i (i=1, 2,3 …, n) and encrypting to generate the corresponding ciphertext unit c i (i=1,2,3…,n)。
After acquiring a plaintext read operation request of a data user, verifying a user identification ID:
if the public key PK and the private key SK corresponding to the user identification ID exist, the user identification ID passes verification;
and if the public key PK and the private key SK corresponding to the user identification ID do not exist, rejecting the request of the data user.
After a plaintext read operation request of a data user is obtained, a keyword in the plaintext read operation request is identified, a ciphertext read operation request associated with a keyword attribute set is generated, and the ciphertext read operation request is submitted to a non-relational database server to obtain ciphertext C.
The decryption method for the ciphertext data comprises the following steps:
inputting ciphertext data C, a private key SK and a public key PK, and decrypting and outputting plaintext data M if a user identification ID corresponding to the private key SK of a data user meets an access structure T in the ciphertext C; otherwise, the decryption fails.
The data security protection method of the non-relational database is executed by the encryption and decryption agent component.
As shown in fig. 4, the workflow of the encryption and decryption agent component is as follows:
(1) And the client user initiates a plaintext operation request after registering on the encryption and decryption proxy component. The encryption and decryption agent component intercepts all plaintext data operation requests of a client user, analyzes and judges user attributes.
The user identification ID is used to limit the use authority of the key, so that the ciphertext C can only be read and decrypted by the user with the corresponding identification.
(2) Initializing a system:
(1) according to a security parameter lambda and a keyword attribute set U submitted by a user, a key manager generates a system main public key MPK and a main private key MSK;
(2) sending MPK to data owner, MSK is reserved in key manager;
(3) the Data Owner (DO) defines its own set of key attributes U and sends it to the authorization center and database server.
The key attribute set U is selected by the proxy component either based on the plaintext key submitted by the data owner or by syntactic analysis in the submitted plaintext file.
(3) Whether to write or read (query) requests is determined based on the user identification ID and its operation request.
If the user is a write operation request, then it is the Data Owner (DO). The data encryption writing operation comprises the following specific steps:
the first step, according to the request information provided, one of three encryption modes of collection, file and field is adopted for judging:
(1) encrypting identifiers of a group of files (the collection is similar to a data table in a relational database) if a collection encryption mode is adopted;
(2) if a file encryption mode is adopted, the keywords are associated with the attributes, and encryption is carried out by adopting an encryption and decryption algorithm (KW-ABE) based on the attribute base of the keywords;
(3) if the field value encryption mode is adopted, a corresponding encryption algorithm in the encryption module is called, for example, an order-preserving encryption (OPE) algorithm is selected.
Second, if the plaintext file is encrypted, the encryption module generates a public key PK and a private key SK associated with the user ID by using a key extraction algorithm KeyGen (MPK, MSK, ID) → { PK, SK }.
Third, for a given keyword attribute set U, the encryption module operates to generate a digital fingerprint algorithm SHA (U) → { h } to generate a digital fingerprint associated with the file keyword attribute set U. The digital fingerprint algorithm can be selected from MD5, SHA-256 or SM3 algorithm.
Fourth, generating encryption strategy according to the data writing operation request, and then: (1) invoking an encryption algorithm Enc (PK, M, T) and carrying out encryption operation on a plaintext by using an encryption and decryption key of a key bank in a key manager to generate a ciphertext C; (2) the data owner allocates an access structure T for the ciphertext M, which may employ a linear secret sharing scheme (LSS).
When the encryption algorithm is called for calculation according to the encryption strategy, the encryption module configures the corresponding encryption algorithm according to the encryption and decryption strategy combination. For example, when the KW-ABE algorithm is selected to encrypt the plaintext file, the encryption process is as follows: splitting arbitrary plaintext M provided by a data owner into several units M i (i=1, 2,3 …, n) and then encrypted by an encryption algorithm Enc (PK, M, T) to generate ciphertext unit c i (i=1,2,3…,n)。
Fifth, the data operation request statement is rewritten, and the encrypted ciphertext C (C i ) (i=1, 2,3 …, n), the key digital fingerprint h and the access structure T are uploaded to the NoSQL database server and stored in a non-relational database, such as a mongo db database, in ciphertext form. The database server can only see the ciphertext and does not know the encryption and decryption keys.
If it is a read operation request, it is a Data User (DU). After the encryption and decryption agent component intercepts the read operation request of the data user, the read operation mode and the keywords submitted by the data user are judged according to the read operation request information. For example, the specific steps for performing a read operation on ciphertext data encrypted by an encryption and decryption algorithm (KW-ABE) based on a keyword attribute base are as follows:
firstly, an encryption and decryption agent component identifies a read operation mode and a keyword, and calls a decryption module to send a request for using a public key PK and a private key SK associated with the user identification ID to a key manager:
(1) rejecting the request if the request of the data user cannot meet the requirement;
(2) if the data user identification ID meets the user authority authorization set, the encryption and decryption agent component rewrites the retrieval operation request, converts the plaintext read operation request into a ciphertext read operation request associated with the keyword attribute set, and submits the ciphertext read operation request to the non-relational database server to obtain the ciphertext C.
And secondly, after receiving the ciphertext read operation request, the non-relational database server returns the ciphertext C meeting the access structure T to a decryption module in the encryption and decryption proxy component.
And thirdly, after the ciphertext C is obtained by the decryption module, a corresponding decryption algorithm such as Dec (SK, C, PK) is called to perform decryption operation by using decryption keys SK and PK in a key library of the key manager, and the plaintext M is recovered. Note that: only authorized data users that are compliant with the firewall access control policy can read and decrypt the cryptographically protected data.
And fourthly, presenting the plaintext M file to a client data user.
DES, AES-256 or SM4 can be selected as encryption and decryption algorithm for character data, and blowfish algorithm can be selected as encryption and decryption algorithm for numerical data.
The encryption and decryption agent component in the non-relational database data security protection system can be realized by adopting a B/S architecture mode design of interaction between a Web application server and a database server, wherein each functional entity follows an application program interface specification, and a computer programming language such as programming by using C#, java, node. Js and the like can be selected. After the non-relational database data security protection system is started to operate, the main working flow is as follows:
1. the client user logs in the database data security protection system and initiates a plaintext operation request related to the non-relational database. The encryption and decryption agent component intercepts all plaintext data operation requests of a client user, analyzes and judges user attributes.
2. And initializing a system, and generating a system main public key MPK and a main private key MSK by using Setup (lambda, U) according to a security parameter lambda and a keyword attribute set U submitted by a user.
For example, from a plaintext file submitted by a user, a keyword attribute set $u= { KW is created 1 ,KW 2 ,KW i … } $, generating a master public key MPK and a master private key MSK by using a system initialization algorithm Setup (lambda, U) → { MPK, MSK } and storing the master public key MPK and the master private key MSK in a key manager.
3. The encryption and decryption agent component analyzes and judges whether the user operation request is a write operation or a read operation request.
(1) If the write operation request is, a specific data write operation procedure is as follows:
the first step, according to the information provided by the configuration information module, one of three encryption modes of collection, document and field is adopted for judging: (1) encrypting identifiers of a group of documents (the collection is similar to a data table in a relational database) if a collection encryption mode is adopted; (2) encrypting the key words if a file encryption mode is adopted; (3) if a field encryption mode is adopted, a corresponding encryption strategy and algorithm in the encryption module are called to encrypt the key words. For example, the key fields in the user document are name, content, phone and salary:
{ "name": "xiaowinliu", "address": { "street": "Yuhua district Longxilu 310 number", "city": "Nanjing city" }, "content": "is engaged in artificial intelligent chat robot research and development, is hard to struggle, a preliminary result", "salary": number (9600) },
{ "title" is "news eye", "content" is "chat GPT" is an artificial intelligent chat robot program developed by OpenAI, which may also be used to write malicious code to attack the network system "}," salary "is number (15000) },
in a second step, the encryption algorithm module invokes a key creation function in the key manager, generating a public key PK and a private key SK associated with the user identification ID using KeyGen (MPK, MSK, ID). For example, after the user name (xiaownliu) and the system login key (668853) are connected in series, an MD5 algorithm is adopted to generate an encryption and decryption key k (such as 17030cc92b430d5 d); the encryption and decryption key is then bound to the user attribute id and stored in the key manager.
And thirdly, the encryption algorithm module adopts an encryption algorithm, for example, an AES-256-CBC algorithm is adopted to encrypt the key word field value in the example file, an MD5 algorithm is adopted to extract the digital fingerprint h of the key word 'artificial intelligence', a Blowfish-CBC algorithm is adopted to encrypt the saly field value, and ciphertext data of binary data format types are obtained as follows.
{"name":"79f0d5f7decc273376de5b73484514e9","address":{"street":"c8021c702318ac9c8a52a2c9a1fb8d0162cde06b928d3ce95cf17aab01f736a5","cit y":"c414237c1305acabb8b72e73484514e9c77208dc3dbe"},"content":{"keywor d":"f068f0dad74789bee210163c40a4b50d","text":"c5223a7c1322ada9805299d6aedcae0144cfe05db75ba9705fe2774e985fd21f22f8385e6d11208cde2538a26de1b10d120f6187a3e67e92c3844c865380b14e6a640890c998b37918b9b561cde2991c"},"salary":"40dxVS4q/jE="}
{"title":"c70f04713e12ae8f86b72e73484514e9c77208dc3dbe","content":{"keyword":"f068f0dad74789bee210163c40a4b50d","text":"42f1d5eceef91df5a21861032d2b55a022ce8839b22fea433d9a7711e440934301a570493576302ad33905a17fd2b131310e54ac68ab7ae19cb534de65e3fa45133b3ad0a0bfcb1c3bcd17ca2a7631f8578643bb0f660f29a7d3435826090e5473176a315572ce776a27f335df835829d7e9bbbdcf3f050f6b827bb93555c47a2e47f4336270cbfd"},"salary":"4zS7lQQgfCQ="}
Meanwhile, an access structure t= $ (a1= "news eye" \and\a2= "artificial intelligence" …) $ is allocated to the ciphertext M, so that the visitor needs to provide keywords including "news eye" AND "artificial intelligence" to access the file.
And fourthly, after the encryption processing of the original plaintext writing operation request is completed, the encryption and decryption agent component rewrites the operation request and sends the encrypted ciphertext C, the keyword digital fingerprint h and the access structure T to the database server. The database server uses the native database function to store the MongoDB database in ciphertext form. For example, documents are inserted into a collection using db.liucol.insert (document) or db.liucol.save (document) statements, where liucol is the collection name.
>db.liucoll.insert({"name":"79f0d5f7decc273376de5b73484514e9","ad dress":{"street":"c8021c702318ac9c8a52a2c9a1fb8d0162cde06b928d3ce95cf17aab01f736a5","city":"c414237c1305acabb8b72e73484514e9c77208dc3dbe"},"content":{"keyword":"f068f0dad74789bee210163c40a4b50d","text":"c5223a7c1322ada9805299d6aedcae0144cfe05db75ba9705fe2774e985fd21f22f8385e6d11208cde2538a26de1b10d120f6187a3e67e92c3844c865380b14e6a640890c998b37918b9b561cde2991c","salary":"40dxVS4q/jE="})
And after the database executes the insert operation, the ciphertext file is stored. Only ciphertext can be seen at the database side and encryption and decryption keys are not known. The operation request for deleting and updating the document is similar to the above.
(2) If the read operation request is made, the encryption and decryption agent component judges the read operation mode and the search key words submitted by the data user according to the read operation request information. A specific read operation is as follows:
first, the encryption and decryption agent component first identifies the read operation mode and the search key. For example, when the read operation content contains a file with a keyword of "artificial intelligence", the decryption algorithm module is called to send a decryption key request to the key manager, and a decryption key associated with and bound to the user identification ID is obtained.
And if the data user attribute meets the user authority authorization set, the encryption and decryption agent component rewrites the retrieval operation request, converts the plaintext read operation request into a ciphertext read operation request associated with the keyword attribute set, and submits the ciphertext read operation request to the non-relational database server. For example, if the plaintext search key is W (e.g., artificial intelligence), the ciphertext search digital fingerprint h=f068f0dad 74789bee210163c40a4b50d is directly generated using the MD5 algorithm for the key W.
And thirdly, after receiving the ciphertext read operation request, the non-relational database server returns the whole ciphertext C meeting the search condition to a decryption module in the encryption and decryption proxy component.
Fourth, after obtaining the ciphertext C, the decryption module matches the decryption key (e.g., 17030cc92b430d5 d) in the keystore through the key manager, and invokes a corresponding decryption algorithm, e.g., dec (SK, C, PK), to perform decryption operation, thereby recovering the plaintext M.
Fifth, the plaintext data M is presented to the client data user.
The embodiment of the application provides a computer readable medium, which stores a computer program, wherein the computer program executes the method for protecting the data security of the non-relational database when being called and run by a computer.
The foregoing is merely a preferred embodiment of the present application, and it should be noted that modifications and improvements could be made by those skilled in the art without departing from the inventive concept, which falls within the scope of the present application.
Claims (10)
1. The method for protecting the data security of the non-relational database is characterized by comprising the following steps of
Acquiring a write operation request of a data owner, encrypting written plaintext data to obtain ciphertext data, and uploading the ciphertext data to a database server;
obtaining a plaintext read operation request of a data user, converting the plaintext read operation request into a ciphertext read operation request, submitting the ciphertext read operation request to a database server to obtain ciphertext data, decrypting the obtained ciphertext data, recovering the plaintext data and presenting the plaintext data to the data user.
2. The method for protecting data security of non-relational database according to claim 1, wherein encrypting the plain text data by a keyword attribute-based encryption and decryption algorithm (KW-ABE) comprises the steps of:
generating a main public key MPK and a main private key MSK associated with the key attribute through a given security parameter lambda and a key attribute set U;
generating a public key PK and a private key SK associated with the user identification ID according to the master public key MPK, the master private key MSK and the user identification ID;
generating a digital fingerprint h associated with the keyword attribute set U according to the keyword attribute set U;
and encrypting the plaintext data M according to the plaintext data M, the public key PK and the access structure T, and outputting ciphertext data C containing the access structure T.
3. The method for protecting data security of non-relational database according to claim 2, wherein the access structure T corresponds to plaintext data M, and the access structure T contains at least one key.
4. The method for protecting data security of non-relational database according to claim 3, wherein when the ciphertext data is uploaded to the database server, the data operation request is rewritten, the encrypted ciphertext data C, the keyword digital fingerprint h and the access structure T are uploaded to the database server, and stored in the non-relational database in the form of ciphertext.
5. The method for protecting data security of non-relational database according to claim 4, wherein any plaintext M provided by a data owner is divided into a plurality of units M when encrypting plaintext data i (i=1, 2,3 …, n) and encrypting to generate the corresponding ciphertext unit c i (i=1,2,3…,n)。
6. The method for protecting data security of non-relational database according to claim 5, wherein after obtaining a plaintext read operation request of a data user, verifying a user identification ID:
if the public key PK and the private key SK corresponding to the user identification ID exist, the user identification ID passes verification;
and if the public key PK and the private key SK corresponding to the user identification ID do not exist, rejecting the request of the data user.
7. The method for protecting data security of non-relational database according to claim 6, wherein after obtaining a plaintext read operation request of a data user, a keyword in the plaintext read operation request is identified, a ciphertext read operation request associated with a keyword attribute set is generated, and the ciphertext read operation request is submitted to a non-relational database server to obtain ciphertext C.
8. The method for protecting data security of non-relational database according to claim 7, wherein the method for decrypting ciphertext data is as follows:
inputting ciphertext data C, a private key SK and a public key PK, and decrypting and outputting plaintext data M if a user identification ID corresponding to the private key SK of a data user meets an access structure T in the ciphertext C; otherwise, the decryption fails.
9. The data security protection system of the non-relational database is characterized by comprising a data owner, a data user, a proxy component and a non-relational database server; the agent component is configured to perform the non-relational database data security method of any one of claims 1-8.
10. A computer readable medium storing a computer program, wherein the computer program, when invoked and executed by a computer, performs the method of protecting against data security of a non-relational database as claimed in any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310830558.1A CN116956319A (en) | 2023-07-07 | 2023-07-07 | Non-relational database data security protection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310830558.1A CN116956319A (en) | 2023-07-07 | 2023-07-07 | Non-relational database data security protection method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116956319A true CN116956319A (en) | 2023-10-27 |
Family
ID=88461285
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310830558.1A Pending CN116956319A (en) | 2023-07-07 | 2023-07-07 | Non-relational database data security protection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116956319A (en) |
-
2023
- 2023-07-07 CN CN202310830558.1A patent/CN116956319A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111488598B (en) | Access control method, device, computer equipment and storage medium | |
| AU2018367363B2 (en) | Processing data queries in a logically sharded data store | |
| CN111130757B (en) | Multi-cloud CP-ABE access control method based on block chain | |
| CN109074462B (en) | Method and system for verifying ownership of digital assets using distributed hash tables and peer-to-peer distributed ledgers | |
| Li et al. | A hybrid cloud approach for secure authorized deduplication | |
| Salam et al. | Implementation of searchable symmetric encryption for privacy-preserving keyword search on cloud storage | |
| KR101302135B1 (en) | Method and apparetus for encoding/decoding partial of data | |
| US11256662B2 (en) | Distributed ledger system | |
| CN112511599B (en) | Civil air defense data sharing system and method based on block chain | |
| US11128457B2 (en) | Cryptographic key generation using external entropy generation | |
| US20220209945A1 (en) | Method and device for storing encrypted data | |
| WO2019099014A1 (en) | Cryptographic key generation for logically sharded data stores | |
| CN108170753A (en) | A kind of method of Key-Value data base encryptions and Safety query in shared cloud | |
| Almutairi et al. | Survey of centralized and decentralized access control models in cloud computing | |
| Park et al. | PKIS: practical keyword index search on cloud datacenter | |
| WO2018080857A1 (en) | Systems and methods for creating, storing, and analyzing secure data | |
| Di Crescenzo et al. | Practical and privacy-preserving policy compliance for outsourced data | |
| CN116956319A (en) | Non-relational database data security protection method and system | |
| Liang et al. | A Blockchain-Based Hierarchical Storage Method for Supply Chain Data | |
| Adlam et al. | Applying Blockchain Technology to Security-Related Aspects of Electronic Healthcare Record Infrastructure | |
| Chen et al. | Memory leakage-resilient dynamic and verifiable multi-keyword ranked search on encrypted smart body sensor network data | |
| CN114579999B (en) | Dynamic verifiable keyword ciphertext retrieval method for outsourcing cloud environment | |
| Zhao et al. | Obric: Oblivious Keyword Search in Hyperledger Fabric Platform | |
| CN117235767A (en) | Document management method and device, electronic equipment and readable storage medium | |
| Nita et al. | Searchable Encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |