CN1786963A

CN1786963A - Method for searching data base ciphertext

Info

Publication number: CN1786963A
Application number: CN 200510130907
Authority: CN
Inventors: 曾致中
Original assignee: Individual
Current assignee: Individual
Priority date: 2005-07-21
Filing date: 2005-12-08
Publication date: 2006-06-14

Abstract

The invention is a method for realizing fast cryptograph inquiry in database by auxiliary data structure, comprising the steps of establishing an auxiliary data structure, maintaining the auxiliary data structure and making cryptograph inquiry and its technical key points: by establishing a list-stored auxiliary data structure in the database for the fields to realize cryptograph inquiry, inserting the maintaining operation on the auxiliary data structure in the daily operation of the database and using the auxiliary data structure to inquire the cryptographic fields. The invention makes the database system originally not supporting cryptograph inquiry able to make high efficiency cryptograph inquiry on the cryptographic fields and can select encryption algorithms and secret keys by users and can assure the consistency of the whole database system and the accuracy and integrity of the cryptograph searching and other database operations. The invention can be applied to the database systems of the governments, armies and large-scale enterprises to be able to improve the system safety and strengthen the system practicality.

Description

A kind of method of database cryptogram search

Technical field

The invention belongs to Computer Database and information security association area.Be specifically related to the encrypted fields in the database is realized the method for high efficiency condition inquiry.

Background technology

Because safety issue is outstanding, encrypt to ensure its security sensitive data in the more and more data storehouse.Because now the data base management system (DBMS) overwhelming majority is by external import, but supports the general data base management system of cryptogram search to misalign state's outlet at first abroad, and how underground external data base management system (DBMS) source code is, has safe back door and leak probably; Secondly in order to raise the efficiency, more and more enterprises is transferred to special organization management and maintenance with software and data, if key management and the encryption and decryption process is implemented by data base management system (DBMS) then the power of data base administration side is excessive, be unfavorable for the security of total system, so be necessary to develop a kind of database encryption and decryption technology that is independent of the support cryptogram search of data base management system (DBMS), the daily servicing optimization of safety management and software, data be separated.Because after encrypting, originally the partial ordering relation that had between the data will be lost, thereby can't accelerate range query by setting up index to encrypt data, thereby can only carry out range query to the unencrypted field, and can not carry out range query to the field of encrypting.This has influenced the effectiveness of database greatly.In order to address this problem, the general now method that adopts homomorphic cryptography and ciphertext index.

Homomorphic cryptography is by designing new cryptographic algorithm, make ciphertext keep the partial ordering relation of original plaintext to a certain extent, feasible inquiry to a scope in the plaintext can be converted to the inquiry to several new ranges in the ciphertext, thereby can be by ciphertext being set up index and being revised the data base manipulation statement of inquiring about and realize cryptogram search fast.Its Cipher Strength of this homomorphic cryptography a little less than, be easy to be broken; Ciphertext index is meant the partial ordering relation of setting up an index file record ciphertext outside database in addition, when inquiry, by corresponding program retrieval this document, draw the ciphertext item set that satisfies condition earlier, the constructs database action statement retrieves the record that contains these ciphertext item from database again.This method can adopt the algorithm of high Cipher Strength, but, because index file is not the part of database, data base management system (DBMS) can't be carried out concurrent control and fault recovery to it, thereby can't guarantee consistance between database and the index file, and can't make full use of the query optimization mechanism of former data base management system (DBMS), search efficiency is lower, and function and efficient are a greater impact when the compound condition inquiry of the range query of realizing relating to the ciphertext field.

Summary of the invention

Technical matters to be solved by this invention is: the method that a kind of database cryptogram search is provided, make original Database Systems of cryptogram search of not supporting to carry out efficient scope and equivalent inquiry to encrypted fields, and can select cryptographic algorithm and key arbitrarily for use by the user, and the affair mechanism that can make full use of legacy data storehouse system guarantees the consistance of entire database, guarantee correctness, the integrality of searching ciphertext result and other database manipulation, and function and efficient are unaffected when the compound condition inquiry of the range query of realizing relating to the ciphertext field.

The technical solution adopted for the present invention to solve the technical problems is as follows:

The present invention is to provide a kind of method of utilizing the quick cryptogram search of secondary data structure fulfillment database, it comprises sets up secondary data structure, safeguards secondary data structure and carries out the step of cryptogram search, specific as follows:

(1) set up secondary data structure:

Its step comprises:

1) which field in which table in the specified data storehouse need be carried out cryptogram search,

2) for the field m among each the such table a that determines, set up corresponding secondary data structure,

3), when its data volume is in peak value, should have following feature at least for the secondary data structure of being set up:

(a) at least with one in database table storage,

(b) comprise two levels at least, each level comprises a piece at least, piece and level are by the predefined feature identification object together or the set of record, have one in all pieces at least and comprise the index entry that number is not more than a predefined value, index entry is stored in object or the record, have at least to comprise at least one ciphertext field in the index entry, the height relation of level is determined by predefined feature

(c) have two adjacent levels of a pair of height at least, wherein have an index entry that satisfies following contact relation in the higher level at least: it is by the points relationship of its at least one reference type field, or by its at least one field and the relation of the field of a low level medium value, interrelate with the index entry at least one piece in the lower level or the piece

(d) in all index entries, has an index entry x at least, if x is the index entry that has in the higher level of the described contact of feature (c) relation, then at least for the piece at its piece of getting in touch or its index entry place of getting in touch, if it is y, so, the plaintext of at least one the ciphertext field at least one index entry among the y satisfies predefined mathematical relation with the plaintext of at least one ciphertext field among the index entry x

(e) at least for a pair of with index entry z and w in one deck, and the ciphertext field k of the ciphertext field j of z and w, wherein z has feature, (c) index entry in the higher level of described contact relation, if the plaintext of j and k satisfies predefined mathematical relation, then: at least for the piece that z got in touch or the piece u at its index entry place of getting in touch, the plaintext of at least one ciphertext field of at least one index entry among the u satisfies predefined mathematical relation with the plaintext of ciphertext field k

(f) in the end in one deck, at least one index entry satisfies following contact relation: it is by the points relationship of its at least one reference type field, or by its relation of field of at least one field and a table medium value, at least one record or object in showing with a interrelate

(g) at least for an index entry in last one deck, if it is v, if v is index entry of the contact relation in (f) of satisfying condition, then the plaintext of at least one m field that writes down in the plaintext of at least one ciphertext field of v and these records that interrelate with it satisfies predefined mathematical relation

(2) safeguard secondary data structure:

The steps include:

Field to needs realization cryptogram search is made amendment, when comprising insertion, deletion, renewal, should be according to modification requirement to database, by the inquiry of secondary data structure being determined and being carried out its attended operation, and the transaction management mechanism of utilizing database guarantees consistance, the integrality of database and secondary data structure

(3) carry out cryptogram search:

When carrying out cryptogram search, contain following step at least:

At least utilize key, retrieval requirement, data in the secondary data structure and feature thereof, the relation of secondary data structure and table a, and the operation-interface supported of data base management system (DBMS) retrieve data from database.

The present invention compared with prior art has following remarkable technique effect:

Make original Database Systems of cryptogram search of not supporting to carry out efficient scope and equivalent inquiry to encrypted fields, and can select cryptographic algorithm and key arbitrarily for use by the user, and the affair mechanism that can make full use of legacy data storehouse system guarantees the consistance of entire database, guarantee correctness, the integrality of searching ciphertext result and other database manipulation, and function and efficient are unaffected when the compound condition inquiry of the range query of realizing relating to the ciphertext field.

The present invention can be used for the Database Systems to the higher government of security requirement, army and large enterprise, can improve the security performance of system, improves the practicality of system.

Description of drawings

Accompanying drawing has been showed the position of middleware in the entire database system.

This figure has only indicated ODBC, the actual various ways such as ODBC, JDBC, OLE DB that can be.

Embodiment

The present invention is to provide a kind of method of utilizing the quick cryptogram search of secondary data structure fulfillment database, its main points are to set up the auxiliary data structure of storing with the table in the database by the field that realizes cryptogram search for desire, in the regular job of database, insert attended operation, and utilize secondary data structure to inquire about the ciphertext field secondary data structure.

This method comprises to be set up secondary data structure, safeguard secondary data structure and carries out the step of cryptogram search, specific as follows:

One. set up secondary data structure

Its step comprises:

1. which field in which table in the specified data storehouse need be carried out cryptogram search,

2. for the field m among each the such table a that determines, set up corresponding secondary data structure,

3. for the secondary data structure of being set up, when its data volume is in peak value, should have following feature at least:

(a) at least with one in database table storage,

Finish set up above-mentioned secondary data structure after, should at least one table of secondary data structure, set up assemble index.

The table that secondary data structure and corresponding desire are implemented cryptogram search is to be based upon in the same database.

Two. safeguard secondary data structure

The steps include: the field of needs realization cryptogram search is made amendment, when comprising insertion, deletion, renewal, should be according to modification requirement to database, by the inquiry of secondary data structure being determined and carried out its attended operation, and utilize the transaction management mechanism of database to guarantee consistance, the integrality of database and secondary data structure.

In safeguarding the step of secondary data structure, can use storing process.At least transmit a functional value as parameter in storing process, at least one calculating of the plaintext of the number that this functional value can transmit according to the user gets.

When carrying out the safeguarding of secondary data structure, can use the middleware between data base management system (DBMS) and user.It comprises the steps: at least

(1) request is revised in interception user's data storehouse,

(2) analyze this database modification request,

(3) if database modification request relates to the predefined modification of ciphertext field, then from database, carry out the operation of primary retrieval secondary data structure at least and operating result is analyzed,

(4) according to the result and the modification request of user's data storehouse in the 3rd step secondary data structure is safeguarded at least.

Above-mentioned database manipulation is to be arranged in the db transaction with user's data storehouse retouching operation.

Three. carry out cryptogram search

When carrying out cryptogram search, contain following step at least:

In the step of carrying out cryptogram search, can use storing process.At least transmit a functional value as parameter in storing process, at least one calculating of the plaintext of the number that this functional value can transmit according to the user gets.

When carrying out cryptogram search, can use the middleware between data base management system (DBMS) and user.It comprises the steps: at least

(1) interception user's data library inquiry request,

(2) analyze this data base querying request,

(3) if this data base querying request relates to the predefined inquiry of ciphertext field, then from database, carry out the operation of one query secondary data structure at least and operating result is analyzed, and execution in step (4),

(4) at least according to the 3rd the step reconstruct as a result and carry out the request of user's data library inquiry.

Above-mentioned database query operations is in a db transaction.

Four. specific embodiment

(1) foundation of secondary data structure and maintenance:

To the ciphertext field m among each table a that will realize ciphertext condition query (comprising the inquiry of equivalent condition query and range of condition) in the database, in same database, set up the table that to safeguard and to visit with severals storehouses action statement that original data base management system (DBMS) is supported, be used for accelerating the secondary data structure of inquiry velocity with storage, simultaneously, mail to the data base manipulation statement of database server by middleware software interception client, the statement that wherein relates to the field m among the table a is handled, safeguarding this secondary data structure, and realize efficient scope and equivalent inquiry to encrypted fields.All numbers of hereinafter mentioning as non-dated especially, all refer to represent with binary mode.Expressly, all refer to remove again after corresponding ciphertext item is deciphered the significant actual value of filling bit gained as non-special instruction.Plaintext to all eb items, last 1 perseverance of filling bit is changed to 0, encrypting required plaintext filler sequence, to remove last 1 backsight be signless integer, the comparison of the filler of eb item, be provided with and add 1 the operation etc. all refer to this signless integer is carried out, the filler of er, el, ep does not then have this about last 1 agreement.And establish filler long enough is set, can not circulate.The corresponding number of significant digit expressly of ciphertext item such as eb, et, er, el, ep equates that the length of filler also equates.The comparison of ciphertext item such as non-dated in addition all refers to its size expressly of comparison, as expressly equating then the relatively size of its filler.The size of ciphertext such as non-dated in addition also is meant so size of combination of its plaintext and filler integer.The plaintext of ciphertext field m is assumed to be unsigned int.

1. the form of secondary data structure:

Secondary data structure 1:

It is the secondary data structure in the relevant database, and its feature is as follows:

This data structure is made of at least two " layers ", and each " layer " is made up of at least one " piece ", and wherein, ground floor (level number is minimum one deck) only is made of a piece, is called " root piece ".Each " piece " is made up of some " index entries ", and the no more than constant t of the index entry bar number average of each piece also is no less than [t/2]; If a piece does not have father's piece or his father's piece not to have other sub-piece, then the index entry bar number of this piece also can be less than [t/2].Wherein, t is a constant, and by the size decision of the physical block of index item size and associated databases, so that the maximal value of the size of " piece " is slightly less than the size of the physical block of database, general t is located between 100～200.All index entries all are expressed as a record that concerns among the x.Each the record r that concerns x is made of following four fields: et, eb, ord1, ord2; Wherein, et, eb are identical with the type of ciphertext field m in a table, are generally BINARY or VARBINARY, and all are to be stored in the database with the ciphertext form; Different with the eb value in one deck, but it is identical to allow some eb value corresponding plaintext: and this is to realize by identical plaintext value being filled different bit sequences, encrypting.Ord1 shows the level number of piece affiliated layer in secondary data structure at this record place; For ord2, must meet the following conditions: its size is in the sequence number with the ordering in the piece (ascending order), and the eb item size that equals this record is in the sequence number with the ordering in the piece (ascending order), and the ord2 value of each record is unequal mutually in same.The et item of all records in same " piece " has identical value, and it equals the minimum value in the eb item of all records in this " piece ".Unequal mutually with its et value of any two pieces in one deck.Except that the minimum one deck of ord1 value (i.e. " floor " number), the et value of all records in each in other each layer " piece ", all equal than the eb value of a certain record in " floor " of the level number little 1 of the floor at its place with " floor " number, and only equal with one eb value wherein; Otherwise except that the maximum one deck of ord1 value, the value of the eb item of each bar record in each layer all equates with " floor " number et value than all records in " piece " in " floor " of the level number big 1 of the floor at its place.Except that initialized its eb value at the beginning was the eb value of minimum record, the value of the eb item in last one deck was corresponding one by one with the value of m field in showing a.For one in secondary data structure record n, if its eb field value and one " floor " number equate than the et value of " piece " d of its place level number big 1, then write down the parent record that n is called this piece d, the piece at record n place is called father's piece of this piece d, and this piece d is called the sub-piece of the piece at this record n and place thereof, and all records in the sub-piece all are called the subrecord of parent record.For one in secondary data structure record L, with same of L, and its ord2 value is called fraternal record mutually greater than minimum record and the L of ord2 value in the record of the ord2 value of L record; With same of L, and its ord2 value also is called fraternal record with L mutually less than the maximum record of ord2 value in the record of the ord2 value of L record.The sub-piece of brother's record is called fraternal piece each other.Can write down all records that p one or many iteration asks subrecord to find by certain and be called the descendants's record that writes down p, the piece that the descendants of p writes down the place is called descendants's piece of p and place piece thereof.Ancestors' record that can be called p by the record that p asks parent record to find by the one or many iteration, the piece that the ancestors of p write down the place is called ancestors' piece of p and place piece thereof.If the value of the eb field of a record s is less than belonging to the value of eb field of the record k of one " layer " together with it, the value of the eb field of all descendants' records of s is also less than the value of the eb field that writes down k so.The eb value of all records is all unequal to each other in the same level, but the eb field that allows some records is pairing, and not comprise the plaintext of filler identical, and this can realize by identical plaintext value is encrypted after filling different bit sequences thereafter again.Set up after this secondary data structure, also to concern that (ord1, et ord2) go up foundation and assemble index the set of properties of x, so that belong to together one " piece " be recorded in physical store the time also be stored in the same physical block as far as possible, and accelerate secondary data structure visit and the speed safeguarded.In addition, also will set up index concerning on the attribute m with ciphertext form storage of a, index can be to be assembled or non-gathering.

Secondary data structure 2:

It is a kind of distortion of secondary data structure 1.It can significantly reduce the number of communications and the traffic when inquiry and modification ciphertext field between middleware and the database server, but its security is not as good as secondary data structure 1.

On the basis of secondary data structure 1, it increases by three field: el, er and ep again in each record (index entry).For one in secondary data structure record bn, if the brother of the bn that the ord2 value is littler than the ord2 value of bn is recorded as bns, if the plaintext of the eb item of bn is kb1 position (length of empty common prefix is 0) with the length of long common prefix that the plaintext of the eb item of bns is counted from highest significant position, then the value of the el item of bn be get this record the plaintext (comprising filler) of eb item from preceding kb1+1 position that highest significant position is counted and the in kb1+2 position 1, all the other positions fill out 0, and then encrypt the ciphertext of gained; If bns does not exist, then the el item of bn is empty; If the brother of the bn that the ord2 value is bigger than the ord2 value of bn is recorded as bnb (if there is not this fraternal record in bn, the brother who then gets the parent record that the ord2 value is bigger than the ord2 value of its parent record in its piece at parent record place is recorded as bnb, by that analogy, constantly trace back, if until it is at ancestors' record of a layer, if these ancestors still do not have so fraternal record, then there is not the bnb record, then the er item of bn nullifies), if the longest common prefix length that the plaintext (comprising filler) of the eb item of record bn and the eb item of bnb is counted from highest significant position is the kb2 position, then the value of the el item of bn is to get the plaintext (comprising filler) of eb item of this record bn from preceding kb2+1 position that highest significant position is counted, and in kb2+2 position 1, all the other positions fill out 0, and then encrypt the ciphertext of gained.The ep item of bn is just meaningful during the maximum record of ord2 value in piece at bn only, if the brother that the ord2 value of the parent record bnf of bn is big than the ord2 value of bnf is recorded as bb, if there is not so fraternal record in its parent record, the ord2 value brother big than the ord2 of bnf2 of parent record bnf2 who then establishes its parent record is recorded as bb, by that analogy.If trace back to its ancestors in the minimum layer of ord1 value always, these ancestors still do not have so fraternal record, and then the ep item of bn is meaningless, is null value.If the longest common prefix length that the plaintext (comprising filler) of the eb item of bn and bb is counted from highest significant position is the kb3 position, then the value of the ep item of bn is that the plaintext (comprising filler) of eb item of bb is from preceding kb3+1 position that highest significant position is counted and in kb3+2 position 1, all the other positions fill out 0, and then encrypt the ciphertext of gained.The further feature of this secondary data structure and the foundation of index and secondary data structure 1 are identical.

In secondary data structure 1 and 2, brother's record is with the adjacent fraternal record of layer; If two records aa and bb are at same one deck, and aa is the maximum record of ord2 value in the piece at its place, bb is the minimum record of ord2 value in the piece at its place, and it is fraternal record in same that certain ancestors that certain ancestors of aa write down aac and bb write down bbc, and the ancestors record (if do not have such ancestors to write down then no this item requires) that all place levels of aa are lower than aac place level (level number is greater than the level number of aac) is the record of ord2 value maximum in the piece of place, the ancestors record (if do not have such ancestors to write down then no this item requires) that all place levels of bb are lower than bbc place level (level number is greater than the level number of bbc) is the record of ord2 value minimum in the piece of place, and the ord2 value of bbc is bigger than the ord2 value of aac, and then aa and bb are also each other with the adjacent fraternal record of layer.

Secondary data structure 3:

It is the another kind distortion of secondary data structure 1, and is more more efficient than secondary data structure 1 and 2, is applicable to object-relevant database.Its feature is as follows:

The table a that will contain encrypted fields m when using this secondary data structure is designed to a table that only contains an attribute column, and the type of this attribute column is object or structure type a, and all properties of former table a becomes the attribute of this object.Corresponding secondary data structure also concerns the x storage by one in the database, and the attribute column of this relation only has one, and type is object or structure type x.It is made of at least two " layers ", and each " layer " comprises that at least one type is object (or structure, the down with) record of x, and wherein, ground floor (one deck of level number minimum) only has an object, is called root object.Each object is made of following attribute: the attribute ord1 of the level number of " layer " that is used for writing down this object place, the array j-array of a structure type j, the field num of the effective length (number of elements of array) of an array that is used for interrecord structure type j; Structure type j is made of following attribute: a ciphertext attribute eb identical with the m type, one is pointed to the reference type ref that type is the object of x (if last one deck is then for pointing to the reference type of a object), an ord2 field, ordering (ascending order) in the ord2 value of its value in whole array should equal the position of corresponding j class formation in array, equal the ordering (ascending order) of eb item size in whole array element of corresponding j class formation, j class formation array increases progressively arrangement successively by its eb item plaintext value, and the ord2 value does not repeat in the same target.The value of num is not more than a constant t, also is not less than [t/2], and still, if an object does not have parent object or its parent object not to have other subobject, then its num value also can be less than [t/2].T is a constant, by the length of j class formation and and the size decision of the physical block of associated databases so that the maximal value of the size of an object is slightly less than the size of the physical block of database.General t is located between 100～200.Except that one deck of " floor " number maximum, all ref point to one " floor " number x class object than the object big 1 at it self place.Level number is that the ref of each j structure of the x object of maximum one deck points to an a class among the table a to picture, remove the ref properties point of certain j structure of certain object d of little 1 that each the x class object g among one deck appearance x of level number minimum compares by level number in the x table, and only pointed to by such ref.Except that the object of one deck of level number maximum, the eb attribute of arbitrary j type structure of any x class object all equals the minimum value in the eb attribute of all j type structures of the ref of this j class formation x class object pointed, and this minimum value is the eb value of leftmost j class formation in the j class formation array.The subobject that the ref attribute of arbitrary j type structure of object x class object pointed is called this object and this j class formation.For a j class formation p, if its an x class object of ref properties point o, then p is called the father j class formation of this object o, and the x class object at p place is called the parent object of o.Can ask the object of subobject arrival to be called descendants's object of this object or this j class formation by one or many by an object or a j class formation, the j class formation of descendants's object be called descendants j class formation; Can be called the ancestors' object or the ancestors j class formation of this object or this j class formation by an object or an object or the j class formation that the j class formation asks parent object and father j class formation to arrive by one or many.If the eb attribute of certain j class formation attribute of an object belongs to the eb attribute li of certain j class formation attribute of certain x class object of one deck together less than certain and it, then the eb attribute of all j class formations of descendants's object of this j class formation is all less than li.The eb item that is comprised in the x class object of one deck of level number maximum, except that initialized at the beginning its eb value is got the eb item of minimum j class formation, the value of the m attribute of the record among other value and the table a is correspondent equal one by one, the record in the x table at the m attribute place that j class formation ref attribute also corresponding sensing in its place is corresponding.J class formation adjacent one another are is called fraternal j class formation mutually in the j class formation array.All eb values that all x class objects of arbitrary layer are comprised are unequal in twos each other, equate that but allow the pairing plaintext of some eb values (not comprising filler) this can realize by identical plaintext value is encrypted again after filling different bit sequences thereafter.This secondary data structure need be set up index on the ord1 of this object attribute, perhaps quoting with that object of a special data structure storage level number minimum.Also on its attribute m, set up index for a table.

Secondary data structure 4:

It is the distortion of data structure 2, is applicable to object-relevant database.Its feature is as follows:

It is by on the basis of data structure 2, adds er and three encrypted fields of el, ep realize at each j class formation of each object.For a j class formation bn, if the fraternal j class formation of the bn that the eb value is littler than the eb value of bn is bns, the plaintext (comprising filler) of the eb item of bn is the kb1 position with the longest common prefix length that the plaintext (comprising filler) of the eb item of bns is counted from highest significant position, then the value of the el item of bn be get bn the plaintext (comprising filler) of eb item from preceding kb1+1 position that highest significant position is counted and the in kb1+2 position 1, all the other positions fill out 0, and then encrypt the ciphertext of gained; If bns does not exist, then the el value of bn is empty; If the fraternal j class formation of the bn that the eb value is bigger than the eb value of bn is not (if exist this j class formation, then get the fraternal j class formation of the father j class formation that the eb value is bigger than the eb value of its father j class formation in its object at father j class formation place, by that analogy, constantly trace back, if until it is at the ancestors j class formation of top layer, if these ancestors still do not have so fraternal j class formation, then the er item of bn nullifies) be bnb, the plaintext (comprising filler) of the eb item of bn is the kb2 position with the longest common prefix length that the plaintext (comprising filler) of the eb item of bnb is counted from highest significant position, then the value of the er item of bn is to get the plaintext (comprising filler) of eb item of bn from preceding kb2+1 position that highest significant position is counted and in kb2+2 position 1, all the other positions fill out 0, and then encrypt the ciphertext of gained.The ep item of bn is just meaningful during the maximum j class formation of eb value in object at bn only, if the father j class formation of bn is bnf, the bnf brother j class formation that the eb value is bigger than the eb value of bnf is that bb is not (if there is so fraternal j class formation in bnf, the corresponding fraternal j class formation of then establishing bnf is bb, by that analogy.If trace back to its ancestors in top always, these ancestors still do not have so fraternal j class formation, then the ep item is meaningless, be null value), if the longest common prefix length that the plaintext (comprising filler) of the eb item of bn and bb is counted from highest significant position is the kb3 position, then the value of the ep item of bn be the plaintext (comprising filler) of eb item of bb from preceding kb3+1 position that highest significant position is counted and the in kb3+2 position 1, all the other positions fill out 0, and then encrypt the ciphertext of gained.The further feature of this secondary data structure, the foundation of index and secondary data structure 3 are identical.

In secondary data structure 3,4, fraternal j class formation is with the adjacent fraternal j class formation of layer; If two j class formation aa and bb are at same one deck, and aa is the maximum j class formation of eb value in the object at its place, bb is the minimum j class formation of eb value in the object at its place, and certain ancestors j class formation bbc of certain the ancestors j class formation aac of aa and bb is the fraternal j class formation in the same target, and the ancestors j class formation (if do not have such ancestors j class formation then no this item requires) that all place levels of aa are lower than aac place level (level number is greater than the level number of aac) is the maximum j class formation of eb value in the object of place, the ancestors j class formation (if do not have such ancestors j class formation then no this item requires) that all place levels of bb are lower than bbc place level (level number is greater than the level number of bbc) is the minimum j class formation of eb value in the object of place, and the eb value of bbc is bigger than the eb value of aac, and then aa and bb are also each other with the adjacent fraternal j class formation of layer.

2. the initialization of secondary data structure:

(1) to realizing the ciphertext condition query in the database, each the table ciphertext field m among a that comprises the inquiry of equivalent condition query and range of condition, in same database, set up an available common SQL statement and safeguard and access relation x, be used for accelerating the secondary data structure of inquiry velocity with storage.For relevant database, this table can be made up of following field: ord1, ord2, et, eb, el (optional), er (optional), ep (optional); For object-relevant database, this table can be made up of an object type x, this object type comprises an attribute ord1, an attribute num, the array j-array of a j class formation, j class formation comprise an attribute eb and a reference type attribute ref, an attribute ord2, an attribute er (optional), an attribute el (optional), an attribute ep (optional).

(2), select the hierachy number s of this secondary data structure earlier according to the size of the possible size of showing a and t value for secondary data structure 1 and 2.The standard of selecting should make the feature by above-mentioned secondary data structure make the minimum possible capacity (record number) of last one deck write down two to three times of number greater than the maximum possible of table a.General select 5～6 layers and get final product, may be huge especially unless show the record number of a, as above 1,000,000,000.Then, insert a record at each layer, the et of these records and eb value are equal to the value of encrypting again with after minimum value that expressly can obtain and the connection of integer 1 filling value.The ord2 field of these records is made as 1, and ord1 is made as corresponding level number, and other field nullifies.For secondary data structure 3 and 4, select the hierachy number m of this secondary data structure in the time of at the beginning earlier according to the size of the possible size of showing a and t value.The standard of selecting should make the feature by above-mentioned secondary data structure make the minimum possible capacity (j class formation sum) of last one deck write down two to three times of number greater than the maximum possible of table a.General select 5～6 layers and get final product, may be huge especially unless show the record number of a, as above 1,000,000,000.Insert an object at each layer then, the ord1 value of these objects is the level number of the layer at its place, the num value is 1,1 of j class formation, the ord2 value of its j class formation is made as 1, and its eb value all is made as the value of encrypting again with after minimum value that expressly can obtain and the connection of integer 1 filling value, and its ref value is pointed to that object of his following one deck, the ref field of the j class formation of that object of last one deck is empty, and other attribute of these objects all is made as sky.

3. the maintenance of secondary data structure:

The maintenance of secondary data structure realizes by middleware.

(1) middleware:

Its position in the entire database system as shown in drawings.It is between database application and the data base management system (DBMS), can be installed in database client or application server end, also can be installed in database server side, can also be installed on the special security server between database client (or application server end) and the server end.Generally, should be installed on the special security server,, make the ENCRYPTION FOR DATA BASE key be independent of user's key simultaneously, and alleviate the computation burden of database server so that the maintenance of database and safety management are separated for better security.This architecture processes is the most complicated.Be that the basis describes hereinafter with this architecture.Because ultimate principle is identical, this architecture can be transformed into other two kinds of architectures easily.

Middleware requires database client by standard interface accessing databases such as ODBC, JDBC, OLE DB.It requires at database client a middleware client to be installed simultaneously.This middleware client comprises an authentication and key negotiation module and the virtual data base management system (DBMS) driver at standard interfaces such as ODBC.When database application needs accessing database, connect earlier by data base management system (DBMS) driver virtual in the middleware client and middleware and database, carry out authentication and key agreement by the middleware on middleware client and the long-range security server again, initiate a read operation by the user again to a Virtual table in the database, this table physical presence not in database, middleware client will consult by current virtual database read operation key return to application program.Simultaneously, long-range middleware also can with this key with tie up in addition record with socket number of this user's middleware client communication, be stored in the arranging key communication table.User's data storehouse application program then, the operation of submitting canonical function, data to and expressing to the driver (middleware client) of virtual data base management system (DBMS) by standard interfaces such as ODBC to database with SQL statement etc., the secret key encryption of consulting before this of the value of ciphertext field wherein, these functions and SQL statement, data are submitted to long-range safe middleware by virtual data base management system driver (middleware client) again.

The safe middleware that is installed on the telesecurity server stores a dictionary, it is the data base encryption information bank, it is being put down in writing, and which field of which relation is to need to encrypt storage in the database, which field is these fields be in its relation, what field name is, what its corresponding encryption key is.Simultaneously, it is also safeguarding an arranging key communication table, putting down in writing with each socket number corresponding consult user key.Middleware is intercepted and captured the operation of user's data storehouse, and SQL statement is wherein carried out simple grammatical analysis 0, if wherein do not relate to encrypted fields, then directly transfer to database and carry out, and the result that will carry out returns to the user.If wherein relate to encrypted fields, the encryption that it sends with the corresponding secret key decrypted user that writes down in the arranging key communication table data, can obtain the plaintext of data, use the associated databases storage key of from the data base encryption information bank, finding to encrypt again, can obtain the ciphertext in the corresponding database.Simultaneously, he issues enciphered data in user's the result for retrieval with the corresponding secret key deciphering of database to database server, use again with the user consult secret key encryption, send application program again to.The data base manipulation statement that he sends the user, what relate to encrypted fields in the function also carries out certain processing, pass to database server again, with the encryption and decryption that be independent of client of realization, and safeguard that the consistance of secondary data structure also realizes the high efficiency condition of encrypted fields is inquired about to encrypted fields.

(2) for the maintenance of secondary data structure 1:

Maintenance when 1. adding: when application program will be added a respective encrypted field m in table a plaintext is the record of plain, after the odbc middleware is caught this operation, just add operation below the embedding in the affairs of operating the place at this according to the following steps, in last one deck of x table, inserting a record, and whole secondary data structure is done certain adjustment:

I. tackle and preserve corresponding SQL statement and in the affairs at this SQL statement place, carry out following operation:

Ii. retrieve all records in that piece of level number minimum in the x table with SQL statement, establish it and be piece g;

Iii. the record among the piece g is pressed ord2 value ascending sort, retrieve eb item among the piece g expressly (not containing filler) smaller or equal to the record r of ord2 value maximum in the record of the plaintext of plain; If r do not have sub-piece, execution in step iv then, otherwise take out this sub-piece with the sql statement, the value of this sub-piece is composed to piece g, repeated execution of steps iii;

Iv. if equal plain after the plaintext of the eb item of r removes filler, if the filler of the plaintext of the eb item of r is rebk, encrypt after then plain being filled rebk+1, otherwise plain is encrypted in afterbody filler 1 back, if the value of gained is neb, construct a new record, its eb value equals neb, et equals the et value of r, the ord2 value that ord2 equals r adds 1, ord1 equals the ord1 value of r, and it is inserted in the piece at r place, and the ord2 value of all simultaneously that ord2 value in the piece at r place is big than the ord2 value of r records adds 1;

V. if after inserting, the record number of the piece rblock at r place equals t+1, then that ord2 value in the record among the rblock is maximum [t/2] bar record shifts out, constitute a new piece, the et value of all records of new piece changes the minimum value of the eb item in the record that shifts out into, other field value is constant, if r has parent record, then with new et value as the eb value, the ord2 value of the parent record of r adds 1 as the ord2 value, the ord1 value of the parent record of r is as the ord1 value, the et value of the parent record of r is as the et value, construct a record and insert in the piece at parent record place of r, and the ord2 value of the record that the ord2 value is bigger than the ord2 value of the parent record of r in the piece at the parent record place of r is added 1, and regard the parent record of r as r repeated execution of steps v.If r does not have parent record, or write down number in the piece at r place, then execution in step vi less than t+1;

Vi. middleware is changed to neb with the ciphertext field that the SQL that is blocked inserts in the statement, carries out the SQL statement that is blocked and execution result is returned to the user.

Maintenance when 2. deleting: when application program will be in table a the ciphertext value of a corresponding ciphertext field m of deletion be that the record of c is (for each deletion action to record in a table, middleware all needs elder generation to pass through to inquire about the value c of the m field of the correspondence of determining each bar desire deletion record in same affairs, the processing of following several deletion situations also is the same, repeat no more) time, after the odbc middleware is caught this operation, attended operation in the time of just will deleting is embedded in the affairs at this deletion action place, so that one of deletion is write down and whole secondary data structure is made certain adjustment in last one deck of x table.Ciphertext value c is meant with the ciphertext value after the storage key encryption of database.Attended operation during deletion is specific as follows:

Iii. piece g is pressed ord2 value ascending sort, retrieve among the piece g eb item expressly (comprise filler, down with) smaller or equal to the record r of ord2 value maximum in the record of the plaintext of c (comprise filler, down with); If r do not have sub-piece, execution in step iv then, otherwise value that will this sub-piece is composed to piece g, repeated execution of steps iii;

Iv. if the eb field of r equals c, then delete r, and its ord2 value of record that ord2 value among the piece g is bigger than the ord2 value of r subtracts 1; If r is the minimum record of ord2 value in the former g piece, then the value of the et item of all records in the g piece is made as the value of eb item of the record of the ord2 value minimum in the piece of deletion back, and the eb item of its parent record is made as the new et value of this sub-piece, if its parent record also is the record with eb minimum in the piece, then adjust the piece at its parent record place equally, the rest may be inferred;

V. if the record number in the g piece of deletion back becomes [t/2]-1, and g is not the root piece, then if the record number of the sub-piece of certain brother record br of its parent record fa greater than [t/2], be num, then from this brother of its parent record writes down the sub-piece t1 of br, take out eb value minimum [(num-[t/2]+2)/2] bar record (writing down if br is the ord2 value brother big than the ord2 value of fa of fa), or from this brother of its parent record writes down the sub-piece of br, take out eb value maximum [(num-[t/2]+2)/2] bar record (writing down if br is the ord2 value brother little than the ord2 value of fa of fa), and from this brother writes down the sub-piece of br, delete this [(num-[t/2]+2)/2] the bar record, adjust the ord2 field and the et field of the record among the sub-piece t1 that this brother writes down br simultaneously, make eb increase progressively arrangement with the increase of ord2 value, the ord2 value does not repeat, et equals in the piece minimum eb value, and makes the eb item of br equal the et value of adjusted t1.With this [(num-[t/2]+2)/2] the bar record is inserted into and forms a new piece in the g piece, and the ord2 value of adjusting the record in this new makes the ord2 value of its all records represent the big or small sequence number (ascending order) of its eb value in new piece, the et value equals eb value minimum in the new piece, and the parent record of adjusting the g piece makes its eb value equal the et value of new g piece.If the record number average of the sub-piece of the brother of the parent record fa of g piece record is [t/2], then certain the fraternal sub-piece t3 that writes down br1 with this piece g and fa is merged into a new piece, and ord2 and the et field of adjusting this record of new make the ord2 value of its all records represent the big or small sequence number (ascending order) of its eb value in new piece, the et value equals eb value minimum in the new piece, deletion record fa and br1 from father's piece of g piece simultaneously, the record that equals the et value of new piece with a new eb value replaces it, and adjust ord2 value and et value in father's piece accordingly, make the ord2 value of its all records represent the big or small sequence number (ascending order) of its eb value in piece, the et value equals eb value minimum in the piece, again the value of this father's piece is composed to piece g, repeated execution of steps v.If g does not have parent record or parent record not to have record number in brother record or the g piece greater than [t/2]-1, then execution in step vi;

Vi. carry out the SQL statement be blocked and execution result is returned to the user.

Maintenance when 3. upgrading:

When application program will be upgraded the value of m field of a record in table a, if the former ciphertext value of this field is x, the plaintext of new value is nm, (for each renewal operation to the m field of record in a table, middleware all needs to desire the more initial value of the m field of the correspondence of new record by inquiring about definite each bar earlier in same affairs, the processing of the more new situation of following several secondary data structuries also is the same, repeat no more) then this statement is by after the middleware interception, operation below this middleware inserts in the affairs at corresponding operation place: carrying out with deletion m field ciphertext value earlier is the identical secondary data structure maintenance work of record of x, carrying out with adding m field plaintext value again is the identical secondary data structure maintenance work of record of nm, treat again the statement of intercepting and capturing to be let pass after these steps are finished smoothly, and the result that will carry out returns to application program.Realize L+1 time to 4L+1 time mutual (L is the number of plies altogether of secondary data structure) between this action need middleware and the database server, but because the foundation of the gathering index of the particular design of supplementary structure and secondary data structure, these can be finished rapidly alternately.

(3) for the maintenance of secondary data structure 2:

For secondary data structure 2, need to create a storing process in database server side, this storing process is carried out in database server side fully, this storing process receive at least a ciphertext c the set (back also is referred to as the prefix ciphertext collection of this number) of all prefix ciphertexts of the plaintext that does not comprise padding sequence.If a number (is used binary representation, all numbers as non-dated especially of hereinafter mentioning are all with binary representation), count from its highest significant position, get its preceding k bit length, fill out 1 in the k+1 position again, all the other positions fill out 0, encrypt again, the number that obtains is called the prefix ciphertext of this number, wherein, k can be 0 smaller or equal to the scale-of-two length that does not comprise filling bit of this number.

Concrete steps are as follows:

I. tackle and preserve corresponding SQL statement, and in the affairs at this SQL statement place, carry out following operation:

Ii. call a storing process, this storing process receives the prefix ciphertext collection of plain (not comprising filler, together following) as parameter, and carry out (3) according to the following steps:

Iii. retrieve all records in that piece of level number minimum in the x table with SQL statement, if it is piece g, the ord2 value pressed in record wherein arranges from small to large from left to right, become an ordered set s, find out the record elr that keeps right most that its el value is concentrated in the prefix ciphertext of plain then, find out the record erl that keeps left most (rightmost record being considered as erl) that the er value is concentrated in the prefix ciphertext of plain among the s again as not existing then, then the size of plain otherwise be in the eb value of elr plaintext (when comparison the filler of plain be considered as maximal value, (open interval between the eb value of the record lb adjacent down together) with its left side, if there is no elr does not then have this), be in (open interval between the eb value of adjacent record rb on the eb value of erl and its right, if erl does not have the adjacent record on the right, then this change into " greater than the eb value of erl record).The sub-piece of the adjacent record lb in the left side of elr is taken out, ascending order by ord2 is arranged from left to right, constitute an ordered set sl (if there is no elr or lb s.m.p piece, then do not carry out this step), replace all records on the elr left side among the s with this ordered set, and replace the el value of elr with the ep value of the maximum record of ord2 value in this sub-piece; The sub-piece of erl is taken out, arrange in the same way, with constituting an ordered set sr with quadrat method, the el value that replaces the record that keeps left most among the sr with the el item of erl, replace erl with this ordered set again, and replace the el item of the right adjacent record rb of former erl with the value of the ep item of the maximum record of ord2 value in this sub-piece, remove all records (then not carrying out this step) on rb the right simultaneously as there not being rb.Finish after above two steps, newer ordered set is regarded as s, do similar operation again, so go down, till all replacement operations can not be carried out again.To concentrate the elr find and rb to ask the minimum descendants's record (then just taking from body) of its eb value at last s to replace they self as if sin prole superstite, then new be recorded in position that last one deck inserts or be recorded in same with lb that last s concentrates and its ord2 value should be right after thereafter, otherwise with erl in same and its ord2 value should be right after thereafter.This storing process returns last elr (after the replacement, down with), lb, erl, rb (after the replacement, down with) and all ancestors' records thereof.Simultaneously, this storing process calculates as inserts how to carry out the adjustment of whole secondary data structure by the mode of the adjustment after the insertion of similar auxiliary data knot 1 by this dual mode, which and need reset by er, ep, the el field of record after the defined analysis adjustment, and with these records and insert, the adjacent brother's record of adjusted possible same layer, possible adjustment mode return together that (all records that return all need indicate the Position Number at its place in each piece, and the existing record number of place piece), calculate adjusted new er, el, ep value by middleware.

Iv. middleware calculates the plaintext of the eb field of elr, lb, erl, rb, see that plain (not comprising filler) is between the plaintext (not comprising filler) that is in the eb item of lb and elr (open interval), still be between the plaintext (not comprising filler) of the eb item of erl and rb (open interval), or the plain plaintext (remove filler after relatively) that equals the eb item of erl equal elr the plaintext (remove filler after relatively) of eb item; If be between the plaintext of eb item of lb and elr, then should in same of lb and lb after, insert, the eb item of the record of insertion for usefulness integer 1 filling of plain back after encryption again, the insertion in the setting of other field and the secondary data structure 1 is similar; Between the plaintext as if the eb item that is in erl and rb, then should insert in same of erl and after erl, the eb item of the record of insertion is that plain fills the back encryption with integer 1, and the insertion in the setting of other field and the secondary data structure 1 is similar; If the 3rd kind of situation then should be inserted in same of erl and after erl, the filler of establishing erl is erlt, and then the eb item of the record of Cha Ruing is that plain fills the back encryption with (erlt+1), and the insertion in the setting of other field and the secondary data structure 1 is similar.After determining the position of one deck insertion in the end, the adjustment of the secondary data structure that middleware causes after determine inserting again and er, ep, the el value that need reset, and finish the work of reseting of corresponding insertion, adjustment (set-up procedure all fours and secondary data structure 1 that it causes because of insertion) and er, el, ep field as storing process of parameter call with these and the position of insertion, the method for adjustment etc.

V. middleware inserts ciphertext field in the statement is changed to the record that inserts in the last one deck of secondary data structure eb value with the SQL that is blocked, and the SQL statement that execution is blocked also returns to the user with execution result.

Maintenance when 2. deleting: when application program will be in table a the ciphertext value of a corresponding ciphertext field m of deletion when being the record of c, after the odbc middleware is caught this operation, attended operation in the time of just will deleting is embedded in the affairs at this deletion action place, so that one of deletion is write down and whole secondary data structure is made certain adjustment in last one deck of x table.Ciphertext value c is meant with the ciphertext value after the storage key encryption of database.Attended operation during deletion is specific as follows:

Ii calls a storing process, and this storing process is carried out in database server side, and it receives the prefix ciphertext collection (refer to the prefix ciphertext collection that it does not comprise filler, down with) of the plaintext of c and c itself as parameter, and iii execution according to the following steps:

The iii.SQL statement retrieves all records in that piece of level number minimum in the x table, if it is piece g, the ord2 value pressed in record wherein arranges from small to large from left to right, become an ordered set s, find out the record elr that keeps right most that its el value is concentrated in the prefix ciphertext of the plaintext of c or its eb value equals c then, finding out er value among the s again concentrates or its eb value equals the record erl that keeps left most (if there is no then a rightmost record being considered as erl) of c in the prefix ciphertext of the plaintext of c, the size of c or be in (closed interval between the eb value of the eb value of the elr record lb adjacent then with its left side, if no elr does not then have this), be in (closed interval between the eb value of adjacent record rb on the eb value of erl and its right, if there is not the adjacent record on the right in erl, then this changes " greater than the eb value of erl record " into).The sub-piece of the adjacent record lb in the left side of elr is taken out (if its s.m.p piece or do not have elr and then do not carry out this step), ascending order by ord2 is arranged from left to right, constitute an ordered set sl, all records that replace the elr left side among the s with this ordered set, and with the el value (, then do not carry out this and get sub-piece and alternative steps) of the ep value replacement elr of the maximum record of ord2 value in this sub-piece if the eb value of elr is c; The sub-piece of erl is taken out (if its s.m.p piece does not then carry out this step), arrange in the same way, constitute an ordered set sr, the el item that replaces leftmost record among the sr with the el item of erl, replace erl with this ordered set sr again, and replace the el item of former erl the right adjacent record rb with the value of the ep item of the maximum record of ord2 value in this sub-piece, remove all records (then not carrying out this step) on rb the right simultaneously as there not being rb.Finish after above two steps, newer ordered set is regarded as s, do similar operation again, so go down, till all replacement operations all can not be carried out again.Then concentrate the record must find the eb item to equal c at last s, again with it in the end the minimum descendants of eb value in one deck write down replace it (then not carrying out this step) if sin prole superstite writes down.If this is recorded as p, the p in the end concentrated left side brother of s is recorded as lbl, the lbl in the end maximum descendants of the eb value in one deck is recorded as pl (if the lbl sin prole superstite is then just got lbl itself), the p in the end brother on s the right of concentrating is recorded as rbl, the rbl in the end minimum descendants of the eb value in one deck is recorded as pr (if the rbl sin prole superstite is then just got rbl itself), then return p, pl and pr and all ancestors thereof records (all records that return all need indicate the Position Number at its place in each piece, and the existing record number of place piece).Simultaneously, the adjustment that is similar to secondary data structure 1 that needs are done secondary data structure 2 according to deleting p of this storing process, which is extrapolated be recorded in the value that to reset its er, el, ep field after the adjustment and the adjacent brother's record of the same layer at deletion, adjusted these records that adjustment mode and these records and this storing process are known by inference returned to middleware that (all records that return all need indicate the Position Number at its place in each piece, and the existing record number of place piece), calculate adjusted new er, el, ep value by middleware.

Iv. the value returned according to this storing process of middleware calculates ep, el, the er value that needs are reset after the adjustment and calls another storing process and delete the eb value be his similar and adjustment secondary data structure 1 of Xingqi of going forward side by side of the record of c in last one deck of secondary data structure, and is provided with and needs el, er and the ep value reset after the adjustment.

V. the let pass deletion action of interception and execution result returned to the user of middleware.

Maintenance when 3. upgrading:

When application program will be upgraded the value of m field of a record in table a, if the former ciphertext value of this field is x, the plaintext of new value is nm, after then this statement is tackled by middleware, operation below then this middleware inserts in the affairs at corresponding operation place: carrying out with deletion m field ciphertext value earlier is the identical secondary data structure maintenance work of record of x, carrying out with adding m field plaintext value again is the identical secondary data structure maintenance work of record of nm, treat again the statement of intercepting and capturing to be let pass after these steps are finished smoothly, and the result that will carry out returns to application program.Realize L+1 time to 4L+1 time mutual (L is the number of plies altogether of secondary data structure) between this action need middleware and the database server, but because the foundation of the gathering index of the particular design of supplementary structure and secondary data structure, these can be finished rapidly alternately.

(3) for the maintenance of secondary data structure 3:

Its maintenance process and secondary data structure 1 are similar, and only piece has changed object into, and the processing of writing down in the piece has been become processing to j class formation in the object, and the division of piece and merging have become the division and the merging of object.Concrete steps are as follows:

Maintenance when 1. adding: when application program will be added a respective encrypted field m in table a plaintext is the record of plain, after the odbc middleware is caught this operation, just add operation below the embedding in the affairs of operating the place at this according to the following steps, in certain object of last one deck of x table, inserting a j class formation, and whole secondary data structure is done certain adjustment:

Ii retrieves that object of level number minimum in the x table with SQL statement, establishes it and is object g;

Iii. retrieve in object g, the plaintext of its eb item (not comprising filler) is smaller or equal to the maximum j class formation r of ord2 value in the j class formation of plain; If r do not have subobject, execution in step iv then, otherwise the value of this subobject is composed to object g, repeated execution of steps iii;

Iv. if equal plain (not comprising filler) after the plaintext of the eb item of r removes filler, if the filler of the plaintext of the eb item of r is rebk, encrypt after then plain being filled rebk+1, encrypt otherwise plain is filled integer 1 back at afterbody, the value of establishing gained is neb, constructs a new j class formation, his eb value equals neb, it is inserted in the j class formation array of object at r place, is inserted in after the element r of j class formation array of this object, and the element after the r is moved successively backward.With the num value of this object add 1 and the ord2 property value of each j class formation of corresponding adjustment with the ascending sort of eb item size in whole object that make it to equal its place j class formation number.

V. if after inserting, the j class formation number of the object rblock at r place equals t+1, then the ord2 value is bigger in the j class formation among the rblock [t/2] individual j class formation is shifted out, constitute a new object newo, and the ord2 value of the arrangement of the j class formation of the new and old object of corresponding adjustment and each j class formation, the num value of object, make the j class formation increase progressively arrangement by the size of its eb value, make the number of j class formation in the num indicated object, ord2 is the sequence number of j class formation in array at its place, other field value is constant, if r has parent object, then with the minimum value of eb in the j class formation of new object eb value as a new j class formation, ref (newo) is as the value of the ref field of new j class formation, constructing a new j class formation is inserted in the parent object of r and goes, adjust the arrangement of j class formation in the parent object simultaneously, make it to increase progressively arrangement by the size of its eb value, the ord2 value of adjusting each j class formation makes it to equal the sequence number of its place j class formation in array, and the num value of adjusting object makes the number of j class formation in the num indicated object.And regard the father j class formation of r as r, repeated execution of steps v.If r do not have parent object, or after inserting the j class formation number of r place object less than t+1, execution in step vi then;

Vii. middleware will the value of the ref field of the j class formation of last one deck insertion be made as the record that has just inserted in the sensing a table in the x table.

Maintenance when 2. deleting: when application program will be in table a the ciphertext value of a corresponding ciphertext field m of deletion when being the record of c, after the odbc middleware is caught this operation, attended operation in the time of just will deleting is embedded in the affairs at this deletion action place, so that delete a j class formation and whole secondary data structure is made certain adjustment in certain object of last one deck that x shows.Ciphertext value c is meant with the ciphertext value after the storage key encryption of database.Attended operation during deletion is specific as follows:

Iii. retrieve the j type structure r of eb item plaintext among the object g (comprising filler, down together) smaller or equal to the plaintext value maximum of eb item in the j type structure of the plaintext (comprising filler) of c; If r does not have the subobject of x type, execution in step iv then, otherwise the value of this subobject is composed to piece g, repeated execution of steps iii;

Iv. if the eb attribute of r equals c, then from the j class formation array of g, delete this j class formation, and with the reach of the j class formation of r back, and adjust the value of ord2 attribute and num attribute accordingly, make num represent the number of j class formation in the new object, ord2 is the sequence number (ascending order) of j class formation in array at its place, if r is the minimum j class formation of ord2 value in the object of place, then adjust the value of eb field of the father j class formation of r, make it equal eb minimum in its subobject, if the father j class formation of r also be the j class formation of ord2 value minimum in the object of place, then the father j class formation of the father j class formation of r is done similar adjustment, the rest may be inferred;

V. if the j class formation number in the g object of deletion back becomes [t/2]-1, and the j class formation number of the subobject of certain fraternal j class formation br of his father j class formation fa is greater than [t/2], be num, then from the subobject t1 of this brother j class formation br of his father j class formation, take out eb value minimum [(num-[t/2]+2)/2] individual j class formation (if the eb value of br than the eb value of fa greatly), or from this brother j class formation br of his father j class formation, take out [(num-[t/2]+2 of eb value maximum)/2] individual j class formation (if the eb value of br is littler than the eb value of fa), they are inserted among the g, and from the subobject t1 of this brother j class formation br, delete this [(num-[t/2]+2)/2] individual j class formation, rearrange the j class formation array of t1 and g simultaneously, make it to increase progressively arrangement by the eb value, adjust the value of their ord2 attribute and num attribute, make the number of j class formation in the num indicated object, ord2 is the sequence number of j class formation in its object array at its place, and makes the eb item of br and fa equal in adjusted its subobject the minimum value of eb item in all j class formations.If the j class formation number average of the subobject of the fraternal j class formation of the father j class formation fa of g is [t/2], then the subobject t3 with certain fraternal j class formation br1 of g and fa is merged into a new object, make newly the union that the eb value of all j class formations of picture is equaled above-mentioned two objects, and adjust this new object and make its j class formation array increase progressively arrangement by the value of its eb attribute, adjust the value of ord2 attribute and num attribute, make num represent the number of j class formation in the new object, ord2 is the sequence number of j class formation in array at its place, from the parent object of t object, delete j class formation fa and br1 simultaneously, the j class formation of minimum value that equals the eb value of new object with a new eb value replaces it, and the value of adjusting other fields of parent object accordingly makes it to satisfy the definition requirement.Again the value of this parent object is composed to object g, repeated execution of steps v.If g does not have father j class formation or father j class formation not to have j class formation number in fraternal j class formation or the g object greater than [t/2]-1, then execution in step vi;

Vi. the let pass deletion action of interception and execution result returned to the user of middleware.

Maintenance when 3. upgrading:

(4) for the maintenance of secondary data structure 4:

Its maintenance is used and is set up storing process with the same method analogy of secondary data structure 2 and solve, and only piece has changed object into, and the processing of writing down in the piece has been become processing to j class formation in the object, and the division of piece and merging have become the division and the merging of object.Concrete steps are as follows:

Ii calls a storing process, and this storing process receives the prefix ciphertext collection (not comprising filler, down together) of plain as parameter, and iii carries out according to the following steps:

Iii. retrieve that object of level number minimum in the x table with SQL statement, if it is g, j class formation is wherein pressed the ord2 value to be arranged from small to large from left to right, become an ordered set s, find out the j class formation elr that keeps right most that its el value is concentrated in the prefix ciphertext of plain then, find out the j class formation erl that keeps left most (rightmost j class formation being considered as erl) that the er value is concentrated in the prefix ciphertext of plain among the s again as not existing then, then (filler of plain is considered as maximal value to the size of plain when comparing, down with) or be in (open interval between the eb value of the eb value of the elr j class formation lb adjacent with its left side, if there is no elr does not then have this), be between the eb value of adjacent j class formation rb on the eb value of erl and its right (open interval is the eb value greater than erl if erl does not have the adjacent j class formation on the right).All j class formations of the subobject of the adjacent j class formation lb in the left side of elr are taken out, ascending order by ord2 is arranged from left to right, (if there is no lb or lb do not have subobject to constitute an ordered set sl, then do not carry out this step), replace all j class formations on the elr left side among the s with this ordered set, and replace the el value of elr with the ep value of the maximum j class formation of ord2 value in this subobject; All j class formations of the subobject of erl are taken out, arrange in the same way, constitute an ordered set sr in the same way, the el item that replaces leftmost j class formation among the sr with the el item of erl, again the sr set is replaced erl, and replace the el item of the right adjacent j class formation rb of former erl with the value of the ep item of the maximum j class formation of ord2 value in this subobject, remove all j class formations (then not carrying out this step) on rb the right simultaneously as there not being rb.Finish after above two steps, newer ordered set is regarded as s, do similar operation again, so go down, till all replacement operations all can not be carried out again.To concentrate the elr find at last s, rb asks the minimum descendants j class formation of its eb value (then just taking from body as if sin prole superstite) to replace they self.Then new j class formation is one deck position of inserting or in the object at the lbj class formation place that last s concentrates and after its ord2 value after inserting ord2 value that should be right after at lb in the end, otherwise with erl in same target and after the ord2 value that should be right after of the ord2 value after its insertion at erl.This storing process returns last elr (after the replacement, down with), lb, erl, rb (after the replacement, down with) and all ancestors j class formations thereof.Simultaneously, this storing process calculates as inserts with this dual mode respectively, how whole secondary data structure is adjusted by the adjustment mode after the insertion of similar auxiliary data knot 3, and press the er of which j class formation after the defined analysis adjustment, ep, the el field need be reset, and will adjust mode, these j class formations and inserting, the adjacent fraternal j class formation of adjusted possible same layer returns together that (all j class formations that return all need indicate the Position Number at its place in each object, and the existing j class formation number of place object), calculate adjusted new er by middleware, el, the ep value.

Iv. middleware calculates the plaintext of the eb field of elr, lb, erl, rb, see that plain (not comprising filler) is between the plaintext (not comprising filler) that is in the eb item of lb and elr (open interval), still be between the plaintext (not comprising filler) of the eb item of erl and rb (open interval), or the plain plaintext (remove filler after relatively) that equals the eb item of erl equals the plaintext (remove filler after relatively) of the eb item of elr; As if between the plaintext of the eb item that is in lb and elr (not comprising filler), then should in the same target of lb and after lb, insert a j class formation, the eb item of the j class formation that inserts is encrypted after filling with integer 1 for the plain back again, and the insertion in the setting of other field and the secondary data structure 3 is similar; As if between the plaintext of the eb item that is in erl and rb (not comprising filler), then should in the same target of erl and after erl, insert, the eb item of the j class formation that inserts is that plain fills the back encryption with integer 1, and the insertion in the setting of other field and the secondary data structure 3 is similar; If the 3rd kind of situation, then should in the same target of erl and after erl, insert, if the filler of erl is erlt, then the eb item of the j class formation of Cha Ruing is that plain fills the back encryption with (erlt+1), and the insertion in the setting of other field and the secondary data structure 3 is similar.Behind the position of determining to insert, the adjustment of the secondary data structure that middleware causes after determine inserting again and er, ep, the el value that need reset, and finish the work of reseting of corresponding insertion, adjustment (set-up procedure all fours and secondary data structure 3 that it causes because of insertion) and er, el, ep field as storing process of parameter call with the position of these values and insertion, the method for adjustment.

V. middleware inserts ciphertext field in the statement is changed to the j class formation that inserts in the last one deck of secondary data structure eb value with the SQL that is blocked, and the SQL statement that execution is blocked also returns to the user with execution result.

Vi. middleware will the value of the ref field of the j class formation of last one deck insertion be made as the record that has just inserted in the sensing a table in the x table.

Maintenance when 2. deleting: the maintenance during deletion: when application program will be in table a the ciphertext value of a corresponding ciphertext field m of deletion when being the record of c, after the odbc middleware is caught this operation, attended operation in the time of just will deleting is embedded in the affairs at this deletion action place, so that delete a j class formation and whole secondary data structure is made certain adjustment in certain object of last one deck that x shows.Ciphertext value c is meant with the ciphertext value after the storage key encryption of database.

Ii calls a storing process, and this storing process is carried out in database server side, and it receives the prefix ciphertext collection of plaintext (not comprising filler) of c and c itself as parameter, and iii execution according to the following steps:

Iii. retrieve all j class formations among that object g of level number minimum in the x table with SQL statement, j class formation among the g is arranged from small to large from left to right by its eb value, become an ordered set s, find out the j class formation elr that keeps right most that its el value is concentrated in the prefix ciphertext of the plaintext (not comprising padding sequence) of c or its eb value equals c then, find out er value among the s again and concentrate or equal the j class formation erl that keeps left most (rightmost j class formation being considered as erl) of c in the prefix ciphertext of the plaintext (not comprising padding sequence) of c as not existing then, the size of c or be in (closed interval between the eb value of the eb value of the elr j class formation lb adjacent then with its left side, if there is no elr does not then have this), be in (closed interval between the eb value of adjacent j class formation rb on the eb value of erl and its right, if there is not the adjacent record on the right in erl, then this changes " greater than the eb value of erlj class formation " into).The subobject of the adjacent j class formation lb in the left side of elr is taken out (if its no subobject or do not have elr and then do not carry out this step), its j class formation is pressed their series arrangement in array, constitute an ordered set sl, all j class formations that replace the elr left side among the s with this ordered set, and with the el value (, then do not carry out this and get subobject and step of replacing) of the ep value replacement elr of the maximum j class formation of eb value in this subobject if the eb value of elr is c; The subobject of erl is taken out, arrange in the same way, constitute an ordered set sr, the el value that replaces the most left j class formation among the sr with the el value of erl, and with this ordered set replacement erl, and replace the el item of the right adjacent record rb of former erl with the value of the ep item of the maximum j class formation of eb value in this subobject, remove all j class formations (then not carrying out this step) on rb the right simultaneously as there not being rb.Finish after the above step, newer ordered set is regarded as s, do similar operation again, so go down, till all replacement operations all can not be carried out again.Then concentrating at last s to find the eb item to equal the j class formation of c.If this j class formation is p, with p in the end the minimum descendants j class formation of the eb value in one deck replace p, if p in the end descendants's (and level number is a maximal value) j class formation of the eb value maximum of the left side brother j class formation concentrated of s is pl, the eb value of the fraternal j class formation on the right is pr for minimum descendants's (and level number is a maximal value) j class formation, then return p, pl and pr and their all ancestors j class formations (all j class formations that return all need indicate the Position Number at its place in each object, and the existing j class formation number of place object).Simultaneously, the adjustment that is similar to secondary data structure 3 that needs are done secondary data structure 4 according to deleting p of this storing process, extrapolate which j class formation and after adjustment, need reset its er, el, the ep value, and these j class formations and this storing process know by inference in deletion, adjust the adjacent fraternal j class formation of same layer of these j class formations of back, and the adjustment mode returns to middleware, and (all j class formations that return all need indicate the Position Number at its place in each object, and the existing j class formation number of place object), calculate adjusted new er by middleware, el, the ep value.

Iv. the value returned according to this storing process of middleware calculates ep, el, the er value that needs are reset after the adjustment and calls another storing process and delete the eb value be his similar and adjustment secondary data structure 3 of Xingqi of going forward side by side of the j class formation of c in last one deck of secondary data structure, and is provided with and needs el, er and the ep value reset after the adjustment.

Maintenance when 3. upgrading:

When application program will be upgraded the value of m field of a record in table a, if the former ciphertext value of this field is x, the plaintext of new value is nm, after then this statement is tackled by middleware, operation below then this middleware inserts in the affairs at corresponding operation place: carrying out with deletion m field ciphertext value earlier is the identical secondary data structure maintenance work of record of x, carrying out with adding m field plaintext value again is the identical secondary data structure maintenance work of record of nm, treat again the statement of intercepting and capturing to be let pass after these steps are finished smoothly, and the result that will carry out returns to application program.Realize L+1 time to 4L+1 time mutual (L is the number of plies altogether of secondary data structure) between this action need middleware and the database server, but because the foundation of the gathering index of the particular design of secondary data structure and secondary data structure, these can be finished rapidly alternately.

(2) inquiry of ciphertext

The inquiry of ciphertext is by middleware, uses secondary data structure to realize.Wherein, residing position of middleware and description are identical with safeguarding in the step of above-mentioned secondary data structure.

Inquiry for the ciphertext of secondary data structure 1: when the range of condition search request that contains ciphertext field m among the his-and-hers watches a in the query sentence of database that application program sends, as: (a and b are when sending middleware server to by application program for m between a and b, with the secret key encryption that consults in advance, middleware obtains after it deciphering again for expressly) time, middleware is tackled it, insert following plurality of data storehouse action statement in same affairs: it retrieves " floor " earlier number is that piece that one deck comprised of minimum, the plaintext of judging the eb value which record is wherein arranged is between a and b, if there is not such record, the value that then finds eb wherein less than a and the record that approaches a most (relatively the time, the padding sequence of a is considered as minimum value 0, the padding sequence of b is considered as maximal value, down together), retrieve the sub-piece of this record again, again this sub-piece is done similar processing, so go down, up to there being a p plaintext scope of its eb value of record more than 1 or 1 wherein to be arranged between a and b value, if ord2 value minimum is recorded as t in these records, its ord2 value is u, the ord2 value is maximum is recorded as m, its ord2 value is v, then the record of ord2 value between u and v-1 (closed interval) pressed p.eb=w.et with the record among following one deck w (level number is bigger by 1 than the level number of p) among the p, mode construct a join condition, and then will descend the record among following one deck y (level number is bigger by 2 than the level number of p) of one deck and following one deck to construct a join condition by the mode of w.eb=y.et, so go down, to the last being connected to level number is the peaked layer of record among the z, construct a join condition with the record among the z with the record among the table a by the mode of z..eb=a.m again, so can construct a sql statement sql1 who connects inquiry, can retrieve record among most of qualified a with it; If the ord2 value is for being recorded as g (if there is no than ord2 maximum in the little record of u among the p, then do not carry out this step), the plaintext of its eb value is gebp, the ord2 value is the d that is recorded as of v among the p, the plaintext of its eb value is debp, then all descendants's pieces of all the descendants's pieces of g and d are regarded as two other secondary data structure respectively, the utilization said method of recurrence, then can obtain maximum 2L-1 (L is the number of plies altogether of secondary data structure) bar sql statement, with these sql statements and get up, become a sql statement, retrieve all records that satisfy condition among the table a by this statement again.Realize this inquiry need between middleware and the database server L+1 time mutual, but because the foundation of the gathering index of the particular design of secondary data structure and secondary data structure, can finish rapidly alternately for preceding L time.

Because in the sql of database language, connect the nested query of inquiring about the also available in of containing statement or the expression such as correlated subquery that contain exist, can be expressed as where a.m in (select eb from x where f (x)) or where exist (select*from x where x..eb=a.m and f (x)) as where a.m=x.eb and f (x) (f (x) represents the condition restriction to record in the x table with the sql language performance), so, above-mentioned connection inquiry is meant sensu lato connection inquiry, comprises other and the operation that connects the inquiry equivalence.

Inquiry for the ciphertext of secondary data structure 2: draw a and b separately 4 records series in secondary data structure respectively with the method to the maintenance of data structure 2 of being similar to earlier, be not difficult to draw size residing position in the bn of each level of secondary data structure item of a and b again with these sequences, thereby the correlation parameter of acquisition needs, thereby construct corresponding sql statement with above-mentioned method construct range query sql statement.

Inquiry for the ciphertext of secondary data structure 3: similar with the cryptogram search of secondary data structure 1, only the equivalence between the field is connected ref field that the ref attribute that becomes object a carries out the table that unnest operation back forms and carry out equivalence with the result who gets the ref Value Operations of object b and connect.If for example secondary data structure a table has only two-layer, then being connected among object-relationship type oracle between the ground floor and the second layer can be expressed as select ... from a as al, a asa2, unnest (al.j-array) as a3where a3.ref=ref (a2) and al.ord1=1 and f (a3).F (a3) table is without the condition restriction to j class formation in the object of sql language performance.

Inquiry for the ciphertext of secondary data structure 4: draw a and b separately 4 j class formation sequences in secondary data structure respectively with the method to the maintenance of data structure 2 of being similar to earlier, be not difficult to draw size residing position in the bn of each level of secondary data structure item of a and b again with these sequences, thereby obtain the correlation parameter of needs, thereby construct corresponding sql statement with the querying method structure range query sql statement of the ciphertext of above-mentioned secondary data structure 3.

The concrete steps of cryptogram search following (following has illustrated the disposition in the between query statement, and this is the most complicated, can use step still less and handles and finish with identical technology in＞query statement and＜query statement):

(1) in the sql query statement that application program sends, contains the condition query requirement of ciphertext field m among the his-and-hers watches a, as: (a and b are when sending middleware server to by application program for m between a and b, with the secret key encryption that consults in advance, middleware obtains after it deciphering again for expressly) time, middleware is tackled it, in same affairs, carry out following operation: 1, with the step in the similar above-mentioned secondary data structure maintenance, determine that a and b are in each layer of secondary data structure, (filler of a is considered as minimum value 0 to its size when comparing, the filler of b is considered as maximal value) be in which two with (first step between layer eb value of adjacent records (or j class formation) with above-mentioned insertion or deletion, find the record r or the j class formation r of corresponding plaintext value a or the b correspondence in each layer, find out the adjacent brother's record of same layer of the r bigger again or with the adjacent j class formation r ' of layer than the eb value of r, then corresponding r in each layer and r ' promptly are that institute asks, if there is not such r ' in b at the r of x layer correspondence, a r ' then is set, other field of this r ' is identical with the r in this layer, but its ord2 value is bigger by 1 than the ord2 value of this r), establish a and be in a1 at the i layer _iAnd a2 _iTwo with between the adjacent brother's record of layer (or j class formation) (i is the arbitrary value from minimum level number to (closed interval) the maximum level number); 2, establish b and be in b1 at the i layer _iAnd b2 _iBetween two same adjacent brother's records of layer (or j class formation), the maximum level number of establishing secondary data structure is max, if secondary data structure 3,4 is established a1 _iThe object at place be cited as refa1 _i, a2 _iThe object at place be cited as refa2 _i, b1 _iThe object at place be cited as refb1 _i, b2 _iThe object at place be cited as refb2 _i, then construct the sql statement that carries out efficient cryptogram search according to the following steps:

(2) find minimum k, make when i＞=k two tuple (a1 _i, a2 _i) be not equal to (b1 _i, b2 _i);

(3) structure sql statement sql1=select x _Max.eb from x as x _k, x as x _K+1, x as x _Max-1, x as x _MaxWhere x _k.ord1=k, x _K+1.ord1=k+1 ..., x _Max.ord1=max and x _k.eb=x _K+1.et and x _K+1.eb=x _K+2.etand ... and x _Max-1.eb=x _Max.et and x _k.ord2 between a2 _k.ord2 and (b1 _k.ord2-1) and x _k.et=a2 _k.et, (if secondary data structure 3 or 4, then corresponding sql statement becomes select xj for sql1 to establish it _Max.ref from xas x _k, unnest (x _kJ-array) as xj _k, x as x _K+1, unnest (x _K+1.j-array) as xj _K+1, x as x _Max-1, unnest (x _Max-1.j-array) as xj _Max-1, x as x _Max, unnest (x _Max.j-array) as xj _MaxWherexj _k.ref=ref (x _K+1) and xj _K+1.ref=ref (x _K+2) and ... and xj _Max-1.ref=ref (x _Max) and xj _k.ord2 betweena2 _k.ord2and (b1 _k.ord2-1) and refb1 _k=ref (x _k)) (if k equals the level number of last one deck, then between statement wherein becomes x _k.ord2 between a2 _k.ord2 and b1 _k.ord2 or xj _k.ord2 between a2 _k.ord2 andb1 _k.ord2);

(4) if k＜max constructs sql statement select x _Max.eb from x as x _K+1, x as x _K+2, x as x _Max-1, x asx _MaxWhere x _K+1.ord1=k+1, x _K+2.ord1=k+2 ..., x _Max.ord1=max and x _K+1.eb=x _K+2.et andx _K+2.eb=x _K+3.et and ... and x _Max-1.eb=x _Max.et and x _K+1.ord2＞a1 _K+1.ord2 and x _K+1.et=al _k.eb (if secondary data structure 3,4 then is select xj _Max.ref from x as x _K+1, unnest (x _K+1.j-array) as xj _K+1, x as x _K+2, unnest (x _K+2.j-array) as xj _K+2, x as x _Max-1, unnest (x _Max-1.j-array) as xj _Max-1, x as x _Max, unnest (x _Max.j-array) as xj _MaxWhere xj _K+1.ref=ref (x _K+2) and xj _K+2.ref=ref (x _K+3) and ... andxj _Max-1.ref=ref (x _Max) and xj _K+1.ord2＞al _K+1.ord2 and refa1 _K+1=ref (x _K+1)), establish it and be sql2, make sql1=(sql1) UNION (sql2);

(5) if k＜max constructs sql statement select x _Max.eb from x as x _K+1, x as x _K+2, x as x _Max-1, x asx _MaxWhere x _K+1.ord1=k+1, x _K+2.ord1=k+2 ..., x _Max.ord1=max and x _K+1.eb=x _K+2.et andx _K+2.eb=x _K+3.et and ... and x _Max-1.eb=x _Max.et and x _K+1.ord2＜b1 _K+1.ord2 and x _K+1.et=b1 _k.eb (if secondary data structure 3 or 4 then are select xj _Max.ref from x as x _K+1, unnest (x _K+1.j-array) as xj _K+1, x asx _K+2, unnest (x _K+2.j-array) as xj _K+2, x as x _Max-1, unnest (x max-1.j-array) as xj _Max-1, x as x _Max, unnest (x _Max.j-array) as xj _MaxWhere xj _K+1.ref=ref (x _K+2) and xj _K+2.ref=ref (x _K+3) and ... andxj _Max-1.ref=ref (x _Max) and xj _K+1.ord2＜b1 _K+1.ord2 and refb1 _K+1=ref (x _K+1)) (if k+1 equals the level number of last one deck, then wherein＜statement becomes x _K+1.ord2＜=b1 _K+1.ord2 or xj _K+1.ord2＜=b1 _K+1.ord2), establish it and be sql12, make sql1=(sql1) UNION (sql2);

(6), jump to step (4) and continue to carry out if k＜max-1 then makes k=k+1; If k=max-1, then execution in step (6);

(7) the ciphertext range query condition m between a and b in the prototype statement is replaced (if secondary data structure 3 or 4 then use ref (a) in (sql1) to replace) with m in (sql1);

(8) amended sql statement is carried out, and the deciphering of the m field among the result after will carrying out, the secret key encryption with the user sends the user again to.

The database manipulation that relates in the step of above-mentioned cryptogram search is all in same affairs.Because equivalent inquiry is a kind of special range query, so can use the method for above-mentioned cryptogram search to be achieved easily.

Five. the supplementary notes of embodiment

1. the present embodiment step does not have error handling processing, but the professional and technical personnel can be easy to it is added, and occurring in a database manipulation usually needs report an error with the transaction rollback at its place and to user side when wrong.

2. the listed class sql statement of present embodiment is in order to say something, and incomplete standard compliant sql morphology and grammar request, but the professional and technical personnel can be easy to write out the program of the sql statement that can produce compliant according to they expressed methods.

3. present embodiment is described is general disposal route, can be different according to concrete data base management system (DBMS) or its details of programmed environment or expression way, but the professional and technical personnel can be easy to write out the program that can use according to its expressed method in concrete environment.

4. for sake of convenience, present embodiment hypothesis desire realizes that the type of the data of cryptogram search is a unsigned int, but its method is applicable to any data type, only needs its operation changed a little according to concrete data type to get final product.

Claims

1. the method for a database cryptogram search is characterized in that a kind of method of utilizing the quick cryptogram search of secondary data structure fulfillment database, and it comprises sets up secondary data structure, safeguards secondary data structure and carry out the step of cryptogram search, specific as follows:

(1) set up secondary data structure:

Its step comprises:

(a) at least with one in database table storage,

(2) safeguard secondary data structure:

The steps include: the field of needs realization cryptogram search is made amendment, when comprising insertion, deletion, renewal, should be according to modification requirement to database, by the inquiry of secondary data structure being determined and being carried out its attended operation, utilize the transaction management mechanism assurance database of database and consistance, the integrality of secondary data structure simultaneously

(3) carry out cryptogram search:

At least contain following step:

2. the method for database cryptogram search as claimed in claim 1 is characterized in that: safeguarding secondary data structure or carrying out in the step of cryptogram search, using the middleware between data base management system (DBMS) and user.

3. the method for database cryptogram search as claimed in claim 2 is characterized in that: carrying out cryptogram search when using middleware to carry out database manipulation, comprise the steps: at least

(1) interception user's data library inquiry request,

(2) analyze this data base querying request,

4. the method for database cryptogram search as claimed in claim 3, it is characterized in that: database manipulation is in a db transaction.

5. the method for database cryptogram search as claimed in claim 2 is characterized in that: safeguard when secondary data structure uses middleware to carry out database manipulation, comprise the steps: at least

(1) request is revised in interception user's data storehouse,

(2) analyze this database modification request,

6. the method for database cryptogram search as claimed in claim 5, it is characterized in that: database manipulation is to be arranged in the db transaction with user's data storehouse retouching operation.

7. the method for database cryptogram search as claimed in claim 1 is characterized in that: safeguarding secondary data structure or carrying out using storing process in the step of cryptogram search.

8. the method for database cryptogram search as claimed in claim 7 is characterized in that: transmit a functional value at least as parameter in storing process, at least one calculating of the plaintext of the number that this functional value should transmit according to the user gets.

9. the method for database cryptogram search as claimed in claim 1 is characterized in that: finish set up secondary data structure after, should at least one table of secondary data structure, set up and assemble index.

10. the method for database cryptogram search as claimed in claim 1 is characterized in that: the table that secondary data structure and corresponding desire are implemented cryptogram search is to be based upon in the same database.