WO2022206502A1 - 访问数据库的方法和装置 - Google Patents

访问数据库的方法和装置 Download PDF

Info

Publication number
WO2022206502A1
WO2022206502A1 PCT/CN2022/082450 CN2022082450W WO2022206502A1 WO 2022206502 A1 WO2022206502 A1 WO 2022206502A1 CN 2022082450 W CN2022082450 W CN 2022082450W WO 2022206502 A1 WO2022206502 A1 WO 2022206502A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
encrypted data
database
encrypted
kernel
Prior art date
Application number
PCT/CN2022/082450
Other languages
English (en)
French (fr)
Inventor
程琨
郭亮
朱金伟
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to EP22778685.2A priority Critical patent/EP4280092A4/en
Publication of WO2022206502A1 publication Critical patent/WO2022206502A1/zh
Priority to US18/478,977 priority patent/US20240028759A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/242Query formulation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/242Query formulation
    • G06F16/2433Query languages
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Definitions

  • the present application relates to the technical field of data processing, and more particularly, to a method and apparatus for accessing a database.
  • the present application provides a method and apparatus for accessing a database, which can ensure data security during the interaction between a user and the database, and effectively reduce performance overhead.
  • a method for accessing a database including: receiving an encrypted data calculation request sent by a database kernel, the encrypted data calculation request being used to request the calculation of encrypted data of a user, and the database kernel.
  • Running in a non-secure execution environment receiving encrypted data sent by the database kernel, where the encrypted data is all encrypted data in the user query request; in response to the encrypted data calculation request, decrypt and calculate the encrypted data to obtain Calculate the result; encrypt the calculation result to obtain the encrypted calculation result; send the encrypted calculation result to the database kernel.
  • the method for accessing a database by sending encrypted data to a module in a trusted execution environment, avoids frequent switching between the trusted execution environment and the non-secure execution environment when requesting data and transmitting data, and reduces performance overhead;
  • the encrypted data is sent to the module in the trusted execution environment before the encrypted data calculation is performed, so that there is no need to request the data in the non-secure execution environment during the encrypted data calculation process, so as to avoid leaking the access mode of the data during the execution process.
  • receiving encrypted data sent by the database kernel includes: receiving a data characteristic value sent by the database kernel, where the data characteristic value is used to indicate the encrypted data; When the data characteristic value is not queried in the data center, the first feedback is sent to the database kernel; the encrypted data sent by the database kernel in response to the first feedback is received.
  • the method further includes: decrypting the encrypted data to obtain plaintext data; marking the plaintext data with a data feature value and storing the plaintext data; Add cache records.
  • receiving encrypted data sent by the database kernel includes: receiving a data characteristic value sent by the database kernel, where the data characteristic value is used to indicate the encrypted data; When the data characteristic value is queried in the data center, the second feedback is sent to the database kernel; the plaintext data corresponding to the data characteristic value is obtained from the stored plaintext data according to the data characteristic value, and the plaintext data is the decrypted data of the encrypted data.
  • the method for accessing the database in the embodiment of the present application decrypts the encrypted data and caches it in the TEE.
  • the encrypted data needs to be calculated again within a certain period of time, it is not necessary to transmit and decrypt the encrypted data again, which further reduces the performance overhead.
  • the method further includes: receiving an identity authentication request forwarded by the database kernel, where the identity authentication request is initiated by a database client running in a non-secure execution environment send the identity authentication information to the database kernel; receive the encrypted data calculation request sent by the database kernel, and the encrypted data calculation request is sent after passing the authentication based on the identity authentication information.
  • the method for accessing a database verifies the validity of the trusted execution environment before data transmission, thereby preventing illegal programs or attackers from stealing user data by counterfeiting the trusted execution environment, and ensuring user data security.
  • the method further includes: receiving a user's data key forwarded by the database kernel, where the data key is encrypted by an ECDH algorithm; generating a verification key and encrypting the data key according to the data key and decryption key and initial vector value; receive encrypted data sent by the database kernel; verify the integrity of each piece of data in the encrypted data according to the verification key.
  • the encrypted data is data that has passed the integrity check.
  • decrypting and calculating the encrypted data according to the encrypted data calculation request includes: performing encryption on each piece of data in the encrypted data according to the encryption and decryption key and the initial vector value. Decryption to obtain the plaintext data corresponding to each piece of data; call the operator according to the encrypted data calculation request to calculate the plaintext data corresponding to each piece of data.
  • encrypting the calculation result includes: encrypting the calculation result according to the encryption and decryption keys and the initial vector value.
  • the security of the user's data can be further ensured.
  • the method further includes: setting a timer; based on the timer exceeding a first preset time or receiving an exit request initiated by the database client forwarded by the database kernel: clearing Encrypted data, authentication keys, encryption and decryption keys, and initial vector values.
  • the method further includes: using an intermediate adaptation layer to connect with the underlying hardware platform.
  • a method for accessing a database is provided, the method is executed in a non-secure execution environment, and includes: sending an encrypted data calculation request to a ciphertext operation module, the encrypted data calculation request is used for requesting to calculate the encrypted data of the user, and the encrypted data
  • the text computing module runs in a trusted execution environment; sends encrypted data to the cipher text computing module, and the encrypted data is all encrypted data in the user query request; receives the encrypted calculation result sent by the cipher text computing module.
  • sending encrypted data to the ciphertext operation module includes: sending a data characteristic value to the ciphertext operation module, where the data characteristic value is used to indicate the encrypted data; receiving the first A feedback, the first feedback indicates that the ciphertext operation module does not query the data characteristic value in the cache record; the encrypted data is sent to the ciphertext operation module.
  • sending encrypted data to the ciphertext operation module further includes: sending a data characteristic value to the ciphertext operation module, where the data characteristic value is used to indicate the encrypted data; receiving The second feedback indicates that the ciphertext operation module has queried the data feature value in the cache record.
  • a device for accessing a database is provided, the device is set in a trusted execution environment, and the device includes: a transceiver module for receiving an encrypted data calculation request sent by a database kernel, and the encrypted data calculation request is used for requesting calculation of a user's encrypted data; the transceiver module is further configured to receive encrypted data sent by the database kernel, where the encrypted data is all encrypted data in the user query request; the execution module, in response to the encrypted data calculation request, is used to decrypt the encrypted data and calculation to obtain the calculation result; the execution module is also used for encrypting the calculation result to obtain the encrypted calculation result; the transceiver module is also used for sending the encrypted calculation result to the database kernel.
  • the transceiver module receives encrypted data sent by the database kernel, including: the transceiver module is further configured to receive a data feature value sent by the database kernel, and the data feature value is used to indicate the Encrypted data; when the execution module does not query the data characteristic value in the cache record, the transceiver module is further configured to send the first feedback to the database kernel; the transceiver module is further configured to receive encrypted data sent by the database kernel in response to the first feedback .
  • the execution module is further used to decrypt the encrypted data to obtain plaintext data; the execution module is also used to mark the plaintext data with the data feature value and store the plaintext data; execute The module is also used for adding the data characteristic value to the cache record.
  • the transceiver module receives the encrypted data sent by the database kernel, and further includes: the transceiver module is further configured to receive the data feature value sent by the database kernel, and the data feature value is used to indicate the the encrypted data; when the execution module queries the data characteristic value in the cache record, the transceiver module is also used to send the second feedback to the database kernel; the transceiver module is also used to obtain the data characteristic value from the stored plaintext data according to the data characteristic value The plaintext data corresponding to the data characteristic value, and the plaintext data is the decrypted data of the encrypted data.
  • the transceiver module is further configured to receive an identity authentication request forwarded by the database kernel, the identity authentication request is initiated by the database client, and the database client runs in a non-secure execution environment;
  • the transceiver module is further configured to send the identity authentication information to the database kernel;
  • the transceiver module is further configured to receive an encrypted data calculation request sent by the database kernel, and the encrypted data calculation request is sent after passing the authentication based on the identity authentication information.
  • the transceiver module is also used to receive the user's data key forwarded by the database kernel, and the data key is encrypted by the ECDH algorithm; the execution module is also used to generate the data key according to the data key.
  • a verification key, an encryption and decryption key, and an initial vector value; the transceiver module is further configured to receive the encrypted data sent by the database kernel; the execution module is further configured to perform an analysis on each piece of data in the encrypted data according to the verification key integrity check.
  • the encrypted data is data that has passed the integrity check.
  • the execution module decrypts and calculates the encrypted data according to the encrypted data calculation request, including: performing encryption and decryption on each of the encrypted data according to the encryption and decryption key and the initial vector value.
  • the data is decrypted to obtain the plaintext data corresponding to each piece of data; the operator is called according to the encrypted data calculation request to calculate the plaintext data corresponding to each piece of data.
  • the execution module encrypts the calculation result, including: encrypting the calculation result according to the encryption and decryption keys and the initial vector value.
  • the device further includes a timer, based on the timer exceeding the first preset time or the transceiver module receiving an exit request initiated by the database client and forwarded by the database kernel: the execution module Also used to clear encrypted data, authentication keys, encryption and decryption keys, and initial vector values.
  • the transceiver module and the execution module are connected to the underlying hardware platform by using an intermediate adaptation layer.
  • the intermediate adaptation layer module is adapted to the programming interfaces provided by different TEEs, the functional modules in the TEEs can be seamlessly migrated between different computing platforms, even for secondary development.
  • a device for accessing a database is provided, the device is set in a non-secure execution environment, and includes: a transceiver module for sending an encrypted data calculation request to a ciphertext operation module, and the encrypted data calculation request is used to request a calculation user
  • the encrypted data ciphertext operation module runs in a trusted execution environment; the transceiver module is also used to send encrypted data to the ciphertext operation module, and the encrypted data is all encrypted data in the user query request; the transceiver module is also used to receive The encrypted calculation result sent by the ciphertext operation module.
  • the transceiver module sends encrypted data to the ciphertext operation module, which is specifically used for: sending a data characteristic value to the ciphertext operation module, where the data characteristic value is used to indicate the encryption data; receive first feedback, the first feedback indicates that the ciphertext operation module does not query the data characteristic value in the cache record; send encrypted data to the ciphertext operation module.
  • the transceiver module sends encrypted data to the ciphertext operation module, which is specifically used for: sending a data characteristic value to the ciphertext operation module, where the data characteristic value is used to indicate the encryption data; receiving second feedback, the second feedback indicates that the ciphertext operation module has queried the data characteristic value in the cache record.
  • a fifth aspect provides a data processing device, characterized in that it includes a database kernel deployed in a non-secure execution environment and a data processing module deployed in a trusted execution environment, where the data processing module is configured to execute the above-mentioned first step.
  • a computer-readable storage medium is characterized by comprising instructions; the instructions are used to implement the method in any one of the implementation manners of the first aspect and the second aspect.
  • a chip in a seventh aspect, obtains an instruction and executes the instruction to implement the method for accessing a database in any one of the implementation manners of the first aspect and the second aspect.
  • the chip includes a processor and a data interface
  • the processor reads the instructions stored in the memory through the data interface, and executes any one of the implementation manners in the first aspect and the second aspect above. Methods to access the database.
  • the chip may further include a memory, the memory stores an instruction, the processor is used to execute the instruction stored on the memory, and when the instruction is executed, the processor is used to execute the above-mentioned No.
  • FIG. 1 is a schematic diagram of the architecture of a computing device of the present application.
  • FIG. 2 is a schematic block diagram of the system architecture of the present application.
  • Fig. 3 is the flow chart of the method for accessing database of the present application.
  • FIG. 4 is a schematic flowchart of a method for accessing a database of the present application.
  • FIG. 5 is an architecture diagram of a specific application of the method for accessing a database of the present application
  • FIG. 6 is a schematic block diagram of an identity authentication process in the method for accessing a database of the present application
  • FIG. 7 is a schematic block diagram of an exit process in the method for accessing a database of the present application.
  • FIG. 8 is a schematic block diagram of an apparatus for accessing a database of the present application.
  • Database kernel Also known as database engine, it is a collection of core functions that complete database management system (DBMS) operations on data.
  • the database kernel includes five parts: parser, planner, optimizer, executor and storage engine.
  • the parser parses the structured query language (SQL) input by the database user for lexical and grammatical analysis, and judges the user's query intention;
  • the planner generates the corresponding execution plan according to the parsing results of the statement;
  • the optimizer The preliminary generated execution plan is optimized to efficiently complete the operation requested by the user;
  • the executor performs specific execution according to each operation step in the plan according to the optimized execution plan, and obtains the result required by the user;
  • the storage engine is responsible for the above process. Functions such as reading and writing and indexing, thereby providing input and output capabilities for other functional components.
  • Query request One or a group of SQL statements entered by the user.
  • Operator Also known as calculation primitive, operator is the most basic and direct technical operation of data operation, such as comparison operators (>, ⁇ , ⁇ , ⁇ ), mathematical operators (+, -, %), logical relational operations (and, or, not) etc.
  • Remote attestation In view of the fact that sensitive and confidential data is usually processed in the trusted execution environment (TEE), in cloud computing and other application scenarios, when users request computing services in the TEE on a remote server, it is difficult to obtain the data. Know whether the service is running on a real, trusted (legitimate) computing platform or in an environment crafted by an attacker (illegal). In order to protect the security of user confidential data and identify the authentic and credible TEE environment, the computing or service function in the TEE can prove its legality to remote users through remote attestation, using the certificate chain signed by the key endorsed by the hardware platform (manufacturer). sex.
  • Session ID is a way that a computer system (usually a server) can identify and track the behavior of an individual user during any particular session.
  • RSA algorithm one of the most widely used public key cryptosystems, RSA is the initials of the surnames of the three proposers.
  • HKDF Key Derivation Function
  • FIG. 1 is a schematic structural diagram of a computing device 100 provided by an embodiment of the present application.
  • the computing device 200 may be a server or a computer or other device with computing capabilities.
  • the computing device 100 shown in FIG. 1 includes: at least one processor 110 and a memory 120 .
  • the processor 110 executes the instructions in the memory 120, so that the computing device 100 implements the method for accessing a database provided by the present application, for example, implements the steps performed by an apparatus for accessing a database.
  • the processor 110 executes the instructions in the memory 120, so that the computing device 100 implements the apparatus for accessing the database provided in the present application, for example, implements each functional module included in the apparatus for accessing the database.
  • the computing device 100 further includes a system bus, wherein the processor 110 and the memory 120 are respectively connected to the system bus.
  • the processor 110 can access the memory 120 through the system bus, for example, the processor 110 can perform data reading and writing or code execution in the memory 120 through the system bus.
  • the system bus is a peripheral component interconnect express (PCI) bus or an extended industry standard architecture (EISA) bus or the like.
  • PCI peripheral component interconnect express
  • EISA extended industry standard architecture
  • the system bus is divided into an address bus, a data bus, a control bus, and the like. For ease of presentation, only one thick line is used in FIG. 1, but it does not mean that there is only one bus or one type of bus.
  • the function of the processor 110 is mainly to interpret the instructions (or code) of the computer program and process the data in the computer software.
  • the instructions of the computer program and the data in the computer software can be stored in the memory 120 or the cache 116 .
  • the processor 110 may be an integrated circuit chip with signal processing capability.
  • the processor 110 is a general-purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), an off-the-shelf programmable gate array (FPGA) ) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
  • the general-purpose processor is a microprocessor or the like.
  • the processor 110 is a central processing unit (CPU).
  • each processor 110 includes at least one processing unit 112 and a memory control unit 114 .
  • the processing unit 112 also referred to as a core or core, is the most important component of the processor.
  • the processing unit 112 is manufactured from monocrystalline silicon by a certain production process, and all calculations, receiving commands, storing commands, and processing data of the processor are performed by the core.
  • the processing units run program instructions independently, and use the capability of parallel computing to speed up the running speed of the program.
  • Various processing units have fixed logical structures.
  • the processing units include logic units such as a first-level cache, a second-level cache, an execution unit, an instruction-level unit, and a bus interface.
  • the memory control unit 114 is used to control the data interaction between the memory 120 and the processing unit 112 . Specifically, the memory control unit 114 receives a memory access request from the processing unit 112 and controls access to the memory based on the memory access request.
  • the memory control unit is a device such as a memory management unit (memory management unit, MMU).
  • each memory control unit 114 performs addressing to the memory 120 through the system bus.
  • an arbiter (not shown in the figure) is configured in the system bus, and the arbiter is responsible for processing and coordinating the competing accesses of the multiple processing units 112 .
  • the processing unit 112 and the memory control unit 114 are communicatively connected through a connection line inside the chip, such as an address line, so as to realize the communication between the processing unit 112 and the memory control unit 114 .
  • each processor 110 also includes a cache 116, wherein the cache is a buffer (referred to as a cache) for data exchange.
  • the processing unit 112 wants to read data, it will first look up the required data from the cache, and if it is found, it will be executed directly, and if it cannot be found, it will be found in the memory. Since the cache runs much faster than the memory, the function of the cache is to help the processing unit 112 run faster.
  • a memory 120 can provide a running space for a process in the computing device 100.
  • the memory 120 stores a computer program (specifically, the code of the program) for generating the process.
  • the processor allocates a corresponding storage space for the process in the memory 120 .
  • the above-mentioned storage space further includes a text segment, an initialization data segment, a bit initialization data segment, a stack segment, a heap segment, and the like.
  • the memory 120 stores data generated during the running of the process, for example, intermediate data, or process data, etc., in the storage space corresponding to the above-mentioned process.
  • the memory is also called internal memory, and its function is to temporarily store operation data in the processor 110 and data exchanged with an external memory such as a hard disk.
  • the processor 110 will transfer the data to be calculated into the memory for calculation, and the processing unit 112 will transmit the result after the calculation is completed.
  • memory 120 is volatile memory or non-volatile memory, or may include both volatile and non-volatile memory.
  • non-volatile memory is read-only memory (ROM), programmable read-only memory (programmable ROM, PROM), erasable programmable read-only memory (erasable PROM, EPROM), electrically erasable Except programmable read-only memory (electrically EPROM, EEPROM) or flash memory.
  • Volatile memory is random access memory (RAM), which acts as an external cache.
  • RAM random access memory
  • DRAM dynamic random access memory
  • SDRAM synchronous DRAM
  • SDRAM double data rate synchronous dynamic random access memory
  • ESDRAM enhanced synchronous dynamic random access memory
  • SLDRAM synchronous link dynamic random access memory
  • direct rambus RAM direct rambus RAM
  • the structure of the computing device 100 listed above is only an example, and the present application is not limited to this.
  • the computing device 100 includes various hardware in the computing system in the prior art.
  • the computing device 100 also includes other than the memory 120 Other storage, for example, disk storage, etc.
  • the computing device 100 may also include other components necessary for normal operation.
  • the above-mentioned computing device 100 may further include hardware devices that implement other additional functions.
  • the above-mentioned computing device 100 may also only include the necessary devices for implementing the embodiments of the present application, and does not necessarily include all the devices shown in FIG. 1 .
  • TEE is a security system in the central processing unit (CPU). Zones, run in a separate environment and run in parallel with the operating system, the CPU ensures that the confidentiality and integrity of data in the TEE are protected, and trusted applications running in the TEE have access to the full extent of the device's main processor and memory function, and hardware isolation protects TEE-related components from user-installed applications running in the main operating system. In short, the code and data running in the TEE are confidential and cannot be tampered with.
  • the current database access methods based on trusted execution environment mainly include database kernel-level protection, executor-level protection and operator-level protection. Restricted by the current hardware conditions, TEE has many restrictions on the volume and memory usage of applications running inside, and cannot run large and complex applications. Therefore, the database kernel based on TEE must simplify the functions, but the current isolation based on the database kernel The scheme has shortcomings such as large code scale, large trusted computing base (TCB), and difficulty in adequate testing and vulnerability patching.
  • TEE trusted computing base
  • FIG. 2 shows a schematic block diagram of a system architecture of an embodiment of the present application.
  • the system architecture of an embodiment of the present application includes a module running in a non-secure execution environment (rich execution environment, REE) and a module running in a non-secure execution environment (REE).
  • REE rich execution environment
  • REE non-secure execution environment
  • Modules in TEE, where REE is a running environment in parallel with TEE, has its own execution space, good openness and extensibility, but there are many security risks and are easily attacked.
  • the following introduces the system architecture of the embodiments of the present application.
  • Running in the REE includes the database kernel.
  • the system architecture of the embodiment of the present application also includes an authentication proxy module, which is responsible for assisting the database client Perform remote authentication with the identity authentication module in the TEE, and forward communication data during this process. Since the TEE cannot directly communicate with the network, the remote authentication request is relayed through the authentication proxy module in the database kernel of the REE.
  • the authentication proxy module calls the corresponding ecall (enclave call) interface to request the certificate information from the identity authentication module in the TEE, the identity authentication module performs the integrity check on the requested data, and then transmits the certificate information to the identity authentication proxy module, which is sent by The identity authentication proxy module is sent to the client for signature verification, where ecall is a programming interface provided for programs in a non-secure execution environment to invoke software functions in a trusted execution environment.
  • ecall is a programming interface provided for programs in a non-secure execution environment to invoke software functions in a trusted execution environment.
  • the database kernel may be deployed on a physical machine (for example, a host operating system) or in a virtual machine (for example, a cloud database), where the host hardware may adopt any mainstream instruction set architecture (instruction set architecture, ISA) platform, such as Intel x86, ARM, RISC-V and other computing platforms.
  • ISA instruction set architecture
  • Running in the TEE includes a ciphertext operation module, an identity authentication module and an intermediate adaptation layer module.
  • the ciphertext operation module specifically includes an operator subset module, a key management submodule and a data cache submodule, wherein the operator subset module implements the calculation primitives necessary for data calculation, including comparison operators, bit operations, and pattern matching. operation, mathematical calculation, time and date processing, data type conversion, network address function operation, text retrieval operation, set operation operation, statistical operation, etc.
  • the key management sub-module is used to store and store the user key sent by the database client.
  • the data cache sub-module is responsible for The ciphertext data sent by the executor calculates the data characteristic value (HASHSUM) and decrypts it. If there is no HASHSUM value record in the current cache, the corresponding plaintext information is cached.
  • HASHSUM data characteristic value
  • the data cache sub-module manages the plaintext data corresponding to the ciphertext data in a HashTable manner, that is, the "ciphertext data HASHSUM value" is used as the key (Key), and the plaintext data corresponding to the ciphertext data is used as the value (Value) Establish an index relationship, in which the calculation of the HASHSUM value can use a public algorithm.
  • the identity authentication module is used to receive the database client authentication request forwarded by the authentication proxy module in the REE, so as to establish a secure connection with the database client.
  • the intermediate adaptation layer module is used to decouple the ciphertext operation module and the identity authentication module from the specific TEE hardware platform.
  • the intermediate adaptation layer shields the different interfaces and capabilities of the underlying hardware platform, and provides the ciphertext operation module and the identity authentication module upward.
  • a unified interface, and according to the target hardware platform parameters specified in the configuration file, the relevant calling interface is downwardly converted into the programming interface provided by the target hardware platform, so as to realize the cross-platform portability of the overall system.
  • the hardware platform can be Intel SGX, AMD SEV, ARM TrustZone and RISC-V Keystone, etc.
  • FIG. 3 shows a flowchart of a method for accessing a database according to an embodiment of the present application. As shown in FIG. 3 , it includes steps 301 to 305, wherein the method for accessing a database in FIG. 3 is executed in the trusted execution environment TEE. It can be executed by the computing device shown in FIG. 1 , which will be introduced separately below.
  • S301 Receive an encrypted data calculation request sent by a database kernel, where the encrypted data calculation request is an encrypted data calculation request for requesting a user to calculate encrypted data, and the database kernel runs in a non-secure execution environment.
  • the user sends a query request to the database client, where the query request may include the SQL statement input by the user, the column name of encrypted data, the operation of encrypted data and related operation parameters, etc.
  • the database client runs in a non-secure execution environment.
  • the database client encrypts some data involving user secrets in the query request to obtain encrypted data, and then the database client sends the query request (including unencrypted data and encrypted data) to the database kernel.
  • the parser in the database kernel parses the query request, the planner generates a corresponding execution plan according to the parsing result, the optimizer optimizes the execution plan, and the executor executes according to the optimized execution plan.
  • the database kernel needs to send an encrypted data calculation request to the TEE, that is, the calculation of the encrypted data is performed in the TEE.
  • the database client running in a non-secure execution environment means that the database client can be in the REE locally (that is, on the computer where the database kernel is running), or in the REE on another computer. At this time, the database client and the The database kernel can communicate directly over the network. It should be understood that this description can be applied even if the database client in this application runs in a non-secure execution environment.
  • S302 Receive encrypted data sent by the database kernel, where the encrypted data is all encrypted data in the user query request.
  • the way of sending encrypted data to the TEE may be to send all the encrypted data to the TEE at one time, or send all the encrypted data to the TEE in multiple times until all encrypted data are sent to the TEE. until the data is sent.
  • the modules in the TEE no longer request any data from the REE, which avoids frequent switching between REE and TEE, and does not leak the data access mode during the calculation process, ensuring that Data Security.
  • the calculation result is encrypted in the TEE, and then the encrypted calculation result is sent to the database kernel.
  • the database kernel After receiving the encrypted calculation result, the database kernel performs necessary processing and cache on the encrypted calculation result, and then ends the current calculation process. Finally, the database kernel sends the processed calculation results to the database client.
  • the method for accessing the database in the embodiment of the present application further includes: receiving a data characteristic value sent by the database kernel, wherein the data characteristic value is used to indicate encrypted data and is a database.
  • the kernel is calculated according to all encrypted data and corresponds to all encrypted data.
  • the cache record is queried according to the data feature value, and a plurality of data feature values are recorded in the cache record. If the data characteristic value can be queried, it means that the encrypted data corresponding to the data characteristic value has been cached in the TEE. If the data characteristic value is not queried in the cache record, a first feedback is sent to the database kernel, and the first feedback indicates that the data characteristic value is not queried in the cache record. After receiving the first feedback, the database kernel sends all encrypted data corresponding to the data feature value to the TEE.
  • the method for accessing the database further includes: decrypting all the encrypted data to obtain corresponding plaintext data, marking the plaintext data with a data feature value, and The plaintext data is stored, and the data characteristic value is added to the cache record.
  • the database kernel re-requests the calculation involving the encrypted data
  • the corresponding calculation can be directly performed according to the stored plaintext data, without having to request the database kernel to send the encrypted data again, and do not need to re-encrypt the data.
  • the encrypted data is decrypted, saving overhead.
  • the second feedback is sent to the database kernel.
  • the second feedback indicates that the data feature value is queried in the cache record. Therefore, it is not necessary to request encrypted data from the database kernel, but directly obtain the corresponding plaintext data stored in the TEE according to the data characteristic value, and then perform corresponding calculation on the plaintext data according to the encrypted data calculation request.
  • the method for accessing the database in the embodiment of the present application further includes verifying the validity of the TEE.
  • the database client initiates identity authentication. Since network communication cannot be performed directly in the TEE, the database client sends the identity authentication request to the database kernel, and then the database kernel forwards the identity authentication request to the TEE. After the relevant identity authentication module in the TEE receives the identity authentication request, it sends the certificate information to the database kernel, which is then forwarded to the database client by the database kernel. After the database client verifies the TEE certificate, the database client establishes a secure connection with the database kernel, and the encrypted data calculation request sent by the database kernel is sent after passing the identity authentication.
  • the database client After the database client establishes a secure connection with the database kernel, the database client sends the user's data key to the database kernel.
  • the data key In order to ensure the security of the user's data key during transmission, the data key is stored by the database client and TEE.
  • the elliptic curve Diffie-Hellman key exchange (Elliptic Curve Diffie-Hellman key Exchange, ECDH) encryption parameters negotiated between the relevant authentication modules are encrypted.
  • the database kernel forwards the data key to the relevant key management module in the TEE, and the key management module generates verification keys, encryption and decryption keys, and initial vector values based on the data keys, which are used for data processing in subsequent data transmissions.
  • Verification and encryption/decryption where the algorithm for generating the key can be a key derivation algorithm such as HKDF.
  • the functions of the generated verification key, encryption and decryption key, and initial vector value include, in the above S302, after receiving all the encrypted data sent by the database kernel, according to the verification key, the data of each piece of data in the entire encrypted data is analyzed. The integrity is checked; in the above 303, decrypting and calculating all encrypted data according to the encrypted data calculation request includes decrypting each piece of data in all encrypted data according to the encryption and decryption key and the initial vector value, and then according to the encrypted data.
  • the data calculation request calls the operator to calculate each piece of data in all encrypted data; and in the above 304, encrypt the calculation result, that is, encrypt the calculation result according to the encryption and decryption keys and the initial vector value.
  • the method for accessing a database in this embodiment of the present application further includes: setting a timer for accessing the database this time.
  • the timer exceeds the first preset time or an exit request initiated by the database client forwarded by the database kernel is received, all encrypted data, verification keys, encryption/decryption keys and initial vector values are cleared.
  • the method for accessing a database in the embodiment of the present application further includes: using an intermediate adaptation layer to connect with the underlying hardware platform.
  • the intermediate adaptation layer decouples other functional modules in the TEE from the underlying hardware platform, that is, these functional modules do not directly depend on the programming interface development provided by a specific hardware platform (such as IntelSGX or ARM TrustZone). Since the intermediate adaptation layer adapts to the programming interfaces provided by different TEEs, functional modules developed based on a certain hardware platform can be seamlessly migrated between different computing platforms, simplifying secondary development.
  • FIG. 4 shows a schematic flowchart of the method for accessing a database of the present application, which will be described in detail below.
  • the user initiates a query request involving encrypted data to the database server through the database client.
  • the query request includes the SQL statement input by the user, the column name of the encrypted data, the operation of the encrypted data and the relevant operation parameters, etc.
  • the data input by the user is plaintext, and the client uses the data encryption key to encrypt the data that needs to be encrypted in the plaintext (for example, operation parameters), and then sends the query request to the database kernel.
  • the database kernel parses the query request, generates an execution plan and executes it. Specifically, the parser in the database kernel parses information such as operations, table/view and encrypted data column names involved in the query request, the planner generates an execution plan, and the optimizer optimizes the execution plan and sends it to the executor.
  • the executor obtains all encrypted data involved in the operation through the storage engine and calculates the data characteristic value HASHSUM d , and then the executor calls the ecall interface to transmit the current timestamp T cur and HASHSUM d to the data in the TEE Cache submodules.
  • the data cache submodule queries the data cache records. If there is a plaintext corresponding to HASHSUM d , the data cache submodule returns True to the database kernel. If there is no plaintext corresponding to HASHSUM d , it returns False to the database kernel. When the database kernel receives False, the executor in the database kernel calls the ecall interface to transmit all encrypted data to the ciphertext operation module.
  • the data cache sub-module uses the user's data verification key Key m in the session ID s to verify the integrity of each piece of data, and then uses the encryption/decryption key Key e and the initial vector value IV e to decrypt each piece of data, Finally, clear the ciphertext data and mark the plaintext data with HASHSUM d , and update the data cache corresponding to the session ID s .
  • the database kernel receives True, the corresponding encrypted data transmission, decryption and caching are not performed.
  • the encryption/decryption key Key e and the initial vector value IV e refer to the following description for FIG. 4 .
  • the executor calls the ecall interface to send the requested ciphertext computing operation to the ciphertext computing module in the TEE.
  • the ciphertext computing module obtains the plaintext data corresponding to HASHSUM d through the data cache sub-module in the TEE, and then calls the plaintext data one by one. The corresponding operator performs the requested calculation.
  • the ciphertext operation module in the TEE uses Key e and IV e to encrypt the calculation result, and then calls the ecall interface to return the encrypted calculation result to the database kernel, or calls the ocall (out call) interface to calculate the result.
  • the result is transmitted to the executor, which finally resets the timer Timer id for session ID s .
  • the ocall interface is a programming interface provided for programs in a trusted execution environment to call software functions in a non-secure execution environment. Wherein, for the acquisition of the data verification key Key m , the encryption/decryption key Key e and the initial vector value IV e , refer to the following description for FIG. 4 .
  • the executor After receiving the encrypted calculation result sent by the ciphertext operation module, the executor performs necessary processing and buffering, and then ends the current calculation round. For other ciphertext operations, repeat the above steps 3 to 5.
  • the executor returns the final encrypted calculation result to the client, and the client decrypts and organizes the presentation of the encrypted calculation result.
  • FIG. 5 shows an architecture diagram of a specific application of the method for accessing a database according to an embodiment of the present application.
  • the database of the method for accessing a database of the present application may be a Gaussian database, which is implemented based on the Kunpeng 920 computing platform based on A dense database scheme with operator-level isolation.
  • Kunpeng 920 is a processor designed and implemented based on ARM aarch64 architecture, providing a TEE environment based on ARM TrustZone technology.
  • the Gaussian database kernel runs on the Euler OS operating system, and the ciphertext operation module, identity authentication module and intermediate adaptation layer module are all located in the ARM TrustZone environment.
  • the database kernel executor needs to send the user confidential data to the ciphertext operation module running in the TEE, and the client also needs to send the stored user data key to to TEE for data encryption/decryption.
  • the method for accessing the database in the embodiment of the present application uses an identity authentication module to realize the client-side TEE certification.
  • FIG. 6 shows a schematic block diagram of an identity authentication process in the method for accessing a database according to an embodiment of the present application.
  • the identity authentication process in the method for accessing a database according to an embodiment of the present application is described below with reference to FIG. 6 .
  • Remote authentication is performed between the database client and the identity authentication module running in the TEE.
  • the database client actively initiates an identity authentication request of the TEE. Since the modules running in the TEE cannot directly communicate with the network, the identity authentication request is transferred through the authentication proxy module in the database kernel in the REE (see Figure 5).
  • the authentication proxy module calls the corresponding ecall interface to request the certificate information from the identity authentication module in the TEE.
  • the identity authentication module verifies the integrity of the requested data, and then transmits the certificate information to the identity authentication proxy module, which is forwarded to the client by the identity authentication proxy module. end for verification.
  • the client establishes a secure socket layer (secure socket layer, SSL) secure connection with the database kernel.
  • SSL secure socket layer
  • the database client and the identity authentication module in the TEE negotiate the encryption parameters based on the Elliptic Curve Diffie-Hellman key Exchange (ECDH) mechanism, and pair the encryption parameters according to the negotiated ECDH encryption parameters.
  • the user key Key u is encrypted, and the ECDH encryption parameter negotiation request is also forwarded by the authentication proxy module calling the corresponding ecall interface.
  • the identity authentication module and the client can use encryption methods such as RSA algorithm to encrypt the ECDH encryption parameters before exchanging the ECDH encryption parameters.
  • the client transmits the user ID s and the data key Key u encrypted with the negotiated ECDH parameters to the authentication proxy module, and the authentication proxy module calls the corresponding ecall interface to transmit these data to the encryption key in the TEE.
  • Key management submodule After the negotiation is completed, the client transmits the user ID s and the data key Key u encrypted with the negotiated ECDH parameters to the authentication proxy module, and the authentication proxy module calls the corresponding ecall interface to transmit these data to the encryption key in the TEE. Key management submodule.
  • the key management sub-module in the TEE uses the above negotiated ECDH parameters to decrypt the encrypted data key Key u , and derives the data verification key Key according to the data key Key u according to a certain algorithm (such as HKDF).
  • m encryption/decryption key Key e and initial vector value IV e , record the correspondence between user ID s and the above Key m , Key e , IV e and clear Key u .
  • the key management sub-module sets a timer Timer id for the ID s , and the timer time can be uniformly configured in advance by the database administrator. It should be noted that the key derivation method in this application may adopt any existing possible key derivation method, which is not limited in this application.
  • the key management sub-module running in the TEE has obtained the user data verification and encryption/decryption keys.
  • the user can initiate a ciphertext query request to the database kernel through the client.
  • the ciphertext query request statement includes encrypted ciphertext operation parameters and plaintext query statements.
  • the database kernel in the non-secure execution environment performs statement parsing, query plan generation, and query plan optimization.
  • the executor in the database kernel executes the query plan. operation.
  • the executor obtains all encrypted data at one time through the storage engine, and sends the encrypted data, encrypted operation parameters and calculation type to the ciphertext operation module in the TEE, and the specific process of encrypted data query and calculation Reference may be made to the above description of FIG. 4 , and for brevity, the embodiment of the present application will not be repeated here.
  • the method for accessing the database in the embodiment of the present application further includes that the user disables the ciphertext query function or exits the database connection, and the client actively initiates an exit phase operation to the database kernel.
  • Fig. 7 shows a schematic block diagram of the exit stage in the method for accessing the database described in the present application. As shown in Fig.
  • the client sends the exit request and the user ID s to the authentication agent of the database kernel module, the authentication proxy module forwards the logout request and the user ID s to the ciphertext computing module in the TEE, and the ciphertext computing module clears the currently used keys Key m , Key e , IV e and the cached plaintext data.
  • the ciphertext operation module can also actively clear the currently used keys Key m , Key e , IV e and the cached plaintext data.
  • the method for accessing the database in the embodiment of the present application sends all the ciphertext data to the ciphertext operation module in the TEE before the calculation, and the ciphertext operation module performs all the ciphertext operations on the ciphertext.
  • the data is decrypted, which can significantly reduce the switching overhead of TEE and REE.
  • the method for accessing the database according to the embodiment of the present application can significantly reduce the data decryption overhead by decrypting the ciphertext data and then caching it. For example, if the existing method of accessing the database takes m to decrypt 128 bytes of data each time, each decryption requires 10,000m of time, and if the same data is processed later, the same decryption time is also required. However, the method for accessing the database in the embodiment of the present application only needs to spend 10,000m in the first decryption, and if the same data is processed later, there is no need to perform decryption.
  • FIG. 8 is a schematic block diagram of an apparatus 800 for accessing a database provided by an embodiment of the present application.
  • the apparatus 800 for accessing a database can perform the steps of the methods for accessing a database in FIGS. 3, 4, 6, and 7. To avoid repetition, It will not be described in detail here.
  • the apparatus 800 for accessing a database includes a transceiver module 810 and an execution module 820, which will be briefly introduced below.
  • the transceiver module 810 is configured to receive an encrypted data calculation request sent by the database kernel.
  • the encrypted data calculation request is used to request the encrypted data of the calculation user, and the database kernel runs in a non-secure execution environment.
  • the transceiver module 810 is further configured to receive encrypted data sent by the database kernel. Encrypted data is all encrypted data in the user query request;
  • the execution module 820 in response to the encrypted data calculation request, is configured to decrypt and calculate the encrypted data to obtain a calculation result.
  • the execution module 820 is further configured to encrypt the calculation result to obtain the encrypted calculation result.
  • the transceiver module 810 is further configured to send the encrypted calculation result to the database kernel.
  • the transceiver module 810 receives encrypted data sent by the database kernel, including: the transceiver module 810 is further configured to receive data feature values sent by the database kernel.
  • the data feature value is used to indicate encrypted data; when the execution module does not query the data feature value in the cache record, the transceiver module is further configured to send the first feedback to the database kernel; the transceiver module is also configured to receive the database kernel responding to the first feedback Encrypted data sent.
  • the execution module 820 is also used to decrypt the encrypted data to obtain plaintext data; the execution module 820 is also used to mark the plaintext data with the data feature value and store the plaintext data; the execution module 820 is also used to add the data feature value to the data. Cache records.
  • the transceiver module 810 receives encrypted data sent by the database kernel, and further includes: the transceiver module 810 is further configured to receive data feature values sent by the database kernel, where the data feature values are used to indicate encrypted data; when the execution module queries the cache record When the data characteristic value is reached, the transceiver module 810 is also used to send the second feedback to the database kernel; the transceiver module 810 is also used to obtain plaintext data corresponding to the data characteristic value from the stored plaintext data according to the data characteristic value, and the plaintext data is encrypted data. decrypted data.
  • the transceiver module 810 is further configured to receive the identity authentication request forwarded by the database kernel, the identity authentication request is initiated by the database client, and the database client runs in a non-secure execution environment; the transceiver module 810 is also used to send the identity authentication information.
  • the transceiver module 810 is further configured to receive an encrypted data calculation request sent by the database kernel, and the encrypted data calculation request is sent after passing the authentication based on the identity authentication information.
  • the transceiver module 810 is further configured to receive the user's data key forwarded by the database kernel, and the data key is encrypted by the ECDH algorithm; the execution module 820 is also configured to generate a verification key, an encryption and decryption key and a data key according to the data key.
  • the initial vector value; the transceiver module is also used to receive encrypted data sent by the database kernel; the execution module is also used to verify the integrity of each piece of data in the encrypted data according to the verification key.
  • the encrypted data is data that has passed the integrity check.
  • the execution module 820 decrypts and calculates the encrypted data according to the encrypted data calculation request, including: decrypting each piece of data in the encrypted data according to the encryption and decryption key and the initial vector value; The child performs calculations on each piece of data in the encrypted data.
  • the execution module 820 encrypts the calculation result, including: encrypting the calculation result according to the encryption and decryption keys and the initial vector value.
  • the device further includes a timer, based on the timer exceeding the first preset time or the transceiver module 810 receiving an exit request initiated by the database client forwarded by the database kernel: the execution module 820 is also used for clearing encrypted data, verifying passwords. key, encryption and decryption keys, and initial vector values.
  • the transceiver module 810 and the execution module 820 in the apparatus are connected to the underlying hardware platform by using an intermediate adaptation layer.
  • An embodiment of the present application further provides a data processing device, the data processing device may be a hardware device such as a server, or a software device, and the data processing device includes a database kernel deployed in a non-secure execution environment and a database kernel deployed in a trusted execution environment.
  • a data processing module in the environment, the data processing module is used to perform the methods described in Figures 3, 4, 6, 7.
  • Embodiments of the present application further provide a computer-readable storage medium, including instructions; the instructions are used to implement the methods described in FIGS. 3 , 4 , 6 , and 7 .
  • the disclosed system, apparatus and method may be implemented in other manners.
  • the apparatus embodiments described above are only illustrative.
  • the division of the units is only a logical function division. In actual implementation, there may be other division methods.
  • multiple units or components may be combined or Can be integrated into another system, or some features can be ignored, or not implemented.
  • the shown or discussed mutual coupling or direct coupling or communication connection may be through some interfaces, indirect coupling or communication connection of devices or units, and may be in electrical, mechanical or other forms.
  • the units described as separate components may or may not be physically separated, and components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution in this embodiment.
  • each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit.
  • the functions, if implemented in the form of software functional units and sold or used as independent products, may be stored in a computer-readable storage medium.
  • the technical solution of the present application can be embodied in the form of a software product in essence, or the part that contributes to the prior art or the part of the technical solution, and the computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present application.
  • the aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk and other media that can store program codes .

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

一种访问数据库的方法和装置,可以保证用户与数据库交互过程中的数据安全,并有效降低性能开销。该方法包括:接收数据库内核发送的加密数据计算请求,加密数据计算请求用于请求计算用户的加密数据,数据库内核运行在非安全执行环境中(S301);接收数据库内核发送的加密数据,加密数据为所述用户查询请求中加密后的全部数据(S302);响应于所述加密数据计算请求,对加密数据进行解密和计算,以得到计算结果(S303);对计算结果进行加密,以得到加密后的计算结果(S304);将加密后的计算结果发送给数据库内核(S305)。

Description

访问数据库的方法和装置
本申请要求于2021年03月29日提交中国专利局、申请号为202110335806.6、申请名称为“访问数据库的方法和装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本申请涉及数据处理技术领域,更具体地,涉及一种访问数据库的方法和装置。
背景技术
作为重要的基础软件之一,数据库的安全防护已成为当前亟需解决的挑战。针对敏感数据的保护难题,为了防止非法程序和恶意管理员篡改、窃取用户的敏感数据,业界多对数据进行加密,以密文存储敏感数据。但是,在用户操作这些敏感数据(例如查询)时,密文仍需在相应的计算平台中解密,这使得在某一运行时刻,数据仍以明文形式存在于该计算平台的内存中,将明文数据暴露在极大的安全风险中。此外,基于密码学算法对密文进行运算的技术方案仅能完成等值查询、排序等部分操作,且执行性能普遍较差。因此亟需一种方法使得用户在与数据库交互的过程中可以保护用户的敏感数据的安全。
发明内容
本申请提供一种访问数据库的方法和装置,可以保证用户与数据库交互过程中的数据安全,并有效降低性能开销。
第一方面,提供了一种访问数据库的方法,该方法在可信执行环境中执行,包括:接收数据库内核发送的加密数据计算请求,加密数据计算请求用于请求计算用户的加密数据,数据库内核运行在非安全执行环境中;接收数据库内核发送的加密数据,加密数据为所述用户查询请求中加密后的全部数据;响应于所述加密数据计算请求,对加密数据进行解密和计算,以得到计算结果;对计算结果进行加密,以得到加密后的计算结果;将加密后的计算结果发送给数据库内核。
本申请实施例的访问数据库的方法,通过将加密数据发送给可信执行环境中的模块,避免了请求数据和传输数据时频繁切换可信执行环境和非安全执行环境,降低了性能开销;在进行加密数据计算之前就将加密数据发送给可信执行环境中的模块,如此在加密数据计算过程中则无需再请求非安全执行环境中的数据,避免泄露执行过程中对数据的访问模式,安全性更高
结合第一方面,在第一方面的某些实现方式中,接收数据库内核发送的加密数据,包括:接收数据库内核发送的数据特征值,数据特征值用于指示所述加密数据;当在缓存记录中未查询到所述数据特征值时,向数据库内核发送第一反馈;接收数据库内核响应于第一反馈发送的加密数据。
结合第一方面,在第一方面的某些实现方式中,该方法还包括:对加密数据进行解密,以得到明文数据;采用数据特征值标记明文数据并存储明文数据;将所述数据特征值加入缓存记录。
结合第一方面,在第一方面的某些实现方式中,接收数据库内核发送的加密数据,包括:接收数据库内核发送的数据特征值,数据特征值用于指示所述加密数据;当在缓存记录中查询到所述数据特征值时,向数据库内核发送第二反馈;根据数据特征值从存储的明文数据中获取所述数据特征值对应的明文数据,明文数据为加密数据解密后的数据。
本申请实施例的访问数据库的方法将加密数据解密后缓存在TEE中,在一段时间内需要再次执行该加密数据的计算时,则无需再次传输和解密该加密数据,进一步降低了性能开销。
结合第一方面,在第一方面的某些实现方式中,该方法还包括:接收数据库内核转发的身份认证请求,身份认证请求由数据库客户端发起,所述数据库客户端运行在非安全执行环境中;将身份认证信息发送给数据库内核;接收所述数据库内核发送的加密数据计算请求,所述加密数据计算请求是基于所述身份认证信息认证通过后发送的。
本申请实施例的访问数据库的方法在进行数据传输之前,验证可信执行环境的合法性,从而避免非法程序或攻击者通过仿冒可信执行环境来窃取用户数据,保证用户数据安全。
结合第一方面,在第一方面的某些实现方式中,该方法还包括:接收数据库内核转发的用户的数据密钥,数据密钥由ECDH算法加密;根据数据密钥生成验证密钥、加密和解密密钥和初始向量值;接收所述数据库内核发送的加密数据;根据所述验证密钥对所述加密数据中的每条数据的完整性进行校验。
结合第一方面,在第一方面的某些实现方式中,加密数据为通过完整性校验的数据。
结合第一方面,在第一方面的某些实现方式中,根据加密数据计算请求对加密数据进行解密和计算,包括:根据加密和解密密钥和初始向量值对加密数据中的每条数据进行解密,以得到每条数据对应的明文数据;根据加密数据计算请求调用算子对每条数据对应的明文数据进行计算。
结合第一方面,在第一方面的某些实现方式中,对计算结果进行加密,包括:根据加密和解密密钥和初始向量值对计算结果进行加密。
本申请实施例的访问数据库的方法,通过使用用户的数据密钥派生的密钥来对数据进行加密和解密,可以进一步保证用户数据的安全。
结合第一方面,在第一方面的某些实现方式中,该方法还包括:设置定时器;基于定时器超过第一预设时间或接收到数据库内核转发的数据库客户端发起的退出请求:清除加密数据、验证密钥、加密和解密密钥和初始向量值。
结合第一方面,在第一方面的某些实现方式中,该方法还包括:利用中间适配层与底层硬件平台连接。
第二方面,提供了一种访问数据库的方法,该方法在非安全执行环境中执行,包括:向密文运算模块发送加密数据计算请求,加密数据计算请求用于请求计算用户的加密数据,密文运算模块运行在可信执行环境中;向密文运算模块发送加密数据,加密数据为用户查询请求中加密后的全部数据;接收密文运算模块发送的加密后的计算结果。
结合第二方面,在第二方面的某些实现方式中,向密文运算模块发送加密数据,包括: 向密文运算模块发送数据特征值,数据特征值用于指示所述加密数据;接收第一反馈,第一反馈表示密文运算模块在缓存记录中没有查询到数据特征值;向密文运算模块发送加密数据。
结合第二方面,在第二方面的某些实现方式中,向密文运算模块发送加密数据,还包括:向密文运算模块发送数据特征值,数据特征值用于指示所述加密数据;接收第二反馈,第二反馈表示密文运算模块在缓存记录中查询到数据特征值。
第三方面,提供一种访问数据库的装置,装置设置在可信执行环境中,该装置包括:收发模块,用于接收数据库内核发送的加密数据计算请求,加密数据计算请求用于请求计算用户的加密数据;收发模块还用于接收数据库内核发送的加密数据,加密数据为所述用户查询请求中加密后的全部数据;执行模块,响应于所述加密数据计算请求,用于对加密数据进行解密和计算,以得到计算结果;执行模块还用于对计算结果进行加密,以得到加密后的计算结果;收发模块还用于将加密后的计算结果发送给数据库内核。
结合第三方面,在第三方面的某些实现方式中,收发模块接收数据库内核发送的加密数据,包括:收发模块还用于接收数据库内核发送的数据特征值,数据特征值用于指示所述加密数据;当执行模块在缓存记录中未查询到所述数据特征值时,收发模块还用于向数据库内核发送第一反馈;收发模块还用于接收数据库内核响应于第一反馈发送的加密数据。
结合第三方面,在第三方面的某些实现方式中,执行模块还用于对加密数据进行解密,以得到明文数据;执行模块还用于采用数据特征值标记明文数据并存储明文数据;执行模块还用于将所述数据特征值加入缓存记录。
结合第三方面,在第三方面的某些实现方式中,收发模块接收数据库内核发送的加密数据,还包括:收发模块还用于接收数据库内核发送的数据特征值,数据特征值用于指示所述加密数据;当执行模块在缓存记录中查询到所述数据特征值时,收发模块还用于向数据库内核发送第二反馈;收发模块还用于根据数据特征值从存储的明文数据中获取所述数据特征值对应的明文数据,明文数据为加密数据解密后的数据。
结合第三方面,在第三方面的某些实现方式中,收发模块还用于接收数据库内核转发的身份认证请求,身份认证请求由数据库客户端发起,数据库客户端运行在非安全执行环境中;收发模块还用于将身份认证信息发送给数据库内核;收发模块还用于接收所述数据库内核发送的加密数据计算请求,所述加密数据计算请求是基于所述身份认证信息认证通过后发送的。
结合第三方面,在第三方面的某些实现方式中,收发模块还用于接收数据库内核转发的用户的数据密钥,数据密钥由ECDH算法加密;执行模块还用于根据数据密钥生成验证密钥、加密和解密密钥和初始向量值;收发模块还用于接收所述数据库内核发送的加密数据;执行模块还用于根据所述验证密钥对所述加密数据中的每条数据的完整性进行校验。
结合第三方面,在第三方面的某些实现方式中,加密数据为通过完整性校验的数据。
结合第三方面,在第三方面的某些实现方式中,执行模块根据加密数据计算请求对加密数据进行解密和计算,包括:根据加密和解密密钥和初始向量值对加密数据中的每条数据进行解密,以得到每条数据对应的明文数据;根据加密数据计算请求调用算子对每条数据对应的明文数据进行计算。
结合第三方面,在第三方面的某些实现方式中,执行模块对计算结果进行加密,包括: 根据加密和解密密钥和初始向量值对计算结果进行加密。
结合第三方面,在第三方面的某些实现方式中,装置还包括定时器,基于定时器超过第一预设时间或收发模块接收到数据库内核转发的数据库客户端发起的退出请求:执行模块还用于清除加密数据、验证密钥、加密和解密密钥和初始向量值。
结合第三方面,在第三方面的某些实现方式中,收发模块和执行模块利用中间适配层与底层硬件平台连接。
由于中间适配层模块适配了不同TEE提供的编程接口,从而使得TEE中的功能模块能够在不同计算平台间无缝迁移,即便于二次开发。
第四方面,提供了一种访问数据库的装置,该装置设置在非安全执行环境中,包括:收发模块,用于向密文运算模块发送加密数据计算请求,加密数据计算请求用于请求计算用户的加密数据密文运算模块运行在可信执行环境中;该收发模块还用于向密文运算模块发送加密数据,加密数据为用户查询请求中加密后的全部数据;该收发模块还用于接收密文运算模块发送的加密后的计算结果。
结合第四方面,在第四方面的某些实现方式中,收发模块向密文运算模块发送加密数据,具体用于:向密文运算模块发送数据特征值,数据特征值用于指示所述加密数据;接收第一反馈,第一反馈表示密文运算模块在缓存记录中没有查询到数据特征值;向密文运算模块发送加密数据。
结合第四方面,在第四方面的某些实现方式中,收发模块向密文运算模块发送加密数据,具体用于:向密文运算模块发送数据特征值,数据特征值用于指示所述加密数据;接收第二反馈,第二反馈表示密文运算模块在缓存记录中查询到数据特征值。
第五方面,提供了一种数据处理装置,其特征在于,包括部署在非安全执行环境中的数据库内核和部署在可信执行环境中的数据处理模块,所述数据处理模块用于执行上述第一方面和第二方面中任意一种实现方式中的方法。
第六方面,一种计算机可读存储介质,其特征在于,包括指令;指令用于实现上述第一方面和第二方面中任意一种实现方式中的方法。
第七方面,提供一种芯片,该芯片获取指令并执行该指令来实现上述第一方面和第二方面中任意一种实现方式中访问数据库的方法。
可选地,作为一种实现方式,该芯片包括处理器与数据接口,该处理器通过该数据接口读取存储器上存储的指令,执行上述第一方面和第二方面中任意一种实现方式中访问数据库的方法。
可选地,作为一种实现方式,该芯片还可以包括存储器,该存储器中存储有指令,该处理器用于执行该存储器上存储的指令,当该指令被执行时,该处理器用于执行上述第一方面和第二方面中任意一种实现方式中访问数据库的方法。
附图说明
图1是本申请的一种计算设备的架构示意图;
图2是本申请的系统架构的示意性框图;
图3是本申请的访问数据库的方法的流程图;
图4是本申请的访问数据库的方法示意性流程框图;
图5是本申请的访问数据库的方法的一种具体应用的架构图;
图6是本申请的访问数据库的方法中的身份认证过程的示意性框图;
图7是本申请的访问数据库的方法中的退出过程的示意性框图;
图8是本申请的访问数据库的装置的示意性框图。
具体实施方式
为了便于理解本申请的技术方案,首先对本申请涉及的概念做简要介绍。
数据库内核:亦称数据库引擎,是完成数据库管理系统(database management system,DBMS)对数据操作的核心功能集合。一般的,数据库内核包括解析器、计划器、优化器、执行器和存储引擎等五部分。解析器是对数据库用户输入的结构化查询语言(structured query language,SQL)进行词法、语法的解析,判断用户的查询意图;计划器是根据语句的解析结果生成相应的执行计划;优化器是对初步生成的执行计划进行优化,以便高效地完成用户请求的操作;执行器按照优化后的执行计划根据计划中的每一个操作步骤进行具体执行,得到用户需要的结果;存储引擎负责上述过程中的读写和索引等功能,从而为其他功能部件提供输入、输出能力。
查询请求:用户输入的一条或一组SQL语句。
算子:亦称计算原语,算子是数据运算最基本、直接的技术操作,例如比较运算符(>、<、≥、≤)、数学操作符(+、-、%)、逻辑关系运算(and、or、not)等。
远程证明(remote attestation):鉴于可信执行环境(trusted execution environment,TEE)内通常处理敏感的机密数据,在云计算等应用场景中,用户在请求远端服务器上TEE内计算服务时,难以得知该服务是运行在一台真实、可信(合法)的计算平台上还是运行在攻击者精心伪造的环境(非法)中。为了保护用户机密数据安全并识别真实可信的TEE环境,TEE内计算或服务功能可以通过远程证明,使用硬件平台(制造商)背书的密钥签名的证书链,向远端用户证明自身的合法性。
会话ID:是计算机系统(通常是服务器)能够识别和跟踪单个用户在任何特定会话期间的行为的一种方式。
RSA算法:目前使用最广泛的公钥密码体制之一,RSA为三位提出者姓氏首字母。
密钥派生函数(HKDF):是密码系统的基本组成部分,目标是获取一些初始的密钥材料,并从中派生出一个或多个安全强度很大的密钥。
下面将结合附图,对本申请中的技术方案进行描述。
图1是本申请实施例提供的一种计算设备100的架构示意图。该计算设备200可以是服务器或者计算机或者其他具有计算能力的设备。图1所示的计算设备100包括:至少一个处理器110和内存120。
处理器110执行内存120中的指令,使得计算设备100实现本申请提供的访问数据库的方法,例如实现由访问数据库的装置执行的步骤。或者,处理器110执行内存120中的指令,使得计算设备100实现本申请提供的访问数据库的装置,例如实现访问数据库的装置包括的各功能模块。
可选地,计算设备100还包括系统总线,其中,处理器110和内存120分别与系统总线连接。处理器110能够通过系统总线访问内存120,例如,处理器110能够通过系统总 线在内存120中进行数据读写或代码执行。该系统总线是快捷外设部件互连标准(peripheral component interconnect express,PCI)总线或扩展工业标准结构(extended industry standard architecture,EISA)总线等。所述系统总线分为地址总线、数据总线、控制总线等。为便于表示,图1中仅用一条粗线表示,但并不表示仅有一根总线或一种类型的总线。
一种可能的实现方式,处理器110的功能主要是解释计算机程序的指令(或者说,代码)以及处理计算机软件中的数据。其中,该计算机程序的指令以及计算机软件中的数据能够保存在内存120或者缓存116中。
可选地,处理器110可能是集成电路芯片,具有信号的处理能力。作为示例而非限定,处理器110是通用处理器、数字信号处理器(digital signal processor,DSP)、专用集成电路(application specific integrated circuit,ASIC)、现成可编程门阵列(field programmable gate array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。其中,通用处理器是微处理器等。例如,该处理器110是中央处理单元(central processing unit,CPU)。
可选地,每个处理器110包括至少一个处理单元112和内存控制单元114。
可选地,处理单元112也称为核心(core)或内核,是处理器最重要的组成部分。处理单元112是由单晶硅以一定的生产工艺制造出来的,处理器所有的计算、接受命令、存储命令、处理数据都由核心执行。处理单元分别独立地运行程序指令,利用并行计算的能力加快程序的运行速度。各种处理单元都具有固定的逻辑结构,例如,处理单元包括例如,一级缓存、二级缓存、执行单元、指令级单元和总线接口等逻辑单元。
一种实现举例,内存控制单元114用于控制内存120与处理单元112之间的数据交互。具体地说,内存控制单元114从处理单元112接收内存访问请求,并基于该内存访问请求控制针对内存的访问。作为示例而非限定,内存控制单元是内存管理单元(memory management unit,MMU)等器件。
一种实现举例,各内存控制单元114通过系统总线进行针对内存120的寻址。并且在系统总线中配置仲裁器(图中未示出),该仲裁器负责处理和协调多个处理单元112的竞争访问。
一种实现举例,处理单元112和内存控制单元114通过芯片内部的连接线,例如地址线,通信连接,从而实现处理单元112和内存控制单元114之间的通信。
可选地,每个处理器110还包括缓存116,其中,缓存是数据交换的缓冲区(称作cache)。当处理单元112要读取数据时,会首先从缓存中查找需要的数据,如果找到了则直接执行,找不到的话则从内存中找。由于缓存的运行速度比内存快得多,故缓存的作用就是帮助处理单元112更快地运行。
内存(memory)120能够为计算设备100中的进程提供运行空间,例如,内存120中保存用于生成进程的计算机程序(具体地说,是程序的代码)。计算机程序被处理器运行而生成进程后,处理器在内存120中为该进程分配对应的存储空间。进一步的,上述存储空间进一步包括文本段、初始化数据段、位初始化数据段、栈段、堆段等等。内存120在上述进程对应的存储空间中保存进程运行期间产生的数据,例如,中间数据,或过程数据等等。
可选地,内存也称为内存储器,其作用是用于暂时存放处理器110中的运算数据,以及与硬盘等外部存储器交换的数据。只要计算机在运行中,处理器110就会把需要运算的数据调到内存中进行运算,当运算完成后处理单元112再将结果传送出来。
作为示例而非限定,内存120是易失性存储器或非易失性存储器,或可包括易失性和非易失性存储器两者。其中,非易失性存储器是只读存储器(read-only memory,ROM)、可编程只读存储器(programmable ROM,PROM)、可擦除可编程只读存储器(erasable PROM,EPROM)、电可擦除可编程只读存储器(electrically EPROM,EEPROM)或闪存。易失性存储器是随机存取存储器(random access memory,RAM),其用作外部高速缓存。通过示例性但不是限制性说明,许多形式的RAM可用,例如静态随机存取存储器(static RAM,SRAM)、动态随机存取存储器(dynamic RAM,DRAM)、同步动态随机存取存储器(synchronous DRAM,SDRAM)、双倍数据速率同步动态随机存取存储器(double data rate SDRAM,DDR SDRAM)、增强型同步动态随机存取存储器(enhanced SDRAM,ESDRAM)、同步连接动态随机存取存储器(synchlink DRAM,SLDRAM)和直接内存总线随机存取存储器(direct rambus RAM,DR RAM)。应注意,本文描述的系统和方法的内存120旨在包括但不限于这些和任意其它适合类型的存储器。
以上列举的计算设备100的结构仅为示例性说明,本申请并未限定于此,计算设备100包括现有技术中计算系统中的各种硬件,例如,计算设备100还包括除内存120以外的其他存储器,例如,磁盘存储器等。本领域的技术人员应当理解,计算设备100还可以包括实现正常运行所必须的其他器件。同时,根据具体需要,本领域的技术人员应当理解,上述计算设备100还可包括实现其他附加功能的硬件器件。此外,本领域的技术人员应当理解,上述计算设备100也可仅仅包括实现本申请实施例所必须的器件,而不必包括图1中所示的全部器件。
由于在开放环境中数据可能暴露在各种攻击下,因此使用可信执行环境在运行时对加密数据进行处理成为当下研究的热点,TEE是中央处理器(central processing unit,CPU)内的一个安全区域,运行在一个独立的环境中且与操作系统并行运行,CPU确保TEE中数据的机密性和完整性都得到保护,在TEE中运行的受信任应用程序可以访问设备主处理器和内存的全部功能,而硬件隔离保护TEE相关组件不受主操作系统中运行的用户安装的应用程序的影响,总之,运行在TEE中的代码和数据是保密且不可篡改的。
目前基于可信执行环境的访问数据库方法主要包括数据库内核级保护、执行器级保护和算子级保护。受当前硬件条件的限制,TEE对运行于内部的应用体积和内存使用有诸多限制,无法运行大型、复杂的应用,因此基于TEE的数据库内核必须对功能进行精简,但目前的基于数据库内核的隔离方案存在代码规模大、可信计算基(trusted computing base,TCB)庞大、难以进行充分测试和漏洞修补等缺点;相比之下,基于执行器的隔离与安全运行方案进一步精简了功能和代码,但是由于执行器必须借助非安全域读取数据存储文件,其输入输出操作仍开销巨大,并且设计实现中仍面临如何安全解耦数据库引擎的难题;而基于TEE的算子级隔离仅将数据运算功能进行安全隔离,其代码规模和TCB最小,但在实现中需要对每一行待处理数据进行频繁的操作,导致安全域和非安全域的运行切换频繁,带来庞大的性能开销。除此之外,以上三种数据库执行方法主要基于Intel SGX(software guard extension)技术实现,与底层硬件平台紧耦合,技术方案的可移植性差。
图2示出了本申请实施例的系统架构的示意性框图,如图2所示,本申请实施例的系统架构包括运行在非安全执行环境(rich execution environment,REE)中的模块和运行在TEE中的模块,其中REE是与TEE并行的运行环境,具有其自身的执行空间,开放性和扩展性好,但是存在许多安全隐患,易被攻击。以下对本申请实施例的系统架构进行介绍。
运行在REE中的包括数据库内核,除了上述介绍的解析器、计划器、优化器、执行器和存储引擎之外,本申请实施例的系统架构还包括认证代理模块,该模块负责协助数据库客户端与TEE内的身份认证模块之间进行远程认证,并在这一过程中转发通信数据。由于TEE不能直接进行网络通信,因此远程认证请求通过REE的数据库内核中的认证代理模块进行中转。具体的,认证代理模块调用相应的ecall(enclave call)接口向TEE中的身份认证模块请求证书信息,身份认证模块对请求数据进行完整性校验,然后将证书信息传输给身份认证代理模块,由身份认证代理模块发送给客户端进行验签,其中ecall是为非安全执行环境中程序调用可信执行环境中软件功能提供的编程接口。本申请实施例的系统架构中,数据库内核可以部署于物理机(例如宿主机操作系统上)或者位于虚拟机内(例如云数据库),其中宿主机硬件可以采用任何一种主流指令集架构(instruction set architecture,ISA)平台,例如Intel x86、ARM、RISC-V等计算平台。
运行在TEE中的包括密文运算模块、身份认证模块和中间适配层模块。
密文运算模块具体包括算子集子模块、密钥管理子模块和数据缓存子模块,其中算子集子模块实现了数据计算所必需的计算原语,包括比较操作符、位操作、模式匹配操作、数学计算、时间日期处理、数据类型转换、网络地址函数操作、文本检索操作、集合运算操作、统计操作等;密钥管理子模块用于对数据库客户端发来的用户密钥进行存储和管理,并根据相应算法从用户密钥中派生出数据验证密钥、数据加/解密密钥和初始向量,以及当会话结束后清理该会话使用到的密钥信息;数据缓存子模块,负责对执行器发送的密文数据计算数据特征值(HASHSUM)并解密,若当前缓存中无该HASHSUM值记录,则缓存对应的明文信息。数据缓存子模块以哈希表(HashTable)方式管理密文数据对应的明文数据,即以“密文数据HASHSUM值”为键(Key)、以该密文数据对应的明文数据为值(Value)建立索引关系,其中HASHSUM值的计算可使用公开算法。
身份认证模块用于接收REE内认证代理模块转发的数据库客户端认证请求,从而与数据库客户端建立安全连接。
中间适配层模块用于使得密文运算模块和身份认证模块与具体的TEE硬件平台解耦合,中间适配层屏蔽底层硬件平台的不同接口和能力,向上为密文运算模块和身份认证模块提供统一的接口,并且根据配置文件中指定的目标硬件平台参数,向下将相关的调用接口转换为该目标硬件平台提供的编程接口,从而实现整体系统的跨平台可移植性。其中硬件平台可以是Intel SGX、AMD SEV、ARM TrustZone和RISC-V Keystone等。
图3示出了本申请实施例的访问数据库的方法的流程图,如图3所示,包括步骤301至步骤305,其中图3的访问数据库的方法在可信执行环境TEE中执行,具体的可以由图1所示的计算设备执行,以下分别进行介绍。
S301,接收数据库内核发送的加密数据计算请求,加密数据计算请求为加密数据计算请求用于请求计算用户的加密数据,数据库内核运行在非安全执行环境中。
具体的,用户向数据库客户端发送查询请求,其中查询请求可以包括用户输入的SQL 语句、加密数据列名、加密数据的运算及相关运算操作参数等,数据库客户端运行在非安全执行环境中,数据库客户端将查询请求中涉及用户机密的部分数据进行加密,得到加密数据,然后数据库客户端将查询请求(包括未加密的数据和加密数据)发送给数据库内核。数据库内核接收到查询请求后,由数据库内核中的解析器对查询请求进行解析,计划器根据解析结果生成相应执行计划,优化器对执行计划进行优化,执行器按照优化后的执行计划执行。而对于加密数据,由于运行在REE中的数据库内核无法直接对加密数据进行操作,需要数据库内核向TEE中发送加密数据计算请求,即在TEE中执行加密数据的计算。
这里的数据库客户端运行在非安全执行环境中是指数据库客户端可以在本地(即数据库内核运行的计算机上)REE中,也可以在另一台计算机上的REE中,此时数据库客户端与数据库内核可以直接通过网络通信。应理解,本申请中数据库客户端运行在非安全执行环境中均可以适用该说明。
S302,接收数据库内核发送的加密数据,加密数据为用户查询请求中加密后的全部数据。
由于加密数据的计算需要在TEE中执行,因此需要将加密数据全部发送到TEE中。在本申请实施例的访问数据库的方法中,将加密数据发送到TEE中的方式可以是将全部加密数据一次性发送到TEE中,也可以分多次将全部加密数据发送TEE中、直到全部加密数据发送完毕为止。之后,在加密数据的计算过程中,TEE中的模块都不再向REE中请求任何数据,避免了REE/TEE之间的频繁切换,且不会泄露计算过程中对数据的访问模式,保证了数据安全。
S303,响应于加密数据计算请求,对全部加密数据进行解密和计算,以得到计算结果。
在接收了全部加密数据后,则对全部加密数据进行解密,以得到相应的明文数据,然后根据加密数据计算请求对明文数据执行相应的计算,从而得到相应的计算结果。
S304,对计算结果进行加密,以得到加密后的计算结果。
S305,将加密后的计算结果发送给数据库内核。
为了保证数据的安全,在得到计算结果后,在TEE中对计算结果进行加密,然后将加密后的计算结果发送给数据库内核。数据库内核接收到加密后的计算结果后对加密后的计算结果进行必要的处理和缓存,然后结束当前计算过程。最后,数据库内核将处理后的计算结果发送给数据库客户端。
可选的,在S302,接收数据库内核发送的全部加密数据之前,本申请实施例的访问数据库的方法还包括,接收数据库内核发送的数据特征值,其中数据特征值用于指示加密数据,为数据库内核根据全部加密数据计算得到并与全部加密数据对应。然后根据所述数据特征值查询缓存记录,缓存记录中记录了多个数据特征值。如果可以查询到数据特征值,则表示在TEE中已经缓存了与该数据特征值对应的加密数据。如果没有在缓存记录中查询到该数据特征值,则向数据库内核发送第一反馈,第一反馈表示在缓存记录中没有查询到该数据特征值。数据库内核在接收到第一反馈后,则向TEE中发送该数据特征值对应的全部加密数据。
可选的,在接收数据库内核发送的全部加密数据之后,本申请实施例的访问数据库的方法还包括,对全部加密数据进行解密,以得到相应的明文数据,采用数据特征值标记该明文数据并存储该明文数据,将数据特征值加入缓存记录中。如此,在一定时间段内,当 数据库内核再次请求涉及该加密数据的计算时,则可以直接根据存储的明文数据进行相应的计算,而不必再次向数据库内核请求发送该加密数据,也不必再次对该加密数据进行解密,节省了开销。
可选的,当接收到数据库内核发送的数据特征值时,如果在缓存记录中查询到了该数据特征值,则向数据库内核发送第二反馈。该第二反馈表示在缓存记录中查询到了该数据特征值。由此则不必向数据库内核请求加密数据,而是直接根据数据特征值在TEE中获取存储的相应的明文数据,然后根据加密数据计算请求对该明文数据执行相应的计算。
为了保证数据传输的安全,在接收数据库内核发送的加密数据计算请求之前,本申请实施例的访问数据库的方法还包括,验证TEE的合法性。具体的,数据库客户端发起身份认证,由于TEE中不能直接进行网络通信,因此数据库客户端将身份认证请求发送给数据库内核,然后由数据库内核将身份认证请求转发到TEE中。TEE中的相关身份认证模块接收到身份认证请求后,将证书信息发送给数据库内核,再由数据库内核转发给数据库客户端。数据库客户端验证了TEE的证书后,数据库客户端与数据库内核建立安全连接,此时接收的数据库内核发送的加密数据计算请求是基于身份认证通过之后发送的。
在数据库客户端与数据库内核建立安全连接之后,数据库客户端将用户的数据密钥发送给数据库内核,为了保证用户的数据密钥在传输中的安全,该数据密钥由数据库客户端和TEE中的相关身份认证模块之间协商好的椭圆曲线迪菲-赫尔曼秘钥交换(Elliptic Curve Diffie–Hellman key Exchange,ECDH)加密参数进行加密。数据库内核将数据密钥转发到TEE中相关的密钥管理模块,密钥管理模块根据该数据密钥生成验证密钥、加密和解密密钥和初始向量值,用于后续数据传输中对数据进行验证和加/解密,其中生成密钥的算法可以是HKDF等密钥派生算法。生成的验证密钥、加密和解密密钥和初始向量值的作用包括,在上述S302中,接收所述数据库内核发送的全部加密数据后,根据验证密钥对全部加密数据中的每条数据的完整性进行校验;在上述303中,根据加密数据计算请求对全部加密数据进行解密和计算包括根据加密和解密密钥和初始向量值对全部加密数据中的每条数据进行解密,然后根据加密数据计算请求调用算子对全部加密数据中的每条数据进行计算;以及在上述304中,对计算结果进行加密,即根据加密和解密密钥和初始向量值对计算结果进行加密。
可选的,本申请实施例的访问数据库的方法还包括,为本次访问数据库设置定时器。当定时器超过第一预设时间或接收到数据库内核转发的数据库客户端发起的退出请求时,则清除全部加密数据、验证密钥、加/解密密钥和初始向量值。
可选的,本申请实施例的访问数据库的方法还包括,利用中间适配层与底层硬件平台连接。中间适配层使得TEE内的其他功能模块与底层硬件平台解耦合,即这些功能模块不直接依赖于具体的某个硬件平台(例如IntelSGX或ARMTrustZone)提供的编程接口开发。由于中间适配层适配了不同TEE提供的编程接口,从而使得基于某一硬件平台开发的功能模块能够在不同计算平台间无缝迁移,简化了二次开发。
图3的访问数据库的方法,通过将加密数据全部发送给TEE中的模块,避免了请求数据和传输数据时频繁切换TEE和REE,降低了性能开销。在进行加密数据计算之前就将加密数据全部发送给TEE中的模块,如此在加密数据计算过程中则无需再请求REE中的数据,避免泄露执行过程中对REE侧数据的访问模式,安全性更高;此外,通过将加 密数据解密后缓存在TEE中,从而使得在一段时间内需要再次执行与该加密数据有关的计算时,无需再次传输和解密该加密数据,进一步降低了性能开销。
图4示出了本申请的访问数据库的方法示意性流程框图,以下进行详细介绍。
1、在会话ID s内,用户通过数据库客户端向数据库服务器发起涉及加密数据的查询请求,该查询请求包括用户输入的SQL语句、加密数据列名、加密数据的运算及相关运算操作参数等,其中用户输入的数据为明文,客户端使用数据加密密钥对明文中需要加密的数据(例如运算参数)进行加密,然后将查询请求发送给数据库内核。
2、数据库内核对查询请求进行解析,生成执行计划并执行。具体的,数据库内核中的解析器解析查询请求涉及的操作、表/视图和加密数据列名等信息,计划器生成执行计划,优化器对执行计划进行优化后发送给执行器。
3、对于涉及加密数据的操作,执行器通过存储引擎获取操作涉及的所有加密数据并计算数据特征值HASHSUM d,然后执行器调用ecall接口将当前时间戳T cur和HASHSUM d传输给TEE中的数据缓存子模块。
4、数据缓存子模块查询数据缓存记录,若存在HASHSUM d对应的明文,则数据缓存子模块向数据库内核返回True,若不存在HASHSUM d对应的明文,则向数据库内核返回False。当数据库内核收到False时,数据库内核中的执行器调用ecall接口将所有加密数据传输给密文运算模块。数据缓存子模块利用会话ID s中用户的数据验证密钥Key m对每条数据的完整性进行校验,然后利用加/解密密钥Key e和初始向量值IV e对每条数据进行解密,最后清除密文数据并以HASHSUM d标记这些明文数据,更新会话ID s对应的数据缓存。相应的,当数据库内核收到True时,则不进行相应的加密数据传输、解密和缓存。其中,数据验证密钥Key m、加/解密密钥Key e和初始向量值IV e的获取参见以下对于图4的描述。
5、执行器调用ecall接口将请求的密文计算操作发送给TEE内的密文运算模块,密文运算模块通过TEE中的数据缓存子模块获取HASHSUM d对应的明文数据,然后对明文数据逐条调用相应的算子进行所请求的计算。
6、计算完成后,TEE中的密文运算模块利用Key e和IV e对计算结果进行加密,然后调用ecall接口将加密后的计算结果返回给数据库内核,或者调用ocall(out call)接口将计算结果传输给执行器,最后重置会话ID s的定时器Timer id。其中ocall接口是为可信执行环境中程序调用非安全执行环境中的软件功能提供的编程接口。其中,数据验证密钥Key m、加/解密密钥Key e和初始向量值IV e的获取参见以下对于图4的描述。
7、执行器接收到密文运算模块发送的加密后的计算结果后进行必要的处理和缓存,然后结束当前计算回合。对应其他的密文运算操作则重复上述步骤3至步骤5。
8、执行器将最终的加密后的计算结果返回给客户端,客户端对加密的运算结果进行解密并组织呈现。
图5示出了本申请实施例的访问数据库的方法的一种具体应用的架构图,如图3所示,本申请的访问数据库的方法的数据库可以是高斯数据库,基于鲲鹏920计算平台实现基于算子级隔离的密态数据库方案。鲲鹏920是基于ARM aarch64架构设计实现的处理器,提供了基于ARM TrustZone技术的TEE环境。其中高斯数据库内核运行在Euler OS操作系统上,密文运算模块、身份认证模块和中间适配层模块均位于ARM TrustZone环境中。
为了安全、正确地对用户机密数据进行查询计算,必要时,数据库内核执行器需要将用户机密数据发送至运行在TEE中的密文运算模块,而客户端也需要将保存的用户数据密钥发送至TEE以用于数据加/解密。为了安全起见,在传输上述敏感信息之前,需要鉴别TEE的合法性,防止非法程序或攻击者通过仿冒TEE窃取用户数据,因此本申请实施例的访问数据库的方法使用身份认证模块来实现客户端对TEE的认证。
图6示出了本申请实施例的访问数据库的方法中的身份认证过程的示意性框图,以下结合图6对本申请实施例的访问数据库的方法中的身份认证过程进行介绍。
1、数据库客户端与TEE内运行的身份认证模块之间进行远程认证。数据库客户端主动发起TEE的身份认证请求,由于TEE内运行的模块不能直接进行网络通信,故该身份认证请求通过REE中的数据库内核中的认证代理模块进行中转(参见图5)。认证代理模块调用相应的ecall接口向TEE中的身份认证模块请求证书信息,身份认证模块对请求数据进行完整性校验,然后将证书信息传输给身份认证代理模块,由身份认证代理模块转发给客户端进行验签。身份证书验签通过后,客户端与数据库内核建立安全套接层(secure socket layer,SSL)安全连接。
2、数据库客户端与TEE内的身份认证模块间基于椭圆曲线迪菲-赫尔曼秘钥交换(Elliptic Curve Diffie–Hellman key Exchange,ECDH)机制协商加密参数,并根据协商好的ECDH加密参数对用户密钥Key u进行加密,其中ECDH加密参数协商请求同样由认证代理模块调用相应ecall接口进行转发。为了保证ECDH加密参数在传输中的安全性,身份认证模块和客户端可以在交换ECDH加密参数前采用RSA算法等加密方式进行加密。待协商完成后,客户端将用户ID s和使用协商好的ECDH参数加密后的数据密钥Key u传输至认证代理模块,由认证代理模块调用相应的ecall接口将这些数据传输给TEE内的密钥管理子模块。
3、TEE内的密钥管理子模块使用上述协商好的ECDH参数对加密后的数据密钥Key u进行解密,并按照一定算法(例如HKDF)根据数据密钥Key u派生出数据验证密钥Key m、加/解密密钥Key e和初始向量值IV e,同时记录用户ID s和上述Key m、Key e、IV e的对应关系并清除Key u。最后,密钥管理子模块为ID s设定定时器Timer id,定时器时间可由数据库管理员预先统一配置。值得注意的是,本申请中密钥派生方法可以采用现有的任一种可能的密钥派生方法,本申请在此不做限定。
在完成上述身份认证步骤后,TEE内运行的密钥管理子模块已经获得用户数据校验和加/解密密钥。此时用户可以通过客户端向数据库内核发起密文查询请求。密文查询请求语句包括加密后的密文运算参数和明文查询语句,由非安全执行环境的数据库内核进行语句解析、查询计划生成、查询计划优化,最后由数据库内核中的执行器执行查询计划中的操作。而对于涉及加密数据的操作,执行器通过存储引擎一次性获得所有的加密数据,并将加密数据、加密的运算参数和计算类型发送给TEE中的密文运算模块,加密数据查询计算的具体流程可以参见上述对于图4的描述,为了简洁,本申请实施例在此不再赘述。
在用户获得相关的密文数据查询结果并决定主动退出时,本申请实施例的访问数据库的方法还包括,用户关闭密文查询功能或退出数据库连接,客户端主动向数据库内核发起退出阶段操作。图7示出了本申请所述的访问数据库的方法中退出阶段的示意性框图,如图7所示,若用户主动退出,则客户端将退出请求和用户ID s发送到数据库内核的认证代 理模块,认证代理模块将退出请求和用户ID s转发送到TEE内的密文运算模块,密文运算模块清除当前使用的密钥Key m、Key e、IV e和缓存的明文数据。可选的,若TEE内的定时器Timer id超时,则密文运算模块也可以主动清除当前使用的密钥Key m、Key e、IV e和缓存的明文数据。
与现有的访问数据库的方法相比,本申请实施例的访问数据库的方法通过将密文数据在计算之前全部发送给TEE中的密文运算模块,并由密文运算模块对全部的密文数据进行解密,可以显著降低TEE和REE的切换开销。例如,假设待查询的数据表中存在10000行记录,每行记录包含128字节密文数据,则根据计算可知,现有的访问数据库的方法在TEE和REE之间切换需20000次,即对于每一条数据都需要从REE调用TEE的计算功能,并在得到计算结果后再切换回REE,以此计算每一条数据都需要切换2次;假设REE与TEE的单次数据传输上限为128KB,而本申请实施例的访问数据库的方法从REE调用TEE的次数为128*10000/(128K)=10次,在得到计算结果后再切换回REE,总计20次,相比现有技术的20000次显著降低了切换开销。
此外,本申请实施例的访问数据库的方法通过将密文数据解密后缓存,可以显著降低数据解密开销。例如,现有的访问数据库的方法每次解密128字节数据耗时为m,则每次解密需要10000m时长,之后若再处理相同的数据,则还需要相同的解密时长。而本申请实施例的访问数据库的方法只需在第一次解密时耗费10000m时长,之后若再处理相同的数据,无需再进行解密。
图8是本申请实施例提供的一种访问数据库的装置800的示意性框图,访问数据库的装置800能够执行图3、4、6、7中的访问数据库的方法的各个步骤,为了避免重复,此处不再详述。访问数据库的装置800包括:收发模块810、执行模块820,以下进行简要介绍。
收发模块810,用于接收数据库内核发送的加密数据计算请求。加密数据计算请求为用于请求计算用户的加密数据,数据库内核运行在非安全执行环境中。
收发模块810还用于接收数据库内核发送的加密数据。加密数据为用户查询请求中加密后的全部数据;
执行模块820,响应于加密数据计算请求,用于对加密数据进行解密和计算,以得到计算结果。
执行模块820还用于对计算结果进行加密,以得到加密后的计算结果。
收发模块810还用于将加密后的计算结果发送给数据库内核。
可选的,收发模块810接收数据库内核发送的加密数据,包括:收发模块810还用于接收数据库内核发送的数据特征值。数据特征值用于指示加密数据;当执行模块在缓存记录中未查询到数据特征值时,收发模块还用于向数据库内核发送第一反馈;收发模块还用于接收数据库内核响应于第一反馈发送的加密数据。
可选的,执行模块820还用于对加密数据进行解密,以得到明文数据;执行模块820还用于采用数据特征值标记明文数据并存储明文数据;执行模块820还用于将数据特征值加入缓存记录。
可选的,收发模块810接收数据库内核发送的加密数据,还包括:收发模块810还用于接收数据库内核发送的数据特征值,数据特征值用于指示加密数据;当执行模块在缓存 记录中查询到数据特征值时,收发模块810还用于向数据库内核发送第二反馈;收发模块810还用于根据数据特征值从存储的明文数据中获取数据特征值对应的明文数据,明文数据为加密数据解密后的数据。
可选的,收发模块810还用于接收数据库内核转发的身份认证请求,身份认证请求由数据库客户端发起,数据库客户端运行在非安全执行环境中;收发模块810还用于将身份认证信息发送给数据库内核;收发模块810还用于接收数据库内核发送的加密数据计算请求,加密数据计算请求是基于身份认证信息认证通过后发送的。
可选的,收发模块810还用于接收数据库内核转发的用户的数据密钥,数据密钥由ECDH算法加密;执行模块820还用于根据数据密钥生成验证密钥、加密和解密密钥和初始向量值;收发模块还用于接收数据库内核发送的加密数据;执行模块还用于根据验证密钥对加密数据中的每条数据的完整性进行校验。
可选的,收发模块810接收数据库内核发送的加密数据之后,加密数据为通过完整性校验的数据。
可选的,执行模块820根据加密数据计算请求对加密数据进行解密和计算,包括:根据加密和解密密钥和初始向量值对加密数据中的每条数据进行解密;根据加密数据计算请求调用算子对加密数据中的每条数据进行计算。
可选的,执行模块820对计算结果进行加密,包括:根据加密和解密密钥和初始向量值对计算结果进行加密。
可选的,该装置还包括定时器,基于定时器超过第一预设时间或收发模块810接收到数据库内核转发的数据库客户端发起的退出请求:执行模块820还用于清除加密数据、验证密钥、加密和解密密钥和初始向量值。
可选的,该装置中的收发模块810和执行模块820利用中间适配层与底层硬件平台连接。
本申请实施例还提供一种数据处理装置,该数据处理装置可以是服务器等硬件装置,也可以是软件装置,该数据处理装置包括部署在非安全执行环境中的数据库内核和部署在可信执行环境中的数据处理模块,数据处理模块用于执行如图3、4、6、7中所述的方法。
本申请实施例还提供一种计算机可读存储介质,包括指令;所述指令用于实现如图3、4、6、7中所述的方法。
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请的范围。
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。
在本申请所提供的几个实施例中,应该理解到,所揭露的系统、装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显 示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。
所述功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。
以上所述,仅为本申请的具体实施方式,但本申请的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本申请揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本申请的保护范围之内。因此,本申请的保护范围应以所述权利要求的保护范围为准。

Claims (24)

  1. 一种访问数据库的方法,其特征在于,所述方法在可信执行环境中执行,包括:
    接收数据库内核发送的加密数据计算请求,所述加密数据计算请求用于请求计算用户的加密数据,所述数据库内核运行在非安全执行环境中;
    接收所述数据库内核发送的加密数据,所述加密数据为所述用户查询请求中加密后的全部数据;
    响应于所述加密数据计算请求,对所述加密数据进行解密和计算,以得到计算结果;
    对所述计算结果进行加密,以得到加密后的计算结果;
    将所述加密后的计算结果发送给所述数据库内核。
  2. 根据权利要求1所述的方法,其特征在于,所述接收所述数据库内核发送的加密数据,包括:
    接收所述数据库内核发送的数据特征值,所述数据特征值用于指示所述加密数据;
    当在缓存记录中未查询到所述数据特征值时,向所述数据库内核发送第一反馈;
    接收所述数据库内核响应于所述第一反馈发送的所述加密数据。
  3. 根据权利要求2所述的方法,其特征在于,所述方法还包括:
    对所述加密数据进行解密,以得到明文数据;
    采用所述数据特征值标记所述明文数据并存储所述明文数据;
    将所述数据特征值加入所述缓存记录。
  4. 根据权利要求1所述的方法,其特征在于,所述接收所述数据库内核发送的加密数据,包括:
    接收所述数据库内核发送的数据特征值,所述数据特征值用于指示所述加密数据;
    当在缓存记录中查询到所述数据特征值时,向所述数据库内核发送第二反馈;
    根据所述数据特征值从存储的明文数据中获取所述数据特征值对应的明文数据,所述明文数据为所述加密数据解密后的数据。
  5. 根据权利要求1至4中任一项所述的方法,其特征在于所述方法还包括:
    接收所述数据库内核转发的身份认证请求,所述身份认证请求由数据库客户端发起,所述数据库客户端运行在非安全执行环境中;
    将所述身份认证信息发送给所述数据库内核;
    接收所述数据库内核发送的加密数据计算请求,所述加密数据计算请求是基于所述身份认证信息认证通过后发送的。
  6. 根据权利要求5所述的方法,其特征在于,所述方法还包括:
    接收所述数据库内核转发的所述用户的数据密钥,所述数据密钥由ECDH算法加密;
    根据所述数据密钥生成验证密钥、加密和解密密钥和初始向量值;
    接收所述数据库内核发送的加密数据;
    根据所述验证密钥对所述加密数据中的每条数据的完整性进行校验。
  7. 根据权利要求6所述的方法,其特征在于,所述加密数据为通过完整性校验的数据。
  8. 根据权利要求6或7所述的方法,其特征在于,所述根据所述加密数据计算请求对所述加密数据进行解密和计算,包括:
    根据所述加密和解密密钥和初始向量值对所述加密数据中的每条数据进行解密,以得到所述每条数据对应的明文数据;
    根据所述加密数据计算请求调用一个或多个算子对所述每条数据对应的明文数据进行计算。
  9. 根据权利要求6至8中任一项所述的方法,其特征在于,所述对所述计算结果进行加密,包括:
    根据所述加密和解密密钥和初始向量值对所述计算结果进行加密。
  10. 根据权利要求6至9中任一项所述的方法,其特征在于,所述方法还包括:
    设置定时器;
    基于所述定时器超过第一预设时间或接收到所述数据库内核转发的所述数据库客户端发起的退出请求:清除所述加密数据、所述验证密钥、所述加密和解密密钥和所述初始向量值。
  11. 根据权利要求1至10中任一项所述的方法,其特征在于,所述方法还包括:
    利用中间适配层与底层硬件平台连接。
  12. 一种访问数据库的装置,其特征在于,所述装置设置在可信执行环境中,该装置包括:
    收发模块,用于接收数据库内核发送的加密数据计算请求,所述加密数据计算请求用于请求计算用户的加密数据,所述数据库内核运行在非安全执行环境中;
    所述收发模块还用于接收所述数据库内核发送的加密数据,所述加密数据为所述用户查询请求中加密后的全部数据;
    执行模块,响应于所述加密数据计算请求,用于对所述加密数据进行解密和计算,以得到计算结果;
    所述执行模块还用于对所述计算结果进行加密,以得到加密后的计算结果;
    所述收发模块还用于将所述加密后的计算结果发送给所述数据库内核。
  13. 根据权利要求12所述的装置,其特征在于,所述收发模块接收所述数据库内核发送的加密数据,包括:
    所述收发模块还用于接收所述数据库内核发送的数据特征值,所述数据特征值用于指示所述加密数据;
    当在缓存记录中未查询到所述数据特征值时,所述收发模块还用于向所述数据库内核发送第一反馈;
    所述收发模块还用于接收所述数据库内核响应于所述第一反馈发送的所述加密数据。
  14. 根据权利要求13所述的装置,其特征在于,所述执行模块还用于:
    对所述加密数据进行解密,以得到明文数据;
    采用所述数据特征值标记所述明文数据并存储所述明文数据;
    将所述数据特征值加入所述缓存记录。
  15. 根据权利要求12所述的装置,其特征在于,所述收发模块接收所述数据库内核发送的加密数据,包括:
    所述收发模块还用于接收所述数据库内核发送的数据特征值,所述数据特征值用于指示所述加密数据;
    当在缓存记录中查询到所述数据特征值时,所述收发模块还用于向所述数据库内核发送第二反馈;
    所述收发模块还用于根据所述数据特征值从存储的明文数据中获取所述数据特征值对应的明文数据,所述明文数据为所述加密数据解密后的数据。
  16. 根据权利要求12至15中任一项所述的装置,其特征在于,
    所述收发模块还用于接收所述数据库内核转发的身份认证请求,所述身份认证请求由数据库客户端发起,所述数据库客户端运行在非安全执行环境中;
    所述收发模块还用于将所述身份认证信息发送给所述数据库内核;
    所述收发模块还用于接收所述数据库内核发送的加密数据计算请求,所述加密数据计算请求是基于所述身份认证信息认证通过后发送的。
  17. 根据权利要求16所述的装置,其特征在于,
    所述收发模块还用于接收所述数据库内核转发的所述用户的数据密钥,所述数据密钥由ECDH算法加密;
    所述执行模块还用于根据所述数据密钥生成验证密钥、加密和解密密钥和初始向量值;
    所述收发模块还用于接收所述数据库内核发送的加密数据;
    所述执行模块还用于根据所述验证密钥对所述加密数据中的每条数据的完整性进行校验。
  18. 根据权利要求17所述的装置,其特征在于,所述加密数据为通过完整性校验的数据。
  19. 根据权利要求17或18所述的装置,其特征在于,所述执行模块根据所述加密数据计算请求对所述加密数据进行解密和计算,包括:
    根据所述加密和解密密钥和初始向量值对所述加密数据中的每条数据进行解密,以得到所述每条数据对应的明文数据;
    根据所述加密数据计算请求调用算子对所述每条数据对应的明文数据进行计算。
  20. 根据权利要求17至19中任一项所述的装置,其特征在于,所述执行模块对所述计算结果进行加密,包括:
    根据所述加密和解密密钥和初始向量值对所述计算结果进行加密。
  21. 根据权利要求17至20中任一项所述的装置,其特征在于,所述装置还包括定时器,基于所述定时器超过第一预设时间或所述收发模块接收到所述数据库内核转发的所述数据库客户端发起的退出请求:
    所述执行模块还用于清除所述加密数据、所述验证密钥、所述加密和解密密钥和所述初始向量值。
  22. 根据权利要求12至21中任一项所述的装置,其特征在于,所述收发模块和所述执行模块利用中间适配层与底层硬件平台连接。
  23. 一种数据处理装置,其特征在于,包括部署在非安全执行环境中的数据库内核和部署在可信执行环境中的数据处理模块,所述数据处理模块用于执行如权利要求1至11中任一项所述的方法。
  24. 一种计算机可读存储介质,其特征在于,包括指令;所述指令用于实现如权利要求1至11中任一项所述的方法。
PCT/CN2022/082450 2021-03-29 2022-03-23 访问数据库的方法和装置 WO2022206502A1 (zh)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP22778685.2A EP4280092A4 (en) 2021-03-29 2022-03-23 DATABASE ACCESS METHOD AND APPARATUS
US18/478,977 US20240028759A1 (en) 2021-03-29 2023-09-29 Database access method and apparatus

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110335806.6 2021-03-29
CN202110335806.6A CN115130118A (zh) 2021-03-29 2021-03-29 访问数据库的方法和装置

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US18/478,977 Continuation US20240028759A1 (en) 2021-03-29 2023-09-29 Database access method and apparatus

Publications (1)

Publication Number Publication Date
WO2022206502A1 true WO2022206502A1 (zh) 2022-10-06

Family

ID=83375532

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/082450 WO2022206502A1 (zh) 2021-03-29 2022-03-23 访问数据库的方法和装置

Country Status (4)

Country Link
US (1) US20240028759A1 (zh)
EP (1) EP4280092A4 (zh)
CN (1) CN115130118A (zh)
WO (1) WO2022206502A1 (zh)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115952484B (zh) * 2023-03-14 2023-07-25 天聚地合(苏州)科技股份有限公司 一种基于可信执行环境的数据流通方法、装置和系统

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140136840A1 (en) * 2012-11-08 2014-05-15 CompuGroup Medical AG Computer system for storing and retrieval of encrypted data items using a tablet computer and computer-implemented method
US20160292430A1 (en) * 2015-04-01 2016-10-06 Microsoft Technology Licensing, Llc Computing on encrypted data using deferred evaluation
US20190340393A1 (en) * 2018-05-04 2019-11-07 Huawei Technologies Co., Ltd. Device and method for data security with a trusted execution environment
CN112131564A (zh) * 2020-09-30 2020-12-25 腾讯科技(深圳)有限公司 加密数据通信方法、装置、设备以及介质
US20210049299A1 (en) * 2019-08-12 2021-02-18 Verizon Patent And Licensing Inc. System and methods for providing data analytics for secure cloud compute data
CN112699399A (zh) * 2021-03-22 2021-04-23 阿里云计算有限公司 加密数据库系统、实现加密数据库系统的方法以及装置
CN113609492A (zh) * 2021-08-05 2021-11-05 上海交通大学 面向tee加密数据库接口攻击的防御方法和系统

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9904793B2 (en) * 2015-03-23 2018-02-27 Intel Corporation Systems, methods, and apparatus to provide private information retrieval
EP3759865B1 (en) * 2018-02-27 2024-04-03 Visa International Service Association High-throughput data integrity via trusted computing

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140136840A1 (en) * 2012-11-08 2014-05-15 CompuGroup Medical AG Computer system for storing and retrieval of encrypted data items using a tablet computer and computer-implemented method
US20160292430A1 (en) * 2015-04-01 2016-10-06 Microsoft Technology Licensing, Llc Computing on encrypted data using deferred evaluation
US20190340393A1 (en) * 2018-05-04 2019-11-07 Huawei Technologies Co., Ltd. Device and method for data security with a trusted execution environment
US20210049299A1 (en) * 2019-08-12 2021-02-18 Verizon Patent And Licensing Inc. System and methods for providing data analytics for secure cloud compute data
CN112131564A (zh) * 2020-09-30 2020-12-25 腾讯科技(深圳)有限公司 加密数据通信方法、装置、设备以及介质
CN112699399A (zh) * 2021-03-22 2021-04-23 阿里云计算有限公司 加密数据库系统、实现加密数据库系统的方法以及装置
CN113609492A (zh) * 2021-08-05 2021-11-05 上海交通大学 面向tee加密数据库接口攻击的防御方法和系统

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP4280092A4

Also Published As

Publication number Publication date
US20240028759A1 (en) 2024-01-25
EP4280092A4 (en) 2024-08-07
EP4280092A1 (en) 2023-11-22
CN115130118A (zh) 2022-09-30

Similar Documents

Publication Publication Date Title
TWI744371B (zh) 資料儲存方法、資料獲取方法、裝置及系統
CN107506659B (zh) 一种基于sgx的通用数据库的数据保护系统及方法
WO2021120871A1 (zh) 认证密钥协商方法、装置、存储介质及设备
TWI701929B (zh) 密碼運算、創建工作密鑰的方法、密碼服務平台及設備
JP2021002067A (ja) メモリ動作の暗号化
KR100737628B1 (ko) 고정형 토큰 및 이동형 토큰 모두를 이용한 어테스테이션
RU2019126625A (ru) Адресация доверенной среды исполнения с использованием ключа шифрования
WO2023010727A1 (zh) 密钥更新及文件共享方法、装置、设备、计算机存储介质
US20070180275A1 (en) Transparent encryption using secure JDBC/ODBC wrappers
RU2019126631A (ru) Адресация доверенной среды исполнения с использованием ключа подписи
US10225247B2 (en) Bidirectional cryptographic IO for data streams
CN110889696A (zh) 一种基于sgx技术的联盟区块链秘钥存储方法、装置、设备及介质
CN103763315A (zh) 一种应用于移动设备云存储的可信数据存取控制方法
TW202011712A (zh) 密碼運算、創建工作密鑰的方法、密碼服務平台及設備
CN110401640B (zh) 一种基于可信计算双体系架构的可信连接方法
WO2023155696A1 (zh) 数据库的操作方法、系统、存储介质以及计算机终端
WO2023019964A1 (zh) 一种数据安全处理方法和装置
CN114357492A (zh) 一种基于区块链的医疗数据隐私融合方法及装置
Dey et al. Message digest as authentication entity for mobile cloud computing
Zhang et al. Leakage-resilient authenticated key exchange for edge artificial intelligence
US20240028759A1 (en) Database access method and apparatus
EP3720042B1 (en) Method and device for determining trust state of tpm, and storage medium
CN112788111B (zh) 多节点设备的算法协同处理方法、节点设备及联盟网络
US11496287B2 (en) Privacy preserving fully homomorphic encryption with circuit verification
CN102594564A (zh) 交通诱导信息安全管理设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22778685

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2022778685

Country of ref document: EP

Effective date: 20230816

NENP Non-entry into the national phase

Ref country code: DE