[0032] In order to be able to understand the above objectives, features and advantages of the present invention more clearly, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.
[0033] In the following description, many specific details are set forth in order to fully understand the present invention. However, the present invention can also be implemented in other ways different from those described here. Therefore, the present invention is not limited to the specific embodiments disclosed below. limit.
[0034] figure 1 It is a block diagram of a data access control device according to an embodiment of the present invention.
[0035] The present invention provides a data access control device 100, such as figure 1 , Including: encryption setting module 102, which sets encrypted fields and ciphertext fields for the data table; data encryption module 104, encrypts the data in the encrypted fields, and records the obtained encrypted ciphertext in the ciphertext fields; access control module 106 , When the user requests to access the data in the encrypted field, decrypt the data in the cipher text field according to the decryption key that the user has, and when the decryption is successful, record the decrypted plain text data in the corresponding encrypted field, provide To the user. In this technical solution, generally, the encrypted field is one of the original fields, and the ciphertext field is a newly added field. After the ciphertext field is set in the data table, the encrypted ciphertext can be stored in the data table at the same time. It does not need to be stored separately, which reduces the difficulty of storing the ciphertext, and retains the original data table structure, only adding a field for storing the ciphertext, reducing the difficulty of implementation.
[0036] In the above technical solution, the data encryption module 104 also sends the data table to the database for storage; the access control module 106 also takes out the data table from the database when the user requests to access the data in the encrypted field, and then checks the data in the encrypted field. Decrypt. In this technical solution, the operation of encryption and decryption is separated from the database, so that the database is only responsible for data storage, which reduces the work pressure of the database and improves data security. Commonly used form tools can be used to complete data encryption and decryption. Operation, this solution can support most commonly used databases including Oracle, SQL Server, DB2, and access.
[0037] In the above technical solution, the data encryption module 104 encrypts the data in the primary key field of the data table and the data in the encrypted field together to obtain the encrypted ciphertext; after the decryption is successful, the access control module 106 also compares the primary keys in the plaintext data obtained by decryption. Whether the data of the field is consistent with the data of the primary key field of the data table, and when the two are consistent, the plaintext data obtained by decryption is recorded in the corresponding encrypted field and provided to the user. In this technical solution, by encrypting the master keys together and comparing them after decryption, the ciphertext can be effectively prevented from being copied or transferred or tampered at will, and the security of encrypted information can be better guaranteed.
[0038] In the above technical solution, the key distribution module also distributes a corresponding decryption key to users or user groups who have permission to access the data in the encrypted field. In this technical solution, only users who have the authority to access a certain part of the encrypted information have the corresponding decryption key, allowing multiple persons or a class of persons with the same authority to access the data.
[0039] In the above technical solution, the encryption key and the decryption key of the encrypted field are symmetric keys or asymmetric keys. In this technical solution, the encryption method can use either a symmetric key or an asymmetric key. The appropriate encryption method can be selected according to the specific situation, which improves the flexibility of system encryption; in addition, the asymmetric key is used due to the encryption Inconsistent decryption keys can also better ensure the security of information.
[0040] figure 2 It is a flowchart of a data access control method according to an embodiment of the present invention.
[0041] The invention also provides a data access control method, such as figure 2 , Including: step 202, set the encrypted field and ciphertext field for the data table, encrypt the data in the encrypted field, and record the obtained encrypted ciphertext in the ciphertext field; step 204, when the user requests to access the data in the encrypted field At this time, the data in the ciphertext field is decrypted according to the decryption key possessed by the user, and when the decryption is successful, the decrypted plaintext data is recorded in the corresponding encrypted field and provided to the user. In this technical solution, generally, the encrypted field is one of the original fields, and the ciphertext field is a newly added field. After the ciphertext field is set in the data table, the encrypted ciphertext can be stored in the data table at the same time. It does not need to be stored separately, which reduces the difficulty of storing the ciphertext, and retains the original data table structure, only adding a field for storing the ciphertext, reducing the difficulty of implementation.
[0042] In the above technical solution, step 202 further includes: sending the data table to the database for storage; before step 204, it also includes: when the user requests to access the data in the encrypted field, the data table is retrieved from the database, and then the encrypted text The segment data is decrypted. In this technical solution, the operation of encryption and decryption is separated from the database, so that the database is only responsible for data storage, which reduces the work pressure of the database and improves data security. Commonly used form tools can be used to complete data encryption and decryption. Operation, this solution can support most commonly used databases including Oracle, SQL Server, DB2, and access.
[0043] In the above technical solution, step 202 specifically includes: encrypting the data in the primary key field of the data table and the data in the encrypted field together to obtain the encrypted ciphertext; step 206 also includes: after the decryption is successful, comparing the decrypted plaintext data Whether the data of the primary key field of the data table is consistent with the data of the primary key field of the data table, and when the two are consistent, the decrypted plaintext data is recorded in the corresponding encrypted field and provided to the user. In this technical solution, by encrypting the master keys together and comparing them after decryption, the ciphertext can be effectively prevented from being copied or transferred or tampered at will, and the security of encrypted information can be better guaranteed.
[0044] In the above technical solution, before step 204, the method further includes: allocating a corresponding decryption key to users or user groups who have permission to access the data in the encrypted field. In this technical solution, only users who have the authority to access a certain part of the encrypted information have the corresponding decryption key, allowing multiple persons or a class of persons with the same authority to access the data.
[0045] In the above technical solution, the encryption key and the decryption key of the encrypted field are symmetric keys or asymmetric keys. In this technical solution, the encryption method can use either a symmetric key or an asymmetric key. The appropriate encryption method can be selected according to the specific situation, which improves the flexibility of system encryption; in addition, the asymmetric key is used due to the encryption Inconsistent decryption keys can also better ensure the security of information.
[0046] The principle, working mode, and functions of the data access control device in the embodiment of the present invention will be described in detail below in combination with actual applications.
[0047] Considering the security of the client's encryption key, an asymmetric key (public key cryptosystem) encryption method is used here, where the public key (referred to as the public key) is used for the client to encrypt data, and the private key (referred to as the private key) Keep by the user. Data with different permissions can be encrypted by different public keys, and users or roles with different permissions hold corresponding different private keys.
[0048] The public key is also called an asymmetric key. Everyone has a pair of unique keys: a public key and a private key. The public key is disclosed to the outside world, and the private key is kept secret by the individual; if one of the keys is used for encryption, only Can use another key to decrypt. The typical representative of asymmetric key encryption algorithm is RSA.
[0049] 1. Define user roles and key distribution.
[0050] First, a CA organization (a certificate issuing organization) must be established, which is mainly used to generate and distribute keys. Assign a public key and private key to each user or a type of user role. The public key is disclosed. When data is encrypted and stored, the public key is used as the key to encrypt and store confidential data. The private key is stored by the user. There are many ways to store the private key, which can be stored in a database, or as a certificate file, or stored in a hardware device such as a dongle. The specific design of the key distribution data table can be as follows:
[0051] Primary key field
[0052] 2. Add a longer character field to the data table that may need data encryption to store ciphertext.
[0053] Because the data to be encrypted may be a field of any data type, sometimes it is necessary to encrypt multiple encrypted fields in a row of data, so a new ciphertext field needs to be created to record the encrypted ciphertext. The original encrypted field after encryption can be replaced by null or * when inserting data. The client data display component parses the ciphertext according to the user's authority, and restores the corresponding field value and displays it to the user. The specific design of the data table for ciphertext storage is as follows:
[0054]
[0055] 3. Define encrypted fields and users or roles with permission to view.
[0056] The data access control method of this embodiment provides a form designer (equivalent to the aforementioned encryption setting module) for setting data items in the current form that need to be encrypted and stored, and one or more fields that need to be encrypted and stored can be selected. After selecting the encrypted field, specify the user or role that can view the encrypted content. After reading the ciphertext field, the data table control can automatically complete the data encryption and decryption calculation process according to the user's authority. The form designer can refer to image 3 ,in image 3 In, the content of the mobile phone number field is selected for encryption, and the data table for controlling user permissions can be as follows:
[0057] Form name
[0058] 4. Enter data in the form and store it encrypted.
[0059] When the user opens this form and enters the data and saves it, extract the field name and field value content that needs to be encrypted, and encrypt the data with the public key in the corresponding viewable user (role). In order to not allow the ciphertext to be copied or moved or tampered with, encrypt The ciphertext should be accompanied by the primary key field value. And stored in the ciphertext field. The original value of the encrypted field can be stored without storage or special processing. The encrypted data table can be as follows:
[0060]
[0061] 5. Data query and restore encrypted data.
[0062] When querying data, the user parses the ciphertext field in the form according to the private key of the current queryer. If it can be unlocked, verify that the primary key field is consistent, and restore the encrypted field content to the corresponding table. If the decryption fails, it means that the query user does not have the permission to view the content of the table. The data table after data restoration can be as follows:
[0063]
[0064] According to the above steps, the workflow of the data access control method in this embodiment can be as follows Figure 4 Shown.
[0065] On the one hand, the data access control method in this embodiment assigns a pair of keys to users, including a public key 402 and a private key 404. Among them, the private key 404 is saved by the user and used when decryption is required. On the other hand, the data access control method in this embodiment provides a form designer that sets encrypted fields and sets a user role with permission to view the contents of the encrypted fields. The encrypted field 406 is encrypted with the corresponding public key 402 to obtain the cipher text 408 and store it in the database. When the user needs to access the encrypted information, the private key 404 is used to decrypt the cipher text 408, and if the decryption is successful, the plain text 410 to be viewed is obtained.
[0066] In this embodiment, the encryption object is set in the provided form designer, and the field items that need to be encrypted are checked; the encryption and decryption calculation is completed by the form tool, which can reduce the pressure on the database and reduce the performance of the database. Requires and supports most database types such as oracle, SQL Server, DB2, and access; encrypted ciphertext is stored separately, supports encryption of any data type of the encrypted object, and supports simultaneous encryption of multiple fields to be encrypted; encryption key and decryption The keys are stored separately. The encryption key is stored in the database and is associated with the user. The decryption key can be stored in the form of files, electronic certificates, etc., and can be stored by the user in storage media such as PC, U disk, dongle, etc. User saving, including database administrators who have no authority, can not obtain encrypted data.
[0067] In summary, through the above technical solutions, a data access control method and a data access control device can be implemented, which can safely encrypt data rows or field contents in a database table, and the encryption key and decryption key can be stored separately , Different user private keys can be used to distinguish permissions. The control of user permissions is more convenient and flexible, and the security of the data is better guaranteed; the operation process does not require the use of database system resources, which can reduce the pressure on the database and reduce The performance requirements for the database; the implementation of the technical solution of the present invention does not need to destroy the original software design architecture, only a small database table structure needs to be changed, no matter what type of database can be used with reference to the technical solution of the present invention, the data table Any data type can also be encrypted and stored with reference to the technical solution of the present invention, which has wide applicability.
[0068] The above are only preferred embodiments of the present invention and are not used to limit the present invention. For those skilled in the art, the present invention can have various modifications and changes. Any modification, equivalent replacement, improvement, etc., made within the spirit and principle of the present invention should be included in the protection scope of the present invention.