Ciphertext indexing method for database encryption and in-base encryption system

An encryption system and database technology, applied in the fields of digital data protection, electrical digital data processing, special data processing applications, etc. sexual effect

Active Publication Date: 2017-07-07
戴林
View PDF8 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to propose a ciphertext indexing method for database encrypted fields in view of the technical defects of low security and low operating efficiency in the existing database encryption indexing technology

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ciphertext indexing method for database encryption and in-base encryption system
  • Ciphertext indexing method for database encryption and in-base encryption system
  • Ciphertext indexing method for database encryption and in-base encryption system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0048] Such as figure 1 As shown, this embodiment elaborates the implementation of a database encryption-oriented ciphertext indexing method in the ORACLE database of the present invention.

[0049] Table 1 shows the original data table T1 before encryption in this embodiment. It includes two fields C1 and C2. The field ROWID is a pseudo-column provided by the ORACLE system, and its value indicates the physical location of each record, and is also the unique identifier of the encrypted record. C1 is a character field, which is a non-sensitive field and does not need to be encrypted. C2 is a numeric field and is a field to be encrypted.

[0050] Table 1: T1

[0051] ROWID C1 C2 1 Apple 1 2 Bee 2 3 Cat 3 4 dog 4

[0052] First, a ciphertext index table IND_T1 is established based on the encrypted field C2. The IND_T1 table includes the ciphertext index field INDEX_C2 and the field EROWID that has a one-to-one correspondence with e...

Embodiment 2

[0059] This embodiment elaborates in detail a specific example of the implementation of a transparent encryption system in a database of the present invention under an ORACLE database.

[0060] Such as figure 2 As shown, for Table 1 in Embodiment 1, a transparent encryption system in a database generates an encrypted table ET1 based on the encrypted original table, including a ciphertext index table IND_T1, a view T1 with the same name as the encrypted original table, and a security trigger , index call interface, confidential index function package, and encryption and decryption function package; among them, T1 is connected with ET1, index call interface and security trigger respectively; security trigger is respectively connected with ciphertext index table IND_T1, confidential index function package, encryption and decryption function The package is connected; the index call interface is connected with the confidential index function package, the ciphertext index table, an...

Embodiment 3

[0093] This embodiment explains in detail another specific example of the implementation of the database encryption field-oriented transparent encryption system in the database under the ORACLE database. Different from Embodiment 2, this embodiment does not use a separate ciphertext index table, which can achieve higher efficiency than Embodiment 2, but partially leaks the partial order relationship between records.

[0094] The specific method is: if image 3 As shown, for the table T1 in the above-mentioned embodiment 1, there is no need to establish the ciphertext index table IND_T1, directly rename T1 to the encrypted table ET1, and rename the field C2 to EC2, and EC2 saves the encrypted plaintext of the original C2 For ciphertext, add the ciphertext index field INDEX_C2 in ET1, and store the ciphertext index value of the original C2 plaintext in INDEX_C2, as shown in the following table:

[0095] Encrypted table ET1:

[0096] ROWID C1 EC2 INDEX_C2 1 ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a ciphertext indexing method for database encrypted fields and an in-base encryption system and belongs to the field of information security technology. According to the method, first, identification ID is mapped to encryption ID based on an encrypted field P1, (encryption ID, Hash value) is saved into a T2(ID2, P2), finally, a ciphertext index table T2 is established, and the table where the encrypted field P1 exists is recorded as T1, wherein the table T2 comprises a ciphertext index field P2, and fields ID2 in one-to-one correspondence with records in the T1 are recorded in the T2; and then, content of a to-be-encrypted field is mapped to the Hash value based on an order-preserving Hash function, equivalent query and range query of the encrypted field are realized based on the Hash value obtained after the record of the content of the to-be-encrypted field is mapped to the Hash value based on an encryption function, decryption is performed on the recorded ID2 according to query results to obtain a record set in the T1, and the record set is returned. Compared with the prior art, the method is good in reliability and high in universality, meanwhile has high security and can guarantee extremely high retrieval and storage efficiency.

Description

technical field [0001] The invention relates to a ciphertext indexing method and an encryption system in a database facing encrypted fields of a database, and belongs to the technical fields of information security and database encryption. Background technique [0002] Database security is increasingly important, and encrypting sensitive fields in the database is an effective security measure. However, after the field content is encrypted, the original index will be invalidated, which will greatly reduce the performance of data retrieval and affect the availability of the database. In order to solve the retrieval problem of encrypted fields, the industry has conducted certain researches. [0003] The ciphertext indexing technology implemented in patent CN101504668B implements ciphertext indexing by using SQL statements to build binary tree, B-tree and other index structures, but the cost of maintaining the index is high and the performance is low. However, in CRYPTDB, the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/30G06F21/60G06F21/62
CPCG06F16/2255G06F16/24561G06F21/602G06F21/6227
Inventor 戴林
Owner 戴林
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap