Security Research Of The Embedded Database Faced On The Mobile Terminal Devices

With the development of communication technology and embedded technology, intelligent terminal equipment became more common, the wish that people want to connect the network to obtain the information anytime and anywhere through the Intelligent terminal has become reality. At present,the mobile terminal can support more and more third-party applications,the embedded mobile database is the main carrier that storage the program data on mobile terminal,its security has taken more and more attention of people.Embedded mobile database has more potential safety risk than a traditional distributed database,the security is one of the key technology of embedded mobile database. This paper study the security of embedded mobile database which is based on the "General Embedded Intelligent Information System"(referred to as GEIIS).This paper choose the open source database SQLite as the security research object after compare several famous embedded mobile database. This paper does the security analysis of SQLite database on the basis of those common and mature databases’security analysis, and draw a conclusion that can improve the SQLite security by the password authentication technology, access control and database encryption technology. Database encryption technology is the core guarantee of the database security. Based on the detailed analysis and comparison of database encryption algorithm, this paper propose a mixed encryption algorithm which combine with the ECC public key algorithm, MD5algorithm and the IDEA symmetrical encryption algorithm, it realizes the mobile database kernel layer encryption. The ECC encryption algorithm finishes the algorithm authentication function and establish a reliable network connection, then MD5algorithm encrypt the user password UP and the MoibleID to get the IDEA key, it can realize a key for a operation. At last, doing the IDEA encryption and decryption operation. Through doing the second packaging for the reserved SQLite encryption interface to realize the mixed encryption algorithm. Finally, on the Anroid mobile phone embedded platform,through the contract test before and after the encryption on GEIIS, this paper verify the feasibility of the encrypted SQLite database security.