Research On SQLite Database's Network Storage Security Based On Android Terminal

With the development of Internet technology and the increasing number of mobile applications,the scale of terminal data generated by users has expanded.More and more intelligent terminals use open source and portable Android system as their own operating system,or customize personalized system based on Android system.However,with the increase of user data,the storage space of mobile terminals has been unable to meet the needs of users for data storage.Users began to store the data in the terminal into the network disk and release the local space.Terminals and disks contain a large number of users' private information,a large part of which is directly related to users' privacy and the economic interests of enterprises.In view of the shortcomings of data storage and transmission security of mobile terminals,this paper designs a secure storage system of privacy information network disk of SQLite database based on Android terminal,adds security control module to the source code of SQLite of Android native system,and then uploads high security ciphertext to the server to release local empty space.Meanwhile,protect users' privacy data security.The main work and research contents of this paper are as follows:(1)The paper has analysed the storage mode of user data on Android platform,and discussed the structure of SQLite database and the insufficiency of existing security mechanism.(2)This article has designed the security enhancement scheme of SQLite database from two aspects including data encryption and authority control.In the aspect of data encryption,a scheme based on optimized AES-128 algorithm to encrypt SQLite database is proposed.In the process of AES round transformation,the state matrix is divided into blocks and processed in parallel.In the part of key expansion algorithm,a group of sub-keys independent of the initial key is generated separately as the initial key,and then the second round key is generated by "shifting" and "exclusive or".Finally,CTR(Counter)which can encrypt and decrypt any length plaintext is adopted.Parallel optimization AES algorithm is implemented by using the model.The experimental results show that the encryption and decryption rates of SQLite are increased by 28.7% and23.5% respectively,and the resistance to known plaintext attacks and exhaustive attacks is improved significantly.In terms of access control,identity authentication module and RBAC access control module are introduced.Identity authentication module introduces key management,splices user-set passwords with device IMEI codes and adds Salt value.The result is MD5 hashed,and 128-bit hash value is used as the key of data encryption module.The key is stored in a file accessible only to the system superuser.Access control module,RBAC role control mode is applied to SQLite.The system assigns administrator role,first-level role or second-level role to legitimate users.The system will find the corresponding role of the user who has passed the identity authentication,and then give the operation permission within the permissible scope of the role.Experiments and performance analysis show that the security of the scheme is greatly improved with less space and time consumption.(3)Designed reliable network disk client to realize the functions of registration,login,upload and download,called the SQLite security interface through JNI,and transfered the data ciphertext protected by the SQLite security enhancement module to the server storage.