| The"SG186"project of the state grid data center is a main content in the Eleventh Five-year information development Plan of the State Gtid Corporation; the goal is to build"one system, two levels of data centers and three levels of applications"."One system"means to create an integrative corporation and information system for achieve the purpose of lengthways interlinkage and breadthwise integration;"two levels of data centers"means the two centers of HQ and provincial corporations, in which the data are shared for promoting the intensify development;"three levels of applications"are the three business ones deployed in HQ, provincial and city level corporations, the popuse is to optimize business process and realize elaborate management. Safety problem in the state grid data center is the main challege, some research particularized follwing to resolve these questions.Firstly, three key questions have been ascertained which affect the safety of the state grid data center, through analyzing the architecture and data character. They are the storage question of sensitive data, query question of cryptograph and integrality detection question.Secondly, the encryption granularity on the encrypted relation is studied through analyzing the defect in the existing tuple-grain encryption. A on the attribute-grain is presented. Moreover, the effectiveness and security are analyzed. At last, the cryptogram query strategy of the synthetical encryption scheme in the SG data center as well as experiment verification is given.Thirdly, according to the commom encryption methods used in the SG data center, several cryptograph index technology applying to the SG data center are proposed here after several existing index strategies are studied (1) a cryptograph index technology applicable to unequi-probability query is proposed; (2) method (1) is combined with equi-depth index method, and a complex bucket partition index technology is proposed for range query; (3)according to the data types, a MCOP synthetical cryptograph index is presented, which is combined by a chatacter mapped method for fuzzy querying and an order preserving encryption scheme for numeric comparison querying. Meanwhile, the seffectiveness is analyzed. Then, query and query optimization method are proposed as well as example verification is presented for these cryptograph index technology under such commom encryption methods.Finally, a fingerprint-based integrality detection method for Chinese documents is choiced for the integrality detection of documents. According as the property of document integrality detection, a detection granularity parameter and a noise granularity parameter are defined. The Hash function is used to map two sequences of chunks that have been eliminated noises to the set of the corresponding values. A window-based algorithm is proposed to extract fingerprints in the sequence of values and the overlap between a query document and the ones in the database is calculated by the defined formula. The overlap of the query document is used to judge whether the one is integral.In the real environment, the above methods were verified, and the results show they are correct and valid.
|
PDF Full Text Request