The Design And Implementation Of The Database Encryption System

With the rapid development of computer networks, government, businesses, organizations and other units are gradually began extensive use of various information systems and networks through an open exchange of information, which greatly improves the utilization of various databases. Mainstream website background management system relies mainly on the database, with the application platform of continuous improvement, database security issues enterprises have become the focus of CIO.In the network the information age, the most critical resource information system is not hardware, but the data and storage data database. Most enterprises are mostly concerned about the security of networks and operating systems, and less concerned about the safety of stored data in the database. Thus, the database security issues become particularly important. Both for the user for the database to ensure the accuracy of the database system to provide data, but also to ensure easy management. With the variety of encryption algorithms and cipher text stored in the form of application, database security will gradually increase, but the complexity of the database system currently used encryption algorithm is often demonstrate the performance of database access and access to a greater impact, so how to ensure the confidentiality of the database at the same time, design a database system to better meet the encryption scheme to improve the security of encrypted database, taking into account the efficiency of the data read into memory needed to solve the attendant problems.The design is based on the Foreign Affairs Office of Taizhou development of management information systems, database management systems is the use of the original B/S frame, front platform with Windows systems, back-end database using SQL Server, the whole management system is mainly applied to the Foreign Affairs Office LAN. With the continuing escalation of the system update, the existing system more suited to the sharing of information between regions and regional management. According to the current technological trends, this information management system and Internet technologies will inevitably, and ultimately in the WAN application. Therefore, without affecting the function on the basis of the original system and, without changing the system hardware and software environment, the original management information system, some technical improvements and innovations to create a database encryption system based on the original system, the final solve the system in the wide area network data security issues, improve the system's own security.The design of the database system from the current security measures adopted by starting summarizes the current database system, the security measures used to analyze the existing database system security threats, pointing out that the database encryption is to address these security risks in an effective way; also analyzed to Design and implementation of a cipher key database system to solve the problem, and encryption of existing databases on the basis of theory and technology, a modified Chinese Remainder Theorem based database encryption methods, including encryption algorithms, multi-key management, dynamic key generation and ciphertext query strategy, and for known plaintext attack and conspiracy attack and analyzes its security. The method uses multi-layer key management mechanism, the work by the key generator key global key from the database, tables, dynamically generated keys, and key fields. The method is divided into two phases:The first stage is a preprocessing step, using a function disrupted specifically disrupt the binary data sequence; the second phase of implementation of the encryption based on Chinese remainder theorem formula encrypted binary sequence out of order.The database according to the proposed encryption scheme, we in the open source database management system based on MYSQL designed a transparent to the user's encrypted ciphertext outside the library database system. The cipher text database management system, including rights management module, key management module, SQL Analysis and Reconstruction module, as well as four-part encryption and decryption modules, and implemented in a database to store the ciphertext in the form of user-specified sensitive information, rest of the data is still stored in clear text form. Legitimate users can use the system as the database system using the same view explicit authorization of the data, but unable to obtain unauthorized information. The system supports dense text as query, and to support fuzzy queries.Through this design makes me a better understanding of the design aspects of database security technology, in the design of the database system to better ways to use database encryption to ensure information security, but also the exercise of my design and development capabilities.