The Design And Implementation Of The Database Encryption System

With the rapid development of Internet and Computer technology, the database has gradually become the core of the information system part and Widely used in various enterprises, financial institutions, governments and national defense etc. Increasing the sharing of data lead to the security of the database becomes more and more important. At the same time, mass data security, third data access control and anti-tampering, has become the current is a big challenge in the field of computer.In order to improve the performance of database security, database vendors also provide many security measures, such as:user identity and identification, access control, view, auditing function, database backup and restore the basic security technology. However, these functions are clearly not enough, for highly sensitive data, security measures provided by the database system can not guarantee the security of data.In addition, the database security threat is not entirely caused by the external personnel, internal system managements threats more for their authority is too large. At the same time, running platform of database management system is also a lack of effective protection measures for the database file. In order to prevent the illegal use of user, to ensure data security, sensitive data must be protected.Aiming at the safety problem of the database, this paper focuses on the following work:Firstly, this paper analyzed database security problem and present situation, summarized the analysis of database encryption system requirements. Among them, including product targets, operating environment, function requirements, performance requirements etc.Secondly, proposed database encryption scheme base on SM1cipher algorithm, given the system design, including system architecture, the modules and the encryption and decryption process. At the same time, given the system deployment architecture design. Researched and realized the design of business logic and the sub function module, Including system initialization, main control module, the user management and authority module, key management module, encryption and decryption module, key processing module and encryption service module.Researched and realized the detailed design of system interface, including the client interface, internal interface.Researched and realized System database design, including the key table, history key table, invalid key table, log table, administrator information table, the audit log tables etc.Researched and realized system management console design, including system initialization, encryption dictionary management, administrator management, user management, authority management, key management, system audit, backup and recovery module design.Researched and realized API design of system encryption service, including API and database encryption system connection way, APIService process, API communication protocol, data encryption process.Through the research on the content above, finally, database encryption system based on SMI encryption algorithm was completed. The system can provide high strength, transparent encryption function for data in database. At the same time, the performance indexes meet the design requirements.