Research On Data Security Of Inventory Management Based On SaaS Mode

With the rapid development of Internet and software industry, the increasing demand ofenterprise informatization, purchase and operation management software is becoming moreand more expensive. The IT industry is looking for an innovative software services andsoftware application mode to reduce the cost required for enterprise informatization. At thistime, software as a service has been widely concern to its repeated use, low cost, flexiblepricing patterns and better solutions has developed both inside and outside theindustry.However, the security problems follow with the extensive application of SaaS. Inrecent years, the enterprise suffered huge losses due to data breaches occurred frequently.Therefore, the problem of data security is a primary consideration when enterprises in theselection of SaaS software service model, The service provider is also facing the problem ofdata security.Data security is mainly divided into the security of data transmission, data storagesecurity, data integrity and key management. This paper is mainly on the inventorymanagement of data stored in the database, study of data security when suffered from externalmalicious intrusion. On the basis of the study, we propose a solution in order to achieve theeffect of protecting data security. The main contents of this paper are as follows:(1)Based on the research and analysis of safety data on the SaaS mode, in view of thedata security when database is intruded. This paper proposed a solution that isolated thedamaged data and encrypt the undamaged data to avoid data damage range is enlarged,thereby reducing the loss of user.(2)The choice of suitable for this data storage model and database encryption based onthe analysis of the SaaS model theory, model of data storage, encryption algorithm, theencryption granularity and encryption modes.(3)For isolate the damaged data, this paper presents a method to realize the data isolationstrategy using the modified dynamic SQL statements. This method mainly changes the SQLstatement when users submitted an access request dynamically. The revised statement cannotaccess the damaged data, so as to achieve the purpose of isolating damaged data. For the undamaged data, using modified AES encryption algorithm to realize data encryption. Thesecurity of the algorithm is reduced by the formation process of the subkey of AES encryptionalgorithm is a simple XOR operation and can be launched two adjacent keys by a round key.In this paper, the formation process of the subkey of AES encryption algorithm is improved, inorder to improve the encryption algorithm of undamaged data security.(4)In the DBMS layer using modified SQL dynamic statement on the damaged dataisolation. And analysis on isolation strategies under different number of users to access thedatabase at the same time, the throughput of the system change with the damaged rate. Theundamaged data using a modified AES algorithm for encryption. Thus ensuring the datasecurity of system database in the invasion. And analysis of the transmit rate of user accessdata in a database under the conditions of the AES algorithm encryption and the modified AESalgorithm encryption.