Research And Application Of Several Security Technologies For Ivce Platform's Middleware

With the year-on-year growth of data traffic and the diversified development of various industries,cloud computing platforms often customize different computing models according to the specific business needs of the company's business.The development goal of the ivce platform is to carry out routine maintenance and periodic testing of computing resources in each province,including the exchange of some sensitive data.Therefore,the platform provides services such as encrypted storage of data,ciphertext retrieval,and secure access based on the database middleware technology.Based on the overall structure of the ivce cloud platform,this paper focuses on the data encryption technology and the ciphertext retrieval problem of the database middleware CryptDB of the platform.It focuses on the computational efficiency of the homomorphic encryption algorithm of CryptDB,and the ambiguity retrieval process of the ciphertext database.The discussion of redundant data leakage issues.The main tasks include:(1)The computational process of the Paillier homomorphic encryption algorithm of CryptDB is studied.To solve the problem of the large integer modular exponentiation efficiency of the algorithm in the process of encryption and decryption,a public key generation method is proposed to optimize the encryption and decryption process..By preprocessing the public key generation process of Paillier algorithm,a large integer modular exponentiation operation in the encryption process is converted into a modular multiplication operation.And through the feasibility analysis of Paillier algorithm,it is proved that the improved algorithm can reduce the amount of computation in the encryption and decryption process and improve the efficiency of the algorithm without reducing the security.The test results show that the algorithm can reduce the operation time of encryption and decryption,and then improve the data retrieval efficiency of CryptDB.(2)Research on the two-stage retrieval technology in the process of fuzzy matching of ciphertext database.In the first stage,most of the extraneous ciphertext data is filtered by the dual encoding algorithm,and the filtered results are decrypted and the final data is extracted in the second stage.Because there is a hash operation in the encoding process,the filtering result in the first stage contains a certain amount of redundant data.After the redundant data is decrypted,it will be leaked to the user and cause a security risk of the database.Therefore,this paper discusses the selection of the range of hash function in the coding process,and studies the general relationship between hash length and string length through probability statistics and random string testing.Research results show that the best choice for hash length is 2-4 times the length of the string.For the above two parts of the theoretical study,this article is based on the basic business process of the ivce platform,testing and analysis of the two methods in the process of the actual operation of the platform to verify the availability and effectiveness of the two methods in the actual business.