Research On The Heterogeneous Column-Level Customized Encryption In Hybrid Cloud Environment

In recent years,with the rapid development of cloud computing,a large number of enterprises have shifted their existing programs and data services to cloud computing.Public cloud storage has become the first choice for big data storage,but data security in cloud environments provided by public cloud providers cannot be guaranteed.Cloud service providers often provide network security solutions,but the cloud services purchased by users are maintained by the provider and cannot avoid the problem of cloud service providers snooping on user data.For data security issues,major database systems propose corresponding official encryption schemes,such as Transparent Data Encryption used by Microsoft SQL Server,but it cannot implement fine-grained data encryption,its columnlevel Encryption scheme provide encryption and decryption functions,need to be explicitly called in the code.The developer needs to write specific SQL statements in the program,which is troublesome to use.They do not apply to cross-cloud computing environments.This paper aims at the security of user data stored on public clouds in hybrid cloud computing to prevent user cloud data from being stolen and utilized by cloud service providers.In a hybrid cloud computing environment where private and public clouds operate together,The user's demand for data security and ciphertext fine-grained and efficient access on the public cloud mainly solves the following problems.1.Making full use of the computing power of trusted private cloud and the storage capacity of semi-untrusted public clouds,a highly reliable hybrid cloud platform environment for cross-cloud computing is designed and implemented.Encrypted data was stored in the public cloud,giving full play to the characteristics of public and private clouds.2.In order to achieve fine-grained access to data,column-level encrypted access schemes are used.Encryption and expansion are performed using encryption algorithms with different functions for the same plaintext data column,such as order preserving encryption and homomorphic encryption,and the ciphertext data is stored in a public cloud ciphertext database and filter ciphertext result set through a preprocessing module in the ciphertext database,which ensures data security and greatly improves the query efficiency of ciphertext data.3.In order to facilitate the user's choice and use,this paper constructs a variety of heterogeneous encryption modes with different functions for users to choose,reducing the storage of redundant ciphertext,enhancing the user's selectivity and the ease of operation of the system.Based on the implementation of a customizable heterogeneous encryption scheme at the column level,rewriting of general query statements is implemented,thereby providing transparent operation for users.4.Take full account of the possibility of various SQL execution operations.This paper designs and implements a stable SQL heterogeneous encryption and rewriting module to improve the fault tolerance of the system and prevent the loss caused by misoperation.The cloud encryption database system designed and implemented according to this paper is used for functional testing and performance testing on a stable hybrid cloud platform and analyzed the test result.The experimental results show that this scheme meets expectations in function,performance and security,and provides transparent operation support for users.It can not only ensure the security of data in cloud environment,but also guarantee the efficiency of system query.It is highly efficient,stable and safe.