[1]张成果,杨庚,王伟. 基于CryptDB的选择加密策略研究[J].计算机技术与发展,2017,27(03):136-141.
 ZHANG Cheng-guo,YANG Geng,WANG Wei. Investigation on Selective Encryption Strategy with CryptDB[J].,2017,27(03):136-141.
点击复制

 基于CryptDB的选择加密策略研究()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
27
期数:
2017年03期
页码:
136-141
栏目:
安全与防范
出版日期:
2017-03-10

文章信息/Info

Title:
 Investigation on Selective Encryption Strategy with CryptDB
文章编号:
1673-629X(2017)03-0136-06
作者:
 张成果杨庚王伟
 南京邮电大学 计算机学院
Author(s):
 ZHANG Cheng-guoYANG GengWANG Wei
关键词:
 选择加密密文计算CryptDB密文数据库洋葱加密
Keywords:
 selective encryptioncipher computingCryptDBencrypted databaseonion encryption
分类号:
TP302
文献标志码:
A
摘要:
 针对云中数据隐私保护问题,采用加密存储是一可行的选择.而在未解密的情况下,如何对密文进行计算成了近年来研究的热点.为提高密文计算效率,节约密文数据的存储空间,将选择加密策略与CryptDB密文数据库系统相结合,设计并实现了支持选择加密策略的CryptDB密文数据库系统.由于CryptDB使用多个洋葱加密模型,需将数据加密成多份以适用不同场景,对不敏感字段加密增加了计算时间及存储空间.针对这些问题,提出一种用户自定义的敏感字段检测算法,并且在原系统中创建和注册明文洋葱,修改元数据表,以及对自定义SQL语句的拦截和改写,实现选择加密策略.实验结果表明,在满足用户对数据表安全性要求的前提下,随着加密字段减少,密文计算时间和存储空间显著减少,提高了CryptDB系统的效率和实用性.
Abstract:
 In order to protect privacy of sensitive data stored on the cloud,encrypting data is a feasible way. Computing on the encrypted data without decrypting is becoming a research hotspot. Combining selective encryption strategy with CryptDB,an encrypted database sys-tem which supports selective encryption strategy is proposed to improve the performance of encrypting and decrease the storage space. Since the use of multiple onion encryption models,data should be encrypted into several copies by CryptDB to adapt different situations. Encrypting non-sensitive fields will experience high computation time and increase storage space. A user-defined sensitive field detection algorithm is proposed and implemented through creating and registering the plain onion within original system,modifying the metadata ta-bles,and intercepting and revising the SQL queries. With the context meeting the user’ s requirements of data security,the experimental results show that the scheme decreases the time of computation and storage space with the number of encrypted fields decreasing and makes the system more efficient and practical.

相似文献/References:

[1]张志宏,吴庆波,邵立松,等.基于飞腾平台TOE协议栈的设计与实现[J].计算机技术与发展,2014,24(07):1.
 ZHANG Zhi-hong,WU Qing-bo,SHAO Li-song,et al. Design and Implementation of TCP/IP Offload Engine Protocol Stack Based on FT Platform[J].,2014,24(03):1.
[2]梁文快,李毅. 改进的基因表达算法对航班优化排序问题研究[J].计算机技术与发展,2014,24(07):5.
 LIANG Wen-kuai,LI Yi. Research on Optimization of Flight Scheduling Problem Based on Improved Gene Expression Algorithm[J].,2014,24(03):5.
[3]黄静,王枫,谢志新,等. EAST文档管理系统的设计与实现[J].计算机技术与发展,2014,24(07):13.
 HUANG Jing,WANG Feng,XIE Zhi-xin,et al. Design and Implementation of EAST Document Management System[J].,2014,24(03):13.
[4]侯善江[],张代远[][][]. 基于样条权函数神经网络P2P流量识别方法[J].计算机技术与发展,2014,24(07):21.
 HOU Shan-jiang[],ZHANG Dai-yuan[][][]. P2P Traffic Identification Based on Spline Weight Function Neural Network[J].,2014,24(03):21.
[5]李璨,耿国华,李康,等. 一种基于三维模型的文物碎片线图生成方法[J].计算机技术与发展,2014,24(07):25.
 LI Can,GENG Guo-hua,LI Kang,et al. A Method of Obtaining Cultural Debris’ s Line Chart Based on Three-dimensional Model[J].,2014,24(03):25.
[6]翁鹤,皮德常. 混沌RBF神经网络异常检测算法[J].计算机技术与发展,2014,24(07):29.
 WENG He,PI De-chang. Chaotic RBF Neural Network Anomaly Detection Algorithm[J].,2014,24(03):29.
[7]刘茜[],荆晓远[],李文倩[],等. 基于流形学习的正交稀疏保留投影[J].计算机技术与发展,2014,24(07):34.
 LIU Qian[],JING Xiao-yuan[,LI Wen-qian[],et al. Orthogonal Sparsity Preserving Projections Based on Manifold Learning[J].,2014,24(03):34.
[8]尚福华,李想,巩淼. 基于模糊框架-产生式知识表示及推理研究[J].计算机技术与发展,2014,24(07):38.
 SHANG Fu-hua,LI Xiang,GONG Miao. Research on Knowledge Representation and Inference Based on Fuzzy Framework-production[J].,2014,24(03):38.
[9]叶偲,李良福,肖樟树. 一种去除运动目标重影的图像镶嵌方法研究[J].计算机技术与发展,2014,24(07):43.
 YE Si,LI Liang-fu,XIAO Zhang-shu. Research of an Image Mosaic Method for Removing Ghost of Moving Targets[J].,2014,24(03):43.
[10]余松平[][],蔡志平[],吴建进[],等. GSM-R信令监测选择录音系统设计与实现[J].计算机技术与发展,2014,24(07):47.
 YU Song-ping[][],CAI Zhi-ping[] WU Jian-jin[],GU Feng-zhi[]. Design and Implementation of an Optional Voice Recording System Based on GSM-R Signaling Monitoring[J].,2014,24(03):47.

更新日期/Last Update: 2017-05-18