Analysis of database encryption technology
From the formation and growth of information industry to the arrival of information society, especially the rapid development of personal computers represented by microelectronics revolution and a new round of information exchange revolution characterized by network, social informatization has become a new trend of social development.
Keywords: database; Encryption; study
China Library Classification Number: TP3 1 Document Identification Number: A.
The initial application of database technology is mainly in the field of information management, such as information management and information processing in government departments, industrial and commercial enterprises, library and information, transportation, banking and finance, scientific research and education and other industries. In fact, as long as there is data to manage, you can use the database.
The characteristics of 1 database
Data structure is the essential difference between database and file system. Data structuring is to organize and store data according to certain data patterns, that is, to express data structure with complex data models. The data model not only describes the characteristics of the data itself, but also describes the relationship between the data. This kind of structured data reflects the natural relationship between data, which is the premise and guarantee to realize centralized control of other data and reduce data redundancy.
Because the database considers the well-integrated teaching data structure from the overall application of enterprises and institutions, the data in the database is no longer oriented to a single application but to the system. The data required by different application systems is only a subset of the wing model. The basis of database design is data model. When designing the teaching database, we should abstract and organize the data from a global perspective, describe the relationship between the data itself and the data completely and accurately, and establish the data chess pattern under the global needs. Database system is based on database, and all kinds of applications should be built on data array. This characteristic of the database system determines its design method, that is, designing the database first and then designing the functional program, instead of designing the program first and then considering the data needed by the program like the file system.
1. 1 has high data independence.
The data in the database is not isolated, but interrelated. That is to say, in the database, not only the water data itself, but also the relationship between water data and data should be expressed. For example, in the savings database of Cloth Bank, there are depositor information and account information, and the depositor information is associated with the account information. The database can organize data in different ways according to WorldCom's needs, such as sequential organization, index organization and inverted index organization. The purpose of this is to maximize the efficiency of users or applications accessing data beacons. Before the advent of database technology. The data file is independent, so any data file must contain all the data that conforms to the application. In a database, data is shared by all applications. When designing a database, we can start from the overall situation, let the database contain all the data that serve the whole application, and then combine the data flexibly through the schema definition to meet each application. The data form has high data independence, which means that the data organization and storage methods are independent of each other and the corresponding programs. Before the advent of database technology, the way of editing and modifying data files was closely related to applications. When the enterprise data structure changes, the corresponding application must also be modified, which greatly increases the development cost and maintenance cost of the application. Database technology makes data organization and storage independent of application, thus greatly reducing the development cost and maintenance cost of application.
1.2 has low data redundancy and high data enjoyment.
Small data redundancy means that there is little complex data stored in the database. In non-database system, each application has its own data file, which leads to the need to restore a large number of stored data. In the database system mode, the teaching materials are no longer oriented to one application, but to the whole system, which makes the data redundancy in the database very small, thus avoiding the data conflict caused by data redundancy.
The database system improves the interest of data through data model and data control mechanism. The high enjoyment of data will improve the utilization rate of data, make data more valuable and can be used more easily and conveniently.
2 database encryption method
From the perspective of security and confidentiality threats, database systems should focus on the following threats: unauthorized access, widespread use of counterfeit laws, normal operation of systems with damaged data integrity, viruses, and eavesdropping on communication lines. Factors threatening network security: the vulnerability of computer system, protocol security, database management system security, human factors and various external threats mainly include the following aspects.
Data fraud: illegally tampering with data or inputting false data; Trojan horse: illegal installation of secret instructions or programs, and criminal activities carried out through computers; Italian sausage technique: using computers to steal deposits from the information system of financial banks, such as stealing the interest mantissa of accounts, every little makes a mickle; Logic bomb: input criminal instructions to delete data files at specified time or under specified conditions, or destroy system functions; Line interception: intercept information from the system communication line; Trap: debug, modify and increase the function of the program by using special breakpoints in the program, insert criminal instructions or add some criminal devices in the corresponding places in the hardware, in short, insert criminal instructions or devices by using some breakpoints or interfaces of software and hardware; Parasitic: follow privileged users into the system in some way, or insert people in the system? Parasites? ; Super kill: use * * * to break through system protection, illegally access or destroy data and system functions; Asynchronous attack: mixing criminal instructions with normal operating procedures to obtain data files. Computer virus: a criminal program that destroys system functions and services, destroys or deletes data files is implanted into a functional program of the system, so that the system can automatically copy the criminal program to other systems during operation, which is like an infectious virus that spreads everywhere.
2. 1 Exploration of database encryption technology
Cryptography is an ancient and profound subject, which is unfamiliar to ordinary people, because it has been used only in a small area for a long time (such as military, diplomatic, newspaper and other departments). Computer cryptography is a science that studies the encryption, decryption and transformation of computer information. It is an interdisciplinary subject between mathematics and computer, and it is also a new subject. With the development of computer network and computer communication technology, computer cryptography has received unprecedented attention, and has been rapidly popularized and developed. Data encryption technology is mainly divided into transmission encryption and storage encryption, while data transmission encryption technology encrypts the data stream in transmission. There are three commonly used methods: link encryption, node encryption and end-to-end encryption.
(1) Link encryption means that the transmitted data is only encrypted at the data link layer before the physical layer, regardless of the source and destination. It is used to protect data between communication nodes. The receiver is every node machine on the transmission path, and the information is decrypted and encrypted in each node machine in turn until it reaches the destination.
(2) Node encryption is to use a cryptographic device connected to the node machine at the node. The ciphertext is decrypted and encrypted in the device, and the plaintext does not pass through the node machine, thus avoiding the shortcoming that the link encryption node is vulnerable to platinum attack.
label
Data encryption technology is the most basic security technology, which is called the core of information security. At first, it was mainly used to ensure the confidentiality of data during storage and transmission. It replaces the protected information with ciphertext through transformation, replacement and other methods, and then stores or transmits the information. Even if the encrypted information is obtained by unauthorized personnel during storage or transmission, it can ensure that the information is not recognized by them, thus achieving the purpose of protecting the information. The confidentiality of this method directly depends on the adopted cryptographic algorithm and key length.
refer to
[1] Qian Xuezhong. Principle and technology of database [M]. Beijing: Tsinghua University Publishing House, 20 1 1.
[2] Chace. Principle and application of database system [M]. Beijing: Tsinghua University Publishing House, 20 12.
Click the next page to learn more >>& gt Database Technology Paper