Research On The Key Managemenrt Of The Encrypted Database

With the rapid development of information technologies, people have an increasing dependency on information systems. Security problems are attracting more attention while people are enjoying the conveniency brought by computer technologies. Database is the kernel component of the modern computing environment, whose security is a very important problem in applications. Encryption is an effective method to enforce data security, so if we encrypt data before storage, many database security problems could be solved.However, it is differert from the encryption of the communications in the internet that the keys used to encrypt the database must be store. So the problems that how to creat and protect these keys to ensure their security have to be deal with the key management. And then the data with the complex logic relation in the database need the effective key management. Therefore, this thesis investigates the key management based on a typical database security plug-in. The main work and contributions are as follows.Based on the detail investigation of current key management technique, cryptology, access control and XML techniques, the two-hierarchy key manangement mode is used to manage the keys. And in order to resolve the problem that the working keys are diffcult to mange securely because of their large amount, this thesis proposes the key management base on XML, and proves its validity and security. This scheme resolves the secure storage and effective manament of these key, enhance the security of the encrypted databse.As the kernel component of the plug-in systerm, the information in the key dictionary is used by the other components when the systerm is running. So the key dictionary is easily attacked by attacker, only depend on the primary key is not enough to protect the security and integrity of the key dictionary. This thesis proposes a fragile watermarking algorithm,which does not introduce any redundant data and depend on grouping and exchanging the position of the symmetrical cell to embed and verify the wartermark. Our experiment proves that this scheme can check the tamper, insert and delete effectively. It is helpful to ensure the integrity and security of the encrypted databse.