| Database security has been an important research field for information security. For protecting the data which is stored in files security, the primary technology we adopt is to store the important or sensitive database information in form of cryptograph. Transparent encryption technology implements in the bottom of the database system. It can reduce the effect of the efficiency of database system and make convenience of using the technology of encryption in database system for users, so it has much research value.Transparent encryption of Dameng database system is divided into three parts: first is data transparent encryption and decryption; second is dynamic key management; the last one is management and application of cipher engine. The first part makes users not care about the process of data encryption and decryption; the second part provides a mode of convenient and secure key management for users; the last part make users convenient import their defined algorithm to the database system.The kernel of Dameng database implementing data transparent encryption and decryption is the executing engine of encryption and decryption. It takes charge of the work of data encryption and decryption. When date is written to files from memory, it is encrypted; when it is read from files, it is decrypted. For the keys which transparent encryption uses, we separate levels to manage them. The keys of each level are protected by above level and keys of the top level is encrypted and protected by database managers, so the security of all keys can be protected. Encryption engine is the container of encryption algorithm. When database initials, it completes the load of cipher engine; when users use algorithm through providing cipher engine name and algorithm name, database system takes charge of parsing name and searching algorithm. |
PDF Full Text Request