| Along with the encryption technology development, the practice has proved encryption itself is not difficult. For example, AES - 128 encryption algorithm have long been used in hardware and widely used. Realize encryption is only part of the secure storage solutions, the difficulties it is key management. Based on key management storage security solution is a development trend of the industry, many famous manufacturers into research. Key distribution is database encryption system design of a problem, because as a comprehensive technology, it involves the key to produce, inspection, distribution, transfer, storage, use and destroy the entire process.Reference[17] put forward the key management scheme though fully guarantee the intensity of encryption, yet its has two distinct disadvantages: (1) no offer good Lord key protection solutions, once the main key disclosure or was breached, and all the encrypted data will expose, (2) the main key replacement will spend a lot of time, because every time a replacement main key, all want to decrypt all the ciphertext data, next reoccupy new master key encryption these message decrypted data. [18] proposed two level switch table key management scheme, although can well protection keys, but the Lord take key generation method and main difficult to realize, especially in data class more cases. [19] put forward a kind of more feasible key distribution scheme, but did not consider key management in other ways.This article from the key management is the most important aspects, discussed the key distribution scheme, and absorb other advantages are put forward on the basis of a safe and effective database encryption system key management module design and realization scheme. Using the centralized key management strategy, have safety auditing function, can put the key to make the filing, ensure when using can always find relevant key. System identity based access, management and log, very suitable for safety requirements of high large and medium-sized enterprises use, such as government, financial, military and scientific research units, etc. With automatic key archive and backup function for key provides high availability and fault restoration ability. |
PDF Full Text Request