• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

计算机工程与科学

• 论文 • 上一篇    下一篇

基于访问控制和中国剩余定理的数据库密钥管理方案的研究

闫玺玺1,胡前伟1,汤永利1,叶青1,李子臣2   

  1. (1.河南理工大学计算机科学与技术学院,河南 焦作 454003;2.北京印刷学院信息工程学院,北京 102600)
  • 收稿日期:2015-12-07 修回日期:2016-05-03 出版日期:2017-08-25 发布日期:2017-08-25
  • 基金资助:

    国家自然科学基金(61300216,61272519);河南省科技攻关项目(132102210123);河南理工大学博士基金(B2013-043)

Key management schemes based on access
control and Chinese remainder theorem in database

YAN Xi-xi1,HU Qian-wei1,TANG Yong-li1,YE Qing1,LI Zi-chen2   

  1. (1.College of Computer Science and Technology,Henan Polytechnic University,Jiaozuo 454003;
    2.College of Information Engineering,Beijing Institute of Graphic Communication,Beijing 102600,China)

     
  • Received:2015-12-07 Revised:2016-05-03 Online:2017-08-25 Published:2017-08-25

摘要:

针对密文数据库中数据项加密时会出现数据项密钥量大和安全需求高的问题,通过引入中国剩余定理来管理数据项密钥,提出了一种新的基于访问控制和中国剩余定理的密钥管理方案。当用户申请用户密钥时,密文数据库可以将用户ui能够访问的大量数据项对应的密钥Ki“合成”用户密钥uki并保存;当用户ui提供用户密钥uki和密文查询请求CQR访问密文数据库时,系统会根据系统表和中国剩余定理将用户密钥uki再分解成数据项密钥Ki,用户就可以解密数据。该方案不仅实现了对用户访问权限的管理,还解决了大量数据项密钥带来的数据处理时间长、占用系统资源多等问题,提高了密文数据库中密钥管理的效率和安全性。论文最后实现了该密钥管理方案,并对比分析了该方案的安全性。

关键词: 数据库加密, 角色访问控制, 中国剩余定理, 密钥管理

Abstract:

Since the number of data items keys is larger, much higher security is needed in database encryption systems. In view of this question, we propose new key management schemes based on access control and Chinese remainder theorem which makes the management of data items keys convenient. A large number of the data items keys Ki which the user  ui has access to, can be compounded to user class keys
uki when the user applies for the key, then this key is saved. When the user decrypts the data, user class keys  uki  are broken down into key data items using the system tables and the Chinese remainder theorem. The schemes can solve the problems of high time cost on processing data and more system resources occupation, thus improving the efficiency and security of the key management in the cipher text database. Experiments and comparison prove the significant improvement in efficiency and security of key management.
 

Key words: database encryption, RBAC, Chinese remainder theorem, key management