CN-121980593-A - Method for encrypting database by using encryption character string

Abstract

A method for encrypting database by using encryption character string relates to the technical field of information security, which dispersedly stores parameters calculated by password to a plurality of different positions, and combines the parameters by algorithm when needing to access database field so as to obtain correct decryption key. The parameters set by the administrator are needed, the password mode is not used any more, the mode of space coordinate positions is adopted, three space coordinates are provided by the administrator, and the hardware identification code is obtained to form a fourth space coordinate. The purpose of generating the identification code authKey through the algorithm is to replace the traditional condition that the administrator sets the password through human subjective, the coordinates are used for replacing the character string, and the algorithm is used for guaranteeing the complexity and the safety of the password.

Inventors

• ZHOU YANG
• DUAN JIMIN
• HU MING

Assignees

• 山东恒云信息科技有限公司

Dates

Publication Date

20260505

Application Date

20260408

Claims (8)

1. 1. A method for database encryption using an encrypted string, comprising: S1, adding a column to a data dictionary table for recording all data table information in a database management system, wherein the column records whether a corresponding table in the database is an encryption algorithm used by an encryption table meter; s2, when a new data table is created in the database, selecting the new data table as an encryption table in a corresponding column in a data dictionary, and inputting three coordinate points by an administrator; S3, when receiving a command for creating a table, the database management system receives three coordinate points and generates a fourth coordinate point by utilizing computer hardware information; s4, calculating by using four coordinate points to obtain an identification code authKey; s5, using the identification code authKey as an encrypted key code, encrypting information to be written into a database into ciphertext for storage or performing decryption operation on read encrypted data; s6, when the created data table is read or modified, three coordinate points are provided for the database management system, a fourth coordinate point is generated by utilizing computer hardware information, an identification code authKey is obtained through calculation, and after the database management system verifies authKey that encryption and decryption are correct, the data of the table is subjected to read-write operation.
2. 2. The method for encrypting a database using an encrypted string according to claim 1, wherein the database management system in step S1 is a relational database management system or an embedded database management system.
3. 3. The method for encrypting a database using an encrypted string according to claim 1, wherein the administrator inputs three coordinate points as in step S2 、 、 Coordinate point X-axis coordinate of (2) Coordinate on Y axis is Coordinate of Z axis is Coordinate point X-axis coordinate of (2) Coordinate on Y axis is Coordinate of Z axis is Coordinate point X-axis coordinate of (2) Coordinate on Y axis is Coordinate of Z axis is 。
4. 4. The method for encrypting a database using an encrypted string according to claim 3, wherein the fourth coordinate point in step S3 is Coordinate point In order for the dimension to be three-dimensional, In order to provide the CPU with an identification code, Is the identification code of the main board, Is the network card identification code.
5. 5. The method for database encryption using encryption strings according to claim 4, wherein the step S4 comprises the steps of: s4-1. Through the formula Calculating to obtain the adjusted coordinates By the formula Calculating to obtain the adjusted coordinates By the formula Calculating to obtain the adjusted coordinates Constructing coordinate points , ; S4-2. Through the formula Calculating to obtain the space mass center Spatial centroid X-axis coordinate of (2) Coordinate on Y axis is Coordinate of Z axis is ; S4-3, according to the coordinate point Calculating six weighted edge lengths 、 、 、 、 、 ; S4-4. Through the formula Calculating the volume of the parallelepiped , Is taken as a norm; s4-5 utilizing six weighted edge lengths 、 、 、 、 、 Center of mass of space Volume of parallelepiped The identification code authKey is calculated.
6. 6. The method for encrypting a database using an encrypted string according to claim 5, wherein the step S4-3 is performed by the formula Calculating to obtain the edge weight length By the formula Calculating to obtain the edge weight length By the formula Calculating to obtain the edge weight length By the formula Calculating to obtain the edge weight length By the formula Calculating to obtain the edge weight length By the formula Calculating to obtain the edge weight length 。
7. 7. The method for encrypting a database using an encrypted string according to claim 6, wherein the method is characterized by using a formula The identification code authKey is calculated, wherein, In the form of a hamiltonian, , Is the unit vector in the X-axis direction, Is a unit vector in the direction of the Y axis, Is a unit vector in the direction of the Z axis, , In order to take the absolute value of the value, , , , , Is rounded downwards.
8. 8. The method for database encryption using encryption string according to claim 1, wherein the encryption/decryption key for data writing is obtained by using AES-256 algorithm or SM4 algorithm for the identification code authKey in step S5.

Description

Method for encrypting database by using encryption character string Technical Field The invention relates to the technical field of information security, in particular to a method for encrypting a database by using an encryption character string. Background In contemporary society where data asset value is increasingly prominent, finer granularity, stricter security access control, and stricter data access logic are required for management of data. The conventional database management system adopts a rough account number and password management mode, and has the following problems: 1, data management is too extensive, all tables under the same account number can be clearly obtained, and fine granularity control cannot be realized. For example, set table a access rights to a host or only allow an application holding an authentication key to access table a. In the traditional mode, the administrator sets the password, so that the password is easy to attack by means of exhaustion algorithm, social engineering analysis and the like. Resulting in a password leak. In still other environments, the password is set in the application's configuration file and is easily accessible to the application's administrator, which is a potential hazard. And 3, data leakage caused by the storage medium, such as a hard disk storing a database file, is taken to other computers, and the data leakage caused by accessing the data file is caused. Disclosure of Invention In order to overcome the defects of the technology, the invention provides a method for encrypting a database by using an encryption character string, which effectively prevents social engineering and violent cracking. The technical scheme adopted for overcoming the technical problems is as follows: A method for database encryption using an encrypted string, comprising: S1, adding a column to a data dictionary table for recording all data table information in a database management system, wherein the column records whether a corresponding table in the database is an encryption algorithm used by an encryption table meter; s2, when a new data table is created in the database, selecting the new data table as an encryption table in a corresponding column in a data dictionary, and inputting three coordinate points by an administrator; S3, when receiving a command for creating a table, the database management system receives three coordinate points and generates a fourth coordinate point by utilizing computer hardware information; s4, calculating by using four coordinate points to obtain an identification code authKey; s5, using the identification code authKey as an encrypted key code, encrypting information to be written into a database into ciphertext for storage or performing decryption operation on read encrypted data; s6, when the created data table is read or modified, three coordinate points are provided for the database management system, a fourth coordinate point is generated by utilizing computer hardware information, an identification code authKey is obtained through calculation, and after the database management system verifies authKey that encryption and decryption are correct, the data of the table is subjected to read-write operation. Further, in step S1, the database management system is a relational database management system or an embedded database management system. Further, in step S2, the administrator inputs three coordinate points as、、Coordinate pointX-axis coordinate of (2)Coordinate on Y axis isCoordinate of Z axis isCoordinate pointX-axis coordinate of (2)Coordinate on Y axis isCoordinate of Z axis isCoordinate pointX-axis coordinate of (2)Coordinate on Y axis isCoordinate of Z axis is。 Further, in step S3, the fourth coordinate point isCoordinate pointIn order for the dimension to be three-dimensional,In order to provide the CPU with an identification code,Is the identification code of the main board,Is the network card identification code. Further, step S4 includes the steps of: s4-1. Through the formula Calculating to obtain the adjusted coordinatesBy the formulaCalculating to obtain the adjusted coordinatesBy the formulaCalculating to obtain the adjusted coordinatesConstructing coordinate points,; S4-2. Through the formulaCalculating to obtain the space mass centerSpatial centroidX-axis coordinate of (2)Coordinate on Y axis isCoordinate of Z axis is; S4-3, according to the coordinate pointCalculating six weighted edge lengths、、、、、; S4-4. Through the formulaCalculating the volume of the parallelepiped,Is taken as a norm; s4-5 utilizing six weighted edge lengths 、、、、、Center of mass of spaceVolume of parallelepipedThe identification code authKey is calculated. Further, in step S4-3, the formula is passedCalculating to obtain the edge weight lengthBy the formulaCalculating to obtain the edge weight lengthBy the formulaCalculating to obtain the edge weight lengthBy the formulaCalculating to obtain the edge weight lengthBy the formulaCalculating to o