Protection system uses database encryption to realize data security

Source: Internet
Author: User
Keywords Security implementation algorithm
Data encryption, database encryption technology Status quo and future trends? Can the product solutions in this area meet the needs of industry and enterprise users? Firewall is not a problem all of the anti-intrusion network security technology represented by the firewall is not equal to all information security. In the vast majority of information systems, the core data and data are stored in the way of the database, no encrypted database is like a locked file cabinet, for those with ulterior motives, plagiarism, tampering is a breeze. Therefore, the security of database should not be neglected. Database encryption system is designed and developed to enhance the security of common relational database management system. The purpose of this paper is to provide a secure and applicable database encryption platform to effectively protect the content of communication and database storage. It realizes the confidentiality and integrality of database data storage and communication through the security methods such as communication encryption and database storage encryption, so that the database can be stored in ciphertext mode and work in the secret mode to ensure the data security. The encryption database is imminent after research in recent years, China's database encryption technology has been relatively mature. Some company's database security middleware technology, under the premise of protecting the user's original hardware and software investment, can effectively realize the database secret storage and query. This technology has been applied effectively in practice. So, why is the problem of database security the current industry and enterprise users imminent security problems? First of all, the information security technology of the reverse copy is a truly reliable technology, and the database encryption technology is one of these technologies. One of the means used in intelligence warfare between hostile institutions is often the most direct way of buying and copying. If a hostile party bribed a dustman who is usually not noticed, even if the cleaner does not know any technology, he only needs to use the hard copy machine, which is often used by intelligence and secret agents, to press a button to handcuff all the data within minutes! At this time, firewall, intrusion detection and other protection systems are not to play a role in security. The database is encrypted and stored in ciphertext, even if it is stolen and copied, and the confidential data is not captured by hostile parties, as they acquire just a bunch of almost unbreakable passwords. Second, the popularity of the Internet, mobile communications, notebook computer's extensive use of the database security poses a greater threat. Wireless communication can be intercepted at any time, phishing, listening. Wireless internet, mobile communication in the people to bring convenience and high efficiency at the same time also brought a major hidden dangers of information security. Thirdly, database security should be equal to the operating system, network security and CPU, and make up the center of Information Security strategy. Only by setting up standards and implementing and effectively monitoring database security as an important content of information security management can the information security be further safeguarded. 7 large features to implement database encryption generally speaking, an effective database encryption system mainly has the following 7 aspects of function and characteristics. 1, Identity Certification: Users in addition to providing user name, password, but also in accordance with system security requirements to provide otherRelated security credentials. The system may choose to use the terminal key, the user USB key and so on to enhance the authentication security. 2, communication encryption and integrity protection: the access to the database in the network transmission are encrypted, the destination of communication can also verify the integrity of communications; the significance of communication is to prevent replay, tamper-proof. 3, the database data storage encryption and integrity protection: The system uses the data item level storage encryption, namely in the database different records, each record's different field all uses the different key encryption, supplemented by the verification measure to guarantee the database data storage confidentiality and the integrity, prevents the data unauthorized access and the modification. 4, database encryption settings: The system can choose to encrypt the database column, so that users select sensitive information for encryption rather than all data encryption. You can increase database access speed by encrypting only sensitive data for users. This is beneficial to the user in the efficiency and security of the independent balance between. 5. Multilevel Key Management mode: Master key and master key variable are saved in security zone, two-level key is protected by master key variable, encryption of data is stored or transmitted using two-level key, and is protected by master key. 6, security Backup: The system provides the database plaintext backup function (in order to prevent disaster, the system provides plaintext form of database content backup function, To prevent loss of key or data from catastrophic consequences) and key backup functionality (the user can simultaneously use the backup capabilities of the database management system and the key backup of the database encryption system to simultaneously back up the redaction and keys and recover when needed). 7. Universal interface and extensive platform support: The system uses an open architecture to support standard SQL statements. Several algorithms for data encryption of related knowledge base encryption algorithms are formulas and rules that specify the transformation between plaintext and ciphertext. Key is the key information to control the encryption algorithm and decryption algorithm, it is very important to generate, transmit and store. The basic process of data encryption consists of translating plaintext (readable information) into ciphertext or cipher code form. The reverse process of the process is the process of decrypting the encoded information into its original form. Des algorithm des (Data encryption Standard) was developed by IBM in the 1970 and was adopted by the United States Government in November 1976, and Des was subsequently used by the United States National Standards Agency and the American National Standard Association (Anglo). Standard Institute,ansi) admits. The cryptography disadvantage of Triple Des des is that the key length is relatively short, so people come up with a way to solve its length, that is, triple DES. RSA algorithm It is the first algorithm that can be used both for data encryption and digital signature. It is easy to understand and operate, and very popular. The name of the algorithm is named after the inventor: Ron Rivest, AdishAmir and Leonard Adleman. AES algorithm It is the latest in the 21st century to replace the DES algorithm of commercial encryption standards, in theory, this encryption method requires the state military level of the crack device operation more than 10 years to be able to decipher. Zhao Zhaoyi#51cto.com TEL: (010) 68476636-8001 to force (0 Votes) Tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title of the party (0 Votes) passed (0 Votes) The original text: protection system with database encryption to achieve data security return network security Home
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.