共查询到20条相似文献,搜索用时 61 毫秒
1.
如今,数据库技术已成为现代计算机信息系统和应用系统开发的核心技术,是“信息高速公路”的主要支撑技术之一。随着数据库应用的不断深入,数据库安全日益成为人们关注的焦点。目前数据库的安全性主要通过访问控制来保障,但是当访问控制被攻破时整个数据库的安全体系也随之瓦解。数据库加密是对敏感数据进行保护的有效手段。本文对目前主要的数据库加密方法进行了探讨和研究。重点研究了数据库外层加密方法,针对数据库外层加密后检索与运行效率低、SQL查询操作受制约、数据库访问、数据类型变换、数据完整性和系统运行效率等主要难点问题进行研究,基于OPES方法提出并设计了一种改进的数据库加密方法,该方法保证了加密数据库具有较好的可操作性。 相似文献
2.
加密是保证数据安全的一种有效手段,然而由于数据库自身的特点,传统的数据加密手段会在很大程度上影响数据库系统的性能,或者难以满足数据库的安全需求.本文提出一种基于字段加密的数据库加密方法,并通过引入随机数转换加密密钥的方式增强了密文数据库的安全性,同时采用一种安全的密文索引方案减少了客户端安全插件的工作量,从而保证了密文数据库系统的使用性能. 相似文献
3.
关系数据库中字符数据的保序加密方法 总被引:3,自引:0,他引:3
对数值型数据保持顺序加密方法进行了分析,在此基础上提出了一种在关系数据库中针对字符数据的保序加密方法。详细阐述了其加密原理和密文索引结构,对重复性数据的加密处理和算法抗攻击性进行了分析。最后分别从时间开销、空间开销两个方面对算法进行了实验验证,实验结果表明该方法既保证了数据库安全性,又解决了加密数据库的查询性能问题。 相似文献
4.
吕政 《信息安全与通信保密》2009,(2):100-103
论文提出一种将文件信息以矩阵方式进行加解密的方法,采用伪随机序列+异或+移位+乱序+循环密钥的加密方式,与传统的加解密方式相比,加解密过程中密文和信息同时参与加解密。改变加密过程中的伪随机序列发生函数、乱序序列和循环密钥生成方法都可以成生不同的加解密算法。 相似文献
5.
密文策略属性加密方案适用于云环境中密文数据的访问控制.已有的支持算术张成程序的属性加密方案多是密钥访问策略的方案,且公开参数规模较大.本文利用双对偶向量空间(Dual Pair Vector Space,DPVS)技术,提出了一个公开参数长度固定、支持算术张成程序的密文策略属性加密方案.在新方案中,将密文相关的访问控制向量与随机矩阵结合,密钥相关的属性分量与熵扩张引理中的公开参量结合,设计方法对应了熵扩张引理中给出的密文和密钥分量的形式.最后,基于素数阶双线性熵扩张引理和k-Lin困难假设,证明了该方案具有适应安全性.新方案与已有支持算术张成程序的属性加密方案相比,实现了密文访问策略、公开参数长度固定且满足适应安全性. 相似文献
6.
属性加密体制是实现云存储中数据灵活访问控制的关键技术之一,但已有的属性加密方案存在密文存储开销过大和用户隐私泄露等问题,并且不能同时支持云端数据的公开审计.为了解决这些问题,该文提出一个新的可搜索属性加密方案,其安全性可归约到q-BDHE问题和CDH问题的困难性.该方案在支持关键词搜索的基础上,实现了密文长度恒定;引入策略隐藏思想,防止攻击者获取敏感信息,确保了用户的隐私性;通过数据公开审计机制,实现了云存储中数据的完整性验证.与已有的同类方案相比较,该方案有效地降低了数据的加密开销、关键词的搜索开销、密文的存储成本与解密开销,在云存储环境中具有较好的应用前景. 相似文献
7.
属性加密体制是实现云存储中数据灵活访问控制的关键技术之一,但已有的属性加密方案存在密文存储开销过大和用户隐私泄露等问题,并且不能同时支持云端数据的公开审计。为了解决这些问题,该文提出一个新的可搜索属性加密方案,其安全性可归约到q-BDHE问题和CDH问题的困难性。该方案在支持关键词搜索的基础上,实现了密文长度恒定;引入策略隐藏思想,防止攻击者获取敏感信息,确保了用户的隐私性;通过数据公开审计机制,实现了云存储中数据的完整性验证。与已有的同类方案相比较,该方案有效地降低了数据的加密开销、关键词的搜索开销、密文的存储成本与解密开销,在云存储环境中具有较好的应用前景。 相似文献
8.
针对现有属性基可搜索加密方案缺乏对云服务器授权的服务问题,该文提出一种基于授权的可搜索密文策略属性基加密(CP-ABE)方案。方案通过云过滤服务器、云搜索服务器和云存储服务器协同合作实现搜索服务。用户可将生成的授权信息和陷门信息分别发送给云过滤服务器和云搜索服务器,在不解密密文的情况下,云过滤服务器可对所有密文进行检测。该方案利用多个属性授权机构,在保证数据机密性的前提下能进行高效的细粒度访问,解决数据用户密钥泄露问题,提高数据用户对云端数据的检索效率。通过安全性分析,证明方案在提供数据检索服务的同时无法窃取数据用户的敏感信息,且能够有效地防止数据隐私的泄露。 相似文献
9.
提出一种多重加密的算法.针对以8 bit为一字节的数据格式提出了一种实现的方案.在此基础上加入码字分割技术,从而提出了一种改进的方案.并分析和比较了两个方案的加密效能. 相似文献
10.
文中提出了一种改进的安全全文索引结构.通过在倒排索引中对词条进行加密以抵抗语义分析攻击,屏蔽词条位置和频率信息以抵抗统计攻击,使用分块加密策略以抵抗已知明文攻击,使用两级索引结构保证了索引安全和检索效率的平衡.基于该安全全文索引结构设计了密文全文索引加密方案,并给出了一种多级密钥管理策略. 相似文献
11.
This paper proposes a novel reversible data hiding method in encrypted images based on specific encryption process. In the proposed specific encryption algorithm, the stream cipher and prediction error are combined to vacate room for data embedding. After that, a permutation operation is performed on the encrypted image to improve the security. In the embedding process, we can embed a large amount of secret data in the encrypted image by pixel value expansion because most of the pixel values are less than 128 by the specific encryption process. At the receiver end, the encrypted image can be recovered from the marked encrypted image without knowing the secret data. Therefore, even if the recipient only has the encryption key, the original image will be perfectly recovered. If the recipient only has the data-hiding key, the secret data will be extracted. And if the recipient has both keys, the original image and the secret data are both available. The proposed method achieves a higher embedding capacity than that of methods based on vacating room after encryption. It does not require the image owner to perform reversible data hiding techniques on the original image, which is more convenient than methods based on reserving room before encryption. Experimental results demonstrate that the proposed method outperforms other state-of-the-art methods. 相似文献
12.
Reversible data hiding for encrypted signals with prefect reconstruction of directly decrypted signals is introduced in this paper. Each unit in the original image is separated into three components by energy transfer equation, and each component is encrypted by Paillier homomorphic encryption. Additional bits are concealed into the encrypted image by manipulating the encrypted signals. Finally, the original image can be perfectly recovered when direct decryption is applied. The embedded bits are lossless extracted as well. Optimal visual quality and improved embedding rate are obtained by the proposed approach, since the value of the directly decrypted unit is the same as the original one. Experimental results and comparisons are demonstrated to illustrate the effectiveness and advantages of the proposed method. Moreover, the proposed method can be extended to deal with encoded multimedia, which further enriches the application scenarios. 相似文献
13.
This work proposes a novel protocol of encrypting the JPEG image suitable for image rescaling in the encrypted domain. To protect the privacy of original content, the image owner perturbs the texture and randomizes the structure of the JPEG image by enciphering the quantized Discrete Cosine Transform (DCT) coefficients. After receiving the encrypted JPEG image, the service provider generates a rescaled JPEG image by down-sampling the encrypted DCT coefficients. On the recipient side, the encrypted JPEG image rescaled by the service provider can be decrypted to a plaintext image with a lower resolution with the aid of encryption keys. Experimental results show that the proposed method has a good capability of rescaling the privacy-protected JPEG file. 相似文献
14.
In this paper a general framework to adopt different predictors for reversible data hiding in the encrypted image is presented. Employing linear regression, we propose innovative predictors that contribute more significantly to accomplish more payload than conventional ones. Reserving room before encryption (RRBE) is designated in the proposed scheme making possible to attain high embedding capacity. In RRBE procedure, pre-processing is allowed before image encryption. In our scheme, pre-processing comprises of three main steps: computing prediction-errors, blocking and labeling of the errors. By blocking, we obviate the need for lossless compression to when a content owner is not enthusiastic. Lossless compression is employed in recent state of the art schemes to improve payload. We surpass the prior arts exploiting proper predictors, more efficient labeling procedure and blocking of the prediction-errors. 相似文献
15.
Reversible data hiding in encrypted images is an effective technique to embed information in encrypted domain, without knowing the original content of the image or the encryption key. In this paper, a high-capacity reversible data hiding scheme for encrypted images based on MSB (most significant bit) prediction is proposed. Since the prediction is not always accurate, it is necessary to identify the prediction error and store this information in the location map. The stream cipher is then used to encrypt the original image directly. During the data hiding phase, up to three MSBs of each available pixel in the encrypted image are substituted by the bits of the secret message. At the receiving end, the embedded data can be extracted without any errors and the original image can be perfectly reconstructed by utilizing MSB prediction. Experimental results show that the scheme can achieve higher embedding capacity than most related methods. 相似文献
16.
Shen-Ming Chung Ming-Der Shieh Tzi-Cker Chiueh 《International Journal of Communication Systems》2023,36(1):e4141
Searchable encryption (SE) is considered important as it provides both confidentiality and searchability for the data stored in semi-trusted environments such as cloud. However, it is rarely deployed because most SE schemes are not native to cloud services as they require database modifications. In this paper, we present an SE scheme called Frequency-Eliminated Trapdoor-Character Hopping (FETCH) that, based on novel common-conditioned-subsequence-preserving (CCSP) techniques, is able to work natively with off-the-shelf databases and supports wildcard-based pattern search on encrypted data thereof. In fact, with the CCSP techniques, we transform the problem of wildcard SE searching into a problem of subsequence searching, which is solved fast in most databases and thus fits well with cloud services in general. Although in our security analysis, CCSP removes the possibility of obtaining theoretical indistinguishability between indexed items, we show that FETCH does provide adequate confidentiality protection and fares much better than other existing wildcard SE schemes in terms of query performance, storage overhead, and deployment complexity. In particular, FETCH is able to efficiently handle data sets whose size is multiple orders of magnitude larger than those that existing schemes can comfortably support. 相似文献
17.
为了在数据加密工程中推进一步推广AES标准,提高用AES标准加密数据的效率、安全性和灵活性,节省数据加密的软硬件资源,本论文用逻辑代数、二进制数、模2四则运算知识和GF域的四则运算知识对按照AES的数据加密算法Rijndael的具体实现进行了深入仔细地分析研究,提出了实现Rijndael的新方法和新技术,并对相关技术用通俗明确的语句进行了说明。本论文提出的数据加密的实现方法可以应用到实际工程中,具有节省数据加密器的软硬件资源的特点。 相似文献
18.
19.
20.
Communications security is increasing in importance as a result of the use of electronic communications in more and more business activities. Cryptography is the only practical means to provide security services in many applications. Research into cryptography was exploded in the last 18 years and a variety of cryptographic algorithms and techniques have emerged. Cryptographic algorithms may be classified as either symmetric, if the same key is shared by the sender and receiver, or asymmetric, if they use different keys. Symmetric algorithms have been dominated by the Data Encryption Standard since 1976, but a number of replacements are now being proposed. Asymmetric, or public key, algorithms allow provision of new security services such as digital signatures. The RSA algorithm is the most widely known of these, but a recently proposed standard for digital signatures is also of intense current interest 相似文献