东北大学学报:自然科学版 ›› 2018, Vol. 39 ›› Issue (12): 1691-1696.DOI: 10.12068/j.issn.1005-3026.2018.12.004

• 信息与控制 • 上一篇    下一篇

面向多用户的多层嵌套数据库加密方案

周福才, 张鑫月, 曾康, 秦诗悦   

  1. (东北大学 软件学院, 辽宁 沈阳110169)
  • 收稿日期:2017-09-20 修回日期:2017-09-20 出版日期:2018-12-15 发布日期:2018-12-19
  • 通讯作者: 周福才
  • 作者简介:周福才(1964-),男,吉林长春人,东北大学教授,博士生导师.冯明杰(1971-), 男, 河南禹州人, 东北大学副教授; 王恩刚(1962-), 男, 辽宁沈阳人, 东北大学教授,博士生导师.
  • 基金资助:
    国家自然科学基金资助项目(51171041).国家自然科学基金资助项目(61772127,61472184); 国家科技重大专项(2013ZX03002006); 辽宁省科技攻关项目(2013217004); 中央高校基本科研业务费专项资金资助项目(N151704002);辽宁省博士启动基金资助项目(20141012); 沈阳市科技基金资助项目(F14231108).

Multi-layer Nested Database Encryption Scheme for Multiple Users

ZHOU Fu-cai, ZHANG Xin-yue, ZENG Kang, QIN Shi-yue   

  1. School of Software, Northeastern University, Shenyang 110169, China.
  • Received:2017-09-20 Revised:2017-09-20 Online:2018-12-15 Published:2018-12-19
  • Contact: ZHOU Fu-cai
  • About author:-
  • Supported by:
    -

摘要: 围绕外包数据的安全性问题与用户隐私性问题,展开对加密数据库方案的研究,提出了一个面向多用户的多层嵌套数据库加密方案.该方案根据洋葱模型多层理论,采用多种不同类型的加密算法对用户的外包数据进行多层嵌套加密,实现了既保证数据机密性又满足多种不同SQL查询类型的数据库加密方案.针对用户递交包含敏感信息的查询语句在一定程度上泄露用户自身的隐私这一问题,设计了基于单服务器私有信息检索(private information retrieval,PIR)技术的用户隐私保护机制,实现了用户匿名查询.安全性分析表明,该方案满足数据机密性与用户隐私性.Sysbench基准测试实验分析表明,该方案具有良好的查询处理效率、读写吞吐量以及健壮性.

关键词: 外包数据, 洋葱加密模型, 数据库加密, PIR, 隐私保护

Abstract: Encrypted database scheme about outsourced data confidentiality and user privacy was researched, and a scheme of multi-layer nested database encryption for multiple users was proposed. A data encryption scheme was also proposed based on onion model to perform nested encryption on outsourced data by applying multi-layer theory with a variety of data encryption algorithms to guarantee data confidentiality and to work with SQL queries in different types. Meanwhile, user privacy protection scheme was proposed based on single server private information retrieval(PIR)to enable users to send SQL queries with sensitive data and protect the privacy of users when accessing the database, realizing user anonymous query. The security analysis results show that the scheme protects data confidentiality and user privacy. An evaluation result tested with a benchmark tool Sysbench demonstrates its well query processing efficiency, throughput and robustness.

Key words: outsourced data, onion encryption model, database encryption, private information retrieval(PIR), privacy protection

中图分类号: