CN118260310A

CN118260310A - Non-equivalent query method and system for secret database

Info

Publication number: CN118260310A
Application number: CN202410546890.XA
Authority: CN
Inventors: 石青; 苏章艳
Original assignee: Beijing Vastdata Technology Co ltd
Current assignee: Beijing Vastdata Technology Co ltd
Priority date: 2024-05-06
Filing date: 2024-05-06
Publication date: 2024-06-28

Abstract

The invention relates to the technical field of data query, and provides a non-equivalent query method and a system for a secret database, wherein the method comprises the following steps: creating a master key, creating a column encryption key by using the created master key, and creating a ciphertext table by using the created column encryption key; the method comprises the steps of performing encryption processing on SQL sentences of the inserted data, and inserting user input data into a ciphertext table by analyzing the SQL sentences of the inserted data after the encryption processing; the SQL statement of the query data subjected to encryption processing is analyzed and executed to obtain a data set conforming to the non-equivalent condition in the ciphertext table, and the data set conforming to the non-equivalent condition in the ciphertext table is decrypted to obtain a plaintext data set queried by a user. The non-equivalent query method and system for the secret database can realize the non-equivalent condition query of the ciphertext field in the openGauss secret database, and return a plaintext data set to the user, which is the same as a result set of the non-equivalent query of the plaintext field.

Description

Non-equivalent query method and system for secret database

Technical Field

The invention relates to the technical field of data query, in particular to a non-equivalent query method and a non-equivalent query system for a secret database.

Background

With the advent of cloud computing and big data age, data security and privacy protection have attracted increased attention. Data generated by various types of application software are stored in a database management system, and the data not only comprises personal privacy data, but also comprises sensitive data of different enterprises. The database management system manufacturer not only needs to standardize the research and development process of the product from the system level, but also needs to protect the stored data privacy and the security of sensitive data from the technical level.

The confidentiality and integrity of sensitive data in the transmission, calculation and storage processes are protected by the encryption technology, access control, audit and monitoring, data masking and integrity protection strategies of the confidential database. In practical application, the technology of the secret database mainly adopts the following two schemes: 1. the cryptographic solution, namely a pure soft solution, guarantees the correctness of the query by designing a cryptographic algorithm meeting the ciphertext query attribute, and still maintains the sequence attribute after data encryption as the common OPE (Order Preserving Encryption) algorithm is known; 2. hardware solution, ciphertext data operations in a re (Rich Execution Environment, the re corresponding to the TEE) environment are handled by a trusted execution environment (TEE, trusted Execution Environment).

OpenGauss is a relational database, and the cryptographic database of pure software realizes the equivalent query of ciphertext fields through client encryption drive, and does not support the non-equivalent query of ciphertext fields in a ciphertext table. However, in practical application, a great number of non-equivalent query sentences exist in the relational database, and for the clients with the requirements of conventional business, data security and privacy security containing non-equivalent queries, the openGauss secret state database cannot meet the business requirements currently.

Therefore, how to realize the non-equivalent query of openGauss secret databases becomes a technical problem to be solved.

Disclosure of Invention

In view of the above, the present invention aims to overcome the deficiencies of the prior art and provide a non-equivalent query method and system for a secret database.

According to a first aspect of the present invention there is provided a non-equivalent querying method for a cryptographic database, the method comprising:

creating a master key, creating a column encryption key by using the created master key, and creating a ciphertext table by using the created column encryption key;

the method comprises the steps of performing encryption processing on SQL sentences of the inserted data, and inserting user input data into a ciphertext table by analyzing the SQL sentences of the inserted data after the encryption processing;

The SQL statement of the query data subjected to encryption processing is analyzed and executed to obtain a data set conforming to the non-equivalent condition in the ciphertext table, and the data set conforming to the non-equivalent condition in the ciphertext table is decrypted to obtain a plaintext data set queried by a user.

Preferably, in the non-equivalent query method for a secret database of the present invention, creating the master key includes:

The application client sends SQL sentences for creating the master key to the database server;

After receiving the SQL statement for creating the master key, the database server stores the master key information into the gs_client_global_keys system table by executing the DDL statement;

After receiving the successful execution information of the DDL statement returned by the database server, the application program client encrypts the main key plaintext through the root key to form a main key ciphertext, and stores the main key ciphertext into a corresponding file under a machine appointed path where the client is located.

Preferably, in the non-equivalent query method for a secret database of the present invention, the master key information includes a name, an owner, a mode, a right, and creation time information of the master key.

Preferably, in the non-equivalent query method for a secret database of the present invention, the creation of the column encryption key using the created master key includes:

The application program client calls libpq _ce encryption drive to encrypt the column encryption key plaintext through the main key plaintext in the memory to obtain column encryption key ciphertext, splices the obtained column encryption key ciphertext with the SQL statement for creating the column encryption key, and sends the spliced SQL statement for creating the column encryption key to the database server;

After receiving the spliced SQL statement for creating the column encryption key, the database server stores the column encryption key ciphertext into the gs_column_keys_ args system table by executing the DDL statement.

Preferably, in the non-equivalent query method for a secret database of the present invention, the creating of the ciphertext table using the created column encryption key includes:

The application program client calls a client parser to uniformly convert the ciphertext field types with the column encryption key ciphertext in the SQL statement for creating the ciphertext table, and the converted SQL statement for creating the ciphertext table is sent to the database server;

After receiving the converted SQL statement for creating the ciphertext table, the database server creates the ciphertext table by executing the DDL statement, and stores ciphertext field encryption information in the SQL statement for creating the ciphertext table into the gs_encrypted_columns system table when the ciphertext table is created.

Preferably, in the non-equivalent query method for a secret database of the present invention, the ciphertext field encryption information includes a ciphertext table id, a ciphertext column name, a column encryption key id, an encryption type, a ciphertext column original data type oid, a ciphertext column original data type modifier, and a creation time.

Preferably, in the non-equivalent query method for a secret database of the present invention, the step of encrypting the SQL statement of the inserted data, and the step of parsing the SQL statement of the inserted data after the encryption, the step of inserting the user input data into the ciphertext table includes:

The application client receives SQL sentences of which the users insert data into the ciphertext table, and calls libpq a driver to send a column encryption key ciphertext request to the database server;

After receiving the column encryption key ciphertext request, the database server acquires a column encryption key ciphertext from a gs_column_keys_ args system table, and returns the acquired column encryption key ciphertext to the application program client;

The application program client obtains a master key ciphertext from a corresponding file under a machine appointed path of the application program client, obtains corresponding master key information from a gs_client_global_keys system table, decrypts the master key ciphertext to obtain a master key plaintext, decrypts the column encryption key ciphertext by adopting the obtained master key plaintext to obtain a column encryption key plaintext, encrypts a ciphertext field value of an SQL sentence of the inserted data by adopting the column encryption key plaintext, and sends the encrypted SQL sentence of the inserted data to a database server;

The database server analyzes and executes the received SQL statement of the encrypted inserted data, inserts the plaintext field value and the encrypted ciphertext field value in the SQL statement of the inserted data into a ciphertext table, and returns the number of the inserted data to the application client.

Preferably, in the non-equivalent query method for a secret database of the present invention, a data set meeting non-equivalent conditions in a ciphertext table is obtained by analyzing and executing an SQL statement of query data subjected to encryption processing, and a plaintext data set for user query is obtained by decrypting the data set meeting non-equivalent conditions in the ciphertext table, including:

the application program client receives an SQL sentence of the query data from the ciphertext table by a user, calls libpq _ce encryption drive to encrypt a right value in a non-equivalent condition in the SQL sentence of the query data, and sends the SQL sentence of the query data subjected to encryption processing to the database server;

The method comprises the steps that a database server performs analysis on SQL sentences of query data subjected to encryption processing, right values of non-equivalent conditions in the SQL sentences of the query data are obtained, the obtained right values of the non-equivalent conditions are compared with ciphertext field values appointed by the SQL sentences of the query data in a ciphertext table, and a data set meeting the non-equivalent conditions in the ciphertext table is returned to an application program client;

after receiving the data set meeting the non-equivalent condition in the ciphertext table, the application program client calls libpq a driver to send a column encryption key ciphertext request to the database server;

the application program client obtains a master key ciphertext from a corresponding file under a machine appointed path of the application program client, obtains corresponding master key information from a gs_client_global_keys system table, decrypts the master key ciphertext to obtain a master key plaintext, decrypts the column encryption key ciphertext by adopting the obtained master key plaintext to obtain a column encryption key plaintext, decrypts a data set meeting non-equivalent conditions in a ciphertext table by adopting the column encryption key plaintext to obtain a plaintext data set, and displays the obtained plaintext data set through the application program client.

According to a second aspect of the present invention there is provided a non-equivalent querying system for a cryptographic database, the system being for:

Preferably, the non-equivalent query system for a secret database of the present invention comprises:

the system comprises a ciphertext table creation module, a file creation module and a file creation module, wherein the ciphertext table creation module is used for creating a master key, creating a column encryption key by adopting the created master key, and creating a ciphertext table by adopting the created column encryption key;

The data insertion module is used for carrying out encryption processing on the SQL statement of the inserted data and inserting the user input data into the ciphertext table by analyzing the SQL statement of the inserted data after the encryption processing is carried out;

The data query module is used for obtaining a data set conforming to the non-equivalent condition in the ciphertext table by analyzing and executing the SQL statement of the query data subjected to the encryption processing, and obtaining a plaintext data set queried by the user by decrypting the data set conforming to the non-equivalent condition in the ciphertext table.

According to a third aspect of the present invention there is provided a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of the first aspect of the present invention when executing the program.

The non-equivalent query method and system for the secret database can realize the non-equivalent condition query of the ciphertext field in the openGauss secret database, and return a plaintext data set to a user, which is the same as a result set of the non-equivalent query of the plaintext field.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.

FIG. 1 is a flow chart of steps of a non-equivalent query method for a dense database according to an embodiment of the present invention;

FIG. 2 is a diagram of an exemplary architecture of a non-equivalent query system for a dense database according to an embodiment of the present invention;

Fig. 3 is a schematic structural diagram of the apparatus provided by the present invention.

Detailed Description

Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.

It should be noted that, without conflict, the following embodiments and features in the embodiments may be combined with each other; and, based on the embodiments in this disclosure, all other embodiments that may be made by one of ordinary skill in the art without inventive effort are within the scope of the present disclosure.

It is noted that various aspects of the embodiments are described below within the scope of the following claims. It should be apparent that the aspects described herein may be embodied in a wide variety of forms and that any specific structure and/or function described herein is merely illustrative. Based on the present disclosure, one skilled in the art will appreciate that one aspect described herein may be implemented independently of any other aspect, and that two or more of these aspects may be combined in various ways. For example, an apparatus may be implemented and/or a method practiced using any number of the aspects set forth herein. In addition, such apparatus may be implemented and/or such methods practiced using other structure and/or functionality in addition to one or more of the aspects set forth herein.

FIG. 1 is a flow chart of steps of a non-equivalent query method for a dense database according to an embodiment of the present invention. As shown in fig. 1, the non-equivalent query method for a secret database of the present embodiment includes the following steps:

Step S201: creating a master key, creating a column encryption key using the created master key, and creating a ciphertext table using the created column encryption key.

As an alternative example, in this embodiment, the creation of the master key is implemented as follows:

After receiving the SQL statement for creating the master key, the database server stores the master key information into the gs_client_global_keys system table by executing the DDL statement, for example, in this embodiment, the master key information includes the name, the owner, the mode, the authority and the creation time information of the master key;

As an alternative example, in the present embodiment, a column encryption key is created using the created master key, implemented as follows:

As an alternative example, in the present embodiment, the ciphertext table is created using the created column encryption key, implemented as follows:

After receiving the converted SQL statement for creating the ciphertext table, the database server creates the ciphertext table by executing the DDL statement, and stores ciphertext field encryption information in the SQL statement for creating the ciphertext table into the gs_encrypted_columns system table when the ciphertext table is created, wherein the ciphertext field encryption information comprises a ciphertext table id, a ciphertext column name, a column encryption key id, an encryption type, a ciphertext column original data type oid, a ciphertext column original data type modifier and creation time.

Step S202: the SQL sentence of the inserted data is encrypted, and the user input data is inserted into the ciphertext table by analyzing the SQL sentence of the inserted data after the encryption process is executed.

Step S203: the SQL statement of the query data subjected to encryption processing is analyzed and executed to obtain a data set conforming to the non-equivalent condition in the ciphertext table, and the data set conforming to the non-equivalent condition in the ciphertext table is decrypted to obtain a plaintext data set queried by a user.

The embodiment also provides a non-equivalent query system for a secret database, which is used for:

FIG. 2 is a diagram illustrating an example of a configuration of a non-equivalent query system for a secret database according to an embodiment of the present invention, as shown in FIG. 2, where the non-equivalent query system for a secret database according to the embodiment includes:

The non-equivalent query method and the system for the secret database can realize the non-equivalent condition query of the ciphertext field in the openGauss secret database, and return a plaintext data set to a user, which is the same as a result set of the non-equivalent query of the plaintext field.

As shown in FIG. 3, the present invention also provides an apparatus comprising a processor 310, a communication interface 320, a memory 330 for storing a processor executable computer program, and a communication bus 340. Wherein the processor 310, the communication interface 320 and the memory 330 perform communication with each other through the communication bus 340. The processor 310 implements the non-equivalent querying method for the cryptographic database described above by running an executable computer program.

The computer program in the memory 330 may be implemented in the form of software functional units and may be stored in a computer-readable storage medium when sold or used as a separate product. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method of the embodiments of the present application. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.

The system embodiments described above are merely illustrative, in which elements illustrated as separate elements may or may not be physically separate, and elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected based on actual needs to achieve the purpose of the embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.

From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus necessary general hardware platforms, or of course may be implemented by means of hardware. Based on such understanding, the foregoing technical solutions may be embodied essentially or in part in the form of a software product, which may be stored in a computer-readable storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to perform the various embodiments or methods of some parts of the embodiments.

The foregoing is merely illustrative of the present invention, and the present invention is not limited thereto, and any changes or substitutions easily contemplated by those skilled in the art within the scope of the present invention should be included in the present invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.

Claims

1. A non-equivalent query method for a dense database, the method comprising:

2. The method for non-equivalent querying of a cryptographic database of claim 1, wherein creating the master key comprises:

3. The non-equivalent querying method for a cryptographic database according to claim 2, wherein the master key information comprises a name, an owner, a schema, rights and creation time information of the master key.

4. The non-equivalent querying method for a cryptographic database according to claim 1, wherein creating a column encryption key using the created master key comprises:

5. The non-equivalent querying method for a cryptographic database according to claim 1, wherein creating a ciphertext table using the created column encryption key comprises:

6. The method of claim 5, wherein the ciphertext field encryption information comprises a ciphertext table id, a ciphertext column name, a column encryption key id, an encryption type, a ciphertext column raw data type oid, a ciphertext column raw data type modifier, and a creation time.

7. The non-equivalent query method for a cryptographic database according to claim 1, wherein inserting user input data into a ciphertext table by performing encryption processing on an SQL statement of the inserted data and by parsing the SQL statement of the inserted data after performing the encryption processing, comprises:

8. The method for non-equivalent query of a cryptographic database according to claim 1, wherein obtaining a data set in a ciphertext table that meets non-equivalent conditions by parsing an SQL statement that executes encrypted query data, and obtaining a plaintext data set for a user query by decrypting the data set in the ciphertext table that meets non-equivalent conditions, comprises:

9. A non-equivalent query system for a dense database, the system being configured to:

10. The non-equivalent query system for a dense database of claim 9, wherein said system comprises: