Database data encryption and decryption method and system based on database connection pool

A database, encryption and decryption technology, applied in the field of database security information, can solve the problems of large amount of data in the encryption and decryption interface, slow processing process, long debugging period, etc., and achieve the effect of high encryption level, convenient decryption, and high expansion efficiency

Active Publication Date: 2021-04-27
厦门商集网络科技有限责任公司
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If the encryption and decryption extension technology of the existing technology is used, the encryption and decryption interface data volume to be processed is large, the processing flow is slow, and the debugging takes a long period

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Database data encryption and decryption method and system based on database connection pool

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0042] The database encryption and decryption method based on the database connection pool comprises the following steps:

[0043] S1: Perform initialization processing on tables and fields of the database to be encrypted, and input SQL execution statements, wherein the initialization processing includes configuring tables and fields to be encrypted in the database to be encrypted and decrypted. The SQL execution statement is the application statement of the database, including querying, adding, updating, and deleting a piece of data.

[0044]Perform initialization processing in SQL parsing. The SQL parser includes SqlAnalysisMeta, which is the metadata recorded after parsing SQL. It is mainly thread variables that store field information and traverse the entire life cycle of SQL execution. Contains two fields, columnSet and parameterIndexSet, and a SqlAnalysisMeta thread variable, where columnSet is the field to be encrypted and decrypted, and parameterIndexSet is the subscri...

Embodiment 2

[0092] The database encryption and decryption system based on the database connection pool includes a memory and a processor, the memory stores instructions, and the instructions are suitable for being loaded by the processor and performing the following steps:

[0093] Perform initialization processing on tables and fields of the database to be encrypted, and input SQL execution statements, wherein the initialization processing includes configuring tables and fields to be encrypted in the database to be encrypted and decrypted.

[0094] Intercept the SQL execution statement and perform field analysis on it. When the SQL execution statement includes the tables and fields of the database to be encrypted and decrypted, the statement type is judged; otherwise, the input parameter setting value replacement operation is performed.

[0095] Determine the type of the SQL execution statement:

[0096] When the SQL execution statement type is a SELECT statement, the query field is anal...

Embodiment 3

[0108] Database initialization is the configuration class for the fields of tables that need to be encrypted, that is, SqlCryptoConfig.

[0109] During initialization, configure the entity (key) and field array (value) to be encrypted in tableColumMap. In this embodiment, the database is a list of personnel and their corresponding data such as age and gender.

[0110] Enter the filter SqlAnalysisFilter: intercept the SQL statement. In this embodiment, the command "select name from tb_user where name=Han Meimei" input by the operator means that the SQL is executed to query the item information whose name is Han Meimei.

[0111] First, judge through the statement field that the current SQL is a Select statement, and judge whether the tables and fields of the Select statement are in SqlCryptoConfig. If the result exists, the field queried by the Select statement, that is, the entry information corresponding to Han Meimei needs to be decrypted. Store the query field to be decryp...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention relates to a database data encryption and decryption method and system based on a database connection pool. By directly performing encryption and decryption on the data access layer (JDBC), the characteristics of SQL to be executed and input parameters can be obtained in the JDBC layer, and SQL execution can be automatically analyzed. Statements, interception, encryption, decryption, and conversion of statements, and execution of SQL actions. In this way, the function of embedding encryption and decryption of sensitive data into the system can be realized without manually modifying the original SQL in a large area. And it is similar to the SQL execution statement, no need to repeat the test, as long as there is a correct analysis, it can be considered that the similar SQL can also be executed correctly, high efficiency, small changes to the original system, and less workload.

Description

technical field [0001] The invention relates to a database data encryption and decryption method and system based on a database connection pool, and belongs to the field of database security information. Background technique [0002] Druid is an efficient and powerful database connection pool, which mainly solves the aggregation query for a large amount of time-series-based data. Data can be ingested in real time, and can be checked immediately after entering Druid. At the same time, the data is almost immutable. Usually it is a factual event based on time series. After the fact occurs, it enters Druid, and the external system can query the fact. Its core capabilities include monitoring data access performance, database password encryption, SQL execution log, extended JDBC, etc. [0003] Since the existing stable running system did not consider the encryption and decryption of sensitive database data at the beginning of the design, if the SQL execution statement in the cod...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/60G06F21/62G06F16/242
CPCG06F21/602G06F21/6227G06F2221/2107
Inventor 曾宇鹏张微黄灿达
Owner 厦门商集网络科技有限责任公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap