CN102799831A - Information safety protection system of application system based on database and information safety protection method - Google Patents
Information safety protection system of application system based on database and information safety protection methodDownload PDFInfo
- Publication number
- CN102799831A CN102799831ACN2012103108061ACN201210310806ACN102799831ACN 102799831 ACN102799831 ACN 102799831ACN 2012103108061 ACN2012103108061 ACN 2012103108061ACN 201210310806 ACN201210310806 ACN 201210310806ACN 102799831 ACN102799831 ACN 102799831A
- Authority
- CN
- China
- Prior art keywords
- database
- information
- center
- module
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
Translated fromChineseDescription
Translated fromChinese技术领域technical field
本发明属于信息安全技术领域,涉及一种信息安全保护系统,尤其涉及一种基于数据库的应用系统的信息安全保护系统,同时还涉及信息安全保护方法。The invention belongs to the technical field of information security, and relates to an information security protection system, in particular to an information security protection system based on a database application system, and also relates to an information security protection method.
背景技术Background technique
随着信息技术的发展,越来越多的企事业单位采用电子技术来处理日常事务,采用电子文档方式存储数据具有效率高、成本低、转移方便等优点。而数据库是这方面的典型代表,尤其是结构化查询语句等的发展。数据库具有方便共享,减少数据冗余、保持数据的独立性、实现数据集中控制、便于方便维护等优点。而且可以和前端的应用很方便的结合在一起,从而给用户更好的提供服务。目前基于数据库的应用系统已经深入到工作的各个方便,比如OA系统、ERP系统等。With the development of information technology, more and more enterprises and institutions use electronic technology to handle daily affairs. Using electronic documents to store data has the advantages of high efficiency, low cost, and convenient transfer. The database is a typical representative in this regard, especially the development of structured query statements. The database has the advantages of convenient sharing, reducing data redundancy, maintaining data independence, realizing centralized data control, and convenient maintenance. Moreover, it can be easily combined with front-end applications to provide users with better services. At present, the application system based on the database has penetrated into various conveniences of work, such as OA system, ERP system and so on.
同时,在考虑数据库提供的便利性的同时,不得不考虑其安全性。影响其安全性方面主要包含:宿主的安全性(所在操作系统的安全性),操作权限,核心数据的加密等。宿主的安全性主要依靠对所在操作系统进行安全漏洞和防护系统进行维护,操作权限包括细颗粒的权限系统,而核心数据加密则是采用MD5等算法对密码等核心数据进行加密。但目前所面临的主要问题是以上方法在面临现实使用时均具有一定的局限性和安全死角。比如系统管理员非法将服务器硬盘拔走,数据库开发人员将公司里面的数据携带出去,管理员有意或无意的非法操作导致数据库内的信息泄露等。At the same time, while considering the convenience provided by the database, its security has to be considered. Aspects that affect its security mainly include: the security of the host (the security of the operating system where it is located), operation permissions, encryption of core data, etc. The security of the host mainly depends on the maintenance of the security holes and protection system of the operating system. The operating authority includes a fine-grained authority system, and the core data encryption uses MD5 and other algorithms to encrypt core data such as passwords. But the main problem we are currently facing is that the above methods all have certain limitations and safety dead ends when faced with actual use. For example, the system administrator illegally unplugs the hard disk of the server, the database developer carries out the data in the company, and the administrator's intentional or unintentional illegal operations lead to information leakage in the database.
发明内容Contents of the invention
本发明的目的在于提供一种基于数据库的应用系统信息安全保护系统,在能够保证应用系统正常访问数据库的前提下,保证数据库系统的安全性。同时提供一整套基于数据库的应用系统信息安全保护方法,以保证数据库系统能够被正常使用。The purpose of the present invention is to provide a database-based application system information security protection system, which ensures the security of the database system on the premise that the application system can normally access the database. At the same time, it provides a set of database-based application system information security protection methods to ensure that the database system can be used normally.
本发明的技术方案如下:Technical scheme of the present invention is as follows:
一种基于数据库的应用系统信息安全保护系统,所述系统包括一个基于数据库系统端的中心端、一个或多个基于应用系统端的终端,以及一个用于中心端的硬件验证电子密匙;所述中心端设置于数据库服务器上,包括文档加密模块、文档解密模块、身份验证模块和安全保护模块;所述终端设置于应用服务器上,包括安全会话模块、安全端口模块和安全保护模块;各终端分别与中心端相连接;所述硬件验证电子密匙与中心端相连接,包括验证信息和权限信息。A database-based application system information security protection system, the system includes a central terminal based on the database system terminal, one or more terminals based on the application system terminal, and a hardware verification electronic key for the central terminal; the central terminal It is set on the database server, including document encryption module, document decryption module, identity verification module and security protection module; the terminal is set on the application server, including security session module, security port module and security protection module; each terminal communicates with the center respectively The terminal is connected; the hardware verification electronic key is connected with the central terminal, including verification information and authority information.
所述中心端使用文档加密模块对数据库文件进行透明加密保护,使数据库文件在使用过程中保持加密状态;所述文档解密模块对数据库文件在传送过程中进行透明解密操作,使数据库文件能够被正常使用;所述身份验证模块与硬件验证电子密匙进行强制绑定验证;所述安全保护模块用于防止非法操作,保护数据库系统的安全。The central end uses a document encryption module to transparently encrypt and protect the database file, so that the database file remains encrypted during use; the document decryption module performs a transparent decryption operation on the database file during transmission, so that the database file can be normally Use; the identity verification module and the hardware verification electronic key perform mandatory binding verification; the safety protection module is used to prevent illegal operations and protect the safety of the database system.
所述终端使用安全会话模块与中心端进行链接,以此保证应用系统在与数据库进行会话时保持安全状态;所述安全端口模块通过建立的安全会话向数据库发送端口信息,只有被验证的端口才能正常向服务器请求和发送信息;所述安全保护模块用于预防终端在建立链接或会话时被劫持。The terminal uses a secure session module to link with the central terminal, so as to ensure that the application system maintains a secure state when conducting a session with the database; the secure port module sends port information to the database through the established secure session, and only the verified port can Normally request and send information to the server; the security protection module is used to prevent the terminal from being hijacked when establishing a connection or session.
所述硬件验证电子密匙中的验证信息用于与中心端进行强制验证,所述权限信息用于在验证的基础上对用户提供相对应的权限。The verification information in the hardware verification electronic key is used for compulsory verification with the central terminal, and the authorization information is used for providing corresponding rights to the user on the basis of verification.
本发明还提供一种基于数据库的应用系统信息安全保护方法,包括:The present invention also provides a database-based application system information security protection method, including:
数据库文件加密步骤:用户在正常安装中心端并插入硬件验证电子密匙的情况下手动对数据库文件进行加密保护,加密保护后的数据库文件不允许任何连接,只有通过管理员设定的可信终端和可信端口才可以正常通信;Database file encryption steps: The user manually encrypts and protects the database file when the central terminal is installed normally and the hardware verification electronic key is inserted. The encrypted database file does not allow any connection, only through the trusted terminal set by the administrator. It can communicate normally with the trusted port;
数据库文件解密步骤:用户在正常安装中心端并插入硬件验证电子密匙的情况下手动对数据库文件进行解密操作,解密操作后的数据库文件可以在其他电脑上正常使用而无限制;Database file decryption steps: the user manually decrypts the database file after installing the central terminal and inserting the hardware verification electronic key, and the decrypted database file can be used normally on other computers without limitation;
电子密匙验证步骤:通过将中心端的相关信息与硬件验证电子密匙中的验证信息进行匹配,如果匹配不成功,数据库无法使用,若匹配成功则激活相应的权限模块;Electronic key verification step: by matching the relevant information of the center with the verification information in the hardware verification electronic key, if the matching is unsuccessful, the database cannot be used, and if the matching is successful, the corresponding authority module is activated;
安全会话步骤:终端先与中心端进行地址、端口验证,若成功收到中心端安全验证后的回复则发送用户和操作信息,若验证成功则可以正常会话;反之则无法正常向数据库发送或提取信息。Security session steps: the terminal first verifies the address and port with the center, and if it successfully receives the reply after the security verification from the center, it will send the user and operation information, and if the verification is successful, it can communicate normally; otherwise, it cannot send or extract to the database normally information.
所述数据库文件加密的具体步骤如下:管理员在安装有中心端的电脑上插入硬件验证电子密匙,输入相关信息,中心端同时读取硬件验证电子密匙中的验证信息,将输入的相关信息、硬件验证电子密匙中的验证信息与中心端内置的相关信息进行比对;若比对失败,则访问被拒绝,用户无法进行相应操作;若比对成功,用户可继续进行下一步操作;当用户选取一个或多个数据库文件进行手动加密操作时,中心端自动比对用户的权限信息,若用户拥有足够的权限进行操作,则可正常进行加密,反之操作被拒绝;当用户对数据库进行加密操作后,可设定相应的数据库权限信息,包括可通信IP与端口,以及是否允许解密操作。The concrete steps of described database file encryption are as follows: the administrator inserts the hardware authentication electronic key on the computer that is installed with the central end, inputs relevant information, and the central end simultaneously reads the verification information in the hardware authentication electronic key, and the input relevant information 1. Compare the verification information in the hardware verification electronic key with the relevant information built in the central terminal; if the comparison fails, the access will be rejected, and the user cannot perform corresponding operations; if the comparison is successful, the user can continue to the next step; When the user selects one or more database files for manual encryption operation, the center automatically compares the user's authority information. If the user has sufficient authority to operate, the encryption can be performed normally, otherwise the operation is rejected; when the user performs the operation on the database After the encryption operation, you can set the corresponding database permission information, including the communication IP and port, and whether to allow the decryption operation.
所述数据库文件解密的具体步骤如下:管理员在安装有中心端的电脑上插入硬件验证电子密匙,输入相关信息,中心端同时读取硬件验证电子密匙中的验证信息,将输入的相关信息、硬件验证电子密匙中的验证信息与中心端内置的相关信息进行比对;若比对失败,则访问被拒绝,用户无法进行相应操作;若比对成功,用户可继续进行下一步操作;当用户选取一个或多个数据库文件进行手动解密操作时,中心端自动比对用户的权限信息,若用户拥有足够的权限进行操作,则可正常进行解密,反之操作被拒绝。The specific steps of decrypting the database file are as follows: the administrator inserts the electronic key for hardware verification on the computer where the central terminal is installed, and inputs relevant information, and the central terminal reads the verification information in the electronic key for hardware verification at the same time, and the input relevant information 1. Compare the verification information in the hardware verification electronic key with the relevant information built in the central terminal; if the comparison fails, the access will be rejected, and the user cannot perform corresponding operations; if the comparison is successful, the user can continue to the next step; When the user selects one or more database files for manual decryption, the center automatically compares the user's authority information. If the user has sufficient authority to operate, the decryption can be performed normally, otherwise the operation is rejected.
所述电子密匙验证的具体步骤如下:通过将中心端的相关信息与硬件验证电子密匙中的验证信息进行匹配,若匹配失败,数据库无法使用;若匹配成功,则激活相应的权限模块,其包含以下几种情况:1)若中心端无硬件验证电子密匙,则数据库无法正常使用,但外网连接无限制;2)当中心端在插入硬件验证电子密匙时,如果中心端取出的硬件验证电子密匙的验证信息与中心端内置的相关信息不匹配,则中心端无法正常使用,此时数据库无法正常使用,但外网连接无限制;3)当中心端插入硬件验证电子密匙同时验证信息匹配,则限制外网连接,只允许通过合法端口才能正常与数据库进行通信,同时相应的权限模块被激活。The specific steps of the verification of the electronic key are as follows: by matching the relevant information of the central terminal with the verification information in the hardware verification electronic key, if the matching fails, the database cannot be used; if the matching is successful, the corresponding authority module is activated, and its Including the following situations: 1) If the central terminal does not have a hardware verification electronic key, the database cannot be used normally, but there is no limit to the external network connection; 2) When the central terminal is inserting the hardware verification electronic key, if the central terminal takes out the electronic key If the verification information of the hardware verification electronic key does not match the relevant information built in the central terminal, the central terminal cannot be used normally, and the database cannot be used normally at this time, but there is no limit to the external network connection; 3) When the central terminal inserts the hardware verification electronic key At the same time, if the verification information matches, the connection to the external network is restricted, and only legal ports are allowed to communicate with the database normally, and the corresponding permission module is activated at the same time.
所述安全会话的具体步骤如下:终端先将应用系统所在宿主主机的相关信息,包括IP地址信息、端口信息发送给中心端,中心端进行比对,若比对失败,则访问被拒绝;若比对成功,则将比对信息返回给终端;终端携带相关的链接信息,包括用户信息、操作信息发送给中心端,此时中心端进行二次比对,若比对失败,则访问被拒绝;若比对成功,则会话可正常进行;若中心端在收到终端多次请求,但多次比对均失败,则激活相应的保护信息,暂时中断与该终端的一切通信验证活动。The specific steps of the secure session are as follows: the terminal first sends relevant information about the host computer where the application system is located, including IP address information and port information, to the central terminal, and the central terminal performs a comparison. If the comparison fails, the access is rejected; If the comparison is successful, the comparison information will be returned to the terminal; the terminal will carry relevant link information, including user information and operation information, and send it to the center. At this time, the center will perform a second comparison. If the comparison fails, the access will be rejected. ; If the comparison is successful, the session can proceed normally; if the center receives multiple requests from the terminal, but the multiple comparisons fail, it activates the corresponding protection information and temporarily suspends all communication verification activities with the terminal.
本发明的有益技术效果是:The beneficial technical effect of the present invention is:
本发明通过在数据库系统端和应用系统端建立连接,防止非法用户或未授权用户对数据库进行备份或导出等操作。本发明提供针对数据库和应用系统安全交互的方法,以保证在整个会话过程中的安全性。本发明可以很好的弥补基于数据库的应用系统的安全死角,防止企业内的核心机密。The invention prevents illegal users or unauthorized users from backing up or exporting the database by establishing a connection between the database system end and the application system end. The invention provides a safe interaction method for the database and the application system to ensure the safety in the whole conversation process. The invention can well make up for the safety dead angle of the application system based on the database, and prevent core secrets in the enterprise.
本发明附加的方面和优点将在下面具体实施方式部分的描述中给出,部分将从下面的描述中变得明显,或通过本发明的实践了解到。Additional aspects and advantages of the invention will be set forth in the description which follows in the detailed description, and in part will be obvious from the description, or may be learned by practice of the invention.
附图说明Description of drawings
图1是本发明的系统框图。Fig. 1 is a system block diagram of the present invention.
图2是数据库系统初始化加密流程图。Figure 2 is a flow chart of database system initialization encryption.
图3是数据库系统解密流程图。Fig. 3 is a flow chart of database system decryption.
图4是硬件验证电子密匙与数据库系统正常协作流程图。Fig. 4 is a flow chart of the normal cooperation between the hardware verification electronic key and the database system.
图5是数据库系统与应用系统正常通信流程图。Fig. 5 is a flow chart of normal communication between the database system and the application system.
具体实施方式Detailed ways
下面结合附图对本发明的具体实施方式做进一步说明。The specific embodiments of the present invention will be further described below in conjunction with the accompanying drawings.
本发明提供一种基于数据库的应用系统安全保护系统,系统结构如图1所示,包括一个基于数据库系统端的中心端、一个或多个基于应用系统端的终端,以及一个用于中心端的硬件验证电子密匙。The present invention provides a database-based application system security protection system. The system structure is shown in Figure 1, including a central terminal based on the database system terminal, one or more terminals based on the application system terminal, and a hardware verification electronic terminal for the central terminal key.
中心端设置于数据库服务器上,包括文档加密模块、文档解密模块、身份验证模块和安全保护模块。数据库服务器上还设置有数据库系统。The central end is set on the database server, including a document encryption module, a document decryption module, an identity verification module and a security protection module. The database server is also provided with a database system.
终端设置于应用服务器上,包括安全会话模块、安全端口模块和安全保护模块。应用服务器上还设置有应用系统。各终端分别与中心端相连接。The terminal is set on the application server, including a safe session module, a safe port module and a safety protection module. An application system is also set on the application server. Each terminal is connected to the central terminal respectively.
硬件验证电子密匙与中心端相连接,包括验证信息和权限信息。The hardware verification electronic key is connected with the central terminal, including verification information and authority information.
基于上述系统,本发明所提供的基于数据库的应用系统安全保护方法包括如下步骤流程,结合图2~图5进行说明:Based on the above system, the database-based application system security protection method provided by the present invention includes the following steps and flow, which will be described in conjunction with FIGS. 2 to 5:
数据库系统初始化加密流程Database system initialization encryption process
如图2所示,管理员在安装有中心端的电脑上插入硬件验证电子密匙(以下简称EKEY),此时输入相关信息,中心端会同时读取EKEY中的验证信息,自动将输入的相关信息、中心端内置的相关信息、EKEY中的验证信息这三者进行对比。若比对失败,则访问被拒绝,用户无法进行相应操作;若比对成功,用户可继续进行下一步操作。当用户选取一个或多个数据库文件进行手动加密操作时,此时中心端会自动比对用户的权限信息,若用户拥有足够的权限进行操作,此时可正常进行加密,反之操作被拒绝。当用户对数据库进行加密操作后,可设定相应的数据库权限信息,例如可通信IP与端口,是否允许解密操作等。As shown in Figure 2, the administrator inserts the hardware verification electronic key (hereinafter referred to as EKEY) on the computer installed with the central terminal, and enters relevant information at this time, and the central terminal will read the verification information in the EKEY at the same time, and automatically convert the entered relevant information The information, the relevant information built in the center, and the verification information in EKEY are compared. If the comparison fails, the access is denied and the user cannot perform corresponding operations; if the comparison is successful, the user can continue to the next step. When the user selects one or more database files for manual encryption operation, the center will automatically compare the user's authority information at this time. If the user has sufficient authority to operate, the encryption can be performed normally at this time, otherwise the operation will be rejected. After the user encrypts the database, he can set the corresponding database permission information, such as the communication IP and port, whether to allow decryption, etc.
数据库系统解密流程Database system decryption process
如图3所示,管理员在安装有中心端的电脑上插入EKEY,此时输入相关信息,中心端会同时读取EKEY中的验证信息,自动将输入的相关信息、中心端内置的相关信息、EKEY中的验证信息这三者进行对比。若比对失败,则访问被拒绝,用户无法进行相应操作;若比对成功,用户可继续进行下一步操作。当用户选取一个或多个数据库文件进行手动解密操作时,此时中心端会自动比对用户的权限信息,若用户拥有足够的权限进行操作,此时可正常进行解密,反之操作被拒绝。As shown in Figure 3, the administrator inserts the EKEY on the computer with the central terminal installed. At this time, the relevant information is input, and the central terminal will read the verification information in the EKEY at the same time, and automatically convert the entered relevant information, the relevant information built in the central terminal, The verification information in EKEY is compared among the three. If the comparison fails, the access is denied and the user cannot perform corresponding operations; if the comparison is successful, the user can continue to the next step. When the user selects one or more database files for manual decryption, the center will automatically compare the user's authority information. If the user has sufficient authority to operate, the decryption can be performed normally at this time, otherwise the operation will be rejected.
EKEY与数据库正常协作流程EKEY and database normal cooperation process
如图4所示,通过将中心端的相关信息与EKEY中的验证信息进行匹配,如果匹配不成功,则数据库无法使用;若匹配成功,则激活相应的权限模块,其包含以下几种情况:1)若中心端无EKEY,则数据库无法正常使用,但外网连接无限制;2)当中心端在插入EKEY的时候,如果中心端取出的EKEY的验证信息与内置的相关信息不匹配,则中心端无法正常使用,此时数据库无法正常使用,但外网连接无限制;3)当中心端插入EKEY同时验证信息匹配,则限制外网连接,只允许通过合法端口才能正常与数据库进行通信,同时相应的权限模块被激活。As shown in Figure 4, by matching the relevant information of the central terminal with the verification information in EKEY, if the matching is unsuccessful, the database cannot be used; if the matching is successful, the corresponding authority module is activated, which includes the following situations: 1 ) If there is no EKEY at the central end, the database cannot be used normally, but there is no limit to the external network connection; 2) When the central end is inserting the EKEY, if the verification information of the EKEY taken out by the central end does not match the built-in relevant information, the central end The terminal cannot be used normally, and the database cannot be used normally at this time, but there is no limit to the external network connection; 3) When the central terminal inserts the EKEY and verifies that the information matches, the external network connection is restricted, and only legal ports are allowed to communicate with the database normally. The corresponding permission module is activated.
数据库系统与应用系统正常通信流程Normal communication process between database system and application system
如图5所示,终端先将应用系统所在的宿主主机的相关信息,例如IP地址信息、端口信息等发送给中心端,此时中心端进行比对,若比对失败,访问被拒绝;若比对成功,则将比对信息返回给终端,继续进行下一步;此时终端携带相关的链接信息,例如用户信息、操作信息等发送给中心端,此时中心端进行二次比对,若比对失败,访问被拒绝;若比对成功,则会话可正常进行。若中心端在收到终端多次请求,但多次比对均失败,则激活相应的保护信息,暂时中断与该终端的一切通信验证活动。As shown in Figure 5, the terminal first sends relevant information about the host where the application system is located, such as IP address information, port information, etc., to the central terminal. At this time, the central terminal performs a comparison. If the comparison fails, the access is rejected; if If the comparison is successful, the comparison information will be returned to the terminal and continue to the next step; at this time, the terminal carries relevant link information, such as user information, operation information, etc., to the center, and the center performs a second comparison. If the comparison fails, access is denied; if the comparison succeeds, the session can proceed normally. If the center terminal receives multiple requests from the terminal, but the multiple comparisons fail, it will activate the corresponding protection information and temporarily suspend all communication verification activities with the terminal.
以上所述的仅是本发明的优选实施方式,本发明不限于以上实施例。可以理解,本领域技术人员在不脱离本发明的基本构思的前提下直接导出或联想到的其他改进和变化,均应认为包含在本发明的保护范围之内。What is described above is only a preferred embodiment of the present invention, and the present invention is not limited to the above examples. It can be understood that other improvements and changes directly derived or conceived by those skilled in the art without departing from the basic idea of the present invention shall be considered to be included in the protection scope of the present invention.
Claims (9)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210310806.1ACN102799831B (en) | 2012-08-28 | 2012-08-28 | Information safety protection system of application system based on database and information safety protection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210310806.1ACN102799831B (en) | 2012-08-28 | 2012-08-28 | Information safety protection system of application system based on database and information safety protection method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102799831Atrue CN102799831A (en) | 2012-11-28 |
| CN102799831B CN102799831B (en) | 2014-11-26 |
Family
ID=47198935
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210310806.1AExpired - Fee RelatedCN102799831B (en) | 2012-08-28 | 2012-08-28 | Information safety protection system of application system based on database and information safety protection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102799831B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103500202A (en)* | 2013-09-29 | 2014-01-08 | 中国船舶重工集团公司第七0九研究所 | Security protection method and system for light-weight database |
| CN104636675A (en)* | 2013-11-08 | 2015-05-20 | 苏州慧盾信息安全科技有限公司 | System and method for providing safety protection for database |
| CN105303113A (en)* | 2014-06-23 | 2016-02-03 | 威尔奇·伊沃 | An identity theft prevention method and hardware database device |
| CN107563221A (en)* | 2017-09-04 | 2018-01-09 | 安徽爱她有果电子商务有限公司 | A kind of certification decoding security management system for encrypting database |
| CN107980134A (en)* | 2017-08-10 | 2018-05-01 | 福建联迪商用设备有限公司 | Method and system for safe input of intelligent terminal information |
| CN108173828A (en)* | 2017-12-22 | 2018-06-15 | 北京知道创宇信息技术有限公司 | Data transmission method, device and storage medium |
| CN108537062A (en)* | 2018-04-24 | 2018-09-14 | 山东华软金盾软件股份有限公司 | A kind of method of database data dynamic encryption |
| CN114666091A (en)* | 2022-02-15 | 2022-06-24 | 广州图灵科技有限公司 | Database system capable of automatically encrypting backup and preventing secret leakage |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101697511A (en)* | 2009-09-22 | 2010-04-21 | 南京大学 | Method and system for receiving mobile streaming media conditions |
| CN101938468A (en)* | 2010-08-06 | 2011-01-05 | 四川长虹电器股份有限公司 | Digital content protecting system |
| US20110072266A1 (en)* | 2008-10-10 | 2011-03-24 | Hisashi Takayama | Information processing device, authentication system, authentication device, information processing method, information processing program, recording medium, and integrated circuit |
| CN102255870A (en)* | 2010-05-19 | 2011-11-23 | 上海可鲁系统软件有限公司 | Security authentication method and system for distributed network |
- 2012
- 2012-08-28CNCN201210310806.1Apatent/CN102799831B/ennot_activeExpired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110072266A1 (en)* | 2008-10-10 | 2011-03-24 | Hisashi Takayama | Information processing device, authentication system, authentication device, information processing method, information processing program, recording medium, and integrated circuit |
| CN101697511A (en)* | 2009-09-22 | 2010-04-21 | 南京大学 | Method and system for receiving mobile streaming media conditions |
| CN102255870A (en)* | 2010-05-19 | 2011-11-23 | 上海可鲁系统软件有限公司 | Security authentication method and system for distributed network |
| CN101938468A (en)* | 2010-08-06 | 2011-01-05 | 四川长虹电器股份有限公司 | Digital content protecting system |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103500202A (en)* | 2013-09-29 | 2014-01-08 | 中国船舶重工集团公司第七0九研究所 | Security protection method and system for light-weight database |
| CN103500202B (en)* | 2013-09-29 | 2017-02-01 | 中国船舶重工集团公司第七0九研究所 | Security protection method and system for light-weight database |
| CN104636675A (en)* | 2013-11-08 | 2015-05-20 | 苏州慧盾信息安全科技有限公司 | System and method for providing safety protection for database |
| CN105303113A (en)* | 2014-06-23 | 2016-02-03 | 威尔奇·伊沃 | An identity theft prevention method and hardware database device |
| CN105303113B (en)* | 2014-06-23 | 2018-08-03 | 威尔奇·伊沃 | Identity anti-theft method and hardware database equipment |
| CN107980134A (en)* | 2017-08-10 | 2018-05-01 | 福建联迪商用设备有限公司 | Method and system for safe input of intelligent terminal information |
| CN107563221A (en)* | 2017-09-04 | 2018-01-09 | 安徽爱她有果电子商务有限公司 | A kind of certification decoding security management system for encrypting database |
| CN108173828A (en)* | 2017-12-22 | 2018-06-15 | 北京知道创宇信息技术有限公司 | Data transmission method, device and storage medium |
| CN108173828B (en)* | 2017-12-22 | 2021-01-12 | 北京知道创宇信息技术股份有限公司 | Data transmission method, device and storage medium |
| CN108537062A (en)* | 2018-04-24 | 2018-09-14 | 山东华软金盾软件股份有限公司 | A kind of method of database data dynamic encryption |
| CN114666091A (en)* | 2022-02-15 | 2022-06-24 | 广州图灵科技有限公司 | Database system capable of automatically encrypting backup and preventing secret leakage |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102799831B (en) | 2014-11-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102799831B (en) | Information safety protection system of application system based on database and information safety protection method | |
| CN106603484B (en) | Virtual key method, device applying same, background system and user terminal | |
| CA2709944C (en) | System and method for securing data | |
| CN100449561C (en) | USB storage device data leakage prevention system and method based on certificate and transparent encryption | |
| CN111815816B (en) | Electronic lock security system and key distribution method thereof | |
| US7861015B2 (en) | USB apparatus and control method therein | |
| EP1866873B1 (en) | Method, system, personal security device and computer program product for cryptographically secured biometric authentication | |
| US20100266132A1 (en) | Service-based key escrow and security for device data | |
| CN101488952A (en) | Mobile storage apparatus, data secured transmission method and system | |
| CN104299300B (en) | The unblanking and close locking method of safety intelligent lock system based on NFC | |
| CN102215221A (en) | Methods and systems for secure remote wake, boot, and login to a computer from a mobile device | |
| CN101237353B (en) | A method and system for monitoring mobile storage device based on USBKEY | |
| CN111815812B (en) | Third-party unlocking control method and system for electronic lock | |
| CN111815814B (en) | Electronic lock security system and binding authentication method thereof | |
| CN101483654A (en) | Method and system for implementing authentication and data safe transmission | |
| CN105099705B (en) | A secure communication method and system based on USB protocol | |
| CN111954211B (en) | Novel authentication key negotiation system of mobile terminal | |
| CN111815813A (en) | Electronic lock safety system | |
| CN106533693B (en) | Access method and device of railway vehicle monitoring and overhauling system | |
| CN104333545A (en) | Method for encrypting cloud storage file data | |
| CN111815817A (en) | Access control safety control method and system | |
| GB2432436A (en) | Programmable logic controller peripheral device | |
| WO2007094763A2 (en) | Data security including real-time key generation | |
| CN111815815B (en) | Electronic lock safety system | |
| CN104333452A (en) | Multi-account encryption method for file data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee | Owner name:JIANGSU HUAYU INFORMATION TECHNOLOGY CO., LTD. Free format text:FORMER NAME: WUXI CINSEC INFORMATION TECHNOLOGY CO., LTD. | |
| CP03 | Change of name, title or address | Address after:214000. -20-403, 58 embroidered Road, Binhu District, Binhu District, Jiangsu, Wuxi Patentee after:JIANGSU CINSEC INFORMATION TECHNOLOGY Co.,Ltd. Address before:Jinxi road Binhu District 214081 Jiangsu province Wuxi Henghua Science Park No. 100, building 20, Room 403 Patentee before:WUXI CINSEC INFORMATION TECHNOLOGY Co.,Ltd. | |
| PE01 | Entry into force of the registration of the contract for pledge of patent right | Denomination of invention:Information safety protection system of application system based on database and information safety protection method Effective date of registration:20150507 Granted publication date:20141126 Pledgee:Agricultural Bank of China Limited by Share Ltd. Wuxi science and Technology Branch Pledgor:JIANGSU CINSEC INFORMATION TECHNOLOGY Co.,Ltd. Registration number:2015990000364 | |
| PLDC | Enforcement, change and cancellation of contracts on pledge of patent right or utility model | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right | Date of cancellation:20210326 Granted publication date:20141126 Pledgee:Agricultural Bank of China Limited by Share Ltd. Wuxi science and Technology Branch Pledgor:JIANGSU CINSEC INFORMATION TECHNOLOGY Co.,Ltd. Registration number:2015990000364 | |
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right | Denomination of invention:Information security protection system and information security protection method of application system based on Database Effective date of registration:20210412 Granted publication date:20141126 Pledgee:Jiangsu Jiangyin Rural Commercial Bank Co.,Ltd. Wuxi Branch Pledgor:JIANGSU CINSEC INFORMATION TECHNOLOGY Co.,Ltd. Registration number:Y2021320010127 | |
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee | Granted publication date:20141126 |