摘要
随着大数据的快速发展,数据泄露事件不断发生,数据安全日益被重视。基于硬件的芯片级隐私计算由芯片安全基础来保障上层应用的数据安全,成为了一种有效的数据安全解决方案。提出了一种基于隐私计算的数据库全生命周期保护方法,设计了一种新型密钥管理服务系统,基于芯片级安全基础模块对数据库访问密钥、账号进行加密,保证相关隐私数据全生命周期(存储、传输、使用)密态安全。本方案与普通计算中数据库操作相比,MySQL数据库系统读写操作性能损耗为30%左右,SQLCipher数据库系统的读写操作性能损耗为8 s左右,落地性较强。
In recent years, with the rapid development of big data, data leakage incidents have occurred constantly, and data security has been paid more and more attention. The hardware-based chip-level privacy computing uses the chip security base to ensure the data security of upper-layer applications, and has become an effective data security solution. This paper proposes a privacy-based computing-based database life cycle protection method. We design a new key management service system(Key Management Service, KMS). Encryption to ensure the security of the private data throughout the entire life cycle(storage, transmission, and use). Compared with database operations in ordinary computing, this solution has a performance loss of about 30% in read and write operations in the MySQL database system, and about 8 seconds in read and write operations in the SQLCipher database system.
作者
戴伟涛
俞锦浩
田文生
范佳峰
王泽东
陆一凡
严志超
唐攀攀
DAI Weitao;YU Jinhao;TIAN Wensheng;FAN Jiafeng;WANG Zedong;LU Yifan;YAN Zhichao;TANG Panpan(Nanhu Lab,Big Data Technolgy Research Center,Jiaxing 314000,China)
出处
《信息通信技术与政策》
2023年第2期65-74,共10页
Information and Communications Technology and Policy
