US 12,254,100 B2
Data security realization method and system based on K-DB database, and storage medium
Benshuai Wei, Jiangsu (CN); and Yankui Du, Jiangsu (CN)
Assigned to INSPUR SUZHOU INTELLIGENT TECHNOLOGY CO., LTD., Jiangsu (CN)
Appl. No. 18/010,267
Filed by INSPUR SUZHOU INTELLIGENT TECHNOLOGY CO., LTD., Jiangsu (CN)
PCT Filed Feb. 19, 2021, PCT No. PCT/CN2021/076801
§ 371(c)(1), (2) Date Dec. 14, 2022,
PCT Pub. No. WO2021/253850, PCT Pub. Date Dec. 23, 2021.
Claims priority of application No. 202010539424.0 (CN), filed on Jun. 14, 2020.
Prior Publication US 2023/0297692 A1, Sep. 21, 2023
Int. Cl. G06F 21/60 (2013.01); G06F 16/22 (2019.01); G06F 21/62 (2013.01)
CPC G06F 21/602 (2013.01) [G06F 16/2255 (2019.01); G06F 21/6218 (2013.01)] 14 Claims
OG exemplary drawing
 
1. A data security realization method based on a K-DB database, comprising:
receiving a data processing request of a user regarding a data table in a database, wherein the data processing request regarding the data table comprises a data insertion action request regarding the data table, a data modification action request regarding the data table, and a data deletion action request regarding the data table;
successively executing, in a case where the data processing request is a data insertion action request regarding the data table, hash and encryption actions on inserted data, and storing encrypted data in an encrypted permanent hash table; and
generating, in a case where the data processing request is a data modification action request regarding the data table or a data deletion action request regarding the data table, an instruction for prohibiting data modification or data deletion,
wherein successively executing, in a case where the data processing request is a data insertion action request regarding the data table, hash and encryption actions on inserted data, and storing encrypted data in an encrypted permanent hash table comprises:
performing hash calculation on the inserted data, and storing a hash value obtained by the hash calculation in a permanent hash table; and
performing security attribute identification calculation on the hash value obtained by the hash calculation, appending a time stamp value after the hash value, generating n encrypted hash value, and storing the encrypted hash value in the encrypted permanent hash table;
wherein generating, in a case where the data processing request is a data modification action request regarding the data table, an instruction for prohibiting data modification comprises:
successively calculating hash values of data elements of the data table;
performing hash calculation on an entirety of the data elements of the data table after the hash calculation to obtain a hash value corresponding to modified data, and storing the hash value corresponding to the modified data in a temporary hash table;
determining a row position of the modified data in the data table, and decrypting a hash value at the determined row position in the encrypted permanent hash table to obtain a permanent hash value;
comparing the hash value stored in the temporary hash table with the permanent hash value obtained by decryption, and determining whether the hash value stored in the temporary hash table is consist with the permanent hash value obtained by decryption;
in a case where it is determined that the hash value stored in the temporary hash table is consistent with the permanent hash value obtained by decryption, generating the instruction for prohibiting data modification, and
in a case where it is determined that the hash value stored in the temporary hash table is not consistent with the permanent hash value obtained by decryption, also generating the instruction for prohibiting data modification.