面向产业链协同SaaS平台的数据分级加解密系统设计与实现

发布时间：2018-06-10 16:41

本文选题：产业链协同 + SaaS　；参考：《西南交通大学》2016年硕士论文

【摘要】：产业链协同SaaS平台以公共服务平台的方式为中小企业提供协作服务以龙头企业为核心的企业联盟构成了平台的主要用户群。产业协作过程中产生的大量业务数据,都存储在平台的数据库中,因此必须保证数据库中存储的业务数据尤其是一些重要的数据不被第二方获取,这就需要平台对数据库中的业务数据提供机密性保护。针对平台的数据安全需求,结合产业链协同SaaS平台的用户特点以及数据特性,展开了面向产业链协同SaaS平台的数据分级加解密技术的研究。具体包括：(1)为了保证平台用户身份认证安全,采用哈希加盐技术来对用户的身份信息进行认证,在认证过程中可以保证用户信息的安全；(2)针对平台的角色建立相应的权限配置模型,权限配置由企业联盟的龙头企业管理员根据协作类型及需求进行配置,不同的角色分配不同的权限,平台用户通过分配的角色获取对应的权限来访问数据库中的数据；(3)为了保证密钥的安全性,利用混合随机数生成算法来生成密钥,根据不同的安全需求配置由不同长度的字符和数字混合组成的密钥；(4)分析平台数据的安全性需求,提出了数据库数据分级加密配置方案、数据分级解密查询方案和密钥的配置管理模型,其中加密配置和密钥的配置管理都由龙头企业管理员完成,并对算法的实现进行了描述；(5)对具体模块的设计和实现进行了详细描述,包括身份认证安全的实现、权限配置的实现、混合随机数生成算法的实现、加／解密引擎的实现和密钥的配置管理,利用权限与角色、字段以及密钥的绑定完成对数据库的分级加解密,并结合产业链协同SaaS平台数据库中的具体业务数据,完成了对系统功能的验证。
[Abstract]:Industrial chain collaborative SaaS platform provides cooperative services to small and medium-sized enterprises in the form of public service platform. The enterprise alliance with leading enterprises as the core constitutes the main user group of the platform. A large number of business data generated in the process of industrial cooperation are stored in the database of the platform, so it is necessary to ensure that the business data stored in the database, especially some important data, are not obtained by the second party. This requires the platform to provide confidential protection to the business data in the database. According to the data security requirements of the platform, combined with the user characteristics and data characteristics of the industrial chain collaborative SaaS platform, the research on the data gradation encryption and decryption technology for the industrial chain collaborative SaaS platform is carried out. Specifically including: 1) in order to ensure the security of user identity authentication on the platform, hash salt technology is used to authenticate the identity information of the user. In the process of authentication, we can ensure the safety of user information. (2) to establish the corresponding authority configuration model for the role of the platform, the authority configuration is configured by the leading enterprise administrator of the enterprise alliance according to the type and requirement of cooperation. Different roles assign different permissions. The platform users obtain the corresponding permissions to access the data in the database through the assigned roles. In order to ensure the security of the key, the hybrid random number generation algorithm is used to generate the key. According to the different security requirements configuration, which is composed of characters and numbers of different lengths, the security requirements of the platform data are analyzed, and the scheme of database data encryption configuration is put forward. Data hierarchical decryption query scheme and key configuration management model, in which encryption configuration and key configuration management are accomplished by leading enterprise administrator. The implementation of the algorithm is described. (5) the design and implementation of the specific module are described in detail, including the implementation of identity authentication security, the implementation of authorization configuration, and the realization of hybrid random number generation algorithm. The implementation of encryption / decryption engine and key configuration management, the binding of permissions and roles, fields and keys to complete the hierarchical encryption and decryption of the database, and combined with the industrial chain in the SaaS platform database specific business data. The function of the system is verified.
【学位授予单位】：西南交通大学
【学位级别】：硕士
【学位授予年份】：2016
【分类号】：TP311.52;TP393.09

【相似文献】