网络磁盘技术在公安系统中的设计与实现

发布时间：2018-03-23 20:38

本文选题：加密技术　切入点：备份　出处：《电子科技大学》2013年硕士论文

【摘要】：随着整个社会电子商务业的蓬勃发展以及公安系统信息技术的普及，现代化公安系统的运作对信息技术的依赖也日益增加。由于关键数据一旦被窃取将会导致公安系统难以估计的损失，越来越多的关键数据需要机密地保存在计算机系统中。因此，如何简易地对这些数据进行加密，如何有效地保管口令和密钥已经成为当今研究的热门课题。本文针对网络磁盘数据灾难备份系统的数据加密技术进行了研究，在对比分析了各种加密技术的基础上，构建出了一个适合该网络磁盘数据灾难备份系统的加密方案，并对该系统的设计与实现过程进行了详细的介绍。该系统是基于B/S架构之上，鉴于加密的速度与密钥的管理问题，本文所实现的加密系统采用的是数字信封的方法，即加密时在发送端生成随机对称密钥，通过利用对称密钥对文件数据进行加密，，然后再利用发送方的密钥口令对对称密钥进行加密，再将加密后的对称密钥和密钥口令的md5值生成数字信封文件保存在发送端，由发送方自己保管，最后再将加密后的备份文件上传到灾备中心。利用这种方式既确保了对文件数据的完整性和安全性，同时又能有效地实现加密过程的高效性以及密钥管理的简易性。最后对本文所实现的系统的功能和性能进行了测试并得出结论：用错误的密钥，即使用户能将共享文件恢复到服务器端，但是依旧无法获取正确的内容，只有利用了正确的密钥，才可以将文件正确的恢复，从而获得正确的文件内容。在性能上，备份文件集的加密过程在备份总流程中所用的时间比较多。随着加密文件集的增大，所用的加密时间也会相应增加；而对于两种不同的加密算法3DES和AES-128来说，在加密文件的容量都比较小的情况下，所用的加密时间相差无几；但是随着加密文件集容量的增加，3DES算法加密所用的时间明显比AES-128算法所用时间增加得多。
[Abstract]:With the vigorous development of electronic commerce and the popularization of information technology in public security system, The operation of the modern public security system is also increasingly dependent on information technology. As the theft of key data will lead to an incalculable loss of the public security system, More and more key data need to be kept confidentially in computer system. Therefore, how to encrypt these data easily, how to keep password and key effectively has become a hot research topic. In this paper, the data encryption technology of the network disk data disaster backup system is studied. Based on the comparison and analysis of various encryption techniques, an encryption scheme suitable for the network disk data disaster backup system is constructed. The design and implementation of the system are introduced in detail. The system is based on the B / S architecture. In view of the problem of encryption speed and key management, the encryption system implemented in this paper adopts the method of digital envelope. In other words, the random symmetric key is generated at the sending end, the file data is encrypted by using the symmetric key, and then the symmetric key is encrypted by using the key password of the sender. Then, the encrypted symmetric key and the md5 value of the key password are generated into the digital envelope file, which is kept by the sender himself. Finally, the encrypted backup files are uploaded to the disaster preparedness center, which not only ensures the integrity and security of file data, but also effectively realizes the high efficiency of encryption process and the simplicity of key management. Finally, the function and performance of the system implemented in this paper are tested and concluded: with the wrong key, even if the user can restore the shared file to the server, it still can not get the correct content. Only when the correct key is used can the file be restored correctly and the correct file content can be obtained. In terms of performance, the encryption process of the backup file set takes more time in the backup total process. As the encrypted file set increases, For the two different encryption algorithms 3DES and AES-128, the encryption time is the same when the capacity of encrypted files is small. However, with the increase of the capacity of encrypted file sets, the encryption time of the algorithm is much longer than that of the AES-128 algorithm.
【学位授予单位】：电子科技大学
【学位级别】：硕士
【学位授予年份】：2013
【分类号】：TP333.35;TN918.4;TP311.52

【参考文献】