摘要
大数据时代,数据存储模式发生巨大变革。作为数据处理载体的传统关系型数据库,因其具有单一的存储结构与较差扩展性等特点,已无法满足对海量数据的高效查询和存储需求。HBase存储方案能够满足海量数据的存储需求,并使用LSM树结构加快数据查询效率。但随着大数据安全事件不断发生,只针对明文数据设计的LSM树如何在保证数据语义安全的前提下,实现加密数据高效率查询,是亟需解决的问题。文章提出了一种基于同态加密的HBase密文索引方法,结合改进后的同态加密算法与协处理器,构建二级密文索引机制,无需解密密文数据,即可对密文进行索引。在保证索引与数据明文语义安全的前提下,实现了加密数据查询效率的最大化。通过安全性分析与效率评估,证明该方法具有较高安全性与可用性。
In the era of big data,the data storage model is drastically changing.As a data processing carrier,the traditional relational database has no capability to meet the requirements of efficient storage and query of massive data because of its single storage structure and poor scalability.Storage Raster HBase can meet the storage requirement of massive data and use LSM tree structure to improve data query efficiency.However,since big data security events continue to occur,how to achieve efficient query of encrypted data under the premise of ensuring data semantic security is an urgent problem to be solved for the LSM tree which is only for plaintext data.In this paper,a HBase ciphertext indexing method based on homomorphic encryption is proposed.Combining the improved homomorphic encryption algorithm and coprocessor,a second ciphertext indexing mechanism is constructed.Our method enable ciphertext to be indexed without decrypting ciphertext data and maximize the encryption data query efficiency with ensuring the semantic security of the index and the data.Extensive experimental evalutions shows that the method has high safety and availability.
作者
傅智宙
王利明
唐鼎
张曙光
FU Zhizhou;WANG Liming;TANG Ding;ZHANG Shuguang(Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China;University of Chinese Academy of Sciences,Beijing 100039,China)
出处
《信息网络安全》
CSCD
北大核心
2020年第4期55-64,共10页
Netinfo Security
基金
国家重点研发计划[2017YFB1010000]。
关键词
同态加密
数据安全
HBase二级索引
密文检索
homomorphic encryption
data security
HBase secondary indexing
ciphertext search
