面向CryptDB的用户身份验证方案

CryptDB是一种典型的云密文数据库,由中间代理充当媒介,允许用户在前端发出明文语义查询请求,后端直接在加密数据上执行数据库操作。针对CryptDB系统代理服务器明文存储密钥未验证用户身份的问题,提出了使用用户口令加密密钥信息的方案,实现了增强密钥管理安全及代理间接验证用户身份的目的。实验结果证明了该方案的安全性和有效性。;CryptDB is a typical cloud ciphertext database,which acts as an intermediate by an intermediary agent,allowing users to issue plaintext semantic query requests on the frontend,and the backend directly performed query processing on encrypted data.Aiming at the problem of plain text storage key and unauthenticated user identity of CryptDB system proxy server,a scheme of encrypting key information using user password is proposed,which realizes the purpose of enhanced key management security and agent indirect authentication of user identity.The experiments prove the safety and effectiveness of the proposed scheme