[go: up one dir, main page]

CN111563266B - Power system data operation program encryption method and device, decryption method and device - Google Patents

Power system data operation program encryption method and device, decryption method and device Download PDF

Info

Publication number
CN111563266B
CN111563266B CN202010372185.4A CN202010372185A CN111563266B CN 111563266 B CN111563266 B CN 111563266B CN 202010372185 A CN202010372185 A CN 202010372185A CN 111563266 B CN111563266 B CN 111563266B
Authority
CN
China
Prior art keywords
database
source code
data
power system
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010372185.4A
Other languages
Chinese (zh)
Other versions
CN111563266A (en
Inventor
黄利军
张航
黄浩然
丁博
王少鹏
杨迎春
张延辉
康振全
丁亮
刘洋
吕梦婷
贾亚楠
吴可可
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xuji Group Co Ltd
XJ Electric Co Ltd
Xuchang XJ Software Technology Co Ltd
Original Assignee
Xuji Group Co Ltd
XJ Electric Co Ltd
Xuchang XJ Software Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xuji Group Co Ltd, XJ Electric Co Ltd, Xuchang XJ Software Technology Co Ltd filed Critical Xuji Group Co Ltd
Priority to CN202010372185.4A priority Critical patent/CN111563266B/en
Publication of CN111563266A publication Critical patent/CN111563266A/en
Application granted granted Critical
Publication of CN111563266B publication Critical patent/CN111563266B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/629Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a method and a device for encrypting an operation program of a database of a power system, wherein the method comprises the following steps: acquiring original data of source codes of operation programs; encrypting the original data and returning the encrypted data to the source code; and compiling the source code containing the encrypted data. A method and a device for decrypting the database operation program of the power system are also disclosed. The method has the advantages that the readability is improved by using plaintext editing in the encoding stage, the original data in the source code is encrypted before encoding so as to improve the safety, the database is prevented from being illegally invaded and key data are prevented from being maliciously tampered, the safety of the database of the power system is improved, and the operation and stability of the power system are improved.

Description

电力系统数据操作程序加密方法及装置、解密方法及装置Power system data operation program encryption method and device, decryption method and device

技术领域technical field

本发明涉及电力系统安全控制技术领域,特别涉及一种电力系统数据操作程序加密方法及装置、解密方法及装置。The invention relates to the technical field of power system security control, in particular to a power system data operation program encryption method and device, and a decryption method and device.

背景技术Background technique

电力系统运行监控应用程序通常由C++语言设计编码实现,主要包括设备建模、图形组态、实时监控、历史查询等功能。这些功能涉及到的设备静态数据、图形组态数据、历史存储数据通常保存在商用关系型数据库中,系统各功能模块应用程序中存在大量数据库操作SQL语句文本,这些SQL语句实现对监控数据的增删改查操作,是系统功能实现的重要支撑。Power system operation monitoring applications are usually designed and coded by C++ language, mainly including equipment modeling, graphic configuration, real-time monitoring, historical query and other functions. The equipment static data, graphic configuration data, and historical storage data involved in these functions are usually stored in commercial relational databases. There are a large number of database operation SQL statement texts in the application programs of each functional module of the system. These SQL statements realize the increase of monitoring data. The operation of deleting, modifying and checking is an important support for the realization of system functions.

应用程序中的SQL语句文本在编译器生成可执行文件或库文件后仍然是可直读的文本段,其中包括SQL关键字及数据库表名、字段名等信息。不法分子可在没有源代码、不经过编译的情况下直接修改二进制应用程序进行非法侵入。例如,通过SQL关键字修改,将“select”改为“delete”会造成数据库数据损坏系统异常;通过数据库表名和数据库字段名修改可绕过权限管理,造成敏感数据失窃泄密。The SQL statement text in the application program is still a directly readable text segment after the compiler generates the executable file or library file, including SQL keywords, database table names, field names and other information. Criminals can directly modify binary applications for illegal intrusion without source code or compilation. For example, changing "select" to "delete" through SQL keyword modification will cause database data damage and system exceptions; modifying database table names and database field names can bypass permission management, resulting in theft of sensitive data.

电力系统监控设备作为电力系统安全运行的关键设备,在泛在电力物联网快速建设的背景下,基于数据库操作的应用程序存在非法篡改和入侵的安全漏洞,上述非法入侵行为将会造成极大的社会经济损失。Power system monitoring equipment is the key equipment for the safe operation of the power system. Under the background of the rapid construction of the ubiquitous power Internet of Things, the application programs based on database operations have security loopholes of illegal tampering and intrusion. The above illegal intrusions will cause great harm. socioeconomic loss.

发明内容Contents of the invention

本发明实施例的目的是提供一种电力系统数据操作程序加密方法及装置、解密方法及装置,通过在编码阶段使用明文编辑以提高可读性,在编译前对源代码中的原始数据进行加密处理以提高安全性,防止数据库被非法入侵和关键数据被恶意篡改,提高了电力系统数据库的安全性,提升了电力系统运行的和稳定性。The purpose of the embodiment of the present invention is to provide a power system data operation program encryption method and device, decryption method and device, by using plain text editing in the encoding stage to improve readability, and encrypt the original data in the source code before compiling Processing to improve security, prevent the database from being illegally invaded and key data from being maliciously tampered with, improve the security of the power system database, and improve the operation and stability of the power system.

为解决上述技术问题,本发明实施例的第一方面提供了一种电力系统数据操作程序加密方法,包括:In order to solve the above technical problems, the first aspect of the embodiments of the present invention provides a power system data operation program encryption method, including:

获取操作程序源代码的原始数据;access to raw data of operating program source code;

对所述原始数据进行加密处理,并将加密数据返回所述源代码;Encrypt the original data, and return the encrypted data to the source code;

对包含所述加密数据的所述源代码进行编译处理。Compile the source code containing the encrypted data.

进一步地,所述原始数据包括:SQL语句、数据库表名和/或数据库字段名。Further, the original data includes: SQL statement, database table name and/or database field name.

进一步地,所述对所述原始数据进行加密处理并将加密数据返回所述源代码,包括:Further, the encrypting the original data and returning the encrypted data to the source code includes:

对所述源代码中的所述SQL语句、所述数据库表名和/或所述数据库字段名进行编译前加固;Reinforce the SQL statement, the database table name and/or the database field name in the source code before compiling;

对所述源代码中的所述RuningDeCode函数进行扫描,并提取所述RuningDeCode函数参数;Scanning the RunningDeCode function in the source code, and extracting the RunningDeCode function parameters;

对所述RuningDeCode函数参数进行加密处理,将加密后的所述RuningDeCode函数参数返回至所述源代码中的函数调用位置。Encrypting the parameters of the RunningDeCode function, and returning the encrypted parameters of the RunningDeCode function to the function calling position in the source code.

进一步地,所述对所述源代码中的所述RuningDeCode函数进行扫描,包括:Further, the scanning of the RunningDeCode function in the source code includes:

基于正则表达式对所述源代码中的所述RuningDeCode函数进行扫描。Scanning the RunningDeCode function in the source code based on a regular expression.

相应地,本发明实施例的第二方面提供了一种电力系统数据库操作程序加密装置,包括:Correspondingly, the second aspect of the embodiments of the present invention provides a power system database operation program encryption device, including:

第一获取模块,用于获取操作程序源代码的原始数据;The first obtaining module is used to obtain the original data of the operating program source code;

加密模块,用于对所述原始数据进行加密处理,并将加密数据返回所述源代码;An encryption module, configured to encrypt the original data and return the encrypted data to the source code;

编译模块,用于对包含所述加密数据的所述源代码进行编译处理。A compiling module, configured to compile the source code containing the encrypted data.

进一步地,所述原始数据包括:SQL语句、数据库表名和/或数据库字段名。Further, the original data includes: SQL statement, database table name and/or database field name.

进一步地,所述加密模块包括:Further, the encryption module includes:

加工单元,用于对所述源代码中的所述SQL语句、所述数据库表名和/或所述数据库字段名进行编译前加固;A processing unit, configured to reinforce the SQL statement, the database table name and/or the database field name in the source code before compiling;

扫描提取单元,用于对所述源代码中的所述RuningDeCode函数进行扫描,并提取所述RuningDeCode函数参数;a scanning extraction unit, configured to scan the RunningDeCode function in the source code, and extract the parameters of the RunningDeCode function;

加密单元,用于对所述RuningDeCode函数参数进行加密处理,将加密后的所述RuningDeCode函数参数返回至所述源代码中的函数调用位置。The encryption unit is configured to encrypt the parameters of the RunningDeCode function, and return the encrypted parameters of the RunningDeCode function to the function calling position in the source code.

进一步地,所述扫描提取单元基于正则表达式对所述源代码中的所述RuningDeCode函数进行扫描。Further, the scanning extraction unit scans the RunningDeCode function in the source code based on a regular expression.

本发明实施例的第三方面提供了一种电力系统数据库操作程序解密方法,包括如下步骤:A third aspect of the embodiments of the present invention provides a method for decrypting an operating program of a power system database, comprising the following steps:

获取操作程序编译处理后的源代码中的加密数据;Obtain the encrypted data in the compiled and processed source code of the operating program;

对所述加密数据进行解密,得到解密数据;Decrypting the encrypted data to obtain decrypted data;

将所述解密数据返回所述源代码中,并运行所述操作程序。return the decrypted data to the source code, and run the operation program.

进一步地,所述解密数据包括:SQL语句、数据库表名和/或数据库字段名。Further, the decrypted data includes: SQL statement, database table name and/or database field name.

进一步地,所述对所述加密数据进行解密得到解密数据,包括:Further, said decrypting said encrypted data to obtain decrypted data includes:

对加密后的RuningDeCode函数参数进行解密,得到解密数据;Decrypt the encrypted parameters of the RunningDeCode function to obtain the decrypted data;

将所述解密数据进行动态拼接,得到所述SQL语句、所述数据库表名和/或所述数据库字段名,并将所述SQL语句、所述数据库表名和/或所述数据库字段名返回至所述源代码中。The decrypted data is dynamically spliced to obtain the SQL statement, the database table name and/or the database field name, and the SQL statement, the database table name and/or the database field name are returned to the in the source code.

本发明实施例的第四方面提供了一种电力系统数据库操作程序解密装置,包括:The fourth aspect of the embodiments of the present invention provides a power system database operating program decryption device, including:

第二获取模块,用于获取操作程序编译处理后的源代码中的加密数据;The second obtaining module is used to obtain the encrypted data in the source code after the operating program is compiled and processed;

解密模块,用于对所述加密数据进行解密,得到解密数据;A decryption module, configured to decrypt the encrypted data to obtain decrypted data;

控制模块,用于将所述解密数据返回所述源代码中,并运行所述操作程序。A control module, used to return the decrypted data to the source code, and run the operation program.

进一步地,所述解密数据包括:SQL语句、数据库表名和/或数据库字段名。Further, the decrypted data includes: SQL statement, database table name and/or database field name.

进一步地,所述解密模块包括:Further, the decryption module includes:

解密单元,用于对加密后的RuningDeCode函数参数进行解密,得到解密数据;The decryption unit is used to decrypt the encrypted RunningDeCode function parameters to obtain decrypted data;

数据处理单元,用于将所述解密数据进行动态拼接,得到所述SQL语句、所述数据库表名和/或所述数据库字段名,并将所述SQL语句、所述数据库表名和/或所述数据库字段名返回至所述源代码中。A data processing unit, configured to dynamically splice the decrypted data to obtain the SQL statement, the database table name and/or the database field name, and combine the SQL statement, the database table name and/or the The database field names are returned in the source code.

本发明实施例的上述技术方案具有如下有益的技术效果:The above technical solutions of the embodiments of the present invention have the following beneficial technical effects:

通过在编码阶段使用明文编辑以提高可读性,在编译前对源代码中的原始数据进行加密处理以提高安全性,防止数据库被非法入侵和关键数据被恶意篡改,提高了电力系统数据库的安全性,提升了电力系统运行的和稳定性。By using plaintext editing in the coding stage to improve readability, and encrypting the original data in the source code before compiling to improve security, prevent the database from being illegally invaded and key data from being maliciously tampered with, and improve the security of the power system database It improves the operation and stability of the power system.

附图说明Description of drawings

图1是本发明实施例提供的电力系统数据库操作程序加密方法流程图;Fig. 1 is a flow chart of a power system database operating program encryption method provided by an embodiment of the present invention;

图2是本发明实施例提供的电力系统数据库操作程序加密装置模块图;Fig. 2 is a block diagram of a power system database operating program encryption device provided by an embodiment of the present invention;

图3是本发明实施例提供的加密模块框图;Fig. 3 is a block diagram of an encryption module provided by an embodiment of the present invention;

图4是本发明实施例提供的电力系统数据库操作程序解密方法流程图;Fig. 4 is a flow chart of a method for decrypting an operating program of a power system database provided by an embodiment of the present invention;

图5是本发明实施例提供的电力系统数据库操作程序解密装置模块图;Fig. 5 is a block diagram of a power system database operation program decryption device provided by an embodiment of the present invention;

图6是本发明实施例提供的解密模块框图。Fig. 6 is a block diagram of a decryption module provided by an embodiment of the present invention.

附图标记:Reference signs:

1、第一获取模块,2、加密模块,21、加工单元,22、扫描提取单元,23、加密单元,3、编译模块,4、第二获取模块,5、解密模块,51、解密单元,52、数据处理单元,6、控制模块。1. First acquisition module, 2. Encryption module, 21. Processing unit, 22. Scanning extraction unit, 23. Encryption unit, 3. Compilation module, 4. Second acquisition module, 5. Decryption module, 51. Decryption unit, 52. Data processing unit, 6. Control module.

具体实施方式Detailed ways

为使本发明的目的、技术方案和优点更加清楚明了,下面结合具体实施方式并参照附图,对本发明进一步详细说明。应该理解,这些描述只是示例性的,而并非要限制本发明的范围。此外,在以下说明中,省略了对公知结构和技术的描述,以避免不必要地混淆本发明的概念。In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in combination with specific embodiments and with reference to the accompanying drawings. It should be understood that these descriptions are exemplary only, and are not intended to limit the scope of the present invention. Also, in the following description, descriptions of well-known structures and techniques are omitted to avoid unnecessarily obscuring the concept of the present invention.

图1是本发明实施例提供的电力系统数据库操作程序加密方法流程图。Fig. 1 is a flow chart of a method for encrypting an operation program of a power system database provided by an embodiment of the present invention.

请参照图1,本发明实施例第一方面提供了一种电力系统数据库操作程序加密方法,包括如下步骤:Please refer to Fig. 1, the first aspect of the embodiment of the present invention provides a kind of power system database operation procedure encryption method, comprises the following steps:

S110,获取操作程序源代码的原始数据。S110. Acquire raw data of the operating program source code.

S120,对原始数据进行加密处理,并将加密数据返回源代码。S120. Encrypt the original data, and return the encrypted data to the source code.

S130,对包含加密数据的源代码进行编译处理。S130, compiling the source code containing the encrypted data.

上述技术方案通过在编码阶段使用明文编辑以提高可读性,在编译前对源代码中的原始数据进行加密处理以提高安全性,防止数据库被非法入侵和关键数据被恶意篡改,提高了电力系统数据库的安全性,提升了电力系统运行的和稳定性。The above technical solution improves readability by using plain text editing in the coding stage, encrypts the original data in the source code before compiling to improve security, prevents the database from being illegally invaded and key data from being maliciously tampered with, and improves the efficiency of the power system. The security of the database improves the operation and stability of the power system.

可选的,原始数据包括:SQL语句、数据库表名和/或数据库字段名。Optionally, the original data includes: SQL statement, database table name and/or database field name.

具体的,步骤S120中,对原始数据进行加密处理并将加密数据返回源代码,包括:Specifically, in step S120, the original data is encrypted and the encrypted data is returned to the source code, including:

S121,对源代码中的SQL语句、数据库表名和/或数据库字段名进行编译前加固。S121. Reinforce the SQL statement, database table name and/or database field name in the source code before compiling.

具体的,将源代码中的SQL语句、数据库表名和数据库字段名原文作为RuningDeCode函数的参数进行编译前加固。Specifically, the SQL statements, database table names, and database field names in the source code are used as parameters of the RunningDeCode function for pre-compilation reinforcement.

例如,将源代码中的SQL语句原文For example, the original text of the SQL statement in the source code

sql=“SELECT USER_NAME,USER_PWD,REG_DATE FROM USER WHERE USER_ID=\'2\'”修改为:sql="SELECT USER_NAME,USER_PWD,REG_DATE FROM USER WHERE USER_ID=\'2\'" is changed to:

sql=RuningDeCode(“SELECT USER_NAME,USER_PWD,REG_DATE FROM USER WHEREUSER_ID=\'2\'”)。sql = RunningDeCode("SELECT USER_NAME, USER_PWD, REG_DATE FROM USER WHERE USER_ID=\'2\'").

S122,对源代码中的RuningDeCode函数进行扫描,并提取RuningDeCode函数参数。S122. Scan the RunningDeCode function in the source code, and extract the parameters of the RunningDeCode function.

S123,对RuningDeCode函数参数进行加密处理,将加密后的RuningDeCode函数参数返回至源代码中的函数调用位置。S123. Encrypt the parameters of the RunningDeCode function, and return the encrypted parameters of the RunningDeCode function to the function calling position in the source code.

具体的,在完成对对源代码中的RuningDeCode函数进行扫描并提取RuningDeCode函数参数后,采用加密Encrypt(string)函数对提取的参数进行加密处理,并回填至源代码文件函数调用位置。Specifically, after scanning the RunningDeCode function in the source code and extracting the parameters of the RunningDeCode function, the encrypted Encrypt (string) function is used to encrypt the extracted parameters and backfill to the function call position of the source code file.

例如,前述SQL语句加密后的源代码为:For example, the encrypted source code of the preceding SQL statement is:

sql=RuningDeCode(“6774616C6B40676D6774616C6B40676D61696C2E636F6D0A137514765985002236391382606438443Z3RHBGTAZ21HAWWUY29TCG6C6B40676D616966B40676D61696C6C6B40676D61696C2E6391382606438443478282P”);sql=RuningDeCode("6774616C6B40676D6774616C6B40676D61696C2E636F6D0A137514765985002236391382606438443Z3RHBGTAZ21HAWWUY29TCG6C6B40676D616 966B40676D61696C6C6B40676D61696C2E6391382606438443478282P”);

可选的,对源代码中的RuningDeCode函数进行扫描,包括:Optionally, scan the RunningDeCode function in the source code, including:

基于正则表达式对源代码中的RuningDeCode函数进行扫描。Scan the RunningDeCode function in the source code based on regular expressions.

图2是本发明实施例提供的电力系统数据库操作程序加密装置模块图。Fig. 2 is a block diagram of an encryption device for an operation program of a power system database provided by an embodiment of the present invention.

相应地,请参照图2,本发明实施例的第二方面提供了一种电力系统数据库操作程序加密装置,包括:第一获取模块1、加密模块2和编译模块3。其中,获取模块1用于获取操作程序源代码的原始数据;加密模块2用于对原始数据进行加密处理,并将加密数据返回源代码;编译模块3用于对包含加密数据的源代码进行编译处理。Correspondingly, please refer to FIG. 2 , the second aspect of the embodiment of the present invention provides a power system database operation program encryption device, including: a first acquisition module 1 , an encryption module 2 and a compiling module 3 . Among them, the acquisition module 1 is used to obtain the original data of the operating program source code; the encryption module 2 is used to encrypt the original data and return the encrypted data to the source code; the compilation module 3 is used to compile the source code containing the encrypted data deal with.

上述加密装置通过在编码阶段使用明文编辑以提高可读性,在编译前对源代码中的原始数据进行加密处理以提高安全性,防止数据库被非法入侵和关键数据被恶意篡改,提高了电力系统数据库的安全性,提升了电力系统运行的和稳定性。The above-mentioned encryption device improves readability by using plaintext editing in the encoding stage, encrypts the original data in the source code before compiling to improve security, prevents the database from being illegally invaded and key data from being maliciously tampered with, and improves the efficiency of the power system. The security of the database improves the operation and stability of the power system.

可选的,原始数据包括:SQL语句、数据库表名和/或数据库字段名。Optionally, the original data includes: SQL statement, database table name and/or database field name.

图3是本发明实施例提供的加密模块框图。Fig. 3 is a block diagram of an encryption module provided by an embodiment of the present invention.

具体的,请参照图3,加密模块2包括:加工单元21、扫描提取单元22和加密单元23。其中,加工单元21用于对源代码中的SQL语句、数据库表名和/或数据库字段名进行编译前加固;扫描提取单元22用于对源代码中的RuningDeCode函数进行扫描,并提取RuningDeCode函数参数;加密单元23用于对RuningDeCode函数参数进行加密处理,将加密后的RuningDeCode函数参数返回至源代码中的函数调用位置。Specifically, referring to FIG. 3 , the encryption module 2 includes: a processing unit 21 , a scanning extraction unit 22 and an encryption unit 23 . Wherein, the processing unit 21 is used to reinforce the SQL statement, database table name and/or database field name in the source code before compiling; the scanning extraction unit 22 is used to scan the RunningDeCode function in the source code, and extract the RunningDeCode function parameter; The encryption unit 23 is used to encrypt the parameters of the RunningDeCode function, and return the encrypted parameters of the RunningDeCode function to the function calling position in the source code.

可选的,扫描提取单元基于正则表达式对源代码中的RuningDeCode函数进行扫描。Optionally, the scanning and extracting unit scans the RunningDeCode function in the source code based on a regular expression.

图4是本发明实施例提供的电力系统数据库操作程序解密方法流程图。Fig. 4 is a flowchart of a method for decrypting an operation program of a power system database provided by an embodiment of the present invention.

请参照图4,本发明实施例的第三方面提供了一种电力系统数据库操作程序解密方法,包括如下步骤:Please refer to FIG. 4 , the third aspect of the embodiment of the present invention provides a method for decrypting a power system database operating program, including the following steps:

S210,获取操作程序编译处理后的源代码中的加密数据。S210. Obtain encrypted data in source code after the operating program is compiled and processed.

S220,对加密数据进行解密,得到解密数据。S220. Decrypt the encrypted data to obtain decrypted data.

S230,将解密数据返回源代码中,并运行操作程序。S230, return the decrypted data to the source code, and run the operation program.

可选的,解密数据包括:SQL语句、数据库表名和/或数据库字段名。Optionally, the decrypted data includes: SQL statement, database table name and/or database field name.

具体的,步骤S220中,对源代码中的加密数据进行解密得到原始数据,进一步包括:Specifically, in step S220, the encrypted data in the source code is decrypted to obtain the original data, which further includes:

S221,对加密后的RuningDeCode函数参数进行解密,得到解密数据。S221. Decrypt the encrypted parameter of the RunningDeCode function to obtain decrypted data.

具体的,使用Decrypt函数对加密后的RuningDeCode函数参数进行解密,得到解密数据。Specifically, use the Decrypt function to decrypt the encrypted parameters of the RunningDeCode function to obtain decrypted data.

S222,将解密数据进行动态拼接,得到SQL语句、数据库表名和/或数据库字段名,并将SQL语句、数据库表名和/或数据库字段名返回至源代码中。S222. Dynamically splice the decrypted data to obtain the SQL statement, database table name and/or database field name, and return the SQL statement, database table name and/or database field name to the source code.

在解密后,前述加密后的源代码中的SQL变量的值被还原为:After decryption, the value of the SQL variable in the aforementioned encrypted source code is restored to:

sql=“SELECT USER_NAME,USER_PWD,REG_DATE FROM USER WHERE USER_ID=\'2\'”。sql="SELECT USER_NAME,USER_PWD,REG_DATE FROM USER WHERE USER_ID=\'2\'".

图5是本发明实施例提供的电力系统数据库操作程序解密装置模块图。Fig. 5 is a block diagram of an apparatus for decrypting an operation program of a power system database provided by an embodiment of the present invention.

请参照图5,本发明实施例的第四方面提供了一种电力系统数据库操作程序解密装置,包括:第二获取模块4、解密模块5和控制模块6。其中,第二获取模块4用于获取操作程序编译处理后的源代码中的加密数据;解密模块5用于对加密数据进行解密,得到解密数据;控制模块6用于将解密数据返回源代码中,并运行操作程序。Referring to FIG. 5 , the fourth aspect of the embodiment of the present invention provides a power system database operating program decryption device, including: a second acquisition module 4 , a decryption module 5 and a control module 6 . Wherein, the second obtaining module 4 is used to obtain the encrypted data in the source code after the operating program is compiled and processed; the decryption module 5 is used to decrypt the encrypted data to obtain decrypted data; the control module 6 is used to return the decrypted data to the source code , and run the operation program.

进一步地,解密数据包括:SQL语句、数据库表名和/或数据库字段名。Further, the decrypted data includes: SQL statement, database table name and/or database field name.

图6是本发明实施例提供的解密模块框图。Fig. 6 is a block diagram of a decryption module provided by an embodiment of the present invention.

具体的,请参照图6,解密模块5包括:解密单元51和数据处理单元52。解密单元51用于对加密后的RuningDeCode函数参数进行解密,得到解密数据;数据处理单元52用于将解密数据进行动态拼接,得到SQL语句、数据库表名和/或数据库字段名,并将SQL语句、数据库表名和/或数据库字段名返回至源代码中。Specifically, referring to FIG. 6 , the decryption module 5 includes: a decryption unit 51 and a data processing unit 52 . The decryption unit 51 is used to decrypt the encrypted RunningDeCode function parameters to obtain decrypted data; the data processing unit 52 is used to dynamically splice the decrypted data to obtain SQL statements, database table names and/or database field names, and SQL statements, Database table names and/or database field names are returned in the source code.

本发明实施例旨在保护一种电力系统数据库操作程序加密方法及装置、解密方法及装置,其中加密方法包括如下步骤:获取操作程序源代码的原始数据;对原始数据进行加密处理,并将加密数据返回源代码;对包含加密数据的源代码进行编译处理。上述技术方案具备如下效果:The embodiment of the present invention aims to protect a power system database operating program encryption method and device, decryption method and device, wherein the encryption method includes the following steps: obtaining the original data of the operating program source code; encrypting the original data, and encrypting The data is returned to the source code; the source code containing the encrypted data is compiled. The above technical scheme has the following effects:

通过在编码阶段使用明文编辑以提高可读性,在编译前对源代码中的原始数据进行加密处理以提高安全性,防止数据库被非法入侵和关键数据被恶意篡改,提高了电力系统数据库的安全性,提升了电力系统运行的和稳定性。By using plaintext editing in the coding stage to improve readability, and encrypting the original data in the source code before compiling to improve security, prevent the database from being illegally invaded and key data from being maliciously tampered with, and improve the security of the power system database It improves the operation and stability of the power system.

应当理解的是,本发明的上述具体实施方式仅仅用于示例性说明或解释本发明的原理,而不构成对本发明的限制。因此,在不偏离本发明的精神和范围的情况下所做的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。此外,本发明所附权利要求旨在涵盖落入所附权利要求范围和边界、或者这种范围和边界的等同形式内的全部变化和修改例。It should be understood that the above specific embodiments of the present invention are only used to illustrate or explain the principles of the present invention, and not to limit the present invention. Therefore, any modification, equivalent replacement, improvement, etc. made without departing from the spirit and scope of the present invention shall fall within the protection scope of the present invention. Furthermore, it is intended that the appended claims of the present invention embrace all changes and modifications that come within the scope and metespan of the appended claims, or equivalents of such scope and metesight.

Claims (14)

1. An encryption method for an operation program of a database of an electric power system is characterized by comprising the following steps:
acquiring original data of source codes of operation programs;
encrypting the original data and returning the encrypted data to the source code;
and compiling the source code containing the encrypted data.
2. The method for encrypting a database operating program for a power system according to claim 1,
the raw data includes: SQL statements, database table names, and/or database field names.
3. The method of encrypting a database operating program for a power system according to claim 2, wherein said encrypting the original data and returning the encrypted data to the source code comprises:
pre-compiling reinforcement is carried out on the SQL statement, the database table name and/or the database field name in the source code;
scanning a Runing Decode function in the source code, and extracting parameters of the Runing Decode function;
and carrying out encryption processing on the RunngDeCode function parameters, and returning the encrypted RunngDeCode function parameters to a function calling position in the source code.
4. A method of encrypting a database operating program of a power system according to claim 3, wherein said scanning said corning decode function in said source code comprises:
the runing decode function in the source code is scanned based on a regular expression.
5. An electric power system database operating program encryption apparatus, comprising:
the first acquisition module is used for acquiring the original data of the source code of the operation program;
the encryption module is used for carrying out encryption processing on the original data and returning the encrypted data to the source code;
and the compiling module is used for compiling the source code containing the encrypted data.
6. The power system database operating program encryption device according to claim 5, characterized in that,
the raw data includes: SQL statements, database table names, and/or database field names.
7. The power system database operating program encryption device according to claim 6, characterized in that the encryption module includes:
the processing unit is used for reinforcing the SQL statement, the database table name and/or the database field name in the source code before compiling;
the scanning extraction unit is used for scanning the Runing Decode function in the source code and extracting parameters of the Runing Decode function;
and the encryption unit is used for carrying out encryption processing on the Runing Decode function parameters and returning the encrypted Runing Decode function parameters to the function call position in the source code.
8. The power system database operating program encryption device of claim 7, characterized in that,
the scan extraction unit scans the runing decode function in the source code based on a regular expression.
9. A method for decrypting an operating program of a database of an electric power system, comprising the steps of:
acquiring encrypted data in source codes compiled and processed by an operation program;
decrypting the encrypted data to obtain decrypted data;
and returning the decrypted data to the source code and running the operation program.
10. The method of claim 9, wherein the power system database operating program decryption method,
the decrypted data includes: SQL statements, database table names, and/or database field names.
11. The method of claim 10, wherein decrypting the encrypted data to obtain decrypted data comprises:
decrypting the encrypted RunnigDeCode function parameters to obtain decrypted data;
and dynamically splicing the decrypted data to obtain the SQL statement, the database table name and/or the database field name, and returning the SQL statement, the database table name and/or the database field name to the source code.
12. A power system database operating program decryption apparatus, comprising:
the second acquisition module is used for acquiring the encrypted data in the source code after the compiling processing of the operation program;
the decryption module is used for decrypting the encrypted data to obtain decrypted data;
and the control module is used for returning the decrypted data to the source code and running the operation program.
13. The power system database operating program decryption device according to claim 12, wherein,
the decrypted data includes: SQL statements, database table names, and/or database field names.
14. The power system database operating program decryption apparatus according to claim 13, wherein the decryption module comprises:
the decryption unit is used for decrypting the encrypted RunnigDeCode function parameters to obtain decrypted data;
and the data processing unit is used for dynamically splicing the decrypted data to obtain the SQL sentence, the database table name and/or the database field name, and returning the SQL sentence, the database table name and/or the database field name to the source code.
CN202010372185.4A 2020-05-06 2020-05-06 Power system data operation program encryption method and device, decryption method and device Active CN111563266B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010372185.4A CN111563266B (en) 2020-05-06 2020-05-06 Power system data operation program encryption method and device, decryption method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010372185.4A CN111563266B (en) 2020-05-06 2020-05-06 Power system data operation program encryption method and device, decryption method and device

Publications (2)

Publication Number Publication Date
CN111563266A CN111563266A (en) 2020-08-21
CN111563266B true CN111563266B (en) 2023-06-02

Family

ID=72067980

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010372185.4A Active CN111563266B (en) 2020-05-06 2020-05-06 Power system data operation program encryption method and device, decryption method and device

Country Status (1)

Country Link
CN (1) CN111563266B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116010906B (en) * 2022-11-09 2023-12-29 北京新数科技有限公司 RSA-based database performance monitoring software encryption method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850192A (en) * 2017-03-13 2017-06-13 国家电网公司 A kind of method for optimizing mobile device data storehouse encryption efficiency
CN109960942A (en) * 2019-03-27 2019-07-02 厦门商集网络科技有限责任公司 Database data encryption and decryption method and system based on database connection pool
CN110971606A (en) * 2019-12-05 2020-04-07 武汉大学 A construction method and application method of HACCP security system in web application development

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6877000B2 (en) * 2001-08-22 2005-04-05 International Business Machines Corporation Tool for converting SQL queries into portable ODBC

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850192A (en) * 2017-03-13 2017-06-13 国家电网公司 A kind of method for optimizing mobile device data storehouse encryption efficiency
CN109960942A (en) * 2019-03-27 2019-07-02 厦门商集网络科技有限责任公司 Database data encryption and decryption method and system based on database connection pool
CN110971606A (en) * 2019-12-05 2020-04-07 武汉大学 A construction method and application method of HACCP security system in web application development

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
陈铁英,陈华,刘瑜.基于三层次的数据库加密应用系统.华中科技大学学报(自然科学版).2005,(07),全文. *

Also Published As

Publication number Publication date
CN111563266A (en) 2020-08-21

Similar Documents

Publication Publication Date Title
JP6257754B2 (en) Data protection
CN110351239B (en) Block chain-based electronic contract storage method and device and electronic equipment
US9058505B2 (en) Providing access control for public and private document fields
CN101183384B (en) Data processing method and device
JP5735539B2 (en) System, apparatus and method for encrypting and decrypting data transmitted over a network
CN112597454A (en) Code obfuscation method, code operation method, device, medium, and apparatus
CN109657488A (en) A kind of resource file cipher processing method, intelligent terminal and storage medium
CN110309631B (en) Programming language structure confusion processing method, intelligent terminal and storage medium
CN112966227A (en) Code encryption and decryption method and device and storage medium
CN112052433A (en) Virtual protection method, terminal and storage medium for Jar file
WO2024179480A1 (en) Document content protection method and apparatus
CN113254889A (en) Code encryption method and device
CN106529317A (en) Web application encryption and decryption method based on Shadow DOM
CN113449330A (en) Method for transmitting Javascript encrypted file
CN111563266B (en) Power system data operation program encryption method and device, decryption method and device
CN117390603A (en) Access method, device, electronic equipment and medium based on front-end code encryption
CN114154123B (en) Encryption protection method applied to Python project
CN111831978B (en) A method and device for protecting configuration files
CN101187966A (en) Digital copyright protection method and system
CN114756833A (en) Code obfuscation method, apparatus, device, medium, and program product
CN111651781B (en) Log content protection method, device, computer equipment and storage medium
CN111291333A (en) Java application program encryption method and device
CN116910712A (en) Code protection method, system, electronic equipment and storage medium
KR102462875B1 (en) Path trace method and system for electronic document
CN114741715A (en) Application program source code encryption method and device, computer equipment and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant