摘要： 为防止矢量数据在Oracle Spatial的存储过程中被非法访问，设计一个独立于Oracle的加密系统。以字段作为粒度，利用3DES算法加密空间字段，以确保对矢量数据加密后不会增加额外的存储空间。并提出一种基于DES的R树加密方法，以结点为粒度，采用“重叠”的方式对空间索引进行加密，由此保证加密后R树的完整性，降低每次查询时需要解密的数据量。实验结果证明，该加密系统可以实现对空间数据的透明加/解密，适用于各种基于Oracle的地理信息系统应用，并提供灵活、高效的安全保护。

关键词: Oracle Spatial组件, 矢量数据, 加密, 空间数据加密引擎, R树索引

Abstract: In order to prevent unauthorized accessing the vector data stored in the Oracle Spatial, an independent encryption system is designed outside Oracle. It selects the field as encryption granularity and uses 3DES algorithm to encrypt spatial fields, ensuring the spatial data do not need additional storage space after encrypting. An R-tree encryption method based on DES is presented. It selects the node as encryption granularity, and adopts “overlap” way to encrypt spatial index, which ensures the integrity of encrypted R-tree, and reduces the amount of data required to decrypt for each query. Experimental results show that the encryption system realizes transparent encryption/decryption function for spatial data, suitable for various applications of Geographic Information System(GIS) based on Oracle, and provides flexible and efficient safety protection.

Key words: Oracle Spatial component, vector data, encryption, Spatial Data Encryption Engine(SDEE), R-tree index

中图分类号: 

• TP309