数据的字段级加密 jpa
[英]Field Level Encryption of Data jpa
问题描述
I am able to achieve field level encryption of data using converter.
我能够使用转换器实现数据的字段级加密。 But it is applicable for entities only.但它仅适用于实体。 Not applicable in JPA repository.不适用于 JPA 存储库。 For example, I have a requirement to search with that sensitive data using JPARepository like findBySensitiveColumn.例如,我需要使用 JPARepository(如 findBySensitiveColumn)搜索敏感数据。 Apparently that is not encrypted, so it cannot search in the database with the plain text.显然那没有加密,所以它不能用纯文本在数据库中搜索。 If i try to use the same encryption used in side the converter, it gives me different value, ending up on mismatch with database.如果我尝试使用转换器内部使用的相同加密,它会给我不同的价值,最终导致与数据库不匹配。 I know this could be the repeated question.我知道这可能是重复的问题。 But i tried encryption listener too.但我也尝试过加密监听器。 But it doesnt work.但它不起作用。 pls help请帮忙
1 个解决方案
解决方案1
0 2020-08-07 13:33:33
One possible solution is to hash the part of the data field you want to search on before encrypting, ie hash all or part of the plaintext.一种可能的解决方案是 hash 在加密之前要搜索的数据字段的一部分,即 hash 全部或部分明文。 Then store the hash in a new column with a link to the encrypted data.然后将 hash 存储在带有加密数据链接的新列中。 When you want to search the encrypted data, hash your search, find the matching hash and follow the link to retrieve the appropriate data to decrypt.当您要搜索加密数据时,hash 您的搜索,找到匹配的 hash 并按照链接检索相应的数据进行解密。
The big problem is partial searching and fuzzy matches, which will not work.最大的问题是部分搜索和模糊匹配,这是行不通的。 Hashes are very sensitive to data changes so you will have to match the search key exactly.哈希对数据更改非常敏感,因此您必须完全匹配搜索键。 "Chris Smith" will fail when it should have been "Chris J. Smith". “Chris Smith”应该是“Chris J. Smith”时会失败。 You will lose a lot of flexibility in your searching.您将在搜索中失去很多灵活性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.