Encrypted database system, linking method, and medium

摘要

This encrypted database system is constituted by the connection of client terminal, which encrypts and outputs a first table having row a and row b data that has been input and a second table having row c data by means of a secret key stored in advance and sends a partial connection command that connects the row b and row c as a key for data in which the value for row a is greater than or equal to p and less than q in this table to the outside with a range search key generated from the secret key, and an encrypted database server, which receives and records the encrypted first and second tables, extracts data for each in which the values for row a from the encrypted first and second tables are greater than or equal to p and less than q using the range search key, and connects and returns row b and row c for this extracted data as a key.

主权项

1. An encrypted database system comprising:
A processor of a client terminal which encrypts, by the use of a secret key stored in advance, the whole of data in a first table having a plurality of pieces of data in a-th column and b-th column and to a second table having a plurality of pieces of data in c-th column, both of the tables being inputted from the outside respectively, outputs them, and sends a partial link command to perform linking between these tables, with respect to row whose value of the a-th column data stocked in advance is within a designated range equal to or greater than p and lower than q, so as to perform linking between rows whose values of the b-th column data stocked in advance and the c-th column data stocked in advance are equal to the outside along with a range search key generated from the secret key, the encrypted database server which receives the encrypted first and second tables, storing them, and having a partial link function for performing linking between the encrypted first and second tables, with respect to row whose value of the a-th column data stocked in advance is within a designated range equal to or greater than p and lower than q, so as to perform linking between rows whose values of the b-th column data stocked in advance and the c-th column data stocked in advance are equal, and sending back them to said client terminal according to the partial link command; wherein the client terminal and the encrypted database server are connected with each other; the partial link function of said encrypted database server extracts, from the encrypted first table, the row whose value of a-th column data stocked in advance is within a designated range equal to or greater than p and lower than q by the use of the range search key, and, with respect to the extracted row, links rows whose value of the b-th column data stocked in advance in the encrypted first table and value of the c-th column data stocked in advance in the encrypted second table are equal.