DATABASE ENCRYPTION SYSTEM, METHOD AND PROGRAM

摘要

Provided is a system for suppressing database information leakage, and improving processing efficiency. A user system (20) for connecting to a database system (10) via a network (30) is provided with means (23, 24) for managing key information for encryption and decryption, and a storage unit (25) for storing the safety setting information for data and/or metadata. The user system (20) is further provided with an application response means (22) for: determining whether encryption of a database operation command is necessary; selecting an encryption algorithm according to the data and/or metadata when encryption is necessary, transmitting the database operation command to a database control means (12) after encryption thereof, and executing the database (11) operation; transmitting the database operation command to the database control means (12) when encryption is not necessary, and executing the database operation; receiving a processing result transmitted by the database control means; executing the necessary decryption or conversion when decryption or conversion of the processing result data and/or metadata is necessary; and returning the processing result data and/or metadata as a response to the database operation command. The user system (20) is also provided with a safety setting means (26) for setting the safety information for data stored in the database.