Keywords: ride fast workflow development platform workflow management system workflow engine workflow engine asp.net java workflow engine developers to drag and drop form Form workflow system processes the data encrypted data privacy md5 process tamper-proof data encryption software.
Adaptation database: oralce, mysql, sqlserver, Informix, PostgreSQL up to the dream
Demand background
research on data encryption workflow engine, process data encryption scheme and implementation process.
1, the data encryption process is required in order to prevent the flow of data has been tampered with, resulting in unnecessary loss of units.
2, data flow is an administrator tampering and illegal intruders, especially business people and prevention combined with a system administrator to do bad things.
For example: xxx xx years the company has appeared in such a situation, business people and administrators collusion, resulting in the loss of 2 million yuan per unit, although the final check out, fine sentence, but this is the post-processing.
3, not all process data requires encryption, such processes do not need to leave, but reimbursement or other sensitive data flow having a need.
4, after the data has been tampered need an alarm, and writes log log, but also can not be implemented.
5, requires that each node of data to be encrypted, but also the overall flow of data encryption.
Solution:
1, adding an attribute IsMD5 whether to be encrypted in the process whether the default not encrypted.
2, the user information comprises a salt value, for encryption operations later.
3, any increase in the flow encrypted form field on each node MD5 length char (36) of the field, which is used to store the value of MD5 of the data node.
4, increase in the flow field for storing MD5 Table NDxxRpt data encryption.
5, generates MD5 value: MD5 value generated in two steps as follows, and stores the associated physical Table.
1, the transmitting node successfully.
2, the node sends failure.
6, the method generates MD5 value.
1, some of the nodes form fields field is defaulted negative values then acquired (for example: get the current time, the current operator ....), combined into one large text, and the salt value by obtaining approval of the user, with the MD5 encryption.
2, the user approve addition salt value meaning is prevented by brute rainbow table.
7, the step of checking whether or not been tampered with.
1, the data node processes the data table, the excluded critical field.
2, MD5 encryption performed.
3, comparing the two strings.
8, in the case where MD5 check value is correct.
Place relates to an open node of the form:
. 1, open work to be done
2, the log flow by opening the node forms.
3, open work Cc.
4, open when the way to work
. there are places open to the flow of data involved
. 1, when the flow of data open the track
above do not have any place to be banned for open and write the log text log
corresponding flow Demo:
\ \ process tree \\ \\ leave forms solution flow (track mode)