CN102985920A - Keyword conversion device, keyword conversion program, recording medium, and keyword conversion method - Google Patents

Keyword conversion device, keyword conversion program, recording medium, and keyword conversion method Download PDF

Info

Publication number
CN102985920A
CN102985920A CN2010800679455A CN201080067945A CN102985920A CN 102985920 A CN102985920 A CN 102985920A CN 2010800679455 A CN2010800679455 A CN 2010800679455A CN 201080067945 A CN201080067945 A CN 201080067945A CN 102985920 A CN102985920 A CN 102985920A
Authority
CN
China
Prior art keywords
search condition
keyword
retrieval
login
key element
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2010800679455A
Other languages
Chinese (zh)
Inventor
加藤守
柴田秀哉
郡光则
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mitsubishi Electric Corp
Original Assignee
Mitsubishi Electric Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mitsubishi Electric Corp filed Critical Mitsubishi Electric Corp
Publication of CN102985920A publication Critical patent/CN102985920A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/30Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
    • G06F16/31Indexing; Data structures therefor; Storage structures
    • G06F16/313Selection or weighting of terms for indexing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/30Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
    • G06F16/33Querying
    • G06F16/3331Query processing
    • G06F16/3332Query translation
    • G06F16/3338Query expansion
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Abstract

A search system (100) comprises a registration side division unit (111), which receives input of keywords for registration, which are depicted in a prescribed depiction format capable of supporting layering for dividing the keywords for registration into a plurality of layers, and divides the keywords for registration into elements by layers on the basis of layering rules that set rules for layering; a registration side symbolization unit (112) that appends location information to the layer elements for registration that are the respective elements that are divided by the registration side division unit (111), said location information denoting the layer to which the elements belong; and a registration side encoding unit (113) that data converts the respective elements for registration to which the location information is appended by the registration side symbolization unit (112), according to prescribed data conversion regulations.

Description

Keyword converting means, keyword conversion program, recording medium and keyword transform method
Technical field
The present invention relates to the keyword converting means of the keyword (keyword) of use in the conversion retrieval.
Background technology
In recent years, the mode of utilizing that is called as the computing machine of cloud computing (cloud computing) is popularized.In cloud computing, the user can utilize the Computer Processing such as the keeping of data, management via network as service.In such mode, be different as the possessory RTIs Users of data with gerentocratic ISP as data.Therefore, being leaked to the data manager for the confidential information that prevents RTIs Users, generally is that user's save data is encrypted.Further, if can realize retrieving the concealment retrieval service of the data of expecting under the state of having encrypted data, then user's convenience significantly improves.
In order to realize such concealment retrieval, be designed with the invisible method (with reference to patent documentation 1) that improves the index that is used for keyword retrieval.In addition, unanimously retrieve for the part that the character string of having encrypted is provided, be designed with the method (with reference to patent documentation 2) that to carry out the contrast take character as unit by the encryption of carrying out take character as unit.
Patent documentation 1: TOHKEMY 2007-52698 communique
Patent documentation 2: TOHKEMY 2002-108910 communique
Summary of the invention
In patent documentation 1, can only carry out the on all four retrieval according to keyword, it is consistent etc. to carry out comparison, the part of magnitude relationship.Therefore, if want to carry out the range retrieval of date, numerical value etc., then needing to enumerate comprise in the range of search whole will usually carry out retrieval in full accord, existing problems aspect retrieval performance (retrieval rate).
In patent documentation 2, after the encryption take character as unit, also preserve with encrypt before identical character sequence.Therefore, the ability that opposing is resolved such attack for the relevant frequency based on a plurality of characters of the enciphered data of preserving is very weak, has problems aspect invisible.
The present invention cuts down the prime number of wanting that comprises in the range of search and cuts down the contrast number of times by the stratification of the keyword of date, numerical value, and with the position ID(positional information of the position relationship between representational level) and the value of level merge to hide.Thus, to provide the range retrieval method of seeking to realize high speed and having improved security as purpose.
Keyword converting means of the present invention is characterised in that to possess:
Login side cutting part, this login side cutting part input login keyword, wherein, this login keyword is according to the performance of the form of expression of the regulation of the stratification that can be divided into many levels, and this login side cutting part is based on the stratification rule of the rule that has determined described stratification, and described login is divided into key element for each level with keyword;
Login side position information appendix is namely logined positional information with the level under the level key element additional representation to each key element of being cut apart by described login side cutting part; And
Login side data transformation component, date mapping rule according to the rules carries out data transformation to each the described login that has added described positional information by described login side position information appendix with the level key element.
According to keyword converting means of the present invention, can seek to realize the raising based on the concealment of the information of the concealment of rapidization of the retrieval of stratification and position-based information.
Description of drawings
Fig. 1 is the block diagram of the searching system 100 in the embodiment 1.
Fig. 2 is the process flow diagram of the login process of the searching system 100 in the embodiment 1.
Fig. 3 is the process flow diagram of the retrieval process of the searching system 100 in the embodiment 1.
Fig. 4 is the block diagram of the encryption search index section 200 in the embodiment 1.
Fig. 5 is the figure of the information block table 22 in the expression embodiment 1.
Fig. 6 is the figure of the index file 204 in the expression embodiment 1.
Fig. 7 is the process flow diagram of the login process of the index file 204 in the embodiment 1.
Fig. 8 is the process flow diagram of the retrieval process of the index file 204 in the embodiment 1.
Fig. 9 is the figure of an example of the outward appearance of the end device 100-1 of expression in the embodiment 2.
Figure 10 is the figure of an example of the hardware resource of the end device 100-1 of expression in the embodiment 2.
(description of reference numerals)
100: searching system; 100-1: end device; 100-2: cloud side device; 101: login section; 102: search part; 111: login side cutting part; 112: login side symbolism section; 113: the login side adds compact part; 114: index login section; 120: the keyword generating unit; 121: retrieval side cutting part; 122: retrieval side symbolism section; 123: the retrieval side adds compact part; 124: indexed search section; 200: encrypt search index section; 201: information block table is with reference to section; 202: information block table; 203: message block access section; 204: index file; 205: login process section; 206: retrieval process section.
Embodiment
Embodiment 1
Fig. 1 is the searching system 100(keyword converting means that the range retrieval method relevant with embodiment 1 used in expression) the figure of structure.
(structure of searching system 100)
Searching system 100 possesses login section 101, search part 102, and encrypt search index section 200.Login section 101 possesses login side cutting part 111, the login side symbolism 112(of section login side position information appendix), the login side adds compact part 113(login side data transformation component), index login section 114.Search part 102 possesses keyword generating unit 120(retrieval side keyword generating unit), retrieval side cutting part 121, the retrieval side symbolism 122(of section retrieval side position information appendix), the retrieval side adds compact part 123(retrieval side data transformation component), and indexed search section 124.
(during login)
Searching system 100 will be logined and comprise this login with keyword and determining and associate with the text ID of the text of keyword, will login with the keyword encryption and sign in in the encryption search index section 200.As shown in Figure 1, login side cutting part 111 input login keyword and text ID.In the situation that comprises as described later attribute information (Property ID), login side cutting part 111 is gone back input attributes information.For example, in the situation of the attribute project " birthdate " that comprises in the text with the login object as search key (key) use, the value (for example " on April 1st, 2000 ") of the birthdate that will extract from the text of login object is as the login keyword.As text ID, can use the ID that login sequence number, text name etc. can unique definite text.In the situation of using the text name, by being encrypted in advance, with text name concealmentization.
(during retrieval)
When retrieval, searching system 100 inputs " the range retrieval condition " relevant with search key, the text ID that output comprises in the scope of range retrieval condition.For example, attribute project " birthdate " as search key, and is made as
In the situation of range retrieval condition " on April 30,1 day ~ 2000 April in 2000 ", the text ID that comprises in searching system 100 these scopes of output.
(login process)
Fig. 2 is that the login process of the expression searching system 100 relevant with embodiment 1 (is logined the process flow diagram of operation S101 ~ S104).
(1) among the S101, the login that login side cutting part 111 will be inputted based on the stratification rule that predetermines is divided into the value of many levels with keyword.
(2) among the S102, the value that login side symbolism section 112 will cut apart and the position ID of this value or they are remerged Property ID and as 1 encoding symbols.
(3) among the S103, the login side adds compact part 113 and carries out specific conversion for described symbol, generates login and finishes symbol with conversion.
(4) among the S104, index login section 114 will login and finish symbol with conversion and associate and sign in to the text ID that is associated with keyword with login respectively and encrypt in the search index section 200.
Below, to further describing in detail in each step illustrated in fig. 2.
(S101: login side cutting part 111)
Use keyword if searching system 100 has been inputted login, then login side cutting part 111 and will login the value that is divided into many levels with keyword based on " the stratification rule " that predetermined.For example, carry out in the situation of stratification at the date and time information that attribute project " birthdate " is such, " birthdate " can as
" year ", " moon ", " day "
Carry out like that stratification.In this case,
" on April 1st, 2000 "
Such login is divided into keyword
“2000”、“4”、“1”
3 values like this (login level key element).
(stratification rule)
Further specify the stratification rule.The stratification rule can be held for date, numerical value, character string etc. each kind decision of the value of scope.
(1) if numerical value, then can carry out stratification for the 2 system numbers that every fixed number of bits is cut apart regular length.For example, if 64 bit integer are cut apart by per 8 bits (1 byte), then become 8 levels.In this case, as position ID, be made as from MSB begin number since 0 byte location (0 ~ 7).
(2) in addition, as other technique of expression of numerical value, also can use the such technique of expression of 2 evolution 10 system numbers.In this case, for every units of 10 systems 2 of the regular length 10 system numbers of evolving are cut apart, as position ID, be made as from MSB begin number since a position of 0.
(3) in the situation on date, except above-mentioned example, also the particular day in past can be carried out sequence number as 0, and carry out stratification as numerical value.For example, on January 1st, 1900 can be made as sequence number 1, by began on January 1st, 1900 through fate represent the date.In addition, also can be expressed as the so specific string format of " YYYYMMDD " (YYYY is year of grace, and MM is the moon, and DD is day) date, carry out stratification as 2 evolution, 10 system numbers.
(4) also be similarly in the situation in the moment, can use according to " time ", " dividing ", " second " carry out stratification, perhaps " 00:00:00 " carried out sequence number as 0, perhaps be expressed as " HHmmSS " (HH be in the expression in 24 hours hour, mm is minute, and SS is second) etc. method.
(5) in the situation of character string, cut apart take 1 character as unit, by being made as position ID since the character position of 0 number beginning, can represent the character string of variable length.
(S102: login side symbolism section 112)
Login side symbolism section 112 is to the value additional label of the level of having cut apart, and as 1 encoding symbols.
For example, with the date and time information picture
" year ", " moon ", " day "
Carry out like that in the situation of stratification, the positional information of level is made as " year " " moon " " day ", and these are appended to the value of level as label.Herein, " positional information " is the information of the level under the value (login level key element) that represents to be split to level.
" on April 1st, 2000 "
Such login, is become by additional location information with keyword
" year: 2000 ", " month: 4 ", " day: 1 "
These 3 symbols.
Herein, the form according to " label: value " represents symbol.Label also can be used as XML(EXTENSIBLE MARKUP LANGUAGE, extend markup language) form, be made as
"<label〉value</label〉".
In this case, become
"<year 2000</year ", "<month 2000</month ", "<day 1</day ".
In addition, as other example, also symbolic coding can be become 2 system integers of regular length.In the situation on date, also can be made as 1 symbol is for example represented with 32 bits, and in high-order 16 bits, label be encoded, and in low level 16 bits, value be encoded.
(attribute information)
Further, login side symbolism section 112 also can with the Property ID (attribute information) of expression attribute and login to be included in the symbol as label together with keyword and encode.Property ID is to be transfused to together with logining with keyword.
For example, can with symbol as
" Property ID: position ID: value ",
Label dual (label of Property ID and position ID) is additional.
For example, be above-mentioned in login with keyword
" on April 1st, 2000 "
In the situation of such date data,
If " Property ID=1 " is made as attribute project " birthdate ",
And " Property ID=2 " be made as attribute project " affiliation day ",
Then can retrieve " on April 1st, 2000 " of " on April 1st, 2000 " or conduct " affiliation day " as " birthdate ".
If " birthdate ", the performance of then " on April 1st, 2000 " conduct " Property ID: position ID: value " can show as
" 1: year: 2000 ", " 1: month: 4 ", " 1: day: 1 ".
In addition, if the XML form then can look like
<Property ID〉<position ID〉value</position ID〉</Property ID 〉
Be recited as like this nested structure.
Perhaps, also can look like
<Property ID level=" position ID " value</Property ID 〉
Give attribute for like this 1 XML label.
In addition, also can be when symbolic coding being become 2 system integer of regular length, encode in decision Property ID zone.
For example, can be made as with 1 symbol with 32 bits represent, in high-order 8 bits with the Property ID label coding, in meta 8 bits with position ID label coding, in low level 16 bits, will be worth coding.
Property ID is unique definite getting final product in system, therefore, the corresponding relation of attribute-name and Property ID is shown management, can encode to simple sequence number thus.
By in symbol, comprising Property ID, also symbol can be included in information hiding such in which attribute, and improve invisible.
(S103: the login side adds compact part 113)
The login side adds compact part 113 and carries out " the specific conversion " of date mapping rule according to the rules for symbol, finishes symbol and generate login with conversion.Be encoded as with keyword in the situation of N symbol 1 login, conversion N each symbol finished symbol and generate N login with conversion.In the example in above-mentioned " on April 1st, 2000 ", generation " year: 2000 ", " month: 4 ", " day: 1 " these 3 symbols, in this case, this login separately of 3 is finished symbol with conversion and is added compact part 113 generations by the login side.As added " the specific conversion " that compact part 113 carries out by the login side, can improve the invisible of symbol by be encrypted, Hash (hash) etc.As the method for encrypting, can use general shared key password.
(S104: index login section 114)
Index login section 114 will be added that each login of N that compact part 113 generates is finished symbol with conversion and be associated and sign in to text ID that login is associated with keyword by the login side encrypts in the search index section 200.Be stored at the login sequence of symbol and encrypt in the situation such in the search index section 200, by with N symbol by order at random login can improve invisible.
It is such as previously discussed,
(1) cut apart login keyword (S101),
(2) group of position ID and value is carried out symbolism (S102),
(3) for symbol, on the basis of implementing the conversion such as encryption (S103),
(4) sign in in the encryption search index (S104).
To login with keyword and be divided into level, and in the value of level, comprise login with the positional information in the keyword, and therefore can realize rapidization retrieved and the raising of concealmentization.In addition, in the situation that a plurality of attributes are used as search key, comprise Property ID in the symbol, therefore, symbol can be comprised in this point concealment in which attribute.
(retrieval process)
Fig. 3 is that the retrieval process of the expression searching system 100 relevant with embodiment 1 (is retrieved the process flow diagram of the flow process of operation S201 ~ S205).
(1) in S201, keyword generating unit 120 generates a plurality of search keys, and wherein, these a plurality of search keys can be retrieved all key elements in the scope of the range retrieval condition that is included in input.
(2) in S202, retrieval side cutting part 121 is divided into search key based on the stratification rule that predetermines (with login time identical) value of many levels.
(3) in S203, the value that retrieval side symbolism section 122 will cut apart and the position ID of this value or they are remerged Property ID as 1 encoding symbols.
(4) in S204, the retrieval side adds compact part 123 and carries out specific data transformation for described symbol, finishes symbol and generate retrieval with conversion.
(5) in S205, indexed search section 124 uses encryption search index section 200 to retrieve the retrieval of finishing symbol with conversion, and the text ID of Output rusults.
Below, be described in detail in further each step illustrated in fig. 3.
(S201: keyword generating unit 120)
If keyword generating unit 120 is transfused to the range retrieval condition, then generate a plurality of search keys, wherein, these a plurality of search keys can be retrieved all key elements in the scope that is included in the range retrieval condition.Keyword generating unit 120 is made as non-concern (don ' t care) with this level under the desirable value of certain level all is comprised in situation in the scope of range retrieval condition, the search key that will comprise non-concern level accumulates 1.For example in date property, the stratification rule is made as in the situation of " year ", " moon ", " day ", keyword generating unit 120 will
Range retrieval condition " on April 30,1 day ~ 2000 April in 2000 "
Be made as 1 search key " * day in April, 2000 " (* is non-concern).
In addition, if
Range retrieval condition " on April 15,16 days ~ 2002 April in 2000 ",
Such<search condition 1 below then keyword generating unit 120 generates 〉.
<search condition 1 〉
" on April 16th, 2000 " OR
" on April 17th, 2000 " OR
(summary)
" on April 30th, 2000 " OR
" * day in May, 2000 " OR
" * day in June, 2000 " OR
(summary)
" * day in Dec, 2000 " OR
" calendar year 2001 * month * day " OR
" * day in January, 2002 " OR
" * day in February, 2002 " OR
" * day in March, 2002 " OR
" on April 1st, 2002 " OR
" on April 2nd, 2002 " OR
(summary)
" on April 15th, 2002 ".
By generating such as<search condition 1〉shown in such search key, can retrieve all key elements of the scope of range retrieval condition.In above-mentioned<search condition 1〉in, " OR " mean keyword result for retrieval logic and.Like this, reduce the contrast number of times by using " non-concern ", can improve retrieval rate.Further, about the part by " OR " combination, even the replacing order, result for retrieval can not become yet, and therefore by randomly replacing order, can improve the invisible of search condition.
Like this, keyword generating unit 120 input: comprise a plurality of retrievals that the form of expression according to the regulation of the stratification that can be divided into many levels showed with keywords (on April 16th, 2000, on April 15th, 2002) and as " on April 15,16 days ~ 2002 April in 2000 " (the 1st search condition) of specifying the search condition of searching object scope based on a plurality of retrievals with keyword.Keyword generating unit 120 is judged: can the 1st search condition of input be altered to the 2nd search condition (above-mentioned<search condition 1 〉), the 2nd search condition is specified the searching object scope identical with the described searching object scope of the 1st search condition, and comprise according to the retrieval that comprises in the 1st search condition with the performance of the form of expression of keyword and as possess at least one " peculiar level possess to retrieve use keyword " with keyword of the special stratified retrieval that can carry out non-concern performance (in<search condition 1〉example in, comprise date of the * that represents non-concern).If keyword generating unit 120 is judged the 1st search condition (" on April 15,16 days ~ 2002 April in 2000 ") and can be changed to the 2nd search condition (above-mentioned<search condition 1 〉), then the 1st search condition is changed to the 2nd search condition, and export the 2nd search condition, can not change if be judged to be, then export the 1st search condition.In the situation in " on April 15,16 days ~ 2002 April in 2000 ", keyword generating unit 120 is judged to be and can changes, with above-mentioned<search condition 1〉export as the 2nd search condition.
(S202: retrieval side cutting part 121)
Retrieval side cutting part 121 and login side cutting part 111 similarly will be retrieved the value that is divided into many levels with keyword based on the stratification rule that predetermines.Shown below<search condition 2〉be retrieval side cutting part 121 cut apart by keyword generating unit 120 generate<search condition 1 example.
<search condition 2 〉
" 2000 " AND
(" April " AND(" 16 days " OR " 17 days " OR......(slightly) ... OR " 30 days ")) OR
" May " OR " June " OR......(slightly) ... " Dec ") OR
" calendar year 2001 " OR
" 2002 " AND
(" January " OR " February " OR " March " OR
(" April " AND(" 1 day " OR " 2 days " OR......(slightly) ... OR " 15 days "))).
By by above-mentioned such generation<search condition 2 〉, can retrieve all key elements of scope, can cut down further the contrast number of times.About<search condition 2 〉, about the part of " OR " combination, even the replacing order, result for retrieval is also constant, therefore by randomly replacing order, can improve the invisible of search condition.
Perhaps, if comprise assign to replacing order and individually retrieving of " AND " joint portion, and carry out the docking of result for retrieval after intermediate result all obtained, then can improve further the invisible of search condition.
(S203: retrieval side symbolism section 122)
Retrieval side symbolism section 122 and login side symbolism section 112 similarly are encoded into symbol with position ID and value or Property ID, position ID and value.
(S204: the retrieval side adds compact part 123)
The retrieval side adds compact part 123 and adds compact part 113 similarly with the login side, carries out the conversion of symbol and generate retrieval finishing symbol with conversion.Shown below<search condition 3〉be retrieval side symbolism section 122 general<search conditions 2 carry out symbolism, and retrieve side add compact part 123 with symbolism search condition 2 carried out the example of data transformation.In<search condition 2〉in, be made as S(X if will retrieve the coding of side symbolism section 122), be made as E(Y and will retrieve the data transformation that side adds compact part 123), then search condition integral body becomes following form.
<search condition 3 〉
E(S(2000)) AND
(the E(S(4 month)) AND(E(S(16 day)) OR E(S(17 day)) the OR......(summary) ... OR E(S(30 day)))) OR
The E(S(5 month)) the OR E(S(6 month ")) the OR......(summary) ... the E(S(12 month))) OR
E(S(2001)) OR
E(S(2002)) AND
(the E(S(1 month)) the OR E(S(2 month)) the OR E(S(3 month)) OR
(the E(S(4 month)) AND(E(S(1 day)) OR E(S(2 day)) the OR......(summary) ... OR E(S(15 day))))).
(S205: indexed search section 124)
Indexed search section 124 uses encryption search index section 200 to retrieve.
Such as previously discussed, by cut down the contrast number of times in range retrieval according to the stratification of retrieval, can make the retrieval high speed.
(encrypting search index section 200)
Next, describe the search index section 200 of encrypting in detail.Describe add the example that compact part 113 and retrieval side add in the compact part 123 situation of using the deterministic password that shares in the login side." deterministic password " refers to, if key is identical, then identical data always are transformed into the encryption method of identical enciphered data.Therefore, if add compact part 113 and the retrieval side adds that key is identical in the compact part 123 in the login side, then finish the retrieval that symbol can carry out contrast in full accord about conversion.
Encrypting search index section 200 can consist of with the relational database technology that usually is being used.That is to say, comprise conversion by definition and finish symbol and finish the table in these 2 territories (field) of the corresponding text ID of symbol with conversion, can finish the text ID that symbol is obtained corresponding (comprise this conversion and finish symbol) according to conversion.Further, text ID is encrypted by " password of uncertainty " in advance in user's side, then login.And, by the deciphering of user after obtaining result for retrieval, can improve and encrypt the invisible of search index.
(encrypting search index section 200)
Fig. 4 represents to encrypt an example of the block diagram of search index section 200.Encrypt search index section 200 and possess information block table with reference to section 201, information block table (block table) 202, message block access section 203, index file 204, login process section 205, retrieval process section 206.
Fig. 5 is the figure of expression information block table 202.
Fig. 6 is the figure of expression index file 204.
(1) login process section 205 logins the login process of finishing symbol with conversion.
(2) retrieval process of finishing symbol with conversion is retrieved by retrieval process section 206, the text ID of output result for retrieval.
(3) information block table is finished symbol with reference to section 201 input conversion, with reference to information block table 202, obtains and comprises the index information block message of finishing the corresponding text ID of symbol with conversion.
(4) message block access section 203 is according to the index information block message, and access and index file 204 corresponding message block are appended in the corresponding information piece when login and write text ID, reads the text ID of corresponding information piece and export when retrieval.
(5) information block table by using Hash directly to generate the address of finishing the corresponding index information block message of symbol with conversion, can take out the index information block message with reference to section 201 at high speed.
(6) information block table 202 is saved and is the file on the dish, but also can be saved on the primary storage when carrying out, and realizes high speed.Index file 204 also is saved and is the file on the dish.
(7) skew (offset) and the information block size of preservation message block in the index information block message of information block table 202, wherein this message block is preserved the text id information for respective symbol in index file.According to the index information block message, message block access section 203 can read and write the text id information by the minimal dish access of necessity.For the concealment of index information piece, the index information piece can be encrypted.In this case, not for index file 204 integral body, but encrypt respectively for each message block.
Next, the action of encryption search index section 200 shown in Figure 4 is described.
(encrypting the login process of search index section 200)
Fig. 7 is the flow process (process flow diagram of login process operation S301 ~ S307) of the login process in the encryption search index section 200 of presentation graphs 4.
(1) in S301, the 205 input logins of login process section are finished symbol with conversion.
(2) in S302, login process section 205 makes information block table login the reference of finishing the information block table 202 of symbol with conversion with reference to section 201, so that obtain corresponding index information block message.
(3) in S303, in the login process section 205 confirmation piece tables 202 whether corresponding clauses and subclauses (entry) are arranged.
(4) having in the situation of corresponding clauses and subclauses, login process section 205 is in S304, according to the index information block message of obtaining, make message block access section 203 obtain the index information piece from index file 204, and append in the index information piece with logining with conversion and finish the text ID that symbol is associated.
(5) in S303, do not having in the situation of corresponding clauses and subclauses, login process section 205 makes information block table append new clauses and subclauses with reference to section 201 to information block table 202 in S305.
(6) in S306, login process section 205 makes message block access section 203 append new index information piece to index file 204, and appends text ID to the index information piece in S307.
(retrieval process)
Fig. 8 is the flow process (process flow diagram of the example of retrieval process operation S401 ~ S406) of retrieval process of the encryption search index section 200 of presentation graphs 4.
(1) in S401, the 206 input retrievals of retrieval process section are finished symbol with conversion.
(2) in S402, retrieval process section 206 makes information block table retrieve the reference of finishing the information block table 202 of symbol with conversion with reference to section 201, so that obtain corresponding index information block message from information block table 202.
(3) in S403, confirm in information block table 202, whether to have corresponding clauses and subclauses.
(4) not having in the situation of corresponding clauses and subclauses, in S404, the result for retrieval of output " not having corresponding ".
(5) in S403, have in the situation of corresponding clauses and subclauses, in S405, retrieval process section 206 makes message block access section 203 obtain the index information piece from index file 204 according to the index information block message of obtaining, and obtains text ID and exports as result for retrieval from the index information piece in S406.
Embodiment 2
Embodiment 2 explanation is used as the end device 100-1(user of computing machine) hardware configuration.
Fig. 9 is the figure of an example of the outward appearance of expression end device 100-1.
In Fig. 9, an example of end device 100-1(keyword converting means) be connected with the cloud side device 100-2 of cloud side (ISP's side) via network (for example internet).End device 100-1 carries out until the processing of the data transformation of Fig. 1 (processing in the left side of the dotted line 31 of Fig. 1).The processing (processing on the right side of the dotted line 31 of Fig. 1) of the login of cloud side device 100-2 execution graph 1 and retrieval.End device 100-1 and cloud side device 100-2 consist of searching system 100.End device 100-1 has login side cutting part 111, login side symbolism section 112, login side and adds the function that compact part 113, keyword generating unit 120, retrieval side cutting part 121, retrieval side symbolism section 122, retrieval side add compact part 123.In addition, cloud side device 100-2 has the function of index login section 114, indexed search section 124 and encryption search index section 200.
Following explanation end device 100-1, but cloud side device 100-2 also is the computing machine same with end device 100-1, also is applicable to cloud side device 100-2 about the explanation of end device 100-1.
As shown in Figure 9, end device 100-1 possesses: system component 830, have CRT(Cathode Ray Tube, the display device 813 of display frame cathode-ray tube (CRT)), LCD(liquid crystal), keyboard 814(Key Board:K/B), mouse 815, FDD817(FlexibleDisk Drive, floppy disk), compact disc device 818(CDD:Compact DiskDrive), the hardware resource such as printer 819, these connect by cable, signal wire.System component 30 is connected with cloud side device 100-2 via network.
Figure 10 is the figure of the hardware resource of expression end device 100-1.End device 100-1 possesses the CPU810(Central Processing Unit of executive routine, CPU (central processing unit)).CPU810 is via bus 825 and ROM(Read Only Memory, ROM (read-only memory)) 811, RAM(Random Access Memory, random access storage device) 812, display device 813, keyboard 814, mouse 815, communication board (communication board) 816, FDD817, CDD818, print apparatus 819, disk set 820 are connected, and control these hardware devices.Replace disk set 820, also can use the memory storages such as optical disc apparatus, flash memory.
RAM812 is an example of volatile memory.The storage mediums such as ROM811, FDD817, CDD818, disk set 820 are examples of nonvolatile memory.These are examples of " memory storage " or storage part, preservation section, impact damper.Communication board 816, keyboard 814, FDD817 etc. are examples of input part, input media.In addition, communication board 816, display device 813, print apparatus 819 etc. are examples of efferent, output unit.Communication board 816 is connected to network.
In disk set 820, store operating system 821(OS), windows system 822, program group 823, file group 824.Program group 823 program is performed by CPU810, operating system 821, windows system 822.
In said procedure group 823, store the program of carrying out the function that in the explanation of embodiment, illustrates as " ~ section ".Program is read and is carried out by CPU810.
In file group 824, store the information that in the explanation of above embodiment, illustrates as " stratification rule ", as the information that " ~ result of determination ", " ~ result of calculation ", " ~ extraction result ", " ~ generation result ", " ~ result " illustrate, data, signal value, variate-value, parameter etc. are used as " ~ file ", " ~ database " projects (DB)." ~ file ", " ~ database " are stored in the recording mediums such as dish, storer.Canned data, data, signal value, variate-value, parameter are read in primary memory, the cache memory by CPU810 via read/write circuit in the storage mediums such as dish, storer, are used for the CPU actions such as extraction, retrieval, reference, comparison, computing, calculating, processing, output, printing, demonstration.During the CPU action of extraction, retrieval, reference, comparison, computing, calculating, processing, output, printing, demonstration, information, data, signal value, variate-value, parameter are temporarily stored in primary memory, cache memory, the memory buffer.
In addition, in the explanation of above-mentioned embodiment, data, signal value are recorded in storer, the floppy disk of FDD817, the compact disc of CDD818, the disk of disk set 820, other CD, mini-disk (mini disk), the DVD(Digital Versatile Disk of RAM812, digital versatile disc) etc. in the recording medium.In addition, data, signal transmit online by bus 825, signal wire, cable, other transmission medium.
In addition, in the explanation of above embodiment, the part that illustrates as " ~ section " also can be " ~ unit ", " ~ circuit ", " ~ instrument ", in addition, also can be " ~ step ", " ~ order ", " ~ processing ".That is to say that the part that illustrates as " ~ section " also can realize by the firmware of storing in ROM811.Perhaps also can be only by software, perhaps only by hardware such as element, equipment, substrate, wirings, the perhaps combination by software and hardware, further, by implementing with the combination of firmware.Firmware and software as procedure stores in the recording mediums such as disk, floppy disk, CD, compact disc, mini-disk, DVD.Program is read by CPU810, and is carried out by CPU810.That is to say that program makes computing machine as above-mentioned " ~ section " performance function.Perhaps, program makes computing machine carry out order, the method for above-mentioned " ~ section ".
In addition, the keyword converting means has been described in the above embodiment, but also the action of keyword converting means can have been grasped as keyword transform method or keyword conversion program.The recording medium that also can read as the computing machine of recorded key word conversion program further, is grasped.
In the above embodiment, illustrated that enforcement possesses the searching system of the range retrieval method of following steps.To sign in to the searching system from the searching object keyword of the data pick-up that becomes searching object, in the range retrieval method by the described searching system retrieval data consistent with the search condition of the scope with value, comprise:
(1) segmentation procedure is divided into N (N>=1) value with 1 described searching object keyword;
(2) symbolism step about described N value, is encoded into respectively the symbol that has added label;
(3) data transformation step is transformed into N login by specific conversion respectively for a described N symbol and finishes symbol with conversion;
(4) login step is finished symbol with described N login with conversion and is associated with the data that become described searching object and sign in in the searching system;
(5) search key generates step, generates a plurality of search keys according to the search condition of the scope with value;
(6) retrieval side segmentation procedure is divided into N value with 1 described search key, and extracts wherein M (N>=M>=1) value;
(7) retrieval side symbolism step about described M value, is encoded into respectively the symbol that has added label;
(8) retrieval side data conversion step is transformed into M retrieval by specific conversion respectively for a described M symbol and finishes symbol with conversion;
(9) searching step is finished searching object data that symbol all comprise with M retrieval with conversion by the searching system retrieval.
Following range retrieval method has been described in the above embodiment:
Be in the situation of string data at described searching object keyword in the described step of cutting apart, string data be divided into value take character as unit,
Add the position of the character in the described string data in the described step of encoding as label.
Following range retrieval method has been described in the above embodiment:
Be in the situation of round values data at described searching object keyword in the described step of cutting apart, the round values Data Segmentation become bitwise numerical value,
Add the bit position of the numerical value of cutting apart in the described step of encoding as label.
Following range retrieval method has been described in the above embodiment:
Date data or constantly in the situation of data at described searching object keyword in the described retrieval side segmentation procedure, with date data or constantly data carry out sequence number and cut apart as described round values data.
Following range retrieval method has been described in the above embodiment:
To retrieve the order of finishing symbol with conversion in the described searching step retrieves after changing randomly.

Claims (10)

1. keyword converting means is characterized in that possessing:
Login side cutting part, this login side cutting part input login keyword, wherein, this login keyword is according to the performance of the form of expression of the regulation of the stratification that can be divided into many levels, and this login side cutting part is based on the stratification rule of the rule that has determined described stratification, and described login is divided into key element for each level with keyword;
Login side position information appendix is namely logined positional information with the level under the level key element additional representation to each key element of being cut apart by described login side cutting part; And
Login side data transformation component, date mapping rule according to the rules carries out data transformation to each the described login that has added described positional information by described login side position information appendix with the level key element.
2. keyword converting means according to claim 1 is characterized in that:
Described login side position information appendix input represents the described login attribute information of the attribute of keyword, and described attribute information is appended to each described login level key element;
Described login side data transformation component carries out data transformation to each the described login that has added described positional information and described attribute information by described login side position information appendix with the level key element according to described date mapping rule.
3. keyword converting means according to claim 2 is characterized in that, described keyword converting means further possesses:
Retrieval side keyword generating unit, input the first search condition, determine whether and described the first search condition of inputting can be changed to the second search condition, described the first search condition can be changed to described the second search condition if be judged to be, then described the first search condition is changed to described the second search condition, and described the second search condition of having changed of output, can not change if be judged to be, then export described the first search condition, wherein, described the first search condition comprises according to a plurality of retrieval keywords of described login with the described form of expression performance of keyword, and specify the searching object scope based on described a plurality of retrievals with keyword, described the second search condition is specified the searching object scope identical with the described searching object scope of described the first search condition, and comprises according to described login and can carry out special stratified retrieval that non-concern shows and possess to retrieve with at least one peculiar level of keyword and use keyword with the described form of expression performance of keyword and as possessing;
Retrieval side cutting part, input is by described first search condition of described retrieval side keyword generating unit output and the some described search condition in described the second search condition, and the whole described retrieval that comprises in the described search condition that the described stratification rule of using based on described login side cutting part will be inputted is divided into a plurality of key elements with keyword;
Retrieval side position information appendix is namely retrieved with the additional described positional information of level key element each key element of being cut apart by described retrieval side cutting part; And
Retrieval side data transformation component, the described date mapping rule according to described retrieval side data transformation component uses carries out data transformation to each the described retrieval that has added described positional information by described retrieval side position information appendix with the level key element.
4. keyword converting means according to claim 3 is characterized in that:
Described retrieval side keyword generating unit comprises a plurality of described retrievals with in the situation of keyword, in described the second search condition, by logical operation in conjunction with each described retrieval with keyword each other in described the second search condition;
If described retrieval side cutting part is inputted described the second search condition, then when keeping the relation of described logical operation, based on described stratification rule the whole described retrieval that described the second search condition comprises is divided into a plurality of described retrieval level key elements with keyword.
5. keyword converting means is characterized in that possessing:
Retrieval side keyword generating unit, input the first search condition, determine whether and described the first search condition of inputting can be changed to the second search condition, described the first search condition can be changed to described the second search condition if be judged to be, then described the first search condition is changed to described the second search condition, and described the second search condition of having changed of output, can not change if be judged to be, then export described the first search condition, wherein, described the first search condition comprises a plurality of retrieval keywords according to the form of expression performance of the regulation of the stratification that can be divided into many levels, and specify the searching object scope based on described a plurality of retrievals with keyword, described the second search condition is specified the searching object scope identical with the described searching object scope of described the first search condition, and comprises according to the described retrieval of inputting and can carry out special stratified retrieval that non-concern shows and possess to retrieve with at least one peculiar level of keyword and use keyword with the described form of expression performance of keyword and as possessing;
Retrieval side cutting part, input is by described first search condition of described retrieval side keyword generating unit output and the some described search condition in described the second search condition, and the whole described retrieval that comprises in the described search condition that will input based on the described stratification rule of the rule that has determined described stratification is divided into a plurality of key elements with keyword;
Retrieval side position information appendix is namely retrieved positional information with the level under the level key element additional representation to each key element of being cut apart by described retrieval side cutting part; And
Retrieval side data transformation component, date mapping rule according to the rules carries out data transformation to each the described retrieval that has added described positional information by described retrieval side position information appendix with the level key element.
6. a keyword conversion program is characterized in that, makes computing machine as following part performance function:
Login side cutting part, this login side cutting part input login keyword, wherein, this login keyword is according to the performance of the form of expression of the regulation of the stratification that can be divided into many levels, and this login side cutting part is based on the stratification rule of the rule that has determined described stratification, and described login is divided into key element for each level with keyword;
Login side position information appendix is namely logined positional information with the level under the level key element additional representation to each key element of being cut apart by described login side cutting part;
Login side data transformation component, date mapping rule according to the rules carries out data transformation to each the described login that has added described positional information by described login side position information appendix with the level key element.
7. a keyword conversion program is characterized in that, makes computing machine as following part performance function:
Retrieval side keyword generating unit, input the first search condition, determine whether and described the first search condition of inputting can be changed to the second search condition, described the first search condition can be changed to described the second search condition if be judged to be, then described the first search condition is changed to described the second search condition, and described the second search condition of having changed of output, can not change if be judged to be, then export described the first search condition, wherein, described the first search condition comprises a plurality of retrieval keywords according to the form of expression performance of the regulation of the stratification that can be divided into many levels, and specify the searching object scope based on described a plurality of retrievals with keyword, described the second search condition is specified the searching object scope identical with the described searching object scope of described the first search condition, and comprises according to the described retrieval of inputting and can carry out special stratified retrieval that non-concern shows and possess to retrieve with at least one peculiar level of keyword and use keyword with the described form of expression performance of keyword and as possessing;
Retrieval side cutting part, input is by described first search condition of described retrieval side keyword generating unit output and the some described search condition in described the second search condition, and the whole described retrieval that comprises in the described search condition that will input based on the described stratification rule of the rule that has determined described stratification is divided into a plurality of key elements with keyword;
Retrieval side position information appendix is namely retrieved positional information with the level under the level key element additional representation to each key element of being cut apart by described retrieval side cutting part;
Retrieval side data transformation component, date mapping rule according to the rules carries out data transformation to each the described retrieval that has added described positional information by described retrieval side position information appendix with the level key element.
8. the recording medium of an embodied on computer readable is characterized in that, has recorded claim 6 or 7 described keyword conversion programs.
9. keyword transform method is characterized in that:
(1) input is according to the login keyword of the form of expression performance of the regulation of the stratification that can be divided into many levels, based on the stratification rule of the rule that has determined described stratification, described login is divided into key element for each level with keyword;
(2) each key element of cutting apart is namely logined positional information with the level under the level key element additional representation;
(3) according to the rules date mapping rule carries out data transformation to each the described login that has added described positional information with the level key element.
10. keyword transform method is characterized in that:
(1) input the first search condition, determine whether and described the first search condition of inputting can be changed to the second search condition, described the first search condition can be changed to described the second search condition if be judged to be, then described the first search condition is changed to described the second search condition, and described the second search condition of having changed of output, can not change if be judged to be, then export described the first search condition, wherein, described the first search condition comprises a plurality of retrieval keywords according to the form of expression performance of the regulation of the stratification that can be divided into many levels, and specify the searching object scope based on described a plurality of retrievals with keyword, described the second search condition is specified the searching object scope identical with the described searching object scope of described the first search condition, and comprises according to described form of expression performance and as possessing the special stratified retrieval that can carry out non-concern performance and possess to retrieve with at least one peculiar level of keyword and use keyword;
(2) described the first search condition of exporting and the some described search condition in described the second search condition, the whole described retrieval that comprises in the described search condition that will input based on the described stratification rule of the rule that has determined described stratification is divided into a plurality of key elements with keyword;
(3) each key element of cutting apart is namely retrieved positional information with the level under the level key element additional representation;
(4) according to the rules date mapping rule carries out data transformation to each the described retrieval that has added described positional information with the level key element.
CN2010800679455A 2010-07-08 2010-07-08 Keyword conversion device, keyword conversion program, recording medium, and keyword conversion method Pending CN102985920A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2010/061635 WO2012004880A1 (en) 2010-07-08 2010-07-08 Keyword conversion device, keyword conversion program, recording medium, and keyword conversion method

Publications (1)

Publication Number Publication Date
CN102985920A true CN102985920A (en) 2013-03-20

Family

ID=45440879

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2010800679455A Pending CN102985920A (en) 2010-07-08 2010-07-08 Keyword conversion device, keyword conversion program, recording medium, and keyword conversion method

Country Status (3)

Country Link
JP (1) JP5425307B2 (en)
CN (1) CN102985920A (en)
WO (1) WO2012004880A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108475480A (en) * 2016-01-15 2018-08-31 三菱电机株式会社 Encryption device, encryption method and encipheror
CN111587452A (en) * 2018-01-17 2020-08-25 三菱电机株式会社 Registration device, search operation device, data management device, registration program, search operation program, and data management program

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5367179B1 (en) * 2012-09-20 2013-12-11 株式会社東芝 Data processing apparatus, data management system, data processing method and program
JP5255154B1 (en) * 2012-12-26 2013-08-07 株式会社エアー Crypto system capable of partial match search
WO2017122326A1 (en) 2016-01-14 2017-07-20 三菱電機株式会社 Confidential search system, confidential search method and confidential search program
US11106740B2 (en) 2017-04-25 2021-08-31 Mitsubishi Electric Corporation Search device, search system, search method, and computer readable medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6363377B1 (en) * 1998-07-30 2002-03-26 Sarnoff Corporation Search data processor
CN1588366A (en) * 2004-08-02 2005-03-02 中国科学院计算机网络信息中心 Ciphertext data base search technology
JP2007052698A (en) * 2005-08-19 2007-03-01 Kddi Corp Method for generating and retrieving index of encrypted document and encrypted document retrieval system
CN101561815A (en) * 2009-05-19 2009-10-21 华中科技大学 Distributed cryptograph full-text retrieval system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3178483B2 (en) * 1992-06-09 2001-06-18 富士ゼロックス株式会社 Document processing device
JP2005284915A (en) * 2004-03-30 2005-10-13 Canon Inc Information retrieval device and method, information retrieval system, and control method for the same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6363377B1 (en) * 1998-07-30 2002-03-26 Sarnoff Corporation Search data processor
CN1588366A (en) * 2004-08-02 2005-03-02 中国科学院计算机网络信息中心 Ciphertext data base search technology
JP2007052698A (en) * 2005-08-19 2007-03-01 Kddi Corp Method for generating and retrieving index of encrypted document and encrypted document retrieval system
CN101561815A (en) * 2009-05-19 2009-10-21 华中科技大学 Distributed cryptograph full-text retrieval system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108475480A (en) * 2016-01-15 2018-08-31 三菱电机株式会社 Encryption device, encryption method and encipheror
CN108475480B (en) * 2016-01-15 2021-03-23 三菱电机株式会社 Encryption device, encryption method, and storage device
CN111587452A (en) * 2018-01-17 2020-08-25 三菱电机株式会社 Registration device, search operation device, data management device, registration program, search operation program, and data management program
CN111587452B (en) * 2018-01-17 2023-03-31 三菱电机株式会社 Registration device, search operation device, data management device, and computer-readable storage medium

Also Published As

Publication number Publication date
JP5425307B2 (en) 2014-02-26
WO2012004880A1 (en) 2012-01-12
JPWO2012004880A1 (en) 2013-09-02

Similar Documents

Publication Publication Date Title
US10778441B2 (en) Redactable document signatures
US9576005B2 (en) Search system
US8649552B2 (en) Data obfuscation of text data using entity detection and replacement
US9965644B2 (en) Record level data security
US8948375B2 (en) Systems for embedding information in data strings
AU2014237406B2 (en) Method and apparatus for substitution scheme for anonymizing personally identifiable information
US20170277774A1 (en) Systems and methods for secure storage of user information in a user profile
CN102985920A (en) Keyword conversion device, keyword conversion program, recording medium, and keyword conversion method
US20150178490A1 (en) System For And Method Of Generating Visual Passwords
US20130198525A1 (en) Systems for structured encryption using embedded information in data strings
WO2016045641A2 (en) Data block storage method, data query method and data modification method
JP2012164031A (en) Data processor, data storage device, data processing method, data storage method and program
US20160142486A1 (en) Data-access system and method for storing data and reading data
US10248668B2 (en) Mapping database structure to software
US20230274007A1 (en) Response-Hiding Searchable Encryption
CN105279198A (en) Data table storage method, data table modification method, data table query method and data table statistical method
US10664664B2 (en) User feedback for low-confidence translations
JP5307199B2 (en) Data management system and data management method
EP3392864B1 (en) Data processing system and data processing method
CN112912870A (en) Tenant identifier conversion
WO2021255668A1 (en) A computer implemented method for the generation and management of codes.
Siwach et al. Encrypted Search & Cluster Formation in Big Data
CN110324402B (en) Trusted cloud storage service platform based on trusted user front end and working method
US20220156449A1 (en) System and method for providing steganographic text encoding
CN114330758B (en) Data processing method, device and storage medium based on federal learning

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20130320