Oracle 透明数据加密(TDE)的常见任务

news/2024/11/28 18:26:00/

环境准备

一个容器数据库,带一个PDB:orclpdb1。
目前没有进行任何加密设置。

SQL> show pdbs;CON_ID CON_NAME                       OPEN MODE  RESTRICTED
---------- ------------------------------ ---------- ----------2 PDB$SEED                       READ ONLY  NO3 ORCLPDB1                       READ WRITE NOSQL> show parameter wallet_root;NAME                                 TYPE        VALUE
------------------------------------ ----------- ------------------------------
wallet_root                          stringSQL> show parameter tde_configurationNAME                                 TYPE        VALUE
------------------------------------ ----------- ------------------------------
tde_configuration                    string

配置Key Store

connect / as sysdba
ALTER SYSTEM SET wallet_root='$ORACLE_BASE/wallet' SCOPE=SPFILE;
shutdown immediate;
startup
!mkdir $ORACLE_BASE/wallet
ALTER SYSTEM SET tde_configuration="keystore_configuration=file"  SCOPE=BOTH;

目前位置,$ORACLE_BASE/wallet中还没有任何文件。

创建Key Store

connect / as sysdba
ADMINISTER KEY MANAGEMENT CREATE KEYSTORE IDENTIFIED BY keypwd;

此时,key store文件有了:

SQL> !ls $ORACLE_BASE/wallet
tdeSQL> !ls $ORACLE_BASE/wallet/tde
ewallet.p12

但key store的状态是关闭的:

SQL> select con_id, status from V$ENCRYPTION_WALLET;CON_ID STATUS
---------- ------------------------------1 CLOSED2 CLOSED3 CLOSED

打开key store:

ADMINISTER KEY MANAGEMENT SET KEYSTORE OPEN IDENTIFIED BY keypwd;

此时,根数据库的key store状态变成OPEN_NO_MASTER_KEY:

SQL> select con_id, status from V$ENCRYPTION_WALLET;CON_ID STATUS
---------- ------------------------------1 OPEN_NO_MASTER_KEY2 CLOSED3 CLOSED

创建Master Key:

ADMINISTER KEY MANAGEMENT SET KEY 
FORCE KEYSTORE
IDENTIFIED BY keypwd 
WITH BACKUP USING 'mekbkp';

我们可以看到备份,而且key store的状态变为:

SQL> !ls $ORACLE_BASE/wallet/tde
ewallet_2023091407054383_mekbkp.p12  ewallet.p12SQL> select con_id, status from V$ENCRYPTION_WALLET;CON_ID STATUS
---------- ------------------------------1 OPEN2 CLOSED3 CLOSED

当前系统表状态

Oracle 19c Advanced Security Guide 文档列出了TDE相关的系统表。我们大致看一下。

V$ENCRYPTION_WALLET和key store相关:

SQL>
set lines 120
col status for a10
select CON_ID, WRL_TYPE, STATUS, WALLET_TYPE, WALLET_ORDER, KEYSTORE_MODE from V$ENCRYPTION_WALLET;CON_ID WRL_TYPE             STATUS     WALLET_TYPE          WALLET_OR KEYSTORE
---------- -------------------- ---------- -------------------- --------- --------1 FILE                 OPEN       PASSWORD             SINGLE    NONE2 FILE                 CLOSED     UNKNOWN              SINGLE    UNITED3 FILE                 CLOSED     UNKNOWN              SINGLE    UNITED

V$DATABASE_KEY_INFO与系统表空间加密有关:

SQL> select * from V$DATABASE_KEY_INFO;ENCRYPT ENCRYPTEDKEY
------- ------------------------------------------------------------------------------------------------
MASTERKEYID                      MAS     CON_ID
-------------------------------- --- ----------
AES128  77B4410C25AFD59E983669101DE55EB20000000000000000000000000000000000000000000000000000000000000000
24F4F8FE12434F18BF88049E85E70C82 YES          1NONE    000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000 NO           2NONE    000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000 NO           3

V$ENCRYPTION_KEYS和master key有关:

col creation_time for a20
col activation_time for a20
col creator_pdbname for a12
col origin for a10
alter session set nls_date_format = 'MM/DD/YYYY HH24:MI';
select cast(creation_time as date) as creation_time, cast(activation_time as date) as activation_time , key_use, keystore_type, origin, backed_up, creator_pdbname from V$ENCRYPTION_KEYS;CREATION_TIME        ACTIVATION_TIME      KEY_USE    KEYSTORE_TYPE     ORIGIN     BACKED_UP CREATOR_PDBN
-------------------- -------------------- ---------- ----------------- ---------- --------- ------------
09/14/2023 07:05     09/14/2023 07:05     TDE IN PDB SOFTWARE KEYSTORE LOCAL      NO        CDB$ROOT

加解密PDB中的表空间

连接到PDB。

SQL> connect sys@orclpdb1 as sysdba
Enter password:
Connected.

目前PDB中还没有master key,因此无法加密:

SQL> alter tablespace users encryption online encrypt;
alter tablespace users encryption online encrypt
*
ERROR at line 1:
ORA-28361: master key not yet setSQL> select status from V$ENCRYPTION_WALLET;STATUS
----------
CLOSED

设置PDB中的master key:

ADMINISTER KEY MANAGEMENT SET KEYSTORE OPEN IDENTIFIED BY keypwd;
ADMINISTER KEY MANAGEMENT SET KEY IDENTIFIED BY keypwd WITH BACKUP USING 'pdbmekbkp';

现在PDB的master key已经设置好:

SQL> select status from V$ENCRYPTION_WALLET;STATUS
------------------------------
OPENSQL> !ls -l1 $ORACLE_BASE/wallet/tde
total 16
-rw-------. 1 oracle oinstall 2555 Sep 14 07:05 ewallet_2023091407054383_mekbkp.p12
-rw-------. 1 oracle oinstall 3995 Sep 14 08:42 ewallet_2023091408425331_pdbmekbkp.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 08:42 ewallet.p12

现在加解密都没有问题了:

-- 在线加密
SQL> alter tablespace users encryption online encrypt;Tablespace altered.SQL> alter tablespace users encryption online decrypt;Tablespace altered.-- 离线加密
SQL> alter tablespace users offline;Tablespace altered.SQL> alter tablespace users encryption offline encrypt;Tablespace altered.SQL> alter tablespace users online;Tablespace altered.

当前系统表状态

以下SQL语句均在CDB$ROOT中执行。

V$ENCRYPTION_WALLET和key store相关,其中PDB相关的行变化了:

SQL>
set lines 120
col status for a10
select CON_ID, WRL_TYPE, STATUS, WALLET_TYPE, WALLET_ORDER, KEYSTORE_MODE from V$ENCRYPTION_WALLET;CON_ID WRL_TYPE             STATUS     WALLET_TYPE          WALLET_OR KEYSTORE
---------- -------------------- ---------- -------------------- --------- --------1 FILE                 OPEN       PASSWORD             SINGLE    NONE2 FILE                 CLOSED     UNKNOWN              SINGLE    UNITED3 FILE                 OPEN       PASSWORD             SINGLE    UNITED

V$DATABASE_KEY_INFO与系统表空间加密有关,也是和PDB相关的行变化了:

SQL> select * from V$DATABASE_KEY_INFO;ENCRYPT ENCRYPTEDKEY
------- ------------------------------------------------------------------------------------------------
MASTERKEYID                      MAS     CON_ID
-------------------------------- --- ----------
AES128  77B4410C25AFD59E983669101DE55EB20000000000000000000000000000000000000000000000000000000000000000
24F4F8FE12434F18BF88049E85E70C82 YES          1NONE    000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000 NO           2AES128  69A8A389784AFCD06F84FE3EB12F3E8A0000000000000000000000000000000000000000000000000000000000000000
64D9F54F8A354F36BFECB3955CDD77DA YES          3

V$ENCRYPTION_KEYS和master key有关:

col creation_time for a20
col activation_time for a20
col creator_pdbname for a12
col origin for a10
alter session set nls_date_format = 'MM/DD/YYYY HH24:MI';
select cast(creation_time as date) as creation_time, cast(activation_time as date) as activation_time , key_use, keystore_type, origin, backed_up, creator_pdbname from V$ENCRYPTION_KEYS;CREATION_TIME        ACTIVATION_TIME      KEY_USE    KEYSTORE_TYPE     ORIGIN     BACKED_UP CREATOR_PDBN
-------------------- -------------------- ---------- ----------------- ---------- --------- ------------
09/14/2023 07:05     09/14/2023 07:05     TDE IN PDB SOFTWARE KEYSTORE LOCAL      YES       CDB$ROOT
09/14/2023 08:42     09/14/2023 08:42     TDE IN PDB SOFTWARE KEYSTORE LOCAL      NO        ORCLPDB1

以下SQL语句均在PDB中执行:

SQL> select encrypted from user_tablespaces where tablespace_name = 'USERS';ENC
---
YESSQL> select TS#, ENCRYPTIONALG, ENCRYPTEDTS, STATUS, CON_ID from V$ENCRYPTED_TABLESPACES;TS# ENCRYPT ENC STATUS         CON_ID
---------- ------- --- ---------- ----------5 AES128  YES NORMAL              3

Key Store改为自动登录

目前表空间可以加解密,但有一个问题。即如果数据库重启,我们还需要手工打开Key Store。

connect / as sysdba
ADMINISTER KEY MANAGEMENT CREATE 
AUTO_LOGIN KEYSTORE FROM KEYSTORE
IDENTIFIED BY keypwd;

现在Key Store的WALLET_TYPE由PASSWORD变为AUTOLOGIN:

set lines 120
col status for a10
select CON_ID, WRL_TYPE, STATUS, WALLET_TYPE, WALLET_ORDER, KEYSTORE_MODE from V$ENCRYPTION_WALLET;CON_ID WRL_TYPE             STATUS     WALLET_TYPE          WALLET_OR KEYSTORE
---------- -------------------- ---------- -------------------- --------- --------1 FILE                 OPEN       AUTOLOGIN            SINGLE    NONE2 FILE                 OPEN       AUTOLOGIN            SINGLE    UNITED3 FILE                 OPEN       AUTOLOGIN            SINGLE    UNITED

重启数据库后,Key Store状态自动变为打开:

SQL> select status from V$ENCRYPTION_WALLET;STATUS
----------
OPEN
OPEN
OPENSQL> !ls -l1 $ORACLE_BASE/wallet/tde
total 24
-rw-------. 1 oracle oinstall 5512 Sep 14 08:59 cwallet.sso
-rw-------. 1 oracle oinstall 2555 Sep 14 07:05 ewallet_2023091407054383_mekbkp.p12
-rw-------. 1 oracle oinstall 3995 Sep 14 08:42 ewallet_2023091408425331_pdbmekbkp.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 08:42 ewallet.p12

自动登录的Key Store文件为cwallet.sso。

备份Key Store

此操作需在CDB$ROOT中进行,否则报错:

SQL> ADMINISTER KEY MANAGEMENT BACKUP KEYSTORE USING 'bkp230914' IDENTIFIED BY keypwd;
ADMINISTER KEY MANAGEMENT BACKUP KEYSTORE USING 'bkp230914' IDENTIFIED BY keypwd
*
ERROR at line 1:
ORA-65040: operation not allowed from within a pluggable database

必须用FORCE KEYSTORE子句:

SQL> ADMINISTER KEY MANAGEMENT BACKUP KEYSTORE USING 'bkp230914' IDENTIFIED BY keypwd;
ADMINISTER KEY MANAGEMENT BACKUP KEYSTORE USING 'bkp230914' IDENTIFIED BY keypwd
*
ERROR at line 1:
ORA-28417: password-based keystore is not openSQL> ADMINISTER KEY MANAGEMENT BACKUP KEYSTORE USING 'bkp230914' FORCE KEYSTORE IDENTIFIED BY keypwd;keystore altered.

查看生成的备份文件,看来在tag中加入日期是多此一举:

SQL> !ls -l1 $ORACLE_BASE/wallet/tde
total 32
-rw-------. 1 oracle oinstall 5512 Sep 14 09:04 cwallet.sso
-rw-------. 1 oracle oinstall 2555 Sep 14 07:05 ewallet_2023091407054383_mekbkp.p12
-rw-------. 1 oracle oinstall 3995 Sep 14 08:42 ewallet_2023091408425331_pdbmekbkp.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:04 ewallet_2023091409040585_bkp230914.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:04 ewallet.p12

也可以备份到指定位置:

SQL> connect / as sysdba;
Connected.
SQL> ADMINISTER KEY MANAGEMENT BACKUP KEYSTORE USING 'bkp230914' FORCE KEYSTORE IDENTIFIED BY keypwd to '/tmp';keystore altered.SQL> !ls /tmp/*bkp*
/tmp/ewallet_2023091402173955_bkp230914.p12

修改Wallet类型为Local Auto Login

当前类型为Auto Login,但Local Auto Login更安全,因为只能在本机使用。

SQL> select WALLET_TYPE from V$ENCRYPTION_WALLET;WALLET_TYPE
--------------------
AUTOLOGIN

过程:


-- 关闭key store
SQL> administer key management set keystore close;
keystore altered.SQL> show parameter wallet_rootNAME                                 TYPE        VALUE
------------------------------------ ----------- ----------------------------------
wallet_root                          string      /u01/app/oracle/admin/ORCL/wallet-- 必须将原有的auto login key store移走,否则后续建立时报错
-- ORA-46630: keystore cannot be created at the specified location
SQL> !cd /u01/app/oracle/admin/ORCL/wallet
SQL> !mv cwallet.sso cwallet.sso.bakSQL> administer key management set keystore open force keystore identified by keypwd;
keystore altered.SQL> administer key management create local auto_login keystore from keystore identified by keypwd;
keystore altered.

修改Key Store的口令

修改口令可以不备份,但必须使用FORCE KEYSTORE打开Key Store:

connect / as sysdbaADMINISTER KEY MANAGEMENT ALTER KEYSTORE PASSWORD 
FORCE KEYSTORE
IDENTIFIED BY
keypwd 
SET newkeypwd;

修改口令不影响加解密操作。

不知为何,修改口令时,第一次不要求备份,而第二次要求:

ADMINISTER KEY MANAGEMENT ALTER KEYSTORE PASSWORD
FORCE KEYSTORE
IDENTIFIED BY
newkeypwd5  SET keypwd;
ADMINISTER KEY MANAGEMENT ALTER KEYSTORE PASSWORD
*
ERROR at line 1:
ORA-46631: keystore needs to be backed upSQL>
ADMINISTER KEY MANAGEMENT ALTER KEYSTORE PASSWORD 
FORCE KEYSTORE
IDENTIFIED BY
newkeypwd 
SET keypwd
WITH BACKUP USING 'chgpwd';SQL> !ls -l1 $ORACLE_BASE/wallet/tde
total 40
-rw-------. 1 oracle oinstall 5512 Sep 14 09:20 cwallet.sso
-rw-------. 1 oracle oinstall 2555 Sep 14 07:05 ewallet_2023091407054383_mekbkp.p12
-rw-------. 1 oracle oinstall 3995 Sep 14 08:42 ewallet_2023091408425331_pdbmekbkp.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:04 ewallet_2023091409040585_bkp230914.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:20 ewallet_2023091409204262_chgpwd.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:20 ewallet.p12

Master Key的 Rekey(轮换)

Rekey操作会新建一个master key,并激活他。

CDB$ROOT和PDB有各自的Master Key,本例仅针对PDB。

SQL> alter session set container=orclpdb1;
Session altered.col creation_time for a20
col activation_time for a20
col creator_pdbname for a12
col origin for a10
alter session set nls_date_format = 'MM/DD/YYYY HH24:MI';
select cast(creation_time as date) as creation_time, cast(activation_time as date) as activation_time , key_use, keystore_type, origin, backed_up, creator_pdbname from V$ENCRYPTION_KEYS;CREATION_TIME        ACTIVATION_TIME      KEY_USE    KEYSTORE_TYPE     ORIGIN     BACKED_UP CREATOR_PDBN
-------------------- -------------------- ---------- ----------------- ---------- --------- ------------
09/14/2023 08:42     09/14/2023 08:42     TDE IN PDB SOFTWARE KEYSTORE LOCAL      YES       ORCLPDB1

执行rekey操作:

ADMINISTER KEY MANAGEMENT 
SET ENCRYPTION KEY
FORCE KEYSTORE
IDENTIFIED BY keypwd
WITH BACKUP USING 'mekrekey';keystore altered.SQL> !ls -l1 $ORACLE_BASE/wallet/tde
total 48
-rw-------. 1 oracle oinstall 6776 Sep 14 09:28 cwallet.sso
-rw-------. 1 oracle oinstall 2555 Sep 14 07:05 ewallet_2023091407054383_mekbkp.p12
-rw-------. 1 oracle oinstall 3995 Sep 14 08:42 ewallet_2023091408425331_pdbmekbkp.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:04 ewallet_2023091409040585_bkp230914.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:20 ewallet_2023091409204262_chgpwd.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:28 ewallet_2023091409281769_mekrekey.p12
-rw-------. 1 oracle oinstall 6731 Sep 14 09:28 ewallet.p12

此时,V$ENCRYPTION_KEYS表新增了一条记录:

CREATION_TIME        ACTIVATION_TIME      KEY_USE    KEYSTORE_TYPE     ORIGIN     BACKED_UP CREATOR_PDBN
-------------------- -------------------- ---------- ----------------- ---------- --------- ------------
09/14/2023 08:42     09/14/2023 08:42     TDE IN PDB SOFTWARE KEYSTORE LOCAL      YES       ORCLPDB1
09/14/2023 09:28     09/14/2023 09:28     TDE IN PDB SOFTWARE KEYSTORE LOCAL      NO        ORCLPDB1

很容易猜到,ACTIVATION_TIME最新,BACKED_UP为NO的应该就是当前的Master Key。

加密Key的Rekey

本例也是针对PDB。

Master Key的rekey不会重新解密和加密数据,但DEK(Data Encryption Key)的rekey会。

表空间加密使用alter tablespace,表加密则使用alter table。本例为前者,并使用在线的rekey:

SQL> alter tablespace users encryption rekey;Tablespace altered.Elapsed: 00:01:23.42

创建和激活Master Key

这个分两步进行的操作实际就是Rekey的过程。

虽然也可以针对CDB$ROOT,但本例针对PDB。

SQL>
ADMINISTER KEY MANAGEMENT CREATE KEY 
USING TAG 'newmek'
FORCE KEYSTORE
IDENTIFIED BY keypwd
WITH BACKUP USING 'newmek';SQL> !ls -l1 $ORACLE_BASE/wallet/tde
total 60
-rw-------. 1 oracle oinstall 8216 Sep 14 09:58 cwallet.sso
-rw-------. 1 oracle oinstall 2555 Sep 14 07:05 ewallet_2023091407054383_mekbkp.p12
-rw-------. 1 oracle oinstall 3995 Sep 14 08:42 ewallet_2023091408425331_pdbmekbkp.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:04 ewallet_2023091409040585_bkp230914.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:20 ewallet_2023091409204262_chgpwd.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:28 ewallet_2023091409281769_mekrekey.p12
-rw-------. 1 oracle oinstall 6731 Sep 14 09:58 ewallet_2023091409580241_newmek.p12
-rw-------. 1 oracle oinstall 8171 Sep 14 09:58 ewallet.p12

可以,看到此Master Key并没有激活(ACTIVATION_TIME为空):

CREATION_TIME        ACTIVATION_TIME      KEY_USE    KEYSTORE_TYPE     ORIGIN     BACKED_UP CREATOR_PDBN
-------------------- -------------------- ---------- ----------------- ---------- --------- ------------
09/14/2023 09:28     09/14/2023 09:28     TDE IN PDB SOFTWARE KEYSTORE LOCAL      YES       ORCLPDB1
09/14/2023 08:42     09/14/2023 08:42     TDE IN PDB SOFTWARE KEYSTORE LOCAL      YES       ORCLPDB1
09/14/2023 09:58                          TDE IN PDB SOFTWARE KEYSTORE LOCAL      NO        ORCLPDB1

激活Master Key:

SQL> select key_id from V$ENCRYPTION_KEYS where ACTIVATION_TIME is null;KEY_ID
------------------------------------------------------------------------------
AYgYXF7JY08WvylfJIZ44LUAAAAAAAAAAAAAAAAAAAAAAAAAAAAASQL>
ADMINISTER KEY MANAGEMENT USE KEY
'AYgYXF7JY08WvylfJIZ44LUAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
FORCE KEYSTORE
IDENTIFIED BY keypwd
WITH BACKUP USING 'newmek';keystore altered.SQL> !ls -l1 $ORACLE_BASE/wallet/tde
total 68
-rw-------. 1 oracle oinstall 8216 Sep 14 10:11 cwallet.sso
-rw-------. 1 oracle oinstall 2555 Sep 14 07:05 ewallet_2023091407054383_mekbkp.p12
-rw-------. 1 oracle oinstall 3995 Sep 14 08:42 ewallet_2023091408425331_pdbmekbkp.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:04 ewallet_2023091409040585_bkp230914.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:20 ewallet_2023091409204262_chgpwd.p12
-rw-------. 1 oracle oinstall 5467 Sep 14 09:28 ewallet_2023091409281769_mekrekey.p12
-rw-------. 1 oracle oinstall 6731 Sep 14 09:58 ewallet_2023091409580241_newmek.p12
-rw-------. 1 oracle oinstall 8171 Sep 14 10:11 ewallet_2023091410112509_newmek.p12
-rw-------. 1 oracle oinstall 8171 Sep 14 10:11 ewallet.p12

系统表中的状态变了。

CREATION_TIME        ACTIVATION_TIME      KEY_USE    KEYSTORE_TYPE     ORIGIN     BACKED_UP CREATOR_PDBN
-------------------- -------------------- ---------- ----------------- ---------- --------- ------------
09/14/2023 09:28     09/14/2023 09:28     TDE IN PDB SOFTWARE KEYSTORE LOCAL      YES       ORCLPDB1
09/14/2023 08:42     09/14/2023 08:42     TDE IN PDB SOFTWARE KEYSTORE LOCAL      YES       ORCLPDB1
09/14/2023 09:58     09/14/2023 10:11     TDE IN PDB SOFTWARE KEYSTORE LOCAL      NO        ORCLPDB1

参考

  • A!Help: 19c Encryption

http://www.ppmy.cn/news/1121382.html

相关文章

代码随想录Day03 | 链表基础1 LeetCode T203 移除链表元素 T707设计链表 T206 反转链表

本题思路和解答主要来源于: 代码随想录 (programmercarl.com) LeetCode T203 移除链表元素 题目链接:203. 移除链表元素 - 力扣(LeetCode) 首先我们回顾一下单向链表,每个链表有一个指针域和一个数据域,在内存中是呈现不连续排列的,对比之前的数组,链…

Webpack监视文件修改,自动重新打包文件

方法一:使用watch监视文件变化 在终端中输入以下指令: npx webpack --watch 我们使用这种方法监听文件变化时只会监听我们计算机本地的文件变化,在开发场景中我们的项目是要部署到服务器中的,因此这种方式并不推荐。 方法二&…

【HCIE】09.MPLS VPN跨域C

跨域A回顾 缺点:因为使用了IPV4方式,导致两个ASBR之间都要建立实例,中间是多个实例,每个实例又是一使用一个单独的线缆。每台设备都需要消耗空间来存储IPV4的报文。 跨域B回顾 整个使用BGP进行传递,使用了MP-IBGP和M…

clickhouse分组排序,行号,取特定数量数据

文章目录 1、源数据2、生成数组2.1 groupArray 分组合并为数组2.2 arrayEnumerate 标记数据 3、rank()、row_number()3.1 说明3.2 使用 目前应用很多需求设计对数据分组并去特定数量的数据; clickhouse 新版本增加了row_number(),rank() 函数&#xff0c…

基于Java+SpringBoot+Vue+协同过滤算法的电影推荐系统(亮点:智能推荐、协同过滤算法、在线支付、视频观看)

协同过滤算法的电影推荐系统 一、前言二、我的优势2.1 自己的网站2.2 自己的小程序(小蔡coding)2.3 有保障的售后2.4 福利 三、开发环境与技术3.1 MySQL数据库3.2 Vue前端技术3.3 Spring Boot框架3.4 微信小程序 四、功能设计4.1 主要功能描述 五、系统实…

Java反序列化和php反序列化的区别

文章目录 PHP反序列化漏洞反序列化漏洞什么是反序列化漏洞?修改序列化后的数据,目的是什么? Java反序列化漏洞反序列化漏洞 PHP反序列化漏洞 序列化存在的意义是为了传输数据/对象,类是无法直接进行传输的。通过序列化后转换为字…

QT--day5

注册 mainwindow.h #ifndef MAINWINDOW_H #define MAINWINDOW_H#include <QMainWindow> #include<QPushButton> #include<QLineEdit> #include<QLabel> #include <QMessageBox> #include<QString> #include<QSqlDatabase> …

操作系统篇之虚拟内存

虚拟内存是什么? 虚拟内存是计算机操作系统中的一种技术&#xff0c;它将每个进程的内存空间划分成若干个固定大小的页&#xff0c;并通过页面映射技术将这些页与物理内存或磁盘上的页面文件进行交换 虚拟内存能干什么? 扩展了实际物理内存容量&#xff1a;虚拟内存使得每个…