CN110059630A - Secret protection can verify that outsourcing monitor video pedestrian recognition methods again - Google Patents
Secret protection can verify that outsourcing monitor video pedestrian recognition methods again Download PDFInfo
- Publication number
- CN110059630A CN110059630A CN201910317372.XA CN201910317372A CN110059630A CN 110059630 A CN110059630 A CN 110059630A CN 201910317372 A CN201910317372 A CN 201910317372A CN 110059630 A CN110059630 A CN 110059630A
- Authority
- CN
- China
- Prior art keywords
- storage service
- service device
- cloud storage
- authorized user
- cloud
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V20/00—Scenes; Scene-specific elements
- G06V20/40—Scenes; Scene-specific elements in video content
- G06V20/46—Extracting features or characteristics from the video content, e.g. video fingerprints, representative shots or key frames
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06V—IMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
- G06V20/00—Scenes; Scene-specific elements
- G06V20/50—Context or environment of the image
- G06V20/52—Surveillance or monitoring of activities, e.g. for recognising suspicious objects
- G06V20/53—Recognition of crowd images, e.g. recognition of crowd congestion
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
It can verify that outsourcing monitor video pedestrian recognition methods again the present invention relates to a kind of secret protection.Firstly, extracting effective pedestrian's feature using convolutional neural networks (CNN) and based on the supervision Hash (KSH) of kernel function;Then, a kind of Hamming distance calculating agreement based on secret sharing is designed, allows Cloud Server to calculate the similitude between ciphertext aspect indexing with this;In addition, proposing a kind of authentication mechanism based on Merkle Hash tree, user is allowed to check the correctness of matching result.For the method for the present invention while protecting the privacy of other irrelevant pedestrians, realize outsourcing monitor video can verify that pedestrian identifies again;And the information security of video data is taken into account while reducing local computing, communication overhead and file storage.
Description
Technical field
It can verify that outsourcing monitor video pedestrian recognition methods again the present invention relates to a kind of secret protection.
Background technique
With becoming increasingly popular for smart city and digital home's concept, used on a large scale in our daily life
Monitoring camera, these cameras are typically mounted on the places such as highway, supermarket, campus.In particular, criminal activity and
The attack of terrorism makes that security issues become increasingly urgent, is greatly promoted the fast development in monitoring camera market.2018, according to
BBC news report, China have disposed more than 1.7 hundred million monitoring cameras, it is contemplated that next three years will also will be installed 400,000,000 camera shootings
Head[1].Research and Markets predicts that video monitoring market will be with as the world-renowned market research agency
11.8% compound average growth rate increases, it is contemplated that 43,800,000,000 beauty in 2025 will be risen to from 18,300,000,000 in 2017 dollars
Member[2]。
Currently, the video data from monitoring camera is widely used in traffic monitoring, crime evidence obtaining and activity detection
Equal fields.Wherein, pedestrian identifies that an important process task as video data causes grinding for numerous scholars and enterprise again
Study carefully interest.The purpose that pedestrian identifies again in video data be retrieve from different places and different cameras it is interested
People[3](as shown in Figure 1).This means that can identify someone in a video camera whether in different times and ground
Point appears in other monitor videos.Currently, this task that pedestrian identifies again is widely used in many safety-related fields, especially
It is public safety field.For example, it can be easily identified in different monitoring video with the presence or absence of suspect.According to these
Information, police can soon grasp the whereabouts of suspect.With being continuously increased for camera quantity, produced a large amount of video
Data have been significantly greatly increased the storage of user and have calculated cost.It is estimated that global monitoring video data is daily more than 560PB[4], the video data of these magnanimity is not that the limited personal or enterprise of resource can be handled.
The mass memory of Cloud Server and powerful computing capability substantially reduce large-scale data processing cost[5].But
Problem is the storage location of the external bag data of user and data whether be tampered be to know nothing.In this case, user
Data safety and privacy there is the risk that is leaked.Conventional encryption algorithm is directlyed adopt before outer package operation to carry out data
Encryption is to ensure that a kind of common method of data confidentiality.But it can hinder being further processed for these encryption datas, such as
Pedestrian identifies again.In general, using the pedestrian of safety, the simple solution of identification technology is to download all encrypted videos again
Data, and decrypt them and be performed locally pedestrian and identify again.However, such operation to user bring it is high calculate and communicate at
This.Therefore, how to identify again to efficiently perform pedestrian by encryption outsourcing monitor video and guarantee video data confidentiality not
It is leaked and has become a task in the urgent need to address.
Currently, signal processing is carried out in the data of ciphertext and image has become very powerful and exceedingly arrogant research field,
Occur various research branches in succession, for example ciphertext text retrieval, cipher-image compression, ciphertext domain reversible information are hidden etc..Compared with
Text and image, the research that secret protection data processing is carried out on video is relatively fewer, especially in outsourcing ciphertext monitor video
Pedestrian identify the research almost blank of aspect again.In addition, another problem be Cloud Server may for its malicious intent and
Sub-fraction erroneous matching is returned as a result, saving carrying cost or concealing corrupted data or loss accident[6,7].Currently, this
Field still lacks a kind of feasible method, and can support the outsourcing monitor video of secret protection can verify that the pedestrian side of identification again
Case.
Bibliography:
[1]“Smart cameras catch man in 60,000crowd,”BBC News,April 13,2018,
https://www.bbc.com/news/world-asia-china-43751276.
[2]“Video surveillance market to 2025-global analysis and forecasts
by platforms(hardware and software),”https://www.researchandmarkets.com/
Research/zn5s9z/global video? w=5.
[3]Y.-C.Chen,X.Zhu,W.-S.Zheng,and J.-H.Lai,“Person re-identification
by camera correlation aware feature augmentation,”IEEE transactions on
pattern analysis and machine intelligence,vol.40,no.2,pp.392–408,2018.
[4]L.Tian,H.Wang,Y.Zhou,and C.Peng,“Video big data in smart city:
Background construction and optimization for surveillance video processing,”
Future Generation Computer Systems,2018.
[5]X.Liu,R.Deng,K.-K.R.Choo,Y.Yang,and H.Pang,“Privacy-preserving
outsourced calculation toolkit in the cloud,”IEEE Transactions on Dependable
and Secure Computing,2018.
[6]W.Sun,S.Yu,W.Lou,Y.T.Hou,and H.Li,“Protecting your right:
verifiable attribute-based keyword search with fine-grained owner-enforced
search authorization in the cloud,”IEEE Transactions on Parallel and
Distributed Systems,vol.27,no.4,pp.1187–1198,2016.
[7]Y.Miao,J.Weng,X.Liu,K.-K.R.Choo,Z.Liu,and H.Li,“Enabling
verifiable multiple keywords search over encrypted cloud data,”Information
Sciences,vol.465,pp.21–37,2018.。
Summary of the invention
It can verify that outsourcing monitor video pedestrian recognition methods again the purpose of the present invention is to provide a kind of secret protection, it should
For method while protecting the privacy of other irrelevant pedestrians, realize outsourcing monitor video can verify that pedestrian identifies again;And
The information security of video data has been taken into account while reducing local computing, communication overhead and file storage.
To achieve the above object, the technical scheme is that a kind of secret protection can verify that outsourcing monitor video row
People's recognition methods again, includes the following steps:
Step S1, firstly, content owner using convolutional neural networks CNN and supervision Hash KSH based on kernel function from
Effective pedestrian's feature vector is extracted in plaintext monitor video, constructs corresponding aspect indexing;Then, content owner uses and is based on
Aspect indexing is split as n sharing and is sent to cloud data server by the secret sharing method of CRT, during being somebody's turn to do, all encryptions
Monitor video and its corresponding identifier be all contracted out to cloud storage service device;
Step S2, the identification request of the cloud storage service device response contents owner, provides storage service for it and provides knowledge
Monitor video Ji Suan and not be returned;Authorized user will submit challenge information to cloud storage service device in the step, and cloud is deposited at this time
Storage server is responsible for responding the task of the initiation verifying matching result correctness of authorized user;
Step S3, cloud data server carrys out the sharing that the storage content owner is submitted using partial data memory space;
In addition, cloud data server executes modulus add operation to sharing, and the result after calculating is sent to cloud storage service device;
Step S4, the aspect indexing of inquiry is split as different piece by authorized user, and is sent them at random corresponding
Cloud data server, after the result for obtaining return, recovery Clear video is decrypted by key in authorized user;In addition, awarding
It weighs user and the challenge information of initiation is submitted into cloud storage service device, to verify the correctness of returned data.
In an embodiment of the present invention, in step S1, if plaintext monitor videoEncrypt corresponding ciphertext
Collection isEffective pedestrian's feature vectorIt is extracted from pedestrian image, pedestrian image is
From plaintext monitor videoThe key frame of middle acquisition.
In an embodiment of the present invention, in step S1, content owner uses the secret sharing method based on CRT by feature
Index be split as n sharing be sent to cloud data server the specific implementation process is as follows:
Step S11, z zero padding is charged to by content ownerTherefore,Dimension will be extended to (d+z), be expressed as
Step S12, after padding, content owner's random scrambling feature vectorAll elements position, displacement
Operation willIt is converted to
Step S13, it obtainsWhen, content owner randomly chooses positive odd number replacement 1, and randomly chooses positive even numbers replacement
0, here, the range of odd number or even number is selected to be set as [1, Γ],Different location in 1/0 can correspond to it is different
Odd/even, according to above-mentioned Substitution Rules, by all feature vectorsIt is revised as
Step S14, content owner continues to modifyThe value of element;Herein, it is further protected using flexible technologyInformation be not leaked, can come by the following method completed percentage modification
U '=us+ ε (4)
Wherein, u isThe value of middle element, s is scale factor and value is positive number, and ε is random noise, and value is uniformly divided
Cloth, i.e. ε~U (0, γ), (γ≤s);Here, s is disclosed, and allow withElement is different and different, and ε is content
The owner is privately owned;Finally, each pedestrian image piFeature vector be modified to
Then, content owner takesAs pedestrian image piAspect indexing Ii, i.e.,
Step S15, after the feature pretreatment Jing Guo above-mentioned steps, content owner is by IiIt is divided into n sharing
π(Ii)={ Ii,1,Ii,2,…,Ii,n} (6)
Ii,j=Ii mod mj (7)
Wherein, π () is represented by division function, is based on modulo operation, i.e. modmj, wherein prime number collection { mj}1≤j≤nIt is right
In cloud data server and cloud storage service device be known;
Assuming that IiW-th of ingredient be Ii(w), then its that corresponding sharing is
π(Ii(w))={ Ii,1(w),Ii,2(w),…,Ii,n(w)} (8)
Wherein,
Ii,j(w)=Ii(w)mod mj (9)
Step S16, finally, content owner is by the video file C of all encryptions and ID={ id1,…,idmUpload together
To cloud storage service device;In addition, eachN sharing be sent to corresponding cloud data server;These are shared
Mapping relations between the set D of cloud data server are as follows:
In an embodiment of the present invention, in the step S4, the aspect indexing of inquiry is split as different portions by authorized user
Point, and send them at random corresponding cloud data server the specific implementation process is as follows:
Authorized user is by the aspect indexing T of inquiryQIt is split as n part, meets following formula:
π(TQ)={ TQ,1,TQ,2,…,TQ,n} (11)
With
π(TQ(w))={ TQ,1(w),TQ,2(w),…,TQ,n(w)} (12)
TQ,j(w)=TQ(w)mod mj
Wherein, TQ,jIt (w) is TQW-th of element j-th of part
Then, authorized user is from { TQ,j}1≤j≤nMiddle random selection k sharing, and it is sent to n cloud data clothes at random respectively
K to be engaged in device.
In an embodiment of the present invention, in the step S4, the aspect indexing of inquiry is split as different portions by authorized user
Point, and after sending them to corresponding cloud data server at random, cloud data server and cloud storage service device will execute such as
Lower step:
Cloud data server executes and calculating process:
The aspect indexing T of given inquiryQWith pedestrian image piIndexThe d activated by authorized userj
A cloud data server is in mould mjLower execution add operation, and be expressed asI.e.
Wherein, g indicates the dimension of aspect indexing, and is equal to d+z;
It is any calculatingLater, djA cloud data server is by medianCloud is submitted to deposit
Store up server;
Cloud storage service device executes Similarity measures process:
When k intermediate result for obtaining k cloud data serverFollowing steps will be executed for cloud storage service device:
1) cloud storage service device uses CRT method to rebuild T firstQWith each IiBetween original and vectorSo
Afterwards, cloud storage service device is according to the diminution of scale factor s used in feature pretreatment stage and vectorAssuming thatFor { t1,t2,…,tg, it is after flexibleIt is calculated especially by following formula:
Cloud storage service device is based onCan calculate Q andBetween Hamming distance;
2) cloud storage service device carries out ascending sort to all Hamming distances, returns to most associated encryption video setAnd its corresponding identification sets ID '={ id '1,…,id′qGive authorized user.
In an embodiment of the present invention, in the step S4, the challenge information of initiation is submitted to cloud storage by authorized user
Server, with verify returned data correctness the specific implementation process is as follows:
(6-1), use MAC method by ID number for idiThe encrypted video file c of (i ∈ [1, m])iIt is generated with the key k of MAC
The value of MACWherein MAC () is safe MAC scheme;Accordingly, will generate one withFor element
MAC setI.e.
Later, MAC gathersIt is contracted out to cloud storage service device;
(6-2), pedestrian's recognition result again is being receivedLater, authorized user is first from setMiddle random selection subsetWherein { li}1≤i≤tIndicate that selected encrypted video existsIn position, and t≤q;Then, authorized user will choose
Fight information { li}1≤i≤tIt is sent to cloud storage service device;
(6-3), when obtaining challenge request from authorized user, cloud storage service device is based on challenge information { li}1≤i≤tBuilding
Two Merkle Hash numbers are responded;Wherein assume MAC collectionIt is ciphertext video subsetCorresponding MAC
Set;Firstly, a Merkle Hash tree MT is first constructed, in this tree, by calling hash function hT:{0,1}*→{0,1}κ
To calculate the cryptographic Hash of all leaf nodes;For intermediate node, cloud storage service device two direct son can be saved by Hash
The cryptographic Hash after merging is put to obtain the cryptographic Hash of the node;If only one child node, it can only pass through Hash
The cryptographic Hash of node calculates the cryptographic Hash of father node;In a similar way, cloud storage service device can calculate Merkle Hash
Set the cryptographic Hash of MT root nodeAnd it is sent to authorized user;In addition to Hash tree MT, cloud storage service device constructs second again
The method of Hash tree CT, construction are similar with Hash tree MT, the difference is that the leaf node of Hash tree CT is directly to be regarded with ciphertext
Frequency subsetAs input;Equally, the cryptographic Hash of a root node is ultimately generatedAnd it is sent to authorized user;
(6-4), it is receivingWithLater, corresponding also construction two Hash tree MT ' and CT ' of authorized user, and
Calculate separately out the cryptographic Hash of root nodeWithWherein, the input MAC collection of the leaf node of Hash tree MT '
It need to be calculated, i.e., be calculated by MAC method by authorized userMAC value, set generated is exactlyWherein
The key K for involving MAC is provided by way of sharing by corresponding content owner;As forConstruction process withIt is the same;
(6-5), authorized user pass through analysisWith it is correspondingBetween relationship differentiate row
People's recognition result again it is whether correct;IfIt then may determine that recognition result is correct;If
It then can determine that the recognition result of return is distorted by third party;IfAndThen confirm recognition result
It is to be distorted by cloud storage service device.
Compared to the prior art, the invention has the following advantages:
(1), the pedestrian of safety is supported to identify again, which is to protect the pedestrian of privacy again by the acquisition of outsourcing monitor video
The trial for the first time of identification, the application allow user to store to Cloud Server using by their data to obtain safe pedestrian again
Identification service;
(2), safe Hamming distance calculates, and the application constructs a kind of novel safe Hamming distance agreement;It allows
Cloud Server calculates Hamming distance in ciphertext data, and calculating process is without understanding clear content;
(3), without key encrypt, key generation centre be in general cryptographic system it is essential, it be responsible for management and
The private key of dispatch user.;But it depends on cipher key center unduly and easily generates heavy key escrow;The application is intended to permit
Family allowable encrypted feature in a manner of no key indexes;
(4), high-precision and low cost, the application capture constant pedestrian's feature using the function based on CNN, to obtain
Better matching performance;Moreover, KSH technology be used to reduce characteristic dimension, to reduce storage and communications cost;
(5), the pedestrian that can verify that identifies that the application develops a double Merkle Hash tree again, allows user's inspection
Correctness with result.
Detailed description of the invention
Fig. 1 is to show that pedestrian identifies problem again;
Fig. 2 is the foundation structure that pedestrian identifies again;
Fig. 3 is the overall framework of the method for the present invention;
Fig. 4 is the authentication mechanism based on double Merkle Hash trees.
Specific embodiment
With reference to the accompanying drawing, technical solution of the present invention is specifically described.
The effective pedestrian recognition methods again for secret protection that the present invention provides a kind of on outsourcing monitor video, it allows cloud
End server is executed in the case where not knowing clear content (such as video data and query information) of involved video data
Pedestrian's identification mission again.In order to obtain effective high-precision retrieval performance, program combination CNN model and KSH technology with two into
Form processed captures the validity feature in key frame of video;In order to realize, highly effective and safe is calculated between feature, and the application is utilized and is based on
The secret sharing technology of Chinese remainder theorem (CRT) specially devises the Hamming distance peace of a feature for binary representation
It is complete to calculate agreement, it is ensured that server accurately calculates the similarity between feature in ciphertext feature;In addition, utilizing Merkle
Hash tree constructs recognition result authentication mechanism, and purpose makes the server of malice and third party opponent that can not distort the matching of return
As a result, can determine the recognition result of return using authentication mechanism authorized user is distorted by server or third party.
A kind of specific secret protection of the present invention can verify that outsourcing monitor video pedestrian recognition methods again, including walk as follows
It is rapid:
Step S1, firstly, content owner using convolutional neural networks CNN and supervision Hash KSH based on kernel function from
Effective pedestrian's feature vector is extracted in plaintext monitor video, constructs corresponding aspect indexing;Then, content owner uses and is based on
Aspect indexing is split as n sharing and is sent to cloud data server by the secret sharing method of CRT, during being somebody's turn to do, all encryptions
Monitor video and its corresponding identifier be all contracted out to cloud storage service device;
Step S2, the identification request of the cloud storage service device response contents owner, provides storage service for it and provides knowledge
Monitor video Ji Suan and not be returned;Authorized user will submit challenge information to cloud storage service device in the step, and cloud is deposited at this time
Storage server is responsible for responding the task of the initiation verifying matching result correctness of authorized user;
Step S3, cloud data server carrys out the sharing that the storage content owner is submitted using partial data memory space;
In addition, cloud data server executes modulus add operation to sharing, and the result after calculating is sent to cloud storage service device;
Step S4, the aspect indexing of inquiry is split as different piece by authorized user, and is sent them at random corresponding
Cloud data server, after the result for obtaining return, recovery Clear video is decrypted by key in authorized user;In addition, awarding
It weighs user and the challenge information of initiation is submitted into cloud storage service device, to verify the correctness of returned data.
The following are specific implementation examples of the invention.
Hereinafter, CO refers to that content owner, CSS refer to that cloud storage service device, CDS refer to that cloud data server, AU refer to that authorization is used
Family.
Referring to fig. 2, the basic constructional design that pedestrian identifies again executes element the application according to it and mentions in cloud computing environment
The pedestrian for having gone out safety identifying schemes again, it mainly includes four directions: content owner, cloud storage service device, cloud data clothes
Be engaged in device and authorized user.
The specific implementation steps are as follows for it:
(1), content owner extracts feature vector from plaintext monitor video first, just can construct corresponding feature in this way
Index.Then, content owner sends cloud data server for the sharing of index using the secret sharing method based on CRT.
While this process generates, the monitor video of all encryptions and its corresponding identifier are all contracted out to cloud storage service device.
(2), cloud storage service device is requested primarily responsive to the identification of content owner, is provided storage service for it and is provided knowledge
Monitor video Ji Suan and not be returned.Authorized user will submit challenge information to cloud storage service device in the step, at this time cloud
Storage server is responsible for responding the task of the initiation verifying matching result correctness of authorized user.
(3), cloud data server will use some data spaces to store the sharing that user is submitted.In addition, cloud
Data server will have the computing capability that modulus add operation is executed to the sharing of aspect indexing, and the result after calculating is sent out
Give cloud storage service device.
(4), the aspect indexing of inquiry is split as different piece by authorized user, and sends them to corresponding cloud at random
Data server is not related to key among these.After obtaining the result returned, recovery can be decrypted in authorized user by key
Clear video.In addition, authorized user, which can will initiate challenge information, submits to cloud storage service device, to verify the correct of returned data
Property.
Embodiment two:
Assuming that Cloud Server is honest but curious model, (i.e. the application design is a set of by the FARRIS of the application design
Efficient secret protection pedestrian scheme) frame can realize that secret protection pedestrian identify again by encryption outsourcing monitor video and appoint
Business.
The application has carried out elaboration substantially to foundation structure required for pedestrian again identifying schemes in example one, then
Just specific implementation detail is further described on the basis of example one in the application.Special feature embodies as follows:
(1), key rule: for video file, the application is using traditional symmetric cryptography (for example, AES) come to outsourcing
Monitor video directly encrypts.In addition, using the secret sharing technology based on CRT, it can be achieved that content owner or authorized user
Aspect indexing is encrypted without key.No key characteristic will substantially reduce the cost of key management and storage, it can permit user will
Data be split as it is multiple obscure part, be not related to encryption key, as long as polymerization is a certain number of shared to rebuild original number
According to.
(2), index construct: as Fig. 3 step 1. shown in, content owner is by all video filesOne by one
Encryption, corresponding ciphertext collection areFeature vectorIt will be extracted from pedestrian image,
Pedestrian image is from Clear videoThe key frame of middle acquisition.Next, being pre-processed, aspect indexing is generated, is done so
Purpose is that cloud data server and cloud storage service device are leaked in order to avoid eigenvector information.Later, content owner makes
Each aspect indexing is split as n sharing with CRT method.
More specifically, in order to realize that safe Hamming distance calculates, it should carry out some modifications to feature vector in advance.In detail
Feelings are as follows:
Z zero padding is charged to by (2-1), COTherefore,Dimension will be extended to (d+z), be expressed as
This single stepping, mainly prevent due toDimension very little is inferred to original spy by way of exhaustion by CSS
The phenomenon that levying vector.
After (2-2), padding, CO random scrambling feature vectorAll elements position.Replacement operator willTurn
It is changed to
(2-3), it obtainsWhen, CO randomly chooses positive odd number replacement 1, and randomly chooses positive even numbers replacement 0.Here, it selects
The range of odd number or even number is set as [1, Γ].Note thatDifferent location in 1/0 can correspond to different odd number/idols
Number.According to above-mentioned Substitution Rules, CO is by all feature vectorsIt is revised as
The strategy of odd/even replacement is intended to change number 1 or 0 and remains the constant fact.
(2-4), after third revision, CO continues to modifyThe value of element.Herein, the application utilizes flexible skill
Art is further protectedInformation be not leaked.It can carry out completed percentage modification by the following method
U '=us+ ε (4)
Wherein u isThe value of middle element, s is scale factor and value is positive number, and ε is random noise, and value is uniformly divided
Cloth, i.e. ε~U (0, γ), (γ≤s).Here, s is disclosed, and allow withElement is different and different, and ε is for CO
It is privately owned.Finally, everyone image piFeature vector be modified to
Then, CO takesAs pedestrian image piAspect indexing Ii, i.e.,
This stretching step is in order to avoid the parity of positive number may be kept under modulo operation with certain probability
It is identical, it can be inferred that original feature vector so as to cause CDSIn 1 and 0 distribution situation.
(2-5), after the feature pretreatment into excessively aforementioned four amendment step, CO is by IiIt is divided into n sharing
π(Ii)={ Ii,1,Ii,2,…,Ii,n} (6)
Ii,j=Ii mod mj (7)
Wherein π () is represented by division function, it is based primarily upon modulo operation, i.e. mod mj, wherein prime number collection
{mj}1≤j≤nIt is known for CDS and CSS.
In fact, IiInstitute it is important executed respectively in FARRIS a π operation.Assuming that IiW-th of ingredient be Ii(w), then
Its that corresponding sharing is
π(Ii(w))={ Ii,1(w),Ii,2(w),…,Ii,n(w)} (8)
Wherein,
Ii,j(w)=Ii(w)mod mj (9)
(2-6), finally, CO by the video file of all encryptionsWith ID={ id1,…,idmCSS is uploaded to together.This
Outside, eachN sharing be sent to corresponding CDS.These share the set with CDSBetween mapping close
System is as follows:
(3), query generation: as Fig. 3 step 2. shown in, search index TQIt will be produced before outsourcing using above-mentioned four kinds of modifications
It is raw.It is similar with the split process of CO index, user is inquired by TQIt is split as the part n, meets following requirement.
π(TQ)={ TQ,1,TQ,2,…,TQ,n} (11)
With
π(TQ(w))={ TQ,1(w),TQ,2(w),…,TQ,n(w)} (12)
TQ,j(w)=TQ(w)mod mj
Wherein TQ,jIt (w) is TQW-th of element j-th of part.
Then, AU is from { TQ,j}1≤j≤nMiddle random selection k sharing, and k be sent at random in n CDS respectively.?
In this case, CSS is not necessarily to active transmission request to having the k CDS shared to rebuild secret to obtain, because by AU activation
K CDS can send CSS for in-between calculated result automatically.It will avoid the interaction between CDSs and CSS, reduces communication and opens
Pin.
(4) and calculate: as Fig. 3 step 3. shown in, once from inquiry user obtain inquire TQCorresponding sharing, accordingly
CDS begin to calculate separately its gained search index share share with all indexes being stored thereon between and.It is given
Search index TQWith anyone image piIndexThe d activated by AUjA CDS is in mould mjLower execution addition fortune
It calculates, and is expressed asThat is,
Wherein g indicates the dimension of aspect indexing, and is equal to d+z.
It is any calculatingLater, djA CDS is by medianSubmit to CSS.Due to final total
WithReconstruction be completed by the CSS of FARRIS, therefore any one CDS forValue be all one without institute
Know.Even if several CDS may be ganged up mutually, but only involved in CDS quantity be less than threshold value k when,Value be
It not will be leaked.
(5), Similarity measures: as Fig. 3 step 4. shown in, when obtain k intermediate resultCSS will execute following
Step:
(5-1), CSS use CRT method to rebuild T firstQWith each IiBetween original and vectorThen, CSS
According to the diminution of scale factor s used in feature pretreatment stage and vectorAssuming thatFor { t1,t2,…,
tg, it is after flexibleIt is calculated especially by following formula
Although CSS do not know original feature vector Q andBut it still can be based onTo calculate between them
Hamming distance.Hereinafter, the application briefly introduces calculating process:
As described in step (2) index construct algorithm,It is to be modified during feature vector pretreatment by first three
FromIt generates.Assuming that Q ' is inquiry Q by first three pretreated vector of modification.It is apparent that only when random noise ε≤
When s,Precisely Q ' andSum.It is well known that any two have 1 in the sum of binary vector of same dimension
Quantity be exactly equal to the Hamming distance between them, and 1 is again odd number.This means that Hamming distance be can by calculate and
Element is the quantity of odd number to acquire in vector.Although feature vector pretreatment after Q ' andWith corresponding original two into
Feature vector processed is dramatically different, but the sum between themIn the quantity of odd number but remain unchanged.Main cause is
Substitution Rules in step (2) index construct algorithmOriginal binary vector element will not be changed
Parity.In addition, the quantity invariance of odd number also not by (2-1) fill zero amendment step influenced because even number and still
It is so even number.Based on the above analysis, CSS can have the quantity of the element of odd number value by calculating, directly from they pre-
Manage the sum of feature vectorObtain Q andBetween Hamming distance.
(5-2), CSS carry out ascending sort to all Hamming distances, return to most associated encryption video set
And its corresponding identification sets ID '={ id '1,…,id′qGive authorized user.
(6), matching result is verified: in practical applications, Cloud Server is more likely to follow half honest but curiosity and with portion
Divide the model of malicious act.This means that the matching result that pedestrian identifies again can be forged or be distorted to Cloud Server.In order to solve
This problem, the application are that FARRIS is equipped with the mechanism that can verify that, to reinforce it, to resist half honest but curious and have
The model of part malicious act.In addition, the application may distort as a result, simultaneously in view of third party opponent in transmission process
CSS is also allowed for distort with third party opponent to make an excuse and covering the fact that oneself is real interpolater.In order to avoid discrimination
Justice, the application devises a kind of advanced authentication mechanism based on double Merkle Hash trees, for checking pedestrian's recognition result again
Correctness, and can also determine really to determine interpolater from CSS and third party opponent in authentication failed.It is crucial
Shown in steps are as follows:
The authentication mechanism of (6-1), here the application have used message authentication code (MAC) technology.MAC is that a kind of password is former
Language, for realizing the integrality and authentication property of message.Firstly, the application uses MAC method by ID number for idi(i ∈ [1, m])
Encrypted video file ciThe value of MAC is generated with the key k of MACWherein MAC () is the safe side MAC
Case (such as HMAC).Accordingly, will generate one withGather for the MAC of elementI.e.
Later, MAC gathersIt is contracted out to CSS, this step can be in step (2) index construct algorithm with all encryptions
Video file outsourcing together.
(6-2), pedestrian's recognition result again is being receivedLater, AU is first from setMiddle random selection subsetWherein { li}1≤i≤tIndicate that selected encrypted video existsIn position, and t≤q.Then, AU is by challenge information
{li}1≤i≤tIt is sent to CSS.
(6-3), when obtaining challenge request from AU, CSS is based on challenge information { li}1≤i≤tConstruct two Merkle Hash
Number is responded, as shown in Figure 4.Wherein assume MAC collectionIt is ciphertext video subsetThe collection of corresponding MAC
It closes.Firstly, a Merkle Hash tree MT is first constructed, in this tree, by calling hash function hT:{0,1}*→{0,1}κCome
Calculate the cryptographic Hash of all leaf nodes (using the MAC value of corresponding ciphertext video as input).For intermediate node, CSS can be with
Cryptographic Hash after two direct child node merges by Hash obtains the cryptographic Hash of the node.If only one sub- section
Point then can only calculate the cryptographic Hash of father node by the cryptographic Hash of the Hash child node.In a similar way, CSS can be counted
Calculate the cryptographic Hash of Merkle Hash tree MT root nodeAnd it is sent to AU.In addition to Hash tree MT, CSS constructs second Kazakhstan again
Uncommon tree CT, the method for construction is similar with Hash tree MT, the difference is that the leaf node of Hash tree CT is directly with ciphertext video
SubsetAs input.Equally, the cryptographic Hash of a root node is ultimately generatedAnd it is sent to AU.
(6-4), it is receivingWithLater, AU is corresponding also constructs two Hash tree MT ' and CT ', and counts respectively
Calculate the cryptographic Hash of root nodeWithWherein, the input MAC collection of the leaf node of Hash tree MT 'It need to be by AU
Oneself is calculated, i.e., is calculated by MAC methodMAC value, set generated is exactlyWherein involve
The key K of MAC is provided by way of sharing by corresponding CO.As forConstruction process withIt is the same.
(6-5), AU pass through analysisWith it is correspondingBetween relationship differentiate that pedestrian knows again
Other result it is whether correct.IfIt then may determine that recognition result is correct;IfCan then it sentence
Surely the recognition result returned is distorted by third party;IfAndThen confirm that recognition result is by CSS
It distorts.
Characteristic of the invention is:
With both sides characteristic: first is that collaboration considers that monitor video data safety and pedestrian identify two links again, grinding
Study carefully video data, the secret protection of pedestrian's feature and subsequent similarity measurement calculate, solve video data safety and outer
Wrap the contradiction of pedestrian's identification mission again;Second is that the validation problem of recognition result correctness is converted into Hash root vertex cryptographic Hash
Determine, it is possible to provide data integrity validation and source of distorting determine two kinds of services.
The above are preferred embodiments of the present invention, all any changes made according to the technical solution of the present invention, and generated function is made
When with range without departing from technical solution of the present invention, all belong to the scope of protection of the present invention.
Claims (6)
1. a kind of secret protection can verify that outsourcing monitor video pedestrian recognition methods again, which comprises the steps of:
Step S1, firstly, content owner utilizes convolutional neural networks CNN and the supervision Hash KSH based on kernel function from plain text
Effective pedestrian's feature vector is extracted in monitor video, constructs corresponding aspect indexing;Then, content owner, which uses, is based on CRT
Secret sharing method aspect indexing be split as n sharing be sent to cloud data server, should during, the prison of all encryptions
Control video and its corresponding identifier are all contracted out to cloud storage service device;
Step S2, the identification request of the cloud storage service device response contents owner provides storage service for it and provides identification meter
Calculate and return monitor video;Authorized user will submit challenge information to cloud storage service device in the step, and cloud storage takes at this time
Business device is responsible for responding the task of the initiation verifying matching result correctness of authorized user;
Step S3, cloud data server carrys out the sharing that the storage content owner is submitted using partial data memory space;In addition,
Cloud data server executes modulus add operation to sharing, and the result after calculating is sent to cloud storage service device;
Step S4, the aspect indexing of inquiry is split as different piece by authorized user, and sends them to corresponding cloud at random
Data server, after the result for obtaining return, recovery Clear video is decrypted by key in authorized user;In addition, authorization is used
The challenge information of initiation is submitted to cloud storage service device by family, to verify the correctness of returned data.
2. secret protection according to claim 1 can verify that outsourcing monitor video pedestrian recognition methods again, feature exists
In in step S1, if plaintext monitor videoEncrypting corresponding ciphertext collection isEffective pedestrian
Feature vectorIt is extracted from pedestrian image, pedestrian image is from plaintext monitor videoThe pass of middle acquisition
Key frame.
3. secret protection according to claim 2 can verify that outsourcing monitor video pedestrian recognition methods again, feature exists
In in step S1, aspect indexing is split as n sharing using the secret sharing method based on CRT and is sent to by content owner
Cloud data server the specific implementation process is as follows:
Step S11, z zero padding is charged to by content ownerTherefore,Dimension will be extended to (d+z), be expressed as
Step S12, after padding, content owner's random scrambling feature vectorAll elements position, replacement operator
It willIt is converted to
Step S13, it obtainsWhen, content owner randomly chooses positive odd number replacement 1, and randomly chooses positive even numbers replacement 0, this
In, select the range of odd number or even number to be set as [1, Γ],Different location in 1/0 can correspond to different odd numbers/
Even number, according to above-mentioned Substitution Rules, by all feature vectorsIt is revised as
Step S14, content owner continues to modifyThe value of element;Herein, it is further protected using flexible technologyLetter
Breath is not leaked, and can carry out completed percentage modification by the following method
U '=us+ ε (4)
Wherein, u isThe value of middle element, s is scale factor and value is positive number, and ε is random noise, and value is uniformly distributed, i.e.,
ε~U (0, γ), (γ≤s);Here, s is disclosed, and allow withElement is different and different, and ε is content owner
Privately owned;Finally, each pedestrian image piFeature vector be modified to
Then, content owner takesAs pedestrian image piAspect indexing Ii, i.e.,
Step S15, after the feature pretreatment Jing Guo above-mentioned steps, content owner is by IiIt is divided into n sharing
π(Ii)={ Ii,1,Ii,2,…,Ii,n} (6)
Ii,j=Ii mod mj (7)
Wherein, π () is represented by division function, is based on modulo operation, i.e. modmj, wherein prime number collection { mj}1≤j≤nFor cloud
Data server and cloud storage service device are known;
Assuming that IiW-th of ingredient be Ii(w), then its that corresponding sharing is
π(Ii(w))={ Ii,1(w),Ii,2(w),…,Ii,n(w)} (8)
Wherein,
Ii,j(w)=Ii(w)mod mj (9)
Step S16, finally, content owner is by the video file of all encryptionsWith ID={ id1,…,idmUpload to together
Cloud storage service device;In addition, eachN sharing be sent to corresponding cloud data server;These share with
The set of cloud data serverBetween mapping relations it is as follows:
4. secret protection according to claim 3 can verify that outsourcing monitor video pedestrian recognition methods again, feature exists
In in the step S4, the aspect indexing of inquiry is split as different piece by authorized user, and is sent them at random corresponding
Cloud data server the specific implementation process is as follows:
Authorized user is by the aspect indexing T of inquiryQIt is split as n part, meets following formula:
π(TQ)={ TQ,1,TQ,2,…,TQ,n} (11)
With
π(TQ(w))={ TQ,1(w),TQ,2(w),…,TQ,n(w)} (12)
TQ,j(w)=TQ(w)modmj
Wherein, TQ,jIt (w) is TQW-th of element j-th of part
Then, authorized user is from { TQ,j}1≤j≤nMiddle random selection k sharing, and it is sent to n cloud data server at random respectively
In k.
5. secret protection according to claim 4 can verify that outsourcing monitor video pedestrian recognition methods again, feature exists
In in the step S4, the aspect indexing of inquiry is split as different piece by authorized user, and is sent them at random corresponding
Cloud data server after, cloud data server and cloud storage service device will execute following steps:
Cloud data server executes and calculating process:
The aspect indexing T of given inquiryQWith pedestrian image piIndexThe d activated by authorized userjA cloud number
According to server in mould mjLower execution add operation, and be expressed asI.e.
Wherein, g indicates the dimension of aspect indexing, and is equal to d+z;
It is any calculatingLater, djA cloud data server is by medianSubmit to cloud storage clothes
Business device;
Cloud storage service device executes Similarity measures process:
When k intermediate result for obtaining k cloud data serverFollowing steps will be executed for cloud storage service device:
1) cloud storage service device uses CRT method to rebuild T firstQWith each IiBetween original and vectorThen, cloud
Storage server is reduced according to scale factor s used in feature pretreatment stage and vectorAssuming thatFor
{t1,t2,…,tg, it is after flexibleIt is calculated especially by following formula:
Cloud storage service device is based onCan calculate Q andBetween Hamming distance;
2) cloud storage service device carries out ascending sort to all Hamming distances, returns to most associated encryption video set
And its corresponding identification sets ID '={ id1′,…,idq' give authorized user.
6. secret protection according to claim 5 can verify that outsourcing monitor video pedestrian recognition methods again, feature exists
In in the step S4, the challenge information of initiation is submitted to cloud storage service device by authorized user, to verify returned data just
True property the specific implementation process is as follows:
(6-1), use MAC method by ID number for idiThe encrypted video file c of (i ∈ [1, m])iMAC is generated with the key k of MAC
ValueWherein MAC () is safe MAC scheme;Accordingly, will generate one withFor element
MAC setI.e.
Later, MAC gathersIt is contracted out to cloud storage service device;
(6-2), pedestrian's recognition result again is being receivedLater, authorized user is first from setMiddle random selection subsetWherein { li}1≤i≤tIndicate that selected encrypted video existsIn position, and t≤q;Then, authorized user will choose
Fight information { li}1≤i≤tIt is sent to cloud storage service device;
(6-3), when obtaining challenge request from authorized user, cloud storage service device is based on challenge information { li}1≤i≤tBuilding two
Merkle Hash number is responded;Wherein assume MAC collectionIt is ciphertext video subsetThe collection of corresponding MAC
It closes;Firstly, a Merkle Hash tree MT is first constructed, in this tree, by calling hash function hT:{0,1}*→{0,1}κCome
Calculate the cryptographic Hash of all leaf nodes;For intermediate node, cloud storage service device can by Hash two direct child node
Cryptographic Hash after merging obtains the cryptographic Hash of the node;If only one child node, it can only pass through the Hash section
The cryptographic Hash of point calculates the cryptographic Hash of father node;In a similar way, cloud storage service device can calculate Merkle Hash tree
The cryptographic Hash of MT root nodeAnd it is sent to authorized user;In addition to Hash tree MT, cloud storage service device constructs second Kazakhstan again
Uncommon tree CT, the method for construction is similar with Hash tree MT, the difference is that the leaf node of Hash tree CT is directly with ciphertext video
SubsetAs input;Equally, the cryptographic Hash of a root node is ultimately generatedAnd it is sent to authorized user;
(6-4), it is receivingWithLater, authorized user is corresponding also constructs two Hash tree MT ' and CT ', and respectively
Calculate the cryptographic Hash of root nodeWithWherein, the input MAC collection of the leaf node of Hash tree MT 'It need to be by
Authorized user calculates, i.e., is calculated by MAC methodMAC value, set generated is exactlyWherein involve
Key K to MAC is provided by way of sharing by corresponding content owner;As forConstruction process withOne mould
Equally;
(6-5), authorized user pass through analysisWith it is correspondingBetween relationship differentiate the pedestrian again
Recognition result it is whether correct;IfIt then may determine that recognition result is correct;IfThen may be used
Determine that the recognition result returned is distorted by third party;IfAndThen confirm recognition result be by
Cloud storage service device is distorted.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910317372.XA CN110059630B (en) | 2019-04-19 | 2019-04-19 | Verifiable outsourced monitoring video pedestrian re-identification method with privacy protection |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910317372.XA CN110059630B (en) | 2019-04-19 | 2019-04-19 | Verifiable outsourced monitoring video pedestrian re-identification method with privacy protection |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110059630A true CN110059630A (en) | 2019-07-26 |
CN110059630B CN110059630B (en) | 2022-06-14 |
Family
ID=67319767
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910317372.XA Active CN110059630B (en) | 2019-04-19 | 2019-04-19 | Verifiable outsourced monitoring video pedestrian re-identification method with privacy protection |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110059630B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111291411A (en) * | 2020-02-13 | 2020-06-16 | 福州大学 | Safe video anomaly detection system and method based on convolutional neural network |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103152556A (en) * | 2013-03-15 | 2013-06-12 | 云南大学 | Surveillance video encryption method for protecting privacy |
CN106980641A (en) * | 2017-02-09 | 2017-07-25 | 上海交通大学 | The quick picture retrieval system of unsupervised Hash and method based on convolutional neural networks |
CN108768951A (en) * | 2018-05-03 | 2018-11-06 | 上海海事大学 | The data encryption of protection file privacy and search method under a kind of cloud environment |
CN109104440A (en) * | 2018-10-22 | 2018-12-28 | 青岛大学 | The cloud storage big data integrity verification method of internet of things oriented mobile terminal device |
CN109145829A (en) * | 2018-08-24 | 2019-01-04 | 中共中央办公厅电子科技学院 | A kind of safe and efficient face identification method based on deep learning and homomorphic cryptography |
-
2019
- 2019-04-19 CN CN201910317372.XA patent/CN110059630B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103152556A (en) * | 2013-03-15 | 2013-06-12 | 云南大学 | Surveillance video encryption method for protecting privacy |
CN106980641A (en) * | 2017-02-09 | 2017-07-25 | 上海交通大学 | The quick picture retrieval system of unsupervised Hash and method based on convolutional neural networks |
CN108768951A (en) * | 2018-05-03 | 2018-11-06 | 上海海事大学 | The data encryption of protection file privacy and search method under a kind of cloud environment |
CN109145829A (en) * | 2018-08-24 | 2019-01-04 | 中共中央办公厅电子科技学院 | A kind of safe and efficient face identification method based on deep learning and homomorphic cryptography |
CN109104440A (en) * | 2018-10-22 | 2018-12-28 | 青岛大学 | The cloud storage big data integrity verification method of internet of things oriented mobile terminal device |
Non-Patent Citations (4)
Title |
---|
CHENG, HANG ET AL.: "Person Re-Identification over Encrypted Outsourced Surveillance Videos", 《IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING》 * |
FU, ZHANGJIE ET AL.: "Privacy-Preserving Smart Semantic Search Based on Conceptual Graphs Over Encrypted Outsourced Data", 《IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY》 * |
孙思: "基于SGX的人脸识别隐私保护方案的设计与实现", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》 * |
罗永松: "协同监控系统中视觉隐私保护技术研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111291411A (en) * | 2020-02-13 | 2020-06-16 | 福州大学 | Safe video anomaly detection system and method based on convolutional neural network |
CN111291411B (en) * | 2020-02-13 | 2022-12-23 | 福州大学 | Safe video anomaly detection system and method based on convolutional neural network |
Also Published As
Publication number | Publication date |
---|---|
CN110059630B (en) | 2022-06-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10296248B2 (en) | Turn-control rewritable blockchain | |
AU2017269736B2 (en) | Multiple-link cryptologic blockchain | |
US10917249B2 (en) | Processing data elements stored in blockchain networks | |
CN101401341A (en) | Secure data parser method and system | |
CN103636160A (en) | Secure file sharing method and system | |
Hasan et al. | Cloud data provenance using IPFS and blockchain technology | |
US20230059580A1 (en) | Blockchain with random committee selection | |
CN114021164B (en) | Credit system privacy protection method based on block chain | |
Zhao et al. | A blockchain-facilitated secure sensing data processing and logging system | |
Yoosuf | Lightweight fog‐centric auditing scheme to verify integrity of IoT healthcare data in the cloud environment | |
US11924348B2 (en) | Honest behavior enforcement via blockchain | |
Mishra et al. | Enhancing privacy‐preserving mechanisms in Cloud storage: A novel conceptual framework | |
Li et al. | BEIR: A blockchain-based encrypted image retrieval scheme | |
CN117454442A (en) | Anonymous security and traceable distributed digital evidence obtaining method and system | |
CN110059630A (en) | Secret protection can verify that outsourcing monitor video pedestrian recognition methods again | |
CN117037988A (en) | Electronic medical record storage method and device based on blockchain | |
Szymoniak | Using a security protocol to protect against false links | |
AU2021103828A4 (en) | A novel system and auditing technique for cloud based digital forensic readiness with integrity and privacy preservation of health care data | |
Brandao | Cloud computing security | |
Fan et al. | Cloud-based lightweight RFID healthcare privacy protection protocol | |
Joseph et al. | Design a hybrid optimization and homomorphic encryption for securing data in a cloud environment | |
Keerthana et al. | Slicing, Tokenization, and Encryption Based Combinational Approach to Protect Data-at-Rest in Cloud Using TF-Sec Model | |
Tharani et al. | A blockchain-based database management system | |
Ravimaran et al. | Robust Security With Strong Authentication in Mobile Cloud Computing Based on Trefoil Congruity Framework | |
Wang et al. | RCDS: a right-confirmable data-sharing model based on symbol mapping coding and blockchain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |