CN110059630A - Secret protection can verify that outsourcing monitor video pedestrian recognition methods again - Google Patents

Secret protection can verify that outsourcing monitor video pedestrian recognition methods again Download PDF

Info

Publication number
CN110059630A
CN110059630A CN201910317372.XA CN201910317372A CN110059630A CN 110059630 A CN110059630 A CN 110059630A CN 201910317372 A CN201910317372 A CN 201910317372A CN 110059630 A CN110059630 A CN 110059630A
Authority
CN
China
Prior art keywords
storage service
service device
cloud storage
authorized user
cloud
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910317372.XA
Other languages
Chinese (zh)
Other versions
CN110059630B (en
Inventor
程航
黄逸冰
方艳
王美清
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fuzhou University
Original Assignee
Fuzhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fuzhou University filed Critical Fuzhou University
Priority to CN201910317372.XA priority Critical patent/CN110059630B/en
Publication of CN110059630A publication Critical patent/CN110059630A/en
Application granted granted Critical
Publication of CN110059630B publication Critical patent/CN110059630B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V20/00Scenes; Scene-specific elements
    • G06V20/40Scenes; Scene-specific elements in video content
    • G06V20/46Extracting features or characteristics from the video content, e.g. video fingerprints, representative shots or key frames
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V20/00Scenes; Scene-specific elements
    • G06V20/50Context or environment of the image
    • G06V20/52Surveillance or monitoring of activities, e.g. for recognising suspicious objects
    • G06V20/53Recognition of crowd images, e.g. recognition of crowd congestion

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

It can verify that outsourcing monitor video pedestrian recognition methods again the present invention relates to a kind of secret protection.Firstly, extracting effective pedestrian's feature using convolutional neural networks (CNN) and based on the supervision Hash (KSH) of kernel function;Then, a kind of Hamming distance calculating agreement based on secret sharing is designed, allows Cloud Server to calculate the similitude between ciphertext aspect indexing with this;In addition, proposing a kind of authentication mechanism based on Merkle Hash tree, user is allowed to check the correctness of matching result.For the method for the present invention while protecting the privacy of other irrelevant pedestrians, realize outsourcing monitor video can verify that pedestrian identifies again;And the information security of video data is taken into account while reducing local computing, communication overhead and file storage.

Description

Secret protection can verify that outsourcing monitor video pedestrian recognition methods again
Technical field
It can verify that outsourcing monitor video pedestrian recognition methods again the present invention relates to a kind of secret protection.
Background technique
With becoming increasingly popular for smart city and digital home's concept, used on a large scale in our daily life Monitoring camera, these cameras are typically mounted on the places such as highway, supermarket, campus.In particular, criminal activity and The attack of terrorism makes that security issues become increasingly urgent, is greatly promoted the fast development in monitoring camera market.2018, according to BBC news report, China have disposed more than 1.7 hundred million monitoring cameras, it is contemplated that next three years will also will be installed 400,000,000 camera shootings Head[1].Research and Markets predicts that video monitoring market will be with as the world-renowned market research agency 11.8% compound average growth rate increases, it is contemplated that 43,800,000,000 beauty in 2025 will be risen to from 18,300,000,000 in 2017 dollars Member[2]
Currently, the video data from monitoring camera is widely used in traffic monitoring, crime evidence obtaining and activity detection Equal fields.Wherein, pedestrian identifies that an important process task as video data causes grinding for numerous scholars and enterprise again Study carefully interest.The purpose that pedestrian identifies again in video data be retrieve from different places and different cameras it is interested People[3](as shown in Figure 1).This means that can identify someone in a video camera whether in different times and ground Point appears in other monitor videos.Currently, this task that pedestrian identifies again is widely used in many safety-related fields, especially It is public safety field.For example, it can be easily identified in different monitoring video with the presence or absence of suspect.According to these Information, police can soon grasp the whereabouts of suspect.With being continuously increased for camera quantity, produced a large amount of video Data have been significantly greatly increased the storage of user and have calculated cost.It is estimated that global monitoring video data is daily more than 560PB[4], the video data of these magnanimity is not that the limited personal or enterprise of resource can be handled.
The mass memory of Cloud Server and powerful computing capability substantially reduce large-scale data processing cost[5].But Problem is the storage location of the external bag data of user and data whether be tampered be to know nothing.In this case, user Data safety and privacy there is the risk that is leaked.Conventional encryption algorithm is directlyed adopt before outer package operation to carry out data Encryption is to ensure that a kind of common method of data confidentiality.But it can hinder being further processed for these encryption datas, such as Pedestrian identifies again.In general, using the pedestrian of safety, the simple solution of identification technology is to download all encrypted videos again Data, and decrypt them and be performed locally pedestrian and identify again.However, such operation to user bring it is high calculate and communicate at This.Therefore, how to identify again to efficiently perform pedestrian by encryption outsourcing monitor video and guarantee video data confidentiality not It is leaked and has become a task in the urgent need to address.
Currently, signal processing is carried out in the data of ciphertext and image has become very powerful and exceedingly arrogant research field, Occur various research branches in succession, for example ciphertext text retrieval, cipher-image compression, ciphertext domain reversible information are hidden etc..Compared with Text and image, the research that secret protection data processing is carried out on video is relatively fewer, especially in outsourcing ciphertext monitor video Pedestrian identify the research almost blank of aspect again.In addition, another problem be Cloud Server may for its malicious intent and Sub-fraction erroneous matching is returned as a result, saving carrying cost or concealing corrupted data or loss accident[6,7].Currently, this Field still lacks a kind of feasible method, and can support the outsourcing monitor video of secret protection can verify that the pedestrian side of identification again Case.
Bibliography:
[1]“Smart cameras catch man in 60,000crowd,”BBC News,April 13,2018, https://www.bbc.com/news/world-asia-china-43751276.
[2]“Video surveillance market to 2025-global analysis and forecasts by platforms(hardware and software),”https://www.researchandmarkets.com/ Research/zn5s9z/global video? w=5.
[3]Y.-C.Chen,X.Zhu,W.-S.Zheng,and J.-H.Lai,“Person re-identification by camera correlation aware feature augmentation,”IEEE transactions on pattern analysis and machine intelligence,vol.40,no.2,pp.392–408,2018.
[4]L.Tian,H.Wang,Y.Zhou,and C.Peng,“Video big data in smart city: Background construction and optimization for surveillance video processing,” Future Generation Computer Systems,2018.
[5]X.Liu,R.Deng,K.-K.R.Choo,Y.Yang,and H.Pang,“Privacy-preserving outsourced calculation toolkit in the cloud,”IEEE Transactions on Dependable and Secure Computing,2018.
[6]W.Sun,S.Yu,W.Lou,Y.T.Hou,and H.Li,“Protecting your right: verifiable attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud,”IEEE Transactions on Parallel and Distributed Systems,vol.27,no.4,pp.1187–1198,2016.
[7]Y.Miao,J.Weng,X.Liu,K.-K.R.Choo,Z.Liu,and H.Li,“Enabling verifiable multiple keywords search over encrypted cloud data,”Information Sciences,vol.465,pp.21–37,2018.。
Summary of the invention
It can verify that outsourcing monitor video pedestrian recognition methods again the purpose of the present invention is to provide a kind of secret protection, it should For method while protecting the privacy of other irrelevant pedestrians, realize outsourcing monitor video can verify that pedestrian identifies again;And The information security of video data has been taken into account while reducing local computing, communication overhead and file storage.
To achieve the above object, the technical scheme is that a kind of secret protection can verify that outsourcing monitor video row People's recognition methods again, includes the following steps:
Step S1, firstly, content owner using convolutional neural networks CNN and supervision Hash KSH based on kernel function from Effective pedestrian's feature vector is extracted in plaintext monitor video, constructs corresponding aspect indexing;Then, content owner uses and is based on Aspect indexing is split as n sharing and is sent to cloud data server by the secret sharing method of CRT, during being somebody's turn to do, all encryptions Monitor video and its corresponding identifier be all contracted out to cloud storage service device;
Step S2, the identification request of the cloud storage service device response contents owner, provides storage service for it and provides knowledge Monitor video Ji Suan and not be returned;Authorized user will submit challenge information to cloud storage service device in the step, and cloud is deposited at this time Storage server is responsible for responding the task of the initiation verifying matching result correctness of authorized user;
Step S3, cloud data server carrys out the sharing that the storage content owner is submitted using partial data memory space; In addition, cloud data server executes modulus add operation to sharing, and the result after calculating is sent to cloud storage service device;
Step S4, the aspect indexing of inquiry is split as different piece by authorized user, and is sent them at random corresponding Cloud data server, after the result for obtaining return, recovery Clear video is decrypted by key in authorized user;In addition, awarding It weighs user and the challenge information of initiation is submitted into cloud storage service device, to verify the correctness of returned data.
In an embodiment of the present invention, in step S1, if plaintext monitor videoEncrypt corresponding ciphertext Collection isEffective pedestrian's feature vectorIt is extracted from pedestrian image, pedestrian image is From plaintext monitor videoThe key frame of middle acquisition.
In an embodiment of the present invention, in step S1, content owner uses the secret sharing method based on CRT by feature Index be split as n sharing be sent to cloud data server the specific implementation process is as follows:
Step S11, z zero padding is charged to by content ownerTherefore,Dimension will be extended to (d+z), be expressed as
Step S12, after padding, content owner's random scrambling feature vectorAll elements position, displacement Operation willIt is converted to
Step S13, it obtainsWhen, content owner randomly chooses positive odd number replacement 1, and randomly chooses positive even numbers replacement 0, here, the range of odd number or even number is selected to be set as [1, Γ],Different location in 1/0 can correspond to it is different Odd/even, according to above-mentioned Substitution Rules, by all feature vectorsIt is revised as
Step S14, content owner continues to modifyThe value of element;Herein, it is further protected using flexible technologyInformation be not leaked, can come by the following method completed percentage modification
U '=us+ ε (4)
Wherein, u isThe value of middle element, s is scale factor and value is positive number, and ε is random noise, and value is uniformly divided Cloth, i.e. ε~U (0, γ), (γ≤s);Here, s is disclosed, and allow withElement is different and different, and ε is content The owner is privately owned;Finally, each pedestrian image piFeature vector be modified to
Then, content owner takesAs pedestrian image piAspect indexing Ii, i.e.,
Step S15, after the feature pretreatment Jing Guo above-mentioned steps, content owner is by IiIt is divided into n sharing
π(Ii)={ Ii,1,Ii,2,…,Ii,n} (6)
Ii,j=Ii mod mj (7)
Wherein, π () is represented by division function, is based on modulo operation, i.e. modmj, wherein prime number collection { mj}1≤j≤nIt is right In cloud data server and cloud storage service device be known;
Assuming that IiW-th of ingredient be Ii(w), then its that corresponding sharing is
π(Ii(w))={ Ii,1(w),Ii,2(w),…,Ii,n(w)} (8)
Wherein,
Ii,j(w)=Ii(w)mod mj (9)
Step S16, finally, content owner is by the video file C of all encryptions and ID={ id1,…,idmUpload together To cloud storage service device;In addition, eachN sharing be sent to corresponding cloud data server;These are shared Mapping relations between the set D of cloud data server are as follows:
In an embodiment of the present invention, in the step S4, the aspect indexing of inquiry is split as different portions by authorized user Point, and send them at random corresponding cloud data server the specific implementation process is as follows:
Authorized user is by the aspect indexing T of inquiryQIt is split as n part, meets following formula:
π(TQ)={ TQ,1,TQ,2,…,TQ,n} (11)
With
π(TQ(w))={ TQ,1(w),TQ,2(w),…,TQ,n(w)} (12)
TQ,j(w)=TQ(w)mod mj
Wherein, TQ,jIt (w) is TQW-th of element j-th of part
Then, authorized user is from { TQ,j}1≤j≤nMiddle random selection k sharing, and it is sent to n cloud data clothes at random respectively K to be engaged in device.
In an embodiment of the present invention, in the step S4, the aspect indexing of inquiry is split as different portions by authorized user Point, and after sending them to corresponding cloud data server at random, cloud data server and cloud storage service device will execute such as Lower step:
Cloud data server executes and calculating process:
The aspect indexing T of given inquiryQWith pedestrian image piIndexThe d activated by authorized userj A cloud data server is in mould mjLower execution add operation, and be expressed asI.e.
Wherein, g indicates the dimension of aspect indexing, and is equal to d+z;
It is any calculatingLater, djA cloud data server is by medianCloud is submitted to deposit Store up server;
Cloud storage service device executes Similarity measures process:
When k intermediate result for obtaining k cloud data serverFollowing steps will be executed for cloud storage service device:
1) cloud storage service device uses CRT method to rebuild T firstQWith each IiBetween original and vectorSo Afterwards, cloud storage service device is according to the diminution of scale factor s used in feature pretreatment stage and vectorAssuming thatFor { t1,t2,…,tg, it is after flexibleIt is calculated especially by following formula:
Cloud storage service device is based onCan calculate Q andBetween Hamming distance;
2) cloud storage service device carries out ascending sort to all Hamming distances, returns to most associated encryption video setAnd its corresponding identification sets ID '={ id '1,…,id′qGive authorized user.
In an embodiment of the present invention, in the step S4, the challenge information of initiation is submitted to cloud storage by authorized user Server, with verify returned data correctness the specific implementation process is as follows:
(6-1), use MAC method by ID number for idiThe encrypted video file c of (i ∈ [1, m])iIt is generated with the key k of MAC The value of MACWherein MAC () is safe MAC scheme;Accordingly, will generate one withFor element MAC setI.e.
Later, MAC gathersIt is contracted out to cloud storage service device;
(6-2), pedestrian's recognition result again is being receivedLater, authorized user is first from setMiddle random selection subsetWherein { li}1≤i≤tIndicate that selected encrypted video existsIn position, and t≤q;Then, authorized user will choose Fight information { li}1≤i≤tIt is sent to cloud storage service device;
(6-3), when obtaining challenge request from authorized user, cloud storage service device is based on challenge information { li}1≤i≤tBuilding Two Merkle Hash numbers are responded;Wherein assume MAC collectionIt is ciphertext video subsetCorresponding MAC Set;Firstly, a Merkle Hash tree MT is first constructed, in this tree, by calling hash function hT:{0,1}*→{0,1}κ To calculate the cryptographic Hash of all leaf nodes;For intermediate node, cloud storage service device two direct son can be saved by Hash The cryptographic Hash after merging is put to obtain the cryptographic Hash of the node;If only one child node, it can only pass through Hash The cryptographic Hash of node calculates the cryptographic Hash of father node;In a similar way, cloud storage service device can calculate Merkle Hash Set the cryptographic Hash of MT root nodeAnd it is sent to authorized user;In addition to Hash tree MT, cloud storage service device constructs second again The method of Hash tree CT, construction are similar with Hash tree MT, the difference is that the leaf node of Hash tree CT is directly to be regarded with ciphertext Frequency subsetAs input;Equally, the cryptographic Hash of a root node is ultimately generatedAnd it is sent to authorized user;
(6-4), it is receivingWithLater, corresponding also construction two Hash tree MT ' and CT ' of authorized user, and Calculate separately out the cryptographic Hash of root nodeWithWherein, the input MAC collection of the leaf node of Hash tree MT ' It need to be calculated, i.e., be calculated by MAC method by authorized userMAC value, set generated is exactlyWherein The key K for involving MAC is provided by way of sharing by corresponding content owner;As forConstruction process withIt is the same;
(6-5), authorized user pass through analysisWith it is correspondingBetween relationship differentiate row People's recognition result again it is whether correct;IfIt then may determine that recognition result is correct;If It then can determine that the recognition result of return is distorted by third party;IfAndThen confirm recognition result It is to be distorted by cloud storage service device.
Compared to the prior art, the invention has the following advantages:
(1), the pedestrian of safety is supported to identify again, which is to protect the pedestrian of privacy again by the acquisition of outsourcing monitor video The trial for the first time of identification, the application allow user to store to Cloud Server using by their data to obtain safe pedestrian again Identification service;
(2), safe Hamming distance calculates, and the application constructs a kind of novel safe Hamming distance agreement;It allows Cloud Server calculates Hamming distance in ciphertext data, and calculating process is without understanding clear content;
(3), without key encrypt, key generation centre be in general cryptographic system it is essential, it be responsible for management and The private key of dispatch user.;But it depends on cipher key center unduly and easily generates heavy key escrow;The application is intended to permit Family allowable encrypted feature in a manner of no key indexes;
(4), high-precision and low cost, the application capture constant pedestrian's feature using the function based on CNN, to obtain Better matching performance;Moreover, KSH technology be used to reduce characteristic dimension, to reduce storage and communications cost;
(5), the pedestrian that can verify that identifies that the application develops a double Merkle Hash tree again, allows user's inspection Correctness with result.
Detailed description of the invention
Fig. 1 is to show that pedestrian identifies problem again;
Fig. 2 is the foundation structure that pedestrian identifies again;
Fig. 3 is the overall framework of the method for the present invention;
Fig. 4 is the authentication mechanism based on double Merkle Hash trees.
Specific embodiment
With reference to the accompanying drawing, technical solution of the present invention is specifically described.
The effective pedestrian recognition methods again for secret protection that the present invention provides a kind of on outsourcing monitor video, it allows cloud End server is executed in the case where not knowing clear content (such as video data and query information) of involved video data Pedestrian's identification mission again.In order to obtain effective high-precision retrieval performance, program combination CNN model and KSH technology with two into Form processed captures the validity feature in key frame of video;In order to realize, highly effective and safe is calculated between feature, and the application is utilized and is based on The secret sharing technology of Chinese remainder theorem (CRT) specially devises the Hamming distance peace of a feature for binary representation It is complete to calculate agreement, it is ensured that server accurately calculates the similarity between feature in ciphertext feature;In addition, utilizing Merkle Hash tree constructs recognition result authentication mechanism, and purpose makes the server of malice and third party opponent that can not distort the matching of return As a result, can determine the recognition result of return using authentication mechanism authorized user is distorted by server or third party.
A kind of specific secret protection of the present invention can verify that outsourcing monitor video pedestrian recognition methods again, including walk as follows It is rapid:
Step S1, firstly, content owner using convolutional neural networks CNN and supervision Hash KSH based on kernel function from Effective pedestrian's feature vector is extracted in plaintext monitor video, constructs corresponding aspect indexing;Then, content owner uses and is based on Aspect indexing is split as n sharing and is sent to cloud data server by the secret sharing method of CRT, during being somebody's turn to do, all encryptions Monitor video and its corresponding identifier be all contracted out to cloud storage service device;
Step S2, the identification request of the cloud storage service device response contents owner, provides storage service for it and provides knowledge Monitor video Ji Suan and not be returned;Authorized user will submit challenge information to cloud storage service device in the step, and cloud is deposited at this time Storage server is responsible for responding the task of the initiation verifying matching result correctness of authorized user;
Step S3, cloud data server carrys out the sharing that the storage content owner is submitted using partial data memory space; In addition, cloud data server executes modulus add operation to sharing, and the result after calculating is sent to cloud storage service device;
Step S4, the aspect indexing of inquiry is split as different piece by authorized user, and is sent them at random corresponding Cloud data server, after the result for obtaining return, recovery Clear video is decrypted by key in authorized user;In addition, awarding It weighs user and the challenge information of initiation is submitted into cloud storage service device, to verify the correctness of returned data.
The following are specific implementation examples of the invention.
Hereinafter, CO refers to that content owner, CSS refer to that cloud storage service device, CDS refer to that cloud data server, AU refer to that authorization is used Family.
Referring to fig. 2, the basic constructional design that pedestrian identifies again executes element the application according to it and mentions in cloud computing environment The pedestrian for having gone out safety identifying schemes again, it mainly includes four directions: content owner, cloud storage service device, cloud data clothes Be engaged in device and authorized user.
The specific implementation steps are as follows for it:
(1), content owner extracts feature vector from plaintext monitor video first, just can construct corresponding feature in this way Index.Then, content owner sends cloud data server for the sharing of index using the secret sharing method based on CRT. While this process generates, the monitor video of all encryptions and its corresponding identifier are all contracted out to cloud storage service device.
(2), cloud storage service device is requested primarily responsive to the identification of content owner, is provided storage service for it and is provided knowledge Monitor video Ji Suan and not be returned.Authorized user will submit challenge information to cloud storage service device in the step, at this time cloud Storage server is responsible for responding the task of the initiation verifying matching result correctness of authorized user.
(3), cloud data server will use some data spaces to store the sharing that user is submitted.In addition, cloud Data server will have the computing capability that modulus add operation is executed to the sharing of aspect indexing, and the result after calculating is sent out Give cloud storage service device.
(4), the aspect indexing of inquiry is split as different piece by authorized user, and sends them to corresponding cloud at random Data server is not related to key among these.After obtaining the result returned, recovery can be decrypted in authorized user by key Clear video.In addition, authorized user, which can will initiate challenge information, submits to cloud storage service device, to verify the correct of returned data Property.
Embodiment two:
Assuming that Cloud Server is honest but curious model, (i.e. the application design is a set of by the FARRIS of the application design Efficient secret protection pedestrian scheme) frame can realize that secret protection pedestrian identify again by encryption outsourcing monitor video and appoint Business.
The application has carried out elaboration substantially to foundation structure required for pedestrian again identifying schemes in example one, then Just specific implementation detail is further described on the basis of example one in the application.Special feature embodies as follows:
(1), key rule: for video file, the application is using traditional symmetric cryptography (for example, AES) come to outsourcing Monitor video directly encrypts.In addition, using the secret sharing technology based on CRT, it can be achieved that content owner or authorized user Aspect indexing is encrypted without key.No key characteristic will substantially reduce the cost of key management and storage, it can permit user will Data be split as it is multiple obscure part, be not related to encryption key, as long as polymerization is a certain number of shared to rebuild original number According to.
(2), index construct: as Fig. 3 step 1. shown in, content owner is by all video filesOne by one Encryption, corresponding ciphertext collection areFeature vectorIt will be extracted from pedestrian image, Pedestrian image is from Clear videoThe key frame of middle acquisition.Next, being pre-processed, aspect indexing is generated, is done so Purpose is that cloud data server and cloud storage service device are leaked in order to avoid eigenvector information.Later, content owner makes Each aspect indexing is split as n sharing with CRT method.
More specifically, in order to realize that safe Hamming distance calculates, it should carry out some modifications to feature vector in advance.In detail Feelings are as follows:
Z zero padding is charged to by (2-1), COTherefore,Dimension will be extended to (d+z), be expressed as
This single stepping, mainly prevent due toDimension very little is inferred to original spy by way of exhaustion by CSS The phenomenon that levying vector.
After (2-2), padding, CO random scrambling feature vectorAll elements position.Replacement operator willTurn It is changed to
(2-3), it obtainsWhen, CO randomly chooses positive odd number replacement 1, and randomly chooses positive even numbers replacement 0.Here, it selects The range of odd number or even number is set as [1, Γ].Note thatDifferent location in 1/0 can correspond to different odd number/idols Number.According to above-mentioned Substitution Rules, CO is by all feature vectorsIt is revised as
The strategy of odd/even replacement is intended to change number 1 or 0 and remains the constant fact.
(2-4), after third revision, CO continues to modifyThe value of element.Herein, the application utilizes flexible skill Art is further protectedInformation be not leaked.It can carry out completed percentage modification by the following method
U '=us+ ε (4)
Wherein u isThe value of middle element, s is scale factor and value is positive number, and ε is random noise, and value is uniformly divided Cloth, i.e. ε~U (0, γ), (γ≤s).Here, s is disclosed, and allow withElement is different and different, and ε is for CO It is privately owned.Finally, everyone image piFeature vector be modified to
Then, CO takesAs pedestrian image piAspect indexing Ii, i.e.,
This stretching step is in order to avoid the parity of positive number may be kept under modulo operation with certain probability It is identical, it can be inferred that original feature vector so as to cause CDSIn 1 and 0 distribution situation.
(2-5), after the feature pretreatment into excessively aforementioned four amendment step, CO is by IiIt is divided into n sharing
π(Ii)={ Ii,1,Ii,2,…,Ii,n} (6)
Ii,j=Ii mod mj (7)
Wherein π () is represented by division function, it is based primarily upon modulo operation, i.e. mod mj, wherein prime number collection {mj}1≤j≤nIt is known for CDS and CSS.
In fact, IiInstitute it is important executed respectively in FARRIS a π operation.Assuming that IiW-th of ingredient be Ii(w), then Its that corresponding sharing is
π(Ii(w))={ Ii,1(w),Ii,2(w),…,Ii,n(w)} (8)
Wherein,
Ii,j(w)=Ii(w)mod mj (9)
(2-6), finally, CO by the video file of all encryptionsWith ID={ id1,…,idmCSS is uploaded to together.This Outside, eachN sharing be sent to corresponding CDS.These share the set with CDSBetween mapping close System is as follows:
(3), query generation: as Fig. 3 step 2. shown in, search index TQIt will be produced before outsourcing using above-mentioned four kinds of modifications It is raw.It is similar with the split process of CO index, user is inquired by TQIt is split as the part n, meets following requirement.
π(TQ)={ TQ,1,TQ,2,…,TQ,n} (11)
With
π(TQ(w))={ TQ,1(w),TQ,2(w),…,TQ,n(w)} (12)
TQ,j(w)=TQ(w)mod mj
Wherein TQ,jIt (w) is TQW-th of element j-th of part.
Then, AU is from { TQ,j}1≤j≤nMiddle random selection k sharing, and k be sent at random in n CDS respectively.? In this case, CSS is not necessarily to active transmission request to having the k CDS shared to rebuild secret to obtain, because by AU activation K CDS can send CSS for in-between calculated result automatically.It will avoid the interaction between CDSs and CSS, reduces communication and opens Pin.
(4) and calculate: as Fig. 3 step 3. shown in, once from inquiry user obtain inquire TQCorresponding sharing, accordingly CDS begin to calculate separately its gained search index share share with all indexes being stored thereon between and.It is given Search index TQWith anyone image piIndexThe d activated by AUjA CDS is in mould mjLower execution addition fortune It calculates, and is expressed asThat is,
Wherein g indicates the dimension of aspect indexing, and is equal to d+z.
It is any calculatingLater, djA CDS is by medianSubmit to CSS.Due to final total WithReconstruction be completed by the CSS of FARRIS, therefore any one CDS forValue be all one without institute Know.Even if several CDS may be ganged up mutually, but only involved in CDS quantity be less than threshold value k when,Value be It not will be leaked.
(5), Similarity measures: as Fig. 3 step 4. shown in, when obtain k intermediate resultCSS will execute following Step:
(5-1), CSS use CRT method to rebuild T firstQWith each IiBetween original and vectorThen, CSS According to the diminution of scale factor s used in feature pretreatment stage and vectorAssuming thatFor { t1,t2,…, tg, it is after flexibleIt is calculated especially by following formula
Although CSS do not know original feature vector Q andBut it still can be based onTo calculate between them Hamming distance.Hereinafter, the application briefly introduces calculating process:
As described in step (2) index construct algorithm,It is to be modified during feature vector pretreatment by first three FromIt generates.Assuming that Q ' is inquiry Q by first three pretreated vector of modification.It is apparent that only when random noise ε≤ When s,Precisely Q ' andSum.It is well known that any two have 1 in the sum of binary vector of same dimension Quantity be exactly equal to the Hamming distance between them, and 1 is again odd number.This means that Hamming distance be can by calculate and Element is the quantity of odd number to acquire in vector.Although feature vector pretreatment after Q ' andWith corresponding original two into Feature vector processed is dramatically different, but the sum between themIn the quantity of odd number but remain unchanged.Main cause is Substitution Rules in step (2) index construct algorithmOriginal binary vector element will not be changed Parity.In addition, the quantity invariance of odd number also not by (2-1) fill zero amendment step influenced because even number and still It is so even number.Based on the above analysis, CSS can have the quantity of the element of odd number value by calculating, directly from they pre- Manage the sum of feature vectorObtain Q andBetween Hamming distance.
(5-2), CSS carry out ascending sort to all Hamming distances, return to most associated encryption video set And its corresponding identification sets ID '={ id '1,…,id′qGive authorized user.
(6), matching result is verified: in practical applications, Cloud Server is more likely to follow half honest but curiosity and with portion Divide the model of malicious act.This means that the matching result that pedestrian identifies again can be forged or be distorted to Cloud Server.In order to solve This problem, the application are that FARRIS is equipped with the mechanism that can verify that, to reinforce it, to resist half honest but curious and have The model of part malicious act.In addition, the application may distort as a result, simultaneously in view of third party opponent in transmission process CSS is also allowed for distort with third party opponent to make an excuse and covering the fact that oneself is real interpolater.In order to avoid discrimination Justice, the application devises a kind of advanced authentication mechanism based on double Merkle Hash trees, for checking pedestrian's recognition result again Correctness, and can also determine really to determine interpolater from CSS and third party opponent in authentication failed.It is crucial Shown in steps are as follows:
The authentication mechanism of (6-1), here the application have used message authentication code (MAC) technology.MAC is that a kind of password is former Language, for realizing the integrality and authentication property of message.Firstly, the application uses MAC method by ID number for idi(i ∈ [1, m]) Encrypted video file ciThe value of MAC is generated with the key k of MACWherein MAC () is the safe side MAC Case (such as HMAC).Accordingly, will generate one withGather for the MAC of elementI.e.
Later, MAC gathersIt is contracted out to CSS, this step can be in step (2) index construct algorithm with all encryptions Video file outsourcing together.
(6-2), pedestrian's recognition result again is being receivedLater, AU is first from setMiddle random selection subsetWherein { li}1≤i≤tIndicate that selected encrypted video existsIn position, and t≤q.Then, AU is by challenge information {li}1≤i≤tIt is sent to CSS.
(6-3), when obtaining challenge request from AU, CSS is based on challenge information { li}1≤i≤tConstruct two Merkle Hash Number is responded, as shown in Figure 4.Wherein assume MAC collectionIt is ciphertext video subsetThe collection of corresponding MAC It closes.Firstly, a Merkle Hash tree MT is first constructed, in this tree, by calling hash function hT:{0,1}*→{0,1}κCome Calculate the cryptographic Hash of all leaf nodes (using the MAC value of corresponding ciphertext video as input).For intermediate node, CSS can be with Cryptographic Hash after two direct child node merges by Hash obtains the cryptographic Hash of the node.If only one sub- section Point then can only calculate the cryptographic Hash of father node by the cryptographic Hash of the Hash child node.In a similar way, CSS can be counted Calculate the cryptographic Hash of Merkle Hash tree MT root nodeAnd it is sent to AU.In addition to Hash tree MT, CSS constructs second Kazakhstan again Uncommon tree CT, the method for construction is similar with Hash tree MT, the difference is that the leaf node of Hash tree CT is directly with ciphertext video SubsetAs input.Equally, the cryptographic Hash of a root node is ultimately generatedAnd it is sent to AU.
(6-4), it is receivingWithLater, AU is corresponding also constructs two Hash tree MT ' and CT ', and counts respectively Calculate the cryptographic Hash of root nodeWithWherein, the input MAC collection of the leaf node of Hash tree MT 'It need to be by AU Oneself is calculated, i.e., is calculated by MAC methodMAC value, set generated is exactlyWherein involve The key K of MAC is provided by way of sharing by corresponding CO.As forConstruction process withIt is the same.
(6-5), AU pass through analysisWith it is correspondingBetween relationship differentiate that pedestrian knows again Other result it is whether correct.IfIt then may determine that recognition result is correct;IfCan then it sentence Surely the recognition result returned is distorted by third party;IfAndThen confirm that recognition result is by CSS It distorts.
Characteristic of the invention is:
With both sides characteristic: first is that collaboration considers that monitor video data safety and pedestrian identify two links again, grinding Study carefully video data, the secret protection of pedestrian's feature and subsequent similarity measurement calculate, solve video data safety and outer Wrap the contradiction of pedestrian's identification mission again;Second is that the validation problem of recognition result correctness is converted into Hash root vertex cryptographic Hash Determine, it is possible to provide data integrity validation and source of distorting determine two kinds of services.
The above are preferred embodiments of the present invention, all any changes made according to the technical solution of the present invention, and generated function is made When with range without departing from technical solution of the present invention, all belong to the scope of protection of the present invention.

Claims (6)

1. a kind of secret protection can verify that outsourcing monitor video pedestrian recognition methods again, which comprises the steps of:
Step S1, firstly, content owner utilizes convolutional neural networks CNN and the supervision Hash KSH based on kernel function from plain text Effective pedestrian's feature vector is extracted in monitor video, constructs corresponding aspect indexing;Then, content owner, which uses, is based on CRT Secret sharing method aspect indexing be split as n sharing be sent to cloud data server, should during, the prison of all encryptions Control video and its corresponding identifier are all contracted out to cloud storage service device;
Step S2, the identification request of the cloud storage service device response contents owner provides storage service for it and provides identification meter Calculate and return monitor video;Authorized user will submit challenge information to cloud storage service device in the step, and cloud storage takes at this time Business device is responsible for responding the task of the initiation verifying matching result correctness of authorized user;
Step S3, cloud data server carrys out the sharing that the storage content owner is submitted using partial data memory space;In addition, Cloud data server executes modulus add operation to sharing, and the result after calculating is sent to cloud storage service device;
Step S4, the aspect indexing of inquiry is split as different piece by authorized user, and sends them to corresponding cloud at random Data server, after the result for obtaining return, recovery Clear video is decrypted by key in authorized user;In addition, authorization is used The challenge information of initiation is submitted to cloud storage service device by family, to verify the correctness of returned data.
2. secret protection according to claim 1 can verify that outsourcing monitor video pedestrian recognition methods again, feature exists In in step S1, if plaintext monitor videoEncrypting corresponding ciphertext collection isEffective pedestrian Feature vectorIt is extracted from pedestrian image, pedestrian image is from plaintext monitor videoThe pass of middle acquisition Key frame.
3. secret protection according to claim 2 can verify that outsourcing monitor video pedestrian recognition methods again, feature exists In in step S1, aspect indexing is split as n sharing using the secret sharing method based on CRT and is sent to by content owner Cloud data server the specific implementation process is as follows:
Step S11, z zero padding is charged to by content ownerTherefore,Dimension will be extended to (d+z), be expressed as
Step S12, after padding, content owner's random scrambling feature vectorAll elements position, replacement operator It willIt is converted to
Step S13, it obtainsWhen, content owner randomly chooses positive odd number replacement 1, and randomly chooses positive even numbers replacement 0, this In, select the range of odd number or even number to be set as [1, Γ],Different location in 1/0 can correspond to different odd numbers/ Even number, according to above-mentioned Substitution Rules, by all feature vectorsIt is revised as
Step S14, content owner continues to modifyThe value of element;Herein, it is further protected using flexible technologyLetter Breath is not leaked, and can carry out completed percentage modification by the following method
U '=us+ ε (4)
Wherein, u isThe value of middle element, s is scale factor and value is positive number, and ε is random noise, and value is uniformly distributed, i.e., ε~U (0, γ), (γ≤s);Here, s is disclosed, and allow withElement is different and different, and ε is content owner Privately owned;Finally, each pedestrian image piFeature vector be modified to
Then, content owner takesAs pedestrian image piAspect indexing Ii, i.e.,
Step S15, after the feature pretreatment Jing Guo above-mentioned steps, content owner is by IiIt is divided into n sharing
π(Ii)={ Ii,1,Ii,2,…,Ii,n} (6)
Ii,j=Ii mod mj (7)
Wherein, π () is represented by division function, is based on modulo operation, i.e. modmj, wherein prime number collection { mj}1≤j≤nFor cloud Data server and cloud storage service device are known;
Assuming that IiW-th of ingredient be Ii(w), then its that corresponding sharing is
π(Ii(w))={ Ii,1(w),Ii,2(w),…,Ii,n(w)} (8)
Wherein,
Ii,j(w)=Ii(w)mod mj (9)
Step S16, finally, content owner is by the video file of all encryptionsWith ID={ id1,…,idmUpload to together Cloud storage service device;In addition, eachN sharing be sent to corresponding cloud data server;These share with The set of cloud data serverBetween mapping relations it is as follows:
4. secret protection according to claim 3 can verify that outsourcing monitor video pedestrian recognition methods again, feature exists In in the step S4, the aspect indexing of inquiry is split as different piece by authorized user, and is sent them at random corresponding Cloud data server the specific implementation process is as follows:
Authorized user is by the aspect indexing T of inquiryQIt is split as n part, meets following formula:
π(TQ)={ TQ,1,TQ,2,…,TQ,n} (11)
With
π(TQ(w))={ TQ,1(w),TQ,2(w),…,TQ,n(w)} (12)
TQ,j(w)=TQ(w)modmj
Wherein, TQ,jIt (w) is TQW-th of element j-th of part
Then, authorized user is from { TQ,j}1≤j≤nMiddle random selection k sharing, and it is sent to n cloud data server at random respectively In k.
5. secret protection according to claim 4 can verify that outsourcing monitor video pedestrian recognition methods again, feature exists In in the step S4, the aspect indexing of inquiry is split as different piece by authorized user, and is sent them at random corresponding Cloud data server after, cloud data server and cloud storage service device will execute following steps:
Cloud data server executes and calculating process:
The aspect indexing T of given inquiryQWith pedestrian image piIndexThe d activated by authorized userjA cloud number According to server in mould mjLower execution add operation, and be expressed asI.e.
Wherein, g indicates the dimension of aspect indexing, and is equal to d+z;
It is any calculatingLater, djA cloud data server is by medianSubmit to cloud storage clothes Business device;
Cloud storage service device executes Similarity measures process:
When k intermediate result for obtaining k cloud data serverFollowing steps will be executed for cloud storage service device:
1) cloud storage service device uses CRT method to rebuild T firstQWith each IiBetween original and vectorThen, cloud Storage server is reduced according to scale factor s used in feature pretreatment stage and vectorAssuming thatFor {t1,t2,…,tg, it is after flexibleIt is calculated especially by following formula:
Cloud storage service device is based onCan calculate Q andBetween Hamming distance;
2) cloud storage service device carries out ascending sort to all Hamming distances, returns to most associated encryption video set And its corresponding identification sets ID '={ id1′,…,idq' give authorized user.
6. secret protection according to claim 5 can verify that outsourcing monitor video pedestrian recognition methods again, feature exists In in the step S4, the challenge information of initiation is submitted to cloud storage service device by authorized user, to verify returned data just True property the specific implementation process is as follows:
(6-1), use MAC method by ID number for idiThe encrypted video file c of (i ∈ [1, m])iMAC is generated with the key k of MAC ValueWherein MAC () is safe MAC scheme;Accordingly, will generate one withFor element MAC setI.e.
Later, MAC gathersIt is contracted out to cloud storage service device;
(6-2), pedestrian's recognition result again is being receivedLater, authorized user is first from setMiddle random selection subsetWherein { li}1≤i≤tIndicate that selected encrypted video existsIn position, and t≤q;Then, authorized user will choose Fight information { li}1≤i≤tIt is sent to cloud storage service device;
(6-3), when obtaining challenge request from authorized user, cloud storage service device is based on challenge information { li}1≤i≤tBuilding two Merkle Hash number is responded;Wherein assume MAC collectionIt is ciphertext video subsetThe collection of corresponding MAC It closes;Firstly, a Merkle Hash tree MT is first constructed, in this tree, by calling hash function hT:{0,1}*→{0,1}κCome Calculate the cryptographic Hash of all leaf nodes;For intermediate node, cloud storage service device can by Hash two direct child node Cryptographic Hash after merging obtains the cryptographic Hash of the node;If only one child node, it can only pass through the Hash section The cryptographic Hash of point calculates the cryptographic Hash of father node;In a similar way, cloud storage service device can calculate Merkle Hash tree The cryptographic Hash of MT root nodeAnd it is sent to authorized user;In addition to Hash tree MT, cloud storage service device constructs second Kazakhstan again Uncommon tree CT, the method for construction is similar with Hash tree MT, the difference is that the leaf node of Hash tree CT is directly with ciphertext video SubsetAs input;Equally, the cryptographic Hash of a root node is ultimately generatedAnd it is sent to authorized user;
(6-4), it is receivingWithLater, authorized user is corresponding also constructs two Hash tree MT ' and CT ', and respectively Calculate the cryptographic Hash of root nodeWithWherein, the input MAC collection of the leaf node of Hash tree MT 'It need to be by Authorized user calculates, i.e., is calculated by MAC methodMAC value, set generated is exactlyWherein involve Key K to MAC is provided by way of sharing by corresponding content owner;As forConstruction process withOne mould Equally;
(6-5), authorized user pass through analysisWith it is correspondingBetween relationship differentiate the pedestrian again Recognition result it is whether correct;IfIt then may determine that recognition result is correct;IfThen may be used Determine that the recognition result returned is distorted by third party;IfAndThen confirm recognition result be by Cloud storage service device is distorted.
CN201910317372.XA 2019-04-19 2019-04-19 Verifiable outsourced monitoring video pedestrian re-identification method with privacy protection Active CN110059630B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910317372.XA CN110059630B (en) 2019-04-19 2019-04-19 Verifiable outsourced monitoring video pedestrian re-identification method with privacy protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910317372.XA CN110059630B (en) 2019-04-19 2019-04-19 Verifiable outsourced monitoring video pedestrian re-identification method with privacy protection

Publications (2)

Publication Number Publication Date
CN110059630A true CN110059630A (en) 2019-07-26
CN110059630B CN110059630B (en) 2022-06-14

Family

ID=67319767

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910317372.XA Active CN110059630B (en) 2019-04-19 2019-04-19 Verifiable outsourced monitoring video pedestrian re-identification method with privacy protection

Country Status (1)

Country Link
CN (1) CN110059630B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111291411A (en) * 2020-02-13 2020-06-16 福州大学 Safe video anomaly detection system and method based on convolutional neural network

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103152556A (en) * 2013-03-15 2013-06-12 云南大学 Surveillance video encryption method for protecting privacy
CN106980641A (en) * 2017-02-09 2017-07-25 上海交通大学 The quick picture retrieval system of unsupervised Hash and method based on convolutional neural networks
CN108768951A (en) * 2018-05-03 2018-11-06 上海海事大学 The data encryption of protection file privacy and search method under a kind of cloud environment
CN109104440A (en) * 2018-10-22 2018-12-28 青岛大学 The cloud storage big data integrity verification method of internet of things oriented mobile terminal device
CN109145829A (en) * 2018-08-24 2019-01-04 中共中央办公厅电子科技学院 A kind of safe and efficient face identification method based on deep learning and homomorphic cryptography

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103152556A (en) * 2013-03-15 2013-06-12 云南大学 Surveillance video encryption method for protecting privacy
CN106980641A (en) * 2017-02-09 2017-07-25 上海交通大学 The quick picture retrieval system of unsupervised Hash and method based on convolutional neural networks
CN108768951A (en) * 2018-05-03 2018-11-06 上海海事大学 The data encryption of protection file privacy and search method under a kind of cloud environment
CN109145829A (en) * 2018-08-24 2019-01-04 中共中央办公厅电子科技学院 A kind of safe and efficient face identification method based on deep learning and homomorphic cryptography
CN109104440A (en) * 2018-10-22 2018-12-28 青岛大学 The cloud storage big data integrity verification method of internet of things oriented mobile terminal device

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
CHENG, HANG ET AL.: "Person Re-Identification over Encrypted Outsourced Surveillance Videos", 《IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING》 *
FU, ZHANGJIE ET AL.: "Privacy-Preserving Smart Semantic Search Based on Conceptual Graphs Over Encrypted Outsourced Data", 《IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY》 *
孙思: "基于SGX的人脸识别隐私保护方案的设计与实现", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》 *
罗永松: "协同监控系统中视觉隐私保护技术研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111291411A (en) * 2020-02-13 2020-06-16 福州大学 Safe video anomaly detection system and method based on convolutional neural network
CN111291411B (en) * 2020-02-13 2022-12-23 福州大学 Safe video anomaly detection system and method based on convolutional neural network

Also Published As

Publication number Publication date
CN110059630B (en) 2022-06-14

Similar Documents

Publication Publication Date Title
US10296248B2 (en) Turn-control rewritable blockchain
AU2017269736B2 (en) Multiple-link cryptologic blockchain
US10917249B2 (en) Processing data elements stored in blockchain networks
CN101401341A (en) Secure data parser method and system
CN103636160A (en) Secure file sharing method and system
Hasan et al. Cloud data provenance using IPFS and blockchain technology
US20230059580A1 (en) Blockchain with random committee selection
CN114021164B (en) Credit system privacy protection method based on block chain
Zhao et al. A blockchain-facilitated secure sensing data processing and logging system
Yoosuf Lightweight fog‐centric auditing scheme to verify integrity of IoT healthcare data in the cloud environment
US11924348B2 (en) Honest behavior enforcement via blockchain
Mishra et al. Enhancing privacy‐preserving mechanisms in Cloud storage: A novel conceptual framework
Li et al. BEIR: A blockchain-based encrypted image retrieval scheme
CN117454442A (en) Anonymous security and traceable distributed digital evidence obtaining method and system
CN110059630A (en) Secret protection can verify that outsourcing monitor video pedestrian recognition methods again
CN117037988A (en) Electronic medical record storage method and device based on blockchain
Szymoniak Using a security protocol to protect against false links
AU2021103828A4 (en) A novel system and auditing technique for cloud based digital forensic readiness with integrity and privacy preservation of health care data
Brandao Cloud computing security
Fan et al. Cloud-based lightweight RFID healthcare privacy protection protocol
Joseph et al. Design a hybrid optimization and homomorphic encryption for securing data in a cloud environment
Keerthana et al. Slicing, Tokenization, and Encryption Based Combinational Approach to Protect Data-at-Rest in Cloud Using TF-Sec Model
Tharani et al. A blockchain-based database management system
Ravimaran et al. Robust Security With Strong Authentication in Mobile Cloud Computing Based on Trefoil Congruity Framework
Wang et al. RCDS: a right-confirmable data-sharing model based on symbol mapping coding and blockchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant