CN110213036A - Based on the storage of Internet of Things mist calculating-edge calculations secure data and calculation method - Google Patents
Based on the storage of Internet of Things mist calculating-edge calculations secure data and calculation method Download PDFInfo
- Publication number
- CN110213036A CN110213036A CN201910521504.0A CN201910521504A CN110213036A CN 110213036 A CN110213036 A CN 110213036A CN 201910521504 A CN201910521504 A CN 201910521504A CN 110213036 A CN110213036 A CN 110213036A
- Authority
- CN
- China
- Prior art keywords
- data
- mist
- calculating
- module
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Abstract
The invention belongs to data storage and computing technique fields; it discloses a kind of based on the storage of Internet of Things mist calculating-edge calculations secure data and calculation method; localization ε difference privacy is realized by data acquisition module; and by realizing data encryption in mist node, the safety of local area data is protected;Data memory module realizes encryption data storage, protects privacy of the data on mist server;Data access module realizes data safety decryption, and protection data information security is shared;The distribution task of oneself is uploaded to scheduler by distribution module, can effectively protect the privacy of computing terminal;Meanwhile calculating task is decomposed by task processing module, and parallel computation is carried out to the multiple calculating subtasks decomposited.The present invention has ensured whole system data safety and data-privacy while improving the processing speed of calculating task.
Description
Technical field
The invention belongs to data storage and computing technique fields, more particularly to one kind is based on Internet of Things mist calculating-edge
The secure data of calculation stores and calculation method.
Background technique
Internet of Things is the important component of generation information technology, it is by radio frequency identification (RFID), infrared induction
The information sensing devices such as device, global positioning system, laser scanner are connected any article with internet by the agreement of agreement
It connects, carries out information exchange and communication, to realize a kind of net to the Weigh sensor of article, positioning, tracking, monitoring and management
Network.
Currently, Internet of Things industry is established in core technology research and development and industrialization, key criterion research and formulation, industry chain (supply chain)
Obtain remarkable effect with promoting etc. with the demonstration of perfect, major application, Internet of Things have become our times new round economy and
" intelligent industrial, reading intelligent agriculture, Intelligent logistics, intelligence friendship are especially being greatly developed in one of strategic high ground of development in science and technology
9 big major fields Applied D emonstration engineerings of logical, smart grid, intelligent environment protection, intelligent security guard, intelligent medical, smart home ".
The development of intelligent industrial directly affects the development of national pillar industry, therefore, will using suitable technology of Internet of things
As industrial information, networking, intelligence is realized, improve the management of enterprise, working environment reduces cost, promotes electricity
Sub- product merges indispensable tool and means with communication, computer technology;It should ensure that industrial Internet of Things network and number simultaneously
According to safety.
Edge calculations refer in the side close to object or data source header, using network, calculating, storage, application core ability
The open platform being integrated provides most proximal end service nearby.Its application program is initiated in edge side, generates faster network service
Response, meet industry real time business, using intelligence, security and privacy in terms of primary demand.Edge calculations are in
Between physical entity and industry connection, or the top in physical entity.
Mist calculates the effect for more emphasizing edge device, and core concept is " intelligent front end ", i.e., in cloud layer and terminal
One layer is added between mechanical floor, is called mist layer.Calculating, storage and the network communication services provided by mist layer, so that data
Calculate, analysis and processing are more nearly user, to reduce the response delay and storage that internet of things service is handled by cloud layer
Expense reduces the consumption to radio resource, reduces the energy consumption of terminal device, to extend its stand-by time or even energy
It is enough to continue to provide the service of calculating in the region that no internet covers.
Mist calculating mainly has the characteristics that.
A) real-time interactive, more low time delay and energy consumption are supported.
B) lower bandwidth demand alleviates caused congestion when bulk device connection cloud.
C) distributed treatment of data reduces mass data storage demand.
D) device location accurately perceives, and supports larger range of mobility.
E) it supports isomerism, supports diversified isomery hardware and software device.
However, the randomness that privacy and calculating task cannot be protected to reach in existing edge calculations task assignment procedure;Together
When, calculating task usually has very big data volume;When successively being calculated each sub- calculating task, can expend a large amount of
Time.Therefore, the processing speed of existing mode, calculating task is slower.
In conclusion problem of the existing technology is:
The randomness that privacy and calculating task cannot be protected to reach in existing edge calculations task assignment procedure;It cannot be guaranteed that
Information Security of the data in transmission process.Meanwhile calculating task usually has very big data volume;It is calculated to each height
When task is successively calculated, it can take a substantial amount of time.Therefore, the processing speed of existing mode, calculating task is slower.
Summary of the invention
In view of the problems of the existing technology, the present invention provides a kind of based on Internet of Things mist calculating-edge calculations peace
Totally according to storage and calculation method.
The invention is realized in this way it is a kind of by the mist of Internet of Things calculating-edge calculations secure data storage and based on
The system of calculation includes:
Data acquisition module, main control module, data memory module, Data access module, distribution module, task handle mould
Block, data computation module, security module, display module;
Data acquisition module is connect with main control module, is passed through at random for acquiring the data needed, and the data of acquisition
Disturbing function carries out disturbance and realizes localization difference privacy, and the safety by realizing local area data in mist node encrytion;
Main control module handles mould with data acquisition module, data memory module, Data access module, distribution module, task
Block, data computation module, security module, display module connection, for controlling modules operation element by central processing unit;
Data memory module is connect with main control module, for the data by the storage convergence of mist server;
Data access module is connect with main control module, for the data content by encryption retrieval request access convergence;
Distribution module is connect with main control module, distributes calculating task for the encryption key distribution algorithm by can verify that;
Task processing module is connect with main control module, for being handled by calculating task of the processing routine to distribution;
Data computation module is connect with main control module, for carrying out calculation processing to data;
Security module is connect with main control module, is carried out safety management and monitoring to data, is responsible for the access authority control of user
System, data safety and authentication function protect data integrity and privacy;
Display module is connect with main control module, for the data by display display convergence.
Mist calculating-edge calculations secure data storage based on Internet of Things that another object of the present invention is to provide a kind of
With the method for calculating.The following steps are included:
Step 1, the data needed by data collecting module collected, and the data of acquisition are passed through random forcing function
It carries out disturbance and realizes localization difference privacy;
Step 2, the data that main control module is acquired by data memory module using the storage of mist server, and integrated
Convergence;
Step 3 utilizes the data content of encryption retrieval request access convergence by Data access module;
Step 4 distributes calculating task using the encryption key distribution algorithm that can verify that by distribution module;
Step 5 is handled by task processing module using calculating task of the processing routine to distribution;Pass through data
Computing module carries out calculation processing to data;By security module, safety management and monitoring are carried out to data, are responsible for the visit of user
It asks permission control, data safety and authentication function, protects data integrity and privacy;
Step 6 passes through the data of display module display display convergence.
Further, 1 acquisition method of data acquisition module is as follows:
Firstly, in the same region of Internet of Things edge sensor, the information that each sensor node acquisition needs, shape
At the data set of oneself node, data are transferred to mist node after locally disturbance.In the data set M of acquisition, sampling is used
Typical algorithm disturbs data, to realize localization difference privacy, guarantees the safety of local data.
Comprise the concrete steps that: data are divided into K parts by the data set for choosing acquisition, are made to every part of data run query function f
To query result f (d1),f(d2),…,f(dK), wherein d is selection type.To query result addition random response algorithm (containing disturbing
Dynamic and correction course), disturbance statistical result y is obtained, realizes localization ε difference privacy.Local disturbance statistic algorithm πGRR(a) public
Formula is as follows:
Wherein ε is secret protection budget, and P is probability, and e is constant, a ∈ M.
Secondly, by the same region K neighbour user or mist node anonymous from group constitute neighbor group;Then, it hides for K
Disturbance of data is carried out between name user or mist node and by data in mist node encrytion, processed data pass through the cluster node in group
The encrypted data transmission after disturbance to mist server, mist server operation correction τGRR(a), formula is obtained:
I is hits, and j is integer, and Q is reversed probability, and u is node number;
Finally, multiple users or node are transferred to data with the method for secret protection of same Ad hoc from group K anonymity
Data storage is carried out in mist server.As shown in Figure 3.
Further, the data memory module storage method is as follows:
Mist node generates relevant parameter information, and the noisy data of mist node encrytion acquisition generates C=Enc (pk, m, r), hair
Give mist server;The Encryption Algorithm used is paillier public key cryptography scheme.Specific ciphering process is as follows:
Key generation process:
KeyGen(1λ) → (n, p, q): selection two Big primes p, q calculate n=pq, make to meet security parameter: λ=lcm
[(p-1),(q-1)];Wherein lcm is least common multiple.G belongs toRandom integers make to meet L (x)=(x-1)/n;It is wherein public
Opening key is (n, g), and private key is (p, q);
Ciphering process:
M is clear-text message, and r is random number, and C is the ciphertext of message m, then
C=gmrnmodn2 (3)
For needing to calculate the data obtained by homomorphism, the homomorphic algorithm of use is as follows:
?In give clear-text message m1,m2, as two ciphertext C1、C2When addition, wherein setting C1It is E (m1,r1),C2For E
(m2,r2).The result that then ciphertext adds keeps isomorphism are as follows:
Cadd=E (m1,r1)E(m2,r2)mod n2=E (m1+m2,r1r2) (4)
With the increase of the storing data on mist server, data size is increasing, and insufficient space problem is increasing,
Mist server realizes the storage service of data by clearing up useless data or transfer data.
Further, the Data access module access method is as follows:
(1) if the storage that mist node or user access the data on mist server or obtain by multi-party computations
Calculating data, these nodes or user encrypt the relevant information and retrieval content of oneself first, then send out the information of encryption
It is sent on mist server and accesses;
(2) result of inquiry is sent to accessed node by mist server, and accessed node utilizes own private key sk2, to inquiry
Encryption data be decrypted, obtain clear data;Specific decryption method are as follows:
1) to ciphertext C (C < n2) when operation is decrypted, the decryption method of the ciphertext of single plaintext are as follows:
The decryption method that homomorphism adds are as follows:
D(C1C2modn2)=m1+m2mod n (6)
The decryption side rule multiplied for homomorphism is specific as follows according to the property that multiplies of pailliar encipherment scheme:
Further, the data computation module calculation method is as follows:
(1) the mist node in the same area carries out simple data processing;
(2) it for complicated calculating, is carried out by the multi-party calculations incorporated homomorphic cryptography of distributed security, multiple nodes are simultaneously
It participates in calculating, encryption data is encrypted with random number in each node interactive process, reveal data handling procedure will not
Any original contents;Share scheme using key, secret is divided into multiple secret information s that are mutually related by senderi, wherein si
Belong to1≤i≤N, z are the prime numbers bigger than N, select t-1 element, are labeled as { a1,...,at-1, then be distributed in group
T-1 member:
Wherein a0=s,
(3) each mist node utilizes ignorant pseudo random number Rk(xi) calculate oneself random share;
Wherein k is (z, g, m, a0,a1,…,at), it is the information of regular length;W is prime number, a0,a1,…,atBelong to
A is calculated according to lagrange polynomiali(x), the design factor of the mist node in Internet of Things are as follows:
Then the calculated value y (x of Internet of Things mist node is obtainedi), formula is as follows:
(4) when the user or node for possessing key are to processed data y (xi) it is respectively transmitted to mist server, mist service
Device stores the result f (x) of multi-party computations, and f (x) is as follows:
Further, the task processing module processing method is as follows:
Firstly, setting chain task container, realizes task link by Hash double linked list;
Secondly, receiving the calculating task that exterior terminal equipment is sent;
Then, the calculating task is decomposed at least two sub- calculating tasks;
Finally, carrying out parallel computation to the subtask after decomposition according to chain task container, calculating task requirement is obtained
Calculated result.
Another object of the present invention is to provide mist calculating-edge calculations safety described in a kind of realize based on Internet of Things
The computer program of data storage and the method calculated.
Another object of the present invention is to provide mist calculating-edge calculations safety described in a kind of realize based on Internet of Things
The information data processing terminal of data storage and the method calculated.
Another object of the present invention is to provide a kind of computer readable storage mediums, including instruction, when it is in computer
When upper operation, so that computer executes the storage of mist calculating-edge calculations secure data and calculating based on Internet of Things
Method.
Another object of the present invention is to provide mist calculating-edge calculations safety described in a kind of carrying based on Internet of Things
Mist calculating-edge calculations platform of the Internet of Things of data storage and the system calculated.
Advantages of the present invention and good effect are as follows:
The present invention realizes localization ε difference privacy by data acquisition module, protects the safety of local acquisition data;Number
Data encryption storage is realized according to memory module, protects data-privacy of the data on mist server and mist node;Data access mould
Block realizes data safety decryption, and protection data information security is shared;The encryption key distribution algorithm that data computation module application can verify that
Homomorphism parallel computation is carried out, and is calculated by Secure and realizes that multiparty collaboration calculates, ensures peace of the data in calculating process
Entirely.The present invention realizes the disturbance of data between regional nodes between K anonymous or node by building neck near field simultaneously, protects
Hinder the data-privacy of local zone.
Therefore, the present invention the processing speed for improving calculating task simultaneously, while substantially increasing Internet of Things majority scene
Under data safety and data privacy concern.
Detailed description of the invention
Fig. 1 be it is provided in an embodiment of the present invention by the mist of Internet of Things calculating-edge calculations secure data storage and based on
The method flow diagram of calculation.
Fig. 2 be it is provided in an embodiment of the present invention by the mist of Internet of Things calculating-edge calculations secure data storage and based on
The system structure diagram of calculation.
Fig. 3 is data convergence storage figure provided in an embodiment of the present invention.
Fig. 4 is data calculating figure provided in an embodiment of the present invention.
In Fig. 2: 1, data acquisition module;2, main control module;3, data memory module;4, Data access module;5, it distributes
Module;6, task processing module;7, data computation module;8, security module;9, display module.
Specific embodiment
In order to further understand the content, features and effects of the present invention, the following examples are hereby given, and cooperate attached drawing
Detailed description are as follows.
Structure of the invention is explained in detail with reference to the accompanying drawing.
As shown in Figure 1, the storage of mist calculating-edge calculations secure data and calculating provided by the invention based on Internet of Things
Method the following steps are included:
S101, by data collecting module collected need data, and the data of acquisition by random forcing function into
Localization difference privacy, and the safety by realizing local area data in mist node encrytion are realized in row disturbance;
S102, main control module utilize the data of mist server storage convergence by data memory module;
S103 utilizes the data content of encryption retrieval request access convergence by Data access module;
S104 distributes calculating task using the encryption key distribution algorithm that can verify that by distribution module;
S105 is handled by task processing module using calculating task of the processing routine to distribution;Pass through data meter
It calculates module and calculation processing is carried out to data;By security module, safety management and monitoring are carried out to data, are responsible for the access of user
Permission control, data safety and authentication function, protect data integrity and privacy;
S106 passes through the data of display module display display convergence.
As shown in Fig. 2, the storage of mist calculating-edge calculations secure data and calculating provided by the invention based on Internet of Things
System include: data acquisition module 1, main control module 2, data memory module 3, Data access module 4, distribution module 5, task
Processing module 6, data computation module 7, security module 8, display module 9.
Data acquisition module 1 is connect with main control module 2, for acquire need data, and the data of acquisition by with
Machine disturbing function carries out disturbance and realizes localization difference privacy;
Main control module 2, with data acquisition module 1, data memory module 3, Data access module 4, distribution module 5, task
Processing module 6, data computation module 7, security module 8, display module 9 connect, for controlling each mould by central processing unit
Block operation element;
Data memory module 3 is connect with main control module 2, for the data by the storage convergence of mist server;
Data access module 4 is connect with main control module 2, for the data content by encryption retrieval request access convergence;
Distribution module 5 is connect with main control module 2, for by can verify that encryption key distribution algorithm distributes calculating task;
Task processing module 6 is connect with main control module 2, for by processing routine to the calculating task of distribution at
Reason;
Data computation module 7 is connect with main control module 2, for carrying out calculation processing to data;
Display module 8 is connect with main control module 2, for the data by display display convergence.
1 acquisition method of data acquisition module provided by the invention is as follows:
Firstly, in the same region of Internet of Things edge sensor, the information that each sensor node acquisition needs, shape
At the data set of oneself node, data are transferred to mist node after locally disturbance.In the data set M of acquisition, sampling is used
Typical algorithm disturbs data, to realize localization difference privacy, guarantees the safety of local data.
Comprise the concrete steps that: data are divided into K parts by the data set for choosing acquisition, are made to every part of data run query function f
To query result f (d1),f(d2),…,f(dK), wherein d is selection type.To query result addition random response algorithm (containing disturbing
Dynamic and correction course), disturbance statistical result y is obtained, realizes localization ε difference privacy.Local disturbance statistic algorithm πGRR(a) public
Formula is as follows:
Wherein ε is secret protection budget, and P is probability, and e is constant, a ∈ M.
Secondly, by the same region K neighbour user or mist node anonymous from group constitute neighbor group;Then, it hides for K
Disturbance of data is carried out between name user or mist node and by data in mist node encrytion, processed data pass through the cluster node in group
The encrypted data transmission after disturbance to mist server, mist server operation correction τGRR(a), formula is obtained:
I is hits, and j is integer, and Q is reversed probability, and u is node number;
Finally, multiple users or node are transferred to data with the method for secret protection of same Ad hoc from group K anonymity
Data storage is carried out in mist server.As shown in Figure 3.
3 storage method of data memory module provided by the invention is as follows:
Mist node generates relevant parameter information, and the noisy data of mist node encrytion acquisition generates C=Enc (pk, m, r), hair
Give mist server;The Encryption Algorithm used is paillier public key cryptography scheme.Specific ciphering process is as follows:
Key generation process:
KeyGen(1λ) → (n, p, q): selection two Big primes p, q calculate n=pq, make to meet security parameter: λ=lcm
[(p-1),(q-1)];Wherein lcm is least common multiple.G belongs to Zn * 2Random integers make to meet L (x)=(x-1)/n;It is wherein public
Opening key is (n, g), and private key is (p, q);
Ciphering process:
M is clear-text message, and r is random number, and C is the ciphertext of message m, then
C=gmrnmod n2 (3)
For needing to calculate the data obtained by homomorphism, the homomorphic algorithm of use is as follows:
?In give clear-text message m1,m2, as two ciphertext C1、C2When addition, wherein setting C1It is E (m1,r1),C2For E
(m2,r2).The result that then ciphertext adds keeps isomorphism are as follows:
Cadd=E (m1,r1)E(m2,r2)mod n2=E (m1+m2,r1r2) (4)
With the increase of the storing data on mist server, data size is increasing, and insufficient space problem is increasing,
Mist server realizes the storage service of data by clearing up useless data or transfer data.
4 access method of Data access module provided by the invention is as follows:
(1) if the storage that mist node or user access the data on mist server or obtain by multi-party computations
Calculating data, these nodes or user encrypt the relevant information and retrieval content of oneself first, then send out the information of encryption
It is sent on mist server and accesses;
(2) result of inquiry is sent to accessed node by mist server, and accessed node utilizes own private key sk2, to inquiry
Encryption data be decrypted, obtain clear data;Specific decryption method are as follows:
1) to ciphertext C (C < n2) when operation is decrypted, the decryption method of the ciphertext of single plaintext are as follows:
The decryption method that homomorphism adds are as follows:
D(C1C2modn2)=m1+m2mod n (6)
The decryption side rule multiplied for homomorphism is specific as follows according to the property that multiplies of pailliar encipherment scheme:
As shown in figure 4,7 calculation method of data computation module provided by the invention is as follows:
(1) the mist node in the same area carries out simple data processing;
(2) it for complicated calculating, is carried out by the multi-party calculations incorporated homomorphic cryptography of distributed security, multiple nodes are simultaneously
It participates in calculating, encryption data is encrypted with random number in each node interactive process, reveal data handling procedure will not
Any original contents;Share scheme using key, secret is divided into multiple secret information s that are mutually related by senderi, wherein si
Belong to1≤i≤N, z are the prime numbers bigger than N, select t-1 element, are labeled as { a1,...,at-1, then be distributed in group
T-1 member:
Wherein a0=s,
(3) each mist node utilizes ignorant pseudo random number Rk(xi) calculate oneself random share;
Wherein k is (z, g, m, a0,a1,…,at), it is the information of regular length;W is prime number, a0,a1,…,atBelong to
A is calculated according to lagrange polynomiali(x), the design factor of the mist node in Internet of Things are as follows:
Then the calculated value y (x of Internet of Things mist node is obtainedi), formula is as follows:
(4) when the user or node for possessing key are to processed data y (xi) it is respectively transmitted to mist server, mist service
Device stores the result f (x) of multi-party computations, and f (x) is as follows:
5 distribution method of distribution module provided by the invention is as follows:
In distribution module, input, output data quantity, CPU calculating cycle number that scheduler dispatches need to distribute etc. are appointed
Be engaged in information, after having computing terminal reception, computing terminal according to distribution task, energy consumption, the submodels such as cost estimation calculate cost and
Determine distribution task, then for computing terminal to scheduler application task, scheduler receives each computing terminal in the same region
After task, distribution task realizes secret point to each computing terminal after planning distribution again by preset Task Assignment Model
Enjoy, homomorphism calculate etc. task computations, keep the sum of task of each task optimal.
6 processing method of task processing module provided by the invention is as follows:
Firstly, setting chain task container, realizes task link by Hash double linked list;
Secondly, receiving the calculating task that exterior terminal equipment is sent;
Then, the calculating task is decomposed at least two sub- calculating tasks;
Finally, carrying out parallel computation to the subtask after decomposition according to chain task container, calculating task requirement is obtained
Calculated result.
The above is only the preferred embodiments of the present invention, and is not intended to limit the present invention in any form,
Any simple modification made to the above embodiment according to the technical essence of the invention, equivalent variations and modification, belong to
In the range of technical solution of the present invention.
Claims (11)
1. a kind of method of mist calculating-edge calculations secure data storage and calculating based on Internet of Things, which is characterized in that institute
State based on Internet of Things mist calculating-edge calculations secure data storage and calculate method the following steps are included:
Step 1, the data needed by data collecting module collected, and the data of acquisition are carried out by random forcing function
Localization difference privacy, and the safety by realizing local area data in mist node encrytion are realized in disturbance;
Step 2, main control module is by data memory module using mist server storage acquisition by processing (disturbance, encryption)
Data, and carry out integration convergence;
Step 3 utilizes the data content of encryption retrieval request access convergence by Data access module;
Step 4 distributes calculating task using the encryption key distribution algorithm that can verify that by distribution module;
Step 5 is handled by task processing module using calculating task of the processing routine to distribution;It is calculated by data
Module carries out calculation processing to data;By security module, safety management and monitoring are carried out to data, are responsible for the access right of user
Limit control, data safety and authentication function, protect data integrity and privacy;
Step 6 passes through the data of display module display display convergence.
2. the method for mist calculating-edge calculations secure data storage and calculating based on Internet of Things as described in claim 1,
It is characterized in that, data collecting module collected and processing method include:
Firstly, in the same region of Internet of Things edge sensor, the information that each sensor node acquisition needs is formed certainly
Data are transferred to mist node after locally disturbance by the data set of own node.It is typical using sampling in the data set M of acquisition
Algorithm disturbs data, to realize localization difference privacy, guarantees the safety of local data.
Comprise the concrete steps that: data are divided into K parts by the data set for choosing acquisition, make to be looked into every part of data run query function f
Ask result f (d1),f(d2),…,f(dK), wherein d is selection type.To query result addition random response algorithm (containing disturbance and
Correction course), disturbance statistical result y is obtained, realizes localization ε difference privacy.Local disturbance statistic algorithm πGRR(a) formula is such as
Under:
Wherein ε is secret protection budget, and P is probability, and e is constant, a ∈ M.
Secondly, by the same region K neighbour user or mist node anonymous from group constitute neighbor group;Then, K anonymous use
Disturbance of data is carried out between family or mist node and by data in mist node encrytion, processed data are disturbed by the cluster node handle in group
For encrypted data transmission after dynamic to mist server, mist server, which is run, corrects τGRR(a), formula is obtained:
I is hits, and j is integer, and Q is reversed probability, and u is node number;
Finally, data are transferred to mist clothes from the method for secret protection of group K anonymity with same Ad hoc by multiple users or node
It is engaged in carrying out data storage in device.
3. the method for mist calculating-edge calculations secure data storage and calculating based on Internet of Things as described in claim 1,
It is characterized in that, data memory module storage method includes:
Mist node generates relevant parameter information, and the noisy data of mist node encrytion acquisition generates C=Enc (pk, m, r), is sent to
Mist server;The Encryption Algorithm used is paillier public key cryptography scheme.Specific ciphering process is as follows:
Key generation process:
KeyGen(1λ) → (n, p, q): selection two Big primes p, q calculate n=pq, make to meet security parameter: λ=lcm [(p-
1),(q-1)];Wherein lcm is least common multiple.G belongs toRandom integers make to meet L (x)=(x-1)/n;Key is wherein disclosed
For (n, g), private key is (p, q);
Ciphering process:
M is clear-text message, and r is random number, and C is the ciphertext of message m, then
C=gmrnmodn2 (3)
For needing to calculate the data obtained by homomorphism, the homomorphic algorithm of use is as follows:
?In give clear-text message m1,m2, as two ciphertext C1、C2When addition, wherein setting C1It is E (m1,r1),C2For E (m2,
r2).The result that then ciphertext adds keeps isomorphism are as follows:
Cadd=E (m1,r1)E(m2,r2)modn2=E (m1+m2,r1r2) (4)
With the increase of the storing data on mist server, data size is increasing, and insufficient space problem is increasing, mist clothes
Business device realizes the storage service of data by clearing up useless data or transfer data.
4. the method for mist calculating-edge calculations secure data storage and calculating based on Internet of Things as described in claim 1,
It is characterized in that, Data access module access method includes:
(1) if mist node or user access the data on mist server or the meter of the storage obtained by multi-party computations
Count evidence, these nodes or user encrypt the relevant information of oneself first and retrieve content, then sends encrypted information to
It accesses on mist server;
(2) result of inquiry is sent to accessed node by mist server, and accessed node utilizes own private key sk2, encryption to inquiry
Data are decrypted, and obtain clear data;Specific decryption method are as follows:
1) to ciphertext C (C < n2) when operation is decrypted, the decryption method of the ciphertext of single plaintext are as follows:
The decryption method that homomorphism adds are as follows:
D(C1C2modn2)=m1+m2modn (6)
The decryption side rule multiplied for homomorphism is specific as follows according to the property that multiplies of pailliar encipherment scheme:
5. the method for mist calculating-edge calculations secure data storage and calculating based on Internet of Things as described in claim 1,
It is characterized in that, data computation module calculation method includes:
(1) the mist node in the same area carries out simple data processing;
(2) it for complicated calculating, is carried out by the multi-party calculations incorporated homomorphic cryptography of distributed security, multiple nodes simultaneously participate in
It calculates, encryption data is encrypted with random number in each node interactive process, reveal data handling procedure will not any
Original contents;Share scheme using key, secret is divided into multiple secret information s that are mutually related by senderi, wherein siBelong to1≤i≤N, z are the prime numbers bigger than N, select t-1 element, are labeled as { a1,...,at-1, then the t-1 being distributed in group
A member:
Wherein a0=s,
(3) each mist node utilizes ignorant pseudo random number Rk(xi) calculate oneself random share;
Wherein k is (z, g, m, a0,a1,…,at), it is the information of regular length;W is prime number, a0,a1,…,atBelong to
A is calculated according to lagrange polynomiali(x), the design factor of the mist node in Internet of Things are as follows:
Then the calculated value y (x of Internet of Things mist node is obtainedi), formula is as follows:
(4) when the user or node for possessing key are to processed data y (xi) it is respectively transmitted to mist server, mist server is deposited
The result f (x) of multi-party computations is stored up, f (x) is as follows:
6. the method for mist calculating-edge calculations secure data storage and calculating based on Internet of Things as described in claim 1,
It is characterized in that, task processing module processing method includes:
Firstly, setting chain task container, realizes task link by Hash double linked list;
Secondly, receiving the calculating task that exterior terminal equipment is sent;
Then, the calculating task is decomposed at least two sub- calculating tasks;
Finally, carrying out parallel computation to the subtask after decomposition according to chain task container, the calculating of calculating task requirement is obtained
As a result.
7. a kind of realize that the calculating of the mist described in Claims 1 to 5 any one based on Internet of Things-edge calculations secure data is deposited
The computer program of storage and the method calculated.
8. a kind of realize that the calculating of the mist described in Claims 1 to 5 any one based on Internet of Things-edge calculations secure data is deposited
The information data processing terminal of storage and the method calculated.
9. a kind of computer readable storage medium, including instruction, when run on a computer, so that computer is executed as weighed
The method that benefit requires mist calculating-edge calculations secure data described in 1-5 any one based on Internet of Things to store and calculate.
10. a kind of system of mist calculating-edge calculations secure data storage and calculating based on Internet of Things, which is characterized in that
Mist calculating-edge calculations secure data based on Internet of Things stores and the system and method system of calculating includes:
Data acquisition module is connect with main control module, for acquiring the data needed, and the data of acquisition is passed through random perturbation
Function carries out disturbance and realizes localization difference privacy;
Main control module, with data acquisition module, data memory module, Data access module, distribution module, task processing module,
Data computation module, security module, display module connection, for controlling modules operation element by central processing unit;
Data memory module is connect with main control module, for the data by the storage convergence of mist server;
Data access module is connect with main control module, for the data content by encryption retrieval request access convergence;
Distribution module is connect with main control module, distributes calculating task for the encryption key distribution algorithm by can verify that;
Task processing module is connect with main control module, for being handled by calculating task of the processing routine to distribution;
Data computation module is connect with main control module, for carrying out calculation processing to data;
Security module is connect with main control module, for carrying out safety management and monitoring to data, is responsible for the access authority control of user
System, data safety and authentication function protect data integrity and privacy;
Display module is connect with main control module, for the data by display display convergence.
What 11. a kind of mist calculating-edge calculations secure data carried described in claim 9 based on Internet of Things was stored and was calculated
Internet of Things mist calculating-edge calculations platform of system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910521504.0A CN110213036B (en) | 2019-06-17 | 2019-06-17 | Safe data storage and calculation method based on fog calculation-edge calculation of Internet of things |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910521504.0A CN110213036B (en) | 2019-06-17 | 2019-06-17 | Safe data storage and calculation method based on fog calculation-edge calculation of Internet of things |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110213036A true CN110213036A (en) | 2019-09-06 |
CN110213036B CN110213036B (en) | 2021-07-06 |
Family
ID=67792899
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910521504.0A Active CN110213036B (en) | 2019-06-17 | 2019-06-17 | Safe data storage and calculation method based on fog calculation-edge calculation of Internet of things |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110213036B (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111381545A (en) * | 2020-04-03 | 2020-07-07 | 北京奥德威特电力科技股份有限公司 | Protection measurement and control intelligent terminal based on edge calculation |
CN111641614A (en) * | 2020-05-20 | 2020-09-08 | 郝鹏 | Communication data processing method based on block chain and cloud computing and edge computing platform |
CN111737011A (en) * | 2020-07-31 | 2020-10-02 | 支付宝(杭州)信息技术有限公司 | Method and device for realizing secure multi-party computation |
CN111832044A (en) * | 2020-06-30 | 2020-10-27 | 中国船舶重工集团公司第七一六研究所 | Safe collaborative computing processing method and system |
CN112182644A (en) * | 2020-09-11 | 2021-01-05 | 华控清交信息科技(北京)有限公司 | Data processing method and device and electronic equipment |
CN112272227A (en) * | 2020-10-22 | 2021-01-26 | 华侨大学 | Edge computing task scheduling method based on computation graph |
CN112511576A (en) * | 2019-09-16 | 2021-03-16 | 触景无限科技(北京)有限公司 | Internet of things data processing system and data processing method |
CN112738225A (en) * | 2020-12-29 | 2021-04-30 | 浙江经贸职业技术学院 | Edge calculation method based on artificial intelligence |
CN112769568A (en) * | 2021-01-29 | 2021-05-07 | 华中师范大学 | Security authentication communication system and method in fog computing environment and Internet of things equipment |
CN113378187A (en) * | 2021-05-11 | 2021-09-10 | 广西电网有限责任公司电力科学研究院 | Intelligent power grid data query method and system based on Internet of things |
WO2022170654A1 (en) * | 2021-02-09 | 2022-08-18 | 山东大学 | Data encryption learning method suitable for dynamic distributed internet of things system |
Citations (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105262587A (en) * | 2015-10-30 | 2016-01-20 | 西安电子科技大学 | Group key distribution method for machine-type communication based on proxy re-encryption |
CN106357395A (en) * | 2016-09-13 | 2017-01-25 | 深圳大学 | Outsourcing access control method and system aiming at fog computing |
US20170337091A1 (en) * | 2016-05-17 | 2017-11-23 | International Business Machines Corporation | Allocating compute offload resources |
CN107493268A (en) * | 2017-07-27 | 2017-12-19 | 华中科技大学 | A kind of difference method for secret protection based on front position vector |
CN107947913A (en) * | 2017-11-15 | 2018-04-20 | 武汉大学 | The anonymous authentication method and system of a kind of identity-based |
CN107968780A (en) * | 2017-11-20 | 2018-04-27 | 上海海事大学 | A kind of method for secret protection of mobile cloud storage shared data |
CN108521329A (en) * | 2018-03-23 | 2018-09-11 | 华东师范大学 | Dynamic security channel establishing method in mist system |
CN108684038A (en) * | 2018-05-14 | 2018-10-19 | 华侨大学 | The hiding data attack detection method that mechanism is evaluated with hierarchical trust is calculated based on mist |
US20190044761A1 (en) * | 2017-09-11 | 2019-02-07 | Yongjun KWAK | Initialization of pseudo noise sequences for reference signals and data scrambling |
US20190053064A1 (en) * | 2017-10-16 | 2019-02-14 | Huaning Niu | Multi-carrier operation for enhanced machine type communications in unlicensed medium (emtc-u) |
CN109495476A (en) * | 2018-11-19 | 2019-03-19 | 中南大学 | A kind of data flow difference method for secret protection and system based on edge calculations |
CN109523611A (en) * | 2018-11-28 | 2019-03-26 | 百度在线网络技术(北京)有限公司 | Identifying code Picture Generation Method and device |
CN109617947A (en) * | 2018-11-07 | 2019-04-12 | 重庆光电信息研究院有限公司 | The heterologous Internet of Things edge calculations system and method in city being arranged according to management category |
US20190138294A1 (en) * | 2018-10-16 | 2019-05-09 | Ned M. Smith | Attestation manifest derivation and distribution using software update image |
US20190146931A1 (en) * | 2017-11-16 | 2019-05-16 | Micron Technology, Inc. | Namespace encryption in non-volatile memory devices |
-
2019
- 2019-06-17 CN CN201910521504.0A patent/CN110213036B/en active Active
Patent Citations (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105262587A (en) * | 2015-10-30 | 2016-01-20 | 西安电子科技大学 | Group key distribution method for machine-type communication based on proxy re-encryption |
US20170337091A1 (en) * | 2016-05-17 | 2017-11-23 | International Business Machines Corporation | Allocating compute offload resources |
CN106357395A (en) * | 2016-09-13 | 2017-01-25 | 深圳大学 | Outsourcing access control method and system aiming at fog computing |
CN107493268A (en) * | 2017-07-27 | 2017-12-19 | 华中科技大学 | A kind of difference method for secret protection based on front position vector |
US20190044761A1 (en) * | 2017-09-11 | 2019-02-07 | Yongjun KWAK | Initialization of pseudo noise sequences for reference signals and data scrambling |
US20190053064A1 (en) * | 2017-10-16 | 2019-02-14 | Huaning Niu | Multi-carrier operation for enhanced machine type communications in unlicensed medium (emtc-u) |
CN107947913A (en) * | 2017-11-15 | 2018-04-20 | 武汉大学 | The anonymous authentication method and system of a kind of identity-based |
US20190146931A1 (en) * | 2017-11-16 | 2019-05-16 | Micron Technology, Inc. | Namespace encryption in non-volatile memory devices |
CN107968780A (en) * | 2017-11-20 | 2018-04-27 | 上海海事大学 | A kind of method for secret protection of mobile cloud storage shared data |
CN108521329A (en) * | 2018-03-23 | 2018-09-11 | 华东师范大学 | Dynamic security channel establishing method in mist system |
CN108684038A (en) * | 2018-05-14 | 2018-10-19 | 华侨大学 | The hiding data attack detection method that mechanism is evaluated with hierarchical trust is calculated based on mist |
US20190138294A1 (en) * | 2018-10-16 | 2019-05-09 | Ned M. Smith | Attestation manifest derivation and distribution using software update image |
CN109617947A (en) * | 2018-11-07 | 2019-04-12 | 重庆光电信息研究院有限公司 | The heterologous Internet of Things edge calculations system and method in city being arranged according to management category |
CN109495476A (en) * | 2018-11-19 | 2019-03-19 | 中南大学 | A kind of data flow difference method for secret protection and system based on edge calculations |
CN109523611A (en) * | 2018-11-28 | 2019-03-26 | 百度在线网络技术(北京)有限公司 | Identifying code Picture Generation Method and device |
Non-Patent Citations (2)
Title |
---|
SIGUANG CHEN ECT.: "Fog Computing Assisted Efficient Privacy Preserving Data Collection for Big Sensory Data", 《IEEE》 * |
邓晓衡等: "基于综合信任的边缘计算资源协同研究", 《计算机研究与发展》 * |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112511576A (en) * | 2019-09-16 | 2021-03-16 | 触景无限科技(北京)有限公司 | Internet of things data processing system and data processing method |
CN111381545A (en) * | 2020-04-03 | 2020-07-07 | 北京奥德威特电力科技股份有限公司 | Protection measurement and control intelligent terminal based on edge calculation |
CN111641614A (en) * | 2020-05-20 | 2020-09-08 | 郝鹏 | Communication data processing method based on block chain and cloud computing and edge computing platform |
CN111832044A (en) * | 2020-06-30 | 2020-10-27 | 中国船舶重工集团公司第七一六研究所 | Safe collaborative computing processing method and system |
CN111737011A (en) * | 2020-07-31 | 2020-10-02 | 支付宝(杭州)信息技术有限公司 | Method and device for realizing secure multi-party computation |
CN112182644A (en) * | 2020-09-11 | 2021-01-05 | 华控清交信息科技(北京)有限公司 | Data processing method and device and electronic equipment |
CN112182644B (en) * | 2020-09-11 | 2023-05-12 | 华控清交信息科技(北京)有限公司 | Data processing method and device and electronic equipment |
CN112272227A (en) * | 2020-10-22 | 2021-01-26 | 华侨大学 | Edge computing task scheduling method based on computation graph |
CN112272227B (en) * | 2020-10-22 | 2022-04-15 | 华侨大学 | Edge computing task scheduling method based on computation graph |
CN112738225A (en) * | 2020-12-29 | 2021-04-30 | 浙江经贸职业技术学院 | Edge calculation method based on artificial intelligence |
CN112769568A (en) * | 2021-01-29 | 2021-05-07 | 华中师范大学 | Security authentication communication system and method in fog computing environment and Internet of things equipment |
CN112769568B (en) * | 2021-01-29 | 2022-07-22 | 华中师范大学 | Security authentication communication system and method in fog computing environment and Internet of things equipment |
WO2022170654A1 (en) * | 2021-02-09 | 2022-08-18 | 山东大学 | Data encryption learning method suitable for dynamic distributed internet of things system |
CN113378187A (en) * | 2021-05-11 | 2021-09-10 | 广西电网有限责任公司电力科学研究院 | Intelligent power grid data query method and system based on Internet of things |
Also Published As
Publication number | Publication date |
---|---|
CN110213036B (en) | 2021-07-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110213036A (en) | Based on the storage of Internet of Things mist calculating-edge calculations secure data and calculation method | |
Zhu et al. | Privacy-preserving authentication and data aggregation for fog-based smart grid | |
Kong et al. | A practical group blind signature scheme for privacy protection in smart grid | |
Zhang et al. | FRUIT: A blockchain-based efficient and privacy-preserving quality-aware incentive scheme | |
De Cristofaro et al. | Participatory privacy: Enabling privacy in participatory sensing | |
Han et al. | PPM-HDA: privacy-preserving and multifunctional health data aggregation with fault tolerance | |
Okay et al. | A secure data aggregation protocol for fog computing based smart grids | |
Han et al. | A data sharing protocol to minimize security and privacy risks of cloud storage in big data era | |
Touati et al. | Collaborative kp-abe for cloud-based internet of things applications | |
Ma et al. | APPLET: A privacy-preserving framework for location-aware recommender system | |
Chae et al. | Enhanced secure device authentication algorithm in P2P-based smart farm system | |
CN108684018A (en) | 5G mMTC aggregation node module construction methods based on block chain | |
CN106506474A (en) | A kind of efficient traceable data sharing method based on mobile cloud environment | |
Baza et al. | Blockchain-based distributed key management approach tailored for smart grid | |
Said et al. | Light-weight secure aggregated data sharing in IoT-enabled wireless sensor networks | |
Hasan et al. | Encryption as a service for smart grid advanced metering infrastructure | |
CN109728904A (en) | A kind of spatial network querying method for protecting privacy | |
Khan et al. | Fog-enabled secure multiparty computation based aggregation scheme in smart grid | |
Koe et al. | Sender anonymity: Applying ring signature in gateway-based blockchain for IoT is not enough | |
Shen et al. | Hierarchical trust level evaluation for pervasive social networking | |
Meng et al. | Residual-adaptive key provisioning in quantum-key-distribution enhanced internet of things (q-iot) | |
Xiong et al. | Optimizing rewards allocation for privacy-preserving spatial crowdsourcing | |
Kakkar et al. | An analysis of integration of internet of things and cloud computing | |
CN107196918A (en) | A kind of method and apparatus of matched data | |
Palacios-Garcia et al. | Efficient privacy-preserving aggregation for demand side management of residential loads |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |