CN110213036A - Based on the storage of Internet of Things mist calculating-edge calculations secure data and calculation method - Google Patents

Based on the storage of Internet of Things mist calculating-edge calculations secure data and calculation method Download PDF

Info

Publication number
CN110213036A
CN110213036A CN201910521504.0A CN201910521504A CN110213036A CN 110213036 A CN110213036 A CN 110213036A CN 201910521504 A CN201910521504 A CN 201910521504A CN 110213036 A CN110213036 A CN 110213036A
Authority
CN
China
Prior art keywords
data
mist
calculating
module
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910521504.0A
Other languages
Chinese (zh)
Other versions
CN110213036B (en
Inventor
陈艳格
平源
兰雷
张永
马慧
李萌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Xuchang University
Original Assignee
Xidian University
Xuchang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University, Xuchang University filed Critical Xidian University
Priority to CN201910521504.0A priority Critical patent/CN110213036B/en
Publication of CN110213036A publication Critical patent/CN110213036A/en
Application granted granted Critical
Publication of CN110213036B publication Critical patent/CN110213036B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

The invention belongs to data storage and computing technique fields; it discloses a kind of based on the storage of Internet of Things mist calculating-edge calculations secure data and calculation method; localization ε difference privacy is realized by data acquisition module; and by realizing data encryption in mist node, the safety of local area data is protected;Data memory module realizes encryption data storage, protects privacy of the data on mist server;Data access module realizes data safety decryption, and protection data information security is shared;The distribution task of oneself is uploaded to scheduler by distribution module, can effectively protect the privacy of computing terminal;Meanwhile calculating task is decomposed by task processing module, and parallel computation is carried out to the multiple calculating subtasks decomposited.The present invention has ensured whole system data safety and data-privacy while improving the processing speed of calculating task.

Description

Based on the storage of Internet of Things mist calculating-edge calculations secure data and calculation method
Technical field
The invention belongs to data storage and computing technique fields, more particularly to one kind is based on Internet of Things mist calculating-edge The secure data of calculation stores and calculation method.
Background technique
Internet of Things is the important component of generation information technology, it is by radio frequency identification (RFID), infrared induction The information sensing devices such as device, global positioning system, laser scanner are connected any article with internet by the agreement of agreement It connects, carries out information exchange and communication, to realize a kind of net to the Weigh sensor of article, positioning, tracking, monitoring and management Network.
Currently, Internet of Things industry is established in core technology research and development and industrialization, key criterion research and formulation, industry chain (supply chain) Obtain remarkable effect with promoting etc. with the demonstration of perfect, major application, Internet of Things have become our times new round economy and " intelligent industrial, reading intelligent agriculture, Intelligent logistics, intelligence friendship are especially being greatly developed in one of strategic high ground of development in science and technology 9 big major fields Applied D emonstration engineerings of logical, smart grid, intelligent environment protection, intelligent security guard, intelligent medical, smart home ".
The development of intelligent industrial directly affects the development of national pillar industry, therefore, will using suitable technology of Internet of things As industrial information, networking, intelligence is realized, improve the management of enterprise, working environment reduces cost, promotes electricity Sub- product merges indispensable tool and means with communication, computer technology;It should ensure that industrial Internet of Things network and number simultaneously According to safety.
Edge calculations refer in the side close to object or data source header, using network, calculating, storage, application core ability The open platform being integrated provides most proximal end service nearby.Its application program is initiated in edge side, generates faster network service Response, meet industry real time business, using intelligence, security and privacy in terms of primary demand.Edge calculations are in Between physical entity and industry connection, or the top in physical entity.
Mist calculates the effect for more emphasizing edge device, and core concept is " intelligent front end ", i.e., in cloud layer and terminal One layer is added between mechanical floor, is called mist layer.Calculating, storage and the network communication services provided by mist layer, so that data Calculate, analysis and processing are more nearly user, to reduce the response delay and storage that internet of things service is handled by cloud layer Expense reduces the consumption to radio resource, reduces the energy consumption of terminal device, to extend its stand-by time or even energy It is enough to continue to provide the service of calculating in the region that no internet covers.
Mist calculating mainly has the characteristics that.
A) real-time interactive, more low time delay and energy consumption are supported.
B) lower bandwidth demand alleviates caused congestion when bulk device connection cloud.
C) distributed treatment of data reduces mass data storage demand.
D) device location accurately perceives, and supports larger range of mobility.
E) it supports isomerism, supports diversified isomery hardware and software device.
However, the randomness that privacy and calculating task cannot be protected to reach in existing edge calculations task assignment procedure;Together When, calculating task usually has very big data volume;When successively being calculated each sub- calculating task, can expend a large amount of Time.Therefore, the processing speed of existing mode, calculating task is slower.
In conclusion problem of the existing technology is:
The randomness that privacy and calculating task cannot be protected to reach in existing edge calculations task assignment procedure;It cannot be guaranteed that Information Security of the data in transmission process.Meanwhile calculating task usually has very big data volume;It is calculated to each height When task is successively calculated, it can take a substantial amount of time.Therefore, the processing speed of existing mode, calculating task is slower.
Summary of the invention
In view of the problems of the existing technology, the present invention provides a kind of based on Internet of Things mist calculating-edge calculations peace Totally according to storage and calculation method.
The invention is realized in this way it is a kind of by the mist of Internet of Things calculating-edge calculations secure data storage and based on The system of calculation includes:
Data acquisition module, main control module, data memory module, Data access module, distribution module, task handle mould Block, data computation module, security module, display module;
Data acquisition module is connect with main control module, is passed through at random for acquiring the data needed, and the data of acquisition Disturbing function carries out disturbance and realizes localization difference privacy, and the safety by realizing local area data in mist node encrytion;
Main control module handles mould with data acquisition module, data memory module, Data access module, distribution module, task Block, data computation module, security module, display module connection, for controlling modules operation element by central processing unit;
Data memory module is connect with main control module, for the data by the storage convergence of mist server;
Data access module is connect with main control module, for the data content by encryption retrieval request access convergence;
Distribution module is connect with main control module, distributes calculating task for the encryption key distribution algorithm by can verify that;
Task processing module is connect with main control module, for being handled by calculating task of the processing routine to distribution;
Data computation module is connect with main control module, for carrying out calculation processing to data;
Security module is connect with main control module, is carried out safety management and monitoring to data, is responsible for the access authority control of user System, data safety and authentication function protect data integrity and privacy;
Display module is connect with main control module, for the data by display display convergence.
Mist calculating-edge calculations secure data storage based on Internet of Things that another object of the present invention is to provide a kind of With the method for calculating.The following steps are included:
Step 1, the data needed by data collecting module collected, and the data of acquisition are passed through random forcing function It carries out disturbance and realizes localization difference privacy;
Step 2, the data that main control module is acquired by data memory module using the storage of mist server, and integrated Convergence;
Step 3 utilizes the data content of encryption retrieval request access convergence by Data access module;
Step 4 distributes calculating task using the encryption key distribution algorithm that can verify that by distribution module;
Step 5 is handled by task processing module using calculating task of the processing routine to distribution;Pass through data Computing module carries out calculation processing to data;By security module, safety management and monitoring are carried out to data, are responsible for the visit of user It asks permission control, data safety and authentication function, protects data integrity and privacy;
Step 6 passes through the data of display module display display convergence.
Further, 1 acquisition method of data acquisition module is as follows:
Firstly, in the same region of Internet of Things edge sensor, the information that each sensor node acquisition needs, shape At the data set of oneself node, data are transferred to mist node after locally disturbance.In the data set M of acquisition, sampling is used Typical algorithm disturbs data, to realize localization difference privacy, guarantees the safety of local data.
Comprise the concrete steps that: data are divided into K parts by the data set for choosing acquisition, are made to every part of data run query function f To query result f (d1),f(d2),…,f(dK), wherein d is selection type.To query result addition random response algorithm (containing disturbing Dynamic and correction course), disturbance statistical result y is obtained, realizes localization ε difference privacy.Local disturbance statistic algorithm πGRR(a) public Formula is as follows:
Wherein ε is secret protection budget, and P is probability, and e is constant, a ∈ M.
Secondly, by the same region K neighbour user or mist node anonymous from group constitute neighbor group;Then, it hides for K Disturbance of data is carried out between name user or mist node and by data in mist node encrytion, processed data pass through the cluster node in group The encrypted data transmission after disturbance to mist server, mist server operation correction τGRR(a), formula is obtained:
I is hits, and j is integer, and Q is reversed probability, and u is node number;
Finally, multiple users or node are transferred to data with the method for secret protection of same Ad hoc from group K anonymity Data storage is carried out in mist server.As shown in Figure 3.
Further, the data memory module storage method is as follows:
Mist node generates relevant parameter information, and the noisy data of mist node encrytion acquisition generates C=Enc (pk, m, r), hair Give mist server;The Encryption Algorithm used is paillier public key cryptography scheme.Specific ciphering process is as follows:
Key generation process:
KeyGen(1λ) → (n, p, q): selection two Big primes p, q calculate n=pq, make to meet security parameter: λ=lcm [(p-1),(q-1)];Wherein lcm is least common multiple.G belongs toRandom integers make to meet L (x)=(x-1)/n;It is wherein public Opening key is (n, g), and private key is (p, q);
Ciphering process:
M is clear-text message, and r is random number, and C is the ciphertext of message m, then
C=gmrnmodn2 (3)
For needing to calculate the data obtained by homomorphism, the homomorphic algorithm of use is as follows:
?In give clear-text message m1,m2, as two ciphertext C1、C2When addition, wherein setting C1It is E (m1,r1),C2For E (m2,r2).The result that then ciphertext adds keeps isomorphism are as follows:
Cadd=E (m1,r1)E(m2,r2)mod n2=E (m1+m2,r1r2) (4)
With the increase of the storing data on mist server, data size is increasing, and insufficient space problem is increasing, Mist server realizes the storage service of data by clearing up useless data or transfer data.
Further, the Data access module access method is as follows:
(1) if the storage that mist node or user access the data on mist server or obtain by multi-party computations Calculating data, these nodes or user encrypt the relevant information and retrieval content of oneself first, then send out the information of encryption It is sent on mist server and accesses;
(2) result of inquiry is sent to accessed node by mist server, and accessed node utilizes own private key sk2, to inquiry Encryption data be decrypted, obtain clear data;Specific decryption method are as follows:
1) to ciphertext C (C < n2) when operation is decrypted, the decryption method of the ciphertext of single plaintext are as follows:
The decryption method that homomorphism adds are as follows:
D(C1C2modn2)=m1+m2mod n (6)
The decryption side rule multiplied for homomorphism is specific as follows according to the property that multiplies of pailliar encipherment scheme:
Further, the data computation module calculation method is as follows:
(1) the mist node in the same area carries out simple data processing;
(2) it for complicated calculating, is carried out by the multi-party calculations incorporated homomorphic cryptography of distributed security, multiple nodes are simultaneously It participates in calculating, encryption data is encrypted with random number in each node interactive process, reveal data handling procedure will not Any original contents;Share scheme using key, secret is divided into multiple secret information s that are mutually related by senderi, wherein si Belong to1≤i≤N, z are the prime numbers bigger than N, select t-1 element, are labeled as { a1,...,at-1, then be distributed in group T-1 member:
Wherein a0=s,
(3) each mist node utilizes ignorant pseudo random number Rk(xi) calculate oneself random share;
Wherein k is (z, g, m, a0,a1,…,at), it is the information of regular length;W is prime number, a0,a1,…,atBelong to
A is calculated according to lagrange polynomiali(x), the design factor of the mist node in Internet of Things are as follows:
Then the calculated value y (x of Internet of Things mist node is obtainedi), formula is as follows:
(4) when the user or node for possessing key are to processed data y (xi) it is respectively transmitted to mist server, mist service Device stores the result f (x) of multi-party computations, and f (x) is as follows:
Further, the task processing module processing method is as follows:
Firstly, setting chain task container, realizes task link by Hash double linked list;
Secondly, receiving the calculating task that exterior terminal equipment is sent;
Then, the calculating task is decomposed at least two sub- calculating tasks;
Finally, carrying out parallel computation to the subtask after decomposition according to chain task container, calculating task requirement is obtained Calculated result.
Another object of the present invention is to provide mist calculating-edge calculations safety described in a kind of realize based on Internet of Things The computer program of data storage and the method calculated.
Another object of the present invention is to provide mist calculating-edge calculations safety described in a kind of realize based on Internet of Things The information data processing terminal of data storage and the method calculated.
Another object of the present invention is to provide a kind of computer readable storage mediums, including instruction, when it is in computer When upper operation, so that computer executes the storage of mist calculating-edge calculations secure data and calculating based on Internet of Things Method.
Another object of the present invention is to provide mist calculating-edge calculations safety described in a kind of carrying based on Internet of Things Mist calculating-edge calculations platform of the Internet of Things of data storage and the system calculated.
Advantages of the present invention and good effect are as follows:
The present invention realizes localization ε difference privacy by data acquisition module, protects the safety of local acquisition data;Number Data encryption storage is realized according to memory module, protects data-privacy of the data on mist server and mist node;Data access mould Block realizes data safety decryption, and protection data information security is shared;The encryption key distribution algorithm that data computation module application can verify that Homomorphism parallel computation is carried out, and is calculated by Secure and realizes that multiparty collaboration calculates, ensures peace of the data in calculating process Entirely.The present invention realizes the disturbance of data between regional nodes between K anonymous or node by building neck near field simultaneously, protects Hinder the data-privacy of local zone.
Therefore, the present invention the processing speed for improving calculating task simultaneously, while substantially increasing Internet of Things majority scene Under data safety and data privacy concern.
Detailed description of the invention
Fig. 1 be it is provided in an embodiment of the present invention by the mist of Internet of Things calculating-edge calculations secure data storage and based on The method flow diagram of calculation.
Fig. 2 be it is provided in an embodiment of the present invention by the mist of Internet of Things calculating-edge calculations secure data storage and based on The system structure diagram of calculation.
Fig. 3 is data convergence storage figure provided in an embodiment of the present invention.
Fig. 4 is data calculating figure provided in an embodiment of the present invention.
In Fig. 2: 1, data acquisition module;2, main control module;3, data memory module;4, Data access module;5, it distributes Module;6, task processing module;7, data computation module;8, security module;9, display module.
Specific embodiment
In order to further understand the content, features and effects of the present invention, the following examples are hereby given, and cooperate attached drawing Detailed description are as follows.
Structure of the invention is explained in detail with reference to the accompanying drawing.
As shown in Figure 1, the storage of mist calculating-edge calculations secure data and calculating provided by the invention based on Internet of Things Method the following steps are included:
S101, by data collecting module collected need data, and the data of acquisition by random forcing function into Localization difference privacy, and the safety by realizing local area data in mist node encrytion are realized in row disturbance;
S102, main control module utilize the data of mist server storage convergence by data memory module;
S103 utilizes the data content of encryption retrieval request access convergence by Data access module;
S104 distributes calculating task using the encryption key distribution algorithm that can verify that by distribution module;
S105 is handled by task processing module using calculating task of the processing routine to distribution;Pass through data meter It calculates module and calculation processing is carried out to data;By security module, safety management and monitoring are carried out to data, are responsible for the access of user Permission control, data safety and authentication function, protect data integrity and privacy;
S106 passes through the data of display module display display convergence.
As shown in Fig. 2, the storage of mist calculating-edge calculations secure data and calculating provided by the invention based on Internet of Things System include: data acquisition module 1, main control module 2, data memory module 3, Data access module 4, distribution module 5, task Processing module 6, data computation module 7, security module 8, display module 9.
Data acquisition module 1 is connect with main control module 2, for acquire need data, and the data of acquisition by with Machine disturbing function carries out disturbance and realizes localization difference privacy;
Main control module 2, with data acquisition module 1, data memory module 3, Data access module 4, distribution module 5, task Processing module 6, data computation module 7, security module 8, display module 9 connect, for controlling each mould by central processing unit Block operation element;
Data memory module 3 is connect with main control module 2, for the data by the storage convergence of mist server;
Data access module 4 is connect with main control module 2, for the data content by encryption retrieval request access convergence;
Distribution module 5 is connect with main control module 2, for by can verify that encryption key distribution algorithm distributes calculating task;
Task processing module 6 is connect with main control module 2, for by processing routine to the calculating task of distribution at Reason;
Data computation module 7 is connect with main control module 2, for carrying out calculation processing to data;
Display module 8 is connect with main control module 2, for the data by display display convergence.
1 acquisition method of data acquisition module provided by the invention is as follows:
Firstly, in the same region of Internet of Things edge sensor, the information that each sensor node acquisition needs, shape At the data set of oneself node, data are transferred to mist node after locally disturbance.In the data set M of acquisition, sampling is used Typical algorithm disturbs data, to realize localization difference privacy, guarantees the safety of local data.
Comprise the concrete steps that: data are divided into K parts by the data set for choosing acquisition, are made to every part of data run query function f To query result f (d1),f(d2),…,f(dK), wherein d is selection type.To query result addition random response algorithm (containing disturbing Dynamic and correction course), disturbance statistical result y is obtained, realizes localization ε difference privacy.Local disturbance statistic algorithm πGRR(a) public Formula is as follows:
Wherein ε is secret protection budget, and P is probability, and e is constant, a ∈ M.
Secondly, by the same region K neighbour user or mist node anonymous from group constitute neighbor group;Then, it hides for K Disturbance of data is carried out between name user or mist node and by data in mist node encrytion, processed data pass through the cluster node in group The encrypted data transmission after disturbance to mist server, mist server operation correction τGRR(a), formula is obtained:
I is hits, and j is integer, and Q is reversed probability, and u is node number;
Finally, multiple users or node are transferred to data with the method for secret protection of same Ad hoc from group K anonymity Data storage is carried out in mist server.As shown in Figure 3.
3 storage method of data memory module provided by the invention is as follows:
Mist node generates relevant parameter information, and the noisy data of mist node encrytion acquisition generates C=Enc (pk, m, r), hair Give mist server;The Encryption Algorithm used is paillier public key cryptography scheme.Specific ciphering process is as follows:
Key generation process:
KeyGen(1λ) → (n, p, q): selection two Big primes p, q calculate n=pq, make to meet security parameter: λ=lcm [(p-1),(q-1)];Wherein lcm is least common multiple.G belongs to Zn * 2Random integers make to meet L (x)=(x-1)/n;It is wherein public Opening key is (n, g), and private key is (p, q);
Ciphering process:
M is clear-text message, and r is random number, and C is the ciphertext of message m, then
C=gmrnmod n2 (3)
For needing to calculate the data obtained by homomorphism, the homomorphic algorithm of use is as follows:
?In give clear-text message m1,m2, as two ciphertext C1、C2When addition, wherein setting C1It is E (m1,r1),C2For E (m2,r2).The result that then ciphertext adds keeps isomorphism are as follows:
Cadd=E (m1,r1)E(m2,r2)mod n2=E (m1+m2,r1r2) (4)
With the increase of the storing data on mist server, data size is increasing, and insufficient space problem is increasing, Mist server realizes the storage service of data by clearing up useless data or transfer data.
4 access method of Data access module provided by the invention is as follows:
(1) if the storage that mist node or user access the data on mist server or obtain by multi-party computations Calculating data, these nodes or user encrypt the relevant information and retrieval content of oneself first, then send out the information of encryption It is sent on mist server and accesses;
(2) result of inquiry is sent to accessed node by mist server, and accessed node utilizes own private key sk2, to inquiry Encryption data be decrypted, obtain clear data;Specific decryption method are as follows:
1) to ciphertext C (C < n2) when operation is decrypted, the decryption method of the ciphertext of single plaintext are as follows:
The decryption method that homomorphism adds are as follows:
D(C1C2modn2)=m1+m2mod n (6)
The decryption side rule multiplied for homomorphism is specific as follows according to the property that multiplies of pailliar encipherment scheme:
As shown in figure 4,7 calculation method of data computation module provided by the invention is as follows:
(1) the mist node in the same area carries out simple data processing;
(2) it for complicated calculating, is carried out by the multi-party calculations incorporated homomorphic cryptography of distributed security, multiple nodes are simultaneously It participates in calculating, encryption data is encrypted with random number in each node interactive process, reveal data handling procedure will not Any original contents;Share scheme using key, secret is divided into multiple secret information s that are mutually related by senderi, wherein si Belong to1≤i≤N, z are the prime numbers bigger than N, select t-1 element, are labeled as { a1,...,at-1, then be distributed in group T-1 member:
Wherein a0=s,
(3) each mist node utilizes ignorant pseudo random number Rk(xi) calculate oneself random share;
Wherein k is (z, g, m, a0,a1,…,at), it is the information of regular length;W is prime number, a0,a1,…,atBelong to
A is calculated according to lagrange polynomiali(x), the design factor of the mist node in Internet of Things are as follows:
Then the calculated value y (x of Internet of Things mist node is obtainedi), formula is as follows:
(4) when the user or node for possessing key are to processed data y (xi) it is respectively transmitted to mist server, mist service Device stores the result f (x) of multi-party computations, and f (x) is as follows:
5 distribution method of distribution module provided by the invention is as follows:
In distribution module, input, output data quantity, CPU calculating cycle number that scheduler dispatches need to distribute etc. are appointed Be engaged in information, after having computing terminal reception, computing terminal according to distribution task, energy consumption, the submodels such as cost estimation calculate cost and Determine distribution task, then for computing terminal to scheduler application task, scheduler receives each computing terminal in the same region After task, distribution task realizes secret point to each computing terminal after planning distribution again by preset Task Assignment Model Enjoy, homomorphism calculate etc. task computations, keep the sum of task of each task optimal.
6 processing method of task processing module provided by the invention is as follows:
Firstly, setting chain task container, realizes task link by Hash double linked list;
Secondly, receiving the calculating task that exterior terminal equipment is sent;
Then, the calculating task is decomposed at least two sub- calculating tasks;
Finally, carrying out parallel computation to the subtask after decomposition according to chain task container, calculating task requirement is obtained Calculated result.
The above is only the preferred embodiments of the present invention, and is not intended to limit the present invention in any form, Any simple modification made to the above embodiment according to the technical essence of the invention, equivalent variations and modification, belong to In the range of technical solution of the present invention.

Claims (11)

1. a kind of method of mist calculating-edge calculations secure data storage and calculating based on Internet of Things, which is characterized in that institute State based on Internet of Things mist calculating-edge calculations secure data storage and calculate method the following steps are included:
Step 1, the data needed by data collecting module collected, and the data of acquisition are carried out by random forcing function Localization difference privacy, and the safety by realizing local area data in mist node encrytion are realized in disturbance;
Step 2, main control module is by data memory module using mist server storage acquisition by processing (disturbance, encryption) Data, and carry out integration convergence;
Step 3 utilizes the data content of encryption retrieval request access convergence by Data access module;
Step 4 distributes calculating task using the encryption key distribution algorithm that can verify that by distribution module;
Step 5 is handled by task processing module using calculating task of the processing routine to distribution;It is calculated by data Module carries out calculation processing to data;By security module, safety management and monitoring are carried out to data, are responsible for the access right of user Limit control, data safety and authentication function, protect data integrity and privacy;
Step 6 passes through the data of display module display display convergence.
2. the method for mist calculating-edge calculations secure data storage and calculating based on Internet of Things as described in claim 1, It is characterized in that, data collecting module collected and processing method include:
Firstly, in the same region of Internet of Things edge sensor, the information that each sensor node acquisition needs is formed certainly Data are transferred to mist node after locally disturbance by the data set of own node.It is typical using sampling in the data set M of acquisition Algorithm disturbs data, to realize localization difference privacy, guarantees the safety of local data.
Comprise the concrete steps that: data are divided into K parts by the data set for choosing acquisition, make to be looked into every part of data run query function f Ask result f (d1),f(d2),…,f(dK), wherein d is selection type.To query result addition random response algorithm (containing disturbance and Correction course), disturbance statistical result y is obtained, realizes localization ε difference privacy.Local disturbance statistic algorithm πGRR(a) formula is such as Under:
Wherein ε is secret protection budget, and P is probability, and e is constant, a ∈ M.
Secondly, by the same region K neighbour user or mist node anonymous from group constitute neighbor group;Then, K anonymous use Disturbance of data is carried out between family or mist node and by data in mist node encrytion, processed data are disturbed by the cluster node handle in group For encrypted data transmission after dynamic to mist server, mist server, which is run, corrects τGRR(a), formula is obtained:
I is hits, and j is integer, and Q is reversed probability, and u is node number;
Finally, data are transferred to mist clothes from the method for secret protection of group K anonymity with same Ad hoc by multiple users or node It is engaged in carrying out data storage in device.
3. the method for mist calculating-edge calculations secure data storage and calculating based on Internet of Things as described in claim 1, It is characterized in that, data memory module storage method includes:
Mist node generates relevant parameter information, and the noisy data of mist node encrytion acquisition generates C=Enc (pk, m, r), is sent to Mist server;The Encryption Algorithm used is paillier public key cryptography scheme.Specific ciphering process is as follows:
Key generation process:
KeyGen(1λ) → (n, p, q): selection two Big primes p, q calculate n=pq, make to meet security parameter: λ=lcm [(p- 1),(q-1)];Wherein lcm is least common multiple.G belongs toRandom integers make to meet L (x)=(x-1)/n;Key is wherein disclosed For (n, g), private key is (p, q);
Ciphering process:
M is clear-text message, and r is random number, and C is the ciphertext of message m, then
C=gmrnmodn2 (3)
For needing to calculate the data obtained by homomorphism, the homomorphic algorithm of use is as follows:
?In give clear-text message m1,m2, as two ciphertext C1、C2When addition, wherein setting C1It is E (m1,r1),C2For E (m2, r2).The result that then ciphertext adds keeps isomorphism are as follows:
Cadd=E (m1,r1)E(m2,r2)modn2=E (m1+m2,r1r2) (4)
With the increase of the storing data on mist server, data size is increasing, and insufficient space problem is increasing, mist clothes Business device realizes the storage service of data by clearing up useless data or transfer data.
4. the method for mist calculating-edge calculations secure data storage and calculating based on Internet of Things as described in claim 1, It is characterized in that, Data access module access method includes:
(1) if mist node or user access the data on mist server or the meter of the storage obtained by multi-party computations Count evidence, these nodes or user encrypt the relevant information of oneself first and retrieve content, then sends encrypted information to It accesses on mist server;
(2) result of inquiry is sent to accessed node by mist server, and accessed node utilizes own private key sk2, encryption to inquiry Data are decrypted, and obtain clear data;Specific decryption method are as follows:
1) to ciphertext C (C < n2) when operation is decrypted, the decryption method of the ciphertext of single plaintext are as follows:
The decryption method that homomorphism adds are as follows:
D(C1C2modn2)=m1+m2modn (6)
The decryption side rule multiplied for homomorphism is specific as follows according to the property that multiplies of pailliar encipherment scheme:
5. the method for mist calculating-edge calculations secure data storage and calculating based on Internet of Things as described in claim 1, It is characterized in that, data computation module calculation method includes:
(1) the mist node in the same area carries out simple data processing;
(2) it for complicated calculating, is carried out by the multi-party calculations incorporated homomorphic cryptography of distributed security, multiple nodes simultaneously participate in It calculates, encryption data is encrypted with random number in each node interactive process, reveal data handling procedure will not any Original contents;Share scheme using key, secret is divided into multiple secret information s that are mutually related by senderi, wherein siBelong to1≤i≤N, z are the prime numbers bigger than N, select t-1 element, are labeled as { a1,...,at-1, then the t-1 being distributed in group A member:
Wherein a0=s,
(3) each mist node utilizes ignorant pseudo random number Rk(xi) calculate oneself random share;
Wherein k is (z, g, m, a0,a1,…,at), it is the information of regular length;W is prime number, a0,a1,…,atBelong to
A is calculated according to lagrange polynomiali(x), the design factor of the mist node in Internet of Things are as follows:
Then the calculated value y (x of Internet of Things mist node is obtainedi), formula is as follows:
(4) when the user or node for possessing key are to processed data y (xi) it is respectively transmitted to mist server, mist server is deposited The result f (x) of multi-party computations is stored up, f (x) is as follows:
6. the method for mist calculating-edge calculations secure data storage and calculating based on Internet of Things as described in claim 1, It is characterized in that, task processing module processing method includes:
Firstly, setting chain task container, realizes task link by Hash double linked list;
Secondly, receiving the calculating task that exterior terminal equipment is sent;
Then, the calculating task is decomposed at least two sub- calculating tasks;
Finally, carrying out parallel computation to the subtask after decomposition according to chain task container, the calculating of calculating task requirement is obtained As a result.
7. a kind of realize that the calculating of the mist described in Claims 1 to 5 any one based on Internet of Things-edge calculations secure data is deposited The computer program of storage and the method calculated.
8. a kind of realize that the calculating of the mist described in Claims 1 to 5 any one based on Internet of Things-edge calculations secure data is deposited The information data processing terminal of storage and the method calculated.
9. a kind of computer readable storage medium, including instruction, when run on a computer, so that computer is executed as weighed The method that benefit requires mist calculating-edge calculations secure data described in 1-5 any one based on Internet of Things to store and calculate.
10. a kind of system of mist calculating-edge calculations secure data storage and calculating based on Internet of Things, which is characterized in that Mist calculating-edge calculations secure data based on Internet of Things stores and the system and method system of calculating includes:
Data acquisition module is connect with main control module, for acquiring the data needed, and the data of acquisition is passed through random perturbation Function carries out disturbance and realizes localization difference privacy;
Main control module, with data acquisition module, data memory module, Data access module, distribution module, task processing module, Data computation module, security module, display module connection, for controlling modules operation element by central processing unit;
Data memory module is connect with main control module, for the data by the storage convergence of mist server;
Data access module is connect with main control module, for the data content by encryption retrieval request access convergence;
Distribution module is connect with main control module, distributes calculating task for the encryption key distribution algorithm by can verify that;
Task processing module is connect with main control module, for being handled by calculating task of the processing routine to distribution;
Data computation module is connect with main control module, for carrying out calculation processing to data;
Security module is connect with main control module, for carrying out safety management and monitoring to data, is responsible for the access authority control of user System, data safety and authentication function protect data integrity and privacy;
Display module is connect with main control module, for the data by display display convergence.
What 11. a kind of mist calculating-edge calculations secure data carried described in claim 9 based on Internet of Things was stored and was calculated Internet of Things mist calculating-edge calculations platform of system.
CN201910521504.0A 2019-06-17 2019-06-17 Safe data storage and calculation method based on fog calculation-edge calculation of Internet of things Active CN110213036B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910521504.0A CN110213036B (en) 2019-06-17 2019-06-17 Safe data storage and calculation method based on fog calculation-edge calculation of Internet of things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910521504.0A CN110213036B (en) 2019-06-17 2019-06-17 Safe data storage and calculation method based on fog calculation-edge calculation of Internet of things

Publications (2)

Publication Number Publication Date
CN110213036A true CN110213036A (en) 2019-09-06
CN110213036B CN110213036B (en) 2021-07-06

Family

ID=67792899

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910521504.0A Active CN110213036B (en) 2019-06-17 2019-06-17 Safe data storage and calculation method based on fog calculation-edge calculation of Internet of things

Country Status (1)

Country Link
CN (1) CN110213036B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111381545A (en) * 2020-04-03 2020-07-07 北京奥德威特电力科技股份有限公司 Protection measurement and control intelligent terminal based on edge calculation
CN111641614A (en) * 2020-05-20 2020-09-08 郝鹏 Communication data processing method based on block chain and cloud computing and edge computing platform
CN111737011A (en) * 2020-07-31 2020-10-02 支付宝(杭州)信息技术有限公司 Method and device for realizing secure multi-party computation
CN111832044A (en) * 2020-06-30 2020-10-27 中国船舶重工集团公司第七一六研究所 Safe collaborative computing processing method and system
CN112182644A (en) * 2020-09-11 2021-01-05 华控清交信息科技(北京)有限公司 Data processing method and device and electronic equipment
CN112272227A (en) * 2020-10-22 2021-01-26 华侨大学 Edge computing task scheduling method based on computation graph
CN112511576A (en) * 2019-09-16 2021-03-16 触景无限科技(北京)有限公司 Internet of things data processing system and data processing method
CN112738225A (en) * 2020-12-29 2021-04-30 浙江经贸职业技术学院 Edge calculation method based on artificial intelligence
CN112769568A (en) * 2021-01-29 2021-05-07 华中师范大学 Security authentication communication system and method in fog computing environment and Internet of things equipment
CN113378187A (en) * 2021-05-11 2021-09-10 广西电网有限责任公司电力科学研究院 Intelligent power grid data query method and system based on Internet of things
WO2022170654A1 (en) * 2021-02-09 2022-08-18 山东大学 Data encryption learning method suitable for dynamic distributed internet of things system

Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105262587A (en) * 2015-10-30 2016-01-20 西安电子科技大学 Group key distribution method for machine-type communication based on proxy re-encryption
CN106357395A (en) * 2016-09-13 2017-01-25 深圳大学 Outsourcing access control method and system aiming at fog computing
US20170337091A1 (en) * 2016-05-17 2017-11-23 International Business Machines Corporation Allocating compute offload resources
CN107493268A (en) * 2017-07-27 2017-12-19 华中科技大学 A kind of difference method for secret protection based on front position vector
CN107947913A (en) * 2017-11-15 2018-04-20 武汉大学 The anonymous authentication method and system of a kind of identity-based
CN107968780A (en) * 2017-11-20 2018-04-27 上海海事大学 A kind of method for secret protection of mobile cloud storage shared data
CN108521329A (en) * 2018-03-23 2018-09-11 华东师范大学 Dynamic security channel establishing method in mist system
CN108684038A (en) * 2018-05-14 2018-10-19 华侨大学 The hiding data attack detection method that mechanism is evaluated with hierarchical trust is calculated based on mist
US20190044761A1 (en) * 2017-09-11 2019-02-07 Yongjun KWAK Initialization of pseudo noise sequences for reference signals and data scrambling
US20190053064A1 (en) * 2017-10-16 2019-02-14 Huaning Niu Multi-carrier operation for enhanced machine type communications in unlicensed medium (emtc-u)
CN109495476A (en) * 2018-11-19 2019-03-19 中南大学 A kind of data flow difference method for secret protection and system based on edge calculations
CN109523611A (en) * 2018-11-28 2019-03-26 百度在线网络技术(北京)有限公司 Identifying code Picture Generation Method and device
CN109617947A (en) * 2018-11-07 2019-04-12 重庆光电信息研究院有限公司 The heterologous Internet of Things edge calculations system and method in city being arranged according to management category
US20190138294A1 (en) * 2018-10-16 2019-05-09 Ned M. Smith Attestation manifest derivation and distribution using software update image
US20190146931A1 (en) * 2017-11-16 2019-05-16 Micron Technology, Inc. Namespace encryption in non-volatile memory devices

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105262587A (en) * 2015-10-30 2016-01-20 西安电子科技大学 Group key distribution method for machine-type communication based on proxy re-encryption
US20170337091A1 (en) * 2016-05-17 2017-11-23 International Business Machines Corporation Allocating compute offload resources
CN106357395A (en) * 2016-09-13 2017-01-25 深圳大学 Outsourcing access control method and system aiming at fog computing
CN107493268A (en) * 2017-07-27 2017-12-19 华中科技大学 A kind of difference method for secret protection based on front position vector
US20190044761A1 (en) * 2017-09-11 2019-02-07 Yongjun KWAK Initialization of pseudo noise sequences for reference signals and data scrambling
US20190053064A1 (en) * 2017-10-16 2019-02-14 Huaning Niu Multi-carrier operation for enhanced machine type communications in unlicensed medium (emtc-u)
CN107947913A (en) * 2017-11-15 2018-04-20 武汉大学 The anonymous authentication method and system of a kind of identity-based
US20190146931A1 (en) * 2017-11-16 2019-05-16 Micron Technology, Inc. Namespace encryption in non-volatile memory devices
CN107968780A (en) * 2017-11-20 2018-04-27 上海海事大学 A kind of method for secret protection of mobile cloud storage shared data
CN108521329A (en) * 2018-03-23 2018-09-11 华东师范大学 Dynamic security channel establishing method in mist system
CN108684038A (en) * 2018-05-14 2018-10-19 华侨大学 The hiding data attack detection method that mechanism is evaluated with hierarchical trust is calculated based on mist
US20190138294A1 (en) * 2018-10-16 2019-05-09 Ned M. Smith Attestation manifest derivation and distribution using software update image
CN109617947A (en) * 2018-11-07 2019-04-12 重庆光电信息研究院有限公司 The heterologous Internet of Things edge calculations system and method in city being arranged according to management category
CN109495476A (en) * 2018-11-19 2019-03-19 中南大学 A kind of data flow difference method for secret protection and system based on edge calculations
CN109523611A (en) * 2018-11-28 2019-03-26 百度在线网络技术(北京)有限公司 Identifying code Picture Generation Method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
SIGUANG CHEN ECT.: "Fog Computing Assisted Efficient Privacy Preserving Data Collection for Big Sensory Data", 《IEEE》 *
邓晓衡等: "基于综合信任的边缘计算资源协同研究", 《计算机研究与发展》 *

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112511576A (en) * 2019-09-16 2021-03-16 触景无限科技(北京)有限公司 Internet of things data processing system and data processing method
CN111381545A (en) * 2020-04-03 2020-07-07 北京奥德威特电力科技股份有限公司 Protection measurement and control intelligent terminal based on edge calculation
CN111641614A (en) * 2020-05-20 2020-09-08 郝鹏 Communication data processing method based on block chain and cloud computing and edge computing platform
CN111832044A (en) * 2020-06-30 2020-10-27 中国船舶重工集团公司第七一六研究所 Safe collaborative computing processing method and system
CN111737011A (en) * 2020-07-31 2020-10-02 支付宝(杭州)信息技术有限公司 Method and device for realizing secure multi-party computation
CN112182644A (en) * 2020-09-11 2021-01-05 华控清交信息科技(北京)有限公司 Data processing method and device and electronic equipment
CN112182644B (en) * 2020-09-11 2023-05-12 华控清交信息科技(北京)有限公司 Data processing method and device and electronic equipment
CN112272227A (en) * 2020-10-22 2021-01-26 华侨大学 Edge computing task scheduling method based on computation graph
CN112272227B (en) * 2020-10-22 2022-04-15 华侨大学 Edge computing task scheduling method based on computation graph
CN112738225A (en) * 2020-12-29 2021-04-30 浙江经贸职业技术学院 Edge calculation method based on artificial intelligence
CN112769568A (en) * 2021-01-29 2021-05-07 华中师范大学 Security authentication communication system and method in fog computing environment and Internet of things equipment
CN112769568B (en) * 2021-01-29 2022-07-22 华中师范大学 Security authentication communication system and method in fog computing environment and Internet of things equipment
WO2022170654A1 (en) * 2021-02-09 2022-08-18 山东大学 Data encryption learning method suitable for dynamic distributed internet of things system
CN113378187A (en) * 2021-05-11 2021-09-10 广西电网有限责任公司电力科学研究院 Intelligent power grid data query method and system based on Internet of things

Also Published As

Publication number Publication date
CN110213036B (en) 2021-07-06

Similar Documents

Publication Publication Date Title
CN110213036A (en) Based on the storage of Internet of Things mist calculating-edge calculations secure data and calculation method
Zhu et al. Privacy-preserving authentication and data aggregation for fog-based smart grid
Kong et al. A practical group blind signature scheme for privacy protection in smart grid
Zhang et al. FRUIT: A blockchain-based efficient and privacy-preserving quality-aware incentive scheme
De Cristofaro et al. Participatory privacy: Enabling privacy in participatory sensing
Han et al. PPM-HDA: privacy-preserving and multifunctional health data aggregation with fault tolerance
Okay et al. A secure data aggregation protocol for fog computing based smart grids
Han et al. A data sharing protocol to minimize security and privacy risks of cloud storage in big data era
Touati et al. Collaborative kp-abe for cloud-based internet of things applications
Ma et al. APPLET: A privacy-preserving framework for location-aware recommender system
Chae et al. Enhanced secure device authentication algorithm in P2P-based smart farm system
CN108684018A (en) 5G mMTC aggregation node module construction methods based on block chain
CN106506474A (en) A kind of efficient traceable data sharing method based on mobile cloud environment
Baza et al. Blockchain-based distributed key management approach tailored for smart grid
Said et al. Light-weight secure aggregated data sharing in IoT-enabled wireless sensor networks
Hasan et al. Encryption as a service for smart grid advanced metering infrastructure
CN109728904A (en) A kind of spatial network querying method for protecting privacy
Khan et al. Fog-enabled secure multiparty computation based aggregation scheme in smart grid
Koe et al. Sender anonymity: Applying ring signature in gateway-based blockchain for IoT is not enough
Shen et al. Hierarchical trust level evaluation for pervasive social networking
Meng et al. Residual-adaptive key provisioning in quantum-key-distribution enhanced internet of things (q-iot)
Xiong et al. Optimizing rewards allocation for privacy-preserving spatial crowdsourcing
Kakkar et al. An analysis of integration of internet of things and cloud computing
CN107196918A (en) A kind of method and apparatus of matched data
Palacios-Garcia et al. Efficient privacy-preserving aggregation for demand side management of residential loads

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant