CN110866284A

CN110866284A - Data fusion processing method, device and system based on privacy data protection

Info

Publication number: CN110866284A
Application number: CN202010048806.3A
Authority: CN
Inventors: 杨耀; 陈凌; 刘磊
Original assignee: Alipay Hangzhou Information Technology Co Ltd
Current assignee: Alipay Hangzhou Information Technology Co Ltd
Priority date: 2020-01-16
Filing date: 2020-01-16
Publication date: 2020-03-06

Abstract

The embodiment of the specification provides a data fusion processing method, a device and a system based on privacy data protection, wherein the method comprises the following steps: the method comprises the steps that a first processing node receives scrambled privacy data which are sent by a plurality of data nodes and are related to a target user, and the scrambled privacy data are obtained after being scrambled based on the privacy data which are related to the target user and scrambling parameters in the data nodes; the first processing node performs data fusion processing based on the scrambled privacy data to obtain scrambled target data of a target user, and sends the scrambled target data to the second processing node so that the second processing node descrambles the scrambled target data; the second processing node receives scrambling parameters which are sent by the data nodes and correspond to the scrambled privacy data, and cannot acquire the scrambled privacy data of the target user; and when the scrambled target data is descrambled, descrambling is carried out based on the scrambling parameters to obtain the target data of the target user.

Description

Data fusion processing method, device and system based on privacy data protection

Technical Field

The present disclosure relates to the field of computer technologies, and in particular, to a method, an apparatus, and a system for data fusion processing based on private data protection.

Background

With the advent of the big data age, data sharing has become a trend. In general, when data sharing is performed, a plurality of nodes may share respective data to a central node, and the central node may process the data to obtain target data.

However, in the case that the shared data is private data, after the plurality of nodes share the private data to the central node, the private data of the plurality of nodes is transparent for the central node, so that there is a risk that the private data of the plurality of nodes is leaked at the central node, thereby affecting the security of the private data of the plurality of nodes.

Disclosure of Invention

The embodiment of the specification provides a data fusion processing method, device and system based on private data protection, which are used for solving the problem that when a plurality of nodes share private data to a central node for processing, the private data of the plurality of nodes are leaked at the central node.

In order to solve the above technical problem, the embodiments of the present specification are implemented as follows:

in a first aspect, a data fusion processing method based on privacy data protection is provided, including:

a first processing node receives scrambled privacy data about a target user, which are sent by a plurality of data nodes, wherein the scrambled privacy data are obtained by scrambling based on the privacy data about the target user in the data nodes and scrambling parameters;

the first processing node performs data fusion processing based on the scrambled private data to obtain scrambled target data of the target user;

the first processing node sends the scrambled target data to a second processing node;

the second processing node receives scrambling parameters which are sent by the data nodes and correspond to the scrambled privacy data, and the second processing node cannot acquire the scrambled privacy data;

and the second processing node descrambles the scrambled target data based on the scrambling parameter to obtain the target data of the target user.

In a second aspect, a data fusion processing method based on privacy data protection is provided, which is applied to a first processing node, and includes:

receiving scrambled privacy data about a target user, which are sent by a plurality of data nodes, wherein the scrambled privacy data are obtained by scrambling based on the privacy data about the target user in the plurality of data nodes and scrambling parameters;

performing data fusion processing based on the scrambled privacy data to obtain scrambled target data of the target user;

and sending the scrambled target data to a second processing node so that the second processing node descrambles the scrambled target data to obtain the target data of the target user.

In a third aspect, a data fusion processing apparatus based on privacy data protection is provided, including:

the receiving unit is used for receiving scrambled privacy data which are sent by a plurality of data nodes and are related to a target user, and the scrambled privacy data are obtained by scrambling based on the privacy data which are related to the target user and scrambling parameters in the data nodes;

the fusion processing unit is used for carrying out data fusion processing on the basis of the scrambled privacy data to obtain scrambled target data of the target user;

and the sending unit is used for sending the scrambled target data to a second processing node so that the second processing node descrambles the scrambled target data to obtain the target data of the target user.

In a fourth aspect, an electronic device is provided, which includes:

a processor; and

a memory arranged to store computer executable instructions that, when executed, cause the processor to:

In a fifth aspect, a computer-readable storage medium is presented, the computer-readable storage medium storing one or more programs that, when executed by an electronic device comprising a plurality of application programs, cause the electronic device to perform the method of:

In a sixth aspect, a data fusion processing method based on private data protection is provided, and is applied to a second processing node, and includes:

receiving scrambled target data about a target user, which is sent by a first processing node, wherein the scrambled target data is obtained by the first processing node through data fusion processing based on the scrambled privacy data about the target user, which is sent by a plurality of data nodes, and the scrambled privacy data is obtained by scrambling based on the privacy data about the target user and scrambling parameters in the plurality of data nodes;

receiving scrambling parameters which are sent by the data nodes and correspond to the scrambled privacy data, wherein the second processing node cannot acquire the scrambled privacy data;

and descrambling the scrambled target data based on the scrambling parameter to obtain the target data of the target user.

A seventh aspect proposes a data fusion processing apparatus based on privacy data protection, including:

the first receiving unit is used for receiving scrambled target data which are sent by a first processing node and are related to a target user, the scrambled target data are obtained by the first processing node through data fusion processing based on the scrambled privacy data which are sent by a plurality of data nodes and are related to the target user, and the scrambled privacy data are obtained through scrambling based on the privacy data and scrambling parameters which are related to the target user in the plurality of data nodes;

a second receiving unit, configured to receive scrambling parameters corresponding to the scrambled privacy data sent by the multiple data nodes, where the scrambled privacy data cannot be acquired by the second processing node;

and the descrambling unit is used for descrambling the scrambled target data based on the scrambling parameters to obtain the target data of the target user.

In an eighth aspect, an electronic device is provided, which includes:

a processor; and

In a ninth aspect, a computer-readable storage medium is presented, the computer-readable storage medium storing one or more programs that, when executed by an electronic device comprising a plurality of application programs, cause the electronic device to perform the method of:

In a tenth aspect, a data fusion processing system based on private data protection is provided, including a plurality of data nodes, a first processing node, and a second processing node, where:

the data nodes scramble the privacy data of the target user based on the scrambling parameters to obtain the scrambled privacy data of the target user; sending the scrambled privacy data to the first processing node, and sending the scrambling parameter to the second processing node;

the first processing node performs data fusion processing based on the scrambled private data to obtain scrambled target data of the target user; sending the scrambled target data to the second processing node, wherein the second processing node cannot acquire the scrambled privacy data;

At least one technical scheme adopted by one or more embodiments of the specification can achieve the following technical effects:

one or more embodiments of the present specification achieve that, when sharing the private data of the target user, a plurality of data nodes scramble the private data of the target user using the scrambling parameter, and share the scrambled private data, so that the problem of private data leakage caused by directly sharing the private data can be avoided. After sharing the scrambled private data of the target user, when fusing the private data of the target user, because the processing can be carried out in two stages, the scrambled privacy data of the target user are subjected to fusion processing by the first processing node in the first stage to obtain the scrambled target data of the target user, the scrambled target data are descrambled by the second processing node based on the scrambling parameters in the second stage to obtain the target data of the target user, and the scrambled privacy data of the target user cannot be obtained by the second processing node, therefore, on one hand, the problem that the private data is leaked due to the fact that the second processing node indirectly acquires the private data of the target user can be avoided, and on the other hand, the purpose of fusion processing of the private data is achieved by descrambling the fusion processing result of the scrambled private data.

Drawings

In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the embodiments of the present specification, and for those skilled in the art, other drawings can be obtained according to the drawings without any creative efforts.

FIG. 1 is a schematic diagram of an exemplary system architecture provided by an embodiment of the present disclosure;

FIG. 2 is a flow chart diagram of a data fusion processing method based on privacy data protection according to an embodiment of the present disclosure;

FIG. 3 is a flow chart diagram illustrating a data fusion processing method based on privacy data protection according to an embodiment of the present disclosure;

FIG. 4 is a flow chart diagram illustrating a data fusion processing method based on privacy data protection according to an embodiment of the present disclosure;

FIG. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present description;

FIG. 6 is a schematic structural diagram of a data fusion processing apparatus based on privacy data protection according to an embodiment of the present specification;

FIG. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present description;

fig. 8 is a schematic structural diagram of a data fusion processing apparatus based on privacy data protection according to an embodiment of the present specification;

fig. 9 is a schematic structural diagram of a data fusion processing system based on privacy data protection according to an embodiment of the present specification.

Detailed Description

In order to make those skilled in the art better understand the technical solutions in the embodiments of the present disclosure, the technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in one or more embodiments of the present disclosure, and it is obvious that the described embodiments are only a part of the embodiments of the present disclosure, and not all embodiments. All other embodiments obtained by a person skilled in the art without making creative efforts based on the embodiments in the present description shall fall within the protection scope of this document.

In a scenario of performing private data sharing so as to perform fusion processing on shared private data, in order to protect security of the private data and reduce a risk of private data being leaked, embodiments of the present specification provide a data fusion processing method, apparatus, and system based on private data protection. The data fusion processing method based on privacy data protection provided by the embodiments of the present specification may be executed by an electronic device in a data processing node, where the electronic device may be a terminal device or a server device. In other words, the method may be performed by software or hardware installed on a terminal device or a server device in the data processing node. The server includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like. The terminal devices include but are not limited to: any one of smart terminal devices such as a smart phone, a Personal Computer (PC), a notebook computer, a tablet computer, an electronic reader, a web tv, and a wearable device.

A possible application scenario of the technical solution provided in the embodiment of the present specification is described below with reference to fig. 1.

As shown in fig. 1, a system architecture provided in the embodiment of the present specification includes: a first processing node 11, a second processing node 12 and a plurality of data nodes 13. Among the plurality of data nodes 13, data node 1, data node 2, … …, and data node n, one data node 13 may provide one private data of the target user. The plurality of data nodes 13 may be connected to the first processing node 11 and the second processing node 12 through a network for sharing of private data, and the first processing node 11 may be connected to the second processing node 12 through a network for data transmission.

In the application scenario shown in fig. 1, the first processing node 11 and the second processing node 12 may serve as an execution subject of a data fusion processing method based on privacy data protection provided by an embodiment of this specification. In a more specific application scenario, the first processing node 11 and the second processing node 12 may represent two different data processing mechanisms, and the plurality of data nodes 13 may represent a mechanism that provides private data of a target user.

The privacy data of the target user described in the embodiments of the present specification includes, but is not limited to: personal information data of the target user (such as height, weight, name, identification number, telephone number, other certificate numbers and the like of the target user), behavior data of the target user (such as webpage browsing records of the target user, travel route records of the target user and the like), other data of the target user needing protection and the like. In a more specific application scenario, the private data of the target user may also be a credit score obtained by the financial institution evaluating the credit of the target user.

The technical solutions provided by the embodiments of the present description are described in detail below with reference to the accompanying drawings.

Fig. 2 is a flowchart illustrating a data fusion processing method based on privacy data protection according to an embodiment of the present disclosure. The method may be applied to a first processing node 11 and a second processing node 12 as shown in fig. 1, and as shown in fig. 2, the method may include:

s102: the first processing node receives scrambled privacy data about a target user, which are sent by a plurality of data nodes, and the scrambled privacy data are obtained by scrambling based on the privacy data about the target user in the data nodes and scrambling parameters.

The plurality of data nodes may provide the private data of the target user, and when the first processing node needs to perform fusion processing on the private data of the target user, the plurality of data nodes may send the private data of the target user to the first processing node.

In this embodiment, in order to ensure security of the private data and reduce the risk of the private data being leaked at the first processing node, before the multiple data nodes send the private data of the target user to the first processing node, the private data of the target user may be scrambled based on the scrambling parameter.

In one implementation manner, when the plurality of data nodes perform scrambling processing on the privacy data of the target user, the scrambling processing may be performed by adding the scrambling parameter and the privacy data of the target user, and the addition result is the scrambled privacy data.

For example, taking one of the data nodes 1 as an example, the data node 1 may provide private data U of a target user, and when the data node 1 scrambles the private data U, assuming that a scrambling parameter is S, the private data U and the scrambling parameter S may be superimposed to obtain U + S, where U + S is scrambled private data corresponding to the private data U. Similarly, other data nodes can obtain corresponding scrambled privacy data by the same method.

In other implementations, when the plurality of data nodes perform scrambling processing on the private data of the target user, the scrambling processing may also be performed in other manners, for example, by multiplying or dividing the scrambling parameter by the private data of the target user, which is not illustrated here.

After the plurality of data nodes scramble the privacy data of the target user and obtain the scrambled privacy data of the target user, the scrambled privacy data of the target user can be sent to the first processing node instead of the privacy data of the target user, so that the risk that the privacy data of the target user is leaked at the first processing node can be reduced, and the security of the privacy data of the target user is improved.

Optionally, when the plurality of data nodes send the scrambled privacy data of the target user to the first processing node, in order to further improve security, the scrambled privacy data of the target user may also be encrypted, and the encrypted data may be sent to the first processing node.

After the plurality of data nodes send the scrambled privacy data of the target user to the first processing node, the first processing node may receive the scrambled privacy data of the target user. The number of the scrambled privacy data of the target user can be multiple, and one scrambled privacy data can be obtained by scrambling one privacy data of the target user by one data node.

It should be noted that, in this embodiment, the first processing node may obtain the scrambled privacy data of the target user, but cannot obtain the scrambling parameter corresponding to the scrambled privacy data of the target user, so that the first processing node may be prevented from indirectly obtaining the privacy data of the target user according to the scrambled privacy data and the scrambling parameter, thereby reducing a risk that the privacy data of the target user is leaked at the first processing node, and improving security of the privacy data of the target user.

In order to ensure that the first processing node cannot acquire the scrambling parameter corresponding to the scrambled privacy data of the target user, data isolation may be performed between the first processing node and the plurality of data nodes. Specifically, during data interaction between the first processing node and the multiple data nodes, the multiple data nodes may be allowed to send the scrambled private data to the first processing node, but the multiple data nodes are not allowed to send the scrambling parameter to the first processing node.

S104: and the first processing node performs data fusion processing based on the scrambled private data to obtain scrambled target data of the target user.

When the first processing node performs data fusion processing based on the scrambled private data, the method may include:

first, a preset fusion processing model is obtained.

In this embodiment, the fusion processing model may include at least one of a linear superposition processing and a nonlinear superposition processing. Optionally, the fusion processing model may further include other fusion processing manners, which are not illustrated here.

And secondly, performing data fusion processing on the scrambled private data based on a fusion processing model.

For ease of understanding, the following two possible implementations may be exemplified herein.

In an implementation manner, in a case that the fusion processing mode of the fusion processing model is linear superposition processing, when the first processing node performs fusion processing on the scrambled privacy data, the scrambled privacy data of the target user may be added, and an obtained addition result is the scrambled target data of the target user.

For example, the scrambled private data of the target user includes M1, M2, … … Mn, and the first processing node may directly add M1, M2, … … Mn when performing the data fusion processing, so as to obtain the scrambled target userSubject data M_sum，M_sum=M1+M2+……+Mn。

In another implementation manner, when the fusion processing mode of the fusion processing model is the nonlinear superposition processing, the first processing node may perform weighted summation on the scrambled privacy data of the target user when performing fusion processing on the scrambled privacy data, and an obtained weighted result is the scrambled target data of the target user.

Still taking the example that the scrambled privacy data of the target user includes M1, M2, … … Mn, the first processing node may perform weighted summation on M1, M2, … … Mn when performing data fusion processing, where the weights corresponding to M1, M2, … … Mn may be provided by multiple data nodes, or may be determined by the first processing node according to actual situations.

After weighted summation of M1, M2 and … … Mn, scrambled target data M can be obtained_sum，M_sum=ω₁M1+ω₂M2+……+ω_nMn，ω₁、ω₂、……、ω_nThe weights of M1, M2 and … … Mn correspond to each other.

It should be noted that, in practical application, when the first processing node performs fusion processing on the scrambled private data, a specific fusion processing manner may be determined according to a specific application scenario, and this embodiment is not specifically limited herein.

S106: and the first processing node sends the scrambled target data to a second processing node.

After obtaining the scrambled target data of the target user, the first processing node may send the scrambled target data to the second processing node, so that the second processing node may descramble the scrambled target data to obtain the target data of the target user.

Optionally, in order to ensure the security of the scrambled target data during transmission, the first processing node may encrypt the scrambled target data before sending the scrambled target data to the second processing node. Specifically, the first processing node may encrypt the scrambled target data of the target user by using a public key corresponding to the second processing node, where the public key corresponding to the second processing node may be provided to the first processing node by the second processing node in advance.

After the encrypted scrambled target data is obtained, the encrypted scrambled target data can be sent to the second processing node, so that the security in the data transmission process is ensured.

S108: and the second processing node receives scrambling parameters which are sent by the plurality of data nodes and correspond to the scrambled privacy data, and the second processing node cannot acquire the scrambled privacy data.

In this embodiment, in order to facilitate the second processing node to perform descrambling processing on the scrambled target data of the target user, the multiple data nodes may send the scrambling parameter corresponding to the scrambled privacy data of the target user to the second processing node.

The second processing node may receive the scrambling parameter after the plurality of data nodes send the scrambling parameter to the second processing node.

It should be noted that, in this embodiment, the second processing node may acquire the scrambling parameter, but cannot acquire the scrambled private data of the target user. Therefore, the second processing node can be prevented from indirectly acquiring the privacy data of the target user according to the scrambled privacy data and the scrambling parameters, and the risk that the privacy data of the target user is leaked at the second processing node is reduced.

In order to ensure that the second processing node cannot acquire the scrambled private data of the target user, data isolation may be performed between the second processing node and the first processing node, and between the second processing node and the plurality of data nodes. Specifically, during the data interaction between the first processing node and the second processing node, the first processing node may be allowed to send the data after the fusion processing to the second processing node, but the first processing node may not be allowed to send the data without the fusion processing (i.e., the scrambled privacy data of the target user) to the second processing node.

S110: and the second processing node descrambles the scrambled target data based on the scrambling parameter to obtain the target data of the target user.

After receiving the scrambling parameter and the scrambled target data of the target user, the second processing node may perform descrambling processing on the scrambled target data of the target user based on the scrambling parameter to obtain the target data of the target user. The target data of the target user can be understood as data which is finally obtained and does not comprise the scrambling parameter.

When the second processing node descrambles the scrambled target data based on the scrambling parameter, the method may specifically include the following steps:

firstly, a fusion processing model adopted by a first processing node when the first processing node performs data fusion processing on scrambled private data is obtained.

In this embodiment, the fusion processing model adopted by the first processing node may include at least one of a linear superposition processing and a nonlinear superposition processing. Optionally, the fusion processing model may further include other fusion processing manners, which are not illustrated here.

Since the first processing node performs data fusion processing on the scrambled private data, the processing process includes fusion processing on the scrambling parameter, and therefore, in order to facilitate descrambling, a fusion processing model adopted when the first processing node performs data fusion processing needs to be acquired. The fusion processing model can be actively provided by the first processing node, and can also be actively obtained from the first processing node by the second processing node.

And secondly, performing data fusion processing on the scrambling parameters based on a fusion processing model.

For a specific implementation manner, reference may be made to the specific implementation manner when the first processing node performs data fusion processing on the scrambled private data in S104, and a description thereof is not repeated here.

It should be noted that the fusion processing mode when the second processing node performs data fusion processing on the scrambled parameter needs to be the same as the fusion processing mode when the first processing node performs data fusion processing on the scrambled private data. For example, the fusion processing method adopted by the first processing node is linear superposition processing, and then the fusion processing method adopted by the second processing node is also linear superposition processing.

And finally, subtracting the scrambling parameters after the scrambling and the fused scrambling parameters to obtain the target data of the target user.

Because the scrambled target data of the target user comprises the fused private data (namely the target data of the target user) and the fused scrambling parameter, after the scrambled target data of the target user and the fused scrambling parameter are subtracted, the scrambled part in the scrambled target data can be removed, the target data of the target user can be obtained, and the purpose of descrambling is achieved.

Optionally, if the scrambled target data of the target user is data encrypted by the first processing node using the public key corresponding to the second processing node, before performing the descrambling processing, the second processing node needs to decrypt the scrambled target data of the target user using the private key corresponding to the public key. After the decrypted data is obtained, the method described above may be adopted to perform descrambling processing on the decrypted data based on the scrambling parameter, so as to obtain the target data of the target user.

In order to facilitate understanding of the technical solutions provided in the present specification, a financial service scenario may be taken as an example for description below.

In a financial business scenario, a certain central institution C wants to obtain multiple credit scores (which may be regarded as the privacy data of the target user) of a target user from other financial institutions C1, C2, … …, and Cm, and finally obtain a total credit score (which may be regarded as the target data of the target user) of the target user, based on the technical solution provided by the embodiment of the present specification, a specific implementation manner may include:

first, financial institutions C1, C2, … …, Cm may provide m credits of a target user, which may be denoted herein by U1, U2, … …, Um, respectively. To protect credits from being revealed, financial institutions C1, C2, … …, Cm may scramble m credits with scrambling parameters, which may be represented by S1, S2, … …, Sm.

When scrambling the credit score, for example, the scrambling parameter and the credit score are superimposed, specifically, the financial institution C1 may superimpose S1 and U1 to obtain a scrambled credit score S1+ U1, the financial institution C1 may superimpose S2 and U2 to obtain scrambled credit scores S2+ U2 and … …, and so on, and finally m scrambled credit scores S1+ U1, S2+ U2, … … and Sm + Um (which may be regarded as scrambled privacy data of the target user) may be obtained.

Secondly, the financial institutions C1, C2, … …, Cm may transmit the m scrambled credits S1+ U1, S2+ U2, … …, Sm + Um to the intermediary C' and the m scrambling parameters S1, S2, … …, Sm to the central structure C.

It should be noted that the intermediate mechanism C ' cannot acquire the m scrambling parameters S1, S2, … …, Sm, and the central mechanism C cannot acquire the m scrambled credits S1+ U1, S2+ U2, … …, Sm + Um, so that neither the intermediate mechanism C ' nor the central mechanism C can indirectly acquire the m credits of the target user, and the risk that the m credits of the target user are leaked in the intermediate mechanism C ' and the central mechanism C can be reduced.

Thirdly, the intermediary organization C' may perform data fusion processing on the m scrambled credits.

Based on the actual application scenario, when the data fusion processing is performed based on the fusion processing model, the linear superposition processing may be used as a fusion processing mode, that is, m scrambled credits may be added to obtain a scrambled total score S1+ U1+ S2+ U2+ … … + Sm + Um of the target user, and the scrambled total score may be regarded as the scrambled target data of the target user.

Fourth, the central agency C' transmits the scrambled total score S1+ U1+ S2+ U2+ … … + Sm + Um to the central agency C.

Optionally, in order to ensure security during data transmission, when sending the scrambled total score S1+ U1+ S2+ U2+ … … + Sm + Um to the central authority C, the intermediary authority C' may encrypt the total score by using a public key corresponding to the central authority C, and after obtaining the encrypted total score, send the encrypted total score to the central authority C.

Fifth, the center mechanism C descrambles the scrambled total score transmitted by the center mechanism C' based on the m scrambling parameters S1, S2, … …, Sm.

Specifically, since the fusion processing manner adopted by the intermediate mechanism C' at the time of the data fusion processing is the linear superposition processing, the center mechanism C may linearly superpose the scramble parameters and subtract the sum of the total score S1+ U1+ S2+ U2+ … … + Sm + Um and the m scramble parameters S1, S2, … …, Sm at the time of the descrambling processing of the scrambled total score. In this way, the total credit score corresponding to the m credit scores, i.e., U1+ U2+ … … + Um, can be obtained through the descrambling processing.

Optionally, if the total score received by the central authority C is the total score encrypted by the intermediate authority C' using the public key corresponding to the central authority C, when performing descrambling processing, it is necessary to decrypt the total score using the private key corresponding to the public key, and perform descrambling processing on the decrypted total score.

In the above steps, the data that the intermediary entity C 'can acquire is the scrambling parameter and the scrambled total credit score, and the data that the central entity C can acquire is the scrambled credit score of the target user, but neither the intermediary entity C' nor the central entity C can directly or indirectly acquire the credit score of the target user. In this way, the risk of the credit score of the target user being revealed may be reduced.

In addition, when the scrambled credit score of the target user is processed, the method can be divided into two stages, wherein the first stage is to perform fusion processing on the scrambled credit score, and the second stage is to perform descrambling processing on the result of the fusion processing, so that the total credit score of the target user can be finally obtained through the processing of the two stages of scrambling and descrambling.

It should be noted that, in a possible application scenario, when the first processing node performs fusion processing on the scrambled privacy data of the target user, the first processing node may be divided into multiple stages to perform processing, and each stage cannot indirectly acquire the privacy data of the target user in order to protect the privacy data from being leaked. Correspondingly, when the second processing node descrambles the scrambled target data of the target user, the second processing node may also be divided into a plurality of nodes for processing, and each node also cannot indirectly acquire the private data of the target user. For example, the first processing node may correspond to a plurality of mechanisms, the plurality of mechanisms may collectively implement fusion processing on the scrambled private data of the target user, the second processing borrowing point may also correspond to a plurality of mechanisms, and the plurality of mechanisms may collectively implement descrambling processing on the scrambled target data of the target user. The specific implementation manner can be seen in the implementation of the corresponding steps, and the description is not repeated here.

In the technical scheme provided by the embodiment of the specification, when the plurality of data nodes share the private data of the target user, the scrambling parameters are used for scrambling the private data, and the scrambled private data are shared, so that the problem of private data leakage caused by directly sharing the private data can be avoided. After sharing the scrambled private data of the target user, when fusing the private data of the target user, because the processing can be carried out in two stages, the scrambled privacy data of the target user are subjected to fusion processing by the first processing node in the first stage to obtain the scrambled target data of the target user, the scrambled target data are descrambled by the second processing node based on the scrambling parameters in the second stage to obtain the target data of the target user, and the scrambled privacy data of the target user cannot be obtained by the second processing node, therefore, on one hand, the problem that the private data is leaked due to the fact that the second processing node indirectly acquires the private data of the target user can be avoided, and on the other hand, the purpose of fusion processing of the private data is achieved by descrambling the fusion processing result of the scrambled private data.

Fig. 3 is a flowchart illustrating a data fusion processing method based on privacy data protection according to an embodiment of the present disclosure. The method may be applied to a first processing node 11 as shown in fig. 1, and as shown in fig. 3, the method may include:

s302: receiving scrambled privacy data about a target user, which are sent by a plurality of data nodes, wherein the scrambled privacy data are obtained by scrambling based on the privacy data about the target user in the plurality of data nodes and scrambling parameters.

In this embodiment, the first processing node cannot acquire the scrambling parameters of the plurality of data nodes about the target user. Therefore, the first processing node can be prevented from indirectly acquiring the privacy data of the target user according to the scrambling parameters and the scrambled privacy data, the risk that the privacy data of the target user are leaked at the first processing node is reduced, and the security of the privacy data is improved.

S304: and performing data fusion processing based on the scrambled privacy data to obtain the scrambled target data of the target user.

acquiring a preset fusion processing model, wherein the fusion processing model has at least one of a linear superposition processing mode and a nonlinear superposition processing mode;

and performing data fusion processing on the scrambled privacy data based on the fusion processing model.

S306: and sending the scrambled target data to a second processing node so that the second processing node descrambles the scrambled target data to obtain the target data of the target user.

In this embodiment, when the first processing node sends the scrambled target data to the second processing node, the method may further include:

encrypting the scrambled target data by using a public key corresponding to the second processing node; and sending the encrypted scrambled target data to the second processing node.

Specific implementations of S302 to S304 in this embodiment may refer to specific implementations of corresponding steps in the embodiment shown in fig. 2, and a description thereof is not repeated here.

Fig. 4 is a flowchart illustrating a data fusion processing method based on privacy data protection according to an embodiment of the present disclosure. The method may be applied to a second processing node 12 as shown in fig. 1, and as shown in fig. 4, the method may include:

s402: receiving scrambled target data about a target user, which is sent by a first processing node, wherein the scrambled target data is obtained by the first processing node through data fusion processing based on the scrambled privacy data about the target user, which is sent by a plurality of data nodes, and the scrambled privacy data is obtained by scrambling based on the privacy data about the target user and scrambling parameters in the plurality of data nodes.

Optionally, in order to ensure the security of data transmission, the scrambled target data may be sent by the first processing node after being encrypted by using the public key corresponding to the second processing node, that is, the scrambled target data received by the second processing node may be encrypted data.

S404: and receiving scrambling parameters which are sent by the data nodes and correspond to the scrambled privacy data, wherein the second processing node cannot acquire the scrambled privacy data.

It should be noted that the second processing node cannot acquire the scrambled privacy data of the target user, so that the second processing node can be prevented from indirectly acquiring the privacy data of the target user according to the scrambling parameter and the scrambled privacy data, the risk that the privacy data of the target user is leaked at the second processing node is reduced, and the security of the privacy data is improved.

S406: and descrambling the scrambled target data based on the scrambling parameter to obtain the target data of the target user.

In this embodiment, the scrambled privacy data sent by the multiple data nodes may be obtained by adding the privacy data of the target user and the scrambling parameter;

the descrambling processing, by the second processing node, of the scrambled target data based on the scrambling parameter to obtain the target data of the target user may include:

acquiring a fusion processing model adopted by the first processing node to perform data fusion processing on the scrambled private data, wherein the fusion processing model has at least one of linear superposition processing and nonlinear superposition processing;

performing data fusion processing on the scrambling parameters based on a fusion processing model;

and subtracting the scrambled target data from the fused scrambling parameters to obtain the target data of the target user.

Optionally, if the scrambled target data is data encrypted by the first processing node using a public key corresponding to the second processing node, the second processing node needs to decrypt the scrambled target data using a private key corresponding to the public key before descrambling.

In the technical solutions provided by the embodiments shown in fig. 3 and fig. 4, when a plurality of data nodes share the private data of the target user, the scrambling parameters are used to scramble the private data, and the scrambled private data is shared, so that the problem of private data leakage caused by directly sharing the private data can be avoided. After sharing the scrambled private data of the target user, when fusing the private data of the target user, because the processing can be carried out in two stages, the scrambled privacy data of the target user are subjected to fusion processing by the first processing node in the first stage to obtain the scrambled target data of the target user, the scrambled target data are descrambled by the second processing node based on the scrambling parameters in the second stage to obtain the target data of the target user, and the scrambled privacy data of the target user cannot be obtained by the second processing node, therefore, on one hand, the problem that the private data is leaked due to the fact that the second processing node indirectly acquires the private data of the target user can be avoided, and on the other hand, the purpose of fusion processing of the private data is achieved by descrambling the fusion processing result of the scrambled private data.

The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.

Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present specification. Referring to fig. 5, at a hardware level, the electronic device includes a processor, and optionally further includes an internal bus, a network interface, and a memory. The Memory may include a Memory, such as a Random-Access Memory (RAM), and may further include a non-volatile Memory, such as at least 1 disk Memory. Of course, the electronic device may also include hardware required for other services.

The processor, the network interface, and the memory may be connected to each other via an internal bus, which may be an ISA (Industry Standard Architecture) bus, a PCI (peripheral component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 5, but this does not indicate only one bus or one type of bus.

And the memory is used for storing programs. In particular, the program may include program code comprising computer operating instructions. The memory may include both memory and non-volatile storage and provides instructions and data to the processor.

The processor reads the corresponding computer program from the nonvolatile memory to the memory and then runs the computer program, and a data fusion processing device based on the privacy data protection is formed on a logic level. The processor is used for executing the program stored in the memory and is specifically used for executing the following operations:

The method executed by the data fusion processing device based on privacy data protection according to the embodiment shown in fig. 5 in this specification can be applied to or implemented by a processor. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present specification may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present specification may be embodied directly in a hardware decoding processor, or in a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.

The electronic device may further execute the method in fig. 3, and implement the functions of the data fusion processing apparatus based on privacy data protection in the embodiment shown in fig. 3, which are not described herein again in this specification.

Of course, besides the software implementation, the electronic device of the embodiment of the present disclosure does not exclude other implementations, such as a logic device or a combination of software and hardware, and the like, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or a logic device.

This specification embodiment also proposes a computer-readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a portable electronic device comprising a plurality of application programs, are capable of causing the portable electronic device to perform the method of the embodiment shown in fig. 3, and in particular to perform the following operations:

Fig. 6 is a schematic structural diagram of a data fusion processing apparatus 60 based on privacy data protection according to an embodiment of the present specification. Referring to fig. 6, in a software implementation, the data fusion processing apparatus 60 based on private data protection is applied to a first processing node, and may include: a receiving unit 61, a fusion processing unit 62, and a transmitting unit 63, wherein:

a receiving unit 61, configured to receive scrambled privacy data about a target user, sent by a plurality of data nodes, where the scrambled privacy data is obtained by scrambling based on the privacy data about the target user in the plurality of data nodes and a scrambling parameter;

a fusion processing unit 62, configured to perform data fusion processing based on the scrambled private data to obtain scrambled target data of the target user;

and the sending unit 63 is configured to send the scrambled target data to a second processing node, so that the second processing node descrambles the scrambled target data to obtain the target data of the target user.

Optionally, the sending unit 63 sends the scrambled target data to a second processing node, where the sending unit includes:

encrypting the scrambled target data by using a public key corresponding to the second processing node;

sending the encrypted scrambled target data to the second processing node;

optionally, the fusion processing unit 62, performing data fusion processing based on the scrambled private data, includes:

Optionally, the receiving unit 61 may not acquire the scrambling parameter corresponding to the scrambled private data.

The data fusion processing apparatus 60 based on private data protection provided in this specification may further execute the method in fig. 3, and implement the functions of the data fusion processing apparatus based on private data protection in the embodiment shown in fig. 3, which are not described herein again in this specification.

Fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present specification. Referring to fig. 7, at a hardware level, the electronic device includes a processor, and optionally further includes an internal bus, a network interface, and a memory. The Memory may include a Memory, such as a Random-Access Memory (RAM), and may further include a non-volatile Memory, such as at least 1 disk Memory. Of course, the electronic device may also include hardware required for other services.

The processor, the network interface, and the memory may be connected to each other via an internal bus, which may be an ISA (Industry Standard Architecture) bus, a PCI (peripheral component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 7, but this does not indicate only one bus or one type of bus.

The method executed by the data fusion processing device based on privacy data protection according to the embodiment shown in fig. 7 in this specification can be applied to or implemented by a processor. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present specification may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present specification may be embodied directly in a hardware decoding processor, or in a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.

The electronic device may further execute the method in fig. 4, and implement the functions of the data fusion processing apparatus based on privacy data protection in the embodiment shown in fig. 4, which are not described herein again in this specification.

Embodiments of the present specification also provide a computer-readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a portable electronic device comprising a plurality of application programs, enable the portable electronic device to perform the method of the embodiment shown in fig. 4, and in particular to perform the following operations:

Fig. 8 is a schematic structural diagram of a data fusion processing apparatus 80 based on privacy data protection according to an embodiment of the present specification. Referring to fig. 8, in a software implementation, the data fusion processing apparatus 80 based on private data protection is applied to a second processing node, and may include: a first receiving unit 81, a second receiving unit 82 and a descrambling unit 83, wherein:

a first receiving unit 81, configured to receive scrambled target data, which is sent by a first processing node and is related to a target user, where the scrambled target data is obtained by the first processing node through data fusion processing based on scrambled private data, which is sent by a plurality of data nodes and is related to the target user, and the scrambled private data is obtained by scrambling based on the private data and a scrambling parameter, which are related to the target user, in the plurality of data nodes;

a second receiving unit 82, configured to receive scrambling parameters corresponding to the scrambled privacy data sent by the multiple data nodes, where the scrambled privacy data cannot be obtained by the second processing node;

and a descrambling unit 83 configured to perform descrambling processing on the scrambled target data based on the scrambling parameter to obtain the target data of the target user.

Optionally, the scrambled target data is encrypted scrambled target data, and the encrypted scrambled target data is obtained by encrypting the scrambled target data based on a public key corresponding to the second processing node;

the descrambling unit 83, performing descrambling processing on the scrambled target data based on the scrambling parameter, includes:

decrypting the encrypted scrambled target data by using a private key corresponding to the public key;

and descrambling the decrypted scrambled target data based on the scrambling parameter.

Optionally, the scrambled privacy data is obtained by adding the privacy data and the scrambling parameter;

the descrambling unit 83 descrambles the scrambled target data based on the scrambling parameter to obtain the target data of the target user, and includes:

acquiring a fusion processing model adopted by the first processing node when the first processing node performs data fusion processing on the scrambled private data, wherein the fusion processing model has at least one of a linear superposition processing mode and a nonlinear superposition processing mode;

performing data fusion processing on the scrambling parameters based on the fusion processing model;

and subtracting the scrambling parameter after the scrambling from the scrambling parameter after the fusion processing to obtain the target data of the target user.

The data fusion processing apparatus 80 based on privacy data protection provided in the embodiment of the present specification may further execute the method in fig. 4, and implement the functions of the data fusion processing apparatus based on privacy data protection in the embodiment shown in fig. 4, which are not described herein again.

Fig. 9 is a schematic structural diagram of a data fusion processing system 90 based on privacy data protection according to an embodiment of the present specification. Referring to fig. 9, the data fusion processing system 90 based on private data protection shown in fig. 9 may include a plurality of data nodes 91, a first processing node 92, and a second processing node 93, where:

the data nodes 91 scramble the privacy data of the target user based on the scrambling parameters to obtain scrambled privacy data of the target user; sending the scrambled private data to the first processing node, and sending the scrambling parameter to the second processing node;

the first processing node 92 performs data fusion processing based on the scrambled private data to obtain scrambled target data of the target user; sending the scrambled target data to the second processing node, wherein the second processing node cannot acquire the scrambled privacy data;

and the second processing node 93 descrambles the scrambled target data based on the scrambling parameter to obtain the target data of the target user.

In this embodiment, the plurality of data nodes 91 may implement the functions implemented by the plurality of data nodes in the embodiments shown in fig. 2 to 4, the first processing node 92 may implement the functions implemented by the first processing node in the embodiments shown in fig. 2 to 4, and the second processing node 93 may implement the functions implemented by the second processing node in the embodiments shown in fig. 2 to 4, and the specific implementation manner may refer to the specific implementation of the corresponding steps in the embodiments shown in fig. 2 to 4, and will not be described repeatedly here.

In short, the above description is only a preferred embodiment of the present disclosure, and is not intended to limit the scope of protection of this document. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of one or more embodiments of the present specification shall be included in the scope of protection of this document.

The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.

Claims

1. A data fusion processing method based on privacy data protection comprises the following steps:

2. The method of claim 1, the first processing node sending the scrambled target data to a second processing node, comprising:

the first processing node encrypts the scrambled target data by using a public key corresponding to the second processing node; sending the encrypted scrambled target data to the second processing node;

the second processing node descrambles the scrambled target data based on the scrambling parameter, and includes:

the second processing node decrypts the encrypted scrambled target data by using a private key corresponding to the public key;

and the second processing node descrambles the decrypted scrambled target data based on the scrambling parameter.

3. The method of claim 1, the first processing node performing data fusion processing based on the scrambled private data, comprising:

4. The method of claim 1, the scrambled privacy data resulting from adding the privacy data and the scrambling parameter;

the descrambling processing of the scrambled target data by the second processing node based on the scrambling parameter to obtain the target data of the target user includes:

5. The method of claim 1, wherein the first processing node cannot obtain the scrambling parameter corresponding to the scrambled private data.

6. A data fusion processing method based on privacy data protection is applied to a first processing node and comprises the following steps:

7. A data fusion processing method based on privacy data protection is applied to a second processing node and comprises the following steps:

8. A data fusion processing system based on privacy data protection comprises a plurality of data nodes, a first processing node and a second processing node, wherein:

the data nodes scramble the privacy data of the target user based on the scrambling parameters to obtain the scrambled privacy data of the target user; sending the scrambled private data to the first processing node, and sending the scrambling parameter to the second processing node;

9. A data fusion processing device based on private data protection is applied to a first processing node and comprises:

10. An electronic device, comprising:

a processor; and

11. A computer readable storage medium storing one or more programs which, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform a method of:

12. A data fusion processing device based on private data protection is applied to a second processing node and comprises:

13. An electronic device, comprising:

a processor; and

14. A computer readable storage medium storing one or more programs which, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform a method of: