CN111783108B - Data query and calculation method and system, and storage medium - Google Patents
Data query and calculation method and system, and storage medium Download PDFInfo
- Publication number
- CN111783108B CN111783108B CN201910272457.0A CN201910272457A CN111783108B CN 111783108 B CN111783108 B CN 111783108B CN 201910272457 A CN201910272457 A CN 201910272457A CN 111783108 B CN111783108 B CN 111783108B
- Authority
- CN
- China
- Prior art keywords
- query
- data
- target user
- verification
- result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/03—Credit; Loans; Processing thereof
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Technology Law (AREA)
- General Business, Economics & Management (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The application provides a data query and calculation method and system and a storage medium. The second data query system sends at least one query service based on the query requirement of a target user; the inquiry service comprises information to be inquired and an inquiry request subjected to first encryption processing; the query request is used for acquiring a query result of a target user corresponding to the information to be queried in a user group; the dimension of the query request is at least one dimension; the first data query system fuses query results corresponding to the target user and the information to be queried, which are acquired from at least one data source, according to the query service and feeds the query results back to the second data query system; and the second data query system processes the obtained query result corresponding to the target user according to each query service. By adopting the query result of encryption processing, the method and the device can effectively prevent the query result from being revealed, protect the data source and provide anonymous query under the authorized condition.
Description
Technical Field
The present disclosure relates to the field of secure data processing technologies, and in particular, to a data query and calculation method and system, and a storage medium.
Background
Data query systems such as business credit, personal information credit and the like, and even data query systems such as booking houses, industry supervision and the like containing sensitive data and business confidentiality are required to provide data security assurance so as to reduce or even avoid sensitive data leakage. For example, the utilization of data queries to divulge sensitive data in social networking sites is avoided. As another example, avoiding data queries with the proxy platform from compromising sensitive data by the proxy platform. For this purpose, enterprises and institutions holding sensitive data limit the use of related databases by limiting rights. However, there are now a large number of companies that offer loans to customers on different scales. These loan companies include commercial banks, small loan companies, trust companies, and the like. Sometimes, because a single borrower may not be able to provide sufficient loans to borrowers, the borrower may borrow money from multiple borrowers. This allows the lender to want to query the borrower's loan information to evaluate his credit before making a loan decision. For example, a borrower may want to know whether the borrower borrowed too much money from other borrowers before borrowing the borrower.
The problem with the existing approach is that it is difficult to perform data fusion on loan information of multiple lenders, and to perform data supervision on users who have open rights.
On the other hand, the party that initiated the query request (e.g., borrower) does not want the queried sensitive data to be compromised between the computer side that operates the database and the computing devices that transmitted the query request.
Disclosure of Invention
In view of the above-mentioned drawbacks of the prior art, an object of the present application is to provide a data query and calculation method and system, and a storage medium, for solving the problem of securely querying sensitive data in the prior art.
To achieve the above and other related objects, a first aspect of the present application provides a data query method, for a first data query system, including: receiving a query service sent by a second data query system; the inquiry service comprises information to be inquired and an inquiry request subjected to first encryption processing; the query request is used for acquiring a query result of a target user corresponding to the information to be queried in a user group; the dimension of the query request is at least one dimension; and according to the query service, fusing the query results corresponding to the target user and the information to be queried, which are acquired from at least one data source, and feeding back the query results to the second data query system.
In certain embodiments of the first aspect of the present application, further comprising: verifying the query service; and when the verification is passed, acquiring a query result corresponding to the target user and the information to be queried from the corresponding data source.
In certain implementations of the first aspect of the present application, the step of validating the query traffic includes the steps of: verifying the identity of a target user in the query service submitted by the second data query system; and verifying whether the query service submitted by the second data query system is authorized by the target user.
In certain implementations of the first aspect of the present application, the step of validating the query traffic further includes the steps of: and verifying the format validity of the query request submitted by the second data query system and subjected to the first encryption processing.
In certain implementations of the first aspect of the present application, the query result is one of at least one query result derived based on a dimension of the query request.
In certain embodiments of the first aspect of the present application, the query result comprises any one of the following: the query data representing the information to be queried of the target user is null, and the query data representing the information to be queried of the target user is subjected to at least one first encryption processing.
In certain implementations of the first aspect of the present application, the query data is a promise value obtained by subjecting the query data in the plaintext to a second encryption process.
In certain embodiments of the first aspect of the present application, the step of fusing the query results obtained from at least one data source corresponding to the target user and the information to be queried includes: generating noise data; scrambling each query result and noise data from each data source to obtain a scrambling result; acquiring verification data generated based on the query service and a random number from a target user; obtaining verification data based on the random number and the noise data; and sending the disturbing result, the check data and the verification data to a second data query system.
In certain implementations of the first aspect of the present application, the verification data is a promise value obtained by subjecting the verification data of the plaintext to a second encryption process.
In certain implementations of the first aspect of the present application, the first encryption process is set based on homomorphic encryption.
A second aspect of the present application provides a data query method, for a second data query system, including: transmitting at least one query service based on a query requirement of a target user; the inquiry service comprises information to be inquired and an inquiry request subjected to first encryption processing; the query request is used for acquiring a query result of a target user corresponding to the information to be queried in a user group; the dimension of the query request is at least one dimension; and acquiring a query result corresponding to the target user according to each query service.
In certain embodiments of the second aspect of the present application, further comprising: and verifying the query service to obtain the query result.
In certain embodiments of the second aspect of the present application, the step of verifying the query service includes the steps of: proving whether the submitted query service is authorized by the target user.
In certain embodiments of the second aspect of the present application, the step of verifying the query service further comprises the steps of: the format legitimacy of the submitted first cryptographically processed query request is verified.
In certain embodiments of the second aspect of the present application, the query results comprise at least one of: the query data representing the information to be queried of the target user is null, and the query data representing the information to be queried of the target user after the data sources are summarized.
In certain embodiments of the second aspect of the present application, the query result is one of at least one query result derived based on the dimension of the query request.
In certain embodiments of the second aspect of the present application, the query result comprises any one of the following: the query data representing the information to be queried of the target user is null, and the query data representing the information to be queried of the target user is subjected to at least one first encryption processing.
In certain embodiments of the second aspect of the present application, the query data is a promise value obtained after the second encryption process.
In some embodiments of the second aspect of the present application, the step of obtaining, according to each query service, a query result of a corresponding target user includes: acquiring each query service: scrambling the result, verifying the data, and verifying the data; the disturbing result is obtained by disturbing based on the query result and noise data; the verification data is from the target user; the authentication data is derived based on the random number generated by the target user and the noise data.
In certain embodiments of the second aspect of the present application, further comprising: and carrying out consistency check on the obtained query results and check data provided by the target user.
In certain embodiments of the second aspect of the present application, the step of performing consistency verification on each obtained query result and verification data provided by the target user includes: extracting each inquiry result from the disturbing result, and decrypting to obtain inquiry data; and carrying out consistency verification on the obtained query data and verification data based on the verification data.
In certain embodiments of the second aspect of the present application, further comprising: and when the consistency is met, carrying out evaluation calculation corresponding to the query requirement based on each query result.
In certain embodiments of the second aspect of the present application, the query requirement comprises at least one of: the requirements generated by the target user based on the summation or statistics are queried and summarized.
In certain embodiments of the second aspect of the present application, the step of performing an evaluation calculation corresponding to the query requirement based on each query result includes: acquiring data to be evaluated provided by a target user and proving information corresponding to the data to be evaluated based on the query requirement; verifying that query data in the obtained query result and data to be evaluated accord with a preset corresponding relation based on the proving information; and after the verification is passed, carrying out evaluation calculation corresponding to the query requirement based on each acquired query result and the data to be evaluated.
In certain embodiments of the second aspect of the present application, the query requirement comprises at least one of: inquiring and summarizing whether the inquiry data of the target user is in a preset interval or not, and inquiring and summarizing fluctuation of the inquiry data of the target user.
In certain embodiments of the second aspect of the present application, the first encryption process is set based on homomorphic encryption.
A third aspect of the present application provides a first data query system, comprising: the first communication module is used for receiving query service sent by a second data query system; the inquiry service comprises information to be inquired and an inquiry request subjected to first encryption processing; the query request is used for acquiring a query result of a target user corresponding to the information to be queried in a user group; the dimension of the query request is at least one dimension; and the query fusion module is used for fusing the query results corresponding to the target user and the information to be queried, which are acquired from at least one data source, according to the query service, and feeding back the query results to the second data query system through the first communication module.
In certain embodiments of the third aspect of the present application, further comprising: the verification module is used for verifying the query service; and when the verification is passed, acquiring a query result corresponding to the target user and the information to be queried from the corresponding data source.
In certain embodiments of the third aspect of the present application, the verification module is configured to perform the following steps: verifying the identity of a target user in the query service submitted by the second data query system; and verifying whether the query service submitted by the second data query system is authorized by the target user.
In certain embodiments of the third aspect of the present application, the verification module is further configured to verify format validity of the first-type encrypted query request submitted by the second data query system.
In certain embodiments of the third aspect of the present application, the query result is one of at least one query result obtained based on the dimension of the query request.
In certain embodiments of the third aspect of the present application, the query result comprises at least one of: the query data representing the information to be queried of the target user is null, and the query data representing the information to be queried of the target user is subjected to at least one first encryption processing.
In certain embodiments of the third aspect of the present application, the query data is a promise value obtained by subjecting the query data in the plaintext to the second encryption processing.
In certain embodiments of the third aspect of the present application, the query fusion module is configured to perform the following steps: generating noise data; scrambling each query result and noise data from each data source to obtain a scrambling result; acquiring verification data generated based on the query service and a random number from a target user; obtaining verification data based on the random number and the noise data; and sending the disturbing result, the check data and the verification data to a second data query system so as to enable the second data query system to verify the consistency of the query result and the check data.
In certain embodiments of the third aspect of the present application, the verification data is a promise value obtained by subjecting the verification data of the plaintext to a second encryption process.
In certain embodiments of the third aspect of the present application, the first encryption process is set based on homomorphic encryption.
A fourth aspect of the present application provides a second data query system, comprising: the second communication module is used for sending at least one query service based on the query requirement of a target user; the inquiry service comprises information to be inquired and an inquiry request subjected to first encryption processing; the query request is used for acquiring a query result of a target user corresponding to the information to be queried in a user group; the dimension of the query request is at least one dimension; and the data processing module is used for processing the acquired query results corresponding to the target users according to each query service.
In certain embodiments of the fourth aspect of the present application, further comprising: and the matching verification module is used for verifying the query service for obtaining the query result.
In certain implementations of the fourth aspect of the present application, the coordination verification module is configured to prove whether the submitted query service is authorized by the target user.
In certain embodiments of the fourth aspect of the present application, the cooperation verification module is further configured to prove format legitimacy of the submitted query request subjected to the first encryption processing.
In certain embodiments of the fourth aspect of the present application, the query results comprise at least one of: the query data representing the information to be queried of the target user is null, and the query data representing the information to be queried of the target user after the data sources are summarized.
In certain embodiments of the fourth aspect of the present application, the query result is one of at least one query result obtained based on the dimension of the query request.
In certain embodiments of the fourth aspect of the present application, the query results comprise at least one of: the query data representing the information to be queried of the target user is null, and the query data representing the information to be queried of the target user is subjected to at least one first encryption processing.
In certain embodiments of the fourth aspect of the present application, the query data is a promise value obtained after the second encryption processing.
In certain implementations of the fourth aspect of the present application, the second communication module further obtains a response to each query service: scrambling the result, verifying the data, and verifying the data; the disturbing result is obtained by disturbing based on the query result and noise data; the verification data is from the target user; the authentication data is derived based on the random number generated by the target user and the noise data.
In certain embodiments of the fourth aspect of the present application, further comprising: and the verification module is used for carrying out consistency verification on the obtained query results and the verification data provided by the target user.
In some embodiments of the fourth aspect of the present application, the verification module is configured to extract each query result from the scrambled result, and decrypt the query result to obtain query data; and verifying the obtained query data and the verification data, and verifying that the query data and the verification data are consistent when the obtained verification result represents noise data and random numbers.
In certain embodiments of the fourth aspect of the present application, further comprising: and the evaluation module is used for performing evaluation calculation corresponding to the query requirement based on each query result when the consistency is met.
In certain embodiments of the fourth aspect of the present application, the query requirement comprises at least one of: the requirements generated by the target user based on the summation or statistics are queried and summarized.
In certain embodiments of the fourth aspect of the present application, the evaluation module is configured to perform the steps of: acquiring data to be evaluated provided by a target user and proving information corresponding to the data to be evaluated based on the query requirement; determining that query data in the acquired query result and data to be evaluated accord with a preset corresponding relation through verifying the proving information; and after the verification is passed, carrying out evaluation calculation corresponding to the query requirement based on each acquired query result and the data to be evaluated.
In certain embodiments of the fourth aspect of the present application, the query requirement comprises at least one of: inquiring and summarizing whether the inquiry data of the target user is in a preset interval or not, and inquiring and summarizing fluctuation of the inquiry data of the target user.
In certain embodiments of the fourth aspect of the present application, the first encryption process is set based on homomorphic encryption.
A fifth aspect of the present application provides a data query system, comprising: at least one data source for inquiring in a user group based on the received inquiry service to obtain an inquiry data set of the user group of a target user, and obtaining an inquiry result corresponding to the target user from the inquiry data set according to the inquiry request subjected to the first encryption processing; the first data query system according to any one of the third aspect, configured to communicate with at least one data source, so as to send the query service to the data source and perform fusion processing on a query result fed back by each data source; the second data query system according to any one of the fourth aspect is configured to send the generated query service to the first data query system and obtain a query result that is fusion processed by the first data query system.
A sixth aspect of the present application provides a first computer system comprising: a storage device for storing at least one program; interface means for communicating with at least one data source and a second computer system; processing means for invoking said at least one program and coordinating said storage means and interface means for performing a data querying method as described in any of the first aspects.
A seventh aspect of the present application provides a second computer system comprising: a storage device for storing at least one program; interface means for communicating with a second computer system; processing means for invoking said at least one program and coordinating said storage means and interface means for performing a second data query method as described in any of the second aspects.
An eighth aspect of the present application provides a computer-readable storage medium storing a data query computer program which, when executed, implements the data query method according to the first aspect or the data query method according to the second aspect.
As described above, the data query and calculation method and system, and the storage medium of the present application have the following beneficial effects: by adopting the query request processed through encryption, the sensitive information of the target user can be prevented from being leaked, and by adopting the query result processed through encryption, the query result can be effectively prevented from being leaked. Therefore, when the query service and the query result forwarding party (such as the first data query system) and the query result provider (such as the data source) can not acquire the target user and the query result, the application of sharing, fusing, evaluating and the like by using the sensitive data is realized.
Drawings
Fig. 1 is a schematic structural diagram of a hardware system of the data query system in an embodiment of the present application.
FIG. 2 is a flow chart of a data query method according to an embodiment of the present application.
FIG. 3 shows an example of a query request having 2 dimensions.
Fig. 4 is a schematic diagram showing a correspondence between the query request and the query result set shown in fig. 3.
Fig. 5 is a schematic diagram showing a correspondence relationship between the sub-query request elements and the query result after the operation of fig. 4.
FIG. 6 shows an example of a query request having a dimension of 3 dimensions.
Fig. 7 shows correspondence of the query data set to each spatial position in the space P1 shown in fig. 6.
Fig. 8 is a schematic diagram showing a correspondence relationship between the sub-query request elements and the query result after the operation of fig. 7.
Fig. 9 is a schematic diagram showing a correspondence relationship between the sub-query request elements and the query result after the operation of fig. 8.
FIG. 10 shows that all of the terms in the query result set queried for the 3X 4 array for the query request are non-empty. .
FIG. 11 shows that column 3 of the query result set queried for a 3×4 array for a query request contains only a 23 。
FIG. 12 shows a set of query results queried for a 3×4 array for a query request.
FIG. 13 shows a set of query results queried for a 3×4 array for a query request.
FIG. 14 shows a set of query results queried for a 3×4 array for a query request.
Fig. 15 shows a flowchart of the rights verification method of the present application.
Fig. 16 shows a 2-dimensional and form an operational relationship between a (3 x 4) matrix query request and a set of random numbers.
Fig. 17 is a schematic diagram of a software architecture of the data query system of the present application.
Fig. 18 is a schematic diagram of a software architecture of the rights verification system of the present application.
Parameter table of formulas referred to in this application
Detailed Description
Further advantages and effects of the present application will be readily apparent to those skilled in the art from the present disclosure, by describing the embodiments of the present application with specific examples.
Although the terms first, second, etc. may be used herein to describe various elements in some examples, these elements should not be limited by these terms. These terms are only used to distinguish one element from another element. For example, a first data querying system may be referred to as a second data querying system, and similarly, a second data querying system may be referred to as a first data querying system without departing from the scope of the various described embodiments, but they are not the same data querying system unless the context clearly indicates otherwise. Similar situations also include a first encryption process and a second encryption process, etc.
Furthermore, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context indicates otherwise. It will be further understood that the terms "comprises," "comprising," "includes," and/or "including" specify the presence of stated features, steps, operations, elements, components, items, categories, and/or groups, but do not preclude the presence, presence or addition of one or more other features, steps, operations, elements, components, items, categories, and/or groups. The terms "or" and/or "as used herein are to be construed as inclusive, or meaning any one or any combination. Thus, "A, B or C" or "A, B and/or C" means "any of the following: a, A is as follows; b, a step of preparing a composite material; c, performing operation; a and; a and C; b and C; A. and C). An exception to this definition will occur only when a combination of elements, functions, steps or operations are in some way inherently mutually exclusive.
In some query applications related to sensitive data, such as credit applications, applications for querying network services by using personal information, etc., protection of the sensitive data needs to be performed cooperatively by multiple parties such as a data source, an intermediate platform, a data consumer, etc. for providing the sensitive data; even sensitive data provided by the user himself is to be protected. Wherein the sensitive data includes, but is not limited to: personal/business identity information, personal/business account information, personal physical characteristic information, personal/business consumption information (such as bills), information generated by the personal/business due to the use of software (such as a moving route, browsing time length, etc.), evaluation information collected by the business, information obtained by analyzing the business according to at least the above information, and the like.
In order for each computer device involved in the sensitive data to perform processing on the sensitive data on the basis of protecting the sensitive data, in some embodiments, the sensitive data is encrypted, however, plain text still needs to be obtained when each computer performs data processing. Therefore, the application provides a method for realizing the reading, interaction, application processing and the like of the sensitive data under the condition that the multi-party equipment cannot know the sensitive data.
In some scenarios, such as order inquiry in internet service, the system for performing data security reading, interaction and application between the multiparty devices comprises: a second computer system, a data source (also called a third computer system). By executing the method provided by the application, the second computer system can directly perform safe data query on the data source and obtain the query result. In still other scenarios, such as a target user delegated querying of loan information for a loan institution, etc., which constitutes a system for secure data reading, interaction, and application between the multi-party devices, includes: a second computer system, a data source (also called a third computer system), and a user device. By executing the method provided by the application, based on the permission authentication cooperation of the user equipment used by the target user and the second computer system, the data source can provide safe data query for the second computer system, so that the second computer system obtains a corresponding query result. In still other scenarios, such as the targeted user delegated querying of loan information for multiple loan institutions, etc., which constitute a system for secure data reading, interaction, and application between the multi-party devices, includes: a first computer system, a second computer system, a data source (also called a third computer system), and a user device. The method provided by the application is executed, based on the permission authentication cooperation of the user equipment used by the target user and the second computer system, the first computer system performs safe data query on at least one data source, and query results of all the data sources are obtained.
Based on the examples above, at least one data query method, permission verification method, etc. is provided based on the execution of each computer system in the multiparty secure data processing procedure. In some scenarios, the corresponding data query method and rights verification method are performed by a multi-party computer system and constitute a process for securely transmitting and processing data. For example, in a lending survey application of a multi-party lend, a multi-party computer system participating in rights authentication and data querying may include: the user equipment, the first computer system, the second computer system and the third computer system held by the target user applying for borrowing. In still other scenarios, the corresponding data query method and the rights verification method may be performed separately for implementing secure data query and rights verification, respectively. In some specific scenarios, a database provided by a third computer system queries a certain order information which does not contain sensitive data in plaintext, and by using a data query method provided by the application, the third computer system obtains the queried certain order information by means of information describing the position of the order information in an order information set and the like. The order information may also be loan information, consumption information, personal identity information, and the like. In still other specific scenarios, in the process that the second computer system provides the query service to the third computer system to expect to obtain the query result and perform subsequent processing on the query result, the first computer system may serve as a proxy platform for the plurality of third computer systems and the plurality of second computer systems, not only provide data forwarding for both parties, but also provide a process of fusion of the query result, forwarding, authority verification, and the like. For example, the first computer system is a query agency platform for borrowing service, the second computer system is a query party for querying loan information of borrowers (also called target users), the third computer system is a database of loan institutions, the second computer system initiates a query service which does not contain sensitive data about the borrowers to the first computer system based on the application of the borrowers, the computer system performs authority verification, and forwards the query service to at least one third computer system after the authority verification is passed, and the third computer system obtains the loan information corresponding to the query service without knowing the sensitive data of the borrowers and returns the loan information to the first computer system; under the condition that the first computer system does not obtain the sensitive data, the query results fed back by the third computer systems are fused and fed back to the second computer system for consistency assessment of the query results between borrowers and loan institutions, loan qualification assessment and the like. Based on the above examples, in some other examples, portions of the first computer system may be integrated with a third computer system, e.g., rights verification and data forwarding are integrated in the third computer system. As another example, portions of the third computer system may be integrated into the first computer system. In yet other examples, portions of the first computer system may be integrated with the second computer system, e.g., integrating consistency verification, etc., in the second computer system. As another example, portions of the second computer system may be integrated into the first computer system. In yet other examples, the first computer system may integrate portions of the second computer system and/or the third computer system to improve information security. Based on the query process of loan information described above, performing a similar query process may also include querying identity information, consumption information, order information, and the like.
In order to facilitate the description of a data query process, a permission verification process, a query result consistency verification process, an evaluation process using a query result, etc. initiated based on a service requirement, the above processes are described by working processes of a hardware system composed of user equipment used by a target user, a second computer system used by a query party, a first computer system used by an intermediate platform, and a data source (also referred to as a third computer system) used by a borrower. Referring to fig. 1, a schematic diagram of a hardware system of a data query system according to an embodiment of the present application is shown.
It should be noted that, the processes performed according to the hardware system shown in fig. 1 are merely examples, and may be performed alone or in combination with other performing processes based on actual design requirements in different application scenarios. For example, the rights verification process described above may be used alone to perform rights verification of network traffic without providing sensitive data. For another example, the process of checking consistency of query results can be used solely for consistency check scenarios involving multiple parties, such as electronic contracts, proxy services, and the like. For another example, the above-described evaluation process combining the data query process and the query result may be determined according to the actual business logic requirements. Wherein the business logic requirements include, but are not limited to: order automatic processing requirements, pricing requirements for custom services based on user consumption capabilities, etc.
It should be noted that the above-mentioned user equipment, second computer system, first computer system, data source, etc. are electronic devices including a storage device, a processing device, an interface device, etc. The electronic device includes, but is not limited to, a dedicated chip, an FPGA, etc. configured to perform the above methods according to actual performance requirements.
The electronic device may be a single computer device, or a service system based on a cloud architecture, or the like. The single computer device may be an autonomously configured computer device capable of executing the methods of the present application, and may be located in a private machine room or in a rented machine location in a public machine room. The Cloud architecture Service system comprises a Public Cloud (Public Cloud) Service end and a Private Cloud (Private Cloud) Service end, wherein the Public or Private Cloud Service end comprises Software-as-a-Service (Software as a Service, abbreviated as SaaS), platform-as-a-Service (Platform as a Service, abbreviated as PaaS), infrastructure-as-a-Service (Infrastructure as a Service, abbreviated as IaaS) and the like. The private cloud service end is, for example, an ali cloud computing service platform, an Amazon (Amazon) cloud computing service platform, a hundred degree cloud computing platform, a Tencel cloud computing platform, and the like.
According to the hardware device for actually running the above methods, each device constituting the electronic device may be located on a single server, or located in a plurality of servers and completed cooperatively by data communication between the servers.
For this purpose, the interface device is connected to the processing device in a data manner, which can be connected via a bus or can be data-transferred via a communication network. To this end, the interface means include, but are not limited to, a network card, a mobile network access module, a bus interface connected to the processing means via a bus, etc. For example, the interface device of the corresponding second computer system is communicatively connected to the interface device of the first computer system, the interface device of the user equipment, and the like. The interface devices communicate data through the Internet, a mobile network and a local area network.
The storage device is used for storing at least one program capable of executing any one or more of the methods. The storage means corresponding to the same electronic device may be located on the same physical server as the processing means or in different physical servers and the program is transferred to the processing means running the program via the interface means of the respective servers. The storage may include high-speed random access memory, and may also include non-volatile memory, such as one or more disk storage devices, flash memory devices, or other non-volatile solid-state storage devices. In some embodiments, the memory may also include memory remote from the one or more processors, such as network-attached memory accessed via RF circuitry or external ports and a communication network (not shown), which may be the internet, one or more intranets, a Local Area Network (LAN), a wide area network (WLAN), a Storage Area Network (SAN), etc., or suitable combinations thereof. The storage also includes a memory controller that can control access to memory by other components of the device, such as the CPU and peripheral interfaces. Among other software components stored in the storage device include an operating system, a communication module (or instruction set), a text input module (or instruction set), and an application (or instruction set).
The processing device is operatively coupled with the storage device. More specifically, the processing apparatus may execute programs stored in the memory and/or the nonvolatile storage device to perform operations in the task platform. As such, the processing device may include one or more general purpose microprocessors, one or more application specific processors (ASICs), one or more field programmable logic arrays (FPGAs), or any combinations thereof. Wherein, the plurality of CPUs contained in the processing device can be positioned in the same entity server or distributed in a plurality of entity servers, and realize data communication by means of the interface device so as to cooperatively execute the steps of each method.
Referring to fig. 2, a flow chart of a data query method in one embodiment is shown. The data query method involves the steps executed by the second computer system, the steps executed by the first computer system and the steps executed by the third computer system. The first computer system is configured with a first data query system, the second computer system is configured with a second data query system, and the third computer system is configured with a third data query system, wherein each data query system is a software system running in a corresponding computer system.
According to the foregoing examples of the respective scenarios, the computer system that performs the relevant steps of the method may also be other computer systems that can perform the relevant steps, and is not limited to the computer system shown in the present embodiment; accordingly, each software system may be configured in a split or combined manner in an entity computer system that performs the corresponding steps, and are not illustrated herein.
In step S110, the second data query system transmits at least one query service based on a query requirement of a target user.
Wherein the target user is a provider of sensitive data, which may be a person, an enterprise, etc. For example, the target user is a borrower who applies for a loan. The second data query system aims at obtaining a query result of a corresponding target user by using a network architecture constructed by the hardware system illustrated in fig. 1 under the condition that sensitive data of the target user are not provided, and further performing evaluation of the corresponding query requirement by using the query result. Here, the query requirement is generated by the target user applying in an offline or asynchronous manner. Wherein the query requirement comprises: loan amount assessment requirements generated for lending purposes, etc., personal credit assessment requirements generated for contractual purposes, etc.
To this end, the second data query system generates at least one query service based on the query requirement. Wherein the query traffic is related to mathematical calculations describing the requirements of the query. For example, in order to determine that a loan within ten-thousand-yuan of the interval [ a1, a2] can be issued to a target user in the demand for inquiring the loan amount, a mathematical calculation including comparing the loan balance of each loan institution with the loanable amount of the target user is constructed. Correspondingly, the query service comprises: query business for querying the loan balance of a target user in a plurality of loan institutions. For another example, still taking the inquiry requirement of loans as an example, the inquiry requirement includes statistics of the number of loans, and to determine the historical number of loans of the target user, a mathematical calculation including a summary of the number of loans of each loan organization needs to be constructed. Correspondingly, the query service comprises: query business for querying the number of loans of a target user in a plurality of loan institutions.
The inquiry service comprises information to be inquired and an inquiry request subjected to first encryption processing. The information to be queried refers to information related to the type of the query result, which is required to be acquired from a data source in order to execute mathematical computation. Examples of the information to be queried include: loan times, loan balances, loan balance mean and variance, personal belief-loss times, refund reason statistics, and the like.
In addition, in order to remove the sensitive data about the target user, the query service is further provided with a query request corresponding to the target user. The query request is used to indicate the location of the target user in a user group. The user groups are uniformly arranged in at least the second data query system and the third data query system. In other words, the second data query system and the third data query system are preconfigured with the order of the individual user information in the user group. In some examples, the registered users are divided into a plurality of user groups with the same size in a preset manner, so long as the grouping scale is large enough, the grouping mode can achieve the purpose of stealth sensitive data, and the design is a trade-off between efficiency and privacy. For example, suppose there are N registered users, which are divided into several groups, each group having a size of Ng. For a registered user with identity u, the first data query system may assign a unique tuple (gid u ,pid u ) And share to other data query systems. Wherein gid u Is a group id, pid u Is the location of the user in the group. It is obvious thatAnd 0.ltoreq.pid u <N g 。
In some specific examples, the user group may be a default group, e.g., the user group is all users registered in the second data query system and updated to the third data query system by synchronous or asynchronous. In yet other specific examples, the second data query system divides the registered users into a plurality of user groups and distinguishes the user groups based on the number (e.g., gid) of each user group by updating to the third data query system synchronously or asynchronously. For this reason, in the case that the user group is plural, the query service further includes user group information in which the target user is located.
The sequence of the user information in the same user group is consistent in the second data query system and the third data query system. Or the sequence of the user information in the same user group is corresponding to the second data query system and the third data query system. In some more specific examples, the correspondence is configured on the first data query system side, and the first data query system converts the order of each user in the user group provided by the second data query system into the order of each user in the user group required by a certain third data query system according to the correspondence.
The query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group. Wherein the query request comprises at least one-dimensional sub-query request, wherein each one-dimensional sub-query request comprises a plurality of sub-query elements. The locations of users in the user group may correspond to the locations of the sub-query elements in the query request in the respective dimensions. Here, in order to remove the sensitive data of the target user, taking 0 and 1 as an example to represent non-target users and target users in the user group, the user group includes 12 users, where the 4 th user is the target user, the plaintext of the query request may be represented as {0,0,0,1,0,0,0,0,0,0,0,0}, and the one-dimensional sub-query request is represented by encrypting the plaintext of the query request by using the first encryption process: { E (0), E (0), E (0), E (1), E (0), E (0), E (0), E (0), E (0) }; or encrypting the plaintext of the query request to obtain a two-dimensional sub-query request, which is expressed as: { { E (0), E (1), E (0), E (0) }, { E (1), E (0), E (0) }. E (0) and E (1) in the sub-query requests of each dimension are sub-query elements.
Here, the first mathematical calculation performed on the query request after the first encryption processing for obtaining the query result has an effect equivalent to the second mathematical calculation performed on the plaintext of the query request, so that each data query system participating in the data query can obtain the query result of the corresponding target user by the query request after the first encryption processing. In some examples, the first encryption process is set based on homomorphic encryption. For example, the first encryption processing mode is based on a formulaWhile E (0) and E (1) in the previous example correspond to x here 1 ,x 2 Cases 0 and 1; r is a random number; g and n are public keys of a first encryption processing mode; the first encryption processing mode in this example has an addition homomorphism: e (x) 1 )E(x 2 )=E(x 1 +x 2 ) And multiplication homomorphism: /> It can be seen that performing a multiplication with the first encrypted query request is equivalent to an addition of plaintext, and performing an exponential multiplication with the first encrypted query request is equivalent to a multiplication of plaintext. It should be noted that the first encryption method is not limited to the homomorphic encryption algorithm provided by the formula, and other encryption algorithms with homomorphic properties are also suitable for this purpose.
The query requests described based on the above examples may be represented by a one-dimensional array. If the number of users in the user group is too large, the number of the query requests is too large, which is disadvantageous for data communication. To this end, in some other examples, the locations of users in the user group are described by a multi-dimensional query request. For example, the user group contains 12 users, of which the target users are the fourth, and the manner in which the fourth target user (the first column of the second row) in the user group is described by using the two-dimensional query request (4×3) is exemplified by { { { q (0), q (1), q (0), q (0) }, { q (1), q (0), q (0) }, whereby it can be seen that the 12 one-dimensional query requests are converted to be described by 7 two-dimensional query requests. By the two-dimensional example popularization, the query request is set to be a multi-dimensional sub-query request according to the minimization of the data transmission quantity. For example, the number of users in the user group is 1000, the dimension of the query request is set to three dimensions (10 x 10), a total of 30 query element descriptions are required.
In order to perform a data query using the first encryption algorithm, the query request may mark one or more target users in the user group. In order to perform fast calculation by using the multidimensional space constructed by the query request, only the user corresponding to one position in the space is marked as the target user in the query request, namely, the sub-query element corresponding to each dimension of one spatial position in the multidimensional space constructed by the query request is a value 1 subjected to the first encryption processing, and the sub-query elements corresponding to each dimension of the rest of spatial positions are a value 0 subjected to the first encryption processing.
In some examples, the second data query system sends the generated at least one query service to the third data query system to obtain a query result of the target user at the third data query system. In still other examples, the second data query system sends the generated at least one query service to a first data query system, and the first data query system may forward the query service based on a preset plurality of data sources, or forward the query service according to at least one data source specified in the query service, and obtain a query result of a corresponding target user fed back by a third data query system in the plurality of data sources.
Taking the example that the first data query system receives the query service, in step S210, the first data query system receives at least one query service sent by the second data query system, and forwards the query service to a third data query system including a corresponding data source, so that the third data query system executes step S320.
Taking the example that the third data query system receives the query service, in step S310, the third data query system receives at least one query service sent by the second data query system, and performs step S320.
In step S320, the third data query system obtains a query data set of the user group where the target user is located according to the information to be queried.
The third data query system reads the query data set corresponding to the whole user group from the database according to gid of the user group and information to be queried. In some examples, the information to be queried corresponds to data items in a database, and the step includes reading a first query data set corresponding to the user group in the database according to the data items corresponding to the information to be queried in the database, and taking the first query data set as the query data set. For example, the information to be queried is a loan balance, and the database of the third data query system includes data items of the loan balance, and the third data query system reads the query data set of the corresponding user group in the database.
In still other examples, the third data query system needs to determine a corresponding data item in the database according to the information to be queried, and pre-process the first query data set according to a pre-processing mode of the data item in the information to be queried to obtain a second query data set, and uses the second query data set as the query data set obtained according to the information to be queried and the user group. For example, the information to be queried is whether a loan exists or not, and the third data query system reads the first query data set of the user group according to the data item of the loan balance, and performs preprocessing according to the condition that the loan balance is larger than 0 and the loan exists, so as to obtain the second query data set of the loan exists in the user group. For another example, the information to be queried is the square of the loan balance, and the third data query system reads the first query data set of the user group according to the data item of the loan balance, and performs preprocessing according to the formula of the square of the loan balance to obtain the second query data set of the square of the loan balance in the user group.
In other examples, the step includes the step of subjecting each of the query data sets to a second encryption process, and using the second encrypted query data set as the query data set for subsequent processing. In some specific examples, according to the description of the information to be queried, the third data query system performs a second encryption process on the plaintext of each query data read from the database, thereby obtaining a promised value of the plaintext of the query data, and forming a query data set from the promised value. In still other specific examples, according to the description of the information to be queried, the third data query system performs preprocessing on the plaintext of each query data read from the database, and performs second encryption processing on the preprocessed query data plaintext, thereby obtaining a promised value of the preprocessed query data plaintext, and forming a query data set from the promised value. In order to facilitate the second data query system to calculate the promise value, so as to obtain the data processing requirement of equivalently calculating the query data plaintext corresponding to the promise value, the second encryption processing is also a homomorphic encryption mode.
For example, a second encryption method based on homomorphic encryption is: given two large prime numbers p and q such that q|p-1, assume G q Is Z p Is a q-order subgroup. Let G and h be G q And record the commitment function as F (x, r) =g x h r mod p, where x ε Z q Is a promise value, r is at Z q A commitment random number selected randomly. Wherein F (x) may be abbreviated as F (x, r). Here, the resulting commitment function F is additive homomorphic: given two commitments c 1 =F(x 1 ,r 1 ) And c 2 =F(x 2 ,r 2 ) Can obtainI.e. c 1 c 2 Is x 1 +x 2 Is a promise of (a). The random number in the commitment masks the committed value, so the commitment of x does not show any information about the value of x.
In step S330, the third data query system obtains the query result corresponding to the target user from the query data set according to the first encrypted query request and feeds back the query result.
The third data query system performs operation processing on the query request subjected to the first encryption processing and the query data set according to the operation mode corresponding to the first encryption processing and the query request of each dimension, so as to extract a query result corresponding to the target user.
Here, according to the situation that each query data in the actual query data set may be partially or completely empty, partially or completely 0, or partially or completely a numerical value (or character string, etc.) not equal to 0, etc., before extracting the query result of the target user according to the dimension of the query request, it is determined whether the query data set is empty.
In some examples, the query data set for the user group queried by the third data query system is null. For example, all users in the user group have no loan balance recorded at the loan institution where the third data query system is located. In some specific examples, the third data query system feeds back a null value (null) to the second data query system as a query result of the corresponding target user, or feeds back the null value to the second data query system via the first data query system. In still other specific examples, to avoid the occurrence of a plaintext query result, the step S330 includes: taking the preset value corresponding to the empty as a query result corresponding to the target user; and carrying out first encryption processing on preset values for preset times by using the first encryption processing query request to obtain a query result corresponding to the target user.
For example, the preset null value corresponds to a value obtained by performing the first encryption processing on the value 0, and the value is used as a query result corresponding to the target user. For another example, the preset null value corresponds to a value (e.g., E (0)) obtained by performing the first encryption processing on the value 0, and the value is used as a query result corresponding to the target user; for another example, according to the dimension d of the query request, the preset null value corresponds to a value obtained by performing d times of first encryption processing on the value 0 (e.g d (0) As a query result corresponding to the target user.
In yet another example, when the query data set includes at least one query data, the step S330 includes: and calculating the query request subjected to the first encryption processing and the query data set based on the operation mode corresponding to the first encryption processing mode.
The third data query system extracts query data of a corresponding target user in the query data set by using the query request under a space constructed based on the dimension of the query request.
Taking the dimension of the query request as one dimension as an example, the third data query system uses the formula as followsIndex calculation is carried out on each sub-query element in the query request and the corresponding query data, wherein x is i A is the plaintext of sub-query element, a i To correspond to x i Plaintext or commitment value of the query data. When the plain text of the sub-query element is 0, the corresponding sub-query element is E (0), and E (0×a) is obtained according to the above formula i ) I.e., E (0); when the plaintext of the sub-query element is 1, the corresponding sub-query element is E (1), and E (1×a) is obtained according to the above formula i ) E (a) i ). The third data query system feeds back query data II E (x) i a i )=E(a i ). The query data is a query data plaintext or a promise value stored in a database.
Taking the dimension of the query request as a multi-dimension example, the step S330 includes: based on a space constructed by the i-th dimension sub-query request and the sub-query requests of the remaining dimension, corresponding each query data in the query data set to a position representing the space; calculating each sub-query element in the corresponding ith dimension in the space and corresponding query data by utilizing the operation mode to obtain a new query data set projected in the ith dimension; repeating the above process by using a new space constructed by the (i+1) dimension sub-query request and the sub-query request with the remaining dimension and a new query data set until all dimensions are traversed to obtain a query result of a corresponding target user; wherein i is more than 0 and less than or equal to d, and d is the total number of dimensions.
The space is used for assisting in explaining the corresponding relation between the sub-query elements and each query data in the query data set, and the space can be expressed in the form of a memory opened in the execution process of a computer or can provide a logical mapping relation based on the instructions of the computer program. In some specific examples, the space constructed based on the i-th dimension sub-query request and the sub-query requests with the remaining dimensions expands the multi-dimension sub-query requests along the i-dimension to construct a space matrix, and corresponds each query data to the space matrix according to the serial number of each query data in the query data set. In other specific examples, the location of the query dataset in the space is derived using a formula:
row_len=m * /m i ;
A kind of electronic device with high-pressure air-conditioning system
Wherein m is i A length of the space in the i-th dimension determined based on a number of sub-query elements in the i-th dimension in the set of query requests; m is m * Is the capacity of the space; row_len is the capacity of the remaining dimension;sequential numbering of the jth query data in the query data set; r and c are the locations of the jth query data in the space, respectively.
The third data query system performs the following operations by using the correspondence between the sub-query elements and the query data determined by the space constructed by any one of the above steps: respectively calculating each non-empty query data of the r line in the space and the r sub-query element of the i dimension by using a first operation item in an operation mode to obtain each calculation result of the corresponding r line; and aggregating the calculation results of the c-th row in the space by using a second operation item in the operation mode to obtain a new query result set; where r and c represent the locations of the query data in space. Wherein, utilizing the operational characteristics of the first encryption process, E (x) E (y) =E (x+y), E (x) is generated by the homomorphic encryption process y The above calculation is performed for the operational characteristics of =e (xy), resulting in a new query result set.
And repeating the process by using a new space constructed by the (i+1) th dimension sub-query request and the sub-query requests of the remaining dimensions and a new query data set until all dimensions are traversed, and obtaining a query result of a corresponding target user.
Taking the example that Ng registered users in a group, not all people borrow money from the same lender, especially some small loaners, the array of borrower information may be very sparse because each lender Si only needs to store its own borrower information. For example, if only 1/10 of the people borrow money from a lender, the sparsity (i.e., the proportion of empty terms) of most lender groups will exceed 0.9. Sparsity is used to accelerate the PIR process, i.e., skip empty entries when generating results.
Specifically, for a sparse query result set A with m terms, it is assumed that m 'terms are not empty (this represents m=Ng, and only m' users in the group borrow from the lender 1 :a 1 ,ind 2 :a 2 ,...,ind m′ :a m′ }, each of which (ind) j :a j ) (1. Ltoreq.j.ltoreq.m') is the index versus value pair. Each ind j Corresponding to one pid, each a j Corresponding to some x ib Is a promise of (a). This step recursively performs the extraction process and exploits the sparsity of the array to improve performance. Intuitively, for an array a of size m, if one wants to extract the entries of the position ind, one can first aggregate each row_len entry into a group and consider the array as a row_lenx (m/row_len) matrix. Next a x ind ]Is calculated as (r, c) and row r is extracted. This process is then applied recursively to extract the c-th item of the extracted line. The empty term is skipped to reduce computational overhead and finally the algorithm returns the extracted term. The computational complexity is proportional to the number of non-empty terms (i.e., the number of registered users borrowing funds from the borrower).
The algorithm based on the above example is described as follows:
taking the dimension of the query request as a two-dimensional example, please refer to fig. 3, which shows an example in which the dimension of the query request is 2-dimensional, wherein the query request is: q= { q 11 ,q 12 ,q 13 },{q 21 ,q 22 ,q 23 ,q 24 }, wherein q ij For the ith and jth sub-query elements, each sub-query element corresponds to 0 or 1 subjected to the first encryption processing, in other words, each q ij Is q= { { q 11 ,q 12 ,q 13 },{q 21 ,q 22 ,q 23 ,q 24 } = { { { E (0), E (1), E (0) }, { E (0), E (0), E (1), E (0) }. First dimension sub-query request { q 11 ,q 12 ,q 13 Sub-query requests { q } and the remaining dimension (i.e., the second dimension) 21 ,q 22 ,q 23 ,q 24 The space P1 constructed is shown in FIG. 3; the third data query system queries the data set { NA, x } 2 ,NA,x 4 ,x 5 ,NA,NA,x 8 ,x 9 ,x 10 NA, according to the spatial position provided by the space P1, sequentially corresponding each value in the query data set to each spatial position according to a preset sequence, NA represents that the query data is empty, please refer to FIG. 4, which shows a schematic diagram of the correspondence between the query request and the query result set shown in FIG. 3, wherein q 11 Sub-query element corresponds to array { NA, x 2 ,NA,x 4 };q 12 Sub-query element corresponds to array { x } 5 ,NA,NA,x 8 };q 13 Sub-query element corresponds to array { x } 9 ,x 10 NA, NA }. Wherein, according to the sub-query element q representing the number 1 in the query request q 12 And q 23 The query data corresponding to the target user is the 7 th data NA in the query data set at a position in space.
Calculating the values of the sub-query elements and the corresponding arrays according to the formula E y =e (xy), wherein for query data marked as Null (NA), the third data query system skips processing to obtain a calculation result as shown in fig. 5, and calculates the values according to the formula E (x) E (y) =e (x+y) along the first dimension directionThe result is aggregated to obtain a new query data set (E (a) 21 ),E(0),NA,E(a 24 ) And), wherein a 21 Corresponds to x 5 ,a 24 Corresponds to x 8 。
Sub-query request { q in accordance with second dimension in query request q 21 ,q 22 ,q 23 ,q 24 One-dimensional space constructed, new query data sets (E (a 21 ),E(0),NA,E(a 24 ) Repeating the above process to obtain a query result E (0) of the corresponding target user.
Taking the dimension of the query request as a three-dimensional example, please refer to fig. 6, which shows an example in which the dimension of the query request is 3-dimensional, wherein the query request is: q= { q 11 ,q 12 ,q 13 ,q 14 },{q 21 ,q 22 ,q 23 },{q 31 ,q 32 }, wherein q ij For the ith and jth sub-query elements, each sub-query element corresponds to 0 or 1 subjected to the first encryption processing, in other words:
q={{q 11 ,q 12 ,q 13 ,q 14 },{q 21 ,q 22 ,q 23 },{q 31 ,q 32 }}
={{E(0),E(0),E(1),E(0)},{E(0),E(1),E(0)},{E(1),E(0)}}
Wherein the first dimension sub-query requests { q 11 ,q 12 ,q 13 ,q 14 Sub-query requests { q } and the remaining dimensions (i.e., second and third dimensions) 21 ,q 22 ,q 23 },{q 31 ,q 32 The space P1 constructed is shown in FIG. 6; the third data query system queries the data set { NA, x } 2 ,NA,x 4 ,NA,NA,NA,NA,NA,NA,NA,NA,x 13 ,x 14 ,x 15 NA, NA, NA, NA, NA, NA, NA, NA, NA, according to the spatial positions provided by the space P1, sequentially corresponding the values in the query data set to the spatial positions in a preset order, please refer to fig. 7, which shows that the query data set corresponds to the spaces in the space P1 shown in fig. 6Correspondence of positions, i.e. q 11 Sub-query element corresponds to array { NA, x 2 ,NA,x 4 ,NA,NA};q 12 Sub-query element corresponds to array { NA, NA, NA, NA, NA, NA }; q 13 Sub-query element corresponds to array { x } 13 ,x 14 ,x 15 ,NA,NA,NA};q 14 The sub-query elements correspond to the array NA, NA, NA, NA, NA, NA. Wherein, the sub-query element q is represented by the number 1 in the query request q 13 、q 22 And q 31 The query data corresponding to the target user is the 15 th data x in the query data set at the position in the space 15 。
According to formula E (x) y For the query data marked as Null (NA), the third data query system skips the process to obtain the calculation result shown in fig. 8, and aggregates the calculation results along the first dimension direction according to the formula E (x) E (y) =e (x+y) to obtain a new query data set (E (a) 31 ),E(a 32 ),E(a 33 ) E (0), NA, NA), wherein a 31 Corresponds to x 13 ,a 32 Corresponds to x 14 ,a 33 Corresponds to x 15 。
Sub-query request { q in accordance with second dimension in query request q 21 ,q 22 ,q 23 Sum of the remaining sub-query requests { q } 31 ,q 32 Two-dimensional space constructed, new query data sets (E (a 31 ),E(a 32 ),E(a 33 ) The above procedure is repeated for a new query dataset of (E (0), NA) as (E (a 33 )),E(E(0)))。
According to formula E (x) y For the query data marked as Null (NA), the third data query system skips the process to obtain the calculation result shown in fig. 9, and aggregates each calculation result along the second dimension direction according to the formula E (x) E (y) =e (x+y) to obtain the query result E (a) 33 ))). The target user queriesThe result is query data x subjected to the third first encryption processing 15 。
Based on the above example and generalized to a higher dimension query request, the query result is one of at least one query result derived based on the dimension of the query request. In other words, the generated query result has one of a plurality of query results obtained based on the dimension based on the possibility that the set of query results obtained in the third data query system includes a space in a certain dimension. In addition, if the query data of the target user in the third data query system is Null (NA), according to the actual design requirement, a query result unrelated to the dimension or a query result related to the dimension can be obtained.
In some scenarios, when a third data query system skips over a null item in an array, the second data query system may infer additional information about the array by comparing the random number in the query to the result ciphertext. Referring to the 3×4 array shown in fig. 10 and 11, in which all items in fig. 10 are non-empty, column 3 in fig. 11 contains only the queried item a 23 . With respect to fig. 10, when the third data query system extracts the second row,wherein x is ij =0 or 1, obtain However, with respect to FIG. 11, when the third data query system extracts the second row, it obtains Thus, the second data query system receives E (E (a 23 ) After first decrypting the outermost encryption and obtaining E (a) 23 ). Then by comparison +.>And->The recipient can infer whether column 3 contains other non-empty items.
In other scenarios, the second data polling system may infer additional information by checking whether decryption returns 0. For example, the query of FIG. 12 returns E (E (0)). This is because a23 is empty and skipped. Similarly, the query of FIG. 13 returns E (0 1 ) Wherein 0 is 1 Is a 0 string of length equal to the ciphertext length (e.g., 2048 bits for a Paillier with 1024-bit private key). Fig. 14 shows a completely empty array, we set 0 as output (line 19 in algorithm 1). In format, for a d-dimensional query to extract term e, there are d+2 possibilities for the result of algorithm 1: 0, E (0) d-1 ),E 2 (0 d-2 ),.....,E d-i (0 i ),.....,E d-1 (0 1 ),E d (0),E d (e) Wherein E is i (·)=E(E i-1 (-) and 0 i Is with E (0) i-1 ) 0 strings of identical length. Although these ciphertexts have the same length, they can be decrypted and their type found. Thus, different types of arrays result in different types of outputs, which show additional information of the array. When the second data query system obtains a response from the third data query system, decryption is performed at most d times to obtain plaintext. During decryption, the second data polling system may encounter ciphertext or a 0 string. As can be seen from the above, the third data query system further represents query data of the target user to be queried information subjected to at least one first encryption process.
In order to prevent the query results of the target user and other users in the user group from being back-pushed and revealed, in the performing the iterative process, the third data query system further performs the following steps: adding each query result in the new set of query results to the first noise data using the (i+1) -th dimension sub-query request and the remaining dimensionThe new space constructed by the sub-query requests, and the new query data set incorporating the first noise data, repeat the processes. The first noise data may be data obtained by performing a first encryption processing on the value 0. For example, each query result E (a) in the query dataset is expressed by the formula E (x) E (y) =e (x+y) 33 ) Multiplying E (0) to obtain a query result containing first noise data, namely E (E (a) 33 ))E(0)=E(E(a 33 )+0)。
In yet other specific examples, to avoid the first data query system obtaining query results for which the target user has a null in the third data query system; wherein the value represented as null may be the number 0.
In step S340, the third data query system feeds back the obtained query result of the corresponding target user according to the obtained query service.
In some examples, the third data query system feeds back query results to the first data query system. In still other examples, the third data query system feeds back query results to the second data query system.
It should be noted that, the data query method provided by the third data query system is not limited to the query method for loan application. The target users, user groups, and respective corresponding query data (sets) should be adapted to the respective application scenario for adaptation. In some descriptions that are more generic to database queries, the target user may correspond to a target object and the group of users may correspond to a group of objects. The target object corresponds to a first data item which can be stored in the database, and the query result is a second data item which is stored in the database and has an association relation with the first data item set based on the index or data which is preprocessed based on the second data item. The group of objects may be considered a query scope, which may also be exemplified by a time scope, an index scope, a condition scope, etc. For example, in the query business of productivity index evaluation, environment index evaluation and the like of government supervision enterprise production, the data query mode can be utilized to obtain the production index information in the enterprise self production index database for evaluation under the condition of no leakage of production operation conditions. In another example, when the movie box office is counted, the actual ticket selling situation for a certain movie can be obtained for counting by utilizing the data query mode under the condition that the operation condition of the cinema is not revealed. For another example, when the multi-e-commerce platform selects the warehouse, the data query mode can be utilized to acquire the data aiming at the consumption area for statistics and the like under the condition of not leaking the order information of each e-commerce platform. It follows that terms provided in the data query means provided by the third data query system (e.g., target users, user groups, etc.) should be understood broadly without limiting the query traffic generation, subsequent processing of the query results.
Taking the case that the third data query system feeds back the query result to the first data query system, the first data query system obtains the query result provided by at least one third data query system (i.e. data source):
in step S220, the first data query system fuses the query results corresponding to the target user and the information to be queried obtained from at least one third data query system according to the query service, and feeds back the query results to the second data query system.
The first data query system collects query results fed back by each third data query system according to the query service, and fuses the query results together so as to provide complete query results for the second data query system. Correspondingly, the second query system executes step S120 to obtain a query result of the corresponding target user according to each query service.
In some examples, to confirm that the query results summarized from the data sources are consistent with the verification data provided by the target user, the first data query system further performs the steps of: generating second noise data; scrambling each query result from each data source and the second noise data to obtain a scrambling result; acquiring verification data generated based on the query service and a random number from a target user; obtaining verification data based on the random number and the second noise data; and sending the disturbing result, the check data and the verification data to a second data query system. The second noise data may be a random number, for example, the second noise data is a value 0 or a promise value of the value 0 obtained by at least one first encryption process.
In one aspect, the first data query system performs scrambling processing on the fused query result and the second noise data according to a differential privacy technique. On the other hand, the first data query system acquires verification data corresponding to the information to be queried, which is provided by the target user. The verification data is a summary of query results of each data source, for example, a summarized promise value of query data plaintext of each data source. The first data query system transmits the collected scrambling result, verification data, and verification data to the second data query system.
Taking a loan scenario as an example, wherein the third data query system may be considered a lender, the first data query system may be considered a proxy, and the second data query system may be considered a querier. After the third data query system sends the query results to the first data query system, the first data query system generates a noisy PIR response (i.e., second noisy data) to make it impossible for the initiator to distinguish what type of output the second data query system sent. Other possible output lengths are equal than 0. In order to prevent the first data query system from learning additional information from the output, the third data query system uses E when the output is 0 d (0) And replacing the output. The first data query system then generates second noise data. Ciphertext of 0 character string, i.e. E (0) d-1 ),E 2 (0 d-2 ),....,E d-i (0 i ),....,E d-1 (0 1 ),E d (0) May be generated directly by the first data querying system using the public key of the second data querying system. But in order to hide the amount of promised ciphertext, i.e. E d (e) Where E is the commitment, the first data querying system generates a commitment of 0, i.e., F (0), which is then encrypted as E d (F (0)). Since the second data query system cannot distinguish 0 commitment from other commitments, it cannot be determined whether the commitments are from the first data query system as long as the noise generation algorithm achieves strong privacyIs a third data query system. Meanwhile, since the second noise data is a ciphertext of 0 or F (0), the result of the consistency check is not affected. Specifically, the first data query system adds Laplace noise to achieve differential privacy [31 ]]. For i=1, 2.,. D, if the format is E d-i (0 i ) The type of response is a type i response. Furthermore, if the response is the promised ciphertext E d (F (x)), the type of response is a type 0 response.
Assume that a first data querying system collects ni types i (i=0, 1, d) response. If the first data query system generates An individual type i noise response, wherein, for each i,/>And mixes it with the response from the lender, the first data querying system causes each third data querying system to achieve (epsilon, delta) differential privacy with the type of response to the second data querying system, wherein ∈>Eye->
The above description procedure shows that: if the first data query system adds an appropriate amount of noise, the second data query system cannot infer the type of response sent by each third data query system. Note that the above theorem considers the case where the second data inquiry system inquires the target user information only once. However, sometimes the second data querying system may query information of a particular target user multiple times (e.g., the target user may borrow money from the initiator multiple times). In order to still achieve (epsilon, delta) differential privacy in this case, the privacy budgets epsilon and delta can be split up each time. Specifically, the first data querying system distributes the budget evenly to k queries, such that each query individually implements (ε/k, δ/k) differential privacy.
After receiving the disturbing result, the verification data and the verification data, the second data query system executes step S130 to perform consistency verification on each obtained query result and the verification data provided by the target user.
The second data query system extracts each query result from the scrambled data, calculates the summary of each query result according to a preset ciphertext operation or plaintext operation, and compares the summary with the check data to determine whether the summary is consistent with the check data or not. For example, the check data and the query result are generated by a second encryption processing mode, and ciphertext operation which can be equivalent to plaintext consistency check is performed by using an operation mode corresponding to the second encryption processing, so as to obtain the summary of each query result; and then, according to the operation mode corresponding to the second encryption processing, whether the check data is consistent with the summary or not is checked.
In some examples, each query result extracted from the scrambled result by the second data query system is a query result obtained by d times of first encryption processing, so that the second data query system also performs decryption processing to obtain query data; and verifying that the obtained query data and the verification data are consistent based on the verification data.
The second data query system performs decryption processing on each query result d times according to the dimension of the generated query request to obtain query data fed back by each data source, calculates the verification data and the summary according to an operation mode corresponding to the second encryption processing, and if the obtained calculation result is consistent with the verification data, the verification data and the summary are consistent, otherwise, the verification data and the summary are not consistent.
The process of consistency check is described in a loan scenario example:
for each query result, the agent (first data query system) generatesNoise response of individual type i, where +.> Meanwhile, the agent samples a random integer +.>And generates n 0 Commitment F (0, r) 1 ),F(0,r 2 )……F(0,r n ). Then proxy calculates +.>And encrypts promise to get n of type 0 0 And (5) responding. Finally, the agent mixes these responses with the responses (first noise data) collected from the borrower (third data querying system).
For each Si (third data query system), borrower b (target user) calculatesIn addition, the borrower generates a commitment c of the total amount of his borrow b =F(∑x ib ,r B ). The borrower then adds Δr B =r B -∑r i Send to agent and send c b And sent to the initiator (second data query system) through the agent.
The agent scrambles the response and calculates Δr=Δr B -r F The response and Δr are then sent to the initiator.
The initiator initializes the empty set C and decrypts the response. If the response type is a type 0 response, the originating direction C adds the promise contained in the response. Finally, if c b =h Δr Proxy computingAnd a check is performed.
When the second data query system determines consistency, the second data query system further executes step S140, namely, performs evaluation calculation corresponding to the query requirement based on each query result when the consistency is met.
In accordance with the query requirements mentioned herein, in some examples, the query requirements include at least one of: the requirements generated by the target user based on the summation or statistics are queried and summarized. For example, the second data query system may evaluate the loan qualification applied by the target user based on a summary of the obtained query results. For example, if the number of loans exceeds the preset number of loans threshold based on the summary, the target user is assessed to not have the qualification to continue the loan. For another example, if the sum determines that the loan balance is less than the preset loan balance threshold, the target user is evaluated to be available for loan.
In still other examples, the query results to which the query requirement relates risk being compromised by the first data query system or the second data query system. For example, to evaluate whether the loan balance of the querying target user is within the query requirement within the preset interval, the second data query system needs to obtain the sum of the query results of the data sources. To prevent the sum of the query results mentioned in the above example and generalize to the summary of other query data with the possibility of being back-pushed out of plaintext by the second data query system, the step S140 includes: acquiring data to be evaluated provided by a target user and proving information corresponding to the data to be evaluated based on the query requirement; verifying that query data in the obtained query result and data to be evaluated accord with a preset corresponding relation based on the proving information; and after the verification is passed, carrying out evaluation calculation corresponding to the query requirement based on the obtained query results and the data to be evaluated.
The second data query system obtains data to be evaluated for evaluation calculation and proving information corresponding to the data to be evaluated from a target user according to query requirements. Wherein the attestation information is a sequence of values generated based on the data under evaluation and the summary, e.g. using a zero knowledge attestation algorithm to generate the attestation informationAnd (5) extinguishing. The second data query system determines that the summary of the data to be evaluated provided by the target user and the query result has a predicted corresponding relation based on verification calculation constructed by zero knowledge proof, so the data to be evaluated provided by the target user is credible. For example, variance calculations are performed based on query requirements, e.gWherein (1)>Is based on a summary of the consistency-confirmed query results, (Σx) i ) 2 Is the data to be evaluated (also the promise value) which needs to be obtained from the target user side. The second data query systems are respectively under the condition of being respectively confirmed by the promise F (x i ) And->The two promise values obtained on the two data sets are respectively recorded asF 0 =F(∑x i ) Wherein, in calculating->F in (F) 0 The sigma x needs to be known when calculating the square i Instead, the step adopts the method that the target user sends the promise F of squaring the total balance 2 =F((∑x i ) 2 ) And its certification information, such as a sequence of values based on a zero knowledge proof algorithm, etc. By verifying the certification information, certify F 2 The promise is indeed F 0 Square of promise, then in the evaluation calculation containing variance, the variance can be calculated as +.>Using the resulting variance, a statistical evaluation of the target user, e.g., loan fluctuations, may be performed.
The method for obtaining the data to be evaluated provided by the target user by the certification information can also be used for comparing whether the loan balance of the target user is in a preset interval or not so as to evaluate the judgment of the subsequent loan amount of the target user. Generalizing to a broader scenario based on the loan example described above, the query requirement may also be at least one of: inquiring and summarizing whether the inquiry data of the target user is in a preset interval or not, and inquiring and summarizing fluctuation of the inquiry data of the target user.
Summarizing the above evaluation schemes, the second data query system may obtain a query result in the following format:
where θ is a public parameter, t is a private input known only to the second data querying system, b is the borrower identity (i.e., target user) that should not be revealed to the third data querying system, x ib Is private data of the target user b and each third data query system Si, and f is a function cooperatively executed by the target user and the second data query system. For example, in the loan stacking problem, x ib Is the borrowing amount of Si borrowing the target user b, t can be the private threshold of the initiator for the target user, and f is the return t andis a function of the comparison result of (a).
Based on the descriptions of the above examples, the data query system formed by the first data query system, the second data query system and the third data query system provides the processing procedures of safe data query, consistency assessment and business assessment based on query results. It should be noted that, the foregoing examples merely describe the data processing procedure of each data query system, and according to the actual application scenario, some of the functions in the first data query system may be integrated in the second data query system or integrated in the third data query system. Similarly, some of the functionality in the second data querying system may also be integrated in the first data querying system.
In still other embodiments, data security is critical for applications such as finance, personal credit, etc., and the data query system also needs to perform verification of query traffic generated based on query requirements before performing data queries. In some examples, the query service may be used as a validation request only to perform the validation operations described above. In still other examples, the query service may continue query operations directly after verification passes, thereby reducing multiple data communications resulting from verification.
Here, the aforementioned query service is used as one type of authentication request for the authentication operation, which may be triggered based on an authentication request dedicated to authentication in some scenarios. Wherein the authentication request comprises a first encrypted query request; the query request is used for acquiring a query result of a target user from a user group, and the verification request is used for verifying that the action of initiating the verification request is authorized by the target user; the dimension of the query request is at least one dimension.
Referring to fig. 15, a flowchart of a method for verifying authority is shown. The rights verification method is initiated primarily by the second verification system and verified by the first verification system, wherein at least the first verification system and the second verification system perform a data interaction based on the verification method provided by the application during the execution of the verification process. Taking the foregoing data query system as an example, the second data query system may be regarded as a second verification system, and the first data query system may be regarded as a first verification system. To this end, in a computer system that integrates data querying and rights verification, a technician may describe the first data querying system as a software system that includes the first verification system, or describe the first verification system as a software system that includes the first data querying system. Similarly, the technician may describe the second data polling system as a software system that includes the second verification system, or the second verification system as a software system that includes the second data polling system, without limitation. For simplicity of description, the following does not exemplify the correspondence between the second verification system and the second data query system, and similarly, does not exemplify the correspondence between the first verification system and the first data query system.
In step S111, the second verification system sends a verification request to the first verification system based on a verification requirement; wherein the authentication request comprises a first encrypted query request; the query request is used for acquiring a query result of a target user from a user group, and the verification request is used for verifying that the action of initiating the verification request is authorized by the target user; the dimension of the query request is at least one dimension.
Wherein the authentication requirement may be generated exclusively for authentication, for example, for authentication of an application for a second data query system for opening a query service. The validation requirement may also be generated based on a query requirement, such as a loan application being submitted off-line by the target user, based on which the party receiving the loan application generates the query requirement, which itself represents the validation requirement or contains the validation requirement. For simplicity of description, the following does not exemplify the correspondence between the verification requirement and the query requirement, and similarly, does not exemplify the correspondence between the verification request system and the query request.
The information contained in the verification request may be the same as or similar to the information contained in the aforementioned query service, and will not be described in detail herein. Similarly, the step S111 is the same as or similar to the execution of the step S110 described in the previous example, and will not be described in detail here.
After the first verification system receives the verification request, step S230 is executed, i.e. the verification request provided by the second verification system is verified. After the second data query system performs the verification step and passes the verification, the second data query system performs the step of forwarding the query service in the step S210, otherwise, the second data query system does not forward the query service.
Wherein, depending on the design requirements for authentication request security, the first authentication system may perform at least one of the following authentication without knowing the sensitive data of the target user: verifying the identity of the target user, verifying that the query service is authorized via the target user, and verifying that the format of the query request is legal. A verification operation is performed based on the query request and using at least one attestation information.
In order to avoid that sensitive data involved in the above-mentioned respective authentication operations are compromised, the authentication operations are performed based on the authentication request and using at least one kind of attestation information. Wherein, according to the purpose to be verified, the corresponding certification information can come from the target user and/or the second verification system; the first verification system verifies the authenticity of any one or more of the above information using the held data and the acquired attestation information. Wherein the corresponding attestation information may be generated based on zero knowledge attestation.
To this end, the present application provides various embodiments regarding identity authentication and authorization built on the basis of the following protocol examples:
a) The first verification system generates a random number r e And sending to a third verification system;
b) When receiving r e Third verification System b calculatesPublic key pk using a second authentication system l = (n, g), the third authentication system encrypts y to c=g y r n Wherein->The third verification system then sends c to the first verification system and proves to the first verification system that he knows the zero knowledge proof of plaintext (i.e., y) in c;
c) For group gid b Each user u in the list, the first verification system calculatesAnd sending yu to the initiator;
d) The second verification system generates PIR query q and sends a query and zero knowledge proof to the first verification system that proves that the query has the correct format.
e) Second verification System calculationUsing q, r and y u The initiator generates a zero knowledge proof that is used to prove that for each i e {1,2,..d }, ciphertext c is encrypted by the same number as one of the ciphertexts generated by the sub-query of dimension i. The second verification system then sends the proof to the first verification system;
f) Finally, the first verification system verifies the following information based on the proof from the third verification system and the second verification system: 1) The third verification system really knows the plaintext encrypted in c; 2) The second verification system verifies that the query is in the correct format; 3) For each i e {1,2,., d }, ciphertext c encrypts the same number as one of the ciphertexts generated by the sub-query of dimension i.
The above parameters will also appear in the description of the examples below.
In some examples, the step S230 includes: and verifying the identity of the target user in the query service submitted by the second verification system.
Here, to avoid revealing sensitive data of the target user, such as identity information, the first verification system verifies the identity of the target user in the verification request submitted by the second verification system by using the first proof information from the target user.
For example, assume that the second verification system wants to query the loan information of the target user without permission from the target user. The second authentication system first finds a masquerade person masquerading as the target user. When the second authentication system anonymously communicates with the first authentication system, no participant (except the second authentication system) knows the true identity of the participant on the other side of the anonymity channel. The second verification system then sends a query to obtain the loan information for the target user.
Here, to determine that the identity authentication of the target user is legal, each user in the user group is a member registered in advance herein, or each user in the user group may be registered in a notarized (or trusted) third party. For example, a user registered in real name in the first authentication system. And for example, each verification system is uniformly connected with the public security department identity card data system.
The first verification system may send a first random number to each user in the group based on the user group to obtain a second random number and first attestation information thereof fed back by the target user. Wherein the first random number may be randomly generated by the first authentication system or the first random number may be generated by the first authentication system based on a key shared with each user separately, which may be used to authenticate the identity of each user in the group. The user equipment used by the target user is provided with a third verification system for carrying out identity verification by matching with the first verification system, the third verification system can confirm the correctness of the secret key by decrypting the first random number, and the second random number and the first certification information are generated based on the first random number. The first proving information is a group of value sequences which are generated by the third verification system based on a zero knowledge proving algorithm and used for proving the identity of the target user. The first verification system verifies that the first verification information can prove that the identity of the target user is one member of the user group by using a zero knowledge proof algorithm based on the first verification information and the second random number, thereby passing the identity verification of the target user. The authentication can prove that the identity information of the target user is not a fake user.
For example, the first authentication system sends to each user in the group of users a first random number r that participates in the calculation based on the shared key, random number and date e Wherein a third authentication system held by the target user is based on the first random number r e A pseudo-random number y is obtained and encrypted and recorded as a second random number c, and at the same time, the third verification system also generates a second random number for verifying y=y b And transmits the second random number c and the first certification information zkp1 to the first verifying system, which verifies zkp that there is a preset correspondence between c and the first certification information zkp1 based on c. For example, the correspondence relationship is expressed as:where a, z1 and z2 are values in zkp, and g and n are parameters in the public key.
In still other examples, the step S230 further includes: and verifying whether the verification request submitted by the second verification system is authorized by the target user. This step is intended to confirm that the target user does authorize the second authentication system to initiate an authentication request, rather than a forged authentication request. Here, to verify the authorization, the first verification system and the second verification system cooperatively execute for the first verification system to complete the verification. In one example, the step includes verifying, using second attestation information from the second verification system, whether a verification request submitted by the second verification system is authorized by the target user.
The first verification system and the second verification system cooperatively execute the following steps to realize that the first verification system verifies whether the verification request is authorized by the target user. The second verification system generates second proving information based on a to-be-verified data set which is provided by the first verification system and is related to the dimension of the query request, and sends the second proving information to the first authority verification system; wherein the second attestation information is used to attest that the verification request is authorized by the target user.
Specifically, in step S231, the first verification system generates a third random number for each user based on the secret key and the first random number which are individually shared with each user in the user group, so as to obtain a random number set of the corresponding user group. The random number set is obtained by encrypting each key and the first random number. For example, the first verification system utilizes the formulaObtaining a pseudo-random number y corresponding to each user u And encrypts the pseudo-random number to obtain encrypted data (also called a third random number) c corresponding to each user u Wherein r is e For the first random number, date is the date of the calculation, +. >Is an encryption algorithm, y is a plaintext y held by each corresponding user b The first authentication system is used for authenticating each user y in the user group u Encryption is performed to obtain encrypted data c u And obtains a random number set { c } u }。
In step S232, the first verification system associates each third random number in the set of random numbers with a position representing a space constructed based on the dimension of the query request; and calculating each sub-query element in each dimension of the query request and the corresponding random number in the random number set to obtain a data set to be verified in the corresponding dimension. Referring to FIG. 16, a query request q is shown as 2-dimensional and is formed into a (3×4) matrix with a set of random numbers { c } u Each third random number c in } u Corresponding to the space position formed by the (3×4) matrix, and respectively performing exponential product on each sub-query element q1j on the column corresponding to the first dimension and each third random number in the same column to obtain an encrypted value of the third random number with the value 1 corresponding to the sub-query element on the column corresponding to the first dimensionRespectively carrying out exponential product on each sub-query element q2j on the column corresponding to the second dimension and each third random number in the same column, and converging to obtain an encryption value +. >Wherein j is more than or equal to 1 and k is more than or equal to k. Based on the above example and generalized to higher dimension calculations, the first authentication system gets +.>And the formed data set to be verified, wherein i is more than or equal to 1 and less than or equal to d, and d is the dimension number of the query request.
In step S233, the first verification system verifies the resulting data set to be verified for each dimensionThe set of random numbers { c } u And transmitting the second authentication system.
In step S131, the second verification system generates second certification information based on the set of data to be verified and the set of random numbers related to the dimension of the query request, and sends the second certification information to the first verification system; wherein the second attestation information is used to attest that the verification request is a sequence of values that result in authorization of the target user.
For example, c * ik Is the i-th dimension elementAnd->The result of the exponential product operation along the ith column, if the ith of the ith dimension b The element E (1) is ∈ ->Wherein (1)>
The second verification system knows all r, and c corresponds to r. Enabling the position pid of the target user to correspond to i b k b Its plaintext satisfiesFor ik+.i b k b :/>
Second authentication system random generationE k And z k Calculate->For ik=i b k b , Generating the second attestation information includes: a, a b =ω n ,ω∈ R 2 len < min (p, q), where p and q are prime numbers; / >/>
In step S234, the first verification system acquires the fed-back second certification information zkp as { a } b ,e b ,z b -a }; and verifying that the verification request submitted by the second verification system is authorized by the target user based on the second attestation information. Wherein the second attestation information is obtainable by a second verification system based on a zero knowledge attestation algorithm and comprises a sequence of values for attesting that the verification request is to be authorized by the target user.
For example, the first verification system verifies ZKP 2 =(a k ,e k ,z k ) The method meets the following conditions:a kind of electronic device with high-pressure air-conditioning system Where k represents the location of the target user in the i-th dimension. Wherein when +_is proved by the second proving information>And c, when the two codes correspond to the same plaintext, verifying that the query service is authorized by the target user and the identity authentication of the target user is passed.
In still other examples, particularly for multidimensional query requests, since the query result data of the target user is extracted on the data source side, the query result of the corresponding target user is calculated by adopting a dimension-by-dimension "folding" manner, so in the query mode based on the data, the data query needs to be performed for a single target user. The step S230 further includes verifying the format validity of the first encrypted query submitted by the second data query system. Wherein this step aims at verifying whether the format of the query request corresponds to the format of the query request for a single target user. In other words, according to the dimensions of the preset query request, it is determined that each dimension query request only includes one sub-query element E (1) with a value of 1, and the sub-query element E (1) with a value of 1 in each dimension corresponds to the same position in the space. For this, the step S230 includes: and verifying the format legitimacy of the query request submitted by the second verification system and subjected to the first encryption processing by using third proving information from the second verification system.
Wherein the first authentication system and the second authentication system cooperatively perform format authentication. Specifically, the second verification system performs step S132 of generating third certification information for certifying validity of the format based on the format of the query request in each dimension. The second verification system also sends third proving information for proving validity of the query format in the verification request when sending the verification request. Wherein the second verification system generates the third attestation information based on a zero knowledge attestation algorithm. The third attestation information includes a sequence of values for attesting to the query request as to and relating to only one user.
For example, the second verification system provides a sequence of values that attests to encryption of each sub-query element contained in the query request by only 0 and 1 plaintext. When the subquery element qij is encryption of plaintext 1, the formula is utilizedA sequence of values with a plaintext of 1 calculated for qij { (a) 1 ,e 1 ,z 1 ),(a 2 ,e 2 ,z 2 ) -a }; wherein (1)>a 2 =v n mod n 2 ;e=h(a 1 ,a 2 ,q ij ,date),e 2 =e-e 1 ;/>When the subquery element qij is an encryption of plaintext 0, the formula +.>The above-mentioned { (a) is obtained by exchanging 1 ,e 1 ,z 1 ),(a 2 ,e 2 ,z 2 ) Formulation of value sequences, i.ea 1 =u n mod n 2 ;e=h(a 1 ,a 2 ,q ij ,date),e 1 =e-e 2 ;From this it is demonstrated that qij corresponds to the value sequence of plaintext 0 { (a) 1 ,e 1 ,z 1 ),(a 2 ,e 2 ,z 2 )}。
The second verification system also provides a sequence of values for proving that the target user has only one. For example, a second verification system is provided for proving The plaintext of (1) is 1 and its value sequence p i = (a, e, z); wherein the formula for obtaining the sequence of values comprises: />a=v n mod n 2 ;e=h(a,q i ,date);/>
The second verification system compares the obtained value sequence of proof qij corresponding to plaintext 0 { (a) 1 ,e 1 ,z 1 ),(a 2 ,e 2 ,z 2 ) -a }; value sequence proving that qij corresponds to plaintext 1 { (a) 1 ,e 1 ,z 1 ),(a 2 ,e 2 ,z 2 ) -a }; and a sequence of values (a, e, z) proving that only one of the target users is sent to the first authentication system.
The first authentication system performs the following steps in step S230: and verifying the format legitimacy of the query request submitted by the second verification system and subjected to the first encryption processing by using third proving information from the second verification system.
The first verification system acquires third proving information for proving format validity of the query request in each dimension; and verifying format legitimacy of the query request based on the third attestation information. Wherein the third attestation information is generated based on the query request.
Continuing with the example of step S132 above, the first verification system performs the following formula:and->To verify q ij The corresponding plaintext in (a) contains only 0 and 1; by applying the following formula: z n =a(g -1 q i ) e mod n 2 To verify that plaintext 1 in the query request corresponds to the same target user.
In some examples, after each verification is passed, the second data query system executes step S210 to forward the query service to the third data query system, so that the third data query system executes steps S310 to S340, and feeds back the query result of the target user; and the first data query system continues to execute step S220, and the second data query system executes steps S120-S140. Examples of the above steps are the same as or similar to those of the corresponding steps described above, and will not be described in detail herein.
Based on the description of each example, part or all of the architecture, the query method and the permission verification method provided by the application can realize data transmission, query and permission verification on the basis of data security, and achieve the purpose of obtaining a data processing result corresponding to plaintext operation based on ciphertext operation.
Here, it should be noted that the partial type of random number used in each of the above examples may be a pseudo random number generated from a given random number seed, and a pseudo random function, and the pseudo random number may be a deterministic function that takes a character string as an input and outputs a value that looks random. Wherein the pseudo-random function is exemplified by PRF s (x) The PRF function using s as seed and x as input is shown. The partial type of random number includes PRF used by the target user (e.g., borrower) and the third data lookup system (e.g., borrower) s A commitment random number is generated.
Please refer to fig. 17, which illustrates a software architecture of the data query system of the present application. The data query system comprises a first data query system, a second data query system and a third data query system.
The first data query system includes: the system comprises a first communication module and a query fusion module. The second data query system includes: the system comprises a second communication module, a data processing module, a verification module and an evaluation module. The third data query module includes: the system comprises a third communication module, a data set query module and a query result generation module.
The second communication module is configured to execute step S110; the first communication module is configured to execute the foregoing step S210; the third communication module is configured to execute the foregoing step S310; the data set query module is configured to execute the foregoing step S320; the query result generation module is configured to execute the foregoing step S330; the query fusion module is used for executing the step S220; the verification module is used for executing step S120; the verification module is used for executing step S130; the evaluation module is used for executing step S140.
The above modules correspond to the steps of the data query method, and the execution process thereof corresponds to the corresponding steps, which are not described in detail herein.
Referring to fig. 18, a software architecture diagram of the rights verification system of the present application is shown. The right verification system comprises a first verification system, a second system and a third verification system. Wherein, according to the foregoing example, the first authentication system may be coupled to the first data querying system, the second authentication system may be coupled to the second data querying system, and the third authentication system may be coupled to a user device held by the target user.
The first verification system comprises a third communication module and a verification module; the second verification system includes: the device comprises a fourth communication module and a cooperation verification module. A third authentication system is for providing, in coordination with the first authentication, attestation information for authenticating the identity of the target user in the act of initiating the authentication request.
The fourth communication module is configured to execute the foregoing step S111; the third communication module is used for correspondingly acquiring the verification request. The third authentication system, the authentication module, and the cooperative authentication module cooperatively perform the steps mentioned in the foregoing step S230.
The above modules correspond to the steps of the authority verification method, and the execution process thereof corresponds to the corresponding steps, which are not described in detail herein.
In addition, the verification system and the data query system are cooperatively executed to verify the behavior of the second data query system for initiating the query service, and the data query method is continued after the verification is passed; for this purpose, the third communication module and the first communication module may be the same communication module, and the second communication module and the fourth communication module may be the same communication module.
The present application also provides a computer readable storage medium storing a data query computer program which when executed implements the data query method described in relation to fig. 2 of the above embodiments.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application.
In the embodiments provided herein, the computer-readable storage medium may include read-only memory, random-access memory, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, flash memory, U-disk, removable hard disk, or any other medium that can be used to store desired program code in the form of instructions or data structures and that can be accessed by a computer. In addition, any connection is properly termed a computer-readable medium. For example, if the instructions are transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. It should be understood, however, that computer-readable and data storage media do not include connections, carrier waves, signals, or other transitory media, but are intended to be directed to non-transitory, tangible storage media. Disk and disc, as used herein, includes Compact Disc (CD), laser disc, optical disc, digital Versatile Disc (DVD), floppy disk and blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers.
In one or more exemplary aspects, the functions described herein as cooperating between a computer program of a map-based positioning device or a plurality of devices may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, these functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. The steps of a method or algorithm disclosed herein may be embodied in a processor-executable software module, which may be located on a tangible, non-transitory computer-readable and writable storage medium. Tangible, non-transitory computer readable and writable storage media may be any available media that can be accessed by a computer.
The flowcharts and block diagrams in the figures described above illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In summary, the data query and calculation method, system and storage medium of the present application can prevent the disclosure of sensitive information of the target user by using the query request that is encrypted, and can effectively prevent the disclosure of the query result by using the query result that is encrypted. Therefore, when the query service and the query result forwarding party (such as the first data query system) and the query result provider (such as the data source) can not acquire the target user and the query result, the application of sharing, fusing, evaluating and the like by using the sensitive data is realized.
The foregoing embodiments are merely illustrative of the principles of the present application and their effectiveness, and are not intended to limit the application. Modifications and variations may be made to the above-described embodiments by those of ordinary skill in the art without departing from the spirit and scope of the present application. Accordingly, it is intended that all equivalent modifications and variations which may be accomplished by persons skilled in the art without departing from the spirit and technical spirit of the disclosure be covered by the claims of this application.
Claims (52)
1. A data query method for a first data query system, comprising:
receiving a query service sent by a second data query system; the inquiry service comprises information to be inquired and an inquiry request subjected to first encryption processing; the query request is used for acquiring a query result of a target user corresponding to the information to be queried in a user group; the query request is used for representing the position of a target user in a user group; the dimension of the query request is at least one dimension;
According to the query service, the query results corresponding to the target user and the information to be queried, which are acquired from at least one data source, are fused and fed back to the second data query system; the step of fusing the query results corresponding to the target user and the information to be queried, which are acquired from at least one data source, comprises the following steps:
generating noise data;
scrambling each query result and noise data from each data source to obtain a scrambling result;
acquiring verification data generated based on the query service and a random number from a target user; the verification data is from the target user; the check data is summary of query results of all data sources;
obtaining verification data based on the random number generated by the target user and noise data;
and sending the disturbing result, the check data and the verification data to a second data query system.
2. The data query method of claim 1, further comprising: verifying the query service; and after the verification is passed, acquiring a query result corresponding to the target user and the information to be queried from the corresponding data source.
3. The data query method as claimed in claim 2, wherein said step of validating the query traffic comprises the steps of:
Verifying the identity of a target user in the query service submitted by the second data query system;
and verifying whether the query service submitted by the second data query system is authorized by the target user.
4. A data query method as claimed in claim 3, wherein said step of validating the query traffic further comprises the steps of:
and verifying the format validity of the query request submitted by the second data query system and subjected to the first encryption processing.
5. The data query method of claim 1, wherein the query result is one of at least one query result based on a dimension of the query request.
6. The data query method of claim 1, wherein the query results comprise: the query data representing the information to be queried of the target user is null; or query data representing the information to be queried of the target user, which is subjected to at least one first encryption process.
7. The data query method of claim 6, wherein the query data is a commitment value obtained by subjecting the query data of plaintext to a second encryption process.
8. The data query method of claim 1, wherein the check data is a promise value obtained by subjecting the check data of the plaintext to a second encryption process.
9. The data query method according to claim 1, wherein the first encryption process is set based on homomorphic encryption.
10. A data query method for a second data query system, comprising:
transmitting at least one query service based on a query requirement of a target user; the inquiry service comprises information to be inquired and an inquiry request subjected to first encryption processing; the query request is used for acquiring a query result of a target user corresponding to the information to be queried in a user group; the query request is used for representing the position of a target user in a user group; the dimension of the query request is at least one dimension;
according to each query service, obtaining a query result corresponding to the target user: obtaining a disturbing result, verification data and verification data corresponding to each query service; the disturbing result is obtained by disturbing based on the query result and noise data; the verification data is from the target user; the check data is summary of query results of all data sources; the authentication data is derived based on the random number generated by the target user and the noise data.
11. The data query method of claim 10, further comprising: and proving the query service for obtaining the query result.
12. The data query method of claim 11, wherein the step of proving the query traffic comprises the steps of: proving whether the submitted query service is authorized by the target user.
13. The data query method as claimed in claim 12, wherein the step of proving the query service further comprises the steps of: the format legitimacy of the submitted first cryptographically processed query request is verified.
14. The data query method of claim 10, wherein the query results comprise: the query data representing the information to be queried of the target user is null; or query data representing information to be queried from a target user after aggregation of multiple data sources.
15. The data query method of claim 10, wherein the query result is one of at least one query result based on a dimension of the query request.
16. The data query method of claim 15, wherein the query results comprise: the query data representing the information to be queried of the target user is null; or query data representing the information to be queried of the target user, which is subjected to at least one first encryption process.
17. The data query method of claim 14 or 16, wherein the query data is a commitment value obtained after the second encryption process.
18. The data query method of claim 10, further comprising: and carrying out consistency check on the obtained query results and check data provided by the target user.
19. The method of claim 18, wherein the step of performing consistency check on each of the obtained query results and the check data provided by the target user comprises:
extracting each inquiry result from the disturbing result, and decrypting to obtain inquiry data;
and carrying out consistency verification on each obtained query data and verification data based on the verification data: and calculating the summary of each query result according to preset ciphertext operation or plaintext operation, and comparing the summary with the verification data to determine whether the summary is consistent or not so as to perform consistency verification.
20. The data query method of claim 18, further comprising: and when the consistency is met, carrying out evaluation calculation corresponding to the query requirement based on each query result.
21. The data query method of claim 20, wherein the query requirement comprises at least one of: the requirements generated by the target user based on the summation or statistics are queried and summarized.
22. The data query method of claim 20, wherein said step of performing an evaluation calculation corresponding to said query requirement based on each query result comprises:
acquiring data to be evaluated provided by a target user and proving information corresponding to the data to be evaluated based on the query requirement;
verifying that query data in the obtained query result and data to be evaluated accord with a preset corresponding relation based on the proving information;
and after the verification is passed, carrying out evaluation calculation corresponding to the query requirement based on each acquired query result and the data to be evaluated.
23. The data query method of claim 22, wherein the query requirement comprises at least one of: inquiring and summarizing whether the inquiry data of the target user is in a preset interval or not, and inquiring and summarizing fluctuation of the inquiry data of the target user.
24. The data query method of claim 10, wherein the first encryption process is set based on homomorphic encryption.
25. A first data query system, comprising:
the first communication module is used for receiving query service sent by a second data query system; the inquiry service comprises information to be inquired and an inquiry request subjected to first encryption processing; the query request is used for acquiring a query result of a target user corresponding to the information to be queried in a user group; the query request is used for representing the position of a target user in a user group; the dimension of the query request is at least one dimension;
the query fusion module is used for fusing the query results corresponding to the target user and the information to be queried, which are acquired from at least one data source, according to the query service, and feeding back the query results to the second data query system through the first communication module; the query fusion module is used for executing the following steps:
generating noise data;
scrambling each query result and noise data from each data source to obtain a scrambling result;
acquiring verification data generated based on the query service and a random number from a target user; the verification data is from the target user; the check data is summary of query results of all data sources;
Obtaining verification data based on the random number generated by the target user and noise data;
and sending the disturbing result, the check data and the verification data to a second data query system so as to enable the second data query system to verify the consistency of the query result and the check data.
26. The first data query system of claim 25, further comprising: the verification module is used for verifying the query service; and when the verification is passed, acquiring a query result corresponding to the target user and the information to be queried from the corresponding data source.
27. The first data query system of claim 26, wherein the verification module is configured to perform the steps of:
verifying the identity of a target user in the query service submitted by the second data query system; and
and verifying whether the query service submitted by the second data query system is authorized by the target user.
28. The first data query system of claim 27, wherein said verification module is further configured to verify the format legitimacy of a first type of encrypted query request submitted by said second data query system.
29. The first data query system of claim 25, wherein the query result is one of at least one query result based on a dimension of the query request.
30. The first data query system of claim 25, wherein the query results comprise: the query data representing the information to be queried of the target user is null; or query data representing the information to be queried of the target user, which is subjected to at least one first encryption process.
31. The first data query system of claim 30, wherein said query data is a commitment value obtained by subjecting said plaintext query data to a second encryption process.
32. The first data query system of claim 25, wherein the check data is a committed value obtained by subjecting the check data of the plaintext to a second type of encryption processing.
33. The first data query system of claim 25, wherein said first encryption process is configured based on homomorphic encryption.
34. A second data query system, comprising:
the second communication module is used for sending at least one query service based on the query requirement of a target user; the inquiry service comprises information to be inquired and an inquiry request subjected to first encryption processing; the query request is used for acquiring a query result of a target user corresponding to the information to be queried in a user group; the query request is used for representing the position of a target user in a user group; the dimension of the query request is at least one dimension;
The data processing module is used for processing the acquired query results corresponding to the target users according to each query service;
the second communication module also acquires a disturbing result, verification data and verification data corresponding to each query service; the disturbing result is obtained by disturbing based on the query result and noise data; the verification data is from the target user; the check data is summary of query results of all data sources; the authentication data is derived based on the random number generated by the target user and the noise data.
35. The second data polling system of claim 34, further comprising: and the matching verification module is used for verifying the query service for obtaining the query result.
36. The second data query system of claim 35, wherein said coordination verification module is operable to prove whether submitted query traffic is authorized by said target user.
37. The second data polling system of claim 36, wherein the orchestration verification module is further configured to prove format legitimacy of the submitted first-type cryptographically processed query request.
38. The second data query system of claim 34, wherein the query results comprise: the query data representing the information to be queried of the target user is null; or query data representing information to be queried from a target user after aggregation of multiple data sources.
39. The second data query system of claim 38, wherein said query result is one of at least one query result derived based on a dimension of said query request.
40. The second data query system of claim 38, wherein said query results comprise: the query data representing the information to be queried of the target user is null; or query data representing the information to be queried of the target user, which is subjected to at least one first encryption process.
41. The second data query system of claim 39 or 40, wherein said query data is a commitment value obtained by a second encryption process.
42. The second data polling system of claim 34, further comprising: the verification module is used for carrying out consistency verification on each acquired query result and verification data provided by the target user: and calculating the summary of each query result according to preset ciphertext operation or plaintext operation, and comparing the summary with the verification data to determine whether the summary is consistent or not so as to perform consistency verification.
43. The second data query system of claim 42, wherein said verification module is configured to extract each query result from said scrambling result and decrypt the query data; and verifying the obtained query data and the verification data, and verifying that the query data and the verification data are consistent when the obtained verification result represents noise data and random numbers.
44. The second data polling system of claim 42, further comprising: and the evaluation module is used for performing evaluation calculation corresponding to the query requirement based on each query result when the consistency is met.
45. The second data query system of claim 44, wherein the query requirement comprises at least one of: the requirements generated by the target user based on the summation or statistics are queried and summarized.
46. The second data polling system of claim 44, wherein said evaluation module is configured to perform the steps of:
acquiring data to be evaluated provided by a target user and proving information corresponding to the data to be evaluated based on the query requirement;
determining that query data in the acquired query result and data to be evaluated accord with a preset corresponding relation through verifying the proving information;
And after the verification is passed, carrying out evaluation calculation corresponding to the query requirement based on each acquired query result and the data to be evaluated.
47. The second data query system of claim 46, wherein the query requirement comprises at least one of: inquiring and summarizing whether the inquiry data of the target user is in a preset interval or not, and inquiring and summarizing fluctuation of the inquiry data of the target user.
48. The second data polling system of claim 34, wherein said first encryption process is set based on homomorphic encryption.
49. A data query system, comprising:
at least one data source for inquiring in a user group based on the received inquiry service to obtain an inquiry data set of the user group of a target user, and obtaining an inquiry result corresponding to the target user from the inquiry data set according to the inquiry request subjected to the first encryption processing;
a first data querying system as claimed in any of claims 25 to 33, configured to communicate with at least one data source to send the query traffic to the data source and to fuse query results fed back by each of the data sources;
The second data query system of any of claims 34 to 48, configured to send the generated query service to the first data query system and obtain a query result of the fusion processing performed by the first data query system.
50. A first computer system, comprising:
a storage device for storing at least one program;
interface means for communicating with at least one data source and a second computer system;
processing means for invoking said at least one program and coordinating said storage means and interface means for performing a data querying method according to any of claims 1-9.
51. A second computer system, comprising:
a storage device for storing at least one program;
interface means for communicating with a first computer system according to claim 50;
processing means for invoking said at least one program and coordinating said storage means and interface means to perform the data query method of any of claims 10-24.
52. A computer readable storage medium, characterized in that a data query computer program is stored, which, when executed, implements the data query method of any one of claims 1-9 or the data query method of any one of claims 10-24.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910272457.0A CN111783108B (en) | 2019-04-04 | 2019-04-04 | Data query and calculation method and system, and storage medium |
| PCT/CN2020/083174 WO2020200306A1 (en) | 2019-04-04 | 2020-04-03 | Data query and calculation method and system, and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910272457.0A CN111783108B (en) | 2019-04-04 | 2019-04-04 | Data query and calculation method and system, and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111783108A CN111783108A (en) | 2020-10-16 |
| CN111783108B true CN111783108B (en) | 2023-07-21 |
Family
ID=72755360
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910272457.0A Active CN111783108B (en) | 2019-04-04 | 2019-04-04 | Data query and calculation method and system, and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111783108B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112507010B (en) * | 2020-12-14 | 2022-10-28 | 深圳佑驾创新科技有限公司 | Service data processing method and device, computer equipment and storage medium |
| CN114866317B (en) * | 2022-04-29 | 2023-01-10 | 中国科学院信息工程研究所 | Multi-party data security calculation method and device, electronic equipment and storage medium |
| CN116579729A (en) * | 2023-03-17 | 2023-08-11 | 中电金信数字科技集团有限公司 | Service data processing method and device |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102299792A (en) * | 2011-09-30 | 2011-12-28 | 北京理工大学 | Method for safely and efficiently fusing data |
| CN105471826A (en) * | 2014-09-04 | 2016-04-06 | 中电长城网际系统应用有限公司 | Ciphertext data query method, device and ciphertext query server |
| CN107547525A (en) * | 2017-08-14 | 2018-01-05 | 复旦大学 | A kind of method for secret protection of big data query processing |
| CN108364223A (en) * | 2017-12-29 | 2018-08-03 | 阿里巴巴集团控股有限公司 | A kind of method and device of Data Audit |
| CN108665946A (en) * | 2018-05-08 | 2018-10-16 | 阿里巴巴集团控股有限公司 | A kind of access method and device of business datum |
| CN109376173A (en) * | 2018-11-08 | 2019-02-22 | 郑州云海信息技术有限公司 | A kind of data query method, apparatus, electronic equipment and storage medium |
| CN109474591A (en) * | 2018-11-06 | 2019-03-15 | 深圳绿米联创科技有限公司 | Account's sharing method, device, electronic equipment and storage medium between multisystem |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8595857B2 (en) * | 2010-12-28 | 2013-11-26 | Verizon Patent And Licensing Inc. | Persona-based identity management system |
-
2019
- 2019-04-04 CN CN201910272457.0A patent/CN111783108B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102299792A (en) * | 2011-09-30 | 2011-12-28 | 北京理工大学 | Method for safely and efficiently fusing data |
| CN105471826A (en) * | 2014-09-04 | 2016-04-06 | 中电长城网际系统应用有限公司 | Ciphertext data query method, device and ciphertext query server |
| CN107547525A (en) * | 2017-08-14 | 2018-01-05 | 复旦大学 | A kind of method for secret protection of big data query processing |
| CN108364223A (en) * | 2017-12-29 | 2018-08-03 | 阿里巴巴集团控股有限公司 | A kind of method and device of Data Audit |
| CN108665946A (en) * | 2018-05-08 | 2018-10-16 | 阿里巴巴集团控股有限公司 | A kind of access method and device of business datum |
| CN109474591A (en) * | 2018-11-06 | 2019-03-15 | 深圳绿米联创科技有限公司 | Account's sharing method, device, electronic equipment and storage medium between multisystem |
| CN109376173A (en) * | 2018-11-08 | 2019-02-22 | 郑州云海信息技术有限公司 | A kind of data query method, apparatus, electronic equipment and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 基于云计算技术的数据安全管控平台方案研究;周宇等;《移动通信》;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111783108A (en) | 2020-10-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Yu et al. | A blockchain-based shamir’s threshold cryptography scheme for data protection in industrial internet of things settings | |
| CN110419053B (en) | System and method for information protection | |
| CN109544129B (en) | Block chain transaction method and device and electronic equipment | |
| CN111095332A (en) | Method and system for privacy-preserving social media advertising | |
| CN111783108B (en) | Data query and calculation method and system, and storage medium | |
| CN111783109B (en) | Data query method, system and storage medium | |
| CN111784337B (en) | Authority verification method and system | |
| US11727149B2 (en) | System and method for providing anonymous validation of a query among a plurality of nodes in a network | |
| CN107851169B (en) | Computing system, computing device, method thereof, and recording medium | |
| US11741247B2 (en) | Smart privacy and controlled exposure on blockchains | |
| Papadimitriou et al. | DStress: Efficient differentially private computations on distributed data | |
| Cha et al. | Blockchain based sensitive data management by using key escrow encryption system from the perspective of supply chain | |
| US11811934B2 (en) | Distributed machine learning via secure multi-party computation and ensemble learning | |
| CN114144783B (en) | Cryptographic pseudonym mapping method, computer system, computer program and computer-readable medium | |
| Li et al. | Priexpress: Privacy-preserving express delivery with fine-grained attribute-based access control | |
| CN117371010A (en) | Data trace query method, electronic device and readable storage medium | |
| EP4035305A1 (en) | Partitioning a request into transactions for a blockchain | |
| CN116596658A (en) | Computation-controllable multiparty security credit assessment method and device | |
| WO2020200306A1 (en) | Data query and calculation method and system, and storage medium | |
| Davidow et al. | Privacy-Preserving Payment System With Verifiable Local Differential Privacy | |
| Yu et al. | A novel fair and verifiable data trading scheme | |
| CN115062063B (en) | Data query method and device based on block chain | |
| Li et al. | Bilinear‐map accumulator‐based verifiable intersection operations on encrypted data in cloud | |
| Noh | Blockchain-Based Secure and Trustworthy Mechanisms for Decentralized Systems | |
| Kalyanaraman et al. | Privacy Preserving Security Integrating Method with Varying Key Encryption Model in Cloud |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |