CN113660235B - Data security sharing method, memory and processor - Google Patents
Data security sharing method, memory and processor Download PDFInfo
- Publication number
- CN113660235B CN113660235B CN202110911998.0A CN202110911998A CN113660235B CN 113660235 B CN113660235 B CN 113660235B CN 202110911998 A CN202110911998 A CN 202110911998A CN 113660235 B CN113660235 B CN 113660235B
- Authority
- CN
- China
- Prior art keywords
- data
- integrity
- information base
- integrating
- classification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/001—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using chaotic signals
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The application discloses a data security sharing method, a memory and a processor, comprising the following steps: acquiring first data, wherein the first data is derived from a plurality of physical perception entities; classifying and integrating the first data according to the integrity of the data; encrypting the first data after classification integration and uploading the first data to a cloud service; and receiving an access request for the encrypted first data, and determining that the authority of the source side of the access request can access the first data. The method and the device solve the problem of safe sharing of data, so that the reliability and the integrity of data sharing are improved.
Description
Technical Field
The present application relates to the field of data security, and in particular, to a data security sharing method.
Background
In recent years, with the continuous development of information technology, a large number of informationized systems are continuously paved in various industries, and data in the informationized systems are changed and complicated all the time along with the surrounding environment, so that the data in cloud storage not only has multi-source isomerism, but also is changed in real time. The continuous development of high-speed computing equipment and network technology enables data storage and computation of the industrial Internet to be gradually transferred to the cloud, and the data storage in the cloud is more convenient for data access and data sharing, and meanwhile, the method is more reliable, economical and better in expansibility than a local storage mode, and data sharing among users is more convenient.
However, while providing convenience, cloud storage and multi-user data sharing also have the problems of "information islands" and "data opacity. Therefore, on the basis of ensuring the rapid flow, integration and association of the dynamic data based on the convenience of cloud storage, the information island and lagged states are broken, and the safe sharing of the multi-source dynamic data is realized, so that the method is very worthy of exploration and research.
Disclosure of Invention
The embodiment of the application provides a data security sharing method, a memory and a processor, so as to at least solve the security problem of data sharing.
According to one aspect of the present application, there is provided a data security sharing method, including:
acquiring first data, wherein the first data is derived from a plurality of physical perception entities;
classifying and integrating the first data according to the integrity of the data;
encrypting the first data after classification integration and uploading the first data to a cloud service;
and receiving an access request for the encrypted first data, and determining that the authority of the source side of the access request can access the first data.
Further, in the present invention, classifying and integrating the first data according to the integrity of the data includes:
predefining a plurality of levels for representing different data integrity, wherein each level corresponds to a different integrity;
acquiring a plurality of parameters affecting the integrity of the first data, wherein each parameter has a weight corresponding to the parameter, and the weight is used for indicating the influence of the parameter on the integrity;
judging the level of the integrity to which the first data belongs according to the plurality of parameters;
the first data classification is integrated into its corresponding class.
Further, in the present invention, determining, according to the plurality of parameters, a level of integrity to which the first data belongs includes:
constructing a fuzzy decision matrix according to the plurality of parameters, wherein the fuzzy decision matrix is constructed according to the weights of the plurality of parameters and under the condition that all information when any one of the plurality of parameters makes a single decision is reserved;
and judging the level of the integrity of the first data according to the matrix.
Further, in the present invention, integrating the first data classification into its corresponding class includes:
clustering the first data into an incomplete set if it is determined that the first data is an incomplete set;
and clustering the first data into a complete set under the condition that the first data is determined to be the complete set.
Further, in the present invention, integrating the first data classification into its corresponding class includes:
after the first data is clustered into the incomplete set or the complete set, carrying out conflict detection on the data in the incomplete set or the complete set, and under the condition of conflict determination, not carrying out data fusion; and under the condition of determining no conflict, carrying out data fusion to form a characteristic information base.
Further, in the present invention, integrating the first data classification into its corresponding class includes:
and encrypting the characteristic information base after classification integration and uploading the encrypted characteristic information base to cloud service.
Further, in the present invention, encrypting the feature information base includes:
generating a pseudo-random signal by using a nonlinear chaotic system as a broadband pseudo-random signal generator, wherein the pseudo-random signal is generated according to the characteristic information base;
encrypting the feature information base using the pseudo-random signal.
Further, in the present invention, the method further includes:
and judging whether the first data obtained in advance is matched with the received characteristic information base, and if so, verifying the integrity of the data in the transmission process.
According to a second aspect of the present application, there is provided a memory for storing software for performing the method described above.
According to a third aspect of the present application, there is provided a processor for executing software, wherein the software is for performing the above method.
In the embodiment of the application, a data security sharing method is adopted, which comprises the following steps: acquiring first data, wherein the first data is derived from a plurality of physical perception entities; classifying and integrating the first data according to the integrity of the data; encrypting the first data after classification integration and uploading the first data to a cloud service; and receiving an access request for the encrypted first data, and determining that the authority of the source side of the access request can access the first data. The method and the device solve the problem of safe sharing of data, so that the reliability and the integrity of data sharing are improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application, illustrate and explain the application and are not to be construed as limiting the application. In the drawings:
FIG. 1 is a flow chart of a method of secure sharing of data according to an embodiment of the present application.
Detailed Description
It should be noted that, in the case of no conflict, the embodiments and features in the embodiments may be combined with each other. The present application will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
It should be noted that the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer executable instructions, and that although a logical order is illustrated in the flowcharts, in some cases the steps illustrated or described may be performed in an order other than that illustrated herein.
In this embodiment, a method for securely sharing data is provided, and fig. 1 is a flowchart of the method for securely sharing data according to an embodiment of the present application, and as shown in fig. 1, the flow of the method includes the following steps:
step S102, acquiring first data, wherein the first data are derived from a plurality of physical perception entities;
step S104, classifying and integrating the first data according to the integrity of the data;
step S106, encrypting the first data after classification integration and uploading the first data to a cloud service;
step S108, an access request for the encrypted first data is received, and the authority of the source side of the access request is determined to be capable of accessing the first data.
In the above step, the first data from the plurality of physical sensing entities are classified according to their integrity, and then the classified first data are encrypted and uploaded to the cloud service, and the authority of the data access requester is determined to determine whether to open the access to the first data. The method and the device solve the problem of safe sharing of data, so that the reliability and the integrity of data sharing are improved.
The data sharing architecture involved in the method at least comprises a data provider, cloud storage and a data receiver.
The data provider has multi-source dynamic data, the dynamic data is derived from entities which comprise sensing layer equipment, an internet of things sensor and the like and can directly or indirectly provide data, and the functional entities can provide services for applications.
In the step S104, in order to classify the bulky data, a preferable classification method is provided, specifically, classifying and integrating the first data according to the integrity of the data includes: predefining a plurality of levels for representing different data integrity, wherein each level corresponds to a different integrity; acquiring a plurality of parameters affecting the integrity of the first data, wherein each parameter has a weight corresponding to the parameter, and the weight is used for indicating the influence of the parameter on the integrity; judging the level of the integrity to which the first data belongs according to the plurality of parameters; the first data classification is integrated into its corresponding class.
In the prior art, fuzzy theory refers to theory that uses basic concepts of fuzzy sets or continuous membership functions. The basic idea of fuzzy control is to integrate the control strategy of human expert on specific controlled object or process into a series of control rules expressed in the form of "IF (condition) THEN (action)", and obtain the control action set by fuzzy reasoning, and act on the controlled object or process. The control action set is a set of conditional statements, and the state statements and the control action are a set of quantized fuzzy language sets, such as ' positive big ', ' negative big ', ' positive small ', ' negative small ', ' zero, and the like. The fuzzy theory is based on fuzzy aggregation, the basic spirit is to accept the fact that the fuzzy phenomenon exists, and the fuzzy theory is to process the fuzzy uncertain things of the concept as the research target and positively quantize the fuzzy things into the information which can be processed by a computer, and the complex mathematical analysis, namely the model, is not required to solve the model.
Therefore, based on the fuzzy theory, in the above preferred classification mode, in order to integrate the influence of the respective parameters on the first data level, determining the level of the integrity to which the first data belongs according to the plurality of parameters includes: constructing a fuzzy decision matrix according to the plurality of parameters, wherein the fuzzy decision matrix is constructed according to the weights of the plurality of parameters and under the condition that all information when any one of the plurality of parameters makes a single decision is reserved; and judging the level of the integrity of the first data according to the matrix. The multi-source dynamic data is subjected to feature fusion through a fusion framework based on a fuzzy theory, so that an original feature database with multiple fine granularity can be formed, and the accuracy of data fusion is improved.
Further, in the above preferred classification manner, the classifying and integrating the first data into the corresponding class specifically includes: clustering the first data into an incomplete set if it is determined that the first data is an incomplete set; and clustering the first data into a complete set under the condition that the first data is determined to be the complete set.
As a preferred embodiment, in the above preferred classification mode, the conflict situation of the collection needs to be further considered so as not to cluster the wrong data, and therefore, integrating the first data classification into the corresponding class includes:
after the first data is clustered into the incomplete set or the complete set, carrying out conflict detection on the data in the incomplete set or the complete set, and under the condition of conflict determination, not carrying out data fusion; and under the condition of determining no conflict, carrying out data fusion to form a characteristic information base.
As an optional implementation manner, in the above preferred classification manner, in order to simplify data and ensure data security, integrating the first data classification into its corresponding level includes: and encrypting the characteristic information base after classification integration and uploading the encrypted characteristic information base to cloud service.
In a preferred embodiment, in the above preferred classification mode, in order to effectively implement encryption of the feature information base, encrypting the feature information base includes: generating a pseudo-random signal by using a nonlinear chaotic system as a broadband pseudo-random signal generator, wherein the pseudo-random signal is generated according to the characteristic information base; encrypting the feature information base using the pseudo-random signal.
In a preferred embodiment, in the above preferred classification mode, data integrity is also considered, so the method further includes: and judging whether the first data obtained in advance is matched with the received characteristic information base, and if so, verifying the integrity of the data in the transmission process.
Specifically, the above scheme is described in detail below in connection with fuzzy theory, encryption upload cloud storage, and specific techniques for authorizing access.
Step 201, define i= { I 1 ,I 2 ,...,I n The data set from n physical perception entities is input as a fusion framework based on fuzzy theory, wherein the data I from the ith physical perception entity i Consists of the following set:
I i ={I i1 ,I i2 ,...,I iL } (1)
wherein L is the number of data acquired by the ith physical perception entity;
definition o= { O 1 ,o 2 ,o 3 ,o 4 Data integrity set, where o j J=1, 2,3,4 respectively represent very good data integrityBetter, generally worse. Preferably, to more highlight the impact of the data service providing entity, it is necessary to set the physical sensing entity that directly provides the data service to be higher in weight, and the fuzzy weight set of the impact factors is expressed as follows:
A=(a 1 ,a 2 ,...,a n ) (2)
wherein n is the number of influencing factors;
from I i Single factor forming evaluation vector R i The evaluation matrix formed based on the membership functions is:
R i =[r i1 r i2 r i3 r i4 ]data integrity mapping values corresponding to the influence factors respectively, wherein for a specific i value, there are
The fuzzy decision matrix is constructed, the fuzzy operator used in the embodiment of the invention is weighted average, the influence of each factor on the decision is comprehensively considered, and all information of single factor decisions is reserved. Decision is carried out according to the influence factor set, and a decision object belongs to the membership degree of the elements in the decision set, so that the fuzzy decision matrix B is:
determining a membership function based on the fuzzy rule, wherein the membership function determines r in the judgment matrix ij (i=1, 2,3, …, n; j=1, 2,3, 4). The embodiment of the invention obtains membership functions for different state quantities by adopting the following 2 comprehensive modes: the fuzzy statistical experiment method is utilized to the influence factors with higher frequency of use, and the membership calculation of the method has a certain subjective property; the neural network training membership function can be built, and three layers can be builtThe convolutional neural network of (2) accomplishes the mapping from influencing factors to membership. When the BP (Back Propogation) network is built, the number of hidden layer nodes can be calculated according to the formula: i+o+a. Wherein i and o are the unit numbers of the input layer and the output layer respectively, and c is a certain numerical value between 1 and 10.
According to the membership function obtained by the above, obtaining a corresponding fuzzy weight output value B by using a decision matrix calculation formula in the formula (3) 1 ,B 2 ,...,B n 。
Step 202, deciding the data I of the physical sensing entity according to the fuzzy weight output value obtained in step 201 i Is described herein). For each fuzzy weight output value B i The decision result is a subset of the data integrity set O. The embodiment of the invention sets the complete set of decisions as O cmp ={o 1 ,o 2 ,o 3 Decision incomplete set is O incmp ={o 4 Based on decision complete set O cmp And decision incomplete set O incmp And judging whether the dynamic sensing data is complete or not.
Step 203, determining the incomplete set O by k-nearest neighbor interpolation pair incmp The missing values of (2) are estimated by first calculating Euclidean distances between elements in a non-complete set
Definition x i ,x j The method is characterized in that the method is an influence factor corresponding to the incomplete decision set, i is not equal to j, and n is the total number of influence factors corresponding to the incomplete decision set. In the embodiment of the invention, the nearest K value is set to be 5, and K minimum values are selected from the nearest K values according to Euclidean distances among the elements. Selecting 10 data values in the set in a random manner from the K nearest neighbor elements; generating new element values:
x new =x i +rand(0,1)×dist (5)
step 204, the embodiment of the present invention may directly cluster the complete set of decisions in step 202 and the set of influencing factors corresponding to the incomplete set of decisions in step 203. Specifically, a fuzzy clustering algorithm is adopted to construct a minimized objective function:
wherein C represents the cluster number of clusters, N is the data number, m is the fuzzy coefficient, i, j is the class label, u ij Representing sample x i Membership belonging to class j, x being the element value obtained in step 202 and step 203. c j Is the center of the j clusters, and the sum of membership degrees of each cluster is 1 for a single sample.
Step 205, adaptively fusing a plurality of results by using an improved fusion rule according to whether the clustering results conflict. If the clustering results conflict pairwise, the clustering results are dissimilar, and a fusion rule is not needed; if the clustering results are not conflicting pairwise, the clustering results are similar, the clustering is unreasonable, and further fusion is needed. The fusion rule based on improvement provided by the embodiment of the invention is as follows:
wherein Ω= { c 1 ,c 2 ,...,c j The set formed by the single clustering result in step 204, 2 Ω For the power set of the set, m (-) is the mapping function provided by the embodiment of the invention, and the value range is [0,1]Adopting an exponential function as a mapping function for real-time dynamic data, wherein
Finally, obtaining a fusion result m (A) under each fusion,
the closer the data fusion degree f value is to 0, the smaller the conflict among fusion categories is, and the more accurate the fusion effect is; the closer f is to 1, the greater the collision between the fusion categories and the more inaccurate the fusion.
According to the embodiment of the invention, the fusion result with the fusion degree lower than the standard fusion degree of the cloud storage domain is extracted to form the cloud storage domain feature fusion library. And the fusion result with the fusion degree f being greater than the standard fusion threshold value is reserved in the data I of each physical perception entity i In the process, an original feature fusion library is formed. The initial standard fusion threshold value set in the embodiment of the invention is a constant smaller than 0.5. In this way, each original characteristic database uploads the data quantity meeting the fusion standard of the cloud storage domain to the cloud storage domain through the fractional order system, and the pressure of cloud storage is reduced.
Step 206, fractional order system synchronization and encryption. When the feature information base formed in the step 205 is uploaded to the cloud for storage, the encryption scheme based on the fractional order system is introduced in the embodiment of the invention, so that the safety of the data when uploaded to the cloud and the real-time and synchronism requirements of the dynamic data are ensured. The basic principle of fractional order system synchronization and encryption is to use a nonlinear chaotic system as a broadband pseudorandom signal generator. The signal is encrypted according to the change of the main information, generating a pseudo-random broadband signal based on the information feature library. In the chaotic reception, a pseudo random signal is reproduced, and the pseudo random signal and the received signal are decrypted to restore the original information. The encryption operation of the chaotic transmitter is mainly to form a masking signal. The signal is generated as one of the state variables x generated by the drive system i And (t) adding the main signal m (t):
s m (t)=m(t)+x i (t) (9)
cloud storage can only store this mask signal. When the data requesting party needs to obtain certain shared data, decryption operation at the cloud is not needed, and decryption is only needed locally. The decryption requirement is that the decryption requirement must pass the authorization check of the cloud storage end, and the security and the synchronism in the uplink transmission process of the information feature library are ensured by correctly obtaining the fractional system key.
Step 207, cloud storage domain authorization verification. Defining that an operational entity is all participating entities in a dynamic data sharing cycle, represented by a triplet:<ID,F,D>. ID is an identifier of an operation entity, and is used for carrying out unique identification on the operation entity in a cloud storage domain, wherein ID= { ID 1 ,ID 2 ,...,ID i };F={(ID i ,X t )|ID i →X t I epsilon N represents the cloud storage domain versus the i-th operation entity ID i Authorization type X of (2) t Two types of authorization provided by the embodiment of the invention, X t ={X 1 ,X 2 And represents positive and negative grants, respectively.
Step 208, data receiver information feature matching. In order to avoid the situations of data loss and incomplete data in the transmission process between the data provider and the cloud storage end and between the cloud storage end and the data receiving end. The embodiment provides a data integrity detection scheme, which verifies the integrity in the data transmission process by checking the matching degree between an original characteristic information base of a cloud storage end and a characteristic information base of a cloud storage domain and between the characteristic information base of the cloud storage domain and a characteristic information base of a receiving end, and ensures the symmetry of shared data.
Defining the data receiver information characteristic matching threshold as V T The matching threshold value in the data sharing duration time T is represented, when the matching degree is larger than the threshold value, the integrity of the data is basically guaranteed in the process of sharing the data transmission, otherwise, the data provider needs to carry out verification and correction on the data again. This matching threshold is determined based on a criterion that the average incomplete detection probability is minimal:
P ave =P(A)P(I|A)+P(B)P(I|B) (10)
the probability of incomplete data in the process of uploading the data to the cloud end is P (I|A), and the probability of incomplete data in the process of sharing the characteristic information from the cloud end to the data receiver is P (I|B). Defining the sending density in the cloud transmission process of the data providing direction as p 1 (x) Mean value E 1 Variance is sigma n 2 . Transmitting process from cloud storage end to data receiving sub-partyThe receiving density of (a) is p 2 (x) Mean value E 2 Variance is sigma n 2 . The average incomplete detection probability is as follows:
according to the criterion of minimum average incomplete detection probability, make
The method can be characterized by comprising the following steps:
P(A)P 1 (V T )-P(B)P 2 (V T )=0 (12)
the embodiment of the invention defines that when the probability is larger than a constant C (C < 0.5), the data transmission is judged to be incomplete and retransmission is needed, otherwise, the data passes through a data integrity detection module, the data sharing is finished, and the shared data is stored in a data warehouse of a data receiver. Thus, the cloud storage realizes access control on the shared data mainly through authorization inspection, and the data receiving sub-party is mainly responsible for matching the shared data to obtain the matching degree of the feature library in each shared link.
The above-described embodiments of the invention have at least the following advantages:
1. and introducing a data fusion technology into a data provider, obtaining incomplete and complete perception data through a fuzzy theory, adapting to the integrity of a multi-source dynamic data perception result, and dynamically carrying out feature fusion on the multi-source dynamic data to form a multi-fine-granularity feature fusion original library. Through accurate feature fusion, the data provider generates a multi-fine-granularity feature fusion original library, and each feature fusion original library controls the feature data quantity uploaded to the cloud storage domain according to the fusion standard threshold value of the cloud storage domain, so that the storage pressure of the cloud storage domain is reduced, and the purpose of light weight is achieved.
2. And (4) introducing a fractional order system to encrypt and synchronously transmit the feature fusion library reaching the standard fusion threshold, and selecting a Lorenz system and a Rossler system as the driving and response of an uplink transmission channel. For each fusion feature library, the aim is to control the synchronism in the transmission process through the fractional order system, and the confidentiality in the data storage process is ensured to the greatest extent.
3. The behavior change state of a user (a data receiver) is monitored through authorization verification of cloud storage, a data request is uniquely identified in a cloud storage domain, and the cloud storage performs a data sharing task on the data receiver passing the authorization verification.
4. In order to avoid the possibility of disorder and loss in the dynamic data sharing process, a timely manner is provided for the dynamic data, and the original characteristic information base of the dynamic data provider is ensured to be matched with the characteristic information base of the data receiver.
5. According to the method, the matching degree and the incomplete detection probability of the feature library in each shared link can be calculated, and complete and reliable sharing of data is realized.
According to a second aspect of the present application, there is provided a memory for storing software for performing the method described above.
According to a third aspect of the present application, there is provided a processor for executing software, wherein the software is for performing the above method.
It should be noted that, the data security sharing method executed by the software is the same as the data security sharing method described above, and will not be described herein.
In this embodiment, there is provided an electronic device including a memory in which a computer program is stored, and a processor configured to run the computer program to perform the method in the above embodiment.
These computer programs may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart block or blocks and/or block diagram block or blocks, and corresponding steps may be implemented in different modules.
The above-described programs may be run on a processor or may also be stored in memory (or referred to as computer-readable media), including both permanent and non-permanent, removable and non-removable media, and information storage may be implemented by any method or technique. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and changes may be made to the present application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present application are intended to be included within the scope of the claims of the present application.
Claims (8)
1. A method for securely sharing data, comprising:
acquiring first data, wherein the first data is derived from a plurality of physical perception entities;
classifying and integrating the first data according to the integrity of the data;
encrypting the first data after classification integration and uploading the first data to a cloud service;
receiving an access request to the encrypted first data, and determining that the authority of the source side of the access request can access the first data;
wherein classifying and integrating the first data according to the integrity of the data comprises: predefining a plurality of levels for representing different data integrity, wherein each level corresponds to a different integrity; acquiring a plurality of parameters affecting the integrity of the first data, wherein each parameter has a weight corresponding to the parameter, and the weight is used for indicating the influence of the parameter on the integrity; judging the level of the integrity to which the first data belongs according to the plurality of parameters; integrating the first data classification into its corresponding class;
wherein determining, according to the plurality of parameters, a level of integrity to which the first data belongs includes: constructing a fuzzy decision matrix according to the plurality of parameters, wherein the fuzzy decision matrix is constructed according to the weights of the plurality of parameters and under the condition that all information when any one of the plurality of parameters makes a single decision is reserved; and judging the level of the integrity of the first data according to the matrix.
2. The method of claim 1, wherein integrating the first data classification into its corresponding tier comprises:
clustering the first data into an incomplete set if it is determined that the first data is an incomplete set;
and clustering the first data into a complete set under the condition that the first data is determined to be the complete set.
3. The method of claim 2, wherein integrating the first data classification into its corresponding tier comprises:
after the first data is clustered into the incomplete set or the complete set, carrying out conflict detection on the data in the incomplete set or the complete set, and under the condition of conflict determination, not carrying out data fusion; and under the condition of determining no conflict, carrying out data fusion to form a characteristic information base.
4. A method according to claim 3, wherein integrating the first data classification into its corresponding class comprises:
and encrypting the characteristic information base after classification integration and uploading the encrypted characteristic information base to cloud service.
5. The method of claim 4, wherein encrypting the feature information base comprises:
generating a pseudo-random signal by using a nonlinear chaotic system as a broadband pseudo-random signal generator, wherein the pseudo-random signal is generated according to the characteristic information base;
encrypting the feature information base using the pseudo-random signal.
6. The method according to claim 2, wherein the method further comprises:
and judging whether the first data obtained in advance is matched with the received characteristic information base, and if so, verifying the integrity of the data in the transmission process.
7. A memory for storing software, wherein the software is for performing the method of any one of claims 1 to 6.
8. A processor, characterized by being adapted to execute software, wherein the software is adapted to perform the method of any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110911998.0A CN113660235B (en) | 2021-08-10 | 2021-08-10 | Data security sharing method, memory and processor |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110911998.0A CN113660235B (en) | 2021-08-10 | 2021-08-10 | Data security sharing method, memory and processor |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113660235A CN113660235A (en) | 2021-11-16 |
| CN113660235B true CN113660235B (en) | 2023-04-28 |
Family
ID=78491045
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110911998.0A Active CN113660235B (en) | 2021-08-10 | 2021-08-10 | Data security sharing method, memory and processor |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113660235B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114500680B (en) * | 2022-04-19 | 2022-09-13 | 创思(广州)电子科技有限公司 | Multi-channel intersection data classification type information transmission method |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107360252A (en) * | 2017-08-16 | 2017-11-17 | 上海海事大学 | A kind of Data Access Security method that isomery cloud domain authorizes |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2533098B (en) * | 2014-12-09 | 2016-12-14 | Ibm | Automated management of confidential data in cloud environments |
| CN104933654B (en) * | 2015-05-29 | 2018-06-15 | 安徽师范大学 | Community medicine Internet of Things method for secret protection |
| CN111526197B (en) * | 2020-04-24 | 2023-05-09 | 远光软件股份有限公司 | Cloud data secure sharing method |
| CN112134848B (en) * | 2020-08-27 | 2023-03-24 | 中央广播电视总台 | Fusion media cloud self-adaptive access control method, device, terminal and medium |
| CN112383391B (en) * | 2020-11-12 | 2024-03-19 | 北京安御道合科技有限公司 | Data security protection method based on data attribute authorization, storage medium and terminal |
| CN112632052B (en) * | 2020-12-29 | 2022-10-28 | 中通服公众信息产业股份有限公司 | Heterogeneous data sharing method and intelligent sharing system |
-
2021
- 2021-08-10 CN CN202110911998.0A patent/CN113660235B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107360252A (en) * | 2017-08-16 | 2017-11-17 | 上海海事大学 | A kind of Data Access Security method that isomery cloud domain authorizes |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113660235A (en) | 2021-11-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Van Der Heijden et al. | Veremi: A dataset for comparable evaluation of misbehavior detection in vanets | |
| TW202001693A (en) | Method of characterizing activity in an artificial nerual network, and system comprising one or more computers operable to perform said method | |
| CN114818011B (en) | Federal learning method and system suitable for carbon credit evaluation and electronic equipment | |
| CN113673708A (en) | Distributed decentralized machine learning model training | |
| WO2019194787A1 (en) | Real-time entity anomaly detection | |
| CN115277189B (en) | Unsupervised intrusion flow detection and identification method based on generation type countermeasure network | |
| CN113660235B (en) | Data security sharing method, memory and processor | |
| Geng et al. | A fault prediction algorithm based on rough sets and back propagation neural network for vehicular networks | |
| US11475141B1 (en) | Apparatus and methods for verifying lost user data | |
| Haddaji et al. | Federated learning with blockchain approach for trust management in IoV | |
| Ayed et al. | ECTD: evidential clustering and case types detection for case base maintenance | |
| Jahwar et al. | A state of the art survey of machine learning algorithms for IoT security | |
| Fukuchi et al. | Faking fairness via stealthily biased sampling | |
| Thamer | Method of Artificial Neural Networks Teaching. | |
| Aluvalu et al. | Efficient data transmission on wireless communication through a privacy-enhanced blockchain process | |
| Manoharan et al. | Implementation of internet of things with blockchain using machine learning algorithm: Enhancement of security with blockchain | |
| Yang et al. | Generative adversarial learning for trusted and secure clustering in industrial wireless sensor networks | |
| CN112085051B (en) | Image classification method and system based on weighted voting and electronic equipment | |
| Khalil et al. | Fuzzy Logic based security trust evaluation for IoT environments | |
| US20230297691A1 (en) | Apparatus and methods for verifying lost user data | |
| CN116362526A (en) | Cloud edge cooperative resource management and control method and system for digital power plant | |
| Sai et al. | Machine un-learning: an overview of techniques, applications, and future directions | |
| Mahapatra et al. | A fuzzy approach for reputation management in Bittorrent P2P network | |
| Garg et al. | To Evaluate and Analyze the Performance of Anomaly Detection in Cloud of Things | |
| Pei et al. | Process service quality evaluation based on Dempster-Shafer theory and support vector machine |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |