CN115664629A - Homomorphic encryption-based data privacy protection method for intelligent Internet of things platform - Google Patents
Homomorphic encryption-based data privacy protection method for intelligent Internet of things platform Download PDFInfo
- Publication number
- CN115664629A CN115664629A CN202211228831.5A CN202211228831A CN115664629A CN 115664629 A CN115664629 A CN 115664629A CN 202211228831 A CN202211228831 A CN 202211228831A CN 115664629 A CN115664629 A CN 115664629A
- Authority
- CN
- China
- Prior art keywords
- data
- data acquisition
- user
- base station
- acquisition node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a homomorphic encryption-based data privacy protection method for an intelligent Internet of things platform, which comprises the following steps: collecting user information through intelligent terminal equipment; the user information is information for interaction between a user and the intelligent Internet of things platform; sending the user information to a data acquisition node; the identity authentication of the intelligent terminal equipment is carried out through a data acquisition node; after the identity authentication is passed, cleaning the user information through a data acquisition node to generate user data; forwarding the user data to the base station; carrying out homomorphic encryption on user data through a base station to generate ciphertext data; sending the ciphertext data to the cloud virtual node; the ciphertext data are analyzed and processed through the cloud virtual node, and a ciphertext result is generated; and returning the ciphertext result to the base station, decrypting the ciphertext result through the base station, and sending the decrypted operation result to the user. The method can effectively ensure the confidentiality and the integrity of the data, and greatly enhances the privacy protection in the data operation process of the intelligent Internet of things platform.
Description
Technical Field
The invention relates to the technical field of data privacy protection, in particular to a homomorphic encryption-based data privacy protection method for an intelligent Internet of things platform.
Background
With the development of the internet and the breakthrough of the 5G technology, the intelligent internet of things permeates into various fields of various industries, and the rapid development of economy is promoted. However, the intelligent internet of things platform contains a large amount of personal sensitive information of the user, and once the platform uploads the data to the cloud for analysis and processing, the privacy of the personal data of the user is easily revealed once the platform is attacked, so that troubles are brought to the personal life of the user. Therefore, the intelligent internet of things platform provides convenient service and brings hidden danger of privacy disclosure, and therefore the homomorphic encryption technology is very important.
Compared with the traditional encryption method, the homomorphic encryption method can realize basic encryption operation and can also directly operate ciphertext, namely, the result of encrypting data first and then calculating data is equal to that of calculating first and then decrypting, and the characteristic has important significance for the protection of privacy safety. Most homomorphic encryption is applied to the data processing process of the cloud end, but the existing solution has the problems of low efficiency, high cost and the like, so that the calculation overhead is high.
In order to solve the problem of privacy disclosure caused when an intelligent internet of things platform uploads user data to a cloud for analysis and processing, a learner provides a data privacy protection method for generating an countermeasure network based on a time sequence under a differential privacy framework. On the premise of meeting the definition of differential privacy, the method can generate synthetic data similar to real sensitive data of the user, and on the premise of ensuring the personal privacy of the user, the usability of the data is also ensured. However, as the degree of privacy protection increases, the feature information that can be captured by the method decreases, so that the usability of the synthesized data decreases sharply. Therefore, how to select an appropriate privacy budget is a technical problem which needs to be solved urgently.
In the prior art, aiming at the problems of the limitation of local computing resources and data privacy brought by an untrusted third-party platform, a scholars provides a privacy protection linear regression algorithm for safe two-party computing based on a secret sharing technology. The method adopts an encryption homomorphism, an addition mask code and a small-batch gradient descent algorithm to realize a secure linear regression algorithm on two non-collusion cloud servers. Although the method achieves privacy protection of data and model parameters, the linear regression algorithm is not suitable for processing nonlinear data, and overfitting of the model may be caused.
The existing privacy protection methods mainly include two types in addition: trusted federated learning and trusted execution environments. Firstly, trusted federated learning aims to establish a federated learning model based on a distributed data set, and is a learning mode for cooperatively completing a machine learning task under the condition that original data is not exported; therefore, the purpose of privacy protection can be achieved by fusing various privacy protection technologies, but whether the participants are real or not cannot be guaranteed, and therefore potential safety hazards are increased. Secondly, the trusted execution environment is a trusted secure environment constructed by trusted and tamper-resistant software and hardware, and data is processed by a trusted program in the environment, so that the data is protected from being leaked in the data transmission process, but the scheme has strict requirements on hardware, and the cost is higher.
Therefore, on the basis of the existing intelligent internet of things platform technology, how to reduce communication cost and improve information security on the premise of effectively reducing data leakage becomes a problem to be solved urgently by technical personnel in the field.
Disclosure of Invention
In view of the above problems, the present invention provides a method for protecting data privacy of an intelligent internet of things platform based on homomorphic encryption, which can effectively improve information security and reduce data leakage.
The embodiment of the invention provides a homomorphic encryption-based data privacy protection method for an intelligent Internet of things platform, which comprises the following steps:
collecting user information through intelligent terminal equipment; the user information is information for interaction between a user and the intelligent Internet of things platform;
sending the user information to a data acquisition node; the identity authentication is carried out on the intelligent terminal equipment through the data acquisition node; after the identity authentication is passed, cleaning the user information through the data acquisition node to generate user data; forwarding the user data to a base station;
carrying out homomorphic encryption on the user data through a base station to generate ciphertext data; sending the ciphertext data to a cloud virtual node;
analyzing and processing the ciphertext data through the cloud virtual node to generate a ciphertext result; and returning the ciphertext result to the base station, decrypting the ciphertext result through the base station, and sending the decrypted operation result to a user.
Further, the sending the user information to a data acquisition node includes:
sending a user information data access request to an intelligent terminal device group through the data acquisition node; the intelligent terminal equipment group consists of a plurality of intelligent terminal equipment; the access request comprises: the name, IP address, equipment state and life cycle of the request message of the data acquisition node;
after receiving the access request, the intelligent terminal equipment in the intelligent terminal equipment group returns a session application message to the data acquisition node in the life cycle of the access request; the session application message includes: and the name and the IP address of the intelligent terminal equipment.
Further, the identity authentication of the intelligent terminal equipment is carried out through the data acquisition node; after the identity authentication is passed, the method further comprises the following steps:
generating a random key through a key generation module arranged in the data acquisition node, and returning the random key to the intelligent terminal equipment;
after receiving the random key, the intelligent terminal equipment sends the acquired user information and the random key to the data acquisition node; and the data acquisition node starts to receive the data sent by the intelligent terminal equipment when verifying that the random key is correct.
Further, the key generation module generates the random key by adding a random number to the current timestamp.
Further, the step of cleaning the user information through the data acquisition node to generate user data includes:
and classifying and aggregating the data through a k-means clustering algorithm to clean the user information to generate user data.
Further, forwarding the user data to a base station includes:
constructing a two-dimensional matrix according to the network environment where the data acquisition node is located, wherein matrix elements of the two-dimensional matrix are initialized to 0; taking the data acquisition node as a target data acquisition node;
if any two data acquisition nodes in the network environment where the target data acquisition node is located can directly establish communication connection, taking the time required by the any two data acquisition nodes to establish communication connection as the weight of the two-dimensional matrix; if the arbitrary two data acquisition nodes can not directly establish communication connection, setting the weight of the two-dimensional matrix to be infinite;
constructing a time array for recording the total communication time from the current data acquisition node to the other data acquisition nodes; constructing a path array for recording path information when the time array determines the shortest path; repeatedly executing the step until the shortest communication time from the target data acquisition node to the base station is found, and obtaining the optimal forwarding path according to the information recorded by the path array;
and forwarding the user data to a base station according to the optimal forwarding path.
Further, the homomorphic encryption is performed on the user data through the base station to generate ciphertext data, and the method includes:
generating a public key and a private key according to a secret key generation algorithm;
and encrypting the user data according to an encryption algorithm and the public key to generate ciphertext data.
Further, decrypting, by the base station, the ciphertext result includes:
and the base station decrypts the ciphertext result according to a decryption algorithm and the private key.
The technical scheme provided by the embodiment of the invention has the beneficial effects that at least:
the embodiment of the invention provides a data privacy protection method of an intelligent internet of things platform based on homomorphic encryption, which comprises the following steps: collecting user information through intelligent terminal equipment; the user information is information for interaction between a user and the intelligent Internet of things platform; sending the user information to a data acquisition node; carrying out identity authentication on the intelligent terminal equipment through the data acquisition node; after the identity authentication is passed, cleaning the user information through a data acquisition node to generate user data; forwarding the user data to the base station; carrying out homomorphic encryption on user data through a base station to generate ciphertext data; sending the ciphertext data to the cloud virtual node; the ciphertext data are analyzed and processed through the cloud virtual node to generate a ciphertext result; and returning the ciphertext result to the base station, decrypting the ciphertext result through the base station, and sending the decrypted operation result to the user. The method can effectively ensure the confidentiality and the integrity of the data, and greatly enhances the privacy protection in the data operation process of the intelligent Internet of things platform.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
fig. 1 is a flowchart of a data privacy protection method for an intelligent internet of things platform based on homomorphic encryption according to an embodiment of the present invention;
fig. 2 is a flowchart of identity authentication according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
The embodiment of the invention provides a homomorphic encryption-based data privacy protection method for an intelligent Internet of things platform, which comprises the following steps:
collecting user information through intelligent terminal equipment; the user information is information for interaction between a user and the intelligent Internet of things platform;
sending the user information to a data acquisition node; carrying out identity authentication on the intelligent terminal equipment through the data acquisition node; after the identity authentication is passed, cleaning the user information through a data acquisition node to generate user data; forwarding the user data to the base station;
carrying out homomorphic encryption on user data through a base station to generate ciphertext data; sending the ciphertext data to the cloud virtual node;
the ciphertext data are analyzed and processed through the cloud virtual node to generate a ciphertext result; and returning the ciphertext result to the base station, decrypting the ciphertext result through the base station, and sending the decrypted operation result to the user.
According to the data privacy protection method of the intelligent internet of things platform based on homomorphic encryption, the communication efficiency and the data availability can be obviously improved on the premise of effectively reducing the data leakage of the intelligent internet of things platform, the data confidentiality in the data operation process is ensured, and the calculation pressure of a cloud center server is reduced. And the safety in the data acquisition process is effectively enhanced.
Referring to fig. 1, firstly, after collecting data from a user, each intelligent terminal device forwards the data to a data collection node, where identity authentication is required to be performed on an access terminal device: the data acquisition node is internally provided with an identity verification module and a key generation module and is used for solving the problem of terminal equipment identity authentication when the data acquisition node collects data to a terminal equipment group. After the identity authentication is passed, the terminal equipment can send data to the data acquisition node; after receiving the data, the data acquisition node simply cleans the data, and then selects an optimal forwarding path to forward the data to the base station by adopting a Dijkstra algorithm based on a greedy strategy; after receiving the data, the base station performs homomorphic encryption, then sends the ciphertext data to cloud virtual nodes around the base station to perform various analysis processes, and returns a ciphertext result to the base station and performs decryption after various operations on the data are completed; and the base station returns the decrypted operation result to the user.
Specifically, referring to fig. 2, when a data collection node faces an access request of a large number of terminal devices, in order to avoid data privacy disclosure caused by access of a virtual device, the method further includes the following identity authentication steps:
(1) After the data acquisition node sends a data access request to the terminal equipment group, the request information comprises: the data collection node name, the IP address, the device status, and the life cycle of the request message.
(2) After receiving a data request message sent by a data acquisition node, a terminal equipment group returns a session application message to the data acquisition node in the life cycle of the request message, wherein the session application message comprises: a terminal device name and an IP address; and if the life cycle of the request message is exceeded, the session application message is failed to be sent.
(3) After receiving the session application message, the data acquisition node performs identity authentication on the session application message, and if the identity authentication is passed, a key generation module built in the data acquisition node is used for generating a random key K, and the random key K is returned to the target terminal equipment for bill vouchers during data interaction; if the authentication fails, the data access request is terminated.
(4) And after receiving the returned random key K, the target terminal equipment indicates that the identity authentication is passed, and the target terminal equipment can carry out data interaction. The target terminal device sends the data and the random key K to the data acquisition node, and the data acquisition node starts to receive the requested data, namely the user information, when verifying that the key K is correct.
Specifically, since the acquired original data usually contains abnormal values, after the data acquisition node requests the required data, the data needs to be cleaned, so as to improve the communication efficiency and the operation efficiency of the subsequent process. In the embodiment, data are classified and aggregated by adopting a k-means clustering algorithm, and isolated points, namely abnormal data, are mined out through different sets and deleted. The clustering steps are as follows:
(1) Randomly selecting partial data as an initial clustering center;
(2) Calculating Euclidean distances from all samples to each center aiming at the clustering centers initialized in the step (1), and then classifying the Euclidean distances into a clustering class with the closest clustering;
(3) Calculating the mean value of the samples in each cluster class after clustering as the center of a new cluster class;
(4) Then, repeatedly executing the step (2) and the step (3) until the clustering result is not changed any more;
(5) At this time, the isolated points, namely the abnormal data, are deleted, and the whole clustering process is finished.
Further, after the data is simply cleaned, an optimal available path needs to be selected according to a network structure where a plurality of data acquisition nodes are located to transmit the data to the base station. Here, the Dijkstra algorithm is adopted to obtain the optimal path, and the step of obtaining the optimal forwarding path is as follows:
(1) Constructing a two-dimensional matrix according to the network environment of each data acquisition node, and initializing matrix elements to 0;
(2) If any two data acquisition nodes in the network environment can directly establish communication connection, the time required by the two nodes to establish the connection is taken as the weight of the two-dimensional matrix; if the two nodes cannot communicate directly, the weight is set to infinity.
(3) Constructing a time array T for recording the total communication time from the current node to the other nodes; and constructing a path array path for recording path information when the time array T determines the shortest path.
And (4) repeating the step (3) until the shortest communication time from the target data acquisition node to the base station is found, and obtaining the optimal forwarding path according to the information recorded by the path array path.
Specifically, after the base station receives data sent by the data acquisition node, in order to ensure that data privacy is not leaked in the data operation process, the base station needs to perform homomorphic encryption on the data, and then distribute encrypted ciphertext data to the cloud virtual node to perform a series of operations and operations. The steps of homomorphic encryption of data are as follows:
(1) And (3) key generation: keyGen () → (pk, sk); wherein, keyGen () is a key generation function; pk is a public key and sk is a private key;
randomly selecting two prime numbers p, q, and satisfying gcd (pq, (p-1) (q-1)) =1;
calculate n = pq, λ = lcm (p-1, q-1), define the decryption function
Randomly selecting a positive integer g<n 2 And calculating μ = (L (g) λ mod n 2 )) -1 mod n; mod means remainder;
the public key pk is (n, g) and the private key sk is (λ, μ).
Where KeyGen () is a key generation function, pk is the final generated public key, gcd () function returns its greatest common divisor, and lcm () function returns its smallest common multiple.
(2) Encryption: enc (pk, m) → c
Randomly selecting an integer r which satisfies 0<r<n,
I.e. r is in n 2 Is a multiplication inverse, aProvided that r and n are coprime;
computing ciphertext c = g m r n mod n 2 。
Wherein Enc () is an encryption function, pk is the public key generated in step (1), m is plaintext data, c is ciphertext data, Z represents an integer, and subscripts represent how many elements in the integer set.
And after encryption is completed, distributing the ciphertext data to each edge virtual node according to the calculation requirement to perform calculation tasks. After the calculation is finished, each virtual node returns the operation result of the ciphertext data to the base station, and the base station performs decryption operation. The decryption steps are as follows:
and (3) decryption: dec (sk, c) → m
Calculate plaintext m = L (c) λ mod n 2 )*μmod n.
Where Dec () is a decryption function, sk is a private key generated by a key generation function KeuGen (), c is ciphertext data, and m is plaintext data.
And after the decryption is finished, returning the operation result to the user, thereby finishing the whole process from data acquisition, data encryption and data decryption to result return.
The following describes in detail the intelligent internet of things platform data privacy protection method based on homomorphic encryption according to the present embodiment, with reference to specific practical application examples:
the device mainly comprises the following parts: the system comprises intelligent terminal equipment groups such as users, mobile phones and computers, a plurality of gateways and base stations and a plurality of edge virtual nodes. The requirement of this example is that the user needs to analyze the data that oneself produced on the wisdom thing allies oneself with the platform and obtains a result, consequently, needs to upload personal sensitive information data to the high in the clouds and carry out the analysis statistics of data. Firstly, intelligent terminal equipment groups such as mobile phones, computers and the like collect data from users; secondly, performing identity authentication on the terminal equipment applying for accessing the data acquisition node based on the provided terminal equipment identity authentication method; after the identity authentication is passed, the terminal equipment can transmit data to the data acquisition node, and if the identity authentication fails, the data transmission between the terminal equipment and the data acquisition node is forbidden; the data acquisition node simply cleans the received data by using a k-means clustering algorithm to remove abnormal values in the data; then, based on Dijkstra algorithm, selecting an optimal forwarding path to forward the cleaned data to the base station; the base station performs homomorphic encryption on the received data and then distributes the data to the edge virtual node for statistical analysis processing to obtain a processing result; and after the analysis processing is finished, each edge virtual node returns the ciphertext result to the base station, and the base station returns the ciphertext result to the user after decryption.
Specifically, first, the intelligent terminal device group collects data from users, mainly including personal sensitive information of the users at each intelligent terminal device, such as: user name, age, address and preferences, etc. The intelligent terminal device group needs to forward the collected data to the data acquisition node, and the data acquisition node needs to perform identity verification on the accessed intelligent terminal devices. The whole process is as follows:
a certain data acquisition node sends a data access request to the intelligent terminal equipment group, which indicates that the data acquisition node belongs to idle time at the moment and can receive data. The data access request comprises: the name of the data acquisition node, the IP address, the equipment state and the life cycle of the request message. The life cycle indicates that the intelligent terminal equipment can only receive the message returned by the target terminal equipment if the intelligent terminal equipment returns the session application message in the life cycle of the message. After receiving the request message of data access, the intelligent terminal equipment group returns a session application message in the life cycle, and the message content comprises: terminal device name and IP address.
After receiving the returned session application message, the data acquisition node performs authentication on the target terminal equipment to be subjected to data interaction based on the built-in authentication module according to the IP address of the data acquisition node, and terminates the data communication if the authentication fails; if the identity passes, a random key K is generated by a built-in key generation module and returned to the target terminal equipment as a certificate for subsequent data interaction, and the key generation module adds a random number as a random key according to the current timestamp and returns the random key to the target terminal equipment. After receiving the returned key K, the terminal equipment indicates that the identity authentication is passed, and at the moment, the terminal equipment can send the key K and the data to be transmitted to the data acquisition node.
After the data acquisition node receives the data, the data needs to be simply cleaned, and the subsequent transmission efficiency is improved. The processing steps are as follows:
randomly selecting partial data as an initial clustering center; then, the distance from all the rest data to each initial cluster center is calculated by a Euclidean distance formula, and the data are classified into a set class with the nearest distance, wherein the following formula is as follows: d represents the initial cluster center (x) 1 ,y 1 ) And the rest of the data (x) n ,y n ) The euclidean distance between them;
then calculating the data mean value in each clustered set class as the center of a new set class; repeatedly executing the steps until the clustering result is not changed; and finally, deleting the isolated points, namely the abnormal data, completing the simple cleaning of the data, and ending.
After the data acquisition node simply cleans the data, the data acquisition node needs to forward the data to a base station for subsequent encryption and analysis processing. Here, the optimal forwarding path is found based on Dijkstra algorithm. The main process is as follows:
the example comprises a plurality of data acquisition nodes, when the data acquisition nodes are ready to forward data to a base station, a two-dimensional matrix is firstly constructed according to a network structure where the data acquisition nodes are located, matrix elements represent time required by communication of any two nodes capable of directly establishing communication connection, all the matrix elements are initialized to be zero, and the mode that the communication connection can be directly established means communication connection which is not established through an intermediate node. Secondly, constructing an array T and an array path: the array T is used for storing the shortest time required by two nodes to communicate, wherein the two nodes can communicate, namely, a communication connection can be established through an intermediate node; the path array is used for storing path information which is passed by two nodes when the two nodes can establish communication. Then, according to the matrix information (namely the matrix information in the constructed two-dimensional matrix), repeated iteration is carried out to find the shortest path from the target data acquisition node to the base station through the intermediate transfer node, and the array T and the array path are continuously updated to obtain the optimal forwarding path.
After receiving the forwarded data, the base station needs to perform homomorphic encryption to ensure that privacy disclosure is not caused when the data is distributed to the edge virtual node for analysis processing. The homomorphic encryption process is as follows:
firstly, generating a public key pk and a private key sk according to a key generation algorithm keyGen () as a certificate of subsequent encryption and decryption; the data is then encrypted according to the encryption algorithm Enc () and the generated public key pk.
And after encryption is finished, distributing the ciphertext data to the edge virtual node for data analysis and processing, and after the processing is finished, returning a ciphertext result to the base station by the edge virtual node. And the base station decrypts the ciphertext result according to the decryption algorithm Dec () and the generated private key sk and then returns the result to the user.
In the data privacy protection method of the intelligent internet of things platform based on homomorphic encryption provided by the embodiment, an identity verification module and a key generation module are arranged in a data acquisition node, so that the identity authenticity of an intelligent terminal equipment group and the data acquisition node during data interaction is ensured; after the data acquisition node receives the data, the data is cleaned, and then an optimal forwarding path is obtained based on a Dijkstra algorithm, so that the subsequent communication efficiency and the data availability are improved; the data are encrypted in a homomorphic way at the base station, so that the confidentiality of the data in the data operation process is ensured; the data are distributed to the edge virtual nodes for data analysis and processing, the computing pressure of the cloud center server is reduced, and data information is prevented from being acquired by an untrusted cloud service. Therefore, the method can effectively ensure the confidentiality and the integrity of the data, and greatly enhances the privacy protection in the data operation process of the intelligent Internet of things platform.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (8)
1. A data privacy protection method of an intelligent Internet of things platform based on homomorphic encryption is characterized by comprising the following steps:
collecting user information through intelligent terminal equipment; the user information is information for interaction between a user and the intelligent Internet of things platform;
sending the user information to a data acquisition node; the identity authentication of the intelligent terminal equipment is carried out through the data acquisition node; after the identity authentication is passed, cleaning the user information through the data acquisition node to generate user data; forwarding the user data to a base station;
carrying out homomorphic encryption on the user data through a base station to generate ciphertext data; sending the ciphertext data to a cloud virtual node;
analyzing and processing the ciphertext data through the cloud virtual node to generate a ciphertext result; and returning the ciphertext result to the base station, decrypting the ciphertext result through the base station, and sending the decrypted operation result to a user.
2. The intelligent internet of things platform data privacy protection method based on homomorphic encryption as claimed in claim 1, wherein sending the user information to a data collection node comprises:
sending a user information data access request to an intelligent terminal device group through the data acquisition node; the intelligent terminal equipment group consists of a plurality of intelligent terminal equipment; the access request comprises: acquiring the name, IP address, equipment state and life cycle of the request message by the data acquisition node;
after receiving the access request, the intelligent terminal equipment in the intelligent terminal equipment group returns a session application message to the data acquisition node in the life cycle of the access request; the session application message includes: and the name and the IP address of the intelligent terminal equipment.
3. The intelligent internet of things platform data privacy protection method based on homomorphic encryption as claimed in claim 2, wherein the data collection node authenticates the identity of the intelligent terminal device; after the identity authentication is passed, the method further comprises the following steps:
generating a random key through a key generation module arranged in the data acquisition node, and returning the random key to the intelligent terminal equipment;
after receiving the random key, the intelligent terminal equipment sends the acquired user information and the random key to the data acquisition node; and the data acquisition node starts to receive the data sent by the intelligent terminal equipment when verifying that the random key is correct.
4. The intelligent internet of things platform data privacy protection method based on homomorphic encryption as claimed in claim 3, wherein said key generation module generates said random key by adding a random number to a current timestamp.
5. The intelligent internet of things platform data privacy protection method based on homomorphic encryption as claimed in claim 1, wherein the step of cleaning the user information through the data collection node to generate user data comprises:
and classifying and aggregating the data through a k-means clustering algorithm to clean the user information, and generating the user data.
6. The method as claimed in claim 1, wherein forwarding the user data to a base station includes:
constructing a two-dimensional matrix according to the network environment where the data acquisition node is located, wherein matrix elements of the two-dimensional matrix are initialized to 0; taking the data acquisition node as a target data acquisition node;
if any two data acquisition nodes in the network environment where the target data acquisition node is located can directly establish communication connection, taking the time required by the any two data acquisition nodes to establish communication connection as the weight of the two-dimensional matrix; if the communication connection cannot be directly established between any two data acquisition nodes, setting the weight of the two-dimensional matrix to be infinite;
constructing a time array for recording the total communication time from the current data acquisition node to the other data acquisition nodes; constructing a path array for recording path information when the time array determines the shortest path; repeatedly executing the step until the shortest communication time from the target data acquisition node to the base station is found, and obtaining the optimal forwarding path according to the information recorded by the path array;
and forwarding the user data to a base station according to the optimal forwarding path.
7. The intelligent internet of things platform data privacy protection method based on homomorphic encryption of claim 1, wherein the homomorphic encryption of the user data by a base station to generate ciphertext data comprises:
generating a public key and a private key according to a key generation algorithm;
and encrypting the user data according to an encryption algorithm and the public key to generate ciphertext data.
8. The intelligent internet of things platform data privacy protection method based on homomorphic encryption of claim 7, wherein the decrypting the ciphertext result by the base station comprises:
and the base station decrypts the ciphertext result according to a decryption algorithm and the private key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211228831.5A CN115664629A (en) | 2022-10-09 | 2022-10-09 | Homomorphic encryption-based data privacy protection method for intelligent Internet of things platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211228831.5A CN115664629A (en) | 2022-10-09 | 2022-10-09 | Homomorphic encryption-based data privacy protection method for intelligent Internet of things platform |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115664629A true CN115664629A (en) | 2023-01-31 |
Family
ID=84987810
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211228831.5A Pending CN115664629A (en) | 2022-10-09 | 2022-10-09 | Homomorphic encryption-based data privacy protection method for intelligent Internet of things platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115664629A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116318621A (en) * | 2023-05-23 | 2023-06-23 | 青岛鑫晟汇科技有限公司 | Industrial Internet of things data privacy protection system based on homomorphic encryption |
| CN116405933A (en) * | 2023-06-08 | 2023-07-07 | 山东赢伦电力科技有限公司 | Energy management method and device based on neural network |
-
2022
- 2022-10-09 CN CN202211228831.5A patent/CN115664629A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116318621A (en) * | 2023-05-23 | 2023-06-23 | 青岛鑫晟汇科技有限公司 | Industrial Internet of things data privacy protection system based on homomorphic encryption |
| CN116405933A (en) * | 2023-06-08 | 2023-07-07 | 山东赢伦电力科技有限公司 | Energy management method and device based on neural network |
| CN116405933B (en) * | 2023-06-08 | 2023-08-29 | 山东赢伦电力科技有限公司 | Energy management method and device based on neural network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Xu et al. | Efficient and privacy-preserving truth discovery in mobile crowd sensing systems | |
| CN107145791B (en) | K-means clustering method and system with privacy protection function | |
| Liu et al. | An efficient privacy-preserving outsourced calculation toolkit with multiple keys | |
| Paulet et al. | Privacy-preserving and content-protecting location based queries | |
| Jiang et al. | Flashe: Additively symmetric homomorphic encryption for cross-silo federated learning | |
| CN106487506B (en) | Multi-mechanism KP-ABE method supporting pre-encryption and outsourcing decryption | |
| Li et al. | Inspecting edge data integrity with aggregate signature in distributed edge computing environment | |
| CN115664629A (en) | Homomorphic encryption-based data privacy protection method for intelligent Internet of things platform | |
| Yan et al. | Context-aware verifiable cloud computing | |
| CN114168977A (en) | Cipher text-based numerical value safe sorting method and system | |
| CN107465665A (en) | A kind of file encryption-decryption method based on fingerprint identification technology | |
| CN104967693A (en) | Document similarity calculation method facing cloud storage based on fully homomorphic password technology | |
| Murugesan et al. | Analysis on homomorphic technique for data security in fog computing | |
| Hasan et al. | Encryption as a service for smart grid advanced metering infrastructure | |
| Li et al. | A novel privacy-preserving multi-level aggregate signcryption and query scheme for Smart Grid via mobile fog computing | |
| CN109547413A (en) | The access control method of convertible data cloud storage with data source authentication | |
| Zhao et al. | Fuzzy identity-based dynamic auditing of big data on cloud storage | |
| Rong et al. | Privacy-preserving-means clustering under multiowner setting in distributed cloud environments | |
| CN111200604A (en) | Privacy protection method and system based on data aggregation | |
| Jiang et al. | A verifiable and privacy‐preserving multidimensional data aggregation scheme in mobile crowdsensing | |
| Sharma et al. | Multiuser searchable encryption with token freshness verification | |
| Devi et al. | Environmental Benefits of Enhanced Hecc-Elgamal Cryptosystem for Security in Cloud Data Storage Using Soft Computing Techniques. | |
| CN116049851B (en) | Ciphertext processing system and method based on full homomorphic encryption | |
| CN117349685A (en) | Clustering method, system, terminal and medium for communication data | |
| Lv et al. | A review of big data security and privacy protection technology |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |