CN115766230B - Distributed server privacy calculation control method, device, equipment and medium - Google Patents
Distributed server privacy calculation control method, device, equipment and medium Download PDFInfo
- Publication number
- CN115766230B CN115766230B CN202211434437.7A CN202211434437A CN115766230B CN 115766230 B CN115766230 B CN 115766230B CN 202211434437 A CN202211434437 A CN 202211434437A CN 115766230 B CN115766230 B CN 115766230B
- Authority
- CN
- China
- Prior art keywords
- privacy
- data
- server
- data flow
- calculation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The disclosure relates to a distributed server privacy calculation management and control method, device, equipment and medium, wherein the method comprises the following steps: the method comprises the steps of constructing a privacy calculation server template, setting privacy calculation data requirements, data circulation requirements and performance requirements of privacy calculation, constructing a privacy calculation server based on the privacy calculation server template and the privacy calculation data requirements, the data circulation requirements and the performance requirements, and managing and controlling data circulation based on a data circulation monitoring module in the privacy calculation server. Therefore, the management difficulty of the privacy computing server is reduced by constructing the privacy computing server template, unified scheduling management of data flow and data computation is realized from the system level, the privacy computing server is constructed, the data flow and the like of the privacy computing server are managed and controlled, and safe use and controllable use of the privacy data are realized.
Description
Technical Field
The disclosure relates to the technical field of security services, and in particular relates to a distributed server privacy calculation management and control method, device, equipment and medium.
Background
The rapid development of new generation information technologies such as cloud computing, internet of things and internet of vehicles enables a large number of enterprises to start digital transformation, and various industries are rapidly developing under the promotion of technologies such as analysis and computation based on data. But also exposes a series of problems during the storage and use of data, such as data security, access control, authentication, privacy protection, etc.
In general, the privacy computing technology is a systematic technical solution for solving the above problems, and the privacy computing technology analyzes from two angles of data flow (data flow/data non-flow) and data computation (centralized/collaborative computation), including different development directions of secure multiparty computation, trusted execution environment, federal learning and the like.
However, the technical logic of distributed privacy calculations such as secure multiparty calculation, federal learning, local differential privacy, etc. regarding personal information and privacy protection is not encryption, but the data controlled by the parties cooperatively calculating are only locally operated, and no circulation of input data and output data occurs.
In the related art, data is desensitized by collecting and transferring data, but the data transfer process is not tracked and managed, and the risk that the data is shared to an unauthorized third party exists.
Disclosure of Invention
In order to solve the technical problems described above or at least partially solve the technical problems described above, the present disclosure provides a distributed server privacy calculation management and control method, apparatus, device, and medium.
The disclosure provides a distributed server privacy calculation control method, which comprises the following steps:
constructing a privacy computing server template;
setting privacy calculation data requirements, data flow requirements and performance requirements of privacy calculation;
constructing a privacy computing server based on the privacy computing server template and the privacy computing data requirements, the data flow requirements, and the performance requirements;
and managing and controlling the data flow based on a data flow monitoring module in the privacy computing server.
In an alternative embodiment of the present disclosure, the constructing a privacy computation server template includes:
determining a target operating system version as a privacy computing server master;
and constructing a data flow module, a data flow monitoring module and a privacy calculation management and control module based on the privacy calculation server master plate.
In an alternative embodiment of the disclosure, the constructing a privacy computing server based on the privacy computing server template and the privacy computing data requirements, the data flow requirements, and the performance requirements includes:
configuring system operation parameters of the privacy computation server template according to the performance requirements;
importing corresponding privacy data from a data warehouse to the privacy computing server by using a data flow module based on the privacy computing data requirement;
and importing a privacy calculation customization module to the privacy calculation server by using the privacy calculation management and control module based on the data flow requirement.
In an alternative embodiment of the disclosure, the data warehouse and the privacy computing server, and the flow rules between the privacy computing server and the privacy computing server are obtained based on the privacy computing customization module.
In an alternative embodiment of the present disclosure, the method further comprises:
receiving a data flow update requirement; wherein the data flow update requirement comprises a target flow rule;
and replacing the current circulation rule with the target circulation rule.
In an optional embodiment of the disclosure, the managing and managing the data flow based on the data flow monitoring module in the privacy computing server includes:
the data flow monitoring module monitors a data flow request;
acquiring transfer data corresponding to the data transfer request;
comparing the circulation data with circulation rules in the data circulation requirement;
and managing and controlling the data flow request based on the comparison result.
In an optional embodiment of the disclosure, the managing the data flow request based on the comparison result includes:
based on the comparison result, determining that the circulation data is identical to the circulation rule in the data circulation requirement, and not blocking the data circulation request; or alternatively, the first and second heat exchangers may be,
based on the comparison result, determining that the circulation data is different from the circulation rule in the data circulation requirement, blocking the data circulation request, generating notification information and sending the notification information to the target equipment.
The present disclosure provides a distributed server privacy calculation control apparatus, including:
the first construction module is used for constructing a privacy calculation server template;
the setting module is used for setting privacy calculation data requirements, data circulation requirements and performance requirements of privacy calculation;
a second construction module for constructing a privacy computing server based on the privacy computing server template and the privacy computing data requirements, the data flow requirements, and the performance requirements;
and the management and control module is used for managing and controlling the data flow based on the data flow monitoring module in the privacy calculation server.
The present disclosure provides an electronic device, comprising: a processor and a memory;
the processor is configured to execute the distributed server privacy calculation control method according to the foregoing embodiment by calling a program or an instruction stored in the memory.
The present disclosure provides a computer-readable storage medium storing a program or instructions that cause a computer to execute the distributed server privacy calculation control method of the foregoing embodiments.
Compared with the prior art, the technical scheme provided by the embodiment of the disclosure has the following advantages:
the method comprises the steps of constructing a privacy calculation server template, setting privacy calculation data requirements, data circulation requirements and performance requirements of privacy calculation, constructing a privacy calculation server based on the privacy calculation server template and the privacy calculation data requirements, the data circulation requirements and the performance requirements, and managing and controlling data circulation based on a data circulation monitoring module in the privacy calculation server. Therefore, the management difficulty of the privacy computing server is reduced by constructing the privacy computing server template, unified scheduling management of data flow and data computation is realized from the system level, the privacy computing server is constructed, the data flow and the like of the privacy computing server are managed and controlled, and safe use and controllable use of the privacy data are realized.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the principles of the disclosure.
In order to more clearly illustrate the embodiments of the present disclosure or the solutions in the prior art, the drawings that are required for the description of the embodiments or the prior art will be briefly described below, and it will be obvious to those skilled in the art that other drawings can be obtained from these drawings without inventive effort.
FIG. 1 is a flowchart illustrating a method for controlling privacy computation of a distributed server according to an embodiment of the disclosure;
FIG. 2 is a diagram illustrating an exemplary scenario of a distributed server privacy calculation control method according to an embodiment of the present disclosure;
FIG. 3 is a diagram illustrating an example of a scenario of another distributed server privacy calculation management method according to an embodiment of the present disclosure;
fig. 4 is a diagram illustrating a structural example of a distributed server privacy calculation control apparatus according to an embodiment of the disclosure.
Detailed Description
In order that the above objects, features and advantages of the present disclosure may be more clearly understood, a further description of aspects of the present disclosure will be provided below. It should be noted that, without conflict, the embodiments of the present disclosure and features in the embodiments may be combined with each other.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present disclosure, but the present disclosure may be practiced otherwise than as described herein; it will be apparent that the embodiments in the specification are only some, but not all, embodiments of the disclosure.
In the prior art, data is desensitized to data acquisition and circulation, but the data circulation process is not tracked and managed, and the risk that the data is shared to an unauthorized third party exists; or, in the privacy computing system based on distributed collaboration, the privacy computing system comprises a software development kit SDK (Software Development Kit, a software development kit), a controller and a plurality of privacy computing integrated machines; the controller is deployed in the edge cloud, and the plurality of privacy computing integrated machines are deployed in the private cloud; but this computing scheme does not include a method of generating a new privacy computing kiosk based on an existing privacy computing kiosk.
In view of the above problems, an embodiment of the disclosure provides a method for managing and controlling privacy computation of a distributed server, which performs unified scheduling management on data flow and data computation from a system level by establishing a privacy computation server template, realizes full-flow tracking management of a privacy computation process, solves the problem that tracking protection is lacking in a data use process, and there is risk that data is shared to unauthorized third parties, and solves the problem that a privacy computation server cannot be flexibly constructed according to data characteristics by dynamically establishing a privacy computation server based on privacy computation data characteristics. In addition, by establishing the privacy data demand and the privacy calculation management and control module, the data flow between the data warehouse and the server and the data flow between the privacy servers are invisible to the user, so that the safety and the controllability of the data flow are ensured; by establishing the data flow monitoring module, the data flow is limited to flow only directly at the server created by using the server template, so that the problem of data leakage is solved on the mechanism.
Therefore, the privacy computing server is constructed according to the data characteristics, and the data circulation, the data storage and the data use of the privacy computing server are controlled, so that the safe use and the controllable use of the privacy data are realized.
Fig. 1 is a flowchart illustrating a method for controlling privacy calculation of a distributed server according to an embodiment of the disclosure.
Step 101, constructing a privacy computation server template.
In the embodiment of the disclosure, a certain operating system version can be selected as a master of a privacy computation server according to application scene requirements, and a simple, safe, stable and high-performance system such as an NGTOS security system is required.
Further, each module, such as one or more of a data flow module, a data flow monitoring module, a privacy calculation control module and the like, is constructed on the privacy calculation server master plate as required to serve as a privacy calculation server template.
Step 102, setting privacy calculation data requirement, data circulation requirement and performance requirement of privacy calculation.
In the embodiment of the disclosure, the privacy calculation data requirement, the data flow requirement and the performance requirement can be set according to application requirements; the privacy calculation data requirement can define data characteristics such as data labels, data quantity, time ranges and the like required by calculation by referring to the data interaction function; the data flow requirement is to define a data warehouse and a privacy computing server by referring to a data interaction function, and the data interaction process between the privacy computing server and the privacy computing server is realized; the performance requirement refers to resources such as a CPU (Central Processing Unit ), a memory, a disk, and a bandwidth, which are required by the privacy calculation server in the privacy calculation process.
Step 103, constructing the privacy computing server based on the privacy computing server template and the privacy computing data requirements, the data flow requirements and the performance requirements.
In the embodiment of the disclosure, the system operation parameters of the privacy calculation server template can be configured according to the performance requirement, and the data flow module is used for importing corresponding privacy data from the data warehouse to the privacy calculation server according to the privacy calculation data requirement. The data streaming module is a built-in function of the privacy calculation server, the data transmission and storage process is invisible to the privacy calculation user, the safety of data is guaranteed, and the privacy calculation control module is used for guiding the privacy calculation customization module to the privacy calculation server.
And 104, managing and controlling the data flow based on a data flow monitoring module in the privacy computing server.
In the embodiment of the disclosure, the data flow monitoring module monitors a data flow process, including a data flow process between a data warehouse and a privacy computing server and between the privacy computing servers, and if data flow in a non-demand is found, the data flow is blocked and an alarm is generated.
In a specific embodiment, the data flow management and control method based on the data flow monitoring module in the privacy computing server comprises the following steps: the data flow monitoring module monitors the data flow request, acquires flow data corresponding to the data flow request, compares the flow data with flow rules in data flow requirements, and controls the data flow request based on comparison results.
Based on the comparison result, determining that the circulation data is identical to the circulation rule in the data circulation requirement, and not blocking the data circulation request; or based on the comparison result, determining that the circulation data is different from the circulation rule in the data circulation requirement, blocking the data circulation request, generating notification information and sending the notification information to the target equipment. The target device may be a mobile phone, a computer, etc.
In some embodiments, constructing the privacy computation server template includes: and determining a target operating system version as a privacy calculation server master, and constructing a data flow module, a data flow monitoring module and a privacy calculation management and control module based on the privacy calculation server master.
In some embodiments, constructing the privacy computing server based on the privacy computing server template and the privacy computing data requirements, the data flow requirements, and the performance requirements comprises: and configuring system operation parameters of a privacy calculation server template according to performance requirements, importing corresponding privacy data from a data warehouse to the privacy calculation server by using a data flow module based on the privacy calculation data requirements, and importing a privacy calculation customization module to the privacy calculation server by using a privacy calculation management and control module based on the data flow requirements.
In an embodiment of the disclosure, a data warehouse and a privacy computing server, and a circulation rule between the privacy computing server and the privacy computing server are acquired based on a privacy computing customization module.
In an embodiment of the present disclosure, a data stream update requirement is received; the data flow update requirement comprises a target flow rule, the current flow rule is replaced by the target flow rule, and the flow rule can be updated according to application requirements, for example, the privacy calculation server A can transfer the privacy calculation data flow to the privacy calculation server B, and the target flow rule is changed into the privacy calculation server A to transfer the privacy calculation data flow to the privacy calculation server B, so that the use requirement of a user is further met.
As an example of a scenario, as shown in fig. 2, a privacy computing server template is established, which includes a data circulation module, a data circulation monitoring module, a privacy computing management and control module, etc., then a data requirement, a data circulation requirement and a performance requirement of privacy computing are defined, a privacy computing server is established based on the privacy computing server template, and finally the data circulation is monitored and managed at the boundary of the privacy computing server by using the data circulation monitoring module. The privacy calculation server a, the privacy calculation server B, and the privacy calculation server C are included in fig. 2. Each privacy computing server comprises a circulation module, a data circulation monitoring module, a privacy computing management and control module and a database, and is connected with the data warehouse, and relevant privacy data are acquired according to the privacy computing data requirement and stored in the database.
The data flow module comprises functions of data interaction, data storage and the like; it will be appreciated that the data interaction functionality includes the privacy computing server pulling data from the data warehouse and interacting with other privacy computing servers. The function defines the data content to be streamed based on the data labels of the data warehouse and uses secure data transmission techniques to enable the streaming of data between distributed nodes.
Specifically, as shown in table 1: the source address refers to an IP (Internet Protocol ) address of a data owner, the destination address refers to a data interaction destination IP address, the data tag refers to a data classification standard provided by a data warehouse, the data feature refers to key information capable of identifying circulation data, the circulation mode refers to a data transmission mode, the data quantity refers to an upper limit of the required circulation data, and the starting time refers to the starting time and the ending time of circulation data.
Table 1 key features of data interaction module
The data storage function refers to the internal storage of data in the privacy calculation servers, and specifically includes data acquired from a data warehouse, circulation data among the privacy calculation servers, privacy calculation results and the like.
The data flow monitoring module can monitor data flow among the data warehouse, the privacy computing server and the privacy computing server, timely block illegal data flow and avoid data leakage. The basis for judging whether the privacy calculation server is illegal or not is the data flow requirement provided when a new privacy calculation server is constructed.
The privacy calculation management and control module comprises a privacy calculation customization module importing function and a privacy calculation customization module authority management function. The privacy calculation control supports the safe import of the customization module, and the authority in the privacy calculation process is uniformly managed by establishing a user and a user group with uniform privacy calculation, as shown in table 2.
Table 2 Key technical characteristics table of privacy calculation control module
Wherein, the privacy calculation data requirement refers to a data interaction function (such as table 1), and data labels, data quantity, time ranges and the like required by calculation are defined; the data flow requirement refers to the data interaction function (such as table 1), and defines a data warehouse and a server, and a data interaction process between the servers; the performance requirement refers to resources such as a CPU, a memory, a disk, a bandwidth and the like required by the privacy calculation server in the privacy calculation process.
It can be understood that in the field of distributed server privacy computing management and control, based on a safe and controllable privacy computing server template, the whole data flow is managed and controlled, and the use and circulation of the data are safe and controllable.
As an example, based on a fully autonomous definition NGTOS security system, the process of constructing a privacy computation server template and constructing a new privacy computation server using the embodiments of the present disclosure is described, solving the problem that the privacy computation server cannot be flexibly created according to the data characteristics.
Specifically, as shown in fig. 3, a privacy computing server template is created, and the selected operating system master is an NGTOS security system, wherein the data flow module uses the identity authentication mode of the data warehouse to authenticate, and a corresponding Rest (Representational State Transfer ) interface to pull data; the data flow monitoring module is a flow monitoring module integrated by a firewall from a World Wide WEB (WEB) application; the privacy computing management and control module supports an FTP (File Transfer Protocol ) mode to import the customization module, and uses a user management mechanism of the system to carry out authority management on the privacy computing user, and meanwhile defines a standard Rest interface and interacts with the original data of the data warehouse.
Further, for example, define a privacy calculation server B requirement, a privacy calculation data requirement: { data tag: device status, data volume: 2T, time frame 2021-up to now …; data flow requirement: type { type: a data warehouse, a privacy computation server, 10.0.0.3.10.0.1 }; type { type: a privacy calculation server, 10.0.0.3 10.0.0.4}; performance requirements: { CPU:8 core, memory: 32G, magnetic disk: 3T, … }.
Further, a privacy calculation server B is created: and creating a new virtual machine by using the privacy calculation server template mirror image, performing system configuration according to the performance requirement, inputting the server requirement defined above into the privacy calculation server B, pulling corresponding privacy data from a database according to the data flow requirement, and storing the data in the privacy calculation server. The process is invisible to the user, the data is ensured to be safe and controllable, the privacy calculation management and control module is used for importing the privacy calculation module customized by the user, the privacy calculation server B is built, and the privacy calculation is started.
Specifically, based on a fully autonomous defined NGTOS security system, a working mechanism of a data flow monitoring module provided by the embodiment of the disclosure is described, and the problem that privacy data flow cannot be tracked and controlled in the privacy calculation process is solved.
Continuing with the illustration of FIG. 3, the private data is pulled from the database to the private computing server B, and the data flow monitoring module monitors the http request of 10.0.0.3 to 10.0.1, and pulls the data to the local database for storage. By comparing the data flow requirement in the previous example, the data flow meets the predefined data flow requirement, so that the data flow is normal; the privacy computing server B transmits data to the privacy computing server a, the data flow monitoring module monitors the http request from 10.0.0.3 to 10.0.2, the privacy computing server B attempts to transmit the data privacy computing server a, and the data flow rule is not included by comparing with the data flow requirement in the previous example, so that the data flow is blocked, and an administrator is notified to process.
Therefore, the management difficulty of the privacy computing server is reduced by constructing the privacy computing server template, and the problem that a distributed server is required to be repeatedly constructed because of different data characteristics is solved; the unified scheduling management is carried out on the data flow and the data calculation from the system level, so that the problem that tracking protection is absent in the data use process, and the risk that the data is shared to an unauthorized third party exists is solved; the data transfer module is built in the privacy calculation server template, so that data transmission, storage and isolation of a data warehouse to a privacy calculation server are realized, and the use of the data warehouse is ensured to be safe and controllable; the privacy calculation module is isolated from the system through the import support of the privacy calculation server template to the customized privacy calculation module, so that the user is focused on the service and the working efficiency is improved; the privacy data flow monitoring module is arranged in the privacy computing server to monitor the whole flow of the privacy data, so that the problem that the privacy data flow is uncontrollable is solved.
Corresponding to the method provided by the embodiment of fig. 1 to 3, the present disclosure further provides an apparatus, and since the apparatus provided by the embodiment of the present disclosure corresponds to the method provided by the embodiment of fig. 1 to 3, the implementation of the method is also applicable to the apparatus provided by the embodiment of the present disclosure, and will not be described in detail in the embodiment of the present disclosure.
Fig. 4 is a schematic structural diagram of a distributed server privacy calculation management and control device according to an embodiment of the disclosure.
As shown in fig. 4, the distributed server privacy calculation control apparatus includes:
a first construction module 201, configured to construct a privacy computation server template;
a setting module 202, configured to set a privacy calculation data requirement, a data circulation requirement and a performance requirement of the privacy calculation;
a second construction module 203, configured to construct a privacy calculation server based on the privacy calculation server template and the privacy calculation data requirement, the data flow requirement, and the performance requirement;
and the management and control module 204 is used for managing and controlling the data flow based on the data flow monitoring module in the privacy calculation server.
In some embodiments, the first building module 201 is specifically configured to:
determining a target operating system version as a privacy computing server master;
and constructing a data flow module, a data flow monitoring module and a privacy calculation management and control module based on the privacy calculation server master plate.
In some embodiments, the second construction module 203 is specifically configured to:
configuring system operation parameters of the privacy computation server template according to the performance requirements;
importing corresponding privacy data from a data warehouse to the privacy computing server by using a data flow module based on the privacy computing data requirement;
and importing a privacy calculation customization module to the privacy calculation server by using the privacy calculation management and control module based on the data flow requirement.
In some embodiments, the data warehouse and the privacy computing server, and the flow rules between the privacy computing server and the privacy computing server are obtained based on the privacy computing customization module.
In some embodiments, the apparatus further comprises:
the updating module is used for receiving the data flow updating requirement; wherein the data flow update requirement comprises a target flow rule;
and replacing the current circulation rule with the target circulation rule.
In some embodiments, the management module 204 includes:
the monitoring unit is used for monitoring the data flow request by the data flow monitoring module;
the acquisition unit is used for acquiring the circulation data corresponding to the data circulation request;
the comparison unit is used for comparing the circulation data with circulation rules in the data circulation requirement;
and the processing unit is used for controlling the data flow request based on the comparison result.
In some embodiments, the processing unit is specifically configured to:
based on the comparison result, determining that the circulation data is identical to the circulation rule in the data circulation requirement, and not blocking the data circulation request; or alternatively, the first and second heat exchangers may be,
based on the comparison result, determining that the circulation data is different from the circulation rule in the data circulation requirement, blocking the data circulation request, generating notification information and sending the notification information to the target equipment.
The privacy calculation management and control device of the distributed server sets privacy calculation data requirements, data flow requirements and performance requirements of privacy calculation by constructing a privacy calculation server template, constructs a privacy calculation server based on the privacy calculation server template and the privacy calculation data requirements, the data flow requirements and the performance requirements, and manages and controls data flow based on a data flow monitoring module in the privacy calculation server. Therefore, the management difficulty of the privacy computing server is reduced by constructing the privacy computing server template, unified scheduling management of data flow and data computation is realized from the system level, the privacy computing server is constructed, the data flow and the like of the privacy computing server are managed and controlled, and safe use and controllable use of the privacy data are realized.
It should be noted that in this document, relational terms such as "first" and "second" and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing is merely a specific embodiment of the disclosure to enable one skilled in the art to understand or practice the disclosure. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the disclosure. Thus, the present disclosure is not intended to be limited to the embodiments shown and described herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (8)
1. The distributed server privacy calculation control method is characterized by comprising the following steps of:
constructing a privacy computing server template;
setting privacy calculation data requirements, data flow requirements and performance requirements of privacy calculation;
constructing a privacy computing server based on the privacy computing server template and the privacy computing data requirements, the data flow requirements, and the performance requirements;
managing and controlling data flow based on a data flow monitoring module in the privacy computing server;
the constructing a privacy computing server template comprises the following steps:
determining a target operating system version as a privacy computing server master; constructing a data flow module, a data flow monitoring module and a privacy calculation management and control module based on the privacy calculation server master plate;
wherein said constructing a privacy computing server based on said privacy computing server template and said privacy computing data requirements, said data flow requirements, and said performance requirements, comprises:
configuring system operation parameters of the privacy computation server template according to the performance requirements; importing corresponding privacy data from a data warehouse to the privacy computing server by using a data flow module based on the privacy computing data requirement; and importing a privacy calculation customization module to the privacy calculation server by using the privacy calculation management and control module based on the data flow requirement.
2. The distributed server privacy calculation control method of claim 1,
and acquiring a data warehouse, the privacy computing server and a circulation rule between the privacy computing server and the privacy computing server based on the privacy computing customization module.
3. The distributed server privacy calculation control method of claim 2, further comprising:
receiving a data flow update requirement; wherein the data flow update requirement comprises a target flow rule;
and replacing the current circulation rule with the target circulation rule.
4. The method for controlling and managing privacy computation of a distributed server according to claim 1, wherein the controlling and managing data streams based on the data stream monitoring module in the privacy computation server comprises:
the data flow monitoring module monitors a data flow request;
acquiring transfer data corresponding to the data transfer request;
comparing the circulation data with circulation rules in the data circulation requirement;
and managing and controlling the data flow request based on the comparison result.
5. The method for controlling privacy computation of a distributed server according to claim 4, wherein the controlling the data flow request based on the comparison result comprises:
based on the comparison result, determining that the circulation data is identical to the circulation rule in the data circulation requirement, and not blocking the data circulation request; or alternatively, the first and second heat exchangers may be,
based on the comparison result, determining that the circulation data is different from the circulation rule in the data circulation requirement, blocking the data circulation request, generating notification information and sending the notification information to the target equipment.
6. A distributed server privacy computing management and control apparatus, comprising:
the first construction module is used for constructing a privacy calculation server template;
the setting module is used for setting privacy calculation data requirements, data circulation requirements and performance requirements of privacy calculation;
a second construction module for constructing a privacy computing server based on the privacy computing server template and the privacy computing data requirements, the data flow requirements, and the performance requirements;
the management and control module is used for managing and controlling data flow based on the data flow monitoring module in the privacy computing server;
the first construction module is specifically configured to determine a target operating system version as a master set of the privacy calculation server; constructing a data flow module, a data flow monitoring module and a privacy calculation management and control module based on the privacy calculation server master plate;
the second construction module is specifically configured to configure system operation parameters of the privacy calculation server template according to the performance requirement; importing corresponding privacy data from a data warehouse to the privacy computing server by using a data flow module based on the privacy computing data requirement; and importing a privacy calculation customization module to the privacy calculation server by using the privacy calculation management and control module based on the data flow requirement.
7. An electronic device, comprising: a processor and a memory;
the processor is adapted to perform the steps of the method according to any one of claims 1 to 5 by invoking a program or instruction stored in the memory.
8. A computer readable storage medium storing a program or instructions for causing a computer to perform the steps of the method according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211434437.7A CN115766230B (en) | 2022-11-16 | 2022-11-16 | Distributed server privacy calculation control method, device, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211434437.7A CN115766230B (en) | 2022-11-16 | 2022-11-16 | Distributed server privacy calculation control method, device, equipment and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115766230A CN115766230A (en) | 2023-03-07 |
| CN115766230B true CN115766230B (en) | 2023-08-25 |
Family
ID=85372642
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211434437.7A Active CN115766230B (en) | 2022-11-16 | 2022-11-16 | Distributed server privacy calculation control method, device, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115766230B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104506487A (en) * | 2014-11-21 | 2015-04-08 | 北京工业大学 | Credible execution method for privacy policy in cloud environment |
| CN107135223A (en) * | 2017-05-11 | 2017-09-05 | 成都四象联创科技有限公司 | The data persistence method of Mass Data Management system |
| CN113220949A (en) * | 2021-05-12 | 2021-08-06 | 支付宝(杭州)信息技术有限公司 | Construction method and device of private data identification system |
| CN113779613A (en) * | 2021-11-05 | 2021-12-10 | 深圳致星科技有限公司 | Data management method and device for secure data network for federal learning |
| CN114969832A (en) * | 2022-07-28 | 2022-08-30 | 天聚地合(苏州)科技股份有限公司 | Private data management method and system based on server-free architecture |
-
2022
- 2022-11-16 CN CN202211434437.7A patent/CN115766230B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104506487A (en) * | 2014-11-21 | 2015-04-08 | 北京工业大学 | Credible execution method for privacy policy in cloud environment |
| CN107135223A (en) * | 2017-05-11 | 2017-09-05 | 成都四象联创科技有限公司 | The data persistence method of Mass Data Management system |
| CN113220949A (en) * | 2021-05-12 | 2021-08-06 | 支付宝(杭州)信息技术有限公司 | Construction method and device of private data identification system |
| CN113779613A (en) * | 2021-11-05 | 2021-12-10 | 深圳致星科技有限公司 | Data management method and device for secure data network for federal learning |
| CN114969832A (en) * | 2022-07-28 | 2022-08-30 | 天聚地合(苏州)科技股份有限公司 | Private data management method and system based on server-free architecture |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115766230A (en) | 2023-03-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105577780B (en) | A kind of college teaching cloud platform based on micro services | |
| US10462018B2 (en) | Managing a number of secondary clouds by a master cloud service manager | |
| US10542094B2 (en) | Internet of things | |
| CN109478149A (en) | Mix the access service in cloud computing system | |
| US9077717B2 (en) | Propagation and adoption of extensions across applications in networked solutions | |
| CN108370379B (en) | Device management method and system with tunnel | |
| EP2771803B1 (en) | File fetch from a remote client device | |
| WO2019138129A1 (en) | Method and system for managing access to artifacts in a cloud computing environment | |
| CN101626363B (en) | Convergence service device and system, and convergence service establishing and using methods | |
| US9571495B2 (en) | Methods and systems for authorizing web service requests | |
| Bracciale et al. | Lightweight named object: An ICN-based abstraction for IoT device programming and management | |
| CN111309374A (en) | Micro-service system and service calling method in micro-service system | |
| US11503028B2 (en) | Secure remote troubleshooting of private cloud | |
| JP2019522282A (en) | Secure configuration of cloud computing nodes | |
| US11275572B2 (en) | Systems and methods for providing a packaged plurality of application data within a group-based communication system | |
| US10908970B1 (en) | Data interface for secure analytic data system integration | |
| Ramos et al. | Distributing intelligence to the edge and beyond [research frontier] | |
| US8516602B2 (en) | Methods, apparatuses, and computer program products for providing distributed access rights management using access rights filters | |
| US11924284B1 (en) | Automated security, orchestration, automation, and response (SOAR) app generation based on application programming interface specification data | |
| CN115766230B (en) | Distributed server privacy calculation control method, device, equipment and medium | |
| Costa et al. | Enhancing orchestration and infrastructure programmability in SDN with notoriety | |
| CN113840013B (en) | Document system for hierarchical management | |
| US11848923B2 (en) | Secure peer-to-peer connection network and associated protocols for a group-based communication system | |
| WO2015149530A1 (en) | M2m application service method, device and system | |
| US20240129306A1 (en) | Service to service communication and authentication via a central network mesh |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |