本說明書實施例提供一種基於隱私資訊保護的資料查詢方法、裝置、設備及系統。
為了使本技術領域的人員更好地理解本說明書中的技術方案,下面將結合本說明書實施例中的附圖,對本說明書實施例中的技術方案進行清楚、完整地描述,顯然,所描述的實施例僅僅是本說明書一部分實施例,而不是全部的實施例。基於本說明書中的實施例,本領域普通技術人員在沒有作出進步性勞動前提下所獲得的所有其他實施例,都應當屬於本檔案保護的範圍。
實施例一
如圖1所示,本說明書實施例提供一種基於隱私資訊保護的資料查詢方法,該方法的執行主體可以為終端設備或伺服器,其中,該終端設備可以如手機、平板電腦等移動終端設備,也可以如個人電腦等設備,該伺服器可以是一個獨立的伺服器,還可以是由多個伺服器構成的伺服器叢集等。該伺服器可以是某項業務(如借貸類等金融業務等)的後臺伺服器,也可以是某應用(如金融類應用)的後臺伺服器等。該終端設備或伺服器可以是查詢方的終端設備或伺服器。該方法可以應用於進行個人資訊或個人資料的查詢中。該方法具體可以包括以下步驟:
在步驟S102中,向第三方的終端設備發送資料查詢請求,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是基於被查詢方的加密金鑰對預定資訊進行加密處理得到。
其中,第三方可以是能夠整合查詢方與被查詢方的相關資料以實現聯防聯控的一方。目標使用者可以是查詢方需要查詢的物件,可以是任意使用者。個人資訊可以以電子或者其他方式記錄的能夠單獨或者與其他資訊結合識別特定使用者身份或者反映特定使用者活動情況的各種資訊,個人資訊可以包括如姓名、身份證件號碼、通信通訊聯繫方式、住址、帳號密碼、財產狀況、出生日期、行蹤軌跡等。個人資訊中的預定資訊可以是個人資訊中的部分資訊,可以是對目標使用者有重要意義的資訊,如出生日期、通信通訊聯繫方式等,或者可以是上述資訊中的部分資訊等,如通信通訊聯繫方式為手機號碼,預定資訊可以是手機號碼中第4位-第7位元的4位元數字等。查詢方可以查詢某資料的一方。被查詢方可以是為查詢方提供資料查詢服務,並將查詢方需要查詢的資料提供查詢方的一方,具體如不同的銀行結構等。被查詢方可以包括一個或多個,對於被查詢方包括多個的情況,每個被查詢方均可以設置有一個或多個可供查詢的資料庫。加密金鑰可以是用於對某資料進行加密的金鑰,在實際應用中,加密金鑰可以是公開金鑰,也可以是私密金鑰。
在實施中,隨著網際網路技術和金融行業的逐步結合,越來越多的銀行機構、金融公司、網際網路公司開始開展網路小貸業務。同時,傳統的征信無法覆蓋的白戶逐漸成為網路借貸的主力人群。新興的網路小貸公司具有數量多,體量小等特徵,由於不同金融公司或金融機構的借貸資料相互隔離,互不共用,因此,已逐漸成為資訊孤島,“多頭借貸”也逐漸成為信貸風控的重災區。基於此,當前出現了一些第三方機構,該第三方整合了不同金融公司或金融機構的借貸資料,以實現對貸款資料的聯防聯控。
通常,對資料進行聯防聯控,可以通過下述方式實現:多家金融機構和第三方機構組成聯盟,金融機構將其借貸資料使用某種雜湊演算法進行加密,並且與第三方約定進行資料查詢時所使用的加密演算法。具體如下:查詢方的終端設備使用約定的雜湊演算法對查詢中所使用的資訊進行加密,然後,呼叫第三方的終端設備機構的預定介面,第三方的終端設備將資料查詢請求轉發到其它金融機構的終端設備,其它金融機構根據加密後的資訊進行匹配,並返回查詢結果給第三方的終端設備,第三方的終端設備再將查詢結果返回給查詢方的終端設備。
然而,上述方式下會存在資料多方洩露的問題,首先,儘管查詢中所使用的資訊是被加密處理的,但是被查詢方擁有查詢中所使用的資訊和加密金鑰的映射關係,可以通過上述映射關係反推出查詢中所使用的資訊,另外,查詢方和被查詢方屬於同業競爭關係,從本質上看,使用者的借貸資料從查詢方被洩露給被查詢方。此外,因為借貸資料是金融機構的核心資料,因此,各個金融機構不願意將各自的借貸資料分享給其它機構。同時,第三方作為中間商,也可能會落下查詢方和被查詢方的借貸資料,為此,需要一種資料查詢更加準確,資料查詢過程中資料更加安全的技術方案。本說明書實施例提供一種可行的處理方案,具體可以包括以下內容:
為了方便查詢方查詢某資料,第三方的終端設備可以設置相應的查詢機制,並可以為該查詢機制開發相應的應用程式。可以將該應用程式分別提供給查詢方的終端設備和被查詢方的終端設備。當查詢方需要查詢某項資料時,查詢方的終端設備可以啟動其終端設備中安裝的該應用程式,查詢方的終端設備可以觸發該應用程式中的查詢機制執行,此時,查詢方的終端設備可以獲取待查詢的目標使用者的個人資訊,為了確保目標使用者的個人資訊在資料查詢的過程中不被洩露,終端設備可以對該個人資訊進行加密處理。此外,考慮到如果對個人資訊的全部內容進行加密處理,則被查詢方的終端設備將無法進行資料的檢索,為此,可以對個人資訊中的部分資訊(即預定資訊)進行加密處理,這樣,被查詢方的終端設備可以基於剩餘的部分資訊(除預定資訊外的資訊)進行資料的檢索。然而,上述方式中,被查詢方的終端設備檢索到的資料中會包含較多冗餘資料,為了給查詢方的終端設備返回其查找的準確資料,被查詢方的終端設備需要對加密處理的部分資訊進行解密,因此,查詢方的終端設備還可以預先獲取被查詢方的終端設備加密金鑰,並可以基於被查詢方的終端設備的加密金鑰對目標使用者的個人資訊中的部分資訊進行加密處理,得到包含密文和明文的個人資訊。可以基於該個人資訊產生資料查詢請求,查詢方的終端設備可以將資料查詢請求發送給第三方的終端設備。
在步驟S104中,接收第三方的終端設備發送的上述資料查詢請求對應的查詢結果資料。
其中,查詢結果資料可以是資料查詢請求所請求查詢的資料,例如,查詢方需要查詢該目標使用者的借貸次數,則查詢結果資料可以是目標使用者的借貸次數的數值,如3次或5次等。
在實施中,查詢方的終端設備可以通過第三方的終端設備向被查詢方的終端設備發送資料查詢請求,被查詢方的終端設備接收到該資料查詢請求後,可以從該資料查詢請求中提取目標使用者的個人資訊,由於個人資訊中包含明文和密文,因此,可以只使用個人資訊中的明文進行模糊查詢,查詢到的結果中會包含與個人資訊對應的查詢結果資料,被查詢方的終端設備可以將查詢到的查詢結果資料發送給第三方的終端設備。第三方的終端設備可以對被查詢方的終端設備返回的查詢結果進行整合,得到最終的查詢結果資料,然後,可以將該查詢結果資料發送給查詢方的終端設備。查詢方的終端設備可以通過終端設備接收第三方的終端設備發送的上述資料查詢請求對應的查詢結果資料。
本說明書實施例提供一種基於隱私資訊保護的資料查詢方法,通過向第三方的終端設備發送資料查詢請求,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是基於被查詢方的加密金鑰對預定資訊進行加密處理得到,然後,接收第三方的終端設備發送的資料查詢請求對應的查詢結果資料,這樣,通過將待查詢的目標使用者的個人資訊中的部分資訊進行加密處理,使得資料在查詢的過程中不會被洩露,提高了資料的安全性。
實施例二
如圖2所示,本說明書實施例提供一種基於隱私資訊保護的資料查詢方法,該方法的執行主體可以為終端設備或伺服器,其中,該終端設備可以如手機、平板電腦等移動終端設備,也可以如個人電腦等設備,該伺服器可以是一個獨立的伺服器,還可以是由多個伺服器構成的伺服器叢集等。該伺服器可以是某項業務(如借貸類等金融業務等)的後臺伺服器,也可以是某應用(如金融類應用)的後臺伺服器等。該終端設備或伺服器可以是被查詢方的終端設備或伺服器。該方法可以應用於進行個人資訊或個人資料的查詢中。該方法具體可以包括以下步驟:
在步驟S202中,接收第三方的終端設備發送的資料查詢請求,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是查詢方的終端設備基於被查詢方的加密金鑰對預定資訊進行加密處理得到。
在實施中,查詢方的終端設備可以通過第三方的終端設備向被查詢方的終端設備發送資料查詢請求,具體處理過程可以參見上述實施例一中步驟S102的相關內容,在此不再贅述。被查詢方的終端設備可以接收查詢方的終端設備通過第三方的終端設備發送的資料查詢請求。
在步驟S204中,根據上述資料查詢請求中個人資訊的明文,獲取與該明文相匹配的預選查詢結果資料。
在實施中,被查詢方的終端設備接收到資料查詢請求後,可以從該資料查詢請求中提取個人資訊,由於個人資訊中的預定資訊為密文,無法進行後續的資料查詢,因此,可以只使用個人資訊中的明文進行模糊查詢,可以將模糊查詢到的資料作為與該明文相匹配的預選查詢結果資料。其中,由於預選查詢結果資料是通過個人資訊中的部分資訊而查詢到的資料,因此,預選查詢結果資料中可能不僅僅包含了與個人資訊匹配的資料,還包括很多其它資料。
例如,資料查詢請求中的個人資訊為身份證件號碼(18位元字元的號碼),由於身份證件號碼中包括目標使用者的出生日期,而出生日期對目標使用者來說是非常重要的資訊,因此,可以基於被查詢方的加密金鑰對身份證件號碼中的出生日期進行加密處理,而剩餘的部分資訊為明文,即18位元字元的身份證件號碼中,對位於第7位~第14位元的字元進行加密處理,位於第1位~第6位和第15位~第18位元的字元保持明文。然後,可以使用位於第1位~第6位和第15位~第18位元的明文的字元查詢相應的資料,即查找身份證件號碼中第1位~第6位和第15位~第18位元分別與上述個人資訊中的第1位元~第6位和第15位~第18位元的字元完全相同的身份證件號碼對應的相關資料,例如,需要查詢的是身份證件號碼為100000198011110000的用戶的貸款次數,則可以將上述身份證件號碼中的出生日期進行加密處理,如加密處理後的身份證件號碼可以為100000aaaaaaaa0000,然後,可以查找滿足前6位分別為100000,最後4位分別為0000,剩餘8位元為任意字元的身份證件號碼,並獲取查找到的身份證件號碼的用戶的貸款次數,則查找到的身份證件號碼的用戶的貸款次數即為預選查詢結果資料。
需要說明的是,查找到的身份證件號碼的用戶的貸款次數中會包含身份證件號碼為100000198011110000的用戶的貸款次數。
在步驟S206中,在預定的可信環境中,基於預定的解密金鑰對個人資訊的密文進行解密處理,並基於解密後的個人資訊,從預選查詢結果資料中獲取解密後的個人資訊對應的預選查詢結果資料,並將獲取的預選查詢結果資料作為資料查詢請求對應的查詢結果資料發送給第三方的終端設備。
其中,可信環境可以是安全並與其它環境相隔離的資料處理環境,在可信環境中執行的處理,以及資料處理的過程中產生的資料等無法被第三方、查詢方和被查詢方所知曉。解密金鑰可以是對使用相應的加密金鑰對某資料進行加密處理後的資料進行解密的金鑰,解密金鑰和相應的加密金鑰可以是以對金鑰,如公開金鑰和私密金鑰,如果加密金鑰為公開金鑰,則解密金鑰可以為私密金鑰,如果加密金鑰為私密金鑰,則解密金鑰可以為公開金鑰等。
在實施中,為了保證目標使用者的個人資訊不被洩露,可以將個人資訊置於可信環境中,然後,可以在可信環境中執行下述操作或處理:由於預選查詢結果資料中包括除資料查詢請求對應的查詢結果資料之外的很多資料,為了給查詢方的終端設備返回準確的查詢結果資料,可以確定完整的個人資訊,為此,需要對個人資訊中的密文進行解密,具體地,由於個人資訊中的密文是通過被查詢方的終端設備的加密金鑰進行加密處理得到的,因此,可以使用被查詢方的終端設備的解密金鑰對個人資訊中的密文進行解密處理,得到解密後的完整的個人資訊。其中,解密處理的過程和解密後的個人資訊均處於可信環境中,其它應用程式或執行環境等無法獲取解密後的個人資訊和上述解密處理過程的相關資料,從而保證資料的安全性。
此外,得到解密後的個人資訊後,可以基於該解密後的個人資訊獲取準確的查詢結果資料,具體地,通過上述方式被查詢方的終端設備查詢到預選查詢結果資料後,可以在可信環境中,確定該個人資訊對應的查詢結果資料,即可以在預選查詢結果資料中查找解密後的個人資訊,如果未查找到解密後的個人資訊,則可以不做任何處理或向查詢方的終端設備發送未查找到相關資料的提示資訊,如果查找到解密後的個人資訊,則可以獲取該解密後的個人資訊對應的預選查詢結果資料,並可以將該預選查詢結果資料作為資料查詢請求對應的查詢結果資料。被查詢方的終端設備可以將查詢結果資料發送給第三方的終端設備,第三方的終端設備可以將該查詢結果資料轉發給查詢方的終端設備。
通過上述處理,第三方只能得到包含明文和密文的個人資訊,以及查詢結果資料,而且,無法通過反向查詢等方式確定解密後的個人資訊或個人資訊中的密文。由於密文的解密和查詢結果資料的返回均是在可信環境中執行,因此,被查詢方只能得到包含明文和密文的個人資訊,以及預選查詢結果資料,而且,無法通過預選查詢結果資料推斷出解密後的個人資訊或個人資訊中的密文。因此,在上述資料查詢的過程中,提高了資料的安全性。
本說明書實施例提供一種基於隱私資訊保護的資料查詢方法,通過在接收到第三方的終端設備發送的資料查詢請求後,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是查詢方的終端設備基於被查詢方的加密金鑰對預定資訊進行加密處理得到,然後,根據個人資訊中的明文,獲取與明文相匹配的預選查詢結果資料,從而使得被查詢方無法知曉查詢方所要真正查詢的結果資料,另外,在預定的可信環境中,對個人資訊中的密文進行解密處理,並基於解密後的個人資訊,從預選查詢結果資料中獲取資料查詢請求對應的查詢結果資料,併發送給第三方的終端設備,使得被查詢方無法獲取解密後的相關資訊和查詢結果資料,而只能得到包含明文和密文的個人資訊,以及預選查詢結果資料,而且,無法通過預選查詢結果資料推斷出解密後的個人資訊或個人資訊中的密文,提高了資料的安全性。
實施例三
如圖3所示,本說明書實施例提供一種基於隱私資訊保護的資料查詢方法,該方法的執行主體可以為終端設備或伺服器,其中,該終端設備可以如手機、平板電腦等移動終端設備,也可以如個人電腦等設備,該伺服器可以是一個獨立的伺服器,還可以是由多個伺服器構成的伺服器叢集等。該伺服器可以是某項業務(如借貸類等金融業務等)的後臺伺服器,也可以是某應用(如金融類應用)的後臺伺服器等。該終端設備或伺服器可以是能夠整合查詢方與被查詢方的相關資料以實現聯防聯控的第三方的終端設備或伺服器。該方法可以應用於進行個人資訊或個人資料的查詢中。該方法具體可以包括以下步驟:
在步驟S302中,接收查詢方的終端設備發送的資料查詢請求,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是基於被查詢方的加密金鑰對預定資訊進行加密處理得到。
查詢方的終端設備向第三方的終端設備發送資料查詢請求的具體處理過程可以參見上述實施例一中步驟S102的相關內容,在此不再贅述。第三方的終端設備可以接收查詢方的終端設備發送的資料查詢請求。
在步驟S304中,將上述資料查詢請求發送給被查詢方的終端設備。
在步驟S306中,接收被查詢方的終端設備針對上述資料查詢請求返回的查詢結果資料,並將該查詢結果資料發送給查詢方的終端設備。
被查詢方的終端設備確定資料查詢請求對應的資料查詢結果的具體處理過程可以參見上述實施例二中步驟S204和步驟S206的相關內容,在此不再贅述。被查詢方的終端設備確定資料查詢請求對應的資料查詢結果後,可以將該查詢結果資料發送給第三方的終端設備,第三方的終端設備可以接收被查詢方的終端設備針對上述資料查詢請求返回的查詢結果資料,然後,可以將該查詢結果資料發送給查詢方的終端設備。
通過上述處理,第三方只能得到包含明文和密文的個人資訊,以及查詢結果資料,而且,無法通過反向查詢等方式確定解密後的個人資訊或個人資訊中的密文。
本說明書實施例提供一種基於隱私資訊保護的資料查詢方法,通過接收查詢方的終端設備發送的資料查詢請求,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是基於被查詢方的加密金鑰對預定資訊進行加密處理得到,將上述資料查詢請求發送給被查詢方的終端設備,並從被查詢方的終端設備獲取返回的查詢結果資料,這樣,通過將待查詢的目標使用者的個人資訊中的部分資訊進行加密處理,使得資料在查詢的過程中不會被洩露,提高了資料的安全性。
實施例四
如圖4(a)所示,本說明書實施例提供一種基於隱私資訊保護的資料查詢方法,該方法可以由查詢方的終端設備、第三方的終端設備和被查詢方的終端設備共同完成,其中,各方的終端設備可以如手機、平板電腦等移動終端設備,也可以如個人電腦或伺服器等設備,該伺服器可以是一個獨立的伺服器,還可以是由多個伺服器構成的伺服器叢集等。該伺服器可以是某項業務(如借貸類等金融業務等)的後臺伺服器,也可以是某應用(如金融類應用)的後臺伺服器等。第三方可以是能夠整合查詢方與被查詢方的相關資料以實現聯防聯控的一方。該方法可以應用於進行個人資訊或個人資料的查詢中。該方法該具體可以包括以下步驟:
在步驟S402中,查詢方的終端設備建立第一加密金鑰和相應的第一解密金鑰。
在實施中,如圖4(b)所示,為了確保在資料查詢的過程中資料的安全性,第三方可以根據實際情況(如業務需求、用戶要求等)建立軟體開發套件SDK(Software Development Kit),並可以將該SDK分別部署到查詢方的終端設備和被查詢方的終端設備的應用環境中,此外,該SDK的原始程式碼可以向查詢方和被查詢方公開。通過部署在查詢方的終端設備和被查詢方的終端設備的預定SDK,可以為資料的處理提供可信環境。這樣,查詢方的終端設備和被查詢方的終端設備可以通過該可信環境產生金鑰,以及通過金鑰對密文進行解密處理等。如圖4(b)所示,為了確保資料查詢過程中資料的安全性,查詢方的終端設備和被查詢方的終端設備可以通過第三方的終端設備進行金鑰交換,具體可以通過相應的金鑰交換演算法實現,其中的金鑰交換演算法可以包括多種,如Diffie-Hellman演算法或者Oakley演算法等,具體可以根據實際情況選取相應的演算法,本說明書實施例對此不做限定。金鑰交換處理可以由查詢方的終端設備通過預定SDK發起,也可以由被查詢方的終端設備通過預定SDK發起等,本實施中以查詢方的終端設備發起為例,當查詢方需要查詢某資料時,查詢方的終端設備可以為需要進行的資料查詢處理建立金鑰對,即查詢方的終端設備的SDK可以基於預定的金鑰交換演算法,使用如OpenSSL為需要進行的資料查詢處理建立第一加密金鑰和相應的第一解密金鑰,如第一加密金鑰可以是查詢方的公開金鑰,第一解密金鑰可以是查詢方的私密金鑰等。
在步驟S404中,查詢方的終端設備將第一加密金鑰通過第三方的終端設備發送給被查詢方的終端設備。
在實施中,如圖4(b)所示,查詢方的終端設備的SDK可以將第一加密金鑰發送給第三方的終端設備,第三方的終端設備可以將第一加密金鑰發送給被查詢方的終端設備的SDK。
在步驟S406中,被查詢方的終端設備基於第一加密金鑰產生第二加密金鑰和相應的第二解密金鑰,將第二加密金鑰通過第三方的終端設備發送給查詢方的終端設備。
在實施中,如圖4(b)所示,被查詢方的終端設備的SDK接收到查詢方的終端設備的SDK通過第三方的終端設備發送的第一加密金鑰後,可以基於第一加密金鑰,使用如OpenSSL建立第二加密金鑰和相應的第二解密金鑰,其中,第二加密金鑰可以是被查詢方的公開金鑰,第二解密金鑰可以是被查詢方的私密金鑰等。然後,被查詢方的終端設備的SDK可以將第二加密金鑰發送給第三方的終端設備,第三方的終端設備可以將該第二加密金鑰發送給查詢方的終端設備。
在步驟S408中,被查詢方的終端設備將第一加密金鑰和第二解密金鑰作為被查詢方的金鑰對。
在步驟S410中,查詢方的終端設備將第二加密金鑰和第一解密金鑰作為查詢方的金鑰對。
需要說明的是,上述步驟S408和步驟S410的處理的執行順序並不限於上述方式,在實際應用中,還可以先執行步驟S410的處理,之後再執行步驟S408的處理,或者,同時執行步驟S408和步驟S410的處理等,本說明書實施例對此不做限定。
通過上述處理,由於查詢方的終端設備和被查詢方的金鑰對的產生,以及金鑰的交換過程均是在第三方提供的SDK中實現,這樣,第三方、查詢方和被查詢方均無法感知上述處理過程,而且也無法獲取上述過程中產生的相關資料,從而保證資料的安全性。
在步驟S412中,查詢方的終端設備獲取被查詢方的終端設備的加密金鑰和待查詢的目標使用者的個人資訊。
在實施中,當查詢方需要查詢與目標使用者相關的某項資訊時,可以獲取目標使用者的個人資訊(如身份證件號碼、通訊號碼(如手機號、電子信箱位址等)等),此外,為了保證目標使用者的個人資訊不被洩露,並且確保被查詢方的終端設備的SDK可以得到完整的個人資訊,可以使用被查詢方的加密金鑰對目標使用者的個人資訊進行加密處理,為此,可以從上述查詢方的金鑰對中獲取被查詢方的加密金鑰,即上述的第二加密金鑰。
需要說明的是,上述查詢方的終端設備獲取被查詢方的加密金鑰的處理可以是查詢方的終端設備從本機存放區的金鑰對中獲取被查詢方的加密金鑰,本機存放區的金鑰對是查詢方的終端設備與被查詢方的終端設備之間基於預定的金鑰交換演算法產生。具體處理過程可以參見上述步驟S402~步驟S410的相關內容,在此不再贅述。
在步驟S414中,查詢方的終端設備基於被查詢方的加密金鑰,對該個人資訊中的預定資訊進行同態加密處理,得到該個人資訊中的密文。
其中,同態加密處理可以是基於數學難題的計算複雜性理論進行加密的處理,對經過同態加密的資料進行處理得到一個輸出,將這一輸出進行解密得到的結果與使用相同的方法處理未經加密處理的原始資料得到的結果相同,同態加密可以包括部分同態加密和全同態加密等,相應的,不同的同態加密對應的加密演算法可以不同,如部分同態加密對應的加密演算法可以包括如RSA演算法和Paillier演算法等,全同態加密對應的加密演算法可以包括如Gentry演算法等,具體使用哪種加密演算法可以根據實際情況設定,本說明書實施例對此不做限定。此外,同態加密還可以具有如加法同態性、減法同態性、乘法同態性、除法同態性、混合乘法同態性等。
在實施中,為了不影響其他人或其它結構等對加密後的個人資訊進行計算等處理,可以採用同態加密的方式對目標使用者的個人資訊進行加密處理,具體地,查詢方的終端設備可以根據實際情況,預先選取一種同態加密的加密演算法,如RSA演算法、Paillier演算法或Gentry演算法等。查詢方的終端設備通過上述步驟S412的處理得到被查詢方的加密金鑰後,可以對目標使用者的個人資訊進行分析,確定其中需要進行加密處理的預定資訊,其中,預定資訊可以根據實際情況(如當前處理的業務的需求或用戶的要求等)預先設定,例如出生日期、手機號碼中處於指定位置的數位或電子信箱位址中處於指定位置的字元等。然後,查詢方的終端設備可以基於被查詢方的加密金鑰,使用上述預先選取的加密演算法對該個人資訊中的預定資訊進行同態加密處理,得到該個人資訊中的密文。
例如,如圖4(b)所示,查詢方需要查詢使用者A(使用者A的身份證件號碼為100000198011110000)的借貸情況,此時,查詢方的終端設備可以獲取用戶A的身份證件號碼和被查詢方的加密金鑰,由於用戶A的身份證件號碼中包含用戶A的出生日期,因此,可以將用戶A的身份證件號碼中出生日期的部分資訊作為預定資訊,然後,查詢方的終端設備可以基於被查詢方的加密金鑰(即上述第二加密金鑰),使用預先選取的加密演算法對使用者A的身份證件號碼中出生日期進行同態加密處理,同時,身份證件號碼中除了出生日期外的資訊可以保持明文,最終得到出生日期為密文的身份證件號碼,即加密處理後的身份證件號碼可以為100000aaaaaaaa0000。
在步驟S416中,查詢方的終端設備向第三方的終端設備發送資料查詢請求,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是基於被查詢方的加密金鑰對預定資訊進行加密處理得到。
在步驟S418中,第三方的終端設備將上述資料查詢請求發送給被查詢方的終端設備。
在步驟S420中,被查詢方的終端設備根據上述資料查詢請求中個人資訊的明文,獲取與該明文相匹配的預選查詢結果資料。
在實施中,如圖4(b)所示,可以查找滿足前6位分別為100000,最後4位分別為0000,剩餘8位元為任意字元的身份證件號碼,並獲取查找到的身份證件號碼的使用者的借貸情況,則查找到的身份證件號碼的使用者的借貸情況即為預選查詢結果資料。
在步驟S422中,被查詢方的終端設備基於第三方提供的預定SDK,通過預定的解密金鑰對上述個人資訊的密文進行解密處理,並基於解密後的個人資訊,從預選查詢結果資料中獲取解密後的個人資訊對應的預選查詢結果資料,並將獲取的預選查詢結果資料作為上述資料查詢請求對應的查詢結果資料發送給第三方的終端設備。
在步驟S424中,第三方的終端設備將查詢結果資料發送給查詢方的終端設備。
通過上述處理,由於查詢方的終端設備和被查詢方的金鑰對的產生及金鑰的交換過程,以及密文的解密和查詢結果資料的返回均是在第三方提供的SDK中實現,因此,被查詢方只能得到包含明文和密文的個人資訊,以及預選查詢結果資料,而且,無法通過預選查詢結果資料推斷出解密後的個人資訊或個人資訊中的密文,而第三方只能得到包含明文和密文的個人資訊,以及查詢結果資料,而且,無法通過反向查詢等方式確定解密後的個人資訊或個人資訊中的密文,因此,在上述資料查詢的過程中,提高了資料的安全性。
本說明書實施例提供一種基於隱私資訊保護的資料查詢方法,通過在接收到第三方的終端設備發送的資料查詢請求後,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是查詢方的終端設備基於被查詢方的加密金鑰對預定資訊進行加密處理得到,然後,根據個人資訊中的明文,獲取與明文相匹配的預選查詢結果資料,從而使得被查詢方無法知曉查詢方所要真正查詢的結果資料,另外,在預定的可信環境中,對個人資訊中的密文進行解密處理,並基於解密後的個人資訊,從預選查詢結果資料中獲取資料查詢請求對應的查詢結果資料,併發送給第三方的終端設備,使得被查詢方無法獲取解密後的相關資訊和查詢結果資料,而只能得到包含明文和密文的個人資訊,以及預選查詢結果資料,而且,無法通過預選查詢結果資料推斷出解密後的個人資訊或個人資訊中的密文,提高了資料的安全性。
實施例五
以上為本說明書實施例提供的基於隱私資訊保護的資料查詢方法,基於同樣的思路,本說明書實施例還提供一種基於隱私資訊保護的資料查詢裝置,如圖5所示。
該基於隱私資訊保護的資料查詢裝置包括:查詢請求接收模組501、預選結果獲取模組502和查詢結果確定模組503,其中:
查詢請求接收模組501,接收第三方的終端設備發送的資料查詢請求,所述資料查詢請求中包括待查詢的目標使用者的個人資訊,所述個人資訊中的預定資訊為密文,除所述預定資訊外的資訊為明文,所述密文是查詢方的終端設備基於被查詢方的加密金鑰對所述預定資訊進行加密處理得到;
預選結果獲取模組502,根據所述資料查詢請求中所述個人資訊的明文,獲取與所述明文相匹配的預選查詢結果資料;
查詢結果確定模組503,在預定的可信環境中,基於預定的解密金鑰對所述個人資訊的密文進行解密處理,並基於解密後的個人資訊,從所述預選查詢結果資料中獲取所述解密後的個人資訊對應的預選查詢結果資料,並將獲取的預選查詢結果資料作為所述資料查詢請求對應的查詢結果資料發送給所述第三方的終端設備。
本說明書實施例中,所述查詢結果確定模組503,基於所述第三方提供的預定SDK,通過預定的解密金鑰對所述個人資訊的密文進行解密處理,並基於解密後的個人資訊,從所述預選查詢結果資料中獲取所述解密後的個人資訊對應的預選查詢結果資料,並將獲取的預選查詢結果資料作為所述資料查詢請求對應的查詢結果資料發送給所述第三方的終端設備。
本說明書實施例中,所述密文是查詢方的終端設備基於被查詢方的加密金鑰對所述預定資訊進行同態加密處理得到。
本說明書實施例中,所述查詢方的終端設備和所述被查詢方的終端設備部署有所述第三方提供的預定SDK,所述裝置還包括:
第一金鑰接收模組,接收所述查詢方的終端設備通過所述第三方的終端設備發送的第一加密金鑰;
第二金鑰發送模組,基於所述第一加密金鑰產生第二加密金鑰和相應的第二解密金鑰,將所述第二加密金鑰通過所述第三方的終端設備發送給查詢方的終端設備;
金鑰對確定模組,將所述第一加密金鑰和所述第二解密金鑰作為所述被查詢方的金鑰對;
所述查詢結果確定模組,基於所述第二解密金鑰對所述個人資訊中的密文進行解密處理,所述密文是查詢方的終端設備基於所述第二加密金鑰對所述預定資訊進行加密處理得到。
本說明書實施例中,所述第二金鑰發送模組,基於所述第一加密金鑰,使用預定的金鑰交換演算法產生第二加密金鑰和相應的第二解密金鑰。
本說明書實施例中,所述金鑰交換演算法為Diffie-Hellman演算法或Oakley演算法。
本說明書實施例提供一種基於隱私資訊保護的資料查詢裝置,通過在接收到第三方的終端設備發送的資料查詢請求後,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是查詢方的終端設備基於被查詢方的加密金鑰對預定資訊進行加密處理得到,然後,根據個人資訊中的明文,獲取與明文相匹配的預選查詢結果資料,從而使得被查詢方無法知曉查詢方所要真正查詢的結果資料,另外,在預定的可信環境中,對個人資訊中的密文進行解密處理,並基於解密後的個人資訊,從預選查詢結果資料中獲取資料查詢請求對應的查詢結果資料,併發送給第三方的終端設備,使得被查詢方無法獲取解密後的相關資訊和查詢結果資料,而只能得到包含明文和密文的個人資訊,以及預選查詢結果資料,而且,無法通過預選查詢結果資料推斷出解密後的個人資訊或個人資訊中的密文,提高了資料的安全性。
實施例六
以上為本說明書實施例提供的基於隱私資訊保護的資料查詢方法,基於同樣的思路,本說明書實施例還提供一種基於隱私資訊保護的資料查詢裝置,如圖6所示。
該基於隱私資訊保護的資料查詢裝置包括:查詢請求發送模組601和查詢結果接收模組602,其中:
查詢請求發送模組601,向第三方的終端設備發送資料查詢請求,所述資料查詢請求中包括待查詢的目標使用者的個人資訊,所述個人資訊中的預定資訊為密文,除所述預定資訊外的資訊為明文,所述密文是基於被查詢方的加密金鑰對所述預定資訊進行加密處理得到;
查詢結果接收模組602,接收所述第三方的終端設備發送的所述資料查詢請求對應的查詢結果資料。
本說明書實施例中,所述裝置還包括:
資訊獲取模組,獲取所述被查詢方的加密金鑰和所述目標使用者的個人資訊;
加密模組,基於所述被查詢方的加密金鑰,對所述個人資訊中的預定資訊進行同態加密處理,得到所述個人資訊中的密文。
本說明書實施例中,所述資訊獲取模組,從本機存放區的金鑰對中獲取所述被查詢方的加密金鑰,所述本機存放區的金鑰對是與所述被查詢方的終端設備之間基於預定的金鑰交換演算法產生。
本說明書實施例中,所述裝置還包括:
金鑰建立模組,建立第一加密金鑰和相應的第一解密金鑰;
第一金鑰發送模組,將所述第一加密金鑰通過所述第三方的終端設備發送給所述被查詢方的終端設備,以使所述被查詢方的終端設備基於所述第一加密金鑰產生第二加密金鑰和相應的第二解密金鑰,將所述第一加密金鑰和所述第二解密金鑰作為所述被查詢方的金鑰對,並將所述第二加密金鑰通過所述第三方的終端設備發送給查詢方的終端設備;
金鑰對確定模組,接收所述第二加密金鑰,將所述第二加密金鑰和所述第一解密金鑰作為所述查詢方的金鑰對;
所述資訊獲取模組,從所述查詢方的金鑰對中獲取所述第二加密金鑰,以獲取所述被查詢方的加密金鑰。
本說明書實施例中,所述金鑰建立模組,基於預定的金鑰交換演算法,建立第一加密金鑰和相應的第一解密金鑰。
本說明書實施例提供一種基於隱私資訊保護的資料查詢裝置,通過向第三方的終端設備發送資料查詢請求,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是基於被查詢方的加密金鑰對預定資訊進行加密處理得到,然後,接收第三方的終端設備發送的資料查詢請求對應的查詢結果資料,這樣,通過將待查詢的目標使用者的個人資訊中的部分資訊進行加密處理,使得資料在查詢的過程中不會被洩露,提高了資料的安全性。
實施例七
以上為本說明書實施例提供的基於隱私資訊保護的資料查詢裝置,基於同樣的思路,本說明書實施例還提供一種基於隱私資訊保護的資料查詢設備,如圖7所示。
所述基於隱私資訊保護的資料查詢設備可以為上述實施例提供的被查詢方的終端設備或伺服器。
基於隱私資訊保護的資料查詢設備可因配置或性能不同而產生比較大的差異,可以包括一個或一個以上的處理器701和記憶體702,記憶體702中可以儲存有一個或一個以上儲存應用程式或資料。其中,記憶體702可以是短暫儲存或持久儲存。儲存在記憶體702的應用程式可以包括一個或一個以上模組(圖示未示出),每個模組可以包括對資料查詢設備中的一系列電腦可執行指令。更進一步地,處理器701可以設置為與記憶體702通信,在資料查詢設備上執行記憶體702中的一系列電腦可執行指令。資料查詢設備還可以包括一個或一個以上電源703,一個或一個以上有線或無線網路介面704,一個或一個以上輸入輸出介面705,一個或一個以上鍵盤706。
具體在本實施例中,資料查詢設備包括有記憶體,以及一個或一個以上的程式,其中一個或者一個以上程式儲存於記憶體中,且一個或者一個以上程式可以包括一個或一個以上模組,且每個模組可以包括對資料查詢設備中的一系列電腦可執行指令,且經配置以由一個或者一個以上處理器執行該一個或者一個以上套裝程式含用於進行以下電腦可執行指令:
接收第三方的終端設備發送的資料查詢請求,所述資料查詢請求中包括待查詢的目標使用者的個人資訊,所述個人資訊中的預定資訊為密文,除所述預定資訊外的資訊為明文,所述密文是查詢方的終端設備基於被查詢方的加密金鑰對所述預定資訊進行加密處理得到;
根據所述資料查詢請求中所述個人資訊的明文,獲取與所述明文相匹配的預選查詢結果資料;
在預定的可信環境中,基於預定的解密金鑰對所述個人資訊的密文進行解密處理,並基於解密後的個人資訊,從所述預選查詢結果資料中獲取所述解密後的個人資訊對應的預選查詢結果資料,並將獲取的預選查詢結果資料作為所述資料查詢請求對應的查詢結果資料發送給所述第三方的終端設備。
本說明書實施例中,所述在預定的可信環境中,基於預定的解密金鑰對所述個人資訊的密文進行解密處理,並基於解密後的個人資訊,從所述預選查詢結果資料中獲取所述解密後的個人資訊對應的預選查詢結果資料,並將獲取的預選查詢結果資料作為所述資料查詢請求對應的查詢結果資料發送給所述第三方的終端設備,包括:
基於所述第三方提供的預定SDK,通過預定的解密金鑰對所述個人資訊的密文進行解密處理,並基於解密後的個人資訊,從所述預選查詢結果資料中獲取所述解密後的個人資訊對應的預選查詢結果資料,並將獲取的預選查詢結果資料作為所述資料查詢請求對應的查詢結果資料發送給所述第三方的終端設備。
本說明書實施例中,所述密文是查詢方的終端設備基於被查詢方的加密金鑰對所述預定資訊進行同態加密處理得到。
本說明書實施例中,所述查詢方的終端設備和所述被查詢方的終端設備部署有所述第三方提供的預定SDK,所述方法還包括:
接收所述查詢方的終端設備通過所述第三方的終端設備發送的第一加密金鑰;
基於所述第一加密金鑰產生第二加密金鑰和相應的第二解密金鑰,將所述第二加密金鑰通過所述第三方的終端設備發送給查詢方的終端設備;
將所述第一加密金鑰和所述第二解密金鑰作為所述被查詢方的金鑰對;
所述基於預定的解密金鑰對所述個人資訊的密文進行解密處理,包括:
基於所述第二解密金鑰對所述個人資訊中的密文進行解密處理,所述密文是查詢方的終端設備基於所述第二加密金鑰對所述預定資訊進行加密處理得到。
本說明書實施例中,所述基於所述第一加密金鑰產生第二加密金鑰和相應的第二解密金鑰,包括:
基於所述第一加密金鑰,使用預定的金鑰交換演算法產生第二加密金鑰和相應的第二解密金鑰。
本說明書實施例中,所述金鑰交換演算法為Diffie-Hellman演算法或Oakley演算法。
本說明書實施例提供一種基於隱私資訊保護的資料查詢設備,通過在接收到第三方的終端設備發送的資料查詢請求後,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是查詢方的終端設備基於被查詢方的加密金鑰對預定資訊進行加密處理得到,然後,根據個人資訊中的明文,獲取與明文相匹配的預選查詢結果資料,從而使得被查詢方無法知曉查詢方所要真正查詢的結果資料,另外,在預定的可信環境中,對個人資訊中的密文進行解密處理,並基於解密後的個人資訊,從預選查詢結果資料中獲取資料查詢請求對應的查詢結果資料,併發送給第三方的終端設備,使得被查詢方無法獲取解密後的相關資訊和查詢結果資料,而只能得到包含明文和密文的個人資訊,以及預選查詢結果資料,而且,無法通過預選查詢結果資料推斷出解密後的個人資訊或個人資訊中的密文,提高了資料的安全性。
實施例八
基於同樣的思路,本說明書實施例還提供一種基於隱私資訊保護的資料查詢設備,如圖8所示。
所述基於隱私資訊保護的資料查詢設備可以為上述實施例提供的查詢方的終端設備或伺服器。
基於隱私資訊保護的資料查詢設備可因配置或性能不同而產生比較大的差異,可以包括一個或一個以上的處理器801和記憶體802,記憶體802中可以儲存有一個或一個以上儲存應用程式或資料。其中,記憶體802可以是短暫儲存或持久儲存。儲存在記憶體802的應用程式可以包括一個或一個以上模組(圖示未示出),每個模組可以包括對資料查詢設備中的一系列電腦可執行指令。更進一步地,處理器801可以設置為與記憶體802通信,在資料查詢設備上執行記憶體802中的一系列電腦可執行指令。資料查詢設備還可以包括一個或一個以上電源803,一個或一個以上有線或無線網路介面804,一個或一個以上輸入輸出介面805,一個或一個以上鍵盤806。
具體在本實施例中,資料查詢設備包括有記憶體,以及一個或一個以上的程式,其中一個或者一個以上程式儲存於記憶體中,且一個或者一個以上程式可以包括一個或一個以上模組,且每個模組可以包括對資料查詢設備中的一系列電腦可執行指令,且經配置以由一個或者一個以上處理器執行該一個或者一個以上套裝程式含用於進行以下電腦可執行指令:
向第三方的終端設備發送資料查詢請求,所述資料查詢請求中包括待查詢的目標使用者的個人資訊,所述個人資訊中的預定資訊為密文,除所述預定資訊外的資訊為明文,所述密文是基於被查詢方的加密金鑰對所述預定資訊進行加密處理得到;
接收所述第三方的終端設備發送的所述資料查詢請求對應的查詢結果資料。
本說明書實施例中,所述方法還包括:
獲取所述被查詢方的加密金鑰和所述目標使用者的個人資訊;
基於所述被查詢方的加密金鑰,對所述個人資訊中的預定資訊進行同態加密處理,得到所述個人資訊中的密文。
本說明書實施例中,所述獲取所述被查詢方的加密金鑰,包括:
從本機存放區的金鑰對中獲取所述被查詢方的加密金鑰,所述本機存放區的金鑰對是與所述被查詢方的終端設備之間基於預定的金鑰交換演算法產生。
本說明書實施例中,所述方法還包括:
建立第一加密金鑰和相應的第一解密金鑰;
將所述第一加密金鑰通過所述第三方的終端設備發送給所述被查詢方的終端設備,以使所述被查詢方的終端設備基於所述第一加密金鑰產生第二加密金鑰和相應的第二解密金鑰,將所述第一加密金鑰和所述第二解密金鑰作為所述被查詢方的金鑰對,並將所述第二加密金鑰通過所述第三方的終端設備發送給查詢方的終端設備;
接收所述第二加密金鑰,將所述第二加密金鑰和所述第一解密金鑰作為所述查詢方的金鑰對;
所述從本機存放區的金鑰對中獲取所述被查詢方的加密金鑰,包括:
從所述查詢方的金鑰對中獲取所述第二加密金鑰,以獲取所述被查詢方的加密金鑰。
本說明書實施例中,所述建立第一加密金鑰和相應的第一解密金鑰,包括:
基於預定的金鑰交換演算法,建立第一加密金鑰和相應的第一解密金鑰。
本說明書實施例提供一種基於隱私資訊保護的資料查詢設備,通過向第三方的終端設備發送資料查詢請求,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是基於被查詢方的加密金鑰對預定資訊進行加密處理得到,然後,接收第三方的終端設備發送的資料查詢請求對應的查詢結果資料,這樣,通過將待查詢的目標使用者的個人資訊中的部分資訊進行加密處理,使得資料在查詢的過程中不會被洩露,提高了資料的安全性。
實施例九
基於同樣的思路,本說明書實施例還提供一種基於隱私資訊保護的資料查詢系統,所述基於隱私資訊保護的資料查詢系統可以包括查詢方的終端設備901、被查詢方的終端設備902和第三方的終端設備903,如圖9所示。
查詢方的終端設備901向第三方的終端設備903發送資料查詢請求,所述資料查詢請求中包括待查詢的目標使用者的個人資訊,所述個人資訊中的預定資訊為密文,除所述預定資訊外的資訊為明文,所述密文是基於被查詢方的終端設備902的加密金鑰對所述預定資訊進行加密處理得到;
第三方的終端設備903將所述資料查詢請求發送給被查詢方的終端設備902;
被查詢方的終端設備902根據所述資料查詢請求中所述個人資訊的明文,獲取與所述明文相匹配的預選查詢結果資料;
被查詢方的終端設備902在預定的可信環境中,基於預定的解密金鑰對所述個人資訊的密文進行解密處理,並基於解密後的個人資訊,從所述預選查詢結果資料中獲取所述解密後的個人資訊對應的預選查詢結果資料,並將獲取的預選查詢結果資料作為所述資料查詢請求對應的查詢結果資料發送給所述第三方的終端設備903;
第三方的終端設備將查詢結果資料發送給查詢方的終端設備。
本說明書實施例中,被查詢方的終端設備902基於所述第三方提供的預定SDK,通過預定的解密金鑰對所述個人資訊的密文進行解密處理,並基於解密後的個人資訊,從所述預選查詢結果資料中獲取所述解密後的個人資訊對應的預選查詢結果資料,並將獲取的預選查詢結果資料作為所述資料查詢請求對應的查詢結果資料發送給所述第三方的終端設備903。
本說明書實施例中,所述密文是查詢方的終端設備基於被查詢方的加密金鑰對所述預定資訊進行同態加密處理得到。
本說明書實施例中,所述查詢方的終端設備901和所述被查詢方的終端設備902部署有所述第三方提供的預定SDK,被查詢方的終端設備902接收所述查詢方的終端設備901通過所述第三方的終端設備903發送的第一加密金鑰;基於所述第一加密金鑰產生第二加密金鑰和相應的第二解密金鑰,將所述第二加密金鑰通過所述第三方的終端設備發送給查詢方的終端設備901;將所述第一加密金鑰和所述第二解密金鑰作為所述被查詢方的金鑰對;所述基於預定的解密金鑰對所述個人資訊的密文進行解密處理,包括:基於所述第二解密金鑰對所述個人資訊中的密文進行解密處理,所述密文是查詢方的終端設備901基於所述第二加密金鑰對所述預定資訊進行加密處理得到。
本說明書實施例中,被查詢方的終端設備902基於所述第一加密金鑰,使用預定的金鑰交換演算法產生第二加密金鑰和相應的第二解密金鑰。
本說明書實施例中,所述金鑰交換演算法為Diffie-Hellman演算法或Oakley演算法。
本說明書實施例中,查詢方的終端設備901獲取所述被查詢方的加密金鑰和所述目標使用者的個人資訊;基於所述被查詢方的加密金鑰,對所述個人資訊中的預定資訊進行同態加密處理,得到所述個人資訊中的密文。
本說明書實施例中,查詢方的終端設備901從本機存放區的金鑰對中獲取所述被查詢方的加密金鑰,所述本機存放區的金鑰對是與所述被查詢方的終端設備之間基於預定的金鑰交換演算法產生。
本說明書實施例中,查詢方的終端設備901建立第一加密金鑰和相應的第一解密金鑰;將所述第一加密金鑰通過所述第三方的終端設備發送給所述被查詢方的終端設備,以使所述被查詢方的終端設備基於所述第一加密金鑰產生第二加密金鑰和相應的第二解密金鑰,將所述第一加密金鑰和所述第二解密金鑰作為所述被查詢方的金鑰對,並將所述第二加密金鑰通過所述第三方的終端設備發送給查詢方的終端設備;接收所述第二加密金鑰,將所述第二加密金鑰和所述第一解密金鑰作為所述查詢方的金鑰對;所述從本機存放區的金鑰對中獲取所述被查詢方的加密金鑰,包括:從所述查詢方的金鑰對中獲取所述第二加密金鑰,以獲取所述被查詢方的加密金鑰。
本說明書實施例中,查詢方的終端設備901基於預定的金鑰交換演算法,建立第一加密金鑰和相應的第一解密金鑰。
本說明書實施例提供一種基於隱私資訊保護的資料查詢系統,通過在接收到第三方的終端設備發送的資料查詢請求後,該資料查詢請求中包括待查詢的目標使用者的個人資訊,該個人資訊中的預定資訊為密文,除預定資訊外的資訊為明文,該密文是查詢方的終端設備基於被查詢方的加密金鑰對預定資訊進行加密處理得到,然後,根據個人資訊中的明文,獲取與明文相匹配的預選查詢結果資料,從而使得被查詢方無法知曉查詢方所要真正查詢的結果資料,另外,在預定的可信環境中,對個人資訊中的密文進行解密處理,並基於解密後的個人資訊,從預選查詢結果資料中獲取資料查詢請求對應的查詢結果資料,併發送給第三方的終端設備,使得被查詢方無法獲取解密後的相關資訊和查詢結果資料,而只能得到包含明文和密文的個人資訊,以及預選查詢結果資料,而且,無法通過預選查詢結果資料推斷出解密後的個人資訊或個人資訊中的密文,提高了資料的安全性。
而第三方只能得到包含明文和密文的個人資訊,以及查詢結果資料,而且,無法通過反向查詢等方式確定解密後的個人資訊或個人資訊中的密文,因此,在上述資料查詢的過程中,提高了資料的安全性。
上述對本說明書特定實施例進行了描述。其它實施例在所附申請專利範圍的範圍內。在一些情況下,在申請專利範圍中記載的動作或步驟可以按照不同於實施例中的順序來執行並且仍然可以實現期望的結果。另外,在附圖中描繪的過程不一定要求示出的特定順序或者連續順序才能實現期望的結果。在某些實施方式中,多工處理和平行處理也是可以的或者可能是有利的。
在20世紀90年代,對於一個技術的改進可以很明顯地區分是硬體上的改進(例如,對二極體、電晶體、開關等電路結構的改進)還是軟體上的改進(對於方法流程的改進)。然而,隨著技術的發展,當今的很多方法流程的改進已經可以視為硬體電路結構的直接改進。設計人員幾乎都通過將改進的方法流程程式設計到硬體電路中來得到相應的硬體電路結構。因此,不能說一個方法流程的改進就不能用硬體實體模組來實現。例如,可程式設計邏輯裝置 (Programmable Logic Device,PLD)(例如現場可程式設計閘陣列(Field Programmable Gate Array,FPGA))就是這樣一種積體電路,其邏輯功能由使用者對裝置 程式設計來確定。由設計人員自行程式設計來把一個數位系統“整合”在一片PLD上,而不需要請晶片製造廠商來設計和製作專用的積體電路晶片。而且,如今,取代手工地製作積體電路晶片,這種程式設計也多半改用“邏輯編譯器(logic compiler)”軟體來實現,它與程式開發撰寫時所用的軟體編譯器相類似,而要編譯之前的原始碼也得用特定的程式設計語言來撰寫,此稱之為硬體描述語言(Hardware Description Language,HDL),而HDL也並非僅有一種,而是有許多種,如ABEL(Advanced Boolean Expression Language)、AHDL(Altera Hardware Description Language)、Confluence、CUPL(Cornell University Programming Language)、HDCal、JHDL(Java Hardware Description Language)、Lava、Lola、MyHDL、PALASM、RHDL(Ruby Hardware Description Language)等,目前最普遍使用的是VHDL(Very-High-Speed Integrated Circuit Hardware Description Language)與Verilog。本領域技術人員也應該清楚,只需要將方法流程用上述幾種硬體描述語言稍作邏輯程式設計並程式設計到積體電路中,就可以很容易得到實現該邏輯方法流程的硬體電路。
控制器可以按任何適當的方式實現,例如,控制器可以採取例如微處理器或處理器以及儲存可由該(微)處理器執行的電腦可讀程式碼(例如軟體或韌體)的電腦可讀媒體、邏輯閘、開關、專用積體電路(Application Specific Integrated Circuit,ASIC)、可程式設計邏輯控制器和嵌入微控制器的形式,控制器的例子包括但不限於以下微控制器:ARC 625D、Atmel AT91SAM、Microchip PIC18F26K20以及Silicone Labs C8051F320,記憶體控制器還可以被實現為記憶體的控制邏輯的一部分。本領域技術人員也知道,除了以純電腦可讀程式碼方式實現控制器以外,完全可以通過將方法步驟進行邏輯程式設計來使得控制器以邏輯閘、開關、專用積體電路、可程式設計邏輯控制器和嵌入微控制器等的形式來實現相同功能。因此這種控制器可以被認為是一種硬體部件,而對其內包括的用於實現各種功能的裝置也可以視為硬體部件內的結構。或者甚至,可以將用於實現各種功能的裝置視為既可以是實現方法的軟體模組又可以是硬體部件內的結構。
上述實施例闡明的系統、裝置、模組或單元,具體可以由電腦晶片或實體實現,或者由具有某種功能的產品來實現。一種典型的實現設備為電腦。具體的,電腦例如可以為個人電腦、筆記型電腦、蜂巢式電話、相機電話、智慧型電話、個人數位助理、媒體播放機、導航設備、電子郵件設備、遊戲控制台、平板電腦、可穿戴設備或者這些設備中的任何設備的組合。
為了描述的方便,描述以上裝置時以功能分為各種單元分別描述。當然,在實施本說明書一個或多個實施例時可以把各單元的功能在同一個或多個軟體及/或硬體中實現。
本領域內的技術人員應明白,本說明書的實施例可提供為方法、系統、或電腦程式產品。因此,本說明書一個或多個實施例可採用完全硬體實施例、完全軟體實施例、或結合軟體和硬體方面的實施例的形式。而且,本說明書一個或多個實施例可採用在一個或多個其中包含有電腦可用程式碼的電腦可用儲存媒體(包括但不限於磁碟記憶體、CD-ROM、光學記憶體等)上實施的電腦程式產品的形式。
本說明書的實施例是參照根據本說明書實施例的方法、設備(系統)、和電腦程式產品的流程圖及/或方塊圖來描述的。應理解可由電腦程式指令實現流程圖及/或方塊圖中的每一流程及/或方塊、以及流程圖及/或方塊圖中的流程及/或方塊的結合。可提供這些電腦程式指令到通用電腦、專用電腦、嵌入式處理機或其他可程式設計資料的查詢設備的處理器以產生一個機器,使得通過電腦或其他可程式設計資料的查詢設備的處理器執行的指令產生用於實現在流程圖一個流程或多個流程及/或方塊圖一個方塊或多個方塊中指定的功能的裝置。
這些電腦程式指令也可儲存在能引導電腦或其他可程式設計資料的查詢設備以特定方式工作的電腦可讀記憶體中,使得儲存在該電腦可讀記憶體中的指令產生包括指令裝置的製造品,該指令裝置實現在流程圖一個流程或多個流程及/或方塊圖一個方塊或多個方塊中指定的功能。
這些電腦程式指令也可裝載到電腦或其他可程式設計資料的查詢設備上,使得在電腦或其他可程式設計設備上執行一系列操作步驟以產生電腦實現的處理,從而在電腦或其他可程式設計設備上執行的指令提供用於實現在流程圖一個流程或多個流程及/或方塊圖一個方塊或多個方塊中指定的功能的步驟。
在一個典型的配置中,電腦設備包括一個或多個處理器(CPU)、輸入/輸出介面、網路介面和記憶體。
記憶體可能包括電腦可讀媒體中的非永久性記憶體,隨機存取記憶體(RAM)及/或非揮發性記憶體等形式,如唯讀記憶體(ROM)或快閃記憶體(flash RAM)。記憶體是電腦可讀媒體的示例。
電腦可讀媒體包括永久性和非永久性、可移動和非可移動媒體可以由任何方法或技術來實現資訊儲存。資訊可以是電腦可讀指令、資料結構、程式的模組或其他資料。電腦的儲存媒體的例子包括,但不限於相變記憶體(PRAM)、靜態隨機存取記憶體(SRAM)、動態隨機存取記憶體(DRAM)、其他類型的隨機存取記憶體(RAM)、唯讀記憶體(ROM)、電可抹除可程式設計唯讀記憶體(EEPROM)、快閃記憶體或其他記憶體技術、唯讀光碟唯讀記憶體(CD-ROM)、數位多功能光碟(DVD)或其他光學儲存、卡式磁帶,磁帶磁磁片儲存或其他磁性存放裝置或任何其他非傳輸媒體,可用於儲存可以被電腦設備存取的資訊。按照本文中的界定,電腦可讀媒體不包括暫存電腦可讀媒體(transitory media),如調變的資料信號和載波。
還需要說明的是,術語“包括”、“包含”或者其任何其他變體意在涵蓋非排他性的包含,從而使得包括一系列要素的過程、方法、商品或者設備不僅包括那些要素,而且還包括沒有明確列出的其他要素,或者是還包括為這種過程、方法、商品或者設備所固有的要素。在沒有更多限制的情況下,由語句“包括一個……”限定的要素,並不排除在包括所述要素的過程、方法、商品或者設備中還存在另外的相同要素。
本領域技術人員應明白,本說明書的實施例可提供為方法、系統或電腦程式產品。因此,本說明書一個或多個實施例可採用完全硬體實施例、完全軟體實施例或結合軟體和硬體方面的實施例的形式。而且,本說明書一個或多個實施例可採用在一個或多個其中包含有電腦可用程式碼的電腦可用儲存媒體(包括但不限於磁碟記憶體、CD-ROM、光學記憶體等)上實施的電腦程式產品的形式。
本說明書一個或多個實施例可以在由電腦執行的電腦可執行指令的一般上下文中描述,例如程式模組。一般地,程式模組包括執行特定任務或實現特定抽象資料類型的常式、程式、物件、元件、資料結構等等。也可以在分散式運算環境中實踐本說明書一個或多個實施例,在這些分散式運算環境中,由通過通信網路而被連接的遠端處理設備來執行任務。在分散式運算環境中,程式模組可以位於包括存放裝置在內的本地和遠端電腦儲存媒體中。
本說明書中的各個實施例均採用循序的方式描述,各個實施例之間相同相似的部分互相參見即可,每個實施例重點說明的都是與其他實施例的不同之處。尤其,對於系統實施例而言,由於其基本相似於方法實施例,所以描述的比較簡單,相關之處參見方法實施例的部分說明即可。
以上所述僅為本說明書的實施例而已,並不用於限制本說明書。對於本領域技術人員來說,本說明書可以有各種更改和變化。凡在本說明書的精神和原理之內所作的任何修改、等同替換、改進等,均應包含在本說明書的申請專利範圍之內。The embodiments of this specification provide a data query method based on privacy information protection, Device, Equipment and systems.
In order to enable those skilled in the art to better understand the technical solutions in this specification, The following will be combined with the drawings in the embodiments of this specification, The technical solutions in the embodiments of this specification are clear, Full description, Obviously, The described embodiments are only a part of the embodiments of this specification. Not all examples. Based on the examples in this specification, All other embodiments obtained by those of ordinary skill in the art without making progressive labor, All should belong to the scope of protection of this file.
Example one
As shown in Figure 1, The embodiments of this specification provide a data query method based on privacy information protection, The execution subject of this method can be a terminal device or a server, in, The terminal device can be like a mobile phone, Mobile terminal devices such as tablets, It can also be a device such as a personal computer, The server can be an independent server, It can also be a server cluster composed of multiple servers. The server can be a back-end server for a certain business (such as financial services such as lending, etc.), It can also be a back-end server of a certain application (such as a financial application). The terminal device or server may be the terminal device or server of the inquiring party. This method can be applied to inquire about personal information or personal data. The method may specifically include the following steps:
In step S102, Send a data query request to a third-party terminal device, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by encrypting predetermined information based on the encryption key of the queried party.
in, The third party may be a party that can integrate relevant data of the inquiring party and the inquired party to achieve joint prevention and control. The target user can be the object that the inquirer needs to inquire, It can be any user. Personal information can be recorded electronically or in other ways that can individually or in combination with other information identify the identity of a specific user or reflect the activities of a specific user. Personal information can include names, ID Number, Communication contact information, address, account password, Property status, date of birth, Whereabouts, etc. The predetermined information in the personal information can be part of the information in the personal information. It can be information that is important to the target user, Such as date of birth, Communication contact information, etc., Or it can be part of the above information, etc., If the communication contact method is a mobile phone number, The reservation information can be 4 digits from the 4th digit to the 7th digit in the mobile phone number, etc. The inquirer can inquire about certain information. The inquired party can provide data inquiry services for the inquiring party, And provide the inquiring party with the information that the inquiring party needs to inquire, Specifically, such as different bank structures. The queried party can include one or more, For the case where the queried party includes more than one party, Each party being queried can be set up with one or more databases for querying. An encryption key can be a key used to encrypt certain data. In practical applications, The encryption key can be a public key, It can also be a private key.
In the implementation, With the gradual integration of Internet technology and the financial industry, More and more banking institutions, Finance company, Internet companies began to develop online microfinance business. at the same time, White households that cannot be covered by traditional credit investigations have gradually become the mainstay of online lending. There are a large number of emerging Internet small loan companies, Small size and other characteristics, Since the loan data of different financial companies or financial institutions are isolated from each other, Do not share each other, therefore, Has gradually become an information island, "Multiple lending" has gradually become the hardest hit area for credit risk control. Based on, There are currently some third-party organizations, The third party integrates the loan data of different financial companies or financial institutions, In order to achieve joint prevention and control of loan information.
usually, Joint prevention and control of data, It can be achieved in the following ways: Many financial institutions and third-party institutions formed an alliance, Financial institutions encrypt their loan data using a certain hash algorithm, And agree with the third party on the encryption algorithm to be used for data query. details as follows: The terminal device of the inquiring party uses the agreed hash algorithm to encrypt the information used in the inquiry, Then, Call the predetermined interface of the third-party terminal equipment organization, The terminal equipment of the third party forwards the data query request to the terminal equipment of other financial institutions, Other financial institutions perform matching based on the encrypted information, And return the query result to the third-party terminal equipment, The terminal device of the third party then returns the query result to the terminal device of the inquiring party.
However, Under the above method, there will be the problem of data leakage from multiple parties. Firstly, Although the information used in the query is encrypted, However, the queried party has the mapping relationship between the information used in the query and the encryption key. The information used in the query can be deduced from the above mapping relationship, in addition, The inquiring party and the inquired party are in a horizontal competition relationship, Essentially, The user's loan information is leaked from the inquiring party to the inquired party. also, Because lending information is the core information of financial institutions, therefore, Various financial institutions are unwilling to share their lending information with other institutions. at the same time, The third party acts as an intermediary, It may also drop the borrowing information of the inquiring party and the inquired party, to this end, Need a kind of data query more accurate, A technical solution for more secure data in the data query process. The embodiment of this specification provides a feasible solution, Specifically, it can include the following:
In order to facilitate the querying party to query certain information, The third-party terminal equipment can set up the corresponding query mechanism, And can develop the corresponding application program for this inquiry mechanism. The application can be provided to the terminal device of the inquiring party and the terminal device of the inquired party respectively. When the inquiring party needs to inquire about certain information, The terminal device of the inquiring party can start the application installed in its terminal device, The terminal device of the inquiring party can trigger the execution of the inquiry mechanism in the application, at this time, The terminal device of the inquiring party can obtain the personal information of the target user to be inquired, In order to ensure that the personal information of the target user is not leaked during the data query process, The terminal device can encrypt the personal information. also, Considering that if the entire content of personal information is encrypted, Then the terminal equipment of the queried party will not be able to retrieve the data. to this end, Part of the personal information (i.e. reservation information) can be encrypted. so, The terminal device of the inquired party can perform data retrieval based on the remaining part of the information (information other than the predetermined information). However, In the above method, The data retrieved by the terminal equipment of the queried party will contain more redundant data. In order to return to the terminal device of the inquiring party the accurate information it finds, The terminal device of the queried party needs to decrypt part of the encrypted information, therefore, The terminal device of the inquiring party can also obtain the encryption key of the terminal device of the inquired party in advance, It can also encrypt part of the target user’s personal information based on the encryption key of the queried party’s terminal device. Get personal information including ciphertext and plaintext. Data query requests can be generated based on this personal information, The terminal device of the inquiring party can send the data inquiry request to the terminal device of the third party.
In step S104, Receive the query result data corresponding to the above-mentioned data query request sent by the terminal device of the third party.
in, The query result data can be the data requested by the data query request. For example, The querying party needs to query the number of borrowings of the target user. Then the query result data can be the value of the number of loans and borrowings of the target user. Such as 3 times or 5 times, etc.
In the implementation, The terminal device of the inquiring party can send a data inquiry request to the terminal device of the inquired party through a third-party terminal device. After the terminal device of the queried party receives the data query request, The personal information of the target user can be extracted from the data query request, Since personal information contains plaintext and ciphertext, therefore, You can use only the plain text in your personal information for fuzzy query, The query result will contain query result data corresponding to personal information. The terminal device of the inquired party can send the inquired inquiry result data to the terminal device of the third party. The terminal equipment of the third party can integrate the query results returned by the terminal equipment of the queried party, Get the final query result data, Then, The inquiry result data can be sent to the terminal device of the inquiry party. The terminal device of the inquiring party may receive the inquiry result data corresponding to the above-mentioned data inquiry request sent by the terminal device of the third party through the terminal device.
The embodiments of this specification provide a data query method based on privacy information protection, By sending a data query request to a third-party terminal device, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by encrypting the predetermined information based on the encryption key of the queried party, Then, Receive the query result data corresponding to the data query request sent by the terminal device of the third party, so, By encrypting part of the personal information of the target user to be queried, So that the data will not be leaked during the query process, Improve the security of data.
Example two
as shown in picture 2, The embodiments of this specification provide a data query method based on privacy information protection, The execution subject of this method can be a terminal device or a server, in, The terminal device can be like a mobile phone, Mobile terminal devices such as tablets, It can also be a device such as a personal computer, The server can be an independent server, It can also be a server cluster composed of multiple servers. The server can be a back-end server for a certain business (such as financial services such as lending, etc.), It can also be a back-end server of a certain application (such as a financial application). The terminal device or server may be the terminal device or server of the inquired party. This method can be applied to inquire about personal information or personal data. The method may specifically include the following steps:
In step S202, Receive data query requests sent by third-party terminal equipment, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by encrypting predetermined information on the terminal device of the inquiring party based on the encryption key of the inquiring party.
In the implementation, The terminal device of the inquiring party can send a data inquiry request to the terminal device of the inquired party through a third-party terminal device. For the specific processing process, please refer to the related content of step S102 in the first embodiment above. I won't repeat it here. The terminal device of the inquired party can receive the data inquiry request sent by the terminal device of the inquiring party through the terminal device of a third party.
In step S204, According to the plain text of personal information in the above data query request, Obtain the preselected query result data that matches the plaintext.
In the implementation, After the terminal device of the queried party receives the data query request, Personal information can be extracted from the data query request, Since the predetermined information in the personal information is in cipher text, Unable to perform subsequent data query, therefore, You can use only the plain text in your personal information for fuzzy query, The fuzzy query data can be used as the preselected query result data matching the plaintext. in, Since the pre-selected query result data is the data queried through some information in the personal information, therefore, The pre-selected query result data may not only contain data that matches personal information. It also includes a lot of other information.
For example, The personal information in the data query request is the ID number (18-character number), Since the ID number includes the date of birth of the target user, The date of birth is very important information for the target user. therefore, The date of birth in the ID number can be encrypted based on the encryption key of the queried party, And the rest of the information is in plain text, That is, in the 18-character ID number, Encrypt the characters located in the 7th to 14th positions, The characters in the 1st to 6th positions and the 15th to 18th positions remain in plaintext. Then, You can use the plaintext characters located in the 1st to 6th and 15th to 18th to query the corresponding data. That is, find the first to sixth and 15th to 18th digits in the ID number and the characters from the 1st to 6th and 15th to 18th digits in the above personal information respectively. Related information corresponding to the same ID number, For example, What needs to be queried is the number of loans of users whose ID number is 100000198011110000. Then the date of birth in the above ID card number can be encrypted, For example, the encrypted ID number can be 100000aaaaaaaa0000, Then, You can find that the first 6 digits are 100000 respectively, The last 4 digits are 0000 respectively, The remaining 8 digits are any character ID number, And get the number of loans of the user whose ID number is found, Then the number of loans of the user with the ID number found is the preselected query result data.
It should be noted, The number of loans for the user with the ID number found will include the number of loans for the user with the ID number 100000198011110000.
In step S206, In a predetermined trusted environment, Decrypt the ciphertext of personal information based on a predetermined decryption key, And based on the decrypted personal information, Obtain the pre-selected query result data corresponding to the decrypted personal information from the pre-selected query result data, And the obtained pre-selected query result data is sent to the terminal device of the third party as the query result data corresponding to the data query request.
in, A trusted environment can be a data processing environment that is safe and isolated from other environments, Processing performed in a trusted environment, And the data generated in the process of data processing cannot be used by third parties, Known by the inquiring party and the inquired party. The decryption key can be a key for decrypting the data after using the corresponding encryption key to encrypt certain data. The decryption key and the corresponding encryption key can be a pair of keys, Such as public key and private key, If the encryption key is a public key, The decryption key can be a private key, If the encryption key is a private key, The decryption key can be a public key, etc.
In the implementation, In order to ensure that the personal information of the target user is not leaked, Personal information can be placed in a trusted environment, Then, The following operations or processing can be performed in a trusted environment: Since the pre-selected query result data includes a lot of data other than the query result data corresponding to the data query request, In order to return accurate query result data to the terminal device of the querying party, Can confirm complete personal information, to this end, Need to decrypt the ciphertext in personal information, specifically, Since the ciphertext in the personal information is obtained by the encryption key of the terminal device of the queried party, therefore, The ciphertext in the personal information can be decrypted using the decryption key of the terminal device of the queried party, Get the complete personal information after decryption. in, The decryption process and the decrypted personal information are in a trusted environment, Other applications or execution environments cannot obtain the decrypted personal information and the relevant data of the above-mentioned decryption process. So as to ensure the security of the data.
also, After getting the decrypted personal information, You can obtain accurate query result data based on the decrypted personal information, specifically, After the terminal device of the inquired party inquires the pre-selected inquiry result data through the above method, Can be in a trusted environment, Determine the query result data corresponding to the personal information, That is, you can find the decrypted personal information in the pre-selected query result data, If the decrypted personal information is not found, It is not necessary to do any processing or send to the terminal device of the inquiring party a reminder that no relevant information has been found. If you find the decrypted personal information, Then you can obtain the preselected query result data corresponding to the decrypted personal information, And the pre-selected query result data can be used as the query result data corresponding to the data query request. The terminal equipment of the queried party can send the query result data to the terminal equipment of the third party, The terminal device of the third party can forward the query result data to the terminal device of the inquiring party.
Through the above processing, Third parties can only obtain personal information that contains both plaintext and ciphertext. And query result data, and, It is not possible to determine the decrypted personal information or the ciphertext in the personal information through reverse lookup and other methods. Since the decryption of the ciphertext and the return of the query result data are executed in a trusted environment, therefore, The inquired party can only get personal information including plaintext and ciphertext. And pre-selected query result data, and, It is not possible to infer the decrypted personal information or the cipher text in the personal information from the pre-selected query result data. therefore, In the process of querying the above data, Improve the security of data.
The embodiments of this specification provide a data query method based on privacy information protection, After receiving a data query request sent by a third-party terminal device, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by the terminal device of the inquiring party encrypting the predetermined information based on the encryption key of the inquiring party, Then, According to the plain text in the personal information, Obtain the preselected query result data that matches the plaintext, So that the inquired party cannot know the result data that the inquiring party really wants to inquire. in addition, In a predetermined trusted environment, Decrypt the ciphertext in personal information, And based on the decrypted personal information, Obtain the query result data corresponding to the data query request from the preselected query result data, And send it to a third-party terminal device, So that the party being queried cannot obtain the decrypted relevant information and query result data, You can only get personal information including plaintext and ciphertext, And pre-selected query result data, and, It is impossible to infer the decrypted personal information or the cipher text in the personal information from the pre-selected query result data. Improve the security of data.
Example three
As shown in Figure 3, The embodiments of this specification provide a data query method based on privacy information protection, The execution subject of this method can be a terminal device or a server, in, The terminal device can be like a mobile phone, Mobile terminal devices such as tablets, It can also be a device such as a personal computer, The server can be an independent server, It can also be a server cluster composed of multiple servers. The server can be a back-end server for a certain business (such as financial services such as lending, etc.), It can also be a back-end server of a certain application (such as a financial application). The terminal device or server may be a third-party terminal device or server that can integrate relevant data of the inquiring party and the inquired party to realize joint prevention and control. This method can be applied to inquire about personal information or personal data. The method may specifically include the following steps:
In step S302, Receive the data query request sent by the terminal device of the querying party, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by encrypting predetermined information based on the encryption key of the queried party.
For the specific processing process of the terminal device of the inquiring party sending the data query request to the terminal device of the third party, please refer to the related content of step S102 in the first embodiment. I won't repeat it here. The terminal device of the third party can receive the data query request sent by the terminal device of the inquiring party.
In step S304, Send the aforementioned data query request to the terminal device of the queried party.
In step S306, Receive the query result data returned by the terminal device of the queried party in response to the above-mentioned data query request, And send the inquiry result data to the terminal equipment of the inquiry party.
For the specific processing process of determining the data query result corresponding to the data query request by the terminal device of the inquired party, please refer to the related content of step S204 and step S206 in the second embodiment. I won't repeat it here. After the terminal device of the queried party determines the data query result corresponding to the data query request, The query result data can be sent to a third-party terminal device, The terminal device of the third party can receive the query result data returned by the terminal device of the queried party in response to the above-mentioned data query request, Then, The query result data can be sent to the terminal device of the querying party.
Through the above processing, Third parties can only obtain personal information that contains both plaintext and ciphertext. And query result data, and, It is not possible to determine the decrypted personal information or the ciphertext in the personal information through reverse lookup and other methods.
The embodiments of this specification provide a data query method based on privacy information protection, By receiving the data query request sent by the terminal device of the querying party, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by encrypting the predetermined information based on the encryption key of the queried party, Send the above data query request to the terminal equipment of the queried party, And get the returned query result data from the terminal device of the queried party, so, By encrypting part of the personal information of the target user to be queried, So that the data will not be leaked during the inquiry process, Improve the security of data.
Embodiment four
As shown in Figure 4(a), The embodiments of this specification provide a data query method based on privacy information protection, This method can be used by the inquiring party’s terminal equipment, The terminal equipment of the third party and the terminal equipment of the queried party are jointly completed, in, The terminal equipment of the parties can be such as mobile phones, Mobile terminal devices such as tablets, It can also be a device such as a personal computer or server, The server can be an independent server, It can also be a server cluster composed of multiple servers. The server can be a back-end server for a certain business (such as financial services such as lending, etc.), It can also be a back-end server of a certain application (such as a financial application). The third party may be a party that can integrate relevant information of the inquiring party and the inquired party to achieve joint prevention and control. This method can be applied to inquire about personal information or personal data. The method may specifically include the following steps:
In step S402, The terminal device of the inquiring party establishes a first encryption key and a corresponding first decryption key.
In the implementation, As shown in Figure 4(b), In order to ensure the security of the data in the process of data query, The third party can be based on the actual situation (such as business needs, User requirements, etc.) create a software development kit SDK (Software Development Kit), And the SDK can be separately deployed to the application environment of the terminal device of the inquiring party and the terminal device of the inquired party, also, The source code of the SDK can be disclosed to the inquiring party and the inquired party. Through the predetermined SDK deployed on the terminal equipment of the inquiring party and the terminal equipment of the inquired party, It can provide a credible environment for data processing. so, The terminal device of the inquiring party and the terminal device of the inquired party can generate a key through the trusted environment, And decrypt the cipher text with the key. As shown in Figure 4(b), In order to ensure the security of the data in the data query process, The terminal equipment of the inquiring party and the terminal equipment of the queried party can exchange keys through the terminal equipment of a third party, Specifically, it can be achieved through the corresponding key exchange algorithm, The key exchange algorithm can include many kinds, Such as Diffie-Hellman algorithm or Oakley algorithm, etc. Specifically, the corresponding algorithm can be selected according to the actual situation, The embodiments of this specification do not limit this. The key exchange process can be initiated by the terminal device of the inquiring party through a predetermined SDK, It can also be initiated by the terminal device of the queried party through a predetermined SDK, etc., In this implementation, the inquiring party’s terminal device is used as an example. When the query party needs to query certain information, The terminal device of the inquiring party can create a key pair for the data inquiry processing that needs to be carried out, That is, the SDK of the terminal device of the inquiring party can be based on a predetermined key exchange algorithm, Use OpenSSL, for example, to create the first encryption key and the corresponding first decryption key for the required data query processing, For example, the first encryption key can be the public key of the querying party, The first decryption key may be the private key of the inquiring party, etc.
In step S404, The terminal device of the inquiring party sends the first encryption key to the terminal device of the inquired party through the terminal device of the third party.
In the implementation, As shown in Figure 4(b), The SDK of the terminal device of the inquiring party can send the first encryption key to the terminal device of the third party, The terminal device of the third party may send the first encryption key to the SDK of the terminal device of the queried party.
In step S406, The terminal device of the queried party generates a second encryption key and a corresponding second decryption key based on the first encryption key, The second encryption key is sent to the terminal device of the inquiring party through the terminal device of the third party.
In the implementation, As shown in Figure 4(b), After the SDK of the terminal device of the inquired party receives the first encryption key sent by the SDK of the terminal device of the inquiring party through a third-party terminal device, Can be based on the first encryption key, Use such as OpenSSL to create a second encryption key and a corresponding second decryption key, in, The second encryption key can be the public key of the queried party, The second decryption key may be the private key of the queried party, etc. Then, The SDK of the terminal device of the queried party can send the second encryption key to the terminal device of the third party, The terminal device of the third party may send the second encryption key to the terminal device of the inquiring party.
In step S408, The terminal device of the queried party uses the first encryption key and the second decryption key as the key pair of the queried party.
In step S410, The terminal device of the inquiring party uses the second encryption key and the first decryption key as the inquiring party's key pair.
It should be noted, The execution order of the processing of step S408 and step S410 is not limited to the above method. In practical applications, It is also possible to perform the processing of step S410 first, After that, the processing of step S408 is executed, or, Simultaneously perform the processing of step S408 and step S410, etc., The embodiments of this specification do not limit this.
Through the above processing, Due to the generation of the inquiring party’s terminal equipment and the inquired party’s key pair, And the key exchange process is implemented in the SDK provided by the third party, so, Third party, Neither the inquiring party nor the inquired party can perceive the above processing process. Moreover, it is impossible to obtain the relevant information generated in the above process. So as to ensure the security of the data.
In step S412, The terminal device of the inquiring party obtains the encryption key of the terminal device of the inquired party and the personal information of the target user to be inquired.
In the implementation, When the querying party needs to query certain information related to the target user, Can obtain the personal information of the target user (such as ID number, Communication number (e.g. mobile phone number, E-mail address, etc.) etc.), also, In order to ensure that the personal information of the target user is not leaked, And to ensure that the SDK of the terminal device of the queried party can obtain complete personal information, The personal information of the target user can be encrypted using the encryption key of the queried party. to this end, The encryption key of the queried party can be obtained from the key pair of the aforementioned querying party, That is, the above-mentioned second encryption key.
It should be noted, The above-mentioned processing for the terminal device of the inquiring party to obtain the encryption key of the inquired party may be that the terminal device of the inquiring party obtains the encryption key of the inquired party from the key pair in the local storage area. The key pair in the local storage area is generated between the terminal device of the inquiring party and the terminal device of the inquired party based on a predetermined key exchange algorithm. For the specific processing process, please refer to the relevant content of the above step S402 to step S410, I won't repeat it here.
In step S414, The terminal device of the inquiring party is based on the encryption key of the inquired party, Perform homomorphic encryption of the predetermined information in the personal information, Get the ciphertext in the personal information.
in, Homomorphic encryption processing can be based on the computational complexity theory of mathematical problems. Process the homomorphic encrypted data to get an output, The result obtained by decrypting this output is the same as the result obtained by using the same method to process the unencrypted original data. Homomorphic encryption can include partial homomorphic encryption and full homomorphic encryption, etc. corresponding, The encryption algorithm corresponding to different homomorphic encryption can be different, For example, the encryption algorithm corresponding to partial homomorphic encryption can include RSA algorithm and Paillier algorithm, etc. Encryption algorithms corresponding to fully homomorphic encryption can include Gentry algorithms, etc., Which encryption algorithm to use can be set according to the actual situation, The embodiments of this specification do not limit this. also, Homomorphic encryption can also have properties such as additive homomorphism, Subtraction homomorphism, Multiplicative homomorphism, Division homomorphism, Mixed multiplication homomorphism and so on.
In the implementation, In order not to affect the calculation and other processing of encrypted personal information by other people or other structures, The personal information of the target user can be encrypted using homomorphic encryption. specifically, The terminal equipment of the inquiring party can, according to the actual situation, Pre-select an encryption algorithm for homomorphic encryption, Such as RSA algorithm, Paillier algorithm or Gentry algorithm, etc. After the terminal device of the inquiring party obtains the encryption key of the inquired party through the processing of step S412, The personal information of target users can be analyzed, Determine the predetermined information that needs to be encrypted, in, The reservation information can be pre-set according to the actual situation (such as the needs of the currently processed business or the requirements of users, etc.), E.g. date of birth, The digit in the designated position in the mobile phone number or the character in the designated position in the e-mail address, etc. Then, The terminal device of the inquiring party can be based on the encryption key of the inquired party, Use the aforementioned pre-selected encryption algorithm to perform homomorphic encryption of the predetermined information in the personal information, Get the ciphertext in the personal information.
For example, As shown in Figure 4(b), The inquirer needs to inquire about the loan situation of user A (user A’s ID number is 100000198011110000), at this time, The terminal device of the inquiring party can obtain the ID number of user A and the encryption key of the inquired party, Since user A’s ID number contains user A’s date of birth, therefore, Part of the date of birth in the ID number of user A can be used as the predetermined information. Then, The terminal device of the inquiring party may be based on the encryption key of the inquired party (that is, the above-mentioned second encryption key), Use the pre-selected encryption algorithm to homomorphically encrypt the date of birth in the ID number of user A, at the same time, Information other than the date of birth in the ID number can be kept in plain text. Finally get the ID number with the date of birth in cipher text, That is, the encrypted ID number can be 100000aaaaaaaa0000.
In step S416, The terminal device of the inquiring party sends a data inquiry request to the terminal device of the third party, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by encrypting predetermined information based on the encryption key of the queried party.
In step S418, The terminal device of the third party sends the aforementioned data query request to the terminal device of the queried party.
In step S420, The terminal equipment of the party being queried is based on the plain text of the personal information in the above-mentioned data query request, Obtain the preselected query result data that matches the plaintext.
In the implementation, As shown in Figure 4(b), You can find that the first 6 digits are 100000, The last 4 digits are 0000 respectively, The remaining 8 bits are the ID number of any character, And get the loan status of the user whose ID number is found, The loan situation of the user with the found ID number is the preselected query result data.
In step S422, The terminal equipment of the queried party is based on the predetermined SDK provided by the third party, Decrypt the ciphertext of the above personal information by using a predetermined decryption key, And based on the decrypted personal information, Obtain the pre-selected query result data corresponding to the decrypted personal information from the pre-selected query result data, And the obtained pre-selected query result data is sent to the terminal device of the third party as the query result data corresponding to the above-mentioned data query request.
In step S424, The terminal device of the third party sends the query result data to the terminal device of the inquiring party.
Through the above processing, Due to the generation and key exchange process between the terminal device of the inquiring party and the key pair of the inquired party, And the decryption of ciphertext and the return of query result data are implemented in the SDK provided by the third party. therefore, The inquired party can only get personal information including plaintext and ciphertext. And pre-selected query result data, and, It is impossible to infer the decrypted personal information or the cipher text in the personal information from the pre-selected query result data. The third party can only obtain personal information including plaintext and ciphertext. And query result data, and, It is impossible to determine the decrypted personal information or the ciphertext in the personal information through reverse lookup, etc. therefore, In the process of querying the above data, Improve the security of data.
The embodiments of this specification provide a data query method based on privacy information protection, After receiving a data query request sent by a third-party terminal device, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by the terminal device of the inquiring party encrypting the predetermined information based on the encryption key of the inquiring party, Then, According to the plain text in the personal information, Obtain the preselected query result data that matches the plaintext, So that the inquired party cannot know the result data that the inquiring party really wants to inquire. in addition, In a predetermined trusted environment, Decrypt the ciphertext in personal information, And based on the decrypted personal information, Obtain the query result data corresponding to the data query request from the preselected query result data, And send it to a third-party terminal device, So that the party being queried cannot obtain the decrypted relevant information and query result data, You can only get personal information including plaintext and ciphertext, And pre-selected query result data, and, It is impossible to infer the decrypted personal information or the cipher text in the personal information from the pre-selected query result data. Improve the security of data.
Embodiment five
The above is the data query method based on privacy information protection provided by the embodiments of this specification, Based on the same idea, The embodiment of this specification also provides a data query device based on privacy information protection, As shown in Figure 5.
The data query device based on privacy information protection includes: Query request receiving module 501, The preselection result acquisition module 502 and the query result determination module 503, in:
Query request receiving module 501, Receive data query requests sent by third-party terminal equipment, The data query request includes the personal information of the target user to be queried, The predetermined information in the personal information is cipher text, Information other than the predetermined information is in plain text, The ciphertext is obtained by encrypting the predetermined information by the terminal device of the inquiring party based on the encryption key of the inquiring party;
Preselection result acquisition module 502, According to the plain text of the personal information mentioned in the data query request, Obtain preselected query result data that matches the plaintext;
Query result determination module 503, In a predetermined trusted environment, Decrypt the ciphertext of the personal information based on a predetermined decryption key, And based on the decrypted personal information, Obtain the pre-selected query result data corresponding to the decrypted personal information from the pre-selected query result data, The obtained preselected query result data is sent to the terminal device of the third party as the query result data corresponding to the data query request.
In the embodiments of this specification, The query result determination module 503, Based on the predetermined SDK provided by the third party, Decrypt the cipher text of the personal information through a predetermined decryption key, And based on the decrypted personal information, Obtain the pre-selected query result data corresponding to the decrypted personal information from the pre-selected query result data, The obtained preselected query result data is sent to the terminal device of the third party as the query result data corresponding to the data query request.
In the embodiments of this specification, The ciphertext is obtained by homomorphically encrypting the predetermined information based on the encryption key of the inquired party by the terminal device of the inquiring party.
In the embodiments of this specification, The terminal device of the inquiring party and the terminal device of the inquired party are deployed with a predetermined SDK provided by the third party, The device also includes:
The first key receiving module, Receiving the first encryption key sent by the terminal device of the inquiring party through the terminal device of the third party;
The second key sending module, Generating a second encryption key and a corresponding second decryption key based on the first encryption key, Sending the second encryption key to the terminal device of the inquiring party through the terminal device of the third party;
Key pair determination module, Use the first encryption key and the second decryption key as a key pair of the queried party;
The query result determination module, Decrypt the ciphertext in the personal information based on the second decryption key, The ciphertext is obtained by encrypting the predetermined information based on the second encryption key by the terminal device of the inquiring party.
In the embodiments of this specification, The second key sending module, Based on the first encryption key, A predetermined key exchange algorithm is used to generate the second encryption key and the corresponding second decryption key.
In the embodiments of this specification, The key exchange algorithm is Diffie-Hellman algorithm or Oakley algorithm.
The embodiment of this specification provides a data query device based on privacy information protection, After receiving a data query request sent by a third-party terminal device, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by the terminal device of the inquiring party encrypting the predetermined information based on the encryption key of the inquiring party, Then, According to the plain text in the personal information, Obtain the preselected query result data that matches the plaintext, So that the inquired party cannot know the result data that the inquiring party really wants to inquire. in addition, In a predetermined trusted environment, Decrypt the ciphertext in personal information, And based on the decrypted personal information, Obtain the query result data corresponding to the data query request from the preselected query result data, And send it to a third-party terminal device, So that the party being queried cannot obtain the decrypted relevant information and query result data, You can only get personal information including plaintext and ciphertext, And pre-selected query result data, and, It is impossible to infer the decrypted personal information or the cipher text in the personal information from the pre-selected query result data. Improve the security of data.
Example Six
The above is the data query method based on privacy information protection provided by the embodiments of this specification, Based on the same idea, The embodiment of this specification also provides a data query device based on privacy information protection, As shown in Figure 6.
The data query device based on privacy information protection includes: The query request sending module 601 and the query result receiving module 602, in:
Query request sending module 601, Send a data query request to a third-party terminal device, The data query request includes the personal information of the target user to be queried, The predetermined information in the personal information is cipher text, Information other than the predetermined information is in plain text, The ciphertext is obtained by encrypting the predetermined information based on the encryption key of the queried party;
Query result receiving module 602, Receiving the query result data corresponding to the data query request sent by the terminal device of the third party.
In the embodiments of this specification, The device also includes:
Information acquisition module, Obtaining the encryption key of the queried party and the personal information of the target user;
Encryption module, Based on the encryption key of the queried party, Perform homomorphic encryption processing on the predetermined information in the personal information, Obtain the ciphertext in the personal information.
In the embodiments of this specification, Said information acquisition module, Obtain the encryption key of the queried party from the key pair in the local storage area, The key pair in the local storage area is generated based on a predetermined key exchange algorithm with the terminal device of the queried party.
In the embodiments of this specification, The device also includes:
Key creation module, Create a first encryption key and a corresponding first decryption key;
The first key sending module, Sending the first encryption key to the terminal device of the queried party through the terminal device of the third party, So that the terminal device of the queried party generates a second encryption key and a corresponding second decryption key based on the first encryption key, Taking the first encryption key and the second decryption key as the key pair of the queried party, And send the second encryption key to the terminal device of the inquiring party through the terminal device of the third party;
Key pair determination module, Receiving the second encryption key, Using the second encryption key and the first decryption key as a key pair of the querying party;
Said information acquisition module, Obtaining the second encryption key from the key pair of the querying party, To obtain the encryption key of the queried party.
In the embodiments of this specification, The key establishment module, Based on a predetermined key exchange algorithm, Create a first encryption key and a corresponding first decryption key.
The embodiment of this specification provides a data query device based on privacy information protection, By sending a data query request to a third-party terminal device, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by encrypting the predetermined information based on the encryption key of the queried party, Then, Receive the query result data corresponding to the data query request sent by the terminal device of the third party, so, By encrypting part of the personal information of the target user to be queried, So that the data will not be leaked during the query process, Improve the security of data.
Example Seven
The above is the data query device based on privacy information protection provided by the embodiment of this specification, Based on the same idea, The embodiment of this specification also provides a data query device based on privacy information protection, As shown in Figure 7.
The data query device based on privacy information protection may be the terminal device or server of the queried party provided in the foregoing embodiment.
Data query equipment based on privacy information protection may have relatively large differences due to different configurations or performance. It may include one or more processors 701 and memory 702, One or more storage applications or data may be stored in the memory 702. in, The memory 702 may be short-term storage or permanent storage. The application program stored in the memory 702 may include one or more modules (not shown in the figure), Each module can include a series of computer executable instructions in the data query equipment. go a step further, The processor 701 can be configured to communicate with the memory 702, A series of computer executable instructions in the memory 702 are executed on the data query device. The data query device may also include one or more power supplies 703, One or more wired or wireless network interfaces 704, One or more input and output interfaces 705, One or more keyboards 706.
Specifically in this embodiment, Data query equipment includes memory, And one or more programs, One or more programs are stored in memory, And one or more programs can include one or more modules, And each module can include a series of computer executable instructions in the data query equipment, And configured to be executed by one or more processors, the one or more package programs include computer-executable instructions for performing the following:
Receive data query requests sent by third-party terminal equipment, The data query request includes the personal information of the target user to be queried, The predetermined information in the personal information is cipher text, Information other than the predetermined information is in plain text, The ciphertext is obtained by encrypting the predetermined information by the terminal device of the inquiring party based on the encryption key of the inquiring party;
According to the plain text of the personal information mentioned in the data query request, Obtain preselected query result data that matches the plaintext;
In a predetermined trusted environment, Decrypt the ciphertext of the personal information based on a predetermined decryption key, And based on the decrypted personal information, Obtain the pre-selected query result data corresponding to the decrypted personal information from the pre-selected query result data, The obtained preselected query result data is sent to the terminal device of the third party as the query result data corresponding to the data query request.
In the embodiments of this specification, Said in a predetermined trusted environment, Decrypt the ciphertext of the personal information based on a predetermined decryption key, And based on the decrypted personal information, Obtain the pre-selected query result data corresponding to the decrypted personal information from the pre-selected query result data, And sending the obtained pre-selected query result data to the terminal device of the third party as the query result data corresponding to the data query request, include:
Based on the predetermined SDK provided by the third party, Decrypt the cipher text of the personal information through a predetermined decryption key, And based on the decrypted personal information, Obtain the pre-selected query result data corresponding to the decrypted personal information from the pre-selected query result data, The obtained preselected query result data is sent to the terminal device of the third party as the query result data corresponding to the data query request.
In the embodiments of this specification, The ciphertext is obtained by homomorphically encrypting the predetermined information based on the encryption key of the inquired party by the terminal device of the inquiring party.
In the embodiments of this specification, The terminal device of the inquiring party and the terminal device of the inquired party are deployed with a predetermined SDK provided by the third party, The method also includes:
Receiving the first encryption key sent by the terminal device of the inquiring party through the terminal device of the third party;
Generating a second encryption key and a corresponding second decryption key based on the first encryption key, Sending the second encryption key to the terminal device of the inquiring party through the terminal device of the third party;
Use the first encryption key and the second decryption key as a key pair of the queried party;
Said decrypting the ciphertext of the personal information based on a predetermined decryption key, include:
Decrypt the ciphertext in the personal information based on the second decryption key, The ciphertext is obtained by encrypting the predetermined information based on the second encryption key by the terminal device of the inquiring party.
In the embodiments of this specification, Said generating a second encryption key and a corresponding second decryption key based on the first encryption key, include:
Based on the first encryption key, A predetermined key exchange algorithm is used to generate the second encryption key and the corresponding second decryption key.
In the embodiments of this specification, The key exchange algorithm is Diffie-Hellman algorithm or Oakley algorithm.
The embodiment of this specification provides a data query device based on privacy information protection, After receiving a data query request sent by a third-party terminal device, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by the terminal device of the inquiring party encrypting the predetermined information based on the encryption key of the inquiring party, Then, According to the plain text in the personal information, Obtain the preselected query result data that matches the plaintext, So that the inquired party cannot know the result data that the inquiring party really wants to inquire. in addition, In a predetermined trusted environment, Decrypt the ciphertext in personal information, And based on the decrypted personal information, Obtain the query result data corresponding to the data query request from the preselected query result data, And send it to a third-party terminal device, So that the party being queried cannot obtain the decrypted relevant information and query result data, You can only get personal information including plaintext and ciphertext, And pre-selected query result data, and, It is impossible to infer the decrypted personal information or the cipher text in the personal information from the pre-selected query result data. Improve the security of data.
Example eight
Based on the same idea, The embodiment of this specification also provides a data query device based on privacy information protection, As shown in Figure 8.
The data query device based on privacy information protection may be the terminal device or server of the query party provided in the foregoing embodiment.
Data query equipment based on privacy information protection may have relatively large differences due to different configurations or performance. It may include one or more processors 801 and memory 802, One or more storage applications or data can be stored in the memory 802. in, The memory 802 may be short-term storage or permanent storage. The application program stored in the memory 802 may include one or more modules (not shown in the figure), Each module can include a series of computer executable instructions in the data query equipment. go a step further, The processor 801 can be configured to communicate with the memory 802, A series of computer executable instructions in the memory 802 are executed on the data query device. The data query device may also include one or more power supplies 803, One or more wired or wireless network interfaces 804, One or more input and output interfaces 805, One or more keyboards 806.
Specifically in this embodiment, Data query equipment includes memory, And one or more programs, One or more programs are stored in memory, And one or more programs can include one or more modules, And each module can include a series of computer executable instructions in the data query equipment, And configured to be executed by one or more processors, the one or more package programs include computer-executable instructions for performing the following:
Send a data query request to a third-party terminal device, The data query request includes the personal information of the target user to be queried, The predetermined information in the personal information is cipher text, Information other than the predetermined information is in plain text, The ciphertext is obtained by encrypting the predetermined information based on the encryption key of the queried party;
Receiving the query result data corresponding to the data query request sent by the terminal device of the third party.
In the embodiments of this specification, The method also includes:
Obtaining the encryption key of the queried party and the personal information of the target user;
Based on the encryption key of the queried party, Perform homomorphic encryption processing on the predetermined information in the personal information, Obtain the ciphertext in the personal information.
In the embodiments of this specification, Said obtaining the encryption key of the queried party, include:
Obtain the encryption key of the queried party from the key pair in the local storage area, The key pair in the local storage area is generated based on a predetermined key exchange algorithm with the terminal device of the queried party.
In the embodiments of this specification, The method also includes:
Create a first encryption key and a corresponding first decryption key;
Sending the first encryption key to the terminal device of the queried party through the terminal device of the third party, So that the terminal device of the queried party generates a second encryption key and a corresponding second decryption key based on the first encryption key, Taking the first encryption key and the second decryption key as the key pair of the queried party, And send the second encryption key to the terminal device of the inquiring party through the terminal device of the third party;
Receiving the second encryption key, Using the second encryption key and the first decryption key as a key pair of the querying party;
Said obtaining the encryption key of the queried party from the key pair in the local storage area, include:
Obtaining the second encryption key from the key pair of the querying party, To obtain the encryption key of the queried party.
In the embodiments of this specification, Said establishing a first encryption key and a corresponding first decryption key, include:
Based on a predetermined key exchange algorithm, Create a first encryption key and a corresponding first decryption key.
The embodiment of this specification provides a data query device based on privacy information protection, By sending a data query request to a third-party terminal device, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by encrypting the predetermined information based on the encryption key of the queried party, Then, Receive the query result data corresponding to the data query request sent by the terminal device of the third party, so, By encrypting part of the personal information of the target user to be queried, So that the data will not be leaked during the inquiry process, Improve the security of data.
Example 9
Based on the same idea, The embodiment of this specification also provides a data query system based on privacy information protection, The data query system based on privacy information protection may include terminal equipment 901 of the querying party, The terminal device 902 of the queried party and the terminal device 903 of the third party, As shown in Figure 9.
The terminal device 901 of the inquiring party sends a data query request to the terminal device 903 of the third party, The data query request includes the personal information of the target user to be queried, The predetermined information in the personal information is cipher text, Information other than the predetermined information is in plain text, The ciphertext is obtained by encrypting the predetermined information based on the encryption key of the terminal device 902 of the queried party;
The terminal device 903 of the third party sends the data query request to the terminal device 902 of the queried party;
The terminal device 902 of the inquired party is based on the plaintext of the personal information in the data inquiry request, Obtain preselected query result data that matches the plaintext;
The terminal device 902 of the queried party is in a predetermined trusted environment, Decrypt the ciphertext of the personal information based on a predetermined decryption key, And based on the decrypted personal information, Obtain the pre-selected query result data corresponding to the decrypted personal information from the pre-selected query result data, And sending the obtained pre-selected query result data to the third-party terminal device 903 as the query result data corresponding to the data query request;
The terminal device of the third party sends the query result data to the terminal device of the inquiring party.
In the embodiments of this specification, The terminal device 902 of the inquired party is based on the predetermined SDK provided by the third party, Decrypt the cipher text of the personal information through a predetermined decryption key, And based on the decrypted personal information, Obtain the pre-selected query result data corresponding to the decrypted personal information from the pre-selected query result data, The obtained preselected query result data is sent to the third-party terminal device 903 as the query result data corresponding to the data query request.
In the embodiments of this specification, The ciphertext is obtained by homomorphically encrypting the predetermined information based on the encryption key of the inquired party by the terminal device of the inquiring party.
In the embodiments of this specification, The terminal device 901 of the inquiring party and the terminal device 902 of the inquired party are deployed with a predetermined SDK provided by the third party, The terminal device 902 of the inquired party receives the first encryption key sent by the terminal device 901 of the inquiring party through the terminal device 903 of the third party; Generating a second encryption key and a corresponding second decryption key based on the first encryption key, Sending the second encryption key to the terminal device 901 of the inquiring party through the terminal device of the third party; Use the first encryption key and the second decryption key as a key pair of the queried party; Said decrypting the ciphertext of the personal information based on a predetermined decryption key, include: Decrypt the ciphertext in the personal information based on the second decryption key, The ciphertext is obtained by encrypting the predetermined information based on the second encryption key by the terminal device 901 of the inquiring party.
In the embodiments of this specification, The terminal device 902 of the inquired party is based on the first encryption key, A predetermined key exchange algorithm is used to generate the second encryption key and the corresponding second decryption key.
In the embodiments of this specification, The key exchange algorithm is Diffie-Hellman algorithm or Oakley algorithm.
In the embodiments of this specification, The terminal device 901 of the inquiring party obtains the encryption key of the inquired party and the personal information of the target user; Based on the encryption key of the queried party, Perform homomorphic encryption processing on the predetermined information in the personal information, Obtain the ciphertext in the personal information.
In the embodiments of this specification, The terminal device 901 of the inquiring party obtains the encryption key of the inquired party from the key pair in the local storage area, The key pair in the local storage area is generated based on a predetermined key exchange algorithm with the terminal device of the queried party.
In the embodiments of this specification, The terminal device 901 of the inquiring party establishes a first encryption key and a corresponding first decryption key; Sending the first encryption key to the terminal device of the queried party through the terminal device of the third party, So that the terminal device of the queried party generates a second encryption key and a corresponding second decryption key based on the first encryption key, Taking the first encryption key and the second decryption key as the key pair of the queried party, And send the second encryption key to the terminal device of the inquiring party through the terminal device of the third party; Receiving the second encryption key, Using the second encryption key and the first decryption key as a key pair of the querying party; Said obtaining the encryption key of the queried party from the key pair in the local storage area, include: Obtaining the second encryption key from the key pair of the querying party, To obtain the encryption key of the queried party.
In the embodiments of this specification, The terminal device 901 of the inquiring party is based on a predetermined key exchange algorithm, Create a first encryption key and a corresponding first decryption key.
The embodiments of this specification provide a data query system based on privacy information protection, After receiving a data query request sent by a third-party terminal device, The data query request includes the personal information of the target user to be queried. The predetermined information in this personal information is in cipher text. Information other than the scheduled information is in plain text, The ciphertext is obtained by the terminal device of the inquiring party encrypting the predetermined information based on the encryption key of the inquiring party, Then, According to the plain text in the personal information, Obtain the preselected query result data that matches the plaintext, So that the inquired party cannot know the result data that the inquiring party really wants to inquire. in addition, In a predetermined trusted environment, Decrypt the ciphertext in personal information, And based on the decrypted personal information, Obtain the query result data corresponding to the data query request from the preselected query result data, And send it to a third-party terminal device, So that the party being queried cannot obtain the decrypted relevant information and query result data, You can only get personal information including plaintext and ciphertext, And pre-selected query result data, and, It is impossible to infer the decrypted personal information or the cipher text in the personal information from the pre-selected query result data. Improve the security of data.
The third party can only obtain personal information including plaintext and ciphertext. And query result data, and, It is impossible to determine the decrypted personal information or the ciphertext in the personal information through reverse lookup, etc. therefore, In the process of querying the above data, Improve the security of data.
The foregoing describes specific embodiments of this specification. Other embodiments are within the scope of the attached patent application. In some cases, The actions or steps described in the scope of the patent application can be performed in a different order from the embodiment and still achieve the desired result. in addition, The processes depicted in the figures do not necessarily require the specific order or sequential order shown in order to achieve the desired results. In some embodiments, Multiplexing and parallel processing are also possible or may be advantageous.
In the 1990s, The improvement of a technology can be clearly distinguished from the improvement of the hardware (for example, For diodes, Transistor, The improvement of the circuit structure such as the switch) is the improvement of the software (the improvement of the method flow). However, with the development of technology, The improvement of many methods and processes of today can be regarded as a direct improvement of the hardware circuit structure. Designers almost always get the corresponding hardware circuit structure by programming the improved method flow into the hardware circuit. therefore, It cannot be said that the improvement of a method flow cannot be realized by the hardware entity module. For example, Programmable Logic Device (Programmable Logic Device, PLD) (e.g. Field Programmable Gate Array (Field Programmable Gate Array, FPGA)) is such an integrated circuit, Its logical function is determined by the user's programming of the device. The designer’s own programming is used to "integrate" a digital system on a PLD, There is no need to ask chip manufacturers to design and manufacture dedicated integrated circuit chips. and, now, Instead of manually making integrated circuit chips, This kind of programming is also mostly realized by using "logic compiler" software. It is similar to the software compiler used in program development and writing. And the source code before compilation has to be written in a specific programming language, This is called Hardware Description Language (Hardware Description Language, HDL), And HDL is not the only one, But there are many kinds, Such as ABEL (Advanced Boolean Expression Language), AHDL (Altera Hardware Description Language), Confluence, CUPL (Cornell University Programming Language), HDCal, JHDL (Java Hardware Description Language), Lava, Lola, MyHDL, PALASM, RHDL (Ruby Hardware Description Language), etc., Currently the most commonly used are VHDL (Very-High-Speed Integrated Circuit Hardware Description Language) and Verilog. Those skilled in the art should also be clear, Only need to use the above-mentioned hardware description languages to do a little logic programming of the method flow and program it into the integrated circuit, You can easily get the hardware circuit that implements the logic method flow.
The controller can be implemented in any suitable way, For example, The controller can take, for example, a microprocessor or a processor and a computer-readable medium storing computer-readable program codes (such as software or firmware) that can be executed by the (micro)processor, Logic gate, switch, Application Specific Integrated Circuit (Application Specific Integrated Circuit, ASIC), Programmable logic controller and embedded microcontroller form, Examples of controllers include but are not limited to the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20 and Silicon Labs C8051F320, The memory controller can also be implemented as part of the control logic of the memory. Those skilled in the art also know that In addition to implementing the controller in a purely computer-readable code, It is entirely possible to design the method steps by logic programming to make the controller use logic gates, switch, Dedicated integrated circuit, Programmable logic controllers and embedded microcontrollers can be used to achieve the same functions. So this kind of controller can be considered as a kind of hardware component, The devices included in it for realizing various functions can also be regarded as structures in hardware components. Or even, A device for realizing various functions can be regarded as both a software module for realizing the method and a structure within a hardware component.
The system illustrated in the above embodiment, Device, Modules or units, Specifically, it can be realized by a computer chip or an entity, Or realized by a product with a certain function. A typical implementation device is a computer. specific, The computer can be, for example, a personal computer, Laptop, Cellular phone, Camera phone, Smart phone, Personal digital assistant, Media player, Navigation equipment, Email equipment, Game console, tablet, Wearable devices or any combination of these devices.
For the convenience of description, When describing the above devices, the functions are divided into various units and described separately. Of course, When implementing one or more embodiments of this specification, the functions of each unit can be implemented in one or more software and/or hardware.
Those skilled in the art should understand that The embodiments of this specification can be provided as methods, system, Or computer program products. therefore, One or more embodiments of this specification can adopt completely hardware embodiments, Full software implementation, Or a form of embodiment combining software and hardware. and, One or more embodiments of this specification can use one or more computer-usable storage media (including but not limited to disk memory, CD-ROM, The form of computer program products implemented on optical memory, etc.).
The embodiment of this specification refers to the method according to the embodiment of this specification, Equipment (system), And the flowchart and/or block diagram of the computer program product. It should be understood that each process and/or block in the flowchart and/or block diagram can be implemented by computer program instructions. And a combination of processes and/or blocks in flowcharts and/or block diagrams. These computer program instructions can be provided to general-purpose computers, Dedicated computer, Embedded processor or other programmable data query device processor to generate a machine, The instructions executed by the processor of the computer or other programmable data query equipment generate a device for realizing the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
These computer program instructions can also be stored in computer readable memory that can guide computers or other programmable data query equipment to work in a specific way. Causes the instructions stored in the computer readable memory to produce a manufactured product including the instruction device, The instruction device realizes the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
These computer program instructions can also be loaded on a computer or other programmable data query equipment, Allows a series of operation steps to be executed on a computer or other programmable equipment to produce computer-implemented processing, Thus, the instructions executed on the computer or other programmable devices provide steps for implementing the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
In a typical configuration, Computer equipment includes one or more processors (CPU), Input/output interface, Network interface and memory.
Memory may include non-permanent memory in computer-readable media, Random access memory (RAM) and/or non-volatile memory, etc., Such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer-readable media includes permanent and non-permanent, Removable and non-removable media can be stored by any method or technology. Information can be computer readable instructions, Data structure, The module or other data of the program. Examples of computer storage media include, But not limited to phase change memory (PRAM), Static random access memory (SRAM), Dynamic Random Access Memory (DRAM), Other types of random access memory (RAM), Read only memory (ROM), Electrically erasable programmable read-only memory (EEPROM), Flash memory or other memory technology, CD-ROM (CD-ROM), Digital versatile disc (DVD) or other optical storage, Cassette, Magnetic tape storage or other magnetic storage devices or any other non-transmission media, Can be used to store information that can be accessed by computer equipment. According to the definition in this article, Computer-readable media does not include transitory media, Such as modulated data signal and carrier.
It should also be noted that The term "includes", "Include" or any other variant of it is intended to cover non-exclusive inclusion, So that the process including a series of elements, method, Goods or equipment not only include those elements, It also includes other elements that are not clearly listed, Or is it also included for this kind of process, method, Elements inherent in goods or equipment. Without more restrictions, The elements defined by the sentence "include a...", Does not exclude the inclusion of the elements in the process, method, There are other similar elements in goods or equipment.
Those skilled in the art should understand that The embodiments of this specification can be provided as methods, System or computer program product. therefore, One or more embodiments of this specification can adopt completely hardware embodiments, Complete software embodiment or a form of embodiment combining software and hardware. and, One or more embodiments of this specification can use one or more computer-usable storage media (including but not limited to disk memory, CD-ROM, The form of computer program products implemented on optical memory, etc.).
One or more embodiments of this specification may be described in the general context of computer-executable instructions executed by a computer, For example, program modules. normally, Program modules include routines that perform specific tasks or implement specific abstract data types, Program, object, element, Data structure and so on. One or more embodiments of this specification can also be practiced in a distributed computing environment, In these distributed computing environments, Tasks are performed by remote processing equipment connected through a communication network. In a distributed computing environment, Program modules can be located in local and remote computer storage media including storage devices.
The various embodiments in this specification are described in a sequential manner, The same or similar parts between the various embodiments can be referred to each other, Each embodiment focuses on the differences from other embodiments. especially, For system embodiments, Since it is basically similar to the method embodiment, So the description is relatively simple, For related details, please refer to the part of the description of the method embodiment.
The above are only examples of this specification. It is not used to limit this manual. For those skilled in the art, This manual can have various changes and changes. Any modification made within the spirit and principle of this manual, Equivalent replacement, Improvement etc., All should be included in the scope of patent application in this specification.