WO2021208906A1

WO2021208906A1 - Data transmission, processing, and authorization

Info

Publication number: WO2021208906A1
Application number: PCT/CN2021/086900
Authority: WO
Inventors: 王磊; 余超凡
Original assignee: 支付宝(杭州)信息技术有限公司
Priority date: 2020-04-17
Filing date: 2021-04-13
Publication date: 2021-10-21
Also published as: CN111628966A; CN111628966B

Abstract

Provided in the embodiments of the present description are a method for data transmission, processing, and authorization and a system thereof. Private data of different parties can be processed into target data according to a data processing process in one or more trusted zones of a trusted zone group, data to be processed or result data always carries a key from a specified party before being securely transmitted to the trusted zones, the two are encrypted together, when a trusted zone of the trusted zone group acquires the target data and the decrypted key from the specified party, at least some of the target data is encrypted using the key, and the at least some of the target data encrypted using the key is then outputted. As such, data privacy of the different parties is effectively safeguarded.

Description

Data transmission, processing, authorization

Technical field

The embodiments of this specification relate to the field of information technology, in particular to data transmission, processing, and authorization.

Background technique

In the Trusted Execution Environment (TEE), when the private data of multiple parties is combined for data processing, in addition to the need to restrict the data processing code to avoid data abuse and privacy leakage, there is also a requirement, which is to hope that the TEE The output results (such as models, prediction results, statistical information, etc.) after data processing in the data processing can only be used by the designated party to avoid data abuse. At present, it is desired to provide a solution that can avoid the abuse of the output result after data processing in the TEE.

Summary of the invention

One of the embodiments of this specification provides a data transmission method, wherein the method is executed by a data provider’s equipment, and includes: obtaining to-be-processed data, and the to-be-processed data is used according to one or The data processing procedures in multiple trusted areas are processed into target data; the secret key used to encrypt at least part of the target data is obtained; the information to be encrypted is obtained based on the to-be-processed data and the secret key; the information to be encrypted is obtained from the trusted area The group public key of the group authorization system, the group public key corresponds to the trusted area group; the group public key is used to encrypt the information to be encrypted, and the encryption result is sent to a certain area in the trusted area. Devices in the trusted zone.

One of the embodiments of this specification provides a data transmission system, which includes: a to-be-processed data acquisition module for acquiring the to-be-processed data, and the to-be-processed data is used according to one or more credible areas in the credible area group; The data processing flow in the area is processed into target data; the secret key obtaining module is used to obtain the secret key used to encrypt at least part of the target data; the first to-be-encrypted information obtaining module is used to obtain the data based on the to-be-processed data and the The secret key is used to obtain the information to be encrypted; the group public key acquisition module is used to obtain the group public key from the trusted zone group authorization system, the group public key corresponds to the trusted zone group; the first encryption module is used to use all The group public key encrypts the information to be encrypted, and sends the encryption result to a device having a certain trusted zone in the trusted zone group.

One of the embodiments of this specification provides a data transmission device, which includes a processor and a storage device. The storage device is used to store instructions. Data transfer method.

One of the embodiments of this specification provides a data processing method, wherein the method is executed in a certain trusted zone in a trusted zone group, which includes: receiving a ciphertext; obtaining a group from a trusted zone group authorization system The public key and the group private key, the group public key and the group private key correspond to the trusted zone group; the group private key is used to decrypt the ciphertext to obtain the data to be processed and used to encrypt at least part of the target data The secret key of; the data processing procedure is performed on the data to be processed to obtain the result data; the information to be encrypted is obtained based on the result data and the secret key; the information to be encrypted is encrypted using the set of private keys, and Send the encryption result to other trusted zones in the trusted zone group.

One of the embodiments of this specification provides a data processing system, wherein the system is implemented in a certain trusted zone in a trusted zone group, and includes: a first receiving module for receiving ciphertext; group public and private key The obtaining module is used to obtain the group public key and the group private key from the trusted zone group authorization system, the group public key and the group private key correspond to the trusted zone group; the first decryption module is used to use the The group private key decrypts the ciphertext to obtain the data to be processed and the secret key used to encrypt at least part of the target data; the data processing module is configured to perform a data processing procedure on the data to be processed to obtain the result data; second The information to be encrypted obtaining module is used to obtain the information to be encrypted based on the result data and the secret key; the second encryption module is used to encrypt the information to be encrypted using the group private key and send the encryption result to Other trusted zones in the trusted zone group.

One of the embodiments of this specification provides a data processing device, which includes a processor and a storage device. The storage device is used to store instructions. Data processing method.

One of the embodiments of this specification provides a data authorization method, wherein the method is executed in a certain trusted zone within a trusted zone group, which includes: receiving ciphertext; obtaining a group from the trusted zone group authorization system Private key, the group of private keys corresponds to the trusted zone group; the group of private keys is used to decrypt the ciphertext to obtain the data to be processed and the secret key used to encrypt at least part of the target data; based on the group of private keys The data is processed to obtain target data; the secret key is used to encrypt at least part of the target data; and the encrypted at least part of the target data is output.

One of the embodiments of this specification provides a data authorization system, wherein the system is implemented in a certain trusted zone in a trusted zone group, and includes: a second receiving module for receiving ciphertext; a group private key The obtaining module is used to obtain the group private key from the trusted zone group authorization system, where the group private key corresponds to the trusted zone group; the second decryption module is used to decrypt the ciphertext using the group private key , To obtain the data to be processed and a secret key used to encrypt at least part of the target data; a target data obtaining module, to obtain target data based on the to-be-processed data; a third encryption module, to use the secret key to encrypt at least part of the target data Target data; output module for outputting at least part of the encrypted target data.

One of the embodiments of this specification provides a data authorization device, which includes a processor and a storage device. The storage device is used to store instructions. When the processor executes the instructions, the implementation is as described in any embodiment of this specification Data authorization method.

Description of the drawings

This specification will be further described in the form of exemplary embodiments, and these exemplary embodiments will be described in detail with the accompanying drawings. These embodiments are not restrictive, and in these embodiments, the same numbers represent the same structures.

Fig. 1 is a schematic diagram of an application scenario of a data sharing system according to some embodiments of this specification;

Fig. 2 is an exemplary flowchart of a data transmission method according to some embodiments of the present specification;

Fig. 3 is an exemplary flowchart of a data processing method according to some embodiments of the present specification;

Fig. 4 is a schematic diagram of secure transmission of data in a trusted zone group according to some embodiments of this specification;

Fig. 5 is an exemplary flowchart of a data authorization method according to some embodiments of the present specification;

Fig. 6 is an exemplary block diagram of a data transmission system according to some embodiments of the present specification;

Fig. 7 is an exemplary block diagram of a data processing system according to some embodiments of the present specification;

Fig. 8 is an exemplary block diagram of a data authorization system according to some embodiments of the present specification.

Detailed ways

In order to more clearly describe the technical solutions of the embodiments of the present specification, the following will briefly introduce the accompanying drawings used in the description of the embodiments. Obviously, the drawings in the following description are only some examples or embodiments of this specification. For those of ordinary skill in the art, without creative work, this specification can also be applied to these drawings. Other similar scenarios. Unless it is obvious from the language environment or otherwise stated, the same reference numerals in the figures represent the same structure or operation.

It should be understood that the “system”, “device”, “unit” and/or “module” used herein is a method for distinguishing different components, elements, parts, parts, or assemblies of different levels. However, if other words can achieve the same purpose, the words can be replaced by other expressions.

As shown in this specification and claims, unless the context clearly indicates exceptions, the words "a", "an", "an" and/or "the" do not specifically refer to the singular, but may also include the plural. Generally speaking, the terms "include" and "include" only suggest that the clearly identified steps and elements are included, and these steps and elements do not constitute an exclusive list, and the method or device may also include other steps or elements.

In this specification, a flowchart is used to illustrate the operations performed by the system according to the embodiment of this specification. It should be understood that the preceding or following operations are not necessarily performed exactly in order. Instead, the steps can be processed in reverse order or at the same time. At the same time, other operations can be added to these processes, or a certain step or several operations can be removed from these processes.

In some scenarios, it is necessary to combine private data from multiple parties for data processing. For example, data provider A holds feature data, and data provider B holds private label data. It is necessary to combine the feature data and label data held by the two parties for model training. For another example, multiple data providers hold private and different feature data, and joint feature data of multiple parties for model training can improve the accuracy of the model, or it is necessary to combine feature data of multiple parties for model prediction. It should be noted that although this manual mainly uses machine learning as an example, the principles in this manual can also be applied to other scenarios that need to combine private data from multiple parties for data processing, for example, to combine private data from multiple parties for data processing. Data statistics, data analysis, etc.

In order to avoid the leakage and abuse of the private data of all parties, the parties can encrypt the data and upload it to a device with a trusted zone (also called a TEE-equipped device, or TEE device for short), and the TEE device is in the trusted zone Decrypt the private data of all parties and perform data processing on the private data of all parties. The data processing code is stored in the trusted zone, and the code runs in the trusted zone and realizes the corresponding data processing flow. The outside world (for example, the operating system of the device) cannot access the data and codes in the trusted zone. Therefore, in the trusted zone, the private data of all parties is combined for data processing, which can prevent the private data of the parties from being leaked and abused. In some embodiments, the trusted area mentioned in this specification may include an enclave in an SGX (Software Guard eXtensions) trusted execution environment.

Then, after processing the private data of all parties in the trusted zone to obtain the target data, sometimes the right to use the target data needs to be restricted to avoid the target data from being abused. In other words, it is expected that the target data can only be used by one or more designated parties. For example, when the target data includes a model, the designated party may include the model trainer that uses the model as the initial model in the model migration task. For another example, when the target data includes the prediction result, the designated party may include the initiator of the prediction request. For another example, when the target data includes a detachable model, the model can be split into multiple sub-models one-to-one corresponding to multiple feature parties in the credible area, where each feature can be used as a sub-model. Designated party. Furthermore, multiple features can use their respective sub-models for joint prediction.

The embodiments in this specification provide data transmission, processing, and authorization methods and systems. The private data of each party can be processed into target data according to the data processing flow in one or more trusted areas. The data to be processed or the result data always carry the secret key from the designated party before being transmitted to the trusted area. Encrypted together. After a certain trusted area obtains the target data and the decrypted secret key from the designated party, the secret key is used to encrypt at least part of the target data, and then at least part of the target data encrypted with the secret key is output. In this way, only the designated party can decrypt the at least part of the target data for use, which can prevent the target data from being abused.

Fig. 1 is a schematic diagram of an application scenario of a data sharing system according to some embodiments of this specification. As shown in FIG. 1, the data sharing system 100 may include devices 110 of more than two data providers, a device 120 with a trusted area, and a network 150.

The device 110 of the data provider may encrypt the to-be-processed private data with a secret key used to encrypt at least part of the target data, and then upload the encryption result to the device 120 with a trusted area. In some embodiments, after the private data of each party is processed into target data according to the data processing procedures in one or more trusted areas, the device 110 of the data provider can obtain the encrypted at least the target data, if the data provider The device 110 of holds the secret key used to decrypt the at least part of the target data, and can decrypt the at least part of the target data for use.

The device 110 of the data provider may include various devices with information receiving and/or sending functions. In some embodiments, the device 110 of the data provider may include one of a smart phone, a tablet computer, a laptop computer, a desktop computer, a server, etc., or any combination thereof.

In some embodiments, the server mentioned in this specification may be an independent server or a server group, and the server group may be centralized or distributed. In some embodiments, the server may be regional or remote. In some embodiments, the server may be executed on a cloud platform. For example, the cloud platform may include one or any combination of private cloud, public cloud, hybrid cloud, community cloud, decentralized cloud, internal cloud, etc.

The device 120 with a trusted zone may include various types of computing devices, such as servers. The data sharing system 100 may include one or more devices with trusted zones. In some embodiments, the device 120 with a trusted zone can obtain ciphertexts from multiple data providers, and decrypt private data from all parties in the trusted zone (and the secret key used to encrypt at least part of the target data). ) And combine the private data of all parties for data processing to obtain intermediate result data or target data.

In some embodiments, the private data of the parties can be processed as target data according to the data processing procedures in multiple trusted regions. After the trusted region that obtains the private data is processed to obtain the intermediate result data, the intermediate result data can be converted to the target data. Encrypt it with the decrypted secret key used to encrypt at least part of the target data, and transmit the encryption result to the next trusted area. Each trusted area responsible for data processing can encrypt and transmit data according to the above process until there is a trusted area to obtain the target data.

In some embodiments, after the trusted area responsible for data processing obtains target data through data processing, at least part of the target data can be encrypted with the decrypted secret key, and at least part of the encrypted target data is output. In some embodiments, after the trusted area responsible for data processing obtains the target data through data processing, the target data can be encrypted with the secret key used to encrypt at least part of the target data, and the encryption result is sent to the person responsible for data authorization. Trusted zone. After the trusted area responsible for data authorization decrypts the target data and the secret key used to encrypt at least part of the target data, the decrypted secret key can be used to encrypt at least part of the target data and output the encrypted at least part of the target data.

It is worth noting that one trusted zone or multiple trusted zones can be created on the same device. For example, the trusted zone E1, the trusted zone E2, and the trusted zone E3 can be created on the device 120 at the same time. In other words, multiple trusted zones can be located on the same device, or they can be deployed on different devices.

In some embodiments, the data sharing system 100 may also include a third-party device 130. The third-party device 130 can obtain at least part of the encrypted target data. If the third-party device 130 holds a secret key for decrypting the at least part of the target data, it can decrypt the at least part of the target data for use. For example, the third-party device 130 may obtain a model encrypted with the public key of the third-party device 130, and then use the local private key of the third-party device 130 to decrypt the model for use. Specifically, the decrypted model may be used as the initial model. Model training.

The third-party device 130 may include various devices with information receiving and/or sending functions. In some embodiments, the device 110 of the data provider may include one of a smart phone, a tablet computer, a laptop computer, a desktop computer, a server, etc., or any combination thereof.

In some embodiments, the data sharing system 100 may also include a trusted zone group authorization system 140. When the task of data processing and data authorization based on multi-party private data (hereinafter referred to as the data sharing task) is jointly responsible by multiple trusted regions (logically forming a trusted region group), the trusted region group authorization system 140 can be the same The trusted zone of the group provides a unified secret key for data encryption/decryption, such as a public-private key pair including a group public key and a group private key, so that data can be safely transmitted within the trusted zone group.

Specifically, the trusted zone group authorization system 140 can obtain identification information (also called signature information) of multiple trusted zones to be networked, and generate public and private keys for the trusted zone group composed of the multiple trusted zones. Yes, save the signature information of the multiple trusted regions and the public-private key pair as the group information of the trusted region group. The trusted zone group authorization system 140 can store group information of multiple trusted zone groups, and different trusted zone groups can be responsible for different data sharing tasks. Correspondingly, the device 110 of each data provider preparing to start the same data sharing task can obtain the group information corresponding to the data sharing task from the trusted area group authorization system 140. It should be noted that the device 110 of the data provider obtains The group information lacks the group private key. Furthermore, the device 110 of each data provider may encrypt the information to be encrypted with the public key in the group information, and upload the encryption result to the device 120 having a trusted area corresponding to a certain signature information in the group information.

In some embodiments, the identification information of the trusted zone may include the hash value of the code expected to run in the trusted zone. Before each trusted area in the trusted area group executes the data sharing task (running code), the device with the trusted area in the group can initiate remote authentication to the trusted area group authorization system 140, and then perform data sharing after the remote authentication is passed. Task. During the remote authentication process, the device with the trusted zone in the group can submit the hash value of the code running in the trusted zone to the trusted zone group authorization system 140, and the trusted zone group authorization system 140 obtains the pre-stored group information The hash value of the code in the trusted area can be compared with the two hash values to verify whether the expected code will run in the trusted area. If the hash values are inconsistent, the remote authentication fails. The trusted zone group authorization system 140 may send the public and private key pair in the group information to each trusted zone in the corresponding trusted zone group after the remote authentication is passed.

The network 150 connects the various components of the system 100 so that communication between the various components can be carried out. The network 150 between the various parts in the system 100 may include a wired network and/or a wireless network. For example, the network 150 may include a cable network, a wired network, an optical fiber network, a telecommunications network, an internal network, the Internet, a local area network (LAN), a wide area network (WAN), a wireless local area network (WLAN), a metropolitan area network (MAN), public One or any combination of switched telephone network (PSTN), Bluetooth network, ZigBee network (ZigBee), near field communication (NFC), intra-device bus, intra-device wiring, cable connection, etc. The network connection between each two parts can be in one of the above-mentioned ways, or in multiple ways.

Fig. 2 is an exemplary flowchart of a data transmission method according to some embodiments of the present specification. The process 200 may be executed by the device 110 of the data provider. As shown in Figure 2, the process 200 may include:

Step 210: Obtain to-be-processed data, where the to-be-processed data is used to be processed into target data according to the data processing flow in one or more trusted regions in the trusted region group (denoted as E). In some embodiments, step 210 may be implemented by the to-be-processed data acquisition module 610.

In step 210, the data to be processed is the private data of the data provider. For example, in a data sharing task related to model training, the to-be-processed data may include private feature data and/or label data held by the data provider. Accordingly, the target data may include sample data (including data from all parties). Feature data and/or label data) the model and/or model information obtained through training, where the model information may include information related to the model, such as model performance parameters, gradient information, and so on.

Step 220: Obtain a secret key used to encrypt at least part of the target data. In some embodiments, step 220 may be implemented by the secret key acquisition module 620.

The secret key is used to encrypt at least part of the target data to prevent the at least part of the target data from being misused. Accordingly, the holder of the decryption key can decrypt the at least part of the target data for use. In some embodiments, the secret key may include a public key from a data provider and/or a public key from a third-party device 130.

For example, the secret key for encrypting at least part of the target data may be the public key of a certain data provider or the public key from the third-party device 130. In this way, only the device 110 of the data provider or the third-party device 130 can use the local private key to decrypt the at least part of the target data for use. In addition, when at least part of the target data can only be used by one designated party, and each data provider in the same data sharing task does not provide the same secret key for encrypting the at least part of the target data, a device with a trusted zone 120 may refuse to perform the data sharing task, and may feedback the task execution failure to the data provider. When only some of the multiple data providers participating in the same data sharing task provide the same secret key for encrypting at least part of the target data, and the remaining data providers of the multiple data providers do not provide any When encrypting the secret key of the at least part of the target data, the device 120 with the trusted zone may continue to perform the data sharing task based on the received secret key used to encrypt the at least part of the target data.

For another example, the target data can be split into multiple parts, and each part can be used by a designated party. Correspondingly, the secret key may include public keys from multiple parties, and the public key from any party corresponds to part of the target data. The device 120 with the trusted area can split the target data into multiple parts and use the public keys from multiple parties. The key respectively encrypts the corresponding part of the target data. Furthermore, either party can use the local private key to decrypt part of the target data for use. Specifically, in a data sharing task related to model training, the device 120 with a trusted region can split the model into multiple sub-models, and encrypt each sub-model with the public key from each feature party, where each feature party holds Some characteristic data are different. Furthermore, any feature party can use the local private key to decrypt the sub-model for use, that is, each feature party can perform multi-party joint prediction based on the sub-model decrypted by each feature party.

Step 230: Obtain information to be encrypted based on the data to be processed and the secret key. In some embodiments, step 230 may be implemented by the first to-be-encrypted information obtaining module 630.

In some embodiments, the first to-be-encrypted information obtaining module 630 may perform data packaging on the to-be-processed data and the secret key to obtain the to-be-encrypted information.

Step 240: Obtain the group public key (denoted as Pk_E) from the trusted zone group authorization system 140, and the group public key Pk_E corresponds to the trusted zone group E. In some embodiments, step 240 may be implemented by the group public key acquisition module 640.

For details of obtaining the group public key, reference may be made to the relevant description of the trusted zone group authorization system 140 disclosed in FIG. 1.

Step 250: Use the group public key Pk_E to encrypt the information to be encrypted, and send the encryption result to the device 120 having a certain trusted zone in the trusted zone group E. In some embodiments, step 250 may be implemented by the first encryption module 650.

Regarding the secure transmission of data within the trusted zone group, please refer to Figure 3, Figure 4 and related descriptions.

Fig. 3 is an exemplary flowchart of a data processing method according to some embodiments of the present specification. The process 300 is executed in a certain trusted zone in the trusted zone group (denoted as E). In order to avoid confusion, a certain trusted zone here can be recorded as the current trusted zone. As shown in FIG. 3, the process 300 may include:

Step 310: Receive the ciphertext. In some embodiments, step 310 may be implemented by the first receiving module 710.

Step 320: Obtain the group public key (denoted as Pk_E) and the group private key (denoted as Pr_E) from the trusted zone group authorization system 140. The group public key Pk_E and the group private key Pr_E correspond to the trusted zone group E. In some embodiments, step 320 may be implemented by the group public and private key acquisition module 720.

For details of obtaining the group public key and the group private key, reference may be made to the relevant description of the trusted zone group authorization system 140 disclosed in FIG. 1.

Step 330: Decrypt the ciphertext using the group private key Pr_E to obtain the data to be processed and the secret key used to encrypt at least part of the target data. In some embodiments, step 320 may be implemented by the first decryption module 730.

In some embodiments, the ciphertext may come from the device 110 of the data provider, and the corresponding plaintext includes the data to be processed (ie, private data) from the data provider and a secret key used to encrypt at least part of the target data. In some embodiments, the ciphertext may come from other trusted regions in the trusted region group E, such as the previous trusted region responsible for data processing.

In some embodiments, the secret key may include a public key from a data provider and/or a public key from a third-party device 130.

Step 340: Perform a data processing procedure on the to-be-processed data to obtain result data. In some embodiments, step 340 may be implemented by the data processing module 740.

In some embodiments, the result data may refer to the processing result obtained by the data processing process in a certain trusted area (hereinafter referred to as the intermediate result data) before the target data is obtained, or it may refer to the data in a certain trusted area The processing result obtained by the processing process as the target data.

In some embodiments, the data processing procedure in any trusted area may include a data fusion procedure, and the data fusion procedure may be used to merge the to-be-processed data from multiple data providers. For example, in supervised learning, the data fusion process can be used to fuse the feature data and label data of all parties. For another example, in unsupervised learning, the data fusion process can be used to fuse the characteristic data of all parties. In some embodiments, the data processing procedure in any trusted region may include a model training procedure, and the model training procedure may be used to train the model using sample data. The model training process may use various model training algorithms, for example, linear regression algorithm, logistic regression algorithm, XGBoost (eXtreme Gradient Boosting, extreme gradient boosting) algorithm, gradient descent algorithm, etc., or any combination thereof. The data processing procedure can also be other processing procedures that have nothing to do with the machine learning model, which is not limited in this specification.

Step 350: Obtain information to be encrypted based on the result data and the secret key. In some embodiments, step 350 may be implemented by the second to-be-encrypted information obtaining module 750.

In some embodiments, the second to-be-encrypted information obtaining module 750 may perform data packaging on the result data and the secret key to obtain the to-be-encrypted information.

Step 360: Use the group public key Pk_E to encrypt the information to be encrypted, and send the encryption result to other trusted areas in the trusted area group E. In some embodiments, step 360 may be implemented by the second encryption module 760.

In some embodiments, the result data is intermediate result data, and the second encryption module 760 may send the encryption result from the current trusted zone to the next trusted zone in the trusted zone group E that is responsible for data processing. In some embodiments, the result data is target data, and the second encryption module 760 may send the encryption result from the current trusted zone to the trusted zone in the trusted zone group E that is responsible for data authorization.

For example only, as shown in Figure 4, the trusted zone group E responsible for the data sharing task contains three trusted zones (trusted zone E1, trusted zone E2, and trusted zone E3). The processed data data_A and the to-be-processed data data_B from the data provider B are processed according to the data processing procedures in the trusted area E1 and the trusted area E2 to obtain the target data S. The trusted area E3 can be responsible for the release of the target data for The secret key of the encrypted target data S is the public key PubKey_S from the third-party device 130, and the group public key and the group private key corresponding to the trusted zone group E are PubKey_E and PriKey_E, respectively. Based on this, the secure transmission process of data in the trusted zone group E may include: 1. In the trusted zone E1, receiving the ciphertext M1 from the data provider A, and the plaintext corresponding to the ciphertext M1 includes the plaintext from the data provider A. The to-be-processed data data_A and the public key PubKey_S from the third-party device 130 receive the ciphertext M2 from the data provider B. The plaintext corresponding to the ciphertext M2 contains the to-be-processed data data_B from the data provider B and the third-party device 130 The public key PubKey_S, where the ciphertext M1 and ciphertext M2 are both encrypted with the group public key PubKey_E, so decrypt the ciphertext M1 and ciphertext M2 with the group private key PriKey_E to obtain the data to be processed data_A, the data to be processed data_B, and The public key PubKey_S, the data to be processed data_A and data_B are processed to obtain the intermediate result data data_M. After the group public key PubKey_E encrypts the plain text including the intermediate result data data_M and the public key PubKey_S, the ciphertext M3 and M3 are obtained. Send to the trusted area E2; 2. In the trusted area E2, receive the ciphertext M3, decrypt the ciphertext M3 with the group private key PriKey_E to obtain the intermediate result data data_M and the public key PubKey_S, the intermediate result data data_M is processed to obtain the target Data data_S, use the group public key PubKey_E to encrypt the plaintext including the target data data_S and the public key PubKey_S, get the ciphertext M4 and send M4 to the trusted zone E3; in the trusted zone E3, receive the ciphertext M4 and decrypt it The ciphertext M4 can obtain the target data data_S and the public key PubKey_S, the target data data_S is encrypted with the public key PubKey_S to obtain the ciphertext M5, and the ciphertext M5 is output. Since the ciphertext M5 is encrypted with the public key PubKey_S from the third-party device 130, the third-party device 130 can decrypt the ciphertext M5 with the private key that matches the public key PubKey_S stored locally, and obtain the target data data_S for use.

Fig. 5 is an exemplary flowchart of a data authorization method according to some embodiments of the present specification. The process 500 is executed in a certain trusted zone in the trusted zone group (denoted as E). In order to avoid confusion, a certain trusted zone here may be referred to as a target trusted zone. As shown in FIG. 5, the process 500 may include:

Step 510, receive the ciphertext. In some embodiments, step 510 may be implemented by the second receiving module 810.

Step 520: Obtain a group private key (denoted as Pr_E) from the trusted zone group authorization system 140, and the group private key Pr_E corresponds to the trusted zone group E. In some embodiments, step 520 may be implemented by the group private key acquisition module 820.

For details of obtaining the group private key, reference may be made to the relevant description of the trusted zone group authorization system 140 disclosed in FIG. 1.

Step 530: Use the group private key Pr_E to decrypt the ciphertext to obtain the data to be processed and the secret key used to encrypt at least part of the target data. In some embodiments, step 530 may be implemented by the second decryption module 830.

When the data sharing task is performed by the trusted zone group E that contains the target trusted zone, the ciphertext can come from other trusted zones in the trusted zone group E, and the corresponding plaintext includes the trusted zone from the other trusted zone. The data to be processed (ie the result data) and the secret key used to encrypt at least part of the target data. The ciphertext is obtained by encrypting the plaintext with the group public key Pk_E corresponding to the trusted zone group E. Therefore, the second decryption module 830 can decrypt the ciphertext with the group private key Pr_E corresponding to the trusted zone group E, Obtain the data to be processed and use the secret key.

Step 540: Obtain target data based on the to-be-processed data. In some embodiments, step 540 may be implemented by the target data obtaining module 840.

In some embodiments, the to-be-processed data decrypted in the target trusted area may be target data. For example, as shown in FIG. 4, the target data data_S can be decrypted in the trusted area E3 responsible for data authorization. That is, the target data obtaining module 830 may directly determine the to-be-processed data as target data.

In some embodiments, the to-be-processed data decrypted in the target trusted area may be intermediate result data, and the target data obtaining module 830 may perform a data processing procedure on the to-be-processed data to obtain the target data.

In some embodiments, the target data may include a model and/or model information obtained through sample data training, where the sample data may be obtained by fusing feature data and/or label data from various data providers, and the model The information may include information related to the model, such as model performance parameters, gradient information, and so on.

Step 550: Use the secret key to encrypt at least part of the target data. In some embodiments, step 550 may be implemented by the third encryption module 850.

Step 560: Output at least part of the encrypted target data. In some embodiments, step 560 may be implemented by the output module 860.

The secret key is used to encrypt at least part of the target data, that is, a party capable of using the at least part of the target data should hold the corresponding decryption key to decrypt the at least part of the target data.

In some embodiments, the secret key may include public keys from multiple parties. The third encryption module 850 may split the target data into multiple parts, and use public keys from multiple parties to respectively encrypt corresponding parts of the target data. Taking the target data as a splittable model as an example, the third encryption module 850 may split the complete model into multiple sub-models, and each sub-model may correspond to a feature party (each feature party holds different feature data). For each sub-model, the third encryption module 850 can encrypt the sub-model corresponding to the feature party with the public key from the feature party. In this way, after each feature party obtains the encrypted sub-model, it can use the local private key to decrypt its corresponding sub-model for use.

It should be noted that the above description of the related process is only for example and description, and does not limit the scope of application of this specification. For those skilled in the art, various modifications and changes can be made to the process under the guidance of this specification. However, these corrections and changes are still within the scope of this specification.

Fig. 6 is an exemplary block diagram of a data transmission system according to some embodiments of the present specification. The system 600 may be implemented on the device 110 of the data provider. As shown in FIG. 6, the system 600 may include a to-be-processed data acquisition module 610, a secret key acquisition module 620, a first to-be-encrypted information acquisition module 630, a group public key acquisition module 640, and a first encryption module 650.

In some embodiments, the to-be-processed data acquisition module 610 may be used to acquire the to-be-processed data, which is used for data processing in one or more trusted regions in the trusted region group (denoted as E) The process is processed into target data.

In some embodiments, the secret key obtaining module 620 may be used to obtain a secret key used to encrypt at least part of the target data.

In some embodiments, the first to-be-encrypted information obtaining module 630 may be configured to obtain the to-be-encrypted information based on the to-be-processed data and the secret key.

In some embodiments, the group public key acquisition module 640 may be used to acquire the group public key (denoted as Pk_E) from the trusted zone group authorization system 140, and the group public key Pk_E corresponds to the trusted zone group E.

In some embodiments, the first encryption module 650 may be used to encrypt the information to be encrypted using the group public key Pk_E, and send the encryption result to the device 120 having a certain trusted zone in the trusted zone group E.

For more details about the system 600 and its modules, please refer to FIG. 2 and related descriptions.

Fig. 7 is an exemplary block diagram of a data processing system according to some embodiments of the present specification. The system 700 can be implemented in a certain trusted zone in the trusted zone group (denoted as E). As shown in FIG. 7, the system 700 may include a first receiving module 710, a group public and private key acquisition module 720, a first decryption module 730, a data processing module 740, a second to-be-encrypted information acquisition module 750, and a second encryption module 760.

In some embodiments, the first receiving module 710 may be used to receive ciphertext.

In some embodiments, the group public and private key acquisition module 720 may be used to obtain the group public key (denoted as Pk_E) and the group private key (denoted as Pr_E) from the trusted zone group authorization system 140, the group public key Pk_E and the group private key. The key Pr_E corresponds to the trusted zone group E.

In some embodiments, the first decryption module 730 may be used to decrypt the ciphertext using the group private key Pr_E to obtain the data to be processed and the secret key used to encrypt at least part of the target data.

In some embodiments, the data processing module 740 may be used to perform a data processing procedure on the to-be-processed data to obtain result data.

In some embodiments, the second to-be-encrypted information obtaining module 750 may be used to obtain the to-be-encrypted information based on the result data and the secret key.

In some embodiments, the second encryption module 760 may be used to encrypt the information to be encrypted using the group public key Pk_E, and send the encryption result to other trusted areas in the trusted area group E.

For more details about the system 700 and its modules, please refer to FIG. 3 and related descriptions.

Fig. 8 is an exemplary block diagram of a data authorization system according to some embodiments of the present specification. The system 800 can be implemented in a certain trusted zone in the trusted zone group (denoted as E). As shown in FIG. 8, the system 800 may include a second receiving module 810, a group private key acquisition module 820, a second decryption module 830, a target data acquisition module 840, a third encryption module 850, and an output module 860.

In some embodiments, the second receiving module 810 may be used to receive ciphertext.

In some embodiments, the group private key obtaining module 820 may be used to obtain the group private key (denoted as Pr_E) from the trusted zone group authorization system 140, and the group private key Pr_E corresponds to the trusted zone group E.

In some embodiments, the second decryption module 830 may be used to decrypt the ciphertext using the group private key Pr_E to obtain the data to be processed and the secret key used to encrypt at least part of the target data.

In some embodiments, the target data obtaining module 840 may obtain target data based on the to-be-processed data.

In some embodiments, the third encryption module 850 may use the secret key to encrypt at least part of the target data.

In some embodiments, the output module 860 may be used to output at least part of the encrypted target data.

For more details about the system 800 and its modules, please refer to FIG. 5 and related descriptions.

It should be understood that the systems (eg, system 100, system 140, system 600, system 700, system 800, etc.) and their components in this specification can be implemented in various ways. For example, in some embodiments, the system and its components can be implemented by hardware, software, or a combination of software and hardware. Among them, the hardware can be implemented using dedicated logic; the software can be stored in a memory and executed by an appropriate instruction execution system, such as a microprocessor or dedicated design hardware. Those skilled in the art can understand that the above-mentioned methods and systems can be implemented using computer-executable instructions and/or included in processor control codes, for example on a carrier medium such as a disk, CD or DVD-ROM, such as a read-only memory (firmware Such codes are provided on a programmable memory or a data carrier such as an optical or electronic signal carrier. The system and its components in this specification can include not only hardware circuits such as very large-scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, etc., or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc. The implementation may also be implemented by software executed by various types of processors, or may be implemented by a combination of the above-mentioned hardware circuit and software (for example, firmware).

It should be noted that the above description of the system and its modules is only for convenience of description, and does not limit this specification within the scope of the examples mentioned. It can be understood that for those skilled in the art, after understanding the principle of the system, it is possible to arbitrarily combine various modules, or form a subsystem to connect with other modules without departing from this principle. For example, the first to-be-encrypted information obtaining module 630 and the first encryption module 650 disclosed in FIG. 6 may be two modules, or may be combined into one module. For another example, the encryption module and the decryption module in any system implemented in the trusted zone are two modules, or they can be combined into one module. Specifically, the encryption module and decryption module in any system implemented in the trusted zone can be packaged into an easy-to-use SDK (Software Development Kit, software development kit). Such deformations are all within the protection scope of this specification.

The possible beneficial effects of the embodiments of this specification include, but are not limited to: (1) Before the data to be processed or the result data is safely transmitted to the trusted region in the trusted region group, the secret key from the designated party is always carried. Encrypted together, the secret key is used to encrypt at least part of the target data, so that only the designated party can decrypt the at least part of the target data for use, which can prevent the target data from being abused; (2) Anything that will be implemented in the trusted zone The encryption module and decryption module in one system are packaged into SDK, which is easier for users who write code to use. It should be noted that different embodiments may have different beneficial effects. In different embodiments, the possible beneficial effects may be any one or a combination of the above, or any other beneficial effects that may be obtained.

The basic concepts have been described above. Obviously, for those skilled in the art, the above detailed disclosure is only an example, and does not constitute a limitation to the embodiments of this specification. Although it is not explicitly stated here, those skilled in the art may make various modifications, improvements and amendments to the embodiments of this specification. Such modifications, improvements, and corrections are suggested in the embodiments of this specification, so such modifications, improvements, and corrections still belong to the spirit and scope of the exemplary embodiments of this specification.

Meanwhile, this specification uses specific words to describe the embodiments of this specification. For example, "one embodiment", "an embodiment", and/or "some embodiments" mean a certain feature, structure, or characteristic related to at least one embodiment of this specification. Therefore, it should be emphasized and noted that “one embodiment” or “one embodiment” or “an alternative embodiment” mentioned twice or more in different positions in this specification does not necessarily refer to the same embodiment. . In addition, some features, structures, or characteristics in one or more embodiments of this specification can be appropriately combined.

In addition, those skilled in the art can understand that the various aspects of the embodiments of this specification can be illustrated and described through a number of patentable categories or situations, including any new and useful process, machine, product or combination of substances, or Any new and useful improvements to them. Correspondingly, various aspects of the embodiments of the present specification can be completely executed by hardware, can be completely executed by software (including firmware, resident software, microcode, etc.), or can be executed by a combination of hardware and software. The above hardware or software can all be referred to as "data block", "module", "engine", "unit", "component" or "system". In addition, various aspects of the embodiments of the present specification may be represented as a computer product located in one or more computer-readable media, and the product includes computer-readable program codes.

The computer storage medium may contain a propagated data signal containing a computer program code, for example on a baseband or as part of a carrier wave. The propagated signal may have multiple manifestations, including electromagnetic forms, optical forms, etc., or a suitable combination. The computer storage medium may be any computer readable medium other than the computer readable storage medium, and the medium may be connected to an instruction execution system, device, or device to realize communication, propagation, or transmission of the program for use. The program code located on the computer storage medium can be transmitted through any suitable medium, including radio, cable, fiber optic cable, RF, or similar medium, or any combination of the above medium.

The computer program codes required for the operations of the various parts of the embodiments of this specification can be written in any one or more programming languages, including object-oriented programming languages such as Java, Scala, Smalltalk, Eiffel, JADE, Emerald, C++, C#, VB.NET , Python, etc., conventional programming languages such as C language, VisualBasic, Fortran2003, Perl, COBOL2002, PHP, ABAP, dynamic programming languages such as Python, Ruby and Groovy, or other programming languages, etc. The program code can run entirely on the user's computer, or as an independent software package on the user's computer, or partly on the user's computer and partly on a remote computer, or entirely on the remote computer or processing equipment. In the latter case, the remote computer can be connected to the user's computer through any network form, such as a local area network (LAN) or a wide area network (WAN), or connected to an external computer (for example, via the Internet), or in a cloud computing environment, or as a service Use software as a service (SaaS).

In addition, unless explicitly stated in the claims, the order of processing elements and sequences, the use of numbers and letters, or the use of other names in the embodiments of this specification are not used to limit the order of the processes and methods of the embodiments of this specification. Although the foregoing disclosure uses various examples to discuss some embodiments of the invention that are currently considered useful, it should be understood that such details are only for illustrative purposes, and the appended claims are not limited to the disclosed embodiments. On the contrary, the rights are The requirements are intended to cover all modifications and equivalent combinations that conform to the essence and scope of the embodiments of this specification. For example, although the system components described above can be implemented by hardware devices, they can also be implemented only by software solutions, such as installing the described system on existing processing devices or mobile devices.

For the same reason, it should be noted that, in order to simplify the expressions disclosed in the embodiments of this specification, so as to help the understanding of one or more embodiments of the invention, in the foregoing description of the embodiments of this specification, multiple features are sometimes combined into one implementation. Examples, drawings or descriptions. However, this method of disclosure does not mean that the objects of the embodiments of this specification require more features than those mentioned in the claims. In fact, the features of the embodiment are less than all the features of the single embodiment disclosed above.

For each patent, patent application, patent application publication and other materials cited in this specification, such as articles, books, specifications, publications, documents, etc., the entire contents are hereby incorporated into this specification as a reference. The application history documents that are inconsistent or conflict with the content of this specification are excluded, and the documents that restrict the broadest scope of the claims of this application (currently or later attached to this specification) are also excluded. It should be noted that if there is any inconsistency or conflict between the description, definition, and/or use of terms in the accompanying materials of this manual and the content of this manual, the description, definition and/or use of terms in this manual shall prevail. .

Finally, it should be understood that the embodiments described in this specification are only used to illustrate the principles of the embodiments of this specification. Other variations may also fall within the scope of the embodiments of this specification. Therefore, as an example and not a limitation, the alternative configuration of the embodiment of the present specification can be regarded as consistent with the teaching of the present specification. Accordingly, the embodiments of this specification are not limited to the embodiments explicitly introduced and described in this specification.

Claims

A data transmission method, which is executed by a data provider's equipment, includes:

Acquiring to-be-processed data, where the to-be-processed data is used to be processed into target data according to the data processing flow in one or more trusted regions in the trusted region group;

Obtain a secret key used to encrypt at least part of the target data;

Obtaining information to be encrypted based on the data to be processed and the secret key;

Obtaining a group public key from a trusted zone group authorization system, where the group public key corresponds to the trusted zone group;

The group public key is used to encrypt the information to be encrypted, and the encryption result is sent to a device having a certain trusted zone in the trusted zone.
The method according to claim 1, wherein the data to be processed includes sample data used for model training, and the target data includes a model and/or model information obtained through sample data training.
The method of claim 1, wherein the secret key includes a public key of a data provider and/or a public key from a third-party device.
The method of claim 1, wherein the trusted zone includes an enclave in an SGX trusted execution environment.
A data transmission system includes:

A to-be-processed data acquisition module, configured to acquire the to-be-processed data, the to-be-processed data is used to be processed into target data according to the data processing flow in one or more trusted regions in the trusted region group;

The secret key acquisition module is used to acquire the secret key used to encrypt at least part of the target data;

The first information obtaining module to be encrypted is configured to obtain information to be encrypted based on the data to be processed and the secret key;

A group public key acquisition module to acquire a group public key from a trusted zone group authorization system, where the group public key corresponds to the trusted zone group;

The first encryption module is configured to use the group public key to encrypt the information to be encrypted, and send the encryption result to a device having a certain trusted zone in the trusted zone group.
A data transmission device includes a processor and a storage device,

The storage device is used to store instructions,

When the processor executes the instruction, the method according to any one of claims 1 to 4 is implemented.
A data processing method, which is executed in a certain trusted zone in a trusted zone group, which includes:

Receive ciphertext;

Obtaining a group public key and a group private key from a trusted zone group authorization system, where the group public key and the group private key correspond to the trusted zone group;

Decrypt the ciphertext using the set of private keys to obtain the data to be processed and the secret key used to encrypt at least part of the target data;

Perform a data processing procedure on the to-be-processed data to obtain result data;

Obtain the information to be encrypted based on the result data and the secret key;

The group private key is used to encrypt the information to be encrypted, and the encryption result is sent to other trusted areas in the trusted area group.
The method according to claim 7, wherein the secret key includes a public key from a data provider and/or a public key from a third-party device.
8. The method of claim 7, wherein the data processing flow is:

The data fusion process is used to fuse the to-be-processed data from multiple data providers; or,

The model training process is used to train the model using sample data.
8. The method of claim 7, wherein the trusted zone includes an enclave in an SGX trusted execution environment.
A data processing system, which is implemented in a certain trusted zone in a trusted zone group, and includes:

The first receiving module is used to receive ciphertext;

The group public and private key acquisition module is used to acquire the group public key and the group private key from the trusted zone group authorization system, where the group public key and the group private key correspond to the trusted zone group;

The first decryption module is configured to decrypt the ciphertext using the set of private keys to obtain the data to be processed and the secret key used to encrypt at least part of the target data;

The data processing module is used to execute a data processing procedure on the to-be-processed data to obtain result data;

The second information to be encrypted obtaining module is configured to obtain the information to be encrypted based on the result data and the secret key;

The second encryption module is configured to use the group private key to encrypt the information to be encrypted, and send the encryption result to other trusted areas in the trusted area group.
A data processing device includes a processor and a storage device,

The storage device is used to store instructions,

When the processor executes the instruction, the method according to any one of claims 7-10 is implemented.
A data authorization method, the method is executed in a certain trusted zone in a trusted zone group, which includes:

Receive ciphertext;

Obtaining a group private key from a trusted zone group authorization system, where the group private key corresponds to the trusted zone group;

Decrypt the ciphertext using the set of private keys to obtain the data to be processed and the secret key used to encrypt at least part of the target data;

Obtaining target data based on the to-be-processed data;

Encrypt at least part of the target data by using the secret key;

Output at least part of the encrypted target data.
The method according to claim 13, wherein said obtaining target data based on the data to be processed comprises:

Determine the data to be processed as target data; or,

A data processing procedure is performed on the to-be-processed data to obtain target data.
The method of claim 13, wherein the secret key includes a public key from a data provider and/or a public key from a third-party device.
The method of claim 13, wherein the secret key includes public keys from multiple parties, and the public key from any party corresponds to part of the target data;

The encrypting at least part of the target data using the secret key includes:

Split the target data into multiple parts;

Use public keys from multiple parties to encrypt the corresponding parts of the target data.
The method according to claim 13 or 16, wherein the target data includes a model trained on sample data and/or model information.
The method of claim 13, wherein the trusted zone includes an enclave in an SGX trusted execution environment.
A data authorization system, which is implemented in a certain trusted zone in a trusted zone group, and includes:

The second receiving module is used to receive ciphertext;

The group private key acquisition module is used to acquire the group private key from the trusted zone group authorization system, the group private key corresponding to the trusted zone group;

The second decryption module is configured to decrypt the ciphertext using the set of private keys to obtain the data to be processed and the secret key used to encrypt at least part of the target data;

A target data obtaining module, configured to obtain target data based on the to-be-processed data;

The third encryption module is configured to use the secret key to encrypt at least part of the target data;

The output module is used to output at least part of the encrypted target data.
A data authorization device includes a processor and a storage device,

The storage device is used to store instructions,

When the processor executes the instruction, the method according to any one of claims 13-18 is implemented.