WO2023134055A1 - Procédé et appareil d'inférence fédérée basée sur la confidentialité, dispositif et support de stockage - Google Patents

Procédé et appareil d'inférence fédérée basée sur la confidentialité, dispositif et support de stockage Download PDF

Info

Publication number
WO2023134055A1
WO2023134055A1 PCT/CN2022/089173 CN2022089173W WO2023134055A1 WO 2023134055 A1 WO2023134055 A1 WO 2023134055A1 CN 2022089173 W CN2022089173 W CN 2022089173W WO 2023134055 A1 WO2023134055 A1 WO 2023134055A1
Authority
WO
WIPO (PCT)
Prior art keywords
entry
data
identifier
target
intermediate result
Prior art date
Application number
PCT/CN2022/089173
Other languages
English (en)
Chinese (zh)
Inventor
李正扬
王健宗
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2023134055A1 publication Critical patent/WO2023134055A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N5/00Computing arrangements using knowledge-based models
    • G06N5/04Inference or reasoning models

Definitions

  • the present application relates to the field of intelligent decision-making of artificial intelligence, and in particular to a privacy joint reasoning method, device, equipment and storage medium.
  • the use of data value and the content of cooperation usually include joint query and joint modeling.
  • joint query and joint modeling When two or more companies jointly model, it is necessary to apply the generated model. This is achieved through federated inference.
  • the current joint reasoning method is mainly: align the data IDs that both parties need to make reasoning predictions to obtain the aligned data, calculate the necessary parameters of the data that need to be reasoned and predicted locally, and parameterize the aligned data according to the necessary parameters Summarize, infer and predict, and output results.
  • the present application provides a privacy joint reasoning method, device, device, and storage medium, which are used to efficiently complete privacy joint reasoning tasks and realize privacy protection of reasoning intentions.
  • the first aspect of the present application provides a privacy joint reasoning method, including:
  • the second aspect of the present application provides a privacy joint reasoning device, including a memory, a processor, and a computer program stored on the memory and operable on the processor, and the processor executes the computer program When implementing the following steps:
  • the third aspect of the present application provides a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and when the computer program is run on a computer, the computer is made to perform the following steps:
  • the fourth aspect of the present application provides a privacy joint reasoning device, including:
  • the blinding module is configured to perform blinding processing on the entry identifier of the data to be predicted by executing a preset blind signature protocol to obtain a blinded entry identifier;
  • the recording module is used to obtain the preset own encrypted data of the data provider, compare the blinded entry identifier and record the index value through the own encrypted data, and obtain the position information of the target entry;
  • An acquisition module configured to acquire an intermediate result of entry encryption of the data to be predicted through a preset inadvertent transfer protocol and the location information of the target entry;
  • the reasoning module is used to obtain the intermediate result of the entry prediction end of the data to be predicted, and perform joint prediction and reasoning according to the entry encryption intermediate result and the entry prediction end intermediate result to obtain a target prediction result, and the target prediction result is used for Indicates the intent of the inference.
  • the entry identifier of the data to be predicted is blinded to obtain the blinded entry identifier; the encrypted data of the preset data provider is obtained, and the Compare the blinded entry identifier and record the index value with the encrypted data of the own party to obtain the location information of the target entry; obtain the entry encryption of the data to be predicted through the preset inadvertent transfer protocol and the location information of the target entry Intermediate results: Obtain the intermediate results of the entry prediction end of the data to be predicted, perform joint prediction and reasoning according to the entry encryption intermediate results and the entry prediction end intermediate results, and obtain target prediction results, and the target prediction results are used to indicate reasoning intention of.
  • the reasoning intention on the basis of the security of the transmission of the data items to be predicted, the reasoning intention can be accurately combined, the privacy of the prediction initiator can be protected, and the reasoning and prediction initiator can be protected in the process of joint reasoning with the data provider. Its reasoning intention can quickly and accurately perform data transmission and data calculation, improve the processing efficiency of joint reasoning tasks, realize the efficient completion of privacy joint reasoning tasks, and achieve the effect of privacy protection of reasoning intentions.
  • FIG. 1 is a schematic diagram of an embodiment of the privacy joint reasoning method in the embodiment of the present application
  • FIG. 2 is a schematic diagram of another embodiment of the privacy joint reasoning method in the embodiment of the present application.
  • Fig. 3 is a schematic diagram of an embodiment of a privacy joint reasoning device in the embodiment of the present application.
  • Fig. 4 is a schematic diagram of another embodiment of the privacy joint reasoning device in the embodiment of the present application.
  • Fig. 5 is a schematic diagram of an embodiment of a privacy joint reasoning device in the embodiment of the present application.
  • Embodiments of the present application provide a privacy joint reasoning method, device, device, and storage medium, which can efficiently complete privacy joint reasoning tasks and realize privacy protection of reasoning intentions.
  • An embodiment of the privacy joint reasoning method in the embodiment of the present application includes:
  • AI artificial intelligence
  • the embodiments of the present application may acquire and process relevant data based on artificial intelligence technology.
  • artificial intelligence is the theory, method, technology and application system that uses digital computers or machines controlled by digital computers to simulate, extend and expand human intelligence, perceive the environment, acquire knowledge and use knowledge to obtain the best results. .
  • Artificial intelligence basic technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technology, operation/interaction systems, and mechatronics.
  • Artificial intelligence software technology mainly includes computer vision technology, robotics technology, biometrics technology, speech processing technology, natural language processing technology, and machine learning/deep learning.
  • the execution subject of the present application may be a privacy joint reasoning device, and may also be a terminal or a server, which is not specifically limited here.
  • the embodiment of the present application is described by taking the prediction initiator's server (hereinafter referred to as the prediction server) as the execution subject as an example.
  • the server can be an independent server, or provide cloud services, cloud database, cloud computing, cloud function, cloud storage, network service, cloud communication, middleware service, domain name service, security service, content delivery network (content delivery network, CDN), and cloud servers for basic cloud computing services such as big data and artificial intelligence platforms.
  • cloud services cloud database, cloud computing, cloud function, cloud storage, network service, cloud communication, middleware service, domain name service, security service, content delivery network (content delivery network, CDN), and cloud servers for basic cloud computing services such as big data and artificial intelligence platforms.
  • the prediction server obtains the execution task, which is used to indicate the execution demand.
  • the execution task includes the data demand (data range, data provider) and execution demand of the data to be predicted, generates an execution event according to the execution task, and executes the preset based on the execution event.
  • Blind signature protocol The preset blind signature protocol is an agreement signed and connected with the data provider in advance.
  • the prediction server communicates with the terminal or server of the data provider (this embodiment takes the terminal of the data provider as an example, hereinafter referred to as data
  • the provider executes the preset blind signature protocol to locate the location of the data entry to be predicted, wherein, when the prediction server executes the preset blind signature protocol, the data provider also executes the preset blind signature protocol to respond to the prediction server;
  • the execution process of locating the location of the entry of the data to be predicted includes: blinding the entry identifier of the data to be predicted, obtaining the blinded entry identifier, and obtaining the preset own encrypted data of the data provider, through the own encrypted data Compare and record the index value of the blinded entry identifier to obtain the location information of the target entry.
  • the item identifier (identifier, ID) of the data to be predicted is used to indicate the data item id of the product, user or model, for example: the identifier of the data item to be predicted is the data item id of a commodity (product), and the data item to be predicted
  • the identifier of the data entry is the data entry id of a certain user, and the identifier of the data entry to be predicted is the data entry id of a certain model.
  • blinding the entry identifier of the data to be predicted, and obtaining the blinded entry identifier may include: the data provider generates an asymmetric encryption public-private key pair, and the asymmetric encryption public-private key pair includes the public key and the private key. Key, send the public key to the prediction server, the data provider encrypts the entry id of all local data (including the data entry to be predicted) with the private key, and obtains its own encrypted data, and the prediction server executes the preset blind signature protocol to obtain For the data to be predicted sent by the data provider, the prediction server obtains the blinding factor, and performs blinding processing on the item identifier of the predicted data through the blinding factor and public key, so as to obtain the blinded entry identifier.
  • the blind signature algorithm and the public key are used to blind the entry identifier of the data to be predicted, so as to obtain the blinded entry identifier.
  • the prediction server obtains the identifier of the blinded entry and sends a request to the preset data provider. After receiving the request, the data provider returns its own encrypted data; the blinding factor generated by the prediction server through the blinding process is used for blinding Unblinding the blind signature of the entry identifier to obtain the encrypted data of the deblinded identifier; call the preset matching algorithm, which can be a finite automaton algorithm, and characterize the encrypted data of the own party and the encrypted data of the deblinded identifier String matching (or artificial intelligence similarity matching) to obtain the encrypted data of the target identifier, which is used to indicate that the encrypted data of the deblinded identifier is consistent with the encrypted data of the own party.
  • the preset matching algorithm which can be a finite automaton algorithm, and characterize the encrypted data of the own party and the encrypted data of the deblinded identifier String matching (or artificial intelligence similarity matching) to obtain the encrypted data of the target identifier, which is used to indicate that the encrypted data of
  • the prediction server uses the preset table designer or index creation command to create an index on the encrypted data of the target identifier to obtain the index.
  • the index can be a structured index or an unstructured index, and establishes the relationship between the data tables after the index is created. , get the data table file; rearrange the data table file according to the size of the keyword value, or sort the data table file according to the index field, or sort the data table file according to the index expression, and get the sorted data table file; record the sorting of the sorted data table files, and obtain the sorting record information; call the preset command, which can be a display command or a record pointer skip command, and perform index value indexing on the sorted data table files Locate and record to obtain the index value record information; determine the sorting record information and the index value record information as the target entry position information.
  • the target entry location information is a list, and the target entry location information includes a plurality of id serial number values to be predicted.
  • the prediction server executes the preset inadvertent transfer protocol, randomly selects the target random number according to the location information of the target entry, and calculates the item hash residual value of the data to be predicted based on the target random number.
  • the target random number is used to indicate a random number smaller than a large prime number; Send the item hash residual value to the preset data provider, so that the data provider calculates the entry encryption intermediate result of the data to be predicted based on the item hash residual value, and returns the entry encryption intermediate result, the entry encryption intermediate result includes the protocol intermediate
  • the intermediate result of the protocol is used to indicate the intermediate calculation result of executing the preset inadvertent transfer protocol
  • the intermediate result of the data provider is used to instruct the data provider to calculate the intermediate parameters of all data entries locally (that is, the data provider local intermediate parameters).
  • the prediction server obtains the data characteristics of the data to be predicted, calls the preset calculation formula of the intermediate result of the prediction end, and calculates the intermediate result of the item prediction end of the data to be predicted based on the data characteristics of the data to be predicted and the preset model weight; the prediction server obtains the entry encryption After the intermediate result, obtain the target random number, large prime number and the intermediate result of the protocol in the entry encryption intermediate result, call the preset decryption key calculation formula, and calculate the inadvertent transmission prediction server based on the protocol intermediate result, target random number and large prime number
  • the entry encryption intermediate result includes the protocol intermediate result and the data provider intermediate result
  • the protocol intermediate result is the intermediate calculation result of the oblivious transfer protocol
  • the data provider intermediate result includes
  • the prediction server After the prediction server obtains the intermediate result of entry decryption and the intermediate result of the entry prediction end, it adds the intermediate result of entry decryption and the intermediate result of the entry prediction end to obtain the target prediction result.
  • the target prediction result is used to indicate the reasoning intention, and the target prediction result can be
  • the intent of joint reasoning after the model generated by joint modeling is applied.
  • This intention can be user intention, including but not limited to purchase intention, consultation intention and model call intention. applied to this program.
  • AI privacy protection for joint reasoning of federated data that implements joint query or joint modeling of artificial intelligence machine learning.
  • the reasoning intention on the basis of the security of the transmission of the data items to be predicted, the reasoning intention can be accurately combined, the privacy of the prediction initiator can be protected, and the reasoning and prediction initiator can be protected in the process of joint reasoning with the data provider. Its reasoning intention can quickly and accurately perform data transmission and data calculation, improve the processing efficiency of joint reasoning tasks, realize the efficient completion of privacy joint reasoning tasks, and achieve the effect of privacy protection of reasoning intentions.
  • FIG. 2 Another embodiment of the privacy joint reasoning method in the embodiment of the present application includes:
  • the prediction server receives the preset public key sent by the data provider, and generates a blinding factor; adds the blinding factor and the blind signature of the public key to the item identifier of the data to be predicted, and obtains the blinded item identifier .
  • the prediction server After the prediction server receives the preset public key sent by the data provider, it generates random data for blinding, that is, the blinding factor, and adds random data to the entry identifier of the data to be predicted by the blinding factor to obtain
  • the entry identifier of the data is concealed in plain text to obtain the entry identifier of the preliminary processing; the entry identifier of the preliminary processing is signed and authenticated by the public key, so as to obtain the blinded entry identifier. It satisfies the requirement of protecting the intent privacy of the data to be predicted and verifying the validity of the intent plaintext of the data to be predicted.
  • the predictive server sends the blinded entry identifier to the preset data provider, and receives the identifier encrypted data and the entry identifier for all data sent by the data provider after encrypting the blinded entry identifier Deblinding the encrypted data of the identifier to obtain the encrypted data of the deblinded identifier; matching and reading consistent data between the encrypted data of the deblinded identifier and the encrypted data of the own party to obtain the target identification character encrypted data.
  • the prediction server sends the blinded entry identifier to the preset data provider. After receiving the blinded entry identifier, the data provider cannot decrypt and know the content of the entry.
  • the data provider uses the private key to pair the blinded entry
  • the identifier is encrypted to obtain the encrypted data of the identifier.
  • the data provider encrypts the entry id of all local data (including the data entry to be predicted) with the private key to obtain the encrypted data of the own party, and returns the encrypted data of the identifier and the encrypted data of the own party together. to the prediction server.
  • the prediction server After the prediction server obtains the encrypted data of the identifier and the encrypted data of its own party, it performs blind signature deblinding on the encrypted data of the identifier through the blinding factor, and obtains the encrypted data of the deblinded identifier; through the preset matching algorithm, the preset matching algorithm can It is a fast pattern matching algorithm, which performs character matching on the encrypted data of the deblinded identifier and the encrypted data of the own party to obtain the same part of the data, reads the encrypted data of the deblinded identifier according to the same part of the data, and obtains the encrypted target identifier data.
  • the prediction server uses the preset table designer or index creation command to create an index on the encrypted data of the target identifier to obtain the index.
  • the index can be a structured index or an unstructured index, and establishes the relationship between the data tables after the index is created. , get the data table file; rearrange the data table file according to the size of the keyword value, or sort the data table file according to the index field, or sort the data table file according to the index expression, and get the sorted data table file; call a preset command, the preset command can be a display command or a record pointer skip command, locate and record the index value of the sorted data table file, and obtain the position information of the target entry.
  • the target entry location information is a list, and the target entry location information includes a plurality of id serial number values to be predicted.
  • the predictive server executes the preset inadvertent transfer protocol, randomly selects the target random number according to the location information of the target entry, and calculates the hash residual value of the entry based on the target random number.
  • the target random number is used to indicate a random number smaller than a large prime number;
  • the item hash residual value is sent to the preset data provider, so that the data provider calculates the item encryption intermediate result of the data to be predicted based on the item hash residual value, and returns the item encryption intermediate result.
  • the prediction server sends the item hash residual value to the preset data provider, so that the data provider randomly selects a random number smaller than a large prime number according to the location information of the target item, obtains the random number of the provider, and obtains the amount of data held.
  • the calculation formula is to calculate the intermediate result of the protocol according to the hash residual value of the item.
  • the data provider obtains the local data characteristics (that is, the characteristics of the data to be predicted), calls the preset intermediate result calculation formula, and calculates the local intermediate parameters of the data provider for the data to be predicted according to the preset model weight and local data characteristics, among which, the intermediate
  • the result calculation formula is as follows: W B represents the local intermediate parameters of the data provider, B represents the data provider, w i represents the model weight, n represents the local data feature, and x i represents the ith local data feature; the data provider uses the preset encryption calculation formula based on The local intermediate parameter of the data provider calculates the entry encryption intermediate result of each piece of data, where the encryption calculation formula is as follows: m i ⁇ W B , i represents the range of values, c i represents the intermediate result of the entry encryption of each piece of data, m i represents the plaintext of the i-th information to participate in the oblivious transfer protocol, and bi represents the encryption used in the oblivious transfer protocol transmission
  • the prediction server calculates the intermediate result of the item prediction end of the data to be predicted through the preset model weight, and decrypts the intermediate result of the encryption of the item to obtain the intermediate result of the decryption of the item; calculates the sum of the intermediate result of the decryption of the item and the intermediate result of the item prediction end value, to get the target prediction result, which is used to indicate the intention of inference.
  • the entry encryption intermediate result includes the protocol intermediate result and the data provider intermediate result
  • the protocol intermediate result is the intermediate calculation result of the oblivious transfer protocol
  • the data provider intermediate result includes the entry encryption intermediate result of each piece of data.
  • the prediction server obtains the data characteristics of the data to be predicted, invokes the preset calculation formula of the intermediate result of the prediction end, and calculates the intermediate result of the entry prediction end of the data to be predicted based on the data characteristics of the data to be predicted and the preset model weight.
  • the intermediate result calculation formula is as follows: W A represents the intermediate result of the entry prediction end, A represents the prediction initiator, ri represents the model weight, P represents the data feature, and y i represents the i-th data feature.
  • the model weight is used to indicate the parameters of the preset model.
  • the preset model can be a logistic regression model or other models for label classification according to joint data features.
  • the logistic regression model is used for label classification according to joint data features.
  • the model is taken as an example to illustrate that the model weight is the parameter of the logistic regression of the logistic regression model.
  • the preset model combines the data characteristics of the data to be predicted and the preset model weights (parameters of the preset model) to perform calculations to obtain the intermediate results of the item prediction end , among which, the intermediate result of the entry predictor is used to indicate the unilateral result calculated according to the characteristics of the joint data in the joint scenario.
  • the data characteristics of the data are C (C5, C6, C7, C8), the data characteristics of the data to be predicted held by Company 1 are M (M1, M2, M3), C5, C6, C7, C8, M1, M2 and M3
  • the corresponding model weights are r5, r6, r7, r8, r1, r2, and r3 respectively, and the intermediate result of the forecast terminal corresponding to company 1 is r5*C5+r6*C6+r7*C7+ r8*C8, the intermediate result of the prediction terminal corresponding to company 2 is r1*M1+r2*M2+r3*M3, and the total result is sigmoid(r5*C5+r6*C6+r7*C7+r8*C8+r1* M1+r2*M2+r3*M3).
  • the prediction server After the prediction server obtains the intermediate result of entry encryption, it obtains the intermediate result of the protocol in the intermediate result of entry encryption, calls the preset decryption key calculation formula, and calculates the value used by the prediction server during inadvertent transmission based on the intermediate result of the protocol, the target random number and the large prime number.
  • the decrypted key where the decryption key calculation formula is as follows: S represents the decryption key used by the predictive server during inadvertent transmission, D represents the intermediate result of the protocol, a represents the target random number, and p represents a large prime number; through the preset decryption formula and the key used by the predictive server in inadvertent transmission, Decrypt the entry encryption intermediate result of each piece of data in the entry encryption intermediate result of the data provider intermediate result to obtain the entry decryption intermediate result (that is, the decrypted local intermediate parameter of the data provider), wherein the decryption formula is as follows: m i represents the i-th information plaintext to participate in the oblivious transfer protocol, that is, the information plaintext of each intermediate result in the entry decryption intermediate result, m i ⁇ W B , ci represents the entry encryption intermediate result of each piece of data, S i Indicates the key used by the prediction server to decrypt in oblivious transmission.
  • the prediction server After the prediction server obtains the intermediate result of item decryption and the intermediate result of item prediction end, it calculates the sum of the intermediate result of item decryption and the intermediate result of item prediction end to obtain the target prediction result, which is used to indicate the application of the model generated by joint modeling
  • the intention of the subsequent joint reasoning, the intention can be user intention, including but not limited to purchase intention, consultation intention and model intention, which is not limited here, and all intentions that can be identified and reasoned are applied to this solution.
  • the prediction server obtains the intermediate results of the item prediction end of the data to be predicted, performs joint prediction reasoning according to the intermediate results of the entry encryption and the intermediate results of the item prediction end, and obtains the target prediction result.
  • the target prediction result is used to indicate the reasoning intention
  • the target The prediction results are clustered and analyzed to obtain the clustering results, and the corresponding target recommendation information is matched according to the clustering results.
  • the target recommendation information is used to indicate the product or model corresponding to the user's point of interest.
  • the prediction server After the prediction server obtains the target prediction result, it invokes the preset clustering algorithm, performs cluster analysis on the target prediction result, and obtains the clustering result (including intent type and intent information); obtains the user portrait corresponding to the user, and performs interest analysis on the user portrait. point analysis to obtain user interest points; generate clustering results and user interest point splicing structured query sentences, splicing structured query sentences is after splicing the clustering result structured query sentences and user interest point structured query sentences According to the structured query statement, query the recommendation information in the preset database according to the splicing structured query statement, and obtain multiple corresponding recommendation information.
  • Each recommendation information includes the matching degree between the recommendation information and the recommendation information, or predicts
  • the server invokes the preset entity recognition model, performs entity recognition on the clustering results and user interest points respectively, obtains cluster entities and user interest entities, merges the cluster entities and user interest entities, and obtains the target entity, through the target entity
  • the recommendation information knowledge map in the preset database is matched to obtain multiple corresponding recommendation information.
  • Each recommendation information includes the matching degree corresponding to the recommendation information and the recommendation information; according to the order of the matching degree of multiple recommendation information from large to small, The plurality of recommended information is sorted, and the recommended information ranked first or within a preset range is determined as the target recommended information.
  • the target recommendation information can be the purchase platform information and purchase product information corresponding to the purchase intention and the user's point of interest
  • the target recommendation information can be the consultation information and product information corresponding to the consultation intention and the user's point of interest
  • the target recommendation information can be the model intention and the user's point of interest. Modeling information and model application information corresponding to user points of interest.
  • the clustering results are obtained by performing cluster analysis on the target prediction results, and the corresponding target recommendation information is matched according to the clustering results. Based on the efficiency of the completion of the privacy joint reasoning task corresponding to the target prediction results and the privacy protection of the reasoning intention, The release of the maximum value of the element for the target prediction results improves the security and accuracy of joint reasoning.
  • the reasoning intention on the basis of the security of the transmission of the data items to be predicted, the reasoning intention can be accurately combined, the privacy of the prediction initiator can be protected, and the reasoning and prediction initiator can be protected in the process of joint reasoning with the data provider. Its reasoning intention can quickly and accurately perform data transmission and data calculation, improve the processing efficiency of joint reasoning tasks, realize the efficient completion of privacy joint reasoning tasks, and achieve the effect of privacy protection of reasoning intentions.
  • An embodiment of the privacy joint reasoning device in the embodiment of the present application includes:
  • the blinding module 301 is configured to perform blinding processing on the entry identifier of the data to be predicted by executing a preset blind signature protocol to obtain a blinded entry identifier;
  • the recording module 302 is used to obtain the preset own encrypted data of the data provider, compare the blinded entry identifier and record the index value through the own encrypted data, and obtain the position information of the target entry;
  • An acquisition module 303 configured to acquire an intermediate result of item encryption of the data to be predicted through the preset inadvertent transfer protocol and target item location information;
  • the reasoning module 304 is used to obtain the intermediate result of the entry prediction end of the data to be predicted, perform joint prediction and reasoning according to the entry encryption intermediate result and the entry prediction end intermediate result, and obtain the target prediction result, which is used to indicate the intention of reasoning.
  • each module in the above-mentioned privacy joint reasoning device corresponds to each step in the above-mentioned privacy joint reasoning method embodiment, and its functions and implementation processes will not be repeated here.
  • the reasoning intention on the basis of the security of the transmission of the data items to be predicted, the reasoning intention can be accurately combined, the privacy of the prediction initiator can be protected, and the reasoning and prediction initiator can be protected in the process of joint reasoning with the data provider. Its reasoning intention can quickly and accurately perform data transmission and data calculation, improve the processing efficiency of joint reasoning tasks, realize the efficient completion of privacy joint reasoning tasks, and achieve the effect of privacy protection of reasoning intentions.
  • FIG. 4 Another embodiment of the privacy joint reasoning device in the embodiment of the present application includes:
  • the blinding module 301 is configured to perform blinding processing on the entry identifier of the data to be predicted by executing a preset blind signature protocol to obtain a blinded entry identifier;
  • the recording module 302 is used to obtain the preset own encrypted data of the data provider, compare the blinded entry identifier and record the index value through the own encrypted data, and obtain the position information of the target entry;
  • the recording module 302 specifically includes:
  • the comparing unit 3021 is used to obtain the deblinded identifier encrypted data based on the blinded entry identifier, and compare the deblinded identifier encrypted data with the encrypted data of the own party to obtain the matched target identifier encrypted data ;
  • the recording unit 3022 is configured to record the index value of the encrypted data of the target identifier to obtain the position information of the target entry;
  • An acquisition module 303 configured to acquire an intermediate result of item encryption of the data to be predicted through the preset inadvertent transfer protocol and target item location information;
  • the reasoning module 304 is used to obtain the intermediate result of the entry prediction end of the data to be predicted, perform joint prediction and reasoning according to the entry encryption intermediate result and the entry prediction end intermediate result, and obtain the target prediction result, which is used to indicate the intention of reasoning.
  • comparison unit 3021 can also be specifically used for:
  • the encrypted data of the deblinded identifier and the encrypted data of one's own side are matched and the consistent data is read to obtain the encrypted data of the target identifier.
  • the acquisition module 303 can also be specifically used for:
  • Execute the preset inadvertent transfer protocol randomly select the target random number according to the location information of the target entry, and calculate the hash residual value of the entry based on the target random number, and the target random number is used to indicate a random number smaller than a large prime number;
  • the reasoning module 304 can also be specifically used for:
  • the blinding module 301 can also be specifically used for:
  • the blinding factor is added to the entry identifier of the data to be predicted and the blind signature of the public key is obtained to obtain the blinded entry identifier.
  • the privacy joint reasoning device also includes:
  • the cluster matching module 305 is configured to perform cluster analysis on the target prediction results to obtain cluster results, and match the corresponding target recommendation information according to the cluster results, and the target recommendation information is used to indicate the product or model corresponding to the user's point of interest.
  • each module and each unit in the above-mentioned privacy joint reasoning device corresponds to each step in the above-mentioned privacy joint reasoning method embodiment, and its functions and implementation processes will not be repeated here.
  • the reasoning intention on the basis of the security of the transmission of the data items to be predicted, the reasoning intention can be accurately combined, the privacy of the prediction initiator can be protected, and the reasoning and prediction initiator can be protected in the process of joint reasoning with the data provider. Its reasoning intention can quickly and accurately perform data transmission and data calculation, improve the processing efficiency of joint reasoning tasks, realize the efficient completion of privacy joint reasoning tasks, and achieve the effect of privacy protection of reasoning intentions.
  • FIG 3 and Figure 4 above describe in detail the privacy joint inference device in the embodiment of the present application from the perspective of modular functional entities, and the following describes the privacy joint inference device in the embodiment of the present application in detail from the perspective of hardware processing.
  • Fig. 5 is a schematic structural diagram of a privacy joint reasoning device provided by an embodiment of the present application.
  • the privacy joint reasoning device 500 may have relatively large differences due to different configurations or performances, and may include one or more processors (central processing units) , CPU) 510 (eg, one or more processors) and memory 520, one or more storage media 530 (eg, one or more mass storage devices) for storing application programs 533 or data 532.
  • the memory 520 and the storage medium 530 may be temporary storage or persistent storage.
  • the program stored in the storage medium 530 may include one or more modules (not shown in the figure), and each module may include a series of computer program operations on the privacy joint reasoning device 500 .
  • the processor 510 may be configured to communicate with the storage medium 530 , and execute a series of computer program operations in the storage medium 530 on the privacy joint reasoning device 500 .
  • the privacy joint inference device 500 may also include one or more power sources 540, one or more wired or wireless network interfaces 550, one or more input and output interfaces 560, and/or, one or more operating systems 531, such as Windows Server , Mac OS X, Unix, Linux, FreeBSD, etc. Those skilled in the art can understand that the structure of the privacy joint reasoning device shown in FIG. Part placement.
  • the present application also provides a privacy joint reasoning device, including: a memory and at least one processor, a computer program is stored in the memory, and the memory and the at least one processor are interconnected through a line; the at least one processor Invoking the computer program in the memory, so that the privacy joint reasoning device executes the steps in the above privacy joint reasoning method.
  • the present application also provides a computer-readable storage medium, and the computer-readable storage medium may be a non-volatile computer-readable storage medium or a volatile computer-readable storage medium.
  • the computer-readable storage medium stores computer instructions, and when the computer instructions are run on the computer, the computer is made to perform the following steps:
  • the computer-readable storage medium may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required by at least one function, etc.; Use the created data etc.
  • Blockchain essentially a decentralized database, is a series of data blocks associated with each other using cryptographic methods. Each data block contains a batch of network transaction information, which is used to verify its Validity of information (anti-counterfeiting) and generation of the next block.
  • the blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
  • the integrated unit is realized in the form of a software function unit and sold or used as an independent product, it can be stored in a computer-readable storage medium.
  • the technical solution of the present application is essentially or part of the contribution to the prior art or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , including several instructions to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application.
  • the aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (read-only memory, ROM), random access memory (random access memory, RAM), magnetic disk or optical disc and other media that can store program codes. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Artificial Intelligence (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

Procédé et appareil d'inférence fédérée basée sur la confidentialité, dispositif et support de stockage, utilisés pour achever efficacement une tâche d'inférence fédérée basée sur la confidentialité et pour obtenir une protection de la confidentialité d'une intention d'inférence, et se rapportant au domaine technique de l'intelligence artificielle et de la technologie de chaîne de blocs. Des données à prédire peuvent être stockées dans une chaîne de blocs. Le procédé d'inférence fédérée basé sur la confidentialité consiste : à effectuer, par exécution d'un protocole de signature masquée prédéfini, un traitement de masquage sur un identifiant d'entrée des données à prédire, pour obtenir un identifiant d'entrée masqué (101) ; à effectuer une comparaison et un enregistrement de valeur d'indice sur l'identifiant d'entrée masqué au moyen de données chiffrées propres d'une extrémité de fourniture de données prédéfinie, pour obtenir des informations de position d'entrée cible (102) ; à obtenir, au moyen d'un protocole de transmission par inadvertance prédéfini et des informations de position d'entrée cible, un résultat intermédiaire de chiffrement d'entrée des données à prédire (103) ; et à effectuer une inférence de prédiction fédérée en fonction du résultat intermédiaire de chiffrement d'entrée et d'un résultat intermédiaire d'extrémité de prédiction d'entrée des données à prédire pour obtenir un résultat de prédiction cible, le résultat de prédiction cible étant utilisé pour indiquer une intention d'inférence (104).
PCT/CN2022/089173 2022-01-13 2022-04-26 Procédé et appareil d'inférence fédérée basée sur la confidentialité, dispositif et support de stockage WO2023134055A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210038323.4A CN114372291A (zh) 2022-01-13 2022-01-13 隐私联合推理方法、装置、设备及存储介质
CN202210038323.4 2022-01-13

Publications (1)

Publication Number Publication Date
WO2023134055A1 true WO2023134055A1 (fr) 2023-07-20

Family

ID=81144735

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/089173 WO2023134055A1 (fr) 2022-01-13 2022-04-26 Procédé et appareil d'inférence fédérée basée sur la confidentialité, dispositif et support de stockage

Country Status (2)

Country Link
CN (1) CN114372291A (fr)
WO (1) WO2023134055A1 (fr)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114372291A (zh) * 2022-01-13 2022-04-19 平安科技(深圳)有限公司 隐私联合推理方法、装置、设备及存储介质
CN114676169B (zh) * 2022-05-27 2022-08-26 富算科技(上海)有限公司 一种数据查询方法及装置

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109818730A (zh) * 2019-03-06 2019-05-28 矩阵元技术(深圳)有限公司 盲签名的获取方法、装置和服务器
CN110622165A (zh) * 2018-04-19 2019-12-27 谷歌有限责任公司 用于确定隐私集交集的安全性措施
WO2020209793A1 (fr) * 2019-04-11 2020-10-15 Singapore Telecommunications Limited Système de préservation de confidentialité pour le mappage d'identités communes
CN113014373A (zh) * 2021-02-20 2021-06-22 广东浪潮智慧计算技术有限公司 一种同态计算中的数据加密方法、装置、设备及介质
CN114372291A (zh) * 2022-01-13 2022-04-19 平安科技(深圳)有限公司 隐私联合推理方法、装置、设备及存储介质

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110622165A (zh) * 2018-04-19 2019-12-27 谷歌有限责任公司 用于确定隐私集交集的安全性措施
CN109818730A (zh) * 2019-03-06 2019-05-28 矩阵元技术(深圳)有限公司 盲签名的获取方法、装置和服务器
WO2020209793A1 (fr) * 2019-04-11 2020-10-15 Singapore Telecommunications Limited Système de préservation de confidentialité pour le mappage d'identités communes
CN113014373A (zh) * 2021-02-20 2021-06-22 广东浪潮智慧计算技术有限公司 一种同态计算中的数据加密方法、装置、设备及介质
CN114372291A (zh) * 2022-01-13 2022-04-19 平安科技(深圳)有限公司 隐私联合推理方法、装置、设备及存储介质

Also Published As

Publication number Publication date
CN114372291A (zh) 2022-04-19

Similar Documents

Publication Publication Date Title
Zhang et al. PIC: Enable large-scale privacy preserving content-based image search on cloud
WO2021218167A1 (fr) Procédé et appareil de génération de modèle de traitement de données, et procédé et appareil de traitement de données
JP6180177B2 (ja) プライバシーを保護することができる暗号化データの問い合わせ方法及びシステム
US10235335B1 (en) Systems and methods for cryptographically-secure queries using filters generated by multiple parties
CN107209787B (zh) 提高专用加密数据的搜索能力
WO2023134055A1 (fr) Procédé et appareil d'inférence fédérée basée sur la confidentialité, dispositif et support de stockage
CN104715187B (zh) 用于认证电子通信系统中的节点的方法和装置
US10635824B1 (en) Methods and apparatus for private set membership using aggregation for reduced communications
CN105827582B (zh) 一种通信加密方法、装置和系统
JP2020092414A (ja) ブロックチェーンのための暗号化データ共有管理
CN113742764B (zh) 基于区块链的可信数据安全存储方法、检索方法及设备
CN113420049B (zh) 数据流通方法、装置、电子设备及存储介质
KR20220092811A (ko) 암호화 데이터를 저장하는 방법 및 장치
CN115694949A (zh) 一种基于区块链的隐私数据共享方法及系统
Singh et al. Privacy-preserving multi-keyword hybrid search over encrypted data in cloud
JP4594078B2 (ja) 個人情報管理システムおよび個人情報管理プログラム
Kabir et al. A dynamic searchable encryption scheme for secure cloud server operation reserving multi-keyword ranked search
CN107005576A (zh) 从服务器日志生成用于链接标识符的桥接匹配标识符
Andavan et al. Cloud computing based deduplication using high-performance grade byte check and fuzzy search technique
WO2017209228A1 (fr) Dispositif de mise en correspondance d'informations chiffrées, procédé de mise en correspondance d'informations chiffrées, et support d'enregistrement ayant un programme de mise en correspondance d'informations chiffrées stocké sur ce dernier
Sri et al. A Framework for Uncertain Cloud Data Security and Recovery Based on Hybrid Multi-User Medical Decision Learning Patterns
EP3461055B1 (fr) Système et procédé pour assurer l'annotation externalisée sécurisée d'ensembles de données
Handa et al. Keyword binning-based efficient search on encrypted cloud data
Guo et al. A privacy preserving Markov model for sequence classification
Handa et al. An efficient cluster-based multi-keyword search on encrypted cloud data

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22919697

Country of ref document: EP

Kind code of ref document: A1