CN108763943B - Safe data sharing incentive method based on contract theory - Google Patents

Abstract

The invention discloses a safe data sharing incentive method based on a contract theory, which adopts differential privacy to protect the privacy of a data holder and ensures the privacy security of a data source end; competitive power is introduced as a transaction parameter of data sharing, so that a data holder obtains competitive power after sharing data, namely, the technology is advanced, and the competitive power worry of the data holder is eliminated; and the contract theory is adopted to solve the information asymmetry between the data demanders and the data holders, and the optimal contract is designed to benefit the data participants. For convenient implementation, the invention also discloses a discretized optimal contract design method. The invention can enable the data sharing participator to share data through competitive incentive on the basis of ensuring privacy security, thereby achieving the win-win purpose of the data holder and the data demander.

Description

Safe data sharing incentive method based on contract theory

Technical Field

The invention relates to the technical field of incentive mechanisms for data sharing, in particular to a safe data sharing incentive method based on contract theory among organizations with competitive relations.

Background

With the arrival of the big data era and the artificial intelligence era, data-based algorithms and technologies are developed vigorously, so that a plurality of data-driven-based services such as recommendation service, voice recognition, image recognition and the like are promoted, and the aspects of economic and social life are influenced and reformed deeply. These intelligent services are provided by organizations by collecting and analyzing data, whose quality of service relies on large amounts of high quality data. However, in reality, not every organization can hold a large amount of data, but on the contrary, a single organization holds limited data, and more data is obtained by collection and sharing, thereby providing diversified intelligent services.

As data sharing effectively improves quality of service and improves people's living standard, new situations arise in data service development, i.e., from collecting and processing data by a single organization to sharing data by multiple organizations to provide services. However, in the trend of data sharing, organizations may refuse to share their data, especially among organizations with competing relationships. The main reason for this is that there are competing concerns between competing tissues. The reason is mainly as follows:

1) one aspect is that there are competing concerns between competing tissues. Organizations worry about that data sharing may improve the quality of service of competitors, improve the competitiveness of the competitors, and enable the competitors to benefit in data sharing. The method cannot benefit from the service, but the method can cause loss of users due to improvement of the service quality of competitors, so that the service volume is reduced, and the method is not willing to be seen in increasingly severe business competition. For example, the fields related to new drug development and medical treatment are important fields of data sharing and cooperation, and have great significance for curing and saving people and improving health. But as interests drive, there is a fear that adversaries develop next-generation super new drugs and many medical institutions are reluctant to share their data.

2) Another aspect is that the security of data sharing is not sufficient, i.e. privacy security is not guaranteed. During the sharing and use of data, the data is inevitably exposed to the outside, posing a great risk of privacy leakage, possibly causing the organization to suffer a loss as a result. The frequent occurrence of privacy security events further aggravates the concerns of people about privacy security. For example, Netflix has held a game of predictive algorithms that requires the user's movie rating to be inferred from public data. Netflix erases the information uniquely identifying the user in the data, and the privacy of the user can be guaranteed. But later the person identifies the user after anonymity by associating the public data with a record published on the IMDb (internet movie database) website. Finally Netflix has to announce the game to stop for privacy reasons and therefore receives a penalty of up to nine million dollars.

The existing excitation mechanism research mostly takes data collection in a master-slave cooperation mode as a model, and the data sharing among competitive organizations is rarely researched. In cooperative data collection, data demanders and data holders have a strong cooperative relationship, and the data sharing method does not meet the characteristics of organizations with competitive relationships. For privacy protection, various privacy protection methods and techniques are proposed by academia, such as anonymization, elliptic curve encryption algorithm, proxy re-encryption, block chain and differential privacy. Although these privacy protection methods guarantee the security of data to various degrees, excessive privacy protection reduces the value of data. How to achieve a trade-off between privacy protection and data value, not only ensuring the privacy security of users but also obtaining higher data value remains to be researched.

Therefore, in the organization data sharing with competition relationship, how to let the participants believe that better results can be obtained by sharing data than by not sharing data, eliminate the competitive worries, and encourage them to share data while ensuring privacy security is a technical problem which needs to be urgently solved by those skilled in the art.

Disclosure of Invention

In order to solve the defects of the prior art, the invention provides a safe data sharing incentive method based on an agreement theory, a differential privacy technology is adopted at a data holder end to protect privacy safety, competitive force is introduced as an incentive parameter of data sharing, and as information asymmetry exists between a data demander and a data holder, the agreement theory is adopted to construct an optimal agreement of long-term commitment which enables data sharing participants to benefit, so that data sharing is achieved on the basis of ensuring privacy safety.

In order to achieve the purpose, the technical scheme of the invention is as follows:

a safe data sharing incentive method based on contract theory comprises the following steps:

1) introducing a differential privacy technology at a data holder end as a privacy safety protection mechanism;

2) constructing a data sharing network, introducing competitive power as an incentive parameter of data sharing transaction, and establishing utility functions of a data demander and a data holder;

3) based on a data sharing network, mapping a data demander and a data holder into a contractual party, and solving the problem of information asymmetry between the data demander and the data holder by adopting a contractual theory;

4) and 3) designing to obtain an optimal contract based on the step 3), and implementing a secure data sharing incentive mechanism based on the optimal contract to achieve a data sharing utility target.

Further, in the step 1), a random algorithm M, P is provided_MFor the set of all possible outputs of M, for any two adjacent data sets D and D' and P_MAny subset S of_MIf the algorithm M satisfies

Pr[M(D)∈S_M]≤exp(ε)×Pr[M(D')∈S_M]

The algorithm M is said to provide epsilon-differential privacy protection, where the parameter epsilon is called the privacy protection budget, which indicates the degree of privacy protection, the smaller epsilon the higher the degree of privacy protection.

Further, in the step 2), the data sharing transaction is a data and competitive transaction between the two with a competitive relationship, that is, the data holder shares the data to the data demander and obtains the competitive power from the data demander.

Further, in the step 2), the competitiveness is characterized as follows:

(1) competitiveness is the technological advancement ability after data sharing and data processing;

(2) the competitiveness of the data is measured by a competitiveness factor, namely if a data holder grasps data q, the potential competitiveness is gamma q, wherein gamma is the competitiveness factor;

(3) the competitiveness factor of the data is influenced by the supply and demand relationship of the data market, namely the same data has higher competitiveness factor when the data is in short supply, and further has higher utility.

Further, in step 2), the data consumer obtains data q from the data holder, and since the data q is processed by the differential privacy technology, the value amount G is:

G＝ωlog(1+αεq)

where ω is a data value weight value, α is a data utility parameter, ε is a differential privacy parameter, and a data consumer obtains data and needs to pay competitiveness to a data provider, so the utility function of the data consumer is:

U_D(ε)＝G-γ＝ωlog(1+αεq)-γ

where γ is the competitive factor paid by the data demander for data q.

Further, for a sharing network with N data holders participating in sharing, the data holders' differential privacy parameters

The probability distribution function is f (epsilon), and then the overall utility function of the data demander is:

wherein the specific differential privacy parameter epsilon of the data holder is unknown to the data consumer, and the probability distribution f (epsilon) is known.

Further, in step 2), the data holder processes the shared data q in the shared data through a differential privacy technique, and obtains competitiveness compensation, so that the utility function of the data holder is as follows:

u＝γ-cεq

where γ is the acquired competitiveness, c is the loss coefficient, ε is the differential privacy parameter, and q is the shared data.

Further, in the step 3), the specific process of solving the asymmetry of the information by using the contract theory includes:

3-1) establishing a contract model { (gamma (epsilon), q (epsilon)) }, wherein (gamma (epsilon), q (epsilon)) is a contract designed by a data demander for a data holder with a privacy parameter epsilon;

3-2) substituting the contract (gamma (epsilon), q (epsilon)) into the utility function of the data holder to obtain the utility function of the data holder with the privacy parameter epsilon under the contract condition;

3-3) constructing contract establishment conditions by adopting incentive compatibility constraints and individual rational constraints;

3-4) optimizing the overall utility function of the data demander according to the contract establishment condition.

Further, in the step 4), the designing of the optimal contract specifically includes:

4-1) simplifying the excitation compatibility constraint and the individual rationality constraint;

4-2) simplifying the optimized overall utility function of the data demander according to the simplified constraint condition;

4-3) solving the simplified overall utility function by adopting a Pontryagin maximum value principle, and obtaining a data function and a competitiveness function of the optimal contract through a Hamilton function.

Further, in the step 4), the implementation step of the secure data sharing incentive mechanism based on the best contract includes:

4-1) data demanders send out data sharing demands and calculate the best contract { (gamma) { (^*(ε),q^*(ε))}；

4-2) data consumers broadcast the set of contracts { (γ)^*(ε),q^*(epsilon)) } to each data holder;

4-3) after the data holder receives the contract, selecting the contract which maximizes the self benefit, and informing the data demander;

4-4) data sharing action occurs, namely, data holders share data, and data demanders pay competitiveness according to contract content.

Compared with the prior art, the invention has the beneficial effects that:

1. the invention provides a safe data sharing incentive method based on a contractual theory, which introduces a differential privacy technology as a privacy security protection mechanism, protects privacy security at the source of data sharing, namely a data holder, avoids possible privacy risks brought by third-party privacy protection, and enables the data holder to really master the security of own data and the privacy degree of shared data.

2. The method introduces competitive power as a driving factor, so that the data holder obtains competitive power improvement in data sharing, the competitive power worry of the data holder is eliminated, the data holder is more willing to participate in the data sharing, and the data sharing strength is improved.

3. The method provides a data sharing mechanism based on an agreement theory aiming at information asymmetry in data sharing, and designs an optimal agreement for a data holder through competitive incentive on the basis of guaranteeing privacy and safety, so that the best effect is achieved, and finally a win-win effect of data sharing is achieved.

Drawings

The accompanying drawings, which are incorporated in and constitute a part of this application, illustrate embodiments of the application and, together with the description, serve to explain the application and are not intended to limit the application.

FIG. 1 is a diagram of a secure data sharing network based on contractual theory;

FIG. 2 shows the degree of agreement between the discretized data function and the theoretical value (difference privacy parameter 0.01 to 0.06);

FIG. 3 shows the degree of agreement between the discretized data function and the theoretical value (difference privacy parameter 0.06 to 0.21);

FIG. 4 shows the degree of agreement between the discretized competitiveness function and the theoretical value (difference privacy parameter 0.01 to 0.06);

fig. 5 shows the degree of agreement between the discretized competitiveness function and the theoretical value (differential privacy parameter 0.06 to 0.21).

Detailed Description

The invention is further described with reference to the following detailed description of embodiments and drawings.

It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs.

It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments according to the present application. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.

In the present invention, terms such as "upper", "lower", "left", "right", "front", "rear", "vertical", "horizontal", "side", "bottom", and the like indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only terms of relationships determined for convenience of describing structural relationships of the parts or elements of the present invention, and are not intended to refer to any parts or elements of the present invention, and are not to be construed as limiting the present invention.

In the present invention, terms such as "fixedly connected", "connected", and the like are to be understood in a broad sense, and mean either a fixed connection or an integrally connected or detachable connection; may be directly connected or indirectly connected through an intermediate. The specific meanings of the above terms in the present invention can be determined according to specific situations by persons skilled in the relevant scientific or technical field, and are not to be construed as limiting the present invention.

As described in the background art, existing data sharing exists between organizations with collaboration, and among competitive organizations, due to competitive concerns of data holders and hidden dangers of privacy and security, will result in insufficient data sharing, and thus, data cannot play a role as strategic resources in the information age. In order to solve the problems, the invention provides a safe data sharing incentive method based on contract theory. The method protects privacy safety by adopting a differential privacy technology at a data holder, introduces competitive power as return incentive share of data share, adopts a contract theory to design an optimal contract to meet the utility requirement of a share participant for the asymmetry of information of the data share participant, and achieves the win-win goal of a data demander and the data holder.

A safe data sharing incentive method based on contract theory comprises the following steps:

1) introducing a differential privacy technology at a data holder end as a privacy safety protection mechanism;

2) constructing a data sharing network, introducing competitive power as an incentive parameter of data sharing transaction, and establishing utility functions of a data demander and a data holder, as shown in fig. 1;

3) based on a data sharing network, mapping a data demander and a data holder into a contractual party, and solving the problem of information asymmetry between the data demander and the data holder by adopting a contractual theory;

4) and 3) designing to obtain an optimal contract based on the step 3), and implementing a secure data sharing incentive mechanism based on the optimal contract to achieve a data sharing utility target.

In the step 1), in order to ensure the privacy security of the data holder, the invention introduces a differential privacy technology as a privacy security mechanism, wherein the differential privacy technology is a technology popular in a statistical database, and by adding noise to each query, an attacker cannot obtain accurate individual information by observing a calculation result, so that the privacy security is ensured.

Is provided with a random algorithm M, P_MFor the set of all possible outputs of M, for any two adjacent data sets D and D' and P_MAny subset S of_MIf the algorithm M satisfies

Pr[M(D)∈S_M]≤exp(ε)×Pr[M(D')∈S_M]

The algorithm M is said to provide epsilon-differential privacy protection, where the parameter epsilon is referred to as the privacy protection budget. The privacy protection budget is a core concept of differential privacy and limits the query data volume providing privacy guarantee, and represents the privacy protection degree, and the smaller epsilon is, the higher the privacy protection degree is.

In the step 2), in order to avoid the situation that the data demander wins one-win instead of two-win, competitive force is introduced as an incentive parameter of the data sharing transaction.

The data sharing transaction is a transaction with data and competitiveness in a competitive relationship, namely, a data holder shares data to a data demander and obtains competitiveness from the data demander.

In the step 2), the competitiveness is characterized as follows:

(1) competitiveness is the technological advancement ability after data sharing and data processing;

(2) the competitiveness of the data is measured by a competitiveness factor, namely if a data holder grasps data q, the potential competitiveness is gamma q, wherein gamma is the competitiveness factor;

(3) the competitiveness factor of the data is influenced by the supply and demand relationship of the data market, namely the same data has higher competitiveness factor when the data is in short supply, and further has higher utility.

In the step 2), the data sharing participant behavior is analyzed. In a data sharing network based on the contract theory, a data demander and a data holder participate in data sharing. Data consumers and data holders are collectively referred to as data sharing participants. Data sharing participants are in a competitive relationship. From the perspective of data demanders, a data demander collects data from each data holder, and further performs data processing to improve the service quality of the data demanders. From the perspective of a data holder, in order to protect privacy and security, a differential privacy technology is adopted to process data to be shared. Once the data is submitted, the service level and competitiveness of the data demander can be potentially improved, but competitive compensation can be obtained from the data demander. The specific differential privacy parameters of the data holder are agnostic to the data consumers, but their probability distribution can be known.

If the data consumer obtains the data q from the data holder, the value amount G is as follows because the data q is processed by the differential privacy technology:

G＝ωlog(1+αεq)

the data demander obtains data and needs to pay certain cost, namely, payment competitiveness is given to a data provider, so that the utility function of the data demander is as follows:

U_D(ε)＝G-γ＝ωlog(1+αεq)-γ

where γ is the competitive factor paid by the data demander for data q.

Differential privacy parameters for data holders in a shared network with N data holders participating in the sharing

The probability distribution function is f (epsilon), and then the overall utility function of the data demander is:

wherein the specific differential privacy parameter epsilon of the data holder is unknown to the data consumer, and the probability distribution f (epsilon) is known.

In step 2), the data holder processes the shared data q in the shared data through a differential privacy technology, and obtains competitiveness compensation, so that the utility function of the data holder is as follows:

u＝γ-cεq

where γ is the acquired competitiveness, c is the loss coefficient, ε is the differential privacy parameter, and q is the shared data.

In the step 3), the specific process of solving the information asymmetry by adopting the contract theory comprises the following steps:

3-1) establishing a contract model { (gamma (epsilon), q (epsilon)) }, wherein (gamma (epsilon), q (epsilon)) is a contract designed by a data demander for a data holder with a privacy parameter epsilon;

3-2) substituting the contract (gamma (epsilon), q (epsilon)) into the utility function of the data holder to obtain the utility function of the data holder with the privacy parameter epsilon under the contract condition;

3-3) constructing contract establishment conditions by adopting incentive compatibility constraints and individual rational constraints;

3-4) optimizing the overall utility function of the data demander according to the contract establishment condition.

In one embodiment, to achieve data sharing, a data requestor provides a set of contracts { (γ, q) } to a data holder, where the contract (γ, q) indicates the data q that the data holder needs to share and the obtained competitiveness γ. When the data holder receives the group of contracts, the contract which enables the data holder to have the maximum effect is selected, the data are shared according to the specified content of the contract, and competitiveness is obtained. According to the contract theory, a data demander designs a group of contracts which enable a data holder to select a contract suitable for the differential privacy parameters of the data holder. The contract is therefore designed as a pair of functions, { (γ (ε), q (ε)) }, where (γ (ε), q (ε)) is the contract designed for the data holder with the privacy parameter ε. Then, once the contract (γ (ε), q (ε)) is accepted, the utility function for the data holder with privacy parameter ε is:

u(ε)＝γ(ε)-cεq(ε)

to ensure that data holders accept contracts designed for them, rather than selecting other contracts or rejecting contracts, the contracts must be incentivized, i.e., contracts (γ (ε), q (ε)) must satisfy incentives compliance and psychology constraints.

Incentivizing compliance constraints, a data holder with a differential privacy parameter ε will choose a contract (γ (ε), q (ε)), but not another contract (γ (ε '), q (ε')), which is incentivizing compliance, i.e., the contract is incentives compliant

γ(ε)-cεq(ε)≥γ(ε′)-cεq(ε′)

Individual rational constraint: if a contract makes the data holder's profit non-negative, individual rational constraints are met, i.e.

γ(ε)-cεq(ε)≥0

Thus, in a compact theory-based secure data sharing network, the goal of the data demander is to find an optimal set of compact that satisfies the above constraints and maximizes its own expected revenue, i.e., the

s.t.γ(ε)-cεq(ε)≥γ(ε′)-cεq(ε′)

γ(ε)-cεq(ε)≥0

In the step 4), the designing of the optimal contract specifically includes:

4-1) simplifying the excitation compatibility constraint and the individual rationality constraint;

4-2) simplifying the optimized overall utility function of the data demander according to the simplified constraint condition;

4-3) solving the simplified overall utility function by adopting a Pontryagin maximum value principle, and obtaining a data function and a competitiveness function of the optimal contract through a Hamilton function.

In particular, the optimal contract satisfies the above-mentioned optimization problem of the overall utility function of the data demander. To design the best contract, two constraints of the optimization problem are simplified. By actuating the compatibility constraint, for the differential privacy parameters ε and ε', there are

γ(ε)-cεq(ε)≥γ(ε′)-cεq(ε′)

γ(ε′)-cε′q(ε′)≥γ(ε)-cε′q(ε)

The addition of the two equations yields that q (ε) is not a monotonically increasing function, and therefore its derivative q' (ε) ≦ 0. For a utility function γ (ε ') -c ε q (ε ') corresponding to a contract (γ (ε '), q (ε ')), the maximum value is taken when ε ' is ε, and the derivative is taken

γ′(ε)-cεq′(ε)＝0

For the utility function u (epsilon) ═ gamma (epsilon) -c epsilon q (epsilon), the derivation is obtained

The utility function is thus not a monotonically increasing function, then due to individual rational constraints,

the optimization problem for the data demander is reduced to

s.t.q′(ε)≤0

γ′(ε)-cεq′(ε)＝0

Since the optimization problem formally conforms to the optimal control problem, the Pontryagin's maximum principle is adopted to solve, and the data function of the optimal contract obtained by the Hamilton function (Hamiltonian) is

Where F (epsilon) is the probability density function of the differential privacy parameters and F (epsilon) is the cumulative distribution function of the differential privacy parameters. The competitiveness function in the best contract is

In the step 4), the implementation step of the secure data sharing incentive mechanism based on the best contract comprises the following steps:

4-1) data demanders send out data sharing demands and calculate the best contract { (gamma) { (^*(ε),q^*(ε))}；

4-2) data consumers broadcast the set of contracts { (γ)^*(ε),q^*(epsilon)) } to each data holder;

4-3) after the data holder receives the contract, selecting the contract which maximizes the self benefit, and informing the data demander;

4-4) data sharing action occurs, namely, data holders share data, and data demanders pay competitiveness according to contract content.

Since it is difficult for a data consumer to know the differential privacy parameter of the data holder and the probability density function thereof in actual operation, discretizing the differential privacy parameter is an operation close to a theoretical value. Thus, the range of the differential privacy parameters

Discretization is K, and for simplicity the range of differential privacy parameters is evenly partitioned, i.e. Θ ═ δ₁,δ₂,…δ_k,…δ_KIn which is delta_k＝ε+(k-1)σ，

For the data holder n, the differential privacy parameter is epsilon_nIf ε_n-δ_kIf | ≦ sigma/2, then let's say_n＝δ_k。

In the competitive introduction process, the relationship between data consumers and data holders may be mapped into a trading market in which competitiveness is paid to the data holders as a reward for data consumers to obtain data from the data holders. The competitiveness is measured by a competitiveness factor, and the technical capability of a data holder can be improved. As shown in FIG. 1, data holders share data q_nThereby obtaining a competitive factor gamma_n。

Based on the contract theory, the optimal contract must satisfy the following incentive compatibility and individuality constraints. Best contract for discretization (gamma (delta)_k),q(δ_k) Can be simplified to (γ)_k,q_k) To indicate.

Excitation of compatible constraints: gamma ray_k-cδ_kq_k≥γ_j-cδ_kq_j；

Individual rational constraint: gamma ray_k-cδ_kq_k≥0；

The individual physical constraints of the best contract are defined as

γ_k-cδ_kq_k＝0

The stimulus compatibility constraint of the best contract is defined as

γ_k-cδ_kq_k＝γ_k+1-cδ_kq_k+1

Thus, the optimization problem for data consumers becomes:

wherein

To q is_kDerived and equal to 0 to find the optimal data function

The data demander sends out the data demand and calculates the best contract { (gamma)_k,q_k) And the contract is issued to a data holder, the data holder selects a contract which can maximize the benefit of the data holder, shares the data according to the contract and obtains corresponding competitiveness.

The following describes the comparison of the discrete optimal contract with the theoretical value, and the range of the differential privacy parameter is [0.01,0.21], ω ═ 100, α ═ 2, and c ═ 1.

Fig. 2 and 3 show a comparison between the discretization optimal data function and the theoretical value, and it can be found that the discretization optimal data function approaches the theoretical value, and when the discretization quantity K is 50, the two lines almost completely coincide, which shows that the discretization optimal data function almost completely coincides with the theoretical value under the condition of the larger discretization quantity.

Fig. 4 and 5 show a comparison of the discretized optimal competition function with the theoretical value, and it can be found that the discretized optimal competition function approaches the theoretical value, and when the discretized quantity K is 50, the two lines almost completely coincide, which shows that the discretized optimal competition function almost completely matches the theoretical value under the condition of the larger discretized quantity.

The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.

Although the embodiments of the present invention have been described with reference to the accompanying drawings, it is not intended to limit the scope of the present invention, and it should be understood by those skilled in the art that various modifications and variations can be made without inventive efforts by those skilled in the art based on the technical solution of the present invention.

Claims (7)

1. A safe data sharing incentive method based on contract theory is characterized by comprising the following steps:

1) introducing a differential privacy technology at a data holder end as a privacy safety protection mechanism;

2) constructing a data sharing network, introducing competitive power as an incentive parameter of data sharing transaction, and establishing utility functions of a data demander and a data holder;

3) based on a data sharing network, mapping a data demander and a data holder into a contractual party, and solving the problem of information asymmetry between the data demander and the data holder by adopting a contractual theory;

4) based on the step 3), an optimal contract is obtained through design, and a safety data sharing incentive mechanism is implemented based on the optimal contract to achieve a data sharing utility target;

in the step 2), the competitiveness is characterized as follows:

(1) competitiveness is the technological advancement ability after data sharing and data processing;

(2) the competitiveness of the data is measured by a competitiveness factor;

(3) the competitiveness factor of the data is influenced by the supply and demand relationship of the data market;

in the step 2), the data consumer obtains the data q from the data holder, and the value quantity G of the data q is as follows because the data q is processed by the differential privacy technology:

G＝ωlog(1+αεq)

where ω is a data value weight value, α is a data utility parameter, ε is a differential privacy parameter, and a data consumer obtains data and needs to pay competitiveness to a data provider, so the utility function of the data consumer is:

U_D(ε)＝G-γ＝ωlog(1+αεq)-γ

wherein γ is a competitiveness factor paid by data requesters for data q;

in step 2), the data holder processes the shared data q in the shared data through a differential privacy technology, and obtains competitiveness compensation, so that the utility function of the data holder is as follows:

u＝γ-cεq

where γ is the acquired competitiveness, c is the loss coefficient, ε is the differential privacy parameter, and q is the shared data.

2. The contract theory-based secure data sharing incentive method according to claim 1, wherein in the step 1), a random algorithm M, P is provided_MFor the set of all possible outputs of M, for any two adjacent data sets D and D' and P_MAny subset S of_MIf the algorithm M satisfies

Pr[M(D)∈S_M]≤exp(ε)×Pr[M(D')∈S_M]

The algorithm M is said to provide epsilon-differential privacy protection, where the parameter epsilon is called the privacy protection budget, which indicates the degree of privacy protection, the smaller epsilon the higher the degree of privacy protection.

3. The contractual theory-based secure data sharing incentive method according to claim 1, wherein in the step 2), the data sharing transaction is a data and competitive transaction between the two with a competitive relationship, that is, the data holder shares data to the data demander and obtains competitiveness from the data demander.

4. The contractual theory-based secure data sharing incentive method according to claim 1, wherein the data holders' differential privacy parameters are different for a sharing network with N data holders participating in sharing

The probability distribution function is f (epsilon), and then the overall utility function of the data demander is:

wherein the specific differential privacy parameter epsilon of the data holder is unknown to the data consumer, and the probability distribution f (epsilon) is known.

5. The contract theory-based safe data sharing incentive method according to claim 1, wherein the concrete process of solving the information asymmetry by adopting the contract theory in the step 3) comprises:

3-1) establishing a contract model { (gamma (epsilon), q (epsilon)) }, wherein (gamma (epsilon), q (epsilon)) is a contract designed by a data demander for a data holder with a privacy parameter epsilon;

3-2) substituting the contract (gamma (epsilon), q (epsilon)) into the utility function of the data holder to obtain the utility function of the data holder with the privacy parameter epsilon under the contract condition;

3-3) constructing contract establishment conditions by adopting incentive compatibility constraints and individual rational constraints;

3-4) optimizing the overall utility function of the data demander according to the contract establishment condition.

6. The secure data sharing incentive method based on contract theory according to claim 1, wherein in the step 4), the design of the optimal contract specifically comprises:

4-1) simplifying the excitation compatibility constraint and the individual rationality constraint;

4-2) simplifying the optimized overall utility function of the data demander according to the simplified constraint condition;

4-3) solving the simplified overall utility function by adopting a Pontryagin maximum value principle, and obtaining a data function and a competitiveness function of the optimal contract through a Hamilton function.

7. The contract theory-based secure data sharing incentive method according to claim 1, wherein in the step 4), the implementation step of the secure data sharing incentive mechanism based on the best contract comprises:

4-1) data demanders send out data sharing demands and calculate the best contract { (gamma) { (^*(ε),q^*(ε))}；

4-2) data consumers broadcast the set of contracts { (γ)^*(ε),q^*(epsilon)) } to each data holder;

4-3) after the data holder receives the contract, selecting the contract which maximizes the self benefit, and informing the data demander;

4-4) data sharing action occurs, namely, data holders share data, and data demanders pay competitiveness according to contract content.

Images