CN109144993A - A kind of data query method and device - Google Patents

A kind of data query method and device Download PDF

Info

Publication number
CN109144993A
CN109144993A CN201710457947.9A CN201710457947A CN109144993A CN 109144993 A CN109144993 A CN 109144993A CN 201710457947 A CN201710457947 A CN 201710457947A CN 109144993 A CN109144993 A CN 109144993A
Authority
CN
China
Prior art keywords
vector
encryption
data
query
data set
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710457947.9A
Other languages
Chinese (zh)
Other versions
CN109144993B (en
Inventor
朱友文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing University of Aeronautics and Astronautics
Tencent Technology Shenzhen Co Ltd
Original Assignee
Nanjing University of Aeronautics and Astronautics
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University of Aeronautics and Astronautics, Tencent Technology Shenzhen Co Ltd filed Critical Nanjing University of Aeronautics and Astronautics
Priority to CN201710457947.9A priority Critical patent/CN109144993B/en
Publication of CN109144993A publication Critical patent/CN109144993A/en
Application granted granted Critical
Publication of CN109144993B publication Critical patent/CN109144993B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The present invention provides a kind of data query method and devices, wherein, the data query method includes: that acquisition is queried the corresponding encrypted data set of data set and corresponding first encryption vector of query point vector, the second encryption vector concentrated respectively to encryption data is converted, obtain the transformation data sets being made of third encryption vector, and, first encryption vector is converted, obtain the 4th encryption vector, index tree is constructed based on transformation data sets, NN Query is carried out on index tree using the 4th encryption vector, obtains query result.The solution of the present invention, NN Query can be carried out on the index tree based on the data set building after encryption and conversion, under the premise of the correctness of the safety and query result that guarantee to be queried data set, obtain sublinear search efficiency, and due to being to carry out NN Query by the index tree of building, so query process can also be completed quickly even if the data volume for being queried data set is larger.

Description

A kind of data query method and device
Technical field
The present invention relates to technical field of data processing more particularly to a kind of data query method and devices.
Background technique
In recent years, in spatial database research field, k nearest neighbor (KNN, K Nearest Neighbor) querying method is one A research emphasis and hot spot.So-called k nearest neighbor inquiry is often referred to, and distance is found in being queried data set and gives k before query point A (can be for one or multiple) nearest data point.
Currently, in order to guarantee the safety for being queried data set, when using query point vector in being queried data set into When row k nearest neighbor is inquired, usually first the data point vector being queried in data set is encrypted, obtains encrypted data set, then, K nearest neighbor inquiry is carried out based on encrypted encrypted data set.Wherein, a kind of to being queried method that data set is encrypted for example For ASPE encryption (i.e. asymmetric scalar product keeps encryption) method.
This method that k nearest neighbor inquiry is carried out based on encrypted data set, although can guarantee the safety for being queried data set Property, but in carrying out k nearest neighbor query process, each encryption data point vector of encryption data concentration is needed to be traversed for, inquiry is multiple Miscellaneous degree is higher, can not obtain sublinear search efficiency, not be suitable for large-scale data set.
Summary of the invention
The embodiment of the present invention is designed to provide a kind of data query method and device, existing based on encryption to solve The problem of method that data set carries out k nearest neighbor inquiry can not obtain sublinear search efficiency.
In a first aspect, the embodiment of the invention provides a kind of data query methods, comprising:
Acquisition is queried the corresponding encrypted data set of data set and corresponding first encryption vector of query point vector, described to add Ciphertext data collection includes multiple second encryption vectors, and each second encryption vector corresponds to a number being queried in data set Strong point vector;
The second encryption vector concentrated respectively to the encryption data is converted, and obtains being made of third encryption vector Transformation data sets, and, first encryption vector is converted, the 4th encryption vector is obtained, wherein the 4th encryption Size relation between the distance of vector sum any two third encryption vector, with any two described in the query point vector sum Size relation between the distance of the corresponding data point vector of third encryption vector is consistent;
Index tree is constructed based on the transformation data sets;
NN Query is carried out on the index tree using the 4th encryption vector, obtains query result.
Second aspect, the embodiment of the invention also provides a kind of data query devices, comprising:
First obtains module, is queried the corresponding encrypted data set of data set and query point vector corresponding for obtaining One encryption vector, the encrypted data set include multiple second encryption vectors, and each second encryption vector corresponds to described looked into Ask a data point vector in data set;
Conversion module, the second encryption vector for concentrating respectively to the encryption data are converted, are obtained by third The transformation data sets of encryption vector composition, and, first encryption vector is converted, the 4th encryption vector is obtained, In, the size relation between the 4th encryption vector and the distance of any two third encryption vector, with the query point to Size relation between amount and the distance of the corresponding data point vector of any two third encryption vector is consistent;
Module is constructed, for constructing index tree based on the transformation data sets;
First enquiry module is obtained for carrying out NN Query on the index tree using the 4th encryption vector Query result.
The third aspect the embodiment of the invention also provides a kind of server, including memory, processor and is stored in described On memory and the data query program that can run on the processor, when the processor executes the data query program The step in above-mentioned data query method can be achieved.
Fourth aspect, the embodiment of the invention also provides a kind of computer readable storage mediums, are stored thereon with data and look into Program is ask, the data query program realizes the step in above-mentioned data query method when being executed by processor.
The data query method of the embodiment of the present invention is queried the corresponding encrypted data set of data set and inquiry by obtaining Corresponding first encryption vector of point vector, the second encryption vector concentrated respectively to encryption data are converted, are obtained by third The transformation data sets of encryption vector composition, and, the first encryption vector is converted, the 4th encryption vector is obtained, is based on turning Data set building index tree is changed, NN Query is carried out on index tree using the 4th encryption vector, obtains query result, so as to It is enough to carry out NN Query on the index tree based on the data set building after encryption and conversion, in the peace for guaranteeing to be queried data set Under the premise of full property and the correctness of query result, sublinear search efficiency is obtained, and due to being the index tree by building NN Query is carried out, so query process can also be completed quickly even if the data volume for being queried data set is larger.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, will make below to required in the embodiment of the present invention Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for For those of ordinary skill in the art, without any creative labor, it can also be obtained according to these attached drawings His attached drawing.
Fig. 1 shows the applicable schematic diagram of a scenario of data query method of the embodiment of the present invention;
Fig. 2 indicates the schematic diagram of internal structure of the server in Fig. 1;
Fig. 3 indicates the flow chart of the data query method of the embodiment of the present invention;
One of the structural schematic diagram of data query device of Fig. 4 expression embodiment of the present invention;
Fig. 5 indicates the second structural representation of the data query device of the embodiment of the present invention;
Fig. 6 indicates the structural schematic diagram of the server of the embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are some of the embodiments of the present invention, instead of all the embodiments.Based on this hair Embodiment in bright, every other implementation obtained by those of ordinary skill in the art without making creative efforts Example, shall fall within the protection scope of the present invention.
Referring to FIG. 1, Fig. 1 is the applicable schematic diagram of a scenario of data query method of the embodiment of the present invention, such as Fig. 1 institute Show, which includes terminal 101 and server 102, and terminal 101 and server 102 are communicated by network.Wherein, terminal 101 can be smart phone, tablet computer, laptop, desktop computer etc., and but it is not limited to this.Server 102 can be with For Cloud Server.Optionally, the internal structure of the server 102 in Fig. 1 is as shown in Fig. 2, server 102 includes total by system Processor, storage medium, memory and the network interface of line connection.Wherein, the storage medium of server 102 is stored with operation system System, database and a kind of data query device, database for storing data, are such as queried the corresponding encrypted data set of data set Deng data query device is for realizing a kind of data query method suitable for server 102.The processor of server 102 is used In providing calculating and control ability, the operation of entire server 102 is supported.The number in storage medium is saved as in server 102 Environment is provided according to the operation of inquiry unit.The network interface of server 102 is used for logical by network connection with external terminal 101 Letter, for example, receive terminal send be queried the corresponding encrypted data set of data set and the corresponding encryption vector of query point vector, And query result is sent to terminal 101.
Data query method of the invention is illustrated below by some specific embodiments.
Shown in Figure 3, the embodiment of the invention provides a kind of data query methods, are applied to server, comprising:
Step 301: acquisition is queried the corresponding encrypted data set of data set and query point vector corresponding first encrypt to Amount.
Wherein, being queried data set includes multiple data point vectors, and data point vector obtains the second encryption after encryption Vector, that is, being queried the corresponding encrypted data set of data set includes multiple second encryption vectors, and each second encryption vector is corresponding In a data point vector being queried in data set.Server in the embodiment of the present invention concretely Cloud Server.
Step 302: the second encryption vector concentrated respectively to encryption data is converted, and is obtained by third encryption vector group At transformation data sets, and, the first encryption vector is converted, the 4th encryption vector is obtained.
Wherein, encrypted data set is converted to transformation data sets is mainly to prepare for subsequent builds index tree, is guaranteed When carrying out NN Query on the index tree based on transformation data sets building, it is available with looked into using being queried data set progress neighbour Consistent result when inquiry.Specifically, may make the 4th encryption vector and any two third to add after the conversion of step 302 Size relation between the distance of close vector, data point corresponding with the query point vector sum any two third encryption vector to Size relation between the distance of amount is consistent.In the embodiment of the present invention, the distance concretely Euclidean distance.
Step 303: constructing index tree based on transformation data sets.
Wherein, the index tree constructed in the embodiment of the present invention can be R tree, or KD tree is looked into as long as being applicable in neighbour Inquiry, the embodiment of the present invention do not limit the type of index tree.
Step 304: carrying out NN Query on index tree using the 4th encryption vector, obtain query result.
Wherein, the NN Query carried out on index tree concretely k NN Query.Server is obtaining query result Afterwards, query result can be sent to terminal.
The data query method of the embodiment of the present invention is queried the corresponding encrypted data set of data set and inquiry by obtaining Corresponding first encryption vector of point vector, the second encryption vector concentrated respectively to encryption data are converted, are obtained by third The transformation data sets of encryption vector composition, and, the first encryption vector is converted, the 4th encryption vector is obtained, is based on turning Data set building index tree is changed, NN Query is carried out on index tree using the 4th encryption vector, obtains query result, so as to It is enough to carry out NN Query on the index tree based on the data set building after encryption and conversion, in the peace for guaranteeing to be queried data set Under the premise of full property and the correctness of query result, sublinear search efficiency is obtained, and due to being the index tree by building NN Query is carried out, so query process can also be completed quickly even if the data volume for being queried data set is larger.
In the embodiment of the present invention, in order to guarantee that the safety for being queried data set, server acquisition are queried data set pair The mode for corresponding first encryption vector of encrypted data set and query point vector answered is concretely:
Receive terminal transmission is queried the corresponding encrypted data set of data set and corresponding first encryption of query point vector Vector.
In this way, since terminal is encrypted to data set is queried, server is only capable of obtaining that be queried data set corresponding Encrypted data set, and do not know about and be queried data, therefore can guarantee the safety for being queried data set during data query.
Specifically, when to being queried data set and encrypting, it can scalar product (the dot product based on encryption data; Scalar product, also referred to as dot product) compare and is encrypted.Wherein, after encryption, data set and encryption data are queried Following corresponding relationship: the size between the scalar product of the second encryption vector of the first encryption vector and any two may be present between collection Size relation between at a distance from relationship, with the query point vector sum corresponding data point vector of the second encryption vector of any two Unanimously.Wherein common encryption method is, for example, ASPE encryption method, i.e., is queried data set in the specific embodiment of the invention It can be encrypted via ASPE and be converted into corresponding encrypted data set.
In the following, being illustrated by taking ASPE encryption method as an example to the ciphering process in the embodiment of the present invention.
It is assumed that being queried data set is { P1,P2..., Pn, wherein each data point vector PiThere are d dimension, i.e. Pi= (Pi1,Pi2..., Pid);Query point vector is denoted as Q, also there is d dimension, i.e. Q=(Q1,Q2..., Qd);PiWith the encrypted knot of Q Fruit is P respectivelyi' and Q '.Each data point vector PiEuclidean distance is used with the distance of query point vector Q, is denoted as
For example, the detailed process of ASPE encryption can are as follows: firstly, the matrix M of random selection (d+1) * (d+1);Then, It calculatesWithWherein,
In this way, existing for arbitrary i and hTherefore, And if only if D (Pi, Q) and > D (Ph,Q).And pass through the encryption of matrix M, P further can be obtainedi' Q ' > Ph' Q ' is and if only if D (Pi, Q) and > D (Ph,Q)。
In the embodiment of the present invention, to guarantee that the index tree of subsequent builds can carry out correct NN Query, server is to the The conversion process that two encryption vectors and the first encryption vector carry out is concretely:
Utilize default positive number T, the second encryption vector P concentrated respectively to encryption data according to the first formulai' turned It changes, obtains third encryption vector Ai;And
The first encryption vector Q ' is converted according to the second formula, obtains the 4th encryption vector B;
Wherein, the first formula are as follows:
Second formula are as follows: B=(- k3Q′,0,b)。
Wherein, Pi' identical with the dimension of Q ', a and b are the default vector of the first dimension, and the first dimension is greater than or equal to 0, Andk2||Pi′||2< T, k1k3> 0.
In the following, illustrating that the conversion process of the embodiment of the present invention can guarantee subsequent builds in conjunction with above-mentioned ASPE ciphering process Index tree can carry out correct NN Query.
For example, PiA is obtained after ' conversioni, B, D (A are obtained after Q ' conversioni, B) and indicate vector AiWith the Euclidean distance of B, Specifically it may be expressed as:
D(Ai,B)2=(k1Pi′+k3Q′)2+(T-k2||Pi′||2)+(a-b)2
=(| | k1Pi′||2+2k1k3Pi′Q′+||k3Q′||2)+(T-k2||Pi′||2)+(a-b)2
=2k1k3Pi′Q′+(||k3Q′||2+T)+(k1 2-k2)||Pi′||2+(a-b)2
=2k1k3Pi′Q′+(||k3Q′||2+T)+(a-b)2
Then, have for arbitrary i and h: D (Ai,B)2-D(Ah,B)2=2k1k3Pi′Q′-2k1k3Ph′Q′.Due to k1k3> 0, So available: D (Ai, B) and > D (Ah, B) and and if only if Pi' Q ' > Ph′Q′。
Further, due to obtaining P based on above-mentioned ASPE ciphering processi' Q ' > Ph' Q ' is and if only if D (Pi, Q) and > D (Ph, Q), therefore, after the conversion process of the embodiment of the present invention, D (A can be obtainedi, B) and > D (Ah, B) and and if only if D (Pi,Q) > D (Ph, Q), i.e., when carrying out NN Query on the index tree constructed based on transformation data sets, correctly inquiry knot can be obtained Fruit.
In the embodiment of the present invention, the index tree due to carrying out NN Query is constructed based on transformation data sets, has been constructed Without any processing after, therefore, when being queried data set has update, it can determine that data point vector to be updated is corresponding After encryption vector, directly according to the corresponding encryption vector of data point vector to be updated, existing index tree is updated, and obtains Updated index tree.
Based on this, the data query method of the embodiment of the present invention may also include that
The instruction information for the data point vector to be updated that terminal is sent is obtained, the data point vector to be updated includes following At least one of vector: new points vector, data point vector to be deleted, and, data point vector to be modified;
According to the instruction information, the corresponding third encryption vector of the data point vector to be updated is determined;
According to the corresponding third encryption vector of the data point vector to be updated, the index tree is updated, is obtained Updated index tree;
NN Query is carried out on the updated index tree using the 4th encryption vector, obtains updated look into Ask result.
For example, server obtains data point vector to be updated when data point vector to be updated is new points vector Instruction information can be specifically, receiving corresponding second encryption vector of new points vector that terminal is sent, and server exists After receiving corresponding second encryption vector of new points vector, new points vector pair is calculated using the first formula The third encryption vector answered, and index tree is updated using the third encryption vector, and index tree in the updated is enterprising Row NN Query, to obtain updated query result.
In another example server obtains data point to be updated when data point vector to be updated is data point vector to be deleted The instruction information of vector can be specifically, receive the corresponding number of data point vector to be deleted that terminal is sent, and server is connecing After receiving the corresponding number of data point vector to be deleted, the corresponding third of data point vector to be deleted can be added according to the number Close vector is directly deleted from index tree, and NN Query is carried out on the index tree to update index tree, and in the updated, to obtain Updated query result.
For another example server obtains data point to be updated when data point vector to be updated is data point vector to be modified The instruction information of vector can be specifically, receive corresponding second encryption vector of data point vector to be modified and volume that terminal is sent Number, and server receive corresponding second encryption vector of data point vector to be modified and number after, can be first according to the volume Number, the corresponding third encryption vector of the number in index tree is deleted, it is corresponding then to calculate data point vector to be modified Third encryption vector, and index tree is updated using the third encryption vector, and is carried out on index tree in the updated close Neighbour's inquiry, to obtain updated query result.
In this way, the data query method of the embodiment of the present invention can effectively support the dynamic change for being queried data set, When update is queried data set (add, data point vector is deleted or modified), the phase of data point vector to be updated need to be only obtained Information is closed, the update to respective index tree can be completed, and the process for updating index tree is entirely queried data set without considering, Simplify renewal process, improves the update efficiency of server.
In the following, using simulated experiment as a result, comparative illustration compared to the data query method encrypted based on ASPE, this hair The data query method of bright embodiment can save a large amount of query times.
In simulated experiment, the configuration surroundings of experiment porch are Intel Core i3 3.3GHZ CPU 8G memory, operation System is Ubuntu 14.04.The operation result of simulated experiment can be found in table 1.In table 1, T1Indicate the number encrypted based on ASPE The time (average value of 10 operations, unit ms) run according to querying method, T2Indicate that the data of the embodiment of the present invention are looked into The time (average value of 10 operations, unit ms) that inquiry method is run, n indicate to be queried of data point in data set Number, p indicate saving ratio, and
n 50000 100000 200000 400000 600000 800000 1000000
T1 77.5 130.1 269 537 784.6 1035 1308
T2 8.4 21.2 62.7 137.8 190.3 244.1 270.3
p 89.2% 83.7% 76.7% 74.3% 75.7% 76.4% 79.3%
Table 1
As it can be seen from table 1 compared to the data query method encrypted based on ASPE, the data query of the embodiment of the present invention Method can about save the query time more than 74%, i.e., under equal conditions, used in the data query method of the embodiment of the present invention Query time be only 1/4 of query time used in the data query method that is encrypted based on ASPE.
Data query method of the invention is illustrated in above-described embodiment, below in conjunction with embodiment and attached drawing to this The data query device of invention is illustrated.
Shown in Figure 4, the embodiment of the present invention also provides a kind of device for sending information, comprising:
First obtains module 41, is queried the corresponding encrypted data set of data set for acquisition and query point vector is corresponding First encryption vector, the encrypted data set include multiple second encryption vectors, and each second encryption vector corresponds to the quilt Inquire a data point vector in data set;
Conversion module 42, the second encryption vector for concentrating respectively to the encryption data are converted, and are obtained by the The transformation data sets of three encryption vectors composition, and, first encryption vector is converted, the 4th encryption vector is obtained, Wherein, the size relation between the 4th encryption vector and the distance of any two third encryption vector, with the query point Size relation between the distance of the corresponding data point vector of any two third encryption vector described in vector sum is consistent;
Module 43 is constructed, for constructing index tree based on the transformation data sets;
First enquiry module 44 is obtained for carrying out NN Query on the index tree using the 4th encryption vector Obtain query result.
In the embodiment of the present invention, the first acquisition module 41 is specifically used for:
The corresponding encrypted data set of data set is queried described in reception terminal transmission and the query point vector is corresponding First encryption vector.
It is queried between data set and the encrypted data set that there are following corresponding relationships specifically, described: described first Size relation between the scalar product of the second encryption vector of encryption vector and any two is appointed with described in the query point vector sum Size relation between the distance of the corresponding data point vector of two the second encryption vectors of anticipating is consistent.
In the embodiment of the present invention, the conversion module 42 is specifically used for:
Utilize default positive number T, the second encryption vector P concentrated respectively to the encryption data according to the first formulai' carry out Conversion, obtains third encryption vector Ai;And
The first encryption vector Q ' is converted according to the second formula, obtains the 4th encryption vector B;
Wherein, the first formula are as follows:
Second formula are as follows: B=(- k3Q′,0,b);
Pi' identical with the dimension of Q ', a and b are the default vector of the first dimension, and first dimension is greater than or equal to 0, andk2||Pi′||2< T, k1k3> 0.
It is shown in Figure 5 in the embodiment of the present invention, described device further include:
Second obtains module 45, the instruction information of the data point vector to be updated for obtaining terminal transmission, described to more New data point vector includes at least one of following vector: new points vector, data point vector to be deleted, and, to Modify data point vector;
Determining module 46, for determining that the corresponding third of the data point vector to be updated adds according to the instruction information Close vector;
Update module 47, for according to the corresponding third encryption vector of the data point vector to be updated, to the index Tree is updated, and obtains updated index tree;
Second enquiry module 48, for carrying out neighbour on the updated index tree using the 4th encryption vector Inquiry, obtains updated query result.
Specifically, the index tree can be R tree or KD tree.
The data query device of the embodiment of the present invention is queried the corresponding encrypted data set of data set and inquiry by obtaining Corresponding first encryption vector of point vector, the second encryption vector concentrated respectively to encryption data are converted, are obtained by third The transformation data sets of encryption vector composition, and, the first encryption vector is converted, the 4th encryption vector is obtained, is based on turning Data set building index tree is changed, NN Query is carried out on index tree using the 4th encryption vector, obtains query result, so as to It is enough to carry out NN Query on the index tree based on the data set building after encryption and conversion, in the peace for guaranteeing to be queried data set Under the premise of full property and the correctness of query result, sublinear search efficiency is obtained, and due to being the index tree by building NN Query is carried out, so query process can also be completed quickly even if the data volume for being queried data set is larger.
In addition, the embodiment of the present invention also provides a kind of server, including memory, processor and it is stored in the memory Data query program that is upper and can running on the processor, the processor can be realized when executing the data query program Step in above-mentioned data query method.
Specifically, shown in Figure 6, the embodiment of the invention also provides a kind of server, the server includes bus 61, transceiver 62, antenna 63, bus interface 64, processor 65 and memory 66.
Wherein, processor 65 execute following process for reading the program in memory 66:
Acquisition is queried the corresponding encrypted data set of data set and corresponding first encryption vector of query point vector, described to add Ciphertext data collection includes multiple second encryption vectors, and each second encryption vector corresponds to a number being queried in data set Strong point vector;
The second encryption vector concentrated respectively to the encryption data is converted, and obtains being made of third encryption vector Transformation data sets, and, first encryption vector is converted, the 4th encryption vector is obtained, wherein the 4th encryption Size relation between the distance of vector sum any two third encryption vector, with any two described in the query point vector sum Size relation between the distance of the corresponding data point vector of third encryption vector is consistent;
Index tree is constructed based on the transformation data sets;
NN Query is carried out on the index tree using the 4th encryption vector, obtains query result.
Transceiver 62, for sending and receiving data under the control of processor 65.
Specifically, processor 65 is also used to: control transceiver 62 receives the data set that is queried that terminal is sent and corresponds to Encrypted data set and corresponding first encryption vector of the query point vector.
It is queried between data set and the encrypted data set that there are following corresponding relationships specifically, described: described first Size relation between the scalar product of the second encryption vector of encryption vector and any two is appointed with described in the query point vector sum Size relation between the distance of the corresponding data point vector of two the second encryption vectors of anticipating is consistent.
Specifically, processor 65 is also used to: using default positive number T, according to the first formula respectively to the encrypted data set In the second encryption vector Pi' converted, obtain third encryption vector Ai;And according to the second formula to the first encryption vector Q ' is converted, and the 4th encryption vector B is obtained;
Wherein, the first formula are as follows:
Second formula are as follows: B=(- k3Q′,0,b);
Pi' identical with the dimension of Q ', a and b are the default vector of the first dimension, and first dimension is greater than or equal to 0, andk2||Pi′||2< T, k1k3> 0.
Specifically, processor 65 is also used to: obtain terminal send data point vector to be updated instruction information, it is described to More new data point vector includes at least one of following vector: new points vector, data point vector to be deleted, and, Data point vector to be modified determines the corresponding third encryption vector of the data point vector to be updated according to the instruction information, According to the corresponding third encryption vector of the data point vector to be updated, the index tree is updated, is obtained updated Index tree carries out NN Query using the 4th encryption vector on the updated index tree, obtains updated look into Ask result.
In Fig. 6, bus architecture (is represented) with bus 61, bus 61 may include any number of interconnection bus and Bridge, bus 61 will include the one or more processors represented by processor 65 and the various electricity of memory that memory 66 represents Road links together.Bus 61 can also be by the various other of such as peripheral equipment, voltage-stablizer and management circuit or the like Circuit links together, and these are all it is known in the art, and therefore, it will not be further described herein.Bus connects Mouth 64 provides interface between bus 61 and transceiver 62.Transceiver 62 can be an element, be also possible to multiple element, than Such as multiple receivers and transmitter, the unit for communicating over a transmission medium with various other devices is provided.Through processor 65 The data of processing are transmitted on the radio medium by antenna 63, and further, antenna 63 also receives data and by data transmission To processor 65.
Processor 65 is responsible for management bus 61 and common processing, can also provide various functions, including timing, periphery connects Mouthful, voltage adjusting, power management and other control functions.And memory 66 can be used for storage processor 65 and execute behaviour Used data when making.
Optionally, processor 65 can be CPU, ASIC, FPGA or CPLD.
It is appreciated that the memory 66 in the embodiment of the present invention can be volatile memory or nonvolatile memory, It or may include both volatile and non-volatile memories.Wherein, nonvolatile memory can be read-only memory (Read- Only Memory, ROM), programmable read only memory (Programmable ROM, PROM), the read-only storage of erasable programmable Device (Erasable PROM, EPROM), electrically erasable programmable read-only memory (Electrically EPROM, EEPROM) or Flash memory.Volatile memory can be random access memory (Random Access Memory, RAM), be used as external high Speed caching.By exemplary but be not restricted explanation, the RAM of many forms is available, such as static random access memory (Static RAM, SRAM), dynamic random access memory (Dynamic RAM, DRAM), Synchronous Dynamic Random Access Memory (Synchronous DRAM, SDRAM), double data speed synchronous dynamic RAM (Double Data Rate SDRAM, DDRSDRAM), enhanced Synchronous Dynamic Random Access Memory (Enhanced SDRAM, ESDRAM), synchronized links Dynamic random access memory (Synchlink DRAM, SLDRAM) and direct rambus random access memory (Direct Rambus RAM, DRRAM).The memory 66 of system and method described herein is intended to include but is not limited to these and arbitrarily its It is suitble to the memory of type.
In some embodiments, memory 66 stores following element, executable modules or data structures, or Their subset or their superset: operating system and application program.
Wherein, operating system, includes various system programs, such as ccf layer, core library layer, driving layer etc., for realizing Various basic businesses and the hardware based task of processing.Application program includes various application programs, such as media player (Media Player), browser (Browser) etc., for realizing various applied business.Realize present invention method Program may include in the application.
The server of the embodiment of the present invention is queried the corresponding encrypted data set of data set and query point vector by obtaining Corresponding first encryption vector, respectively to encryption data concentrate the second encryption vector convert, obtain from third encrypt to The transformation data sets of composition are measured, and, the first encryption vector is converted, the 4th encryption vector is obtained, is based on change data Collection building index tree, carries out NN Query using the 4th encryption vector on index tree, query result is obtained, so as in base After encryption and conversion data set building index tree on carry out NN Query, guarantee be queried data set safety and Under the premise of the correctness of query result, sublinear search efficiency is obtained, and due to being carried out closely by the index tree of building Neighbour's inquiry, so query process can also be completed quickly even if the data volume for being queried data set is larger.
The embodiment of the invention also provides a kind of computer readable storage mediums, are stored thereon with data query program, should Data query program performs the steps of when being executed by processor
Acquisition is queried the corresponding encrypted data set of data set and corresponding first encryption vector of query point vector, described to add Ciphertext data collection includes multiple second encryption vectors, and each second encryption vector corresponds to a number being queried in data set Strong point vector;
The second encryption vector concentrated respectively to the encryption data is converted, and obtains being made of third encryption vector Transformation data sets, and, first encryption vector is converted, the 4th encryption vector is obtained, wherein the 4th encryption Size relation between the distance of vector sum any two third encryption vector, with any two described in the query point vector sum Size relation between the distance of the corresponding data point vector of third encryption vector is consistent;
Index tree is constructed based on the transformation data sets;
NN Query is carried out on the index tree using the 4th encryption vector, obtains query result.
Optionally, it can also be performed the steps of when which is executed by processor and receive what terminal was sent It is described to be queried the corresponding encrypted data set of data set and corresponding first encryption vector of the query point vector.
Optionally, described to be queried between data set and the encrypted data set that there are following corresponding relationships: described first Size relation between the scalar product of the second encryption vector of encryption vector and any two is appointed with described in the query point vector sum Size relation between the distance of the corresponding data point vector of two the second encryption vectors of anticipating is consistent.
Optionally, it can also be performed the steps of when which is executed by processor using default positive number T, The second encryption vector P that the encryption data is concentrated respectively according to the first formulai' converted, obtain third encryption vector Ai;And the first encryption vector Q ' is converted according to the second formula, obtain the 4th encryption vector B;
Wherein, the first formula are as follows:
Second formula are as follows: B=(- k3Q′,0,b);
Pi' identical with the dimension of Q ', a and b are the default vector of the first dimension, and first dimension is greater than or equal to 0, andk2||Pi′||2< T, k1k3> 0.
Optionally, it can also be performed the steps of when which is executed by processor and obtain what terminal was sent The instruction information of data point vector to be updated, the data point vector to be updated includes at least one of following vector: newly-increased Data point vector, data point vector to be deleted, and, data point vector to be modified, according to the instruction information, determine it is described to The corresponding third encryption vector of more new data point vector, according to the corresponding third encryption vector of the data point vector to be updated, The index tree is updated, updated index tree is obtained, using the 4th encryption vector in the updated rope Draw and carry out NN Query on tree, obtains updated query result.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media, can be by any side Method or technology realize that information stores.Information can be computer readable instructions, data structure, the module of program or other numbers According to.The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory techniques, CD-ROM are read-only Memory (CD-ROM), digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or Other magnetic storage devices or any other non-transmission medium, can be used for storage can be accessed by a computing device information.According to Herein defines, and computer-readable medium does not include temporary computer readable media (transitory media), such as modulation Data-signal and carrier wave.
It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row His property includes, so that the process, method, article or the device that include a series of elements not only include those elements, and And further include other elements that are not explicitly listed, or further include for this process, method, article or device institute it is intrinsic Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do There is also other identical elements in the process, method of element, article or device.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases The former is more preferably embodiment.Based on this understanding, technical solution of the present invention substantially in other words does the prior art The part contributed out can be embodied in the form of software products, which is stored in a storage medium In (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that a terminal device (can be mobile phone, computer, clothes Business device, air conditioner or the network equipment etc.) execute method described in each embodiment of the present invention.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered It is considered as protection scope of the present invention.

Claims (12)

1. a kind of data query method characterized by comprising
Acquisition is queried the corresponding encrypted data set of data set and corresponding first encryption vector of query point vector, the encryption number It include multiple second encryption vectors according to collection, each second encryption vector corresponds to a data point being queried in data set Vector;
The second encryption vector concentrated respectively to the encryption data is converted, and the conversion being made of third encryption vector is obtained Data set, and, first encryption vector is converted, the 4th encryption vector is obtained, wherein the 4th encryption vector Size relation between the distance of any two third encryption vector, with any two third described in the query point vector sum Size relation between the distance of the corresponding data point vector of encryption vector is consistent;
Index tree is constructed based on the transformation data sets;
NN Query is carried out on the index tree using the 4th encryption vector, obtains query result.
2. the method according to claim 1, wherein the acquisition is queried the corresponding encrypted data set of data set The step of the first encryption vector corresponding with query point vector, comprising:
It receives the described of terminal transmission and is queried the corresponding encrypted data set of data set and the query point vector corresponding first Encryption vector.
3. the method according to claim 1, wherein described be queried between data set and the encrypted data set There are following corresponding relationships: the size between the scalar product of the second encryption vector of first encryption vector and any two is closed System, at a distance from the corresponding data point vector of the second encryption vector of any two described in the query point vector sum between size Relationship consistency.
4. according to the method described in claim 3, it is characterized in that, second encryption concentrated respectively to the encryption data Vector is converted, and the transformation data sets being made of third encryption vector are obtained, comprising:
Utilize default positive number T, the second encryption vector P concentrated respectively to the encryption data according to the first formulai' converted, Obtain third encryption vector Ai
It is described that first encryption vector is converted, obtain the 4th encryption vector, comprising:
The first encryption vector Q ' is converted according to the second formula, obtains the 4th encryption vector B;
Wherein, the first formula are as follows:
Second formula are as follows: B=(- k3Q′,0,b);
Pi' identical with the dimension of Q ', a and b are the default vector of the first dimension, and first dimension is greater than or equal to 0, andk2||Pi′||2< T, k1k3> 0.
5. the method according to claim 1, wherein the method also includes:
The instruction information for the data point vector to be updated that terminal is sent is obtained, the data point vector to be updated includes following vector At least one of: new points vector, data point vector to be deleted, and, data point vector to be modified;
According to the instruction information, the corresponding third encryption vector of the data point vector to be updated is determined;
According to the corresponding third encryption vector of the data point vector to be updated, the index tree is updated, is updated Index tree afterwards;
NN Query is carried out on the updated index tree using the 4th encryption vector, obtains updated inquiry knot Fruit.
6. a kind of data query device characterized by comprising
First obtains module, is queried the corresponding encrypted data set of data set for acquisition and query point vector corresponding first adds Close vector, the encrypted data set include multiple second encryption vectors, and each second encryption vector is queried number corresponding to described According to a data point vector of concentration;
Conversion module, the second encryption vector for concentrating respectively to the encryption data are converted, obtain being encrypted by third The transformation data sets of vector composition, and, first encryption vector is converted, the 4th encryption vector is obtained, wherein institute The size relation between the 4th encryption vector and the distance of any two third encryption vector is stated, with the query point vector sum institute The size relation stated between the distance of the corresponding data point vector of any two third encryption vector is consistent;
Module is constructed, for constructing index tree based on the transformation data sets;
First enquiry module is inquired for carrying out NN Query on the index tree using the 4th encryption vector As a result.
7. device according to claim 6, which is characterized in that the first acquisition module is specifically used for:
It receives the described of terminal transmission and is queried the corresponding encrypted data set of data set and the query point vector corresponding first Encryption vector.
8. device according to claim 6, which is characterized in that described to be queried between data set and the encrypted data set There are following corresponding relationships: the size between the scalar product of the second encryption vector of first encryption vector and any two is closed System, at a distance from the corresponding data point vector of the second encryption vector of any two described in the query point vector sum between size Relationship consistency.
9. device according to claim 8, which is characterized in that the conversion module is specifically used for:
Utilize default positive number T, the second encryption vector P concentrated respectively to the encryption data according to the first formulai' converted, Obtain third encryption vector Ai;And
The first encryption vector Q ' is converted according to the second formula, obtains the 4th encryption vector B;
Wherein, the first formula are as follows:
Second formula are as follows: B=(- k3Q′,0,b);
Pi' identical with the dimension of Q ', a and b are the default vector of the first dimension, and first dimension is greater than or equal to 0, andk2||Pi′||2< T, k1k3> 0.
10. device according to claim 6, which is characterized in that described device further include:
Second obtains module, the instruction information of the data point vector to be updated for obtaining terminal transmission, the data to be updated Point vector includes at least one of following vector: new points vector, data point vector to be deleted, and, number to be modified Strong point vector;
Determining module, for determining the corresponding third encryption vector of the data point vector to be updated according to the instruction information;
Update module, for being carried out to the index tree according to the corresponding third encryption vector of the data point vector to be updated It updates, obtains updated index tree;
Second enquiry module, for carrying out NN Query on the updated index tree using the 4th encryption vector, Obtain updated query result.
11. a kind of server, including memory, processor and it is stored on the memory and can runs on the processor Data query program, which is characterized in that the processor realizes such as claim 1 to 5 when executing the data query program Any one of described in data query method in step.
12. a kind of computer readable storage medium is stored thereon with data query program, which is characterized in that the data query The step in the data query method as described in any one of claims 1 to 5 is realized when program is executed by processor.
CN201710457947.9A 2017-06-16 2017-06-16 Data query method and device Active CN109144993B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710457947.9A CN109144993B (en) 2017-06-16 2017-06-16 Data query method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710457947.9A CN109144993B (en) 2017-06-16 2017-06-16 Data query method and device

Publications (2)

Publication Number Publication Date
CN109144993A true CN109144993A (en) 2019-01-04
CN109144993B CN109144993B (en) 2021-07-27

Family

ID=64830550

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710457947.9A Active CN109144993B (en) 2017-06-16 2017-06-16 Data query method and device

Country Status (1)

Country Link
CN (1) CN109144993B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112445943A (en) * 2019-09-05 2021-03-05 阿里巴巴集团控股有限公司 Data processing method, device and system
CN113779197A (en) * 2021-09-09 2021-12-10 中国电子科技集团公司信息科学研究院 Data set searching method and device, storage medium and terminal

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101821736A (en) * 2007-09-06 2010-09-01 王秦胜塞希亚 Method and system of interacting with server, and method and system for generating and presenting search results
CN103345526A (en) * 2013-07-22 2013-10-09 武汉大学 Efficient privacy protection encrypted message querying method in cloud environment
CN103744976A (en) * 2014-01-13 2014-04-23 北京工业大学 Secure image retrieval method based on homomorphic encryption
CN103886106A (en) * 2014-04-14 2014-06-25 北京工业大学 Remote sensing image safe-retrieval method based on spectral feature protection
CN104408070A (en) * 2014-10-31 2015-03-11 北京邮电大学 Similar sub-image inquiring method and system for protecting privacy under cloud computing environment
CN104615692A (en) * 2015-01-23 2015-05-13 重庆邮电大学 Search encryption method supporting dynamic updating and multi-keyword safe ranking
US20160156460A1 (en) * 2014-12-02 2016-06-02 Microsoft Technology Licensing, Llc Secure computer evaluation of k-nearest neighbor models
CN106096548A (en) * 2016-06-12 2016-11-09 北京电子科技学院 A kind of many intelligent terminal based on cloud environment share face secret recognition methods
CN106133810A (en) * 2014-03-28 2016-11-16 索尼公司 Cipher processing apparatus, cipher processing method and program
CN106790069A (en) * 2016-12-21 2017-05-31 电子科技大学 Secret protection K NN sorting techniques based on vectorial homomorphic cryptography
US20170169241A1 (en) * 2015-12-14 2017-06-15 Panasonic Intellectual Property Corporation Of America Search method, search device, search system, and program

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101821736A (en) * 2007-09-06 2010-09-01 王秦胜塞希亚 Method and system of interacting with server, and method and system for generating and presenting search results
CN103345526A (en) * 2013-07-22 2013-10-09 武汉大学 Efficient privacy protection encrypted message querying method in cloud environment
CN103744976A (en) * 2014-01-13 2014-04-23 北京工业大学 Secure image retrieval method based on homomorphic encryption
CN106133810A (en) * 2014-03-28 2016-11-16 索尼公司 Cipher processing apparatus, cipher processing method and program
CN103886106A (en) * 2014-04-14 2014-06-25 北京工业大学 Remote sensing image safe-retrieval method based on spectral feature protection
CN104408070A (en) * 2014-10-31 2015-03-11 北京邮电大学 Similar sub-image inquiring method and system for protecting privacy under cloud computing environment
US20160156460A1 (en) * 2014-12-02 2016-06-02 Microsoft Technology Licensing, Llc Secure computer evaluation of k-nearest neighbor models
CN104615692A (en) * 2015-01-23 2015-05-13 重庆邮电大学 Search encryption method supporting dynamic updating and multi-keyword safe ranking
US20170169241A1 (en) * 2015-12-14 2017-06-15 Panasonic Intellectual Property Corporation Of America Search method, search device, search system, and program
CN106096548A (en) * 2016-06-12 2016-11-09 北京电子科技学院 A kind of many intelligent terminal based on cloud environment share face secret recognition methods
CN106790069A (en) * 2016-12-21 2017-05-31 电子科技大学 Secret protection K NN sorting techniques based on vectorial homomorphic cryptography

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
HYEONG-IL KIM等: "A kNN query processing algorithm using a tree index structure on the encrypted database", 《2016 INTERNATIONAL CONFERENCE ON BIG DATA AND SMART COMPUTING (BIGCOMP)》 *
LICHUN LI等: "Efficient Privacy-Preserving Location-Based Query Over Outsourced Encrypted Data", 《IEEE INTERNET OF THINGS JOURNAL 》 *
王心慧: "云环境下基于安全k近邻的加密数据检索技术研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112445943A (en) * 2019-09-05 2021-03-05 阿里巴巴集团控股有限公司 Data processing method, device and system
CN113779197A (en) * 2021-09-09 2021-12-10 中国电子科技集团公司信息科学研究院 Data set searching method and device, storage medium and terminal
CN113779197B (en) * 2021-09-09 2023-07-04 中国电子科技集团公司信息科学研究院 Data set searching method and device, storage medium and terminal

Also Published As

Publication number Publication date
CN109144993B (en) 2021-07-27

Similar Documents

Publication Publication Date Title
Yadav et al. IoT: Challenges and issues in indian perspective
WO2021120676A1 (en) Model training method for federated learning network, and related device
Rekkas et al. Machine learning in beyond 5G/6G networks—State-of-the-art and future trends
US20190301883A1 (en) Blockchain-based crowdsourcing of map applications
CN109218379A (en) Data processing method and system in environment of internet of things
US20220358240A1 (en) Adaptive data privacy platform
CN113051239A (en) Data sharing method, use method of model applying data sharing method and related equipment
CN109144993A (en) A kind of data query method and device
CN114610475A (en) Training method of intelligent resource arrangement model
WO2022001233A1 (en) Pre-labeling method based on hierarchical transfer learning and related device
WO2020097943A1 (en) Outsourced data processing
Weng et al. A mobile computing technology foresight study with scenario planning approach
Fowdur et al. Enabling technologies and applications of 5G/6G-Powered Intelligent Connectivity
US10171592B2 (en) Techniques for multi-level service discovery
CN115794316A (en) Method, apparatus, medium, and program product for building a cloud computing experimental environment
Vermesan Next generation internet of things–distributed intelligence at the edge and human-machine interactions
US11941619B2 (en) Validation and storage of transaction data for a blockchain
Sharma et al. Introduction to the Special Issue on Artificial Intelligence for Smart Cities and Industries
WO2021036190A1 (en) Node layout determination method and apparatus
WO2016082589A1 (en) Method, apparatus and system for associating upper layer link with lower layer link
Sharma et al. Energy Efficient Power Allocation in Massive MIMO Based on Parameterized Deep DQN
Liu et al. Optimal transfer of an unknown state via a bipartite quantum operation
Luo et al. Positive periodic solutions for impulsive functional differential equations with infinite delay and two parameters
Duan et al. Blockchain in global trade
CN117077816B (en) Training method and system of federal model

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant