CN109697368B - Method, device and system for safe use of user information data and storage medium - Google Patents
Method, device and system for safe use of user information data and storage medium Download PDFInfo
- Publication number
- CN109697368B CN109697368B CN201710983616.9A CN201710983616A CN109697368B CN 109697368 B CN109697368 B CN 109697368B CN 201710983616 A CN201710983616 A CN 201710983616A CN 109697368 B CN109697368 B CN 109697368B
- Authority
- CN
- China
- Prior art keywords
- data
- user
- service platform
- information
- request information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method, equipment and a system for safely using user information data and a storage medium, wherein the method comprises the following steps: sending data use request information to a data service platform; desensitization user data generated according to the data use request information is received from the data service platform, wherein the data service platform generates the desensitization user data according to user personal data. The invention fully utilizes the personal data of the user while protecting the personal privacy of the user, and maximizes the benefit of the personal data of the user.
Description
Technical Field
The invention relates to the technical field of computer networks, in particular to a method for protecting user privacy information, and specifically relates to a method, equipment and a system for safely using user information data, and a storage medium.
Background
With the rapid development of network information technology, the combination of daily life and the virtual network world of people is more and more compact, many contents in daily life and work of people are recorded by carriers such as computers, servers, network service platforms and the like in a data information mode, and the data information is dispersed in E-commerce platforms, financial institutions, search engines and geographic position service providers. Some internet service companies collect personal data information of users by illegal technical means and analyze privacy information which the users intend to protect according to the collected personal data information; with the expansion of internet financial service business, individual companies sign user agreements with users, arbitrarily collect and share the privacy information of the users by utilizing negligence and unconsciousness of the users, and the privacy information of the users is used for credit assessment, breach of accountability and other affairs, so that the user information is abused; further, some internet companies gain economic benefit even by selling user information without the user's knowledge, which becomes a source of internet fraud cases.
The personal data information of the user belongs to the user, and the user has ownership and use right for the personal data information. Then, different users have different concerns about personal data privacy, and under the condition that the national personal privacy protection law and regulation is not sound, many people do not form risk prevention awareness on personal data information, so how to protect the legal rights and interests of the people from being infringed and prevent the personal data information from being illegally abused is a urgent task of technicians in the field.
The personal data information has better social and economic benefits, such as: a large amount of travel data of users is helpful for government departments to make more accurate traffic management schemes; a large amount of medical data has practical significance for disease treatment and drug discovery. Therefore, the user data has good social and economic benefits in both social and enterprise levels. In addition, the enterprise analyzes the preference, consumption habits and the like of the user according to the historical behavior data of the user, and even grades the credit of the user according to the historical behavior data of the user, so that the user with good credit can obtain more preference in the scenes of loan and the like, the operation and management cost of the enterprise is reduced, meanwhile, the enterprise can provide cheaper, efficient and high-quality service for the credit-keeping user, people can all cherish the credit records of the user, and the credit environment of the whole society is improved.
Therefore, how to ensure that the user personal data information can be reasonably and legally utilized while protecting the user personal data information from being illegally abused is a technical problem that needs to be solved by technical staff in the field.
Disclosure of Invention
In view of the above, the technical problem to be solved by the present invention is to provide a method, device, system, and storage medium for secure use of user information data, which solve the problem that the prior art cannot consider both personal data information protection and personal data information utilization.
In order to solve the above technical problem, a specific embodiment of the present invention provides a method for securely using user information data, including: sending data use request information to a data service platform; desensitization user data generated according to the data use request information is received from the data service platform, wherein the data service platform generates the desensitization user data according to user personal data.
The specific implementation manner of the present invention further provides a data consumer device for secure use of user information data, comprising: the sending unit is used for sending data use request information to the data service platform; and the receiving unit is used for receiving desensitization user data generated according to the data use request information from the data service platform, wherein the data service platform generates the desensitization user data according to the personal data of the user.
The specific implementation mode of the invention also provides a method for safely using the user information data, which comprises the following steps: receiving data usage request information from a data usage side device; and processing the user personal data into desensitized user data according to the data use request information.
The specific implementation manner of the present invention further provides a data service platform for safe use of user information data, which includes: a receiving unit that receives data usage request information from a data usage side device; and the processing unit is used for processing the personal data of the user into desensitized user data according to the data use request information.
The specific implementation mode of the invention also provides a method for safely using the user information data, which comprises the following steps: sending data description information to a data service platform; receiving a business algorithm written by the data user equipment according to the data description information from the data service platform; and authenticating the business algorithm so that the data service platform generates desensitized user data from the user personal data by using the business algorithm after the authentication is passed.
The specific implementation manner of the present invention further provides a data provider device for secure use of user information data, including: the sending unit is used for sending data description information to the data service platform; the receiving unit is used for receiving a business algorithm compiled by the data user equipment according to the data description information from the data service platform; and the authentication unit is used for authenticating the business algorithm so that the data service platform generates desensitized user data from the user personal data by using the business algorithm after the authentication is passed.
The specific implementation mode of the invention also provides a method for safely using the user information data, which comprises the following steps: receiving data use authorization request information from a data service platform; and feeding back authorization confirmation information to the data service platform according to the data use authorization request information so that the data service platform transmits desensitized user data to the data user equipment according to the authorization confirmation information.
The specific implementation manner of the present invention further provides a user terminal device for safe use of user information data, which includes: a receiving unit, configured to receive data use authorization request information from a data service platform; and the sending unit is used for feeding back authorization confirmation information to the data service platform according to the data use authorization request information so that the data service platform can transmit desensitized user data to the data user equipment according to the authorization confirmation information.
The specific implementation manner of the present invention further provides a system for safe use of user information data, which comprises: the data service platform comprises a plurality of data consumer devices, a data service platform, a plurality of data provider devices and a plurality of user terminal devices. Wherein the plurality of data consumer devices, the plurality of data provider devices and the plurality of user terminal devices are all connected to the data service platform; the data user equipment is used for compiling a business algorithm according to the data description information provided by the data provider equipment and using desensitized user data on the data service platform; the data service platform is used for generating the desensitization user data from the user personal data by using the business algorithm, and transmitting the desensitization user data to the data user equipment after the authorization of the user terminal equipment; the data provider device is used for providing the user personal data to the data service platform and authenticating the business algorithm written by the data user device; the user terminal device is used for authorizing the data user device to legally use the user personal data.
Embodiments of the present invention also provide a computer storage medium containing computer-executable instructions, where the computer-executable instructions are processed by a data processing device, and the data processing device executes a method for secure use of user information data.
According to the above embodiments of the present invention, the method, device, system, and storage medium for secure use of user information data at least have the following advantages: the data user defines the service processing algorithm of the user personal data, and the data provider authenticates the service processing algorithm; if the user needs to use the user personal data, under the condition of obtaining the user authorization, the user personal data is processed by using the authenticated service processing algorithm (on the premise of not influencing the normal use of the user personal data, desensitization processing is carried out on the user personal data), the processed user personal data is sent to the data user, the normal use of the user personal data is not influenced while the user personal privacy is protected (the user privacy or the original data is not exposed), and the benefit of the user personal data is maximized.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate exemplary embodiments of the invention and together with the description, serve to explain the principles of the invention.
Fig. 1 is a flowchart of a first embodiment of a method for securely using user information data according to an embodiment of the present invention.
Fig. 2 is a flowchart of a second embodiment of a method for securely using user information data according to a specific embodiment of the present invention.
Fig. 3 is a schematic structural diagram of a first embodiment of a data consumer device for secure use of user information data according to an embodiment of the present invention.
Fig. 4 is a schematic structural diagram of a second embodiment of a data consumer device for secure use of user information data according to an embodiment of the present invention.
Fig. 5 is a flowchart of a third embodiment of a method for securely using user information data according to a specific embodiment of the present invention.
Fig. 6 is a flowchart of a fourth embodiment of a method for securely using user information data according to an embodiment of the present invention.
Fig. 7 is a flowchart of a fifth embodiment of a method for securely using user information data according to a specific embodiment of the present invention.
Fig. 8 is a schematic structural diagram of a first embodiment of a data service platform for secure use of user information data according to an embodiment of the present invention.
Fig. 9 is a schematic structural diagram of a second embodiment of a data service platform for secure use of user information data according to a specific embodiment of the present invention.
Fig. 10 is a flowchart of a sixth embodiment of a method for securely using user information data according to a specific embodiment of the present invention.
Fig. 11 is a flowchart of a seventh embodiment of a method for securely using user information data according to an embodiment of the present invention.
Fig. 12 is a schematic structural diagram of a data provider device for secure use of user information data according to an embodiment of the present invention.
Fig. 13 is a flowchart of an eighth embodiment of a method for securely using user information data according to an embodiment of the present invention.
Fig. 14 is a schematic structural diagram of a user terminal device for secure use of user information data according to an embodiment of the present invention.
Fig. 15 is a schematic composition diagram of a system for securely using user information data according to an embodiment of the present invention.
Fig. 16 is a timing chart of an operation of a system for secure use of user information data according to an embodiment of the present invention.
Detailed Description
For the purpose of promoting a clear understanding of the objects, aspects and advantages of the embodiments of the invention, reference will now be made to the drawings and detailed description, wherein there are shown in the drawings and described in detail, various modifications of the embodiments described herein, and other embodiments of the invention will be apparent to those skilled in the art.
The exemplary embodiments of the present invention and the description thereof are provided to explain the present invention and not to limit the present invention. Additionally, the same or similar numbered elements/components used in the drawings and the embodiments are used to represent the same or similar parts.
As used herein, the terms "first," "second," …, etc., do not denote any order or sequence, nor are they used to limit the present invention, but rather are used to distinguish one element from another or from another element or operation described in the same technical language.
With respect to directional terminology used herein, for example: up, down, left, right, front or rear, etc., are simply directions with reference to the drawings. Accordingly, the directional terminology used is intended to be illustrative and is not intended to be limiting of the present teachings.
As used herein, the terms "comprising," "including," "having," "containing," and the like are open-ended terms that mean including, but not limited to.
As used herein, "and/or" includes any and all combinations of the described items.
References to "plurality" herein include "two" and "more than two"; reference to "multiple sets" herein includes "two sets" and "more than two sets".
As used herein, the terms "substantially", "about" and the like are used to modify any slight variation in quantity or error that does not alter the nature of the variation. Generally, the range of slight variations or errors modified by such terms may be 20% in some embodiments, 10% in some embodiments, 5% in some embodiments, or other values. It should be understood by those skilled in the art that the aforementioned values can be adjusted according to actual needs, and are not limited thereto.
Certain words used to describe the present application are discussed below or elsewhere in this specification to provide additional guidance to those skilled in the art in describing the present application.
Fig. 1 is a flowchart of a first embodiment of a method for securely using user information data according to an embodiment of the present invention, and as shown in fig. 1, a data using device sends data use request information to a data service platform, and the data service platform generates desensitized user data according to the data use request information sent by the data using device.
In the embodiment shown in the figure, the method for safely using the user information data comprises the following steps:
step 101: and sending the data use request information to the data service platform. In a specific embodiment of the present invention, the data service platform may be a web server, a cloud server, a server cluster, or the like.
Step 102: desensitization user data generated according to the data use request information is received from the data service platform, wherein the data service platform generates the desensitization user data according to user personal data. In the specific embodiment of the invention, sensitive or private information such as a user mobile phone number, an identity card number, an account, a password and the like does not appear in desensitized user data.
Referring to fig. 1, the data consumer device obtains desensitized user data by sending data usage request information to the data service platform, so that the personal data of the user is fully utilized, and the personal privacy of the user is effectively protected.
Fig. 2 is a flowchart of a second embodiment of a method for securely using user information data according to a specific embodiment of the present invention, and as shown in fig. 2, a data consumer device obtains data description information provided by a data provider device through a data service platform, writes a business algorithm according to the data description information, and transmits the business algorithm to the data provider device through the data service platform for authentication.
In the embodiment shown in the figure, step 101 further includes:
step 098: data description information is received from the data service platform. In a specific embodiment of the present invention, the data providing device provides data description information to the data service platform, where the data description information includes information such as data content, data type, data providing device ID, usage field, and acquisition mode.
Step 099: and compiling a service algorithm according to the data description information. In the embodiment of the invention, the data user equipment compiles a business algorithm meeting specific business according to self requirements, for example, an algorithm for calculating credit set scores of users by banks and an algorithm for calculating green travel of motor vehicles of users by insurance companies. In addition, the data user equipment can also establish an isolated algorithm system on the data service platform, and write a business algorithm in the established algorithm system.
Step 100: and the data service platform transmits the business algorithm to data provider equipment for authentication, so that the data service platform utilizes the business algorithm to generate the desensitization user data from the user personal data after the authentication is passed. In the specific embodiment of the invention, after the business algorithm written by the data user equipment is authenticated by the data provider equipment, the data service platform can utilize the business algorithm to generate desensitized user data from the user personal data.
Referring to fig. 2, data provider equipment provides data description information, data consumer equipment compiles a service algorithm according to the data description information, the data consumer equipment authenticates the service algorithm compiled by the data consumer equipment, after the authentication is passed, the service algorithm can be used for generating desensitized user data for the user personal data, the data consumer can reasonably compile the service algorithm according to the actual requirements of the data consumer and the data provided by the data provider, and the maximization of the user personal data utilization is realized on the premise of not invading the personal privacy of the user.
Fig. 3 is a schematic structural diagram of a first embodiment of a data consumer device for secure use of user information data according to an embodiment of the present invention, and the device shown in fig. 3 may be applied to the methods shown in fig. 1 and fig. 2, where the data consumer device sends data use request information to a data service platform, and the data service platform generates desensitized user data according to the data use request information sent by the data consumer device.
In the embodiment shown in the figure, the data consumer apparatus for secure use of user information data comprises a transmitting unit 11 and a receiving unit 12. The sending unit 11 is configured to send data use request information to the data service platform; the receiving unit 12 is configured to receive desensitization user data generated according to the data usage request information from the data service platform, where the data service platform generates the desensitization user data according to user personal data.
Referring to fig. 3, the data consumer device obtains desensitized user data by sending data usage request information to the data service platform, so that the personal data of the user is fully utilized, and the personal privacy of the user is effectively protected.
Fig. 4 is a schematic structural diagram of a second embodiment of a data consumer device for securely using user information data according to a specific embodiment of the present invention, and as shown in fig. 4, the data consumer device obtains data description information provided by a data provider device through a data service platform, writes a business algorithm according to the data description information, and transmits the business algorithm to the data provider device through the data service platform for authentication.
In the embodiment shown in the figure, the receiving unit 12 is further configured to receive data description information from the data service platform. The data consumer device further comprises an orchestration unit 13. The arranging unit 13 is configured to compile a service algorithm according to the data specification information; the sending unit 11 is further configured to transmit the business algorithm to a data provider device through the data service platform for authentication, so that the data service platform generates the desensitization user data from the user personal data by using the business algorithm after the authentication is passed.
Referring to fig. 4, the data provider device provides data description information, the data consumer device compiles a service algorithm according to the data description information, the data consumer device authenticates the service algorithm compiled by the data consumer device, after the authentication is passed, the service algorithm can be used to generate desensitized user data for the user personal data, the data consumer can reasonably compile a service algorithm according to the actual requirements of the data consumer device and in combination with the data provided by the data provider, and the maximization of the user personal data utilization is realized on the premise of not invading the personal privacy of the user.
Fig. 5 is a flowchart of a third embodiment of a method for securely using user information data according to an embodiment of the present invention, and as shown in fig. 5, a data service platform processes user personal data into desensitized user data according to data usage request information provided by a data consumer device.
In the embodiment shown in the figure, the method for safely using the user information data comprises the following steps:
step 211: data use request information is received from a data use side device. In a particular embodiment of the present invention, the data service platform receives data usage request information from the data consumer device. The data use request information specifically includes information such as a data object to be used, a data user device ID, a business algorithm name, a submission time, and a summary. The data service platform writes data use request information into a blockchain (standard blockchain service provided by a third party).
Step 212: and processing the user personal data into desensitized user data according to the data use request information. In the specific embodiment of the invention, the data service platform processes the personal data of the user into desensitized user data according to the data use request information, and the desensitized user data is used by the data user equipment.
Referring to fig. 5, the user personal data is processed into desensitized user data, so that the user personal data is utilized, the personal privacy of the user is not exposed, the legal rights and interests of the user are protected from being infringed, and good social and economic benefits are achieved.
Fig. 6 is a flowchart of a fourth embodiment of a method for securely using user information data according to the specific embodiment of the present invention, as shown in fig. 6, before the data service platform receives data usage request information from the data consumer device, the data service platform sends data description information to the data consumer device, and the data consumer device writes a business algorithm according to the data description information.
In the embodiment shown in the figure, before step 211, the method further comprises:
step 209: and sending data description information to the data consumer device. In an embodiment of the present invention, the data service platform sends data specification information to the data consumer device.
Step 210: and receiving a business algorithm written by the data user equipment according to the data description information so as to generate the desensitized user data from the user personal data by using the business algorithm. In a specific embodiment of the invention, if the data using side equipment requests to use data later, the data service platform generates desensitized user data from the user personal data.
As shown in fig. 6, the data provider device sends data description information to the data consumer device through the data service platform, and the data consumer device compiles a business algorithm according to the data description information, wherein the compiled business algorithm not only meets the requirements of the data consumer, but also is highly related to the data provided by the data provider device, so that the personal data of the user is fully utilized, and the personal privacy of the user is protected from being violated.
Fig. 7 is a flowchart of a fifth embodiment of a method for securely using user information data according to a specific embodiment of the present invention, as shown in fig. 7, where a data service platform sends data use authorization request information to a user terminal device, and the user terminal device determines whether to allow a data user device to use user personal data after receiving the data use authorization request information.
In the embodiment shown in the figure, after step 212, the method further comprises:
step 213: and sending the data use authorization request information to the user terminal equipment. In a specific embodiment of the present invention, the data service platform sends data use authorization request information to the user terminal device. The data use authorization request information includes information such as a business algorithm name, a data consumer device ID, a data provider device ID, a digest, and the like.
Step 214: and receiving authorization confirmation information fed back by the user terminal equipment according to the data use authorization request information from the user terminal equipment. In a specific embodiment of the present invention, the user terminal device feeds back the authorization confirmation information according to the data usage authorization request information, for example, the user inputs the mobile phone verification code and the additional identity fragment information (e.g. the last 4 bits of the identity card number) on the corresponding authorization interface, and clicks the authorization, that is, feeds back the authorization confirmation information to the data service platform.
Step 215: transmitting the desensitized user data to the data consumer device according to the authorization confirmation information. In a specific embodiment of the present invention, the data service platform transmits desensitized user data to the data consumer device based on the authorization confirmation information.
Referring to fig. 7, the data service platform sends data use authorization request information to the user terminal device, the user terminal device feeds back authorization confirmation information to the data service platform according to the data use authorization request information, and the data service platform transmits desensitized user data to the data user device according to the authorization confirmation information.
In an embodiment of the present invention, the data service platform may send the data usage authorization request information to the user terminal device after processing the user personal data into desensitized user data (as shown in fig. 7), and may also send the data usage authorization request information to the user terminal device before processing the user personal data into desensitized user data. Prior to step 212, the method further comprises: sending data use authorization request information to user terminal equipment; and receiving authorization confirmation information fed back by the user terminal equipment according to the data use authorization request information from the user terminal equipment.
Fig. 8 is a schematic structural diagram of a first embodiment of a data service platform for secure use of user information data according to an embodiment of the present invention, where the data service platform shown in fig. 8 may be applied to the methods shown in fig. 5 to 7, and the data service platform processes user personal data into desensitized user data according to data use request information provided by a data user device.
In the embodiment shown in the figure, the data service platform for secure use of user information data comprises a receiving unit 21 and a processing unit 22. Wherein the receiving unit 21 is configured to receive data usage request information from a data consumer apparatus; the processing unit 22 is adapted to process the user personal data into desensitized user data according to said data usage request information.
Referring to fig. 8, the user personal data is processed into desensitized user data, so that the user personal data is utilized, the personal privacy of the user is not exposed, the legal rights and interests of the user are protected from being infringed, and good social and economic benefits are achieved.
Fig. 9 is a schematic structural diagram of a second example of a data service platform for secure use of user information data according to a specific embodiment of the present invention, and as shown in fig. 9, before the data service platform receives data use request information from a data user device, the data service platform sends data description information to the data user device, and the data user device compiles a business algorithm according to the data description information.
In the embodiment shown in the figure, the data service platform for secure use of user information data further comprises a sending unit 23. Wherein, the sending unit 23 is configured to send data specification information to the data consumer device; the receiving unit 21 is further configured to receive a service algorithm written by the data consumer device according to the data specification information, so as to generate the desensitization user data from the user personal data by using the service algorithm.
As shown in fig. 9, the data provider device sends data description information to the data consumer device through the data service platform, and the data consumer device compiles a business algorithm according to the data description information, wherein the compiled business algorithm not only meets the requirements of the data consumer, but also is highly related to the data provided by the data provider device, so that the personal data of the user is fully utilized, and the personal privacy of the user is protected from being violated.
In another embodiment of the present invention, the data service platform for secure use of user information data further includes a sending unit 23. Wherein, the sending unit 23 is configured to send the data usage authorization request information to the user terminal device. The receiving unit 21 is further configured to receive, from the user terminal device, authorization confirmation information fed back by the user terminal device according to the data usage authorization request information; the sending unit 23 is further configured to transmit the desensitized user data to the data consumer apparatus according to the authorization confirmation information. The data service platform sends data use authorization request information to the user terminal equipment, the user terminal equipment feeds back authorization confirmation information to the data service platform according to the data use authorization request information, and the data service platform transmits desensitized user data to the data user equipment according to the authorization confirmation information.
Fig. 10 is a flowchart of a sixth embodiment of a method for securely using user information data according to a specific embodiment of the present invention, and as shown in fig. 10, a data provider device sends data description information to a data service platform, and a data consumer device writes a business algorithm according to the data description information and sends the business algorithm to the data provider device through the data service platform for authentication.
In the embodiment shown in the figure, the method for safely using the user information data comprises the following steps:
step 311: and sending the data description information to the data service platform. In a specific embodiment of the present invention, the data provider device sends data description information to the data service platform, that is, the data provider describes the attribute of the data owned by itself, for example, the data type, the field to which the data belongs, the data generation time, the data acquisition mode, and the like, through the data description information.
Step 312: and receiving a business algorithm written by the data user equipment according to the data description information from the data service platform. In the specific embodiment of the invention, the data user equipment compiles the business algorithm according to the data description information and sends the compiled business algorithm to the data service platform.
Step 313: and authenticating the business algorithm so that the data service platform generates desensitized user data from the user personal data by using the business algorithm after the authentication is passed. In the specific embodiment of the invention, the data service platform sends the business algorithm to the data provider equipment for authentication, and after the authentication is passed, the data service platform generates desensitized user data from the personal data of the user by using the business algorithm.
Referring to fig. 10, the data user device compiles a service algorithm according to the data description information and its own requirements, and processes the user personal data by using the compiled service algorithm before using the user personal data, so that the desensitized user data can meet the specific service requirements without revealing the user's personal privacy. For example, if the data consumer is a bank, the business algorithm is a user credit point algorithm; if the data user is an insurance company, the business algorithm is a green trip algorithm of the motor vehicle.
Fig. 11 is a flowchart of a seventh embodiment of a method for securely using user information data according to an embodiment of the present invention, as shown in fig. 11, after the user terminal device authorizes, the data service platform sends desensitized user data to the data user device.
In the embodiment shown in the figure, after step 313, the method for securely using the user information data further includes:
step 314: receiving the desensitized user data from the data service platform upon authorization by a user terminal device. In a specific embodiment of the present invention, the data consumer device can only receive desensitized user data from the data service platform after the user terminal device is authorized.
Referring to fig. 11, after the user authorization, desensitized user data can be used by the data user, so that the security of the personal privacy of the user is further improved, and the personal privacy of the user is protected from being disclosed.
Fig. 12 is a schematic structural diagram of a data provider device for securely using user information data according to an embodiment of the present invention, where the device shown in fig. 12 may be applied to the methods shown in fig. 10 and fig. 11, the data provider device sends data description information to a data service platform, and the data consumer device writes a business algorithm according to the data description information and sends the business algorithm to the data provider device through the data service platform for authentication; and after the user terminal equipment authorizes, the data service platform sends desensitized user data to the data user equipment.
In the embodiment shown in the figure, the data provider device for secure use of user information data includes a transmitting unit 31, a receiving unit 32, and an authentication unit 33. The sending unit 31 is configured to send data description information to the data service platform; the receiving unit 32 is configured to receive, from the data service platform, a business algorithm written by the data consumer device according to the data specification information; the authentication unit 33 is configured to authenticate the business algorithm, so that the data service platform generates desensitized user data from the user personal data by using the business algorithm after the authentication is passed. The receiving unit 32 is further configured to receive the desensitized user data from the data service platform after authorization of the user terminal device.
Referring to fig. 12, the data user device compiles a service algorithm according to the data description information and its own requirements, and processes the user personal data by using the compiled service algorithm before using the user personal data, so that the desensitized user data can meet the specific service requirements without revealing the user personal privacy; after the user authorization, desensitized user data can be used by a data user, so that the safety of the personal privacy of the user is further improved, and the personal privacy of the user is guaranteed not to be revealed.
Fig. 13 is a flowchart of an eighth embodiment of a method for securely using user information data according to the specific embodiment of the present invention, and as shown in fig. 13, a user terminal device receives data use authorization request information from a data service platform, and determines whether to authorize data use according to the data use authorization request information.
In the embodiment shown in the figure, the method for safely using the user information data comprises the following steps:
step 411: data use authorization request information is received from the data service platform. In a specific embodiment of the present invention, the user terminal device receives data use authorization request information from the data service platform.
Step 412: and feeding back authorization confirmation information to the data service platform according to the data use authorization request information so that the data service platform transmits desensitized user data to the data user equipment according to the authorization confirmation information. In the specific embodiment of the invention, the user determines whether to authorize through the authorization interface of the user terminal device, for example, the user inputs the verification code and the identification number in the authorization interface, the user uses the personal data of the user by the authorized data user, and after the user authorizes, the user terminal device automatically feeds back authorization confirmation information to the data service platform.
Referring to fig. 13, the user terminal device receives the data use authorization request information from the data service platform, and determines whether to allow the data user device to use desensitized user data according to the data use authorization request information, so that the user can effectively supervise personal data of the user, prevent personal privacy of the user from being leaked, and effectively protect the legitimate rights and interests of the user.
Fig. 14 is a schematic structural diagram of a user terminal device for securely using user information data according to an embodiment of the present invention, and the device shown in fig. 14 can be applied to the method shown in fig. 13, where the user terminal device receives data usage authorization request information from a data service platform, and determines whether to authorize data usage according to the data usage authorization request information.
In the embodiment shown in the figure, the user terminal device for secure use of user information data comprises a receiving unit 41 and a transmitting unit 42. Wherein, the receiving unit 41 is configured to receive data usage authorization request information from the data service platform; the sending unit 42 is configured to feed back authorization confirmation information to the data service platform according to the data usage authorization request information, so that the data service platform transmits desensitized user data to the data user equipment according to the authorization confirmation information.
Referring to fig. 14, the user terminal device receives the data use authorization request information from the data service platform, and determines whether to allow the data user device to use desensitized user data according to the data use authorization request information, so that the user can effectively supervise personal data of the user, prevent personal privacy of the user from being leaked, and effectively protect the legitimate rights and interests of the user.
Fig. 15 is a schematic composition diagram of a system for securely using user information data according to an embodiment of the present invention, and as shown in fig. 15, the system for securely using user information data includes: a plurality of data consumer devices 100, a data service platform 200, a plurality of data provider devices 300, and a plurality of user terminal devices 400. Wherein the data consumer device 100, the data provider device 300 and the user terminal device 400 are all connected to the data service platform 200. The data consumer device 100 is configured to write a business algorithm according to the data description information provided by the data provider device 300, and use desensitized user data on the data service platform 200; the data service platform 200 is configured to generate the desensitized user data from the user personal data by using the business algorithm, and transmit the desensitized user data to the data consumer device 100 after being authorized by the user terminal device 400; the data provider device 300 is configured to provide the user personal data to the data service platform 200 and authenticate the business algorithm written by the data consumer device 100; the user terminal device 400 is used to authorize the legitimate use of the user's personal data by the data consumer device 100.
The embodiment of the present invention also provides a computer storage medium containing a computer executable instruction, where when the computer executable instruction is processed by a data processing device, the data processing device executes a method for securely using user information data in fig. 1, 2, 5 to 7, 10, 11, or 13.
Fig. 16 is an operation sequence diagram of a system for securely using user information data according to an embodiment of the present invention, as shown in fig. 16, a data provider device 300 transmits sending data description information to a data consumer device 100 through a data service platform 200; the data consumer device 100 writes a business algorithm according to the data description information and transmits the business algorithm to the data provider device 300 and the user terminal device 400 through the data service platform 200; the data provider device 300 authenticates the service algorithm and feeds back an authentication confirmation message to the data service platform 200, and the data service platform 200 transmits the authentication confirmation message to the data consumer device 100 and the user terminal device 400; the data consumer device 100 sends data usage request information to the data service platform 200; the data service platform 200 sends data use authorization request information to the user terminal device 400 and receives an authorization confirmation message fed back by the user terminal device 400; the data service platform 200 generates desensitized user data from the user personal data and sends the desensitized user data to the data consumer device 100.
The specific embodiment of the invention provides a method, equipment and a system for safely using user information data and a storage medium, wherein a data user defines a service processing algorithm of user personal data, and a data provider authenticates the service processing algorithm; if the user needs to use the user personal data, under the condition of obtaining the user authorization, the user personal data is processed by using the authenticated service processing algorithm (on the premise of not influencing the normal use of the user personal data, desensitization processing is carried out on the user personal data), the processed user personal data is sent to the data user, and the normal use of the user personal data is not influenced while the user personal privacy is protected (the user privacy or the original data are not exposed); and by using a block chain technology, the data interaction process and the algorithm execution result can be traced and cannot be tampered, and the authenticity and the effectiveness of the process are ensured.
The embodiments of the invention described above may be implemented in various hardware, software code, or combinations of both. For example, an embodiment of the present invention may also be program code for executing the above method in a Digital Signal Processor (DSP). The invention may also relate to a variety of functions performed by a computer processor, digital signal processor, microprocessor, or Field Programmable Gate Array (FPGA). The processor described above may be configured according to the present invention to perform certain tasks by executing machine-readable software code or firmware code that defines certain methods disclosed herein. Software code or firmware code may be developed in different programming languages and in different formats or forms. Software code may also be compiled for different target platforms. However, the different code styles, types, and languages of software code and other types of configuration code that perform tasks in accordance with the present invention do not depart from the spirit and scope of the present invention.
The foregoing is merely an illustrative embodiment of the present invention, and any equivalent changes and modifications made by those skilled in the art without departing from the spirit and principle of the present invention should fall within the protection scope of the present invention.
Claims (11)
1. A method for secure use of user information data, the method comprising:
receiving data description information from a data service platform;
compiling a service algorithm according to the data description information;
the business algorithm is transmitted to data provider equipment through the data service platform for authentication, so that the data service platform generates desensitized user data from the personal data of the user by using the business algorithm after the authentication is passed;
sending data use request information to a data service platform;
desensitization user data generated according to the data use request information is received from the data service platform, wherein the data service platform generates the desensitization user data according to user personal data and sends data use authorization request information to user terminal equipment; receiving authorization confirmation information fed back by the user terminal equipment according to the data use authorization request information from the user terminal equipment; and transmitting the desensitized user data to a data consumer device according to the authorization confirmation information.
2. A data-using side apparatus for secure use of user information data, the data-using side apparatus comprising:
a receiving unit, configured to receive data description information from a data service platform;
the arrangement unit is used for compiling a service algorithm according to the data description information; and
a sending unit, configured to transmit the business algorithm to a data provider device through the data service platform for authentication, so that the data service platform generates desensitized user data from user personal data by using the business algorithm after authentication is passed,
the sending unit is also used for sending data use request information to the data service platform;
the receiving unit is further configured to receive desensitization user data generated according to the data usage request information from the data service platform, where the data service platform generates the desensitization user data according to user personal data and sends data usage authorization request information to user terminal equipment; receiving authorization confirmation information fed back by the user terminal equipment according to the data use authorization request information from the user terminal equipment; and transmitting the desensitized user data to a data consumer device according to the authorization confirmation information.
3. A method for secure use of user information data, the method comprising:
sending data description information to the data consumer device;
receiving a business algorithm compiled by the data user equipment according to the data description information, so that after the business algorithm is authenticated by the data provider equipment, the business algorithm is used for generating desensitized user data from the user personal data;
receiving data usage request information from a data usage side device;
processing the user personal data into desensitized user data according to the data use request information;
sending data use authorization request information to user terminal equipment;
receiving authorization confirmation information fed back by the user terminal equipment according to the data use authorization request information from the user terminal equipment; and
transmitting the desensitized user data to the data consumer device according to the authorization confirmation information.
4. A method for secure use of user information data according to claim 3, wherein prior to the step of processing the user personal data into desensitized user data according to said data use request information, the method further comprises:
sending data use authorization request information to user terminal equipment; and
and receiving authorization confirmation information fed back by the user terminal equipment according to the data use authorization request information from the user terminal equipment.
5. A data service platform for secure use of user information data, the data service platform comprising:
a transmitting unit for transmitting the data specification information to the data consumer apparatus,
a receiving unit, configured to receive a service algorithm written by the data consumer device according to the data specification information, so that the service algorithm is authenticated by the data provider device, and then desensitizes user data generated from user personal data by using the service algorithm, and the receiving unit is further configured to receive data usage request information from the data consumer device;
a processing unit for processing the user personal data into desensitized user data according to the data usage request information; and
a transmitting unit for transmitting data use authorization request information to the user terminal device,
the receiving unit is further configured to receive, from the user terminal device, authorization confirmation information fed back by the user terminal device according to the data usage authorization request information;
the sending unit is further configured to transmit the desensitized user data to the data consumer device according to the authorization confirmation information.
6. A method for secure use of user information data, the method comprising:
sending data description information to a data service platform;
receiving a business algorithm written by the data user equipment according to the data description information from the data service platform;
the service algorithm is authenticated so that the data service platform generates desensitized user data from the personal data of the user by using the service algorithm after the authentication is passed, and the data service platform sends data use authorization request information to user terminal equipment; and
the data consumer device receives the desensitized user data from the data service platform after authorization by the user terminal device.
7. A data provider device for secure use of user information data, the data provider device comprising:
the sending unit is used for sending data description information to the data service platform;
the receiving unit is used for receiving a business algorithm compiled by the data user equipment according to the data description information from the data service platform; and
the authentication unit is used for authenticating the business algorithm so that the data service platform generates desensitized user data from the personal data of the user by using the business algorithm after the authentication is passed, the data service platform sends data use authorization request information to user terminal equipment,
the receiving unit is further configured to receive the desensitized user data from the data service platform by the data consumer device after authorization of the user terminal device.
8. A method for secure use of user information data, the method comprising:
receiving data use authorization request information from a data service platform; and
and feeding back authorization confirmation information to the data service platform according to the data use authorization request information so that the data service platform transmits desensitized user data to the data user equipment according to the authorization confirmation information, wherein after a business algorithm written by the data user equipment is authenticated by the data provider equipment, the data service platform generates desensitized user data from the user personal data by using the business algorithm.
9. A user terminal device for secure use of user information data, the user terminal device comprising:
a receiving unit, configured to receive data use authorization request information from a data service platform; and
and the sending unit is used for feeding back authorization confirmation information to the data service platform according to the data use authorization request information so that the data service platform can transmit desensitized user data to the data user equipment according to the authorization confirmation information, wherein after a business algorithm written by the data user equipment is authenticated by the data provider equipment, the data service platform generates desensitized user data from the user personal data by using the business algorithm.
10. A system for secure use of user information data, the system comprising: the data services platform of claim 5, a plurality of data consumer devices of claim 2, a plurality of data provider devices of claim 7, and a plurality of user terminal devices of claim 9, wherein the data consumer devices, the data provider devices, and the user terminal devices are all connected to the data services platform,
the data user equipment is used for compiling a business algorithm according to the data description information provided by the data provider equipment and using desensitized user data on the data service platform;
the data service platform is used for generating the desensitization user data from the user personal data by using the business algorithm, and transmitting the desensitization user data to the data user equipment after the authorization of the user terminal equipment;
the data provider device is used for providing the user personal data to the data service platform and authenticating the business algorithm written by the data user device;
the user terminal device is used for authorizing the data user device to legally use the user personal data.
11. A computer storage medium containing computer executable instructions, wherein the computer executable instructions when processed by a data processing apparatus perform the method of any one of claims 1, 3, 4, 6, 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710983616.9A CN109697368B (en) | 2017-10-20 | 2017-10-20 | Method, device and system for safe use of user information data and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710983616.9A CN109697368B (en) | 2017-10-20 | 2017-10-20 | Method, device and system for safe use of user information data and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109697368A CN109697368A (en) | 2019-04-30 |
| CN109697368B true CN109697368B (en) | 2021-02-02 |
Family
ID=66225323
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710983616.9A Active CN109697368B (en) | 2017-10-20 | 2017-10-20 | Method, device and system for safe use of user information data and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109697368B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110290125B (en) * | 2019-06-17 | 2021-12-28 | 西安纸贵互联网科技有限公司 | Data security system based on block chain and data security processing method |
| CN113206758A (en) * | 2021-04-27 | 2021-08-03 | 北京极智数仓科技有限公司 | Cross-cloud-platform terminal data service method and system |
| CN113472757B (en) * | 2021-06-18 | 2022-06-24 | 上汽通用五菱汽车股份有限公司 | Vehicle data processing method, processing platform and readable storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105515963A (en) * | 2015-12-03 | 2016-04-20 | 中国联合网络通信集团有限公司 | Data gateway device and big data system |
| CN106530002A (en) * | 2016-10-28 | 2017-03-22 | 国信优易数据有限公司 | Personal information processing system and method thereof |
| CN106599713A (en) * | 2016-11-11 | 2017-04-26 | 中国电子科技网络信息安全有限公司 | Database masking system and method based on big data |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9251355B2 (en) * | 2013-07-30 | 2016-02-02 | International Business Machines Corporation | Field level database encryption using a transient key |
-
2017
- 2017-10-20 CN CN201710983616.9A patent/CN109697368B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105515963A (en) * | 2015-12-03 | 2016-04-20 | 中国联合网络通信集团有限公司 | Data gateway device and big data system |
| CN106530002A (en) * | 2016-10-28 | 2017-03-22 | 国信优易数据有限公司 | Personal information processing system and method thereof |
| CN106599713A (en) * | 2016-11-11 | 2017-04-26 | 中国电子科技网络信息安全有限公司 | Database masking system and method based on big data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109697368A (en) | 2019-04-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Dai et al. | SDTE: A secure blockchain-based data trading ecosystem | |
| US8768847B2 (en) | Privacy enhancing personal data brokerage service | |
| US20210377258A1 (en) | Attributed network enabled by search and retreival of privity data from a registry and packaging of the privity data into a digital registration certificate for attributing the data of the attributed network | |
| US20040127196A1 (en) | Methods and apparatus for managing secured software for a wireless device | |
| CN111914293B (en) | Data access right verification method and device, computer equipment and storage medium | |
| CN112333198A (en) | Secure cross-domain login method, system and server | |
| CN101977183B (en) | High reliable digital content service method applicable to multiclass terminal equipment | |
| KR20110113179A (en) | Software application verification | |
| CN113169866A (en) | Techniques to prevent collusion using simultaneous key distribution | |
| CN111478910A (en) | User identity authentication method and device, electronic equipment and storage medium | |
| CN109697368B (en) | Method, device and system for safe use of user information data and storage medium | |
| CN110708162B (en) | Resource acquisition method and device, computer readable medium and electronic equipment | |
| CN112699353B (en) | Financial information transmission method and financial information transmission system | |
| WO2020047116A1 (en) | Techniques for data access control utilizing blockchains | |
| CN111475782A (en) | API (application program interface) key protection method and system based on SGX (secure gateway) software extension instruction | |
| CN111460525A (en) | Data processing method and device based on block chain and storage medium | |
| CN110992032A (en) | Method and device for evaluating credible users by combining multiple parties | |
| CN111666591A (en) | Online underwriting data security processing method, system, equipment and storage medium | |
| CN111932261A (en) | Asset data management method and device based on verifiable statement | |
| CN113326327B (en) | Block chain-based certificate query method, system and device | |
| CN117077202A (en) | SGX (service gateway) -based network data security protection system and method | |
| CN112433985A (en) | Controlling the composition of information submitted to a computing system | |
| CN115664668A (en) | Private data processing method and device | |
| CN113129017B (en) | Information sharing method, device and equipment | |
| KR102199486B1 (en) | Authorized authentication agency for content providers |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20210129 Address after: 102488 511, 4th floor, building 16, courtyard 1, Tianxing street, Fangshan District, Beijing Patentee after: Beijing Gongshi Technology Co.,Ltd. Address before: 100192 room 201c, A-1 / F, Dongsheng Science Park, 66 xixiaokou, Haidian District, Beijing Patentee before: BEIJING BELINK TECHNOLOGY Co.,Ltd. |