CN111737337A - Multi-party data conversion method, device and system based on data privacy protection - Google Patents

Multi-party data conversion method, device and system based on data privacy protection Download PDF

Info

Publication number
CN111737337A
CN111737337A CN202010818374.XA CN202010818374A CN111737337A CN 111737337 A CN111737337 A CN 111737337A CN 202010818374 A CN202010818374 A CN 202010818374A CN 111737337 A CN111737337 A CN 111737337A
Authority
CN
China
Prior art keywords
data
modulus
share
space
owner
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010818374.XA
Other languages
Chinese (zh)
Other versions
CN111737337B (en
Inventor
李漓春
张祺智
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ant Blockchain Technology Shanghai Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202010818374.XA priority Critical patent/CN111737337B/en
Publication of CN111737337A publication Critical patent/CN111737337A/en
Application granted granted Critical
Publication of CN111737337B publication Critical patent/CN111737337B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/25Integrating or interfacing systems involving database management systems
    • G06F16/258Data format conversion from or to a database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the specification provides a multi-party data conversion method, device and system based on data privacy protection. Each data owner has a first modulus space share of the first data, which is obtained by performing a share decomposition on a modulo result of the first data with respect to the first modulus. At each data owner, selecting and using respective random integers to mask the first mode space share; and sending the first model space quota after the covering processing to a third party server. And the third-party server performs data merging processing on the first modulus space share of each data owner after being covered, and performs share decomposition on the data merging result aiming at the modulus taking result of the second modulus to obtain a modulus-space conversion intermediate result. And each data owner uses respective random integers to carry out unmasking processing on the acquired intermediate result of the mode space conversion to obtain a second mode space share of the data.

Description

Multi-party data conversion method, device and system based on data privacy protection
Technical Field
The embodiment of the specification relates to the field of artificial intelligence, in particular to a multi-party data conversion method, device and system based on data privacy protection.
Background
With the development of artificial intelligence technology, business models, such as machine learning models, have been increasingly applied to various business application scenarios, such as risk assessment, speech recognition, natural language processing, and the like. In order to achieve better model performance or obtain more accurate model prediction results, when model training or model prediction is performed, local business data of multiple data owners are used for model calculation, for example, secret sharing-based multi-party security calculation.
In some cases, operating systems installed on processing devices owned by different data owners may be different, e.g., 32-bit operating systems, 64-bit operating systems, etc., so that the number of bits of data computation supported is different, thereby resulting in the need for data modulo conversion when performing model computations. In model calculation based on multi-party data, each data owner does not want private data of the owner to be known by others, and therefore, how to realize data modular transformation under the condition of ensuring the security of the private data of each data owner becomes a problem to be solved urgently.
Disclosure of Invention
In view of the foregoing, embodiments of the present specification provide a multi-party data conversion method, apparatus, and system based on data privacy protection. With the method, the device and the system, the masked first modulus space share (modulus space share before modulus transformation) is subjected to masking processing by using random integers at each data owner, and the masked first modulus space share is sent to a third-party server to recover data and perform modulus space share decomposition for a second modulus. Then, each data owner performs unmasking processing on the modulus space share decomposed by the third-party server by using the corresponding random integer, thereby obtaining a second modulus space share (modulus space share after modulus transformation). In this way, the parts of the model space sent by the data owners to the third-party server are all data after being masked, so that the third-party server cannot learn the real data information of the data owners, and therefore, the private data of the data owners can be prevented from being leaked.
According to an aspect of embodiments of the present specification, there is provided a multiparty data conversion method based on data privacy protection, each data owner having a first modulus space share of first data, the first modulus space share being obtained by performing a share decomposition on a modulo result of the first data with respect to a first modulus, the method including: at each data owner, selecting a respective random integer and masking the first modulo space share with the selected random integer; each data owner sends the first model space quota after being covered to a third-party server; at the third-party server, performing data merging processing on the first modulus space fractions of the data owners after the covering processing, performing fraction decomposition on data merging results aiming at modulus taking results of the second modulus to obtain modulus space conversion intermediate results, and distributing the obtained modulus space conversion intermediate results to the data owners; and at each data owner, performing unmasking processing on the acquired intermediate result of the mode-space conversion by using respective random integers to obtain a second mode-space share of the first data.
Optionally, in one example of the above aspect, selecting, at each data owner, a respective random integer comprises: at each data owner, a random integer at each data owner is selected based on the first data and the first modulus.
Optionally, in one example of the above aspect, selecting a random integer at each data owner according to the first data and the first modulus comprises: when the first data X is a signed integer, the random integer of each data owner is selected according to the following relation
Figure 923127DEST_PATH_IMAGE001
To
Figure 115074DEST_PATH_IMAGE002
Figure 962070DEST_PATH_IMAGE003
Wherein n isThe first modulus, K, is the total number of data owners.
Optionally, in one example of the above aspect, selecting a random integer at each data owner according to the first data and the first modulus comprises: when the first data X is a signed integer, the range of values is taken
Figure 315691DEST_PATH_IMAGE004
In which random integers of respective data owners are selected
Figure 113883DEST_PATH_IMAGE001
To
Figure 47204DEST_PATH_IMAGE002
Where n is the first modulus and K is the total number of data owners.
Optionally, in one example of the above aspect, selecting a random integer at each data owner according to the first data and the first modulus comprises: when the first data X is an unsigned integer, the random integer of each data owner is selected according to the following relation
Figure 247241DEST_PATH_IMAGE001
To
Figure 37342DEST_PATH_IMAGE002
Figure 322830DEST_PATH_IMAGE005
Where n is the first modulus and K is the total number of data owners.
Optionally, in one example of the above aspect, selecting a random integer at each data owner according to the first data and the first modulus comprises: when the first data X is an unsigned integer, the range of values is taken
Figure 59842DEST_PATH_IMAGE006
In which random integers of respective data owners are selected
Figure 114386DEST_PATH_IMAGE001
To
Figure 75388DEST_PATH_IMAGE002
Where n is the first modulus and K is the total number of data owners.
Optionally, in one example of the above aspect, the first data is applied to secret sharing based multi-party secure computing.
According to another aspect of embodiments of the present specification, there is provided a multiparty data conversion method based on data privacy protection, each data owner having a first modulo-space share of first data, the first modulo-space share being obtained by performing share decomposition on a modulo result of the first data with respect to a first modulus, the method being applied to the data owner, the method including: selecting a random integer and masking the first mode space share of the first data with the selected random integer; sending the first model space quota subjected to covering processing to a third-party server; acquiring a module space conversion intermediate result from the third-party server, wherein the module space conversion intermediate result is obtained by performing data merging processing on the first module space share of each data owner after the covering processing at the third-party server and performing share decomposition on the data merging result aiming at a second modulus acquisition result; and performing unmasking processing on the obtained mode space conversion intermediate result by using the random integer to obtain a second mode space share of the first data.
According to another aspect of embodiments of the present specification, there is provided a multiparty data conversion method based on data privacy protection, each data owner having a first modulus space share of first data, the first modulus space share being obtained by performing share decomposition on a modulus result of the first data with respect to a first modulus, the method being applied to a third-party server, the method including: acquiring a first masked modulus space share from each data owner, wherein the first masked modulus space share of each data owner is obtained by masking the first masked modulus space share by using a selected random integer at each data owner; carrying out data merging processing on the first modulus space fractions of all data owners after the covering processing, and carrying out fraction decomposition on the data merging results aiming at the modulus results of the second modulus to obtain a modulus space conversion intermediate result; and distributing the obtained mode space conversion intermediate result to each data owner.
According to another aspect of embodiments of the present specification, there is provided a multi-party data conversion apparatus based on data privacy protection, each data owner having a first modulus space share of first data, the first modulus space share being obtained by performing a share decomposition on the first data with respect to a modulus result of a first modulus, the multi-party data conversion apparatus being applied to the data owner, the multi-party data conversion apparatus including: a random number selection unit that selects a random integer; the masking processing unit is used for masking the first mode space share by using the selected random integer; the share sending unit is used for sending the first modulus space share subjected to the covering processing to a third-party server; an intermediate result obtaining unit, configured to obtain an intermediate result of the analog-to-digital conversion from the third-party server, where the intermediate result of the analog-to-digital conversion is obtained by performing data merging processing on the first analog-to-digital space shares of the data owners after the masking processing at the third-party server and performing share decomposition on the data merging result for a second analog-to-digital modulus result; and the unmasking processing unit is used for carrying out unmasking processing on the acquired intermediate result of the mode space conversion by using the random integer to obtain a second mode space share of the first data.
Optionally, in an example of the above aspect, the random number selection unit selects a random integer according to the first data and the first modulus.
Alternatively, in one example of the above-described aspect, when the first data X is a signed integer, the random number selection unit selects the random integer of each data owner according to the following relational expression
Figure 340848DEST_PATH_IMAGE001
To
Figure 412709DEST_PATH_IMAGE002
Figure 525022DEST_PATH_IMAGE003
Where n is the first modulus and K is the total number of data owners.
Alternatively, in one example of the above aspect, the random number selection unit selects the random number from the value range when the first data X is a signed integer
Figure 656926DEST_PATH_IMAGE004
Wherein n is the first modulus.
Alternatively, in one example of the above-described aspect, when the first data X is an unsigned integer, the random number selection unit selects a random integer of each data owner according to the following relational expression
Figure 917006DEST_PATH_IMAGE001
To
Figure 792558DEST_PATH_IMAGE002
Figure 759377DEST_PATH_IMAGE005
Where n is the first modulus and K is the total number of data owners.
Alternatively, in one example of the above aspect, the random number selection unit selects the random number from the value range when the first data X is an unsigned integer
Figure 62182DEST_PATH_IMAGE006
Wherein n is the first modulus.
According to another aspect of embodiments of the present specification, there is provided a multi-party data conversion apparatus based on data privacy protection, each data owner having a first modulus space share of first data, the first modulus space share being obtained by performing a share decomposition on a modulus result of the first data with respect to a first modulus, the multi-party data conversion apparatus being applied to a third-party server, the multi-party data conversion apparatus including: a share acquisition unit that acquires a masked first modulus space share from each data owner, the masked first modulus space share of each data owner being obtained by masking the first modulus space share with a selected random integer at each data owner; the data merging unit is used for merging the data of the first mode space share which is subjected to the covering processing and is owned by each data owner; the share decomposition unit is used for executing share decomposition on the data merging result aiming at the modulus result of the second modulus to obtain a modulus-space conversion intermediate result; and a share transmitting unit that distributes the obtained intermediate result of the mode-space conversion to the respective data owners.
According to another aspect of embodiments herein, there is provided a multi-party data conversion system based on data privacy protection, including: at least two data owners, each having a first modulus space share of the first data, the first modulus space share being obtained by performing a share decomposition on a modulus result of the first data with respect to the first modulus, each data owner comprising the multi-party data conversion apparatus as described above; and a third party server comprising the multi-party data conversion device as described above.
According to another aspect of embodiments of the present specification, there is provided an electronic apparatus including: at least one processor, and a memory coupled with the at least one processor, the memory storing instructions that, when executed by the at least one processor, cause the at least one processor to perform a method performed on a data owner side as described above.
According to another aspect of embodiments of the present specification, there is provided a machine-readable storage medium storing executable instructions that, when executed, cause the machine to perform the method performed on a data owner side as described above.
According to another aspect of embodiments of the present specification, there is provided an electronic apparatus including: at least one processor, and a memory coupled with the at least one processor, the memory storing instructions that, when executed by the at least one processor, cause the at least one processor to perform a method performed at a third party server side as described above.
According to another aspect of embodiments of the present specification, there is provided a machine-readable storage medium storing executable instructions that, when executed, cause the machine to perform a method performed on a third party server side as described above.
Drawings
A further understanding of the nature and advantages of the present disclosure may be realized by reference to the following drawings. In the drawings, similar components or features may have the same reference numerals.
FIG. 1 illustrates an example schematic of data sets and modulus space shares that various data owners have in accordance with an embodiment of the present description.
FIG. 2 illustrates an example schematic diagram of a multi-party data conversion system according to embodiments of the present description.
FIG. 3 illustrates an example flow diagram of a multi-party data conversion method in accordance with embodiments of the present specification.
Fig. 4 shows a block diagram of a multi-party data conversion apparatus on a data owner side according to an embodiment of the present specification.
Fig. 5 shows a block diagram of a multi-party data conversion device on the third party server side according to an embodiment of the present description.
Fig. 6 shows a schematic diagram of an electronic device for implementing a multi-party data conversion process on the data owner side according to an embodiment of the present description.
Fig. 7 shows a schematic diagram of an electronic device for implementing a multiparty data conversion process on a third party server side according to an embodiment of the present description.
Detailed Description
The subject matter described herein will now be discussed with reference to example embodiments. It should be understood that these embodiments are discussed only to enable those skilled in the art to better understand and thereby implement the subject matter described herein, and are not intended to limit the scope, applicability, or examples set forth in the claims. Changes may be made in the function and arrangement of elements discussed without departing from the scope of the disclosure. Various examples may omit, substitute, or add various procedures or components as needed. For example, the described methods may be performed in an order different from that described, and various steps may be added, omitted, or combined. In addition, features described with respect to some examples may also be combined in other examples.
As used herein, the term "include" and its variants mean open-ended terms in the sense of "including, but not limited to. The term "based on" means "based at least in part on". The terms "one embodiment" and "an embodiment" mean "at least one embodiment". The term "another embodiment" means "at least one other embodiment". The terms "first," "second," and the like may refer to different or the same object. Other definitions, whether explicit or implicit, may be included below. The definition of a term is consistent throughout the specification unless the context clearly dictates otherwise.
When performing business model training or model prediction, in order to train a business model with better model performance or obtain a more accurate model prediction result, local business data of multiple data owners are used to jointly perform model calculation, for example, multi-party security calculation based on secret sharing. However, in some cases, operating systems installed on processing devices owned by different data owners may be different, for example, 32-bit operating systems, 64-bit operating systems, etc., so that the number of bits of data calculation supported is different, thereby requiring data modular conversion when performing model calculations. In the model calculation based on the multi-party data, each data owner does not want the private data of the data owner to be known by others, so that the data mode transformation is required to be realized under the condition that the private data of each data owner is ensured to be safe.
To solve the above problemsThe problem is to provide a data mode conversion method based on safety comparison. In this approach, the data owner P1 holds the modulo-n spatial share of data X before the modulo transformation
Figure 809558DEST_PATH_IMAGE007
Data owner P2 holds modulo-n spatial shares of data X
Figure 223222DEST_PATH_IMAGE008
In performing the modular transformation, the data owner P1 generates [0, m-1 ]]Random number in interval as
Figure 608329DEST_PATH_IMAGE009
. Subsequently, the data owners P1 and P2 adopt a multi-party secure computing protocol, and secure computing is performed
Figure 82036DEST_PATH_IMAGE010
And will be
Figure 254391DEST_PATH_IMAGE011
And is provided to the data owner P2, thereby implementing secure modular transformation. In this implementation,% security calculation requires the use of a security comparison algorithm, the resource consumption is severe, and the performance of the security comparison algorithm is poor.
In view of the foregoing, embodiments of the present specification propose a multi-party data conversion scheme based on data privacy protection. In the multi-party data conversion scheme, random numbers are used at each data owner to mask the first modulus space share (modulus space share before modulus transformation), and the masked first modulus space share is sent to a third-party server for data recovery and modulus space share decomposition for the second modulus. Then, each data owner performs unmasking processing on the modulus space share decomposed by the third-party server by using the corresponding random number, thereby obtaining a second modulus space share (modulus space share after modulus transformation). According to the mode, the third-party server is introduced to carry out the decomposition of the modulus space share, so that two data owners do not need to adopt a multi-party secure computing protocol to determine the modulus space share, and the secure modulus conversion efficiency is greatly improved. In addition, the modulus space shares sent by the data owners to the third-party server are all data subjected to masking processing, so that the third-party server cannot obtain real data information of the data owners, and therefore privacy data leakage of the data owners during data modulus transformation can be prevented.
A multiparty data conversion method, apparatus and system based on data privacy protection according to embodiments of the present specification are described below with reference to the accompanying drawings.
FIG. 1 illustrates an example schematic of data sets and modulus space shares that various data owners have in accordance with an embodiment of the present description.
As shown in fig. 1, the first data according to an embodiment of the present specification may be business data used by a business model, such as user characteristic data, business transaction data, and the like. The first data may include a single piece of service data or a service data set composed of a plurality of pieces of service data, each of which may include characteristic values of a plurality of service characteristics, and the first data set composed of a plurality of pieces of service data having three service characteristics is shown in fig. 1. In addition, the eigenvalue of each traffic sample may be an eigenvalue subjected to an eigenvector quantization process, and the eigenvalue takes an integer value, for example, the data sample X1 shown in fig. 1 is {14, 12, 9 }.
The first data set may be composed collectively of traffic data collected locally by the respective data owners. Each data owner has partial data of the respective service data. In an embodiment of the present specification, the data owned by each data owner may be a first modulus space share of each piece of traffic data in the first data set, where the first modulus space share may be obtained by performing a fraction decomposition on a modulo result of each piece of traffic data with respect to a first modulus. As shown in fig. 1, for the traffic data X1, the first modulus space shares that the data owners a to C have may be obtained by performing a fraction decomposition on the modulo result of the modulus 16 of the traffic data X1. Specifically, the modulus of the traffic data X1 against the modulus 16 is {14, 12, 9}, so that the share decomposition of {14, 12, 9} results in that the data owner a has a first share of the modulus space of {2, 3, 2}, the data owner B has a first share of the modulus space of {5, 4, 3}, and the data owner C has a first share of the modulus space of {7, 5, 4 }.
The traffic data X2 and X3 are subjected to share decomposition in the same share processing manner, so that a first modulus space share for the traffic data X2 and X3 at each data owner is obtained, as shown in fig. 1.
FIG. 2 illustrates an example schematic diagram of a multi-party data conversion system according to embodiments of the present description.
As shown in FIG. 2, the multi-party data conversion system includes a plurality of data owners 210 and a third party server 220. Each data owner 210 has a multi-party data conversion device. For simplicity of description, only two data owners, namely, data owner A210-1 and data owner B210-2, are shown in FIG. 2. In other embodiments of the present description, a multi-party data conversion system may have more data owners.
Each data owner 210 has a first modulus space share of the first data, which is obtained by a fraction decomposition of the first data with respect to a modulo result of the first modulus, which may be obtained, for example, in the fraction decomposition manner shown in fig. 1.
When performing the multi-party data conversion, the multi-party data conversion apparatus in each data owner 210 masks the possessed first subspace share using the random integer, and sends the masked first subspace share to the third party server 220.
After receiving the masked first modulus space shares (modulus space shares before modulus transformation) sent by each data owner 210, the third party server 220 performs data merging processing using each first modulus space share, and performs fraction decomposition on the data merging result with respect to the modulus result of the second modulus. Then, the multi-party data conversion apparatus in each data owner 210 unmasks the decomposed model space share of the third-party server using the respective random integer, thereby obtaining a second model space share (the model space share after the model transformation), which can be used by other devices with different operating systems to perform model calculations. Examples of the model computation may include, but are not limited to, secret sharing based multi-party security computation, and the like.
The secret sharing method is a cryptographic technique that stores a secret (secret) in a decomposed manner, and splits the secret into a plurality of shares (shares) in an appropriate manner, each share being owned and managed by one of a plurality of parties (e.g., data owners), a single party being unable to recover the complete secret, only a number of parties collaborating together being able to recover the complete secret. The secret sharing method aims to prevent the secret from being too concentrated so as to achieve the purposes of dispersing risks and tolerating intrusion.
FIG. 3 illustrates an example flow diagram of a multi-party data conversion method 300 in accordance with embodiments of the present specification. For simplicity of description, data owners a and B are described as examples in fig. 3. In the example of fig. 3, the first mode space is a modulo n space for a first modulus n, and the second mode space is a modulo m space for a second modulus m. For the first data X, the data owner A has modulo n spatial shares
Figure 471746DEST_PATH_IMAGE007
And the data owner B has modulo n spatial share
Figure 209895DEST_PATH_IMAGE008
As shown in fig. 3, at 310, at data owners a and B, respective random integers are selected. For example, for a first data X, the data owner A selects a random integer
Figure 120082DEST_PATH_IMAGE012
And the data owner B selects a random integer
Figure 576471DEST_PATH_IMAGE013
Optionally, in one example, each data owner may select a random integer at each data owner based on the first data X and the first modulus n. For example, in one example, each data owner may select a random integer at each data owner based on the data value of the first data X, the data type of the first data X, and the first modulus n.
Optionally, in one example, when the first data X is a signed integer, the random integer of each data owner is selected according to the following relation
Figure 535200DEST_PATH_IMAGE001
To
Figure 659014DEST_PATH_IMAGE002
Figure 208944DEST_PATH_IMAGE003
Where n is the first modulus and K is the total number of data owners. In the case of only two data owners A and B, this may be based on
Figure 355892DEST_PATH_IMAGE014
To select random integers whose data possess A
Figure 413584DEST_PATH_IMAGE012
And random integer at data owner B
Figure 126325DEST_PATH_IMAGE013
Optionally, in another example, when the first data X is a signed integer, each data owner may range from values
Figure 378315DEST_PATH_IMAGE004
In which random integers of respective data owners are selected
Figure 746979DEST_PATH_IMAGE001
To
Figure 844248DEST_PATH_IMAGE002
Where n is the first modulus, K is the total number of data owners,
Figure 942654DEST_PATH_IMAGE015
represents the minimum value in the first data X, an
Figure 99966DEST_PATH_IMAGE016
Represents the maximum value in the first data X. In the case of only two data owners A and B, the range of values may be derived from
Figure 752664DEST_PATH_IMAGE004
In the random integer of which the selected data has A
Figure 856887DEST_PATH_IMAGE012
And random integer at data owner B
Figure 544220DEST_PATH_IMAGE013
Alternatively, in another example, when the first data X is an unsigned integer, each data owner may select a random integer for each data owner according to the following relationship
Figure 639477DEST_PATH_IMAGE001
To
Figure 779471DEST_PATH_IMAGE002
Figure 421805DEST_PATH_IMAGE005
Where n is the first modulus and K is the total number of data owners. In the case of only two data owners A and B, this may be based on
Figure 229224DEST_PATH_IMAGE017
To select random integers whose data possess A
Figure 728339DEST_PATH_IMAGE012
And random integer at data owner B
Figure 355629DEST_PATH_IMAGE013
Optionally, in another example, when the first data X is an unsigned integer, each data owner may range from a value
Figure 801654DEST_PATH_IMAGE006
In which random integers of respective data owners are selected
Figure 198000DEST_PATH_IMAGE001
To
Figure 133595DEST_PATH_IMAGE002
Where n is the first modulus, K is the total number of data owners,
Figure 451444DEST_PATH_IMAGE015
represents the minimum value in the first data X, an
Figure 497898DEST_PATH_IMAGE016
Represents the maximum value in the first data X. In the case of only two data owners A and B, the range of values may be derived from
Figure 518724DEST_PATH_IMAGE006
In the random integer of which the selected data has A
Figure 359641DEST_PATH_IMAGE012
And random integer at data owner B
Figure 164786DEST_PATH_IMAGE013
After each data owner has selected a respective random integer as above, the masking of the first modulo space share by the selected random integer is performed at 320, at data owners a and B, respectively. For example, the data owner A may calculate
Figure 14930DEST_PATH_IMAGE018
To obtain masked modulo n space share at the data owner a
Figure 589131DEST_PATH_IMAGE019
. The data owner B can calculate
Figure 600950DEST_PATH_IMAGE020
To obtain masked modulo n space share at the data owner B
Figure 955708DEST_PATH_IMAGE021
. Here,% is a modulo operation.
After the masked modulo-n space share is obtained as described above, the respective data owner sends the masked first modulo-space share to the third party server at 330. Here, the third party server may be a semi-trusted server. For example, data owners A and B will have respective modulo-n spatial shares
Figure 281647DEST_PATH_IMAGE019
And
Figure 772671DEST_PATH_IMAGE021
and sending the data to a third-party server.
At 340, data merging is performed on the masked first modulus space shares of the respective data owners at the third party server. For example, a third party server may consolidate the modulo-n space shares of data owners A and B
Figure 220970DEST_PATH_IMAGE019
And
Figure 735128DEST_PATH_IMAGE021
at 350, the third party server combines the results of the data with the results of the second modulo m modulo (i.e.,
Figure 661495DEST_PATH_IMAGE022
performing a fraction decomposition to obtain a modulo-space conversion intermediate result, e.g. modulo-m spatial fraction
Figure 774070DEST_PATH_IMAGE023
And
Figure 330953DEST_PATH_IMAGE024
. The share splitting process of the third-party server is substantially the same as the share splitting process at the respective data owner and will not be described herein. Furthermore, it is to be noted that the second modulus m may be provided by the data owner to a third party server, e.g. together with the modulus n spatial share. Alternatively, the second modulus m may be learned in advance by a third party server.
At 360, the third party server distributes the resulting intermediate results of the modulo-space conversion to the respective data owners A and B, e.g., modulo-m space shares
Figure 394724DEST_PATH_IMAGE023
Providing to data owner A, and modulo m space share
Figure 124783DEST_PATH_IMAGE024
And is provided to the data owner B.
At 370, the obtained intermediate result of the modulo-space conversion is unmasked using respective random integers at respective data owners, resulting in a second modulo-space share of the first data. For example, data owner A calculates
Figure 528083DEST_PATH_IMAGE025
To obtain the unmasked modulo m space fraction at the data owner a
Figure 318184DEST_PATH_IMAGE009
. The data owner B can calculate
Figure 603672DEST_PATH_IMAGE026
To obtain the data ownerUnmasked modulo m space fraction at B
Figure 75104DEST_PATH_IMAGE011
And therefore, multi-party data conversion based on data privacy protection is completed.
With this method, the random numbers are used at each data owner to mask the modulus space share before the modulus transformation, and the masked modulus space share is sent to a third party server for data recovery and modulus space share decomposition for the second modulus. Then, each data owner uses the corresponding random number to unmask the modulus space share decomposed by the third-party server, so as to obtain the modulus space share after the modulus transformation. According to the mode, the third-party server is introduced to carry out the decomposition of the modulus space share, so that two data owners do not need to adopt a multi-party secure computing protocol to determine the modulus space share, and the secure modulus conversion efficiency is greatly improved. In addition, the modulus space shares sent by the data owners to the third-party server are all data subjected to masking processing, so that the third-party server cannot obtain real data information of the data owners, and therefore privacy data leakage of the data owners during data modulus transformation can be prevented.
Fig. 4 shows a block diagram of a multi-party data conversion apparatus 400 on the data owner side according to an embodiment of the present description. In the example of fig. 4, each data owner has a first modulus space share of each data in the first data set, which is obtained by a share decomposition of the data against a modulo result of the first modulus.
As shown in fig. 4, the multi-party data conversion apparatus 400 includes a random number selection unit 410, a concealment processing unit 420, a share transmission unit 430, an intermediate result acquisition unit 440, and a de-concealment processing unit 450.
The random number selection unit 410 is configured to select a random integer. The operation of the random number selection unit 410 may refer to the operation of 310 described above with reference to fig. 3.
The masking processing unit 420 is configured to mask the first mode space fraction with the selected random integer. The operation of the mask processing unit 420 may refer to the operation of 320 described above with reference to fig. 3.
The share transmitting unit 430 is configured to transmit the masked first subspace share to a third party server. The operation of the share sending unit 430 may refer to the operation of 330 described above with reference to fig. 3.
The intermediate result obtaining unit 440 is configured to obtain a module space conversion intermediate result from the third-party server, where the module space conversion intermediate result is obtained by performing data merging processing on the masked first module space shares of the data owners at the third-party server and performing share decomposition on the data merging result for the modulus result of the second modulus. The operation of the intermediate result acquisition unit 440 may refer to the operation of 360 described above with reference to fig. 3.
The unmasking processing unit 450 is configured to unmask the obtained intermediate result of the modulo-space conversion using a random integer, resulting in a second modulo-space share of the first data. The operation of the unmasking processing unit 450 may refer to the operation of 370 described above with reference to fig. 3.
Alternatively, in one example, the random number selecting unit 410 may select the random integer according to the first data and the first modulus.
For example, in one example, when the first data X is a signed integer, the random number selection unit 410 may select random integers of respective data owners according to the following relation
Figure 395227DEST_PATH_IMAGE001
To
Figure 559492DEST_PATH_IMAGE002
Figure 332276DEST_PATH_IMAGE003
Where n is the first modulus and K is the total number of data owners.
In another example, in the first data X isWhen signed integers are present, the random number selection unit 410 may select a range of values from
Figure 404138DEST_PATH_IMAGE004
Wherein n is the first modulus.
In another example, when the first data X is an unsigned integer, the random number selection unit 410 may select random integers of respective data owners according to the following relation
Figure 782029DEST_PATH_IMAGE001
To
Figure 146889DEST_PATH_IMAGE002
Figure 672549DEST_PATH_IMAGE005
Where n is the first modulus and K is the total number of data owners.
In another example, when the first data X is an unsigned integer, the random number selection unit 410 may select a range of values from
Figure 282521DEST_PATH_IMAGE006
Wherein n is the first modulus.
Fig. 5 shows a block diagram of a multi-party data conversion apparatus 500 at a third party server side according to an embodiment of the present description. In the example of fig. 5, each data owner has a first modulus space share of each data in the first data set, which is obtained by a share decomposition of the data against a modulo result of the first modulus.
As shown in fig. 5, the multi-party data conversion apparatus 500 includes a share obtaining unit 510, a data merging unit 520, a share decomposing unit 530, and a share sending unit 540.
The share obtaining unit 510 is configured to obtain the masked first modulus space shares from the respective data owners, the masked first modulus space shares of the respective data owners being obtained by masking the possessed first modulus space shares at the respective data owners using the selected random integers. The operation of the share acquisition unit 510 may refer to the operation of 330 described above with reference to fig. 3.
The data merging unit 520 is configured to perform data merging processing on the masked first modulus space share of each data owner. The operation of the data merging unit 520 may refer to the operation of 340 described above with reference to fig. 3.
The fraction decomposition unit 530 is configured to perform a fraction decomposition on the data merging result for the second modulo result to obtain a modulo-space conversion intermediate result. The operation of the share decomposition unit 530 may refer to the operation of 350 described above with reference to FIG. 3.
The share sending unit 540 is configured to distribute the resulting intermediate results of the mode-space conversion to the respective data owners. The operation of the share sending unit 540 may refer to the operation of 360 described above with reference to fig. 3.
As described above with reference to fig. 1 to 5, a multiparty data conversion method and a multiparty data conversion apparatus according to an embodiment of the present specification are described. The above multi-party data conversion device can be implemented by hardware, and can also be implemented by software or a combination of hardware and software.
Fig. 6 shows a schematic diagram of an electronic device for implementing a multi-party data conversion process on the data owner side according to an embodiment of the present description. As shown in fig. 6, electronic device 600 may include at least one processor 610, storage (e.g., non-volatile storage) 620, memory 630, and communication interface 640, and at least one processor 610, storage 620, memory 630, and communication interface 640 are connected together via a bus 660. The at least one processor 610 executes at least one computer-readable instruction (i.e., the elements described above as being implemented in software) stored or encoded in memory.
In one embodiment, computer-executable instructions are stored in the memory that, when executed, cause the at least one processor 610 to: selecting a random integer and masking the first mode space share by using the selected random integer; sending the first model space quota subjected to covering processing to a third-party server; acquiring a module space conversion intermediate result from the third-party server, wherein the module space conversion intermediate result is obtained by performing data merging processing on the first module space share of each data owner after the covering processing at the third-party server and performing share decomposition on the data merging result aiming at a second modulus acquisition result; and carrying out unmasking processing on the acquired intermediate result of the mode space conversion by using a random integer to obtain a second mode space share of the first data.
It should be appreciated that the computer-executable instructions stored in the memory, when executed, cause the at least one processor 610 to perform the various operations and functions described above in connection with fig. 1-5 in the various embodiments of the present description.
Fig. 7 shows a schematic diagram of an electronic device for implementing a multiparty data conversion process on a third party server side according to an embodiment of the present description. As shown in fig. 7, electronic device 700 may include at least one processor 710, storage (e.g., non-volatile storage) 720, memory 730, and communication interface 740, and at least one processor 710, storage 720, memory 730, and communication interface 740 are connected together via a bus 760. The at least one processor 710 executes at least one computer-readable instruction (i.e., the elements described above as being implemented in software) stored or encoded in memory.
In one embodiment, computer-executable instructions are stored in the memory that, when executed, cause the at least one processor 710 to: acquiring a first masked modulus space share from each data owner, wherein the first masked modulus space share of each data owner is obtained by masking the first masked modulus space share by using a selected random integer at each data owner; carrying out data merging processing on the first modulus space fractions of all data owners after the covering processing, and carrying out fraction decomposition on the data merging results aiming at the modulus results of the second modulus to obtain a modulus space conversion intermediate result; and distributing the obtained mode space conversion intermediate result to each data owner.
It should be appreciated that the computer-executable instructions stored in the memory, when executed, cause the at least one processor 710 to perform the various operations and functions described above in connection with fig. 1-5 in the various embodiments of the present description.
According to one embodiment, a program product, such as a machine-readable medium (e.g., a non-transitory machine-readable medium), is provided. A machine-readable medium may have instructions (i.e., elements described above as being implemented in software) that, when executed by a machine, cause the machine to perform various operations and functions described above in connection with fig. 1-5 in the various embodiments of the present specification. Specifically, a system or apparatus may be provided which is provided with a readable storage medium on which software program code implementing the functions of any of the above embodiments is stored, and causes a computer or processor of the system or apparatus to read out and execute instructions stored in the readable storage medium.
In this case, the program code itself read from the readable medium can realize the functions of any of the above-described embodiments, and thus the machine-readable code and the readable storage medium storing the machine-readable code form part of the present invention.
Examples of the readable storage medium include floppy disks, hard disks, magneto-optical disks, optical disks (e.g., CD-ROMs, CD-R, CD-RWs, DVD-ROMs, DVD-RAMs, DVD-RWs), magnetic tapes, nonvolatile memory cards, and ROMs. Alternatively, the program code may be downloaded from a server computer or from the cloud via a communications network.
It will be understood by those skilled in the art that various changes and modifications may be made in the above-disclosed embodiments without departing from the spirit of the invention. Accordingly, the scope of the invention should be determined from the following claims.
It should be noted that not all steps and units in the above flows and system structure diagrams are necessary, and some steps or units may be omitted according to actual needs. The execution order of the steps is not fixed, and can be determined as required. The apparatus structures described in the above embodiments may be physical structures or logical structures, that is, some units may be implemented by the same physical entity, or some units may be implemented by a plurality of physical entities, or some units may be implemented by some components in a plurality of independent devices.
In the above embodiments, the hardware units or modules may be implemented mechanically or electrically. For example, a hardware unit, module or processor may comprise permanently dedicated circuitry or logic (such as a dedicated processor, FPGA or ASIC) to perform the corresponding operations. The hardware units or processors may also include programmable logic or circuitry (e.g., a general purpose processor or other programmable processor) that may be temporarily configured by software to perform the corresponding operations. The specific implementation (mechanical, or dedicated permanent, or temporarily set) may be determined based on cost and time considerations.
The detailed description set forth above in connection with the appended drawings describes exemplary embodiments but does not represent all embodiments that may be practiced or fall within the scope of the claims. The term "exemplary" used throughout this specification means "serving as an example, instance, or illustration," and does not mean "preferred" or "advantageous" over other embodiments. The detailed description includes specific details for the purpose of providing an understanding of the described technology. However, the techniques may be practiced without these specific details. In some instances, well-known structures and devices are shown in block diagram form in order to avoid obscuring the concepts of the described embodiments.
The previous description of the disclosure is provided to enable any person skilled in the art to make or use the disclosure. Various modifications to the disclosure will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other variations without departing from the scope of the disclosure. Thus, the disclosure is not intended to be limited to the examples and designs described herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (21)

1. A multi-party data conversion method based on data privacy protection, wherein each data owner has a first modulus space share of first data, and the first modulus space share is obtained by performing share decomposition on a modulus result of the first data for a first modulus, and the method comprises the following steps:
at each data owner, selecting a respective random integer and masking the first modulo space share with the selected random integer;
each data owner sends the first model space quota after being covered to a third-party server;
at the third-party server, performing data merging processing on the first modulus space fractions of the data owners after the covering processing, performing fraction decomposition on data merging results aiming at modulus taking results of the second modulus to obtain modulus space conversion intermediate results, and distributing the obtained modulus space conversion intermediate results to the data owners; and
and at each data owner, performing unmasking processing on the acquired intermediate result of the mode-space conversion by using respective random integers to obtain a second mode-space share of the first data.
2. The method of claim 1, wherein selecting, at each data owner, a respective random integer comprises:
at each data owner, selecting a random integer at each data owner based on the first data and the first modulus.
3. The method of claim 2, wherein selecting a random integer at each data owner based on the first data and the first modulus comprises:
when the first data X is a signed integer, the random integer of each data owner is selected according to the following relation
Figure 266223DEST_PATH_IMAGE001
To
Figure 705295DEST_PATH_IMAGE002
Figure 512714DEST_PATH_IMAGE003
Where n is the first modulus and K is the total number of data owners.
4. The method of claim 2, wherein selecting a random integer at each data owner based on the first data and the first modulus comprises:
when the first data X is a signed integer, the range of values is taken
Figure 513293DEST_PATH_IMAGE004
In which random integers of respective data owners are selected
Figure 140583DEST_PATH_IMAGE001
To
Figure 383346DEST_PATH_IMAGE002
Where n is the first modulus and K is the total number of data owners.
5. The method of claim 2, wherein selecting a random integer at each data owner based on the first data and the first modulus comprises:
when the first data X is an unsigned integer, the random integer of each data owner is selected according to the following relation
Figure 45271DEST_PATH_IMAGE001
To
Figure 918549DEST_PATH_IMAGE002
Figure 33136DEST_PATH_IMAGE005
Where n is the first modulus and K is the total number of data owners.
6. The method of claim 2, wherein selecting a random integer at each data owner based on the first data and the first modulus comprises:
when the first data X is an unsigned integer, the range of values is taken
Figure 282852DEST_PATH_IMAGE006
In which random integers of respective data owners are selected
Figure 799284DEST_PATH_IMAGE001
To
Figure 905780DEST_PATH_IMAGE002
Where n is the first modulus and K is the total number of data owners.
7. The method of claim 1, wherein the first data is applied to secret sharing based multi-party secure computing.
8. A multi-party data conversion method based on data privacy protection, each data owner having a first modulus space share of first data, the first modulus space share being obtained by performing share decomposition on a modulus result of the first data with respect to a first modulus, the method being applied to the data owner, the method comprising:
selecting a random integer and masking the first mode space share by using the selected random integer;
sending the first model space quota subjected to covering processing to a third-party server;
acquiring a module space conversion intermediate result from the third-party server, wherein the module space conversion intermediate result is obtained by performing data merging processing on the first module space share of each data owner after the covering processing at the third-party server and performing share decomposition on the data merging result aiming at a second modulus acquisition result; and
and carrying out unmasking processing on the mode space conversion intermediate result by using the random integer to obtain a second mode space share of the first data.
9. A multi-party data conversion method based on data privacy protection, wherein each data owner has a first modulus space share of first data, the first modulus space share is obtained by performing share decomposition on a modulus result of the first data for a first modulus, and the method is applied to a third-party server and comprises the following steps:
acquiring a first masked modulus space share from each data owner, wherein the first masked modulus space share is obtained by masking the first masked modulus space share by using the selected random integer at each data owner;
carrying out data merging processing on the first modulus space fractions of all data owners after the covering processing, and carrying out fraction decomposition on the data merging results aiming at the modulus results of the second modulus to obtain a modulus space conversion intermediate result; and
and distributing the obtained mode space conversion intermediate result to each data owner.
10. A multi-party data conversion apparatus based on data privacy protection, each data owner having a first modulus space share of first data, the first modulus space share being obtained by performing a share decomposition on a modulus result of the first data with respect to a first modulus, the multi-party data conversion apparatus being applied to the data owner, the multi-party data conversion apparatus comprising:
a random number selection unit that selects a random integer;
the masking processing unit is used for masking the first mode space share by using the selected random integer;
the share sending unit is used for sending the first modulus space share subjected to the covering processing to a third-party server;
an intermediate result obtaining unit, configured to obtain an intermediate result of the analog-to-digital conversion from the third-party server, where the intermediate result of the analog-to-digital conversion is obtained by performing data merging processing on the first analog-to-digital space shares of the data owners after the masking processing at the third-party server and performing share decomposition on the data merging result for a second analog-to-digital modulus result; and
and the de-masking processing unit is used for performing de-masking processing on the mode space conversion intermediate result by using the random integer to obtain a second mode space share of the first data.
11. The multi-party data conversion apparatus of claim 10, wherein the random number selection unit selects a random integer according to the first data and the first modulus.
12. The multi-party data conversion apparatus according to claim 11, wherein the random number selection unit selects the random integer of each data owner according to the following relation when the first data X is a signed integer
Figure 445346DEST_PATH_IMAGE001
To
Figure 29911DEST_PATH_IMAGE002
Figure 164964DEST_PATH_IMAGE003
Where n is the first modulus and K is the total number of data owners.
13. The multi-party data conversion apparatus as claimed in claim 11, wherein the random number selection unit selects the range of values from which to take when the first data X is a signed integer
Figure 176782DEST_PATH_IMAGE007
Wherein n is the first modulus.
14. The multi-party data conversion apparatus according to claim 11, wherein the random number selection unit selects the random integer of each data owner according to the following relation when the first data X is an unsigned integer
Figure 265961DEST_PATH_IMAGE001
To
Figure 591900DEST_PATH_IMAGE002
Figure 348503DEST_PATH_IMAGE005
Where n is the first modulus and K is the total number of data owners.
15. The multi-party data conversion apparatus as claimed in claim 11, wherein the random number selection unit selects the range of values from which to take when the first data X is an unsigned integer
Figure 734485DEST_PATH_IMAGE006
Wherein n is the first modulus.
16. A multi-party data conversion device based on data privacy protection, each data owner has a first modulus space share of first data, the first modulus space share is obtained by performing share decomposition on a modulus result of the first data for a first modulus, the multi-party data conversion device is applied to a third-party server, and the multi-party data conversion device comprises:
a share acquisition unit that acquires a masked first modulus space share from each data owner, the masked first modulus space share of each data owner being obtained by masking the first modulus space share with a selected random integer at each data owner;
the data merging unit is used for carrying out data merging processing on the first mode space share of each data owner after the covering processing;
the share decomposition unit is used for executing share decomposition on the data merging result aiming at the modulus result of the second modulus to obtain a modulus-space conversion intermediate result; and
and the share sending unit is used for distributing the intermediate result of the mode space conversion to each data owner.
17. A multi-party data transformation system based on data privacy protection, comprising:
at least two data owners, each having a first modulus space share of first data, the first modulus space share obtained by performing a fraction decomposition on a modulo result of the first data with respect to a first modulus, each data owner comprising the multi-party data conversion apparatus of any one of claims 10 to 15; and
a third party server comprising the multi-party data conversion device of claim 16.
18. An electronic device, comprising:
at least one processor, and
a memory coupled with the at least one processor, the memory storing instructions that, when executed by the at least one processor, cause the at least one processor to perform the method of claim 8.
19. A machine-readable storage medium storing executable instructions that, when executed, cause the machine to perform the method of claim 8.
20. An electronic device, comprising:
at least one processor, and
a memory coupled with the at least one processor, the memory storing instructions that, when executed by the at least one processor, cause the at least one processor to perform the method of claim 9.
21. A machine-readable storage medium storing executable instructions that, when executed, cause the machine to perform the method of claim 9.
CN202010818374.XA 2020-08-14 2020-08-14 Multi-party data conversion method, device and system based on data privacy protection Active CN111737337B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010818374.XA CN111737337B (en) 2020-08-14 2020-08-14 Multi-party data conversion method, device and system based on data privacy protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010818374.XA CN111737337B (en) 2020-08-14 2020-08-14 Multi-party data conversion method, device and system based on data privacy protection

Publications (2)

Publication Number Publication Date
CN111737337A true CN111737337A (en) 2020-10-02
CN111737337B CN111737337B (en) 2020-12-08

Family

ID=72658455

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010818374.XA Active CN111737337B (en) 2020-08-14 2020-08-14 Multi-party data conversion method, device and system based on data privacy protection

Country Status (1)

Country Link
CN (1) CN111737337B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113098840A (en) * 2021-02-25 2021-07-09 鹏城实验室 Efficient and safe linear rectification function operation method based on addition secret sharing technology
CN113949505A (en) * 2021-10-15 2022-01-18 支付宝(杭州)信息技术有限公司 Privacy-protecting multi-party security computing method and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103763100A (en) * 2013-10-29 2014-04-30 清华大学 Sum and product computing method for protecting data privacy security of arbitrary user group
CN111062487A (en) * 2019-11-28 2020-04-24 支付宝(杭州)信息技术有限公司 Machine learning model feature screening method and device based on data privacy protection
CN111523134A (en) * 2020-07-03 2020-08-11 支付宝(杭州)信息技术有限公司 Homomorphic encryption-based model training method, device and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103763100A (en) * 2013-10-29 2014-04-30 清华大学 Sum and product computing method for protecting data privacy security of arbitrary user group
CN111062487A (en) * 2019-11-28 2020-04-24 支付宝(杭州)信息技术有限公司 Machine learning model feature screening method and device based on data privacy protection
CN111523134A (en) * 2020-07-03 2020-08-11 支付宝(杭州)信息技术有限公司 Homomorphic encryption-based model training method, device and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113098840A (en) * 2021-02-25 2021-07-09 鹏城实验室 Efficient and safe linear rectification function operation method based on addition secret sharing technology
CN113949505A (en) * 2021-10-15 2022-01-18 支付宝(杭州)信息技术有限公司 Privacy-protecting multi-party security computing method and system

Also Published As

Publication number Publication date
CN111737337B (en) 2020-12-08

Similar Documents

Publication Publication Date Title
CN112287377A (en) Model training method based on federal learning, computer equipment and storage medium
CN112380578A (en) Edge computing framework based on block chain and trusted execution environment
WO2024093426A1 (en) Federated machine learning-based model training method and apparatus
CN111737337B (en) Multi-party data conversion method, device and system based on data privacy protection
CN111741020B (en) Public data set determination method, device and system based on data privacy protection
CN112101531B (en) Neural network model training method, device and system based on privacy protection
CN110661613B (en) Anti-quantum-computation implicit certificate issuing method and system based on alliance chain
CN107276752A (en) The methods, devices and systems that limitation key is decrypted are paid to cloud
CN110737915B (en) Anti-quantum-computation anonymous identity recognition method and system based on implicit certificate
CN116340986A (en) Block chain-based privacy protection method and system for resisting federal learning gradient attack
CN117077192B (en) Method and device for defending attack of taking and riding in federal study with privacy protection
CN111523134B (en) Homomorphic encryption-based model training method, device and system
Bentafat et al. Towards real-time privacy-preserving video surveillance
CN110929887A (en) Logistic regression model training method, device and system
CN112380404B (en) Data filtering method, device and system
CN112948883B (en) Method, device and system for multiparty joint modeling of privacy data protection
CN116415267A (en) Iterative updating method, device and system for joint learning model and storage medium
CN112183757A (en) Model training method, device and system
Wang et al. Improving Security in the Internet of Vehicles: A Blockchain-Based Data Sharing Scheme
CN116489637B (en) Mobile edge computing method oriented to meta universe and based on privacy protection
CN113992393B (en) Method, apparatus, system, and medium for model update for vertical federal learning
CN114547684A (en) Method and device for protecting multi-party joint training tree model of private data
Sarkar et al. A cancelable biometric based secure session key agreement protocol employing elliptic curve cryptography
CN113489690A (en) On-line/off-line outsourcing data integrity auditing method with strong resistance to key exposure
CN118468353B (en) Data processing method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20240923

Address after: Room 803, 8th floor, 618 waima Road, Huangpu District, Shanghai 200001

Patentee after: Ant blockchain Technology (Shanghai) Co.,Ltd.

Country or region after: China

Address before: 310000 801-11 section B, 8th floor, 556 Xixi Road, Xihu District, Hangzhou City, Zhejiang Province

Patentee before: Alipay (Hangzhou) Information Technology Co.,Ltd.

Country or region before: China