CN111783108A - Data query and calculation method and system, and storage medium - Google Patents

Data query and calculation method and system, and storage medium Download PDF

Info

Publication number
CN111783108A
CN111783108A CN201910272457.0A CN201910272457A CN111783108A CN 111783108 A CN111783108 A CN 111783108A CN 201910272457 A CN201910272457 A CN 201910272457A CN 111783108 A CN111783108 A CN 111783108A
Authority
CN
China
Prior art keywords
query
data
target user
verification
result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910272457.0A
Other languages
Chinese (zh)
Other versions
CN111783108B (en
Inventor
李艺
王蜀洪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huakong Tsingjiao Information Technology Beijing Co Ltd
Original Assignee
Huakong Tsingjiao Information Technology Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huakong Tsingjiao Information Technology Beijing Co Ltd filed Critical Huakong Tsingjiao Information Technology Beijing Co Ltd
Priority to CN201910272457.0A priority Critical patent/CN111783108B/en
Priority to PCT/CN2020/083174 priority patent/WO2020200306A1/en
Publication of CN111783108A publication Critical patent/CN111783108A/en
Application granted granted Critical
Publication of CN111783108B publication Critical patent/CN111783108B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/03Credit; Loans; Processing thereof

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Technology Law (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The application provides a data query and calculation method and system, and a storage medium. The second data query system sends at least one query service based on the query requirement of a target user; the query service comprises information to be queried and a query request subjected to first encryption processing; the query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group; the dimensionality of the query request is at least one dimension; the first data query system fuses query results which are acquired from at least one data source and correspond to the target user and the information to be queried and feeds the query results back to the second data query system according to the query service; and the second data query system processes the acquired query result corresponding to the target user according to each query service. According to the method and the device, the query result is encrypted, so that the query result can be effectively prevented from being leaked, a data source can be protected, and anonymous query is provided under the authorization condition.

Description

Data query and calculation method and system, and storage medium
Technical Field
The present application relates to the field of secure data processing technologies, and in particular, to a method and a system for querying and calculating data, and a storage medium.
Background
Data query systems such as business credit and personal information credit and even data query systems related to booking, industry supervision and the like and containing sensitive data and business secrets need to provide data security guarantee so as to reduce or even avoid sensitive data leakage. For example, avoiding the use of data queries to compromise sensitive data in a social networking site. In another example, sensitive data is prevented from being divulged by the proxy platform by using the proxy platform to perform data query. For this reason, enterprises and business units holding sensitive data limit the use of related databases in a permission limiting manner. However, today there are a large number of companies that offer loans to customers on different scales. These loan companies include commercial banks, small loan companies, trust companies, P2P loan companies, and the like. Sometimes, a borrower may borrow money from multiple lenders because a single lender may not be able to provide sufficient credit to the borrower. This allows the lender to make a loan decision before the lender may want to query the lender's loan information to evaluate his credit. For example, a lender may want to know whether the borrower borrows too much money from other lenders before lending money to the borrower.
The problems with the existing approaches are that it is difficult to perform data fusion on loan information of multiple lenders and to perform data supervision on users with open rights.
On the other hand, the party initiating the query request (e.g., the borrower) does not want the sensitive data queried to be compromised between the computer side operating the database and the computing devices transmitting the query request.
Disclosure of Invention
In view of the above-mentioned shortcomings of the prior art, the present application aims to provide a data query and calculation method and system, and a storage medium, which are used to solve the problem of secure query of sensitive data in the prior art.
To achieve the above and other related objects, a first aspect of the present application provides a data query method for a first data query system, including: receiving inquiry service sent by a second data inquiry system; the query service comprises information to be queried and a query request subjected to first encryption processing; the query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group; the dimensionality of the query request is at least one dimension; and according to the query service, fusing query results which are acquired from at least one data source and correspond to the target user and the information to be queried and feeding back the query results to the second data query system.
In certain embodiments of the first aspect of the present application, further comprising: verifying the query service; and when the verification is passed, acquiring a query result corresponding to the target user and the information to be queried from a corresponding data source.
In certain embodiments of the first aspect of the present application, the step of validating the query traffic comprises the steps of: verifying the identity of a target user in the query service submitted by the second data query system; verifying whether the query service submitted by the second data query system is authorized by the target user.
In certain embodiments of the first aspect of the present application, the step of verifying the query traffic further comprises the steps of: and verifying the format validity of the query request submitted by the second data query system and processed by the first encryption.
In certain implementations of the first aspect of the present application, the query result is one of at least one query result derived based on a dimension of the query request.
In certain embodiments of the first aspect of the present application, the query result comprises any one of: and query data which represent the information to be queried of the target user is empty, and the query data which represent the information to be queried of the target user and are subjected to at least one first encryption processing are obtained.
In certain embodiments of the first aspect of the present application, the query data is a commitment value obtained by subjecting the query data in plaintext to a second encryption process.
In certain embodiments of the first aspect of the present application, the step of fusing query results obtained from at least one data source and corresponding to the target user and the information to be queried comprises: generating noisy data; scrambling each query result and noise data from each data source to obtain a scrambled result; acquiring verification data and a random number generated based on the query service from a target user; obtaining verification data based on the random number and noise data; the scramble result, the verification data, and the verification data are sent to a second data interrogation system.
In certain embodiments of the first aspect of the present application, the check data is a commitment value obtained by subjecting plaintext check data to a second encryption process.
In certain embodiments of the first aspect of the present application, the first encryption process is set based on homomorphic encryption.
A second aspect of the present application provides a data query method for a second data query system, including: based on the query requirement of a target user, sending at least one query service; the query service comprises information to be queried and a query request subjected to first encryption processing; the query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group; the dimensionality of the query request is at least one dimension; and acquiring a query result corresponding to the target user according to each query service.
In certain embodiments of the second aspect of the present application, further comprising: and verifying the query service to obtain the query result.
In certain embodiments of the second aspect of the present application, the step of validating the query traffic comprises the steps of: and proving whether the submitted inquiry service is authorized by the target user.
In certain embodiments of the second aspect of the present application, the step of validating the query traffic further comprises the steps of: and proving the legality of the format of the submitted query request subjected to the first encryption processing.
In certain embodiments of the second aspect of the present application, the query result comprises at least one of: and the query data which represent the information to be queried of the target user is empty and represent the query data of the information to be queried of the target user from a plurality of data sources after the data sources are summarized.
In certain embodiments of the second aspect of the present application, the query result is one of at least one query result derived based on a dimension of the query request.
In certain embodiments of the second aspect of the present application, the query result comprises any one of: and query data which represent the information to be queried of the target user is empty, and the query data which represent the information to be queried of the target user and are subjected to at least one first encryption processing are obtained.
In certain embodiments of the second aspect of the present application, the query data is a commitment value obtained after a second encryption process.
In some embodiments of the second aspect of the present application, the step of obtaining a query result of a corresponding target user according to each query service includes: acquiring the following information corresponding to each query service: scrambling results, verifying data and verifying data; wherein the scrambling result is obtained by scrambling based on the query result and the noise data; the verification data comes from the target user; the verification data is derived based on the random number generated by the target user and the noise data.
In certain embodiments of the second aspect of the present application, further comprising: and carrying out consistency check on the obtained query results and the check data provided by the target user.
In some embodiments of the second aspect of the present application, the step of performing consistency check on the obtained query results and the check data provided by the target user includes: extracting each query result from the disordered results, and decrypting to obtain query data; and performing consistency verification on the obtained query data and verification data based on the verification data.
In certain embodiments of the second aspect of the present application, further comprising: and when the consistency is met, performing evaluation calculation corresponding to the query requirement on the basis of each query result.
In certain embodiments of the second aspect of the present application, the query requirement comprises at least one of: and querying and summarizing the demands generated by the target users based on summation operation or statistics.
In some embodiments of the second aspect of the present application, the step of performing an evaluation calculation corresponding to the query requirement based on each query result includes: acquiring data to be evaluated provided by a target user and certification information corresponding to the data to be evaluated based on the query requirement; verifying that the query data in the obtained query result and the data to be evaluated accord with a preset corresponding relation based on the certification information; and after the verification is passed, performing evaluation calculation corresponding to the query requirement on the basis of the acquired query results and the data to be evaluated.
In certain embodiments of the second aspect of the present application, the query requirement comprises at least one of: and inquiring and summarizing whether the inquiry data of the target user is in a preset interval or not, and inquiring and summarizing the fluctuation of the inquiry data of the target user.
In certain embodiments of the second aspect of the present application, the first encryption process is set based on homomorphic encryption.
A third aspect of the present application provides a first data query system, including: the first communication module is used for receiving inquiry service sent by a second data inquiry system; the query service comprises information to be queried and a query request subjected to first encryption processing; the query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group; the dimensionality of the query request is at least one dimension; and the query fusion module is used for fusing query results which are acquired from at least one data source and correspond to the target user and the information to be queried according to the query service, and feeding the query results back to the second data query system through the first communication module.
In certain embodiments of the third aspect of the present application, further comprising: the verification module is used for verifying the query service; and when the verification is passed, acquiring a query result corresponding to the target user and the information to be queried from a corresponding data source.
In certain embodiments of the third aspect of the present application, the validation module is configured to perform the steps of: verifying the identity of a target user in the query service submitted by the second data query system; and verifying whether the query service submitted by the second data query system is authorized by the target user.
In certain embodiments of the third aspect of the present application, the validation module is further configured to validate the format of the first cryptographically processed query request submitted by the second data query system.
In certain embodiments of the third aspect of the present application, the query result is one of at least one query result derived based on a dimension of the query request.
In certain embodiments of the third aspect of the present application, the query result comprises at least one of: and query data which represent the information to be queried of the target user is empty, and the query data which represent the information to be queried of the target user and are subjected to at least one first encryption processing are obtained.
In certain embodiments of the third aspect of the present application, the query data is a commitment value obtained by subjecting the query data in plaintext to a second encryption process.
In certain embodiments of the third aspect of the present application, the query fusion module is configured to perform the steps of: generating noisy data; scrambling each query result and noise data from each data source to obtain a scrambled result; acquiring verification data and a random number generated based on the query service from a target user; obtaining verification data based on the random number and noise data; sending the scramble result, the check data, and the verification data to a second data query system for the second data query system to verify consistency of the query result and the check data.
In certain embodiments of the third aspect of the present application, the check data is a commitment value obtained by subjecting plaintext check data to a second encryption process.
In certain embodiments of the third aspect of the present application, the first encryption process is set based on homomorphic encryption.
A fourth aspect of the present application provides a second data query system, including: the second communication module is used for sending at least one query service based on the query requirement of a target user; the query service comprises information to be queried and a query request subjected to first encryption processing; the query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group; the dimensionality of the query request is at least one dimension; and the data processing module is used for processing the acquired query result corresponding to the target user according to each query service.
In certain embodiments of the fourth aspect of the present application, further comprising: and the matching verification module is used for verifying the query service for obtaining the query result.
In certain embodiments of the fourth aspect of the present application, the cooperation verification module is configured to prove whether the submitted query service is authorized by the target user.
In certain embodiments of the fourth aspect of the present application, the cooperation verification module is further configured to prove a validity of a format of the submitted first-type-encrypted query request.
In certain embodiments of the fourth aspect of the present application, the query result comprises at least one of: and the query data which represent the information to be queried of the target user is empty and represent the query data of the information to be queried of the target user from a plurality of data sources after the data sources are summarized.
In certain embodiments of the fourth aspect of the present application, the query result is one of at least one query result derived based on a dimension of the query request.
In certain embodiments of the fourth aspect of the present application, the query result comprises at least one of: and query data which represent the information to be queried of the target user is empty, and the query data which represent the information to be queried of the target user and are subjected to at least one first encryption processing are obtained.
In certain embodiments of the fourth aspect of the present application, the query data is a commitment value obtained after the second encryption processing.
In some embodiments of the fourth aspect of the present application, the second communication module further obtains, for each query service: scrambling results, verifying data and verifying data; wherein the scrambling result is obtained by scrambling based on the query result and the noise data; the verification data comes from the target user; the verification data is derived based on the random number generated by the target user and the noise data.
In certain embodiments of the fourth aspect of the present application, further comprising: and the checking module is used for carrying out consistency checking on the obtained query results and the checking data provided by the target user.
In some embodiments of the fourth aspect of the present application, the verification module is configured to extract each query result from the scrambled results, and decrypt the query result to obtain query data; and verifying each obtained query data and verification data, and verifying that each query data and verification data are consistent when the obtained verification result represents noise data and random numbers.
In certain embodiments of the fourth aspect of the present application, further comprising: and the evaluation module is used for carrying out evaluation calculation corresponding to the query requirement on the basis of each query result when the consistency is met.
In certain embodiments of the fourth aspect of the present application, the query requirement comprises at least one of: and querying and summarizing the demands generated by the target users based on summation operation or statistics.
In certain embodiments of the fourth aspect of the present application, the evaluation module is configured to perform the steps of: acquiring data to be evaluated provided by a target user and certification information corresponding to the data to be evaluated based on the query requirement; confirming that the query data in the obtained query result and the data to be evaluated accord with a preset corresponding relation through verifying the certification information; and after the verification is passed, performing evaluation calculation corresponding to the query requirement on the basis of the acquired query results and the data to be evaluated.
In certain embodiments of the fourth aspect of the present application, the query requirement comprises at least one of: and inquiring and summarizing whether the inquiry data of the target user is in a preset interval or not, and inquiring and summarizing the fluctuation of the inquiry data of the target user.
In certain embodiments of the fourth aspect of the present application, the first encryption process is set based on homomorphic encryption.
A fifth aspect of the present application provides a data query system, including: at least one data source, configured to perform querying in a user group based on the received query service to obtain a query data set of the user group where a target user is located, and obtain a query result corresponding to the target user from the query data set according to a query request subjected to a first encryption process; the first data query system according to any one of the third aspects, configured to communicate with at least one data source, so as to send the query service to the data source and perform fusion processing on query results fed back by each data source; the second data query system according to any one of the fourth aspects, configured to send the generated query service to the first data query system and obtain a query result fused by the first data query system.
A sixth aspect of the present application provides a first computer system comprising: storage means for storing at least one program; interface means for communicating with at least one data source and a second computer system; processing means for invoking said at least one program and coordinating said storage means and interface means to perform the data query method as described in any of the first aspects.
A seventh aspect of the present application provides a second computer system comprising: storage means for storing at least one program; interface means for communicating with a second computer system; processing means for calling the at least one program and coordinating the storage means and the interface means to perform the second data query method according to any one of the second aspect.
An eighth aspect of the present application provides a computer-readable storage medium storing a data query computer program which, when executed, implements the data query method of the first aspect or the data query method of the second aspect.
As described above, the data query and calculation method and system and the storage medium of the present application have the following advantages: by using the query request subjected to the encryption processing, the sensitive information of the target user can be prevented from being revealed, and by using the query result subjected to the encryption processing, the query result can be effectively prevented from being revealed. Therefore, when the query service and the query result forwarding party (such as the first data query system) and the query result providing party (such as the data source) cannot acquire the target user and the query result, the applications of sharing, fusing, evaluating and the like by using the sensitive data are realized.
Drawings
Fig. 1 is a schematic structural diagram of a hardware system of the data query system according to an embodiment of the present invention.
Fig. 2 is a flowchart illustrating a data query method according to an embodiment of the present invention.
FIG. 3 shows an example of a 2-dimensional query request.
Fig. 4 is a diagram illustrating a correspondence relationship between the query request and the query result set shown in fig. 3.
Fig. 5 is a schematic diagram illustrating a corresponding relationship between the sub-query request elements and the query result shown in fig. 4 after operation.
FIG. 6 shows an example of a query request with 3 dimensions in one dimension.
FIG. 7 shows the correspondence of query data sets to spatial locations in space P1 shown in FIG. 6.
Fig. 8 is a schematic diagram illustrating a correspondence relationship between the sub-query request elements and the query result in fig. 7 after operation.
Fig. 9 is a schematic diagram illustrating a correspondence relationship between the sub-query request elements and the query result shown in fig. 8 after operation.
FIG. 10 shows that all entries in the query result set queried for a 3 x 4 array for a query request are non-empty. .
FIG. 11 shows that the 3 rd column in the query result set queried for the 3 × 4 array for the query request contains only a23
FIG. 12 shows the query result set queried for a 3 × 4 array of query requests.
FIG. 13 shows the query result set queried for a 3 × 4 array of query requests.
FIG. 14 shows the query result set queried for a 3 × 4 array of query requests.
FIG. 15 is a flowchart illustrating a method for verifying authority of the present application.
FIG. 16 is a graph showing the operational relationship between a query request and a set of random numbers in 2 dimensions and forming a (3 × 4) matrix.
Fig. 17 is a schematic diagram showing a software architecture of the data query system of the present application.
Fig. 18 is a diagram showing a software architecture of the rights verification system of the present application.
List of parameters of formulas referred to in this application
Figure RE-GDA0002128069360000071
Figure RE-GDA0002128069360000081
Detailed Description
The following description of the embodiments of the present application is provided for illustrative purposes, and other advantages and capabilities of the present application will become apparent to those skilled in the art from the present disclosure.
Although the terms first, second, etc. may be used herein to describe various elements in some instances, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first data querying system may be referred to as a second data querying system, and similarly, a second data querying system may be referred to as a first data querying system, without departing from the scope of the various described embodiments, but they are not the same data querying system unless the context clearly dictates otherwise. The similar case also includes the first encryption processing and the second encryption processing, and the like.
Also, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context indicates otherwise. It will be further understood that the terms "comprises," "comprising," "includes" and/or "including," when used in this specification, specify the presence of stated features, steps, operations, elements, components, items, species, and/or groups, but do not preclude the presence, or addition of one or more other features, steps, operations, elements, components, species, and/or groups thereof. The terms "or" and/or "as used herein are to be construed as inclusive or meaning any one or any combination. Thus, "A, B or C" or "A, B and/or C" means "any of the following: a; b; c; a and; a and C; b and C; A. and C ". An exception to this definition will occur only when a combination of elements, functions, steps or operations are inherently mutually exclusive in some way.
In some query applications related to sensitive data, such as credit applications, applications for querying network services using personal information, and the like, protection of the sensitive data requires multi-party collaborative execution of data sources, intermediate platforms, data users, and the like that provide the data; even sensitive data provided by the user himself needs to be protected. Wherein the sensitive data includes, but is not limited to: the information processing method comprises the following steps of personal/enterprise identity information, personal/enterprise account information, personal appearance characteristic information, personal/enterprise consumption information (such as bills), information (such as moving routes, browsing duration and the like) generated by a person/enterprise due to software using behaviors, evaluation information collected by the enterprise and having business value, information obtained by analyzing the enterprise according to at least the information, and the like.
In order to enable each computer device related to the sensitive data to realize the processing of the sensitive data on the basis of protecting the sensitive data, in some embodiments, the sensitive data is encrypted, however, when each computer performs data processing, the clear text still needs to be obtained. Therefore, the method and the device for reading and interacting the sensitive data achieve reading, interaction, application processing and the like of the sensitive data under the condition that the multi-party device cannot acquire the sensitive data.
In some scenarios, such as order query in internet service, the system for performing data security reading, interaction and application between the multi-party devices includes: a second computer system, a data source (also called a third computer system). By executing the method provided by the application, the second computer system can directly perform safe data query on the data source and obtain a query result. In still other scenarios, such as being entrusted by a target user to query loan information of a loan institution, etc., the system for securely reading, interacting and applying data between the multiple devices comprises: a second computer system, a data source (also called a third computer system), and a user device. By executing the method provided by the application, based on the authority authentication cooperation of the user equipment used by the target user and the second computer system, the data source can provide safe data query for the second computer system, so that the second computer system obtains a corresponding query result. In some other scenarios, for example, the target user entrusts to query loan information of multiple loan institutions, the system for performing data security reading, interaction and application among the multiple devices includes: a first computer system, a second computer system, a data source (also called a third computer system), and a user device. By executing the method provided by the application, the first computer system carries out safe data query to at least one data source based on the authority authentication cooperation of the user equipment used by the target user and the second computer system, and obtains the query result of each data source.
Based on the above examples, at least one data query method, authority verification method and the like are provided based on the execution process of each computer system in the multi-party security data processing process. In some scenarios, the corresponding data query method and the right verification method are executed by a multi-party computer system and constitute a process for securely transmitting and processing data. For example, in a loan investigation application for multi-party loans, a multi-party computer system participating in authorization authentication and data queries may include: the system comprises user equipment, a first computer system, a second computer system and a third computer system which are owned by a target user applying for borrowing. In still other scenarios, the corresponding data query method and the permission verification method may be performed separately, for implementing secure data query and permission verification, respectively. In some specific scenarios, a database provided by the third computer system is used for inquiring certain order information which does not contain clear sensitive data, and by using a data inquiry method provided by the application, the third computer system obtains the inquired certain order information by means of information such as the position of the order information in an order information set. The order information may also be loan information, consumption information, personal identification information, and the like. In some specific scenarios, in the process that the second computer system provides the query service to the third computer system to expect to obtain the query result and performs subsequent processing on the query result, as a proxy platform for multiple third computer systems and multiple second computer systems, the first computer system may not only provide data forwarding for both parties, but also provide fusion processing, forwarding, authority verification, and the like including the query result. For example, the first computer system is an inquiry agency platform for loan service, the second computer system is an inquirer for inquiring loan information of a borrower (also called a target user), the third computer system is a database of a loan institution, the second computer system initiates an inquiry service which does not contain sensitive data about the borrower to the first computer system based on the application of the borrower, the computer system performs authority verification, and forwards the inquiry service to at least one third computer system after the authority verification is passed, and the third computer system obtains the loan information corresponding to the inquiry service and returns the loan information to the first computer system under the condition that the third computer system does not know the sensitive data of the borrower; and under the condition that sensitive data are not obtained, the first computer system performs fusion processing on the query results fed back by the third computer systems, and feeds back the fused query results to the second computer system for performing consistency evaluation on the query results between the borrower and the loan institution, loan qualification evaluation processing and the like. As can be seen from the above examples, in some other examples, portions of the first computer system may be integrated with a third computer system, e.g., rights verification and data forwarding. As another example, portions of the third computer system may be integrated in the first computer system. In still other examples, portions of the first computer system may be integrated with the second computer system, e.g., consistency verification, etc. may be integrated in the second computer system. As another example, portions of the second computer system may be integrated into the first computer system. In still other examples, the first computer system may integrate partial operations of the second computer system and/or the third computer system to improve information security. Based on the loan information query process, the similar query process can also include query identity information, consumption information, order information and the like.
For convenience of describing a data query process, an authority verification process, a query result consistency check process, an evaluation process using a query result, and the like, which are initiated based on a business requirement, the above processes will be described by the operation of a hardware system constituted by a user device used by a target user, a second computer system used by a querying party, a first computer system used by an intermediate platform, and a data source (also called a third computer system) used by a lender. Please refer to fig. 1, which is a schematic structural diagram of a hardware system of a data query system according to an embodiment of the present application.
It should be noted that, the processes executed according to the hardware system shown in fig. 1 are only examples, and in different application scenarios, they may be executed alone or in combination with other executed processes based on actual design requirements. For example, the above-described rights verification process may be used alone to perform rights verification for network traffic without providing sensitive data. In another example, the checking process for the consistency of the query result can be used for a consistency checking scenario involving multiple parties, such as an electronic contract, a proxy service, and the like. As another example, the above-described evaluation process combining the data query process and the query results may be determined based on actual business logic requirements. Wherein the business logic requirements include, but are not limited to: automatic order processing requirements, pricing requirements for customized services based on user consumption capabilities, and the like.
It should be noted that the user equipment, the second computer system, the first computer system, the data source, and the like mentioned above are all electronic devices including a storage device, a processing device, an interface device, and the like. The electronic device includes, but is not limited to, a dedicated chip, an FPGA, and the like configured to perform the above methods according to actual performance requirements.
The electronic device can be a single computer device, or a cloud architecture-based service system, and the like. The single computer device may be an autonomously configured computer device that can execute the methods of the present application, and may be located in a private computer room or a leased computer location in a public computer room. The Service system of the Cloud architecture comprises a public Cloud (public Cloud) Service end and a Private Cloud (Private Cloud) Service end, wherein the public or Private Cloud Service end comprises Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS) and the like. The private cloud service end is used for example for an Aliskian cloud computing service platform, an Amazon cloud computing service platform, a Baidu cloud computing platform, a Tencent cloud computing platform and the like.
According to the hardware device actually executing each of the above methods, each device constituting the electronic apparatus may be located on a single server, or located in a plurality of servers and cooperatively completed by data communication between the servers.
For this purpose, the interface device is connected to the processing device in a data-transmitting manner via a bus connection or via a communication network. To this end, the interface means include, but are not limited to, a network card, a mobile network access module, a bus interface connected to the processing means through a bus, and the like. For example, the interface device corresponding to the second computer system is communicatively connected to the interface device of the first computer system, the interface device of the user equipment, and the like. Each of the interface devices performs data communication through the internet, a mobile network, and a local area network.
The storage device is for storing at least one program that can perform any one or more of the methods described above. The storage device corresponding to the same electronic device may be located on the same physical server as the processing device, or may be located in a different physical server and transfer the program to the processing device running the program through the interface device of each server. The storage may include high speed random access memory and may also include non-volatile memory, such as one or more magnetic disk storage devices, flash memory devices, or other non-volatile solid state storage devices. In certain embodiments, the memory may also include memory that is remote from the one or more processors, such as network-attached memory accessed via RF circuitry or external ports and a communication network (not shown), which may be the internet, one or more intranets, Local Area Networks (LANs), wide area networks (WLANs), Storage Area Networks (SANs), etc., or a suitable combination thereof. The storage device also includes a memory controller that can control access to the memory by other components of the device, such as the CPU and peripheral interfaces. Among the software components stored in the storage device are an operating system, a communications module (or set of instructions), a text input module (or set of instructions), and an application (or set of instructions).
The processing device is operatively coupled with the storage device. More specifically, the processing device may execute programs stored in the memory and/or the non-volatile storage to perform operations in the task platform. As such, the processing device may include one or more general purpose microprocessors, one or more application specific processors (ASICs), one or more field programmable logic arrays (FPGAs), or any combination thereof. Wherein, the plurality of CPUs included in the processing device can be located in the same entity server or distributed in a plurality of entity servers, and realize data communication by means of the interface device so as to cooperatively execute the steps of the methods.
Please refer to fig. 2, which is a flowchart illustrating a data query method according to an embodiment. The data query method comprises steps executed by a second computer system, steps executed by a first computer system and steps executed by a third computer system. The first computer system is provided with a first data query system, the second computer system is provided with a second data query system, the third computer system is provided with a third data query system, and the data query systems are software systems operated in the corresponding computer systems.
According to the foregoing scenario examples, the computer system executing the relevant steps of the method may also be other computer systems capable of executing the relevant steps, and is not limited to the computer system shown in this embodiment; accordingly, the software systems may be configured separately or combined in a physical computer system that performs the corresponding steps, which is not illustrated herein.
In step S110, the second data query system transmits at least one query service based on the query requirement of a target user.
Wherein the target user is a provider of sensitive data, which may be a person, a business, etc. For example, the target user is a borrower who applies for a loan. The second data query system is intended to obtain a query result corresponding to a target user without providing sensitive data of the target user by using a network architecture constructed by the hardware system illustrated in fig. 1, and further perform evaluation on a corresponding query requirement by using the query result. Here, the query request is generated by the target user through offline or asynchronous application. Wherein the query requirement comprises: loan line assessment requirements for loan purposes, etc., personal credit assessment requirements for contractual purposes, etc.
To this end, the second data query system generates at least one query service based on the query requirements. Wherein the query traffic is associated with a mathematical computation that is required to describe the query. For example, in the query requirement of the loan amount, in order to determine that the target user can be delivered a loan in the interval [ a1, a2] ten thousand yuan, mathematical calculations are required to be constructed including comparing the loan balance of each loan institution with the loanable amount of the target user. Correspondingly, the query service includes: and inquiring the loan balance of the target user in a plurality of loan institutions. For another example, still taking query requirements of loans as an example, the query requirements include statistics of loan times, and mathematical calculations including summaries of loan times of each loan institution need to be constructed to determine the historical loan times of the target user. Correspondingly, the query service includes: and inquiring the loan times of the target user in a plurality of loan institutions.
The query service comprises information to be queried and a query request subjected to first encryption processing. The information to be queried refers to information which is acquired from a data source and is related to the type of a query result for performing mathematical computation. Examples of the information to be queried include: loan times, loan balance mean and variance, personal loss of credit times, refund times, return reason statistics, and the like.
In addition, in order to remove the sensitive data about the target user, the query service is also provided with a query request corresponding to the target user. The query request is used for indicating the position of the target user in a user group. Wherein the user group is uniformly set in at least the second data query system and the third data query system. In other words, the second data query system and the third data query system are pre-configured with the order of the user information in the user group. In some examples, registered users are divided into a plurality of user groups of the same size in a preset manner, and as long as the grouping size is large enough, the purpose of hiding sensitive data can be achieved by the grouping manner, and the design is a trade-off between efficiency and privacy. For example, suppose there are N registered users, which are divided into several groups, each group having a size Ng. For registered users with identity u, the first data query system may assign unique tuples (gids) to the usersu,pidu) And sharing to other data query systems. Wherein giduIs a group id, piduIs that the user is in a groupThe position of (a). It is obvious that
Figure RE-GDA0002128069360000121
And 0. ltoreq. pidu<Ng
In some specific examples, the user group may be a default group, e.g., the user group is all users registered in the second data query system and updated to the third data query system either synchronously or asynchronously. In yet other specific examples, the second data query system divides the registered users into a plurality of user groups and distinguishes the user groups based on the number (e.g., gid) of each user group by updating to the third data query system synchronously or asynchronously. Therefore, when the number of the user groups is multiple, the query service further includes the user group information of the target user.
Wherein, the sequence of the user information in the same user group is consistent in the second data query system and the third data query system. Or, the order of the user information in the same user group has a corresponding relationship in the second data query system and the third data query system. In some more specific examples, the corresponding relationship is configured on the side of the first data query system, and the first data query system converts the order of each user in the user group provided by the second data query system into the order of each user in the user group required by a corresponding third data query system according to the corresponding relationship.
The query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group. The query request comprises at least one-dimensional sub-query requests, wherein each one-dimensional sub-query request comprises a plurality of sub-query elements. The location of the user in the user group may correspond to the location of each sub-query element in the query request in the respective dimension. Here, to remove the sensitive data of the target user, taking 0 and 1 as examples of representing a non-target user and a target user in a user group, where the user group includes 12 users, and the 4 th user is the target user, the plaintext of the query request may be represented as {0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0}, and the plaintext of the query request is encrypted by using a first encryption process to obtain a one-dimensional sub-query request represented as: { E (0), E (0), E (0), E (1), E (0), E (0), E (0), E (0), E (0), E (0), E (0), E (0) }; or encrypting the plaintext of the query request to obtain a two-dimensional sub-query request, wherein the two-dimensional sub-query request is represented as: { { E (0), E (1), E (0), E (0) }, { E (1), E (0), E (0) }. And E (0) and E (1) in each dimension sub-query request are sub-query elements.
The first mathematical calculation performed on the query request after the first encryption processing for the purpose of obtaining the query result has an effect equivalent to the second mathematical calculation performed on the plaintext of the query request, so that each data query system participating in the data query can obtain the query result corresponding to the target user through the query request after the first encryption processing. In some examples, the first encryption process is set based on homomorphic encryption. For example, the first encryption processing mode is based on a formula
Figure RE-GDA0002128069360000131
Figure RE-GDA0002128069360000132
Provided that E (0) and E (1) in the preceding example correspond to x here1,x2The case of 0 and 1; r is a random number; g and n are public keys of a first encryption processing mode; the first encryption processing method in this example has an addition homomorphism: e (x)1)E(x2)=E(x1+x2) And multiplicative homomorphism:
Figure RE-GDA0002128069360000133
Figure RE-GDA0002128069360000134
the characteristic of (1), it can be seen that the multiplication calculation using the query request subjected to the first encryption process is equivalent to the addition calculation of the plain text, and the exponential multiplication calculation using the query request subjected to the first encryption process is equivalent to the addition calculation of the plain textThe multiplication of (2). It should be noted that the first encryption method is not limited to the homomorphic encryption algorithm provided by the formula, and other encryption algorithms with homomorphic property are also applicable to this.
As can be appreciated from the query requests described in the above examples, the query requests can be represented by a one-dimensional array. If the number of users in the user group is too large, the number of the query requests is also huge, which is not favorable for data communication. To this end, in some other examples, the locations of users in the user group are described by a multi-dimensional query request. For example, the user group includes 12 users, wherein the target user is fourth, and the manner of describing the fourth target user (second row and first column) in the user group by using the two-dimensional query request (4 × 3) is { { q (0), q (1), q (0), q (0) }, { q (1), q (0), q (0) }, so that it can be seen that 12 one-dimensional query requests are converted into 7 two-dimensional query requests. Generalized from the two-dimensional example above, the query request is set to a multi-dimensional sub-query request according to the minimization of data transmission amount. For example, if the number of users in the user group is 1000, the dimension of the query request is set to three dimensions (10 × 10 × 10), and 30 query elements in total need to be described.
In this case, in order to perform a data query using the first encryption algorithm, the query request may mark one or more target users in the user group. In order to perform fast calculation by using the multidimensional space constructed by the query request, only the user corresponding to one position in the space is marked as the target user in the query request, that is, the sub-query elements of each dimension corresponding to one position in the multidimensional space constructed by the query request are the values 1 subjected to the first encryption processing, and the sub-query elements of each dimension corresponding to the rest positions are the values 0 subjected to the first encryption processing.
In some examples, the second data query system sends the generated at least one query transaction to a third data query system to obtain query results of the target user at the third data query system. In still other examples, the second data query system sends the generated at least one query service to the first data query system, and the first data query system may forward the query service based on a plurality of preset data sources, or forward the query service according to at least one data source specified in the query service, and obtain a query result of the corresponding target user fed back by a third data query system in the plurality of data sources.
Taking the first data query system receiving the query service as an example, in step S210, the first data query system receives at least one query service sent by the second data query system, and forwards the query service to a third data query system including a corresponding data source, so that the third data query system executes step S320.
Taking the third data query system receiving the query service as an example, in step S310, the third data query system receives at least one query service sent by the second data query system, and performs step S320.
In step S320, the third data query system obtains a query data set of the user group where the target user is located according to the information to be queried.
Here, the third data query system reads a query data set corresponding to the entire user group from the database according to gid of the user group and information to be queried. In some examples, the information to be queried corresponds to a data item in a database, and this step includes reading a first query data set corresponding to the user group in the database according to the data item corresponding to the information to be queried in the database, and taking the first query data set as the query data set. For example, the information to be queried is a loan balance, and the database of the third data query system contains a data item of the loan balance, then the third data query system reads a query data set of the corresponding user group in the database.
In still other examples, the third data query system needs to determine a corresponding data item in the database according to the information to be queried, preprocess the first query data set according to a preprocessing mode of the data item in the information to be queried to obtain a second query data set, and use the second query data set as a query data set obtained according to the information to be queried and the user group. For example, if the information to be queried is whether a loan exists, the third data query system reads the first query data set of the user group according to the data item of the loan balance, and performs preprocessing on the condition that the loan balance is greater than 0 to indicate that the loan exists, so as to obtain a second query data set of the user group with the loan. And if the information to be inquired is the square of the loan balance, the third data inquiry system reads the first inquiry data set of the user group according to the data item of the loan balance and carries out preprocessing according to the formula of the square of the loan balance to obtain a second inquiry data set of the square of the loan balance in the user group.
In other examples, the step includes performing a second encryption process on each query data in the query data set, and using the query data set subjected to the second encryption process as a query data set for subsequent processing. In some specific examples, according to the description of the information to be queried, the third data query system performs a second encryption process on the plaintext of each query datum read from the database, thereby obtaining a commitment value of the plaintext of the query datum, and the commitment value forms a query data set. In some specific examples, according to the description of the information to be queried, the third data querying system pre-processes the plaintext of each query data read from the database, and performs a second encryption process on the pre-processed plaintext of the query data, thereby obtaining a commitment value of the pre-processed plaintext of the query data, and the commitment value constitutes a query data set. In order to facilitate the second data query system to calculate the commitment value so as to obtain the data processing requirement for equivalently calculating the query data plaintext corresponding to the commitment value, the second encryption processing is also a homomorphic encryption mode.
For example, a second encryption method based on homomorphic encryption is: given two large prime numbers p and q such that q | p-1, assume GqIs ZpA subgroup of order q. Let G and h be GqAnd the commitment function is recorded as F (x, r) ═ gxhrmod p, where x ∈ ZqIs a commitment value, r isAt ZqThe random number of commitments is randomly selected. Wherein F (x) may be abbreviated as F (x, r). Here, the resulting commitment function F is additively homomorphic: given two commitments c1=F(x1,r1) And c2=F(x2,r2) Can obtain
Figure RE-GDA0002128069360000151
I.e. c1c2Is x1+x2The commitment of (1). The random number in the commitment masks the committed value, so the commitment of x does not show any information about the value of x.
In step S330, the third data query system obtains the query result corresponding to the target user from the query dataset according to the query request subjected to the first encryption processing, and feeds the query result back.
Here, the third data query system performs operation processing on the query request subjected to the first encryption processing and the query data set according to an operation manner corresponding to the first encryption processing and the query request of each dimension, thereby extracting a query result corresponding to the target user.
Here, according to the situation that each query data in the actual query data set may be partially or entirely empty, partially or entirely 0, or partially or entirely a numerical value (or a character string or the like) not equal to 0, and the like, before extracting the query result of the target user according to the dimension of the query request, it is determined whether the query data set is empty.
In some examples, the query data set of the user group queried by the third data query system is empty. For example, all users in the user group do not record the loan balance at the loan institution where the third data query system is located. In some specific examples, the third data query system feeds back a null value (null) to the second data query system as a result of the query by the corresponding target user, or feeds back the null value to the second data query system via the first data query system. In some specific examples, to avoid the clear text query result, the step S330 includes: taking the corresponding empty preset numerical value as a query result corresponding to the target user; and performing first encryption processing on a preset numerical value for a preset number of times by using the query request subjected to the first encryption processing to obtain a query result corresponding to the target user.
For example, the preset null value corresponds to a value obtained by performing the first encryption processing on the value 0, and the value is used as the query result corresponding to the target user. For another example, the preset null value corresponds to a value (e.g., E (0)) obtained by performing the first encryption process on the value 0 as the query result corresponding to the target user; for another example, according to the dimension number d of the query request, the preset null value corresponds to a value obtained by performing the first encryption processing on the value 0 d times (e.g., E)d(0) As a result of the query corresponding to the target user.
In yet another example, when at least one query data is contained in the query data set, the step S330 includes: and calculating the query request subjected to the first encryption processing and the query data set based on the operation mode corresponding to the first encryption processing mode.
Here, the third data query system extracts query data of a corresponding target user in the query data set by using the query request in a space constructed based on the dimension of the query request.
Taking the dimension of the query request as a dimension as an example, the third data query system queries according to a formula
Figure RE-GDA0002128069360000161
Performing index calculation on each sub-query element in the query request and the corresponding query data, wherein x isiAs plain text of sub-query elements, aiTo correspond to xiWhen the plaintext of a sub-query element is 0, the corresponding sub-query element is E (0), and E (0 × a) is obtained according to the above formulai) When the plaintext of a sub-query element is 1, the corresponding sub-query element is E (1), and E (1 × a) is obtained according to the formulai) I.e. E (a)i). The third data query system feeds back query data II E (x) subjected to primary first encryption processingiai)=E(ai). The query data is a query data plaintext or a commitment value stored in a database.
Taking the dimension of the query request as a multi-dimension as an example, the step S330 includes: corresponding each query data in the query data set with a position representing the space based on the space constructed by the ith dimension sub-query request and the remaining dimension sub-query requests; calculating each sub-query element corresponding to the ith dimension in the space and corresponding query data by using the operation mode to obtain a new query data set projected in the ith dimension; repeating the process by using a new space constructed by the (i +1) -dimensional sub-query request and the sub-query requests of the remaining dimensions and a new query data set until all dimensions are traversed to obtain a query result corresponding to the target user; wherein i is more than 0 and less than or equal to d, and d is the total number of dimensions.
The space is used to assist in explaining the correspondence between the sub-query elements and the query data in the query data set, and may be expressed in the form of a memory opened up in the computer execution process, or provide a logical mapping relationship based on computer program instructions. In some specific examples, the multi-dimensional sub-query request is expanded along the i-dimension to construct a spatial matrix based on the space constructed by the i-dimension sub-query request and the remaining-dimension sub-query requests, and the query data are mapped into the spatial matrix according to the sequential number of the query data in the query data set. In other specific examples, the location of the query dataset in the space is derived using a formula:
row_len=m*/mi
Figure RE-GDA0002128069360000171
and
Figure RE-GDA0002128069360000172
wherein m isiThe space determined for the number of sub-query elements in the ith dimension based on the query request setLength of the ith dimension; m is*Is the capacity of the space; row _ lcn is the capacity of the remaining dimension;
Figure RE-GDA0002128069360000173
numbering the sequence of the jth query data in the query dataset; r and c are the locations of the jth query data in the space, respectively.
Using the correspondence between the sub-query elements determined by any of the above-described constructed spaces and the query data, the third data query system performs the following operations: respectively calculating each non-empty query data of the r-th row in the space and the r-th sub query element of the ith dimension by using a first operation item in an operation mode to obtain each calculation result corresponding to the r-th row; aggregating each c-th row calculation result in the space by using a second operation item in an operation mode to obtain a new query result set; where r and c represent the location of the query data in space. The calculation is performed by using the operation characteristics of the first encryption process, such as the operation characteristics of E (x) E (x + y), E (x) y (E (xy)) generated by the above homomorphic encryption process, to obtain a new query result set.
And repeating the process by utilizing a new space constructed by the (i +1) th dimension sub-query request and the remaining dimension sub-query requests and a new query data set until all dimensions are traversed to obtain a query result corresponding to the target user.
Taking the example of a group of Ng registered users, not all of whom borrow money from the same lender, especially some small lenders, the array of borrower information may be very sparse, as each lender Si only needs to store its own borrower information. For example, if only 1/10 borrows money from the lender, the sparseness (i.e., the proportion of empty terms) of most lender groups will exceed 0.9. Sparsity is exploited to speed up the PIR process, i.e. skip empty entries when generating results.
In particular, for a sparse query result set a with m terms, assume that m 'terms are not empty (this means that m is Ng and only m' users in the group borrow from the lenderIs { ind1:a1,ind2:a2,...,indm′:am′}, each of (ind)j:aj) (1. ltoreq. j. ltoreq. m') is a pair of an index and a value. Each indjCorresponding to one pid, each ajCorresponding to some xibIntuitively, for an array A of size m, if it is desired to extract entries for position ind, each row _ len entry may be first grouped together into a group and the array treated as a row _ len × (m x/row _ len) matrix]Is calculated as (r, c) and the r-th row is extracted. This process is then applied recursively to extract the c-th entry of the extracted row. Skipping empty entries to reduce computational overhead finally, the algorithm returns the extracted entries. The computational complexity is proportional to the number of non-null terms (i.e., the number of registered users borrowing funds from the lender).
The algorithm based on the above example is described as follows:
Figure RE-GDA0002128069360000181
for an example in which the dimension of the query request is two-dimensional, see fig. 3, which shows an example in which the dimension of the query request is 2-dimensional, where the query request is: q { { q { }11,q12,q13},{q21,q22,q23,q24} in which q isijFor the ith and jth sub-query elements, each sub-query element corresponds to a 0 or 1 processed by the first encryption, in other words, each qijIs q { { q { }11,q12,q13},{q21,q22,q23,q24{ E (0), E (1), E (0) }, { E (0), E (1), E (0) }. First dimension sub-query request q11,q12,q13And sub-query requests of the remaining dimension (i.e., the second dimension) { q }21,q22,q23,q24The space P1 constructed is shown in FIG. 3; the third data query system will query the data set { NA, x2,NA,x4,x5,NA,NA,x8,x9,x10NA, NA }, sequentially corresponding the values in the query data set to the spatial positions according to the spatial positions provided by the space P1, where NA represents that the query data is empty, see fig. 4, which is a schematic diagram showing a corresponding relationship between the query request and the query result set shown in fig. 3, where q is a value obtained by comparing the query data with the query result set shown in fig. 311Sub-query element correspondence array { NA, x2,NA,x4};q12Sub-query element correspondence array { x5,NA,NA,x8};q13Sub-query element correspondence array { x9,x10NA, NA }. Wherein, according to the sub-query element q representing the number 1 in the query request q12And q is23At a position in space, the query data corresponding to the target user is the 7 th data NA in the query dataset.
Calculating each sub-query element and the value in the corresponding array according to formula E y ═ E (xy), wherein for the query data marked as Null (NA), the third data query system skips processing to obtain the calculation result shown in fig. 5, and aggregating each calculation result along the first dimension direction according to formula E (x) E (y) ═ E (x + y) to obtain a new query data set as (E (a + y) ((a)21),E(0),NA,E(a24) Wherein, a)21Corresponds to x5,a24Corresponds to x8
According to a second dimension sub-query request { q in the query request q21,q22,q23,q24One-dimensional space constructed, new query data set (E (a)21),E(0),NA,E(a24) Repeat the above process to obtain the query result corresponding to the target user as E (0).
Taking the dimension of the query request as a three-dimensional example, please refer to fig. 6, which shows an example that the dimension of the query request is 3 dimensions, where the query request is: q { { q { }11,q12,q13,q14},{q21,q22,q23},{q31,q32} in which q isijFor the ith and jth sub-query elements, each subThe query element corresponds to a 0 or 1 that has been subjected to the first encryption process, in other words:
q={{q11,q12,q13,q14},{q21,q22,q23},{q31,q32}} ={{E(0),E(0),E(1),E(0)},{E(0),E(1),E(0)},{E(1),E(0)}}
wherein the first dimension sub-query request q11,q12,q13,q14And sub-query requests of the remaining dimensions (i.e., second and third dimensions) { q }21,q22,q23},{q31,q32The space P1 constructed is shown in FIG. 6; the third data query system will query the data set { NA, x2,NA,x4,NA,NA,NA,NA,NA,NA,NA,NA,x13,x14,x15NA, NA }, according to the spatial position provided by the space P1, the values in the query dataset are sequentially mapped to the spatial positions according to a predetermined sequence, see fig. 7, which shows the mapping relationship of the query dataset to the spatial positions in the space P1 shown in fig. 6, i.e. q11Sub-query element correspondence array { NA, x2,NA,x4,NA,NA};q12The sub-query elements correspond to an array { NA, NA, NA, NA, NA }; q. q.s13Sub-query element correspondence array { x13,x14,x15,NA,NA,NA};q14The sub-query elements correspond to an array { NA, NA, NA, NA, NA }. Wherein, the sub-query element q represents the number 1 in the query request q13、q22And q is31The position in space of the query data corresponding to the target user is the 15 th data x in the query data set15
According to the formula E (x)yCalculating each sub-query element and the value in the corresponding array, wherein for the query data marked as Null (NA), the third data query system skips processing to obtain the calculation result shown in fig. 8, and aggregating each calculation result along the first dimension direction according to the formula E (x) E (y) E (x + y) to obtain a new query data set as (E (a) (xy)31),E(a32),E(a33) E (0), NA, NA), wherein a31Corresponds to x13,a32Corresponds to x14,a33Corresponds to x15
According to a second dimension sub-query request { q in the query request q21,q22,q23And remaining sub-query requests q31,q32Two-dimensional space constructed, new query data set (E (a)31),E(a32),E(a33) E (0), NA, NA) repeats the above process to obtain a new query data set of (E (E (a))33)),E(E(0)))。
According to the formula E (x)yE (xy), each sub-query element and the value in the corresponding array are calculated, wherein for the query data marked as Null (NA), the third data query system skips processing to obtain the calculation result as shown in fig. 9, and the calculation results are aggregated according to the formula E (x) E (y) E (x + y) along the second dimension direction to obtain the query result E (a) (E + y) corresponding to the target user33))). The query result of the target user is the query data x subjected to the third first encryption processing15
Based on the above example and generalized to a higher dimension query request, the query result is one of at least one query result obtained based on the dimension of the query request. In other words, the query result generated based on the possibility that the query result set obtained in the third data query system contains a space in a certain dimension has one of a plurality of query results obtained based on the dimension. In addition, if the query data of the target user in the third data query system is Null (NA), the query result unrelated to the dimension or the query result related to the dimension can be obtained according to the actual design requirement.
Please refer to the 3 × 4 array shown in FIG. 10 and FIG. 11 as an example, where FIG. 10 all items are non-empty, and FIG. 11 where column 3 contains only the queried item a23. With respect to fig. 10, when the third data query system extracts the second row,
Figure RE-GDA0002128069360000201
wherein xij0 or 1, to obtain
Figure RE-GDA0002128069360000202
Figure RE-GDA0002128069360000203
However, for FIG. 11, when the third data query system extracts the second row, it obtains
Figure RE-GDA0002128069360000204
Figure RE-GDA0002128069360000205
Thus, the second data query system receives E (E (a)23) After that, first the outermost encryption is decrypted and E (a) is obtained23). Then by comparison
Figure RE-GDA0002128069360000206
And
Figure RE-GDA0002128069360000207
the recipient may conclude whether column 3 contains other non-empty items.
In other scenarios, the second data querying system may infer the additional information by checking whether decryption returns a 0. For example, the query of FIG. 12 returns E (E (0)). This is because a23 is empty and skipped. Similarly, the query of FIG. 13 returns E (0)1) Wherein 0 is1Is a 0 string whose length is equal to the length of the ciphertext (e.g., 2048 bits for Paillier with 1024-bit private key). FIG. 14 shows a completely empty array, we set 0 to the output (line 19 in Algorithm 1). Formally, for a d-dimensional query to extract term e, there are d +2 possibilities for the result of algorithm 1: 0, E (0)d-1), E2(0d-2),....,Ed-i(0i),....,Ed-1(01),Ed(0),Ed(e) In which Ei(·)=E(Ei-1(. -) and 0iIs and E (0)i-1) 0 character strings of the same length. Although these ciphertexts have the same length, they can be decrypted and their type found. Thus, different types of arrays result in different types of outputs, which shows additional information of the arrays. When the second data querying system obtains a response from the third data querying system, decryption is performed a maximum of d times to obtain plaintext. During decryption, the second data query system may encounter ciphertext or a 0 string. As can be seen from the above, the third data query system also represents query data of the information to be queried of the target user, which is subjected to at least one first encryption processing.
In order to prevent the query results of the target user and other users in the user group from being reversely deduced and leaked, in the iteration process, the third data query system further performs the following steps: each query result in the new set of query results is added to the first noise data, the processes are repeated using a new space constructed using the (i +1) th dimension sub-query request and the remaining dimensions of sub-query requests, and the new set of query data added to the first noise data. The first noise data may be data obtained by subjecting a value 0 to a first encryption process. For example, each query result E (a) in the query dataset is represented by the formula E (x) E (y) ═ E (x + y)33) Multiply E (0) to obtain the query result containing the first noise data, i.e., E (E (a)33))E(0)= E(E(a33)+0)。
In some specific examples, the first data query system is configured to obtain query results that the target user has been empty in the third data query system; wherein the numerical value indicated as empty may be the number 0.
In step S340, the third data query system feeds back the obtained query result corresponding to the target user according to the obtained query service.
In some examples, the third data query system feeds back the query results to the first data query system. In still other examples, the third data querying system feeds back query results to the second data querying system.
The data query method provided by the third data query system is not limited to the query method for the loan application. The target user, user group, and respective corresponding query data (sets) should be adapted to the respective application scenario for adaptation. In some of the more general descriptions for database queries, the target user may correspond to a target object and the group of users may correspond to a group of objects. The target object corresponds to a first data item in the database, and the query result is a second data item in the database, which is in an incidence relation with the first data item based on the index, or data preprocessed based on the second data item. The object group can be regarded as a query scope, which can also be exemplified by a time scope, an index scope, a condition scope, etc. For example, in the query business of capacity index evaluation, environmental index evaluation and the like produced by government-regulated enterprises, the data query mode can be used for obtaining the production index information in the production index database of the enterprise for evaluation under the condition of not leaking production operation conditions. For another example, when a movie ticket house is counted, the actual ticket selling condition of a certain movie can be obtained for statistics by using the data query mode under the condition that the operation condition of the movie theater is not leaked. For another example, when the multi-e-commerce platform addresses the warehouse, the data query mode can be used for acquiring data for a consumption area for statistics and the like without leaking order information of each e-commerce platform. It can be seen that the terms provided in the data query mode provided by the third data query system (such as target users, user groups, etc.) should be broadly understood without limiting query service generation, subsequent processing of query results, etc.
Taking the third data query system as an example to feed back the query result to the first data query system, the first data query system obtains the query result provided by at least one third data query system (i.e. data source):
in step S220, the first data query system fuses the query results corresponding to the target user and the information to be queried, which are obtained from at least one third data query system, according to the query service, and feeds back the query results to the second data query system.
The first data query system collects the query results fed back by the third data query systems according to the query service, and the query results are fused together so as to provide complete query results for the second data query system. Correspondingly, the second query system executes step S120 to obtain a query result corresponding to the target user according to each query service.
In some examples, to confirm that the query results aggregated from the data sources are consistent with the verification data provided by the target user, the first data query system further performs the following steps: generating second noise data; scrambling each query result from each data source and the second noise data to obtain a scrambled result; acquiring verification data and a random number generated based on the query service from a target user; obtaining verification data based on the random number and second noise data; the scramble result, the verification data, and the verification data are sent to a second data interrogation system. The second noise data may be a random number, for example, the second noise data is obtained by performing at least one first encryption process on a value 0 or a commitment value of the value 0.
Here, in one aspect, the first data query system performs scramble processing on the fused query result and the second noise data according to a differential privacy technique. On the other hand, the first data query system acquires the verification data which is provided by the target user and corresponds to the information to be queried. The check data is a summary of query results of each data source, for example, a commitment value of a summary of query data plaintext of each data source. The first data querying system sends the collected scramble results, the verification data, and the verification data to the second data querying system.
Still taking the loan scenario as an example, the third data query system may be considered a lender, the first data query system may be considered an agent, and the second data query system may be considered an inquirer. After the third data query system sends the query result to the first data query systemThe first data interrogation system generates a noisy PIR response (i.e., second noisy data) so that the initiator cannot distinguish what type of output was sent by the second data interrogation system. Other possible outputs, other than 0, are of equal length. To prevent the first data query system from learning extra information from the output, the third data query system uses E when the output is 0d(0) And replacing the output. The first data querying system then generates second noise data. Ciphertext of 0 string, i.e. E (0)d-1), E2(0d-2),....,Ed-i(0i),....,Ed-1(01),Ed(0) It may be generated directly by the first data querying system using the public key of the second data querying system. But to hide the number of commitment cryptograms, i.e. Ed(e) Where E is a commitment, the first data querying system generates a commitment of 0, i.e., F (0), and then encrypts it as Ed(F (0)). Since the second data query system cannot distinguish the commitment of 0 from other commitments, it cannot be determined whether the commitment is from the first data query system or the third data query system as long as the noise generation algorithm achieves strong privacy. Meanwhile, since the second noise data is a ciphertext of 0 or F (0), the result of the consistency check is not affected. Specifically, the first data query system adds Laplace noise to achieve differential privacy [31]. For i 1, 2d-i(0i) Then the type of response is type i response. Further, if the response is committed ciphertext Ed(f (x)), the type of response is type 0 response.
Assume that the first data query system collects ni type i ( i 0, 1.., d) responses from the lender. If the first data query system generated
Figure RE-GDA0002128069360000231
A typei noise response, where, for each i,
Figure RE-GDA0002128069360000232
and mixes it with the response from the lender, the first data inquiry system makes each third data inquiry system toThe type of response of the second data interrogation system enables (,) differential privacy,
Figure RE-GDA0002128069360000233
and is
Figure RE-GDA0002128069360000234
The above described process shows that: if the first data querying system adds an appropriate amount of noise, the second data querying system cannot infer the type of response that each third data querying system sent. Note that the above theorem considers only the case where the second data querying system queries the target user information once. However, sometimes the second data query system may query the information of a particular target user multiple times (e.g., the target user may borrow money from the originator multiple times). In order to still achieve (,) differential privacy in this case, the privacy budgets and splits up to each time. In particular, the first data query system evenly distributes the budget over k queries, such that each query individually implements (/ k,/k) differential privacy.
After receiving the scramble result, the verification data, and the verification data, the second data query system performs step S130 to perform consistency verification on each obtained query result and the verification data provided by the target user.
Here, the second data query system extracts each query result from the scrambled data, calculates a summary of each query result according to a preset ciphertext operation or plaintext operation, and compares the summary with the check data to determine whether the two have/do not have consistency. For example, the check data and the query result are both generated by a second encryption processing mode, and a ciphertext operation capable of achieving equivalent plaintext consistency check is performed by using an operation mode corresponding to the second encryption processing mode to obtain a summary of each query result; and then, according to the operation mode corresponding to the second encryption processing, consistency check is carried out on whether the check data and the summary are consistent or not.
In some examples, each query result extracted from the scrambled results by the second data query system is a query result subjected to d times of the first encryption processing, so that the second data query system further performs decryption processing to obtain query data; and verifying that the obtained query data and the verification data are consistent based on the verification data.
The second data query system decrypts the query results d times according to the dimensionality of the generated query request to obtain query data fed back by each data source, calculates the verification data and the summary according to the operation mode corresponding to the second encryption processing, and if the obtained calculation result is consistent with the verification data, it indicates that the verification data and the summary have consistency, otherwise, it does not have consistency.
The process of consistency checking is described with a loan scenario example:
for each query result, the agent (first data query system) generates
Figure RE-GDA0002128069360000235
A noise response of typc i, wherein
Figure RE-GDA0002128069360000236
Figure RE-GDA0002128069360000237
At the same time, the agent samples random integers
Figure RE-GDA0002128069360000238
And generates n0A commitment F (0, r)1),F(0,r2)……F(0,rn). Then the agent calculates
Figure RE-GDA0002128069360000239
And encrypts commitments to obtain n for type 00And (6) responding. Finally, the agent mixes these responses with the response (first noise data) collected from the lender (third data querying system).
For each Si (third data query system), the borrower b (target user) calculates
Figure RE-GDA0002128069360000241
In addition, the borrower generates a commitment c of the total amount of the borrowed moneyb=F(∑xib,rB). The borrower then sends the delta rB=rB-∑riSend to the agent, and cbSent to the initiator (second data interrogation system) by the agent.
The agent scrambles the response and calculates delta r as delta rB-rFThe response sum Δ r is then sent to the initiator.
The initiator initializes the null set C and decrypts the response. If the response type is type 0 response, the initiator adds the commitment contained in the response to C. Finally, if cb=hΔrAgent side computing
Figure RE-GDA0002128069360000242
And a check is performed.
When the second data query system determines consistency, the second data query system further performs step S140, that is, when the consistency is met, performing evaluation calculation corresponding to the query requirement based on the query results.
In accordance with the aforementioned query requirement herein, in some examples, the query requirement comprises at least one of: and querying and summarizing the demands generated by the target users based on summation operation or statistics. For example, the number of loans of the query target user, the loan balance of the query target user, and the second data query system may evaluate the loan qualification applied by the target user based on a summary of the obtained query results. For example, if it is determined based on the aggregate that the number of loans exceeds a preset number of loans threshold, the target user is assessed as not having the qualification to continue the loan. In another example, if it is determined based on the aggregate that the loan balance is less than the preset loan balance threshold, the target user is assessed as available for loan.
In still other examples, the query result to which the query requirement relates is at risk of being compromised by the first data querying system or the second data querying system. For example, in order to evaluate the query requirement of whether the loan balance of the query target user is within the preset interval, the second data query system needs to obtain the sum of the query results of the data sources. To prevent the summation of the query results mentioned in the above example and generalize to the possibility that the summary of other query data is reflected in the plaintext by the second data query system, the step S140 includes: acquiring data to be evaluated provided by a target user and certification information corresponding to the data to be evaluated based on the query requirement; verifying that the query data in the obtained query result and the data to be evaluated accord with a preset corresponding relation based on the certification information; and after the verification is passed, performing evaluation calculation corresponding to the query requirement on the basis of the acquired query results and the data to be evaluated.
The second data query system obtains data to be evaluated for evaluation calculation and certification information corresponding to the data to be evaluated from a target user according to query requirements. Wherein the attestation information is a sequence of values generated based on the data to be evaluated and the summary, the attestation information being generated, for example, using a zero knowledge attestation algorithm. The second data query system determines that the summary of the data to be evaluated provided by the target user and the query result has a predicted corresponding relation based on the verification calculation established by the zero-knowledge proof, so that the data to be evaluated provided by the target user is credible. For example, variance calculations are performed based on query requirements, e.g.
Figure RE-GDA0002128069360000243
Wherein,
Figure RE-GDA0002128069360000244
is based on a summary of the results of the consistency-validated queries (∑ x)i)2The data to be evaluated (also referred to as a commitment value) is acquired from the target user side. The second data query system is respectively provided with commitments F (xi) and
Figure RE-GDA0002128069360000251
the two commitment values obtained on the two formed data sets are respectively marked as
Figure RE-GDA0002128069360000252
F0=F(∑xi) Wherein in the calculation
Figure RE-GDA0002128069360000253
F in (1)0∑ x needs to be known when calculating the squareiInstead, this step takes the form of the target user sending a commitment to the square of the total balance F2=F((∑xi)2) And its proof information, such as a sequence of values obtained based on a zero-knowledge proof algorithm, etc. By verifying the certification information, certifying F2It is indeed committed that F0The square of the commitment then contains the variance in the evaluation calculation, which can be calculated as
Figure RE-GDA0002128069360000254
With the resulting variance, a statistical evaluation of, for example, loan fluctuations for the target user can be made.
The method for obtaining the data to be evaluated provided by the target user through the certification information can also be used for comparing whether the loan balance of the target user is in a preset interval or not, and further evaluating the evaluation of the subsequent loan amount of the target user. Based on the loan example, generalized to a broader scenario, the query requirement may be at least one of: and inquiring and summarizing whether the inquiry data of the target user is in a preset interval or not, and inquiring and summarizing the fluctuation of the inquiry data of the target user.
Summarizing the above evaluation schemes, the second data query system may obtain query results in the following format:
Figure RE-GDA0002128069360000255
where θ is a public parameter, t is a private input known only to the second data query system, b is a borrower identity (i.e., target user) that should not be revealed to the third data query system, xibIs the private data of the target user b and each third data query system Si, and f is a function cooperatively executed by the target user and the second data query system. For example, in the loan stacking problem, xibIs the amount of the loan from Si to the target user b, t may be the private threshold of the initiator for the target user, f is the return t and
Figure RE-GDA0002128069360000256
as a function of the comparison result of (a).
Based on the description of the above examples, the data query system composed of the first data query system, the second data query system and the third data query system provides a process of safe data query, consistency evaluation and business evaluation based on query results. It should be noted that the above examples only describe the data processing process of each data query system by way of example, and depending on the actual application scenario, part of the functions in the first data query system may be integrated in the second data query system or integrated in the third data query system. Similarly, some of the functions in the second data query system may also be integrated in the first data query system.
In still other embodiments, data security is crucial for financial, personal credit reporting, etc. applications, the data query system needs to perform verification of query services generated based on query requirements before performing data query. In some examples, the query service may be used only as an authentication request to perform the authentication operation described above. In still other examples, the query service may continue the query operation directly after the verification passes, thereby reducing the number of data communications resulting from the verification.
Here, the aforementioned query service is used as a kind of authentication request of the authentication operation, and in some scenarios, the authentication operation may be triggered based on an authentication request dedicated to authentication. Wherein, the verification request comprises a query request processed by a first encryption type; the query request is used for obtaining a query result of a target user from a user group, and the verification request is used for verifying that the behavior of initiating the verification request is authorized by the target user; the dimension of the query request is at least one dimension.
Please refer to fig. 15, which is a flowchart illustrating a method for verifying a right. The authority verification method is mainly initiated by the second verification system and verified by the first verification system, wherein at least the first verification system and the second verification system perform data interaction based on the verification method provided by the application during the verification process. Taking the aforementioned data query system as an example, the second data query system may be regarded as the second verification system, and the first data query system may be regarded as the first verification system. To this end, in a computer system integrated with data query and rights verification, a technician may describe the first data query system as a software system containing the first verification system, or the first verification system as a software system containing the first data query system. Similarly, the technician may describe the second data query system as a software system including the second verification system, or the second verification system as a software system including the second data query system, without limitation. For the sake of simplifying the description, the corresponding relationship between the second verification system and the second data query system will not be illustrated, and similarly, the corresponding relationship between the first verification system and the first data query system will not be illustrated.
In step S111, the second authentication system sends an authentication request to the first authentication system based on an authentication requirement; wherein the authentication request comprises a first cryptographically processed query request; the query request is used for obtaining a query result of a target user from a user group, and the verification request is used for verifying that the behavior of initiating the verification request is authorized by the target user; the dimension of the query request is at least one dimension.
The verification requirement may be generated specifically for verification, for example, to verify the verification requirement generated by applying for the provision of the query service to the second data query system. The verification requirements may also be generated based on query requirements, for example, a loan application being lifted by a target subscriber, based on which a party receiving the loan application generates a query requirement, which itself represents or contains the verification requirements. For simplifying the description, the corresponding relationship between the verification request and the query request is not illustrated, and similarly, the corresponding relationship between the verification request and the query request is not illustrated.
The information contained in the authentication request may be the same as or similar to the information contained in the aforementioned query service, and will not be described in detail herein. Similarly, the step S111 is the same as or similar to the execution process of the step S110 described in the previous example, and is not described in detail here.
After receiving the authentication request, the first authentication system performs step S230, i.e. authenticates the authentication request provided by the second authentication system. After the second data query system performs the verification step and passes the verification, the second data query system performs the step of forwarding the query service in step S210, otherwise, the query service is not forwarded.
Wherein, according to design requirements for security of authentication request, the first authentication system can perform at least one of the following authentications without knowing sensitive data of a target user: verifying the identity of the target user, verifying that the query service is authorized by the target user, and verifying that the format of the query request is legitimate. An authentication operation is performed based on the query request and utilizing at least one attestation information.
In order to avoid the sensitive data involved in the verification operations from being leaked, the verification operations are based on the verification request and utilize at least one certification information to execute the verification operations. According to the purpose to be verified, corresponding certification information can come from a target user and/or a second verification system; the first verification system verifies the authenticity of any one or more of the above using the held data and the acquired certification information. Wherein the corresponding proof information may be generated based on a zero knowledge proof.
To this end, the present application provides various embodiments regarding identity authentication and authorization, which are built based on the following protocol examples:
a) the first authentication system generates a random number reAnd sending to a third verification system;
b) when receiving reThird verification System b calculation
Figure RE-GDA0002128069360000271
Using the public key pk of the second authentication systemlThe third authentication system encrypts y as c-gyrnWherein
Figure RE-GDA0002128069360000272
The third verification system then sends c to the first verification system and proves to the first verification system that he knows the zero-knowledge proof of the plaintext (i.e. y) in c;
c) for group gidbEach user u, the first authentication system calculates
Figure RE-GDA0002128069360000273
And will yuSending to the initiator;
d) the second verification system generates a PIR query q and sends the query and a zero-knowledge proof to the first verification system that the query has the correct format.
e) Second verification System calculation
Figure RE-GDA0002128069360000274
Using q, r and yuThe initiator generates a zero-knowledge proof that proves that for each i ∈ {1, 2.. d }, ciphertext c encrypts a number that is the same as one of the ciphertexts produced by the sub-queries of dimension i.
f) Finally, based on the credentials from the third verification system and the second verification system, the first verification system verifies the following information: 1) the third verification system really knows the plaintext encrypted in c; 2) the format of the query of the second verification system is correct; 3) for each i e {1, 2,..., d }, ciphertext c encrypts the same number as one of the ciphertexts produced by the sub-queries of dimension i.
The above parameters will also appear from the description of the examples below.
In some examples, the step S230 includes: and verifying the identity of the target user in the query service submitted by the second verification system.
In order to avoid disclosure of sensitive data of the target user, such as identity information, the first authentication system authenticates the identity of the target user in the authentication request submitted by the second authentication system by using the first certification information from the target user.
For example, assume that the second verification system would like to query the target user for loan information without the target user's permission. The second authentication system first finds a masquerading who impersonates the target user. When the second authentication system anonymously communicates with the first authentication system, no participant (other than the second authentication system) knows the true identity of the participant on the other side of the anonymous channel. The second verification system then sends a query to obtain loan information for the target user.
Here, to determine that the identity authentication of the target user is legal, each user in the user group is a member registered in advance, or each user in the user group may be registered in a notarized (or trusted) third party. For example, a user who is registered in the first authentication system in real name. And if the verification systems are uniformly accessed to the identity card data system of the public security department.
The first authentication system can send the first random number to each user in the group based on the user group to obtain the second random number fed back by the target user and the first certification information thereof. The first random number may be randomly generated by the first authentication system, or the first random number is generated by the first authentication system based on a secret key separately shared with each user, and may be used to authenticate the identity of each user in the group. And a third verification system used for carrying out identity verification in cooperation with the first verification system is configured in the user equipment used by the target user, the third verification system can confirm the correctness of the key by decrypting the first random number, and generates a second random number and first certification information based on the first random number. The first certification information is a group of value sequences which are generated by a third verification system based on a zero-knowledge certification algorithm and used for certifying the identity of the target user. The first verification system verifies that the first certification information can indeed certify the identity of the target user as one member of the user group by using a zero-knowledge certification algorithm and based on the first certification information and the second random number, thereby passing the identity verification of the target user. The authentication can prove that the identity information of the target user is not a fake user.
For example, the first authentication system sends a first random number r to each user in the user group, which is calculated based on the shared secret key, the random number and the dateeWherein a third authentication system held by the target user is based on the first random number reA pseudo-random number y is obtained and encrypted and then recorded as a second random number c, and the third verification system also generates a verification result ybAnd sends the second random number c and the first certification information zkp1 to the first verification system, which verifies zkp1 and c have a preset correspondence relationship based on c and the first certification information zkp 1. For example, the correspondence relationship is expressed as:
Figure RE-GDA0002128069360000281
where a, z1, and z2 are values in zkp1, and g and n are parameters in the public key.
In some examples, the step S230 further includes: and verifying whether the verification request submitted by the second verification system is authorized by the target user. This step is intended to confirm that the target user does indeed authorize the second authentication system to initiate an authentication request, rather than a forged authentication request. Here, to verify the authorization, the first verification system and the second verification system are executed in cooperation, so that the first verification system completes verification. In one example, this step includes verifying, using second attestation information from the second verification system, whether a verification request submitted by the second verification system is authorized by the target user.
Here, the first authentication system and the second authentication system cooperatively perform the following steps to enable the first authentication system to authenticate whether the authentication request is authorized by the target user. The second verification system generates second certification information based on the data set to be verified related to the dimensionality of the query request, which is provided by the first verification system, and sends the second certification information to the first authority verification system; wherein the second attestation information is to attest that the verification request is authorized by the target user.
Specifically, in step S231, the first authentication system generates a third random number for each user based on the key and the first random number that are separately shared with each user in the user group, so as to obtain a random number set of the corresponding user group. The random number set is obtained by encrypting each key and the first random number. For example, the first verification system utilizes a formula
Figure RE-GDA0002128069360000282
Obtaining a pseudo-random number y corresponding to each useruAnd encrypts the pseudo random number to obtain encrypted data (also called a third random number) c corresponding to each useruWherein r iseIs the first random number, date is the date at which the calculation took place,
Figure RE-GDA0002128069360000283
is an encryption algorithm, y is a plaintext y held by corresponding usersbThe first verification system verifies each user y in the user groupuEncrypted data c is obtained by encryptionuAnd obtain a random number set cu}。
In step S232, the first verification system corresponds each third random number in the random number set to a position representing the space based on the space constructed by the dimension of the query request, calculates each sub-query element in each dimension of the query request and the corresponding random number in the random number set to obtain a to-be-verified data set of the corresponding dimension, please refer to fig. 16, which shows that the query request q is 2 dimensions and constitutes a (3 × 4) matrix, and sets { c } of random numbersuEach third random number c inuCorresponding to the space position formed by the (3 × 4) matrix, respectively carrying out exponential product on each sub-query element q1j on the column corresponding to the first dimension and each third random number in the same column, and converging to obtain the encrypted value of the third random number of the value 1 corresponding to the sub-query element on the column corresponding to the first dimension
Figure RE-GDA0002128069360000291
And respectively carrying out exponential product on each sub-query element q2j on the column corresponding to the second dimension and each third random number in the same column, and converging to obtain an encrypted value of the third random number of the value 1 corresponding to the sub-query element on the column corresponding to the first dimension
Figure RE-GDA0002128069360000292
Wherein j is more than or equal to 1 and less than or equal to k. Based on the above example and generalizing to higher dimensional computations, the first verification system obtains
Figure RE-GDA0002128069360000293
And d is greater than or equal to 1 and less than or equal to d, and d is the dimensionality of the query request.
In step S233, the first verification system sets the obtained data sets to be verified for each dimension
Figure RE-GDA0002128069360000294
And the random number set { cuAnd sending the second verification system.
In step S131, the second verification system generates second certification information based on the to-be-verified data set and the random number set related to the dimension of the query request, and sends the second certification information to the first verification system; wherein the second attestation information is for attesting that the verification request is a sequence of values authorized by the target user.
E.g. c* ikIs the ith dimension element
Figure RE-GDA0002128069360000295
And
Figure RE-GDA0002128069360000296
the result of the exponential product operation along the ith column if the ith dimension isbAn element is E (1), then
Figure RE-GDA0002128069360000297
Wherein,
Figure RE-GDA0002128069360000298
all r, and r for c are known to the second verification system. Making the position pid of the target user correspond to ibkbThen its plaintext satisfies
Figure RE-GDA0002128069360000299
For the
Figure RE-GDA00021280693600002910
Second authentication System random Generation
Figure RE-GDA00021280693600002911
A ekAnd zkCalculating
Figure RE-GDA00021280693600002912
For ik ═ ibkb
Figure RE-GDA00021280693600002913
Figure RE-GDA00021280693600002914
Generating the second attestation information includes: a isb=ωn,ω∈R2lenMin (p, q), wherein p and q are prime numbers;
Figure RE-GDA00021280693600002915
in step S234, the first verification system obtains that the fed-back second certification information zkp2 is { a }b,eb,zb}; and verifying that the verification request submitted by the second verification system is authorized by the target user based on the second certification information. Wherein the second attestation information is derivable by a second verification system based on a zero knowledge attestation algorithm and comprises a sequence of values for attesting that the verification request is authorized by the target user.
For example, a first verification system verifies a ZKP2=(ak,ek,zk) Satisfies the following conditions:
Figure RE-GDA00021280693600002916
and
Figure RE-GDA00021280693600002917
Figure RE-GDA0002128069360000301
where k represents the target user's position in the ith dimension. Wherein when certified by the second certification information
Figure RE-GDA0002128069360000302
And c, when the query service corresponds to the same plaintext, verifying that the query service is authorized by the target user and the identity authentication of the target user is passed.
In some examples, especially for multidimensional query requests, since operations are performed in a "folding" manner in a dimension-by-dimension manner to obtain query results of corresponding target users when the data source side performs query result data extraction of the target users, in this manner of data query, data query needs to be performed for a single target user. Step S230 further includes verifying the validity of the format of the first encrypted query request submitted by the second data query system. This step is intended to verify whether the format of the query request conforms to the format of a query request made to a single target user. In other words, according to the preset dimension of the query request, it is determined that each dimension query request only includes the sub-query element E (1) with the value of 1, and each sub-query element E (1) with the dimension value of 1 corresponds to the same position in the space. For this, the step S230 includes: and verifying the format validity of the first encrypted query request submitted by the second verification system by using the third certification information from the second verification system.
Wherein the first authentication system and the second authentication system cooperatively perform format authentication. Specifically, the second verification system performs step S132, that is, generates third certification information for certifying the validity of the format based on the format of the query request in each dimension. And the second verification system also sends third certification information for certifying the legality of the format of the query request in the verification request when sending the verification request. Wherein the second verification system generates the third attestation information based on a zero knowledge attestation algorithm. The third attestation information includes a sequence of values to attest that the query request is associated with and only one user.
For example, the second authentication system provides a sequence of values for proving that each sub-query element contained in the query request is only encrypted in 0 and 1 plaintext. When the sub-query element qij is the encryption of plaintext 1, the formula is utilized
Figure RE-GDA0002128069360000303
Value sequence for computing qij with plaintext 1 { (a)1,e1,z1),(a2,e2,z2) }; wherein,
Figure RE-GDA0002128069360000304
a2=vnmod n2; e=h(a1,a2,qij,date),e2=e-e1
Figure RE-GDA0002128069360000305
when the sub-query element qij is the encryption of plaintext 0, the formula is utilized
Figure RE-GDA0002128069360000306
Interchanging the above to obtain { (a)1,e1,z1),(a2,e2,z2) The formula of the value sequence of i.e.
Figure RE-GDA0002128069360000307
a1=vnmod n2;e=h(a1,a2,qij,date),e1=e-e2
Figure RE-GDA0002128069360000308
This results in a sequence of values { (a) that proves that qij corresponds to plaintext 01,e1,z1),(a2,e2,z2)}。
The second authentication system also provides a sequence of values for proving that the target user has only one. For example, the second authentication system provides for attestation
Figure RE-GDA0002128069360000309
Is 1, the value sequence p of whichi(a, e, z); wherein, the formula for obtaining the value sequence comprises:
Figure RE-GDA00021280693600003010
a=vnmod n2;e=h(a,qi,date);
Figure RE-GDA00021280693600003011
the second verification system corresponds the obtained certificate qij to the value sequence { (a) of plaintext 01,e1,z1),(a2,e2,z2) }; value sequence (a) proving that qij corresponds to plaintext 11,e1,z1),(a2,e2,z2) }; and a sequence of values (a, e, z) proving that the target user has only one is sent to the first authentication system.
The first authentication system performs the following in step S230: and verifying the format validity of the first encrypted query request submitted by the second verification system by using the third certification information from the second verification system.
Here, the first verification system obtains third certification information for certifying the format legitimacy of the query request in each dimension; and verifying the format validity of the query request based on the third certification information. Wherein the third attestation information is generated based on the query request.
Continuing with the example of step S132 above, the first authentication system is executed toThe following formula:
Figure RE-GDA0002128069360000311
and also
Figure RE-GDA0002128069360000312
To verify qijThe plaintext corresponding to (1) contains only 0 and 1; and by following the formula: z is a radical ofn=a(.g-1qi)emod n2To verify that plaintext 1 in the query request corresponds to the same target user.
In some examples, after all the above verifications are passed, the second data query system performs forwarding the query service to the third data query system in step S210, so that the third data query system performs steps S310 to S340, and feeds back the query result of the target user; and the first data query system continues to perform step S220 and the second data query system performs steps S120-S140. Examples of the above steps are the same as or similar to the examples of the corresponding steps described above and are not described in detail herein.
Based on the description of each example, part or all of the architecture, the query method and the authority verification method provided by the application can realize data transmission, query and authority verification on the basis of data security, and achieve the purpose of obtaining a data processing result corresponding to plaintext operation based on ciphertext operation.
Here, it should be noted that the partial type of random number used in each of the above examples may be a pseudo random number generated by a given random number seed and a pseudo random function, and the pseudo random number may be a deterministic function that takes a character string as an input and outputs a value that appears random. Wherein the pseudo-random function is exemplified by PRFs(x) Representing a PRF function using s as a seed and x as an input. The part type random number comprises PRF used by target user side (such as borrower) and third data query system (such as borrower)sA commitment random number is generated.
Please refer to fig. 17, which is a diagram illustrating a software architecture of a data query system according to the present application. The data query system comprises a first data query system, a second data query system and a third data query system.
The first data query system comprises: the system comprises a first communication module and a query fusion module. The second data query system includes: the device comprises a second communication module, a data processing module, a checking module and an evaluation module. The third data query module comprises: the system comprises a third communication module, a data set query module and a query result generation module.
Wherein, the second communication module is used for executing step S110; the first communication module is configured to perform the step S210; the third communication module is configured to perform the foregoing step S310; the data set query module is used for executing the step S320; the query result generation module is used for executing the step S330; the query fusion module is configured to execute the foregoing step S220; the checking module is used for executing the step S120; the checking module is used for executing the step S130; the evaluation module is used for executing step S140.
The above modules correspond to the steps of the data query method, and the execution process thereof corresponds to the corresponding steps, which are not described in detail herein.
Please refer to fig. 18, which is a diagram illustrating a software architecture of the privilege verification system according to the present application. The authority verification system comprises a first verification system, a second verification system and a third verification system. Wherein, according to the foregoing example, the first authentication system may be incorporated in a first data query system, the second authentication system may be incorporated in a second data query system, and the third authentication system may be incorporated in a user device held by the target user.
Wherein the first authentication system comprises a third communication module and an authentication module; the second authentication system includes: a fourth communication module and a cooperation verification module. And the third verification system is used for providing certification information for verifying the identity of the target user in the action of initiating the verification request in cooperation with the first verification.
Wherein, the fourth communication module is configured to execute the step S111; the third communication module is used for correspondingly acquiring the verification request. The third authentication system, the authentication module and the cooperating authentication module perform the steps mentioned in the aforementioned step S230 in coordination.
The above modules correspond to the steps of the authority verification method, and the execution process thereof corresponds to the corresponding steps, which are not described in detail herein.
In addition, the verification system and the data query system are cooperatively executed to verify the action of initiating the query service by the second data query system and continue the data query method after the verification is passed; to this end, the third communication module and the first communication module may be the same communication module, and the second communication module and the fourth communication module may be the same communication module.
The present application also provides a computer readable and writable storage medium storing a data query computer program, which when executed implements the data query method described above with respect to fig. 2.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application.
In the embodiments provided herein, the computer-readable and writable storage medium may include read-only memory, random-access memory, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, flash memory, a USB flash drive, a removable hard disk, or any other medium that can be used to store desired program code in the form of instructions or data structures and that can be accessed by a computer. Also, any connection is properly termed a computer-readable medium. For example, if the instructions are transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, Digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. It should be understood, however, that computer-readable-writable storage media and data storage media do not include connections, carrier waves, signals, or other transitory media, but are intended to be non-transitory, tangible storage media. Disk and disc, as used in this application, includes Compact Disc (CD), laser disc, optical disc, Digital Versatile Disc (DVD), floppy disk and blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers.
In one or more exemplary aspects, the functions described in the computer program for locating devices on a map or the computer program operating in cooperation between multiple devices described herein may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. The steps of a method or algorithm disclosed herein may be embodied in a processor-executable software module, which may be located on a tangible, non-transitory computer-readable and/or writable storage medium. Tangible, non-transitory computer readable and writable storage media may be any available media that can be accessed by a computer.
The flowcharts and block diagrams in the figures described above of the present application illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In summary, the data query and calculation method and system and the storage medium of the present application can prevent the sensitive information of the target user from being revealed by using the encrypted query request, and can effectively prevent the query result from being revealed by using the encrypted query result. Therefore, when the query service and the query result forwarding party (such as the first data query system) and the query result providing party (such as the data source) cannot acquire the target user and the query result, the applications of sharing, fusing, evaluating and the like by using the sensitive data are realized.
The above embodiments are merely illustrative of the principles and utilities of the present application and are not intended to limit the application. Any person skilled in the art can modify or change the above-described embodiments without departing from the spirit and scope of the present application. Accordingly, it is intended that all equivalent modifications or changes which can be made by those skilled in the art without departing from the spirit and technical concepts disclosed in the present application shall be covered by the claims of the present application.

Claims (56)

1. A data query method for a first data query system, comprising:
receiving inquiry service sent by a second data inquiry system; the query service comprises information to be queried and a query request subjected to first encryption processing; the query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group; the dimensionality of the query request is at least one dimension;
and according to the query service, fusing query results which are acquired from at least one data source and correspond to the target user and the information to be queried and feeding back the query results to the second data query system.
2. The data query method of claim 1, further comprising: verifying the query service; and obtaining the query result corresponding to the target user and the information to be queried from the corresponding data source after the verification is passed.
3. The data query method of claim 2, wherein the step of verifying the query service comprises the steps of:
verifying the identity of a target user in the query service submitted by the second data query system;
verifying whether the query service submitted by the second data query system is authorized by the target user.
4. The data query method of claim 3, wherein the step of verifying the query service further comprises the steps of:
and verifying the format validity of the query request submitted by the second data query system and processed by the first encryption.
5. The data query method of claim 1, wherein the query result is one of at least one query result obtained based on a dimension of the query request.
6. The data query method of claim 1, wherein the query result comprises any one of: and query data which represent the information to be queried of the target user is empty, and the query data which represent the information to be queried of the target user and are subjected to at least one first encryption processing are obtained.
7. The data query method according to claim 5 or 6, wherein the query data is a commitment value obtained by subjecting the query data in plaintext to a second encryption process.
8. The data query method of claim 1, wherein the step of fusing the query results obtained from at least one data source and corresponding to the target user and the information to be queried comprises:
generating noisy data;
scrambling each query result and noise data from each data source to obtain a scrambled result;
acquiring verification data and a random number generated based on the query service from a target user;
obtaining verification data based on the random number and noise data;
the scramble result, the verification data, and the verification data are sent to a second data interrogation system.
9. The method according to claim 8, wherein the check data is a commitment value obtained by subjecting plaintext check data to a second encryption process.
10. The data query method according to claim 1, wherein the first encryption process is set based on homomorphic encryption.
11. A data query method for a second data query system, comprising:
based on the query requirement of a target user, sending at least one query service; the query service comprises information to be queried and a query request subjected to first encryption processing; the query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group; the dimensionality of the query request is at least one dimension;
and acquiring a query result corresponding to the target user according to each query service.
12. The data query method of claim 11, further comprising: and proving the query service for obtaining the query result.
13. The data query method of claim 12, wherein the step of verifying the query service comprises the steps of: and proving whether the submitted inquiry service is authorized by the target user.
14. The data query method of claim 13, wherein the step of validating the query service further comprises the steps of: and proving the legality of the format of the submitted query request subjected to the first encryption processing.
15. The data query method of claim 11, wherein the query result comprises at least one of: and the query data which represent the information to be queried of the target user is empty and represent the query data of the information to be queried of the target user from a plurality of data sources after the data sources are summarized.
16. The data query method of claim 11, wherein the query result is one of at least one query result obtained based on a dimension of the query request.
17. The data query method of claim 16, wherein the query result comprises any one of: and query data which represent the information to be queried of the target user is empty, and the query data which represent the information to be queried of the target user and are subjected to at least one first encryption processing are obtained.
18. The method according to claim 16 or 17, wherein the query data is a commitment value obtained by the second encryption.
19. The data query method of claim 11, wherein the step of obtaining the query result of the corresponding target user according to each query service comprises:
acquiring the following information corresponding to each query service: scrambling results, verifying data and verifying data; wherein the scrambling result is obtained by scrambling based on the query result and the noise data; the verification data comes from the target user; the verification data is derived based on the random number generated by the target user and the noise data.
20. The data query method of claim 19, further comprising: and carrying out consistency check on the obtained query results and the check data provided by the target user.
21. The method according to claim 20, wherein the step of performing consistency check on the obtained query results and the check data provided by the target user comprises:
extracting each query result from the disordered results, and decrypting to obtain query data;
and performing consistency verification on the obtained query data and verification data based on the verification data.
22. The data query method of claim 20, further comprising: and when the consistency is met, performing evaluation calculation corresponding to the query requirement on the basis of each query result.
23. The data query method of claim 22, wherein the query requirement comprises at least one of: and querying and summarizing the demands generated by the target users based on summation operation or statistics.
24. The data query method of claim 22, wherein the step of performing an evaluation calculation corresponding to the query requirement based on each query result comprises:
acquiring data to be evaluated provided by a target user and certification information corresponding to the data to be evaluated based on the query requirement;
verifying that the query data in the obtained query result and the data to be evaluated accord with a preset corresponding relation based on the certification information;
and after the verification is passed, performing evaluation calculation corresponding to the query requirement on the basis of the acquired query results and the data to be evaluated.
25. The data query method of claim 24, wherein the query requirement comprises at least one of: and inquiring and summarizing whether the inquiry data of the target user is in a preset interval or not, and inquiring and summarizing the fluctuation of the inquiry data of the target user.
26. The data query method according to claim 11, wherein the first encryption process is set based on homomorphic encryption.
27. A first data query system, comprising:
the first communication module is used for receiving inquiry service sent by a second data inquiry system; the query service comprises information to be queried and a query request subjected to first encryption processing; the query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group; the dimensionality of the query request is at least one dimension;
and the query fusion module is used for fusing query results which are acquired from at least one data source and correspond to the target user and the information to be queried according to the query service, and feeding the query results back to the second data query system through the first communication module.
28. The first data query system of claim 27, further comprising: the verification module is used for verifying the query service; and when the verification is passed, acquiring a query result corresponding to the target user and the information to be queried from a corresponding data source.
29. The first data query system of claim 28, wherein the verification module is configured to perform the steps of:
verifying the identity of a target user in the query service submitted by the second data query system; and
verifying whether the query service submitted by the second data query system is authorized by the target user.
30. The first data query system of claim 29, wherein the verification module is further configured to verify a legitimacy of a format of the first cryptographically processed query request submitted by the second data query system.
31. The first data query system of claim 27, wherein the query result is one of at least one query result based on a dimension of the query request.
32. The first data query system of claim 27, wherein the query result comprises at least one of: and query data which represent the information to be queried of the target user is empty, and the query data which represent the information to be queried of the target user and are subjected to at least one first encryption processing are obtained.
33. The system according to claim 27 or 32, wherein the query data is a commitment value obtained by subjecting the query data in plaintext to a second encryption process.
34. The first data query system of claim 27, wherein the query fusion module is configured to perform the steps of:
generating noisy data;
scrambling each query result and noise data from each data source to obtain a scrambled result;
acquiring verification data and a random number generated based on the query service from a target user;
obtaining verification data based on the random number and noise data;
sending the scramble result, the check data, and the verification data to a second data query system for the second data query system to verify consistency of the query result and the check data.
35. The system according to claim 35, wherein the check data is a commitment value obtained by subjecting plaintext check data to a second encryption process.
36. The first data query system of claim 27, wherein the first encryption process is configured based on homomorphic encryption.
37. A second data query system, comprising:
the second communication module is used for sending at least one query service based on the query requirement of a target user; the query service comprises information to be queried and a query request subjected to first encryption processing; the query request is used for acquiring a query result of the target user corresponding to the information to be queried in a user group; the dimensionality of the query request is at least one dimension;
and the data processing module is used for processing the acquired query result corresponding to the target user according to each query service.
38. The second data query system of claim 37, further comprising: and the matching verification module is used for verifying the query service for obtaining the query result.
39. The second data query system of claim 38, wherein the orchestration verification module is configured to prove whether the submitted query service is authorized by the target user.
40. The second data query system of claim 39, wherein the match verification module is further configured to prove the legitimacy of the format of the submitted first cryptographically processed query request.
41. The second data query system of claim 37, wherein the query result includes at least one of: and the query data which represent the information to be queried of the target user is empty and represent the query data of the information to be queried of the target user from a plurality of data sources after the data sources are summarized.
42. The second data query system of claim 41, wherein the query result is one of at least one query result derived based on a dimension of the query request.
43. The second data query system of claim 41, wherein the query result comprises at least one of: and query data which represent the information to be queried of the target user is empty, and the query data which represent the information to be queried of the target user and are subjected to at least one first encryption processing are obtained.
44. A second data interrogation system as claimed in claim 42 or 43, wherein the interrogation data is a commitment value obtained by a second type of encryption.
45. The second data query system of claim 37, wherein the second communication module further obtains, for each query service: scrambling results, verifying data and verifying data; wherein the scrambling result is obtained by scrambling based on the query result and the noise data; the verification data comes from the target user; the verification data is derived based on the random number generated by the target user and the noise data.
46. The second data query system of claim 45, further comprising: and the checking module is used for carrying out consistency checking on the obtained query results and the checking data provided by the target user.
47. The second data query system of claim 46, wherein the verification module is configured to extract query results from the scrambled results and decrypt the query results to obtain query data; and verifying each obtained query data and verification data, and verifying that each query data and verification data are consistent when the obtained verification result represents noise data and random numbers.
48. The second data query system of claim 46, further comprising: and the evaluation module is used for carrying out evaluation calculation corresponding to the query requirement on the basis of each query result when the consistency is met.
49. The second data query system of claim 48, wherein the query requirement includes at least one of: and querying and summarizing the demands generated by the target users based on summation operation or statistics.
50. The second data query system of claim 48, wherein the evaluation module is configured to perform the steps of:
acquiring data to be evaluated provided by a target user and certification information corresponding to the data to be evaluated based on the query requirement;
confirming that the query data in the obtained query result and the data to be evaluated accord with a preset corresponding relation through verifying the certification information;
and after the verification is passed, performing evaluation calculation corresponding to the query requirement on the basis of the acquired query results and the data to be evaluated.
51. The second data query system of claim 50, wherein the query requirement includes at least one of: and inquiring and summarizing whether the inquiry data of the target user is in a preset interval or not, and inquiring and summarizing the fluctuation of the inquiry data of the target user.
52. The second data query system of claim 37, wherein the first encryption process is configured based on homomorphic encryption.
53. A data query system, comprising:
at least one data source, configured to perform querying in a user group based on the received query service to obtain a query data set of the user group where a target user is located, and obtain a query result corresponding to the target user from the query data set according to a query request subjected to a first encryption process;
a first data query system as claimed in any one of claims 26 to 36, configured to communicate with at least one data source, so as to send the query service to the data source and perform fusion processing on the query result fed back by each data source;
the second data query system of any of claims 37-52, configured to send the generated query traffic to the first data query system and obtain query results processed in fusion by the first data query system.
54. A first computer system, comprising:
storage means for storing at least one program;
interface means for communicating with at least one data source and a second computer system;
processing means for invoking said at least one program and coordinating said storage means and interface means to perform a data query method as claimed in any one of claims 1-10.
55. A second computer system, comprising:
storage means for storing at least one program;
interface means for communicating with a first computer system as claimed in claim 54;
processing means for invoking said at least one program and coordinating said storage means and interface means to perform a data query method as claimed in any one of claims 11-26.
56. A computer-readable storage medium, in which a data query computer program is stored, which when executed implements the data query method of any one of claims 1 to 10 or the data query method of any one of claims 11 to 26.
CN201910272457.0A 2019-04-04 2019-04-04 Data query and calculation method and system, and storage medium Active CN111783108B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201910272457.0A CN111783108B (en) 2019-04-04 2019-04-04 Data query and calculation method and system, and storage medium
PCT/CN2020/083174 WO2020200306A1 (en) 2019-04-04 2020-04-03 Data query and calculation method and system, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910272457.0A CN111783108B (en) 2019-04-04 2019-04-04 Data query and calculation method and system, and storage medium

Publications (2)

Publication Number Publication Date
CN111783108A true CN111783108A (en) 2020-10-16
CN111783108B CN111783108B (en) 2023-07-21

Family

ID=72755360

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910272457.0A Active CN111783108B (en) 2019-04-04 2019-04-04 Data query and calculation method and system, and storage medium

Country Status (1)

Country Link
CN (1) CN111783108B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112507010A (en) * 2020-12-14 2021-03-16 深圳佑驾创新科技有限公司 Service data processing method and device, computer equipment and storage medium
CN114866317A (en) * 2022-04-29 2022-08-05 中国科学院信息工程研究所 Multi-party data security calculation method and device, electronic equipment and storage medium
CN116579729A (en) * 2023-03-17 2023-08-11 中电金信数字科技集团有限公司 Service data processing method and device

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102299792A (en) * 2011-09-30 2011-12-28 北京理工大学 Method for safely and efficiently fusing data
US20120167234A1 (en) * 2010-12-28 2012-06-28 Verizon Patent And Licensing, Inc. Persona-based identity management system
CN105471826A (en) * 2014-09-04 2016-04-06 中电长城网际系统应用有限公司 Ciphertext data query method, device and ciphertext query server
CN107547525A (en) * 2017-08-14 2018-01-05 复旦大学 A kind of method for secret protection of big data query processing
CN108364223A (en) * 2017-12-29 2018-08-03 阿里巴巴集团控股有限公司 A kind of method and device of Data Audit
CN108665946A (en) * 2018-05-08 2018-10-16 阿里巴巴集团控股有限公司 A kind of access method and device of business datum
CN109376173A (en) * 2018-11-08 2019-02-22 郑州云海信息技术有限公司 A kind of data query method, apparatus, electronic equipment and storage medium
CN109474591A (en) * 2018-11-06 2019-03-15 深圳绿米联创科技有限公司 Account's sharing method, device, electronic equipment and storage medium between multisystem

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120167234A1 (en) * 2010-12-28 2012-06-28 Verizon Patent And Licensing, Inc. Persona-based identity management system
CN102299792A (en) * 2011-09-30 2011-12-28 北京理工大学 Method for safely and efficiently fusing data
CN105471826A (en) * 2014-09-04 2016-04-06 中电长城网际系统应用有限公司 Ciphertext data query method, device and ciphertext query server
CN107547525A (en) * 2017-08-14 2018-01-05 复旦大学 A kind of method for secret protection of big data query processing
CN108364223A (en) * 2017-12-29 2018-08-03 阿里巴巴集团控股有限公司 A kind of method and device of Data Audit
CN108665946A (en) * 2018-05-08 2018-10-16 阿里巴巴集团控股有限公司 A kind of access method and device of business datum
CN109474591A (en) * 2018-11-06 2019-03-15 深圳绿米联创科技有限公司 Account's sharing method, device, electronic equipment and storage medium between multisystem
CN109376173A (en) * 2018-11-08 2019-02-22 郑州云海信息技术有限公司 A kind of data query method, apparatus, electronic equipment and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
周宇等: "基于云计算技术的数据安全管控平台方案研究", 《移动通信》 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112507010A (en) * 2020-12-14 2021-03-16 深圳佑驾创新科技有限公司 Service data processing method and device, computer equipment and storage medium
CN112507010B (en) * 2020-12-14 2022-10-28 深圳佑驾创新科技有限公司 Service data processing method and device, computer equipment and storage medium
CN114866317A (en) * 2022-04-29 2022-08-05 中国科学院信息工程研究所 Multi-party data security calculation method and device, electronic equipment and storage medium
CN114866317B (en) * 2022-04-29 2023-01-10 中国科学院信息工程研究所 Multi-party data security calculation method and device, electronic equipment and storage medium
CN116579729A (en) * 2023-03-17 2023-08-11 中电金信数字科技集团有限公司 Service data processing method and device
CN116579729B (en) * 2023-03-17 2024-06-11 中电金信数字科技集团有限公司 Service data processing method and device

Also Published As

Publication number Publication date
CN111783108B (en) 2023-07-21

Similar Documents

Publication Publication Date Title
CN110419053B (en) System and method for information protection
US11689371B2 (en) Techniques for securing digital signatures using multi-party computation
CN111783109B (en) Data query method, system and storage medium
CN111095332A (en) Method and system for privacy-preserving social media advertising
CN110719176A (en) Logistics privacy protection method and system based on block chain and readable storage medium
JP7555349B2 (en) System and method for providing anonymous verification of queries among multiple nodes on a network - Patents.com
CN114521319A (en) Lattice-based signatures with uniform secrets
US11811934B2 (en) Distributed machine learning via secure multi-party computation and ensemble learning
CN111784337B (en) Authority verification method and system
CN111783108B (en) Data query and calculation method and system, and storage medium
US11856099B2 (en) Cryptographic pseudonym mapping method, computer system, computer program and computer-readable medium
Cha et al. Blockchain based sensitive data management by using key escrow encryption system from the perspective of supply chain
CN111783136A (en) Data protection method, device, equipment and storage medium
Qu et al. A electronic voting protocol based on blockchain and homomorphic signcryption
CN116349203A (en) Identifying denial of service attacks
Li et al. PriExpress: Privacy-preserving express delivery with fine-grained attribute-based access control
CN114514550A (en) Partitioning requests into blockchains
WO2020200306A1 (en) Data query and calculation method and system, and storage medium
Maram Bitcoin generation using Blockchain technology
Davidow et al. Privacy-Preserving Payment System With Verifiable Local Differential Privacy
Yu et al. A novel fair and verifiable data trading scheme
Jiang et al. Enhancing Copyright Protection Through Blockchain and Ring Signature Algorithm From Lattice
Yu et al. SPRA: Scalable policy‐based regulatory architecture for blockchain transactions
Prabhu et al. Enhancing retail business and customer experience using blockchain approach
Taşcı Decentralized secure multiparty computation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant