CN112788107A - Method and system for secure multi-party computing and data sharing - Google Patents

Method and system for secure multi-party computing and data sharing Download PDF

Info

Publication number
CN112788107A
CN112788107A CN202011591513.6A CN202011591513A CN112788107A CN 112788107 A CN112788107 A CN 112788107A CN 202011591513 A CN202011591513 A CN 202011591513A CN 112788107 A CN112788107 A CN 112788107A
Authority
CN
China
Prior art keywords
data
module
information
user
storage layer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011591513.6A
Other languages
Chinese (zh)
Inventor
陈征宇
洪章阳
黄炳裕
黄河
戴文艳
林文国
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Evecom Information Technology Development Co ltd
Original Assignee
Evecom Information Technology Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Evecom Information Technology Development Co ltd filed Critical Evecom Information Technology Development Co ltd
Priority to CN202011591513.6A priority Critical patent/CN112788107A/en
Publication of CN112788107A publication Critical patent/CN112788107A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/568Computer malware detection or handling, e.g. anti-virus arrangements eliminating virus, restoring damaged files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Abstract

A safe multiparty computing and data sharing method and system comprises a data storage layer, a consensus computing system, a privacy protection module and a data monitoring module; the data monitoring module is in communication connection with the privacy protection module and is positioned between the output ends of the data input terminals and the privacy protection module; the privacy protection module is in communication connection with the data storage layer, and the data storage layer is in communication connection with the consensus computing system; the data monitoring module comprises a data loading module, a virus searching and killing module, a data cleaning module, a data marking module, a data caching module and a data uploading module. The invention can remove the common trust characteristic of the trusted third party, so that the user can control the data of the data block chain to be public to all people, and the information of the whole system is highly transparent; the data transmission antivirus is carried out on the user, the database data is well protected, the credit investigation record is carried out on the user through the cache and the mark of the data, and the malicious invasion is effectively avoided.

Description

Method and system for secure multi-party computing and data sharing
Technical Field
The invention relates to the technical field of network data security, in particular to a method and a system for secure multi-party computation and data sharing.
Background
The internet has completed the transition from the IT era to the DT era, and data has become the core competitiveness of DT era enterprises. And the data can only generate value when flowing as a new energy source. However, most enterprises are very careful about data sharing in consideration of data security and personal privacy. In real life, we often suffer from the following problems: hospitals need to share medical information, but do not want to reveal the privacy of individual patients; government agencies need to count election data, but do not want to disclose election records of voters; one manufacturer would like to check product levels with industry standards, but would not want competitors to know their actual production data, etc.; with the rapid development of the current society, the degree of digitalization and informatization is higher and higher, the data privacy has great influence on life and work, and the data privacy protection is important in the fields of medical health, finance and the like. At present, most of data are concentrated into a third-party database, and then a party needing the data obtains information through the third-party database; this may cause that a third party may steal data due to personal interests, which may cause the privacy that a data transmission party wants to protect to be revealed, resulting in loss; on the other hand, data are encrypted and then uploaded, privacy of a data transmission party can be effectively protected, but when a malicious program or virus invades, a source cannot be timely found and found, data leakage is easily caused, and loss is caused.
Disclosure of Invention
Objects of the invention
In order to solve the technical problems in the background technology, the invention provides a method and a system for safe multi-party calculation and data sharing, which remove the common trust characteristic of a trusted third party, so that a user can control the data of a data block chain of the user to be public to all people, and any person can inquire the data through a public interface, and the information of the whole system is highly transparent; meanwhile, when data transmission is carried out on the user, virus killing and invasion prevention are carried out, database data are well protected, a hazard source is found out in time through caching and marking of the data, and then credit investigation records are carried out on the source user, so that malicious invasion is effectively avoided.
(II) technical scheme
The invention provides a method and a system for safe multi-party calculation and data sharing, which comprise a data storage layer, a consensus calculation system, a privacy protection module and a data monitoring module; the data monitoring module is in communication connection with the privacy protection module and is positioned between the output ends of the data input terminals and the privacy protection module; the privacy protection module is in communication connection with the data storage layer, and the data storage layer is in communication connection with the consensus computing system; the data monitoring module comprises a data loading module, a virus searching and killing module, a data cleaning module, a data marking module, a data caching module and a data uploading module;
the data storage layer is used for storing the information data uploaded into the system through the terminal and providing resources for the user needing to acquire the information;
the consensus computing system is used for completing the verification and confirmation of the transaction in a short time through the voting of the special nodes;
the privacy protection module is used for protecting information hidden by the data input user case;
the data loading module is used for loading all information uploaded by a user;
the virus checking and killing module is used for detecting the information uploaded by the user, judging whether a virus or an intrusion program exists or not, killing the virus and the intrusion program, adding the user terminal and the user account into the credit database, and increasing the monitoring strength in the subsequent data transmission;
the data cleaning module is used for finding and correcting recognizable errors in the data files, and comprises the steps of checking data consistency, processing invalid values and missing values and the like;
the data caching module is used for caching the cleaned data for a period of time;
the data marking module is used for marking the concurrent data information uploaded by different users;
and the data uploading module is used for uploading the marked data.
Preferably, the data storage layer comprises a data decryption module, a data integration module and a data updating module;
the data decryption module is used for analyzing and decrypting data uploaded by all different terminal users;
the data integration module is used for classifying and integrating all the decrypted information;
and the data updating module is used for comparing and updating the information uploaded by the user with the information in the database.
Preferably, the virus searching and killing module is provided with a virus library capable of being automatically updated and a corresponding antivirus program.
Preferably, the user of the input terminal may set a limited acquisition range for the upload information when uploading the information.
Preferably, the data in the data storage layer is classified into three categories, namely, no-permission-required data, partial-permission-required data and permission-required data after being classified by the data integration module.
Preferably, the party acquiring the data must acquire the data through a personal account or a company account.
Preferably, the account for acquiring the data information needs to periodically detect the credit.
Compared with the prior art, the technical scheme of the invention has the following beneficial technical effects: the common trust characteristic of a trusted third party is removed, so that a user can control the data of the data block chain of the user to be public to all people, and any person can inquire the data through a public interface, and the information of the whole system is highly transparent; meanwhile, when data transmission is carried out on the user, virus killing and invasion prevention are carried out, database data are well protected, a hazard source is found out in time through caching and marking of the data, and then credit investigation records are carried out on the source user, so that malicious invasion is effectively avoided.
Drawings
Fig. 1 is a block diagram of a method and system for secure multi-party computing and data sharing according to the present invention.
Fig. 2 is a block diagram of a data monitoring module in the method and system for secure multi-party computing and data sharing according to the present invention.
FIG. 3 is a block diagram of a data storage layer in the method and system for secure multi-party computing and data sharing according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings in conjunction with the following detailed description. It should be understood that the description is intended to be exemplary only, and is not intended to limit the scope of the present invention. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present invention.
As shown in fig. 1-3, the present invention provides a method and system for secure multi-party computing and data sharing, which includes a data storage layer, a consensus computing system, a privacy protection module, and a data monitoring module; the data monitoring module is in communication connection with the privacy protection module and is positioned between the output ends of the data input terminals and the privacy protection module; the privacy protection module is in communication connection with the data storage layer, and the data storage layer is in communication connection with the consensus computing system; the data monitoring module comprises a data loading module, a virus searching and killing module, a data cleaning module, a data marking module, a data caching module and a data uploading module;
the data storage layer is used for storing the information data uploaded into the system through the terminal and providing resources for the user needing to acquire the information;
the consensus computing system is used for completing the verification and confirmation of the transaction in a short time through the voting of the special nodes;
the privacy protection module is used for protecting information hidden by the data input user case;
the data loading module is used for loading all information uploaded by a user;
the virus checking and killing module is used for detecting the information uploaded by the user, judging whether a virus or an intrusion program exists or not, killing the virus and the intrusion program, adding the user terminal and the user account into the credit database, and increasing the monitoring strength in the subsequent data transmission;
the data cleaning module is used for finding and correcting recognizable errors in the data files, and comprises the steps of checking data consistency, processing invalid values and missing values and the like;
the data caching module is used for caching the cleaned data for a period of time;
the data marking module is used for marking the concurrent data information uploaded by different users;
and the data uploading module is used for uploading the marked data.
In an optional embodiment, the data storage layer comprises a data decryption module, a data integration module and a data updating module;
the data decryption module is used for analyzing and decrypting data uploaded by all different terminal users;
the data integration module is used for classifying and integrating all the decrypted information;
and the data updating module is used for comparing and updating the information uploaded by the user with the information in the database.
In an optional embodiment, the virus searching and killing module is provided with a virus library capable of being automatically updated and a corresponding antivirus program.
In an alternative embodiment, the user of the input terminal may set a limit acquisition range for the upload information when uploading the information.
In an optional embodiment, the data in the data storage layer is classified into three categories, namely, no-permission-required data, partial-permission-required data and permission-required data after being classified by the data integration module.
In an alternative embodiment, the party acquiring the data must acquire the data through a personal account number or a company account number.
In an alternative embodiment, the account for obtaining the data information needs to detect the credit periodically.
In the invention, the common trust characteristic of a trusted third party is removed through the data storage layer and the common trust calculation system, so that a user can control the data of the data block chain of the user to be public to all people, and any person can inquire the data through a public interface, and the information of the whole system is highly transparent; meanwhile, virus killing and invasion prevention are carried out when data transmission is carried out on a user through a virus searching and killing module in the data detection module, database data are well protected, recognizable errors in data files, including data consistency checking, are found and corrected through the data cleaning module, and invalid values and missing values are processed; and the data is cached and marked by the data caching module and the data marking module, so that a hazard source is found out in time, and then credit investigation is carried out on a source user, so that malicious invasion is effectively avoided.
It is to be understood that the above-described embodiments of the present invention are merely illustrative of or explaining the principles of the invention and are not to be construed as limiting the invention. Therefore, any modification, equivalent replacement, improvement and the like made without departing from the spirit and scope of the present invention should be included in the protection scope of the present invention. Further, it is intended that the appended claims cover all such variations and modifications as fall within the scope and boundaries of the appended claims or the equivalents of such scope and boundaries.

Claims (7)

1. A safe multiparty computing and data sharing method and system are characterized by comprising a data storage layer, a consensus computing system, a privacy protection module and a data monitoring module; the data monitoring module is in communication connection with the privacy protection module and is positioned between the output ends of the data input terminals and the privacy protection module; the privacy protection module is in communication connection with the data storage layer, and the data storage layer is in communication connection with the consensus computing system; the data monitoring module comprises a data loading module, a virus searching and killing module, a data cleaning module, a data marking module, a data caching module and a data uploading module;
the data storage layer is used for storing the information data uploaded into the system through the terminal and providing resources for the user needing to acquire the information;
the consensus computing system is used for completing the verification and confirmation of the transaction in a short time through the voting of the special nodes;
the privacy protection module is used for protecting information hidden by the data input user case;
the data loading module is used for loading all information uploaded by a user;
the virus checking and killing module is used for detecting the information uploaded by the user, judging whether a virus or an intrusion program exists or not, killing the virus and the intrusion program, adding the user terminal and the user account into the credit database, and increasing the monitoring strength in the subsequent data transmission;
the data cleaning module is used for finding and correcting recognizable errors in the data files, and comprises the steps of checking data consistency, processing invalid values and missing values and the like;
the data caching module is used for caching the cleaned data for a period of time;
the data marking module is used for marking the concurrent data information uploaded by different users;
and the data uploading module is used for uploading the marked data.
2. The method and system for secure multi-party computing and data sharing of claim 1, wherein the data storage layer comprises a data decryption module, a data integration module and a data update module;
the data decryption module is used for analyzing and decrypting data uploaded by all different terminal users;
the data integration module is used for classifying and integrating all the decrypted information;
and the data updating module is used for comparing and updating the information uploaded by the user with the information in the database.
3. The system and method of claim 1, wherein the virus searching and killing module has a virus library and a corresponding antivirus program that can be automatically updated.
4. The system and method of claim 1, wherein the user of the input terminal can set a limited acquisition range for the uploaded information when uploading the information.
5. The method and system for secure multi-party computing and data sharing according to claim 1, wherein the data in the data storage layer is classified into three categories, i.e., no-permission-required data, partial-permission-required data and permission-required data, by the data integration module.
6. The method and system for secure multiparty computing and data sharing according to claim 1, wherein the party acquiring the data must acquire the data through a personal account or a company account.
7. The method and system for secure multiparty computing and data sharing of claim 1, wherein the account for obtaining data information requires periodic checking of credit.
CN202011591513.6A 2020-12-29 2020-12-29 Method and system for secure multi-party computing and data sharing Pending CN112788107A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011591513.6A CN112788107A (en) 2020-12-29 2020-12-29 Method and system for secure multi-party computing and data sharing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011591513.6A CN112788107A (en) 2020-12-29 2020-12-29 Method and system for secure multi-party computing and data sharing

Publications (1)

Publication Number Publication Date
CN112788107A true CN112788107A (en) 2021-05-11

Family

ID=75753164

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011591513.6A Pending CN112788107A (en) 2020-12-29 2020-12-29 Method and system for secure multi-party computing and data sharing

Country Status (1)

Country Link
CN (1) CN112788107A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116340975A (en) * 2023-03-16 2023-06-27 江苏骏安信息测评认证有限公司 Cache data safety protection system based on cloud computing

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106682530A (en) * 2017-01-10 2017-05-17 杭州电子科技大学 Method and device for medical information sharing privacy protection based on blockchain technology
CN107103252A (en) * 2017-04-27 2017-08-29 电子科技大学 Data access control method based on block chain
CN109388960A (en) * 2018-10-24 2019-02-26 全链通有限公司 Information sharing and multi-party computations model based on block chain
CN109639779A (en) * 2018-11-29 2019-04-16 贵州航天云网科技有限公司 A kind of dynamic integrity system based on block chain manufacturing service
CN111082990A (en) * 2019-12-19 2020-04-28 上海优扬新媒信息技术有限公司 Block chain consensus method, device, equipment and storage medium
CN111222173A (en) * 2019-12-27 2020-06-02 陕西医链区块链集团有限公司 Distributed transaction recording method based on block chain technology
CN111639361A (en) * 2020-05-15 2020-09-08 中国科学院信息工程研究所 Block chain key management method, multi-person common signature method and electronic device
US10805069B1 (en) * 2019-11-12 2020-10-13 Xage Security, Inc. Multi-layer ledgers for multi-party secure data governance

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106682530A (en) * 2017-01-10 2017-05-17 杭州电子科技大学 Method and device for medical information sharing privacy protection based on blockchain technology
CN107103252A (en) * 2017-04-27 2017-08-29 电子科技大学 Data access control method based on block chain
CN109388960A (en) * 2018-10-24 2019-02-26 全链通有限公司 Information sharing and multi-party computations model based on block chain
CN109639779A (en) * 2018-11-29 2019-04-16 贵州航天云网科技有限公司 A kind of dynamic integrity system based on block chain manufacturing service
US10805069B1 (en) * 2019-11-12 2020-10-13 Xage Security, Inc. Multi-layer ledgers for multi-party secure data governance
CN111082990A (en) * 2019-12-19 2020-04-28 上海优扬新媒信息技术有限公司 Block chain consensus method, device, equipment and storage medium
CN111222173A (en) * 2019-12-27 2020-06-02 陕西医链区块链集团有限公司 Distributed transaction recording method based on block chain technology
CN111639361A (en) * 2020-05-15 2020-09-08 中国科学院信息工程研究所 Block chain key management method, multi-person common signature method and electronic device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116340975A (en) * 2023-03-16 2023-06-27 江苏骏安信息测评认证有限公司 Cache data safety protection system based on cloud computing

Similar Documents

Publication Publication Date Title
Weichbroth et al. Mobile security: Threats and best practices
Dehghantanha et al. Privacy-respecting digital investigation
Peisert et al. Computer forensics in forensis
US20150149208A1 (en) System for anonymizing and aggregating protected health information
US20210377258A1 (en) Attributed network enabled by search and retreival of privity data from a registry and packaging of the privity data into a digital registration certificate for attributing the data of the attributed network
US20120303616A1 (en) Data Perturbation and Anonymization Using One Way Hash
Makura et al. Proactive forensics: Keystroke logging from the cloud as potential digital evidence for forensic readiness purposes
US20230351036A1 (en) Data Analytics Privacy Platform with Quantified Re-Identification Risk
CN112788107A (en) Method and system for secure multi-party computing and data sharing
Gautam et al. Research pattern of internet of things and its impact on cyber security
Leckie et al. Metadata for anomaly-based security protocol attack deduction
Pieterse et al. Smartphone data evaluation model: Identifying authentic smartphone data
Hicks et al. Vams: Verifiable auditing of access to confidential data
CN116663047A (en) Fine-granularity safe data sharing method for privacy protection of patient health record
CN111125020A (en) Block chain-based information security management method, system and server
Al-Sanjary et al. Challenges on digital cyber-security and network forensics: a survey
Iorliam Cybersecurity in Nigeria: A Case Study of Surveillance and Prevention of Digital Crime
CN100594484C (en) Web site server system
CN113111365B (en) Online psychological consultation privacy data protection method, storage medium and system based on envelope encryption
Portillo-Dominguez et al. Towards an efficient log data protection in software systems through data minimization and anonymization
AU2015275323B2 (en) System for anonymizing and aggregating protected health information
Roy Criticality of e-privacy and data leakage amid the pandemic: Privacy-preserving techniques and frameworks
US20230205896A1 (en) Methods for securing data
Mohan et al. Automatic Attack Detection with Machine Learning and Secure Log for Cloud Forensics
Hughes Threat assessment of wearable technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination