CN112804184A

CN112804184A - Data obfuscation method, device and equipment

Info

Publication number: CN112804184A
Application number: CN201911107140.8A
Authority: CN
Inventors: 曹建峰; 万园春; 刘阳
Original assignee: Alibaba Group Holding Ltd
Current assignee: Alibaba Group Holding Ltd
Priority date: 2019-11-13
Filing date: 2019-11-13
Publication date: 2021-05-14
Anticipated expiration: 2039-11-13
Also published as: CN112804184B

Abstract

The embodiment of the invention provides a data obfuscation method, a device and equipment. The method comprises the following steps: acquiring a data confusion request sent by a client and at least one piece of data to be processed, wherein at least one part of the at least one piece of data to be processed is encrypted; performing obfuscation processing on at least one piece of data to be processed according to the data obfuscation request to obtain at least one piece of target data and data operation information corresponding to the at least one piece of data to be processed; and sending the at least one target data and the data operation information to the client. The technical scheme provided by the embodiment effectively realizes that the data can be encrypted under the condition that the plaintext information of the data is not obtained, thereby effectively avoiding the condition of data leakage or data stealing in the process of encrypting the data and ensuring the safety and reliability of data use; in addition, when the data to be processed after the encryption processing is deployed on other clients, the difficulty of stealing the data is increased.

Description

Data obfuscation method, device and equipment

Technical Field

The present invention relates to the field of data processing technologies, and in particular, to a data obfuscating method, apparatus, and device.

Background

Machine learning models are the most valuable intellectual achievement for a team that expends a large amount of manpower and material resources. But in some specific scenarios, it is desirable to deploy the model privatization into the customer local environment. This may cause a series of data security problems for model data, such as: model data leakage, data stealing and the like.

Disclosure of Invention

The embodiment of the invention provides a data obfuscation method, a data obfuscation device and data obfuscation equipment, which can effectively protect data, increase the difficulty of stealing the data and ensure the safety and reliability of data use.

In a first aspect, an embodiment of the present invention provides a data obfuscating method, including:

acquiring a data confusion request sent by a client and at least one piece of data to be processed, wherein at least one part of the at least one piece of data to be processed is encrypted;

performing obfuscation processing on at least one piece of data to be processed according to the data obfuscation request to obtain at least one piece of target data and data operation information corresponding to the at least one piece of data to be processed;

and sending at least one piece of target data and the data operation information to a client.

In a second aspect, an embodiment of the present invention provides a data obfuscating apparatus, including:

the system comprises a first acquisition module, a second acquisition module and a third acquisition module, wherein the first acquisition module is used for acquiring a data confusion request and at least one piece of data to be processed, which are sent by a client, and at least one part of the at least one piece of data to be processed is encrypted;

the first processing module is used for performing obfuscation processing on at least one piece of data to be processed according to the data obfuscation request to obtain at least one piece of target data and data operation information corresponding to the at least one piece of data to be processed;

and the first sending module is used for sending the at least one target data and the data operation information to a client.

In a third aspect, an embodiment of the present invention provides an electronic device, including: a memory, a processor; wherein the memory is configured to store one or more computer instructions, wherein the one or more computer instructions, when executed by the processor, implement the data obfuscation method of the first aspect.

In a fourth aspect, an embodiment of the present invention provides a computer storage medium for storing a computer program, where the computer program is used to make a computer implement the data obfuscation method in the first aspect when executed.

In a fifth aspect, an embodiment of the present invention provides a data obfuscating method, including:

acquiring a data processing request;

determining target data and data operation information corresponding to the data processing request, wherein the target data is subjected to obfuscation processing;

and controlling the target data to perform data processing based on the data processing request and the data operation information, and obtaining a data processing result corresponding to the data processing request.

In a sixth aspect, an embodiment of the present invention provides a data obfuscating apparatus, including:

the second acquisition module is used for acquiring the data processing request;

the first determination module is used for determining target data and data operation information corresponding to the data processing request, and the target data is subjected to obfuscation processing;

and the second processing module is used for controlling the target data to perform data processing based on the data processing request and the data operation information to obtain a data processing result corresponding to the data processing request.

In a seventh aspect, an embodiment of the present invention provides an electronic device, including: a memory, a processor; wherein the memory is configured to store one or more computer instructions, wherein the one or more computer instructions, when executed by the processor, implement the data obfuscation method of the fifth aspect.

In an eighth aspect, an embodiment of the present invention provides a computer storage medium for storing a computer program, where the computer program is used to make a computer implement the data obfuscation method in the fifth aspect when executed.

In a ninth aspect, an embodiment of the present invention provides a data obfuscating method, which is applied to an encryptor, where the encryptor is disposed locally at a client; the method comprises the following steps:

acquiring a data confusion request sent by the client and to-be-processed data corresponding to the data confusion request;

performing obfuscation operation on the data to be processed according to the data obfuscation request to obtain target data corresponding to the data to be processed;

and sending the target data to the client.

In a tenth aspect, an embodiment of the present invention provides an encryption apparatus, where the encryption apparatus is disposed locally at a client; the encryption equipment includes:

the third acquisition module is used for acquiring a data confusion request sent by the client and to-be-processed data corresponding to the data confusion request;

the third processing module is used for performing obfuscation operation on the data to be processed according to the data obfuscation request to obtain target data corresponding to the data to be processed;

and the second sending module is used for sending the target data to the client.

In an eleventh aspect, an embodiment of the present invention provides an electronic device, including: a memory, a processor; wherein the memory is configured to store one or more computer instructions, wherein the one or more computer instructions, when executed by the processor, implement the data obfuscation method of the ninth aspect.

In a twelfth aspect, an embodiment of the present invention provides a computer storage medium for storing a computer program, where the computer program is used to make a computer implement the data obfuscation method in the ninth aspect when executed.

In a thirteenth aspect, an embodiment of the present invention provides a data obfuscating method, including:

receiving a service request sent by a client and consumption information corresponding to the service request;

and generating service credential information corresponding to the client according to the service request and the consumption information.

In a fourteenth aspect, an embodiment of the present invention provides a data obfuscating apparatus, including:

the fourth acquisition module is used for receiving a service request sent by a client and consumption information corresponding to the service request;

and the fourth processing module is used for generating service credential information corresponding to the client according to the service request and the consumption information.

In a fifteenth aspect, an embodiment of the present invention provides an electronic device, including: a memory, a processor; wherein the memory is configured to store one or more computer instructions, wherein the one or more computer instructions, when executed by the processor, implement the data obfuscation method of the thirteenth aspect.

In a sixteenth aspect, an embodiment of the present invention provides a computer storage medium for storing a computer program, where the computer program is used to make a computer implement the data obfuscation method in the thirteenth aspect when executed.

In a seventeenth aspect, an embodiment of the present invention provides a data obfuscation method, including:

acquiring a data confusion request sent by a client and a plurality of data to be processed;

sequentially performing obfuscation processing on the data to be processed according to the data obfuscation request to obtain a plurality of target data and one data operation information corresponding to the data to be processed;

and sending the target data and the data operation information to a client.

In an eighteenth aspect, an embodiment of the present invention provides a data obfuscating apparatus, including:

the fifth acquisition module is used for acquiring a data confusion request sent by the client and a plurality of data to be processed;

the fifth processing module is used for sequentially performing obfuscation processing on the data to be processed according to the data obfuscation request to obtain a plurality of target data and one piece of data operation information corresponding to the data to be processed;

and the third sending module is used for sending the target data and the data operation information to a client.

In a nineteenth aspect, an embodiment of the present invention provides an electronic device, including: a memory, a processor; wherein the memory is configured to store one or more computer instructions, wherein the one or more computer instructions, when executed by the processor, implement the data obfuscation method of the seventeenth aspect.

In a twentieth aspect, an embodiment of the present invention provides a computer storage medium for storing a computer program, which, when executed by a computer, implements the data obfuscation method in the seventeenth aspect.

According to the data obfuscation method, the device and the equipment provided by the embodiment, at least one part of at least one piece of data to be processed is encrypted by acquiring a data obfuscation request sent by a client and the at least one piece of data to be processed; then, according to the data obfuscation request, obfuscating at least one piece of data to be processed, and sending the obtained at least one piece of target data and the obtained data operation information to a client, so that the data can be encrypted under the condition that plaintext information of the data is not obtained, the condition that data is leaked or stolen in the process of encrypting the data is effectively avoided, and the safety and reliability of data use are guaranteed; in addition, when the data after being encrypted is deployed on other clients, the data can be effectively protected, the difficulty of stealing the data is increased, the safety and reliability of data use are ensured, the practicability of the method is further improved, and the method is favorable for popularization and application in the market.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.

FIG. 1 is a flow chart of a data obfuscation method according to an embodiment of the present invention;

FIG. 2 is a diagram of graph structure data corresponding to a machine learning model according to an embodiment of the present invention;

fig. 3 is a flowchart illustrating obfuscating at least one piece of to-be-processed data according to the data obfuscating request to obtain at least one piece of target data and data operation information corresponding to the at least one piece of to-be-processed data according to the embodiment of the present invention;

fig. 4 is a first flowchart of obtaining target data and data operation information corresponding to the data to be processed according to the embodiment of the present invention;

fig. 5 is a second flowchart of obtaining target data and data operation information corresponding to the data to be processed according to the embodiment of the present invention;

FIG. 6 is a first flowchart of another data obfuscation method according to an embodiment of the present invention;

FIG. 7 is a second flowchart of another data obfuscation method according to an embodiment of the present invention;

fig. 8 is a first flowchart of controlling the target data to perform data processing based on the data processing request and the data operation information according to the embodiment of the present invention;

fig. 9 is a second flowchart of controlling the target data to perform data processing based on the data processing request and the data operation information according to the embodiment of the present invention;

FIG. 10 is a schematic diagram of an application scenario of a data obfuscation method according to an embodiment of the present invention;

FIG. 11 is a first flowchart illustrating a data obfuscation method according to an embodiment of the present invention;

FIG. 12 is a second flowchart illustrating a data obfuscation method according to an embodiment of the present invention;

fig. 13 is a third schematic flowchart of a data obfuscation method according to an embodiment of the present invention;

FIG. 14 is a first flowchart of a further data obfuscation method according to an embodiment of the present invention;

FIG. 15 is a flowchart illustrating a second method for obfuscating data according to an embodiment of the present invention;

FIG. 16 is a flowchart III of a further data obfuscation method according to an embodiment of the present invention;

FIG. 17 is a first flowchart of another data obfuscation method according to an embodiment of the present invention;

FIG. 18 is a second flowchart of another data obfuscation method according to an embodiment of the present invention;

fig. 19 is a first schematic view of an application scenario of a data obfuscation method according to an application embodiment of the present invention;

fig. 20 is a schematic view of an application scenario of a data obfuscation method according to an application embodiment of the present invention;

fig. 21 is a schematic view showing an application scenario of a data obfuscation method according to an application embodiment of the present invention;

FIG. 22 is a flow chart of another method of data obfuscation according to an embodiment of the present invention;

FIG. 23 is a diagram illustrating a data obfuscation method according to an embodiment of the present invention;

FIG. 24 is a first schematic structural diagram of a data obfuscation device according to an embodiment of the present invention;

FIG. 25 is a schematic structural diagram of an electronic device corresponding to the data obfuscation device shown in FIG. 24;

FIG. 26 is a second schematic structural diagram of a data obfuscation device according to an embodiment of the present invention;

FIG. 27 is a schematic structural diagram of an electronic device corresponding to the data obfuscation device in the embodiment shown in FIG. 26;

fig. 28 is a schematic structural diagram of an encryption apparatus according to an embodiment of the present invention;

fig. 29 is a schematic structural diagram of an electronic device corresponding to the encryption device provided in the embodiment shown in fig. 28;

FIG. 30 is a third schematic structural diagram of a data obfuscation device according to an embodiment of the present invention;

FIG. 31 is a schematic structural diagram of an electronic device corresponding to the data obfuscation device in the embodiment shown in FIG. 30;

fig. 32 is a fourth schematic structural diagram of a data obfuscation device according to an embodiment of the present invention;

fig. 33 is a schematic structural diagram of an electronic device corresponding to the data obfuscating apparatus provided in the embodiment shown in fig. 32.

Detailed Description

In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, and "a" and "an" generally include at least two, but do not exclude at least one, unless the context clearly dictates otherwise.

It should be understood that the term "and/or" as used herein is merely one type of association that describes an associated object, meaning that three relationships may exist, e.g., a and/or B may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.

The words "if", as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to a detection", depending on the context. Similarly, the phrases "if determined" or "if detected (a stated condition or event)" may be interpreted as "when determined" or "in response to a determination" or "when detected (a stated condition or event)" or "in response to a detection (a stated condition or event)", depending on the context.

It is also noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a good or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such good or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a commodity or system that includes the element.

In order to facilitate understanding of the technical solutions of the present application, the following briefly describes the prior art:

machine learning models are the most valuable intellectual achievement for a team that expends a large amount of manpower and material resources. However, in some specific scenarios, the model needs to be privatized and deployed in the local environment of the client, which may cause the problem of model data leakage. In order to prevent the problems of model data leakage and data theft, a model protection tool may be used to perform encryption processing on the machine learning model, and specifically, the step of performing encryption processing on the machine learning model may include:

(1) and the user sends the machine learning model to a server side for encryption processing.

(2) The server side encrypts the machine learning model and then returns the encrypted model and the related file to the client side.

(3) After the client acquires the encrypted model and the relevant files, the client can deploy the model and the relevant files into a privatization environment.

However, in the above data encryption process, the client transmits the plaintext of the model to the server for reinforcement, so that the client has a trust problem with the server, that is, the client needs to trust the server. Therefore, this approach is still risky for the customer, who is concerned about the server leaking relevant model data. In order to solve the above trust problem, the model data may be processed by using a homomorphic encryption method, however, for the implementation method of homomorphic encryption, the constraint condition is relatively strict, and the efficiency of data processing is very low.

Some embodiments of the invention are described in detail below with reference to the accompanying drawings. The features of the embodiments and examples described below may be combined with each other without conflict between the embodiments.

FIG. 1 is a flow chart of a data obfuscation method according to an embodiment of the present invention; referring to fig. 1, the present embodiment provides a data obfuscation method, the main execution body of which is a data obfuscation device, it is understood that the data obfuscation device may be a server, and the server may be implemented as software, or a combination of software and hardware; specifically, the data obfuscation method may include:

s101: the method comprises the steps of obtaining a data confusion request sent by a client and at least one piece of to-be-processed data, wherein at least one part of the at least one piece of to-be-processed data is encrypted.

The data obfuscation request is used for obfuscating the data to be processed, and the data to be processed may include graph structure data which is encrypted and corresponds to the machine learning model; the number of the at least one piece of data to be processed can be one or more pieces of data to be processed; when the number of the data to be processed is one, the data to be processed can be graph structure data which is subjected to encryption processing and corresponds to the machine learning model; when the number of the data to be processed is multiple, at least a part of the multiple data to be processed is graph structure data which is subjected to encryption processing and corresponds to the machine learning model.

In addition, when the data to be processed is graph structure data corresponding to the machine learning model, different machine learning models correspond to different graph structure data, as shown in fig. 2, a graph structure of the machine learning model is provided, which includes: the method comprises the steps of inputting a node placeholder, a convolutional layer computing node conv2D, a first matrix addition node relu, a first data pooling layer maxpool, a second matrix addition node biasAdd, a second data pooling layer avgpoll, a connecting layer concat, a normalized softmax and the like, wherein the placeholder is used for inputting parameters, conv2D is used for analyzing and calculating the input parameters, the relu node and the biasAdd are used for realizing matrix addition processing of data after analysis and calculation, maxpool is used for pooling storage of maximum data after processing of the relu node, and avgpoll is used for pooling storage of average data after processing of the biasAdd node; the concat node is used for performing fusion processing on the maximum data and the average data stored in the pooling mode, and the softmax node is used for performing normalization processing on a processing result. Of course, those skilled in the art may also set the graph structure of the machine learning model as another graph structure according to specific application requirements and application scenarios, which are not described herein again.

It should be noted that the to-be-processed data may refer to graph structure data corresponding to the machine learning model, or may refer to other types of data, for example, the to-be-processed data may be frame structure data, diagram data, and the like corresponding to a certain product or a certain system, and those skilled in the art may set the to-be-processed data according to a specific application scenario and an application requirement, which are not described herein again.

S102: and performing obfuscation processing on at least one piece of data to be processed according to the data obfuscation request to obtain at least one piece of target data and data operation information corresponding to the at least one piece of data to be processed.

After the data obfuscation request and the at least one piece of to-be-processed data are acquired, obfuscating the at least one piece of to-be-processed data according to the data obfuscation request, so that at least one piece of target data and data operation information corresponding to the at least one piece of to-be-processed data can be acquired, wherein the target data can be acquired by obfuscating the to-be-processed data, and the data operation information includes relevant information corresponding to the target data and used for operating the target data.

S103: and sending the at least one target data and the data operation information to the client.

After the at least one target data and the data operation information are acquired, the at least one target data and the data operation information may be sent to the client, so that the client may operate the at least one target data according to the data operation information.

For example, when the data to be processed is graph structure data which is subjected to encryption processing and corresponds to the machine learning model, and the number of the data to be processed is one; after data to be processed sent by a client is obtained, confusion processing can be carried out on the data to be processed, so that target data and data operation information corresponding to the data to be processed can be obtained, then the target data and the data operation information can be returned to the client, the target data is a machine learning model reinforced by a server, and then the client can deploy the machine learning model reinforced by the server to other clients locally, so that the machine learning model can be effectively protected, the difficulty of stealing the machine learning model is increased, and the safety and reliability of the use of the machine learning model are ensured; in addition, in the process that the server encrypts the machine learning model, the server cannot acquire plaintext data of the machine learning model, so that the problem that the server has trust in the prior art is solved, the condition that the data is leaked in the process of processing the data by the server is effectively avoided, and the safety and reliability of the data are further ensured.

In addition, when the number of the at least one piece of data to be processed is plural, at least a part of the plural pieces of data to be processed may be graph structure data which is subjected to encryption processing and corresponds to the machine learning model, for example: the data to be processed comprises: the client side comprises a first model, a second model and a third model, wherein for the client side, the first model, the second model and the third model are model data which are subjected to encryption processing, and the third model is model data which are not subjected to encryption processing; or, the model one, the model two and the model three may all be model data subjected to encryption processing; further alternatively, any one of the model one, the model two, and the model three is the encrypted model data, and the other two are the model data that is not encrypted. Any arrangement may be made by those skilled in the art according to the specific application and design requirements, and will not be described herein.

Continuing the above content, after acquiring a plurality of pieces of to-be-processed data sent by the client, the server may sequentially encrypt the plurality of pieces of to-be-processed data, so as to obtain a plurality of pieces of target data corresponding to the plurality of pieces of to-be-processed data and at least one piece of data operation information, where the number of the data operation information at this time may be one or more, and when the number of the data operation information is one, the data operation information may include related information for operating all pieces of target data; when the number of the data operation information is multiple, each data operation information may include related information for operating the corresponding target data. And then, returning a plurality of target data and at least one piece of data operation information to the client, wherein the target data is a machine learning model reinforced by the server, and the machine learning model can comprise a machine learning model subjected to encryption processing and a machine learning model not subjected to encryption processing by the client. Then, the client can deploy the machine learning model reinforced by the server to other local clients, so that the multiple machine learning models can be effectively protected at the same time, the difficulty of stealing the multiple machine learning models is increased, and the safety and reliability of the multiple machine learning models in use at the same time are ensured; in addition, in the process that the client side encrypts the plurality of machine learning models through the server, the server cannot acquire plaintext data of all the machine learning models, so that the problem that the server side is trusted in the prior art is solved, the condition that the data is leaked in the process that the server encrypts the data is effectively avoided, and the safety and reliability of the data are further ensured.

In the data obfuscation method provided by this embodiment, by acquiring a data obfuscation request sent by a client and at least one piece of to-be-processed data, at least a part of the at least one piece of to-be-processed data is encrypted; then, according to the data obfuscation request, obfuscating at least one piece of data to be processed, and sending the obtained at least one piece of target data and the obtained data operation information to a client, so that the data can be encrypted under the condition that plaintext information of the data is not obtained, the condition that data is leaked or stolen in the process of encrypting the data is effectively avoided, and the safety and reliability of data use are guaranteed; in addition, when the data after being encrypted is deployed on other clients, the data can be effectively protected, the difficulty of stealing the data is increased, the safety and reliability of data use are ensured, the practicability of the method is further improved, and the method is favorable for popularization and application in the market.

Fig. 3 is a flowchart illustrating obfuscating at least one to-be-processed data according to a data obfuscating request to obtain at least one target data and data operation information corresponding to the at least one to-be-processed data according to an embodiment of the present invention; based on the foregoing embodiment, with reference to fig. 3, a specific implementation manner of performing obfuscation processing on at least one to-be-processed data according to a data obfuscation request is not limited in this embodiment, and a person skilled in the art may set the implementation manner according to specific application requirements and design requirements, and preferably, performing obfuscation processing on at least one to-be-processed data according to a data obfuscation request in this embodiment to obtain at least one target data and data operation information corresponding to at least one to-be-processed data may include:

s201: in each data to be processed, at least one operation node corresponding to the data obfuscation request is determined.

After the to-be-processed data is acquired, the to-be-processed data can be analyzed, so that at least one operation node corresponding to the data obfuscation request can be determined, that is, the operation node is an operation node which needs to be encrypted. It can be understood that the data to be processed includes a plurality of operation nodes, for the operation nodes, the operation nodes may be divided into operation nodes that need to be encrypted and operation nodes that do not need to be encrypted according to design requirements and application requirements, and at this time, in order to improve quality and efficiency of data processing, at least one operation node that performs encryption processing corresponding to the data to be processed may be determined, so as to perform encryption operation on the determined operation node, thereby implementing obfuscation processing on the data to be processed. Specifically, when at least one operation node is determined, all operation nodes included in the data to be processed may be obtained first; traversing all the operation nodes according to preset configuration parameters, and determining at least one operation node corresponding to the data to be processed, wherein the preset configuration parameters correspond to the operation nodes to be protected in the data to be processed; the method has the advantages that all the operation nodes included in the data to be processed are obtained, all the operation nodes are traversed according to the preset configuration parameters, and at least one operation node corresponding to the data to be processed is determined, so that the method is simple and reliable in implementation mode, high in data processing efficiency, accurate and reliable in determining the operation nodes, and the safety and reliability of the method are effectively improved.

It is noted that there is another way to implement when determining at least one operational node corresponding to data to be processed, namely: acquiring an execution operation input by a user for data to be processed; and determining at least one operation node corresponding to the data to be processed according to the execution operation. Specifically, for a plurality of operation nodes included in the data to be processed, if a user wants to perform an encryption protection operation on a certain operation node, the user may input an execution operation on the operation node, where the execution operation may be a click operation, a sliding operation, or the like; after the execution operation input by the user for the operation node is obtained, the operation node can be determined as at least one operation node corresponding to the data to be processed according to the execution operation, so that the operation node needing encryption protection is determined through the interaction operation of the user, the determined operation node can meet the requirement of the user, and the accuracy and reliability of determining the at least one operation node corresponding to the data confusion request are further ensured.

S202: and performing obfuscation processing on at least one operation node according to the data obfuscation request to obtain target data and data operation information corresponding to the data to be processed, wherein the data operation information comprises operation codes of the data to be processed.

After the at least one operation node is obtained, encryption obfuscation processing may be performed on the at least one operation node, so that target data and data operation information corresponding to the data to be processed may be obtained, where the target data includes the encrypted operation node after the encryption processing, and the data operation information may include an operation code corresponding to the data to be processed, and it may be understood that the operation code may include code information and operation data corresponding to the data to be processed; moreover, the data operation information may include not only the operation code but also call interface data corresponding to the data to be processed, and the like.

For example, the at least one operation node corresponding to the data to be processed includes: after the operation nodes are obtained, the operation nodes a, B and C may be encrypted by using a preset first encryption algorithm, so that an encryption operation node a ', an encryption operation node B' and an encryption operation node C 'may be obtained, and target data corresponding to the data to be processed may be determined according to the encryption operation node a', the encryption operation node B ', the encryption operation node C' and other operation nodes in the data to be processed.

It should be noted that, when the operation node a, the operation node B, and the operation node C are encrypted, the encryption algorithms corresponding to the operation node a, the operation node B, and the operation node C may be the same or different, that is, the preset first encryption algorithm may be used to encrypt the operation node a, the preset second encryption algorithm may be used to encrypt the operation node B, and the preset third encryption algorithm may be used to encrypt the operation node C, or the preset first encryption algorithm may be used to encrypt the operation node a and the operation node B, the preset second encryption algorithm may be used to encrypt the operation node C, and so on, and those skilled in the art may set according to specific application requirements and design requirements as long as the encryption processing can be performed on at least one operation node to obtain target data corresponding to data to be processed, and will not be described in detail herein.

In the embodiment, the target data corresponding to the data to be processed is obtained by determining the at least one operation node corresponding to the request to be processed and performing obfuscation on the at least one operation node, so that the data to be processed is effectively encrypted and obfuscated to be the target data, at this time, when the client sends the target data to a user or is deployed in a local environment of the user side, the data to be processed cannot be easily identified by the user or other attackers, the data to be processed is effectively protected, the difficulty of stealing the data to be processed is increased, and the safety and reliability of the use of the data to be processed are ensured.

Fig. 4 is a first flowchart of obtaining target data and data operation information corresponding to data to be processed according to an embodiment of the present invention; on the basis of the above embodiment, with continuing reference to fig. 4, when obtaining the target data and the data operation information corresponding to the data to be processed, an achievable way is that obtaining the target data and the data operation information corresponding to the data to be processed may include:

s301: and acquiring a confusion operation node corresponding to the data to be processed, wherein the confusion operation node is obtained by carrying out confusion processing on the operation node.

S302: node identification information corresponding to the obfuscated operational node is determined.

S303: and storing the node operation code corresponding to the confusion operation node into the data operation information according to the node identification information.

Specifically, after obfuscating at least one operation node in the data to be processed, an obfuscated operation node corresponding to the operation node may be obtained, and then node identification information corresponding to the obfuscated operation node may be determined, where the node identification information may correspond to an encryption algorithm used for obfuscating and encrypting the operation node, and different encryption algorithms may correspond to different encryption identifiers, and the added node identification information may quickly identify that the operation node is the obfuscated operation node subjected to the obfuscating and encrypting by the encryption algorithm. After the node identification information is acquired, the node identification information and the node running code corresponding to the obfuscated operation node can be stored in the data running information in an associated mode, so that the data to be processed can be run on the basis of the data running information at the client, when the obfuscated operation node is run, the corresponding node running information can be found on the basis of the node identification information corresponding to the obfuscated operation node, then the obfuscated operation node is made to perform corresponding data processing operation on the basis of the node running information, and therefore the stable reliability of the use of the data to be processed is guaranteed.

Fig. 5 is a second flowchart of obtaining target data and data operation information corresponding to data to be processed according to the embodiment of the present invention; on the basis of the foregoing embodiment, with continuing reference to fig. 5, when obtaining the target data and the data operation information corresponding to the data to be processed, another achievable way is that obtaining the target data and the data operation information corresponding to the data to be processed may include:

s401: and when the operation node is an encrypted node subjected to encryption processing, acquiring encrypted parameters and key path information corresponding to the encrypted node.

S402: and storing the encrypted parameters and the key path information corresponding to the encrypted nodes into the data operation information.

Specifically, when the server performs obfuscation processing on the determined at least one operation node, the operation node performing obfuscation processing may include two types: the encryption nodes which are encrypted by the client and the operation nodes which are not encrypted by the client. When the operation node is an encrypted node which is subjected to encryption processing, in order to ensure that the client can stably and effectively operate target data which is subjected to encryption processing on the server, encrypted parameters and key path information corresponding to the encrypted node can be obtained, wherein the key path information is storage position information of a storage key in the client, and the key is used for decrypting encrypted parameters corresponding to the encrypted node. Specifically, the obtaining of the key path information corresponding to the encryption node may include:

s501: node identification information corresponding to the encrypted node is determined.

S502: and sending path request information to the client according to the node identification information so that the client returns the key path information corresponding to the node identification information according to the path request information.

S503: and receiving the key path information sent by the client.

When the client encrypts the operation node, in order to quickly identify the encrypted node and the unencrypted node, corresponding encrypted identification information may be added to the node identification information corresponding to the encrypted node, and the added encrypted identification information may have an association relationship with the key path information. Therefore, when the key path information corresponding to the encryption node is obtained, the node identification information corresponding to the encryption node can be determined, then the path request information is sent to the client according to the node identification information, after the client receives the path request information, the path request information can be analyzed and identified, so that the node identification information corresponding to the path request information can be obtained, then the key path information corresponding to the node identification information can be determined, and then the key path information can be returned to the server, so that the server can stably receive the key path information. After the key path information is obtained, the encrypted parameters and the key path information corresponding to the encrypted node can be stored in the data operation information, so that the encrypted node can be operated stably and reliably at the client based on the data operation information.

FIG. 6 is a flow chart of another data obfuscation method according to an embodiment of the present invention; referring to fig. 6, the present embodiment provides another data obfuscation method, where the main execution body of the data obfuscation method is a data obfuscation device, it is understood that the data obfuscation device may be a client, and the client may be implemented as software or a combination of software and hardware; specifically, the data obfuscation method may include:

s601: and acquiring a data processing request.

The data processing request is a request for calling a corresponding machine learning model to perform data processing operation, and the data processing request may include to-be-processed data corresponding to the machine learning model, so that the client may control the machine learning model to perform the corresponding data processing operation based on the to-be-processed data. In addition, the specific implementation manner of obtaining the data processing request is not limited in this embodiment, and those skilled in the art may set the data processing request according to specific application requirements and design requirements, for example: the data processing request can be request information sent to the client by other devices; or, the data processing request generated by the user for the execution operation input by the client may also be obtained, as long as the stability and reliability of obtaining the data processing request can be ensured, which is not described herein again.

S602: and determining target data and data operation information corresponding to the data processing request, wherein the target data is subjected to obfuscation processing.

After the to-be-processed request is acquired, target data and data operation information corresponding to the data processing request can be determined, in particular application, the target data is a machine learning model subjected to obfuscation processing, and the data operation information can include an operation code corresponding to the target data.

S603: and performing data processing on the data based on the data processing request and the data operation information control target data to obtain a data processing result corresponding to the data processing request.

After the data operation information and the target data are acquired, the target data can be controlled to perform data processing operation based on the data processing request and the data operation information, and then a data processing result corresponding to the data processing request can be acquired.

For example: taking a machine learning model as an original data example, in order to ensure the safety and reliability of the use of the machine learning model, a client can firstly encrypt the machine learning model to obtain an encryption model, then, in order to further ensure the safety and reliability of the use of the encryption model, the encryption model can be sent to a server, and after the server obtains the encryption model, the server can perform reinforcement and confusion processing on the encryption model, so that a target model corresponding to the encryption model can be obtained, and then the target model can be sent to the client; after the client receives the target model after the reinforcement and confusion processing, data processing operation can be performed based on the target model, specifically, after the data processing request is obtained, the target model and the data operation information corresponding to the data processing request can be determined, then, the target model can be controlled to perform data processing operation based on the data processing request and the data operation information, and a corresponding data processing result can be obtained.

According to the data obfuscation method provided by the embodiment, the target data and the data operation information corresponding to the data processing request are determined by obtaining the data processing request, and then the target data is controlled to be processed based on the data processing request and the data operation information, so that the data processing result corresponding to the data processing request is obtained, on the basis of effectively protecting the target data, the accuracy and the reliability of obtaining the data processing result are effectively improved, and the safety and the reliability of using the data are further improved.

FIG. 7 is a second flowchart of another data obfuscation method according to an embodiment of the present invention; on the basis of the foregoing embodiment, with continued reference to fig. 7, before acquiring the data processing request, the method in this embodiment may further include:

s701: and sending a data confusion request and the data to be processed to the server, wherein the data to be processed is encrypted.

S702: and receiving target data and data operation information which are sent by the server and correspond to the data to be processed, wherein the target data are obtained by performing obfuscation processing on the data to be processed.

Specifically, after the data processing request is obtained, in order to achieve effective protection of the data to be processed and avoid the situation of data leakage or data theft in the data processing process of the server, the client may send a data confusion request and the data to be processed to the server, where the data to be processed is encrypted; after the server acquires the data to be processed, encryption and obfuscation processing can be performed on the data to be processed, so that target data and data operation information corresponding to the data to be processed can be acquired, the acquired target data and data operation information can be sent to the client, the client can receive the target data and data operation information corresponding to the data to be processed sent by the server, and the target data at the moment are acquired by obfuscating the data to be processed.

In the embodiment, the data confusion request and the data to be processed are sent to the server, and then the target data and the data operation information which are sent by the server and correspond to the data to be processed are received, so that the accuracy and the reliability of the target data acquisition are effectively ensured, and the client can execute corresponding data processing operation on the target data based on the data operation information, so that the safety and the reliability of the use of the target data are further ensured.

Fig. 8 is a first flowchart of data processing based on a data processing request and data operation information control target data according to an embodiment of the present invention; based on the foregoing embodiment, with reference to fig. 8, in this embodiment, a specific implementation manner of performing data processing on the control target data based on the data processing request and the data operation information is not limited, and a person skilled in the art may set the data processing on the basis of a specific application requirement and design requirement information, where an implementation manner of performing data processing on the control target data based on the data processing request and the data operation information in this embodiment may include:

s801: and when the node runs to the confusion operation node in the target data, acquiring node identification information corresponding to the confusion operation node.

S802: and determining a node running code corresponding to the confusion operation node in the data running information according to the node identification information.

S803: and controlling the confusion operation node to perform data processing by using the node operation code to obtain a node processing result.

The target data may be a machine learning model subjected to a reinforcement obfuscation processing operation, and the target data in this case may include a plurality of operation nodes, where the plurality of operation nodes may include obfuscated operation nodes subjected to the reinforcement obfuscation processing and operation nodes not subjected to the reinforcement obfuscation processing. When the target data is controlled to perform data processing based on the data processing request and the data operation information, operation nodes included in the target data can be operated, and when the operation nodes are operated to the obfuscated operation nodes in the target data, the obfuscated operation nodes are obtained by performing obfuscation processing operation through a server, so that when the obfuscated operation nodes are operated, the data operation information corresponding to the obfuscated operation nodes needs to be called; specifically, node identification information corresponding to the obfuscated operation node may be acquired, and then, based on the node identification information, a node operation code corresponding to the obfuscated operation node is determined in the data operation information, and the node operation code may be used to control the obfuscated operation node to perform data processing, so that a node processing result may be acquired. It is conceivable that, after the node processing result is acquired, other operation nodes in the target data may continue to be run based on the node processing result, so that the data processing result corresponding to the data processing request may be acquired.

In the embodiment, when the operation node is obfuscated in the target data, the node identification information corresponding to the obfuscated operation node is obtained, the node operation code corresponding to the obfuscated operation node is determined in the data operation information according to the node identification information, and then the node operation code is used for controlling the obfuscated operation node to perform data processing, so that a node processing result is obtained, the stable reliability of data processing on the operation node in the target data is effectively achieved, and the practicability of the method is further improved.

Fig. 9 is a second flowchart of data processing based on a data processing request and data operation information control target data according to an embodiment of the present invention; on the basis of the foregoing embodiment, with reference to fig. 9, as for data processing based on the data processing request and the data operation information control target data, another achievable way is that, in the embodiment, the data processing based on the data processing request and the data operation information control target data may include:

s901: and when the target data runs to the encryption node in the target data, acquiring a decryption key and an encrypted parameter corresponding to the encryption node.

S902: and decrypting the encrypted parameters by using the decryption key to obtain decrypted parameters corresponding to the encryption nodes.

S903: and carrying out data processing by using the decrypted parameters to obtain a node processing result.

The target data may be a machine learning model subjected to a reinforcement obfuscation processing operation, and the target data may include a plurality of operation nodes, where the plurality of operation nodes may include an encrypted node subjected to client encryption processing and an operation node not subjected to client encryption processing. When the target data is controlled to perform data processing based on the data processing request and the data operation information, an operation node included in the target data can be operated, and when the encryption node in the target data is operated, as the encryption node performs encryption processing through the client, a decryption key and an encrypted parameter corresponding to the encryption node are required to be acquired when the encryption node is operated; specifically, the obtaining of the decryption key and the encrypted parameter corresponding to the encryption node may include:

s1001: acquiring node identification information corresponding to the encrypted node;

s1002: according to the node identification information, determining key path information and encrypted parameters corresponding to the encrypted node in the data operation information;

s1002: and acquiring a decryption key corresponding to the encrypted parameter by using the key path information.

After the encryption node is obtained, in order to achieve stable reliability of operation of the encryption node, node identification information corresponding to the encryption node can be obtained, then key path information and encrypted parameters corresponding to the encryption node are obtained in data operation information according to the node identification information, and then a decryption key corresponding to the encrypted parameters is obtained by using the key path information. After the decryption key is obtained, the encrypted parameter can be decrypted by using the decryption key, so that the decrypted parameter corresponding to the encryption node can be obtained, and then the decrypted parameter can be used for data processing, so that a node processing result corresponding to the encryption node can be obtained. It is conceivable that, after the node processing result is acquired, other operation nodes in the target data may continue to be run based on the node processing result, so that the data processing result corresponding to the data processing request may be acquired.

In this embodiment, when the target data is run to the encrypted node, the decryption key and the encrypted parameter corresponding to the encrypted node are obtained, the encrypted parameter is decrypted by using the decryption key, the decrypted parameter corresponding to the encrypted node is obtained, and then the data processing can be performed by using the decrypted parameter, so as to obtain a node processing result, thereby effectively achieving stable reliability of data processing on the operation node in the target data, and further improving the practicability of the method.

In specific application, referring to fig. 10 to 13, an execution main body of the data obfuscation method includes a client and a server, where, taking an original machine learning model (i.e., plaintext data of the machine learning model) as an example of data to be processed, the client may encrypt the original machine learning model to obtain an encryption model; the server can perform reinforcement obfuscation operations on the encryption model so that the target model can be obtained and returned to the client. The server acquires the encrypted model after encryption processing, so that the problem of trust of the client to the server when the server is used for performing obfuscation processing operation is effectively solved. Specifically, the data obfuscation method may include a model encryption processing part, a model compilation processing part, a model decryption processing part, and a model execution processing part. The following is a detailed description of the above components:

model encryption processing

The client can encrypt the original model, and when encrypting the original model, the client mainly encrypts node parameters corresponding to some operation nodes in the original model. Referring to fig. 11, after acquiring the original model, the client may perform encryption processing on the original model, which may specifically include the following steps:

step 1: and traversing all operation nodes OP included in the original model, and encrypting the supportable OP.

After the original model is obtained, all OPs in the original model can be traversed, whether each OP supports encryption operation is judged, specifically, after all OPs are obtained, whether corresponding node parameters exist in all OPs correspondingly can be judged, and if the OP has the node parameters, the OP node can be determined to support the encryption operation; if the OP does not have the node parameter, it may be determined that the OP node does not support the encryption operation.

step 2: if the OP can support the encryption operation, the node parameters corresponding to the OP are encrypted, and if the OP does not support the encryption operation, the next node is continuously traversed.

step 3: after all OPs have been traversed, the encrypted results are written into the model, thereby generating a new encryption model.

Then the client can send the encrypted model to the server, and the key of the encryption parameter can be stored locally at the client; so that the server can reinforce the encrypted model after encryption processing, and further ensure the safety and reliability of the original model.

Model compilation process

After the server can obtain the encryption model sent by the client, the server can perform compilation processing on the encryption model, that is, perform reinforcement and obfuscation processing on the encryption model, so as to obtain a target model after reinforcement processing and data operation information, where the data operation information may be stored in a data information base, which may be referred to as a dynamic link base. Specifically, referring to fig. 12, when compiling the cryptographic model, the method may include the following steps:

step 21: and searching a supportable subgraph list from the encryption model.

The sub-graph list may include identification information corresponding to a plurality of sub-graph data, and specifically, after the encryption model is obtained, the encryption model may be analyzed and recognized, so that at least one sub-graph data corresponding to the encryption model may be recognized, and the sub-graph list corresponding to the encryption model may be determined based on all sub-graph data.

Specifically, when at least one sub-graph data corresponding to the encryption model is determined, all operation nodes included in the data to be processed can be acquired; acquiring preset configuration parameters, wherein the preset configuration parameters correspond to operation nodes to be protected in data to be processed; traversing all the operation nodes according to preset configuration parameters, and determining sub-graph nodes corresponding to the sub-graph data; and determining at least one piece of sub-graph data corresponding to the data to be processed according to the sub-graph nodes. Of course, a person skilled in the art may also determine the at least one sub-graph data corresponding to the encryption model in other manners, as long as the accuracy and reliability of the determination of the at least one sub-graph data corresponding to the encryption model can be ensured, which is not described herein again.

step 22: and replacing the subgraph data in the subgraph list with a plug-in OP to generate a reinforced target model.

Specifically, when the sub-graph data is replaced by the plug-in OP, the output-input relationship corresponding to the sub-graph data may be obtained, and then the sub-graph data is replaced by the preset plug-in OP corresponding to the sub-graph data according to the output-input relationship, so as to obtain the target data corresponding to the data to be processed. When there are a plurality of sub-graph data, the preset plug-in corresponding to the sub-graph data includes: identification information corresponding to the sub-picture data.

step 23: and carrying out confusion transformation on the sub-graph data.

Specifically, one way to perform obfuscation transformation on sub-graph data may include: obtaining invalid nodes corresponding to the sub-graph data, wherein the invalid nodes comprise identification information for identifying the invalidity of the nodes; and adding invalid nodes in the sub-graph data to obtain target sub-graph data corresponding to the sub-graph data.

Another way to obfuscate the sub-graph data may include: in the sub-graph data, acquiring a node to be split and an input-output relation corresponding to the node to be split; splitting a node to be split into at least two child nodes; and replacing the node to be split into at least two child nodes according to the input and output relation.

Yet another way to obfuscate the sub-map data may include: acquiring a judgment node corresponding to the sub-graph data, and judging whether a judgment logic corresponding to the judgment node is true; and adding the judgment node into the sub-graph data to obtain target sub-graph data corresponding to the sub-graph data.

Yet another way to obfuscate the sub-graph data may include: when the sub-graph data comprises parallel branches, all branch nodes included in the parallel branches are obtained; and adjusting the execution sequence of all the branch nodes to obtain target sub-graph data corresponding to the sub-graph data. In addition, when the execution sequence of all the branch nodes is adjusted, the method further comprises the following steps: the input-output relationship in each branch is kept unchanged.

step 24: and generating a corresponding execution sequence for the sub-graph data subjected to the obfuscation processing, and generating corresponding data operation information for each OP in the sub-graph data, wherein the data operation information may include an operation code and operation data corresponding to each OP.

When the obfuscated operation node is an encryption node, in order to enable the operation code corresponding to the OP to implement decryption operation on the encryption node, decryption information may be inserted into the operation code corresponding to the OP, where the decryption information may include a key storage path, and at this time, the server end does not obtain the key information, so that decryption operation cannot be performed on the model, and thus, the security and reliability of the encryption model in the server are ensured.

Model decryption processing

After the client acquires the target model returned by the server, the client can decrypt the encrypted target model. Because the original model is encrypted at the client, an encryption model is generated; and then transmitting the encryption model to a remote server for reinforcement processing to generate a target model. At this time, the server does not necessarily reinforce all encrypted OPs (operation nodes). Then, for the encrypted OP that is not hardened, the client needs to decrypt it, otherwise it cannot run. Specifically, referring to fig. 13, the step of decrypting the model includes:

step 31: and acquiring the target model after reinforcement processing, and traversing an OP (operation node) in the target model.

step 32: it is determined whether the parameters of each OP have been encrypted. If the node is the encryption node, the encrypted parameter corresponding to the encryption node is decrypted by using the pre-stored key. If not, the next node is traversed.

step 33: and traversing all the OPs, and writing the final result into the model, so that the model data after the reinforcement processing can be obtained.

Fourth, model operation processing

After the model data after the reinforcement processing and the encryption processing are obtained, the model data may be operated based on the model data, and a corresponding data processing result is obtained, specifically, the model data may be operated using a corresponding model operation framework. When the model data is run to the plug-in OP, the plug-in OP automatically jumps to the data running information to run the sub-graph running code corresponding to the plug-in OP. If some OP parameters in the subgraph are encrypted parameters, the key can be read first, then the encrypted parameters are decrypted by using the key, then the decrypted parameters are used for operation, and finally the operation result of the model is obtained. The method comprises the following specific steps:

step 41: when the model data runs to the plug-in OP, 2 attribute values of the plug-in OP, namely a model id and a subgraph id, are obtained, and the two attributes are used for indicating data running information of the plug-in OP needing to jump.

step 42: and constructing a unique identifier according to the model id and the sub-graph id, and searching a node operation code corresponding to the unique identifier in the data operation information.

step 43: and running based on the node running code, and reading the key into the memory according to the key path information during running.

step 44: and judging whether the node running code has the content needing to be decrypted, if so, decrypting the encrypted parameter by using the key to obtain the decrypted parameter, then participating in the following operation, and finally obtaining an operation result.

According to the data obfuscation method provided by the embodiment of the application, the client can encrypt the original model and then send the encrypted model to the server, the key information is stored locally at the client, and the server cannot decrypt the model, so that trust consistency between the client and the server is achieved, then the model is reinforced and obfuscated through the server, the difficulty of stealing data is further increased, and the safety and reliability of data use are guaranteed.

In a specific application, not only the problem that the client does not trust the server, but also the problem that the service provider does not trust the client, such as: in order to implement encryption processing on data, a service provider may deploy a product for implementing encryption processing on data to a client, however, in such a manner that the service provider may worry about leakage and theft of product-related information by the client. At this time, in order to solve the above technical problem, referring to fig. 14, the present embodiment provides another data obfuscating method, where an execution subject of the data obfuscating method is an encryptor, that is, the method may be applied to an encryptor, and the encryptor is disposed locally at the client, and it is understood that the encryptor may be implemented as software or a combination of software and hardware; specifically, the data obfuscation method may include:

s1101: the method comprises the steps of obtaining a data confusion request sent by a client and to-be-processed data corresponding to the data confusion request.

The encryption machine may store a product for performing obfuscation processing on the data to be processed, where the product may be implemented by running code or running logic, that is, the product for performing obfuscation processing on the data to be processed is deployed in the encryption machine. At this time, when the client has a need of performing obfuscation processing on the to-be-processed data, the client may send a data obfuscation request and to-be-processed data corresponding to the data obfuscation request to the encryptor, where the to-be-processed data may be a graph structure corresponding to the machine learning model; therefore, the encryption machine can stably and effectively acquire the data confusion request and the data to be processed sent by the client.

S1102: and performing obfuscation operation on the data to be processed according to the data obfuscation request to obtain target data corresponding to the data to be processed.

After the data obfuscation request and the data to be processed are acquired, the encryption machine can call a product which is stored in advance and used for implementing obfuscation processing on the data to be processed to perform obfuscation processing on the data to be processed, so that target data corresponding to the data to be processed can be acquired, and the target data can include encrypted model data after obfuscation processing and data operation information corresponding to the encrypted model data. Specifically, the specific implementation manner and the implementation effect of performing the obfuscation operation on the to-be-processed data in this embodiment are similar to the specific implementation manner and the implementation effect of performing the obfuscation processing on at least one to-be-processed data according to the data obfuscation request in the embodiment corresponding to fig. 1 to obtain at least one target data and data operation information corresponding to the at least one to-be-processed data, which may specifically refer to the above statements and are not described herein again.

S1103: and sending the target data to the client.

After the target data is acquired, the target data can be sent to the client, so that the client can perform corresponding data processing operation according to the target data.

According to the data obfuscation method provided by the embodiment, the data obfuscation request sent by the client and the to-be-processed data corresponding to the data obfuscation request are obtained through the local encryptor arranged at the client, obfuscation processing is performed on the to-be-processed data according to the data obfuscation request, target data corresponding to the to-be-processed data are obtained, and then the target data can be sent to the client; in addition, the condition that the client end is worried about data leakage can be avoided, the practicability of the method is further improved, and market popularization and application are facilitated.

FIG. 15 is a flowchart illustrating a second method for obfuscating data according to an embodiment of the present invention; on the basis of the foregoing embodiment, with continued reference to fig. 15, after acquiring the data obfuscation request sent by the client and the to-be-processed data corresponding to the data obfuscation request, the method in this embodiment may further include:

s1201: and acquiring the service credential information sent by the client.

S1202: and sending the service certificate information to the server so that the server performs identity authentication on the client according to the service certificate information, determining obfuscation processing information corresponding to the service certificate information when the client passes the identity authentication, and returning the obfuscation processing information to the encryption machine.

S1203: and receiving the obfuscation processing information sent by the server, and performing obfuscation operation on the data to be processed based on the data obfuscation request and the obfuscation processing information to obtain target data corresponding to the data to be processed.

In order to improve the benefit of the service provider, the product provided by the service provider for performing obfuscation processing on the data to be processed may be a fee-based product, and the service provider may provide the user with a product capable of implementing different levels of data obfuscation operations according to different fees paid by the user. For example: the service provider can provide a first product for realizing the data obfuscation operation with complex difficulty, a second product for realizing the data obfuscation operation with common difficulty and a third product for realizing the simple data obfuscation operation in advance, wherein the use cost of the first product is larger than that of the second product, and the use cost of the second product is larger than that of the third product. In specific application, a user can select different products according to specific application scenes and application requirements and pay corresponding fees, and when the user pays the corresponding fees, a mode of charging according to time or times can be realized.

Specifically, after a user purchases a product provided by a service provider and used for performing data obfuscation operation through a client, the client may send a data obfuscation request and data to be processed to an encryptor, and after the encryptor acquires the data obfuscation request and the data to be processed, service credential information sent by the client may also be acquired, where the service credential information may include identity information of the client, product purchase information of the client, use information of the client, and the like; after the encryption machine acquires the service certificate information, the service certificate information can be sent to the server, so that the server performs identity authentication on the client according to the service certificate information, when the client passes the identity authentication, the behavior of the client performing data obfuscation operation is proved to be legal, further obfuscation processing information corresponding to the service certificate information can be determined, and the obfuscation processing information is returned to the encryption machine; the obfuscation processing information is used for identifying a product for performing data obfuscation operation, that is, a product corresponding to the client can be found in a plurality of preset products through the obfuscation processing information. After the encryption engine receives the obfuscation processing information sent by the server, the obfuscation operation may be performed on the data to be processed based on the data obfuscation request and the obfuscation processing information, so that target data corresponding to the data to be processed may be obtained.

In the embodiment, the service voucher information sent by the client is acquired, the service voucher information is sent to the server, so that the server performs identity verification on the client according to the service voucher information, receives the obfuscation processing information sent by the server when the client passes the identity verification, and performs obfuscation operation on data to be processed based on the data obfuscation request and the obfuscation processing information, thereby effectively realizing corresponding data obfuscation operation performed by using a product purchased by the client, effectively ensuring the stability and reliability of the data obfuscation operation under the condition of meeting the use requirement of a user, and further improving the practicability of the method.

FIG. 16 is a flowchart III of a further data obfuscation method according to an embodiment of the present invention; on the basis of the foregoing embodiment, with continued reference to fig. 16, after sending the service credential information to the server, the method in this embodiment may further include:

s1301: and receiving an authentication result sent by the server, wherein the authentication result is used for identifying that the client fails authentication.

S1302: and forbidding to perform obfuscation operation on the data to be processed based on the data obfuscation request and the obfuscation processing information according to the identity verification result, and generating a service processing result corresponding to the data obfuscation request.

S1303: and sending the service processing result to the client.

After the server obtains the service credential information, the identity of the client may be verified based on the service credential information, and when the identity verification result indicates that the client fails, for example: the client is an illegal terminal, or the cost paid by the client is inconsistent with the purchased product; alternatively, the product purchased by the client has expired, etc.; the server may send an authentication result to the encryptor identifying that the client is not authenticated. When the encryption machine receives the identity verification result, in order to ensure the legality and the safety and the reliability of data processing, the encryption machine can forbid the obfuscation operation on the data to be processed according to the identity verification result and generate a service processing result corresponding to the data obfuscation request, wherein the service processing result can be used for identifying the obfuscation operation on the data which is not to be processed, and then the encryption machine can send the generated service processing result to the client, so that the client can timely know the related information of the obfuscation operation failure on the data to be processed and timely make adjustment so as to ensure the timeliness and the reliability of the obfuscation operation on the data to be processed.

Fig. 17 is a first flowchart of a further data obfuscation method according to an embodiment of the present invention; referring to fig. 17, the present embodiment provides another data obfuscation method, the execution subject of which is a server, it being understood that the server may be implemented as software, or a combination of software and hardware; specifically, the data obfuscation method may include:

s1401: and receiving a service request sent by a client and consumption information corresponding to the service request.

S1402: and generating service credential information corresponding to the client according to the service request and the consumption information.

When a client wants to use a certain product provided by a service provider, the corresponding product can be purchased through the authentication server, specifically, the client can send a service request and consumption information corresponding to the service request to the server, wherein the service request is a purchase request corresponding to the certain product, and the consumption information corresponding to the service request can include information such as product cost, payment mode and the like; after the server obtains the service request and the consumption information sent by the client, service credential information corresponding to the client may be generated according to the service request and the consumption information, where the service credential information is used to identify that the client has legally purchased a certain product provided by the service provider, and usage information corresponding to the product may also be included in the service credential information, for example: usage number information or usage duration information, etc.

According to the data obfuscation method provided by the embodiment, the service request sent by the client and the consumption information corresponding to the service request are received, and the service voucher information corresponding to the client is generated according to the service request and the consumption information, so that the client can effectively purchase corresponding products through the server, the products can be used based on the service voucher information, and data obfuscation processing operation is performed on the data, so that the benefits of a service provider are guaranteed, and the use requirements of users are met; and when the client uses the product to perform corresponding data processing operation each time, the client can be authenticated through the service certificate information, so that the legality and the safety and the reliability of the product used by the client are effectively ensured, the practicability of the method is further improved, and the method is favorable for popularization and application in the market.

FIG. 18 is a second flowchart of another data obfuscation method according to an embodiment of the present invention; on the basis of the foregoing embodiment, with continued reference to fig. 18, the method in this embodiment may further include:

s1501: and acquiring the service certificate information sent by the encryption machine.

S1502: and performing identity authentication on the client according to the service certificate information.

S1503: and when the client passes the identity authentication, determining the obfuscation processing information corresponding to the service certificate information, and sending the obfuscation processing information to the encryption machine. Or,

s1504: and when the client fails the authentication, sending an authentication result for identifying that the client fails the authentication to the encryption machine.

When the client requests to use a corresponding product to perform data obfuscation operation through the encryptor, the client may send service credential information to the encryptor, at this time, the encryptor may send the service credential information to the server, and after the server acquires the service credential information, the server may perform authentication on the client according to the service credential information, specifically, performing authentication on the client according to the service credential information may include:

s1601: and acquiring a standard service certificate corresponding to the client.

S1602: and when the service certificate information is matched with the standard service certificate, determining that the client passes the identity authentication. Or,

s1603: and when the service credential information does not match the standard service credential, determining that the client is not authenticated.

When the client passes the identity authentication, the server can determine the obfuscation processing information corresponding to the service certificate information and then send the obfuscation processing information to the encryption machine, so that the encryption machine can perform data obfuscation operation on the data to be processed by using a corresponding product based on the obfuscation processing information. When the client fails the authentication, the authentication result for identifying that the client fails the authentication can be sent to the encryption machine, so that the encryption machine can know the identity information of the client in time, and data confusion operation is prohibited based on the authentication result, so that the safety and reliability of data processing are ensured.

In specific application, a machine learning model is taken as an example to be described, so that protection schemes deployed by existing privatization models are few, and service modes of the protection schemes generally include two types: the first is to deploy the protection tool locally to the customer side, all models are treated identically, and the charging is carried out according to the dimension of time and the like of purchase. Secondly, the client transmits the model to a remote server for protection, and then returns the protected model to the client. However, the two protection methods have the following defects:

first, the security of the model protection tool or customer model cannot be guaranteed. In the first service mode, a service provider may worry about the leakage of a protection tool by a client, and in the second service mode, the client may worry about the leakage of a model.

Second, there is no way to charge on demand. For example: one machine learning model has low requirement on safety, and can select a strategy with low protection level for protection, and the other machine learning model has high requirement on safety and needs a strategy with high protection level for protection. The cost of protection for these two models should not be the same to be justified. But the traditional way has no way to charge on demand.

In order to solve the above problem, as shown in fig. 19 to 20, the present application embodiment provides a data obfuscation method, an execution body of which may include a client, an encryptor and a server, wherein the encryptor is deployed locally on the client, and a product for performing encryption processing on a machine learning model is stored in the encryptor. The following describes a specific implementation process of the method:

firstly, an encryption machine.

The encryption equipment is used for providing model protection service for the client, specifically, products and identity authentication service for realizing the model protection service are deployed in the encryption equipment, and meanwhile, interfaces for updating the products and the identity authentication service are provided.

Second, the customer end

The client can process and package information such as model data provided by a user and send the information to a local encryption machine. Firstly, the client packs model data and some environment information which are required to be protected, and then sends the packed file to a local encryption machine for processing, wherein the environment information can comprise at least one of the following: the language used by the model inference, whether the inference machine (the machine used to run the model data) uses the GPU, service credentials, etc. After sending information such as model data to the encryptor, the encryptor may wait for the encryptor to perform reinforcement and obfuscation processing on the model data, and may obtain target data returned by the encryptor, where the target data includes a target model subjected to reinforcement and obfuscation processing and data operation information for operating the target model, and the data operation information may be stored in a dynamic link library.

Thirdly, the server realizes identity authentication

The server may provide the client with service credential information and may verify the service credential information provided by the client after the encryptor obfuscates a request for data provided by the client. Firstly, a user can apply for a service certificate from a server through a client, and can choose to pay according to the number of times or time and pay according to the type of a model and the reinforcement strength when needing to choose a payment mode. After the server obtains the service credential request, the service credential information may be sent to the client.

When the user calls the data protection service in the encryption machine through the client, the user can send information such as the machine learning model and the service credential information to the encryption machine together. And finally, after the encryption machine acquires the service certificate information, the service certificate information is sent to the server for verification, and the verification result is returned to the encryption machine. And the encryption machine judges whether to provide the reinforcement protection service of the machine learning model according to the verification result, and can inform the result to the client after the service is finished.

Referring to fig. 21, the present application embodiment provides another data obfuscation method, the execution subject of which may include a client, a first server (identity authentication server) and a second server (encryption machine), wherein the client may be located in a first network, the first server may be located in a second network, the second server may be located in a third network, the first network, the second network and the third network are different, the first network, the second network and the third network are all safe networks, a communication channel formed between the first network and the second network can realize safe data transmission, a communication channel formed between the second network and the third network can realize safe data transmission, and a communication channel formed between the first network and the third network can realize safe data transmission. Specifically, the method may perform adaptive adjustment according to different application scenarios, for example: whether to use the service credential information can be selected according to different application scenarios; in addition, when the service credential information is determined to be needed, interactive operation with a user can be realized in certain application scenes, and the information of the service credential is selected according to the interactive operation; or, service credential information of different levels can be set according to different application scenarios; the applied service credential information can be reused one or more times according to different application scenarios, and the like.

Specifically, the method may include the following processes:

step 101: the client side can send model data to be processed and a data confusion request to the second server;

step 102: after receiving the data obfuscation request, the second server may determine, based on the data obfuscation request, a model protection hardware device for performing obfuscation processing on the model data, where the model protection hardware device includes an execution program for performing obfuscation processing on the model data;

step 103: and performing obfuscation processing on the model data by using the determined model protection hardware equipment so as to obtain an obfuscated result corresponding to the model data, and returning the obfuscated result to the client.

Therefore, when the client has the confusion requirement on the model data, the data confusion request and the model data can be directly sent to the second server for data confusion processing without a service certificate, so that the speed and the efficiency of data processing are effectively ensured.

In addition, in order to further improve the security and reliability of data processing, an identity authentication process of the client may be added in the above process, which specifically includes the following steps:

step 201: the client may send a service credential request to the first server.

Specifically, data synchronization operation may be performed between the first server and the second server, and all service type information included in the second server, which may implement the data obfuscation processing service, may be synchronized to the first server, and at this time, all service type information may be included in the first server. After the first server receives the service credential request sent by the client, the first server may apply for a corresponding service credential for the client based on the service credential request.

step 202: and the first server sends the service type information and the service cost information to the client according to the service credential request.

Specifically, after the first server receives a service credential request sent by the client, service type information corresponding to the service credential request may be sent to the client, where the service type information may include information related to multiple types of services and service cost information corresponding to the service.

step 203: after the client side obtains the service type information and the service expense information, obtaining an execution operation corresponding to the service type information and the service expense information by a user, determining target service information and target expense information corresponding to the service credential request according to the execution operation, and sending the target service information and the target expense information to the first server.

In the embodiment, interactive operation is realized between the client and the user, so that the content information included in the service voucher information can be effectively determined according to the operation of the user, the use requirement of the user is met, and the flexibility and reliability of the use of the method are improved.

step 204: and the first server generates service credential information according to the target service information and the target cost information and sends the service credential information to the client.

After the first server obtains the target service information and the target cost information, the service credential information may be generated, at this time, the generated service credential information may be a common service credential information, that is, the service credential information may perform data obfuscation processing operations in a plurality of preset clients. However, in order to meet different use requirements of different clients, after the service credential information is generated, the identity information of the client can be acquired, the security level to which the client belongs is identified through the identity information, and the service credential information meeting the security level is generated through the target service information and the target cost information sent by the client, so that the service credential information of different levels can be provided for the clients of different security levels, different application requirements of different clients are met, and the use range of the method is further expanded.

It should be noted that, after the client applies for the service credential information once, one or more data obfuscation processing operations may be performed based on the service credential information, in this case, the service credential information may be paid based on the number of usage times; in addition, the client may also perform data obfuscation processing operations several times within a preset time period based on the service credential information, and in this case, the service credential information may be paid based on the usage time.

After the service credential information is obtained, a data obfuscation processing operation may be performed between the client and the second server, which specifically includes the following steps:

step 201: the client can send the model data to be processed, the data confusion request and the service credential information to the second server;

step 202: after receiving the service credential information, the second server may send the service credential information to the first server for identity authentication, and after the client passes the identity authentication, may determine, based on the data obfuscation request, a model protection hardware device for performing obfuscation processing on the model data, where the model protection hardware device includes an execution program for performing obfuscation processing on the model data;

step 203: and performing obfuscation processing on the model data by using the determined model protection hardware equipment so as to obtain an obfuscated result corresponding to the model data, and returning the obfuscated result to the client.

The method provided by the embodiment of the application solves the problem of trust of the service provider to the client based on the service deployment mode of the third-party encryption engine, and specifically, the service provider can deploy a product for implementing obfuscation processing on data in the encryption engine, and then deploy the encryption engine integrally in the local client for service. At this time, the client may submit the machine learning model of the plaintext to a local encryption machine for protection processing, and then obtain the obfuscated model after obfuscation processing. Since the machine learning model is not transmitted outside, the client does not worry about the problem of model leakage, and meanwhile, the service provider deploys the product in the box of the encryption machine, so that the problem of product data leakage is not worried about. In addition, the method can also charge the use requirements of the products according to specific application scenes, thereby effectively ensuring the benefits of service providers and meeting the use requirements of users.

In particular, in the process of protecting the models, a problem exists in how to efficiently and safely protect a plurality of models. In a product project, multiple machine learning models may be required to work together to obtain results, such as: the identity card recognition function needs the cooperation of an image recognition model, a natural language processing model and the like to finally obtain a correct result. In theory, effective protection is needed for all the models described above. When multiple models are protected, each model is typically protected individually. For example, each model is encrypted using encryption/decryption protection, and when a particular model is used, the model is decrypted. However, such encryption schemes are relatively low in security and are easily broken.

FIG. 22 is a flow chart of another method of data obfuscation according to an embodiment of the present invention; referring to fig. 22, in order to solve the above technical problem, the present embodiment provides another data obfuscation method, and the execution subject of the data obfuscation method is a data obfuscation device, it is understood that the data obfuscation device may be implemented as software, or a combination of software and hardware; specifically, the data obfuscation method may include:

s1701: the method comprises the steps of obtaining a data confusion request sent by a client and a plurality of data to be processed.

Wherein the data to be processed may include graph structure data that is subjected to encryption processing and corresponds to the machine learning model, and at least a part of the plurality of data to be processed is subjected to encryption processing.

S1702: and sequentially performing obfuscation processing on the plurality of data to be processed according to the data obfuscation request to obtain a plurality of target data and one data operation information corresponding to the plurality of data to be processed.

S1703: and sending the target data and the data operation information to the client.

The specific implementation manner and implementation effect of the steps in this embodiment are similar to those of steps S101 to S103 in the embodiment, and the above statements may be specifically referred to, and are not repeated herein.

It is to be noted that, unlike the above-described embodiment, the number of data to be processed in the present embodiment is plural; therefore, when the plurality of data to be processed are subjected to the obfuscation processing in sequence according to the data obfuscation request, a plurality of target data corresponding to the plurality of data to be processed and one data operation information including the model operation information corresponding to all the data to be processed can be obtained.

According to the data obfuscation method provided by the embodiment, the data obfuscation request sent by the client and the plurality of pieces of data to be processed are obtained, the obfuscation processing is sequentially performed on the plurality of pieces of data to be processed according to the data obfuscation request, the plurality of pieces of target data and the piece of data operation information corresponding to the plurality of pieces of data to be processed are obtained, and then the plurality of pieces of target data and the piece of data operation information are sent to the client.

In particular, referring to fig. 23, in this application, a data obfuscation method for encrypting and protecting multiple models simultaneously is provided in an embodiment of the present application, and specifically, the method may include the following steps:

firstly, acquiring an encryption model list, and sequentially performing the following operations on each encryption model in the encryption model list:

step 101: and obtaining sub-graph data which can be supported in the encryption model, replacing the sub-graph data with a preset plug-in OP, and generating reinforced model data.

step 102: and converting the sub-graph data and performing confusion transformation on the sub-graph data.

step 103: and performing safe scheduling on the obfuscated sub-graph data, namely randomly changing the execution sequence of a plurality of operation nodes in parallel branches, and keeping the input-output relationship of each operation node unchanged.

step 104: and sequentially generating corresponding running codes for each OP in the sub-graph data according to the scheduling sequence.

And after the operation codes are generated by the subgraphs in all the models, uniformly compiling the operation codes to generate data operation information containing all the operation codes.

Model operation

And performing corresponding data processing operation based on the plurality of reinforced models and the generated data operation information, and acquiring corresponding data processing results. Specifically, the corresponding model operation framework operation model may be called first. When the model runs to the plug-in OP, the plug-in OP automatically jumps to the data running information to run the sub-graph data corresponding to the plug-in OP, and finally, the running result of the model can be obtained. The method specifically comprises the following steps:

step 201: when the plug-in OP is run, two attribute values of the plug-in OP are obtained, wherein one attribute value is a model id, and the other attribute value is a subgraph id. These two attributes are used to indicate the data running information that the plug-in OP needs to jump.

step 202: and constructing a unique identifier according to the model id and the sub-graph id, and searching code information corresponding to the unique identifier in the data operation information.

step 203: and executing the code information and returning a result.

The data obfuscation method provided by the embodiment of the application can protect a plurality of data to be processed at the same time, and the codes generated after protection are mixed together, so that the difficulty of cracking by an attacker is increased, the difficulty of stealing the data is increased, and the safety and reliability of the data use are further improved.

FIG. 24 is a first schematic structural diagram of a data obfuscation device according to an embodiment of the present invention; referring to fig. 24, the present embodiment provides a data obfuscating apparatus, which may perform the data obfuscating method of fig. 1, and in particular, the data obfuscating apparatus may include:

the first obtaining module 11 is configured to obtain a data obfuscation request and at least one piece of to-be-processed data sent by a client, where at least a part of the at least one piece of to-be-processed data is encrypted;

the first processing module 12 is configured to perform obfuscation processing on at least one piece of data to be processed according to the data obfuscation request, and obtain at least one piece of target data and data operation information corresponding to the at least one piece of data to be processed;

and a first sending module 13, configured to send at least one target data and data operation information to the client.

Further, when the first processing module 12 performs obfuscation processing on at least one to-be-processed data according to the data obfuscation request, and obtains at least one target data and data operation information corresponding to the at least one to-be-processed data, the first processing module 12 may be configured to perform: in each data to be processed, determining at least one operation node corresponding to the data obfuscation request; and performing obfuscation processing on at least one operation node according to the data obfuscation request to obtain target data and data operation information corresponding to the data to be processed, wherein the data operation information comprises operation codes of the data to be processed.

Further, when the first processing module 12 obtains the target data and the data running information corresponding to the data to be processed, the first processing module 12 may be configured to perform: obtaining a confusion operation node corresponding to the data to be processed, wherein the confusion operation node is obtained by carrying out confusion processing on the operation node; determining node identification information corresponding to the obfuscated operation node; and storing the node operation code corresponding to the confusion operation node into the data operation information according to the node identification information.

Further, when the first processing module 12 obtains the target data and the data running information corresponding to the data to be processed, the first processing module 12 may be configured to perform: when the operation node is an encrypted node subjected to encryption processing, acquiring encrypted parameters and key path information corresponding to the encrypted node; and storing the encrypted parameters and the key path information corresponding to the encrypted nodes into the data operation information.

Further, when the first processing module 12 obtains the key path information corresponding to the encryption node, the first processing module 12 may be configured to perform: determining node identification information corresponding to the encrypted node; sending path request information to the client according to the node identification information so that the client returns key path information corresponding to the node identification information according to the path request information; and receiving the key path information sent by the client.

Further, the data to be processed includes graph structure data which is subjected to encryption processing and corresponds to the machine learning model.

The apparatus shown in fig. 24 can perform the method of the embodiments shown in fig. 1-5 and 10-13, and the detailed description of this embodiment can refer to the related descriptions of the embodiments shown in fig. 1-5 and 10-13. The implementation process and technical effect of the technical solution are described in the embodiments shown in fig. 1 to 5 and fig. 10 to 13, and are not described again here.

In one possible design, the structure of the data obfuscation device shown in fig. 24 may be implemented as an electronic device, which may be a mobile phone, a tablet computer, a server, or other devices. As shown in fig. 25, the electronic device may include: a first processor 21 and a first memory 22. Wherein the first memory 22 is used for storing programs for corresponding electronic devices to execute the data obfuscation method provided in the embodiments shown in fig. 1-5 and fig. 10-13, and the first processor 21 is configured to execute the programs stored in the first memory 22.

The program comprises one or more computer instructions, wherein the one or more computer instructions, when executed by the first processor 21, are capable of performing the steps of:

and sending the at least one target data and the data operation information to the client.

Further, the first processor 21 is also used to execute all or part of the steps in the embodiments shown in fig. 1-5 and 10-13.

The electronic device may further include a first communication interface 23 for communicating with other devices or a communication network.

In addition, the embodiment of the present invention provides a computer storage medium for storing computer software instructions for an electronic device, which includes a program for executing the data obfuscation method in the method embodiments shown in fig. 1 to 5 and 10 to 13.

FIG. 26 is a second schematic structural diagram of a data obfuscation device according to an embodiment of the present invention; referring to fig. 26, the present embodiment provides a data obfuscating apparatus, which may perform the data obfuscating method of fig. 6, and specifically, the data obfuscating apparatus may include:

a second obtaining module 31, configured to obtain a data processing request;

a first determining module 32, configured to determine target data and data operation information corresponding to the data processing request, where the target data is subjected to obfuscation processing;

and a second processing module 33, configured to perform data processing on the basis of the data processing request and the data operation information control target data, and obtain a data processing result corresponding to the data processing request.

Further, before acquiring the data processing request, the second processing module 33 and the second acquiring module 31 in this embodiment are further configured to: sending a data confusion request and data to be processed to a server, wherein the data to be processed is encrypted; and receiving target data and data operation information which are sent by the server and correspond to the data to be processed, wherein the target data are obtained by performing obfuscation processing on the data to be processed.

Further, when the second processing module 33 performs data processing based on the data processing request and the data operation information control target data, the second processing module 33 may be configured to perform: when the obfuscated operation node in the target data is operated, acquiring node identification information corresponding to the obfuscated operation node; determining a node operation code corresponding to the confusion operation node in the data operation information according to the node identification information; and controlling the confusion operation node to perform data processing by using the node operation code to obtain a node processing result.

Further, when the second processing module 33 performs a data processing operation based on the data processing request and the data operation information control target data, the second processing module 33 may be configured to perform: when the target data runs to an encryption node in the target data, acquiring a decryption key and an encrypted parameter corresponding to the encryption node; decrypting the encrypted parameters by using the decryption key to obtain decrypted parameters corresponding to the encryption nodes; and carrying out data processing by using the decrypted parameters to obtain a node processing result.

Further, when the second processing module 33 obtains the decryption key and the encrypted parameter corresponding to the encryption node, the second processing module 33 may be configured to perform: acquiring node identification information corresponding to the encrypted node; according to the node identification information, determining key path information and encrypted parameters corresponding to the encrypted node in the data operation information; and acquiring a decryption key corresponding to the encrypted parameter by using the key path information.

The apparatus shown in fig. 26 can perform the method of the embodiment shown in fig. 6-13, and reference may be made to the related description of the embodiment shown in fig. 6-13 for parts not described in detail in this embodiment. The implementation process and technical effect of the technical solution refer to the descriptions in the embodiments shown in fig. 6 to 13, and are not described herein again.

In one possible design, the structure of the data obfuscation device shown in fig. 26 may be implemented as an electronic device, which may be a mobile phone, a tablet computer, a server, or other devices. As shown in fig. 27, the electronic device may include: a second processor 41 and a second memory 42. Wherein the second memory 42 is used for storing programs for the corresponding electronic device to execute the data obfuscation method provided in the embodiments shown in fig. 6-13, and the second processor 41 is configured to execute the programs stored in the second memory 42.

The program comprises one or more computer instructions, wherein the one or more computer instructions, when executed by the second processor 41, are capable of performing the steps of:

acquiring a data processing request;

determining target data and data operation information corresponding to the data processing request, wherein the target data is subjected to confusion processing;

and performing data processing on the data based on the data processing request and the data operation information control target data to obtain a data processing result corresponding to the data processing request.

Further, the second processor 41 is also used to execute all or part of the steps in the embodiments shown in fig. 6 to 13.

The electronic device may further include a second communication interface 43 for communicating with other devices or a communication network.

In addition, the embodiment of the present invention provides a computer storage medium for storing computer software instructions for an electronic device, which includes a program for executing the data obfuscation method in the method embodiments shown in fig. 6 to 13.

Fig. 28 is a schematic structural diagram of an encryption apparatus according to an embodiment of the present invention; referring to fig. 28, the present embodiment provides an encryptor, which is located locally at the client; further, the encryption device may execute the data obfuscation method shown in fig. 14, and specifically, the encryption device includes:

a third obtaining module 51, configured to obtain a data obfuscation request sent by a client and to-be-processed data corresponding to the data obfuscation request;

the third processing module 52 is configured to perform an obfuscating operation on the to-be-processed data according to the data obfuscating request, so as to obtain target data corresponding to the to-be-processed data;

and a second sending module 53, configured to send the target data to the client.

Further, after acquiring the data obfuscation request sent by the client and the to-be-processed data corresponding to the data obfuscation request, the third acquiring module 51, the third processing module 52, and the second sending module 53 in this embodiment may be further configured to perform the following steps:

a third obtaining module 51, configured to obtain service credential information sent by the client;

a second sending module 53, configured to send the service credential information to the server, so that the server performs authentication on the client according to the service credential information, determines obfuscation processing information corresponding to the service credential information when the client passes the authentication, and returns the obfuscation processing information to the encryption engine;

and the third processing module 52 is configured to receive the obfuscating processing information sent by the server, and perform an obfuscating operation on the to-be-processed data based on the data obfuscating request and the obfuscating processing information to obtain target data corresponding to the to-be-processed data.

Further, after sending the service credential information to the server, the third processing module 52 in this embodiment may be further configured to: receiving an authentication result sent by the server, wherein the authentication result is used for identifying that the client fails authentication; forbidding to perform obfuscation operation on the data to be processed based on the data obfuscation request and the obfuscation processing information according to the identity verification result, and generating a service processing result corresponding to the data obfuscation request; and sending the service processing result to the client.

The apparatus shown in fig. 28 can perform the method of the embodiments shown in fig. 14-16 and fig. 19-21, and the detailed description of the embodiment can refer to the related descriptions of the embodiments shown in fig. 14-16 and fig. 19-21. The implementation process and technical effect of the technical solution are described in the embodiments shown in fig. 14-16 and fig. 19-21, and are not described herein again.

In one possible design, the structure of the encryption engine shown in FIG. 28 may be implemented as an electronic device. As shown in fig. 29, the electronic device may include: a third processor 61 and a third memory 62. Wherein the third memory 62 is used for storing programs for the corresponding electronic device to execute the data obfuscation method provided in the embodiments shown in fig. 14-16 and 19-21, and the third processor 61 is configured to execute the programs stored in the third memory 62.

The program comprises one or more computer instructions, wherein the one or more computer instructions, when executed by the third processor 61, are capable of performing the steps of:

acquiring a data confusion request sent by a client and to-be-processed data corresponding to the data confusion request;

performing obfuscation operation on data to be processed according to the data obfuscation request to obtain target data corresponding to the data to be processed;

and sending the target data to the client.

Further, the third processor 61 is also used to execute all or part of the steps in the embodiments shown in fig. 14-16 and 19-21.

The electronic device may further include a third communication interface 63 for communicating with other devices or a communication network.

In addition, the embodiment of the present invention provides a computer storage medium for storing computer software instructions for an electronic device, which includes a program for executing the data obfuscation method in the method embodiments shown in fig. 14 to 16 and fig. 19 to 21.

FIG. 30 is a third schematic structural diagram of a data obfuscation device according to an embodiment of the present invention; referring to fig. 30, the present embodiment provides a data obfuscating apparatus, which may perform the data obfuscating method of fig. 17, and specifically, the data obfuscating apparatus may include:

a fourth obtaining module 71, configured to receive a service request sent by a client and consumption information corresponding to the service request;

and a fourth processing module 72, configured to generate service credential information corresponding to the client according to the service request and the consumption information.

Further, the fourth obtaining module 71 and the fourth processing module 72 in this embodiment may be further configured to perform the following steps:

a fourth obtaining module 71, configured to obtain service credential information sent by the encryption engine;

a fourth processing module 72, configured to perform identity authentication on the client according to the service credential information; when the client passes the identity authentication, determining confusion processing information corresponding to the service certificate information, and sending the confusion processing information to the encryption machine; or when the client fails the authentication, sending an authentication result for identifying that the client fails the authentication to the encryption machine.

Further, when the fourth processing module 72 authenticates the client according to the service credential information, the fourth processing module 72 may be configured to perform: acquiring a standard service certificate corresponding to a client; when the service voucher information is matched with the standard service voucher, determining that the client passes the identity authentication; or, when the service credential information does not match the standard service credential, determining that the client is not authenticated.

The apparatus shown in fig. 30 can perform the method of the embodiment shown in fig. 17-21, and reference may be made to the related description of the embodiment shown in fig. 17-21 for parts of this embodiment that are not described in detail. The implementation process and technical effect of the technical solution are described in the embodiments shown in fig. 17 to 21, and are not described herein again.

In one possible design, the structure of the data obfuscation device shown in fig. 30 may be implemented as an electronic device, which may be a mobile phone, a tablet computer, a server, or other devices. As shown in fig. 31, the electronic device may include: a fourth processor 81 and a fourth memory 82. Wherein the fourth memory 82 is used for storing programs for the corresponding electronic device to execute the data obfuscation method provided in the embodiments shown in fig. 17-21, and the fourth processor 81 is configured to execute the programs stored in the fourth memory 82.

The program comprises one or more computer instructions, wherein the one or more computer instructions, when executed by the fourth processor 81, enable the following steps to be performed:

Further, the fourth processor 81 is also used to execute all or part of the steps in the embodiments shown in fig. 17-21.

The electronic device may further include a fourth communication interface 83, which is used for the electronic device to communicate with other devices or a communication network.

In addition, an embodiment of the present invention provides a computer storage medium for storing computer software instructions for an electronic device, which includes a program for executing the data obfuscation method in the method embodiments shown in fig. 17 to 21.

Fig. 32 is a fourth schematic structural diagram of a data obfuscation device according to an embodiment of the present invention; referring to fig. 32, the present embodiment provides a data obfuscating apparatus, which may perform the data obfuscating method of fig. 22, and in particular, the data obfuscating apparatus may include:

a fifth obtaining module 91, configured to obtain a data obfuscation request sent by a client and multiple pieces of data to be processed;

a fifth processing module 92, configured to perform obfuscation processing on multiple pieces of data to be processed in sequence according to the data obfuscation request, so as to obtain multiple pieces of target data and one piece of data operation information corresponding to the multiple pieces of data to be processed;

and a third sending module 93, configured to send the multiple target data and the data operation information to the client.

Further, at least a part of the plurality of data to be processed is encrypted.

The apparatus shown in fig. 32 can perform the method of the embodiments shown in fig. 1-13 and fig. 22-23, and the detailed description of the embodiment can refer to the related descriptions of the embodiments shown in fig. 1-13 and fig. 22-23. The implementation process and technical effect of the technical solution are described in the embodiments shown in fig. 1-13 and fig. 22-23, and are not described herein again.

In one possible design, the structure of the data obfuscation device shown in fig. 32 may be implemented as an electronic device, which may be a mobile phone, a tablet computer, a server, or other devices. As shown in fig. 33, the electronic device may include: a fifth processor 101 and a fifth memory 102. Wherein, the fifth memory 102 is used for storing the program of the corresponding electronic device for executing the data obfuscation method provided in the embodiments shown in fig. 1-13 and fig. 22-23, and the fifth processor 101 is configured to execute the program stored in the fifth memory 102.

sequentially performing obfuscation processing on a plurality of data to be processed according to the data obfuscation request to obtain a plurality of target data corresponding to the plurality of data to be processed and data operation information;

and sending the target data and the data operation information to the client.

Further, the fifth processor 101 is also configured to perform all or part of the steps in the embodiments shown in fig. 1-13 and 22-23.

The electronic device may further include a fifth communication interface 103, which is used for the electronic device to communicate with other devices or a communication network.

In addition, the embodiment of the present invention provides a computer storage medium for storing computer software instructions for an electronic device, which includes a program for executing the data obfuscation method in the method embodiments shown in fig. 1 to 13 and 22 to 23.

The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.

Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by adding a necessary general hardware platform, and of course, can also be implemented by a combination of hardware and software. With this understanding in mind, the above-described aspects and portions of the present technology which contribute substantially or in part to the prior art may be embodied in the form of a computer program product, which may be embodied on one or more computer-usable storage media having computer-usable program code embodied therein, including without limitation disk storage, CD-ROM, optical storage, and the like.

The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.

Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims

1. A method of data obfuscation, comprising:

2. The method according to claim 1, wherein performing obfuscation processing on at least one piece of to-be-processed data according to the data obfuscation request to obtain at least one piece of target data and data operation information corresponding to the at least one piece of to-be-processed data comprises:

in each piece of the data to be processed, determining at least one operation node corresponding to the data obfuscation request;

and performing obfuscation processing on at least one operation node according to the data obfuscation request to obtain target data and data operation information corresponding to the data to be processed, wherein the data operation information comprises operation codes of the data to be processed.

3. The method of claim 2, wherein obtaining target data and data run information corresponding to the data to be processed comprises:

obtaining a confusion operation node corresponding to the data to be processed, wherein the confusion operation node is obtained by carrying out confusion processing on the operation node;

determining node identification information corresponding to the obfuscated operation node;

and storing a node running code corresponding to the confusion operation node into the data running information according to the node identification information.

4. The method of claim 2, wherein obtaining target data and data run information corresponding to the data to be processed comprises:

when the operation node is an encrypted node subjected to encryption processing, acquiring encrypted parameters and key path information corresponding to the encrypted node;

and storing the encrypted parameters and the key path information corresponding to the encrypted nodes into the data operation information.

5. The method of claim 4, wherein obtaining key path information corresponding to the cryptographic node comprises:

determining node identification information corresponding to the encrypted node;

sending path request information to the client according to the node identification information so that the client returns the key path information corresponding to the node identification information according to the path request information;

and receiving the key path information sent by the client.

6. The method according to any one of claims 1 to 5, wherein the data to be processed comprises graph structure data which is processed by encryption and corresponds to a machine learning model.

7. A method of data obfuscation, comprising:

acquiring a data processing request;

8. The method of claim 7, wherein prior to obtaining the data processing request, the method further comprises:

sending a data confusion request and data to be processed to a server, wherein the data to be processed is encrypted;

and receiving target data and data operation information which are sent by the server and correspond to the data to be processed, wherein the target data are obtained by performing obfuscation processing on the data to be processed.

9. The method of claim 7, wherein controlling the target data for data processing based on the data processing request and data run information comprises:

when the operation is carried out to the confusion operation node in the target data, the node identification information corresponding to the confusion operation node is obtained;

determining a node running code corresponding to the confusion operation node in the data running information according to the node identification information;

and controlling the confusion operation node to perform data processing by using the node operation code to obtain a node processing result.

10. The method of claim 7, wherein controlling the target data to perform data processing operations based on the data processing request and data run information comprises:

when the target data runs to an encryption node in the target data, acquiring a decryption key and an encrypted parameter corresponding to the encryption node;

decrypting the encrypted parameters by using the decryption key to obtain decrypted parameters corresponding to the encryption node;

and carrying out data processing by using the decrypted parameters to obtain a node processing result.

11. The method of claim 10, wherein obtaining the decryption key and the encrypted parameters corresponding to the encryption node comprises:

acquiring node identification information corresponding to the encrypted node;

according to the node identification information, determining key path information and encrypted parameters corresponding to the encrypted node in the data operation information;

and acquiring a decryption key corresponding to the encrypted parameter by using the key path information.

12. A data obfuscation method is characterized in that the method is applied to an encryption machine, and the encryption machine is arranged locally at a client; the method comprises the following steps:

and sending the target data to the client.

13. The method of claim 12, wherein after obtaining the data obfuscation request sent by the client and the pending data corresponding to the data obfuscation request, the method further comprises:

acquiring service credential information sent by the client;

sending the service certificate information to a server so that the server performs identity authentication on the client according to the service certificate information, determining obfuscation processing information corresponding to the service certificate information when the client passes the identity authentication, and returning the obfuscation processing information to an encryption machine;

and receiving obfuscation processing information sent by a server, and performing obfuscation operation on the data to be processed based on the data obfuscation request and the obfuscation processing information to obtain target data corresponding to the data to be processed.

14. The method of claim 13, wherein after sending the service credential information to a server, the method further comprises:

receiving an authentication result sent by a server, wherein the authentication result is used for identifying that the client fails authentication;

forbidding to perform obfuscation operation on the data to be processed based on the data obfuscation request and obfuscation processing information according to the identity verification result, and generating a service processing result corresponding to the data obfuscation request;

and sending the service processing result to a client.

15. A method of data obfuscation, comprising:

16. The method of claim 15, further comprising:

acquiring service certificate information sent by an encryption machine;

performing identity verification on the client according to the service certificate information;

when the client passes the identity authentication, determining obfuscation processing information corresponding to the service certificate information, and sending the obfuscation processing information to an encryption machine; or,

and when the client fails the authentication, sending an authentication result for identifying that the client fails the authentication to the encryption machine.

17. The method of claim 16, wherein authenticating the client according to the service credential information comprises:

acquiring a standard service certificate corresponding to the client;

when the service certificate information is matched with the standard service certificate, determining that the client passes identity authentication; or,

and when the service credential information does not match the standard service credential, determining that the client fails to pass the authentication.

18. A method of data obfuscation, comprising:

and sending the target data and the data operation information to a client.

19. The method of claim 18, wherein at least a portion of the plurality of data to be processed is encrypted.

20. A data obfuscation device, comprising:

21. An electronic device, comprising: a memory, a processor; wherein the memory is to store one or more computer instructions, wherein the one or more computer instructions, when executed by the processor, implement a data obfuscation method as in any one of claims 1-6.

22. A data obfuscation device, comprising:

23. An electronic device, comprising: a memory, a processor; wherein the memory is configured to store one or more computer instructions, wherein the one or more computer instructions, when executed by the processor, implement a data obfuscation method as defined in any one of claims 7-11.

24. The encryption equipment is characterized in that the encryption equipment is arranged locally at a client; the encryption equipment includes:

25. An electronic device, comprising: a memory, a processor; wherein the memory is configured to store one or more computer instructions, wherein the one or more computer instructions, when executed by the processor, implement a data obfuscation method as defined in any one of claims 12-14.

26. A data obfuscation device, comprising:

27. An electronic device, comprising: a memory, a processor; wherein the memory is configured to store one or more computer instructions, wherein the one or more computer instructions, when executed by the processor, implement a data obfuscation method as defined in any one of claims 15-17.

28. A data obfuscation device, comprising:

29. An electronic device, comprising: a memory, a processor; wherein the memory is configured to store one or more computer instructions, wherein the one or more computer instructions, when executed by the processor, implement a data obfuscation method as defined in any one of claims 18-19.