CN113141329A - Big data mining method, device, equipment and storage medium - Google Patents

Big data mining method, device, equipment and storage medium Download PDF

Info

Publication number
CN113141329A
CN113141329A CN202010047592.8A CN202010047592A CN113141329A CN 113141329 A CN113141329 A CN 113141329A CN 202010047592 A CN202010047592 A CN 202010047592A CN 113141329 A CN113141329 A CN 113141329A
Authority
CN
China
Prior art keywords
data
algorithm
uuid
mining
original
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010047592.8A
Other languages
Chinese (zh)
Other versions
CN113141329B (en
Inventor
罗刚毅
俞建军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Shanghai ICT Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Shanghai ICT Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Shanghai ICT Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN202010047592.8A priority Critical patent/CN113141329B/en
Publication of CN113141329A publication Critical patent/CN113141329A/en
Application granted granted Critical
Publication of CN113141329B publication Critical patent/CN113141329B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2465Query processing support for facilitating data mining operations in structured databases
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Mathematical Physics (AREA)
  • Data Mining & Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Computational Linguistics (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Probability & Statistics with Applications (AREA)
  • Fuzzy Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a big data mining method, a big data mining device, big data mining equipment and a storage medium, and relates to the technical field of information. The big data mining method is applied to the terminal and comprises the following steps: acquiring data to be processed, an original algorithm package and an original configuration file; carrying out block encryption processing on data to be processed to obtain a plurality of encrypted data blocks; and sending the encrypted data block, a first algorithm package and a first configuration file to a server so that the server obtains data to be processed according to the universal unique mark code UUID and the temporary token, executing the original algorithm package to obtain a final mining result, wherein the first algorithm package is obtained by packaging the original algorithm data package, and the first configuration file is obtained by injecting the original configuration file into the token. Through a non-invasive scheme and processing logic, the code of the existing algorithm data packet does not need to be changed, the use complexity is reduced, and the safety of data mining processing performed by a cloud is improved.

Description

Big data mining method, device, equipment and storage medium
Technical Field
The invention relates to the technical field of information, in particular to a big data mining method, a big data mining device, big data mining equipment and a storage medium.
Background
The analysis and mining based on the big data can provide effective information for enterprise operation, and the development of cloud computing enables enterprises to construct big data platforms without investing huge funds, and the cloud computing platforms are utilized to mine the big data, so that the problem that attention must be paid to the safety of the data is guaranteed.
In the existing big data analysis systems, data can be acquired by using various data acquisition modes, the acquired data is encrypted to form encrypted data signals, and the encrypted data signals are decrypted in a data analysis server through a data decryption module.
However, most of the existing technical solutions are intrusive encryption solutions, and source codes of a data mining algorithm need to be modified or customized development needs to be performed based on data to be mined, which increases the complexity of data mining. And part of big data analysis systems are developed for simply solving the problems of encrypted storage or encrypted transmission and do not meet the requirement of safety of data mining carried out at the cloud.
Disclosure of Invention
The embodiment of the invention provides a big data mining method, a big data mining device, big data mining equipment and a storage medium, through a non-intrusive scheme and processing logic, the code of a data packet of an existing algorithm does not need to be changed, the use complexity is reduced, and the safety of data mining carried out by a cloud is improved.
In a first aspect, an embodiment of the present invention provides a data encryption method, which is applied to a terminal, and the method includes: acquiring data to be processed, an original algorithm package and an original configuration file;
carrying out block encryption processing on data to be processed to obtain a plurality of encrypted data blocks;
and sending the encrypted data block, a first algorithm package and a first configuration file to a server so that the server obtains data to be processed according to the universal unique identification code UUID and the temporary token, executing the original algorithm package to obtain a final mining result, wherein the first algorithm package is obtained by packaging the original algorithm data package, and the first configuration file is obtained by injecting the original configuration file into the token.
In some implementations of the first aspect, after obtaining the original algorithm package, the method further includes: and adding an input preprocessing module and an output preprocessing module to the original algorithm packet to obtain a first algorithm packet.
In some implementations of the first aspect, after sending the encrypted data block, the first algorithm package, and the first configuration file to the server, the method further comprises: receiving request information sent by a server, wherein the request information comprises a UUID and a token;
acquiring a key corresponding to the UUID based on the UUID and the token;
the key is sent to the server.
In some implementations of the first aspect, after obtaining the plurality of encrypted data blocks, the method further comprises: the UUID of each encrypted data block and the key corresponding to the UUID are stored.
In some implementations of the first aspect, encrypting the block of data comprises: the method comprises the steps of encrypting the length of a data block, a universal unique identification code UUID, an algorithm identification corresponding to an encryption algorithm, the encrypted data block and a check code.
In some implementations of the first aspect, the blocking processing the data to be processed, and obtaining a plurality of encrypted data blocks according to an encryption protocol includes: carrying out block processing on data to be processed to obtain a plurality of data blocks;
for each data block, encrypting the data block by using a preset encryption algorithm to obtain an encrypted data block of the data block;
the encrypted data block comprises an algorithm identifier corresponding to a preset encryption algorithm.
In a second aspect, an embodiment of the present invention provides a data processing method, which is applied to a server, and the method includes: receiving a plurality of encrypted data blocks, a first algorithm packet and a first configuration file sent by a terminal;
sending request information to a terminal, wherein the request information comprises a universal unique identification code (UUID) of each encrypted data block and a temporary token in a first configuration file, and the UUID and the token are used for the terminal to obtain a key corresponding to the UUID based on the UUID and the token;
receiving a key corresponding to the UUID returned by the terminal based on the request information;
and processing the data to be processed according to the original algorithm packet in the first algorithm packet to obtain a final mining result, wherein the data to be processed is obtained based on the key of each corresponding UUID and the algorithm identifier in each encrypted data block.
In some implementations of the second aspect, after receiving the key corresponding to the UUID returned by the terminal based on the request information, the method further includes: determining a decryption algorithm for decrypting the encrypted data block according to the algorithm identification for each encrypted data block;
decrypting the encrypted data block corresponding to the UUID according to the key corresponding to the UUID and a decryption algorithm to obtain the data block corresponding to the UUID;
and obtaining the data to be processed based on the plurality of data blocks.
In some implementations of the second aspect, processing the data to be processed according to the original algorithm package in the first algorithm package to obtain a final mining result includes: processing the data to be processed by using an original algorithm packet to obtain a mining result;
encrypting a mining result;
and if the mining result is the final mining result, sending the encrypted final mining result to the terminal.
In a third aspect, an embodiment of the present invention provides a big data mining device, where the device includes: the first acquisition module is used for acquiring data to be processed, an original algorithm package and an original configuration file;
the encryption module is used for carrying out block encryption processing on data to be processed to obtain a plurality of encrypted data blocks;
the first sending module is used for sending the encrypted data block, the first algorithm package and the first configuration file to the server so that the server can obtain data to be processed according to the universal unique identification code UUID and the temporary token, execute the original algorithm package and obtain a final mining result, wherein the first algorithm package is obtained by packaging the original algorithm data package, and the first configuration file is obtained by injecting the original configuration file into the token.
In a fourth aspect, an embodiment of the present invention provides a big data mining apparatus, where the apparatus includes: the first receiving module is used for receiving a plurality of encrypted data blocks, a first algorithm packet and a first configuration file which are sent by a terminal;
the second sending module is used for sending request information to the terminal, wherein the request information comprises a universal unique identification code (UUID) of each encrypted data block and a temporary token in the first configuration file, and the UUID and the token are used for the terminal to obtain a key corresponding to the UUID based on the UUID and the token;
the second receiving module is used for receiving a key corresponding to the UUID returned by the terminal based on the request information;
and the data processing module is used for processing the data to be processed according to the original algorithm packet in the first algorithm packet to obtain a final mining result, wherein the data to be processed is obtained based on the key of each corresponding UUID and the algorithm identifier in each encrypted data block.
In a fifth aspect, an embodiment of the present invention provides a big data mining device, where the device includes: a processor and a memory storing computer program instructions; the processor, when executing the computer program instructions, implements a big data mining method as in the first aspect or any of the realizable manners of the first aspect or the second aspect or any of the realizable manners of the second aspect.
In a sixth aspect, an embodiment of the present invention provides a computer-readable storage medium, where computer program instructions are stored on the computer-readable storage medium, and when executed by a processor, implement the big data mining method in the first aspect or any implementable manner of the first aspect, or the big data mining method in the second aspect or any implementable manner of the second aspect.
The non-invasive data processing method provided by the invention has the advantages that a non-invasive processing means is adopted, the existing algorithm data packet is not required to be modified and developed, specifically, the local terminal is used for blocking encryption of the data to be processed, and the UUID is used in the encrypted data packet, so that the cloud server can obtain a key for correspondingly decrypting the encrypted block data according to the UUID and token, the security of the data to be processed is further improved, and the key is also the key for improving the security of the whole data; furthermore, the method for obtaining the final mining result by performing encapsulation processing on the algorithm data packet, decrypting the algorithm data packet at the cloud end and performing data mining on the algorithm data packet can achieve the purpose that the non-encrypted mining result does not appear at a place outside the cloud end server, and effectively improves the safety of data mining at the cloud end.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic flow chart of a big data mining method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a data block encryption protocol according to an embodiment of the present invention;
FIG. 3 is a schematic flow chart of another big data mining method provided by the embodiment of the invention;
fig. 4 is a schematic flow chart of data encryption and processing in a big data mining process according to an embodiment of the present invention;
fig. 5 is a schematic flow chart of data encryption and processing in another big data mining process according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of a big data mining apparatus according to an embodiment of the present invention;
FIG. 7 is a schematic diagram of another big data mining provided by an embodiment of the invention;
FIG. 8 is a schematic diagram of another big data mining apparatus provided by an embodiment of the present invention;
fig. 9 is a schematic hardware structure diagram of a large data mining device according to an embodiment of the present invention.
Detailed Description
Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not to be construed as limiting the invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present invention by illustrating examples of the present invention.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
In some existing big data analysis systems, data can be acquired by using various data acquisition modes, the acquired data is encrypted to form encrypted data signals, and the encrypted data signals are decrypted in a data analysis server through a data decryption module.
And the data access method of the data platform comprises the steps that the cloud platform server generates key parameters, the security node generates corresponding keys and tokens for the user, and other nodes in the cloud platform determine whether the user has legal identity.
Or the big data cloud computing operation system comprises a central processing unit, a communication module, a data backup module, a data acquisition module and a data storage module, so that data are prevented from being stolen.
Or the mixed cloud security storage management system facing big data comprises: the cloud management system comprises a private cloud module, a public cloud module, a management layer module and a client module; a mixed cloud architecture of a private cloud and a public cloud is used, a stream encryption algorithm is adopted for storage encryption, and migration among clouds is transparent to users so as to meet the requirement of safe storage of user data.
It can be seen from the above contents that most of the existing technical solutions are invasive encryption schemes, and need to modify source codes or perform customized development based on the technical solutions, and secondly, most of the existing solutions are solutions to simply solve the problems of encrypted storage or encrypted transmission, and there is no perfect solution for the requirement of data mining processing of a cloud server.
The embodiment of the invention can realize the encapsulation of the existing data mining algorithm by a universal architecture under the condition of no perception through non-invasive encryption and decryption injection, thereby greatly reducing the use complexity. Secondly, the embodiment of the invention improves the safety of data mining by methods of block encryption, dynamic key generation and intermediate data encryption storage.
The following describes a data encryption method provided in an embodiment of the present invention.
FIG. 1 is a schematic flow chart of a big data mining method according to an embodiment of the present invention; as shown in fig. 1, the big data mining method applied to a terminal may mainly include the following steps:
s101, acquiring data to be processed, an original algorithm package and an original configuration file.
In some embodiments, the terminal obtains data to be processed submitted by a user, an original algorithm data package and an original configuration file, wherein the original configuration file is a configuration file of the original algorithm data package.
And S102, carrying out block encryption processing on the data to be processed.
Specifically, block encryption processing is performed on data to be processed to obtain a plurality of encrypted data blocks.
In some embodiments, block encryption processing is performed on data to be processed to obtain a plurality of encrypted data blocks; the encrypted data block includes a Universal Unique Identifier (UUID).
In some embodiments, after the terminal obtains the data to be processed submitted by the user, the data to be processed is divided into data blocks (blocks) for storage.
In some embodiments, in the process of encrypting the data blocks, each data block is encrypted separately, and optionally, each data block may be encrypted by using a different encryption algorithm and key, so as to improve the security of the data transmission or storage process.
As a specific embodiment, fig. 2 is a schematic diagram of a data block encryption protocol provided by an embodiment of the present invention, and the specific protocol is shown in fig. 2.
In some embodiments, the encrypted data block includes the length of the entire new encrypted data block, and optionally, 8 bytes of the encrypted data block may be reserved for placing the length of the encrypted data block.
In some embodiments, the encrypted data block further comprises a Universally Unique Identifier (UUID) assigned by the system, and the UUID and the key (key) for decrypting the encrypted data block are stored, optionally, the UUID and the key (key) for decrypting the encrypted data block may be stored in the terminal, and in some embodiments, the authentication module stored in the terminal may be selected.
In some embodiments, for each data block, the data block is encrypted by using a preset encryption algorithm to obtain an encrypted data block of the data block, where the encrypted data block includes an algorithm identifier corresponding to the preset encryption algorithm.
In some embodiments, the algorithm identification indicates an encryption algorithm used to encrypt the block of data.
As a specific embodiment, an algorithm mapping table may be set inside the system, and different numbers represent different algorithms, for example, 0 represents a Data Encryption Standard (DES) algorithm.
Alternatively, 4 bytes of the encrypted data block may be reserved for placing the length of the encrypted data block.
As a specific embodiment, encrypting the data block further includes encrypting the data block using a predetermined encryption algorithm. Optionally, the byte length used for storing the encrypted data block in the encrypted data block may be used according to an actually required byte length.
In some embodiments, the encrypted data block includes a check code. Alternatively, the check code may be a hash value obtained by sha256 calculation on the data block.
In some embodiments, a hash value of a data block is obtained by performing a hash operation on the data block; and adding the hash value to the encrypted data block so that the server verifies the integrity of the data block obtained by decryption.
Alternatively, 32 bytes of the encrypted data block may be reserved for the hash value.
The embodiment of the invention provides an encryption protocol, and the encrypted data block obtained after encryption comprises the length of the encrypted data block, UUID, an algorithm identifier corresponding to an encryption algorithm, the encrypted data block and a check code, so that the server can automatically decrypt the encrypted data block.
S103, sending the encrypted data block, the first algorithm packet and the first configuration file to the server.
Specifically, the encrypted data block, a first algorithm package and a first configuration file are sent to the server, so that the server obtains data to be processed according to the universal unique identification code UUID and the temporary token, the original algorithm package is executed, and a final mining result is obtained, wherein the first algorithm package is obtained according to encapsulation of the original algorithm data package, and the first configuration file is obtained by injecting the original configuration file into the temporary token.
In some embodiments, after the terminal obtains the original algorithm package submitted by the user, the encapsulation processing of the original algorithm package includes adding an input preprocessing module and an output preprocessing module to the original algorithm package to obtain the first algorithm package.
The input preprocessing module is used for decrypting the encrypted data block when the server acquires the data to be analyzed; the output preprocessing module is used for encrypting the output result when the algorithm data packet is executed to obtain the output result.
The input preprocessing module provided by the embodiment of the invention can dynamically request the key according to the token and the UUID, thereby improving the security of the whole data.
As a specific embodiment, after the terminal obtains an original configuration file submitted by a user, an authentication module of the terminal generates a temporary token (token) for each task, and injects the token into the configuration file of the original algorithm package. Optionally, the token's expiration time is configurable.
In some embodiments, the server may send request information including the pass UUID and token to request a key (key) to encrypt and decrypt the data block during execution of the original algorithm package. And the authentication module acquires a key corresponding to the UUID based on the UUID and the token included in the request information, and sends the key to the server.
The non-invasive data processing method provided by the embodiment of the invention does not need to modify and develop the existing algorithm data packet by adopting a non-invasive processing means, specifically, the data to be processed is encrypted in blocks at the local terminal, and the UUID is used in the encrypted data packet, so that the cloud server can obtain a key for correspondingly decrypting the encrypted block data according to the UUID and token, thereby further improving the security of the data to be processed and being the key for improving the security of the whole data; furthermore, the method for packaging the algorithm data packet and decrypting the algorithm data packet at the cloud can realize that the unencrypted data does not appear at a place outside the cloud server, thereby effectively improving the safety of data processing at the cloud.
Furthermore, the input preprocessing module at the server can dynamically request a decryption key according to the temporary token and the UUID, and the corresponding decryption key can be found through the UUID, so that different data blocks can use different encryption algorithms, and the overall data security is improved.
And after receiving the plurality of encrypted data blocks, the first algorithm packet and the first configuration file sent by the terminal, the server starts to execute the first algorithm packet and processes the data to be processed. The specific process is shown in fig. 3.
Fig. 3 is a schematic flow chart of another big data mining method according to an embodiment of the present invention. The big data mining method is applied to a server and specifically comprises the following steps:
s201, receiving a plurality of encrypted data blocks, a first algorithm packet and a first configuration file sent by a terminal.
S202, request information is sent to the terminal.
Specifically, request information is sent to the terminal, wherein the request information includes the UUID and the token, so that the terminal obtains the key corresponding to the UUID based on the UUID and the token.
And sending request information comprising the UUID and the token to the terminal based on the token obtained in the first configuration file and the UUID in each encrypted data block.
In some embodiments, the server obtains the token and the UUID in each encrypted data block from the first configuration file through the input pre-processing module in the first algorithm data packet before executing the original algorithm packet.
And the terminal returns the key corresponding to the UUID to the server after acquiring the key corresponding to the UUID based on the UUID and the token.
S203, receiving a key corresponding to the UUID returned by the terminal based on the request information;
in some embodiments, the terminal returns the key corresponding to the UUID to the server after acquiring the key corresponding to the UUID from the authentication module based on the UUID and the token.
In some embodiments, the input preprocessing module in the first algorithm package determines the encryption algorithm used by the data block according to the key corresponding to the UUID and the identifier of the encryption algorithm in the encrypted data block, and decrypts the encrypted data block to obtain the data block.
And S204, processing the data to be processed according to the original algorithm packet in the first algorithm packet.
And the data to be processed is obtained based on the key of each corresponding UUID and the algorithm identification in each encrypted data block.
In some embodiments, each data block is decrypted by the input pre-processing module to obtain the data to be analyzed, and the server starts executing the original algorithm data packet.
And decrypting the encrypted data block corresponding to each UUID based on the key corresponding to each UUID and the identifier in each encrypted data block to obtain the data to be processed.
In some embodiments, after receiving the key corresponding to the UUID returned by the terminal based on the request information, the method further includes: determining a decryption algorithm for decrypting the encrypted data block according to the identifier for each encrypted data block; decrypting the encrypted data block corresponding to the UUID according to the key corresponding to the UUID and a decryption algorithm to obtain the data block corresponding to the UUID; and obtaining the data to be processed based on the plurality of data blocks.
In order to verify the integrity of each decrypted data block, the integrity of each data block may optionally be verified based on the hash value in each encrypted data block.
In some embodiments, processing the data to be processed according to the raw algorithm package includes: processing the data to be processed by using an original algorithm packet to obtain a mining result; encrypting a mining result; and if the mining result is the final mining result, sending the encrypted final mining result to the terminal.
In particular, in some embodiments, intermediate mining results may be obtained when processing the data to be processed.
Under the condition of obtaining the first intermediate mining result, encrypting the first intermediate mining result by using an output preprocessing module to obtain a second intermediate mining result; and saving the second intermediate mining result.
Further, in some embodiments, the preprocessing module is pre-processed according to the second intermediate mining result and the input in the first algorithm package; decrypting the second intermediate mining result by using the input preprocessing module to obtain a first intermediate mining result; and continuously processing the first intermediate mining result by using the original algorithm packet.
In some embodiments, until the data to be processed is processed to obtain the final mining result, the final mining result is encrypted using the output preprocessing module according to the output preprocessing module in the first algorithm package.
And sending the encrypted final mining result to the terminal.
According to the big data mining method provided by the embodiment of the invention, the whole process of processing the data to be analyzed by the server through the original algorithm package is in an encrypted state by using the input preprocessing module and the output preprocessing module of the encapsulated algorithm package terminal, so that the safety of the data in the iterative analysis process is ensured, and the safety of executing the original algorithm package to process the data is further improved because no non-encrypted data falls to the ground at the cloud end.
For further explanation of the big data mining method provided by the embodiment of the present invention, fig. 4 is a schematic flow diagram of data encryption and processing in the big data mining process provided by the embodiment of the present invention; as a specific embodiment, taking a data mining algorithm as an example, the server executes a data mining algorithm process as shown in fig. 4.
And after receiving the encrypted data block obtained after the blocking and encryption processing, the packaged data mining algorithm packet and the configuration file of the data mining algorithm packet injected into token, the server enters the step of executing the data mining algorithm.
Before executing the data mining algorithm, an input preprocessing module in the packaged data mining algorithm package respectively reads the UUID from each encrypted data block, and determines the encryption algorithm used by the data block encryption through the identification of the encryption algorithm.
And inputting the interceptor in the preprocessing module in the packaged data mining algorithm package, and reading token from the configuration file of the data mining algorithm package.
And generating request information which is sent to the terminal for requesting a decryption key based on the UUID and the token read by the interceptor input into the preprocessing module, wherein the request information comprises the UUID and the token. And the authentication module of the terminal acquires the decryption key corresponding to the UUID based on the token and the UUID and sends the decryption key corresponding to the UUID back to the server.
And the interceptor in the input preprocessing module decrypts the encrypted data blocks according to the UUID and the corresponding UUID key returned by the terminal to obtain each data block.
And obtaining the data to be analyzed based on each data block obtained by decryption.
And the data to be analyzed enters an original data mining algorithm flow.
Further, in the process of executing the original data mining algorithm, after the intermediate mining result or the final mining result is obtained, the interceptor of the output preprocessing module encrypts the intermediate mining result or the final mining result, and then stores the encrypted intermediate mining result or the encrypted final mining result.
After the intermediate mining result is obtained, the interceptor input into the preprocessing module is used again to decrypt the encrypted intermediate mining result, the original data mining algorithm is continuously entered for iterative processing until the data mining algorithm obtains the final mining result, and the data mining algorithm is finished running.
The above embodiments respectively describe a data encryption method applied to a terminal and a data processing method applied to a cloud server.
In order to more clearly understand the scheme of the present application, the whole process from encryption to processing of data is described below.
It should be noted that, in order to implement the technical solution of the present application, an encryption module, an encapsulation module, and an authentication module may be disposed on the terminal. The cloud server can be provided with a storage module and a data processing module.
The whole process from encryption to processing of data is described below with reference to fig. 5.
Fig. 5 is a schematic flow chart of data encryption and processing in another big data mining process according to an embodiment of the present invention. In order to better explain the overall flow of the data encryption and processing method provided by the embodiment of the invention. The data encryption and processing method with reference to fig. 5 specifically includes the following steps:
and S1, according to the submitted data to be analyzed, the encryption module of the terminal encrypts the data to be analyzed. Specifically, the encryption module blocks and encrypts the data to be analyzed, where the data encryption protocol and the encryption process are the steps of data encryption shown in fig. 1 and fig. 2, which are not described herein again.
Wherein the key of each block is stored in the authentication module of the terminal.
And S2, according to the submitted original algorithm package, the packaging module of the terminal packages the original algorithm package to obtain a first algorithm package.
As a specific example, the INPUT (INPUT) and the OUTPUT (OUTPUT) to the original algorithm package may be intercepted by Code Generation Library (CGLIB) technology, so that a data preprocessing operation is added to the original algorithm package before execution, the INPUT data is decrypted, and the OUTPUT data of the original algorithm package is obtained, and then the OUTPUT data is encrypted.
The processing procedure of the OUTPUT (OUTPUT) interceptor is similar to that of the input interceptor, and is not described herein.
As a specific example, the code entered into the interceptor may be as shown in Table 1:
TABLE 1
Figure BDA0002369977520000131
And S3, adding an input preprocessing module and an output preprocessing module to the original algorithm package by the packaging module to obtain a first data package, and uploading the first data package to the data processing module of the server.
And S4, acquiring and submitting the original configuration file, and storing the original configuration file to an authentication module of the terminal.
S5, the authentication module acquires a first configuration file in the configuration file injection token, and uploads the first configuration file to the data processing module of the server.
And S6, before the server starts to execute the original algorithm packet uploaded before, reading the encrypted data in blocks from the storage module of the server, and further returning the encrypted data in blocks by the storage module of the server.
S7, the input preprocessing module in the first number algorithm package requests a KEY (KEY) for decryption from the terminal authentication module according to the encryption protocol, the TOKEN in the first configuration file and the UUID in each encrypted data block.
S8, the terminal authentication module returns the decryption KEY (KEY) according to the request
S9, the input preprocessing module decrypts the encrypted data according to the decryption KEY (KEY) and the algorithm used by the encrypted data block in the encryption protocol, and finally obtains the complete data to be analyzed.
S10, the original algorithm package is executed iteratively.
When the original algorithm packet is executed, the intermediate result is output to an output preprocessing module of the algorithm; if there is no intermediate result, executing S15, and directly returning the final result to the user; if there is an intermediate result, S11 is executed.
S11, if the intermediate result exists, the intermediate result is output to an output preprocessing module of the algorithm;
s12, wherein, the output preprocessing module encrypts the intermediate result again according to the encryption protocol and stores the intermediate result in the storage module of the server;
and S13, the input preprocessing module decrypts the intermediate result obtained from the storage module of the server, and the next iteration of input preprocessing module decrypts the data.
And S14, after the intermediate result is obtained through decryption, continuing to execute the next round of original algorithm packet iteration, and if the intermediate result still exists, continuously repeating the encryption and decryption processes of the intermediate result until S15.
And S15, finally executing the original algorithm to obtain the final result of the analysis, and returning the final result to the user of the terminal after encrypting the final result.
It should be noted that CGLIB is a powerful, high-performance, high-quality library of Code generation classes. It can extend Java classes and implement Java interfaces at run-time. CGLIB is widely used by many frameworks for Aspect Oriented Programming (AOP). The bottom layer of the CGLIB package is an Automatic Storage Management (ASM) that uses a small and fast bytecode processing framework to convert bytecodes and generate new classes.
The principle of the CGLIB is briefly introduced as follows: by generating an agent class type C that inherits type B, this agent class holds a method interceptor (MethodInterceptor) that is passed in when setting the callback function (setCallback). The type C rewrites the methods in all B (the method names are consistent), then in the type C, a method with the name of 'CGLIB' + 'parent method name $' is constructed, the method is called as the CGLIB method below, all non-private (private) methods are constructed, only one sentence in the CGLIB method body is used for the method name (), one reference to the parent method can be simply considered to be kept, and calling is convenient.
At this time, the type C has a rewriting method, a CGLIB method, and a parent method, wherein the parent method is invisible, and a uniform interception method, i.e., an enhancement method (interrupt). The rewriting method and the CGLIB method have a mapping relation. According to LSP principle, the rewriting method of type C is the entry called by external, it calls the enhanced method (interrupt) method of the method interceptor (MethodInterpreter), will transmit four parameters while calling, the first parameter is passed through this, represent the proxy class itself, the second parameter marks the method intercepted, the third parameter is the entry parameter, the fourth parameter is CGLIB method, after finishing enhancing with the interrupt method, call CGLIB method to call the father method indirectly and finish the call of the whole method chain.
The non-invasive local encryption and cloud decryption method realized by the dynamic proxy technology provided by the embodiment of the invention comprises the processing logic of the terminal and the server, and is a complete and feasible scheme for mining big data. The embodiment of the invention adopts a non-invasive scheme, does not need to modify and develop the existing algorithm code, and improves the convenience. According to the method for the data block encryption, the dynamic key generation and the intermediate data encryption storage, no non-encrypted data fall to the ground at the cloud end, and the safety of data mining at the cloud end is improved. The cost advantage that the server is fully used for cloud computing can be achieved while data security is guaranteed.
The above is a specific implementation manner of the data encryption method and the data processing method provided by the embodiment of the present invention.
Based on the data encryption method, the embodiment of the application also provides a specific implementation mode of the data encryption device.
Fig. 6 is a schematic diagram of a big data mining apparatus according to an embodiment of the present invention, and fig. 7 is a schematic diagram of another big data mining apparatus according to an embodiment of the present invention.
As shown in fig. 6, the big data mining apparatus may mainly include: a first obtaining module 601, an encrypting module 602, and a first sending module 603.
The first obtaining module 601 is configured to obtain data to be processed, an original algorithm package, and an original configuration file.
The encryption module 602 is configured to perform block processing on data to be processed, and obtain multiple encrypted data blocks according to an encryption protocol.
Wherein encrypting the data block comprises: the method comprises the steps of encrypting the length of a data block, a universal unique identification code UUID, an algorithm identification corresponding to an encryption algorithm, the encrypted data block and a check code.
In some embodiments, the encryption module 602 may be specifically configured to perform block processing on data to be processed to obtain a plurality of data blocks; for each data block, encrypting the data block by using a preset encryption algorithm to obtain an encrypted data block of the data block; the encrypted data block comprises an algorithm identifier corresponding to a preset encryption algorithm.
In some embodiments, the data encryption apparatus may further include a first storage module for storing the UUID of each encrypted data chunk and a key corresponding to the UUID.
In some embodiments, the data encryption apparatus may further include an encapsulation module, configured to add the input preprocessing module and the output preprocessing module to the original algorithm packet to obtain the first algorithm packet.
The first sending module 603 is configured to send the encrypted data block, the first algorithm package, and the first configuration file to the server, so that the server obtains to-be-processed data according to the UUID and the token, and executes the original algorithm package to obtain a final mining result, where the first algorithm package is obtained by encapsulating the original algorithm data package, and the first configuration file is obtained by injecting the original configuration file into the token.
In some embodiments, the first obtaining module 601 further includes a receiving submodule, where the receiving submodule is configured to receive request information sent by a server; the request information comprises a UUID and a token; acquiring a key corresponding to the UUID based on the UUID and the token;
the first obtaining module 601 further includes a sending submodule, configured to send the key to the server.
In order to better explain the data encryption device provided by the embodiment of the present invention, another big data mining schematic diagram shown in fig. 7 is combined, as shown in fig. 7.
In some specific embodiments, the encryption module may include a data blocking submodule, and the data blocking submodule is configured to block the original to-be-processed data to obtain a plurality of data blocks.
In some embodiments, the encryption module may include a data encryption sub-module, and the data encryption sub-module is configured to encrypt the data block according to an encryption protocol to obtain an encrypted data block.
In some embodiments, the terminal may further include an encapsulation module for encapsulating the raw algorithm package to include an input pre-processing module and an output pre-processing module.
In some embodiments, the terminal may further include an authentication module, which may include at least a data configuration sub-module, and the data configuration sub-module is configured to inject a temporary token in the original configuration file to obtain the first configuration file.
It is to be understood that the data encryption device according to the embodiment of the present invention may correspond to an execution main body of the data encryption method according to the embodiment of the present invention, and specific details of operations and/or functions of each module/unit of the data encryption device may refer to the descriptions of the corresponding parts in the data encryption method according to the embodiment of the present invention, which are not described herein again for brevity.
Based on the specific implementation mode of the other big data mining method provided by the embodiment of the invention, the embodiment of the invention also provides a specific implementation mode of the other big data mining device.
Fig. 8 is a schematic diagram of another big data mining apparatus according to an embodiment of the present invention. As shown in fig. 8, the big data mining apparatus may mainly include: a first receiving module 801, a second sending module 802, a second receiving module 805, and a data processing module 804.
The first receiving module 801 is configured to receive a plurality of encrypted data blocks, a first algorithm packet, and a first configuration file sent by a terminal;
a second sending module 802, configured to send request information to the terminal, where the request information includes a UUID of each encrypted data block and a temporary token in the first configuration file, and the UUID and the token are used for the terminal to obtain a key corresponding to the UUID based on the UUID and the token;
a second receiving module 803, configured to receive a key corresponding to the UUID returned by the terminal based on the request information;
and the data processing module 804 is configured to process the to-be-processed data according to the original algorithm packet in the first algorithm packet, and obtain a final mining result, where the to-be-processed data is obtained based on the key of each corresponding UUID and the algorithm identifier in each encrypted data block.
The data processing module 804 may further include a data obtaining sub-module, where the data obtaining sub-module is configured to determine, for each encrypted data block, a decryption algorithm for decrypting the encrypted data block according to the algorithm identifier; decrypting the encrypted data block corresponding to the UUID according to the key corresponding to the UUID and a decryption algorithm to obtain the data block corresponding to the UUID; and obtaining the data to be processed based on the plurality of data blocks.
In some embodiments, the data processing module 804 is further specifically configured to process the data to be processed by using the original algorithm package to obtain a mining result; encrypting a mining result; and if the mining result is the final mining result, sending the encrypted final mining result to the terminal.
In some embodiments, the data processing module 804 is further specifically configured to, when the data to be processed is processed to obtain a first intermediate mining result, encrypt the first intermediate mining result using the output preprocessing module to obtain a second intermediate mining result; and saving the second intermediate mining result.
Further, in some embodiments, the data processing module 807 is further specifically configured to: an input preprocessing module according to the second intermediate mining result and the first algorithm packet; decrypting the second intermediate mining result by using the input preprocessing module to obtain a first intermediate mining result; continuing to process the first intermediate mining result by using the original algorithm package until a final mining result is generated,
the non-invasive local encryption and cloud decryption method realized by the dynamic proxy technology provided by the embodiment of the invention adopts a non-invasive scheme, does not need to modify and develop the existing algorithm code, and improves the convenience. According to the method for the data block encryption, the dynamic key generation and the intermediate data encryption storage, no non-encrypted data fall to the ground at the cloud end, and the safety of data mining at the cloud end is improved. The cost advantage that the server is fully used for cloud computing can be achieved while data security is guaranteed.
It can be understood that another big data mining device according to the embodiment of the present invention may correspond to an execution main body of another big data mining method according to the embodiment of the present invention, and specific details of operations and/or functions of each module/unit of another big data mining device may refer to the description of the corresponding part in the data processing method according to the embodiment of the present invention, and are not described herein again for brevity.
Based on the specific implementation manner of the big data mining method provided by the embodiment of the invention, the embodiment of the invention also provides a specific implementation manner of big data mining equipment.
Fig. 9 is a schematic hardware structure diagram of a large data mining device according to an embodiment of the present invention.
As shown in fig. 9, the big data mining apparatus 900 in the present embodiment includes an input apparatus 901, an input interface 902, a central processor 903, a memory 904, an output interface 905, and an output apparatus 906. The input interface 902, the central processing unit 903, the memory 904 and the output interface 905 are connected to each other through a bus 910, and the input device 901 and the output device 906 are connected to the bus 910 through the input interface 902 and the output interface 905, respectively, and further connected to other components of the big data mining device 900.
Specifically, the input device 901 receives input information from the outside, and transmits the input information to the central processor 903 through the input interface 902; central processor 903 processes input information based on computer-executable instructions stored in memory 904 to generate output information, stores the output information temporarily or permanently in memory 904, and then transmits the output information to output device 906 via output interface 905; the output device 906 outputs the output information to the outside of the big data mining device 900 for use by the user.
That is, the big data mining apparatus shown in fig. 9 may also be implemented to include: a memory storing computer-executable instructions; and a processor that, when executing computer executable instructions, may implement the big data mining method and apparatus described in connection with the embodiments of the present invention or another big data mining method and apparatus described in the embodiments of the present invention.
In one embodiment, the big data mining device 900 shown in FIG. 9 includes: a memory 904 for storing programs; and the central processing unit 903 is used for running a program stored in the memory to execute the big data mining method provided by the embodiment of the invention.
An embodiment of the present invention further provides a computer-readable storage medium, where the computer-readable storage medium has computer program instructions stored thereon; the computer program instructions, when executed by a processor, implement the big data mining method provided by embodiments of the present invention.
It is to be understood that the invention is not limited to the specific arrangements and instrumentality described above and shown in the drawings. A detailed description of known methods is omitted herein for the sake of brevity. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications and additions or change the order between the steps after comprehending the spirit of the present invention.
The functional blocks shown in the above-described structural block diagrams may be implemented as hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, plug-in, function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine-readable medium or transmitted by a data signal carried in a carrier wave over a transmission medium or a communication link. A "machine-readable medium" may include any medium that can store or transfer information. Examples of a machine-readable medium include electronic circuits, semiconductor memory devices, ROM, flash memory, Erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, Radio Frequency (RF) links, and so forth. The code segments may be downloaded via computer networks such as the internet, intranet, etc.
It should also be noted that the exemplary embodiments mentioned in this patent describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be performed in an order different from the order in the embodiments, or may be performed simultaneously.
As described above, only the specific embodiments of the present invention are provided, and it can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the system, the module and the unit described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again. It should be understood that the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present invention, and these modifications or substitutions should be covered within the scope of the present invention.

Claims (13)

1. A big data mining method is applied to a terminal and is characterized by comprising the following steps:
acquiring data to be processed, an original algorithm package and an original configuration file;
carrying out block encryption processing on the data to be processed to obtain a plurality of encrypted data blocks;
and sending the encrypted data block, a first algorithm package and a first configuration file to a server so that the server obtains data to be processed according to a universal unique identification code (UUID) and a temporary token, and executing the original algorithm package to obtain a final mining result, wherein the first algorithm package is obtained according to the original algorithm data package, and the first configuration file is obtained by injecting the original configuration file into the token.
2. The method of claim 1, wherein after obtaining the original algorithm package, the method further comprises:
and adding an input preprocessing module and an output preprocessing module to the original algorithm packet to obtain the first algorithm packet.
3. The method of claim 1, wherein after sending the encrypted data block, the first algorithm package, and the first configuration file to the server, the method further comprises:
receiving request information sent by a server, wherein the request information comprises the UUID and the token;
acquiring a key corresponding to the UUID based on the UUID and the token;
sending the key to the server.
4. The method of claim 1, wherein after the obtaining the plurality of encrypted data blocks, the method further comprises: and storing the UUID of each encrypted data block and a key corresponding to the UUID.
5. The method of claim 1, wherein encrypting the block of data comprises: the length of the encrypted data block, the UUID, the algorithm identification corresponding to the encryption algorithm, the encrypted data block and the check code.
6. The method according to claim 1, wherein the block-wise encrypting the data to be processed to obtain a plurality of encrypted data blocks comprises:
carrying out block processing on the data to be processed to obtain a plurality of data blocks;
for each data block, encrypting the data block by using a preset encryption algorithm to obtain an encrypted data block of the data block;
and the encrypted data block comprises an algorithm identifier corresponding to the preset encryption algorithm.
7. A big data mining method is applied to a server and is characterized by comprising the following steps:
receiving a plurality of encrypted data blocks, a first algorithm packet and a first configuration file sent by a terminal;
sending request information to the terminal, wherein the request information comprises a universal unique identification code (UUID) of each encrypted data block and a temporary token in the first configuration file, and the UUID and the token are used for the terminal to obtain a key corresponding to the UUID based on the UUID and the token;
receiving a key corresponding to the UUID returned by the terminal based on the request information;
and processing the data to be processed according to the original algorithm packet in the first algorithm packet to obtain a final mining result, wherein the data to be processed is obtained based on each key corresponding to the UUID and the algorithm identifier in each encrypted data block.
8. The method according to claim 7, wherein after receiving the key corresponding to the UUID returned by the terminal based on the request information, the method further comprises:
for each encrypted data block, determining a decryption algorithm for decrypting the encrypted data block according to the algorithm identification;
decrypting the encrypted data block corresponding to the UUID according to the key corresponding to the UUID and the decryption algorithm to obtain a data block corresponding to the UUID;
and obtaining the data to be processed based on the plurality of data blocks.
9. The method according to claim 7, wherein the processing the data to be processed according to the original algorithm package in the first algorithm package to obtain the final mining result comprises:
processing the data to be processed by using the original algorithm packet to obtain a mining result;
encrypting the mining result;
and if the mining result is the final mining result, sending the encrypted final mining result to the terminal.
10. A big data mining apparatus, the apparatus comprising:
the first acquisition module is used for acquiring data to be processed, an original algorithm package and an original configuration file;
the encryption module is used for carrying out block encryption processing on the data to be processed to obtain a plurality of encrypted data blocks;
the first sending module is used for sending the encrypted data block, the first algorithm package and the first configuration file to a server so that the server can obtain data to be processed according to a universal unique identification code UUID and a temporary token, execute the original algorithm package and obtain a final mining result, wherein the first algorithm package is obtained by packaging the original algorithm data package, and the first configuration file is obtained by injecting the original configuration file into the token.
11. A big data mining apparatus, the apparatus comprising:
the first receiving module is used for receiving a plurality of encrypted data blocks, a first algorithm packet and a first configuration file which are sent by a terminal;
the second sending module is used for sending request information to the terminal, wherein the request information comprises a universal unique identification code (UUID) of each encrypted data block and a temporary token in the first configuration file, and the UUID and the token are used for the terminal to obtain a key corresponding to the UUID based on the UUID and the token;
the second receiving module is used for receiving a key corresponding to the UUID returned by the terminal based on the request information;
and the data processing module is used for processing the data to be processed according to the original algorithm packet in the first algorithm packet to obtain a final mining result, wherein the data to be processed is obtained based on each key corresponding to the UUID and the algorithm identifier in each encrypted data block.
12. A big data mining device, the device comprising: a processor and a memory storing computer program instructions;
the processor, when executing the computer program instructions, implements big data mining as claimed in any of claims 1-6 or a big data mining method as claimed in any of claims 7-9.
13. A computer-readable storage medium having stored thereon computer program instructions which, when executed by a processor, implement the big data mining method of any of claims 1-6 or the big data mining method of any of claims 7-9.
CN202010047592.8A 2020-01-16 2020-01-16 Big data mining method, device, equipment and storage medium Active CN113141329B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010047592.8A CN113141329B (en) 2020-01-16 2020-01-16 Big data mining method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010047592.8A CN113141329B (en) 2020-01-16 2020-01-16 Big data mining method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN113141329A true CN113141329A (en) 2021-07-20
CN113141329B CN113141329B (en) 2023-04-18

Family

ID=76808257

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010047592.8A Active CN113141329B (en) 2020-01-16 2020-01-16 Big data mining method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113141329B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115859339A (en) * 2023-02-08 2023-03-28 支付宝(杭州)信息技术有限公司 Method, device, medium and equipment for encrypting and decrypting cloud storage data

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020002468A1 (en) * 1998-08-13 2002-01-03 International Business Machines Corporation Method and system for securing local database file of local content stored on end-user system
WO2008125038A1 (en) * 2007-04-11 2008-10-23 Tencent Technology (Shenzhen) Company Limited Method, system and server for transmitting advertisement based on user feature
US20130246339A1 (en) * 2011-09-13 2013-09-19 Kenny Richard Kendrena Systems and methods for categorizing and presenting performance assessment data
CN104601681A (en) * 2014-12-31 2015-05-06 乐视网信息技术(北京)股份有限公司 File fragmentation processing method and device
CN104731878A (en) * 2015-03-09 2015-06-24 郑州航空工业管理学院 Data mining system and method based on cloud computation
WO2017030517A1 (en) * 2015-08-18 2017-02-23 Idea Teknoloji Cozumleri Bilgisayar Sanayi Ve Ticaret Anonim Sirketi Safe e-document synchronisation, analysis and management system
CN106657142A (en) * 2017-01-19 2017-05-10 深圳市金立通信设备有限公司 Data transmission method and terminal and system
WO2017093990A1 (en) * 2015-12-03 2017-06-08 Orca Interactive Ltd A method and system for securing a client's access to a drm agent's services for a video player
CN106992872A (en) * 2016-01-21 2017-07-28 中国移动通信集团公司 A kind of method and system of information processing
WO2017202025A1 (en) * 2016-05-24 2017-11-30 中兴通讯股份有限公司 Terminal file encryption method, terminal file decryption method, and terminal
CN107733904A (en) * 2017-10-24 2018-02-23 郑州云海信息技术有限公司 A kind of method, apparatus and platform of virtual-machine data encryption and decryption
CN108022654A (en) * 2017-12-20 2018-05-11 深圳先进技术研究院 A kind of association rule mining method based on secret protection, system and electronic equipment
CN108900493A (en) * 2018-06-22 2018-11-27 西安电子科技大学 A kind of secret protection Mining Frequent Itemsets towards megastore's transaction record
CN109948347A (en) * 2017-12-21 2019-06-28 中移(杭州)信息技术有限公司 A kind of date storage method and device, server and readable storage medium storing program for executing

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020002468A1 (en) * 1998-08-13 2002-01-03 International Business Machines Corporation Method and system for securing local database file of local content stored on end-user system
WO2008125038A1 (en) * 2007-04-11 2008-10-23 Tencent Technology (Shenzhen) Company Limited Method, system and server for transmitting advertisement based on user feature
US20130246339A1 (en) * 2011-09-13 2013-09-19 Kenny Richard Kendrena Systems and methods for categorizing and presenting performance assessment data
CN104601681A (en) * 2014-12-31 2015-05-06 乐视网信息技术(北京)股份有限公司 File fragmentation processing method and device
CN104731878A (en) * 2015-03-09 2015-06-24 郑州航空工业管理学院 Data mining system and method based on cloud computation
WO2017030517A1 (en) * 2015-08-18 2017-02-23 Idea Teknoloji Cozumleri Bilgisayar Sanayi Ve Ticaret Anonim Sirketi Safe e-document synchronisation, analysis and management system
WO2017093990A1 (en) * 2015-12-03 2017-06-08 Orca Interactive Ltd A method and system for securing a client's access to a drm agent's services for a video player
CN106992872A (en) * 2016-01-21 2017-07-28 中国移动通信集团公司 A kind of method and system of information processing
WO2017202025A1 (en) * 2016-05-24 2017-11-30 中兴通讯股份有限公司 Terminal file encryption method, terminal file decryption method, and terminal
CN106657142A (en) * 2017-01-19 2017-05-10 深圳市金立通信设备有限公司 Data transmission method and terminal and system
CN107733904A (en) * 2017-10-24 2018-02-23 郑州云海信息技术有限公司 A kind of method, apparatus and platform of virtual-machine data encryption and decryption
CN108022654A (en) * 2017-12-20 2018-05-11 深圳先进技术研究院 A kind of association rule mining method based on secret protection, system and electronic equipment
CN109948347A (en) * 2017-12-21 2019-06-28 中移(杭州)信息技术有限公司 A kind of date storage method and device, server and readable storage medium storing program for executing
CN108900493A (en) * 2018-06-22 2018-11-27 西安电子科技大学 A kind of secret protection Mining Frequent Itemsets towards megastore's transaction record

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
吕品等: "信息安全在数据挖掘中的应用", 《微机发展》 *
张宏磊等: "一种基于分块混淆的动态数据隐私保护机制", 《计算机研究与发展》 *
李欣: "开放式空间数据挖掘集成系统的设计与实现", 《测绘与空间地理信息》 *
梁业裕等: "基于数据挖掘的网络安全审计技术研究", 《广西通信技术》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115859339A (en) * 2023-02-08 2023-03-28 支付宝(杭州)信息技术有限公司 Method, device, medium and equipment for encrypting and decrypting cloud storage data
CN115859339B (en) * 2023-02-08 2023-05-02 支付宝(杭州)信息技术有限公司 Encryption and decryption method, device, medium and equipment for cloud storage data

Also Published As

Publication number Publication date
CN113141329B (en) 2023-04-18

Similar Documents

Publication Publication Date Title
CN109933995B (en) User sensitive data protection and system based on cloud service and block chain
EP3387813B1 (en) Mobile device having trusted execution environment
US11947681B2 (en) Cryptographic secret generation and provisioning
US20220114249A1 (en) Systems and methods for secure and fast machine learning inference in a trusted execution environment
TWI420339B (en) Software authorization system and method
WO2016015141A1 (en) System and method for cryptographic suite management
RU2740298C2 (en) Protection of usage of key store content
CN109992987B (en) Script file protection method and device based on Nginx and terminal equipment
US20140059341A1 (en) Creating and accessing encrypted web based content in hybrid applications
CN112469036A (en) Message encryption and decryption method and device, mobile terminal and storage medium
CN111737718A (en) Encryption and decryption method and device for jar packet, terminal equipment and storage medium
CN115442032A (en) Data processing method, system on chip and readable storage medium
US20190354697A1 (en) System and method for securing data in a storage medium
CN106911628A (en) A kind of user registers the method and device of application software on the client
CN113141329B (en) Big data mining method, device, equipment and storage medium
CN112115430A (en) Apk reinforcement method, electronic equipment and storage medium
CN109995774B (en) Key authentication method, system, device and storage medium based on partial decryption
US11748521B2 (en) Privacy-enhanced computation via sequestered encryption
US11232219B1 (en) Protection of electronic designs
CN114788221A (en) Wrapping key with access control predicates
CN111460464A (en) Data encryption and decryption method and device, electronic equipment and computer storage medium
CN117375804B (en) Key derivation method, related equipment and storage medium
US12105855B2 (en) Privacy-enhanced computation via sequestered encryption
CN115277259B (en) Method for supporting large-scale cross-platform migration of persistent data through privacy calculation
CN110780884B (en) Information processing method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant