CN113301035A - Method and system for transmitting data between untrusted objects - Google Patents
Method and system for transmitting data between untrusted objects Download PDFInfo
- Publication number
- CN113301035A CN113301035A CN202110540222.2A CN202110540222A CN113301035A CN 113301035 A CN113301035 A CN 113301035A CN 202110540222 A CN202110540222 A CN 202110540222A CN 113301035 A CN113301035 A CN 113301035A
- Authority
- CN
- China
- Prior art keywords
- equipment
- analysis
- data
- supplier
- number information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000004458 analytical method Methods 0.000 claims abstract description 120
- 238000004806 packaging method and process Methods 0.000 claims description 8
- 230000005540 biological transmission Effects 0.000 claims description 7
- 238000006243 chemical reaction Methods 0.000 claims description 3
- 230000008569 process Effects 0.000 claims description 3
- 238000007789 sealing Methods 0.000 claims description 2
- 238000004519 manufacturing process Methods 0.000 description 12
- 238000013523 data management Methods 0.000 description 7
- 238000007726 management method Methods 0.000 description 4
- 238000003745 diagnosis Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/903—Querying
- G06F16/90335—Query processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/04—Forecasting or optimisation specially adapted for administrative or management purposes, e.g. linear programming or "cutting stock problem"
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/04—Manufacturing
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y10/00—Economic sectors
- G16Y10/25—Manufacturing
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y20/00—Information sensed or collected by the things
- G16Y20/20—Information sensed or collected by the things relating to the thing itself
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y40/00—IoT characterised by the purpose of the information processing
- G16Y40/20—Analytics; Diagnosis
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y40/00—IoT characterised by the purpose of the information processing
- G16Y40/50—Safety; Security of things, users, data or systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computing Systems (AREA)
- Economics (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Human Resources & Organizations (AREA)
- General Business, Economics & Management (AREA)
- Manufacturing & Machinery (AREA)
- Marketing (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Tourism & Hospitality (AREA)
- Databases & Information Systems (AREA)
- Development Economics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Engineering & Computer Science (AREA)
- Game Theory and Decision Science (AREA)
- Accounting & Taxation (AREA)
- Quality & Reliability (AREA)
- Biomedical Technology (AREA)
- Operations Research (AREA)
- Computational Linguistics (AREA)
- Entrepreneurship & Innovation (AREA)
- Data Mining & Analysis (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Primary Health Care (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides a method and a system for transmitting data between untrusted objects, wherein the method comprises the following steps: the analysis demander obtains a specified number of equipment parameters, wherein the equipment parameters comprise: equipment operation data and equipment number information; the supplier generates encryption parameters and outputs the encryption parameters to the demand analysis party; the analysis demand side encrypts the equipment number information according to the encryption parameters, outputs the encrypted data to the supplier, and matches the equipment analysis model data after decryption; the matched equipment analysis model data are encrypted and packaged and then output to an analysis demander, and the analysis demander unpacks the equipment analysis model data, analyzes the equipment operation data and obtains an analysis result; the invention can effectively ensure the information security of both sides and protect the undisclosed data.
Description
Technical Field
The invention relates to the field of industrial data processing, in particular to a method and a system for transmitting data between untrusted objects.
Background
The digital machine tool is more important to modern factories, corresponding machine tool health prediction and fault diagnosis are also highlighted by production enterprises, and meanwhile, third-party professional companies capable of providing prediction diagnosis calculation models of different types of machine tools are promoted. The manufacturing enterprise must purchase an analysis model suitable for the machine tool mechanism model of the manufacturing enterprise in a professional company model library, but because information leakage is concerned, the manufacturing enterprise is not only unwilling to provide the machine tool operation data for the analysis company, but also selects the model of the machine tool equipment to be confidential. Professional companies also want to sell only a few models that the manufacturing enterprise spends money to purchase, without exposing the others in the model library. How to realize specific data sharing becomes a problem which needs to be solved urgently at present.
Disclosure of Invention
In view of the problems in the prior art, the invention provides a method and a system for transmitting data between untrusted objects, and mainly solves the problem of poor security of unauthorized information in the information interaction process of the untrusted objects.
In order to achieve the above and other objects, the present invention adopts the following technical solutions.
A method for data transmission between untrusted objects comprises the following steps:
the analysis demander obtains a specified number of equipment parameters, wherein the equipment parameters comprise: equipment operation data and equipment number information;
the supplier generates encryption parameters and outputs the encryption parameters to the demand analysis party;
the analysis demand side encrypts the equipment number information according to the encryption parameters, outputs the encrypted data to the supplier, and matches the equipment analysis model data after decryption;
and after encrypting and packaging the matched equipment analysis model data, outputting the data to an analysis demand side, unsealing the equipment analysis model data by the analysis demand side, analyzing the equipment operation data, and obtaining an analysis result.
Optionally, before the analyzing the demander obtains the specified number of device parameters, the method further includes:
constructing a local area network, wherein the local area network comprises a server end and equipment ends connected with the server end;
the server side selects a specified number of equipment sides from the equipment sides contained in the local area network periodically as the equipment to be analyzed, and obtains the equipment parameters of the equipment to be analyzed.
Optionally, the encryption parameters include: the system comprises a public key, a private key and random numbers, wherein the number of the random numbers is equal to the number of supplier analysis models;
the supplier outputs the public key and the random number to the analysis demander.
Optionally, the analyzing demand side encrypts the device number information according to the encryption parameter, and outputs the encrypted data to the supplier, and matches the device analysis model data after decryption, including:
the analysis demander generates a hash value corresponding to each piece of equipment serial number information according to the acquired equipment serial number information;
after each hash value is encrypted through a public key, a group of random numbers acquired from a supplier are added to obtain encrypted data, wherein each group of random numbers are not reused;
and the supplier decrypts the encrypted data through a private key to obtain equipment number information, and matches and analyzes the model data according to the hash value corresponding to the equipment number information.
Optionally, the encrypted data decryption process includes:
and the supplier verifies the encrypted data through the generated random number, if the random number in the encrypted data is matched with the random number generated by the supplier, the hash value corresponding to the equipment number information is obtained through private key decryption after the corresponding random number is subtracted from the encrypted data.
Optionally, matching analysis model data according to the device number information includes:
constructing an analysis model database;
and acquiring corresponding analysis model data from the analysis model database according to the hash value corresponding to the equipment number.
Optionally, after encrypting and encapsulating the matched device analysis model data, outputting the data to an analysis demander, and unsealing the device analysis model data by the analysis demander:
appointing a sealing protection function of a supplier and analyzing a unsealing protection function of a demand side in advance;
and the supplier packages the analysis model data through the packaging protection function and then outputs the data to the analysis demand side, and further obtains the corresponding analysis model data through the unsealing protection function.
An untrusted inter-object data transfer system, comprising:
the equipment parameter acquisition module is used for analyzing the equipment parameters of the required party and acquiring the specified quantity, wherein the equipment parameters comprise: equipment operation data and equipment number information;
the encryption parameter generation module is used for generating encryption parameters by a supplier and outputting the encryption parameters to a demand analysis party;
the encryption matching module is used for encrypting the equipment number information according to the encryption parameters by the analysis demand party, outputting the encrypted data to the supply party, and matching the equipment analysis model data after decryption;
and the model acquisition and analysis module is used for encrypting and packaging the matched equipment analysis model data and outputting the data to an analysis demand side, and the analysis demand side unseals the equipment analysis model data, analyzes the equipment operation data and acquires an analysis result.
Optionally, the encryption parameters include: the system comprises a public key, a private key and random numbers, wherein the number of the random numbers is equal to the number of supplier analysis models;
the supplier outputs the public key and the random number to the analysis demander.
Optionally, the model obtaining and analyzing module includes:
the Hash conversion unit is used for analyzing the equipment number information acquired by the demander and generating a Hash value corresponding to each equipment number information;
the encryption unit is used for encrypting each hash value through a public key and then adding a group of random numbers acquired from a supplier to obtain encrypted data, wherein each group of random numbers are not reused;
and the decryption unit is used for decrypting the encrypted data through a private key by a supplier to obtain equipment number information and matching and analyzing model data according to the hash value corresponding to the equipment number information.
As described above, the method and system for transmitting data between untrusted objects of the present invention have the following advantages.
Meanwhile, the problem that equipment information of an analysis demand party is not required to be published and an unsold analysis model of a professional company is not used for free is solved, and the cooperation win-win situation on the premise of mutual trust is solved.
Drawings
Fig. 1 is a flowchart illustrating a method for transmitting data between untrusted objects according to an embodiment of the present invention.
Detailed Description
The embodiments of the present invention are described below with reference to specific embodiments, and other advantages and effects of the present invention will be easily understood by those skilled in the art from the disclosure of the present specification. The invention is capable of other and different embodiments and of being practiced or of being carried out in various ways, and its several details are capable of modification in various respects, all without departing from the spirit and scope of the present invention. It is to be noted that the features in the following embodiments and examples may be combined with each other without conflict.
It should be noted that the drawings provided in the following embodiments are only for illustrating the basic idea of the present invention, and the components related to the present invention are only shown in the drawings rather than drawn according to the number, shape and size of the components in actual implementation, and the type, quantity and proportion of the components in actual implementation may be changed freely, and the layout of the components may be more complicated.
Referring to FIG. 1, the present invention provides a method for data transmission between untrusted objects, including steps S01-S04.
In step S01, the analysis demander obtains a specified number of device parameters, including: device operating data and device number information.
In an embodiment, before the analysis demander obtains the specified number of device parameters, the method further includes: constructing a local area network, wherein the local area network comprises a server end and equipment ends connected with the server end; the server side selects a specified number of equipment sides from the equipment sides contained in the local area network periodically as the equipment to be analyzed, and obtains the equipment parameters of the equipment to be analyzed. Specifically, the analysis demander is an equipment manufacturing enterprise, the equipment manufacturing enterprise can be provided with an equipment data management server, all equipment of the enterprise is connected with the equipment data management server, and a local area network of the whole enterprise is sequentially constructed. The equipment production enterprise can appoint one or more equipment to be analyzed through the equipment data management server, and can also set the equipment data management server to periodically and automatically select appointed number of equipment from the equipment to be analyzed as the equipment to be analyzed, and further acquire information such as equipment numbers and operation parameters of the equipment to be analyzed and store the information in the equipment data management server. In another embodiment, the devices to be analyzed acquired by the device data management server refer to different types of devices to be analyzed, and a plurality of devices to be analyzed in the same type are classified into one type. Specifying the number of devices to be analyzed refers to the number of categories of devices to be analyzed.
In step S02, the supplier generates encryption parameters and outputs them to the demand analyzer.
In one embodiment, after the analysis demander determines the number of devices that need to be analyzed, request information may be generated and output to the supplier.
In one embodiment, the supplier may set up an analytical model database in which all the analytical models that the supplier has to sell or not release are stored.
Alternatively, the encryption parameters may include a public key, a private key, and a random number. The number of random numbers is equal to the number of supplier analysis models.
After generating the encryption parameters, the supplier may output the public key and the random number to the analysis demander.
In step S03, the analysis demander encrypts the device number information based on the encryption parameter, and outputs the encrypted data to the supplier, and matches the device analysis model data after decryption.
In an embodiment, the analysis demander may generate a corresponding device number hash value according to the obtained device number information, and further construct a hash value list of the device to be analyzed. Further, each hash value in the hash value list is encrypted by the public key of the supplier. After each hash value is encrypted through a public key, a group of random numbers acquired from a supplier are added to obtain encrypted data, wherein each group of random numbers are not reused;
and the supplier decrypts the encrypted data through a private key to obtain equipment number information, and matches and analyzes the model data according to the equipment number information.
In an embodiment, the supplier verifies the encrypted data through the generated random number, and if the random number in the encrypted data is matched with the random number generated by the supplier, the hash value corresponding to the device number is obtained through decryption of a private key after the corresponding random number is subtracted from the encrypted data. And determining the analysis model category information corresponding to the equipment number through the Hash value.
Exemplarily, it is assumed that the device Data management server periodically selects N devices to be analyzed, extracts N device numbers DevID and operation parameter Data, and holds the N Data;
the supplier generates a public key Keypub, a private key Keypri and n random numbers g0 and g1 … … gn, wherein the number of n is consistent with the number of models in the analysis model database; representing the number of each model.
The supplier sends the public key Keypub and the random numbers g0 and g1 … … gn to the equipment management server of the production enterprise; the equipment management server sequentially takes out an equipment number DevIDi from the N data, calculates a hash function value, encrypts the hash function value by using a public key Keypub, and finally sequentially adds a random number gi, wherein the random number is not repeatedly used, namely the random numbers added each time are different, and the random numbers are used for sending [ key i, value ei ] to a supplier one by one:
ei=EncryptKeypub(Hash(DevIDi))+gi
the supplier computes si, si ═ ei-gi, and decrypts si:
si=DecryptKeypri(si);
in step S04, the matched device analysis model data is encrypted and encapsulated, and then output to the analysis demander, which decapsulates the device analysis model data, analyzes the device operation data, and obtains an analysis result.
In one embodiment, an encapsulation protection function of a supplier is agreed in advance, and a decapsulation protection function of a demand side is analyzed; and the supplier packages the analysis model data by the packaging protection function and then outputs the data to the analysis demand side, and further obtains the corresponding analysis model data by the decapsulating protection function. Specifically, the supplier encapsulates each model data M, Mi ═ Mi ≧ si in the library by using an agreed protection function, and sends [ key ═ i, value ═ Mi ] to the device management server of the manufacturing enterprise one by one; the equipment management server decapsulates the model data Mi ═ Mi ≦ si using the same agreed function, and performs failure analysis using Mi and Datai.
The present embodiment further provides an untrusted inter-object data transmission system, configured to execute the untrusted inter-object data transmission method in the foregoing method embodiments. Since the technical principle of the system embodiment is similar to that of the method embodiment, repeated description of the same technical details is omitted.
In one embodiment, an untrusted inter-object data transfer system, comprises:
the equipment parameter acquisition module is used for analyzing the equipment parameters of the required party and acquiring the specified quantity, wherein the equipment parameters comprise: equipment operation data and equipment number information;
the encryption parameter generation module is used for generating encryption parameters by a supplier and outputting the encryption parameters to a demand analysis party;
the encryption matching module is used for encrypting the equipment number information according to the encryption parameters by the analysis demand party, outputting the encrypted data to the supply party, and matching the equipment analysis model data after decryption;
and the model acquisition and analysis module is used for encrypting and packaging the matched equipment analysis model data and outputting the data to an analysis demand side, and the analysis demand side unseals the equipment analysis model data, analyzes the equipment operation data and acquires an analysis result.
In one embodiment, the encryption parameters include: the system comprises a public key, a private key and random numbers, wherein the number of the random numbers is equal to the number of supplier analysis models;
the supplier outputs the public key and the random number to the analysis demander.
In one embodiment, the model acquisition and analysis module includes:
the Hash conversion unit is used for analyzing the equipment number information acquired by the demander and generating a Hash value corresponding to each equipment number information;
the encryption unit is used for encrypting each hash value through a public key and then adding a group of random numbers acquired from a supplier to obtain encrypted data, wherein each group of random numbers are not reused;
and the decryption unit is used for decrypting the encrypted data through a private key by a supplier to obtain equipment number information and matching and analyzing model data according to the hash value corresponding to the equipment number information.
In summary, according to the method and system for transmitting data between untrusted objects, the production enterprise side performs confusion by introducing hash values of equipment numbers, and hides the intention of selecting a specific analysis model; the analysis company packages the protection function by introducing the result of private key decryption, only the model data corresponding to the production enterprise option can be normally decrypted, and the other model data can be decrypted into meaningless random numbers, so that the unsold analysis model is protected. Therefore, the invention effectively overcomes various defects in the prior art and has high industrial utilization value.
The foregoing embodiments are merely illustrative of the principles and utilities of the present invention and are not intended to limit the invention. Any person skilled in the art can modify or change the above-mentioned embodiments without departing from the spirit and scope of the present invention. Accordingly, it is intended that all equivalent modifications or changes which can be made by those skilled in the art without departing from the spirit and technical spirit of the present invention be covered by the claims of the present invention.
Claims (10)
1. A method for data transmission between untrusted objects is characterized by comprising the following steps:
the analysis demander obtains a specified number of equipment parameters, wherein the equipment parameters comprise: equipment operation data and equipment number information;
the supplier generates encryption parameters and outputs the encryption parameters to the demand analysis party;
the analysis demand side encrypts the equipment number information according to the encryption parameters, outputs the encrypted data to the supplier, and matches the equipment analysis model data after decryption;
and after encrypting and packaging the matched equipment analysis model data, outputting the data to an analysis demand side, unsealing the equipment analysis model data by the analysis demand side, analyzing the equipment operation data, and obtaining an analysis result.
2. The method of claim 1, wherein before the analysis of the number of device parameters acquired by the demander, the method further comprises:
constructing a local area network, wherein the local area network comprises a server end and equipment ends connected with the server end;
the server side selects a specified number of equipment sides from the equipment sides contained in the local area network periodically as the equipment to be analyzed, and obtains the equipment parameters of the equipment to be analyzed.
3. The method of claim 1, wherein the encryption parameters comprise: the system comprises a public key, a private key and random numbers, wherein the number of the random numbers is equal to the number of supplier analysis models;
the supplier outputs the public key and the random number to the analysis demander.
4. The method for transmitting data between untrusted objects according to claim 3, wherein an analysis demander encrypts device number information according to the encryption parameter, and outputs the encrypted data to a supplier, and after decryption, matches device analysis model data, including:
the analysis demander generates a hash value corresponding to each piece of equipment serial number information according to the acquired equipment serial number information;
after each hash value is encrypted through a public key, a group of random numbers acquired from a supplier are added to obtain encrypted data, wherein each group of random numbers are not reused;
and the supplier decrypts the encrypted data through a private key to obtain equipment number information, and matches and analyzes the model data according to the hash value corresponding to the equipment number information.
5. The method of claim 4, wherein the encrypted data decryption process comprises:
and the supplier verifies the encrypted data through the generated random number, if the random number in the encrypted data is matched with the random number generated by the supplier, the hash value corresponding to the equipment number information is obtained through private key decryption after the corresponding random number is subtracted from the encrypted data.
6. The method for data transmission between untrusted objects according to claim 4, wherein the step of matching analysis model data according to the device number information comprises:
constructing an analysis model database;
and acquiring corresponding analysis model data from the analysis model database according to the hash value corresponding to the equipment number.
7. The method for transmitting data between untrusted objects according to claim 1, wherein the matched device analysis model data is output to an analysis demander after being encrypted and encapsulated, and the analysis demander unseals the device analysis model data:
appointing a sealing protection function of a supplier and analyzing a unsealing protection function of a demand side in advance;
and the supplier packages the analysis model data through the packaging protection function and then outputs the data to the analysis demand side, and further obtains the corresponding analysis model data through the unsealing protection function.
8. An untrusted inter-object data transfer system, comprising:
the equipment parameter acquisition module is used for analyzing the equipment parameters of the required party and acquiring the specified quantity, wherein the equipment parameters comprise: equipment operation data and equipment number information;
the encryption parameter generation module is used for generating encryption parameters by a supplier and outputting the encryption parameters to a demand analysis party;
the encryption matching module is used for encrypting the equipment number information according to the encryption parameters by the analysis demand party, outputting the encrypted data to the supply party, and matching the equipment analysis model data after decryption;
and the model acquisition and analysis module is used for encrypting and packaging the matched equipment analysis model data and outputting the data to an analysis demand side, and the analysis demand side unseals the equipment analysis model data, analyzes the equipment operation data and acquires an analysis result.
9. The untrusted inter-object data transfer system of claim 8, wherein the encryption parameters comprise: the system comprises a public key, a private key and random numbers, wherein the number of the random numbers is equal to the number of supplier analysis models;
the supplier outputs the public key and the random number to the analysis demander.
10. The system for data transmission between untrusted objects according to claim 9, wherein the model acquisition and analysis module comprises:
the Hash conversion unit is used for analyzing the equipment number information acquired by the demander and generating a Hash value corresponding to each equipment number information;
the encryption unit is used for encrypting each hash value through a public key and then adding a group of random numbers acquired from a supplier to obtain encrypted data, wherein each group of random numbers are not reused;
and the decryption unit is used for decrypting the encrypted data through a private key by a supplier to obtain equipment number information and matching and analyzing model data according to the hash value corresponding to the equipment number information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110540222.2A CN113301035B (en) | 2021-05-18 | 2021-05-18 | Method and system for transmitting data between untrusted objects |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110540222.2A CN113301035B (en) | 2021-05-18 | 2021-05-18 | Method and system for transmitting data between untrusted objects |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113301035A true CN113301035A (en) | 2021-08-24 |
| CN113301035B CN113301035B (en) | 2023-04-18 |
Family
ID=77322567
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110540222.2A Active CN113301035B (en) | 2021-05-18 | 2021-05-18 | Method and system for transmitting data between untrusted objects |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113301035B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150244684A1 (en) * | 2012-09-10 | 2015-08-27 | Nwstor Limited | Data security management system |
| US20150363775A1 (en) * | 2013-01-10 | 2015-12-17 | Tendyron Corporation | Key protection method and system |
| CN107425971A (en) * | 2017-04-25 | 2017-12-01 | 深圳奥联信息安全技术有限公司 | Terminal and its data method for encryption/decryption and device without certificate |
| CN108768930A (en) * | 2018-04-09 | 2018-11-06 | 华北水利水电大学 | A kind of encrypted transmission method of data |
| CN108768958A (en) * | 2018-05-07 | 2018-11-06 | 上海海事大学 | It is not revealed based on third party and is tested the data integrity of information and the verification method in source |
| CN110677418A (en) * | 2019-09-29 | 2020-01-10 | 四川虹微技术有限公司 | Trusted voiceprint authentication method and device, electronic equipment and storage medium |
| CN110677260A (en) * | 2019-09-29 | 2020-01-10 | 京东方科技集团股份有限公司 | Authentication method, authentication device, electronic equipment and storage medium |
| CN111510413A (en) * | 2019-01-30 | 2020-08-07 | 阿里巴巴集团控股有限公司 | Data processing method, device and equipment |
| CN112434109A (en) * | 2020-11-23 | 2021-03-02 | 交通银行股份有限公司 | Data sharing and secret query method and system based on block chain technology |
-
2021
- 2021-05-18 CN CN202110540222.2A patent/CN113301035B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150244684A1 (en) * | 2012-09-10 | 2015-08-27 | Nwstor Limited | Data security management system |
| US20150363775A1 (en) * | 2013-01-10 | 2015-12-17 | Tendyron Corporation | Key protection method and system |
| CN107425971A (en) * | 2017-04-25 | 2017-12-01 | 深圳奥联信息安全技术有限公司 | Terminal and its data method for encryption/decryption and device without certificate |
| CN108768930A (en) * | 2018-04-09 | 2018-11-06 | 华北水利水电大学 | A kind of encrypted transmission method of data |
| CN108768958A (en) * | 2018-05-07 | 2018-11-06 | 上海海事大学 | It is not revealed based on third party and is tested the data integrity of information and the verification method in source |
| CN111510413A (en) * | 2019-01-30 | 2020-08-07 | 阿里巴巴集团控股有限公司 | Data processing method, device and equipment |
| CN110677418A (en) * | 2019-09-29 | 2020-01-10 | 四川虹微技术有限公司 | Trusted voiceprint authentication method and device, electronic equipment and storage medium |
| CN110677260A (en) * | 2019-09-29 | 2020-01-10 | 京东方科技集团股份有限公司 | Authentication method, authentication device, electronic equipment and storage medium |
| CN112434109A (en) * | 2020-11-23 | 2021-03-02 | 交通银行股份有限公司 | Data sharing and secret query method and system based on block chain technology |
Non-Patent Citations (1)
| Title |
|---|
| 刘万锁等: ""基于PKEKS的关键字安全的可检索加密技术"", 《湖北第二师范学院学报》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113301035B (en) | 2023-04-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8881246B2 (en) | System and method for providing secured integrated engineering analysis | |
| CN108197891B (en) | Electronic signing device and method based on block chain | |
| CN108513704B (en) | Remote distribution method and system of terminal master key | |
| CN101484901B (en) | System and method for controlling productive process | |
| CN101223728A (en) | System and method for remote device registration | |
| CN109255210A (en) | The method, apparatus and storage medium of intelligent contract are provided in block chain network | |
| US20090210694A1 (en) | Information transmission apparatus and method, information reception apparatus and method, and information-providing system | |
| CN107666386A (en) | A kind of data safe transmission method and device | |
| CN109495459A (en) | Media data encryption method, system, equipment and storage medium | |
| JP4295684B2 (en) | Program production device | |
| Balsa-Comerón et al. | Cybersecurity in autonomous systems: hardening ROS using encrypted communications and semantic rules | |
| CN110232286B (en) | E-commerce data chaining method and equipment applying intelligent contracts | |
| TW201931189A (en) | Countermeasure formulation assistance device, countermeasure formulation assistance method, and countermeasure formulation assistance program | |
| CN110266696A (en) | A kind of evaluation data cochain method and its equipment applied to block chain | |
| CN113301035B (en) | Method and system for transmitting data between untrusted objects | |
| CN111739190B (en) | Vehicle diagnostic file encryption method, device, equipment and storage medium | |
| US11513507B2 (en) | Systems and methods for distributed control of manufacturing processes | |
| CN116760868B (en) | Automatic judging and detecting method and system for intelligent distribution transformer | |
| CN109711178A (en) | A kind of storage method of key-value pair, device, equipment and storage medium | |
| CN110232570B (en) | Information supervision method and device | |
| CN110266699A (en) | Prize drawing data cochain method and its equipment applied to block chain | |
| CN110225056A (en) | A kind of evaluation data cochain method and its equipment for applying intelligent contract | |
| Rekha et al. | A holistic blockchain based IC traceability technique | |
| KR101979320B1 (en) | System and Method for automatic generation and execution of encryption SQL statements using meta-information and enterprise framework | |
| CN115102739A (en) | Method for protecting pitorch deep learning network model based on computational encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |