CN113792297A - Service processing method, device and equipment - Google Patents

Service processing method, device and equipment Download PDF

Info

Publication number
CN113792297A
CN113792297A CN202111063850.2A CN202111063850A CN113792297A CN 113792297 A CN113792297 A CN 113792297A CN 202111063850 A CN202111063850 A CN 202111063850A CN 113792297 A CN113792297 A CN 113792297A
Authority
CN
China
Prior art keywords
model
service
execution environment
trusted execution
sub
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111063850.2A
Other languages
Chinese (zh)
Inventor
郑显义
辛知
顾婉玉
张璇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202111063850.2A priority Critical patent/CN113792297A/en
Publication of CN113792297A publication Critical patent/CN113792297A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The embodiment of the specification discloses a service processing method, a device and equipment, wherein the method is applied to service processing equipment, the service processing equipment comprises a trusted execution environment, and the method comprises the following steps: acquiring service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment and can run in the trusted execution environment; inputting the service data into a first sub-model segmented from a service model corresponding to the target service to obtain a first output result corresponding to the service data; and transmitting the first output result to a trusted execution environment through the application corresponding to the target service, and inputting the first output result to a second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data.

Description

Service processing method, device and equipment
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a method, an apparatus, and a device for processing a service.
Background
Currently, many enterprises or organizations deploy business models of some businesses to local business parties in a private cloud manner, model structures and related data of the business models in this manner are easily stolen by attackers, and the business models (such as OCR models and face recognition models) are usually core assets of the enterprises or organizations, and once the business models are leaked, not only the user privacy data hidden in the business models are exposed, but also the enterprises or organizations are damaged inestimably. At present, the protection means for the business model is extremely weak, for example, the business model can be protected in an encryption mode generally, but in this mode, only a decryption point needs to be found for hook processing, and the model structure and related data of the business model can be easily stolen in a dump memory mode, for example. For this reason, it is necessary to provide a technical solution for more effectively protecting the model structure and related data of the business model from being stolen by a malicious attacker.
Disclosure of Invention
The embodiment of the specification aims to provide a technical scheme for more effectively protecting a model structure and related data of a business model so as to prevent the model structure and the related data from being stolen by a malicious attacker.
In order to implement the above technical solution, the embodiments of the present specification are implemented as follows:
a service processing method provided in an embodiment of the present specification is applied to a service processing device, where the service processing device includes a trusted execution environment, and the method includes: the method comprises the steps of obtaining service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises model parameters to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment and can run in the trusted execution environment. And inputting the service data into a first sub-model segmented from a service model corresponding to the target service to obtain a first output result corresponding to the service data. And transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data.
An embodiment of the present specification provides a service processing method, which is applied to a blockchain system, where the blockchain system includes blockchain nodes, and the blockchain nodes include trusted execution environments, and the method includes: the method comprises the steps of obtaining service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises model parameters to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment of a block chain node and can run in the trusted execution environment. And inputting the service data into a first sub-model segmented from a service model corresponding to the target service based on a first intelligent contract pre-deployed in the blockchain system to obtain a first output result corresponding to the service data, wherein the first intelligent contract is used for triggering the first sub-model to process the acquired service data. Based on a second intelligent contract pre-deployed in the blockchain system, the first output result is transmitted to the trusted execution environment through an application corresponding to the target service, the first output result is input to the second submodel in the trusted execution environment, a model prediction result corresponding to the service data is obtained, and the second intelligent contract is used for triggering transmission of the output result of the first submodel to the trusted execution environment and triggering processing of the output result of the first submodel in the trusted execution environment.
An embodiment of the present specification provides a service processing apparatus, where the apparatus includes a trusted execution environment, and the apparatus includes: the data acquisition module is used for acquiring service data aiming at a target service, the target service corresponds to a service model which processes the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises model parameters to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in the trusted execution environment and can run in the trusted execution environment. And the first result determining module is used for inputting the business data into a first sub-model segmented from a business model corresponding to the target business to obtain a first output result corresponding to the business data. And the model prediction module is used for transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result into the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data.
An embodiment of this specification provides a service processing apparatus, where the apparatus is an apparatus in a blockchain system, and the apparatus includes a trusted execution environment, and the apparatus includes: the data acquisition module is used for acquiring service data aiming at a target service, the target service corresponds to a service model which processes the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises model parameters to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment of the device and can run in the trusted execution environment. And the first result determining module is used for inputting the service data into a first sub-model divided from a service model corresponding to the target service based on a first intelligent contract pre-deployed in the block chain system to obtain a first output result corresponding to the service data, and the first intelligent contract is used for triggering the first sub-model to process the acquired service data. The prediction result determining module is used for transmitting the first output result to the trusted execution environment through an application corresponding to the target service based on a second intelligent contract which is deployed in the blockchain system in advance, inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data, and the second intelligent contract is used for triggering transmission of the output result of the first submodel to the trusted execution environment and triggering processing of the output result of the first submodel in the trusted execution environment.
An embodiment of this specification provides a service processing device, where the service processing device is provided with a trusted execution environment, and the service processing device includes: a processor; and a memory arranged to store computer executable instructions that, when executed, cause the processor to: the method comprises the steps of obtaining service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises model parameters to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment and can run in the trusted execution environment. And inputting the service data into a first sub-model segmented from a service model corresponding to the target service to obtain a first output result corresponding to the service data. And transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data.
An embodiment of this specification provides a service processing device, where the service processing device is a device of a blockchain system, and the service processing device is provided with a trusted execution environment, and includes: a processor; and a memory arranged to store computer executable instructions that, when executed, cause the processor to: the method comprises the steps of obtaining service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises model parameters to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment of the equipment and can run in the trusted execution environment. And inputting the service data into a first sub-model segmented from a service model corresponding to the target service based on a first intelligent contract pre-deployed in the blockchain system to obtain a first output result corresponding to the service data, wherein the first intelligent contract is used for triggering the first sub-model to process the acquired service data. Based on a second intelligent contract pre-deployed in the blockchain system, the first output result is transmitted to the trusted execution environment through an application corresponding to the target service, the first output result is input to the second submodel in the trusted execution environment, a model prediction result corresponding to the service data is obtained, and the second intelligent contract is used for triggering transmission of the output result of the first submodel to the trusted execution environment and triggering processing of the output result of the first submodel in the trusted execution environment.
Embodiments of the present specification also provide a storage medium, where the storage medium is used to store computer-executable instructions, and the executable instructions, when executed, implement the following processes: the method comprises the steps of obtaining service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises model parameters to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment and can run in the trusted execution environment. And inputting the service data into a first sub-model segmented from a service model corresponding to the target service to obtain a first output result corresponding to the service data. And transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data.
Embodiments of the present specification also provide a storage medium, where the storage medium is used to store computer-executable instructions, and the executable instructions, when executed, implement the following processes: the method comprises the steps of obtaining service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises model parameters to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment of a block chain node and can run in the trusted execution environment. And inputting the service data into a first sub-model segmented from a service model corresponding to the target service based on a first intelligent contract pre-deployed in the blockchain system to obtain a first output result corresponding to the service data, wherein the first intelligent contract is used for triggering the first sub-model to process the acquired service data. Based on a second intelligent contract pre-deployed in the blockchain system, the first output result is transmitted to the trusted execution environment through an application corresponding to the target service, the first output result is input to the second submodel in the trusted execution environment, a model prediction result corresponding to the service data is obtained, and the second intelligent contract is used for triggering transmission of the output result of the first submodel to the trusted execution environment and triggering processing of the output result of the first submodel in the trusted execution environment.
Drawings
In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the present specification, and for those skilled in the art, other drawings can be obtained according to the drawings without any creative effort.
Fig. 1 is a diagram illustrating an embodiment of a service processing method according to the present disclosure;
FIG. 2 is a schematic diagram of an execution environment in a business processing device according to the present description;
fig. 3 is another embodiment of a service processing method according to the present disclosure;
fig. 4A is a diagram illustrating another embodiment of a service processing method;
fig. 4B is a schematic diagram of a service processing procedure in the present specification;
fig. 5 is an embodiment of a service processing apparatus according to the present disclosure;
FIG. 6 is another embodiment of a service processing apparatus according to the present disclosure;
fig. 7 is an embodiment of a service processing device according to this specification.
Detailed Description
The embodiment of the specification provides a service processing method, a service processing device and service processing equipment.
In order to make those skilled in the art better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only a part of the embodiments of the present specification, and not all of the embodiments. All other embodiments obtained by a person skilled in the art based on the embodiments in the present specification without any inventive step should fall within the scope of protection of the present specification.
Example one
As shown in fig. 1, an execution subject of the method may be a service processing device, and the service processing device may be a terminal device or a server, where the terminal device may be a computer device such as a notebook computer or a desktop computer, or may be an IoT device. The server may be a server of a certain service (such as a transaction service or a financial service), specifically, the server may be a server of a payment service, or a server of a service related to finance, instant messaging, or the like. The service processing device may be provided with a trusted Execution environment, where the trusted Execution environment may be a tee (trusted Execution environment), the trusted Execution environment may be implemented by a program written in a predetermined programming language (that is, may be implemented in a software form), or may be implemented by a hardware device and a pre-written program together (that is, may be implemented in a form of hardware + software), and the trusted Execution environment may be a secure operation environment for performing data processing. The method may specifically comprise the steps of:
in step S102, service data for a target service is obtained, the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model includes a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is disposed in a trusted execution environment and can operate in the trusted execution environment.
The target service may be any service, such as an information recommendation service, a risk prevention and control service in a financial system, or a commodity transaction service. The service data may be data related to the target service, which may include the user triggered target service and data generated by the target service during execution, and may also include data related to the user triggered target service and data provided by the target service during execution. The business model may be a relevant model for the target business, and different business models may be constructed based on different target businesses, for example, if the target business is an information recommendation business, the business model may be a model for performing information recommendation, if the target business is a risk prevention and control business in a financial system, the business model may be a model for performing risk prevention and control on the financial system, if a commodity transaction business of the target business, the business model may be a model for predicting sales volume of a certain commodity, and the like. The business model can include a plurality of types, and different business models can be built in different manners, for example, a model for information recommendation can be built through a classification algorithm, or a model for risk prevention and control of a financial system can be built through a convolutional neural network algorithm, and the like. The model protection rules may be rules for effectively protecting the structure, model parameters, and the like of the business model to prevent the business model from being stolen by a malicious attacker, and the model protection rules may record which model or models need to be protected, and related data that needs to be protected in each model, and the like. The model parameters may be different according to the traffic model, and the model parameters may include, for example, a weight, a coefficient, or a vector. The trusted execution environment may be a data processing environment that is secure and isolated from other environments, i.e., processes performed in the trusted execution environment, and data generated during data processing, etc., are not accessible to other execution environments or applications outside the executable environment. As shown in fig. 2, the trusted execution environment may be implemented by creating a small operating system that may run independently in a trusted zone (e.g., TrustZone, etc.), which may provide services directly in the form of system calls (e.g., handled directly by the TrustZone kernel). The device may include an REE (universal execution environment) and a trusted execution environment, an operating system installed in the terminal device may be run under the REE, such as an Android operating system, an iOS operating system, a Windows operating system, a Linux operating system, and the like, and the REE may have characteristics such as a strong function, a good openness and extensibility, and may provide all functions of the device, such as a camera function, a touch function, and the like, for an upper application program. The trusted execution environment has its own execution space, that is, there is an operating system in the trusted execution environment, the trusted execution environment has a higher security level than the REE, and software and hardware resources in the device that the trusted execution environment can access are separated from the REE, but the trusted execution environment can directly acquire information of the REE, and the REE cannot acquire information of the trusted execution environment. The trusted execution environment can perform authentication and other processing through the provided interface, so that user information (such as payment information, user privacy information and the like) cannot be tampered, passwords cannot be hijacked, and information such as fingerprints or faces cannot be stolen.
In implementation, currently, many enterprises or organizations deploy business models of some businesses to business parties in a private cloud manner, model structures and related data of the business models in this manner are very easy to steal by attackers, and the business models (such as OCR models and face recognition models) are usually core assets of the enterprises or organizations, and once the business models are leaked, not only the user privacy data hidden in the business models are exposed, but also the enterprises or organizations are damaged inestimably. At present, the protection means for the business model is extremely weak, for example, the business model can be protected in an encryption mode generally, but in this mode, only a decryption point needs to be found for hook processing, and the model structure and related data of the business model can be easily stolen in a dump memory mode, for example. For this reason, it is necessary to provide a technical solution for more effectively protecting the model structure and related data of the business model from being stolen by a malicious attacker. The embodiment of the present specification provides an achievable processing method, which may specifically include the following:
in general, different business models can be divided into public and private parts, and the private part is a sub-model in which a model structure or related data to be protected in a business model of an enterprise or organization is located. Based on this, for any target service, a service model for processing the service data of the target service can be set for the target service, and the service model can be divided according to the requirement of the target service or according to the actual situation, so as to obtain a plurality of divided different parts. In practical applications, a model protection rule corresponding to a target service may be set in advance according to a request of the target service or according to an actual situation, and information such as a model parameter and a model architecture that need to be protected in the target model may be described in the model protection rule. The business model can be obtained by splicing the divided sub-models, and in addition, in the business model, the output data of the previous sub-model can be used as the input data of one sub-model after the divided sub-model. In this embodiment, the business model may be divided into two parts, one of which may be a public part and the other may be a private part, that is, the business model may be divided into a first sub-model and a second sub-model, and in practical applications, the business model may be divided into two or more parts, for example, the business model may be divided into part 1, part 2 and part 3, and then the parts may be classified according to practical situations, and a part that may be a public part and a part that may be a private part are determined, for example, the part 1 may be a public part, and the parts 2 and 3 may be private parts, and the like. A part that can be a public part may be taken as a first sub-model and a part that can be a private part may be taken as a second sub-model.
Considering that a trusted execution environment is often set in a business processing device, and the trusted execution environment, as a security isolation environment in the business processing device, can be isolated from other environments in the business processing device, thereby ensuring the security of data in the trusted execution environment. The first sub-model may be set in a general execution environment of the service processing device, or may be set in an execution environment of a preset or specified environment parameter, or may be set in a trusted execution environment, which may be specifically set according to an actual situation, and this is not limited in this embodiment of the specification.
After the service model is deployed in the manner, when a user requests a target service or triggers the target service to execute, the service processing device may obtain related data when the user requests the target service or triggers the target service and related data generated by the target service execution, and may use the data as service data for the target service.
In step S104, the service data is input into the first sub-model divided from the service model corresponding to the target service, and a first output result corresponding to the service data is obtained.
In implementation, generally, when a business model processes business data, as the business data is processed further, the later data processing in the business model is more complex or more confidential, and the earlier data processing in the business model is more basic or less confidential, such as vectorization of the business data or feature extraction of the business data, and the like. Based on this, in the service model, the first sub-model may be a sub-model executed before the second sub-model, that is, in the process of operating the service model, the service data is processed by the part corresponding to the first sub-model first, and then the processing result is processed by the second sub-model, and finally the output result of the service model is obtained.
In step S106, the first output result is transmitted to the trusted execution environment through the application corresponding to the target service, and the first output result is input to the second sub-model in the trusted execution environment, so as to obtain a model prediction result corresponding to the service data.
The application corresponding to the target service may be a preset application that can be used for data transfer between different parts of the service model, and specifically transfers the authority of data to the trusted execution environment, the application corresponding to the target service may be an application program that needs to be installed in the service processing device, a code program that is pre-embedded in some hardware device of the service processing device, a program that is set in the form of a plug-in to run in the background of the operating system of the service processing device, or the like, the application corresponding to the target service may be an application that can be called by a component or an assembly (such as an assembly corresponding to the trusted execution environment or a central processing unit, or the like) having a specified authority, and may be specifically set according to an actual situation.
In implementation, in order to ensure accuracy of the first output result, the component corresponding to the trusted execution environment may trigger an application corresponding to the target service to run, after the application corresponding to the target service verifies the component, the service processing device may invoke the application corresponding to the target service, and transmit the first output result to the trusted execution environment through the application corresponding to the target service, because the first output result is transmitted by the application corresponding to the target service, a user cannot obtain the first output result through other components or components, and cannot extract the plaintext first output result from the application corresponding to the target service, the first output result may be prevented from being tampered during transmission. In addition, in order to further ensure the security of data transmission, the first output result may be further subjected to encryption processing, and the like, where the encryption manner may include multiple manners, such as a symmetric encryption manner or an asymmetric encryption manner, and may be specifically set according to actual situations, and this is not limited in this embodiment of the specification.
After the first output result is transmitted to the trusted execution environment, the first output result may be processed in the trusted execution environment, that is, in the trusted execution environment, the first output result is input into the second submodel, and the corresponding output result may be obtained by processing the first output result by the second submodel, where the output result may be a model prediction result corresponding to the service data. In addition, for the case of performing encryption processing on the first output result, after the encrypted first output result is transferred to the trusted execution environment, decryption processing may be performed on the encrypted first output result in the trusted execution environment to obtain a decrypted first output result (i.e., the first output result), and then subsequent processing is performed based on the decrypted first output result, which may be specifically referred to above, and is not described herein again. Finally, the trusted execution environment may output the obtained model prediction result.
An embodiment of the present specification provides a service processing method, which is applied to a service processing device, where the service processing device includes a trusted execution environment, where: after business data aiming at a target business is obtained, the business data is input into a first submodel which is divided from a business model corresponding to the target business, a first output result corresponding to the business data is obtained, wherein the target business corresponds to the business model which processes the business data, the business model is divided into the first submodel and a second submodel, the second submodel comprises model parameters to be protected which are recorded in a model protection rule corresponding to the target business, the second submodel is arranged in a credible execution environment and can run in the credible execution environment, then the first output result is transmitted into the credible execution environment through an application corresponding to the target business, the first output result is input into the second submodel in the credible execution environment, a model prediction result corresponding to the business data is obtained, and therefore, the model architecture and the model parameters which need to be protected are arranged in a safe environment formed by the credible execution environment And subsequent data processing is carried out in the security environment, so that the model structure and the model parameters of the sub-model of the private part of the organization or the organization can be effectively protected from being stolen by an attacker, and finally, the output result can not be outside the trusted execution environment, thereby well preventing model extraction attack and model reverse attack, ensuring the security of business processing and business models, and protecting the core assets of enterprises or organizations.
Example two
As shown in fig. 3, an execution subject of the method may be a service processing device, and the service processing device may be a terminal device or a server, where the terminal device may be a computer device such as a notebook computer or a desktop computer. The server may be a server of a certain service (such as a transaction service or a financial service), specifically, the server may be a server of a payment service, or a server of a service related to finance, instant messaging, or the like. The service processing device may be provided with a trusted execution environment, where the trusted execution environment may be a TEE, and the trusted execution environment may be implemented by a program written in a predetermined programming language (that is, may be implemented in a form of software), or may be implemented by a hardware device and a pre-written program together (that is, may be implemented in a form of hardware + software), and the trusted execution environment may be a secure operation environment for performing data processing. The method may specifically comprise the steps of:
in step S302, a business model for the target business is acquired.
The business model may be a deep learning model, such as a neural network model, a decision tree model, or a generative confrontation network model.
In step S304, the service model is divided into a first sub-model and a second sub-model based on the model protection rule corresponding to the target service, where the second sub-model includes the model parameters to be protected recorded in the model protection rule.
The first sub-model can be constructed by a BackBone feature network BackBone model, the second sub-model can be constructed by a feature data processing Neck model and a prediction Head model by utilizing features, and the second sub-model can be presented in a Graph mode. The model parameters may include weight Weights parameter and/or offset Bias parameter, etc. The BackBone feature network backhaul model may be specifically a feature extraction model, such as a convolutional neural network model or a residual error network model.
In step S306, the second submodel is set in the trusted execution environment to enable the second submodel to run in the trusted execution environment.
In implementation, a conversion rule or a conversion algorithm corresponding to the second sub-model may be set in advance based on different models, the conversion rule or the conversion algorithm may include multiple types, and may be specifically set according to an actual situation, which is not limited in this specification. In order to set the second submodel in the service model of the target service in the trusted execution environment, the conversion rule or the conversion algorithm corresponding to the second submodel in the service model may be acquired, and the second submodel may be converted by the acquired conversion rule or conversion algorithm, so that the second submodel may be converted into data capable of running in the trusted execution environment, and then set in the trusted execution environment.
In practical applications, the specific processing of step S306 may be various, and an alternative processing manner is provided below, which may specifically include the following processing from step a2 to step a 6:
in step a2, the second submodel is converted into a preset type of data that can be run in the trusted execution environment.
The preset type comprises one or more of a Graph file type and a parameter type. In addition, in order to facilitate the trusted execution environment to efficiently execute the protected submodel, a parameter index table may be set in the trusted execution environment, and the method may specifically be processed in the following manner: if the preset type comprises a parameter type, corresponding parameter index information can be generated based on the converted data of the parameter type, then the parameter index information is encrypted, the encrypted parameter index information is set in a trusted execution environment, and the encrypted parameter index information can be decrypted in the trusted execution environment to obtain original parameter index information.
In implementation, as shown in fig. 2, the second submodel may be parsed by a preset parsing tool to parse the second submodel into data of types such as Graph files, parameters, and the like, which can be directly run in a lightweight AI execution engine Nano Framework of the trusted execution environment, and a corresponding parameter index table may be built in the trusted execution environment, so that it may be convenient to subsequently set the second submodel in the trusted execution environment, and enable the second submodel to run in the trusted execution environment.
In step a4, the converted data is subjected to encryption processing, and the encrypted data is set in the trusted execution environment.
In implementation, in order to protect the security of the data transmission process, an encryption algorithm of the data may be preset, specifically, an AES encryption algorithm, an RSA encryption algorithm, and the like. After the converted data is obtained, the encryption algorithm may be used to encrypt the corresponding converted data to obtain encrypted data, where different types of data included in the converted data may be encrypted using the same encryption algorithm or different encryption algorithms, and may be specifically set according to actual conditions. And then, the encrypted data can be transferred to the trusted execution environment through the application corresponding to the target service.
In step a6, the encrypted data is decrypted in the trusted execution environment, and converted data is obtained.
In step S308, the first submodel is set in the general execution environment to enable the first submodel to run in the general execution environment. In an implementation, as shown in fig. 2, the first sub-model may be provided in and run in an AI execution engine of the general execution environment, thereby providing the first sub-model in and enabling the first sub-model to run in the general execution environment.
In step S310, service data for the target service is acquired.
In step S312, the service data is input into the first sub-model divided from the service model corresponding to the target service, and a first output result corresponding to the service data is obtained.
In step S314, the first output result is encrypted, and the encrypted first output result is transferred to the trusted execution environment through the application corresponding to the target service.
In step S316, in the trusted execution environment, the encrypted first output result is decrypted, and the decrypted first output result is input into the second sub-model, so as to obtain a model prediction result corresponding to the service data.
In implementation, as shown in fig. 2, when the AI execution engine Nano Framework in the Trusted execution environment executes the related operation of the second submodel, a TA (Trusted Application) corresponding to a CA (Client Application (i.e. an Application corresponding to a target service)) retrieves corresponding data (an encrypted first output result) according to a parameter index table, and decrypts the data to provide the data required for execution to a corresponding operator in the AI execution engine Nano Framework. And the AI execution engine Nano Framework of the trusted execution environment calls the corresponding operator library to execute the corresponding operator, the TA provides corresponding data, and after the execution is finished, the output result can be stored in the trusted execution environment and subsequent inference prediction and other processing can be continuously executed.
Through the processing, the model structure and the model parameters of the sub-model of the private part of the organization or the organization can be effectively protected from being stolen by an attacker, and finally, the output result can not be outside a trusted execution environment, so that the model extraction attack and the model reverse attack are well prevented, the safety of business processing and a business model is ensured, and the core assets of an enterprise or the organization are protected.
An embodiment of the present specification provides a service processing method, which is applied to a service processing device, where the service processing device includes a trusted execution environment, where: after business data aiming at a target business is obtained, the business data is input into a first submodel which is divided from a business model corresponding to the target business, a first output result corresponding to the business data is obtained, wherein the target business corresponds to the business model which processes the business data, the business model is divided into the first submodel and a second submodel, the second submodel comprises model parameters to be protected which are recorded in a model protection rule corresponding to the target business, the second submodel is arranged in a credible execution environment and can run in the credible execution environment, then the first output result is transmitted into the credible execution environment through an application corresponding to the target business, the first output result is input into the second submodel in the credible execution environment, and a model prediction result corresponding to the business data is obtained, therefore, the model architecture and the model parameters to be protected are arranged in the security environment formed by the trusted execution environment, and subsequent data processing is carried out in the security environment, so that the model structure and the model parameters of the sub-model of the private part of an organization or an organization can be effectively protected from being stolen by attackers, and finally, the output result can not be outside the trusted execution environment, thereby well preventing model extraction attack and model reverse attack, ensuring the security of business processing and business models, and protecting the core assets of enterprises or organizations.
EXAMPLE III
As shown in fig. 4A and 4B, an implementation subject of the method may be a blockchain system, where the blockchain system includes blockchain nodes, and the blockchain nodes may be terminal devices or servers, where the terminal devices may be mobile terminal devices such as mobile phones and tablet computers, and may also be devices such as personal computers. The server may be an independent server, a server cluster including a plurality of servers, or the like. The block link node includes a trusted execution environment, which may be a TEE, and the trusted execution environment may be implemented by a program written in a predetermined programming language (i.e., may be implemented in a form of software), or may be implemented by a hardware device and a pre-written program together (i.e., may be implemented in a form of hardware + software), and the trusted execution environment may be a secure execution environment for performing data processing. The method may specifically comprise the steps of:
in step S402, service data for a target service is obtained, the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model includes a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is disposed in a trusted execution environment of a block chain node and can operate in the trusted execution environment.
The business model can be a deep learning model and the like, based on the deep learning model, the first sub-model can be constructed by a BackBone feature network BackBone model, and the second sub-model can be constructed by a feature data processing Neck model and a prediction Head model by utilizing features. The model parameters may include a weight Weights parameter and/or an offset Bias parameter, etc.
Before the step S402, the business model may be trained in advance by other devices to obtain a trained business model, and then the trained business model is deployed, which may be implemented by the following processing of steps C2 to C6:
in step C2, a business model for the target business is obtained based on a third intelligent contract pre-deployed in the blockchain system.
Wherein the third intelligent contract may be an intelligent contract for performing the processing of steps C2-C6, the intelligent contract may be a computer protocol intended to propagate, verify or execute the contract in an informational manner, the intelligent contract allows trusted interaction without a third party, the interaction process is traceable and irreversible, and the intelligent contract includes a protocol on which a contract participant can perform rights and obligations agreed by the contract participant.
In step C4, a model protection rule corresponding to the target service is obtained based on the third intelligent contract, and the service model is divided into a first sub-model and a second sub-model based on the model protection rule, where the second sub-model includes a model parameter to be protected recorded in the model protection rule.
In step C6, the second submodel is placed in the trusted execution environment based on the third smart contract to enable the second submodel to run in the trusted execution environment.
The above specific processing procedure can refer to the above related contents, and is not described herein again.
The specific treatment of the step C6 may be further performed in the following manner, specifically, the treatment of the step C62 to the step C66.
In step C62, the second submodel is converted into a preset type of data capable of running in the trusted execution environment based on the third smart contract.
In step C64, the converted data is encrypted based on the third smart contract, and the encrypted data is set in the trusted execution environment.
In step C66, based on the third intelligent contract, the encrypted data is decrypted in the trusted execution environment, and the converted data is obtained.
Wherein the third smart contract may be a smart contract for performing the processing of step C62 to step C66.
It should be noted that the preset type may include one or more of a Graph file type and a parameter type;
if the preset type includes a parameter type, the following processing may also be performed: generating corresponding parameter index information through the converted data of the parameter type based on a fourth intelligent contract which is pre-deployed in the block chain system, encrypting the parameter index information based on the fourth intelligent contract, setting the encrypted parameter index information in a trusted execution environment, and decrypting the encrypted parameter index information in the trusted execution environment based on the fourth intelligent contract to obtain the parameter index information.
The fourth intelligent contract may be an intelligent contract for generating and processing a parameter index table. In step S404, the service data is input into a first sub-model partitioned from a service model corresponding to the target service based on a first intelligent contract pre-deployed in the blockchain system, so as to obtain a first output result corresponding to the service data, where the first intelligent contract is used to trigger the first sub-model to process the acquired service data.
In implementation, a first intelligent contract may be generated in advance based on a processing procedure of processing the acquired business data by the first submodel, and the first intelligent contract may be deployed in the blockchain system, and then, corresponding processing may be performed based on a processing manner, a processing procedure, and a rule specified in the first intelligent contract.
In step S406, based on a second intelligent contract pre-deployed in the blockchain system, the first output result is transferred to the trusted execution environment through an application corresponding to the target service, and the first output result is input to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data, where the second intelligent contract is used to trigger the output result of the first submodel to be transferred to the trusted execution environment, and trigger the output result of the first submodel to be processed in the trusted execution environment.
In implementation, a second intelligent contract may be generated in advance based on a processing procedure of transferring an output result of the first submodel into the trusted execution environment and processing the output result of the first submodel in the trusted execution environment, and the second intelligent contract may be deployed in the blockchain system, and then, corresponding processing may be performed based on a processing manner, a processing procedure, and a rule specified in the second intelligent contract.
In addition, the first submodel may be provided in a general execution environment, that is, the first submodel may be provided in the general execution environment based on a second smart contract, so that the first submodel can run in the general execution environment. An embodiment of the present specification provides a service processing method, which is applied to a blockchain system, where the blockchain system includes blockchain nodes, and the blockchain nodes include trusted execution environments, where: after business data aiming at a target business is obtained, the business data is input into a first sub-model which is divided from a business model corresponding to the target business based on a first intelligent contract which is pre-deployed in a block chain system, a first output result corresponding to the business data is obtained, the target business corresponds to the business model which processes the business data, the business model is divided into the first sub-model and a second sub-model, the second sub-model comprises model parameters to be protected which are recorded in a model protection rule corresponding to the target business, the second sub-model is arranged in a trusted execution environment of a block chain node and can run in the trusted execution environment, the first intelligent contract is used for triggering the first sub-model to process the obtained business data, then the first output result is transmitted to the trusted execution environment through an application corresponding to the target business based on a second intelligent contract which is pre-deployed in the block chain system, and in the trusted execution environment, inputting the first output result into the second submodel to obtain a model prediction result corresponding to the service data, wherein the second intelligent contract is used for triggering to transmit the output result of the first submodel to the trusted execution environment and triggering to process the output result of the first submodel in the trusted execution environment, so that the model architecture and the model parameters needing to be protected are arranged in a security environment formed by the trusted execution environment and subsequent data processing is carried out in the security environment, thereby effectively protecting the model structure and the model parameters of the private submodel of an organization or an organization from being stolen by an attacker, and finally, the output result is not positioned outside the trusted execution environment, thereby well preventing model extraction attack and model reverse attack and ensuring the security of the service processing and the service model, the core assets of an enterprise or organization are protected.
Example four
Based on the same idea, the service processing method provided by the embodiment of the present specification further provides a service processing apparatus, where the apparatus includes a trusted execution environment, as shown in fig. 5.
The service processing device comprises: a data acquisition module 501, a first result determination module 502, and a model prediction module 503, wherein:
a data obtaining module 501, configured to obtain service data for a target service, where the target service corresponds to a service model that processes the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model includes a model parameter to be protected, which is recorded in a model protection rule corresponding to the target service, and the second sub-model is disposed in the trusted execution environment and is capable of operating in the trusted execution environment;
a first result determining module 502, configured to input the service data into a first sub-model partitioned from a service model corresponding to the target service, to obtain a first output result corresponding to the service data;
the model prediction module 503 is configured to transmit the first output result to the trusted execution environment through an application corresponding to the target service, and input the first output result to the second sub-model in the trusted execution environment to obtain a model prediction result corresponding to the service data.
In this embodiment, the model prediction module 503 includes:
the encryption unit is used for encrypting the first output result and transmitting the encrypted first output result to the trusted execution environment through the application corresponding to the target service;
and the model prediction unit is used for decrypting the encrypted first output result in the trusted execution environment and inputting the decrypted first output result into the second submodel to obtain a model prediction result corresponding to the service data.
In an embodiment of this specification, the apparatus further includes:
the model acquisition module is used for acquiring a service model aiming at the target service;
the second segmentation module is used for segmenting the business model into a first sub-model and a second sub-model based on a model protection rule corresponding to the target business, wherein the second sub-model comprises model parameters to be protected recorded in the model protection rule;
a second setup module to setup the second submodel in a trusted execution environment to enable the second submodel to run in the trusted execution environment.
In an embodiment of this specification, the second setting module includes:
the conversion unit is used for converting the second submodel into data of a preset type which can run in the trusted execution environment;
the setting unit is used for encrypting the converted data and setting the encrypted data in the trusted execution environment;
and the decryption unit is used for decrypting the encrypted data in the trusted execution environment to obtain the converted data.
In an embodiment of the present specification, the preset type includes one or more of a Graph file type and a parameter type;
the preset type comprises a parameter type, and the device further comprises:
the index generation module is used for generating corresponding parameter index information based on the converted data of the parameter types;
the index encryption module is used for encrypting the parameter index information and setting the encrypted parameter index information in the trusted execution environment;
and the index decryption module is used for decrypting the encrypted parameter index information in the trusted execution environment to obtain the parameter index information.
In an embodiment of this specification, the apparatus further includes:
and the third setting module is used for setting the first submodel in a general execution environment so as to enable the first submodel to run in the general execution environment.
In the embodiment of the specification, the service model is a deep learning model, the first sub-model is built by a BackBone feature network BackBone model, and the second sub-model is built by a feature data processing Neck model and a prediction Head model by using features.
In the embodiment of the present specification, the model parameters include a weight Weights parameter and/or an offset Bias parameter.
The embodiment of the present specification provides a service processing apparatus, which, after obtaining service data for a target service, inputs the service data into a first submodel partitioned from a service model corresponding to the target service to obtain a first output result corresponding to the service data, where the target service corresponds to a service model for processing the service data, the service model is partitioned into a first submodel and a second submodel, the second submodel includes a model parameter to be protected recorded in a model protection rule corresponding to the target service, the second submodel is disposed in a trusted execution environment and is capable of operating in the trusted execution environment, then transmits a first output result to the trusted execution environment through an application corresponding to the target service, and inputs the first output result into a second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data, therefore, the model architecture and the model parameters which need to be protected are arranged in the security environment formed by the trusted execution environment, and subsequent data processing is carried out in the security environment, so that the model structure and the model parameters of the sub-model of the private part of an organization or an organization can be effectively protected from being stolen by attackers, and finally, the output result can not be positioned outside the trusted execution environment, thereby well preventing model extraction attack and model reverse attack, ensuring the security of business processing and a business model, and protecting the core assets of enterprises or organizations.
EXAMPLE five
Based on the same idea, embodiments of the present specification further provide a service processing apparatus, where the apparatus is an apparatus in a blockchain system, and the apparatus includes a trusted execution environment, as shown in fig. 6.
The service processing device comprises: a data acquisition module 601, a first result determination module 602, and a predicted result determination module 603, wherein:
a data obtaining module 601, configured to obtain service data for a target service, where the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model includes a model parameter to be protected, which is recorded in a model protection rule corresponding to the target service, and the second sub-model is disposed in a trusted execution environment of the apparatus and is capable of operating in the trusted execution environment;
a first result determining module 602, configured to input the service data into a first sub-model partitioned from a service model corresponding to the target service based on a first intelligent contract pre-deployed in the blockchain system, so as to obtain a first output result corresponding to the service data, where the first intelligent contract is used to trigger the first sub-model to process the obtained service data;
the prediction result determining module 603 is configured to, based on a second intelligent contract pre-deployed in the blockchain system, transmit the first output result to the trusted execution environment through an application corresponding to the target service, and input the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data, where the second intelligent contract is used to trigger transmission of an output result of the first submodel to the trusted execution environment and trigger processing of an output result of the first submodel in the trusted execution environment.
In an embodiment of this specification, the apparatus further includes:
the model acquisition module is used for acquiring a service model aiming at the target service based on a third intelligent contract which is pre-deployed in the block chain system;
the model segmentation module is used for acquiring a model protection rule corresponding to the target service based on the third intelligent contract, and segmenting the service model into a first sub-model and a second sub-model based on the model protection rule, wherein the second sub-model comprises a model parameter to be protected recorded in the model protection rule;
a setting module that sets the second submodel in a trusted execution environment based on the third smart contract to enable the second submodel to run in the trusted execution environment.
In an embodiment of this specification, the setting module includes:
a conversion unit, which converts the second submodel into data of a preset type capable of running in the trusted execution environment based on the third intelligent contract;
the encryption unit is used for encrypting the converted data based on the third intelligent contract and setting the encrypted data in the trusted execution environment;
and the decryption unit is used for decrypting the encrypted data in the trusted execution environment based on the third intelligent contract to obtain the converted data.
In an embodiment of the present specification, the preset type includes one or more of a Graph file type and a parameter type;
the preset type comprises a parameter type, and the device further comprises:
the index generation module is used for generating corresponding parameter index information through the converted data of the parameter type based on a fourth intelligent contract which is deployed in the block chain system in advance;
the index encryption module is used for encrypting the parameter index information based on the fourth intelligent contract and setting the encrypted parameter index information in the trusted execution environment;
and the index decryption module is used for decrypting the encrypted parameter index information in the trusted execution environment based on the fourth intelligent contract to obtain the parameter index information.
In an embodiment of this specification, the apparatus further includes:
and the general model setting module is used for setting the first sub-model in a general execution environment based on the second intelligent contract so that the first sub-model can run in the general execution environment.
The embodiment of the present specification provides a service processing apparatus, after service data for a target service is acquired, the service data is input into a first sub-model partitioned from a service model corresponding to the target service based on a first intelligent contract pre-deployed in a blockchain system, so as to obtain a first output result corresponding to the service data, the target service corresponds to a service model for processing the service data, the service model is partitioned into a first sub-model and a second sub-model, the second sub-model includes a model parameter to be protected recorded in a model protection rule corresponding to the target service, the second sub-model is disposed in a trusted execution environment of the apparatus and can run in the trusted execution environment, the first intelligent contract is used for triggering the first sub-model to process the acquired service data, and then, based on a second intelligent contract pre-deployed in the blockchain system, the first output result is transmitted to a trusted execution environment through an application corresponding to a target service, the first output result is input to a second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data, a second intelligent contract is used for triggering the output result of the first submodel to be transmitted to the trusted execution environment and triggering the output result of the first submodel to be processed in the trusted execution environment, so that a model architecture and model parameters needing to be protected are arranged in a security environment formed by the trusted execution environment and subsequent data processing is carried out in the security environment, thereby effectively protecting the model structure and the model parameters of the submodel of a private part of an organization or an organization from being stolen by an attacker, and finally, the output result is not outside the trusted execution environment, thereby well preventing model extraction attack and model reverse attack, the safety of business processing and business models is ensured, and the core assets of enterprises or organizations are protected.
EXAMPLE six
Based on the same idea, the service processing apparatus provided in the embodiment of the present specification further provides a service processing device, as shown in fig. 7.
The service processing device may be a terminal device, a server, or a device in a blockchain system provided in the foregoing embodiment, and a trusted execution environment may be set in the service processing device.
The business processing apparatus, which may have a large difference due to different configurations or performances, may include one or more processors 701 and a memory 702, and one or more stored applications or data may be stored in the memory 702. Memory 702 may be, among other things, transient storage or persistent storage. The application program stored in memory 702 may include one or more modules (not shown), each of which may include a series of computer-executable instructions for a business processing device. Still further, processor 701 may be configured to communicate with memory 702 to execute a series of computer-executable instructions in memory 702 on a business processing device. The traffic processing apparatus may also include one or more power supplies 1103, one or more wired or wireless network interfaces 704, one or more input-output interfaces 705, and one or more keyboards 706.
In particular, in this embodiment, the business processing apparatus includes a memory, and one or more programs, where the one or more programs are stored in the memory, and the one or more programs may include one or more modules, and each module may include a series of computer-executable instructions for the business processing apparatus, and the one or more programs configured to be executed by the one or more processors include computer-executable instructions for:
acquiring service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in the trusted execution environment and can run in the trusted execution environment;
inputting the service data into a first sub-model segmented from a service model corresponding to the target service to obtain a first output result corresponding to the service data;
and transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data.
In this embodiment of the specification, the transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data includes:
encrypting the first output result, and transmitting the encrypted first output result to the trusted execution environment through the application corresponding to the target service;
and in the trusted execution environment, decrypting the encrypted first output result, and inputting the decrypted first output result into the second submodel to obtain a model prediction result corresponding to the service data.
In this embodiment of this specification, before acquiring the service data for the target service, the method further includes:
acquiring a service model aiming at a target service;
based on a model protection rule corresponding to the target service, dividing the service model into a first sub-model and a second sub-model, wherein the second sub-model comprises a model parameter to be protected recorded in the model protection rule;
setting the second submodel in a trusted execution environment to enable the second submodel to run in the trusted execution environment.
In an embodiment of the present specification, the setting the second sub-model in a trusted execution environment includes:
converting the second sub-model into a preset type of data capable of running in the trusted execution environment;
encrypting the converted data, and setting the encrypted data in the trusted execution environment;
and decrypting the encrypted data in the trusted execution environment to obtain the converted data.
In an embodiment of the present specification, the preset type includes one or more of a Graph file type and a parameter type;
the preset type comprises a parameter type and further comprises:
generating corresponding parameter index information based on the converted data of the parameter types;
encrypting the parameter index information, and setting the encrypted parameter index information in the trusted execution environment;
and decrypting the encrypted parameter index information in the trusted execution environment to obtain the parameter index information.
In the embodiment of this specification, the method further includes:
setting the first submodel in a general execution environment to enable the first submodel to run in the general execution environment.
In the embodiment of the specification, the first sub-model is constructed by a BackBone feature network BackBone model, and the second sub-model is constructed by a feature data processing Neck model and a Head prediction model by using features.
In the embodiment of the present specification, the model parameters include a weight Weights parameter and/or an offset Bias parameter.
Further, in this embodiment, the business processing apparatus includes a memory, and one or more programs, wherein the one or more programs are stored in the memory, and the one or more programs may include one or more modules, and each module may include a series of computer-executable instructions for the business processing apparatus, and the one or more programs configured to be executed by the one or more processors include computer-executable instructions for:
acquiring service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment of the block chain node and can run in the trusted execution environment;
inputting the service data into a first sub-model divided from a service model corresponding to the target service based on a first intelligent contract pre-deployed in the blockchain system to obtain a first output result corresponding to the service data, wherein the first intelligent contract is used for triggering the first sub-model to process the acquired service data;
based on a second intelligent contract pre-deployed in the blockchain system, the first output result is transmitted to the trusted execution environment through an application corresponding to the target service, the first output result is input to the second submodel in the trusted execution environment, a model prediction result corresponding to the service data is obtained, and the second intelligent contract is used for triggering transmission of the output result of the first submodel to the trusted execution environment and triggering processing of the output result of the first submodel in the trusted execution environment.
In the embodiment of this specification, the method further includes:
acquiring a service model aiming at a target service based on a third intelligent contract which is pre-deployed in the block chain system;
obtaining a model protection rule corresponding to the target service based on the third intelligent contract, and dividing the service model into a first sub-model and a second sub-model based on the model protection rule, wherein the second sub-model comprises a model parameter to be protected recorded in the model protection rule;
based on the third smart contract, setting the second submodel in a trusted execution environment to enable the second submodel to run in the trusted execution environment.
In an embodiment of the present specification, the setting the second sub-model in a trusted execution environment based on the third intelligent contract includes:
converting the second sub-model into a preset type of data capable of running in the trusted execution environment based on the third smart contract;
based on the third intelligent contract, encrypting the converted data, and setting the encrypted data in the trusted execution environment;
and based on the third intelligent contract, decrypting the encrypted data in the trusted execution environment to obtain the converted data.
In an embodiment of the present specification, the preset type includes one or more of a Graph file type and a parameter type;
the preset type comprises a parameter type and further comprises:
generating corresponding parameter index information through the converted data of the parameter type based on a fourth intelligent contract which is pre-deployed in the block chain system;
based on the fourth intelligent contract, encrypting the parameter index information, and setting the encrypted parameter index information in the trusted execution environment;
and based on the fourth intelligent contract, decrypting the encrypted parameter index information in the trusted execution environment to obtain the parameter index information.
In the embodiment of this specification, the method further includes:
based on the second smart contract, setting the first submodel in a general purpose execution environment to enable the first submodel to run in the general purpose execution environment.
The embodiment of the present specification provides a service processing apparatus, which, after obtaining service data for a target service, inputs the service data into a first submodel partitioned from a service model corresponding to the target service to obtain a first output result corresponding to the service data, where the target service corresponds to a service model for processing the service data, the service model is partitioned into a first submodel and a second submodel, the second submodel includes a model parameter to be protected recorded in a model protection rule corresponding to the target service, the second submodel is disposed in a trusted execution environment and is capable of operating in the trusted execution environment, then transmits a first output result to the trusted execution environment through an application corresponding to the target service, and inputs the first output result into a second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data, therefore, the model architecture and the model parameters which need to be protected are arranged in the security environment formed by the trusted execution environment, and subsequent data processing is carried out in the security environment, so that the model structure and the model parameters of the sub-model of the private part of an organization or an organization can be effectively protected from being stolen by attackers, and finally, the output result can not be positioned outside the trusted execution environment, thereby well preventing model extraction attack and model reverse attack, ensuring the security of business processing and a business model, and protecting the core assets of enterprises or organizations.
EXAMPLE seven
Further, based on the methods shown in fig. 1 and fig. 4B, one or more embodiments of the present specification further provide a storage medium for storing computer-executable instruction information, in a specific embodiment, the storage medium may be a usb disk, an optical disk, a hard disk, or the like, and when the storage medium stores the computer-executable instruction information, the storage medium implements the following processes:
acquiring service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in the trusted execution environment and can run in the trusted execution environment;
inputting the service data into a first sub-model segmented from a service model corresponding to the target service to obtain a first output result corresponding to the service data;
and transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data.
In this embodiment of the specification, the transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data includes:
encrypting the first output result, and transmitting the encrypted first output result to the trusted execution environment through the application corresponding to the target service;
and in the trusted execution environment, decrypting the encrypted first output result, and inputting the decrypted first output result into the second submodel to obtain a model prediction result corresponding to the service data.
In this embodiment of this specification, before acquiring the service data for the target service, the method further includes:
acquiring a service model aiming at a target service;
based on a model protection rule corresponding to the target service, dividing the service model into a first sub-model and a second sub-model, wherein the second sub-model comprises a model parameter to be protected recorded in the model protection rule;
setting the second submodel in a trusted execution environment to enable the second submodel to run in the trusted execution environment.
In an embodiment of the present specification, the setting the second sub-model in a trusted execution environment includes:
converting the second sub-model into a preset type of data capable of running in the trusted execution environment;
encrypting the converted data, and setting the encrypted data in the trusted execution environment;
and decrypting the encrypted data in the trusted execution environment to obtain the converted data.
In an embodiment of the present specification, the preset type includes one or more of a Graph file type and a parameter type;
the preset type comprises a parameter type and further comprises:
generating corresponding parameter index information based on the converted data of the parameter types;
encrypting the parameter index information, and setting the encrypted parameter index information in the trusted execution environment;
and decrypting the encrypted parameter index information in the trusted execution environment to obtain the parameter index information.
In the embodiment of this specification, the method further includes:
setting the first submodel in a general execution environment to enable the first submodel to run in the general execution environment.
In the embodiment of the specification, the first sub-model is constructed by a BackBone feature network BackBone model, and the second sub-model is constructed by a feature data processing Neck model and a Head prediction model by using features.
In the embodiment of the present specification, the model parameters include a weight Weights parameter and/or an offset Bias parameter.
In addition, in another specific embodiment, the storage medium may be a usb disk, an optical disk, a hard disk, or the like, and the storage medium stores computer executable instruction information that, when executed by the processor, can implement the following process:
acquiring service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment of the block chain node and can run in the trusted execution environment;
inputting the service data into a first sub-model divided from a service model corresponding to the target service based on a first intelligent contract pre-deployed in the blockchain system to obtain a first output result corresponding to the service data, wherein the first intelligent contract is used for triggering the first sub-model to process the acquired service data;
based on a second intelligent contract pre-deployed in the blockchain system, the first output result is transmitted to the trusted execution environment through an application corresponding to the target service, the first output result is input to the second submodel in the trusted execution environment, a model prediction result corresponding to the service data is obtained, and the second intelligent contract is used for triggering transmission of the output result of the first submodel to the trusted execution environment and triggering processing of the output result of the first submodel in the trusted execution environment.
In the embodiment of this specification, the method further includes:
acquiring a service model aiming at a target service based on a third intelligent contract which is pre-deployed in the block chain system;
obtaining a model protection rule corresponding to the target service based on the third intelligent contract, and dividing the service model into a first sub-model and a second sub-model based on the model protection rule, wherein the second sub-model comprises a model parameter to be protected recorded in the model protection rule;
based on the third smart contract, setting the second submodel in a trusted execution environment to enable the second submodel to run in the trusted execution environment.
In an embodiment of the present specification, the setting the second sub-model in a trusted execution environment based on the third intelligent contract includes:
converting the second sub-model into a preset type of data capable of running in the trusted execution environment based on the third smart contract;
based on the third intelligent contract, encrypting the converted data, and setting the encrypted data in the trusted execution environment;
and based on the third intelligent contract, decrypting the encrypted data in the trusted execution environment to obtain the converted data.
In an embodiment of the present specification, the preset type includes one or more of a Graph file type and a parameter type;
the preset type comprises a parameter type and further comprises:
generating corresponding parameter index information through the converted data of the parameter type based on a fourth intelligent contract which is pre-deployed in the block chain system;
based on the fourth intelligent contract, encrypting the parameter index information, and setting the encrypted parameter index information in the trusted execution environment;
and based on the fourth intelligent contract, decrypting the encrypted parameter index information in the trusted execution environment to obtain the parameter index information.
In the embodiment of this specification, the method further includes:
based on the second smart contract, setting the first submodel in a general purpose execution environment to enable the first submodel to run in the general purpose execution environment.
The embodiment of the present specification provides a storage medium, which, after obtaining service data for a target service, inputs the service data into a first submodel partitioned from a service model corresponding to the target service to obtain a first output result corresponding to the service data, where the target service corresponds to a service model for processing the service data, the service model is partitioned into a first submodel and a second submodel, the second submodel includes a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second submodel is disposed in a trusted execution environment and is capable of operating in the trusted execution environment, and then transmits a first output result to the trusted execution environment through an application corresponding to the target service and inputs the first output result into the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data, therefore, the model architecture and the model parameters which need to be protected are arranged in the security environment formed by the trusted execution environment, and subsequent data processing is carried out in the security environment, so that the model structure and the model parameters of the sub-model of the private part of an organization or an organization can be effectively protected from being stolen by attackers, and finally, the output result can not be positioned outside the trusted execution environment, thereby well preventing model extraction attack and model reverse attack, ensuring the security of business processing and a business model, and protecting the core assets of enterprises or organizations.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an Integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Hardware Description Language), traffic, pl (core universal Programming Language), HDCal (jhdware Description Language), lang, Lola, HDL, laspam, hardward Description Language (vhr Description Language), vhal (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: the ARC625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller as pure computer readable program code, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the various elements may be implemented in the same one or more software and/or hardware implementations in implementing one or more embodiments of the present description.
As will be appreciated by one skilled in the art, embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, one or more embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, one or more embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
Embodiments of the present description are described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the description. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable fraud case serial-parallel apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable fraud case serial-parallel apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable fraud case to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable fraud case serial-parallel apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, one or more embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, one or more embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
One or more embodiments of the present description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. One or more embodiments of the specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only an example of the present specification, and is not intended to limit the present specification. Various modifications and alterations to this description will become apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present specification should be included in the scope of the claims of the present specification.

Claims (16)

1. A business processing method is applied to a business processing device, the business processing device comprises a trusted execution environment, and the method comprises the following steps:
acquiring service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in the trusted execution environment and can run in the trusted execution environment;
inputting the service data into a first sub-model segmented from a service model corresponding to the target service to obtain a first output result corresponding to the service data;
and transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data.
2. The method of claim 1, wherein the transferring the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data, includes:
encrypting the first output result, and transmitting the encrypted first output result to the trusted execution environment through the application corresponding to the target service;
and in the trusted execution environment, decrypting the encrypted first output result, and inputting the decrypted first output result into the second submodel to obtain a model prediction result corresponding to the service data.
3. The method of claim 1, prior to obtaining traffic data for a target traffic, the method further comprising:
acquiring a service model aiming at a target service;
based on a model protection rule corresponding to the target service, dividing the service model into a first sub-model and a second sub-model, wherein the second sub-model comprises a model parameter to be protected recorded in the model protection rule;
setting the second submodel in a trusted execution environment to enable the second submodel to run in the trusted execution environment.
4. The method of claim 3, the placing the second submodel in a trusted execution environment, comprising:
converting the second sub-model into a preset type of data capable of running in the trusted execution environment;
encrypting the converted data, and setting the encrypted data in the trusted execution environment;
and decrypting the encrypted data in the trusted execution environment to obtain the converted data.
5. The method of claim 4, wherein the preset types comprise one or more of a Graph file type and a parameter type;
the preset type comprises a parameter type, and the method further comprises the following steps:
generating corresponding parameter index information based on the converted data of the parameter types;
encrypting the parameter index information, and setting the encrypted parameter index information in the trusted execution environment;
and decrypting the encrypted parameter index information in the trusted execution environment to obtain the parameter index information.
6. The method of any of claims 1-5, further comprising:
setting the first submodel in a general execution environment to enable the first submodel to run in the general execution environment.
7. The method of claim 6, wherein the first sub-model is constructed by a BackBone feature network BackBone model, and the second sub-model is constructed by a feature data processing Neck model and a prediction Head model using features.
8. The method of claim 7, the model parameters comprising a weight Weights parameter and/or an offset Bias parameter.
9. A service processing method is applied to a blockchain system, the blockchain system comprises blockchain nodes, the blockchain nodes comprise trusted execution environments, and the method comprises the following steps:
acquiring service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment of the block chain node and can run in the trusted execution environment;
inputting the service data into a first sub-model divided from a service model corresponding to the target service based on a first intelligent contract pre-deployed in the blockchain system to obtain a first output result corresponding to the service data, wherein the first intelligent contract is used for triggering the first sub-model to process the acquired service data;
based on a second intelligent contract pre-deployed in the blockchain system, the first output result is transmitted to the trusted execution environment through an application corresponding to the target service, the first output result is input to the second submodel in the trusted execution environment, a model prediction result corresponding to the service data is obtained, and the second intelligent contract is used for triggering transmission of the output result of the first submodel to the trusted execution environment and triggering processing of the output result of the first submodel in the trusted execution environment.
10. The method of claim 9, further comprising:
acquiring a service model aiming at a target service based on a third intelligent contract which is pre-deployed in the block chain system;
obtaining a model protection rule corresponding to the target service based on the third intelligent contract, and dividing the service model into a first sub-model and a second sub-model based on the model protection rule, wherein the second sub-model comprises a model parameter to be protected recorded in the model protection rule;
based on the third smart contract, setting the second submodel in a trusted execution environment to enable the second submodel to run in the trusted execution environment.
11. A transaction processing apparatus, the apparatus comprising a trusted execution environment, the apparatus comprising:
the data acquisition module is used for acquiring service data aiming at a target service, the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in the trusted execution environment and can run in the trusted execution environment;
the first result determining module is used for inputting the business data into a first sub-model divided from a business model corresponding to the target business to obtain a first output result corresponding to the business data;
and the model prediction module is used for transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result into the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data.
12. A transaction processing apparatus, the apparatus being an apparatus in a blockchain system, the apparatus including a trusted execution environment therein, the apparatus comprising:
the data acquisition module is used for acquiring service data aiming at a target service, the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment of the device and can run in the trusted execution environment;
the first result determining module is used for inputting the business data into a first sub-model which is divided from a business model corresponding to the target business based on a first intelligent contract which is pre-deployed in the block chain system to obtain a first output result corresponding to the business data, and the first intelligent contract is used for triggering the first sub-model to process the obtained business data;
the prediction result determining module is used for transmitting the first output result to the trusted execution environment through an application corresponding to the target service based on a second intelligent contract which is deployed in the blockchain system in advance, inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data, and the second intelligent contract is used for triggering transmission of the output result of the first submodel to the trusted execution environment and triggering processing of the output result of the first submodel in the trusted execution environment.
13. A business processing device, the business processing device being provided with a trusted execution environment, comprising:
a processor; and
a memory arranged to store computer executable instructions that, when executed, cause the processor to:
acquiring service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in the trusted execution environment and can run in the trusted execution environment;
inputting the service data into a first sub-model segmented from a service model corresponding to the target service to obtain a first output result corresponding to the service data;
and transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data.
14. A business processing device, the business processing device being a device in a blockchain system, the business processing device being provided with a trusted execution environment, comprising:
a processor; and
a memory arranged to store computer executable instructions that, when executed, cause the processor to:
acquiring service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment of the block chain node and can run in the trusted execution environment;
inputting the service data into a first sub-model divided from a service model corresponding to the target service based on a first intelligent contract pre-deployed in the blockchain system to obtain a first output result corresponding to the service data, wherein the first intelligent contract is used for triggering the first sub-model to process the acquired service data;
based on a second intelligent contract pre-deployed in the blockchain system, the first output result is transmitted to the trusted execution environment through an application corresponding to the target service, the first output result is input to the second submodel in the trusted execution environment, a model prediction result corresponding to the service data is obtained, and the second intelligent contract is used for triggering transmission of the output result of the first submodel to the trusted execution environment and triggering processing of the output result of the first submodel in the trusted execution environment.
15. A storage medium for storing computer-executable instructions, which when executed implement the following:
acquiring service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment and can run in the trusted execution environment;
inputting the service data into a first sub-model segmented from a service model corresponding to the target service to obtain a first output result corresponding to the service data;
and transmitting the first output result to the trusted execution environment through the application corresponding to the target service, and inputting the first output result to the second submodel in the trusted execution environment to obtain a model prediction result corresponding to the service data.
16. A storage medium for storing computer-executable instructions, which when executed implement the following:
acquiring service data aiming at a target service, wherein the target service corresponds to a service model for processing the service data, the service model is divided into a first sub-model and a second sub-model, the second sub-model comprises a model parameter to be protected recorded in a model protection rule corresponding to the target service, and the second sub-model is arranged in a trusted execution environment of a block chain node and can run in the trusted execution environment;
inputting the service data into a first sub-model divided from a service model corresponding to the target service based on a first intelligent contract pre-deployed in the blockchain system to obtain a first output result corresponding to the service data, wherein the first intelligent contract is used for triggering the first sub-model to process the acquired service data;
based on a second intelligent contract pre-deployed in the blockchain system, the first output result is transmitted to the trusted execution environment through an application corresponding to the target service, the first output result is input to the second submodel in the trusted execution environment, a model prediction result corresponding to the service data is obtained, and the second intelligent contract is used for triggering transmission of the output result of the first submodel to the trusted execution environment and triggering processing of the output result of the first submodel in the trusted execution environment.
CN202111063850.2A 2021-09-10 2021-09-10 Service processing method, device and equipment Pending CN113792297A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111063850.2A CN113792297A (en) 2021-09-10 2021-09-10 Service processing method, device and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111063850.2A CN113792297A (en) 2021-09-10 2021-09-10 Service processing method, device and equipment

Publications (1)

Publication Number Publication Date
CN113792297A true CN113792297A (en) 2021-12-14

Family

ID=79183128

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111063850.2A Pending CN113792297A (en) 2021-09-10 2021-09-10 Service processing method, device and equipment

Country Status (1)

Country Link
CN (1) CN113792297A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114548255A (en) * 2022-02-17 2022-05-27 支付宝(杭州)信息技术有限公司 Model training method, device and equipment
CN114638685A (en) * 2022-03-07 2022-06-17 支付宝(杭州)信息技术有限公司 Risk identification method, device and equipment
WO2023226801A1 (en) * 2022-05-26 2023-11-30 支付宝(杭州)信息技术有限公司 Service processing method, apparatus, and device

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114548255A (en) * 2022-02-17 2022-05-27 支付宝(杭州)信息技术有限公司 Model training method, device and equipment
CN114638685A (en) * 2022-03-07 2022-06-17 支付宝(杭州)信息技术有限公司 Risk identification method, device and equipment
WO2023226801A1 (en) * 2022-05-26 2023-11-30 支付宝(杭州)信息技术有限公司 Service processing method, apparatus, and device

Similar Documents

Publication Publication Date Title
CN111680305B (en) Data processing method, device and equipment based on block chain
CN111475849B (en) Private data query method and device based on blockchain account
CN110245506B (en) Intelligent contract management method and device based on block chain and electronic equipment
CN110032883B (en) Method, system and node for realizing privacy protection in block chain
EP3044901B1 (en) Keying infrastructure
US10484352B2 (en) Data operations using a proxy encryption key
CN105453102B (en) The system and method for the private cipher key leaked for identification
CN113792297A (en) Service processing method, device and equipment
CN111475850B (en) Intelligent contract-based privacy data query method and device
CN106980793B (en) TrustZone-based universal password storage and reading method, device and terminal equipment
CN112016120A (en) Event prediction method and device based on user privacy protection
US11556630B2 (en) Private password constraint validation
US11265174B2 (en) Method, apparatus, and device for processing blockchain data
CN112434326B (en) Trusted computing method and device based on data flow
WO2023226801A1 (en) Service processing method, apparatus, and device
CN113704826A (en) Privacy protection-based business risk detection method, device and equipment
CN111079152A (en) Model deployment method, device and equipment
CN112948824B (en) Program communication method, device and equipment based on privacy protection
CN113239853B (en) Biological identification method, device and equipment based on privacy protection
CN112800467B (en) Online model training method, device and equipment based on data privacy protection
US20240048354A1 (en) Electronic device using homomorphic encryption and encrypted data processing method thereof
CN113282959A (en) Service data processing method and device and electronic equipment
CN112182509A (en) Method, device and equipment for detecting abnormity of compliance data
Lee et al. Classification and analysis of security techniques for the user terminal area in the internet banking service
CN111104693A (en) Android platform software data cracking method, terminal device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination