CN114024744A - Information protection method and artificial intelligence platform based on cloud computing and block chain service - Google Patents
Information protection method and artificial intelligence platform based on cloud computing and block chain service Download PDFInfo
- Publication number
- CN114024744A CN114024744A CN202111299771.1A CN202111299771A CN114024744A CN 114024744 A CN114024744 A CN 114024744A CN 202111299771 A CN202111299771 A CN 202111299771A CN 114024744 A CN114024744 A CN 114024744A
- Authority
- CN
- China
- Prior art keywords
- data
- information
- control center
- cloud computing
- service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 30
- 238000013473 artificial intelligence Methods 0.000 title claims abstract description 24
- 238000004891 communication Methods 0.000 claims abstract description 18
- 238000007726 management method Methods 0.000 claims description 41
- 238000012545 processing Methods 0.000 claims description 37
- 238000012795 verification Methods 0.000 claims description 16
- 238000010606 normalization Methods 0.000 claims description 13
- 210000003462 vein Anatomy 0.000 claims description 9
- 238000005516 engineering process Methods 0.000 claims description 8
- 238000007405 data analysis Methods 0.000 claims description 6
- 230000008447 perception Effects 0.000 claims description 4
- 230000009466 transformation Effects 0.000 claims description 4
- 238000004458 analytical method Methods 0.000 claims description 3
- 238000006243 chemical reaction Methods 0.000 claims description 3
- 238000012937 correction Methods 0.000 claims description 3
- 230000007613 environmental effect Effects 0.000 claims description 2
- 238000007781 pre-processing Methods 0.000 claims description 2
- 238000012544 monitoring process Methods 0.000 abstract description 7
- 230000003993 interaction Effects 0.000 abstract description 3
- 230000005540 biological transmission Effects 0.000 description 9
- 230000006870 function Effects 0.000 description 7
- 239000000654 additive Substances 0.000 description 2
- 230000000996 additive effect Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 2
- 238000013523 data management Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000012549 training Methods 0.000 description 2
- 230000005856 abnormality Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000013439 planning Methods 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an information protection method based on cloud computing and block chain service and an artificial intelligence platform, which solve the problems that the data volume of a monitoring system is low, the information of each monitoring area cannot be shared, different classified block nodes can be realized according to the difference of areas and application scenes, each sensing device can serve different application service layers, namely, each sensing layer node covers various sensing devices according to the difference of the application scenes, can be shared and used through a mobile phone interaction system or front-end control equipment according to actual application, carries out identity authentication on transmitted information data, can transmit the sensing information data only after the identity authentication is successful, forms a unique and safe communication channel, and ensures the safety of the transmitted data from multiple angles.
Description
Technical Field
The invention relates to the technical field of communication, in particular to an information protection method and an artificial intelligence platform based on cloud computing and block chain service.
Background
The traditional informatization construction mode of each business in the vertical industry can not meet the requirement of rapid development of urban communities, a basic resource platform below the application of the industry is opened, an inter-industry urban digital platform is established, capabilities such as cloud, video cloud, big data, Internet of things (IoT), Geographic Information System (GIS) and Integrated Communication Platform (ICP) are provided for smart city (such as communities and park scenes), and the intelligent city intelligent building can be combined with AI (information and intelligence) to be in butt joint with the application upwards and downwards through an industry enabling technology, so that a digital transformation tentacle of the intelligent park can be reached.
In recent years, with the popularization and rapid development of the technology of the internet of things, the application of the internet of things is visible everywhere in daily life. With the increasing concern of people on the importance of private data, the security management of the internet of things equipment becomes the focus of people's concern. However, the following problems generally exist in the current application of the internet of things: 1) lack of trust: information of each link of each participating main body is dispersedly stored in each main body, and the information among the main bodies is not transparent enough and is easy to be artificially tampered, so that the trust among the main bodies is lacked; 2) supervision tracing difficulty: due to lack of trust among all the main bodies, once a certain data has a problem, the efficiency is low when the problem reason is searched, and the supervision is difficult; 3) data transparency and core data protection are difficult to trade off: on one hand, the user hopes to see all data, on the other hand, the user does not hope that the core data of the user is seen by others, and certain contradiction is caused.
The following problems generally exist in the application of the current Internet of things: 1) lack of trust: information of each link of each participating main body is dispersedly stored in each main body, and the information among the main bodies is not transparent enough and is easy to be artificially tampered, so that the trust among the main bodies is lacked; 2) supervision tracing difficulty: because of lack of trust among all the main bodies, once a certain data has a problem, the efficiency is low when the problem reason is searched, and the supervision is difficult. An IoT data management strategy is mostly adopted in the existing data processing method of the Internet of things management platform, and the data management strategy has the defects of safety: security is a significant challenge facing organizations planning and implementing IoT solutions. It is expected that half of all security budgets of the IoT will be used for failover over a future period of time.
Disclosure of Invention
The invention aims to provide an information protection method based on cloud computing and block chain service and an artificial intelligence platform for identity authentication, a unique and safe communication channel is formed, and data security is guaranteed from multiple angles.
The artificial intelligence platform based on the cloud computing and the block chain service comprises a sensing node terminal, a control center and an operation terminal;
the block node data of the sensing node terminal is managed in a distributed mode, the sensing node terminal comprises a plurality of nodes, each node comprises a plurality of existing sensing devices, and the sensing devices are uploaded to the control center to be processed after being collected by the sensing node terminal;
the control center receives the information of the sensing node terminal, comprehensively analyzes and cooperatively processes the received information, and forwards a processing result to all operation terminals in a communication range of the control center, wherein the operation terminals comprise a cooperative processor, a propagation processing platform, a cloud service layer and an application service layer, and the cloud service layer and the application service layer are connected with the propagation processing platform through a common communication interface;
the operation terminal comprises identity authentication systems for establishing all operation terminals allowing to use the network, when a user passes through the operation terminal to apply for accessing the management and control center, the user firstly authenticates the identity of the operation terminal, and after the identity authentication is passed, the user is allowed to use the operation terminal to access the management and control center.
In one embodiment, the operation terminal includes:
the normalization module is used for carrying out scale normalization pretreatment on the palm vein image;
the image enhancement module is used for carrying out discretization processing on the vein image after the normalization processing by adopting a gray level correction method combining regional variance transformation and single-scale Retinex;
the image rough matching module is used for carrying out rough matching on the images by an improved gray difference curved surface method;
and the image fine matching module is used for performing fine matching on the images based on a correlation coefficient method.
In one embodiment, the management and control center stores the collected data in a grading manner by means of the characteristic that each node and the operation terminal upload data independently, shares the collected primary data by adopting a distributed layout, stores secondary data in the whole system by using a block chain and an intelligent contract technology, simultaneously performs encryption protection on privacy information of a user, and endows data query authorities of different degrees according to the access level of the user.
In one embodiment, the sensing node terminal includes:
the information perception module is used for perceiving environment information data, including data parameters of surrounding environment shot by a camera;
and the communication terminal module is used for receiving the information data transmitted from the data interface of the information perception module, carrying out frequency conversion on the information data and transmitting the information data to the intelligent control center.
In one embodiment, the management and control center further includes a data receiving and classifying module, configured to receive data of various devices, and classify the received data into primary data and secondary data according to a certain index; the primary data is basic information of the IOT equipment and the user, and the secondary data is core data of the IOT equipment and privacy data of the user.
In one embodiment, the cloud service layer provides a video streaming media transcoding service, a task engine service and a data analysis service; the video streaming media transcoding service supports RTSP video streaming live broadcast of H.264, H.265 and MP4, and can convert RSP stream into HTTP stream in MJPEG format for plug-in-free playing of webpage.
The information protection method based on the cloud computing and the blockchain service comprises the artificial intelligence platform based on the cloud computing and the blockchain service, and comprises the following steps of:
the sensing node terminal senses the surrounding environment and uploads information data to the control center;
the control center receives the information data for cooperative processing, and forwards the processing result to all operation terminals in the communication range of the control center;
and the operating terminal accesses through identity authentication and receives the processing result.
In one embodiment, the operation terminal accessing through authentication includes determining a specific identity of a sender of the access request: if the sender of the access request is an owner, verifying whether the owner has the access right of passing through the operation terminal, and if the owner passes the verification, connecting the operation terminal to the cloud service layer to provide hardware access service for the owner; if the sender of the access request is a merchant, providing marketing and pushing services provided by merchant information to the application service layer; and if the sender of the access request is the property, requesting the highest access authority to the management and control center through the operation terminal, and performing service management on the management and control center through the highest access authority.
In one embodiment, the authentication specifically includes:
carrying out scale normalization pretreatment on the palm vein image;
extracting features of data to be preprocessed to obtain a feature group, wherein the feature group can reflect basic information of an object;
inputting the feature group into a trained model to obtain a processing result;
and obtaining a target object based on the processing result.
The technical scheme has the following advantages or beneficial effects:
the information protection method and the artificial intelligence platform based on the cloud computing and the block chain service solve the problems that the data volume of a monitoring system is low, information of each monitoring area cannot be shared, different classified block nodes can be realized according to different areas and application scenes, each sensing device can serve different application service layers, namely, each sensing layer node covers various sensing devices according to different application scenes, can be shared and used through a mobile phone interaction system or front-end control equipment according to actual application, carries out identity authentication on transmitted information data, can transmit the sensing information data only after the identity authentication is successful, forms a unique and safe communication channel, and ensures the safety of the transmitted data from multiple angles.
Drawings
Fig. 1 is a schematic structural diagram of an artificial intelligence platform based on cloud computing and blockchain services according to the present invention.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail below.
Referring to fig. 1, an artificial intelligence platform based on cloud computing and block chain service includes a sensing node terminal 1, a management and control center 2, and an operation terminal 3;
the block node data of the sensing node terminal 1 is managed in a distributed mode, the sensing node terminal 1 comprises a plurality of nodes, each node comprises a plurality of existing sensing devices, and the sensing devices are uploaded to the control center 2 to be processed after being collected by the sensing node terminal 1;
the control center 2 receives the information of the sensing node terminal 1, performs comprehensive analysis on the received information, performs cooperative processing, and forwards a processing result to all operation terminals 3 in a communication range of the control center, wherein the operation terminals include a cooperative processor, a propagation processing platform, a cloud service layer and an application service layer, and the cloud service layer and the application service layer are connected with the propagation processing platform through a common communication interface;
the operation terminal 3 comprises identity authentication systems which are used for establishing all operation terminals 3 allowing to use the network, when a user passes through the operation terminal 3 and applies for accessing the management and control center 2, the user firstly authenticates the identity of the operation terminal 3, and after passing through the identity authentication, the user is allowed to use the operation terminal 3 to access the management and control center 2.
The identity authentication process comprises the following steps: the system comprises four main bodies, namely an operating terminal 3, a sensing node terminal 1, an identity contract module and a TEE (Trusted Execution Environment). Wherein, the function of the trusted execution environment TEE is designed as an information entry method and an information authentication method, the registration authentication authority is in the information entry method to the trusted execution environment TEE, the submitted information includes but is not limited to: request parameters such as information type, information attribution identity (identity) id, information hash value, registration certification authority signature and the like; in the information authentication method of the trusted execution environment TEE by the trusted authentication authority, the submitted information includes but is not limited to: information attribution identity id, information category, trusted certification authority and other request parameters. Because the trusted execution environment TEE does not allow any user to directly read the data stored in the TEE, the related data can be acquired only by possessing a specific key or being authorized, and the identity information is stored in the trusted execution environment TEE, thereby ensuring the security of the identity information.
Wherein, the identity authentication system includes:
the receiving module is used for receiving the information to be verified sent by the sensing node terminal 1; the information to be verified comprises first identity credential information obtained by the sensing node terminal 1 from a received query request initiated by the operating terminal 3, and a first hash value of the sensing node terminal 1 on the first identity credential information;
the obtaining module is used for obtaining second identity certificate information matched with the first identity certificate information from a Trusted Execution Environment (TEE);
and the verification module is used for verifying the identity of the operation terminal 3 according to the first hash value of the first identity certificate information and the second identity certificate information.
The receiving module is used for receiving the sent information to be verified; the information to be verified comprises first identity certificate information obtained from a received inquiry request initiated by the flyer and a first hash value of the first identity certificate information; the obtaining module is used for obtaining second identity certificate information matched with the first identity certificate information from a Trusted Execution Environment (TEE); the verification module is used for verifying the identity of the flyer according to the first hash value of the first identity certificate information and the second identity certificate information. The identity authentication device provided by the application not only provides the authentication function for identity information, but also improves the safety of identity certificate information storage.
Preferably, the identity authentication system further comprises:
the identity contract module is used for receiving the sent information to be verified; the information to be verified comprises first identity credential information obtained by the flyer from a received query request initiated by the sensing node terminal 1 and a first hash value of the first identity credential information;
optionally, in some embodiments of the present application, the information to be verified further includes a signature of the sensing node terminal 1 on the signature information, and the identity contract module is further configured to perform authority verification on the automatic identification module according to the signature information and the signature; after the authority of the automatic identification module passes verification, the identity contract module sends the first identity certificate information to a trusted execution environment TEE, and second identity certificate information matched with the first identity certificate information is obtained from the trusted execution environment TEE;
optionally, the identity contract module may verify whether the automatic identification module has authority to perform identity verification on the node to be sensed by verifying the public key of the sensing node terminal, and in some embodiments of the present application, the identity contract module may be configured to calculate the public key of the automatic identification module according to the signature information and the signature; according to the reference public key of the automatic identification module and the public key of the automatic identification module stored in the identity contract module, authority verification is carried out on the automatic identification module;
optionally, in some embodiments of the present application, the identity contract module may be configured to determine that the authority verification of the automatic identification module passes when the reference public key of the automatic identification module stored in the identity contract module is consistent with the public key of the automatic identification module;
the TEE module is used for receiving the first identity certificate information sent by the identity contract module, inquiring according to the first identity certificate information to obtain second identity certificate information matched with the first identity certificate information, and returning the second identity certificate information to the identity contract module;
the identity contract module is further used for carrying out identity verification on the flyer according to the first hash value of the first identity certificate information and the second identity certificate information.
Further, in a preferred embodiment of the artificial intelligence platform based on cloud computing and block chain service in the present invention, the operation terminal 3 includes:
the normalization module 31 is used for carrying out scale normalization preprocessing on the palm vein image;
the image enhancement module 32 is used for carrying out discretization processing on the vein image after the normalization processing by adopting a gray level correction method combining regional variance transformation and single-scale Retinex;
the image rough matching module 33 performs rough matching on the image by an improved gray difference curve method;
and the image fine matching module 34 is used for performing fine matching on the images based on a correlation coefficient method.
Further, in a preferred embodiment of the artificial intelligence platform based on cloud computing and block chain service, the management and control center 2 further includes a data receiving and classifying module 21, configured to receive data of various devices, and classify the received data according to a certain index, and divide the data into primary data and secondary data; the primary data is basic information of the IOT equipment and the user, and the secondary data is core data of the IOT equipment and privacy data of the user.
Further, in a preferred embodiment of the artificial intelligence platform based on cloud computing and block chain service, the management and control center 2 stores the collected data in a hierarchical manner by means of the characteristic that each node and the operation terminal upload data autonomously, shares the collected primary data by adopting a distributed layout, stores secondary data in the whole system by using a block chain and intelligent contract technology, simultaneously performs encryption protection on privacy information of a user, and gives data query authorities of different degrees according to the access level of the user.
Management and control center 2 includes data processing system and management system, data processing system's inside is provided with data analysis module and data statistics module, data analysis module is used for right the management and control center carries out big data analysis, management system's inside is provided with whole network monitoring management system and whole network information transmission management system, management system has multiple front end controlgear through wireless connection.
When detecting an access request, the operation terminal 3 judges identity information of a sender of the access request; if the sender of the access request is an owner, verifying whether the owner has the access right of passing through the operation terminal 3, and if the owner passes the verification, connecting the owner to the management and control center 2 through the operation terminal 3 to provide hardware access service for the owner; if the sender of the access request is a merchant, marketing and pushing services provided by merchant information are provided for the management and control center 2; if the sender of the access request is an administrator, requesting the highest access authority from the management and control center 2 through the operation terminal 3, and performing service management on the management and control center 2 through the highest access authority.
The cooperative processor is further configured to receive data input by the third-party terminal device 2, and store the data in the cloud service layer and the application service layer in a classified manner according to the service type of the data; the input data is encrypted in different modes according to the security levels of the account login information data, the control instruction data and the system privacy data; the account login information class data is I-level and highest in level, and is encrypted through a DM5 algorithm, an AES encryption technology and a digital signature; the control instruction class data is of level II, and is encrypted by adopting an MD5 algorithm and a digital signature; the system privacy data is class III, and is encrypted by adopting an MD5 algorithm and an AES encryption technology; the cooperative processor is in signal connection with the control center 2 and is used for transmitting data to the control center 2.
The data of the equipment needs to be encrypted by AES128 with time stamp data and then transmitted to the server, the server also needs to be encrypted by the AES128 with time stamp data and then transmitted to the coprocessor, when data transmission is carried out between the coprocessor and the client,
when the server and the coprocessor carry out data transmission, the data encryption is carried out on the transmitted data according to the AES128S and the time stamp mode, specifically, when the server a transfers parameters, the current time stamp of the system is firstly obtained, and is transmitted in an encrypted manner by the AESA128 in conjunction with a secret key, which is known only to the server and is not transmitted over the network, and stores the time stamp in the cache of the server a, sends the data to the server b, the server b obtains the time stamp, if the difference with the current time is more than 1 minute, the return request fails, if the difference between the time stamp and the current time is less than or equal to 1 minute, the time stamp passes the verification, the time stamp and the key are used for decryption operation, if the decryption is unsuccessful, an error is returned, and the corresponding IP is recorded, and further, when twenty consecutive unsuccessful operations occur, the IP restricted access is configured for 10 hours. In the data submitted in the mode, signature parameters connected with the URL are encrypted by a certain rule, the server also carries out safety encryption by the same rule after receiving the data, and data modification processing is carried out after the data are confirmed to be not tampered midway, so that different encryption keys are appointed by different access modes such as Web/APP/Winfrom and the like, the keys are agreed by two parties and are not transmitted on a network connection, the connection transmission is an accessed App ID, and the server carries out encryption comparison on the signature parameters through the App ID.
In addition, for the intelligent system equipment, when the equipment and the current co-processor are used for data transmission, the classification is carried out, and the higher the classification is, the more complicated the encryption mode is. The level comprises account login information data, control instruction data and system privacy data of the user. The user's account login information data is I-level, the highest level, and processed by MD5 algorithm and AES encryption technology, and digitally signed to ensure the security, integrity and non-repudiation of data in the transmission process, for example, in the scene that the user sends an instruction to the management server through APP, the server executes the instruction to the device, all devices cannot access the external network, and can only transmit data in the local area network through the local area network server, the user data is encrypted through MD5 during data transmission, then the user name and password of the user are encrypted and stored in the local database by using a specific key value, and a string of cipher text is generated as the token of the user by using MD5 to encrypt the user name and a corresponding random code, the validity period of the token is set for the user to be 2 days, if the user is not used, the token is expired after two days, if the user fails to verify the token for 10 consecutive times, will be pulled into the blacklist and will not be accessible within 10 hours. The management instruction class data belongs to II class data and comprises a series of control operations made to the system, and in order to ensure that the initiated control instruction is a legal user, the MD5 algorithm and a digital signature are adopted to ensure the safe transmission of the control instruction. For example, before the control instruction is sent, the control instruction is encrypted by using MD5, AES encryption processing is performed after the control instruction is used, the control instruction transmitted by the user is subjected to token verification and IP verification by the local server, the encrypted control instruction is sent to the intelligent system device after the verification, the intelligent system device can decrypt the control instruction, and judges whether the control instruction is a conventional control instruction or not after the decryption, if the control instruction is not a conventional control instruction, the information of the control instruction is transmitted to the community center management server, the number of times of occurrence of an abnormality is counted, if the control instruction occurs for multiple times, the access authority of the IP for sending the control instruction is limited, if the control instruction is a conventional control instruction, the instruction is executed after the analysis is successful, and the control instruction is recorded by a log. The system privacy class data is class III, and is encrypted by adopting an MD5 algorithm and an AES encryption algorithm. In addition, for the transmission of some common data, an AES algorithm with high speed and high encryption efficiency is selected for processing.
Further, in a preferred embodiment of the artificial intelligence platform based on cloud computing and block chain service in the present invention, the sensing node terminal 1 includes:
the information perception module 11 is used for perceiving environmental information data, including data parameters of surrounding environment shot by a camera;
and the communication terminal module 12 is configured to receive the information data transmitted from the data interface of the information sensing module 11, perform frequency conversion on the information data, and transmit the information data to the intelligent management and control center 1.
Further, in a preferred embodiment of the artificial intelligence platform based on cloud computing and block chain service, the cloud service layer provides a video streaming media transcoding service, a task engine service and a data analysis service; the video streaming media transcoding service supports RTSP video streaming live broadcast of H.264, H.265 and MP4, and can convert RSP stream into HTTP stream in MJPEG format for plug-in-free playing of webpage.
The information protection method based on the cloud computing and the blockchain service comprises the artificial intelligence platform based on the cloud computing and the blockchain service, and comprises the following steps of:
the sensing node terminal senses the surrounding environment and uploads information data to the control center;
the control center receives the information data for cooperative processing, and forwards the processing result to all operation terminals in the communication range of the control center;
and the operating terminal accesses through identity authentication and receives the processing result.
Further, in a preferred embodiment of the information protection method based on cloud computing and block chain service, the accessing of the operating terminal by the identity authentication includes determining a specific identity of a sender of the access request: if the sender of the access request is an owner, verifying whether the owner has the access right of passing through the operation terminal, and if the owner passes the verification, connecting the operation terminal to the cloud service layer to provide hardware access service for the owner; if the sender of the access request is a merchant, providing marketing and pushing services provided by merchant information to the application service layer; and if the sender of the access request is the property, requesting the highest access authority to the management and control center through the operation terminal, and performing service management on the management and control center through the highest access authority.
Further, in a preferred embodiment of the information protection method based on cloud computing and blockchain service, the identity authentication specifically includes:
carrying out scale normalization pretreatment on the palm vein image;
extracting features of data to be preprocessed to obtain a feature group, wherein the feature group can reflect basic information of an object;
inputting the feature group into a trained model to obtain a processing result;
and obtaining a target object based on the processing result.
The normalization comprises: by MinMaxScale function
X_std=(X-X.min(axis=0))/(X.max(axis=0)-X.min(axis=0))
X_scaled=X_std/(max-min)+min
And (3) standardization: (X-mean)/std
Discretizing: the discretization is to segment continuous numerical features, and the data in each segment can be used as a new feature
On-hot N dimensions to encode N classes, and for each class, only one dimension is valid, denoted as the number 1; the other dimensions are all marked with the number 0
Xgboost (input data is operated to obtain the singleton rate, and the target user is identified by the singleton rate)
The XGboost algorithm can be regarded as an addition model consisting of K trees (a plurality of addition models are integrated, and each addition model calculates characteristics)
The objective function of the additive model is defined as: (optimal training of parameters of additive model by objective function)
XGboost objective function (optimization training of xGboost parameters through objective function)
It should be noted that the embodiments of the present invention can be realized by hardware, software, or a combination of software and hardware. The hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory and executed by a suitable instruction execution system, such as a microprocessor or specially designed hardware. Those skilled in the art will appreciate that the apparatus and methods described above may be implemented using computer executable instructions and/or embodied in processor control code, such code being provided on a carrier medium such as a disk, CD-or DVD-ROM, programmable memory such as read only memory (firmware), or a data carrier such as an optical or electronic signal carrier, for example. The apparatus and its modules of the present invention may be implemented by hardware circuits such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., or by software executed by various types of processors, or by a combination of hardware circuits and software, e.g., firmware.
In summary, the information protection method and the artificial intelligence platform based on cloud computing and block chain service solve the problems that the data volume of a monitoring system is low, information of each monitoring area cannot be shared, different classified block nodes can be realized according to different areas and application scenes, each sensing device can serve different application service layers, namely, each sensing layer node covers various sensing devices according to different application scenes, can be shared and used through a mobile phone interaction system or front-end control equipment according to actual application, performs identity authentication on transmitted information data, can transmit the sensing information data only after the identity authentication is successful, forms a unique and safe communication channel, and ensures the safety of the transmitted data from multiple angles.
While the invention has been described with reference to a preferred embodiment, it will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the invention.
In the description of the present invention, it is to be understood that the terms "upper", "lower", "front", "rear", and the like, which indicate orientations or positional relationships, are based on the orientations or positional relationships shown in the drawings, are only for convenience in describing the present invention and simplifying the description, and do not indicate or imply that the referred devices or elements must have a specific orientation, be constructed in a specific orientation, and be operated, and thus, should not be construed as limiting the present invention.
Claims (9)
1. The artificial intelligence platform based on cloud computing and block chain service is characterized by comprising a sensing node terminal 1, a control center 2 and an operation terminal 3;
the block node data of the sensing node terminal 1 is managed in a distributed mode, the sensing node terminal 1 comprises a plurality of nodes, each node comprises a plurality of existing sensing devices, and the sensing devices are uploaded to the control center 2 to be processed after being collected by the sensing node terminal 1;
the control center 2 receives the information of the sensing node terminal 1, performs comprehensive analysis on the received information, performs cooperative processing, and forwards a processing result to all operation terminals 3 in a communication range of the control center, wherein the operation terminals include a cooperative processor, a propagation processing platform, a cloud service layer and an application service layer, and the cloud service layer and the application service layer are connected with the propagation processing platform through a common communication interface;
the operation terminal 3 comprises identity authentication systems which are used for establishing all operation terminals 3 allowing to use the network, when a user passes through the operation terminal 3 and applies for accessing the management and control center 2, the user firstly authenticates the identity of the operation terminal 3, and after passing through the identity authentication, the user is allowed to use the operation terminal 3 to access the management and control center 2.
2. The cloud computing and blockchain service based artificial intelligence platform according to claim 1, wherein the operation terminal 3 comprises:
the normalization module 31 is used for carrying out scale normalization preprocessing on the palm vein image;
the image enhancement module 32 is used for carrying out discretization processing on the vein image after the normalization processing by adopting a gray level correction method combining regional variance transformation and single-scale Retinex;
the image rough matching module 33 performs rough matching on the image by an improved gray difference curve method;
and the image fine matching module 34 is used for performing fine matching on the images based on a correlation coefficient method.
3. The cloud computing and block chain service-based artificial intelligence platform of claim 1, wherein the management and control center 2 further comprises a data receiving and classifying module 21, configured to receive data of various devices, and classify the received data according to a certain index, and classify the received data into primary data and secondary data; the primary data is basic information of the IOT equipment and the user, and the secondary data is core data of the IOT equipment and privacy data of the user.
4. The artificial intelligence platform based on cloud computing and blockchain services according to claim 3, wherein the management and control center 2 stores the collected data in a hierarchical manner by virtue of a characteristic that each node and the operation terminal upload data autonomously, shares the collected primary data by adopting a distributed layout, stores secondary data in the whole system by using a blockchain and intelligent contract technology, simultaneously performs encryption protection on privacy information of users, and gives data query authority of different degrees according to access levels of the users.
5. The cloud computing and blockchain service based artificial intelligence platform according to claim 1, wherein the sensing node terminal 1 comprises:
the information perception module 11 is used for perceiving environmental information data, including data parameters of surrounding environment shot by a camera;
and the communication terminal module 12 is configured to receive the information data transmitted from the data interface of the information sensing module 11, perform frequency conversion on the information data, and transmit the information data to the intelligent management and control center 1.
6. The cloud computing and blockchain service based artificial intelligence platform of claim 1, wherein the cloud service layer provides video streaming media transcoding services, task engine services, and data analysis services; the video streaming media transcoding service supports RTSP video streaming live broadcast of H.264, H.265 and MP4, and can convert RSP stream into HTTP stream in MJPEG format for plug-in-free playing of webpage.
7. The information protection method based on the cloud computing and the block chain service comprises the artificial intelligence platform based on the cloud computing and the block chain service, which is characterized by comprising the following steps:
the sensing node terminal senses the surrounding environment and uploads information data to the control center;
the control center receives the information data for cooperative processing, and forwards the processing result to all operation terminals in the communication range of the control center;
and the operating terminal accesses through identity authentication and receives the processing result.
8. The information protection method based on cloud computing and block chain service of claim 7, wherein the operation terminal accessing through identity authentication includes determining a specific identity of a sender of an access request: if the sender of the access request is an owner, verifying whether the owner has the access right of passing through the operation terminal, and if the owner passes the verification, connecting the operation terminal to the cloud service layer to provide hardware access service for the owner; if the sender of the access request is a merchant, providing marketing and pushing services provided by merchant information to the application service layer; and if the sender of the access request is the property, requesting the highest access authority to the management and control center through the operation terminal, and performing service management on the management and control center through the highest access authority.
9. The information protection method based on cloud computing and blockchain services according to claim 7, wherein the specific steps of the identity authentication include:
carrying out scale normalization pretreatment on the palm vein image;
extracting features of data to be preprocessed to obtain a feature group, wherein the feature group can reflect basic information of an object;
inputting the feature group into a trained model to obtain a processing result;
and obtaining a target object based on the processing result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111299771.1A CN114024744A (en) | 2021-11-04 | 2021-11-04 | Information protection method and artificial intelligence platform based on cloud computing and block chain service |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111299771.1A CN114024744A (en) | 2021-11-04 | 2021-11-04 | Information protection method and artificial intelligence platform based on cloud computing and block chain service |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114024744A true CN114024744A (en) | 2022-02-08 |
Family
ID=80061090
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111299771.1A Pending CN114024744A (en) | 2021-11-04 | 2021-11-04 | Information protection method and artificial intelligence platform based on cloud computing and block chain service |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114024744A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114866249A (en) * | 2022-04-19 | 2022-08-05 | 立芯科技股份有限公司 | Block chain-based lead sealing lock system with multiple groups of electronic tags and interaction method |
| CN115936550A (en) * | 2023-03-10 | 2023-04-07 | 立芯科技股份有限公司 | Checking system and method based on data preprocessing model |
| CN116881882A (en) * | 2023-09-07 | 2023-10-13 | 九一金融信息服务(北京)有限公司 | Intelligent risk control system based on big data |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108234515A (en) * | 2018-01-25 | 2018-06-29 | 中国科学院合肥物质科学研究院 | A kind of Self-certified digital identity management system and its method based on intelligent contract |
| CN108667612A (en) * | 2018-04-03 | 2018-10-16 | 中电科大数据研究院有限公司 | A kind of trust service framework and method based on block chain |
| CN111324881A (en) * | 2020-02-20 | 2020-06-23 | 铭数科技(青岛)有限公司 | Data security sharing system and method fusing Kerberos authentication server and block chain |
| US20210328791A1 (en) * | 2020-07-08 | 2021-10-21 | Alipay (Hangzhou) Information Technology Co., Ltd. | Blockchain data processing methods and apparatuses based on cloud computing |
-
2021
- 2021-11-04 CN CN202111299771.1A patent/CN114024744A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108234515A (en) * | 2018-01-25 | 2018-06-29 | 中国科学院合肥物质科学研究院 | A kind of Self-certified digital identity management system and its method based on intelligent contract |
| CN108667612A (en) * | 2018-04-03 | 2018-10-16 | 中电科大数据研究院有限公司 | A kind of trust service framework and method based on block chain |
| CN111324881A (en) * | 2020-02-20 | 2020-06-23 | 铭数科技(青岛)有限公司 | Data security sharing system and method fusing Kerberos authentication server and block chain |
| US20210328791A1 (en) * | 2020-07-08 | 2021-10-21 | Alipay (Hangzhou) Information Technology Co., Ltd. | Blockchain data processing methods and apparatuses based on cloud computing |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114866249A (en) * | 2022-04-19 | 2022-08-05 | 立芯科技股份有限公司 | Block chain-based lead sealing lock system with multiple groups of electronic tags and interaction method |
| CN114866249B (en) * | 2022-04-19 | 2024-02-20 | 立芯科技股份有限公司 | Block chain-based lead sealing lock system with multiple groups of electronic tags and interaction method |
| CN115936550A (en) * | 2023-03-10 | 2023-04-07 | 立芯科技股份有限公司 | Checking system and method based on data preprocessing model |
| CN116881882A (en) * | 2023-09-07 | 2023-10-13 | 九一金融信息服务(北京)有限公司 | Intelligent risk control system based on big data |
| CN116881882B (en) * | 2023-09-07 | 2023-12-01 | 九一金融信息服务(北京)有限公司 | Intelligent risk control system based on big data |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11689529B2 (en) | Systems and methods for online third-party authentication of credentials | |
| CN109639714B (en) | Internet of things identity registration and verification method based on block chain | |
| US20190342096A1 (en) | Online identity and credential verification systems and methods protecting user data | |
| CN114024744A (en) | Information protection method and artificial intelligence platform based on cloud computing and block chain service | |
| US10348699B2 (en) | Identity binding systems and methods in a personal data store in an online trust system | |
| CN104184713A (en) | Terminal identification method, machine identification code registration method, and corresponding system and equipment | |
| CN116527372B (en) | Internet-based data security interaction system and method | |
| CN111475866A (en) | Block chain electronic evidence preservation method and system | |
| CN110324350A (en) | Identity identifying method and server based on the non-sensitive sensing data in mobile terminal | |
| CN109714169B (en) | Data credible circulation platform based on strict authorization and circulation method thereof | |
| Wang et al. | An Efficient Data Sharing Scheme for Privacy Protection Based on Blockchain and Edge Intelligence in 6G‐VANET | |
| Gao et al. | BFR‐SE: A Blockchain‐Based Fair and Reliable Searchable Encryption Scheme for IoT with Fine‐Grained Access Control in Cloud Environment | |
| Althati et al. | Scalable Machine Learning Solutions for Heterogeneous Data in Distributed Data Platform | |
| CN112118572B (en) | Data safety transmission system and method based on 5G communication in industrial network scene | |
| Yang et al. | Multimedia security and privacy protection in the internet of things: research developments and challenges | |
| CN115840965B (en) | Information security guarantee model training method and system | |
| CN116806038A (en) | Decentralizing computer data sharing method and device | |
| Shao et al. | From Centralized Protection to Distributed Edge Collaboration: A Location Difference‐Based Privacy‐Preserving Framework for Mobile Crowdsensing | |
| CN115134080B (en) | Data transmission method and device based on security encryption chip | |
| CN116170806A (en) | Smart power grid LWM2M protocol security access control method and system | |
| CN109218320B (en) | Website link security verification method and device, computer equipment and storage medium | |
| WO2020062072A1 (en) | Wireless internet of things physical layer hybrid authentication method and system based on service network | |
| Verchok et al. | Hunting Sybils in Participatory Mobile Consensus-Based Networks | |
| Zhu et al. | Multimedia fusion privacy protection algorithm based on iot data security under network regulations | |
| Jiang et al. | A Trusted Architecture Based on Semantic Communication for Matching Data and Models |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 315500 No. 98, Huiming Road, Jiangkou street, Fenghua District, Ningbo City, Zhejiang Province Applicant after: Haite Yuntong (Zhejiang) Technology Industry Development Co.,Ltd. Applicant after: Jiaxing Qingmang pioneering Service Co.,Ltd. Address before: 315500 4-1, No. 98, Huiming Road, Fenghua District, Ningbo City, Zhejiang Province Applicant before: Ningbo Haite technology transfer Co.,Ltd. Applicant before: Jiaxing Qingmang pioneering Service Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20230612 Address after: Room 2401-9, No.109 Caodui Road, Danghu Street, Pinghu City, Jiaxing, Zhejiang Province 314200 Applicant after: Zhejiang Fuao Software Development Co.,Ltd. Applicant after: Haite Yuntong (Zhejiang) Technology Industry Development Co.,Ltd. Address before: 315500 No. 98, Huiming Road, Jiangkou street, Fenghua District, Ningbo City, Zhejiang Province Applicant before: Haite Yuntong (Zhejiang) Technology Industry Development Co.,Ltd. Applicant before: Jiaxing Qingmang pioneering Service Co.,Ltd. |
|
| TA01 | Transfer of patent application right |