CN114201777B - Data processing method and system - Google Patents

Data processing method and system Download PDF

Info

Publication number
CN114201777B
CN114201777B CN202210139842.XA CN202210139842A CN114201777B CN 114201777 B CN114201777 B CN 114201777B CN 202210139842 A CN202210139842 A CN 202210139842A CN 114201777 B CN114201777 B CN 114201777B
Authority
CN
China
Prior art keywords
resource
requester
data
information
provider
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210139842.XA
Other languages
Chinese (zh)
Other versions
CN114201777A (en
Inventor
刘照星
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang eCommerce Bank Co Ltd
Original Assignee
Zhejiang eCommerce Bank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang eCommerce Bank Co Ltd filed Critical Zhejiang eCommerce Bank Co Ltd
Priority to CN202210139842.XA priority Critical patent/CN114201777B/en
Publication of CN114201777A publication Critical patent/CN114201777A/en
Application granted granted Critical
Publication of CN114201777B publication Critical patent/CN114201777B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the specification provides a data processing method and a data processing system, wherein the data processing method is applied to a data processing system, the system comprises a resource provider, a data provider and a third party authorization platform, and the method comprises the following steps: the data provider determines requester data according to a requester identifier in the data acquisition request and sends the requester data to the third party authorization platform; the third party authorization platform encrypts requester identification information in the requester data to obtain requester encrypted data and sends the requester encrypted data to the resource provider; and the resource provider determines resource limit encryption information according to the encrypted data of the requester.

Description

Data processing method and system
Technical Field
The embodiment of the specification relates to the technical field of compliance data management, in particular to a data processing method and system.
Background
With the development of society, personal information is protected more and more, and the personal information of a user needs to be protected more, so that on the basis, higher privacy protection requirements are put forward for the data circulation industry, privacy requirements need to be strengthened in many links related to data authorization and data circulation, and the first step of data privacy protection is that strong authorization is needed by a client. Therefore, how to guarantee the user experience while ensuring the privacy and the security of the data becomes a problem to be solved urgently by technical staff.
Disclosure of Invention
In view of this, the embodiments of the present specification provide a data processing method. One or more embodiments of the present specification relate to a data processing system, a computing device, a computer-readable storage medium, and a computer program, so as to solve the technical problems of the prior art.
According to a first aspect of embodiments of the present specification, there is provided a data processing method applied to a data processing system, where the system includes a resource requester, a resource provider, a data provider, and a third party authorization platform, the method includes:
the data provider determines requester data according to a requester identifier in the data acquisition request and sends the requester data to the third party authorization platform;
the third party authorization platform encrypts requester identification information in the requester data to obtain requester encrypted data and sends the requester encrypted data to the resource provider;
the resource provider determines resource limit encryption information according to the requester encrypted data and sends the resource limit encryption information to the third party authorization platform;
the third party authorization platform decrypts the identification information of the requester in the resource limit encrypted information to obtain resource limit information, and sends the resource limit information to the resource provider, wherein the resource limit information comprises the identification information of the requester and resource limit distribution information;
and the resource provider determines a resource requester according to the requester identification information and displays the resource limit distribution information to the resource requester.
According to a second aspect of embodiments herein, there is provided a data processing system comprising:
the data provider is configured to determine requester data according to a requester identifier in the data acquisition request and send the requester data to a third party authorization platform;
the third party authorization platform is configured to encrypt requester identification information in the requester data, obtain requester encrypted data and send the requester encrypted data to a resource provider;
the resource provider is configured to determine resource limit encryption information according to the requester encrypted data and send the resource limit encryption information to the third party authorization platform;
the third party authorization platform is further configured to decrypt requester identification information in the resource limit encrypted information, obtain resource limit information and send the resource limit information to the resource provider, wherein the resource limit information comprises the requester identification information and resource limit distribution information;
the resource provider is configured to determine a resource requester according to the requester identification information and display the resource quota allocation information to the resource requester.
According to a third aspect of embodiments herein, there is provided a computing device comprising a memory, a processor and computer instructions stored on the memory and executable on the processor, the processor implementing the steps of the data processing method when executing the computer instructions.
According to a fourth aspect of embodiments herein, there is provided a computer readable storage medium storing computer instructions which, when executed by a processor, implement the steps of the data processing method.
According to a fifth aspect of embodiments herein, there is provided a computer program, wherein the computer program, when executed in a computer, causes the computer to perform the steps of the above-mentioned data processing method.
The data processing method provided by the specification is applied to a data processing system, the system comprises a resource provider, a data provider and a third party authorization platform, and the method comprises the steps that the data provider determines requester data according to a requester identifier in a data acquisition request and sends the requester data to the third party authorization platform; the third party authorization platform encrypts requester identification information in the requester data to obtain requester encrypted data and sends the requester encrypted data to the resource provider; and the resource provider determines resource limit encryption information according to the encrypted data of the requester.
In the embodiment of the specification, during the data circulation process of acquiring the resource quota by the resource requester, the quota information of the resource requester is determined according to other information (such as attribute information of the requester) in the requester data except the requester identification information, and the resource quota information corresponding to the requester can be predicted for the resource requester under the condition that the authorization of the resource requester is not obtained, so that the data security of the requester data during the circulation among multiple parties is improved, and the resource quota evaluation work of the resource requester by the resource provider can be normally executed.
Drawings
FIG. 1 is a schematic diagram of a data processing method according to an embodiment of the present disclosure;
FIG. 2 is a flow diagram of a data processing method provided by one embodiment of the present description;
FIG. 3 is a flowchart of a data processing method applied to the loan field according to an embodiment of the present disclosure;
FIG. 4 is a block diagram of a data processing system, according to one embodiment of the present disclosure;
fig. 5 is a block diagram of a computing device according to an embodiment of the present disclosure.
Detailed Description
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present description. This description may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein, as those skilled in the art will be able to make and use the present disclosure without departing from the spirit and scope of the present disclosure.
The terminology used in the description of the one or more embodiments is for the purpose of describing the particular embodiments only and is not intended to be limiting of the description of the one or more embodiments. As used in one or more embodiments of the present specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used in one or more embodiments of the present specification is intended to encompass any and all possible combinations of one or more of the associated listed items.
It will be understood that, although the terms first, second, etc. may be used herein in one or more embodiments to describe various information, these information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, a first can also be referred to as a second and, similarly, a second can also be referred to as a first without departing from the scope of one or more embodiments of the present description. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
In the present specification, a data processing method is provided, and the present specification relates to a data processing system, a computing device, a computer-readable storage medium, and a computer program, which are described in detail one by one in the following embodiments.
Fig. 1 is a schematic diagram illustrating a scenario of a data processing method provided in an embodiment of the present specification, where the application scenario includes a resource requester 100, a resource provider 102, a data provider 104, and a third party authorization platform 106.
Specifically, the resource provider 102 receives a resource quota consultation request of the resource requester 100, that is, the resource requester 100 applies for a resource quota to the resource provider, after receiving the resource quota consultation request, the resource provider 102 needs to check the application qualification of the resource requester 100, and then requests the data provider 104 for requester data of the resource requester 100, but at this time, the resource provider 102 does not obtain authorization of the resource requester 100 yet and cannot obtain privacy data of the resource requester 100, the data provider 104 needs to send the requester data to the third party authorization platform 106 for data encryption, the third party authorization platform 106 needs to encrypt the privacy data in the requester data after obtaining the requester data, so as to generate requester encrypted data, and then send the requester encrypted data to the resource provider 102, and the resource provider 102 checks the qualification of the resource requester 100 according to the requester encrypted data, thereby determining the amount of resources that can be provided for the resource requestor 100.
After the resource requester 100 authorizes the resource provider 102, authorization authentication needs to be performed through the third-party authorization platform 106, the authorization authentication is stored in the resource provider 102 and also stored in the third-party authorization platform 106, after the third-party authorization platform 106 obtains the authorization from the resource requester 100 to the resource provider 102, according to the authorization information, the resource quota encryption information generated by the resource provider 102 can be decrypted, the encrypted requester identification information is restored and sent to the resource provider 102, after the resource provider 102 obtains the restored requester identification, the resource requester 100 corresponding to the requester identification is determined, and resource quota allocation information is displayed to the resource requester 100.
In practical application, for example, zhang san is required to apply for house loan to a bank a, zhang san is a resource requester, the bank a is a resource provider, the bank a needs to evaluate repayment capacity of zhang san, needs to request user information of zhang san from a bank B and a credit bureau C, the bank B and the credit bureau C are data providers, the bank a does not obtain zhang san authorization for personal information at this time, the bank B and the credit bureau C cannot feed back sensitive information of zhang san (such as bank card flow information, liability information and the like) to the bank a, the information of the requester of zhang san needs to be sent to a trusted third party authorization platform D, the trusted third party authorization platform D encrypts the sensitive information in the information of zhang san, retains attribute information of zhang (such as years, academic calendar, work units and the like), and sends the encrypted information to the bank a, the bank A determines the loan amount information according to the encrypted information, and the loan amount information at the moment is the loan amount information predicted by the bank A according to the encrypted user information and is also in an encrypted state, namely the loan amount information of whom the bank A cannot determine.
When Zhang III is authorized by the bank A, namely the Zhang III bank A provides sensitive information, the bank A sends the authorization information and the encrypted loan amount information to the third-party authorization platform D, the third-party authorization platform D decrypts the encrypted loan amount information according to the authorization information, determines that a user corresponding to the loan amount information is Zhang III, and then feeds back the decrypted loan amount information to the bank A, and the bank A displays the loan amount information to Zhang III.
Fig. 2 is a flowchart illustrating a data processing method applied to a data processing system including a resource provider, a data provider, and a third party authorization platform according to an embodiment of the present specification, where the method specifically includes the following steps.
Step 202: and the data provider determines the data of the requester according to the requester identifier in the data acquisition request and sends the data of the requester to the third party authorization platform.
The data provider specifically refers to an organization which has projects with the resource provider, such as a tax organization, a credit investigation organization, a bank and the like; the resource provider is specifically a party providing resources for the resource requester, and the resources can be points, lines, levels, loans and the like; the resource requester is specifically a party who needs to apply for obtaining resources from the resource provider; the third party authorization platform specifically refers to a third party organization except for the resource requester and the resource provider, and the third party authorization platform can be a trusted independent third party and is responsible for security verification of information.
The data acquisition request specifically refers to a request for acquiring data of a resource requester, and in a general case, requester data authorized by the resource requester is stored in a data provider, for example, name information, tax payment information, work units, contact information, and identity information of a user are stored in a tax authority, and information such as an enterprise tax payment number, tax payment information, and enterprise scale is stored in an enterprise. The requester data stored in the data provider is the data authorized by the resource requester, and the data provider has the right to use the requester data in a secret way.
In practical applications, the data provider generally has identifiers of multiple requesters in the acquisition request received, that is, when the resource provider initiates an acquisition request to the data provider, the resource provider applies for the requester data of multiple resource requesters at a time. The data provider can obtain the requester data stored locally at the data provider according to the requester identifier in the acquisition request, but the requester data can be sent to other organizations without being authorized by the requester, so that for example, to ensure the security of the data, sensitive information in the requester data needs to be encrypted, that is, the requester data needs to be sent to a third party authorization platform, and the third party authorization platform encrypts the sensitive information.
It should be noted that when the data provider sends the requester data to the third-party platform, the data provider packages and uploads the plurality of requester data.
In another embodiment provided herein, the system further comprises a resource requestor;
before the data provider determines the requester data according to the requester identifier in the data acquisition request, the method further includes:
and the resource provider receives a resource limit consultation request sent by the resource requester, wherein the resource limit consultation request carries a requester identifier, determines a data provider according to the resource limit consultation request, and sends a data acquisition request to the data provider.
As described in the above embodiment, after receiving a resource limit consultation request from a resource provider, a resource provider determines a data provider according to the resource limit consultation request, that is, in different scenarios, if items of the resource limit consultation request are different, the corresponding data providers may also be different, for example, if the resource limit consultation request is an item a, the data provider corresponding to the item a may be a provider 1, a provider 2, and a provider 3; if the resource quota consultation request is the resource quota consultation request of the project B, the data providers corresponding to the project B can be the provider 3 and the provider 4. In one or more embodiments provided in the present specification, the data provider is not limited to specific data providers, and the determination of the data provider is related to the resource quota consultation request.
And after determining the data provider according to the resource limit consultation request, the resource provider generates a data acquisition request according to the requester identifier and sends the data acquisition request to the data provider.
In another specific embodiment provided in this specification, after the resource provider receives the resource quota consultation request sent by the resource requester, the method further includes:
the resource provider sends an authentication request corresponding to the identification information of the requester to the third party authorization platform;
and the third party authorization platform generates authentication information corresponding to the identification information of the requester.
After the resource provider receives the resource limit consultation request sent by the resource requester, in order to better provide service for the resource requester, authorization needs to be applied to the resource requester, specifically, the resource requester and the resource provider can perform authentication through a third-party authorization platform authorized by both parties, the resource provider displays a list of the third-party authorization platforms to the resource requester, the resource requester can select one third-party authorization platform to perform authorization authentication, and the resource provider sends request maker identification information of the resource requester to the third-party authorization platform to initiate an authorization authentication request.
And the third party authentication platform determines that the resource requester really provides authorization authentication for the resource provider according to the requester identification information carried in the request, and generates authentication information for the resource provider. And meanwhile, the authentication information is stored and is also sent to the resource provider.
Step 204: and the third party authorization platform encrypts the requester identification information in the requester data to obtain requester encrypted data and sends the requester encrypted data to the resource provider.
The third-party authorization platform is a trusted third-party organization, and after receiving requester data, requester identification information in the requester data needs to be encrypted, and in a general case, the requester data includes requester identification information and requester attribute information, the requester identification information is sensitive information (such as name, identity information, contact information and the like) of a resource requester, and the requester attribute information is public information (such as years, work units, marital conditions, asset conditions and the like) of the resource requester.
In the third-party authorization platform, the requester identification information in the requester data is encrypted through a preset encryption method, where the preset encryption method may be RSA encryption, DSA encryption, and the like, and in one or more embodiments provided in this specification, the preset encryption method is not limited.
It should be noted that, in the third-party authorization platform, only the requester identification information in the requester data needs to be encrypted, for example, 50 fields of information are included in the requester data, where the requester identification information includes 10 fields, and the requester attribute information includes 40 fields, and only 10 fields of the requester identification information need to be encrypted. The encrypted data is encrypted data of the requester, that is, the encrypted data of the requester comprises attribute information of the requester and identification information of the encrypted requester.
After the requester encrypted data is obtained, the requester encrypted data is sent to the resource provider, so that the resource provider determines resource limit information corresponding to the requester data according to the requester attribute information in the requester encrypted data.
In practical application, before sending the encrypted data of the requester to the resource provider, auditing is performed on the encrypted data of the requester to ensure that all the private data in the encrypted data of the requester are encrypted.
Step 206: and the resource provider determines resource limit encryption information according to the encrypted data of the requester.
The resource provider receives the encrypted data of the requester, cannot acquire the identification information of the encrypted requester in the resource limit encrypted information before the authorization authentication of the resource requester is not acquired, and can only predict according to the attribute information of the requester in the encrypted data of the requester. Because the prediction is carried out according to the encrypted data of the requesting party, the obtained resource limit information is also encrypted, namely the resource limit encrypted information comprises the resource limit information and the encrypted requesting party identification information.
In practical application, the resource provider comprises a resource limit determination model, the resource limit determination model is an algorithm for providing different resource limit predictions according to requester encrypted data of a resource requester, for example, if the time of a certain resource requester is 23, the working unit is company A, and company A is the front rank in the industry, the resource limit allocated to the resource requester is determined to be higher through the resource limit determination model; for another example, if a resource requester is 63 years old and is in a non-business state, the resource quota allocated to the resource requester is determined to be low by the resource quota determining model.
Specifically, the determining, by the resource provider, the resource quota encryption information according to the requester encrypted data includes:
and the resource provider inputs the encrypted data of the requester into the resource limit determination model and obtains the resource limit encrypted information output by the resource limit determination model.
The resource limit determination model can predict according to the attribute information of the requester only in practical application, so that when the resource limit determination model outputs the resource limit information, the part of the identifier information of the requester is also encrypted, namely the resource limit encrypted information is output by the model, and the resource limit encrypted information specifically comprises resource limit distribution information and encrypted requester identifier information.
In practical applications, the resource quota determining model needs to be obtained through training of a large amount of training data, and requester identification information in the model training data does not exist in a resource provider, so that the resource provider needs to request the data provider to obtain sample data, specifically, before the resource provider inputs requester encrypted data into the resource quota determining model, the method further includes:
the resource provider sends a sample data acquisition request to the data provider;
the data provider responds to the sample data acquisition request to acquire sample requester data and sends the sample requester data to the third party authorization platform;
the third party authorization platform encrypts the sample requester identification information in the sample requester data to obtain sample requester encrypted data, and sends the sample requester encrypted data to the resource provider;
and the resource provider determines sample resource limit distribution information corresponding to the encrypted data of the sample requester and trains the resource limit determination model according to the encrypted data of the sample requester and the sample resource limit distribution information.
The resource provider needs to train the resource quota determining model, so training data is needed, and the training data does not exist at the resource provider, so a sample data acquisition request needs to be sent to the data provider, and training sample data of the model needs to be acquired from the data provider based on the request.
After receiving the sample data acquisition request, the data provider screens and removes sample requester data from requester data of the data provider, and sends the sample requester data to a third party authorization platform, wherein the sample requester data is specifically requester data used for model training.
After the third-party authorization platform receives the sample requester data, in order to protect the privacy information of the user, the third-party authorization platform needs to encrypt the sample requester identification information in the sample requester data, so as to obtain the sample requester encrypted data, where the sample requester encrypted data carries the sample requester attribute information and the encrypted sample requester identification information, and the process of encrypting the sample requester data by the third-party authorization platform is the same as the process of encrypting the requester data, and is not described herein again. The data is sent to the resource provider after the sample requestor encrypted the data.
After receiving the encrypted data of the sample requester, the resource provider matches corresponding sample resource quota distribution information for the encrypted data of the sample requester according to the sample requester attribute information in the encrypted data of the sample requester, so that a model training data set is constructed. For example, if the sample resource quota allocation information of a certain resource requester is "years 23, the work unit is company a", and the quota allocation information that can be matched with the sample resource quota allocation information is 10 ten thousand yuan, the sample resource quota allocation information corresponding to the encrypted data of the sample requester is "10 ten thousand".
After a model training data set required by resource limit determination model training is obtained, the resource limit determination model can be trained based on the model training data set, and specifically, the resource limit determination model is obtained by the following steps:
the resource limit determining model receives the encrypted data of the sample requester and generates predicted resource limit distribution information corresponding to the encrypted data of the sample requester;
calculating a model loss value according to the predicted resource limit distribution information and the sample resource limit distribution information;
and adjusting the model parameters of the resource limit determination model according to the model loss value, and continuing to train the resource limit determination model until a training stop condition is reached.
In the actual model training process, the encrypted data of the sample requester is input into a resource quota determining model to be trained for processing, the resource quota determining model to be trained processes according to the encrypted data of the sample requester, the predicted resource quota allocation information corresponding to the encrypted data of the sample requester is predicted, the predicted resource quota allocation information is predicted by the untrained resource quota determining model, the model loss value is calculated according to the predicted resource limit distribution information and the sample resource limit distribution information, a loss function for calculating the model loss value can be a 0-1 loss function, a square loss function, a cross entropy loss function and the like in practical application, and in the specification, the selection of the loss function is not limited and is subject to practical application.
After calculating the model loss value, the model loss value is reversely propagated in the resource quota determining model, model parameters of the resource quota determining model to be trained, such as a learning rate parameter, a Btach _ Size parameter and the like, are adjusted, and the resource quota determining model is continuously trained by using sample data of the next batch until a model training stopping condition is reached.
The model training stopping condition specifically includes that the model loss value is smaller than a preset threshold value and/or the training round reaches a preset round in the practical application, and the model training stopping condition is not limited in this specification, which is subject to the practical application.
By means of training the resource limit determination model, the resource limit information can be determined under the condition that the authorization of the resource requester is not obtained, the resource limit information can be determined more objectively and accurately according to the requester encrypted information of the resource requester, and meanwhile personal information of the resource requester is protected from being infringed, and privacy and safety of data are protected.
In another specific embodiment provided in this specification, if the resource requester sends an authorization authentication to the resource provider, the third party authorization platform returns authentication information to the resource provider, and the resource provider cannot directly decrypt the generated resource quota encryption information, so that after the resource requester sends an authentication request and obtains the authentication information, the method further includes:
the resource provider sends the resource limit encryption information to the third party authorization platform;
and the third party authorization platform decrypts the requester identification information in the resource limit encrypted information based on the authentication information, acquires resource limit information, and sends the resource limit information to the resource provider, wherein the resource limit information comprises the requester identification information and resource limit distribution information.
In practical application, the resource provider needs to send the resource limit encrypted information to the third-party authorization platform, and the third-party authorization platform decrypts the encrypted part of the resource limit encrypted information.
After receiving the resource limit encryption information, the third-party authorization platform decrypts the encrypted requester identification information in the resource limit encryption information according to the acquired authentication information to obtain complete resource limit information, namely the resource limit information comprises the requester identification information and resource limit distribution information. After obtaining the resource limit information, the resource limit information can also be sent to the resource provider.
In another specific embodiment provided in the present specification, the method further comprises:
and the resource provider determines a resource requester according to the requester identification information and displays the resource limit distribution information to the resource requester.
After the resource limit information is sent to the resource provider, the resource provider can determine the resource requester according to the requester identification information in the resource limit information, and show the resource limit allocation information to the resource requester for reference by the resource requester.
When the resource requester sees the resource quota allocation information provided by the resource provider, the resource requester may select to sign the resource quota allocation information, or may select not to sign the resource quota allocation information, and if the resource quota allocation information is selected to be signed, the method further includes:
the resource provider receives confirmation information sent by the resource requester aiming at the resource limit distribution information, and sends the confirmation information to the data provider;
and the data provider saves the resource limit distribution information.
When the resource requester sends a subscription confirmation instruction for the resource limit distribution information, the resource provider receives confirmation information sent by the resource requester, and the confirmation information indicates that the resource requester and the resource provider reach a consistency for the resource limit distribution information. This confirmation information needs to be synchronized to each data provider. The data provider will save the assignment information.
The data processing method provided by the specification is applied to a data processing system, the system comprises a resource provider, a data provider and a third party authorization platform, and the method comprises the steps that the data provider determines requester data according to a requester identifier in a data acquisition request and sends the requester data to the third party authorization platform; the third party authorization platform encrypts requester identification information in the requester data to obtain requester encrypted data and sends the requester encrypted data to the resource provider; and the resource provider determines resource limit encryption information according to the encrypted data of the requester. In the embodiment of the specification, during the data circulation process of acquiring the resource quota by the resource requester, the quota information of the resource requester is determined according to other information (such as attribute information of the requester) in the requester data except the requester identification information, and the resource quota information corresponding to the requester can be predicted for the resource requester under the condition that the authorization of the resource requester is not obtained, so that the data security of the requester data during the circulation among multiple parties is improved, and the resource quota evaluation work of the resource requester by the resource provider can be normally executed.
Secondly, in the process that the resource provider determines the resource limit encryption information according to the requester encrypted data, the resource limit determination model is used, so that the resource limit information can be determined under the condition that the authorization of the resource requester is not obtained, the resource limit information can be determined more objectively and accurately according to the requester encrypted information of the resource requester, the personal information of the resource requester is protected from being damaged, and the privacy and safety of the data are protected.
The following description will further explain the data processing method provided in this specification by taking the application of the data processing method in the loan field as an example with reference to fig. 3. Fig. 3 is a flowchart illustrating a processing procedure of a data processing method applied to the loan field according to an embodiment of the present disclosure, where the specific steps include steps 302 to 326.
Step 302: three banks initiate a request for loan amount.
Step 304: the bank determines a credit investigation institution according to the loan amount request and sends a data acquisition request to the credit investigation institution.
Step 306: and the credit investigation mechanism acquires the user information of Zhang III according to the data acquisition request and sends the user information of Zhang III to the third-party authorization platform.
Step 308: and the third party authorization platform encrypts sensitive information in the user information of Zhang III, retains attribute information, obtains user encryption information and sends the user encryption information to a bank.
Step 310: the bank is provided with a debit and credit limit analysis model, and the received user encryption information is input into the debit and credit limit analysis model for processing to obtain debit and credit limit encryption information, wherein the debit and credit limit encryption information comprises debit and credit limit information and user encryption identification information.
Step 312: and the bank shows an authorization interface of the third-party authorization platform to Zhang III.
Step 314: the bank receives three authentication requests input for the interface.
Step 316: the bank sends the authentication request to a third party authorization platform.
Step 318: and the third party authorization platform generates authentication information of Zhang III, stores the authentication information and synchronizes the authentication information to the bank.
Step 320: and after receiving the authentication information, the bank sends the debit and credit limit encryption information to the third party authorization platform.
Step 322: and the third party authorization platform decrypts the user encrypted identification information in the debit and credit limit encrypted information according to the authentication information to obtain the debit and credit limit information and the identification information of Zhang III, and feeds the debit and credit limit information and the identification information of Zhang III back to the bank.
Step 324: and the bank determines Zhang III according to the identification information of Zhang III and displays the loan amount information to Zhang III.
Step 326: zhang III confirms the information of the loan amount and sends a confirmation instruction to the bank to reach the loan contract.
Step 328: the bank sends the loan contract to a credit bureau.
It should be noted that there is no necessarily obvious order between steps 304-310 and 312-318, and both can be performed simultaneously.
In the data processing method provided by the specification, in a situation that a user debits and credits a bank, when the user is not authorized to the bank, a credit investigation mechanism encrypts information of the user in a third-party authorization platform and transmits the encrypted information to the bank, the bank determines debit and credit limit encrypted information according to attribute information of the user through an debit and credit analysis model, after authorization of the user is obtained, the debit and credit limit encrypted information is sent to the third-party authorization platform for decryption, the decrypted debit and credit limit information and user information are returned to the bank, and the bank displays the debit and credit limit information to the user to complete debit and credit contract. The data security of the user data when the user data circulates among multiple parties is guaranteed, the bank can be guaranteed to normally predict the loan and credit amount information of the user, and the use experience of the user is improved.
Corresponding to the above method embodiment, this specification further provides a data processing system embodiment, and fig. 4 shows a schematic structural diagram of a data processing system provided in an embodiment of this specification. As shown in fig. 4, the system includes:
the data provider 402 is configured to determine requester data according to a requester identifier in the data acquisition request, and send the requester data to a third party authorization platform;
the third party authorization platform 404 is configured to encrypt the requester identification information in the requester data, obtain requester encrypted data, and send the requester encrypted data to the resource provider 406;
the resource provider 406 is configured to determine resource quota encryption information based on the requester encrypted data.
Optionally, the system further includes:
the resource provider 406 is configured to receive a resource quota consultation request sent by the resource requester, where the resource quota consultation request carries a requester identifier, determine the data provider 402 according to the resource quota consultation request, and send a data acquisition request to the data provider 402.
Optionally, the system further includes:
the resource provider 406 is further configured to send an authentication request corresponding to the requester identification information to the third party authorization platform 404;
the third party authorization platform 404 is further configured to generate authentication information corresponding to the requester identification information.
Optionally, the system further includes:
the resource provider 406 is further configured to send the resource quota encryption information to the third party authorization platform 404;
the third-party authorization platform 404 is further configured to decrypt the requester identification information in the resource quota encryption information based on the authentication information, obtain resource quota information, and send the resource quota information to the resource provider 406, where the resource quota information includes the requester identification information and the resource quota allocation information.
Optionally, the system further includes:
the resource provider 406 is further configured to determine a resource requester according to the requester identification information, and display the resource quota allocation information to the resource requester.
Optionally, the system further includes:
the resource provider 406 is further configured to receive confirmation information sent by the resource requester for the resource quota allocation information, and send the confirmation information to the data provider 402;
the data provider 402 is further configured to store the resource quota allocation information.
Optionally, the resource provider 406 includes a resource quota determination model;
correspondingly, the resource provider 406 is further configured to input the requester encrypted data to the resource credit determination model and obtain the resource credit encrypted information output by the resource credit determination model.
Optionally, the system further includes:
the resource provider 406, further configured to send a sample data acquisition request to the data provider 402;
the data provider 402 is further configured to obtain sample requester data in response to the sample data obtaining request, and send the sample requester data to the third party authorization platform 404;
the third party authorization platform 404 is further configured to encrypt the sample requestor identification information in the sample requestor data, obtain sample requestor encrypted data, and send the sample requestor encrypted data to the resource provider 406;
the resource provider 406 is further configured to determine sample resource quota allocation information corresponding to the sample requester encrypted data, and train the resource quota determination model according to the sample requester encrypted data and the sample resource quota allocation information.
Optionally, the resource quota determining model is obtained by training through the following steps:
the resource quota determining model is configured to:
receiving the encrypted data of the sample requester, and generating predicted resource limit distribution information corresponding to the encrypted data of the sample requester;
calculating a model loss value according to the predicted resource limit distribution information and the sample resource limit distribution information;
and adjusting the model parameters of the resource quota determining model according to the model loss value, and continuing to train the resource quota determining model until a training stop condition is reached.
The data processing system provided by the specification comprises a resource provider, a data provider and a third party authorization platform, wherein the data provider determines requester data according to a requester identifier in a data acquisition request and sends the requester data to the third party authorization platform; the third party authorization platform encrypts requester identification information in the requester data to obtain requester encrypted data, and sends the requester encrypted data to the resource provider; and the resource provider determines resource limit encryption information according to the encrypted data of the requester. In the embodiment of the specification, during the data circulation process of acquiring the resource quota by the resource requester, the quota information of the resource requester is determined according to other information (such as attribute information of the requester) in the requester data except the requester identification information, and the resource quota information corresponding to the requester can be predicted for the resource requester under the condition that the authorization of the resource requester is not obtained, so that the data security of the requester data during the circulation among multiple parties is improved, and the resource quota evaluation work of the resource requester by the resource provider can be normally executed.
Secondly, in the process that the resource provider determines the resource limit encryption information according to the requester encrypted data, the resource limit determination model is used, so that the resource limit information can be determined under the condition that the authorization of the resource requester is not obtained, the resource limit information can be determined more objectively and accurately according to the requester encrypted information of the resource requester, the personal information of the resource requester is protected from being damaged, and the privacy and safety of the data are protected.
The above is a schematic scheme of a data processing system of the present embodiment. It should be noted that the technical solution of the data processing system and the technical solution of the data processing method belong to the same concept, and details that are not described in detail in the technical solution of the data processing system can be referred to the description of the technical solution of the data processing method.
Fig. 5 illustrates a block diagram of a computing device 500 provided according to an embodiment of the present description. The components of the computing device 500 include, but are not limited to, a memory 510 and a processor 520. Processor 520 is coupled to memory 510 via bus 530, and database 550 is used to store data.
Computing device 500 also includes access device 540, access device 540 enabling computing device 500 to communicate via one or more networks 560. Examples of such networks include the Public Switched Telephone Network (PSTN), a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or a combination of communication networks such as the internet. The access device 540 may include one or more of any type of network interface, e.g., a Network Interface Card (NIC), wired or wireless, such as an IEEE802.11 Wireless Local Area Network (WLAN) wireless interface, a worldwide interoperability for microwave access (Wi-MAX) interface, an ethernet interface, a Universal Serial Bus (USB) interface, a cellular network interface, a bluetooth interface, a Near Field Communication (NFC) interface, and so forth.
In one embodiment of the present description, the above-described components of computing device 500, as well as other components not shown in FIG. 5, may also be connected to each other, such as by a bus. It should be understood that the block diagram of the computing device architecture shown in FIG. 5 is for purposes of example only and is not limiting as to the scope of the present description. Other components may be added or replaced as desired by those skilled in the art.
Computing device 500 may be any type of stationary or mobile computing device, including a mobile computer or mobile computing device (e.g., tablet, personal digital assistant, laptop, notebook, netbook, etc.), mobile phone (e.g., smartphone), wearable computing device (e.g., smartwatch, smartglasses, etc.), or other type of mobile device, or a stationary computing device such as a desktop computer or PC. Computing device 500 may also be a mobile or stationary server.
Wherein the steps of the data processing method are implemented when the processor 520 executes the computer instructions.
The above is an illustrative scheme of a computing device of the present embodiment. It should be noted that the technical solution of the computing device and the technical solution of the data processing method belong to the same concept, and details that are not described in detail in the technical solution of the computing device can be referred to the description of the technical solution of the data processing method.
An embodiment of the present specification further provides a computer readable storage medium storing computer instructions, which when executed by a processor implement the steps of the data processing method as described above.
The above is an illustrative scheme of a computer-readable storage medium of the present embodiment. It should be noted that the technical solution of the storage medium belongs to the same concept as the technical solution of the data processing method, and details that are not described in detail in the technical solution of the storage medium can be referred to the description of the technical solution of the data processing method.
An embodiment of the present specification further provides a computer program, wherein when the computer program is executed in a computer, the computer is caused to execute the steps of the data processing method.
The above is an illustrative scheme of a computer program of the present embodiment. It should be noted that the technical solution of the computer program and the technical solution of the data processing method belong to the same concept, and details that are not described in detail in the technical solution of the computer program can be referred to the description of the technical solution of the data processing method.
The foregoing description of specific embodiments has been presented for purposes of illustration and description. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The computer instructions comprise computer program code which may be in source code form, object code form, an executable file or some intermediate form, or the like. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.
It should be noted that, for the sake of simplicity, the foregoing method embodiments are described as a series of acts, but those skilled in the art should understand that the present embodiment is not limited by the described acts, because some steps may be performed in other sequences or simultaneously according to the present embodiment. Further, those skilled in the art should also appreciate that the embodiments described in this specification are preferred embodiments and that acts and modules referred to are not necessarily required for an embodiment of the specification.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
The preferred embodiments of the present specification disclosed above are intended only to aid in the description of the specification. Alternative embodiments are not exhaustive and do not limit the invention to the precise embodiments described. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the embodiments and the practical application, to thereby enable others skilled in the art to best understand and utilize the embodiments. The specification is limited only by the claims and their full scope and equivalents.

Claims (11)

1. A data processing method is applied to a data processing system, the system comprises a resource requester, a resource provider, a data provider and a third party authorization platform, and the method comprises the following steps:
the resource request party sends a resource limit consultation request to the resource provider, wherein the resource limit consultation request carries a requester identifier;
the resource provider determines a data provider according to the resource limit consultation request and sends a data acquisition request to the data provider;
the data provider determines requester data according to a requester identifier in a data acquisition request, and sends the requester data to the third party authorization platform, wherein the data acquisition request is sent by the resource provider and is not authorized by a resource requester;
the third party authorization platform encrypts requester identification information in the requester data to obtain requester encrypted data and sends the requester encrypted data to the resource provider;
and the resource provider determines resource limit encryption information according to the requester encrypted data, wherein the resource limit encryption information comprises resource limit information and encrypted requester identification information, and the resource limit information is obtained according to requester attribute information in the requester encrypted data.
2. The data processing method of claim 1, after the resource provider receives the resource quota consultation request sent by the resource requester, the method further comprising:
the resource provider sends an authentication request corresponding to the identification information of the requester to the third party authorization platform;
and the third party authorization platform generates authentication information corresponding to the identification information of the requester.
3. The data processing method of claim 2, the method further comprising:
the resource provider sends the resource limit encryption information to the third party authorization platform;
and the third party authorization platform decrypts the requester identification information in the resource limit encrypted information based on the authentication information, acquires resource limit information, and sends the resource limit information to the resource provider, wherein the resource limit information comprises the requester identification information and resource limit distribution information.
4. The data processing method of claim 3, the method further comprising:
and the resource provider determines a resource requester according to the requester identification information and displays the resource limit distribution information to the resource requester.
5. The data processing method of claim 4, the method further comprising:
the resource provider receives confirmation information sent by the resource requester aiming at the resource limit distribution information, and sends the confirmation information to the data provider;
and the data provider saves the resource limit distribution information.
6. The data processing method of claim 1, wherein the resource provider includes a resource quota determining model;
the resource provider determines resource limit encryption information according to the requester encrypted data, and the resource limit encryption information comprises the following steps:
and the resource provider inputs the encrypted data of the requester into the resource quota determining model and obtains the resource quota encrypted information output by the resource quota determining model.
7. The data processing method of claim 6, before the resource provider inputs the requester encrypted data to the resource credit determination model, the method further comprising:
the resource provider sends a sample data acquisition request to the data provider;
the data provider responds to the sample data acquisition request to acquire sample requester data and sends the sample requester data to the third party authorization platform;
the third party authorization platform encrypts the sample requester identification information in the sample requester data to obtain sample requester encrypted data, and sends the sample requester encrypted data to the resource provider;
and the resource provider determines sample resource limit distribution information corresponding to the encrypted data of the sample requester and trains the resource limit determination model according to the encrypted data of the sample requester and the sample resource limit distribution information.
8. The data processing method of claim 7, wherein the resource quota determining model is obtained by training:
the resource limit determining model receives the encrypted data of the sample requester and generates predicted resource limit distribution information corresponding to the encrypted data of the sample requester;
calculating a model loss value according to the predicted resource limit distribution information and the sample resource limit distribution information;
and adjusting the model parameters of the resource limit determination model according to the model loss value, and continuing to train the resource limit determination model until a training stop condition is reached.
9. A data processing system comprising:
a resource request party sends a resource limit consultation request to a resource provider, wherein the resource limit consultation request carries a requester identifier;
the resource provider determines a data provider according to the resource limit consultation request and sends a data acquisition request to the data provider;
the data provider is configured to determine requester data according to a requester identifier in the data acquisition request, and send the requester data to a third party authorization platform, wherein the data acquisition request is sent by the resource provider and is not authorized by a resource requester;
the third party authorization platform is configured to encrypt requester identification information in the requester data, obtain requester encrypted data and send the requester encrypted data to a resource provider;
the resource provider is configured to determine resource limit encryption information according to the requester encrypted data, wherein the resource limit encryption information comprises resource limit information and encrypted requester identification information, and the resource limit information is obtained according to requester attribute information in the requester encrypted data.
10. A computing device comprising a memory, a processor, and computer instructions stored on the memory and executable on the processor, the processor implementing the steps of the method of any one of claims 1-8 when executing the computer instructions.
11. A computer-readable storage medium storing computer-executable instructions that, when executed by a processor, perform the steps of the method of any one of claims 1-8.
CN202210139842.XA 2022-02-16 2022-02-16 Data processing method and system Active CN114201777B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210139842.XA CN114201777B (en) 2022-02-16 2022-02-16 Data processing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210139842.XA CN114201777B (en) 2022-02-16 2022-02-16 Data processing method and system

Publications (2)

Publication Number Publication Date
CN114201777A CN114201777A (en) 2022-03-18
CN114201777B true CN114201777B (en) 2022-08-05

Family

ID=80659013

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210139842.XA Active CN114201777B (en) 2022-02-16 2022-02-16 Data processing method and system

Country Status (1)

Country Link
CN (1) CN114201777B (en)

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3007551A1 (en) * 2013-06-25 2014-12-26 France Telecom METHOD AND SERVER FOR PROCESSING AN ACCESS QUERY FROM A TERMINAL TO A COMPUTER RESOURCE
US10963957B2 (en) * 2014-02-03 2021-03-30 Radius Group, LLC System and method to create and operate an electronic marketplace of trusted banks for participation in commercial loans too large for an individual bank
CN106611372B (en) * 2016-12-27 2021-01-08 深圳微众信用科技股份有限公司 Credit investigation data query method and system
CN111090870A (en) * 2019-12-17 2020-05-01 支付宝(杭州)信息技术有限公司 Privacy-protecting user information query method and device
CN111429254B (en) * 2020-03-19 2021-09-10 腾讯科技(深圳)有限公司 Business data processing method and device and readable storage medium
CN112508694B (en) * 2021-02-05 2021-07-02 北京淇瑀信息科技有限公司 Method and device for processing resource limit application by server and electronic equipment
CN112785424A (en) * 2021-02-07 2021-05-11 中国工商银行股份有限公司 Processing method, device, computing equipment and medium for financial data
CN113282935A (en) * 2021-05-19 2021-08-20 中原银行股份有限公司 Model-based prediction method and device and storage medium
CN113553302A (en) * 2021-07-21 2021-10-26 中国工商银行股份有限公司 Credit report acquisition method, system, equipment and storage medium
CN114037521A (en) * 2021-11-25 2022-02-11 工银科技有限公司 Financing pre-credit granting method, device, equipment and medium

Also Published As

Publication number Publication date
CN114201777A (en) 2022-03-18

Similar Documents

Publication Publication Date Title
US20210312334A1 (en) Model parameter training method, apparatus, and device based on federation learning, and medium
CN111033502B (en) Authentication using biometric data and irreversible functions via blockchain
EP3520319B1 (en) Distributed electronic record and transaction history
US10402792B2 (en) Systems and method for tracking enterprise events using hybrid public-private blockchain ledgers
US10097544B2 (en) Protection and verification of user authentication credentials against server compromise
EP3029591A1 (en) Method for unlocking administration authority and device for authentication
CN109858273B (en) Product information acquisition method, device, computer equipment and storage medium
EP3754562A1 (en) Method, apparatus and system for performing machine learning by using data to be exchanged
US20210117805A1 (en) Inference apparatus, and inference method
CN111367903A (en) Credit report generation method based on block chain and related system
CN116502732B (en) Federal learning method and system based on trusted execution environment
CN110442654A (en) Promise breaking information query method, device, computer equipment and storage medium
CN112765642A (en) Data processing method, data processing apparatus, electronic device, and medium
CN110471908A (en) A kind of joint modeling method and device
CN109145641A (en) Method for protecting privacy and system
CN112949866B (en) Training method and device of poisson regression model, electronic equipment and storage medium
CN114201777B (en) Data processing method and system
CN117077816A (en) Training method and system of federal model
KR20160040399A (en) Personal Information Management System and Personal Information Management Method
US20240089105A1 (en) Systems and methods for user control and exclusion of cryptographic tokenized data
CN115051816B (en) Privacy protection-based cloud computing method and device and financial data cloud computing method and device
US20220138760A1 (en) Dynamic Ledger Address Masking
CN114679724A (en) Key updating system and method
US11334887B2 (en) Payment card authentication management
CN113362168A (en) Risk prediction method and device, storage medium and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant