CN115021962B - Distributed trusted privacy computing system - Google Patents
Distributed trusted privacy computing system Download PDFInfo
- Publication number
- CN115021962B CN115021962B CN202210470744.4A CN202210470744A CN115021962B CN 115021962 B CN115021962 B CN 115021962B CN 202210470744 A CN202210470744 A CN 202210470744A CN 115021962 B CN115021962 B CN 115021962B
- Authority
- CN
- China
- Prior art keywords
- module
- node
- distributed
- privacy
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/46—Secure multiparty computation, e.g. millionaire problem
Abstract
The invention discloses a distributed trusted privacy computing system, which comprises a trusted privacy computing system and a distributed verification system; the distributed verification system comprises a node verification port module, a node identity verification module, an identity information storage module and an access record storage module, wherein the node verification port module is connected with the identity information storage module and the access record storage module through the node identity verification module. The invention relates to a trusted privacy computing system and a distributed verification system comprising a node verification port module, a node identity verification module, an identity information storage module and an access record storage module, wherein before a visitor accesses the distributed verification system, strict supervision records are carried out on the visitor accessing the privacy computing system in the modes of node verification, node identity storage and node access records, so that the safety and the reliability of the distributed trusted privacy computing system are ensured.
Description
Technical Field
The invention belongs to the technical field of distributed trusted privacy computing systems, and particularly relates to a distributed trusted privacy computing system.
Background
Privacy computing (Privacy computer) refers to a technical set for realizing data analysis and computation on the premise of protecting data per se from external leakage, so as to achieve the purpose of being 'available and invisible' for the data; on the premise of fully protecting data and privacy safety, the conversion and release of data value are realized. The privacy calculation is a calculation theory and method for protecting the whole life cycle of the privacy information, and is a computable model and a axiom system for privacy measurement, privacy leakage cost, privacy protection and privacy analysis complexity when the ownership, management and use rights of the privacy information are separated; compared with the traditional data using mode, the encryption mechanism of Privacy computer (Privacy computer) can enhance the protection of data and reduce the risk of data leakage. Thus, some countries and regions, including the European Union, consider it as one implementation of "data minimization". Meanwhile, the traditional data security means, such as data desensitization or anonymization processing, are required to be carried out at the expense of partial data dimension, so that data information cannot be effectively utilized, and privacy calculation provides another solution thought, so that the data value is maximized as much as possible on the premise of security. In the prior art, the security of the internal private computing deployment of the technology related to the inside of the trusted private computing system is higher, however, certain supervision problems exist on the access identity and access record of the computing system, and in order to strictly supervise the identity information and access record of the visitor of the trusted private computing system and enhance the data security of the whole computing system, a distributed trusted private computing system is provided for solving the problems existing in the prior art.
Disclosure of Invention
The invention aims to provide a distributed trusted privacy computing system, wherein before a visitor accesses the distributed verification system, strict supervision records are carried out on the visitor accessing the privacy computing system in the modes of node verification, node identity storage and node access records, so that the problems in the prior art are solved.
In order to achieve the above purpose, the invention adopts the following technical scheme:
a distributed trusted privacy computing system comprising a trusted privacy computing system and a distributed verification system;
the distributed verification system comprises a node verification port module, a node identity verification module, an identity information storage module and an access record preservation module, wherein the node verification port module is connected with the identity information storage module and the access record preservation module through the node identity verification module, the node verification port module is used as an access client port of a visitor accessing the trusted privacy computing system, and the node identity verification module is used for carrying out identity verification on the visitor of the trusted privacy computing system;
the trusted privacy computing system comprises a node data acquisition module, a data function processing module, a target function fitting module, a node distribution module, a relay node processing module, a distributed node butting module, a distributed node integration module and a privacy computing result acquisition module, wherein the node data acquisition module, the data function processing module and the target function fitting module are connected with the relay node processing module, the distributed node butting module, the distributed node integration module and the privacy computing result acquisition module through the node distribution module.
Preferably, the identity information storage module is used for storing the identity data input into the node verification port module when the visitor of the trusted privacy computing system accesses the identity information storage module, and only the identity information can be modified and edited by the visitor of the identity information stored in the identity information storage module.
Preferably, the access record keeping module is used for keeping access records of all trusted privacy computing system visitors, and the access records inside the access record keeping module can not be deleted.
Preferably, the access records in the access record storage module are stored in the blockchain network of the node in a distributed mode, and the access records can be read through integration of multiple nodes.
Preferably, the node data acquisition module is used for acquiring the distributed single-node data by a visitor, the single-node data acquired by the node data acquisition module is transmitted to the data function processing module, and the data function processing module is used for processing the data acquired by the node data acquisition module.
Preferably, the objective function fitting module is configured to perform objective function processing on data acquired by a single node, and transmit the data subjected to objective function processing to the relay node processing module through the node allocation module.
Preferably, the node allocation module is configured to allocate data of single nodes, so that a certain number of single nodes correspond to relay nodes, and the relay node processing module is provided with a plurality of relay node processing modules, which are configured to interface with the corresponding number of single nodes and process the data of the nodes, and transmit the processed data to the distributed node interfacing module.
Preferably, the distributed node docking module is configured to dock the plurality of relay node processing modules and obtain data processed by the plurality of relay nodes, the distributed node integration module is configured to integrate the plurality of relay node data obtained by the distributed node docking module and transmit the integrated data to the privacy calculation result obtaining module, and the privacy calculation result obtaining module is configured to directly display the data result of privacy calculation for the visitor.
Preferably, the privacy calculation realizes conversion and release of data value on the premise of fully protecting data and privacy security, and the privacy calculation is a calculation theory and method for protecting the whole life cycle of the privacy information, and is a computable model and a axiom system of privacy measurement, privacy leakage cost, privacy protection and privacy analysis complexity when the ownership, management and use rights of the privacy information are separated.
Preferably, the privacy computing is a cross-fusion technology covering a plurality of disciplines, and currently mainstream privacy computing technologies are mainly divided into three categories: the first is a cryptography-based privacy computing technique represented by multiparty security computing; the second category is a technology of fusion and derivation of artificial intelligence and privacy protection technology represented by federal learning; the third class is a trusted hardware-based privacy computing technique represented by a trusted execution environment; different technologies are often used in combination, so that the calculation and analysis tasks of the data are completed while the safety and privacy of the original data are ensured.
The invention has the technical effects and advantages that: compared with the prior art, the distributed trusted privacy computing system provided by the invention has the following advantages:
the invention relates to a trusted privacy computing system and a distributed verification system comprising a node verification port module, a node identity verification module, an identity information storage module and an access record storage module, wherein before a visitor accesses the distributed verification system, strict supervision records are carried out on the visitor accessing the privacy computing system in the modes of node verification, node identity storage and node access records, so that the safety and the reliability of the distributed trusted privacy computing system are ensured; the distributed trusted privacy computing system disclosed by the invention realizes conversion and release of data value on the premise of fully protecting data and privacy security, and the privacy computing is a computing theory and method for protecting the whole life cycle of the privacy information, and is a computable model and a rationalized system of privacy measurement, privacy leakage cost, privacy protection and privacy analysis complexity when the ownership, management and use rights of the privacy information are separated.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention may be realized and attained by the structure particularly pointed out in the written description and drawings.
Drawings
FIG. 1 is a system block diagram of a distributed trusted privacy computing system of the present invention.
Description of the embodiments
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. The specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The present invention provides an embodiment as shown in fig. 1:
a distributed trusted privacy computing system comprising a trusted privacy computing system and a distributed verification system;
the distributed verification system comprises a node verification port module, a node identity verification module, an identity information storage module and an access record preservation module, wherein the node verification port module is connected with the identity information storage module and the access record preservation module through the node identity verification module, the node verification port module is used as an access client port of a visitor accessing the trusted privacy computing system, and the node identity verification module is used for carrying out identity verification on the visitor of the trusted privacy computing system;
the trusted privacy computing system comprises a node data acquisition module, a data function processing module, a target function fitting module, a node distribution module, a relay node processing module, a distributed node butting module, a distributed node integration module and a privacy computing result acquisition module, wherein the node data acquisition module, the data function processing module and the target function fitting module are connected with the relay node processing module, the distributed node butting module, the distributed node integration module and the privacy computing result acquisition module through the node distribution module.
The node data acquisition module is used for acquiring distributed single-node data by a visitor, the single-node data acquired by the node data acquisition module is transmitted to the data function processing module, and the data function processing module is used for processing the data acquired by the node data acquisition module; the objective function fitting module is used for performing objective function processing on data acquired by a single node, and transmitting the data subjected to objective function processing to the relay node processing module through the node distribution module.
The node distribution module is used for distributing the data of the single nodes to enable a certain number of single nodes to correspond to the relay nodes, the relay node processing module is provided with a plurality of single nodes which are in butt joint with the corresponding number of single nodes and process the data of the nodes, and the processed data are transmitted to the distributed node butt joint module.
The distributed node docking module is used for docking the plurality of relay node processing modules and acquiring data processed by the plurality of relay nodes, the distributed node integration module is used for integrating the plurality of relay node data acquired by the distributed node docking module and transmitting the integrated data to the privacy calculation result acquisition module, and the privacy calculation result acquisition module is used for directly displaying the data result of privacy calculation for visitors.
The identity information storage module is used for storing the identity data of the input node verification port module when a visitor of the trusted privacy computing system accesses the identity information storage module, and only the identity information of the identity information stored in the identity information storage module can be modified and edited by the visitor.
The access record preservation module is used for preserving the access records of all the trusted private computing system visitors, and the access records inside the access record preservation module can not be deleted.
The access records in the access record storage module are stored in the block chain network of the node in a distributed mode, and the access records can be read through integration of multiple nodes.
The privacy calculation realizes conversion and release of data value on the premise of fully protecting data and privacy safety, is a calculation theory and method for protecting the whole life cycle of the privacy information, and is a computable model and a rationalized system of privacy measurement, privacy leakage cost, privacy protection and privacy analysis complexity when the ownership, management and use rights of the privacy information are separated; the privacy computing is a cross fusion technology covering a plurality of subjects, and currently mainstream privacy computing technologies are mainly divided into three categories: the first is a cryptography-based privacy computing technique represented by multiparty security computing; the second category is a technology of fusion and derivation of artificial intelligence and privacy protection technology represented by federal learning; the third class is a trusted hardware-based privacy computing technique represented by a trusted execution environment; different technologies are often used in combination, so that the calculation and analysis tasks of the data are completed while the safety and privacy of the original data are ensured.
In summary, in the trusted private computing system and the distributed verification system comprising the node verification port module, the node identity verification module, the identity information storage module and the access record storage module, before a visitor accesses the distributed verification system, strict supervision records are carried out on the visitor accessing the private computing system in the modes of node verification, node identity storage and node access records, so that the safety and reliability of the distributed trusted private computing system are ensured; the distributed trusted privacy computing system disclosed by the invention realizes conversion and release of data value on the premise of fully protecting data and privacy security, and the privacy computing is a computing theory and method for protecting the whole life cycle of the privacy information, and is a computable model and a rationalized system of privacy measurement, privacy leakage cost, privacy protection and privacy analysis complexity when the ownership, management and use rights of the privacy information are separated.
Finally, it should be noted that: the foregoing description is only illustrative of the preferred embodiments of the present invention, and although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments described, or equivalents may be substituted for elements thereof, and any modifications, equivalents, improvements or changes may be made without departing from the spirit and principles of the present invention.
Claims (8)
1. A distributed trusted private computing system, comprising:
a trusted private computing system and a distributed authentication system;
the distributed verification system comprises a node verification port module, a node identity verification module, an identity information storage module and an access record preservation module, wherein the node verification port module is connected with the identity information storage module and the access record preservation module through the node identity verification module, the node verification port module is used as an access client port of a visitor accessing the trusted privacy computing system, and the node identity verification module is used for carrying out identity verification on the visitor of the trusted privacy computing system;
the trusted privacy computing system comprises a node data acquisition module, a data function processing module, a target function fitting module, a node distribution module, a relay node processing module, a distributed node docking module, a distributed node integration module and a privacy computing result acquisition module, wherein the node data acquisition module, the data function processing module and the target function fitting module are connected with the relay node processing module, the distributed node docking module, the distributed node integration module and the privacy computing result acquisition module through the node distribution module;
the node data acquisition module is used for acquiring distributed single-node data by a visitor, the single-node data acquired by the node data acquisition module is transmitted to the data function processing module, and the data function processing module is used for processing the data acquired by the node data acquisition module.
2. A distributed trusted privacy computing system as defined in claim 1, wherein: the identity information storage module is used for storing the identity data of the input node verification port module when a visitor of the trusted privacy computing system accesses the identity information storage module, and only the identity information of the identity information stored in the identity information storage module can be modified and edited by the visitor.
3. A distributed trusted privacy computing system as defined in claim 1, wherein: the access record preservation module is used for preserving the access records of all the trusted private computing system visitors, and the access records inside the access record preservation module can not be deleted.
4. A distributed trusted privacy computing system as defined in claim 3, wherein: the access records in the access record storage module are stored in the block chain network of the node in a distributed mode, and the access records can be read through integration of multiple nodes.
5. A distributed trusted privacy computing system as defined in claim 1, wherein: the objective function fitting module is used for performing objective function processing on data acquired by a single node, and transmitting the data subjected to objective function processing to the relay node processing module through the node distribution module.
6. A distributed trusted privacy computing system as defined in claim 5, wherein: the node distribution module is used for distributing the data of the single nodes to enable a certain number of single nodes to correspond to the relay nodes, the relay node processing module is provided with a plurality of single nodes which are in butt joint with the corresponding number of single nodes and process the data of the nodes, and the processed data are transmitted to the distributed node butt joint module.
7. A distributed trusted privacy computing system as defined in claim 6, wherein: the distributed node docking module is used for docking the plurality of relay node processing modules and acquiring data processed by the plurality of relay nodes, the distributed node integration module is used for integrating the plurality of relay node data acquired by the distributed node docking module and transmitting the integrated data to the privacy calculation result acquisition module, and the privacy calculation result acquisition module is used for directly displaying the data result of privacy calculation for visitors.
8. A distributed trusted privacy computing system as defined in claim 1, wherein: the privacy calculation realizes conversion and release of data value on the premise of fully protecting data and privacy safety, is a calculation theory and method for protecting the whole life cycle of the privacy information, and is a computable model and a rationalized system of privacy measurement, privacy leakage cost, privacy protection and privacy analysis complexity when the ownership, management and use rights of the privacy information are separated.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210470744.4A CN115021962B (en) | 2022-04-28 | 2022-04-28 | Distributed trusted privacy computing system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210470744.4A CN115021962B (en) | 2022-04-28 | 2022-04-28 | Distributed trusted privacy computing system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115021962A CN115021962A (en) | 2022-09-06 |
| CN115021962B true CN115021962B (en) | 2023-08-22 |
Family
ID=83067940
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210470744.4A Active CN115021962B (en) | 2022-04-28 | 2022-04-28 | Distributed trusted privacy computing system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115021962B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112380578A (en) * | 2020-11-20 | 2021-02-19 | 天翼电子商务有限公司 | Edge computing framework based on block chain and trusted execution environment |
| CN114020841A (en) * | 2021-11-03 | 2022-02-08 | 广州广电运通金融电子股份有限公司 | Data sharing system, method, storage medium and equipment |
| CN114036583A (en) * | 2021-10-27 | 2022-02-11 | 浙江数秦科技有限公司 | Asynchronous privacy calculation method based on intelligent contract |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111770200B (en) * | 2020-08-31 | 2020-12-08 | 支付宝(杭州)信息技术有限公司 | Information sharing method and system |
-
2022
- 2022-04-28 CN CN202210470744.4A patent/CN115021962B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112380578A (en) * | 2020-11-20 | 2021-02-19 | 天翼电子商务有限公司 | Edge computing framework based on block chain and trusted execution environment |
| CN114036583A (en) * | 2021-10-27 | 2022-02-11 | 浙江数秦科技有限公司 | Asynchronous privacy calculation method based on intelligent contract |
| CN114020841A (en) * | 2021-11-03 | 2022-02-08 | 广州广电运通金融电子股份有限公司 | Data sharing system, method, storage medium and equipment |
Non-Patent Citations (1)
| Title |
|---|
| 基于区块链的多方可验证隐私保护记录链接机制研究;顾绵雪;《中国优秀硕士学位论文全文数据库 信息科技辑》;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115021962A (en) | 2022-09-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11790097B1 (en) | Systems and methods to track, store, and manage events, rights, and liabilities | |
| CN106209947B (en) | Data processing method and system for decentralized autonomous organization | |
| CN108428141B (en) | Food traceability information management system based on ERP system and block chain | |
| Raghuvanshi et al. | A review of various security and privacy innovations for IoT applications in healthcare | |
| CN105516117A (en) | Cloud computing based power data security storage method | |
| Lu et al. | A model for multilevel security in computer networks | |
| CN116168820A (en) | Medical data interoperation method based on virtual integration and blockchain fusion | |
| CN112532718A (en) | Block chain based offshore equipment data sharing system, method and medium | |
| CN109754851A (en) | A kind of medical file stores, transfers and exchanges the intelligent medical treatment system of management | |
| El-Din et al. | Information integrity for multi-sensors data fusion in smart mobility | |
| CN115021962B (en) | Distributed trusted privacy computing system | |
| CN107742141B (en) | Intelligent identity information acquisition method and system based on RFID technology | |
| CN110515649A (en) | A kind of computer software development management system | |
| CN105678176A (en) | Mandatory access control method under virtual environment | |
| CN112528272A (en) | Public open data-based security and privacy integrated protection system and method | |
| CN110430207A (en) | A kind of smart grid multi-point remote inter-network interaction collaboration authentication method | |
| Shashi | Leveraging Blockchain-based electronic health record systems in healthcare 4.0 | |
| CN112911002B (en) | Block chain data sharing encryption method | |
| Laufer et al. | Modelling data protection in fog computing systems using UMLsec and SysML-Sec | |
| RU85707U1 (en) | THE MODEL OF SAFE PROCESSING OF INFORMATION OF DIFFERENT LEVELS OF PRIVACY IN INFORMATION-TELECOMMUNICATION SYSTEMS | |
| Lin et al. | Blockchain-based Secure Storage System for Medical Image Data | |
| Luthfi et al. | Towards Privacy by Design on the Internet of Things (IoT) Use: A Qualitative Descriptive Study | |
| CN208637143U (en) | Customer information control system | |
| CN203233445U (en) | High security internal network information safety system | |
| Ou | Research on university education management system based on big data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |