CN115098883A - Data privacy protection method and system based on safe multi-party calculation - Google Patents

Data privacy protection method and system based on safe multi-party calculation Download PDF

Info

Publication number
CN115098883A
CN115098883A CN202210743572.3A CN202210743572A CN115098883A CN 115098883 A CN115098883 A CN 115098883A CN 202210743572 A CN202210743572 A CN 202210743572A CN 115098883 A CN115098883 A CN 115098883A
Authority
CN
China
Prior art keywords
data
party
screening
sub
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210743572.3A
Other languages
Chinese (zh)
Inventor
张和琳
陈红
粟仁杰
林德威
江美玲
郑志伟
郭蔡炜
林靖颖
程修远
孙浩淞
丁宁
郑嘉明
方志坚
陈艺燕
肖郑海
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Fujian Electric Power Co Ltd
Information and Telecommunication Branch of State Grid Fujian Electric Power Co Ltd
Original Assignee
State Grid Fujian Electric Power Co Ltd
Information and Telecommunication Branch of State Grid Fujian Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Fujian Electric Power Co Ltd, Information and Telecommunication Branch of State Grid Fujian Electric Power Co Ltd filed Critical State Grid Fujian Electric Power Co Ltd
Priority to CN202210743572.3A priority Critical patent/CN115098883A/en
Publication of CN115098883A publication Critical patent/CN115098883A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a data privacy protection method and a system based on secure multi-party computing, wherein the method comprises the following steps: the request side sends a research request to the manager, wherein the research request contains set standard conditions; the management party screens out target objects meeting standard conditions from the data holding party according to the research request; and the manager and the data holder perform safe multiparty calculation based on the target data and the target analysis model of the target object to obtain corresponding analysis results, and transmit the analysis results to the requester. The method and the device can meet the requirement of screening the target object under the condition of vertically distributed data sources, so that the privacy of data of each data holder is effectively ensured in the screening process of the target object, the condition of privacy data information leakage in the screening process of the target object is avoided, and the adaptability and the safety of data analysis based on safe multi-party calculation are effectively improved.

Description

Data privacy protection method and system based on secure multi-party computing
Technical Field
The invention relates to the technical field of secure multiparty computation, in particular to a data privacy protection method and a data privacy protection system based on secure multiparty computation.
Background
Currently, there are many scenarios where multiple parties cooperate to perform data processing, such as where a data holder provides data to a specified requesting party, such as a company or organization, to obtain business benefits through the accumulation of relevant property-specific data from own business. However, these companies or organizations do not directly use the data of the data holder, but provide the data analysis requirements to a specific analysis model holder, and the analysis model holder uses the data and the analysis model to perform analysis or prediction, so as to obtain the corresponding analysis results and return the analysis results to the required requesting party.
When the data of the target object group is required to be analyzed by the requester, a suitable target object group needs to be screened out through a multidimensional standard, and then the data of the target object group is analyzed to obtain a required analysis result. However, when screening target object groups, for vertically distributed data holders, since screened screening item data (such as age group, health condition, credit investigation condition, police information, positioning information, deposit information, etc.) may be distributed among different data holders (such as banks, financial institutions, medical institutions, police offices, operators, etc.), in the prior art, each data holder usually collects data of a target object list meeting the standards of the corresponding screening item with itself into a model holder, and then the model holder screens out the target object groups meeting the standards; however, when the data is collected to a unified model holder for target object group screening, privacy data of the target object (for example, information of the target object for different screening items) may be leaked, which may cause a risk of leakage of privacy information in the data analysis process.
Disclosure of Invention
In view of the above problems, the present invention aims to provide a data privacy protection method and system based on secure multi-party computing.
The purpose of the invention is realized by adopting the following technical scheme:
in a first aspect, the present invention provides a data privacy protection method based on secure multi-party computing, including:
the request party sends a research request to the manager, wherein the research request contains set standard conditions;
the management party screens out target objects meeting standard conditions from the data holding party according to the research request;
and the manager and the data holder perform safe multiparty calculation based on the target data and the target analysis model of the target object to obtain corresponding analysis results, and transmit the analysis results to the requester.
In one embodiment, the method for screening out the target objects meeting the standard conditions from the data holders by the management party according to the research request comprises the following steps:
the set standard condition is a standard condition that a requester encrypts by adopting an encryption public key;
aiming at the condition that the management party is not the data holding party, the management party respectively transmits the encrypted standard conditions to the data holding party;
the data holder decrypts the encrypted standard conditions by adopting a decryption private key, screens out data objects which accord with the standard conditions of the corresponding sub-items from the data held by the data holder, and transmits the data object information to the manager;
and the management party integrates the object information transmitted by each data holding party and screens out the target objects meeting all standard conditions.
In one embodiment, the method for screening out the target objects meeting the standard conditions from the data holders by the management party according to the research request comprises the following steps: for the case where the managing party is the data holder,
the management party selects one data holding party from the data holding parties except the management party as a key management party;
the management party generates a disturbance data set according to the number N of the data holding parties, wherein the disturbance data set comprises N disturbance data;
the management party randomly distributes the N pieces of disturbance data to the data holding party and sends the set standard conditions to the data holding party;
the key management party generates a homomorphic encryption key and a decryption key and sends the encryption key to other data holders except the management party;
the data holder judges whether the values of the sub items of the data objects accord with the standard conditions of the corresponding sub items in the standard conditions or not according to the received standard conditions, and generates sub-screening data, wherein the sub-screening data comprises the data objects and screening results of whether the data objects accord with the standard conditions or not; carrying out disturbance processing on the sub-screening data according to the received disturbance data to obtain the sub-screening data after the disturbance processing;
all data holders except the key management party encrypt the disturbed sub-screening data by using an encryption key and a Paillier encryption algorithm to obtain sub-ciphertext data; transmitting the sub ciphertext data to a management party;
the management party performs multiplication operation according to the received sub-ciphertext data transmitted by each data holding party to obtain N-2 ciphertext data; and transmitting the N-2 ciphertext data to a key management party;
the key management party decrypts the N-2 ciphertext data by using the generated decryption key to obtain N-2 plaintext data; carrying out summation calculation on the sub-screening data subjected to self-disturbance processing and the N-2 plaintext data to obtain N-1 plaintext data, and transmitting the N-1 plaintext data to a management party;
the management party performs sum operation according to the obtained N-1 plaintext data and the sub-screening data subjected to self disturbance processing to obtain screening result plaintext data; and screening the target objects meeting the standard conditions according to the screening result plaintext data.
In one embodiment, the perturbation data includes a perturbation value corresponding to each data object, and a sum of the perturbation values corresponding to the same data object in each perturbation data is zero.
In one embodiment, the data holder, according to the received standard condition, determining whether the value of the data object sub-item meets the standard condition of the corresponding sub-item in the standard condition, and generating the sub-screening data, includes:
the data holder compares the value of the same sub-item of the data object with the standard range of the sub-item in the standard condition according to the sub-item in the standard condition, judges that the data object does not conform to the screening condition when the value of the sub-item of the data object exceeds the standard range, and records the screening result as 0; and when the value of the sub item of the data object is in the standard range, judging that the data object meets the screening condition, and recording the screening result as 1.
In one embodiment, the screening result plaintext data includes each data object and a corresponding screening result accumulated value, and when the screening result accumulated value is greater than a set standard range, the data object is determined to be a target object meeting the standard condition; otherwise, judging the data object as not meeting the standard condition;
and the management party generates a target object list meeting the standard conditions according to the obtained target object information and transmits the target object list to each data holding party.
In one embodiment, a manager and a data holder perform secure multi-party computation based on target data of a target object and a target analysis model, comprising:
and the management party acquires the non-private data corresponding to the target object from the data holding party, analyzes the non-private data by using a local data analysis model to obtain a corresponding analysis result, and feeds the analysis result back to the requesting party.
In one embodiment, a manager and a data holder perform secure multi-party computation based on target data of a target object and a target analysis model, comprising:
and the management party and the data holding party select target data corresponding to the target object, perform cooperative calculation according to an agreed analysis model, complete a specified analysis task, obtain a corresponding analysis result and feed the analysis result back to the requesting party.
In a second aspect, the invention provides a data privacy protection system based on secure multi-party computing, which comprises a requesting party, a managing party and a data holding party;
the request party is used for sending a research request to the management party, wherein the research request contains set standard conditions;
the management party is used for screening out target objects meeting standard conditions from the data holding party according to the research request;
the manager and the data holder are used for carrying out safe multi-party calculation based on the target data and the target analysis model of the target object to obtain corresponding analysis results, and transmitting the analysis results to the requester.
The invention has the beneficial effects that: the data privacy protection method and system based on safe multi-party computation can meet the requirement of screening target objects under vertically distributed data sources, so that the privacy of data of each data holder is effectively guaranteed in the process of screening the target objects, the condition of privacy data information leakage in the process of screening the target objects is avoided, and the adaptability and safety of data analysis based on safe multi-party computation are effectively improved.
Drawings
The invention is further illustrated by means of the attached drawings, but the embodiments in the drawings do not constitute any limitation to the invention, and for a person skilled in the art, other drawings can be obtained on the basis of the following drawings without inventive effort.
FIG. 1 is a schematic flow chart of a data privacy protection method based on secure multiparty computing according to the present invention;
fig. 2 is a block diagram of a data privacy protection system based on secure multiparty computing according to the present invention.
Detailed Description
The invention is further described in connection with the following application scenarios.
Referring to fig. 1, a method for data privacy protection based on secure multiparty computing is shown, comprising:
s1, requesting to send a research request to the manager, wherein the research request contains set standard conditions;
in one embodiment, the set standard condition includes at least one sub-item and a standard condition corresponding to each sub-item. The data held by the data holder contains a value of the data object corresponding to at least one sub-item.
In a preferred embodiment, the set standard conditions include at least 3 sub-items and standard conditions corresponding to the sub-items. Wherein the distribution contained in the at least three sub-items is among at least 3 data holders.
In one scenario, a request party sends a research request to a manager to request to obtain target data (such as age data, health data, credit investigation data, location data, etc.) of target objects (user groups) meeting 4 sub-project conditions at the same time for further research, where the 4 sub-projects and corresponding standard conditions include: 1) age information: the age group is 30-35 years old; 2) health condition: no chronic disease; 3) and (3) credit investigation condition: no credit investigation bad record; 4) the existing place is as follows: the current state of Guangzhou;
wherein the 4 sub-project data: age information, health condition data, credit investigation condition data and present location data are held by 4 data holders of a public security organization, a medical institution, a banking institution and an operator, respectively.
S2, the manager screens out the target objects meeting the standard conditions from the data holder according to the research request;
in one embodiment, the target object comprises a person or an organization, etc.
In one embodiment, in step S2, the method for screening out target objects meeting the standard condition from the data holder by the manager according to the research request includes:
the set standard condition is a standard condition that a requester encrypts by adopting an encryption public key;
aiming at the condition that the management party is not the data holding party, the management party respectively transmits the encrypted standard conditions to the data holding party;
the data holder decrypts the encrypted standard conditions by adopting a decryption private key, screens out data objects which accord with the standard conditions of the corresponding sub-items from the data held by the data holder, and transmits the data object information to the manager;
and the management party integrates the object information transmitted by each data holding party and screens out the target objects meeting all standard conditions.
In the above embodiment, in the case that a conventional management party does not belong to any one of the data holders, when a request party sends a research request, the standard condition information in the research request is encrypted by using a preset encryption public key, where a decryption private key exists only in the data holders, the management party only forwards the standard conditions to the corresponding data holders, the data holders screen appropriate target objects according to the standard conditions, and return a list of the target objects to the management party, and the management party screens the target objects finally meeting all the standard conditions comprehensively according to the list of the target objects screened by each data holder. The data holders only screen data corresponding to the target objects owned by the data holders, and the management party only obtains list information returned by each data holder when knowing standard conditions, so that the situation that the privacy information is leaked in the process of screening the target objects by the management party can be effectively prevented. And a foundation is laid for further acquiring data for analysis and further researching and analyzing the data according to the obtained target object.
In one embodiment, in step S2, the method for screening out target objects meeting the standard condition from the data holder by the manager according to the research request includes: for the case where the managing party is the data holder,
s21 the manager selects one data holder as key manager from other data holders; for example, it involves a total of N data holders { C according to the set criteria 1 ,C 2 ,…C N The manager is adopted C 1 Indicating that the key manager adopts C 2 Represents, and is represented by 3 …C N Respectively representing other data holders;
s22 manager C 1 Generating a disturbance data set according to the number N of data holders, wherein the disturbance data set comprises N disturbance data;
s23 manager C 1 Randomly distributing N pieces of disturbance data to data holders C 1 ,C 2 ,…C N And sending the set standard conditions to the data holder C 1 ,C 2 ,…C N
E.g. the generated perturbation data set is phi r =[r 1 ,r 2 ,…,r N ]Wherein r is i Representing perturbation data corresponding to the ith data holder, i being 1,2, … N;
in one embodiment, whereinThe dynamic data comprises disturbance values corresponding to each data object, and the sum of the disturbance values corresponding to the same data object in each disturbance data is zero. E.g. r i =[r i1 ;r i2 ;…;r iM ]Wherein r is ij Representing a perturbation value corresponding to a j-th data object in the ith perturbation data, wherein j is 1,2, … M, M represents the total number of the data objects, and the same j is used for representing the same data object (user j) in different data holders; then r is 1j +r 2j +…+r Nj 0. In one scenario, r 1j =-3,r 2j =2,r 3j =1,…,r Nj =0。
S24 Key manager C 2 Generating a homomorphic encryption key K gn : (n, g) and a decryption key K λ Lambda and encrypt the key K gn Is sent to a removal manager C 1 Other data holders C than the others 2 ,…C N
S25 data holder C 1 ,C 2 ,…C N Judging whether the values of the sub items of the data objects meet the standard conditions of the corresponding sub items in the standard conditions or not according to the received standard conditions, and generating sub screening data, wherein the sub screening data comprises the data objects and screening results of whether the data objects meet the standard conditions or not; carrying out disturbance processing on the sub-screening data according to the received disturbance data to obtain the sub-screening data after the disturbance processing;
in one embodiment, the data holder, according to the received standard condition, determining whether the value of the data object sub-item meets the standard condition of the corresponding sub-item in the standard condition, and generating the sub-screening data, includes:
the data holder compares the value of the same sub-item of the data object with the standard range of the sub-item in the standard condition according to the sub-item in the standard condition, judges that the data object does not conform to the screening condition when the value of the sub-item of the data object exceeds the standard range, and records the screening result as 0; and when the value of the data object sub-item is in the standard range, judging that the data object meets the screening condition, and recording the screening result as 1. E.g. for the ith data holder, its generationThe sub-screening data of (1) is z i =[z i1 ;z i2 ;…;z iM ]Wherein z is ij Represents the judgment result of j-th data object sub-item standard screened by the ith data holder, wherein j is 1,2, … M, M represents the total number of data objects, when the value of the data object sub-item meets the corresponding standard condition, z represents the total number of data objects ij 1, otherwise z ij =0;
In one scenario, the public security organization marks the screening results of users with age data between 30 and 35 as 1, and marks the screening results of other users as 0; the medical institution marks the screening result of the user without the chronic disease record as 1 and marks the screening result of the user with the chronic disease record as 0; the bank organization marks the screening result of the user without credit investigation bad record as 1; marking the screening result of the user with the credit investigation bad record as 0; the operator marks the screening result of the user whose location is Guangzhou as 1, and marks the screening result of the user whose location is not Guangzhou as 0.
In one embodiment, the disturbing processing of the sub-screening data according to the received disturbance data includes: z' i =[z′ i1 ;z′ i2 ;…;z′ iM ]Wherein z' i Denotes the post-perturbation treatment sub-screening data, z' ij Represents a j-th data object sub-item criterion judgment result value, wherein z ', screened by the i-th data holder after the disturbance processing' ij =z ij +r ij Z 'being' i =z i +r i
S26 data holders C except the key manager 3 …C N Encrypting the disturbed sub-screening data by using an encryption key and a Paillier encryption system to obtain sub-ciphertext data P 3 …P N In which P is i Indicates the corresponding data holder C i The obtained sub ciphertext data, i ═ 3, … N; and transmits the sub cipher text data to the manager C 1
S27 manager C 1 According to each received data holder C 3 …C N Transmitted sub ciphertext data P 3 …P N To proceed withMultiplying to obtain N-2 ciphertext data M N-2 =P 3 *P 4 *…P N (ii) a And the N-2 ciphertext data M N-2 To the key manager. Wherein, by utilizing the addition homomorphism of the Paillier encryption algorithm, when the multiplication operation of the ciphertext data is carried out, the result is the same as the sum operation of the plaintext data, so M N-2 Corresponding plaintext data is substantially z' 3 +z′ 4 +…z′ N Equal;
s28 Key manager C 2 Using the generated decryption key K λ For N-2 ciphertext data M N-2 Carries out decryption to obtain N-2 plaintext data Q N-2 (ii) a And the sub screening data z 'subjected to self disturbance processing' 2 And N-2 plaintext data Q N-2 Performing sum calculation to obtain N-1 plaintext data Q N-1 And converts N-1 plaintext data Q n-1 To the manager C 1
S29 manager C 1 According to the obtained N-1 plaintext data Q N-1 And the sub screening data z 'subjected to self disturbance processing' 1 Carrying out a sum operation to obtain the clear text data Q of the screening result N (ii) a And according to the clear text data Q of the screening result N And screening the target objects meeting the standard conditions.
In one embodiment, the result of the screening is plaintext data Q N Including each data object and the corresponding accumulated value of the screening result, Q N =[q 1 ,q 2 ,…,q M ]Wherein q is j Indicates the accumulated value of the screening results corresponding to the jth data object, j is 1,2, … M, and M indicates the total number of data objects. Wherein, q is obtained according to the above operation j The substantial calculation result is q j =z′ 1j +z′ 2j +…z′ Nj =(z 1j +r 1j )+(z 2j +r 2j )+…(z Nj +r Nj ) (ii) a In view of r 1j +r 2j +…+r Nj 0, so q j Is as a result of z 1j +…+z Nj I.e. the sum of the quasi-decision result values fed back by the respective data holders.
When the accumulated value of the screening results is larger than the set standard range, the data object is judged to beTarget objects meeting standard conditions; otherwise, judging the data object as not meeting the standard condition. In one scenario, when q is j And if the number of the data objects is more than N, the screening result of each sub item of the jth data object is 1, and the data object is judged to be a target object meeting the standard condition.
And the management party generates a target object list meeting the standard conditions according to the obtained target object information and transmits the target object list to each data holding party. For example, the data objects with the accumulated value of the screening results being greater than or equal to N are used as target objects, a corresponding target object list (for example, a list including a plurality of screened users) is generated, and the target object list is transmitted to each data holder.
In one scenario, the list of target objects includes a list of multiple users (user 1, user 2, …, user Q). Wherein Q represents a combination of 1) age group of 30-35 years; 2) no chronic disease; 3) no credit investigation bad record; 4) the total number of target objects in the state of Guangdong.
In the foregoing embodiment, a technical scheme for screening a target object is provided, so that a manager can obtain detailed information of a specific screening result of each owner by integrating screening results of each data owner, the manager in charge of integrated processing and a key manager having a decryption key are prevented from obtaining detailed information of the specific screening result of each owner, the problem that the manager reveals privacy information of the data object in the process can be effectively avoided, and security and reliability of processing private data are improved.
In the above embodiment, although the key management party holds the decryption key, since the sub-screening data is subjected to the perturbation processing, the key management party cannot obtain the screening result details of each data holding party, thereby avoiding information leakage; meanwhile, although the management party can acquire clear data of the screening result, the management party cannot obtain the detailed screening result of each data holder.
Further, the constraint manager does not hold the encryption key, and makes the child filter data z' 1 Performing homomorphic operation with the sub ciphertext data of other data holders; manager is avoided from sub-screening data z' 1 Homomorphic operation result M of sub ciphertext data of other data holder N-2 Combining the final screening result plaintext data Q N And the condition of the detail of the screening result of the key holder is reversely deduced, so that the hidden danger of privacy data leakage is avoided, and the safety of data processing is improved.
S3, the manager and the data holder perform safety multi-party calculation based on the target data and the target analysis model of the target object to obtain corresponding analysis results, and transmit the analysis results to the requester.
In one scenario, the target data of the target object includes data that also conforms to 1) an age range of 30-35 years; 2) no chronic disease; 3) no credit investigation bad record; 4) age data, health data, credit data, location data, and the like of a target subject in Guangzhou.
The multi-party safe calculation can simultaneously ensure the input privacy and the calculation correctness, ensure that the input information of each party participating in the calculation is not exposed through a mathematical theory on the premise of no trusted third party, and simultaneously can obtain an accurate calculation result. The method can be implemented by one or more of garbled circuit in cryptography, oblivious transmission (oblivious sharing), secret sharing, homomorphic encryption (homomorphic encryption), homomorphic commitment (homomorphic commitment), zero-knowledge proof (zero-knowledge proof), and the like.
In one embodiment, a manager and a data holder perform secure multi-party computation based on target data of a target object and a target analysis model, comprising:
and the management party acquires the non-private data corresponding to the target object from the data holding party, analyzes the non-private data by using a local data analysis model to obtain a corresponding analysis result, and feeds the analysis result back to the requesting party.
In one embodiment, a manager and a data holder perform secure multi-party computation based on target data of a target object and a target analysis model, comprising:
and the management party and the data holding party select target data corresponding to the target object, perform collaborative calculation according to the agreed analysis model, complete the specified analysis task, obtain the corresponding analysis result and feed back the analysis result to the requesting party.
The data privacy protection method based on the secure multi-party computing can meet the requirement of screening target objects under vertically distributed data sources, so that the privacy of data of each data holder is effectively ensured in the screening process of the target objects, the condition of privacy data information leakage in the screening process of the target objects is avoided, and the adaptability and the security of data analysis based on the secure multi-party computing are effectively improved.
Corresponding to the method for protecting data privacy based on secure multi-party computing proposed in the above fig. 1, refer to fig. 2, which shows a system for protecting data privacy based on secure multi-party computing, comprising a requesting party, a managing party and a data holding party;
the request party is used for sending a research request to the management party, wherein the research request contains set standard conditions;
the management party is used for screening out target objects meeting standard conditions from the data holding party according to the research request;
the manager and the data holder are used for carrying out safe multi-party calculation based on the target data and the target analysis model of the target object to obtain corresponding analysis results, and transmitting the analysis results to the requester.
It should be noted that, the above proposed system for protecting data privacy based on secure multi-party computing is also used to implement the corresponding method steps in the embodiments of the method for protecting data privacy based on secure multi-party computing as shown in fig. 1, and the description of the present application is not repeated here.
It should be noted that, functional units/modules in the embodiments of the present invention may be integrated into one processing unit/module, or each unit/module may exist alone physically, or two or more units/modules are integrated into one unit/module. The integrated units/modules may be implemented in the form of hardware, or may be implemented in the form of software functional units/modules.
From the above description of embodiments, it is clear for a person skilled in the art that the embodiments described herein can be implemented in hardware, software, firmware, middleware, code or any appropriate combination thereof. For a hardware implementation, a processor may be implemented in one or more of the following units: an Application Specific Integrated Circuit (ASIC), a Digital Signal Processor (DSP), a Digital Signal Processing Device (DSPD), a Programmable Logic Device (PLD), a Field Programmable Gate Array (FPGA), a processor, a controller, a microcontroller, a microprocessor, other electronic units designed to perform the functions described herein, or a combination thereof. For a software implementation, some or all of the flow of the embodiments may be accomplished by a computer program instructing the associated hardware. In practice, the program may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a computer. Computer-readable media can include, but is not limited to, RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
Finally, it should be noted that the above embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the protection scope of the present invention, although the present invention is described in detail with reference to the preferred embodiments, it should be analyzed by those skilled in the art that modifications or equivalent substitutions can be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.

Claims (9)

1. A data privacy protection method based on secure multiparty computation is characterized by comprising the following steps:
the request party sends a research request to the manager, wherein the research request contains set standard conditions;
the management party screens out target objects meeting standard conditions from the data holding party according to the research request;
and the manager and the data holder perform safe multiparty calculation based on the target data and the target analysis model of the target object to obtain corresponding analysis results, and transmit the analysis results to the requester.
2. The method for protecting data privacy based on secure multi-party computing according to claim 1, wherein the manager screens out target objects meeting standard conditions from the data holders according to research requests, and the method comprises:
the set standard condition is a standard condition that a requester encrypts by adopting an encryption public key;
aiming at the condition that the management party is not the data holding party, the management party respectively transmits the encrypted standard conditions to the data holding party;
the data holder decrypts the encrypted standard conditions by adopting a decryption private key, screens out data objects which accord with the standard conditions of the corresponding sub-items from the data held by the data holder, and transmits the data object information to the manager;
and the management party integrates the object information transmitted by each data holding party and screens out the target objects meeting all standard conditions.
3. The method for protecting data privacy based on secure multi-party computing according to claim 1, wherein the manager screens out target objects meeting standard conditions from the data holders according to research requests, and the method comprises: for the case where the managing party is the data holder,
the management party selects one data holding party from the data holding parties except the management party as a key management party;
the management party generates a disturbance data set according to the number N of the data holding parties, wherein the disturbance data set comprises N disturbance data;
the management party randomly distributes the N pieces of disturbance data to the data holding party and sends the set standard conditions to the data holding party;
the key management party generates a homomorphic encryption key and a decryption key and sends the encryption key to other data holders except the management party;
the data holder judges whether the values of the sub items of the data objects meet the standard conditions of the corresponding sub items in the standard conditions according to the received standard conditions to generate sub screening data, wherein the sub screening data comprises the data objects and screening results of whether the data objects meet the standard conditions; carrying out disturbance processing on the sub-screening data according to the received disturbance data to obtain the sub-screening data after the disturbance processing;
all data holders except the key management party encrypt the sub-screening data subjected to the disturbance processing by using an encryption key and a Paillier encryption algorithm to obtain sub-ciphertext data; transmitting the sub ciphertext data to a management party;
the management party performs multiplication operation according to the received sub-ciphertext data transmitted by each data holding party to obtain N-2 ciphertext data; and transmitting the N-2 ciphertext data to a key management party;
the key management party decrypts the N-2 ciphertext data by using the generated decryption key to obtain N-2 plaintext data; performing sum calculation on the sub-screening data subjected to the self disturbance processing and the N-2 plaintext data to obtain N-1 plaintext data, and transmitting the N-1 plaintext data to a management party;
the management party performs sum operation according to the obtained N-1 plaintext data and the sub-screening data subjected to self disturbance processing to obtain screening result plaintext data; and screening the target objects meeting the standard conditions according to the screening result plaintext data.
4. The method according to claim 3, wherein the perturbation data includes perturbation values corresponding to each data object, and a sum of the perturbation values corresponding to the same data object in each perturbation data is zero.
5. The method for protecting data privacy based on secure multiparty computing according to claim 3, wherein the data holder judges whether the values of the data object sub-items meet the standard conditions of the corresponding sub-items in the standard conditions according to the received standard conditions, and generates sub-screening data, including:
the data holder compares the value of the same sub-item of the data object with the standard range of the sub-item in the standard condition according to the sub-item in the standard condition, judges that the data object does not conform to the screening condition when the value of the sub-item of the data object exceeds the standard range, and records the screening result as 0; and when the value of the sub item of the data object is in the standard range, judging that the data object meets the screening condition, and recording the screening result as 1.
6. The method according to claim 5, wherein the screening result plaintext data includes each data object and a corresponding screening result accumulated value, and when the screening result accumulated value is larger than a set standard range, the data object is determined to be a target object meeting the standard condition; otherwise, judging the data object as not meeting the standard condition;
and the management party generates a target object list meeting the standard conditions according to the obtained target object information and transmits the target object list to each data holding party.
7. The method for protecting data privacy based on secure multiparty computation of claim 1, wherein the manager and the data holder perform secure multiparty computation based on target data of a target object and a target analysis model, comprising:
the management party acquires the non-private data corresponding to the target object from the data holding party, analyzes the non-private data by using a local data analysis model to obtain a corresponding analysis result, and feeds the analysis result back to the requesting party.
8. The method for protecting data privacy based on secure multiparty computation of claim 1, wherein the manager and the data holder perform secure multiparty computation based on target data of a target object and a target analysis model, comprising:
and the management party and the data holding party select target data corresponding to the target object, perform cooperative calculation according to an agreed analysis model, complete a specified analysis task, obtain a corresponding analysis result and feed the analysis result back to the requesting party.
9. A data privacy protection system based on secure multi-party computing comprises a requesting party, a managing party and a data holding party;
the request party is used for sending a research request to the management party, wherein the research request contains set standard conditions;
the management party is used for screening out target objects meeting standard conditions from the data holding party according to the research request;
the manager and the data holder are used for carrying out safe multi-party calculation based on the target data and the target analysis model of the target object to obtain corresponding analysis results, and transmitting the analysis results to the requester.
CN202210743572.3A 2022-06-28 2022-06-28 Data privacy protection method and system based on safe multi-party calculation Pending CN115098883A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210743572.3A CN115098883A (en) 2022-06-28 2022-06-28 Data privacy protection method and system based on safe multi-party calculation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210743572.3A CN115098883A (en) 2022-06-28 2022-06-28 Data privacy protection method and system based on safe multi-party calculation

Publications (1)

Publication Number Publication Date
CN115098883A true CN115098883A (en) 2022-09-23

Family

ID=83295310

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210743572.3A Pending CN115098883A (en) 2022-06-28 2022-06-28 Data privacy protection method and system based on safe multi-party calculation

Country Status (1)

Country Link
CN (1) CN115098883A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116595569A (en) * 2023-07-19 2023-08-15 西南石油大学 Government affair data security multiparty calculation method based on alliance chain

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116595569A (en) * 2023-07-19 2023-08-15 西南石油大学 Government affair data security multiparty calculation method based on alliance chain
CN116595569B (en) * 2023-07-19 2023-09-15 西南石油大学 Government affair data security multiparty calculation method based on alliance chain

Similar Documents

Publication Publication Date Title
Huang et al. Blockchain-based eHealth system for auditable EHRs manipulation in cloud environments
US11784795B2 (en) Post-quantum blockchain system and methods
Hassan et al. [Retracted] The Rise of Cloud Computing: Data Protection, Privacy, and Open Research Challenges—A Systematic Literature Review (SLR)
Valjarevic et al. Towards a digital forensic readiness framework for public key infrastructure systems
CN114697073A (en) Block chain-based telecom operator data secure sharing method
CN106131225A (en) The security system accessed for medical treatment case information
CN115098883A (en) Data privacy protection method and system based on safe multi-party calculation
CN113239401A (en) Big data analysis system and method based on power Internet of things and computer storage medium
Skarkala et al. Pp-tan: a privacy preserving multi-party tree augmented naive Bayes classifier
CN117056984A (en) Method, system, computer equipment and storage medium for data security calculation
CN111861736B (en) Block chain based government affair data processing method, device, equipment and medium
Liang et al. Auditable federated learning with byzantine robustness
Agarwal et al. FIR Registration System Using Blockchain
Sivanantham et al. Reliable Data Storage and Sharing using Block chain Technology and Two Fish Encryption
Mehmood et al. IoT-enabled Web warehouse architecture: a secure approach
Kelarev et al. A survey of state-of-the-art methods for securing medical databases
Hombal et al. An effective security protocol for GDS (group Data sharing) in Healthcare Cloud Environment
Batten et al. Prevention of information harvesting in a cloud services environment
Joseph et al. Protecting information stored inside the cloud with A new CCA-EBO protocol designed on hive technology
Chaturvedi et al. Security Algorithms for Privacy Protection and Security in Aadhaar
Baldwin Enhanced accountability for electronic processes
Avgerinos et al. A Practical and Scalable Privacy-preserving Framework
WO2024138854A1 (en) Method and system for protecting privacy in federated learning prediction stage
WO2022244129A1 (en) Management apparatus, financial institution terminal, and management method
Vijayan et al. A Blockchain-Based Access Control System for Cloud Storage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination