CN115114668A - Data element privacy calculation method and system based on block chain and CDN - Google Patents

Data element privacy calculation method and system based on block chain and CDN Download PDF

Info

Publication number
CN115114668A
CN115114668A CN202211042936.1A CN202211042936A CN115114668A CN 115114668 A CN115114668 A CN 115114668A CN 202211042936 A CN202211042936 A CN 202211042936A CN 115114668 A CN115114668 A CN 115114668A
Authority
CN
China
Prior art keywords
data element
fragments
target
block
fragment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211042936.1A
Other languages
Chinese (zh)
Other versions
CN115114668B (en
Inventor
邢炬
左磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianju Dihe Suzhou Technology Co ltd
Original Assignee
Tianju Dihe Suzhou Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianju Dihe Suzhou Technology Co ltd filed Critical Tianju Dihe Suzhou Technology Co ltd
Priority to CN202211042936.1A priority Critical patent/CN115114668B/en
Publication of CN115114668A publication Critical patent/CN115114668A/en
Application granted granted Critical
Publication of CN115114668B publication Critical patent/CN115114668B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/955Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
    • G06F16/9566URL specific, e.g. using aliases, detecting broken or misspelled links
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Bioethics (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Data Mining & Analysis (AREA)
  • Medical Informatics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a data element privacy calculation method and system based on a block chain and a CDN (content delivery network), and relates to the technical field of block chains. The method comprises the following steps: the client compiles the operation logic into program blocks; the gateway acquires the URL of the circuit pre-generated information provider and the target data element fragment from the registration contract according to the identification of the target data element block; acquiring circuit pre-generation information according to a circuit pre-generation information provider; distributing the computing tasks to the edge computing servers according to the load information of the edge computing servers; the edge computing server analyzes the URL of the target data element fragment through a DNS in the CDN; acquiring target data element fragments from an edge data server of the CDN; carrying out privacy calculation according to the program block, the target data element fragment and the circuit pre-generated information to obtain a target result fragment; and the gateway reconstructs the target result fragments into result blocks and feeds the result blocks back to the client. This embodiment can widen the distribution range of data elements.

Description

Data element privacy calculation method and system based on block chain and CDN
Technical Field
The invention relates to the technical field of block chains, in particular to a data element privacy calculation method and system based on a block chain and a CDN (content delivery network).
Background
Data elements refer to data that can produce a use value and an economic benefit. Today, where numerical economies are emphasized, adequate circulation of data elements is an important means of releasing data value. At present, the sharing and application of data elements mainly depend on private computing technology. However, the current development of the privacy computing technology is mainly in an application level, and an information infrastructure facing the circulation of general data elements is lacked, so the circulation of the data elements is usually located between fixed partners, and the scale and pervasive development is difficult. For example, a provides data elements to B according to a predetermined protocol, B performs privacy calculation based on the data elements provided by a, and the data elements are merely circulated between a and B, which cannot sufficiently release the value of the data elements.
Disclosure of Invention
In view of this, embodiments of the present invention provide a data element privacy calculation method and system based on a block chain and a CDN (Content Delivery Network), which can widen a distribution range of data elements based on an existing CDN, fully release values of the data elements, and ensure security of the data elements in a distribution process through the block chain.
In a first aspect, an embodiment of the present invention provides a data element privacy calculation method based on a block chain and a CDN, including:
the client compiles the operation logic into a program block and sends a calculation request to the gateway; the calculation request comprises: an identification of a target data element block and the program block;
the gateway acquires a circuit pre-generation information provider and URLs of a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element block; obtaining the circuit pre-generation information according to the circuit pre-generation information provider; generating a plurality of computing tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing the plurality of computing tasks to the edge computing servers in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: the program block, the circuit pre-generation information, and the URL of the target data element fragment;
the edge computing server resolves the URL of the target data element fragment through a DNS (Domain Name System) in the CDN; acquiring the target data element fragments from an edge data server of the CDN according to an analysis result; carrying out privacy calculation according to the program block, the target data element fragments and the circuit pre-generated information to obtain target result fragments; sending the target result fragments to the gateway;
and the gateway reconstructs the target result fragments into a result block and feeds the result block back to the client.
In a second aspect, an embodiment of the present invention provides a data element privacy calculation method based on a block chain and a CDN, including:
the client compiles the operation logic into a program block and sends a calculation request to the gateway; the calculation request comprises: an identification of a target data element block and the program block;
the gateway acquires a circuit pre-generation information provider and URLs of a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element block; acquiring the circuit pre-generation information according to the circuit pre-generation information provider; generating a plurality of computing tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing the plurality of computing tasks to the edge computing servers and the clients in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: the program block, the circuit pre-generation information, and the URL of the target data element fragment;
the edge computing server and the client respectively execute: analyzing the URL of the target data element fragment through a DNS in the CDN, acquiring the target data element fragment from an edge data server of the CDN according to an analysis result, and performing privacy calculation according to the program block, the target data element fragment and the circuit pre-generated information to obtain a target result fragment;
the edge computing server sends the target result fragments to the client through the gateway;
and the client reconstructs the target result fragments obtained by calculation and the target result fragments sent by the gateway into result blocks.
In a third aspect, an embodiment of the present invention provides a data element privacy computing system based on a block chain and a CDN, including: the system comprises a client, a gateway, an edge computing server and a CDN; the CDN comprises the following steps: edge data servers and DNS;
the client is used for compiling the operation logic into program blocks and sending a calculation request to the gateway; the calculation request comprises: an identification of a target data element block and the program block;
the gateway is used for acquiring a circuit pre-generation information provider and URLs of a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element block; acquiring the circuit pre-generation information according to the circuit pre-generation information provider; generating a plurality of computing tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing the plurality of computing tasks to the edge computing servers in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: the program block, the circuit pre-generation information, and the URL of the target data element fragment; reconstructing a plurality of target result fragments into a result block, and feeding back the result block to the client;
the edge computing server is used for analyzing the URL of the target data element fragment through a DNS in the CDN; acquiring the target data element fragments from an edge data server of the CDN according to an analysis result; carrying out privacy calculation according to the program block, the target data element fragments and the circuit pre-generated information to obtain the target result fragments; and sending the target result fragments to the gateway.
In a fourth aspect, an embodiment of the present invention provides a data element privacy computing system based on a blockchain and a CDN, including: the system comprises a client, a gateway, an edge computing server and a CDN; the CDN comprises the following steps: edge data servers and DNS;
the client is used for compiling the operation logic into program blocks and sending a calculation request to the gateway; the calculation request comprises: an identification of a target data element block and the program block; analyzing the URL of the target data element fragment through a DNS in the CDN, acquiring the target data element fragment from an edge data server of the CDN according to an analysis result, and performing privacy calculation according to the program block, the target data element fragment and circuit pre-generated information to obtain a target result fragment; reconstructing the target result fragments obtained by calculation and the target result fragments sent by the gateway into result blocks;
the gateway is used for acquiring URLs of the circuit pre-generation information provider and a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element block; acquiring the circuit pre-generation information according to the circuit pre-generation information provider; generating a plurality of computing tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing the plurality of computing tasks to the edge computing servers and the clients in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: the program block, the circuit pre-generation information, and the URL of the target data element fragment;
the edge computing server is used for analyzing the URL of the target data element fragment through a DNS in the CDN, acquiring the target data element fragment from an edge data server of the CDN according to an analysis result, and performing privacy computation according to the program block, the target data element fragment and the circuit pre-generated information to obtain a target result fragment; and sending the target result fragments to the client through the gateway.
One embodiment of the above invention has the following advantages or benefits: the embodiment of the invention is based on the CDN, and can provide the data element fragments cached in the edge data server for different clients to use, thereby widening the circulation range of the data elements and fully releasing the value of the data elements. According to the embodiment of the invention, the data element blocks are divided into the data element fragments scattered in the CDN through the secret sharing technology, so that the data elements can be efficiently multiplexed, and the gateway only needs to dynamically load the circuit to pre-generate information without repeatedly loading the data element fragments, so that the use flexibility of the data elements is improved, and the circulation efficiency of the data elements is improved. The embodiment of the invention realizes the distribution of the data elements by multiplexing the traditional CDN framework, and can greatly reduce the cost.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
fig. 1 is a flowchart of a data element privacy calculation method based on a blockchain and a CDN, provided by an embodiment of the present invention;
FIG. 2 is a schematic diagram of a data element privacy computing system based on blockchains and a CDN provided by an embodiment of the present invention;
fig. 3 is a flowchart of a data element privacy calculation method based on a blockchain and a CDN, according to another embodiment of the present invention;
FIG. 4 is a schematic diagram of a data element privacy computing system based on a blockchain and CDN provided by another embodiment of the present invention;
fig. 5 is a flowchart of a data element privacy calculation method based on a blockchain and a CDN according to another embodiment of the present invention;
fig. 6 is a schematic block diagram of a computer system suitable for use in implementing a terminal device or server of an embodiment of the invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
In an actual application scenario, a client has two working modes, namely a transparent mode and a proxy mode, in the transparent mode, the client participates in related calculation defined by a program block, and a final result is collected to the client for reconstruction, in the proxy mode, the client does not participate in the related calculation, the calculation is executed by an edge calculation server in a proxy mode, and the final result is collected to a gateway for reconstruction. The transparent mode is suitable for the condition that the client is installed on the host side, and the proxy mode is suitable for the condition that the client is installed on the mobile side. The two modes will be described in detail below, respectively.
One, proxy mode
As shown in fig. 1, an embodiment of the present invention provides a data element privacy calculation method based on a block chain and a CDN, including:
step 101: the client compiles the operation logic into a program block and sends a calculation request to the gateway; the calculation request comprises the following steps: identification of target data element blocks and program blocks.
The client converts the arithmetic logic submitted by the user into program blocks for privacy calculation. In embodiments of the present invention, a user participates in a privacy computation using registered data elements, and therefore, an identification of a target data element block participating in the privacy computation needs to be specified.
Step 102: the gateway acquires a circuit pre-generation information provider and URLs of a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element block; acquiring circuit pre-generation information according to a circuit pre-generation information provider; generating a plurality of calculation tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing a plurality of computing tasks to the edge computing servers in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: the program block, circuitry pre-generates information and the URL of the target data element fragment.
The registration contract may include identification of data element blocks, circuit pre-generation information providers, and the like. The circuit pre-generation information refers to pre-generated information participating in privacy calculation, such as pre-generated multiplication triples and the like. The registration contract may also include a URL of circuit pre-generation information, etc.
The computing domain is determined by the geographical location where the gateways and edge computing servers are located, e.g., the gateways and edge computing servers in the lake zone are located in computing domain 1 and the gateways and edge computing servers in the sunny zone are located in computing domain 2. The computing domain comprises a gateway and a plurality of edge computing servers. Multiple computing tasks may be distributed to the same edge computing server, or an edge computing server may only process one computing task.
Step 103: the edge computing server analyzes the URL of the target data element fragment through a DNS in the CDN; acquiring target data element fragments from an edge data server of the CDN according to an analysis result; carrying out privacy calculation according to the program block, the target data element fragment and the circuit pre-generated information to obtain a target result fragment; and sending the target result fragments to the gateway.
The edge data server is used for caching the data element fragments, and the speed of the edge computing server for acquiring the data element fragments can be increased. And the edge computing server executes privacy computation according to the computing task to obtain a result fragment corresponding to the data element fragment.
Step 104: and the gateway reconstructs the plurality of target result fragments into a result block and feeds the result block back to the client.
The gateway reconstructs the result in the form of fragments into a data block.
The embodiment of the invention is based on the CDN, and can provide the data element fragments cached in the edge data server for different clients to use, thereby widening the circulation range of the data elements and fully releasing the value of the data elements. According to the embodiment of the invention, the data element blocks are divided into the data element fragments scattered in the CDN through the secret sharing technology, so that the data elements can be efficiently multiplexed, the gateway only needs to dynamically load the circuit to pre-generate information without repeatedly loading the data element fragments, and the use flexibility of the data elements is improved. The embodiment of the invention realizes the distribution of the data elements by multiplexing the traditional CDN framework, and can greatly reduce the cost.
In one embodiment of the invention, the method further comprises:
the data element provider cuts the data element block into a plurality of data element fragments;
and the data element provider initiates a registration contract, and the registration contract is signed by the data element provider, the circuit pre-generation information provider and the hosting service party respectively and then is deployed in the blockchain.
The circuit pre-generation information provider provides circuit pre-generation information for privacy calculation, and the hosting server is the provider of the source station server. The data element provider may embody agreed-upon content with the circuit pre-generation information provider and the hosting service in a registration contract that is validated after being signed by three parties, the registration contract being stored in a blockchain in order to prevent tampering with the content in the registration contract. The data element provider can initiate a registration contract or can cut the data element blocks.
In one embodiment of the invention, the method further comprises:
the source station server acquires data element fragments from a data element provider according to the identification of the data element blocks in the registration contract and the information of the data element provider; determining URLs of the data element fragments according to the domain name of the source station server, and issuing the URLs of the data element fragments to a block chain;
and the source station server sends the data element fragments to the edge data server, or the edge data server acquires the data element fragments from the source station server.
And the source station server completes the hosting of the data element fragments according to the content appointed in the registration contract and stores the URLs of the data element fragments into the block chain so as to facilitate the subsequent edge computing server to accurately acquire the data element fragments. The URLs of the data element shards may be stored in the registry contracts, but may also be stored in other contracts of the blockchain.
In one embodiment of the present invention, the registration contract further comprises: a fragmentation management policy and an identification of a key data element fragment;
a control management module of the CDN manages data element fragments in an edge data server according to a fragment management strategy;
wherein, the fragment management strategy comprises: any one or more of a copy number limit for any data element shard, a residence time threshold for a data element shard in an edge data server, a copy number limit for any critical data element shard, and a physical area in which data element shards may be stored.
And the control management module monitors the copying times of the data element fragments in the edge data server, and if the copying times are more than the preset limit of the copying times of any data element fragment, the copying of the data element fragments is terminated. The control management module monitors the retention time of the data element fragments in the edge data server, and deletes the data element fragments from the edge data server if the retention time is larger than a retention time threshold. And the control management module monitors the copying times of the key data element fragments, and if the copying times are more than the preset limit of the copying times of any key data element fragment, the copying of the key data element fragments is terminated. And the control management module distributes the data element fragments to the edge data server for caching according to a preset physical area in which the data element fragments can be stored. For example, the physical area where data elements can be stored includes the platoon and the sea lake, the data element fragments cannot be distributed to the edge data servers in other regions than the platoon and the sea lake.
The embodiment of the invention adopts a t-out-of-n fragment segmentation mode, defines n-t +1 data element fragments as key data element fragments, and the key data element fragments can be determined by a data element provider. the t pieces of data elements can be reconstructed to obtain data blocks.
The embodiment of the invention manages the data element fragments in the edge data server through the fragment management strategy, prevents the data element fragments from being abused and ensures the safety of the data element fragments.
In an embodiment of the present invention, the registration contract further includes: a secret sharing type;
the method further comprises the following steps: the client divides the current data element block into a plurality of current data element fragments according to the secret sharing type;
the calculation request also comprises: a plurality of current data element fragments;
the computing task also comprises the following steps: current data element fragments;
performing privacy computation according to the program block, the target data element fragment and the circuit pre-generation information, and comprising:
and carrying out privacy calculation according to the program block, the target data element fragment, the current data element fragment and the circuit pre-generated information.
In the implementation of the invention, a user can use own data elements to participate in privacy calculation, but similar to a data element provider, a client needs to split data element blocks provided by the user. Parties may also agree on the type of secret sharing in the registration contract, using different encryption schemes to implement privacy calculations, such as additive secret sharing, Shamir secret sharing, etc. The client and the data element provider need to split the data element block according to the secret sharing type. The embodiment of the invention can meet the requirements of different service scenes.
As shown in fig. 2, an embodiment of the present invention provides a data element privacy computing system based on a blockchain and a CDN, including: the system comprises a client, a gateway, an edge computing server and a CDN; the CDN comprises the following components: edge data servers and DNS;
the client is used for compiling the operation logic into program blocks and sending calculation requests to the gateway; the calculation request comprises the following steps: an identification of a target data element block and a program block;
the gateway is used for acquiring a circuit pre-generation information provider and URLs of a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element blocks; acquiring circuit pre-generation information according to a circuit pre-generation information provider; generating a plurality of calculation tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing a plurality of computing tasks to the edge computing servers in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: program blocks, circuit pre-generation information and URLs of target data element fragments; reconstructing the target result fragments into result blocks, and feeding the result blocks back to the client;
the edge computing server is used for analyzing the URL of the target data element fragment through a DNS (domain name server) in the CDN; acquiring target data element fragments from an edge data server of the CDN according to an analysis result; carrying out privacy calculation according to the program block, the target data element fragment and the circuit pre-generated information to obtain a target result fragment; and sending the target result fragments to the gateway.
As shown in fig. 3, an embodiment of the present invention provides a data element privacy calculation method based on a block chain and a CDN, including:
step 301: and the data element provider initiates a registration contract, and the registration contract is signed by the data element provider, the circuit pre-generation information provider and the hosting service party respectively and then is deployed in the blockchain.
As shown in fig. 4, a block chain and CDN based data element privacy computing system includes: the system comprises a client, a gateway, an edge computing server, a CDN (content delivery network), a data element provider and a source station server; the CDN comprises the following components: the system comprises an edge data server, a DNS and a management control module. Other modules such as data servers may also be included in the CDN, which are not shown in the figure.
The contents of the registration contract are shown in table 1, in which URLs of the data element fragments are distributed in the blockchain by the source site server and stored in the registration contract.
TABLE 1
Properties Example values Description of the invention
Data block ID u785-64a3-76bb-1234 Unique identification of data blocks
Data element provider M mechanism /
Secret sharing type Shamir Data block fragment generation mode
Number of fragments 3 Specifying the number of fragments to be sliced
Sequence number of key data element fragments [0, 2] /
Number of fragments reconstituted 2 Minimum number of fragments for reconstructing a secret: (<= number of pieces)
Circuit pre-generation information provider Service provider X /
Fragmentation management policy / /
Hosting facilitator [ facilitator 1, facilitator 2, …Service provider n] Facilitator for specified hosting
URL of data element fragment xyz.demo.com/u785-64a3-76bb-1234/01 The hosting service provider determines the URL of the hosting debris according to the domain name of the hosting service provider and signs the URL
If the secret sharing type is Additive, the number of fragments = the number of reconstructed fragments.
Step 302: the data element provider splits the data element block into a plurality of data element fragments according to the secret sharing type.
According to table 1, the data element provider cuts the data element block into 3 data element pieces.
Step 303: the source station server acquires data element fragments from a data element provider according to the identification of the data element blocks in the registration contract and the information of the data element provider; and determining the URL of the data element fragment according to the domain name of the source station server, and issuing the URL of the data element fragment to the block chain.
The identification of the data element block refers to the data block ID in table 1. The hosting service provider signs the URL of the data element fragment by using a private key of the hosting service provider, and confirms to host. For example, if the domain name of the hosting service is xyz. demo.com, then it can sign xyz. demo.com/u785-64a3-76bb-1234/01, indicating that a data element fragment with sequence number 1 can be hosted, and u785-64a3-76bb-1234 is a data block ID.
Step 304: the source site server sends the data element fragments to the edge data server.
Step 305: the client compiles the operation logic into a program block and sends a calculation request to the gateway; the calculation request comprises the following steps: identification of target data element blocks and program blocks.
Step 306: the gateway acquires the URL of a circuit pre-generation information provider and a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element block; acquiring circuit pre-generation information according to a circuit pre-generation information provider; generating a plurality of calculation tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; and distributing a plurality of computing tasks to the edge computing servers in the computing domain according to the load information of the edge computing servers in the computing domain.
The computing task comprises the following steps: the program block, circuitry pre-generates information and the URL of the target data element fragment.
In an actual application scenario, in order to ensure the integrity of data element fragments and ensure the smooth execution of privacy computation, a fragment tree check value may be further included in the registration contract, the gateway determines a root node value of a Merkle tree composed of the data element fragments, determines whether the data element fragments corresponding to the target data element block all exist according to the root node value of the Merkle tree and the fragment tree check value, if so, performs step 306, and otherwise, feeds back error information to the client to prompt that the client lacks the data element fragments. For the case where the number of data element fragments is not 2n, the auxiliary data element fragments providing full padding bits of 1 construct a Merkle tree.
The circuit pre-generation information provider may update the circuit pre-generation information according to a preset cycle.
Step 307: the edge computing server analyzes the URL of the target data element fragment through a DNS in the CDN; acquiring target data element fragments from an edge data server of the CDN according to an analysis result; carrying out privacy calculation according to the program block, the target data element fragment and the circuit pre-generated information to obtain a target result fragment; and sending the target result fragments to the gateway.
Step 308: and the gateway reconstructs the target result fragments into a result block and feeds the result block back to the client.
Step 309: and a control management module of the CDN manages the data element fragments in the edge data server according to the fragment management strategy.
The embodiment of the invention is based on the existing CDN framework, can provide the data element fragments cached in the edge data server for different clients to use, widens the circulation range of the data elements, and fully releases the value of the data elements.
Two, transparent mode
As shown in fig. 5, a data element privacy calculation method based on a block chain and a CDN includes:
step 501: the client compiles the operation logic into a program block and sends a calculation request to the gateway; the calculation request comprises the following steps: identification of target data element blocks and program blocks.
Step 502: the gateway acquires a circuit pre-generation information provider and URLs of a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element block; acquiring circuit pre-generation information according to a circuit pre-generation information provider; generating a plurality of calculation tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing a plurality of computing tasks to the edge computing servers and the clients in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: the program block, circuitry pre-generates information and the URL of the target data element fragment.
Step 503: the edge computing server and the client respectively execute: and analyzing the URL of the target data element fragment through a DNS in the CDN, acquiring the target data element fragment from an edge data server of the CDN according to an analysis result, and performing privacy calculation according to the program block, the target data element fragment and circuit pre-generated information to obtain a target result fragment.
Step 504: and the edge computing server sends the target result fragments to the client through the gateway.
Step 505: and the client reconstructs the target result fragments obtained by calculation and the target result fragments sent by the gateway into result blocks.
Unlike the proxy mode, in the transparent mode, the client participates in privacy computations and reconstructs the target result fragments into result blocks by the client. For the steps in which the transparent mode is the same as the proxy mode, the embodiment of the present invention is not described again.
In one embodiment of the invention, the method further comprises:
the data element provider divides the data element block into a plurality of data element fragments;
and the data element provider initiates a registration contract, and the registration contract is signed by the data element provider, the circuit pre-generation information provider and the hosting service party respectively and then is deployed in the blockchain.
In one embodiment of the invention, the method further comprises:
the source station server acquires data element fragments from a data element provider according to the identification of the data element blocks in the registration contract and the information of the data element provider; determining URLs of the data element fragments according to the domain name of the source station server, and issuing the URLs of the data element fragments to a block chain;
and the source station server sends the data element fragments to the edge data server, or the edge data server acquires the data element fragments from the source station server.
In one embodiment of the present invention, the registration contract further comprises: a fragmentation management policy and an identification of a key data element fragment;
a control management module of the CDN manages data element fragments in an edge data server according to a fragment management strategy;
wherein, the fragment management strategy comprises: any one or more of a limit on the number of copies of any data element shard, a threshold time of residence of a data element shard in an edge data server, a limit on the number of copies of any key data element shard, and a physical area in which a data element shard may be stored.
In one embodiment of the present invention, the registration contract further comprises: a secret sharing type;
the method further comprises the following steps: the client side divides the current data element block into n current data element fragments according to the secret sharing type; n is an integer greater than 1;
the calculation request also comprises: n-1 current data element fragments;
the computing task also comprises the following steps: current data element fragments;
performing privacy computation according to the program block, the target data element fragment and the circuit pre-generation information, and comprising:
and carrying out privacy calculation according to the program block, the target data element fragment, the current data element fragment and the circuit pre-generated information.
If the client side divides the current data element block into n current data element fragments, the number of the data element fragments submitted to the gateway is n in the proxy mode; in transparent mode, the number of fragments of data elements submitted to the gateway is n-1.
An embodiment of the present invention provides a data element privacy computing system based on a block chain and a CDN, where a structure of the system refers to fig. 4, and the system specifically includes: the system comprises a client, a gateway, an edge computing server and a CDN; the CDN comprises the following components: edge data servers and DNS;
the client is used for compiling the operation logic into a program block and sending a calculation request to the gateway; the calculation request comprises the following steps: an identification of a target data element block and a program block; analyzing the URL of the target data element fragment through a DNS in the CDN, acquiring the target data element fragment from an edge data server of the CDN according to an analysis result, and performing privacy calculation according to the program block, the target data element fragment and circuit pre-generated information to obtain a target result fragment; reconstructing the target result fragments obtained by calculation and the target result fragments sent by the gateway into result blocks;
the gateway is used for acquiring a circuit pre-generation information provider and URLs of a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element blocks; acquiring circuit pre-generation information according to a circuit pre-generation information provider; generating a plurality of calculation tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing a plurality of computing tasks to the edge computing servers and the clients in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: program blocks, circuit pre-generation information and URLs of target data element fragments;
the edge computing server is used for analyzing the URL of the target data element fragment through a DNS in the CDN, acquiring the target data element fragment from the edge data server of the CDN according to an analysis result, and performing privacy computing according to the program block, the target data element fragment and circuit pre-generated information to obtain a target result fragment; and sending the target result fragments to the client through the gateway.
Referring now to FIG. 6, a block diagram of a computer system 600 suitable for use with a terminal device implementing an embodiment of the invention is shown. The terminal device shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 6, the computer system 600 includes a Central Processing Unit (CPU) 601 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 602 or a program loaded from a storage section 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data necessary for the operation of the system 600 are also stored. The CPU 601, ROM 602, and RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
The following components are connected to the I/O interface 605: an input portion 606 including a keyboard, a mouse, and the like; an output portion 607 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 608 including a hard disk and the like; and a communication section 609 including a network interface card such as a LAN card, a modem, or the like. The communication section 609 performs communication processing via a network such as the internet. The driver 610 is also connected to the I/O interface 605 as needed. A removable medium 611 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 610 as necessary, so that a computer program read out therefrom is mounted in the storage section 608 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 609, and/or installed from the removable medium 611. The computer program performs the above-described functions defined in the system of the present invention when executed by the Central Processing Unit (CPU) 601.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules described in the embodiments of the present invention may be implemented by software or hardware. The described modules may also be provided in a processor, which may be described as: a processor includes a sending module, an obtaining module, a determining module, and a first processing module. The names of these modules do not form a limitation on the modules themselves in some cases, and for example, the sending module may also be described as a "module sending a picture acquisition request to a connected server".
The above-described embodiments should not be construed as limiting the scope of the invention. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may occur depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (12)

1. A data element privacy calculation method based on a block chain and a CDN is characterized by comprising the following steps:
the client compiles the operation logic into a program block and sends a calculation request to the gateway; the calculation request comprises: an identification of a target data element block and the program block;
the gateway acquires a circuit pre-generation information provider and URLs of a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element block; acquiring the circuit pre-generation information according to the circuit pre-generation information provider; generating a plurality of computing tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing the plurality of computing tasks to the edge computing servers in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: the program block, the circuit pre-generation information, and the URL of the target data element fragment;
the edge computing server analyzes the URL of the target data element fragment through a DNS in the CDN; acquiring the target data element fragments from an edge data server of the CDN according to an analysis result; carrying out privacy calculation according to the program block, the target data element fragments and the circuit pre-generated information to obtain target result fragments; sending the target result fragments to the gateway;
and the gateway reconstructs the target result fragments into a result block and feeds the result block back to the client.
2. The method of claim 1, further comprising:
the data element provider cuts the data element block into a plurality of data element fragments;
and the data element provider initiates a registration contract, and the registration contract is signed by the data element provider, a circuit pre-generation information provider and a hosting service party respectively and then is deployed in the block chain.
3. The method of claim 2, further comprising:
the source station server acquires the data element fragments from the data element provider according to the identification of the data element blocks in the registration contract and the information of the data element provider; determining the URLs of the data element fragments according to the domain name of the source station server, and issuing the URLs of the data element fragments to the block chain;
and the source station server sends the data element fragments to the edge data server, or the edge data server acquires the data element fragments from the source station server.
4. The method of claim 1,
the registration contract further comprises: a fragmentation management policy and an identification of a key data element fragment;
a control management module of the CDN manages data element fragments in the edge data server according to the fragment management strategy;
wherein the fragmentation management policy comprises: any one or more of a copy number limit for any of the data element shards, a time-to-live threshold for the data element shards in the edge data server, a copy number limit for any of the key data element shards, and a physical area in which the data element shards may be stored.
5. The method of any one of claims 1 to 4,
the registration contract further comprises: a secret sharing type;
the method further comprises the following steps: the client side divides the current data element block into a plurality of current data element fragments according to the secret sharing type;
the calculation request further comprises: the plurality of current data element shards;
the computing task further comprises: the current data element shard;
performing privacy calculations according to the program block, the target data element fragments and the circuit pre-generation information, including:
and carrying out privacy calculation according to the program block, the target data element fragment, the current data element fragment and the circuit pre-generated information.
6. A data element privacy calculation method based on a block chain and a CDN is characterized by comprising the following steps:
the client compiles the operation logic into a program block and sends a calculation request to the gateway; the calculation request comprises: an identification of a target data element block and the program block;
the gateway acquires a circuit pre-generation information provider and URLs of a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element block; acquiring the circuit pre-generation information according to the circuit pre-generation information provider; generating a plurality of computing tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing the plurality of computing tasks to the edge computing servers and the clients in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: the program block, the circuit pre-generation information, and the URL of the target data element fragment;
the edge computing server and the client respectively execute: analyzing the URL of the target data element fragment through a DNS in the CDN, acquiring the target data element fragment from an edge data server of the CDN according to an analysis result, and performing privacy calculation according to the program block, the target data element fragment and the circuit pre-generated information to obtain a target result fragment;
the edge computing server sends the target result fragments to the client through the gateway;
and the client reconstructs the target result fragments obtained by calculation and the target result fragments sent by the gateway into result blocks.
7. The method of claim 6, further comprising:
the data element provider cuts the data element block into a plurality of data element fragments;
and the data element provider initiates a registration contract, and the registration contract is signed by the data element provider, a circuit pre-generation information provider and a hosting service party respectively and then is deployed in the block chain.
8. The method of claim 7, further comprising:
the source station server acquires the data element fragments from the data element provider according to the identification of the data element blocks in the registration contract and the information of the data element provider; determining the URL of the data element fragment according to the domain name of the source station server, and issuing the URL of the data element fragment to the block chain;
and the source station server sends the data element fragments to the edge data server, or the edge data server acquires the data element fragments from the source station server.
9. The method of claim 6,
the registration contract further comprises: a fragmentation management policy and an identification of a key data element fragment;
a control management module of the CDN manages data element fragments in the edge data server according to the fragment management strategy;
wherein the fragmentation management policy comprises: any one or more of a copy number limit for any of the data element shards, a time-to-live threshold for the data element shards in the edge data server, a copy number limit for any of the key data element shards, and a physical area in which the data element shards may be stored.
10. The method of any one of claims 6-9,
the registration contract further comprises: a secret sharing type;
the method further comprises the following steps: the client side divides the current data element block into n current data element fragments according to the secret sharing type; n is an integer greater than 1;
the calculation request further comprises: n-1 current data element fragments;
the computing task further comprises: the current data element shard;
performing privacy calculations according to the program block, the target data element fragments and the circuit pre-generation information, including:
and carrying out privacy calculation according to the program block, the target data element fragment, the current data element fragment and the circuit pre-generated information.
11. A data element privacy computing system based on blockchains and CDNs, comprising: the system comprises a client, a gateway, an edge computing server and a CDN; the CDN comprises the following steps: edge data servers and DNS;
the client is used for compiling the operation logic into program blocks and sending a calculation request to the gateway; the calculation request comprises: an identification of a target data element block and the program block;
the gateway is used for acquiring a circuit pre-generation information provider and URLs of a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element block; acquiring the circuit pre-generation information according to the circuit pre-generation information provider; generating a plurality of computing tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing the plurality of computing tasks to the edge computing servers in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: the program block, the circuit pre-generation information, and the URL of the target data element fragment; reconstructing a plurality of target result fragments into a result block, and feeding back the result block to the client;
the edge computing server is used for analyzing the URL of the target data element fragment through a DNS in the CDN; acquiring the target data element fragments from an edge data server of the CDN according to an analysis result; carrying out privacy calculation according to the program block, the target data element fragment and the circuit pre-generated information to obtain the target result fragment; and sending the target result fragments to the gateway.
12. A data element privacy computing system based on blockchains and CDNs, comprising: the system comprises a client, a gateway, an edge computing server and a CDN; the CDN comprises the following steps: edge data servers and DNS;
the client is used for compiling the operation logic into program blocks and sending a calculation request to the gateway; the calculation request comprises: an identification of a target data element block and the program block; analyzing the URL of the target data element fragment through a DNS in the CDN, acquiring the target data element fragment from an edge data server of the CDN according to an analysis result, and performing privacy calculation according to the program block, the target data element fragment and circuit pre-generated information to obtain a target result fragment; reconstructing the target result fragments obtained by calculation and the target result fragments sent by the gateway into result blocks;
the gateway is used for acquiring URLs of the circuit pre-generation information provider and a plurality of target data element fragments from a registration contract which is deployed in a block chain in advance according to the identification of the target data element block; acquiring the circuit pre-generation information according to the circuit pre-generation information provider; generating a plurality of computing tasks according to the program blocks, the circuit pre-generation information and the URLs of the target data element fragments; distributing the plurality of computing tasks to the edge computing servers and the clients in the computing domain according to the load information of the edge computing servers in the computing domain; the computing task comprises the following steps: the program block, the circuit pre-generation information, and the URL of the target data element fragment;
the edge computing server is used for analyzing the URL of the target data element fragment through a DNS in the CDN, acquiring the target data element fragment from an edge data server of the CDN according to an analysis result, and performing privacy computation according to the program block, the target data element fragment and the circuit pre-generated information to obtain a target result fragment; and sending the target result fragments to the client through the gateway.
CN202211042936.1A 2022-08-29 2022-08-29 Data element privacy calculation method and system based on block chain and CDN Active CN115114668B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211042936.1A CN115114668B (en) 2022-08-29 2022-08-29 Data element privacy calculation method and system based on block chain and CDN

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211042936.1A CN115114668B (en) 2022-08-29 2022-08-29 Data element privacy calculation method and system based on block chain and CDN

Publications (2)

Publication Number Publication Date
CN115114668A true CN115114668A (en) 2022-09-27
CN115114668B CN115114668B (en) 2023-01-17

Family

ID=83336391

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211042936.1A Active CN115114668B (en) 2022-08-29 2022-08-29 Data element privacy calculation method and system based on block chain and CDN

Country Status (1)

Country Link
CN (1) CN115114668B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115955360A (en) * 2023-03-03 2023-04-11 蓝象智联(杭州)科技有限公司 Privacy calculation method based on resource virtual domain name, electronic equipment and storage medium
CN118093598A (en) * 2024-04-23 2024-05-28 中国科学技术大学 Data materialization method and system based on block chain technology

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109618174A (en) * 2018-12-11 2019-04-12 深圳市网心科技有限公司 A kind of live data transmission method, device, system and storage medium
CN112380570A (en) * 2020-05-24 2021-02-19 石高峰 Data analysis method applied to block chain and edge computing server
CN113239375A (en) * 2021-05-13 2021-08-10 杭州趣链科技有限公司 Block chain-based privacy factor data sharing system, method, computer device, and medium
CN113590328A (en) * 2021-08-02 2021-11-02 重庆大学 Block chain-based edge computing service interaction method and system
CN113709247A (en) * 2021-08-30 2021-11-26 北京知道创宇信息技术股份有限公司 Resource acquisition method, device, system, electronic equipment and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109618174A (en) * 2018-12-11 2019-04-12 深圳市网心科技有限公司 A kind of live data transmission method, device, system and storage medium
CN112380570A (en) * 2020-05-24 2021-02-19 石高峰 Data analysis method applied to block chain and edge computing server
CN113239375A (en) * 2021-05-13 2021-08-10 杭州趣链科技有限公司 Block chain-based privacy factor data sharing system, method, computer device, and medium
CN113590328A (en) * 2021-08-02 2021-11-02 重庆大学 Block chain-based edge computing service interaction method and system
CN113709247A (en) * 2021-08-30 2021-11-26 北京知道创宇信息技术股份有限公司 Resource acquisition method, device, system, electronic equipment and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115955360A (en) * 2023-03-03 2023-04-11 蓝象智联(杭州)科技有限公司 Privacy calculation method based on resource virtual domain name, electronic equipment and storage medium
CN118093598A (en) * 2024-04-23 2024-05-28 中国科学技术大学 Data materialization method and system based on block chain technology

Also Published As

Publication number Publication date
CN115114668B (en) 2023-01-17

Similar Documents

Publication Publication Date Title
CN115114668B (en) Data element privacy calculation method and system based on block chain and CDN
US20220239496A1 (en) Blockchain consensus method, device and system
JP7513359B2 (en) Secure federated method, system, and program for gradient descent
US20190173666A1 (en) Hierarchical blockchain consensus optimazation scheme
CN108390872B (en) Certificate management method, device, medium and electronic equipment
CN113657900A (en) Cross-chain transaction verification method and system and cross-chain transaction system
CN112416396B (en) Application program updating method and system
CN111950030A (en) Data sharing storage method based on block chain, terminal equipment and storage medium
US20100332599A1 (en) System, method, and computer program for solving mixed integer programs with peer-to-peer applications
CN111950032A (en) Block chain-based data storage method, terminal device and storage medium
US20190288931A1 (en) Object integrity verification in a content delivery network (cdn)
CN111629063A (en) Block chain based distributed file downloading method and electronic equipment
CN106101183A (en) The transfer method and apparatus of the source of returning request and time origin system
CN112181307A (en) Block chain based distributed data redundancy storage method and electronic equipment
CN113468580B (en) Multi-party collaborative signature method and system
US20150023498A1 (en) Byzantine fault tolerance and threshold coin tossing
CN111339206A (en) Data sharing method and device based on block chain
CN111984615B (en) File sharing method, device and system
CN112182112A (en) Block chain based distributed data dynamic storage method and electronic equipment
CN112182108A (en) Block chain based distributed data storage updating method and electronic equipment
CN111343220B (en) Repeater, distributed file transmission method, distributed file transmission system, medium and electronic equipment
CN109218339B (en) Request processing method and device
Mukherjee et al. A Secure Cloud Computing
CN113206738B (en) Digital certificate management method and device
CN113761585B (en) Data processing method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant