CN115269683A - Data query method and device based on multi-party cooperation - Google Patents
Data query method and device based on multi-party cooperation Download PDFInfo
- Publication number
- CN115269683A CN115269683A CN202210869396.8A CN202210869396A CN115269683A CN 115269683 A CN115269683 A CN 115269683A CN 202210869396 A CN202210869396 A CN 202210869396A CN 115269683 A CN115269683 A CN 115269683A
- Authority
- CN
- China
- Prior art keywords
- data
- query
- collaboration
- instantiation
- sub
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2458—Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
- G06F16/2471—Distributed queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
- G06F16/256—Integrating or interfacing systems involving database management systems in federated or virtual databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Data Mining & Analysis (AREA)
- Computer Security & Cryptography (AREA)
- Mathematical Physics (AREA)
- Finance (AREA)
- Accounting & Taxation (AREA)
- Economics (AREA)
- Strategic Management (AREA)
- Probability & Statistics with Applications (AREA)
- Computing Systems (AREA)
- Development Economics (AREA)
- Computational Linguistics (AREA)
- Marketing (AREA)
- Fuzzy Systems (AREA)
- Technology Law (AREA)
- General Business, Economics & Management (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
One or more embodiments of the present specification provide a data query method and apparatus based on multi-party collaboration. The method comprises the following steps: acquiring a data query request aiming at a virtual data set input by a user; analyzing the data query request to obtain at least one sub-operation related to the data query request; selecting at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library related to the privacy computation, and generating a query process corresponding to the data query request based on the at least one instantiation operator; and creating an intelligent contract containing query logic corresponding to the query flow, and deploying the created intelligent contract into a blockchain network interfaced with the data collaboration platform for the user to call.
Description
Technical Field
Embodiments of the present disclosure relate to the field of block chaining technology, and in particular, to a data query method and apparatus based on multi-party collaboration.
Background
Privacy computing (Privacy computing) refers to a technology for realizing data analysis and computation on the premise of protecting data from being leaked outside. For example, currently mainstream privacy computing technologies may generally include FL (federal Learning) technology, MPC (Multi-party Secure computing) technology, TEE (Trusted execution Environment) technology, and the like. In practical applications, data participating in privacy calculation may come from a plurality of different data sources, and therefore, how to perform privacy calculation by using data of the plurality of different data sources is a long-standing focus in the industry.
Disclosure of Invention
The specification provides a data query method based on multi-party collaboration, wherein a data collaboration platform based on a block chain is connected with a plurality of collaboration participants; the method is applied to a server corresponding to any target collaboration party in the multiple collaboration parties; the method comprises the following steps:
acquiring a data query request aiming at a virtual data set input by a user; the virtual data set is obtained by the data cooperation platform performing data virtualization processing on data which are respectively maintained by the cooperation participants and used for participating in privacy calculation;
analyzing the data query request to obtain at least one sub-operation related to the data query request;
selecting at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library related to the privacy computation, and generating a query process corresponding to the data query request based on the at least one instantiation operator;
and creating an intelligent contract containing query logic corresponding to the query flow, and deploying the created intelligent contract into a blockchain network interfaced with the data collaboration platform for the user to call.
The specification also provides a data query method based on multi-party collaboration, which is applied to a data collaboration platform based on a block chain; wherein the data collaboration platform interfaces with a plurality of collaboration participants; the method comprises the following steps:
acquiring a data query request aiming at a virtual data set, which is uploaded by a server corresponding to any target cooperation party in the plurality of cooperation parties and input by a user; the virtual data set is obtained by the data cooperation platform performing data virtualization processing on data which are respectively maintained by the cooperation participants and used for participating in privacy calculation;
analyzing the data query request to obtain at least one sub-operation related to the data query request;
selecting at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library related to the privacy computation, and generating a query process corresponding to the data query request based on the at least one instantiation operator;
and creating an intelligent contract containing query logic corresponding to the query flow, and deploying the created intelligent contract into a blockchain network interfaced with the data collaboration platform for the user to call.
The present specification further provides a data query apparatus based on multi-party collaboration, in which a data collaboration platform based on a block chain interfaces a plurality of collaboration participants; the method is applied to a server corresponding to any target collaboration party in the multiple collaboration parties; the device comprises:
the first acquisition module is used for acquiring a data query request aiming at the virtual data set, which is input by a user; the virtual data set is obtained by the data cooperation platform performing data virtualization processing on data which are respectively maintained by the cooperation participants and used for participating in privacy calculation;
the first analysis module is used for analyzing the data query request to obtain at least one sub-operation related to the data query request;
the first generation module is used for selecting at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library related to the privacy calculation and generating a query process corresponding to the data query request based on the at least one instantiation operator;
and the first deployment module is used for creating an intelligent contract containing query logic corresponding to the query process and deploying the created intelligent contract into a blockchain network in butt joint with the data collaboration platform so as to be called by the user.
The specification also provides a data query device based on multi-party collaboration, which is applied to a data collaboration platform based on a block chain; wherein the data collaboration platform interfaces a plurality of collaboration participants; the device comprises:
the second acquisition module is used for acquiring a data query request which is uploaded by a server corresponding to any target collaboration party and is input by a user aiming at the virtual data set, wherein the data query request is accessed to any target collaboration party in the multiple collaboration parties; the virtual data set is obtained by the data cooperation platform performing data virtualization processing on data which are respectively maintained by the cooperation participants and used for participating in privacy calculation;
the second analysis module is used for analyzing the data query request to obtain at least one sub-operation related to the data query request;
the second generation module is used for selecting at least one instantiation operator corresponding to the at least one sub-operation from the instantiation operator library related to the privacy calculation and generating a query process corresponding to the data query request based on the at least one instantiation operator;
and the second deployment module is used for creating an intelligent contract containing query logic corresponding to the query process and deploying the created intelligent contract into a blockchain network in butt joint with the data cooperation platform so as to be called by the user.
In the technical solutions above in this specification, not only can the complexity of using data be reduced when privacy calculation is performed on data from multiple data sources, but also the process of using data can be made more transparent and credible and is convenient for tracing. Moreover, because a user can customize data query requirements from a global data perspective on the basis of a virtual data set obtained by performing virtual machine processing on data of a plurality of data sources, and can plan different data privacy query processes according to different data query requirements of the user based on the privacy computing capacity of the data collaboration platform, different data privacy query scenarios can be flexibly adapted, so that the data collaboration platform can activate more data use scenarios.
Drawings
FIG. 1 is a system architecture diagram of a data collaboration platform shown in an exemplary embodiment of the present description.
FIG. 2 is a flow diagram illustrating a multi-party collaboration based data query method in accordance with an exemplary embodiment.
FIG. 3 is a schematic diagram illustrating a virtualization process for data maintained by multiple collaboration participants in accordance with an exemplary embodiment.
FIG. 4 is a flow chart illustrating another multi-party collaboration based data query method in accordance with an exemplary embodiment of the present specification.
Fig. 5 is a schematic block diagram of an electronic device according to an exemplary embodiment.
FIG. 6 is a block diagram illustrating a multi-party collaboration based data querying device in accordance with an exemplary embodiment of the present specification.
FIG. 7 is a block diagram illustrating another multi-party collaboration based data querying device in accordance with an exemplary embodiment.
Detailed Description
In order to make those skilled in the art better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only a part of the embodiments of the present specification, and not all of the embodiments. All other embodiments obtained by a person skilled in the art based on the embodiments in the present specification without any inventive step should fall within the scope of protection of the present specification.
It should be noted that: in other embodiments, the steps of the corresponding methods are not necessarily performed in the order shown and described in this specification. In some other embodiments, the methods may include more or fewer steps than those described herein. Moreover, a single step described in this specification may be broken down into multiple steps in other embodiments; multiple steps described in this specification may be combined into a single step in other embodiments.
In a scenario of performing privacy computation on data from a plurality of different data sources, in order to break an information island between the data sources and achieve sufficient data fusion, a centralized data collaboration platform is usually built. The centralized data collaboration platform is generally responsible for scheduling and managing data of each data source. When privacy calculation is required to be performed on data from a plurality of different data sources, the data collaboration platform can query the data from the different data sources respectively, and perform privacy calculation processing on the queried data based on the privacy calculation capability of the data collaboration platform.
However, in practical applications, different data sources often have different security requirements for the use of the data they maintain; for example, some data sources may prohibit the data from being exported to the data domain for use, or disallow the data maintained by the data sources to be aggregated with the data maintained by other data sources for use, for privacy protection, and so on.
This difference in security requirements for data from different data sources may derive a large number of scenarios for data queries and privacy calculations. Therefore, how to flexibly adapt to the scenes of the data query and the privacy calculation is of great significance for the data collaboration platform.
Based on this, the present specification proposes a technical solution that, in a scenario where privacy computation is performed on data maintained on the basis of multiple data sources, a user can customize a data query requirement from a global data perspective, and flexibly plan a data query flow corresponding to the data query requirement customized by the user on the basis of the privacy computation capability of the data collaboration platform itself.
When the method is implemented, a data cooperation platform based on the block chain can be built, and the data cooperation platform can be used for docking a plurality of cooperation participants. Where each collaboration participant may maintain data for participating in privacy calculations. The data cooperation platform can perform data virtualization processing on data maintained by each cooperation participant based on a data virtualization technology to obtain a virtual data set.
For any target collaboration participant in the multiple collaboration participants, a user accessing a server corresponding to the target collaboration participant may input a data query request for the virtual data set. After the server corresponding to the target party participant acquires the data query request, the server can analyze the data query request to obtain at least one sub-operation related to the data query request; and selecting at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library which is managed by the data cooperation platform and is related to privacy calculation, and generating a query process corresponding to the data query request based on the at least one instantiation operator.
Finally, an intelligent contract may be created that includes query logic corresponding to the query flow, and the created intelligent contract may be deployed into a blockchain network that interfaces with the data collaboration platform. Subsequently, the user can complete the query process corresponding to the data query request by calling the intelligent contract.
In the technical scheme, the data use complexity can be reduced when privacy calculation is carried out on data from a plurality of data sources, and the data use process can be more transparent and credible and is convenient to trace.
Moreover, because a user can customize data query requirements from a global data perspective on the basis of a virtual data set obtained by performing virtualization processing on data of a plurality of data sources, and can plan different data privacy query processes according to different data query requirements of the user on the basis of privacy computing capacity of the data collaboration platform, different data privacy query scenarios can be flexibly adapted, so that the data collaboration platform can activate more data use scenarios.
Referring to fig. 1, fig. 1 is a system architecture diagram of a data collaboration platform shown in an exemplary embodiment of the present description.
As shown in fig. 1, the data collaboration platform, which may be specifically a privacy collaboration platform based on a blockchain, may interface a blockchain network and a plurality of collaboration participants (i.e., a plurality of data sources). The data collaboration platform can perform computation scheduling on data maintained by the multiple collaboration participants, and completes privacy computation from a global data perspective.
For example, on the premise of meeting the security requirements of each cooperative participant on data, the data maintained by each cooperative participant is taken as a whole for privacy calculation.
A data set and a computation result set may be maintained separately for each collaboration participant. The data set is used for storing data participating in privacy calculation. And the calculation result set is used for storing calculation results obtained by performing privacy calculation on the data in the data set. The calculation result may be specifically an intermediate calculation result or a final calculation result.
It should be noted that, the data set and the calculation result set may be specifically a database. For different cooperative participants, the adopted databases may be homogeneous databases or heterogeneous databases, and are not particularly limited in this specification.
In addition to the data set and the computation result set, each cooperative participant can carry a plurality of instantiation operators and functional components related to privacy computation.
As shown in fig. 1, instantiation operators carried by the respective collaboration participants and related to privacy computation may specifically include MPC-based instantiation operators, TEE-based instantiation operators, and TL-based instantiation operators, and so on. Each instantiation operator corresponds to a computing operation or a computing function realized based on a specific privacy computing technology. And for a specific computing operation or computing function, the method can correspond to various instantiation operators realized based on various privacy computing technologies.
For example, taking the calculation function to be implemented as the intersection calculation as an example, the instantiation operator corresponding to the intersection calculation function may specifically include an instantiation operator for the intersection calculation based on MPC, an instantiation operator for the intersection calculation based on TEE, and the like. That is, for the intersection calculation function, two instantiation operators can be implemented based on the MPC technique and the TEE technique, respectively.
As shown in fig. 1, the functional components carried by each collaboration participant may specifically include the following:
and the data query analysis component is used for analyzing the data query request input by the user, acquiring the data query requirement expressed by the data query request, and analyzing the data query request into at least one sub-operation related to the data query. For example, in an actual application, the data query request may specifically be a data query statement (such as an SQL statement), and the data query parsing component is configured to parse the data query statement to obtain a syntax tree of the data query statement, and then clarify a query requirement of a user based on a syntax structure described by the obtained syntax tree, and convert the query requirement of the user into at least one sub-operation related to data query.
And the data query planning component is used for planning a basic query flow corresponding to the data query request according to the at least one sub-operation analyzed by the data query analysis component.
And the application execution planning component is used for selecting at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library managed by the data collaboration platform, and planning an instantiation query flow corresponding to the basic query flow based on the at least one instantiation operator. At this time, the instantiated query process is a specific data collaboration application for querying data, which is formulated based on the data query requirement expressed by the data query request input by the user.
And the application contract management component is used for generating an execution code related to the query logic corresponding to the instantiated query process, compiling the generated execution code into an intelligent contract code, and deploying an intelligent contract containing the intelligent contract code in a block chain network in butt joint with the data cooperation platform.
And the execution scheduling component is used for interacting with the intelligent contract, and further scheduling a local instantiation operator by monitoring the calling result of the intelligent contract stored on the block chain to complete related privacy calculation.
It should be noted that, the above-mentioned functional components are only schematic, and in practical applications, some components may be integrated based on actual needs, or some components may be further separated, which is not particularly limited in this specification.
It should be further noted that, in addition to the execution scheduling component, other components of the above-described functional components may be distributed and deployed on each collaboration party by the data collaboration platform (fig. 1 shows that such distributed and deployed on each collaboration party is the case of being distributed and deployed on each collaboration party), or may be centrally deployed on the data collaboration platform, which is not particularly limited in this specification. For example, it may be centrally deployed on a blockchain service platform (not shown in fig. 1) that manages the blockchain network described above.
With continued reference to fig. 1, each collaboration participant may also provide an application execution client to the user.
The application execution client is specifically used for providing access service of a data collaboration platform for a user, and the user can initiate contract calling for the intelligent contract through the application execution client and query a calling result of the intelligent contract through the application execution client.
Referring to fig. 2, fig. 2 is a flowchart illustrating a data query method based on multi-party collaboration according to an exemplary embodiment, where the method may be applied to a server corresponding to any target collaboration party in a plurality of collaboration parties shown in fig. 1; the method comprises the following steps:
the cooperation participants can specifically access a data provider of the data cooperation platform. For example, in an example, the plurality of collaborative participants may specifically include a plurality of data centers distributed in different regions.
Each collaboration participant may separately maintain a collection of data locally thereof for participating in privacy calculations. In order to break through information islands among the cooperation participants, the data cooperation platform can perform data virtualization processing on data sets respectively maintained by the cooperation participants based on a data virtualization technology.
The data virtualization technology is a technology for mapping physical data maintained by a plurality of data sources into virtual data at a logical level, and further integrating the physical data maintained by the plurality of data sources into a logical virtual data set (also called a logical view) for use by an upper layer application. By performing data virtualization processing on the data sets maintained by the cooperation participants, the data sets maintained by the cooperation participants can be integrated into a virtual data set for a user to use.
Here, mapping physical data maintained by a plurality of data sources into virtual data generally refers to a process of mapping physical data attributes included in the physical data into virtual data attributes. When mapping physical data attributes included in physical data into virtual data attributes, one physical data attribute included in the physical data may be mapped into one corresponding virtual data attribute in a one-to-one mapping manner, or a plurality of physical data attributes included in the physical data may be mapped into one corresponding virtual data attribute in a many-to-one mapping manner.
For example, referring to fig. 3, fig. 3 is a schematic diagram illustrating an exemplary embodiment of the present disclosure for performing data virtualization processing on data maintained by multiple collaboration participants.
As shown in FIG. 3, assume that the data stored in data set 1 maintained by collaboration participant 1 includes attributes 1-3, the data stored in data set 2 maintained by collaboration participant 2 includes attributes 4-7, and the data stored in data set 3 maintained by collaboration participant 3 includes attributes 8-11. Where each attribute may represent a field in the data table. The virtual data table obtained by performing data virtualization processing on the data stored in the data sets 1 to 3 may include attributes a to F.
As can be seen from the data virtualization processing method shown in fig. 3, the attribute 1 in the data set 1, the attribute 4 in the data set 2, and the attribute 8 in the data set 3 are mapped to the attribute a in the virtual data table in a many-to-one mapping manner; the attribute 2 in the data set 1, the attribute 5 in the data set 2 and the attribute 9 in the data set 3 are mapped into the attribute B in the virtual data table in a many-to-one mapping mode; the attribute 3 in the data set 1 and the attribute 6 in the data set 2 are mapped into the attribute C in the virtual data table in a many-to-one mapping manner. The attribute 10 in the data set 3 is mapped into an attribute D in the virtual data table in a one-to-one mapping manner; the attribute 7 in the data set 2 is mapped into an attribute E in the virtual data table in a one-to-one mapping mode; the attributes 11 in the data set 3 are mapped into the attributes F in the virtual data table in a one-to-one mapping manner.
It should be emphasized that the data mapping manner shown in fig. 3 is merely exemplary, and in practical applications, the data mapping manner adopted when performing data virtualization on data maintained by multiple collaboration participants generally depends on the data semantics of the data itself, and is not particularly limited in this specification; for example, when data mapping is performed, if data semantics of a plurality of data fields distributed in different collaboration participants are related, a manner of mapping the plurality of data fields into one virtual data attribute may be adopted.
After the data virtualization processing is completed for the data set maintained by each cooperation party, the obtained virtual data table can be issued to each cooperation party, and each cooperation party further takes the virtual data table as a data view capable of globally reflecting the data condition maintained by each cooperation party and outputs and displays the data view to a user.
When a user accessing the target cooperation party through the client has a data query requirement, the data query can be initiated in a global data view by inputting a data query request aiming at the virtual data table through the client.
The data query request is specifically used for expressing a data query requirement of a user to a data collaboration platform, and a specific form of the data query request is not particularly limited in this specification. For example, in an example, the data query request may specifically be a data query statement (such as an SQL statement) input by a user.
in practical applications, a data query operation performed by a user on the virtual data set is usually a complete query flow composed of at least one sub-operation.
For example, the virtual data set is a user information table storing personal information of a user, and the information table includes a gender field and an age field. If the data query requirement of the user for the user information table is "query the average value of the age data of the male user stored in the user information table", then at this time, the data query operation of the user for the virtual data set is a query flow composed of "query sub-operation for the user information of the male user in the user information table", "filtering calculation sub-operation for the age data in the user information of the male user in the user information table", and "average value calculation sub-operation for the filtered age data".
After the server corresponding to the target cooperation party obtains the data query request input by the user through the client, the server can analyze the data query request to clarify the data query requirement of the user for the virtual data set, and further analyze the data query request into at least one sub-operation related to data query.
For example, please continue to refer to fig. 1, after the server corresponding to the target collaboration party obtains the data query request input by the user through the client, the server may call the data query parsing component described in fig. 1 to parse the data query request.
The specific process of parsing the data query request generally depends on the specific form of the data query request.
For example, in the illustrated embodiment, the data query request may specifically be a data query statement. For a data query statement, the data query requirement of a user is usually organized and expressed by a certain syntactic structure. In this case, syntax parsing may be performed on the data query statement to obtain a syntax tree corresponding to the data query statement. Wherein, the syntax tree is generally used to describe the syntax structure of the data query statement. After the syntax tree is obtained through syntax parsing, the data query requirement of the user can be clarified based on the syntax structure described in the syntax tree, and at least one sub-operation related to the data query statement is determined.
It should be noted that, the detailed process of parsing the data query statement is not described in detail in this specification, and those skilled in the art may refer to the description in the related art when implementing the technical solution described in this specification. For example, the data query statement may be parsed using a general parsing engine.
In an embodiment shown, the data query request may specifically be a request message for data query. For a request message for data query, the data query requirement of a user is usually organized and expressed through a certain message format. In this case, the message format analysis may be performed on the request message to clarify the data query requirement of the user and determine at least one sub-operation related to the request message.
It should be noted that, a detailed process of analyzing the message format of the request message is not described in detail in this specification, and those skilled in the art may refer to the description in the related art when implementing the technical solution described in this specification. For example, the request message may be subjected to message format analysis by using some common message analysis tools or protocols.
In this specification, the data query request may specifically be a request for performing data query only on the virtual data in the virtual data set, or may be a request for performing data query calculation on the virtual data in the virtual data set.
In one embodiment, if the data query request is a request for performing data query only on the virtual data in the virtual data set, the at least one sub-operation generally includes only at least one query sub-operation for the virtual data in the virtual data set.
For example, still taking the above-mentioned virtual data set as a user information table storing personal information of users as an example, such a data query request may be a data query request such as "query a male user stored in the user information table". In this case, the at least one sub-operation generally includes only at least one "query sub-operation for the user information of the male user in the user information table".
It should be noted that, since the plurality of virtual data fields included in the virtual data set are obtained by mapping and integrating the physical data fields included in the physical data maintained by each collaboration party, the data contents corresponding to the plurality of virtual data fields are actually maintained by different collaboration parties. In this case, the at least one sub-operation may generally include at least one query sub-operation for querying data contents corresponding to the plurality of virtual data fields from data maintained by different collaboration participants.
In an embodiment shown, if the data query request is a request for performing data query computation on the virtual data in the virtual data set, in this case, the at least one sub-operation, at least one computation sub-operation for performing computation on the queried data may be further included.
For example, still taking the above virtual data set as the user information table storing the personal information of the user as an example, such a data query request may be the data query request of "querying the average value of the age data of the male user stored in the user information table" described above. In this case, the above-mentioned at least one sub-operation may include, in addition to the "query sub-operation for the user information of the male user in the user information table", a "filtering calculation sub-operation for the age data in the user information of the male user in the user information table", and a "mean value calculation sub-operation for the filtered age data".
It should be noted that the kind of the at least one computing sub-operation related to the data query request input by the user generally depends on the private computing capability of the data collaboration platform itself, and is not particularly limited in this specification.
For example, in practical applications, the at least one computation sub-operation may generally include a sub-operation of performing intersection computation on data; a sub-operation of filtering computation on the data; the sub-operations of statistical calculation on the data, etc., are not listed in this specification.
it should be noted that the operator described in this specification refers to various calculation operations/calculation functions involved in performing privacy calculation on data maintained by each cooperative participant. That is, any one of the calculation operations/calculation functions involved in the process of performing the privacy calculation on the data maintained by each cooperative participant may be referred to as an operator.
The instantiation operator refers to a calculation function or a calculation operation implemented based on a specific privacy calculation technology. For example, currently mainstream privacy computing technologies can generally include FL technology, MPC technology, TEE technology, and the like, and thus the instantiation operators in the instantiation operator library can include instantiation operators implemented based on FL technology, instantiation operators implemented based on MPC technology, operators implemented based on TEE technology, and the like.
In practical application, the private computing capacity of the data collaboration platform is usually determined by an instantiated operator library managed by the data collaboration platform, and the richer the types of instantiated operators contained in the instantiated operator library, the stronger the private computing capacity of the data collaboration platform itself is.
In an illustrated embodiment, the instantiation operator in the instantiation operator library managed by the data collaboration platform may specifically be an operator implemented based on a privacy computing technology supported by the data collaboration platform, and may further include an operator implemented based on a privacy computing technology supported by each collaboration participant. In this way, the data collaboration platform can cover the private computing power of each collaboration participant who is accessed.
After parsing the data query request into at least one sub-operation, the server corresponding to the target collaboration participant may select at least one instantiation operator corresponding to the at least one sub-operation from the instantiation operator library managed by the server, and generate a query process corresponding to the data query request based on the selected at least one instantiation operator.
In an embodiment shown, the data collaboration platform may be specifically configured to deploy, on a server corresponding to the multiple collaboration participants, a flow planning component in a distributed manner, where the flow planning component is specifically configured to select, from the managed instantiated operator library, at least one instantiated operator corresponding to the at least one sub-operation, and generate a query flow corresponding to the data query request based on the selected instantiated operator. The instantiated operator library managed by the data collaboration platform may be specifically issued to the server corresponding to each collaboration party, and maintained by each collaboration party. In this case, after parsing the data query request into at least one sub-operation, the server corresponding to the target collaboration participant may invoke the flow planning component, select at least one instantiation operator corresponding to the at least one sub-operation from a locally maintained instantiation operator library associated with the privacy computation, and generate a query flow corresponding to the data query request based on the at least one instantiation operator.
For example, continuing to refer to fig. 1, the flow planning component may specifically include the data query planning component and the application execution planning component shown in fig. 1, in which case, after the server corresponding to the target collaboration party parses the data query request into at least one sub-operation, the server may first invoke the data query planning component, and plan a basic query flow corresponding to the data query request according to the parsed at least one sub-operation. And then calling the application execution planning component, selecting at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library managed by the data cooperation platform, and planning an instantiation query flow corresponding to the basic query flow based on the at least one instantiation operator. At this time, the instantiation query process is a specific data collaboration application for querying data, which is formulated based on the data query requirement expressed by the data query request input by the user.
It should be noted that, in practical applications, different data sources generally have different security requirements for the use of the data maintained by the data sources; for example, some data sources may prohibit the data from being exported to the data domain for use, or disallow the data maintained by the data sources to be aggregated with the data maintained by other data sources for use, for privacy protection, and so on. Therefore, in order to ensure that the selected instantiation operator can meet the security requirement of each collaboration participant on the data use, the appropriate instantiation operator can be selected from the instantiation operator library by referring to the security requirement of each collaboration participant on the data use.
In an embodiment shown in the present disclosure, when selecting at least one instantiation operator corresponding to the at least one sub-operation from the instantiation operator library, the data security requirement of the data maintained by each collaboration participant for the instantiation operator may be obtained, and then at least one instantiation operator corresponding to the at least one sub-operation, which meets the data security requirement, is selected from the instantiation operator library.
By the method, the data collaboration platform can automatically select the instantiation operator which can meet the data use safety requirements of all the collaboration participants for the user on the basis of the data query requirements of the user on the premise that the user does not know the data use safety requirements of all the collaboration participants, and therefore the condition that the data query fails due to the fact that the user does not know the data use safety requirements of all the collaboration participants and the data query does not meet the safety requirements can be avoided.
The data security policy configured by each cooperation party for the data maintained by each cooperation party can reflect the security requirement of each cooperation party on the data use to some extent; therefore, when the data security requirement of each collaboration party for the data maintained by the collaboration party is obtained, the data security policy configured by each collaboration party for the data maintained by the collaboration party may be specifically obtained first, and after the data security policy configured by each collaboration party for the data maintained by the collaboration party is obtained, the data security requirement of each collaboration party for the data maintained by the collaboration party may be further determined based on the data security policy.
The specific content of the data security policy configured by each cooperative party for the data maintained by each cooperative party generally depends on the specific security requirement of each cooperative party for the data usage, and therefore, no specific limitation is made in this specification.
In an embodiment, the data security policy may specifically include one or more of the following combinations:
a security level configured for the data;
a security protection level configured for the data;
data trust relationships with other collaboration participants;
corresponding to the above data security policy, the security requirements of each cooperative participant on the data usage may specifically include one or more of the following combinations:
determining whether to allow data to be exported based on the security level;
determining whether to allow the security requirement of data desensitization processing on the data and the privacy calculation result aiming at the data based on the security protection level;
and determining whether to allow the data to be aggregated with the data maintained by other cooperative participants based on the data trust relationship.
In one embodiment shown, instantiated operator libraries contained in the instantiated operator library may also be configured with corresponding data security requirements. The data security requirement configured for the instantiation operator library is specifically used for indicating the data security requirement which can be met by the instantiation operator.
In this case, when at least one instantiation operator corresponding to the at least one sub-operation that meets the data security requirement is selected from the instantiation operator library, at least one instantiation operator corresponding to the at least one sub-operation may be specifically searched in the instantiation operator library; the instantiation operators found at this time may not meet the security requirement. Then, the data security requirement of each cooperation participant for the data maintained by the cooperation participant can be matched with the data security requirement corresponding to the found instantiation operator; then, based on the matching result, an instantiation operator matching the data security requirement of the data maintained by each cooperative participant can be further selected from the instantiation operators.
It should be noted that, as described above, the instantiation operators in the instantiation operator library may generally include an instantiation operator implemented based on the FL technique, an instantiation operator implemented based on the MPC technique, an operator implemented based on the TEE technique, and the like, but the instantiation operator implemented based on the FL technique is generally not applicable to the data query scenario. Therefore, in the present specification, the instantiation operator corresponding to the at least one sub-operation may specifically include an instantiation operator implemented based on TEE and an instantiation operator implemented based on MPC.
For example, the instantiation operator corresponding to the at least one sub-operation may specifically include an instantiation operator implemented based on TEE for performing privacy query or privacy query calculation, and an instantiation operator implemented based on MPC for performing privacy query or privacy query calculation.
In an embodiment shown, when the query process corresponding to the data query request is generated based on the at least one instantiation operator, a plurality of query processes may be generated based on the at least one instantiation operator, and then the plurality of query processes are output and displayed to a user, so that the user selects an optimal query process corresponding to the data query request from the plurality of query processes. Of course, in practical applications, an optimal query flow may be generated based on the instantiation operator by default.
And 208, creating an intelligent contract containing query logic corresponding to the query process, and deploying the created intelligent contract into a blockchain network in butt joint with the data collaboration platform for the user to call.
After the server corresponding to the target collaboration participant generates a query process corresponding to the data query request based on the at least one instantiation operator, the query process may be further compiled into an intelligent contract form and deployed in a blockchain network interfaced with the data collaboration platform.
For example, in one example, the server may automatically generate an execution code related to the query logic corresponding to the query process, and compile the generated execution code into an intelligent contract code; then, an intelligent contract comprising the intelligent contract code is deployed in a blockchain network that interfaces with the data collaboration platform. The specific process of deploying the intelligent contracts is not detailed in the specification. For example, in a real application, the intelligent contract creation transaction is published into the blockchain network by packaging an intelligent contract creation transaction based on the intelligent contract code. And the node equipment in the blockchain network can perform consensus check on the intelligent contract creation transaction, execute the intelligent contract calling transaction after the consensus check is passed, create an intelligent contract account in the blockchain, and anchor the intelligent contract code to the intelligent contract account to complete the creation of the intelligent contract.
In an illustrated embodiment, the data collaboration platform may specifically deploy, on the servers corresponding to the multiple collaboration participants, an intelligent contract management component in a distributed manner, where the intelligent contract management component may specifically be configured to generate execution code related to query logic corresponding to the query process, compile the generated execution code into intelligent contract code, and deploy an intelligent contract containing the intelligent contract code in a block chain network interfacing with the data collaboration platform.
In this case, after the server corresponding to the target collaboration participant generates the query flow corresponding to the data query request based on the at least one instantiation operator, the server may invoke the intelligent contract management component to generate an execution code related to the query logic corresponding to the query flow, compile the generated execution code into an intelligent contract code, and deploy an intelligent contract containing the intelligent contract code in a blockchain network interfacing with the data collaboration platform.
For example, continuing to refer to fig. 1, the intelligent contract management component may specifically include the application contract management component shown in fig. 1, in which case, after the server corresponding to the target collaboration participant generates a query flow corresponding to the data query request based on the at least one instantiation operator, the application contract management component may be invoked to generate an execution code related to query logic corresponding to the query flow, compile the generated execution code into an intelligent contract code, and deploy an intelligent contract including the intelligent contract code in a blockchain network interfacing with the data collaboration platform.
In this specification, when the intelligent contract deployment is completed, a user may initiate a contract invocation for the intelligent contract through a client to complete a data query for the virtual data set.
For example, with continued reference to fig. 1, when the intelligent contract deployment is completed, a user may initiate a contract invocation for the intelligent contract through the application execution client shown in fig. 1, and query the invocation result of the intelligent contract through the application execution client.
Referring to FIG. 4, FIG. 4 is a flow chart illustrating a data query method based on multi-party collaboration according to an exemplary embodiment, which may be applied to the data collaboration platform shown in FIG. 1; for example, the data collaboration platform may specifically be a blockchain service platform for managing the blockchain network; for example, a BaaS (block chain as a Service) platform; the method comprises the following steps:
when a user accessing the target cooperation party through a client has a data query requirement, the data query can be initiated in a global data view by inputting a data query request aiming at the virtual data table through the client. After the server corresponding to the target cooperation party obtains the data query request input by the user through the client, the data query request can be uploaded to the data cooperation platform, and the data cooperation platform performs centralized processing.
After receiving the data query request uploaded by the target collaboration party, the data collaboration platform may execute execution logic shown in steps 404 to 408 to perform centralized processing on the data query request, and specific implementation details refer to the description of the embodiment shown in fig. 2, which is not described in detail in this specification.
In the technical scheme, the data use complexity can be reduced when privacy calculation is carried out on data from a plurality of data sources, and the data use process can be more transparent and credible and is convenient to trace.
For example, by using a data virtualization processing technology, data maintained by each cooperation party is subjected to data virtualization processing to obtain a virtual data set, so that not only can full data fusion of multiple data sources be realized, but also a user can use data from a global data perspective on the basis of the virtual data set without needing the data storage condition of the data in each cooperation party, and therefore, the complexity of data use can be remarkably reduced. The generated query process is deployed in the block chain in the form of the intelligent contract and is called by the user, so that the characteristics of the intelligent contract can be fully utilized, and each query is transparent and credible and is convenient to trace.
Moreover, because a user can customize data query requirements from a global data perspective on the basis of a virtual data set obtained by performing virtual machine processing on data of a plurality of data sources, and can plan different data privacy query processes according to different data query requirements of the user based on the privacy computing capacity of the data collaboration platform, different data privacy query scenarios can be flexibly adapted, so that the data collaboration platform can activate more data use scenarios. For example, different data sources typically have different security requirements for the use of the data they maintain. As for the user side with data use requirement, the security requirement of each data source for the use of data is not generally known, which may cause the situation that the data use requirement of the user does not meet the security requirement of one or more data sources for the use of data when the user queries and uses data of multiple data sources from the global data perspective. According to the technical scheme, the data query requirements of the user can be flexibly adapted based on the privacy computing capability of the data collaboration platform, and for the data collaboration platform, the adaptation capability of the data collaboration platform to the data use scene can be obviously improved, so that it is possible for the data assistance platform to customize a query flow which meets the safety requirements of each data source on the use of data for the data query requirements of the user.
The present specification also provides embodiments of an apparatus, an electronic device, and a storage medium, corresponding to embodiments of the foregoing method.
Fig. 5 is a schematic block diagram of an electronic device according to an exemplary embodiment. Referring to fig. 5, at the hardware level, the apparatus includes a processor 502, an internal bus 504, a network interface 506, a memory 508 and a non-volatile memory 510, but may also include hardware required for other services. One or more embodiments of the present description may be implemented in software, such as by processor 502 reading corresponding computer programs from non-volatile storage 510 into memory 508 and then running. Of course, besides software implementation, the one or more embodiments in this specification do not exclude other implementations, such as logic devices or combinations of software and hardware, and so on, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or logic devices.
Fig. 6 is a block diagram of a data query device based on multi-party collaboration according to an exemplary embodiment, which may be applied to the electronic device shown in fig. 5 to implement the technical solution of the present specification. The apparatus 600 comprises:
a first obtaining module 601, configured to obtain a data query request for a virtual data set, where the data query request is input by a user; the virtual data set is obtained by performing data virtualization processing on data which are respectively maintained by the data collaboration platform for the multiple collaboration participants and are used for participating in privacy computation;
a first parsing module 602, parsing the data query request to obtain at least one sub-operation related to the data query request;
a first generating module 603, configured to select at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library associated with the privacy computation, and generate a query process corresponding to the data query request based on the at least one instantiation operator;
the first deployment module 604 creates an intelligent contract containing query logic corresponding to the query flow, and deploys the created intelligent contract into a blockchain network interfaced with the data collaboration platform for the user to call.
The specific details of the modules of the apparatus 600 have been described in detail in the method flow described above, and therefore are not described herein again.
Fig. 7 is a block diagram of another user service using apparatus shown in this specification according to an exemplary embodiment, and the apparatus may also be applied to the electronic device shown in fig. 5 to implement the technical solution of this specification. The apparatus 700 comprises:
a second obtaining module 701, configured to obtain a data query request for a virtual data set, which is uploaded by a server corresponding to any target collaboration participant in the multiple collaboration participants and is input by a user; the virtual data set is obtained by the data cooperation platform performing data virtualization processing on data which are respectively maintained by the cooperation participants and used for participating in privacy calculation;
a second parsing module 702, parsing the data query request to obtain at least one sub-operation related to the data query request;
a second generating module 703, configured to select at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library related to the privacy computation, and generate a query process corresponding to the data query request based on the at least one instantiation operator;
and the second deployment module 704 is used for creating an intelligent contract containing query logic corresponding to the query process and deploying the created intelligent contract into a blockchain network interfaced with the data collaboration platform for the user to call.
The specific details of the modules of the apparatus 700 are described in detail in the method flow described above, and therefore are not described herein again.
Correspondingly, the present specification also provides an electronic device, which includes a processor; a memory for storing processor-executable instructions; wherein the processor is configured to implement the steps of all of the method flows described previously.
Accordingly, the present specification also provides a computer readable storage medium having executable instructions stored thereon; wherein the instructions, when executed by a processor, implement steps of all of the method flows previously described.
For the device embodiment, since it basically corresponds to the method embodiment, reference may be made to the partial description of the method embodiment for relevant points. The above-described embodiments of the apparatus are merely illustrative, wherein the modules described as separate parts may or may not be physically separate, and the parts displayed as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the modules can be selected according to actual needs to achieve the purpose of the solution in the present specification. One of ordinary skill in the art can understand and implement without inventive effort.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. A typical implementation device is a computer, which may take the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email messaging device, game console, tablet computer, wearable device, or a combination of any of these devices.
In a typical configuration, a computer includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic disk storage, quantum memory, graphene-based storage media or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of other like elements in a process, method, article, or apparatus comprising the element.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The terminology used in the description of the one or more embodiments is for the purpose of describing the particular embodiments only and is not intended to be limiting of the description of the one or more embodiments. As used in this specification and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used herein in one or more embodiments to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of one or more embodiments herein. The word "if" as used herein may be interpreted as "at" \8230; "or" when 8230; \8230; "or" in response to a determination ", depending on the context.
The above description is intended only to be exemplary of the one or more embodiments of the present disclosure, and should not be taken as limiting the one or more embodiments of the present disclosure, as any modifications, equivalents, improvements, etc. that come within the spirit and scope of the one or more embodiments of the present disclosure are intended to be included within the scope of the one or more embodiments of the present disclosure.
Claims (22)
1. A data query method based on multi-party cooperation is characterized in that a data cooperation platform based on a block chain is connected with a plurality of cooperation participants; the method is applied to a server corresponding to any target collaboration party in the multiple collaboration parties; the method comprises the following steps:
acquiring a data query request aiming at a virtual data set input by a user; the virtual data set is obtained by performing data virtualization processing on data which are respectively maintained by the data collaboration platform for the multiple collaboration participants and are used for participating in privacy computation;
analyzing the data query request to obtain at least one sub-operation related to the data query request;
selecting at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library related to the privacy computation, and generating a query process corresponding to the data query request based on the at least one instantiation operator;
and creating an intelligent contract containing query logic corresponding to the query flow, and deploying the created intelligent contract into a blockchain network interfaced with the data collaboration platform for the user to call.
2. The method of claim 1, the data query request comprising a data query statement;
analyzing the data query request to obtain at least one sub-operation related to the data query request, including:
performing syntax analysis on the data query statement to obtain a syntax tree corresponding to the data query statement;
determining at least one sub-operation related to the data query statement based on the syntax tree.
3. The method of claim 2, the data query statement comprising an SQL statement.
4. The method of claim 2, the virtual data in the virtual data set comprising a number of data fields; the data fields are respectively maintained at different cooperation participants; the at least one sub-operation includes at least one query sub-operation that queries the number of data fields, respectively, from data maintained by the different collaboration participants.
5. The method of claim 2, the data query statement comprising a request for data query computation for virtual data in the set of virtual data; the at least one sub-operation further comprises at least one computation sub-operation that computes on the queried data.
6. The method of claim 5, the at least one computing sub-operation comprising a combination of any one or more of the following:
performing sub-operation of intersection calculation on the data;
a sub-operation of filtering computation on the data;
a sub-operation of statistical calculation on the data.
7. The method of claim 1, selecting at least one instantiation operator corresponding to the at least one sub-operation from a library of instantiation operators associated with the privacy computation, and generating a query flow corresponding to the data query request based on the at least one instantiation operator, comprising:
and acquiring data security requirements of data maintained by each cooperative participant for the cooperative participant, selecting at least one instantiation operator corresponding to the at least one sub-operation and meeting the data security requirements from an instantiation operator library related to the privacy computation, and generating a query process corresponding to the data query request based on the at least one instantiation operator.
8. The method of claim 7, the instantiation operator comprising an operator implemented based on privacy computing techniques supported by the data collaboration platform and the collaboration participant.
9. The method of claim 1, obtaining data security requirements for data maintained by each collaboration party for the collaboration parties, comprising:
acquiring a data security policy of each cooperation party for the data configuration maintained by the cooperation party;
determining data security requirements for data maintained by the respective collaboration party based on the data security policy.
10. The method of claim 9, the data security policy comprising a combination of one or more of:
a security level configured for the data;
a security protection level configured for the data;
data trust relationships with other collaboration participants;
accordingly, the data security requirements include one or a combination of more of the following:
determining whether to allow the data to be exported out of the security requirement of the data domain in which the data is located based on the security level;
determining, based on the security protection level, whether to allow a security requirement for data desensitization processing of the data and privacy computation results for the data;
and determining whether to allow the data to be aggregated with the data maintained by other cooperative participants based on the data trust relationship.
11. The method of claim 1, wherein the data collaboration platform deploys a process planning component in a distributed manner on the server corresponding to the plurality of collaboration participants; the instantiation operator libraries are respectively maintained on the server sides corresponding to the multiple cooperation participants;
selecting at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library related to the privacy computation, and generating a query process corresponding to the data query request based on the at least one instantiation operator, comprising:
and calling the flow planning component, selecting at least one instantiation operator corresponding to the at least one sub-operation from a locally maintained instantiation operator library related to the privacy calculation, and generating a query flow corresponding to the data query request based on the at least one instantiation operator.
12. The method of claim 11, the instantiation operator library comprising a number of instantiation operators and data security requirements corresponding to the instantiation operators;
selecting at least one instantiation operator corresponding to the at least one sub-operation that satisfies the data security requirement from the instantiation operator library, comprising:
searching at least one instantiation operator corresponding to the at least one sub-operation in the instantiation operator library;
matching the data security requirements of each cooperation party for the maintained data with the data security requirements corresponding to the at least one instantiation operator;
based on the matching result, selecting an instantiation operator from the at least one instantiation operator, wherein the instantiation operator matches the data security requirement of the data maintained by each cooperation participant.
13. The method of claim 12, the instantiation operator comprising a combination of one or more of:
instantiation operators implemented based on TEE;
an instantiation operator based on an MPC implementation.
14. The method of claim 1, generating a query flow corresponding to the data query request based on the at least one instantiation operator, comprising:
generating a plurality of query flows based on the at least one instantiation operator;
and outputting and displaying the plurality of query processes to the user so that the user selects the query process corresponding to the data query request from the plurality of query processes.
15. The method of claim 1, the data collaboration platform distributively deploying intelligent contract management components on servers corresponding to the plurality of collaboration participants;
creating an intelligent contract containing query logic corresponding to the query flow, and deploying the created intelligent contract into a blockchain network interfaced with the data collaboration platform, including:
calling the intelligent contract management component, generating an execution code related to the query logic corresponding to the query process, and compiling the generated execution code into an intelligent contract code;
deploying an intelligent contract comprising the intelligent contract code in a blockchain network that interfaces with the data collaboration platform.
16. The method of claim 15, the plurality of collaboration participants comprising a plurality of data centers distributed over different geographies.
17. The method of claim 1, the data collaboration platform comprising a blockchain services platform corresponding to the blockchain network.
18. A data query method based on multi-party collaboration is applied to a data collaboration platform based on a block chain; wherein the data collaboration platform interfaces with a plurality of collaboration participants; the method comprises the following steps:
acquiring a data query request aiming at a virtual data set, which is uploaded by a server corresponding to any target cooperation party in the plurality of cooperation parties and input by a user; the virtual data set is obtained by the data cooperation platform performing data virtualization processing on data which are respectively maintained by the cooperation participants and used for participating in privacy calculation;
analyzing the data query request to obtain at least one sub-operation related to the data query request;
selecting at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library related to the privacy computation, and generating a query process corresponding to the data query request based on the at least one instantiation operator;
and creating an intelligent contract containing query logic corresponding to the query flow, and deploying the created intelligent contract into a blockchain network interfaced with the data collaboration platform for the user to call.
19. A data inquiry device based on multi-party collaboration is characterized in that a data collaboration platform based on a block chain is connected with a plurality of collaboration participants; the device is applied to a server corresponding to any target collaboration party in the multiple collaboration parties; the device comprises:
the first acquisition module is used for acquiring a data query request aiming at the virtual data set, which is input by a user; the virtual data set is obtained by the data cooperation platform performing data virtualization processing on data which are respectively maintained by the cooperation participants and used for participating in privacy calculation;
the first analysis module is used for analyzing the data query request to obtain at least one sub-operation related to the data query request;
the first generation module is used for selecting at least one instantiation operator corresponding to the at least one sub-operation from an instantiation operator library related to the privacy calculation and generating a query process corresponding to the data query request based on the at least one instantiation operator;
and the first deployment module is used for creating an intelligent contract containing query logic corresponding to the query process and deploying the created intelligent contract into a blockchain network in butt joint with the data cooperation platform so as to be called by the user.
20. A data inquiry device based on multi-party collaboration is applied to a data collaboration platform based on a block chain; wherein the data collaboration platform interfaces a plurality of collaboration participants; the device comprises:
the second acquisition module is used for acquiring a data query request which is uploaded by a server corresponding to any target collaboration party and is input by a user aiming at the virtual data set, wherein the data query request is accessed to any target collaboration party in the multiple collaboration parties; the virtual data set is obtained by performing data virtualization processing on data which are respectively maintained by the data collaboration platform for the multiple collaboration participants and are used for participating in privacy computation;
the second analysis module is used for analyzing the data query request to obtain at least one sub-operation related to the data query request;
the second generation module is used for selecting at least one instantiation operator corresponding to the at least one sub-operation from the instantiation operator library related to the privacy calculation and generating a query process corresponding to the data query request based on the at least one instantiation operator;
and the second deployment module is used for creating an intelligent contract containing query logic corresponding to the query process and deploying the created intelligent contract into a blockchain network in butt joint with the data collaboration platform so as to be called by the user.
21. An electronic device, comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor implements the method of any one of claims 1-18 by executing the executable instructions.
22. A computer readable storage medium having stored thereon computer instructions which, when executed by a processor, carry out the steps of the method according to any one of claims 1 to 18.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210869396.8A CN115269683A (en) | 2022-07-22 | 2022-07-22 | Data query method and device based on multi-party cooperation |
| PCT/CN2022/135099 WO2024016547A1 (en) | 2022-07-22 | 2022-11-29 | Data query method and device based on multi-party collaboration |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210869396.8A CN115269683A (en) | 2022-07-22 | 2022-07-22 | Data query method and device based on multi-party cooperation |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115269683A true CN115269683A (en) | 2022-11-01 |
Family
ID=83768771
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210869396.8A Pending CN115269683A (en) | 2022-07-22 | 2022-07-22 | Data query method and device based on multi-party cooperation |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN115269683A (en) |
| WO (1) | WO2024016547A1 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116756184A (en) * | 2023-08-17 | 2023-09-15 | 腾讯科技(深圳)有限公司 | Database instance processing method, device, equipment, storage medium and program product |
| WO2024016547A1 (en) * | 2022-07-22 | 2024-01-25 | 蚂蚁区块链科技(上海)有限公司 | Data query method and device based on multi-party collaboration |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117892355B (en) * | 2024-03-14 | 2024-05-24 | 蓝象智联(杭州)科技有限公司 | Multiparty data joint analysis method and system based on privacy protection |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9294391B1 (en) * | 2013-06-04 | 2016-03-22 | Amazon Technologies, Inc. | Managing network computing components utilizing request routing |
| CN109542846A (en) * | 2018-11-16 | 2019-03-29 | 重庆邮电大学 | A kind of Internet of Things vulnerability information management system based on data virtualization |
| CN111382174B (en) * | 2018-12-28 | 2023-10-17 | 百度在线网络技术(北京)有限公司 | Multi-party data joint query method, device, server and storage medium |
| CN112560100B (en) * | 2020-12-22 | 2023-09-26 | 网易(杭州)网络有限公司 | Data desensitizing method and device, computer readable storage medium and electronic equipment |
| CN114328504A (en) * | 2021-08-27 | 2022-04-12 | 腾讯科技(深圳)有限公司 | Data joint query method, device, equipment and computer readable storage medium |
| CN114168998A (en) * | 2021-11-30 | 2022-03-11 | 联想(北京)有限公司 | Data processing method and device |
| CN115269683A (en) * | 2022-07-22 | 2022-11-01 | 蚂蚁区块链科技(上海)有限公司 | Data query method and device based on multi-party cooperation |
-
2022
- 2022-07-22 CN CN202210869396.8A patent/CN115269683A/en active Pending
- 2022-11-29 WO PCT/CN2022/135099 patent/WO2024016547A1/en unknown
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2024016547A1 (en) * | 2022-07-22 | 2024-01-25 | 蚂蚁区块链科技(上海)有限公司 | Data query method and device based on multi-party collaboration |
| CN116756184A (en) * | 2023-08-17 | 2023-09-15 | 腾讯科技(深圳)有限公司 | Database instance processing method, device, equipment, storage medium and program product |
| CN116756184B (en) * | 2023-08-17 | 2024-01-12 | 腾讯科技(深圳)有限公司 | Database instance processing method, device, equipment, storage medium and program product |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2024016547A1 (en) | 2024-01-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN115269683A (en) | Data query method and device based on multi-party cooperation | |
| CN110032599B (en) | Data structure reading and updating method and device, and electronic equipment | |
| US9778967B2 (en) | Sophisticated run-time system for graph processing | |
| US8489474B2 (en) | Systems and/or methods for managing transformations in enterprise application integration and/or business processing management environments | |
| US10180989B2 (en) | Generating and executing query language statements from natural language | |
| US8752003B2 (en) | Model driven approach for availability management framework (AMF) configuration generation | |
| US9201700B2 (en) | Provisioning computer resources on a network | |
| IL174023A (en) | Mapping of a file system model to a database object | |
| CN110007920B (en) | Method and device for acquiring code dependency relationship and electronic equipment | |
| CN115270202A (en) | Privacy calculation method and device based on multi-party cooperation | |
| Di Martino et al. | A rule‐based procedure for automatic recognition of design patterns in UML diagrams | |
| CN106649488B (en) | Method and device for calling multi-data-source interactive interface | |
| JP2022050327A (en) | Computer-implemented system and method using digital twin and graph-based structure | |
| Adedugbe et al. | Leveraging cloud computing for the semantic web: review and trends | |
| US8296725B2 (en) | Framework for variation oriented analysis for service-oriented architecture | |
| CN113987337A (en) | Search method, system, equipment and storage medium based on componentized dynamic arrangement | |
| US11790263B2 (en) | Program synthesis using annotations based on enumeration patterns | |
| Arévalo et al. | Formal concept analysis-based service classification to dynamically build efficient software component directories | |
| Sarikhani et al. | Mechanisms for provenance collection in scientific workflow systems | |
| Amarakoon et al. | A framework for modeling medical diagnosis and decision support services | |
| König et al. | Consistency of heterogeneously typed behavioural models: A coalgebraic approach | |
| US20210349902A1 (en) | Database query processing | |
| Allen et al. | Provenance capture and use: A practical guide | |
| Mubarkoot et al. | Software Compliance in Different Industries: A Systematic Literature Review. | |
| CN114528353A (en) | Method and apparatus for providing blockchain service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |