CN115422582A

CN115422582A - Data query method and risk management and control method, device, equipment and medium

Info

Publication number: CN115422582A
Application number: CN202211050268.7A
Authority: CN
Inventors: 郑培钿; 李平; 周建平; 王攀峰
Original assignee: Industrial and Commercial Bank of China Ltd ICBC
Current assignee: Industrial and Commercial Bank of China Ltd ICBC
Priority date: 2022-08-30
Filing date: 2022-08-30
Publication date: 2022-12-02

Abstract

The disclosure provides a data query method and device based on hiding query, which can be applied to the technical field of information security. The method for hiding the query can comprise the following steps: the method comprises the steps of utilizing sub-digital identifications decomposed from the digital identifications of a target query object to calculate the digital identifications of S objects of a data server to obtain intermediate identifications, utilizing the intermediate identifications to encrypt key values of the objects participating in calculation of each intermediate identification to obtain encrypted key values, representing the S intermediate identifications and the encrypted key values corresponding to each intermediate identification in a key value pair mode to serve as calculation result groups corresponding to the sub-digital identifications, and returning the calculation result groups to the data query end so that the data query end can reversely solve the key values of the target query object after obtaining the calculation result groups of all the sub-digital identifications of the target query object. The disclosure also provides a risk management and control method and device based on the concealed query, and corresponding electronic equipment, medium and program product.

Description

Data query method and risk management and control method, device, equipment and medium

Technical Field

The present disclosure relates to the field of information security, and more particularly, to a data query method and a risk management and control method based on a hidden query, and a corresponding apparatus, device, medium, and program product.

Background

When data is queried among different subjects, if the query is directly performed through the identification information of the query object, the risk of information leakage of the query object exists, and thus, adverse effects may be brought to the query object and each subject participating in data query. For example, when a financial institution queries the resource consumption level of its enterprise client in the operating process through a utility to evaluate whether the operating condition of the enterprise client is abnormal, if the enterprise client is queried by the market, the business guess of the market to the enterprise client may be caused, and the business reputation of the financial institution may be reduced. Therefore, how to query data among different subjects is very important to ensure the correctness and the validity of the final query result and the data security in the query process.

Disclosure of Invention

In view of the foregoing, the present disclosure provides a data query method and a risk management method based on a hidden query, and corresponding apparatus, device, medium, and program product.

In a first aspect of the embodiments of the present disclosure, a data query method based on a hidden query is provided, and is applied to a data server. The data query method comprises the steps of firstly receiving a query request, wherein the query request comprises a first sub-numerical identifier and classification information of the first sub-numerical identifier; the first sub-numerical identifier is any one of N sub-numerical identifiers decomposed by the numerical identifier of the target query object based on a first algorithm, wherein N is an odd number which is greater than or equal to 3; the N sub-number identifiers are divided into a first class and a second class, wherein the first class comprises [ (N-1)/2 ] +1 sub-number identifiers, and the second class comprises (N-1)/2 sub-number identifiers; the classification information of the first sub-digital identifier is used for indicating whether the first sub-digital identifier belongs to the first class or the second class; the first algorithm has a commutative law and a binding law. Then, acquiring a calculation result group corresponding to the first sub-digital identifier by inquiring records of the S objects according to the following processing mode; wherein the records of the S objects include numerical identifiers and key values of the S objects, S is an integer greater than 1, and the S objects include the target query object. The processing mode comprises the following steps: calculating the digital identifier of each object in the S objects by using the first sub-digital identifiers based on an algorithm corresponding to the classification information of the first sub-digital identifiers to obtain S intermediate identifiers; wherein, the algorithm corresponding to the first class is the inverse operation of the first algorithm, and the algorithm corresponding to the second class is the first algorithm; and taking each intermediate identifier as an encryption parameter, taking key values of the objects participating in the calculation of the intermediate identifier in the S objects as encryption objects, and obtaining the encryption key values corresponding to each intermediate identifier through homomorphic encryption; and representing the S intermediate identifications and the encryption key values corresponding to each intermediate identification in a key value pair mode to obtain a calculation result group corresponding to the first sub-digital identification. Finally, the calculation result group corresponding to the first sub-digital identifier is fed back to the data query end which sends the query request; after acquiring the N calculation result groups corresponding to the N sub-number identifiers one to one, the data query end reversely solves the key value corresponding to the target query object based on the N calculation result groups.

According to an embodiment of the present disclosure, the first algorithm comprises an addition operation.

According to an embodiment of the present disclosure, the homomorphic encryption includes: and performing power operation by taking the encrypted object as an exponent and the encryption parameter as a base number.

In a second aspect of the embodiments of the present disclosure, a data query method based on a hidden query is provided, and is applied to a data query end. The data query method comprises the following steps: firstly, acquiring a digital identifier of a target query object; then decomposing the digital identifier of the target query object based on a first algorithm to obtain N sub-digital identifiers, wherein N is an odd number which is more than or equal to 3; dividing the N sub-number identifications into a first class and a second class, wherein the first class comprises [ (N-1)/2 ] +1 sub-number identifications, and the second class comprises (N-1)/2 sub-number identifications; next, the N sub-digital identifiers and the classification information of each sub-digital identifier are sent to a data server to request the data server to perform data query according to the data query method provided by the first aspect of the embodiment of the present disclosure; then receiving N calculation result groups which are returned by the data server and correspond to the N sub-digital identifications one by one; and reversely solving the key value corresponding to the target query object based on the N calculation result groups.

According to an embodiment of the present disclosure, the inversely solving key values corresponding to the target query object based on the N calculation result groups includes: the following calculations were performed in a trial manner: selecting one intermediate identifier from the N calculation result groups each time, and then calculating the selected N intermediate identifiers according to the first algorithm to obtain calculation results; stopping trial calculation when the calculation result is a preset value, and selecting N intermediate marks when the calculation result is the preset value as N target intermediate marks, wherein the preset value is a value determined by mutually counteracting the first algorithm and the inverse operation thereof; and based on the encrypted key values corresponding to the N target intermediate identifications, decrypting the key value of the target query object.

According to an embodiment of the present disclosure, the first algorithm is an addition and the predetermined value is zero.

According to an embodiment of the present disclosure, the decrypting the key value of the target query object based on the encryption key values corresponding to the N target intermediate identifiers includes: and when the homomorphic encryption is a power operation taking the encrypted object as an exponent and the encryption parameter as a base number, solving a product of the encryption key values corresponding to the N target intermediate identifications as a true number and taking the product of the N target intermediate identifications as a logarithm of the base number to obtain a key value of the target query object.

In a third aspect of the embodiments of the present disclosure, a risk management and control method based on a concealed query is provided, which is applied to a first subject. The risk management and control method comprises the following steps: firstly, acquiring digital identifications of M customers of the first marketing subject, wherein M is an integer greater than or equal to 1, and the M customers comprise target customers; then, decomposing the digital identifier of each customer based on a first algorithm to obtain N sub-digital identifiers corresponding to each customer, wherein M × N sub-digital identifiers are obtained corresponding to M customers; wherein N is an odd number greater than or equal to 3; then, dividing the N sub-number identifications corresponding to each customer into a first class and a second class, wherein the first class comprises [ (N-1)/2 ] +1 sub-number identifications and the second class comprises (N-1)/2 sub-number identifications for each customer; then, sending the M × N sub-digital identifiers and the classification information of each sub-digital identifier to each of R second operation bodies to request each of the second operation bodies to perform data query according to the data query method provided by the first aspect of the embodiment of the present disclosure, where R is an integer greater than or equal to 1; then, receiving M × N calculation result groups which are returned by the second operation main body and correspond to the M × N sub-digital identifications one by one; then, selecting N calculation result groups corresponding to the N sub-number identifications of the target customer from the M x N calculation result groups; selecting N calculation result groups as N target calculation result groups; then, reversely solving key values of the target customers recorded in the second business main body based on the N target calculation result groups; and finally, evaluating the operation risk of the target customer based on the key values of the target customer recorded in the R second operation bodies.

According to an embodiment of the present disclosure, the reversely solving key values of the target customers recorded in the second business entity based on the N target calculation result groups includes: the following calculations were performed in a trial manner: selecting one intermediate identifier from the N target calculation result groups each time, and then calculating the selected N intermediate identifiers according to a first algorithm to obtain a calculation result; stopping trial calculation when the calculation result is a preset value, and selecting N intermediate identifiers when the calculation result is a fixed value as N target intermediate identifiers, wherein the preset value is a value determined by mutually counteracting the first algorithm and the inverse operation of the first algorithm; and decrypting the key value of the target client based on the encrypted key values corresponding to the N target intermediate identifications.

According to an embodiment of the present disclosure, the decrypting the key value of the target client based on the encryption key values corresponding to the N target intermediate identifiers includes: and when the homomorphic encryption is a power operation with the encrypted object as an exponent and the encryption parameter as a base number, solving a product of the encryption key values corresponding to the N target intermediate identifications as a true number, and taking the product of the N target intermediate identifications as a logarithm of the base number to obtain a key value of the target client.

According to an embodiment of the present disclosure, the sending the M × N sub-digital identifiers and the classification information of each sub-digital identifier to each of the R second business entities includes sending in any one of the following manners: sending the M by N sub-digital identifications in batches according to classification information, wherein the classification information of each sub-digital identification is determined according to the sending batches; marking classification information of each sub-number identifier, and sending the M × N sub-number identifiers after disordering the sequence; or arranging the M x N sub-number identifications according to a specific sequence, and identifying the classification information of each sub-number identification through the position information of each sub-number identification.

According to an embodiment of the present disclosure, when R is greater than 1, the evaluating the business risk of the target customer based on the key values of the target customer recorded in the R second business bodies includes: and weighting the key values of the target customers recorded in the R second business bodies to obtain the comprehensive scores of the target customers.

According to an embodiment of the present disclosure, the first business entity includes a financial institution, and R second business entities include at least one of an electric power enterprise, a water business enterprise, a heat power enterprise, or a gas enterprise.

In a fourth aspect of the embodiments of the present disclosure, a data query apparatus based on a hidden query is provided, and is disposed at a data server. The data query device comprises a first receiving module, a first query module and a first return module. The device comprises a first receiving module, a second receiving module and a query processing module, wherein the first receiving module is used for receiving a query request which comprises a first sub-digital identifier and classification information of the first sub-digital identifier; the first sub-numerical identifier is any one of N sub-numerical identifiers decomposed by the numerical identifier of the target query object based on a first algorithm, wherein N is an odd number which is greater than or equal to 3; the N sub-number identifiers are divided into a first class and a second class, wherein the first class comprises [ (N-1)/2 ] +1 sub-number identifiers, and the second class comprises (N-1)/2 sub-number identifiers; the classification information of the first sub-digital identifier is used for indicating whether the first sub-digital identifier belongs to the first class or the second class; the first algorithm has a commutative law and a binding law. The first query module is used for obtaining a calculation result group corresponding to the first sub-digital identifier by querying records of the S objects according to the following processing mode; wherein the records of the S objects include numerical identifiers and key values of the S objects, S is an integer greater than 1, and the S objects include the target query object. The first query module specifically comprises a first query operation sub-module and a first query encryption sub-module. The first query operation sub-module is used for utilizing the first sub-numerical identifier to perform operation on the numerical identifier of each object in the S objects based on an operation rule corresponding to the classification information of the first sub-numerical identifier to obtain S intermediate identifiers; wherein the algorithm corresponding to the first class is an inverse operation of the first algorithm, and the algorithm corresponding to the second class is the first algorithm. The first query encryption sub-module is used for taking each intermediate identifier as an encryption parameter, taking key values of the objects participating in calculation of the intermediate identifier in the S objects as encryption objects, and obtaining encryption key values corresponding to each intermediate identifier through homomorphic encryption; and representing the S intermediate identifications and the encryption key values corresponding to the intermediate identifications in a key-value pair mode to obtain a calculation result group corresponding to the first sub-digital identification. The first returning module is used for feeding back the calculation result group corresponding to the first sub-digital identifier to the data query end which sends the query request; after acquiring the N calculation result groups corresponding to the N sub-digital identifications one to one, the data query end reversely solves the key value corresponding to the target query object based on the N calculation result groups.

In a fifth aspect of the embodiments of the present disclosure, a data query apparatus based on a hidden query is provided, and is disposed at a data query end. The data query device comprises: the system comprises a second acquisition module, a second decomposition module, a second classification module, a second request sending module, a second result receiving module and a second data inverse decomposition module. The second acquisition module is used for acquiring the digital identification of the target query object. And the second decomposition module is used for decomposing the numerical identifier of the target query object based on the first algorithm to obtain N sub-numerical identifiers, wherein N is an odd number which is more than or equal to 3. The second classification module is used for classifying the N sub-number identifications into a first class and a second class, wherein the first class comprises [ (N-1)/2 ] +1 sub-number identifications, and the second class comprises (N-1)/2 sub-number identifications. The second request sending module is configured to send the N sub-digital identifiers and the classification information of each sub-digital identifier to a data server, so as to request the data server to perform data query by using the data query apparatus according to the fourth aspect. And the second result receiving module is used for receiving N calculation result groups which are returned by the data server and correspond to the N sub-digital identifications one by one. And the second data inverse solution module is used for inversely solving the key values corresponding to the target query object based on the N calculation result groups.

According to an embodiment of the present disclosure, the second data inverse solution module is specifically configured to: calculating in a trial calculation mode, selecting one intermediate identifier from the N calculation result groups each time, and then calculating the selected N intermediate identifiers according to the first algorithm to obtain a calculation result; then stopping trial calculation when the calculation result is a preset value, and selecting N intermediate marks when the calculation result is the preset value as N target intermediate marks, wherein the preset value is a value determined by mutually counteracting the first algorithm and the inverse operation thereof; and decrypting key values of the target query object based on the encrypted key values corresponding to the N target intermediate identifications.

According to an embodiment of the present disclosure, the second data inverse solution module is further configured to: and when the homomorphic encryption is a power operation taking the encrypted object as an exponent and the encryption parameter as a base number, solving a product of the encryption key values corresponding to the N target intermediate identifications as a true number and taking the product of the N target intermediate identifications as a logarithm of the base number to obtain a key value of the target query object.

In a sixth aspect of the embodiments of the present disclosure, a risk management and control apparatus based on a hidden query is provided, and is disposed on a first authorized subject. The risk management and control device includes: the third obtaining module, the third decomposing module, the third classifying module, the third sending module, the third result receiving module, the third selecting module, the third data inverse decomposing module and the third evaluating module. The third acquisition module is used for acquiring the digital identifications of M customers of the first subject, wherein M is an integer greater than or equal to 1, and the M customers comprise target customers. The third decomposition module is used for decomposing the digital identifier of each client based on the first algorithm to obtain N sub-digital identifiers corresponding to each client; obtaining M × N sub-digital identifications corresponding to M clients; wherein N is an odd number of 3 or more. The third classification module is used for classifying the N sub-number identifications corresponding to each customer into a first class and a second class; wherein, for each customer, the first class comprises [ (N-1)/2 ] +1 sub-number identifiers, and the second class comprises (N-1)/2 sub-number identifiers. And the third sending module is used for sending the M x N sub-digital identifications and the classification information of each sub-digital identification to each of R second operation main bodies, wherein R is an integer greater than or equal to 1. The third result receiving module is configured to receive M × N calculation result groups that are returned by each of the second business entities after performing data query using the data query apparatus according to the fourth aspect and correspond to the M × N sub-digital identifiers one to one. The third selection module is used for selecting N calculation result groups corresponding to the N sub-number identifications of the target customer from the M x N calculation result groups; and selecting N calculation result groups as N target calculation result groups. And the third data inverse solution module is used for inversely solving the key values of the target customers recorded in the second business main body based on the N target calculation result groups. And the third evaluation module is used for evaluating the operation risk of the target customer based on the key values of the target customer recorded in the R second operation bodies.

According to an embodiment of the present disclosure, the third sending module is further configured to send the M × N sub-digital identifiers and the classification information of each sub-digital identifier in any one of the following manners: sending the M x N sub-digital identifications in batches according to classification information, wherein the classification information of each sub-digital identification is determined according to the sending batch; marking classification information of each sub-number mark, and sending the M x N sub-number marks after disordering the sequence; or arranging the M x N sub-number identifications according to a specific sequence, and identifying the classification information of each sub-number identification through the position information of each sub-number identification.

According to the embodiment of the disclosure, the third evaluation module is further configured to, when R is greater than 1, weight the key values of the target customers recorded in the R second business bodies to obtain a composite score of the target customer.

In a seventh aspect of the disclosed embodiments, an electronic device is provided. The electronic device includes one or more processors and memory. The memory to store one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform: the data query method according to the first aspect, the data query method according to the second aspect, or the risk management and control method according to the third aspect.

In an eighth aspect of the disclosed embodiments, there is also provided a computer-readable storage medium having stored thereon executable instructions that, when executed by a processor, cause the processor to perform: the data query method according to the first aspect, the data query method according to the second aspect, or the risk management and control method according to the third aspect.

In a ninth aspect of the disclosed embodiments, there is also provided a computer program product comprising a computer program which, when executed by a processor, implements: the data query method according to the first aspect, the data query method according to the second aspect, or the risk management and control method according to the third aspect.

One or more of the embodiments described above have the following advantages or benefits: the data query end decomposes the data identification of the object to be queried into a series of sub-identifications and provides the sub-identifications for query. And matching and calculating according to the received subdata identifier, and returning a corresponding calculation result group. Therefore, except for the final query user at the data query end, almost no link in the whole data query process and the data transmission link can know which object data is specifically queried. Even if transmission data is leaked in the network transmission process, the specific object of the query is difficult to know. In this way, data security during data query is improved.

Drawings

The foregoing and other objects, features and advantages of the disclosure will be apparent from the following description of embodiments of the disclosure, which proceeds with reference to the accompanying drawings, in which:

FIG. 1 schematically illustrates an application scenario diagram of a data query method, apparatus, device, medium and program product according to an embodiment of the disclosure;

FIG. 2 schematically illustrates a diagram of resolving a sub-digital identifier from a digital identifier of a target object according to an embodiment of the present disclosure;

FIG. 3 schematically shows a schematic diagram of S objects in accordance with an embodiment of the disclosure;

FIG. 4 schematically shows a flow chart of a data query method applied to a data server according to an embodiment of the present disclosure;

FIG. 5 is a schematic diagram schematically illustrating a data query method applied to a data query side according to an embodiment of the present disclosure;

FIG. 6 schematically illustrates a flow chart of the data query side solving back the data of the target query object according to an embodiment of the present disclosure;

fig. 7 schematically illustrates a system architecture of a risk management and control method according to an embodiment of the present disclosure;

FIG. 8 schematically illustrates a flow chart of a risk management method according to an embodiment of the present disclosure;

FIG. 9 is a schematic diagram illustrating a first camped principal decomposing sub-digital identities from digital identities of a plurality of customers in a risk management method according to an embodiment of the present disclosure;

fig. 10 schematically illustrates an interaction schematic of a fusing institution with an electric power enterprise in a risk management and control method according to an embodiment of the present disclosure;

FIG. 11 schematically shows an interaction schematic of a fusing institution with a water service enterprise in a risk management and control method according to an embodiment of the disclosure;

FIG. 12 schematically shows an interaction schematic of a gas enterprise and a melting agency in a risk management and control method according to an embodiment of the present disclosure;

fig. 13 schematically illustrates an interaction schematic of a fusing institution with a thermal enterprise in a risk management and control method according to an embodiment of the present disclosure;

fig. 14 schematically shows a block diagram of a data query device disposed at a data server according to an embodiment of the present disclosure;

FIG. 15 is a block diagram schematically illustrating a data query device disposed at a data query side according to an embodiment of the present disclosure;

fig. 16 schematically illustrates a block diagram of a risk management device based on suppressed queries according to an embodiment of the present disclosure; and

fig. 17 schematically shows a block diagram of an electronic device adapted for a suppressed query based data query method or risk management method according to an embodiment of the present disclosure.

Detailed Description

Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that these descriptions are illustrative only and are not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present disclosure.

The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.

All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It is noted that the terms used herein should be interpreted as having a meaning that is consistent with the context of this specification and should not be interpreted in an idealized or overly formal sense.

In those instances where a convention analogous to "at least one of A, B, and C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B, and C" would include but not be limited to systems that have A alone, B alone, C alone, A and B together, A and C together, B and C together, and/or A, B, and C together, etc.). The terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or to implicitly indicate the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more features.

The embodiment of the disclosure provides a data query method and device based on a hidden query, a risk management and control method and device based on the hidden query, and electronic equipment, media and program products for realizing the methods of the embodiments of the disclosure. The hidden query, also called a hidden trail query or a private information query, refers to that a data query end hides a keyword or identification information (for example, ID information) of a queried object, and a data server end feeds back a matched query result according to information provided by the data query end but cannot know which queried object corresponds to the data server end.

Specifically, in the data query method based on the hidden query according to the embodiment of the present disclosure, the data query end decomposes the digital identifier of the target query object into N sub-digital identifiers, and then provides the N sub-digital identifiers to the data server end at one time or one by one. And the data server side obtains a calculation result group corresponding to each sub-digital identifier through matching calculation from the stored records of the S objects according to the received sub-digital identifiers, and returns the calculation result group to the data inquiry side. After the data query end receives the calculation result group corresponding to all the N sub-digital identifications resolved from the digital identification of the target query object, key values which are stored in the data service end and are related to the target query object can be reversely resolved. A "key" herein refers to a value of an object in a certain field or attribute (e.g., power consumption, credit score, etc.).

Fig. 1 schematically illustrates an application scenario diagram of a data query method, apparatus, device, medium, and program product according to an embodiment of the present disclosure. It should be noted that fig. 1 is only an example of a system architecture to which the embodiments of the present disclosure may be applied to help those skilled in the art understand the technical content of the present disclosure, and does not mean that the embodiments of the present disclosure may not be applied to other devices, systems, environments or scenarios.

As shown in fig. 1, the application scenario 100 according to this embodiment may include a data query side 110, a data service side 120, and a network 130. Network 130 is the medium used to provide a communication link between data querying ends 110 and 120. Network 130 may include various types of connections, such as wire, wireless communication links, or fiber optic cables, to name a few.

The data query end 110 has a terminal device 112 capable of presenting query results, and a server 111 having data processing capability. The user may send an instruction to the server 111 using the terminal device 112, for example, to specify a target query object and its query content (i.e., a key value of which field or attribute to query). The server 111 may resolve the numeric identifier of the target query object into sub-numeric identifiers and then send the query request to the data server 120 via the network 130. And after receiving the query result fed back by the data server 120 through the network 130, the server 111 processes the query result, and reversely resolves the key value of the target query object and displays the key value to the user in the terminal device 112.

The data server 120 includes a database 121 having data storage capabilities and a database server 122 having computing capabilities. After receiving the query request from the data query end 110 through the network 130, the database server 122 may initially locate a data range of the query (e.g., S objects) from the database 121, and then obtain a calculation result group corresponding to each sub-number identifier by matching operation between the sub-number identifier in the query request and the number identifiers of the S objects. The set of computed results is then returned to the data querying end 110 via the network 130.

In the embodiment of the present disclosure, to implement the hidden query of the data server 120 and the correct reverse solution of the data query 110, the algorithm used in the hidden query of the data server 120 and the algorithm used in the reverse solution of the key value of the target query object by the data query 110 are required to have a corresponding relationship. The data query method according to the embodiment of the present disclosure is mainly expressed in the following aspects.

First, in the embodiment of the present disclosure, the data querying end 110 decomposes the numeric identifier of the target query object into N sub-numeric identifiers based on the first algorithm, where N is an odd number greater than or equal to 3.

Secondly, in the embodiment of the present disclosure, when the data query end 110 sends the sub-number identifier to the data service end 120, the classification information of the sub-number identifier is sent at the same time. When the data query terminal 110 decomposes the N sub-number identifiers, the N sub-number identifiers are divided into two categories, i.e., a first category and a second category, wherein the first category includes [ (N-1)/2 ] +1 sub-number identifiers, and the second category includes (N-1)/2 sub-number identifiers. The number of sub-digit designations in the first class is 1 more positive than the number of sub-digit designations in the second class.

The function of the classification information is that when the data server 120 performs the matching operation, the sub-numeric identifiers in the first class perform the inverse operation of the first algorithm on the numeric identifiers of the S objects respectively to obtain corresponding intermediate identifiers, and the sub-numeric identifiers in the second class perform the operation on the numeric identifiers of the S objects respectively based on the first algorithm to obtain corresponding intermediate identifiers. In the embodiment of the present disclosure, the intermediate identifier corresponding to each sub-numeric identifier is returned to the data querying end 110 as a component of the calculation result group of the sub-numeric identifier.

Third, the first algorithm in the disclosed embodiment has a commutative law and a binding law. This means that after obtaining the calculation result set of each sub-number identifier returned by the data query end 110, when the intermediate identifiers corresponding to different sub-number identifiers are recombined according to the first operation rule, there is a mutual cancellation effect of the first algorithm and its inverse operation. Therefore, when the data query end 110 performs inverse solution, the correct result can be inversely solved from the calculation result group of all N sub-number identifiers corresponding to the target query object by using the mutual cancellation effect.

Here, the concept principle of the embodiment of the present disclosure is exemplified by taking the first algorithm as an addition and N as 3, and combining the examples of fig. 1, fig. 2 and fig. 3.

Fig. 2 schematically shows a schematic diagram of resolving three sub-digital identifications a11, a12 and a13 from a digital identification A1 of a target object according to an embodiment of the present disclosure. Fig. 3 schematically shows a schematic diagram of S objects according to an embodiment of the present disclosure, wherein four objects are specifically illustrated in fig. 3.

Specifically, referring to FIG. 2, where A1 represents a numeric identification of a target query object (e.g., an ID of a business), A1 may be decomposed into { A11, A12, A13}. Wherein A1= a11+ a12+ a13, respectively, due to the first algorithm being an addition.

In the embodiment of the present disclosure, when the data query end 110 sends the sub-number identifier to the data service end 120, the classification information of the sub-number identifier is sent at the same time. The classification information may be provided by tagging the sub-numeric identifiers or by transmitting the N sub-numeric identifiers in a particular order. For example, fig. 2 can be classified according to the second subscripts of { a11, a12, a13}, wherein the second subscripts are odd and belong to the first class, and the second subscripts are even and belong to the second class. The function of the classification information is to select whether the sub-number identifier performs the first algorithm operation on the number identifiers of the S objects or performs the inverse operation of the first algorithm when the data server 120 performs the matching operation.

Referring to fig. 3, assume that the numbers of S objects in the data server 120 are identified as B1, B2, B3, B4. The data server 120 may store information such as { [ B1, v1], [ B2, v2], [ B3, v3], [ B4, v4] } according to the number identifier of the object and the KEY VALUE [ KEY, VALUE ].

With reference to fig. 2 and fig. 3, when the data server 120 receives any sub-number identifier in { a11, a12, a13}, it may perform corresponding calculation on each digital identifier in { B1, B2, B3, B4} according to the classification information of the sub-number identifier. Wherein the analog division can be performed according to a second subscript, wherein the second subscript is an odd number divided into a first class, and the second subscript indicates an even number divided into a second class. Thus, subtraction applies if the second subscripts of a11, a13 are odd, and addition applies if the second subscripts of a12 are even. For example:

a11 and B1 calculation method: d111= A11-B1

A12 and B1 calculation method: d121= a12+ B1

A13 and B1 calculation method: d131= a13-B1

Wherein D111, D121, and D131 are intermediate identifiers corresponding to a11, a12, and a13, respectively.

In a similar manner to that of B1, B2, B3, and B4 are calculated to obtain corresponding intermediate identifiers D112, D122, D132, D113, D123, D133, D114, D124, and D134, respectively { a11, a12, a13}.

Meanwhile, in the embodiment of the present disclosure, after obtaining each intermediate identifier, the data server 120 may also use the intermediate identifier as an encryption parameter to perform homomorphic encryption on key values of the objects participating in the calculation of the intermediate identifier in the S objects. For example, v1 in [ B1, v1] may be encrypted using D111, D121, D131. For example, by means of exponentiation encryption, resulting in an encrypted key value:

C111＝D111 ^v1 ，

C121＝D121 ^v1 ，

C131＝D131 ^v1 。

similarly, after the key values of the three objects { [ B2, v2], [ B3, v3], [ B4, v4] }areencrypted, { C112, C122, C132, C113, C123, C133, C114, C124, C134} can be obtained.

Each intermediate identity and the encryption key value to which the intermediate identity corresponds may be represented in a key-value pair, such as:

{[D111，C111]，[D121，C121]，[D131，C131]，

[D112，C112]，[D122，C122]，[D132，C132]，

[D113，C113]，[D123，C123]，[D133，C133]，

[D114，C114]，[D124，C124]，[D134，C134]}。

wherein, the part of A11 participating in calculation forms the calculation result group [ D, C ] of A11] ₁₁ ：

[D，C] ₁₁ ＝{[D111，C111]，[D112，C112]，[D113，C113]，[D114，C114]}。

The part of A12 participating in calculation forms a calculation result group [ D, C ] of A12] ₁₂ ：

[D，C] ₁₂ ＝{[D121，C121]，[D122，C122]，[D123，C123]，[D124，C124]}。

The part of A13 participating in the calculation constitutes the calculation result group [ D, C ] of A13] ₁₃ ：

[D，C] ₁₃ ＝{[D131，C131]，[D132，C132]，[D133，C133]，[D124，C124]}。

The data query end 110 will calculate the result set [ D, C] ₁₁ 、[D，C] ₁₂ And [ D, C] ₁₃ And feeds back the calculation result groups as a11, a12 and a13 to the data query end 110. To this end, the data server 120 has a query with { A11, A12, A13} secretThe process is complete.

Next, the data querying end 110 obtains the respective calculation result groups of a11, a12, a13 [ D, C] ₁₁ 、[D，C] ₁₂ And [ D, C] ₁₃ The key value of A1 is solved reversely by finding a calculation result from which D11i + D12i + D13i is 0.

Because:

D11i+D12i+D13i

＝(A11-Bi)+(A12+Bi)+(A13-Bi)

＝A11+A12+A13-Bi

＝A1-Bi

when D11i + D12i + D13i is 0, it indicates that Bi = A1.

When A1= Bi, vi can be obtained by calculating the encryption key values C11i, C12i, C13i corresponding to D11i, D12i, D13i when the calculation result is 0, and the calculation method is as follows:

C11i*C12i*C13i＝D11i ^vi *D12i ^vi *D13i ^vi ＝(D11i*D12i*D13i) ^vi

thus vi = log _{(D11i*D12i*D13i)} (C11i*C12i*C13i)

In this way, the data query side 110 solves for the key value vi of the target query object A1 (i.e., bi).

As can be seen from this, when the data query end 110 reversely decodes the key value of the target query object, it is considered that the three data D11i, D12i, and D13i are obtained by "subtraction", "addition", and "subtraction", and that subtraction is just more than addition once, and A1= a11+ a12+ a13 is addition, so that D11i + D12i + D13i =0 can be found by the mutual cancellation effect of addition and subtraction.

Therefore, in the process of reversely solving the result by the data query terminal 110, the following steps are fully utilized: n is an odd number, so that the number of the sub-digit identifications in the first class is 1 more than that in the second class, and the subtraction is ensured to be exactly one more than the addition when three numbers of D11i, D12i and D13i are calculated; meanwhile, the addition has an exchange law and a combination law, and after the superposition of positive and negative operations and mutual counteraction, D11i + D12i + D13i = A1-Bi is inevitable.

Then, after D11i, D12i, and D13i when D11i + D12i + D13i =0 are located, vi may be decrypted according to a decryption algorithm corresponding to the homomorphic encryption algorithm.

As can be seen from fig. 1, in the data query method according to the embodiment of the present disclosure, except for the terminal user of the data query end 110, any link in the whole data query process and the data transmission link can hardly know which specific object of the data query is. Even if transmission data is leaked in the network transmission process or query request information is leaked at the data server 120, the specific object of the query can hardly be known. Moreover, when the data query end 110 sends the query request to the data service end 120, some confusion or confusion measures may also be taken, for example, sub-number identifiers of multiple objects are sent out in a disorderly sequence or one by one or in batches, etc., so as to further increase the data security in the data query process.

It should be noted that the data query method and apparatus determined in the embodiments of the present disclosure may be used in the financial field, and may also be used in any field other than the financial field.

It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.

The following describes the data query method according to the embodiment of the present disclosure in detail through fig. 4 to 6 based on the scenario described in fig. 1 and the examples in fig. 2 and 3.

Fig. 4 schematically shows a flowchart of a data query method applied to the data server 120 according to an embodiment of the present disclosure.

As shown in fig. 4, the data query method according to this embodiment may include operations S410 to S440.

First, in operation S410, a query request is received. The query request includes the first sub-numeric identifier and classification information for the first sub-numeric identifier.

The first sub-numeric identifier is any one of N sub-numeric identifiers obtained by decomposing the numeric identifier of the target query object based on the first algorithm, wherein N is an odd number greater than or equal to 3.

The number identification of the target query object is decomposed into N sub-number identifications based on the first algorithm, which means that the number identification of the target query object can be directly or indirectly obtained after the N sub-number identifications are combined based on the first algorithm. For example, in the foregoing example, A1= a11+ a12+ a13, that is, A1 is directly obtained by three sub-number identifiers based on additive combination. An example of indirectly obtaining the numeric identifier of the target query object by combining the N sub-numeric identifiers based on the first algorithm can be described with reference to the following analysis of lgA1= a11+ a12+ a13.

The classification information of the first sub-digital identity is used to indicate whether the first sub-digital identity belongs to the first class or the second class. The N sub-number identifications decomposed from the number identification of the target query object are divided into a first class and a second class, wherein the first class comprises [ (N-1)/2 ] +1 sub-number identifications, and the second class comprises (N-1)/2 sub-number identifications. As in the previous example, a11, a12, a13 are divided according to whether the second subscript is odd or even. Of course, in practical applications, the classification information of each sub-digital identifier may be determined according to the tag information in the received first sub-digital identifier, or according to the position information of each sub-digital identifier in the received sequence composed of a plurality of sub-digital identifiers, or when sub-digital identifiers are received in batches, according to the batch information of the received sub-digital identifiers.

Then, in operation S420, the digital identifier of each of the S objects is calculated by using the first sub-digital identifier based on an algorithm corresponding to the classification information of the first sub-digital identifier, so as to obtain S intermediate identifiers. Wherein, the algorithm corresponding to the first class is the inverse operation of the first algorithm, and the algorithm corresponding to the second class is the first algorithm.

The S objects may be at least a portion of the data objects stored in the database 122 of the data server 120, where the S objects include the target query object and S is an integer greater than 1. The records for the S objects stored in the database 122 include numerical identifiers and key values for the S objects.

In practical applications, when the data query side 110 sends the query request to the data service side 120, the information defining the query condition may be provided to the data service side 120 at the same time, so that the data service side 120 may determine the S objects according to the query condition information. For example, when the target query object is a certain enterprise, the data query end 110 may notify the data server end 120 of the industry where the target query object is located, or the data query end 110 may provide information of the enterprise whose query success period is within a certain time range, and the like.

The first sub-digital identifier may obtain S intermediate identifiers, via operation S420. When calculating the S intermediate marks, determining whether to apply the first algorithm or the inverse operation of the first algorithm according to the classification information of the first sub-digital mark.

As in the previous example, the first algorithm is addition, the second subscripts of a11 and a13 are odd numbers, and if they are classified as a first type, subtraction is applied, and the second subscript of a12 is even numbers, and if they are classified as a second type, addition is applied. When the first sub-number is identified as a11, the three intermediate identifications corresponding to a11 obtained through operation S420 are: d111= a11-B1, D112= a11-B2, D113= a11-B3.

Next, in operation S430, each intermediate identifier is used as an encryption parameter, and the key values of the objects participating in the calculation of the intermediate identifier in the S objects are used as encryption objects, so as to obtain the encryption key value corresponding to each intermediate identifier through homomorphic encryption. The key value is encrypted and then transmitted, so that the risk of data leakage in the network transmission process can be reduced.

For example, when the first algorithm is addition and A1= a11+ a12+ a13, as in the previous example, the encryption key values C11i = D11i of each intermediate identity may be obtained by exponentiation ^v1 。

It should be noted that the encryption by exponentiation in operation S430 is only one example of homomorphic encryption, and other algorithms may be used for encryption in actual operation. For example, in an embodiment, when the first algorithm is addition and A1= a11+ a12+ a13, the encryption key value of each intermediate identifier may also be obtained by multiplication, that is, C11i = D11i × v1, so that the process of obtaining vi by using the encryption key values C11i, C12i, C13i corresponding to D11i, D12i, D13i when the calculation result of D11i + D12i + D13i is 0 may be:

it can be seen that the homomorphic encryption algorithm in operation S430 can have various forms and variations. This is not exemplified.

In the embodiment of the present disclosure, S intermediate identifiers of the first sub-digital identifier may be obtained through operation S420, and S encryption key values corresponding to the S intermediate identifiers one to one may be obtained through operation S430. The S intermediate identifiers and the S encryption key values corresponding to the intermediate identifiers one to one may be represented in a key-value pair manner, and a calculation result group corresponding to the first sub-numeric identifier may be obtained. For example, the calculation result groups corresponding to a11, a12, and a13 may be labeled [ D, C, respectively] ₁₁ 、[D，C] ₁₂ And [ D, C] ₁₃ 。

Then, in operation S440, the calculation result set corresponding to the first sub-number identifier is fed back to the data querying end 110 that issued the query request. After acquiring the N calculation result groups corresponding to the N sub-number identifiers one to one, the data query end 110 may reversely solve the key value corresponding to the target query object based on the N calculation result groups.

It is of course understood that the first algorithm in the embodiments of the present disclosure is not limited to addition.

In some embodiments, the first algorithm may also be a multiplication. For example, A1= a11 × a12 × a13. Accordingly, when S intermediate identifiers are obtained in operation S420, B1, B2, B3, and B4 may be divided by a11 and a13, and B1, B2, B3, and B4 may be multiplied by a12, so that the obtained intermediate identifiers are: d11i = a11/B1, D12i = a12 × B1, D13i = a13/B1. When the homomorphic encryption results in the encryption key in operation S430, each intermediate identifier may be multiplied by the key of the object that calculated the intermediate identifier, i.e., C11i = ^vl *D11i，C12i＝ ^vl *D11i，C13i＝ ^vl *D11i。

Thus, when the data query terminal 110 reversely solves A1, a set of solutions D11i × D12i × D13i =1 can be found, because D11i × D12i × D13i =1

＝A11/Bi*A12*Bi*A13/Bi

＝A11*A12*A13/Bi

＝A1/Bi

When D11i by D12i by D13i =1, bi = A1 is indicated.

Meanwhile, when the data query terminal 110 reversely solves the key value of A1, the following steps are performed:

to decrypt and obtain the key value vi of the target query object A1.

In other embodiments, the numeric identifier of the target query object is decomposed into N sub-numeric identifiers based on the first algorithm, and the numeric identifier of the target query object may be first functionally processed and then decomposed using the first algorithm. For example, the digital identifier of the target query object may be logarithmized, and then the logarithmized digital identifier of the target query object may be decomposed into a sum of three sub-digital identifiers, for example, the sum is represented as lgA1= lgA11+ lgA12+ lgA13, where a11, a12, and a13 are actually three factors of A1. After this processing, three sub-numbers of A1 may be taken as a11= lga11, a12= lga12, and a13= lga13. In this case, the first algorithm is an addition, and the sub-numerical identifiers a11, a12, a13 of A1 can be combined by the first algorithm to indirectly obtain A1, i.e., lgA1= a11+ a12+ a13.

Thus, in operation S420, after receiving any one of the three sub-numeric identifiers a11, a12, and a13, in an embodiment, the data server 120 may first perform logarithm operation on the locally stored numeric identifiers of S objects, and then perform operation on the logarithm operation and the sub-numeric identifiers based on the first algorithm or the inverse operation thereof to obtain intermediate identifiers. For example, B1, B2, B3, B4 are logarithmized to obtain lgB1, 1gB2, 1gB3, lgB4, and then intermediate identifiers are calculated, e.g. D11i = A11-1gBi, D12i = A12+ lgBi, D13i = A13-lgBi. Accordingly, in operation S430, the encryption key values may be obtained by, for example, an exponentiation, i.e., C11i = D11i ^v1 ，C12i＝D12i ^v1 ，C13i＝D13i ^v1 。

Thus, when the data query terminal 110 reversely solves A1, a set of intermediate identifiers D11i + D12i + D13i =0 can be found, because in this case D11i + D12i + D13i = a11-lgBi + a12+ lgBi + a13-lgBi = lg (A1/Bi). Meanwhile, when the data query terminal 110 reversely solves the key value of A1, the following steps are performed:

C11i*C12i*C13i＝D11i ^vi *D12i ^vi *D13i ^vi ＝(D11i*D12i*D13i) ^vi

thus vi = log _{(D11i*D12i*D13i)} (C11i*C12i*C13i)

As can be seen from the above examples, the specific implementation manner of decomposing the number identifier of the target query object into N sub-number identifiers based on the first algorithm can be varied. For different decomposition manners, the operation manner of the middle identifier and the homomorphic encryption algorithm in operations S420 and S430, the concealed query may be implemented. The disclosure is not further exemplified for the various variants.

As can be seen from the above description, when the data query method according to the embodiment of the present disclosure is applied to the data server 120, the received query request does not explicitly include information of the target query object, and the calculation result set returned to the data query end 110 does not include information pointing to a certain object. Thus, it is difficult for the data server 120 to locate the target query object. In particular, if the data query end 110 splits the digital identifier of the target query object into a plurality of sub-digital identifiers, which are sent in different time periods, and other data query contents are inserted into the sub-digital identifiers at intervals that are longer or longer, it is more difficult for the data service end 120 to reversely derive the query purpose of the data query end 110.

Fig. 5 schematically shows a schematic diagram of a data query method applied to the data query side 110 according to an embodiment of the disclosure. In the data query process, the data query end 110 and the data service end 120 have an interaction relationship, so that the part of the method illustrated in fig. 5 that interacts with the method illustrated in fig. 4 has a certain correspondence relationship.

As shown in fig. 5, the data query method according to this embodiment may include operations S510 to S560.

In operation S510, a digital identification of a target query object is obtained. For example, the target query object may be specified or filtered through the operation of the user in the terminal device 112.

In operation S520, the number identifier of the target query object is decomposed based on the first algorithm to obtain N sub-number identifiers, where N is an odd number greater than or equal to 3.

In operation S530, the N sub-number identifications are divided into a first class and a second class, wherein the first class includes [ (N-1)/2 ] +1 sub-number identifications, and the second class includes (N-1)/2 sub-number identifications.

In operation S540, the N sub-number identifiers and the classification information of each sub-number identifier are sent to the data server 120 to request the data server 120 to perform a data query.

In the embodiment of the present disclosure, a decomposition process of the sub-number identifier in operation S520, a category division process in operation S530, and an implementation process of sending the sub-number identifier and the category information thereof to the data server 120 in operation S540 may refer to the related descriptions in operation S410 and fig. 1 to 3, and are not described herein again.

After the data query end 110 sends the sub-number identifiers and the classification information thereof to the data server end 120, data query may be performed according to the method described in the foregoing fig. 4, so as to obtain a calculation result group corresponding to each sub-number identifier, and send the calculation result group corresponding to each sub-number identifier to the data query end 110.

In operation S550, N calculation result groups corresponding to the N sub-number identifiers one to one and returned by the data server 120 are received.

In operation S560, the key value corresponding to the target query object is inversely solved based on the N calculation result groups. The principles of the inverse solution have been described in detail above and will not be described in detail here. One possible implementation of the inverse solution is described below with reference to fig. 6.

Fig. 6 schematically shows a flowchart of the data query end 110 reversely solving the data of the target query object according to an embodiment of the present disclosure.

As shown in fig. 6, operation S560 may include operations S601 to S603 according to this embodiment.

In operation S601, the following calculation is performed in a trial manner: and selecting one intermediate identifier from the N calculation result groups each time, and then calculating the selected N intermediate identifiers according to a first algorithm to obtain a calculation result. For example, each time from [ D, C] ₁₁ 、[D，C] ₁₂ And [ D, C] ₁₃ And in the three groups of arrays, selecting one intermediate identifier each time, selecting three intermediate identifiers each time, and then operating according to the three intermediate identifiers selected by the first operation rule.

In operation S602, trial calculation is stopped when the calculation result is a predetermined value, and N intermediate identifiers when the calculation result is the predetermined value are selected as N target intermediate identifiers.

The predetermined value for judging the stop trial calculation is a value determined by offsetting the first algorithm and the inverse operation thereof. In one embodiment, when the first algorithm is additive, the predetermined value is zero. For example, in the previous example, when A1= a11+ a12+ a13, or lgA1= a11+ a12+ a13, the corresponding determination condition may be D11i + D12i + D13i =0. In another embodiment, the predetermined value may be 1 when the first algorithm is a multiplication. For example, in the above example, A1= a11 × a12 × a13, the corresponding determination condition is D11i × D12i × D13i =1.

In operation S603, the key value of the target query object is decrypted based on the encryption key values corresponding to the N target intermediate identifiers.

The algorithm used in the decryption process corresponds to the homomorphic encryption algorithm of the data server 120 in operation S430. For example, when the first algorithm is addition, the data server 120 obtains the encryption key by exponentiation (i.e., taking the key value as the encryption object as the exponent and the middle identifier as the base number of the encryption parameter)In the case of values, the logarithm of the number based on the product of the N target intermediate identifiers may be obtained by solving the product of the encryption key values corresponding to the N target intermediate identifiers as a true number in operation S603 (e.g., vi = log) _{(D11i*D12i*D13i)} (C11 i C12i C13 i)) to decrypt and obtain the key value of the target query object. For another example, when the first algorithm is multiplication, and the data server 120 obtains the encryption key value by multiplying the intermediate identifier with the corresponding key value, in operation S603, the encryption key values corresponding to the N target intermediate identifiers may be multiplied by each other, and then the multiplied values are multiplied by the power of N to obtain the key value of the target query object through decryption. Specific examples of decryption may refer to the foregoing examples, which are not further enumerated herein.

Therefore, according to the embodiment of the present disclosure, the data query end 110 may hide information of the target query object to be queried by the data query end 110 by parsing the sub-digital identifier from the digital identifier of the target query object and sending the sub-digital identifier to the data server end 120 for querying.

Moreover, in the network link between the data server 120 and the data query 110, even if one or more of the sub-numeric identifiers are leaked or data in the calculation result group returned to the data query 110 is leaked, it is difficult for the outside to reversely deduce the target query object according to the leaked information. And because the key values in the calculation result group are encryption key values, even if the key values are intercepted or leaked in network transmission, the real information of any query object cannot be leaked. Compared with the traditional encrypted transmission mode between the data service end 120 and the data query end 110, the method can better conceal the information of the queried object.

According to the data query method based on the concealed query in the embodiment of the disclosure, when the data query end 110 is an organization such as an enterprise, and the data service end 120 is a utility unit such as electricity, heat, water, or gas data, or a credit rating mechanism, or a database intelligence repository of each industry, and the like, the method can be used for daily operation risk management and control of the enterprise. For example, financial institutions may assess business conditions of their business customers by querying their customers' electricity, heat, water, or gas data to conduct marketing campaigns. Alternatively, the enterprise may query its customers or prospective customers for credit certification information, credit rating information, etc. from a third-party certification authority to better assess the truthful status of its customers or prospective customers, etc. By applying the data query method of the embodiment of the disclosure, the query purpose of the querier can not be revealed, the information of the queried object can not be revealed, and the adverse effects of data disclosure on each party can be avoided while the requirements of marketing wind control and the like of enterprises and organizations are met.

In view of this, the embodiment of the present disclosure further provides a risk management and control method based on the suppressed query. The risk management and control method will be described below with reference to fig. 7 to 13, taking a financial institution as the data query end 110 as an example. It should be noted that the data query method and apparatus determined in the embodiments of the present disclosure may be used in the financial field, and may also be used in any field other than the financial field.

Fig. 7 schematically shows a system architecture of a risk management method according to an embodiment of the present disclosure.

Referring to fig. 7, the business situation of the enterprise can be reflected by the heat consumption of the water and the gas from the power consumption of the enterprise. The marketing wind control business of the financial institution to the enterprise client needs to be evaluated from the business operation condition of the enterprise in the form of the score of the enterprise client. The financial institution can evaluate the business condition of the enterprise from the water and gas heat of the power consumption of the enterprise. In the prior art, when a financial institution acquires electricity, water and gas heat of an enterprise from an electric power enterprise, a water service enterprise, a gas enterprise and a heat power enterprise, the financial institution either directly acquires data of enterprise customers from corresponding public utilities such as electric power, water service, gas heat and the like, or establishes connection with a communication operator through a traditional password technology to encrypt and transmit the data of the enterprise customers. However, not only is there a great risk of data leakage on the data transmission link when the data of the enterprise client is directly transmitted, but also the staff of the utility may know which enterprise client is queried, and may have adverse effects on the financial institution, the enterprise client, and the utility. Through traditional cryptographic technology, mainly can effectively reduce the risk of revealing in the data transmission process, but utility unit's staff also has the opportunity to know which business passenger is inquired. Different from the prior art, the method of the embodiment of the present disclosure may use a financial institution as the data query end 110, and use any one of an electric power enterprise, a water service enterprise, a gas enterprise, or a thermal power enterprise as the data service end 120, and help the financial institution to achieve the purpose of risk management and control in a hidden query manner, and at the same time, greatly reduce the possibility that the information of the queried enterprise customer is known to the outside.

Fig. 8 schematically shows a flow chart of a risk management method according to an embodiment of the present disclosure.

As shown in fig. 8, the risk management method according to this embodiment may include operations S810 to S880.

In operation S810, digital identifications of M customers of a first subject are obtained, where M is an integer greater than or equal to 1, and the M customers include target customers. In the architecture of fig. 7, the first operated entity is a financial institution.

Decomposing the number identifier of each customer based on a first algorithm to obtain N sub-number identifiers corresponding to each customer in operation S820; obtaining M x N sub-number identifications corresponding to the M customers, wherein N is an odd number larger than or equal to 3;

fig. 9 schematically illustrates a schematic diagram of a first venture subject decomposing sub-digital identifications from digital identifications of a plurality of customers in a risk management and control method according to an embodiment of the present disclosure.

For example, the financial institution may combine the digital identifier A1 of the queried business (i.e., the target customer) with the digital identifiers A2 and A3 of a plurality of businesses randomly selected from the business information into a set of business identifiers A1, A2, A3. The randomly extracted identifiers of the plurality of enterprises are used for confusing the query purpose and hiding the digital identifier A1 of the target enterprise.

N sub-numeric identifiers may be resolved from the numeric identifiers of each business in the set of business identifiers A1, A2, A3. As shown in FIG. 9, A1 is decomposed into { A11, A12, A13}, A2 is decomposed into { A21, A22, A23}, and A3 is decomposed into { A31, A32, A33}. The process of resolving the sub-number identifier in operation S820 can refer to the related descriptions in operation S520 and operation S410.

In operation S830, the N sub-number identifications corresponding to each customer are divided into a first class and a second class. Wherein, for each client, the first class comprises [ (N-1)/2 ] +1 sub-number identifiers, and the second class comprises (N-1)/2 sub-number identifiers. Reference may be made specifically to the related description in operation S530 and operation S410 above.

In operation S840, the M × N sub-number identifiers and the classification information of each sub-number identifier are sent to each of R second operation agents to request each second operation agent to perform data query, where R is an integer greater than or equal to 1. In the architecture of fig. 7, the second main business entity may be any one of an electric power enterprise, a water service enterprise, a gas enterprise, and a heating power enterprise. The R second business entities may be one or more or all of an electric power enterprise, a water business enterprise, a gas business enterprise, and a heat power enterprise, and are set according to the analysis needs of the financial institution.

When the M × N sub-digital identifications and the classification information of each sub-digital identification are sent to the second operation main body, the M × N sub-digital identifications and the classification information of each sub-digital identification can be realized in multiple ways; in one embodiment, M × N sub-digital identifiers may be sent in batches according to classification information, where the classification information of each sub-digital identifier is determined according to a sending batch, for example, each batch sends sub-digital identifiers belonging to the same class, the sequence of sub-digital identifiers in each batch may be disturbed, and the time interval between different batches may be long, etc., so as to increase the difficulty of reversely querying object information after intercepting transmission data from the outside; in another embodiment, the classification information of each sub-number identifier can be marked, and the M x N sub-number identifiers are sent after being scrambled; in still other embodiments, the M × N sub-numeric identifiers may be arranged in a particular order, and the classification information of each sub-numeric identifier is identified by the position information of each sub-numeric identifier; for example, the M × N sub-number identifiers may be arranged into one or more sequences, where the determination of the position information as an odd number in each sequence is a first class, and the determination of the position information as an even number is a second class, where the inside of each class may be sent out in a random disordering sequence. According to an embodiment of the present disclosure, operation S840 may implement, on the one hand, the transfer of the classification information of each sub-number identifier, and on the other hand, may hide information of a further target query object through the setting of the sending manner.

In this embodiment, the second business entity serves as the data server 120, and may execute the data query method applied to the data server 120 as described above, perform data query according to the received sub-number identifiers and the classification information of each sub-number identifier, obtain a calculation result group of each sub-number identifier, and return the calculation result group to the data query end 110.

In operation S850, M × N calculation result groups corresponding to the M × N sub-number identifiers one to one are received from the second business entity.

In operation S860, N calculation result groups corresponding to the N sub-number identifications of the target customer are selected from the M × N calculation result groups. And selecting N calculation result groups as N target calculation result groups. For example, in conjunction with the examples of fig. 9 and 3, the calculation result group [ D, C ] corresponding to a11, a12, and a13 is selected from the 3-by-3 calculation result groups] ₁₁ 、[D，C] ₁₂ And [ D, C] ₁₃ 。

In operation S870, key values of the target customers recorded in the second business entity are solved back based on the N target calculation result groups. The principle of the inverse solution process is described with reference to the foregoing description, and one implementation of the inverse solution process may be described with reference to the related description of fig. 6.

In operation S880, the operational risk of the target customer is evaluated based on the key values of the target customer recorded in the R second operational bodies.

For example, when R =1, the second business entity is an electric power enterprise, the business risk of the target customer may be evaluated according to the electricity consumption data (e.g., electricity consumption score) of the target customer. For example, the electricity consumption data of the target customer is compared with the electricity consumption data of the same industry, or the electricity consumption data of the target customer is compared with the electricity consumption data of the past same period, so that whether the target customer has an operation abnormality or not is judged.

For another example, when R is greater than 1, the key values of the target customers recorded in the R second business bodies may be weighted to obtain the composite score of the target customer.

Fig. 10 to 13 respectively illustrate internal structures and interaction processes of the fusion mechanism, the electric power enterprise, the water service enterprise, the gas enterprise, and the heating power enterprise in the risk management and control method.

Specifically, fig. 10 schematically illustrates an interaction schematic of a fusion institution and an electric power enterprise in a risk management and control method according to an embodiment of the present disclosure.

As shown in fig. 10, an enterprise information analysis module 001 is disposed in the financial institution, and the enterprise information analysis module 001 may include an enterprise preprocessing sub-module 101, an enterprise information separation sub-module 102, a result processing sub-module 103, and a result summarizing sub-module 104.

The power enterprise may be provided with a power enterprise verification module 002. The power enterprise verification module 002 may include a power enterprise information analysis sub-module 201 and a power verification calculation sub-module 202.

The enterprise preprocessing sub-module 101 may combine the numeric identifiers of the queried enterprise with the numeric identifiers of multiple enterprises randomly selected from the enterprise information into an enterprise identifier group, such as { A1, A2, A3} shown in fig. 9.

The enterprise information separation sub-module 102 decomposes the digital identifier of each enterprise in the enterprise identifier group into N sub-digital identifiers, forming an enterprise sub-digital identifier group { a11, a12, a13, a21, a22, a23, a31, a32, a33}, where the data may be in a certain order or may be divided into two types when being sent to the electric power company. The first type is a sub-numeric identifier with an odd second index, and the second type is a sub-numeric identifier with an even second index. ) The power verification calculation sub-module 202 is sent to the power company,

the electric power enterprise information analysis submodule 201 of the electric power company stores information according to the digital identifier of the enterprise and the electric power score [ KEY, VALUE ] of the enterprise, for example, { [ B1, v1], [ B2, v2], [ B3, v3], [ B4, v4] } in conjunction with fig. 3. The value of the power score of the enterprise can be statistical data of the power consumption of the enterprise, and can also be a power consumption level score of the enterprise by an electric power company.

The electric power verification calculation sub-module 202 receives the enterprise sub-number identification group, and carries out hiding query calculation on each sub-number identification and each item { B1, B2, B3, B4} in the digital identification score list of the enterprise. With particular reference to the detailed description of the suppressed query process previously described in fig. 4.

The result processing submodule 103 of the financial institution receives the calculation result group and extracts [ D, C ] corresponding to A11, A12, A13] ₁₁ 、[D，C] ₁₂ And [ D, C] ₁₃ 。

Returned from the power enterprise by the financial institution's results processing submodule 103 [ D, C] ₁₁ 、[D，C] ₁₂ And [ D, C] ₁₃ And extracting the calculation result that D11i + D12i + D13i is a preset value.

The result processing submodule 103 of the financial institution obtains a corresponding set of calculation results: and [ D11i, C11i ], [ D12i, C12i ], [ D13i, C13i ], decrypting the power score by using a decryption algorithm through the C11i, the C12i and the C13i, and sending the power score to the result summarizing submodule 104.

Fig. 11 schematically shows an interaction schematic of a fusing institution and a water service enterprise in a risk management and control method according to an embodiment of the present disclosure.

As shown in fig. 11, a water service enterprise verification module 003 is provided in the water service enterprise. The water business verification module 003 can include a water business enterprise information analysis sub-module 301 and a water business verification calculation sub-module 302.

The water affair enterprise information analysis submodule 301 stores information according to the digital identifier of the enterprise and the water affair score [ KEY, VALUE ] of the enterprise.

The water affair verification calculation sub-module 302 receives the enterprise sub-number identifier group sent by the enterprise information separation sub-module 102 in the financial institution, executes the hiding query method described with reference to fig. 4 to obtain a calculation result group corresponding to each sub-number identifier in the enterprise sub-number identifier group, and then sends the calculation result group to the total result processing sub-module 103 of the financial institution.

The result processing sub-module 103 of the financial institution reversely solves the water score of the enterprise A1 to be queried from the received calculation result group, and sends the water score of the enterprise A1 to the result summarizing sub-module 104. The water score value of the enterprise can be the water consumption statistical data of the enterprise, and can also be the water service company's score of the water consumption level of the enterprise, and the like.

Fig. 12 schematically shows an interaction schematic of a melting agency and a gas enterprise in a risk management and control method according to an embodiment of the present disclosure.

As shown in fig. 12, a gas enterprise verification module 004 is provided in the gas enterprise. The gas enterprise verification module 004 may include a gas enterprise information analysis submodule 401 and a gas verification calculation submodule 402.

The gas enterprise information analysis submodule 401 stores information according to the digital identification of the enterprise and the gas score [ KEY, VALUE ] of the enterprise.

The gas verification calculation sub-module 402 receives the enterprise sub-number identifier group sent by the enterprise information separation sub-module 102 in the financial institution, executes the hiding query method described with reference to fig. 4, obtains a calculation result group corresponding to each sub-number identifier in the enterprise sub-number identifier group, and sends the calculation result group to the result processing sub-module 103 in the financial institution.

The result processing submodule 103 of the financial institution reversely solves the gas score of the enterprise A1 to be queried from the received calculation result group, and sends the gas score of the enterprise A1 to the result summarizing submodule 104. The gas score value of the enterprise can be the gas consumption statistical data of the enterprise, and can also be the gas use level score of the enterprise by a water service company.

Fig. 13 schematically shows an interaction schematic of a fusing institution and a thermal enterprise in a risk management and control method according to an embodiment of the disclosure.

As shown in fig. 13, a thermal enterprise verification module 05 is provided in the thermal enterprise. The thermal enterprise verification module 005 may include a thermal enterprise information analysis submodule 501 and a thermal verification calculation submodule 502.

The thermal enterprise information analysis sub-module 501 stores information according to the digital identifier of the enterprise and the thermal score [ KEY, VALUE ] of the enterprise.

The thermal verification calculation sub-module 502 receives the enterprise sub-number identifier group sent by the enterprise information separation sub-module 102 in the financial institution, executes the hiding query method described with reference to fig. 4, obtains a calculation result group corresponding to each sub-number identifier in the enterprise sub-number identifier group, and sends the calculation result group to the total result processing sub-module 103 of the financial institution.

The result processing sub-module 103 of the financial institution reversely resolves the thermal score of the queried enterprise A1 from the received calculation result group, and sends the thermal score of the A1 to the result summarizing sub-module 104. The heating power score value of the enterprise can be statistical data of the heating power consumption of the enterprise, and can also be a score of a heating power company on the heating power consumption level of the enterprise, and the like.

The result summarization sub-module 104 may summarize the queried business A1 power score, water score, gas score, and heating score, four scores may be calculated with a certain weight. For example, with a power score: water score: gas score: thermodynamic score =4:3:2:1, composite score of queried business = power score 0.4+: the water score is 0.3+ the gas score is 0.2+ the heat score is 0.1, and the comprehensive score is used for marketing wind control business of financial institutions.

According to the embodiment of the disclosure, the financial institution can utilize data such as electricity, water, gas and gas of the inquired enterprise from public utilities such as electricity, water, gas and heat, and the like, and integrates the data into the enterprise customer score as the basis for marketing and wind control of the financial institution to the enterprise.

In the inquiry process, the financial institution can process the digital identification of the enterprise through a hidden inquiry technology, and inquire the data of the inquired enterprise such as the electricity, water, gas and electricity from the public service units such as the electricity, water, gas, heat and the like. The inquiry mode is hidden, so that all links including financial institutions and public service units and their managers can not know which enterprise to inquire at all in the inquiry process, and the enterprise to inquire can not be known even if the data transmitted in the inquiry process is stolen, so that the risk of leakage of customer information of the financial institutions is reduced. Therefore, the financial institution can acquire the power, water, gas, heat and other public utilities for risk management and control on the premise of not revealing the information privacy of the enterprise customers. And the willingness of the utility company to cooperate can be improved due to the enhancement of the data privacy security of the financial institution and the utility company.

Fig. 14 schematically shows a block diagram of a data query apparatus 1400 disposed at the data server 120 according to an embodiment of the disclosure.

As shown in fig. 14, the data query apparatus 1400 may include a first receiving module 1410, a first query module 1420, and a first returning module 1430.

The first receiving module 1410 is configured to receive a query request, where the query request includes the first sub-numerical identifier and the classification information of the first sub-numerical identifier; the first sub-numerical identifier is any one of N sub-numerical identifiers decomposed by the numerical identifier of the target query object based on a first algorithm, wherein N is an odd number which is greater than or equal to 3; the N sub-number identifiers are divided into a first class and a second class, wherein the first class comprises [ (N-1)/2 ] +1 sub-number identifiers, and the second class comprises (N-1)/2 sub-number identifiers; the classification information of the first sub-numeric identifier is used for indicating whether the first sub-numeric identifier belongs to the first class or the second class; the first algorithm has a commutative law and a associative law. In one embodiment, the first receiving module 1410 may be configured to perform operation S410 described above.

The first query module 1420 is configured to obtain a calculation result group corresponding to the first sub-numeric identifier by querying records of the S objects in the following processing manner; the records of the S objects comprise numerical identifiers and key values of the S objects, S is an integer larger than 1, and the S objects comprise target query objects. In one embodiment, the first query module 1420 may be configured to perform operations S420 and S430 described above.

In particular, the first query module 1420 may be further configured to include a first query operations sub-module 1421 and a first query encryption sub-module 1422.

The first query operation sub-module 1421 is configured to perform an operation on the digital identifier of each of the S objects by using the first sub-digital identifier based on an algorithm corresponding to the classification information of the first sub-digital identifier, so as to obtain S intermediate identifiers; wherein, the algorithm corresponding to the first class is the inverse operation of the first algorithm, and the algorithm corresponding to the second class is the first algorithm. The first query operation sub-module 1421 may perform the operation S420 described above.

The first query encryption submodule 1422 is configured to obtain an encryption key value corresponding to each intermediate identifier by homomorphic encryption, where each intermediate identifier is used as an encryption parameter, and key values of objects participating in calculation of the intermediate identifier in the S objects are used as encryption objects; and expressing the S intermediate identifications and the encryption key values corresponding to each intermediate identification in a key value pair mode to obtain a calculation result group corresponding to the first sub-digital identification. The first query encrypting sub-module 1422 may perform operation S430 described above.

The first returning module 1430 is configured to feed back the calculation result group corresponding to the first sub-number identifier to the data querying end 110 that issued the query request. After acquiring N calculation result groups corresponding to the N sub-number identifiers one to one, the data query end 110 reversely solves the key value corresponding to the target query object based on the N calculation result groups. In one embodiment, the first return module 1430 may perform the operation S440 described previously.

The data query apparatus 1400 may execute the data query method described with reference to fig. 4, and the specific content of the operations that each module may execute may refer to the foregoing description, which is not described herein again.

Any of the first receiving module 1410, the first querying module 1420, and the first returning module 1430 may be combined into one module to be implemented, or any one of them may be split into a plurality of modules according to an embodiment of the present disclosure. Alternatively, at least part of the functionality of one or more of these modules may be combined with at least part of the functionality of other modules and implemented in one module. According to an embodiment of the present disclosure, at least one of the first receiving module 1410, the first querying module 1420, and the first returning module 1430 may be implemented at least partially as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented in hardware or firmware in any other reasonable manner of integrating or packaging a circuit, or in any one of three implementations of software, hardware, and firmware, or in any suitable combination of any of them. Alternatively, at least one of the first receiving module 1410, the first querying module 1420 and the first returning module 1430 may be implemented at least in part as a computer program module that, when executed, may perform a corresponding function.

Fig. 15 schematically shows a block diagram of a data query apparatus 1500 disposed at the data query end 110 according to an embodiment of the disclosure.

As shown in fig. 15, the data query apparatus 1500 may include a second obtaining module 1510, a second resolving module 1520, a second classifying module 1530, a second request sending module 1540, a second result receiving module 1550, and a second data inverse resolving module 1560.

The second obtaining module 1510 is used for obtaining the digital identification of the target query object. In one embodiment, the second obtaining module 1510 may be configured to perform operation S510 described above.

The second parsing module 1520 is configured to parse the numeric identifier of the target query object based on the first algorithm to obtain N sub-numeric identifiers, where N is an odd number greater than or equal to 3. In one embodiment, the second decomposition module 1520 may be used to perform the operation S520 described previously.

The second classification module 1530 is configured to classify the N sub-number identifiers into a first class and a second class, where the first class includes [ (N-1)/2 ] +1 sub-number identifiers, and the second class includes (N-1)/2 sub-number identifiers. In one embodiment, the second classification module 1530 may be used to perform operation S530 described above.

The second request sending module 1540 is configured to send the N sub-number identifiers and the classification information of each sub-number identifier to the data server 120, so as to request the data server 120 to perform data query. In one embodiment, the second request sending module 1540 may be configured to perform operation S540 described previously.

The second result receiving module 1550 is configured to receive N calculation result groups corresponding to the N sub-number identifiers one to one, which are returned by the data server 120. In one embodiment, the second result receiving module 1550 may be configured to perform the operation S550 described above.

The second data inverse solution module 1560 is configured to inversely solve the key value corresponding to the target query object based on the N calculation result groups. In some embodiments, the second data inverse solution module 1560 may perform the operations 560 described previously.

Specifically, the second data inverse solution module 1560 may be used to: calculating in a trial calculation mode, selecting one intermediate identifier from N calculation result groups each time, and then calculating the selected N intermediate identifiers according to a first algorithm to obtain a calculation result; then stopping trial calculation when the calculation result is a preset value, and selecting N intermediate marks when the calculation result is the preset value as N target intermediate marks, wherein the preset value is a value determined by mutually counteracting the inverse operation of the first algorithm; and decrypting the key value of the target query object based on the encrypted key values corresponding to the N target intermediate identifications.

In some embodiments, the second data inverse model 1560 may also be used to: when homomorphic encryption is power operation with the encrypted object as an exponent and the encryption parameter as a base number, solving the product of the encryption key values corresponding to the N target intermediate identifications as a true number and the product of the N target intermediate identifications as a logarithm of the base number to obtain the key value of the target query object.

The data query apparatus 1500 may execute the data query method described with reference to fig. 5 to 6, and the specific content of the operations that each module may execute may refer to the foregoing description, which is not described herein again.

According to the embodiment of the present disclosure, any multiple of the second obtaining module 1510, the second parsing module 1520, the second classification module 1530, the second request sending module 1540, the second result receiving module 1550, and the second data inverse parsing module 1560 may be combined into one module to be implemented, or any one of them may be split into multiple modules. Alternatively, at least part of the functionality of one or more of these modules may be combined with at least part of the functionality of the other modules and implemented in one module. According to the embodiment of the present disclosure, at least one of the second obtaining module 1510, the second parsing module 1520, the second classification module 1530, the second request sending module 1540, the second result receiving module 1550 and the second data inverse parsing module 1560 may be at least partially implemented as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented by hardware or firmware in any other reasonable manner of integrating or packaging a circuit, or implemented by any one of three implementations of software, hardware and firmware, or by a suitable combination of any several of them. Alternatively, at least one of the second obtaining module 1510, the second resolving module 1520, the second classifying module 1530, the second request sending module 1540, the second result receiving module 1550 and the second data derolving module 1560 may be at least partially implemented as a computer program module, which when executed, may perform a corresponding function.

Fig. 16 schematically shows a block diagram of a risk management device 1600 based on suppressed queries according to an embodiment of the present disclosure.

As shown in fig. 16, the risk management and control apparatus 1600 may include a third obtaining module 1610, a third decomposing module 1620, a third classifying module 1630, a third sending module 1640, a third result receiving module 1650, a third selecting module 1660, a third data inverse decomposing module 1670, and a third evaluating module 1680.

The third obtaining module 1610 is configured to obtain digital identifiers of M customers of the first subject, where M is an integer greater than or equal to 1, and the M customers include target customers. In one embodiment, the third obtaining module 1610 may be configured to perform the operation S810 described above.

The third decomposition module 1620 is configured to decompose the digital identifier of each customer based on the first algorithm to obtain N sub-digital identifiers corresponding to each customer; obtaining M × N sub-digital identifications corresponding to M clients; wherein N is an odd number of 3 or more. In one embodiment, the third decomposition module 1620 may be configured to perform the operation S820 described above.

The third classifying module 1630 is configured to classify the N sub-number identifiers corresponding to each customer into a first class and a second class; wherein, for each customer, the first class comprises [ (N-1)/2 ] +1 sub-numeric identifiers, and the second class comprises (N-1)/2 sub-numeric identifiers. In one embodiment, the third classification module 1630 may be configured to perform operation S830 described above.

The third sending module 1640 is configured to send the M × N sub-digital identifiers and the classification information of each sub-digital identifier to R second business entities, where R is an integer greater than or equal to 1. Each second business entity may be a data server, and is provided with the data query apparatus 1400 as described above. In one embodiment, the third sending module 1640 may be configured to perform operation S840 described above.

Specifically, the third sending module 1640 may send the M × N sub-digital identifiers and the classification information of each sub-digital identifier in any one of the following manners: sending the M by N sub-digital identifications in batches according to the classification information, wherein the classification information of each sub-digital identification is determined according to the sending batches; marking classification information of each sub-number mark, and sending the M × N sub-number marks after disordering the sequence; or arranging the M-N sub-number identifications according to a specific sequence, and identifying the classification information of each sub-number identification through the position information of each sub-number identification.

The third result receiving module 1650 is configured to receive M × N calculation result groups corresponding to M × N sub-number identifiers one-to-one returned by each second operation subject. In one embodiment, the third result receiving module 1650 may perform operation S850 described previously.

The third selecting module 1660 is configured to select N calculation result groups corresponding to the N sub-numeric identifiers of the target customer from the M × N calculation result groups; and selecting N calculation result groups as N target calculation result groups. In one embodiment, the third selection module 1660 may perform operation S860 described above.

The third data inverse solution module 1670 is configured to inverse-solve the key value of the target client recorded in the second business entity based on the N target calculation result groups. In one embodiment, the third data inverse solution module 1670 may perform operation S870 described previously.

The third evaluation module 1680 is configured to evaluate the business risk of the target customer based on the key values of the target customer recorded in the R second business bodies. In one embodiment, third evaluator module 1680 may be used to perform operation S880 described above. Specifically, when R is greater than 1, the third evaluation module 1680 may be configured to weight the key values of the target customers recorded in R second business bodies, so as to obtain a composite score of the target customer.

The risk management device 1600 may be disposed in a first host, such as the financial institution 101 as a data query end. Thus, in an embodiment, the risk management and control apparatus 1600 may be configured to execute the risk management and control method described with reference to fig. 7 to 13, and the details may refer to the foregoing description and are not repeated herein.

According to an embodiment of the present disclosure, any of the three obtaining module 1610, the third decomposing module 1620, the third classifying module 1630, the third sending module 1640, the third result receiving module 1650, the third selecting module 1660, the third data inverse decomposing module 1670 and the third evaluating module 1680 may be combined into one module to be implemented, or any one of them may be split into a plurality of modules. Alternatively, at least part of the functionality of one or more of these modules may be combined with at least part of the functionality of other modules and implemented in one module. According to the embodiment of the present disclosure, at least one of the three obtaining module 1610, the third decomposing module 1620, the third classifying module 1630, the third sending module 1640, the third result receiving module 1650, the third selecting module 1660, the third data inverse decomposing module 1670 and the third evaluating module 1680 may be at least partially implemented as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or may be implemented by hardware or firmware in any other reasonable manner of integrating or packaging a circuit, or implemented by any one of three implementations of software, hardware and firmware, or implemented by a suitable combination of any of them. Alternatively, at least one of the three obtaining module 1610, the third decomposing module 1620, the third classifying module 1630, the third sending module 1640, the third result receiving module 1650, the third selecting module 1660, the third data inverse decomposing module 1670 and the third evaluating module 1680 may be at least partially implemented as a computer program module that can perform corresponding functions when executed.

As shown in fig. 17, an electronic apparatus 1700 according to an embodiment of the present disclosure includes a processor 1701 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 1702 or a program loaded from a storage portion 1708 into a Random Access Memory (RAM) 1703. The processor 1701 may include, for example, a general purpose microprocessor (e.g., CPU), an instruction set processor and/or associated chipset, and/or a special purpose microprocessor (e.g., application Specific Integrated Circuit (ASIC)), among others. The processor 1701 may also include on-board memory for caching purposes. The processor 1701 may include a single processing unit or multiple processing units for performing the different actions of the method flow according to embodiments of the present disclosure.

In the RAM 1703, various programs and data necessary for the operation of the electronic apparatus 1700 are stored. The processor 1701, the ROM1702, and the RAM 1703 are connected to each other by a bus 1704. The processor 1701 performs various operations of the method flow according to the embodiments of the present disclosure by executing programs in the ROM1702 and/or the RAM 1703. Note that the programs may also be stored in one or more memories other than ROM1702 and RAM 1703. The processor 1701 may also perform various operations of method flows according to embodiments of the present disclosure by executing programs stored in the one or more memories.

According to embodiments of the present disclosure, the electronic device 1700 may also include an input/output (I/O) interface 1705, the input/output (I/O) interface 1705 also being connected to the bus 1704. The electronic device 1700 may also include one or more of the following components connected to the I/O interface 1705: an input section 1706 including a keyboard, a mouse, and the like; an output portion 1707 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 1708 including a hard disk and the like; and a communication section 1709 including a network interface card such as a LAN card, a modem, or the like. The communication section 1709 performs communication processing via a network such as the internet. A driver 1710 is also connected to the I/O interface 1705 as needed. A removable medium 1711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 1710 as necessary, so that a computer program read out therefrom is mounted into the storage portion 1708 as necessary.

The present disclosure also provides a computer-readable storage medium, which may be contained in the apparatus/device/system described in the above embodiments; or may exist separately and not be assembled into the device/apparatus/system. The computer-readable storage medium carries one or more programs which, when executed, implement a data query method or a risk management method according to an embodiment of the present disclosure.

According to embodiments of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium, which may include, for example but is not limited to: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. For example, according to embodiments of the present disclosure, a computer-readable storage medium may include the ROM1702 and/or RAM 1703 described above and/or one or more memories other than the ROM1702 and RAM 1703.

Embodiments of the present disclosure also include a computer program product comprising a computer program containing program code for performing the method illustrated by the flow chart. When the computer program product runs in a computer system, the program code is used for causing the computer system to implement the data query method or the risk management and control method provided by the embodiment of the disclosure.

The computer program performs the above-described functions defined in the system/apparatus of the embodiment of the present disclosure when executed by the processor 1701. The systems, apparatuses, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the present disclosure.

In one embodiment, the computer program may be hosted on a tangible storage medium such as an optical storage device, a magnetic storage device, or the like. In another embodiment, the computer program may also be transmitted, distributed as a signal on a network medium, downloaded and installed via the communication portion 1709, and/or installed from the removable medium 1711. The computer program containing program code may be transmitted using any suitable network medium, including but not limited to: wireless, wired, etc., or any suitable combination of the foregoing.

In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 1709 and/or installed from the removable medium 1711. The computer program, when executed by the processor 1701, performs the above-described functions defined in the system of the embodiment of the present disclosure. The systems, devices, apparatuses, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the present disclosure.

In accordance with embodiments of the present disclosure, program code for executing computer programs provided by embodiments of the present disclosure may be written in any combination of one or more programming languages, and in particular, these computer programs may be implemented using high level procedural and/or object oriented programming languages, and/or assembly/machine languages. The programming language includes, but is not limited to, programming languages such as Java, C + +, python, the "C" language, or the like. The program code may execute entirely on the user's computing device, partly on the user's device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).

The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

It will be appreciated by those skilled in the art that various combinations and/or combinations of the features recited in the various embodiments of the disclosure and/or the claims may be made even if such combinations or combinations are not explicitly recited in the disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments of the present disclosure and/or the claims may be made without departing from the spirit and teachings of the present disclosure. All such combinations and/or associations are within the scope of the present disclosure.

The embodiments of the present disclosure have been described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described separately above, this does not mean that the measures in the embodiments cannot be used advantageously in combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be devised by those skilled in the art without departing from the scope of the disclosure, and these alternatives and modifications are intended to fall within the scope of the disclosure.

Claims

1. A data query method based on hiding query is applied to a data server and comprises the following steps:

receiving a query request, wherein the query request comprises a first sub-numerical identifier and classification information of the first sub-numerical identifier; the first sub-numerical identifier is any one of N sub-numerical identifiers decomposed by the numerical identifier of the target query object based on a first algorithm, wherein N is an odd number which is greater than or equal to 3; the N sub-number identifiers are divided into a first class and a second class, wherein the first class comprises [ (N-1)/2 ] +1 sub-number identifiers, and the second class comprises (N-1)/2 sub-number identifiers; the classification information of the first sub-digital identifier is used for indicating whether the first sub-digital identifier belongs to the first class or the second class; the first algorithm has a commutative law and a binding law;

acquiring a calculation result group corresponding to the first sub-digital identifier by inquiring records of the S objects according to the following processing mode; wherein the records of the S objects comprise numerical identifiers and key values of the S objects, S is an integer greater than 1, and the S objects comprise the target query object; the processing mode comprises the following steps:

calculating the digital identifier of each object in the S objects by using the first sub-digital identifiers based on an algorithm corresponding to the classification information of the first sub-digital identifiers to obtain S intermediate identifiers; wherein the algorithm corresponding to the first class is the inverse operation of the first algorithm, and the algorithm corresponding to the second class is the first algorithm; and

taking each intermediate mark as an encryption parameter, taking key values of the objects participating in calculating the intermediate mark in the S objects as encryption objects, and obtaining the encryption key values corresponding to each intermediate mark through homomorphic encryption; representing the S intermediate identifications and the encryption key values corresponding to the intermediate identifications in a key value pair mode to obtain a calculation result group corresponding to the first sub-digital identification;

feeding back a calculation result group corresponding to the first sub-digital identifier to a data query end sending the query request; after acquiring the N calculation result groups corresponding to the N sub-digital identifications one to one, the data query end reversely solves the key value corresponding to the target query object based on the N calculation result groups.

2. The method of claim 1, the first algorithm comprising an addition operation.

3. The method of claim 2, wherein the homomorphic encryption comprises:

and performing power operation by taking the encrypted object as an exponent and the encryption parameter as a base number.

4. A data query method based on hiding query is applied to a data query end and comprises the following steps:

acquiring a digital identifier of a target query object;

decomposing the numerical identifier of the target query object based on a first algorithm to obtain N sub-numerical identifiers, wherein N is an odd number greater than or equal to 3;

dividing the N sub-number identifications into a first class and a second class, wherein the first class comprises [ (N-1)/2 ] +1 sub-number identifications, and the second class comprises (N-1)/2 sub-number identifications;

sending the N sub-digital identifications and the classification information of each sub-digital identification to a data server to request the data server to perform data query according to the method of claim 1;

receiving N calculation result groups which are returned by the data server and correspond to the N sub-digital identifications one to one; and

and reversely solving the key value corresponding to the target query object based on the N calculation result groups.

5. The method of claim 4, wherein said back-solving key values corresponding to the target query object based on the N computation result sets comprises:

the following calculations were performed in a trial manner: selecting one intermediate identifier from the N calculation result groups each time, and then calculating the selected N intermediate identifiers according to the first algorithm to obtain calculation results;

stopping trial calculation when the calculation result is a preset value, and selecting N intermediate identifiers when the calculation result is the preset value as N target intermediate identifiers; the predetermined value is a value determined by offsetting the first algorithm and the inverse operation thereof; and

and decrypting the key value of the target query object based on the encrypted key values corresponding to the N target intermediate identifications.

6. The method of claim 5, wherein the first algorithm is an addition and the predetermined value is zero.

7. The method of claim 6, wherein the decrypting the key value of the target query object based on the encryption key values corresponding to the N target intermediate identifications comprises:

and when the homomorphic encryption is a power operation with the encrypted object as an exponent and the encryption parameter as a base number, solving a product of the encryption key values corresponding to the N target intermediate identifications as a true number, and taking the product of the N target intermediate identifications as a logarithm of the base number to obtain a key value of the target query object.

8. A risk control method based on concealed query is applied to a first subject, and comprises the following steps:

acquiring digital identifications of M customers of the first subject, wherein M is an integer greater than or equal to 1, and the M customers comprise target customers;

decomposing the digital identification of each customer based on a first algorithm to obtain N sub-digital identifications corresponding to each customer; obtaining M × N sub-digital identifications corresponding to the M clients; wherein N is an odd number greater than or equal to 3;

dividing the N sub-number identifications corresponding to each customer into a first class and a second class; wherein, for each customer, the first class comprises [ (N-1)/2 ] +1 sub-number identifiers, and the second class comprises (N-1)/2 sub-number identifiers;

sending the M by N sub-digital identifications and the classification information of each sub-digital identification to each of R second business bodies to request each second business body to perform data query according to the method of claim 1, wherein R is an integer greater than or equal to 1;

receiving M x N calculation result groups which are returned by the second operation main body and correspond to the M x N sub-digital identifications one by one;

selecting N calculation result groups corresponding to the N sub-number identifications of the target customer from the M x N calculation result groups; selecting N calculation result groups as N target calculation result groups;

reversely solving key values of the target customers recorded in the second business main body based on the N target calculation result groups; and

and evaluating the business risk of the target client based on the key values of the target client recorded in the R second business bodies.

9. The method of claim 8, wherein the back-solving key values of the target customers recorded in the second business entity based on the N target calculation result sets comprises:

the following calculations were performed in a trial manner: selecting one intermediate identifier from the N target calculation result groups each time, and then calculating the selected N intermediate identifiers according to a first algorithm to obtain a calculation result;

stopping trial calculation when the calculation result is a preset value, and selecting N intermediate marks when the calculation result is a fixed value as N target intermediate marks; the predetermined value is a value determined by offsetting the first algorithm and the inverse operation thereof;

and decrypting key values of the target client based on the encrypted key values corresponding to the N target intermediate identifications.

10. The method of claim 9, wherein the first algorithm is an addition and the predetermined value is zero.

11. The method of claim 10, wherein the decrypting the key value of the target client based on the encryption key values corresponding to the N target intermediate identifications comprises:

and when the homomorphic encryption is a power operation with the encrypted object as an exponent and the encryption parameter as a base number, solving a product of the encryption key values corresponding to the N target intermediate identifiers as a true number, and taking the product of the N target intermediate identifiers as a logarithm of the base number to obtain the key value of the target client.

12. The method of claim 8, wherein the sending the M x N sub-digital identifiers and the classification information for each sub-digital identifier to each of the R second business entities comprises sending in any one of:

sending the M by N sub-digital identifications in batches according to classification information, wherein the classification information of each sub-digital identification is determined according to the sending batches;

marking classification information of each sub-number identifier, and sending the M × N sub-number identifiers after disordering the sequence; or

And arranging the M x N sub-number identifications according to a specific sequence, and identifying the classification information of each sub-number identification through the position information of each sub-number identification.

13. The method of claim 8, wherein when R is greater than 1, the evaluating the operational risk of the target customer based on the key values of the target customer recorded in the R second business bodies comprises:

and weighting the key values of the target customers recorded in the R second business bodies to obtain the comprehensive scores of the target customers.

14. The method of claim 8, wherein,

the first operated subject comprises a financial institution; and

and R second business bodies comprise at least one of an electric power enterprise, a water business enterprise, a heating power enterprise or a gas enterprise.

15. A data inquiry device based on secret inquiry is arranged at a data server and comprises:

the device comprises a first receiving module, a second receiving module and a query processing module, wherein the first receiving module is used for receiving a query request which comprises a first sub-digital identifier and classification information of the first sub-digital identifier; the first sub-number identification is any one of N sub-number identifications decomposed by the number identification of the target query object based on a first algorithm, wherein N is an odd number which is greater than or equal to 3; the N sub-number identifiers are divided into a first class and a second class, wherein the first class comprises [ (N-1)/2 ] +1 sub-number identifiers, and the second class comprises (N-1)/2 sub-number identifiers; the classification information of the first sub-digital identifier is used for indicating whether the first sub-digital identifier belongs to the first class or the second class; the first algorithm has a commutative law and a binding law;

the first query module is used for obtaining a calculation result group corresponding to the first sub-digital identifier by querying records of the S objects according to the following processing mode; wherein the records of the S objects include numerical identifiers and key values of the S objects, S is an integer greater than 1, and the S objects include the target query object; the first query module specifically includes:

the first query operation sub-module is used for utilizing the first sub-numerical identifier to perform operation on the numerical identifier of each object in the S objects based on an operation rule corresponding to the classification information of the first sub-numerical identifier to obtain S intermediate identifiers; wherein the algorithm corresponding to the first class is the inverse operation of the first algorithm, and the algorithm corresponding to the second class is the first algorithm; and

the first query encryption sub-module is used for taking each intermediate identifier as an encryption parameter, taking key values of the objects which participate in calculating the intermediate identifier in the S objects as encryption objects, and obtaining the encryption key values corresponding to each intermediate identifier through homomorphic encryption; the S intermediate identifications and the encryption key values corresponding to each intermediate identification are expressed in a key value pair mode to obtain a calculation result group corresponding to the first sub-digital identification;

the first returning module is used for feeding back the calculation result group corresponding to the first sub-digital identifier to a data query end which sends the query request; after acquiring the N calculation result groups corresponding to the N sub-digital identifications one to one, the data query end reversely solves the key value corresponding to the target query object based on the N calculation result groups.

16. A data query device based on hiding query is arranged at a data query end and comprises:

the second acquisition module is used for acquiring the digital identifier of the target query object;

the second decomposition module is used for decomposing the digital identifier of the target query object based on the first algorithm to obtain N sub-digital identifiers, wherein N is an odd number which is greater than or equal to 3;

the second classification module is used for classifying the N sub-number identifiers into a first class and a second class, wherein the first class comprises [ (N-1)/2 ] +1 sub-number identifiers, and the second class comprises (N-1)/2 sub-number identifiers;

a second request sending module, configured to send the N sub-digital identifiers and the classification information of each sub-digital identifier to a data server, so as to request the data server to perform data query by using the apparatus of claim 15 disposed therein;

the second result receiving module is used for receiving N calculation result groups which are returned by the data server and correspond to the N sub-digital identifications one by one; and

and the second data inverse solution module is used for inversely solving the key values corresponding to the target query object based on the N calculation result groups.

17. A risk management and control device based on concealed query is arranged on a first operated main body and comprises:

a third obtaining module, configured to obtain digital identifiers of M customers of the first subject, where M is an integer greater than or equal to 1, and the M customers include target customers;

the third decomposition module is used for decomposing the digital identifier of each client based on the first algorithm to obtain N sub-digital identifiers corresponding to each client; obtaining M × N sub-number identifiers corresponding to M customers; wherein N is an odd number greater than or equal to 3;

the third classification module is used for classifying the N sub-number identifications corresponding to each customer into a first class and a second class; wherein, for each customer, the first class comprises [ (N-1)/2 ] +1 sub-numeric identifiers and the second class comprises (N-1)/2 sub-numeric identifiers;

a third sending module, configured to send the M × N sub-digital identifiers and the classification information of each sub-digital identifier to each of R second operation bodies, where R is an integer greater than or equal to 1;

a third result receiving module, configured to receive M × N calculation result groups corresponding to the M × N sub-digital identifiers one to one, returned by each of the second business entities after performing data query using the apparatus of claim 15 disposed therein;

a third selection module, configured to select N calculation result groups corresponding to the N sub-numeric identifiers of the target customer from the M × N calculation result groups; selecting N calculation result groups as N target calculation result groups;

a third data inverse solution module, configured to inversely solve the key value of the target customer recorded in the second business main body based on the N target calculation result groups;

and the third evaluation module is used for evaluating the operation risk of the target customer based on the key values of the target customer recorded in the R second operation bodies.

18. An electronic device, comprising:

one or more processors;

a memory for storing one or more programs,

wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform: the data query method of any one of claims 1 to 3, or the data query method of any one of claims 4 to 7, or the risk management method of any one of claims 8 to 14.

19. A computer readable storage medium having computer program instructions stored thereon which, when executed by a processor, implement: the data query method of any one of claims 1 to 3, or the data query method of any one of claims 4 to 7, or the risk management method of any one of claims 8 to 14.

20. A computer program product comprising computer program instructions which, when executed by a processor, implement: the data query method of any one of claims 1 to 3, or the data query method of any one of claims 4 to 7, or the risk management method of any one of claims 8 to 14.