CN115603921A - Method and device for private computing multi-network resource cooperation - Google Patents

Method and device for private computing multi-network resource cooperation Download PDF

Info

Publication number
CN115603921A
CN115603921A CN202110704995.XA CN202110704995A CN115603921A CN 115603921 A CN115603921 A CN 115603921A CN 202110704995 A CN202110704995 A CN 202110704995A CN 115603921 A CN115603921 A CN 115603921A
Authority
CN
China
Prior art keywords
node
network
management node
registration information
user node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110704995.XA
Other languages
Chinese (zh)
Inventor
应鹏飞
李漓春
李翰林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202110704995.XA priority Critical patent/CN115603921A/en
Priority to PCT/CN2022/093769 priority patent/WO2022267768A1/en
Publication of CN115603921A publication Critical patent/CN115603921A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2539Hiding addresses; Keeping addresses anonymous
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/255Maintenance or indexing of mapping tables
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Telephonic Communication Services (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the specification provides a method and a device for private computing multi-network resource collaboration, wherein the multi-network comprises a first network and a second network, the first network is provided with a first management node, the second network is provided with a second management node, and the method comprises the following steps: a first management node sends a subscription request message to a second management node, wherein the subscription request message is used for requesting to obtain a registration information list of each user node registered to the second management node; receiving a feedback message from the second management node, the feedback message including a list of registration information; and responding to a query request message of a first user node in the first network to a second user node in the second network, returning registration information of the second user node to the first user node according to the registration information list, and carrying out privacy calculation on the first user node and the second user node according to the registration information. Cross-network access between user nodes can be implemented in privacy computing.

Description

Method and device for private computation multi-network resource collaboration
Technical Field
One or more embodiments of the present specification relate to the field of computers, and more particularly, to a method and apparatus for private computing multi-network resource collaboration.
Background
The secure multi-party computation is also called multi-party secure computation, namely, a plurality of parties compute the result of a function together without revealing the input data of each party of the function, and the computed result is disclosed to one or more parties. Where the input data of the parties is often private data.
Accordingly, improved schemes for enabling cross-network access between user nodes in privacy computing are desirable.
Disclosure of Invention
One or more embodiments of the present specification describe a method and apparatus for private computing multi-network resource collaboration, which can implement cross-network access between user nodes in private computing.
In a first aspect, a method for privacy computing multi-network resource coordination is provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and the method is performed by the first management node, and includes:
sending a subscription request message to the second management node, wherein the subscription request message is used for requesting to obtain a registration information list of each user node registered to the second management node;
receiving a feedback message from the second management node, the feedback message containing the list of registration information;
and responding to a query request message of a first user node in the first network to a second user node in the second network, returning registration information of the second user node to the first user node according to the registration information list, and performing privacy calculation on the first user node and the second user node according to the registration information.
In a possible implementation, after receiving the feedback message from the second management node, the method further includes:
receiving an update message from the second management node, the update message containing update information for the registration information list;
and updating the registration information list according to the updating information.
In a possible implementation manner, the registration information list includes the registration information of the second user node; and when the second user node joins the second network, registering the registration information of the second user node with the second management node.
In a possible implementation manner, the registration information includes a node identifier and an Internet Protocol (IP) address of the corresponding user node, and the query request message includes a node identifier of the second user node; the returning of the registration information of the second user node to the first user node according to the registration information list comprises:
inquiring an IP address of a second user node from the registration information list according to the node identifier of the second user node;
and returning the IP address of the second user node to the first user node.
In a second aspect, a method for privacy computing multi-network resource coordination is provided, the multi-network including a first network having a first management node and a second network having a second management node, the method comprising:
the first management node sends a subscription request message to the second management node, wherein the subscription request message is used for requesting to obtain a registration information list of each user node registered to the second management node;
the first management node receiving a feedback message from the second management node, the feedback message including the registration information list;
a first user node in the first network sends a query request message aiming at a second user node in the second network to the first management node;
the first management node responds to the inquiry request message and returns the registration information of the second user node to the first user node according to the registration information list;
and the first user node performs privacy calculation with the second user node according to the registration information.
In a possible implementation, the registration information of the second user node includes a node identifier, a network protocol IP address and a public key of the second user node;
the first user node and the second user node perform privacy calculation according to the registration information, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by using the public key based on the communication connection and performs multiparty privacy calculation.
In a third aspect, a method for privacy computation of multi-network resource coordination is provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and a multi-network management node stores registration information of the first management node and the second management node, and the method is performed by the first management node and includes:
receiving a first query request message of a first user node in the first network aiming at a second user node in the second network;
responding to the first query request message, sending a second query request message aiming at the second management node to the multi-network management node, and acquiring the registration information of the second management node from the multi-network management node;
acquiring the registration information of the second user node from the second management node according to the registration information of the second management node;
and sending a feedback message to the first user node, wherein the feedback message comprises the registration information of the second user node, and the feedback message and the second user node are enabled to carry out privacy calculation according to the registration information.
In a possible implementation manner, the obtaining, from the second management node, the registration information of the second user node according to the registration information of the second management node includes:
sending a query request message aiming at the second user node to the second management node according to the communication connection information of the second management node;
receiving a response message from the second management node, the response message including registration information of the second user node.
In a fourth aspect, a method for privacy computing multi-network resource coordination is provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and a multi-network management node stores registration information of the first management node and the second management node, and the method includes:
a first user node in the first network sends a first query request message aiming at a second user node in the second network to the first management node;
the first management node responds to the first query request message, sends a second query request message aiming at the second management node to the multi-network management node, and acquires the registration information of the second management node from the multi-network management node;
the first management node acquires the registration information of the second user node from the second management node according to the registration information of the second management node;
the first management node sends a feedback message to the first user node, wherein the feedback message comprises registration information of the second user node;
and the first user node and the second user node perform privacy calculation according to the registration information.
In a possible implementation, the registration information of the second user node includes a node identifier, a network protocol IP address and a public key of the second user node;
the first user node and the second user node perform privacy calculation according to the registration information, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by utilizing the public key based on the communication connection and performs multi-party privacy calculation.
In a fifth aspect, a method for privacy computation multi-network resource coordination is provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and a multi-network management node stores registration information of the first management node and the second management node, and the method is performed by the first management node and includes:
receiving a first query request message of a first user node in the first network aiming at the second management node;
responding to the first query request message, sending a second query request message aiming at the second management node to the multi-network management node, and acquiring the registration information of the second management node from the multi-network management node;
and sending a feedback message to the first user node, wherein the feedback message comprises the registration information of the second management node, so that the feedback message acquires the registration information of the second user node in the second network from the second management node according to the registration information of the second management node, and performs privacy calculation on the second user node according to the registration information of the second user node.
In a sixth aspect, a method for privacy computation multi-network resource coordination is provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and a multi-network management node stores registration information of the first management node and the second management node, and the method includes:
a first user node in the first network sends a first query request message aiming at the second management node to the first management node;
the first management node responds to the first query request message, sends a second query request message aiming at the second management node to the multi-network management node, and acquires the registration information of the second management node from the multi-network management node;
the first management node sends a feedback message to the first user node, wherein the feedback message comprises registration information of the second management node;
and the first user node acquires the registration information of a second user node in the second network from the second management node according to the registration information of the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
In a possible implementation manner, the acquiring, by the first user node, the registration information of the second user node in the second network from the second management node according to the registration information of the second management node includes:
the first user node sends a query request message aiming at the second user node to the second management node according to the communication connection information of the second management node;
the first user node receives a response message from the second management node, the response message including registration information of the second user node.
In a possible implementation, the registration information of the second user node includes a node identifier, a network protocol IP address, and a public key of the second user node;
the first user node and the second user node perform privacy calculation according to the registration information, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by using the public key based on the communication connection and performs multiparty privacy calculation.
In a seventh aspect, a method for privacy computation of multi-network resource coordination is provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and a multi-network management node stores registration information of multiple management nodes including the first management node and the second management node, and the method is performed by the first management node and includes:
sending a synchronization request message to the multi-network management node, and acquiring respective registration information of the plurality of management nodes from the multi-network management node;
receiving a query request message from a first user node in the first network, wherein the query request message is used for requesting to acquire registration information of the second management node;
and sending a response message to the first user node, wherein the response message contains the registration information of the second management node, so that the response message acquires the registration information of the second user node in the second network from the second management node according to the registration information of the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
In an eighth aspect, a method for privacy computing multi-network resource coordination is provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and the multi-network management node stores registration information of a plurality of management nodes including the first management node and the second management node, and the method includes:
the first management node sends a synchronization request message to the multi-network management node, and acquires respective registration information of the management nodes from the multi-network management node;
a first user node in the first network sends a query request message to the first management node, wherein the query request message is used for requesting to acquire registration information of the second management node;
the first management node sends a response message to the first user node, wherein the response message contains the registration information of the second management node;
and the first user node acquires the registration information of a second user node in the second network from the second management node according to the registration information of the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
In a possible implementation manner, the acquiring, by the first user node, the registration information of the second user node in the second network from the second management node according to the registration information of the second management node includes:
the first user node sends a query request message aiming at the second user node to the second management node according to the communication connection information of the second management node;
the first user node receives a response message from the second management node, the response message including registration information of the second user node.
In a possible implementation, the registration information of the second user node includes a node identifier, a network protocol IP address, and a public key of the second user node;
the first user node performs privacy calculation with the second user node according to the registration information of the second user node, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by utilizing the public key based on the communication connection and performs multi-party privacy calculation.
In a ninth aspect, an apparatus for private computing multi-network resource coordination is provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and the apparatus is disposed at the first management node and includes:
a sending unit, configured to send a subscription request message to the second management node, where the subscription request message is used to request to obtain a registration information list of each user node registered to the second management node;
a receiving unit, configured to receive a feedback message from the second management node, where the feedback message includes the registration information list;
the sending unit is further configured to, in response to a query request message from a first user node in the first network to a second user node in the second network, return registration information of the second user node to the first user node according to the registration information list received by the receiving unit, so that the first user node and the second user node perform privacy calculation according to the registration information.
In a tenth aspect, an apparatus for privacy computing multi-network resource coordination is provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and the multi-network management node stores registration information of the first management node and the second management node, and the apparatus is provided in the first management node, and includes:
a receiving unit, configured to receive a first query request message for a first user node in the first network to a second user node in the second network;
a first obtaining unit, configured to send, in response to the first query request message received by the receiving unit, a second query request message for the second management node to the multi-network management node, and obtain registration information of the second management node from the multi-network management node;
a second obtaining unit, configured to obtain, according to the registration information of the second management node obtained by the first obtaining unit, registration information of the second user node from the second management node;
and the sending unit is used for sending a feedback message to the first user node, wherein the feedback message comprises the registration information of the second user node acquired by the second acquiring unit, and the feedback message and the second user node are subjected to privacy calculation according to the registration information.
In an eleventh aspect, an apparatus for private computing multi-network resource coordination is provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and a multi-network management node stores registration information of the first management node and the second management node, and the apparatus is disposed at the first management node and includes:
a receiving unit, configured to receive a first query request message for a second management node by a first user node in the first network;
an obtaining unit, configured to send, in response to the first query request message received by the receiving unit, a second query request message for the second management node to the multi-network management node, and obtain registration information of the second management node from the multi-network management node;
a sending unit, configured to send a feedback message to the first user node, where the feedback message includes the registration information of the second management node obtained by the obtaining unit, so that the sending unit obtains, according to the registration information of the second management node, the registration information of the second user node in the second network from the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
In a twelfth aspect, an apparatus for private computing multi-network resource coordination is provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and a multi-network management node stores registration information of a plurality of management nodes including the first management node and the second management node, the apparatus is provided in the first management node, and includes:
a synchronization unit, configured to send a synchronization request message to the multi-network management node, and acquire registration information of each of the plurality of management nodes from the multi-network management node;
a receiving unit, configured to receive an inquiry request message from a first user node in the first network, where the inquiry request message is used to request to acquire registration information of the second management node;
a sending unit, configured to send a response message to the first user node, where the response message includes registration information of the second management node, so that the response message obtains, according to the registration information of the second management node, registration information of a second user node in the second network from the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
In a thirteenth aspect, there is provided a computer readable storage medium having stored thereon a computer program which, when executed in a computer, causes the computer to perform the method of any of the first to eighth aspects.
In a fourteenth aspect, a computing device is provided, comprising a memory having executable code stored therein and a processor that, when executing the executable code, implements the method of any of the first to eighth aspects.
By the method and the device provided by the embodiments of the present specification, in an embodiment, each of a plurality of networks has its own management node, each management node has a registration information list of each user node in the network, and the management nodes of different networks can subscribe to the registration information of a user node in the other network, so that a first user node in a first network can query, through the management node of the network, to obtain the registration information of a second user node in a second network, and perform privacy calculation according to the registration information and the second user node. As can be seen from the above, in the embodiments of the present specification, cross-network access between user nodes can be implemented in privacy computation by managing registration information of each user node in a self-synchronization manner between the nodes.
In another embodiment, each of the multiple networks has a respective management node, each management node has a registration information list of each user node in the network, on this basis, the multiple network management node stores the registration information of each management node, the first management node may, in response to a query request from a first user node in the first network to a second user node in the second network, obtain the registration information of the second management node from the multiple network management node, then obtain the registration information of the second user node from the second management node according to the registration information of the second management node, and finally send a feedback message to the first user node, where the feedback message includes the registration information of the second user node, so that the feedback message performs privacy calculation with the second user node according to the registration information. As can be seen from the above, in the embodiments of the present specification, registration information of each management node is stored by using a multi-network management node, so that the management nodes can communicate with each other, and thus a first management node can obtain registration information of a second user node from a second management node, and cross-network access between the user nodes can be implemented in privacy computation.
In another embodiment, each of the multiple networks has a respective management node, each management node has a registration information list of each user node in the network, on this basis, the multiple network management node stores the registration information of each management node, and the first management node may, in response to a query request of a first user node in the first network to a second user node in the second network, obtain the registration information of the second management node from the multiple network management node, send the registration information of the second management node to the first user node, so that it obtains the registration information of the second user node in the second network from the second management node according to the registration information of the second management node, and perform privacy calculation with the second user node according to the registration information of the second user node. As can be seen from the above, in the embodiments of the present specification, the registration information of each management node is stored by using a multi-network management node, so that the first user node and the second management node can communicate with each other, and further, the first user node can obtain the registration information of the second user node from the second management node, and cross-network access between the user nodes can be realized in privacy computation.
In another embodiment, each of the multiple networks has a respective management node, each management node has a registration information list of each user node in the network, on this basis, the multiple network management node stores the registration information of each management node, the first management node first obtains the respective registration information of the multiple management nodes from the multiple network management node, then responds to a query request of the first user node in the first network for the second management node, sends the registration information of the second management node to the first user node, so that the first management node obtains the registration information of the second user node in the second network from the second management node according to the registration information of the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node. As can be seen from the above, in the embodiments of the present specification, registration information of each management node is stored by using a multi-network management node, and a first management node may synchronize the registration information of each management node in the multi-network management node, so that a first user node can obtain registration information of a second management node from the first management node, and further, the first user node may communicate with the second management node, so that the first user node can obtain registration information of the second user node from the second management node, and cross-network access between user nodes can be implemented in privacy computation.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the description below are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic diagram of an implementation scenario of an embodiment disclosed in the present specification;
FIG. 2 illustrates a method interaction diagram for private computing multi-network resource collaboration, according to one embodiment;
FIG. 3 is a schematic diagram illustrating an implementation scenario of another embodiment disclosed in the present specification;
FIG. 4 illustrates a method interaction diagram for private computing multi-network resource collaboration in accordance with another embodiment;
FIG. 5 illustrates a method interaction diagram for private computing multi-network resource collaboration in accordance with another embodiment;
FIG. 6 illustrates a method interaction diagram for private computing multi-network resource collaboration in accordance with another embodiment;
FIG. 7 illustrates a schematic block diagram of an apparatus to privacy-computing multi-network resource collaboration in accordance with one embodiment;
FIG. 8 illustrates a schematic block diagram of an apparatus to privacy-computing multi-network resource collaboration in accordance with another embodiment;
FIG. 9 illustrates a schematic block diagram of an apparatus to privacy-computing multi-network resource collaboration in accordance with another embodiment;
FIG. 10 illustrates a schematic block diagram of an apparatus to privacy compute multi-network resource collaboration in accordance with another embodiment.
Detailed Description
The scheme provided by the specification is described in the following with reference to the attached drawings.
Fig. 1 is a schematic view of an implementation scenario of an embodiment disclosed in this specification. The implementation scenario relates to private computing multi-network resource collaboration, wherein private computing is computing involving private data, generally secure multi-party computing, which needs to be protected from disclosure. In the privacy computation, safe multi-party computation can be performed in a plurality of independent networks, a plurality of user nodes in the same network can spontaneously organize data cooperation, but the data cooperation among the multiple networks cannot be performed, and cross-network access among the user nodes cannot be realized. Referring to fig. 1, a network 1 and a network 2 are two independent networks, the network 1 having a management node 1, a user node 3, and a user node 5, and the network 2 having a management node 2, a user node 4, a user node 6, and a user node 8. The management node 1 has registration information of each user node in the network 1, and the user node in the network 1 can obtain the registration information of other user nodes in the network from the management node 1, so that the other user nodes perform secure multiparty computation, for example, the user node 1 and the user node 3 perform secure multiparty computation, or the user node 3 and the user node 5 perform secure multiparty computation. The management node 2 has registration information of each user node in the network 2, and the user node in the network 2 can obtain the registration information of other user nodes in the network from the management node 2, so that the other user nodes perform secure multiparty computation, for example, the user node 2 and the user node 4 perform secure multiparty computation, or the user node 4, the user node 6 and the user node 8 perform multiparty secure computation. Generally, since the network 1 and the network 2 are independent of each other, secure multiparty computation cannot be performed between the user nodes belonging to the two networks, for example, the user node 1 and the user node 2 cannot perform secure multiparty computation generally, which is not favorable for cooperative utilization of multiple network resources. In the embodiment of the specification, a solution is provided for multi-network resource cooperation of privacy computing, and cross-network access among user nodes can be realized in the privacy computing by automatically synchronizing the registration information of each user node among management nodes.
It will be appreciated that the private data may be any data that is not convenient to disclose, and may be, but is not limited to, data representing personal information of the user, or trade secrets or the like.
Fig. 2 shows an interaction diagram of a method for privacy computation multi-network resource coordination according to an embodiment, which may be based on the implementation scenario shown in fig. 1, the multi-network including a first network having a first management node and a second network having a second management node. As shown in fig. 2, the method for privacy computation multi-network resource collaboration in this embodiment includes the following steps: step 21, a first management node sends a subscription request message to a second management node, where the subscription request message is used to request to obtain a registration information list of each user node registered to the second management node; step 22, the first management node receives a feedback message from the second management node, where the feedback message includes the registration information list; step 23, a first user node in a first network sends a query request message for a second user node in the second network to the first management node; step 24, the first management node responds to the query request message, and returns the registration information of the second user node to the first user node according to the registration information list; and step 25, the first user node and the second user node perform privacy calculation according to the registration information. Specific execution modes of the above steps are described below.
First, in step 21, a first management node sends a subscription request message to a second management node, where the subscription request message is used to request to obtain a registration information list of each user node registered to the second management node. It may be understood that the first user node may be regarded as an initiator of privacy calculation, the first management node is a management node of a network where the initiator is located, the second user node may be regarded as a participant of privacy calculation, the second management node is a management node of a network where the participant is located, there may be one or more participants of privacy calculation, when there are multiple participants, the management node of the network where each participant is located is the second management node, and the first management node may send the subscription request message to the management node of the network where each participant is located, respectively.
In one example, the registration information list includes registration information of the second user node; and when the second user node joins the second network, registering the registration information of the second user node with the second management node.
The first management node then receives a feedback message from the second management node, the feedback message containing the list of registration information, step 22. It can be understood that, after receiving the foregoing subscription request message, the second management node may query a registration information list stored by itself, and transmit the registration information list to the first management node through a feedback message.
In one example, after the first management node receives a feedback message from the second management node, the method further comprises:
the first management node receives an update message from the second management node, wherein the update message contains update information of the registration information list;
and the first management node updates the registration information list according to the updating information.
It is understood that the registration information list includes the respective registration information of a plurality of user nodes in the second network, and the addition, the decrease or the change of the registration information may occur in the second network, for example, the registration information list included in the feedback message shows that the second network includes the user node 2 and the user node 4, and after a period of time, the user node 6 is newly added in the second network. The registration information list in the second management node is updated, and accordingly, the registration information list obtained by the first management node is also updated, and the second management node may send the updated complete registration information list to the first management node, or send only update information indicating which changes have occurred in the registration information list to the first management node, so that the registration information list in the first management node and the registration information list in the second management node are updated synchronously.
Next, in step 23, the first user node in the first network sends a query request message to the first management node for the second user node in the second network. It is understood that the first user node may query not only the user node in the first network through the first management node, but also the user node in the second network.
In the last step 24, the first management node returns the registration information of the second user node to the first user node according to the registration information list in response to the query request message. It can be understood that the registration information list includes the registration information of the second user node, and the first management node may query the registration information list to obtain the registration information of the second user node.
In one example, the registration information includes a node identifier and an Internet Protocol (IP) address of the corresponding user node, and the query request message includes a node identifier of the second user node; the returning of the registration information of the second user node to the first user node according to the registration information list comprises:
inquiring an IP address of a second user node from the registration information list according to the node identifier of the second user node;
and returning the IP address of the second user node to the first user node.
Finally, in step 25, the first user node performs privacy calculation with the second user node according to the registration information. It is understood that the registration information generally includes communication connection information, such as an IP address, of the user node, and the first user node can perform a communication connection with the second user node according to the communication connection information, and perform privacy calculation based on the communication connection.
Optionally, the registration information further includes a public key of the user node, so that the first user node can verify the digital signature of the second user node by using the public key, or decrypt the received data encrypted by using the private key of the second user node by using the public key of the second user node.
In one example, the registration information of the second user node includes a node identification, a network protocol, IP, address, and a public key of the second user node;
the first user node performs privacy calculation with the second user node according to the registration information, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by utilizing the public key based on the communication connection and performs multi-party privacy calculation. The foregoing step 21 and step 22 provide a process in which the first management node acquires a registration information list from the second management node, where the registration information list is a registration information list of each user node registered with the second management node, so that a subsequent user node in the first network can query the first management node for registration information of a user node in the second network; similarly, the second management node may obtain, from the first management node, a registration information list of each user node registered with the first management node, so that a subsequent user node in the second network may query the second management node for registration information of the user node in the first network.
In this embodiment of the present description, a synchronous update is required for a situation that a registration information list may change, and if a communication connection between a first management node and a second management node is disconnected and a disconnection time is less than a preset threshold, the first user node may cooperate with a second user node through registration information of the second user node stored in a local cache. And if the communication connection between the first management node and the second management node is disconnected and the disconnection time is greater than or equal to the preset threshold value, the communication connection is considered to be completely disconnected, and the cooperation of the first user node and the second user node is interrupted.
According to the method provided by the embodiment of the specification, each network in the multiple networks has a respective management node, each management node has a registration information list of each user node in the network, and the management nodes of different networks can subscribe the registration information of the user node in the other network, so that a first user node in a first network can inquire the registration information of a second user node in a second network through the management node of the first network, and the first user node and the second user node perform privacy calculation according to the registration information. As can be seen from the above, in the embodiments of the present specification, cross-network access between user nodes can be implemented in privacy computation by managing registration information of each user node in a self-synchronization manner between the nodes.
Fig. 3 is a schematic view of an implementation scenario of another embodiment disclosed in this specification. The implementation scenario relates to private computing multi-network resource collaboration, wherein private computing is computing involving private data, generally secure multi-party computing, which needs to be protected from disclosure. Referring to fig. 3, a network 1 and a network 2 are two independent networks, the network 1 has a management node 1, a user node 3 and a user node 5, the network 2 has a management node 2, a user node 4, a user node 6 and a user node 8, each network has a respective management node, and each management node has a registration information list of each user node in the network. Different from the implementation scenario shown in fig. 1, on this basis, the network side is further provided with a multi-network management node, the multi-network management node stores registration information of each management node and is responsible for managing each management node, and cross-network access between user nodes can be realized in privacy calculation by means of the multi-network management node.
Fig. 4 shows an interaction diagram of a method for privacy computing multi-network resource coordination according to another embodiment, which may be based on the implementation scenario shown in fig. 3, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, the multi-network management node stores registration information of the first management node and the second management node, and the registration information of the second user node is obtained from the second management node by the first management node, so that cross-network access between the user nodes can be implemented in the privacy computing. As shown in fig. 4, the method for privacy computation multi-network resource collaboration in this embodiment includes the following steps: step 41, a first user node in a first network sends a first query request message for a second user node in a second network to the first management node; step 42, the first management node sends a second query request message for the second management node to the multi-network management node in response to the first query request message, and acquires the registration information of the second management node from the multi-network management node; step 43, the first management node obtains the registration information of the second user node from the second management node according to the registration information of the second management node; step 44, the first management node sends a feedback message to the first user node, where the feedback message includes registration information of the second user node; and step 45, the first user node and the second user node perform privacy calculation according to the registration information. Specific execution modes of the above steps are described below.
First, in step 41, a first user node in a first network sends a first query request message to the first management node for a second user node in the second network. It can be understood that, in general, the first management node only stores the registration information of each user node in the first network, but does not store the registration information of the user node in the second network, so that for the first query request message, the first management node is required to obtain the registration information of the second user node.
Then, in step 42, the first management node sends a second query request message for the second management node to the multi-network management node in response to the first query request message, and acquires the registration information of the second management node from the multi-network management node. It can be understood that the multi-network management node may store the registration information of many management nodes, and the registration information of all the management nodes does not need to be sent to the first management node, but only needs to be sent to the first management node according to the query request of the first management node.
In the embodiment of the present specification, the multi-network management node manages the registration information of each management node, and forwards and routes the registration information to be discovered by each management node.
Next, in step 43, the first management node obtains the registration information of the second user node from the second management node according to the registration information of the second management node. It can be understood that the registration information generally includes communication connection information of the node, and the first management node may establish a communication connection with the second management node according to the communication connection information of the second management node, and then acquire the registration information of the second user node from the second management node by using the communication connection.
In one example, the acquiring, from the second management node, the registration information of the second user node according to the registration information of the second management node includes:
sending a query request message aiming at the second user node to the second management node according to the communication connection information of the second management node;
receiving a response message from the second management node, the response message including registration information of the second user node.
In step 44, the first management node sends a feedback message to the first user node, where the feedback message includes registration information of the second user node. It is understood that, in step 43, the first management node obtains only the registration information of the second user node from the second management node, and does not obtain the registration information of other user nodes that the second management node has, and accordingly, in step 44, the first management node feeds back the registration information of the second user node obtained in step 43 to the first user node.
Finally, in step 45, the first user node performs privacy calculation with the second user node according to the registration information. It is understood that the registration information generally includes communication connection information, such as an IP address, of the user node, and the first user node can perform a communication connection with the second user node according to the communication connection information, and perform privacy calculation based on the communication connection.
Optionally, the registration information further includes a public key of the user node, so that the first user node can verify the digital signature of the second user node by using the public key, or decrypt the received data encrypted by using the private key of the second user node by using the public key of the second user node.
In a possible implementation, the registration information of the second user node includes a node identifier, a network protocol IP address and a public key of the second user node;
the first user node and the second user node perform privacy calculation according to the registration information, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by using the public key based on the communication connection and performs multiparty privacy calculation.
By the method provided by the embodiment of the present specification, the first management node may, in response to a query request of a first user node in the first network to a second user node in the second network, obtain registration information of the second management node from the multi-network management node, obtain, according to the registration information of the second management node, registration information of the second user node from the second management node, and finally send a feedback message to the first user node, where the feedback message includes the registration information of the second user node, so that the first management node performs privacy calculation with the second user node according to the registration information. As can be seen from the above, in the embodiments of the present specification, registration information of each management node is stored by using a multi-network management node, so that each management node can communicate with another management node, and thus, a first management node can obtain registration information of a second user node from a second management node, and cross-network access between user nodes can be realized in privacy computation.
Fig. 5 is an interaction diagram illustrating a method for privacy computing multi-network resource coordination according to another embodiment, which may be based on the implementation scenario illustrated in fig. 3, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and the multi-network management node stores registration information of the first management node and the second management node, and the registration information of the second user node is obtained from the second management node by the first user node, so that cross-network access between the user nodes can be implemented in the privacy computing. As shown in fig. 5, the method for privacy computing multi-network resource collaboration in this embodiment includes the following steps: step 51, a first user node in a first network sends a first query request message for a second management node to the first management node; step 52, the first management node sends a second query request message for the second management node to the multi-network management node in response to the first query request message, and acquires the registration information of the second management node from the multi-network management node; step 53, the first management node sends a feedback message to the first user node, where the feedback message includes registration information of the second management node; step 54, the first user node obtains the registration information of the second user node in the second network from the second management node according to the registration information of the second management node; and step 55, the first user node and the second user node perform privacy calculation according to the registration information of the second user node. Specific execution modes of the above steps are described below.
First, in step 51, a first user node in a first network sends a first query request message for the second management node to the first management node. It can be understood that, in general, the first management node only stores the registration information of each user node in the first network, but does not have the registration information of other management nodes, so that for the first query request message, the first management node needs to obtain the registration information of the second management node.
Then, in step 52, the first management node sends a second query request message for the second management node to the multi-network management node in response to the first query request message, and acquires the registration information of the second management node from the multi-network management node. It can be understood that the multi-network management node may store the registration information of many management nodes, and the registration information of all the management nodes does not need to be sent to the first management node, but only needs to be sent to the first management node according to the query request of the first management node.
In the embodiment of the present specification, the multi-network management node manages the registration information of each management node, and forwards and routes the registration information to be discovered by each management node.
Next, in step 53, the first management node sends a feedback message to the first user node, the feedback message including registration information of the second management node. It is understood that, in step 52, the first management node obtains only the registration information of the second management node from the multi-network management node, and does not obtain the registration information of other management nodes that the multi-network management node has, and accordingly, in step 53, the first management node feeds back the registration information of the second management node obtained in step 52 to the first user node.
In step 54, the first user node obtains the registration information of the second user node in the second network from the second management node according to the registration information of the second management node. It can be understood that the registration information generally includes communication connection information of the node, and the first user node may establish a communication connection with the second management node according to the communication connection information of the second management node, and then acquire the registration information of the second user node from the second management node by using the communication connection.
In one example, the acquiring, by the first user node, the registration information of the second user node in the second network from the second management node according to the registration information of the second management node includes:
the first user node sends a query request message aiming at the second user node to the second management node according to the communication connection information of the second management node;
the first user node receives a response message from the second management node, the response message including registration information of the second user node.
Finally, in step 55, the first user node performs privacy calculation with the second user node according to the registration information of the second user node. It is understood that the registration information generally includes communication connection information, such as an IP address, of the user node, and the first user node can perform a communication connection with the second user node according to the communication connection information, and perform privacy calculation based on the communication connection.
Optionally, the registration information further includes a public key of the user node, so that the first user node can verify the digital signature of the second user node by using the public key, or decrypt the received data encrypted by using the private key of the second user node by using the public key of the second user node.
In a possible implementation, the registration information of the second user node includes a node identifier, a network protocol IP address, and a public key of the second user node;
the first user node and the second user node perform privacy calculation according to the registration information, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by utilizing the public key based on the communication connection and performs multi-party privacy calculation.
Through the method provided by the embodiment of the present specification, a first management node may, in response to a query request of a first user node in a first network for a second user node in a second network, obtain registration information of the second management node from a multi-network management node, and then send the registration information of the second management node to the first user node, so that the first management node obtains the registration information of the second user node in the second network from the second management node according to the registration information of the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node. As can be seen from the above, in the embodiments of the present specification, registration information of each management node is stored by using a multi-network management node, so that a first user node and a second management node can communicate with each other, and thus the first user node can obtain registration information of the second user node from the second management node, and cross-network access between user nodes can be implemented in privacy computation.
Fig. 6 is an interaction diagram illustrating a method for privacy computing multi-network resource coordination according to another embodiment, where the method may be based on the implementation scenario illustrated in fig. 3, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, the multi-network management nodes store registration information of a plurality of management nodes including the first management node and the second management node, and the first management node may synchronize the registration information of each management node in the multi-network management nodes, so that cross-network access between user nodes can be implemented in privacy computing. As shown in fig. 6, the method for privacy computation multi-network resource collaboration in this embodiment includes the following steps: step 61, the first management node sends a synchronization request message to the multi-network management node, and acquires respective registration information of the plurality of management nodes from the multi-network management node; step 62, a first user node in a first network sends a query request message to the first management node, where the query request message is used to request to acquire registration information of the second management node; step 63, the first management node sends a response message to the first user node, where the response message includes registration information of the second management node; step 64, the first user node acquires the registration information of the second user node in the second network from the second management node according to the registration information of the second management node; and 65, the first user node performs privacy calculation with the second user node according to the registration information of the second user node. Specific execution modes of the above steps are described below.
First, in step 61, the first management node sends a synchronization request message to the multi-network management node, and acquires registration information of each of the plurality of management nodes from the multi-network management node. It can be understood that registration information of many management nodes may be stored in the multi-network management node, and the registration information of all the management nodes is uniformly sent to the first management node regardless of which management node registration information needs to be acquired by the privacy computation of the first user node.
Then, in step 62, the first user node in the first network sends a query request message to the first management node, where the query request message is used to request to acquire the registration information of the second management node. It can be understood that although the first management node obtains the registration information of many management nodes from the multi-network management node, the registration information of all the management nodes is not necessarily sent to the first user node, but only the registration information of the second management node is sent to the first user node according to the query request of the first user node.
Next, in step 63, the first management node sends a response message to the first user node, the response message including registration information of the second management node. It can be understood that the first management node stores the registration information of a plurality of management nodes, and the registration information of the second management node is obtained by querying, and then the registration information of the second management node is included in the response message and returned to the first user node.
In step 64, the first user node obtains the registration information of the second user node in the second network from the second management node according to the registration information of the second management node. It can be understood that the registration information generally includes communication connection information of the node, and the first user node may establish a communication connection with the second management node according to the communication connection information of the second management node, and then acquire the registration information of the second user node from the second management node by using the communication connection.
In one example, the obtaining, by the first user node, the registration information of the second user node in the second network from the second management node according to the registration information of the second management node includes:
the first user node sends a query request message aiming at the second user node to the second management node according to the communication connection information of the second management node;
the first user node receives a response message from the second management node, the response message including registration information of the second user node.
Finally, in step 65, the first user node performs privacy calculation with the second user node according to the registration information of the second user node. It is understood that the registration information generally includes communication connection information, such as an IP address, of the user node, and the first user node can perform a communication connection with the second user node according to the communication connection information, and perform privacy calculation based on the communication connection.
Optionally, the registration information further includes a public key of the user node, so that the first user node can verify the digital signature of the second user node by using the public key, or decrypt the received data encrypted by using the private key of the second user node by using the public key of the second user node.
In a possible implementation, the registration information of the second user node includes a node identifier, a network protocol IP address, and a public key of the second user node;
the first user node carries out privacy calculation with the second user node according to the registration information of the second user node, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by using the public key based on the communication connection and performs multiparty privacy calculation.
According to the method provided by the embodiment of the specification, the first management node acquires respective registration information of a plurality of management nodes from the multi-network management node, then responds to a query request of a first user node in the first network for a second management node, sends the registration information of the second management node to the first user node, enables the first management node to acquire the registration information of the second user node in the second network from the second management node according to the registration information of the second management node, and carries out privacy calculation with the second user node according to the registration information of the second user node. As can be seen from the above, in the embodiments of the present specification, registration information of each management node is stored by using a multi-network management node, and a first management node may synchronize the registration information of each management node in the multi-network management node, so that a first user node can obtain registration information of a second management node from the first management node, and further the first user node may communicate with the second management node, so that the first user node can obtain registration information of the second user node from the second management node, and cross-network access between user nodes can be implemented in privacy computation.
According to an embodiment of another aspect, an apparatus for privacy computing multi-network resource coordination is further provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and the apparatus is disposed at the first management node and configured to perform the actions performed by the first management node in the method embodiments provided in this specification. FIG. 7 illustrates a schematic block diagram of an apparatus to privacy-computing multi-network resource collaboration in accordance with one embodiment. As shown in fig. 7, the apparatus 700 includes:
a sending unit 71, configured to send a subscription request message to the second management node, where the subscription request message is used to request to obtain a registration information list of each user node registered to the second management node;
a receiving unit 72, configured to receive a feedback message from the second management node, where the feedback message includes the registration information list;
the sending unit 71 is further configured to, in response to a query request message for a first user node in the first network to a second user node in the second network, return registration information of the second user node to the first user node according to the registration information list received by the receiving unit 72, so that the first user node and the second user node perform privacy calculation according to the registration information.
According to an embodiment of another aspect, an apparatus for privacy computation of multi-network resource coordination is further provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and a multi-network management node stores registration information of the first management node and the second management node, and the apparatus is configured to execute actions performed by the first management node in the method embodiments provided in this specification. FIG. 8 illustrates a schematic block diagram of an apparatus to privacy-computing multi-network resource collaboration in accordance with another embodiment. As shown in fig. 8, the apparatus 800 includes:
a receiving unit 81, configured to receive a first query request message for a first user node in the first network to a second user node in the second network;
a first obtaining unit 82, configured to send, in response to the first query request message received by the receiving unit 81, a second query request message for the second management node to the multi-network management node, and obtain registration information of the second management node from the multi-network management node;
a second obtaining unit 83, configured to obtain, according to the registration information of the second management node obtained by the first obtaining unit 82, the registration information of the second user node from the second management node;
a sending unit 84, configured to send a feedback message to the first user node, where the feedback message includes the registration information of the second user node acquired by the second acquiring unit 83, and is made to perform privacy computation with the second user node according to the registration information.
According to an embodiment of another aspect, an apparatus for privacy computation of multi-network resource coordination is further provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and a multi-network management node stores registration information of the first management node and the second management node, and the apparatus is configured to execute actions performed by the first management node in the method embodiments provided in this specification. FIG. 9 illustrates a schematic block diagram of an apparatus to privacy-computing multi-network resource collaboration in accordance with another embodiment. As shown in fig. 9, the apparatus 900 includes:
a receiving unit 91, configured to receive a first query request message for the second management node from a first user node in the first network;
an obtaining unit 92, configured to send, in response to the first query request message received by the receiving unit 91, a second query request message for the second management node to the multi-network management node, and obtain registration information of the second management node from the multi-network management node;
a sending unit 93, configured to send a feedback message to the first user node, where the feedback message includes the registration information of the second management node acquired by the acquiring unit 92, so that the feedback message acquires, according to the registration information of the second management node, the registration information of the second user node in the second network from the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
According to an embodiment of another aspect, an apparatus for privacy computation multi-network resource coordination is further provided, where the multi-network includes a first network and a second network, the first network has a first management node, the second network has a second management node, and a multi-network management node stores registration information of a plurality of management nodes including the first management node and the second management node, and the apparatus is configured to execute actions performed by the first management node in the method embodiments provided in this specification. FIG. 10 illustrates a schematic block diagram of an apparatus to privacy-computing multi-network resource collaboration in accordance with another embodiment. As shown in fig. 10, the apparatus 1000 includes:
a synchronization unit 101, configured to send a synchronization request message to the multi-network management node, and acquire registration information of each of the multiple management nodes from the multi-network management node;
a receiving unit 102, configured to receive an inquiry request message from a first user node in the first network, where the inquiry request message is used to request to acquire registration information of the second management node;
a sending unit 103, configured to send a response message to the first user node, where the response message includes the registration information of the second management node, so that the response message obtains, according to the registration information of the second management node, the registration information of the second user node in the second network from the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
According to an embodiment of another aspect, there is also provided a computer-readable storage medium having stored thereon a computer program which, when executed in a computer, causes the computer to perform the method described in connection with any of fig. 2, 4 to 6.
According to an embodiment of yet another aspect, there is also provided a computing device comprising a memory and a processor, the memory having stored therein executable code, the processor, when executing the executable code, implementing the method described in conjunction with any of fig. 2, 4-6.
Those skilled in the art will recognize that, in one or more of the examples described above, the functions described in this invention may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium.
The above-mentioned embodiments, objects, technical solutions and advantages of the present invention are further described in detail, it should be understood that the above-mentioned embodiments are only examples of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made on the basis of the technical solutions of the present invention should be included in the scope of the present invention.

Claims (24)

1. A method of privacy computing multi-network resource coordination, the multi-network including a first network having a first management node and a second network having a second management node, the method performed by the first management node, comprising:
sending a subscription request message to the second management node, wherein the subscription request message is used for requesting to obtain a registration information list of each user node registered to the second management node;
receiving a feedback message from the second management node, the feedback message including the list of registration information;
and responding to a query request message of a first user node in the first network for a second user node in the second network, and returning the registration information of the second user node to the first user node according to the registration information list, so that the first user node and the second user node perform privacy calculation according to the registration information.
2. The method of claim 1, wherein after said receiving a feedback message from said second management node, said method further comprises:
receiving an update message from the second management node, the update message containing update information for the registration information list;
and updating the registration information list according to the updating information.
3. The method of claim 1, wherein the registration information list includes registration information of the second user node; and when the second user node joins the second network, registering the registration information of the second user node with the second management node.
4. The method of claim 1, wherein the registration information includes a node identification and a network protocol, IP, address of the respective user node, the query request message includes a node identification of the second user node; the returning of the registration information of the second user node to the first user node according to the registration information list comprises:
inquiring an IP address of a second user node from the registration information list according to the node identifier of the second user node;
and returning the IP address of the second user node to the first user node.
5. A method of privacy computing multi-network resource coordination, the multi-network comprising a first network having a first management node and a second network having a second management node, the method comprising:
the first management node sends a subscription request message to the second management node, wherein the subscription request message is used for requesting to obtain a registration information list of each user node registered to the second management node;
the first management node receiving a feedback message from the second management node, the feedback message containing the registration information list;
a first user node in the first network sends a query request message aiming at a second user node in the second network to the first management node;
the first management node responds to the query request message and returns the registration information of the second user node to the first user node according to the registration information list;
and the first user node performs privacy calculation with the second user node according to the registration information.
6. The method of claim 5, wherein the registration information of the second user node comprises a node identification, a network protocol, IP, address, and a public key of the second user node;
the first user node and the second user node perform privacy calculation according to the registration information, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by using the public key based on the communication connection and performs multiparty privacy calculation.
7. A method of privately computing multi-network resource coordination, the multi-network including a first network having a first management node and a second network having a second management node, the multi-network management node storing registration information of the first management node and the second management node, the method performed by the first management node, comprising:
receiving a first query request message of a first user node in the first network aiming at a second user node in the second network;
responding to the first query request message, sending a second query request message aiming at the second management node to the multi-network management node, and acquiring the registration information of the second management node from the multi-network management node;
acquiring the registration information of the second user node from the second management node according to the registration information of the second management node;
and sending a feedback message to the first user node, wherein the feedback message comprises the registration information of the second user node, and the feedback message and the second user node are enabled to carry out privacy calculation according to the registration information.
8. The method of claim 7, wherein the obtaining the registration information of the second user node from the second management node according to the registration information of the second management node comprises:
sending a query request message aiming at the second user node to the second management node according to the communication connection information of the second management node;
receiving a response message from the second management node, the response message including registration information of the second user node.
9. A method of privately computing multi-network resource coordination, the multi-network including a first network having a first management node and a second network having a second management node, the multi-network management node storing registration information of the first management node and the second management node, the method comprising:
a first user node in the first network sends a first query request message aiming at a second user node in the second network to the first management node;
the first management node responds to the first query request message, sends a second query request message aiming at the second management node to the multi-network management node, and acquires the registration information of the second management node from the multi-network management node;
the first management node acquires the registration information of the second user node from the second management node according to the registration information of the second management node;
the first management node sends a feedback message to the first user node, wherein the feedback message comprises registration information of the second user node;
and the first user node and the second user node perform privacy calculation according to the registration information.
10. The method of claim 9, wherein the registration information of the second user node comprises a node identification, a network protocol, IP, address, and a public key of the second user node;
the first user node and the second user node perform privacy calculation according to the registration information, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by using the public key based on the communication connection and performs multiparty privacy calculation.
11. A method of privately computing multi-network resource cooperation, the multi-network including a first network having a first management node and a second network having a second management node, the multi-network management node storing registration information of the first management node and the second management node, the method performed by the first management node, comprising:
receiving a first query request message of a first user node in the first network aiming at the second management node;
responding to the first query request message, sending a second query request message aiming at the second management node to the multi-network management node, and acquiring the registration information of the second management node from the multi-network management node;
and sending a feedback message to the first user node, wherein the feedback message comprises the registration information of the second management node, so that the feedback message acquires the registration information of the second user node in the second network from the second management node according to the registration information of the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
12. A method of privately computing multi-network resource cooperation, the multi-network including a first network having a first management node and a second network having a second management node, the multi-network management node storing registration information of the first management node and the second management node, the method comprising:
a first user node in the first network sends a first query request message aiming at the second management node to the first management node;
the first management node responds to the first query request message, sends a second query request message aiming at the second management node to the multi-network management node, and acquires the registration information of the second management node from the multi-network management node;
the first management node sends a feedback message to the first user node, wherein the feedback message comprises registration information of the second management node;
and the first user node acquires the registration information of a second user node in the second network from the second management node according to the registration information of the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
13. The method of claim 12, wherein the first user node obtaining registration information of a second user node in the second network from the second management node according to the registration information of the second management node comprises:
the first user node sends a query request message aiming at the second user node to the second management node according to the communication connection information of the second management node;
the first user node receives a response message from the second management node, the response message including registration information of the second user node.
14. The method of claim 12, wherein the registration information of the second user node comprises a node identification, a network protocol, IP, address, and a public key of the second user node;
the first user node and the second user node perform privacy calculation according to the registration information, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by using the public key based on the communication connection and performs multiparty privacy calculation.
15. A method of privately computing multi-network resource cooperation, the multi-network comprising a first network having a first management node and a second network having a second management node, the multi-network management node storing registration information of a plurality of management nodes including the first management node and the second management node, the method performed by the first management node comprising:
sending a synchronization request message to the multi-network management node, and acquiring respective registration information of the plurality of management nodes from the multi-network management node;
receiving a query request message from a first user node in the first network, wherein the query request message is used for requesting to acquire registration information of the second management node;
and sending a response message to the first user node, wherein the response message contains the registration information of the second management node, so that the response message acquires the registration information of the second user node in the second network from the second management node according to the registration information of the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
16. A method of privately computing multi-network resource cooperation, the multi-network including a first network having a first management node and a second network having a second management node, the multi-network management node storing registration information of a plurality of management nodes including the first management node and the second management node, the method comprising:
the first management node sends a synchronization request message to the multi-network management node, and acquires respective registration information of the management nodes from the multi-network management node;
a first user node in the first network sends a query request message to the first management node, wherein the query request message is used for requesting to acquire registration information of the second management node;
the first management node sends a response message to the first user node, wherein the response message contains the registration information of the second management node;
and the first user node acquires the registration information of a second user node in the second network from the second management node according to the registration information of the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
17. The method of claim 16, wherein the first user node obtaining the registration information of the second user node in the second network from the second management node according to the registration information of the second management node comprises:
the first user node sends a query request message aiming at the second user node to the second management node according to the communication connection information of the second management node;
the first user node receives a response message from the second management node, the response message including registration information of the second user node.
18. The method of claim 16, wherein the registration information of the second user node comprises a node identification, a network protocol, IP, address, and a public key of the second user node;
the first user node carries out privacy calculation with the second user node according to the registration information of the second user node, and the privacy calculation comprises the following steps:
and the first user node establishes communication connection with the second user node according to the IP address, verifies the digital signature of the second user node by using the public key based on the communication connection and performs multiparty privacy calculation.
19. An apparatus for privately computing multi-network resource coordination, the multi-network including a first network and a second network, the first network having a first management node, the second network having a second management node, the apparatus being disposed at the first management node, comprising:
a sending unit, configured to send a subscription request message to the second management node, where the subscription request message is used to request to obtain a registration information list of each user node registered to the second management node;
a receiving unit, configured to receive a feedback message from the second management node, where the feedback message includes the registration information list;
the sending unit is further configured to, in response to a query request message from a first user node in the first network to a second user node in the second network, return registration information of the second user node to the first user node according to the registration information list received by the receiving unit, so that the first user node and the second user node perform privacy calculation according to the registration information.
20. An apparatus for privately calculating multi-network resource cooperation, wherein the multi-network comprises a first network and a second network, the first network is provided with a first management node, the second network is provided with a second management node, and the multi-network management node stores registration information of the first management node and the second management node, the apparatus is arranged at the first management node and comprises:
a receiving unit, configured to receive a first query request message for a first user node in the first network to a second user node in the second network;
a first obtaining unit, configured to send, in response to the first query request message received by the receiving unit, a second query request message for the second management node to the multi-network management node, and obtain registration information of the second management node from the multi-network management node;
a second obtaining unit, configured to obtain, according to the registration information of the second management node obtained by the first obtaining unit, registration information of the second user node from the second management node;
and the sending unit is used for sending a feedback message to the first user node, wherein the feedback message contains the registration information of the second user node acquired by the second acquiring unit, so that the second user node and the registration information perform privacy calculation.
21. An apparatus for privately calculating multi-network resource cooperation, the multi-network comprises a first network and a second network, the first network is provided with a first management node, the second network is provided with a second management node, and the multi-network management node stores registration information of the first management node and the second management node, the apparatus is arranged at the first management node, and comprises:
a receiving unit, configured to receive a first query request message for a second management node from a first user node in the first network;
an obtaining unit, configured to send, in response to the first query request message received by the receiving unit, a second query request message for the second management node to the multi-network management node, and obtain registration information of the second management node from the multi-network management node;
a sending unit, configured to send a feedback message to the first user node, where the feedback message includes the registration information of the second management node obtained by the obtaining unit, so that the sending unit obtains, according to the registration information of the second management node, the registration information of the second user node in the second network from the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
22. An apparatus for privacy-based computation of multi-network resource coordination, the multi-network including a first network and a second network, the first network having a first management node, the second network having a second management node, and a multi-network management node storing registration information of a plurality of management nodes including the first management node and the second management node, the apparatus being provided at the first management node, comprising:
a synchronization unit, configured to send a synchronization request message to the multi-network management node, and obtain registration information of each of the plurality of management nodes from the multi-network management node;
a receiving unit, configured to receive an inquiry request message from a first user node in the first network, where the inquiry request message is used to request to acquire registration information of the second management node;
a sending unit, configured to send a response message to the first user node, where the response message includes registration information of the second management node, so that the response message obtains, according to the registration information of the second management node, registration information of a second user node in the second network from the second management node, and performs privacy calculation with the second user node according to the registration information of the second user node.
23. A computer-readable storage medium, having stored thereon a computer program which, when executed in a computer, causes the computer to perform the method of any of claims 1-18.
24. A computing device comprising a memory having stored therein executable code and a processor that, when executing the executable code, implements the method of any of claims 1-18.
CN202110704995.XA 2021-06-24 2021-06-24 Method and device for private computing multi-network resource cooperation Pending CN115603921A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202110704995.XA CN115603921A (en) 2021-06-24 2021-06-24 Method and device for private computing multi-network resource cooperation
PCT/CN2022/093769 WO2022267768A1 (en) 2021-06-24 2022-05-19 Method and apparatus for resource coordination among multiple networks in privacy computing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110704995.XA CN115603921A (en) 2021-06-24 2021-06-24 Method and device for private computing multi-network resource cooperation

Publications (1)

Publication Number Publication Date
CN115603921A true CN115603921A (en) 2023-01-13

Family

ID=84544061

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110704995.XA Pending CN115603921A (en) 2021-06-24 2021-06-24 Method and device for private computing multi-network resource cooperation

Country Status (2)

Country Link
CN (1) CN115603921A (en)
WO (1) WO2022267768A1 (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060117554A (en) * 2005-05-11 2006-11-17 주식회사 씨엠 Ipv4/ipv6 network management system and method
WO2007033238A2 (en) * 2005-09-13 2007-03-22 Ist International Inc. System and method for providing packet connectivity between heterogeneous networks, and component and packet therefor
CN101335724A (en) * 2007-06-29 2008-12-31 华为技术有限公司 Communication system, method and communication equipment based on household gateway
KR20090070336A (en) * 2007-12-27 2009-07-01 린나이코리아 주식회사 System and method offering free image communication service for interconnectiong between systems based on dynamic ip address
CN101640628A (en) * 2008-07-28 2010-02-03 华为技术有限公司 Mesh network-based routing management and routing methods, node, device and system
CN101860558A (en) * 2009-04-13 2010-10-13 中国网通集团宽带业务应用国家工程实验室有限公司 Cross-regional peer-to-peer network stream media ordering method and system thereof
US20110231491A1 (en) * 2008-09-17 2011-09-22 Jani Hautakorpi IP Address Discovery
CN102291402A (en) * 2011-08-09 2011-12-21 中国联合网络通信集团有限公司 Method, device and system for passing through private network
KR20130010698A (en) * 2011-07-19 2013-01-29 에스케이텔레콤 주식회사 Method for simultaneously transmitting data in heterogeneous network
CN110601981A (en) * 2019-09-11 2019-12-20 神州数码融信软件有限公司 Service routing method, service provider cloud domain and service calling cloud domain

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111147588A (en) * 2019-12-27 2020-05-12 上海浦东发展银行股份有限公司 Method and system for realizing cross-domain and cross-center communication in enterprise-level micro service platform
CN111447256B (en) * 2020-03-05 2022-07-01 中国司法大数据研究院有限公司 Cross-domain micro-service registration and release method and system based on file exchange
CN111770200B (en) * 2020-08-31 2020-12-08 支付宝(杭州)信息技术有限公司 Information sharing method and system

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060117554A (en) * 2005-05-11 2006-11-17 주식회사 씨엠 Ipv4/ipv6 network management system and method
WO2007033238A2 (en) * 2005-09-13 2007-03-22 Ist International Inc. System and method for providing packet connectivity between heterogeneous networks, and component and packet therefor
CN101335724A (en) * 2007-06-29 2008-12-31 华为技术有限公司 Communication system, method and communication equipment based on household gateway
KR20090070336A (en) * 2007-12-27 2009-07-01 린나이코리아 주식회사 System and method offering free image communication service for interconnectiong between systems based on dynamic ip address
CN101640628A (en) * 2008-07-28 2010-02-03 华为技术有限公司 Mesh network-based routing management and routing methods, node, device and system
US20110231491A1 (en) * 2008-09-17 2011-09-22 Jani Hautakorpi IP Address Discovery
CN101860558A (en) * 2009-04-13 2010-10-13 中国网通集团宽带业务应用国家工程实验室有限公司 Cross-regional peer-to-peer network stream media ordering method and system thereof
KR20130010698A (en) * 2011-07-19 2013-01-29 에스케이텔레콤 주식회사 Method for simultaneously transmitting data in heterogeneous network
CN102291402A (en) * 2011-08-09 2011-12-21 中国联合网络通信集团有限公司 Method, device and system for passing through private network
CN110601981A (en) * 2019-09-11 2019-12-20 神州数码融信软件有限公司 Service routing method, service provider cloud domain and service calling cloud domain

Also Published As

Publication number Publication date
WO2022267768A1 (en) 2022-12-29

Similar Documents

Publication Publication Date Title
US8335852B2 (en) Contact destination information registration method, network system, node, and contact destination information registration program
CN108449256B (en) Message pushing processing method and device, computer equipment and storage medium
US10637794B2 (en) Resource subscription method, resource subscription apparatus, and resource subscription system
CN105007164B (en) Centralized safety control method and device
US20100199320A1 (en) Multimodal escalation to endpoints in enhanced communication systems
US11728978B2 (en) Method and apparatus for establishing trusted channel between user and trusted computing cluster
EP2924942A2 (en) Method, device and system for achieving multi-service server distribution of session initiation protocol
CN110971506B (en) Decentralized real-time cluster communication method, device, equipment and system
EP3550794B1 (en) Solution for establishing a communication session
US20220123924A1 (en) Method for providing a state channel
WO2020237453A1 (en) Method and apparatus for implementing secure multi-party computation, computer device, and storage medium
EP2671366B1 (en) Determining a location address for shared data
CN115603921A (en) Method and device for private computing multi-network resource cooperation
CN110247960B (en) Method and device for realizing secure multi-party computation, computer equipment and storage medium
CN111541732B (en) Method for avoiding invalid occupation of connection resources by client in P2P network, computer readable storage medium and P2P network
EP3758308B1 (en) Correspondence processing method and device based on interworking rcs system
WO2013189164A1 (en) Processing method and device for service data
CN114222290A (en) Communication method, device, equipment and storage medium
CN105376727A (en) Data card processing method and device
WO2017045536A1 (en) Multiparty session processing method and device
JP2014138284A (en) Apl-scm-fe and application coordination method
WO2022267770A1 (en) Method, apparatus, and system for publishing and discovering privacy computing data resource
KR20180092099A (en) VoWifi transmission method using wireless line AP in P2P network
WO2020223917A1 (en) Method and apparatus for implementing secure multi-party computation, and computer device and storage medium
CN113872850A (en) Real-time communication method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination