CN115766230A - Distributed server privacy computation management and control method, device, equipment and medium - Google Patents
Distributed server privacy computation management and control method, device, equipment and medium Download PDFInfo
- Publication number
- CN115766230A CN115766230A CN202211434437.7A CN202211434437A CN115766230A CN 115766230 A CN115766230 A CN 115766230A CN 202211434437 A CN202211434437 A CN 202211434437A CN 115766230 A CN115766230 A CN 115766230A
- Authority
- CN
- China
- Prior art keywords
- data
- privacy
- server
- circulation
- computation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The disclosure relates to a distributed server privacy computation management and control method, device, equipment and medium, wherein the method comprises the following steps: the method comprises the steps of constructing a privacy calculation server template, setting privacy calculation data requirements, data transfer requirements and performance requirements of privacy calculation, constructing a privacy calculation server based on the privacy calculation server template and the privacy calculation data requirements, data transfer requirements and performance requirements, and managing and controlling data transfer based on a data transfer monitoring module in the privacy calculation server. Therefore, by constructing the privacy calculation server template, the management difficulty of the privacy calculation server is reduced, unified scheduling management of data flow and data calculation is realized from a system level, the privacy calculation server is constructed, the data flow and the like of the privacy calculation server are managed and controlled, and safe use and controllable use of privacy data are realized.
Description
Technical Field
The present disclosure relates to the field of security service technologies, and in particular, to a distributed server privacy computation management and control method, apparatus, device, and medium.
Background
The rapid development of new-generation information technologies such as cloud computing, internet of things, internet of vehicles and the like enables a large number of enterprises to start digital transformation, and various industries are rapidly developing under the promotion of technologies such as data-based analysis and computing. But also exposes a series of problems during the storage and use of data, such as data security, access control, identity authentication, privacy protection, and the like.
Generally, a privacy computing technology is a systematic technical solution to solve the above problems, and the analysis is performed from two perspectives of data flow (data outflow/non-outflow) and data computation (centralized/collaborative computation), including different development directions of secure multi-party computation, trusted execution environment, federal learning, and the like.
However, the distributed privacy computation such as secure multi-party computation, federal learning, local differential privacy, etc. does not encrypt the technical logic about personal information and privacy protection, but the data controlled by each party of cooperative computation is only locally computed, and the circulation of input data and output data does not occur.
In the related art, data desensitization is performed on data collection and circulation, but tracking management is not performed on a data circulation process, so that the risk that data are shared to unauthorized third parties exists.
Disclosure of Invention
To solve the above technical problems, or at least partially solve the above technical problems, the present disclosure provides a distributed server privacy computation management and control method, apparatus, device, and medium.
The disclosure provides a distributed server privacy computation management and control method, which includes:
constructing a privacy computation server template;
setting privacy calculation data requirements, data circulation requirements and performance requirements of privacy calculation;
building a privacy computing server based on the privacy computing server template and the privacy computing data requirements, the data flow requirements, and the performance requirements;
and managing and controlling the data flow based on a data flow monitoring module in the privacy computing server.
In an optional embodiment of the present disclosure, the constructing a privacy computation server template includes:
determining a target operating system version as a master of a privacy computing server;
and constructing a data flow module, a data flow monitoring module and a privacy calculation control module based on the privacy calculation server master.
In an optional embodiment of the present disclosure, the constructing a privacy computing server based on the privacy computing server template and the privacy computing data requirements, the data flow requirements, and the performance requirements includes:
configuring system operation parameters of the privacy computation server template according to the performance requirements;
importing corresponding private data from a data warehouse to the private calculation server by using a data circulation module based on the private calculation data requirement;
and importing a privacy calculation customization module to the privacy calculation server by using the privacy calculation management and control module based on the data circulation requirement.
In an optional embodiment of the disclosure, the customization module obtains a circulation rule between the data repository and the privacy calculation server and between the privacy calculation server and the privacy calculation server based on the privacy calculation.
In an optional embodiment of the present disclosure, the method further comprises:
receiving a data flow updating requirement; wherein the data flow update requirement comprises a target flow rule;
and replacing the current circulation rule with the target circulation rule.
In an optional embodiment of the present disclosure, the managing and controlling the data flow based on the data flow monitoring module in the privacy computing server includes:
the data flow monitoring module monitors a data flow request;
acquiring the streaming data corresponding to the data streaming request;
comparing the circulation data with circulation rules in the data circulation requirement;
and performing management and control processing on the data flow request based on the comparison result.
In an optional embodiment of the present disclosure, the performing, control and processing on the data flow request based on the comparison result includes:
based on the comparison result, determining that the circulation rule in the circulation data is the same as the circulation rule in the data circulation requirement, and not blocking the data circulation request; or the like, or, alternatively,
and determining that the circulation rule in the circulation data is different from the circulation rule in the data circulation requirement based on the comparison result, blocking the data circulation request, generating notification information and sending the notification information to the target equipment.
The utility model provides a distributed server privacy calculates management and control device includes:
the first construction module is used for constructing a privacy computation server template;
the setting module is used for setting the privacy calculation data requirement, the data circulation requirement and the performance requirement of the privacy calculation;
a second construction module for constructing a privacy computation server based on the privacy computation server template and the privacy computation data requirements, the data flow requirements, and the performance requirements;
and the management and control module is used for managing and controlling data flow based on the data flow monitoring module in the privacy calculation server.
The present disclosure provides an electronic device, including: a processor and a memory;
the processor is configured to execute the distributed server privacy computation management and control method according to the foregoing embodiment by calling a program or an instruction stored in the memory.
The present disclosure provides a computer-readable storage medium storing a program or instructions for causing a computer to execute the distributed server privacy computation management and control method of the foregoing embodiment.
Compared with the prior art, the technical scheme provided by the embodiment of the disclosure has the following advantages:
the method comprises the steps of constructing a privacy calculation server template, setting privacy calculation data requirements, data circulation requirements and performance requirements of privacy calculation, constructing a privacy calculation server based on the privacy calculation server template and the privacy calculation data requirements, data circulation requirements and performance requirements, and managing and controlling data circulation based on a data circulation monitoring module in the privacy calculation server. Therefore, by constructing the privacy calculation server template, the management difficulty of the privacy calculation server is reduced, unified scheduling management of data flow and data calculation is realized from a system level, the privacy calculation server is constructed, the data flow and the like of the privacy calculation server are managed and controlled, and safe use and controllable use of privacy data are realized.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and, together with the description, serve to explain the principles of the disclosure.
In order to more clearly illustrate the embodiments or technical solutions in the prior art of the present disclosure, the drawings used in the description of the embodiments or prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without inventive exercise.
Fig. 1 is a flowchart illustrating a distributed server privacy computation management and control method according to an embodiment of the present disclosure;
fig. 2 is a diagram illustrating an exemplary scenario of a distributed server privacy computation management and control method according to an embodiment of the present disclosure;
fig. 3 is a diagram illustrating another example of a scenario of a distributed server privacy computation management and control method according to an embodiment of the present disclosure;
fig. 4 is a diagram illustrating an exemplary structure of a distributed server privacy calculation management and control apparatus according to an embodiment of the present disclosure.
Detailed Description
In order that the above objects, features and advantages of the present disclosure may be more clearly understood, aspects of the present disclosure will be further described below. It should be noted that the embodiments and features of the embodiments of the present disclosure may be combined with each other without conflict.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present disclosure, but the present disclosure may be practiced in other ways than those described herein; it is to be understood that the embodiments disclosed in the specification are only a few embodiments of the present disclosure, and not all embodiments.
In the prior art, data desensitization is performed on data acquisition and circulation, but tracking management is not performed on a data circulation process, so that the risk that data is shared to an unauthorized third party exists; or, the privacy computing system based on distributed collaboration comprises a Software Development Kit (SDK), a controller and a plurality of privacy computing all-in-one machines; the controller is deployed in an edge cloud, and the multiple privacy all-in-one computers are deployed in a private cloud; but this computing scheme does not include a method for generating a new privacy all-in-one computer based on an existing privacy all-in-one computer.
In order to solve the above problems, the embodiments of the present disclosure provide a distributed server privacy computation management and control method, which performs unified scheduling management on data flow and data computation from a system level by establishing a privacy computation server template, so as to implement full-flow tracking management in a privacy computation process, solve the problem that data is shared to an unauthorized third party due to lack of tracking protection in a data use process, and solve the problem that a privacy computation server cannot be flexibly established according to data characteristics by dynamically establishing a privacy computation server based on the privacy computation data characteristics. In addition, by establishing a privacy data requirement and privacy calculation management and control module, data flow between a data warehouse and a server and between privacy servers is invisible to users, and the safety and controllability of data flow are ensured; by establishing the data flow monitoring module, the data flow is limited to flow only directly at the server created by using the server template, and the problem of data leakage is solved from the mechanism.
Therefore, the privacy calculation server is constructed according to the data characteristics, and data circulation, data storage and data use of the privacy calculation server are controlled, so that safe use and controllable use of the privacy data are realized.
Fig. 1 is a flowchart illustrating a distributed server privacy computation control method according to an embodiment of the present disclosure.
In the embodiment of the disclosure, a certain operating system version can be selected as a privacy computing server master according to application scenario requirements, and is required to be a simplified, secure, stable, and high-performance system, such as an NGTOS security system.
Further, each module, such as one or more of a data flow module, a data flow monitoring module, a privacy computation management and control module and the like, is constructed on the privacy computation server master as required and serves as a privacy computation server template.
In the embodiment of the disclosure, the data requirement of privacy calculation, the data circulation requirement and the performance requirement can be set according to the application requirement; the privacy calculation data requirements can define data characteristics such as data labels, data quantity, time range and the like required by calculation according to the data interaction function; the data circulation requirement is that a data warehouse and a privacy calculation server are defined according to a data interaction function, and a data interaction process between the privacy calculation server and the privacy calculation server is defined; the performance requirement refers to resources such as a Central Processing Unit (CPU), a memory, a disk, and a bandwidth, which are required by the privacy computation server in the privacy computation process.
And 103, constructing the privacy calculation server based on the privacy calculation server template and the privacy calculation data requirement, the data circulation requirement and the performance requirement.
In the embodiment of the disclosure, system operation parameters of the privacy calculation server template can be configured according to performance requirements, and the data circulation module is used for importing corresponding privacy data from the data warehouse to the privacy calculation server according to the privacy calculation data requirements. The data stream conversion module is a built-in function of the privacy calculation server, data transmission and storage processes are invisible to privacy calculation users, data security is guaranteed, and the privacy calculation management and control module is used for importing the privacy calculation customization module to the privacy calculation server.
And 104, managing and controlling the data flow based on a data flow monitoring module in the privacy computing server.
In the embodiment of the disclosure, the data flow monitoring module monitors the data flow process, including the data flow process between the data warehouse and the privacy calculation server and between the privacy calculation servers, and blocks the data flow and generates an alarm if the data flow in non-demand is found.
In a specific embodiment, the managing and controlling management of data flow based on a data flow monitoring module in a privacy computing server includes: the data flow monitoring module monitors the data flow request, obtains flow data corresponding to the data flow request, compares the flow data with flow rules in the data flow request, and conducts management and control processing on the data flow request based on a comparison result.
Based on the comparison result, determining that the circulation rule in the circulation data is the same as the circulation rule in the data circulation requirement, and not blocking the data circulation request; or based on the comparison result, determining that the circulation rule in the circulation data is different from the circulation rule in the data circulation requirement, blocking the data circulation request, generating the notification information and sending the notification information to the target equipment. The target device can be a mobile phone, a computer, etc.
In some embodiments, constructing a privacy computing server template includes: and determining a target operating system version as a privacy calculation server master, and constructing a data transfer module, a data transfer monitoring module and a privacy calculation management and control module based on the privacy calculation server master.
In some embodiments, constructing a private computation server based on a private computation server template and private computation data requirements, data flow requirements, and performance requirements comprises: according to performance requirements, system operation parameters of a privacy calculation server template are configured, corresponding privacy data are imported from a data warehouse to the privacy calculation server through a data circulation module based on privacy calculation data requirements, and a privacy calculation customization module is imported to the privacy calculation server through a privacy calculation management and control module based on data circulation requirements.
In the embodiment of the disclosure, the customization module acquires the data warehouse, the privacy calculation server and the circulation rule between the privacy calculation server and the privacy calculation server based on the privacy calculation.
In an embodiment of the present disclosure, a data flow update requirement is received; the data flow updating requirement comprises a target flow rule, the current flow rule is replaced by the target flow rule, the flow rule can be updated according to application requirements, for example, the privacy calculation server A of the current flow rule can flow privacy calculation data to the privacy calculation server B, the target flow rule is changed to the state that the privacy calculation server A cannot flow the privacy calculation data to the privacy calculation server B, and the use requirement of a user is further met.
As an example of a scenario, as shown in fig. 2, a privacy computation server template is established, where the privacy computation server template includes a data flow module, a data flow monitoring module, a privacy computation management and control module, and the like, then a data requirement, a data flow requirement, and a performance requirement of privacy computation are defined, a privacy computation server is established based on the privacy computation server template, and finally, the data flow is monitored and managed by using the data flow monitoring module at the boundary of the privacy computation server. Fig. 2 includes a privacy calculation server a, a privacy calculation server B, and a privacy calculation server C. Each privacy calculation server comprises a circulation module, a data circulation monitoring module, a privacy calculation management and control module and a database, and is connected with the data warehouse, acquires relevant privacy data according to the privacy calculation data requirements and stores the relevant privacy data in the database.
The data flow module comprises functions of data interaction, data storage and the like; it is to be understood that the data interaction functions include the private computing server pulling data from the data repository and interacting with other private computing servers. The function defines the data content needing to be streamed based on the data labels of the data warehouse, and realizes the data stream among the distributed nodes by using a safe data transmission technology.
Specifically, as shown in table 1: the source address refers to an IP (Internet Protocol) address of a data owner, the destination address refers to a data interaction destination IP address, the data label refers to a data classification standard provided by a data warehouse, the data feature refers to key information capable of identifying data to be transferred, the transfer mode refers to a data transmission mode, the data amount refers to an upper limit of data to be transferred, and the start time refers to start time and end time of the data to be transferred.
TABLE 1 data interaction Module Key characteristics
The data storage function refers to the storage of data in the privacy computation server, and specifically includes the data acquired from the data warehouse, the streaming data among the privacy computation servers, the privacy computation result, and other contents.
Wherein, data flow monitoring module can monitor the data flow between data warehouse and privacy calculation server, privacy calculation server and privacy calculation server, in time blocks illegal data flow, avoids causing data to reveal. The basis for judging whether the privacy calculation server is illegal is the data flow requirement provided when a new privacy calculation server is constructed.
The privacy computation management and control module comprises a privacy computation customization module importing function and a privacy computation customization module authority management function. The privacy calculation management and control supports the safe import of the customization module, and also performs unified management on the authority in the privacy calculation process by establishing users and user groups with unified privacy calculation, as shown in table 2.
Table 2 key technical characteristic table of privacy computation management and control module
The privacy calculation data requirement refers to a data interaction function (such as table 1), and defines data labels, data amount, time range and the like required by calculation; the data circulation requirement is that a data interaction process between a data warehouse and a server, and between the server and the server is defined by referring to a data interaction function (such as table 1); the performance requirement refers to resources such as a CPU, a memory, a disk, bandwidth and the like required by the privacy calculation server in the privacy calculation process.
It can be understood that, in the field of distributed server privacy computing management and control, the data full flow is managed and controlled based on the safe and controllable privacy computing server template, and the use and circulation of data are safe and controllable.
As an example, based on an all-autonomous definition NGTOS security system, a process of constructing a privacy computation server template and constructing a new privacy computation server using the embodiment of the disclosure is explained, and a problem that the privacy computation server cannot be flexibly created according to data characteristics is solved.
Specifically, as shown in fig. 3, a privacy computation server template is created, and the selected operating system master is an NGTOS security system, where the data flow module performs authentication using an identity authentication manner of the data warehouse itself, and performs data pulling with a corresponding Rest (Representational State Transfer) interface; the data circulation monitoring module is a circulation monitoring module integrated by a WEB (World Wide Web) application firewall; the privacy calculation management and control module supports an FTP (File Transfer Protocol) mode to import the customization module, performs authority management on a privacy calculation user by using a user management mechanism of the system, and defines a standard Rest interface to interact with the native data of the data warehouse.
Further, such as defining the private computation server B requirements, the private computation data requirements: { data tag: device status, data volume: 2T, time range 2021-hitherto, \ 8230;); data transfer requirements: { type: data warehouse, privacy computation server, 10.0.0.3.0.1 }; { type: a privacy computing server, 10.0.0.3.10.0.0.4 }; performance requirements: { CPU:8 cores, memory: 32G, disk: 3T, \ 8230; }.
Further, the creation of the privacy computation server B: and creating a new virtual machine by using a privacy computing server template mirror image, carrying out system configuration according to performance requirements, inputting the server requirements defined above into the privacy computing server B, pulling corresponding privacy data from a data warehouse according to data circulation requirements, and storing the data in a database inside the privacy computing server. The process is invisible to the user, data are guaranteed to be safe and controllable, the privacy calculation management and control module is used for importing the privacy calculation module customized by the user, the privacy calculation server B is built, and privacy calculation is started.
Specifically, the NGTOS security system is defined based on full autonomy, the working mechanism of the data flow monitoring module provided by the embodiment of the disclosure is explained, and the problem that privacy data flow cannot be tracked and controlled in the privacy calculation process is solved.
Continuing with the example of fig. 3, the private data is pulled from the data warehouse to the private calculation server B, the data flow monitoring module monitors the http request from 10.0.0.3 to 10.0.1, and the data is pulled to the local database for storage. By comparing with the data flow requirement in the previous example, the data flow requirement is in accordance with the predefined data flow requirement, so that the data flow is normal; the privacy calculation server B transmits data to the privacy calculation server A, the data flow monitoring module monitors http requests of 10.0.0.3 to 10.0.2, the privacy calculation server B tries to transmit the data privacy calculation server A, and the data flow is blocked and an administrator is notified to process the data flow by comparing the data flow requirements with the data flow requirements in the previous example and not including the data flow rule.
Therefore, by constructing the privacy computation server template, the management difficulty of the privacy computation server is reduced, and the problem that a distributed server needs to be repeatedly constructed due to different data characteristics is solved; unified scheduling management is carried out on data circulation and data calculation from a system level, and the problems that tracking protection is lacked in the data using process, and the risk that data are shared to an unauthorized third party exists are solved; the data transfer module is arranged in the privacy calculation server template, so that data transmission, storage and isolation of data users from the data warehouse to the privacy calculation server are realized, and the data of the data warehouse is safe and controllable to use; the customized privacy calculation module is imported and supported through the privacy calculation server template, so that the isolation of the privacy calculation module and a system is realized, a user is enabled to concentrate on the service, and the working efficiency is improved; through the built-in privacy data circulation monitoring module of the privacy computing server, the whole flow of the privacy data is monitored, and the problem that the privacy data circulation is not controllable is solved.
Corresponding to the method provided in the embodiments of fig. 1 to 3, the present disclosure also provides an apparatus, and since the apparatus provided in the embodiments of the present disclosure corresponds to the method provided in the embodiments of fig. 1 to 3, the implementation manner of the method is also applicable to the apparatus provided in the embodiments of the present disclosure, and is not described in detail in the embodiments of the present disclosure.
Fig. 4 is a schematic structural diagram of a distributed server privacy computation management and control apparatus according to an embodiment of the disclosure.
As shown in fig. 4, the distributed server privacy computation management and control apparatus includes:
a first construction module 201, configured to construct a privacy computation server template;
the setting module 202 is used for setting the privacy calculation data requirement, the data circulation requirement and the performance requirement of the privacy calculation;
a second construction module 203, configured to construct a privacy computation server based on the privacy computation server template and the privacy computation data requirements, the data flow requirements, and the performance requirements;
and the management and control module 204 is configured to manage and control data flow based on the data flow monitoring module in the privacy computing server.
In some embodiments, the first building module 201 is specifically configured to:
determining a target operating system version as a private computing server master;
and constructing a data flow module, a data flow monitoring module and a privacy calculation control module based on the privacy calculation server master.
In some embodiments, the second building module 203 is specifically configured to:
configuring system operation parameters of the privacy computation server template according to the performance requirements;
importing corresponding private data from a data warehouse to the private calculation server by using a data circulation module based on the private calculation data requirement;
and importing a privacy calculation customization module to the privacy calculation server by using the privacy calculation management and control module based on the data circulation requirement.
In some embodiments, a flow rule between a data repository and the privacy computation server, and the privacy computation server is obtained based on the privacy computation customization module.
In some embodiments, the apparatus further comprises:
the updating module is used for receiving a data flow updating demand; wherein the data flow update requirement comprises a target flow rule;
and replacing the current circulation rule with the target circulation rule.
In some embodiments, the management module 204 includes:
the monitoring unit is used for monitoring a data flow request by the data flow monitoring module;
the acquisition unit is used for acquiring the streaming data corresponding to the data streaming request;
the comparison unit is used for comparing the circulation data with the circulation rule in the data circulation requirement;
and the processing unit is used for performing management and control processing on the data flow request based on the comparison result.
In some embodiments, the processing unit is specifically configured to:
based on the comparison result, determining that the circulation rule in the circulation data is the same as the circulation rule in the data circulation requirement, and not blocking the data circulation request; or the like, or a combination thereof,
and determining that the circulation rule in the circulation data is different from the circulation rule in the data circulation requirement based on the comparison result, blocking the data circulation request, generating notification information and sending the notification information to the target equipment.
The distributed server privacy computation management and control device sets privacy computation data requirements, data flow requirements and performance requirements of privacy computation by constructing a privacy computation server template, constructs a privacy computation server based on the privacy computation server template and the privacy computation data requirements, data flow requirements and performance requirements, and manages and controls data flow based on a data flow monitoring module in the privacy computation server. Therefore, by constructing the privacy calculation server template, the management difficulty of the privacy calculation server is reduced, unified scheduling management of data flow and data calculation is realized from a system level, the privacy calculation server is constructed, the data flow and the like of the privacy calculation server are managed and controlled, and safe use and controllable use of privacy data are realized.
It is noted that, in this document, relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising one of 8230; \8230;" 8230; "does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The foregoing are merely exemplary embodiments of the present disclosure, which enable those skilled in the art to understand or practice the present disclosure. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the disclosure. Thus, the present disclosure is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A distributed server privacy computation control method is characterized by comprising the following steps:
constructing a privacy calculation server template;
setting privacy calculation data requirements, data circulation requirements and performance requirements of privacy calculation;
constructing a private computation server based on the private computation server template and the private computation data requirements, the data flow requirements, and the performance requirements;
and managing and controlling the data flow based on a data flow monitoring module in the privacy computing server.
2. The distributed server privacy computation management and control method according to claim 1, wherein the building of the privacy computation server template includes:
determining a target operating system version as a private computing server master;
and constructing a data flow module, a data flow monitoring module and a privacy calculation control module based on the privacy calculation server master.
3. The distributed server privacy computation management and control method according to claim 2, wherein the building of the privacy computation server based on the privacy computation server template and the privacy computation data requirements, the data flow requirements, and the performance requirements includes:
configuring system operation parameters of the privacy computation server template according to the performance requirements;
importing corresponding private data from a data warehouse to the private calculation server by using a data circulation module based on the private calculation data requirement;
and importing a privacy calculation customization module to the privacy calculation server by using the privacy calculation management and control module based on the data circulation requirement.
4. The distributed server privacy computation management and control method of claim 3,
and acquiring a data warehouse and the privacy calculation server and a circulation rule between the privacy calculation server and the privacy calculation server based on the privacy calculation customizing module.
5. The distributed server privacy computation management and control method according to claim 4, further comprising:
receiving a data transfer updating requirement; wherein the data flow update requirement comprises a target flow rule;
and replacing the current circulation rule with the target circulation rule.
6. The distributed server privacy computation management and control method according to claim 1, wherein the management and control of data flow based on a data flow monitoring module in the privacy computation server includes:
the data flow monitoring module monitors a data flow request;
acquiring the streaming data corresponding to the data streaming request;
comparing the circulation data with circulation rules in the data circulation requirements;
and performing management and control processing on the data flow request based on the comparison result.
7. The distributed server privacy computation management and control method according to claim 6, wherein the management and control processing on the data flow request based on the comparison result includes:
based on the comparison result, determining that the circulation rule in the circulation data is the same as the circulation rule in the data circulation requirement, and not blocking the data circulation request; or the like, or a combination thereof,
and determining that the circulation rule in the circulation data is different from the circulation rule in the data circulation requirement based on the comparison result, blocking the data circulation request, generating notification information and sending the notification information to the target equipment.
8. A distributed server privacy computation management and control device, comprising:
the first construction module is used for constructing a privacy calculation server template;
the setting module is used for setting the privacy calculation data requirement, the data circulation requirement and the performance requirement of the privacy calculation;
a second construction module for constructing a privacy computation server based on the privacy computation server template and the privacy computation data requirements, the data flow requirements, and the performance requirements;
and the management and control module is used for managing and controlling data flow based on the data flow monitoring module in the privacy calculation server.
9. An electronic device, comprising: a processor and a memory;
the processor is adapted to perform the steps of the method of any one of claims 1 to 7 by calling a program or instructions stored in the memory.
10. A computer-readable storage medium, characterized in that it stores a program or instructions for causing a computer to perform the steps of the method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211434437.7A CN115766230B (en) | 2022-11-16 | 2022-11-16 | Distributed server privacy calculation control method, device, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211434437.7A CN115766230B (en) | 2022-11-16 | 2022-11-16 | Distributed server privacy calculation control method, device, equipment and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115766230A true CN115766230A (en) | 2023-03-07 |
| CN115766230B CN115766230B (en) | 2023-08-25 |
Family
ID=85372642
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211434437.7A Active CN115766230B (en) | 2022-11-16 | 2022-11-16 | Distributed server privacy calculation control method, device, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115766230B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104506487A (en) * | 2014-11-21 | 2015-04-08 | 北京工业大学 | Credible execution method for privacy policy in cloud environment |
| CN107135223A (en) * | 2017-05-11 | 2017-09-05 | 成都四象联创科技有限公司 | The data persistence method of Mass Data Management system |
| CN113220949A (en) * | 2021-05-12 | 2021-08-06 | 支付宝(杭州)信息技术有限公司 | Construction method and device of private data identification system |
| CN113779613A (en) * | 2021-11-05 | 2021-12-10 | 深圳致星科技有限公司 | Data management method and device for secure data network for federal learning |
| CN114969832A (en) * | 2022-07-28 | 2022-08-30 | 天聚地合(苏州)科技股份有限公司 | Private data management method and system based on server-free architecture |
-
2022
- 2022-11-16 CN CN202211434437.7A patent/CN115766230B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104506487A (en) * | 2014-11-21 | 2015-04-08 | 北京工业大学 | Credible execution method for privacy policy in cloud environment |
| CN107135223A (en) * | 2017-05-11 | 2017-09-05 | 成都四象联创科技有限公司 | The data persistence method of Mass Data Management system |
| CN113220949A (en) * | 2021-05-12 | 2021-08-06 | 支付宝(杭州)信息技术有限公司 | Construction method and device of private data identification system |
| CN113779613A (en) * | 2021-11-05 | 2021-12-10 | 深圳致星科技有限公司 | Data management method and device for secure data network for federal learning |
| CN114969832A (en) * | 2022-07-28 | 2022-08-30 | 天聚地合(苏州)科技股份有限公司 | Private data management method and system based on server-free architecture |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115766230B (en) | 2023-08-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10122798B2 (en) | System and process for managing network communications | |
| EP2771803B1 (en) | File fetch from a remote client device | |
| US9886309B2 (en) | Identity-based distributed computing for device resources | |
| CN109478149A (en) | Mix the access service in cloud computing system | |
| US9015235B2 (en) | Server aggregated application streaming | |
| US9246914B2 (en) | Method and apparatus for processing biometric information using distributed computation | |
| EP2774077B1 (en) | Method and apparatus for providing identity based encryption in distributed computations | |
| WO2016128415A1 (en) | System and method for the data management in the interaction between machines | |
| US20150067503A1 (en) | System and method for virtual assistants with agent store | |
| Song et al. | Interactive middleware architecture for lifelog based context awareness | |
| US10908970B1 (en) | Data interface for secure analytic data system integration | |
| Ramos et al. | Distributing intelligence to the edge and beyond [research frontier] | |
| Di Martino et al. | Semantic representation of cloud services: a case study for microsoft windows azure | |
| WO2013098472A1 (en) | Method and apparatus for providing social network services based on connectivity information | |
| US11882154B2 (en) | Template representation of security resources | |
| US10621111B2 (en) | System and method for unified secure remote configuration and management of multiple applications on embedded device platform | |
| US11768692B2 (en) | Systems and methods for automated application launching | |
| CN113840013B (en) | Document system for hierarchical management | |
| CN115766230A (en) | Distributed server privacy computation management and control method, device, equipment and medium | |
| WO2023116131A1 (en) | Cross-ecological device management and control method and apparatus, and storage medium and electronic device | |
| CN101521592B (en) | Method and device for establishing the SNMP agent of printer | |
| Chihani et al. | Programmable context awareness framework | |
| KR100711595B1 (en) | Security system and method based on Multi-agent platform under considering of extension and movement | |
| US20240129306A1 (en) | Service to service communication and authentication via a central network mesh | |
| CN117278323B (en) | Third party information acquisition method, electronic equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |