CN116186341A - Federal graph calculation method, federal graph calculation device, federal graph calculation equipment and storage medium - Google Patents

Federal graph calculation method, federal graph calculation device, federal graph calculation equipment and storage medium Download PDF

Info

Publication number
CN116186341A
CN116186341A CN202310456636.6A CN202310456636A CN116186341A CN 116186341 A CN116186341 A CN 116186341A CN 202310456636 A CN202310456636 A CN 202310456636A CN 116186341 A CN116186341 A CN 116186341A
Authority
CN
China
Prior art keywords
node
data
federation
graph
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310456636.6A
Other languages
Chinese (zh)
Other versions
CN116186341B (en
Inventor
宋一民
蔡超超
邹振华
单进勇
裴超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Shudu Technology Co ltd
Original Assignee
Beijing Shudu Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Shudu Technology Co ltd filed Critical Beijing Shudu Technology Co ltd
Priority to CN202310456636.6A priority Critical patent/CN116186341B/en
Publication of CN116186341A publication Critical patent/CN116186341A/en
Application granted granted Critical
Publication of CN116186341B publication Critical patent/CN116186341B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • G06F16/9024Graphs; Linked lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Mining & Analysis (AREA)
  • Information Transfer Between Computers (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The embodiment of the application discloses a federation map calculation method, a federation map calculation device, federation map calculation equipment and a federation map calculation storage medium, and belongs to the technical field of data processing. The embodiment of the application can be applied to a federation graph computing system comprising at least two federation nodes, namely, the embodiment of the application can be applied to two or any number of federation nodes, so that the method has universality on the number of federation nodes; in addition, in the case that the first target node has update data and the first target node belongs to the second peer node, the update data of the first target node can be stored in the first mirror image node corresponding to the first target node, then the update data in the first mirror image node are combined and then sent to the second peer node, and the update data of the first target node does not need to be sent respectively, so that transmission overhead generated by the update data is sent respectively can be reduced.

Description

Federal graph calculation method, federal graph calculation device, federal graph calculation equipment and storage medium
Technical Field
The present disclosure relates to the field of data processing technologies, and in particular, to a federal graph computing method, apparatus, device, and storage medium.
Background
Currently, graph computation plays an increasingly important role in the fields of social networks, knowledge graphs, information recommendation, financial wind control and the like. The federal graph computation requirements between institutions are also increasing.
The federation graph calculation aims at splicing the subgraphs of all the participants on the premise of protecting the data privacy, and executing various graph calculation tasks on the spliced whole graph to obtain calculation results which cannot be obtained in the separated subgraphs. Federal graph computation is of great importance to breaking down data islands between participants.
The current federation graph calculation is limited to specific scenes, for example, the federation graph calculation is only suitable for a small number of participants, the universality is poor, and the transmission overhead among the participants is high.
Disclosure of Invention
The embodiment of the application provides a federation diagram calculation method, a federation diagram calculation device, federation diagram calculation equipment and a federation diagram calculation storage medium, and transmission overhead among parties can be reduced under the condition of improving the universality of federation diagram calculation.
In a first aspect, an embodiment of the present application provides a federation graph calculation method, which is applied to a first federation node in a federation graph calculation system, where the federation graph calculation system includes at least two federation nodes, and the first federation node is any federation node of the at least two federation nodes, and the method includes:
Loading a local first sub-graph, wherein the first sub-graph comprises nodes and edges, and the nodes with association relations are connected through the edges;
generating first update data of a first target node according to the edge data of the first node and the node data of the first node aiming at each first node of the first subgraph, wherein the first target node is connected with the first node through edges;
storing first update data corresponding to a first target node into a first mirror node corresponding to the first target node under the condition that the first target node belongs to a second federation node, wherein the second federation node is a federation node except the first federation node in at least two federation nodes;
the first updating data in each first mirror image node corresponding to the first target node is merged and then sent to a second joint node corresponding to the first target node;
receiving second update data sent by a second binding node;
and merging and calculating the node updating data and the second updating data which are generated locally to obtain target sub-graph data.
In a second aspect, embodiments of the present application provide a federal graph computing device,
a first federation node for use in a federation graph computing system, the federation graph computing system including at least two federation nodes, the first federation node being any one of the at least two federation nodes, the apparatus comprising:
The loading module is used for loading a local first sub-graph, wherein the first sub-graph comprises nodes and edges, and the nodes with association relations are connected through the edges;
the generating module is used for generating first update data of a first target node according to the edge data of the first node and the node data of the first node aiming at each first node of the first subgraph, and the first target node is connected with the first node through edges;
the storage module is used for storing first update data corresponding to the first target node into a first mirror image node corresponding to the first target node under the condition that the first target node belongs to a second federation node, and the second federation node is a federation node except the first federation node in at least two federation nodes;
the sending module is used for merging the first update data in each first mirror image node corresponding to the first target node and then sending the first update data to a second joint node corresponding to the first target node;
the receiving module is used for receiving second update data sent by the second combined node;
and the calculation module is used for combining and calculating the locally generated node update data and the second update data to obtain target sub-graph data.
In a third aspect, an embodiment of the present application provides an electronic device, including:
A processor;
a memory for storing computer program instructions;
the computer program instructions, when executed by a processor, implement the method as described in the first aspect.
In a fourth aspect, embodiments of the present application provide a computer readable storage medium having stored thereon computer program instructions which, when executed by a processor, implement a method as described in the first aspect.
In a fifth aspect, embodiments of the present application provide a computer program product, instructions in which, when executed by a processor of an electronic device, cause the electronic device to perform the method according to the first aspect.
According to the embodiment of the application, by loading a local first sub-graph, for each first node of the first sub-graph, generating first update data of a first target node according to the edge data of the first node and node data of the first node, storing the first update data corresponding to the first target node into a first mirror node corresponding to the first target node under the condition that the first target node belongs to a second joint node, merging the first update data in each first mirror node corresponding to the first target node, and then sending the first update data to the second joint node corresponding to the first target node; receiving second update data sent by a second binding node; and merging and calculating the node updating data and the second updating data which are generated locally to obtain target sub-graph data. The above scheme can be applied to a federation graph computing system comprising at least two federation nodes, namely, the above scheme can be applied to two or any number of federation nodes, so that the scheme has universality in the number of federation nodes; in addition, in the case that the first target node has update data and the first target node belongs to the second peer node, the update data of the first target node can be stored in the first mirror image node corresponding to the first target node, then the update data in the first mirror image node is combined and then sent to the second peer node, and the update data of the first target node does not need to be sent respectively, so that transmission overhead generated by the update data is sent respectively can be reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments of the present application will be briefly described below, and it is possible for a person skilled in the art to obtain other drawings from these drawings without inventive effort.
Fig. 1 is a schematic view of a scenario of a federation graph calculation method according to an embodiment of the present application;
FIG. 2 is a flowchart of a federation graph calculation method according to an embodiment of the present disclosure;
FIG. 3 is a schematic diagram of an overall collaboration flow of each participant in a federal graph computing system according to an embodiment of the present disclosure;
FIG. 4 is a schematic diagram of an execution flow of single round chart algorithm iteration provided in an embodiment of the present application;
FIG. 5 is a schematic diagram of a local computing and collaborative interaction process involved in iteration of a single round of graph algorithm provided in an embodiment of the present application;
FIG. 6 is a block diagram of a federal graph computing device according to an embodiment of the present disclosure;
fig. 7 is a block diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Features and exemplary embodiments of various aspects of the present application are described in detail below, and in order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely configured to explain the present application and are not configured to limit the present application. It will be apparent to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present application by showing examples of the present application.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
When the federal graph calculation is carried out, the method mainly adopts an outsourcing graph mode, and the method is only suitable for the number of specific participants and has certain limitation.
Specifically, in outsourcing graph calculation, the graph data owner uploads the graph data to other servers in a secret sharing mode due to insufficient computing power, and the other servers run a secure multiparty calculation protocol such as a garbled circuit to complete the graph calculation task. The outsource graph computation is not a federal computing collaboration model between real participants, and the core of the outsource graph computation is the owner and calculator of the split graph data.
This mode of computation is only applicable to scenes where the amount of data owned by the contributors to the graph data is small and computationally weak. When federal graph calculation is carried out between actual participants, the participants have abundant computing power, large data volume and strict limitation of the data privacy protection act, and do not have power to outsource a large amount of graph data to other servers. Even if the participants can share the graph data with each other in a secret manner and then run a secure multiparty computing protocol to complete the federal graph computation, the existing outsourced graph computing technology cannot support the expansion to any number of the participants.
In addition, in the federal graph calculation scheme, transmission overhead among the parties mainly originates from data synchronization of a common node and update data transfer across sub-graphs, and for the latter, the transmission overhead is mainly larger when the update data is transferred separately, especially when the data amount of the update data across sub-graphs is larger.
Therefore, the embodiment of the application provides a federation diagram calculation method, a federation diagram calculation device, federation diagram calculation equipment and a storage medium, and transmission overhead among parties can be reduced under the condition of improving the universality of federation diagram calculation.
The federation graph calculation method provided in the embodiment of the present application may be applied to a scenario shown in fig. 1, where the scenario may include at least two federation nodes, in the federation graph calculation, each federation node is in a peer-to-peer position, that is, performs the same calculation procedure locally, and part of the calculation phase involves data interaction between each federation node, and for convenience of description, fig. 1 includes two federation nodes, that is, federation node 110 and federation node 120, respectively.
Federation node 110 and federation node 120 are in communication connection, and specific communication modes of federation node 110 and federation node 120 are not limited in this embodiment, and may be, for example, communication through a local area network, a cable, or the like.
Federation node 110 and federation node 120 are similar in structure, taking federation node 110 as an example, federation node 110 may include a control module 1101, a storage module 1102, a compute engine module 1103, a transmission module 1104, and an algorithm module 1105, as shown in fig. 1.
The control module 1101 is a core of the federal graph computing system, and is responsible for controlling overall computing and interaction processes, and centrally controlling other modules. Specifically, the control module 1101 reads the graph data and the federation calculation configuration information through the storage module 1102, controls the transmission module 1104 to complete channel establishment and subsequent data interaction with other federation nodes, obtains specific calculation tasks involved in federation graph calculation through the algorithm module 1105, and invokes the calculation engine module 1103 to complete task calculation based on the secret state or plaintext data.
The storage module 1102 is mainly used for storing graph data, federal graph computation configuration information, computation task data and the like. The graph data comprises edge data, node mapping (federal nodes to which each node belongs), intermediate updating data and the like, and the graph data can be in a plaintext or a secret state; the federation map calculates configuration information, namely the number of participants (federation nodes), communication information among all the participants, a map algorithm of federation map calculation and the like; the calculation task data is a specific calculation task generated in the calculation of the federation graph. The communication information between the parties may include, for example, but not limited to, a communication manner, a communication frequency band, a communication channel, and the like between the parties.
The calculation engine module 1103 is mainly responsible for accomplishing the specific calculation tasks provided by the control module 1101. The calculation tasks are organized into task queues in advance by the control module 1101 and stored in the storage module 1102. The calculation engine module 1103 reads the task data from the task queue, writes back the task data after the calculation is completed, and is finally used by the control module 1101 to update the graph data.
As shown in fig. 1, the computing engine module 1103 may include a first component 11031 and a second component 11032, where the first component 11031 is also called a common component, and is an inlet of the computing engine module 1103, responsible for interaction with the control module 1101 and simple preprocessing of computing tasks; the second component 11032 is also called a trusted component, and the second component 11032 runs in a trusted execution environment (Trusted execution environment, TEE), which is mainly responsible for completing computing tasks, and the TEE can guarantee the integrity and confidentiality of the execution of the trusted component.
The transmission module 1104 is mainly responsible for maintaining channels and sending and receiving intermediate data between other participants. It should be noted that, the intermediate data of the graph computation interacted between the participants are all the secret data, and the receiver cannot directly decrypt, and the encryption and decryption processes are all completed in the TEE by the computation engine module 1103.
The algorithm module 1105 primarily defines a graph algorithm specific data structure including edge data structures, node data structures, update data structures, and the like. In addition, the algorithm module 1105 defines the computations involved in a particular graph algorithm and may encapsulate specific computational tasks based on the graph data, provide the control module 1101, and define rules for the computational tasks to write back to the graph data. Each algorithm module 1105 has a uniform interface so that the control module 1101 does not need to handle specific graph algorithm details. The algorithm module 1105 of fig. 1 is exemplified as including an algorithm module a, an algorithm module B, and an algorithm module C.
Similarly, federal node 120 may include a control module 1201, a storage module 1202, a calculation engine module 1203, a transmission module 1204, and an algorithm module 1205, and calculation engine module 1203 may include a first component 12031 and a second component 12032. The function of each module may be referred to as federal node 110, and will not be described in detail herein for brevity.
The federation graph calculation method provided in the embodiment of the present application is described below with reference to the above scenario and specific embodiments, and the federation graph calculation method provided in the embodiment of the present application may be applied to any federation node shown in fig. 1.
Fig. 2 is a flowchart of a method for calculating a federal graph according to an embodiment of the present application. As shown in fig. 2, the federation map calculation method may include the steps of:
s210, loading a local first sub-graph.
The first sub-graph comprises nodes and edges, and the nodes with association relations are connected through the edges.
S220, generating first update data of the first target node according to the edge data of the first node and the node data of the first node aiming at each first node of the first subgraph.
The first target node is connected with the first node through an edge.
And S230, storing the first updated data corresponding to the first target node into a first mirror node corresponding to the first target node under the condition that the first target node belongs to the second combined node.
The second federation node is a federation node except the first federation node in the at least two federation nodes.
And S240, merging the first update data in each first mirror image node corresponding to the first target node and then sending the merged first update data to a second binding node corresponding to the first target node.
S250, second update data sent by the second combined node is received.
And S260, merging and calculating the locally generated node update data and the second update data to obtain target sub-graph data.
According to the embodiment of the application, by loading a local first sub-graph, for each first node of the first sub-graph, generating first update data of a first target node according to the edge data of the first node and node data of the first node, storing the first update data corresponding to the first target node into a first mirror node corresponding to the first target node under the condition that the first target node belongs to a second joint node, merging the first update data in each first mirror node corresponding to the first target node, and then sending the first update data to the second joint node corresponding to the first target node; receiving second update data sent by a second binding node; and merging and calculating the node updating data and the second updating data which are generated locally to obtain target sub-graph data. The above scheme can be applied to a federation graph computing system comprising at least two federation nodes, namely, the above scheme can be applied to two or any number of federation nodes, so that the scheme has universality in the number of federation nodes; in addition, in the case that the first target node has update data and the first target node belongs to the second peer node, the update data of the first target node can be stored in the first mirror image node corresponding to the first target node, then the update data in the first mirror image node is combined and then sent to the second peer node, and the update data of the first target node does not need to be sent respectively, so that transmission overhead generated by the update data is sent respectively can be reduced.
The following describes the above steps in detail, as follows:
in S210, the first federation node is any federation node in the federation graph computing system, that is, any federation node in the scenario shown in fig. 1. The federation graph computing system can comprise at least two federation nodes, namely, the federation graph computing method of the embodiment of the application is applicable to any number of federation nodes, and is not limited to the specific number of federation nodes, so that the federation graph computing system has universality in the number of federation nodes.
In embodiments of the present application, each federal node may be an electronic device or collection of electronic devices of different data providers. In different data processing scenarios, the federal node may be different, for example, in the financial wind control arts, each financial institution may be a data provider, and accordingly, in the federal graph computing system, each financial institution may be a federal node. Data transmission can be performed between different federal nodes, so that a calculation result which cannot be obtained in an isolated federal node can be obtained.
The graph data is data that can be described by a graph, which is an abstract data structure representing an association relationship between objects, and the graph may include nodes and edges, the nodes having the association relationship being connected by edges. Wherein, the nodes represent objects, the edges represent the relations among the objects, the objects are taken as nodes, and the association relation among the objects is taken as an edge, so that a graph can be formed.
Taking a financial transfer scenario as an example, by taking a transfer user as an object, a relationship between transfer users may be a graph, wherein the relationship between transfer users may be a transfer relationship.
The first subgraph is a locally stored graph of the first federation node, and illustratively, the first subgraph can represent association relations between different objects in the first federation node, and can represent association relations between objects in different federation nodes.
The first subgraph is loaded and can be used for updating subsequent nodes and splicing the subgraphs to obtain a more complete subgraph, so that the federation graph calculation task is satisfied.
In some embodiments, after or during the loading of the first sub-graph, the federation graph calculation method may further include the steps of:
determining a target edge crossing the first sub-graph from the edges of the first sub-graph;
and establishing a first mirror node for the target node of the target edge locally.
The default graph data in the embodiment of the application is directed graph data, that is, a certain edge of the first sub-graph points from one node to another node. A single edge in the undirected graph can be equivalently converted into two opposite directed edges.
For example, for the first subgraph A-E, it can be converted into two opposite directed edges A < - > E and A < - > E.
The first sub-graph may be two nodes of the same edge, one of the nodes may be a local node, and the other node may be a node of another sub-graph, i.e., a node of another federal node.
In some embodiments, in the process of loading the first sub-graph, it may be determined whether each edge of the first sub-graph is an edge crossing the first sub-graph, and if a certain edge is an edge crossing the first sub-graph, the certain edge is referred to as a target edge.
The target node is a node belonging to other federal nodes in the target edge, for example, for A— > E, the node A is a node of the first sub-graph, the node E is a node of other federal nodes, and the edge AE is referred to as the target edge, and the node E is referred to as the target node.
To reduce data transmission overhead across sub-graphs, for each target edge, a first mirror node is established locally for the target node of that target edge for subsequent storage of update data for the corresponding target node, for example.
For example, for a— E and B-E, where node a and node B belong to a first federal node and node E belongs to other federal nodes of the federal graph computing system, a first mirror node may BE established for edge AE for storing update data of node a to node E, and a first mirror node may BE established for edge BE for storing update data of node B to node E.
According to the embodiment of the application, indexes of the two end nodes crossing the edge of the first sub-graph are disclosed for the corresponding two federal nodes by default, however, the data of the edge opposite end nodes are privacy data of the corresponding federal nodes, and confidentiality is needed. The index here may be, for example, an identification number, a user name, an account, etc.
For example, for the first sub-graph b— E, the indexes of the node and B and the node E may be disclosed for the federal node to which the first federal node and the node E belong, but the data of the node B belongs to the private data of the first federal node, cannot be disclosed for the federal node to which the node E belongs, and likewise, the data of the node E belongs to the private data of its corresponding federal node, and cannot be disclosed for the first federal node. Thus, the security of the data can be ensured.
In some embodiments, before S210, the first federal node may run a key negotiation protocol with other federal nodes in the federal graph computing system to obtain a key for use in subsequent encrypting and decrypting graph data and intermediate result data. The key is stored in the TEE.
In S220, taking a-E as an example, the edge AE is an outgoing edge for the node a and an incoming edge for the node E. Taking the transfer relationship as an example, the outgoing edge data may be the transfer amount of the node a, or other functional relationship that may represent the transfer amount, etc. The node data may be data of node a, which may include, but is not limited to, balance of node a, and the like, for example.
The first node may be a node in the first subgraph that belongs to a first federal node. For each first node of the first sub-graph, it may be determined whether an out-edge exists for the node, and if so, update data for the first target node is generated based on the node data and the out-edge data for the node in combination with a graph algorithm. For example, updated data for node E, i.e., a specific transfer amount, may be generated for the transfer amount as a function of the balance of node A.
The graph algorithm may be defined by the algorithm module shown in fig. 1, and different computing tasks or scenes may correspond to different graph algorithms. Therefore, the method has universality in the support of the graph algorithm, and is not limited to a single graph algorithm calculation scene.
In S230, the second federation node is a federation node in the federation graph computing system other than the first federation node.
In the case that the first target node belongs to the second peer node, the first update data obtained in S220 may be stored in a first mirror node corresponding to the first target node, so as to facilitate subsequent transmission of the first update data.
For example, for A > E and B > E, the first update data for node A to node E may BE stored in the first mirrored node corresponding to edge AE, and the first update data for node B and node E may BE stored in the first mirrored node corresponding to edge BE.
And under the condition that the first target node does not belong to the second combined node, namely belongs to the local area, storing the generated update data in an update data queue of the first target node.
In S240, illustratively, the first update data in each first mirror node corresponding to the first target node may be merged and then sent to the second peer node corresponding to the first target node, so that the amount of data required to be transmitted for updating the remote node may be reduced. The remote node is the node in the second peer node.
For example, for a transfer scenario where 10 accounts (A1-a 10) are transferred to account C of financial institution 2 (the second federation node) by financial institution 1 (the first federation node), a first mirror node may be established for account C, so that 10 first mirror nodes may be obtained, and first updated data of accounts A1-a10 relative to account C may be stored. Because the 10 first mirror nodes are all aimed at the account C, the first update data in the 10 first mirror nodes can be combined and the combined first update data is sent to the financial institution 2 corresponding to the account C, so that the data transmission quantity between the federal nodes due to the edge crossing the subgraph can be reduced. The process of data merging is a local operation and does not involve collaboration between federal nodes.
In S250, the first federation node may send corresponding mirror node update data to other federation nodes, and may also receive mirror node update data for the local node, that is, the second update data, determined by the other federation nodes. The second update data may be update data obtained by merging the first mirror nodes by the second binding node.
In S260, after the first federation node receives the second update data sent by the second federation node, the merging calculation may be performed to update the data of the local node. For example, for the node a, the node update data generated locally by the computing node a and the second update data generated for the node a and sent by the second federation node may be combined to obtain the target subgraph, so as to achieve the purpose of splicing subgraphs of all the participants (federal nodes).
In some embodiments, the first federal node may include a trusted component that is located in the TEE, e.g., for the computation of the secret data, may be performed by the trusted component in the TEE, which may ensure the security of the data.
Illustratively, the step S220 may include the steps of:
and generating first update data for the first target node according to the edge data of the first node and the node data of the first node by utilizing the trusted component in the trusted execution environment under the condition that the edge data and/or the node data are encrypted data.
In particular, when the computing of the cryptographic data is involved, such as when the outgoing data and/or the node data are cryptographic data, the process of generating the first update data needs to be performed by the trusted component in the trusted execution environment. The encrypted data may be decrypted, for example, by a trusted component, and first update data may then be generated based on the decrypted data and encrypted. Namely, the first federal node can only observe the encrypted data output by the TEE, and cannot see the task input data of the plaintext and the intermediate data of the calculation process.
In some embodiments, the step S240 may include the following steps:
in a trusted execution environment, merging first update data in each first mirror node corresponding to a first target node through a trusted component to obtain first merged data;
encrypting the first combined data according to a predetermined key;
and sending the encrypted first merging data to a second binding node corresponding to the first target node.
The process of merging the update data is completed in the TEE, specifically, in the TEE, the trusted component merges the first update data in each first mirror node corresponding to the first target node to obtain first merged data, encrypts the first merged data according to a key negotiated in advance, and sends the encrypted first merged data to a second peer node corresponding to the first target node.
Similar to the first federation node, the second federation node encrypts the second update data before sending the second update data to the first federation node, i.e., the second update data received by the first federation node is encrypted. Based on this, in some embodiments, the step S260 may include the following steps:
under the condition that the second updating data is encrypted, decrypting the second updating data through a trusted component under a trusted execution environment to obtain decrypted data;
and merging and calculating node update data and decryption data generated locally to obtain target sub-graph data.
When the received data is the encrypted data, each federal node cannot directly process the encrypted data and needs to execute the encrypted data in the TEE, so that the security of the data can be ensured.
Specifically, the second update data may be decrypted by the trusted component in the TEE to obtain decrypted data, and the locally generated node update data and the decrypted data may be combined and calculated by the trusted component in the TEE to obtain target sub-graph data, and specific combined calculation rules may be defined by the algorithm module shown in fig. 1, and different calculation tasks or scenarios may correspond to different combined calculation rules, so that versatility is supported on the calculation rules.
In practice, different federal nodes may comprise the same node, e.g., for a financial wind control scenario, financial institution 1 and financial institution 2 may comprise the same user. Based on this, in some embodiments, after S210, the federation map calculation method may further include the steps of:
determining a public node of the first federation node and the second federation node according to the privacy intersection protocol;
receiving first secret state data of a public node sent by a second contact node;
and combining the local second secret data and the received first secret data by the trusted component in the trusted execution environment aiming at the same public node.
The privacy intersection (Private Set Intersection, PSI) protocol may obtain the intersection of the data of each participant without revealing other information beyond the intersection, for example, in the embodiment of the present application, the public node of the first federal node and the second federal node may be determined based on the privacy intersection protocol without revealing other private data of the public node beyond the intersection. The specific content of the privacy intersection protocol is not limited, and any privacy intersection protocol capable of determining a public node of the first federal node and the second federal node can be applied to the embodiment of the application.
Specifically, the public node between every two federal nodes can be determined based on the privacy intersection protocol, and it should be noted that it is assumed here that the federal nodes follow the same node index standard, for example, all use identity card numbers as node indexes.
The first federation node can receive first secret state data of the public node sent by the second federation node, and for the same public node, according to a predefined rule, the local second secret state data of the public node and the received first secret state data are combined to realize the alignment updating of the secret state public node data. The merge rule is defined by the algorithm module shown in fig. 1.
The alignment updating process is completed in the TEE, namely, in the TEE, the trusted component merges the local second secret state data and the received first secret state data, so that the alignment updating of the secret state public node data is realized.
When the first secret state data and the second secret state data are combined in the conventional method, the server can only acquire secret sharing fragments of the first secret state data and the second secret state data and cannot acquire specific data information, so that data agnostic calculation needs to be executed, the outsourcing calculation needs to frequently run a cryptographic protocol to complete data agnostic diagram ordering or diagram scrambling, and finally expensive calculation cost is caused.
Based on this, in some embodiments, the local second secret data and the received first secret data may be combined by:
decrypting, by the trusted component, the first encrypted data and the second encrypted data according to the predetermined key;
combining the decrypted first secret data and the decrypted second secret data to obtain second combined data;
the second combined data is encrypted.
After receiving the first encrypted data, in the TEE, the trusted component decrypts the first encrypted data and the second encrypted data according to the key negotiated in advance to obtain plaintext data, then merges the plaintext data, and encrypts the merged data. In other words, in the embodiment of the application, the plaintext data is actually combined, and the data-agnostic graph ordering or graph scrambling is not required to be completed by using the operation cryptography protocol, so that the use of a safe multiparty computing technology with high operation cost is avoided, and the cryptography cost can be reduced.
The embodiment of the application not only has universality on the support of the graph algorithm, but also can support any number of the participants which is more than or equal to 2, so that the method has universality on the number of the participants; in addition, by creating the mirror nodes for the target nodes of the cross-subgraph, the update data of the target nodes can be stored in the corresponding mirror nodes, and by combining the mirror nodes, the data transmission quantity of the cross-subgraph can be reduced; the calculation of the secret state data is completed in the TEE by the trusted component, so that the security of the data is ensured.
The following describes, by way of an example, the process of the federation map calculation method provided in the embodiments of the present application:
the overall collaboration flow of each participant in the federal graph computing system can be seen in fig. 3 (two participants are taken as an example), and is specifically shown as follows:
1. after calculation starts, each participant negotiates a secret key, namely, a secret key negotiation protocol is operated based on TEE collaboration to obtain a secret key which is used for subsequent encryption and decryption of image data and intermediate calculation result data;
2. loading local sub-graph data, namely loading a first sub-graph, judging whether each edge is an edge crossing the sub-graph in the process of loading the sub-graph data, and if so, pointing the edge from a participant i (local) to a participant j (remote), wherein the participant i establishes a mirror node for a target node of the edge locally for subsequent storage of update data generated for the target node;
3. each participant cooperates to operate a privacy exchange protocol, and a public node between every two participants is determined;
4. each participant performs a single round of graph algorithm iteration, the process involves local computation and data interaction between each participant, and the execution flow of the single round of graph algorithm iteration can be seen in fig. 4 below;
5. Judging whether a graph algorithm iteration termination condition is reached, wherein the termination condition can be a specific graph algorithm iteration convergence condition or a pre-designated graph algorithm iteration round upper limit. If the termination condition is not met, step 4 will be re-executed. If the termination condition is met, step 6 will be performed;
6. and decrypting and disclosing the result data, wherein in actual application, a corresponding data disclosure scheme can be designed according to the specific graph algorithm requirement, so that privacy disclosure is minimized. Which may involve collaborative interactions between the participants.
Fig. 4 is a schematic diagram of an execution flow of single round chart algorithm iteration provided in the embodiment of the present application, which is specifically shown as follows:
1. all the participants cooperate to Align the public node data (Align), namely, the synchronization of the public node data is completed;
2. diffusion node data (Scatter), namely, each participant traverses all nodes in each sub-graph, and calculates update data of the edge to a target node by using node data and edge data for the node with the edge;
3. the mirror node is used for receiving the update data in advance and completing the calculation of the update data in advance, so that the data quantity required to be transmitted when the remote node is updated is reduced. The step is local operation, does not involve cooperation among the participants, and can remarkably reduce the data transmission quantity among the participants due to the edges of the cross-subgraph;
4. Transmitting and receiving remote node update data, namely transmitting node update data to a target party by each party for the updated mirror node, and receiving mirror node update data pushed by other parties at the same time;
5. the node update data (Gather & Apply), i.e. each party performs the Gather calculation in combination with the locally generated node update data and the received mirror node update data, updating the data of the local node, which integrates the data Gather (Gather) and the data calculation (Apply).
The iterative execution flow of the single-round graph algorithm can support the federation calculation of various types of graph algorithms, and is different from the traditional non-federation local graph calculation single-round algorithm iterative flow in that common node data alignment, mirror node-based update data pre-collection and update data transmission are introduced, so that the algorithm execution requirements of the federation graph calculation can be efficiently met.
Taking two participants as an example, the local calculation and collaboration interaction process involved in single-round algorithm iteration can be seen in fig. 5, the flow shown in fig. 5 can be divided into two parts, steps 1 to 9 are the local calculation and collaboration interaction involved in single-round algorithm iteration, and steps 10 to 11 are execution steps after the algorithm execution termination condition is reached, wherein the specific explanation of each step is as follows:
1. Encrypting the public node data, wherein the encryption calculation is completed by the TEE, and if the public node data itself is already in a secret state, no operation is required;
2. sending and receiving the secret common node data, namely each participant receives the secret common node data from other participants with common nodes;
3. aligning the secret common node data, namely combining the local secret node data and the remote secret node data received in the step 2 by each participant according to a predefined rule for each public node in the subgraph, and completing the alignment updating of the secret common node data, wherein the alignment calculation is completed by the TEE;
4. diffusing secret node data (Scatter), namely traversing all outgoing edges of each node in the subgraph, combining the outgoing edge data and the node data to generate update data of a target node, if secret data calculation is involved, completing the calculation by a TEE, storing the update data in an update data queue of the target node, and if the target node is a remote node of other participants, storing the update data in a mirror node;
5. based on the mirror image nodes, pre-merging update data, in order to reduce the data transmission quantity across the participants, pre-merging update data queues of all the mirror image nodes, namely merging n update variables in a single queue into 1, and if secret state data calculation is involved, completing the pre-merging calculation by a TEE;
6. Encrypting the remote node update data, namely updating data of the remote node, namely updating data stored in the mirror image node, and completing data encryption by using the TEE before sending the updating data of the remote node;
7. sending and receiving node update data from a remote end in a secret state;
8. collecting secret node update data (Gather & Apply), each participant combines the locally generated node update data and the received mirror node update data, executes collection calculation, updates the data of the local node, integrates data collection (Gather) and data calculation (Apply), and completes data calculation by the TEE;
9. judging termination conditions based on the secret state data, wherein whether the partial graph algorithm is executed by the termination algorithm is determined by an algorithm convergence condition, the judgment generally involves calculation of node data, and in the framework, the termination condition judgment task calculation is completed by the TEE;
10. decrypting the algorithm execution result, namely decrypting the algorithm execution result according to the algorithm execution result disclosure rule agreed by each participant, wherein the decryption operation is completed by the TEE, specifically, the algorithm execution result can be defined as direct graph data (node data and edge data) or as statistics based on the graph data;
11. And transmitting the synchronous plaintext algorithm execution result, namely transmitting and synchronizing the algorithm execution result after decryption is completed.
The end-to-end federation graph computation flow definition makes the proposal a complete and efficient innovative federation graph computation mode.
It should be noted that the computations involved in TEE are stateless computations, i.e., the computation process is directed to a particular task only, and the tasks and computation process between tasks are not related. In the above flow chart, only steps 2, 7, 11 relate to data interaction between the parties, and the rest are all local calculations of the parties.
The process of the TEE executing calculation on the secret data is as follows: decrypting the task input data performs computing task encryption task result data. Each participant can only observe the encrypted task result data output by the TEE, and cannot see the task input data and the calculation process intermediate data in the plaintext.
Based on the same inventive concept, the embodiment of the present application further provides a federal graph computing device, and the federal graph computing device provided in the embodiment of the present application is described in detail below with reference to fig. 6.
Fig. 6 is a block diagram of a federal graph computing device according to an embodiment of the present application. The federation map computing device may be applied to a first federation node in a federation map computing system, where the federation map computing system includes at least two federation nodes, and the first federation node is any federation node of the at least two federation nodes, as shown in fig. 6, and the federation map computing device may include:
The loading module 610 is configured to load a local first sub-graph, where the first sub-graph includes nodes and edges, and the nodes with association relationships are connected by edges;
a generating module 620, configured to generate, for each first node of the first subgraph, first update data for a first target node according to the edge data of the first node and node data of the first node, where the first target node is connected to the first node through an edge;
the storage module 630 is configured to store, when the first target node belongs to a second federation node, first update data corresponding to the first target node into a first mirror node corresponding to the first target node, where the second federation node is a federation node other than the first federation node of the at least two federation nodes;
a sending module 640, configured to combine the first update data in each first mirror node corresponding to the first target node and send the combined first update data to a second binding node corresponding to the first target node;
a receiving module 650, configured to receive second update data sent by the second peer node;
and the calculating module 660 is configured to combine and calculate the locally generated node update data and the second update data to obtain the target sub-graph data.
According to the embodiment of the application, by loading a local first sub-graph, for each first node of the first sub-graph, generating first update data of a first target node according to the edge data of the first node and node data of the first node, storing the first update data corresponding to the first target node into a first mirror node corresponding to the first target node under the condition that the first target node belongs to a second joint node, merging the first update data in each first mirror node corresponding to the first target node, and then sending the first update data to the second joint node corresponding to the first target node; receiving second update data sent by a second binding node; and merging and calculating the node updating data and the second updating data which are generated locally to obtain target sub-graph data. The above scheme can be applied to a federation graph computing system comprising at least two federation nodes, namely, the above scheme can be applied to two or any number of federation nodes, so that the scheme has universality in the number of federation nodes; in addition, in the case that the first target node has update data and the first target node belongs to the second peer node, the update data of the first target node can be stored in the first mirror image node corresponding to the first target node, then the update data in the first mirror image node is combined and then sent to the second peer node, and the update data of the first target node does not need to be sent respectively, so that transmission overhead generated by the update data is sent respectively can be reduced.
In some embodiments, the first federal node includes a trusted component that resides in a trusted execution environment of the first federal node.
In some embodiments, the generating module 620 is specifically configured to:
and generating first update data for the first target node according to the edge data of the first node and the node data of the first node by utilizing the trusted component in the trusted execution environment under the condition that the edge data and/or the node data are encrypted data.
In some embodiments, the sending module 640 is specifically configured to:
in a trusted execution environment, merging first update data in each first mirror node corresponding to a first target node through a trusted component to obtain first merged data;
encrypting the first combined data according to a predetermined key;
and sending the encrypted first merging data to a second binding node corresponding to the first target node.
In some embodiments, the computing module 660 is specifically configured to:
under the condition that the second updating data is encrypted, decrypting the second updating data through a trusted component under a trusted execution environment to obtain decrypted data;
and merging and calculating node update data and decryption data generated locally to obtain target sub-graph data.
In some embodiments, the federal graph computing device may further include:
the determining module is configured to determine, according to the privacy intersection protocol, a common node of the first federal node and the second federal node after the loading module 610 loads the local first sub-graph;
the receiving module 650 is further configured to receive first secret data of the public node sent by the second peer node;
and the merging module is used for merging the local second secret state data and the received first secret state data through the trusted component in the trusted execution environment aiming at the same public node.
In some embodiments, the merging module is specifically configured to:
decrypting, by the trusted component, the first encrypted data and the second encrypted data according to the predetermined key;
combining the decrypted first secret data and the decrypted second secret data to obtain second combined data;
the second combined data is encrypted.
In some embodiments, the determining module is further configured to determine a target edge across the first sub-graph from the edges of the first sub-graph;
the federal graph computing device may further include:
the establishing module is used for locally establishing a first mirror node for the target node of the target edge.
Each module in the apparatus shown in fig. 6 has a function of implementing each step in fig. 2 to 5 and can achieve a corresponding technical effect, and for brevity description, a detailed description is omitted herein.
Based on the same inventive concept, the embodiment of the application also provides electronic equipment. The electronic device may be any federal node in the foregoing embodiments, and the electronic device provided in the embodiments of the present application is described in detail below with reference to fig. 7.
As shown in fig. 7, the electronic device may include a processor 710, a memory 720 for storing computer program instructions.
The processor 710 may include a central processing unit (Central Processing Unit, CPU), or an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or may be configured as one or more integrated circuits implementing embodiments of the present application.
Memory 720 may include mass storage for data or instructions. By way of example, and not limitation, memory 720 may include a Hard Disk Drive (HDD), floppy Disk Drive, flash memory, optical Disk, magneto-optical Disk, magnetic tape, or universal serial bus (Universal Serial Bus, USB) Drive, or a combination of two or more of the foregoing. In one example, memory 720 may include removable or non-removable (or fixed) media, or memory 720 may be a non-volatile solid state memory. In one example, memory 720 may be Read Only Memory (ROM). In one example, the ROM may be mask-programmed ROM, programmable ROM (PROM), erasable PROM (EPROM), electrically Erasable PROM (EEPROM), electrically rewritable ROM (EAROM), or flash memory, or a combination of two or more of these.
The processor 710 reads and executes the computer program instructions stored in the memory 720 to implement the method in the embodiment shown in fig. 2-5, and achieves the corresponding technical effects achieved by executing the method in the embodiment shown in fig. 2-5, which are not described herein for brevity.
In one example, the electronic device may also include a communication interface 730 and a bus 740. As shown in fig. 7, the processor 710, the memory 720, and the communication interface 730 are connected to each other by a bus 740 and perform communication with each other.
Communication interface 730 is primarily used to implement communications between modules, devices, and/or apparatuses in embodiments of the present application.
Bus 740 includes hardware, software, or both that couple the various components of the electronic device to one another. By way of example, and not limitation, bus 740 may include an accelerated graphics port (Accelerated Graphics Port, AGP) or other graphics Bus, an enhanced industry standard architecture (Extended Industry Standard Architecture, EISA) Bus, a Front Side Bus (FSB), a HyperTransport (HT) interconnect, an industry standard architecture (Industry Standard Architecture, ISA) Bus, an infiniband interconnect, a Low Pin Count (LPC) Bus, a memory Bus, a micro channel architecture (MCa) Bus, a Peripheral Component Interconnect (PCI) Bus, a PCI-Express (PCI-X) Bus, a Serial Advanced Technology Attachment (SATA) Bus, a video electronics standards association local (VLB) Bus, or other suitable Bus, or a combination of two or more of these. Bus 740 may include one or more buses, where appropriate. Although embodiments of the present application describe and illustrate a particular bus, the present application contemplates any suitable bus or interconnect.
The electronic device may execute the federation map calculation method in the embodiment of the present application after loading the local first sub-graph, so as to implement the federation map calculation method described in connection with fig. 2-5 and the federation map calculation apparatus described in connection with fig. 6.
In addition, in combination with the federal graph calculation method in the above embodiment, the embodiment of the application may be implemented by providing a computer storage medium. The computer storage medium has stored thereon computer program instructions; the computer program instructions, when executed by a processor, implement any of the federal graph computation methods of the above embodiments.
It should be clear that the present application is not limited to the particular arrangements and processes described above and illustrated in the drawings. For the sake of brevity, a detailed description of known methods is omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present application are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications, and additions, or change the order between steps, after appreciating the spirit of the present application.
The functional blocks shown in the above-described structural block diagrams may be implemented in hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), suitable firmware, a plug-in, a function card, or the like. When implemented in software, the elements of the present application are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine readable medium or transmitted over transmission media or communication links by a data signal carried in a carrier wave. A "machine-readable medium" may include any medium that can store or transfer information. Examples of machine-readable media include electronic circuitry, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio Frequency (RF) links, and the like. The code segments may be downloaded via computer networks such as the internet, intranets, etc.
It should also be noted that the exemplary embodiments mentioned in this application describe some methods or systems based on a series of steps or devices. However, the present application is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be different from the order in the embodiments, or several steps may be performed simultaneously.
Aspects of embodiments of the present application are described above with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, enable the implementation of the functions/acts specified in the flowchart and/or block diagram block or blocks. Such a processor may be, but is not limited to being, a general purpose processor, a special purpose processor, an application specific processor, or a field programmable logic circuit. It will also be understood that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware which performs the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In the foregoing, only the specific embodiments of the present application are described, and it will be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, which are not repeated herein. It should be understood that the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present application, which are intended to be included in the scope of the present application.

Claims (11)

1. A federation graph computation method, characterized by being applied to a first federation node in a federation graph computation system, the federation graph computation system including at least two federation nodes, the first federation node being any one of the at least two federation nodes, the method comprising:
loading a local first sub-graph, wherein the first sub-graph comprises nodes and edges, and the nodes with association relations are connected through the edges;
generating first update data of a first target node according to the edge data of the first node and the node data of the first node aiming at each first node of the first subgraph, wherein the first target node is connected with the first node through edges;
Storing first update data corresponding to a first target node into a first mirror node corresponding to the first target node under the condition that the first target node belongs to a second federation node, wherein the second federation node is a federation node except the first federation node in the federation graph computing system;
the first update data in each first mirror image node corresponding to the first target node is merged and then sent to a second joint node corresponding to the first target node;
receiving second update data sent by the second combined node;
and merging and calculating the node updating data generated locally and the second updating data to obtain target sub-graph data.
2. The method of claim 1, wherein the first federal node includes a trusted component that resides in a trusted execution environment of the first federal node.
3. The method of claim 2, wherein generating the first update data for the first target node based on the edge data of the first node and the node data of the first node comprises:
and generating first update data for a first target node according to the edge data of the first node and the node data of the first node by utilizing the trusted component in the trusted execution environment under the condition that the edge data and/or the node data are encrypted data.
4. The method of claim 2, wherein the merging the first update data in each of the first mirror nodes corresponding to the first target node and sending the merged first update data to the second peer node corresponding to the first target node includes:
in the trusted execution environment, merging first update data in each first mirror node corresponding to the first target node through the trusted component to obtain first merged data;
encrypting the first combined data according to a predetermined key;
and sending the encrypted first combined data to a second combined node corresponding to the first target node.
5. The method of claim 2, wherein the merging the locally generated node update data and the second update data to obtain the target sub-graph data comprises:
under the condition that the second updating data is encrypted, decrypting the second updating data through the trusted component under the trusted execution environment to obtain decrypted data;
and merging and calculating locally generated node updating data and the decryption data to obtain target sub-graph data.
6. The method of claim 2, wherein after loading the local first sub-graph, the method further comprises:
Determining a public node of the first federation node and the second federation node according to a privacy intersection protocol;
receiving first secret state data of the public node sent by the second combined node;
and combining the local second secret state data and the received first secret state data by the trusted component in the trusted execution environment aiming at the same public node.
7. The method of claim 6, wherein the merging, by the trusted component, the local second encrypted data and the received first encrypted data comprises:
decrypting, by the trusted component, the first and second encrypted data according to a predetermined key;
combining the decrypted first secret data and the decrypted second secret data to obtain second combined data;
encrypting the second combined data.
8. The method according to any one of claims 1-7, further comprising:
determining a target edge crossing the first sub-graph from the edges of the first sub-graph;
and establishing a first mirror node for the target node of the target edge locally.
9. A federation graph computing device for use in a first federation node in a federation graph computing system, the federation graph computing system including at least two federation nodes, the first federation node being any one of the at least two federation nodes, the device comprising:
The loading module is used for loading a local first sub-graph, wherein the first sub-graph comprises nodes and edges, and the nodes with association relations are connected through the edges;
the generating module is used for generating first updating data of a first target node according to the edge data of the first node and the node data of the first node aiming at each first node of the first subgraph, and the first target node is connected with the first node through edges;
the storage module is used for storing first update data corresponding to the first target node into a first mirror node corresponding to the first target node under the condition that the first target node belongs to a second federation node, wherein the second federation node is a federation node except the first federation node in the at least two federation nodes;
the sending module is used for merging the first update data in each first mirror image node corresponding to the first target node and then sending the first update data to a second joint node corresponding to the first target node;
the receiving module is used for receiving second update data sent by the second binding node;
and the calculation module is used for combining and calculating the locally generated node update data and the second update data to obtain target sub-graph data.
10. An electronic device, comprising:
a processor;
a memory for storing computer program instructions;
the method of any of claims 1-8 is implemented when the computer program instructions are executed by the processor.
11. A computer readable storage medium having stored thereon computer program instructions, which when executed by a processor, implement the method of any of claims 1-8.
CN202310456636.6A 2023-04-25 2023-04-25 Federal graph calculation method, federal graph calculation device, federal graph calculation equipment and storage medium Active CN116186341B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310456636.6A CN116186341B (en) 2023-04-25 2023-04-25 Federal graph calculation method, federal graph calculation device, federal graph calculation equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310456636.6A CN116186341B (en) 2023-04-25 2023-04-25 Federal graph calculation method, federal graph calculation device, federal graph calculation equipment and storage medium

Publications (2)

Publication Number Publication Date
CN116186341A true CN116186341A (en) 2023-05-30
CN116186341B CN116186341B (en) 2023-08-15

Family

ID=86444613

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310456636.6A Active CN116186341B (en) 2023-04-25 2023-04-25 Federal graph calculation method, federal graph calculation device, federal graph calculation equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116186341B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200117832A1 (en) * 2018-10-15 2020-04-16 International Business Machines Corporation Obfuscation and routing of sensitive actions or requests based on social connections
WO2021219053A1 (en) * 2020-04-29 2021-11-04 深圳前海微众银行股份有限公司 Federated learning modeling method, apparatus and device, and readable storage medium
WO2022108529A1 (en) * 2020-11-19 2022-05-27 脸萌有限公司 Model construction method and apparatus, and medium and electronic device
CN114692209A (en) * 2022-05-31 2022-07-01 蓝象智联(杭州)科技有限公司 Graph federation method and system based on confusion technology
CN115344753A (en) * 2022-08-17 2022-11-15 中国建设银行股份有限公司 Federal diagram calculation method, federal diagram calculation configuration method, device and electronic equipment
CN115775026A (en) * 2022-12-27 2023-03-10 重庆大学 Federated learning method based on organization similarity

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114462577A (en) * 2022-01-30 2022-05-10 国家电网有限公司大数据中心 Federated learning system, method, computer equipment and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200117832A1 (en) * 2018-10-15 2020-04-16 International Business Machines Corporation Obfuscation and routing of sensitive actions or requests based on social connections
WO2021219053A1 (en) * 2020-04-29 2021-11-04 深圳前海微众银行股份有限公司 Federated learning modeling method, apparatus and device, and readable storage medium
WO2022108529A1 (en) * 2020-11-19 2022-05-27 脸萌有限公司 Model construction method and apparatus, and medium and electronic device
CN114692209A (en) * 2022-05-31 2022-07-01 蓝象智联(杭州)科技有限公司 Graph federation method and system based on confusion technology
CN115344753A (en) * 2022-08-17 2022-11-15 中国建设银行股份有限公司 Federal diagram calculation method, federal diagram calculation configuration method, device and electronic equipment
CN115775026A (en) * 2022-12-27 2023-03-10 重庆大学 Federated learning method based on organization similarity

Also Published As

Publication number Publication date
CN116186341B (en) 2023-08-15

Similar Documents

Publication Publication Date Title
CN107342858B (en) A kind of intelligent contract guard method and system based on trusted context
WO2022237450A1 (en) Secure multi-party computation method and apparatus, and device and storage medium
CN104023013B (en) Data transmission method, server side and client
WO2022247576A1 (en) Data processing method and apparatus, device, and computer-readable storage medium
CN111431713B (en) Private key storage method and device and related equipment
CN113162752B (en) Data processing method and device based on hybrid homomorphic encryption
CN109741068B (en) Online banking cross-row signing method, device and system
CN111049650A (en) SM2 algorithm-based collaborative decryption method, device, system and medium
CN110912686B (en) Method and system for negotiating secret key of security channel
CN111586142B (en) Safe multiparty computing method and system
WO2024093426A1 (en) Federated machine learning-based model training method and apparatus
CN111429138A (en) Block link point data safety interaction method and first interaction node
CN116186782B (en) Federal graph calculation method and device and electronic equipment
CN114143117B (en) Data processing method and device
CN116204909B (en) Vector element mapping method, electronic device and computer readable storage medium
CN109547413B (en) Access control method of convertible data cloud storage with data source authentication
CN114547668A (en) Secret trace query method and device based on country secret and index confusion
CN114884675B (en) Multi-party privacy intersection method, device, equipment and medium based on bit transmission
CN112511554B (en) Symbolic modeling system of network security protocol
CN116186341B (en) Federal graph calculation method, federal graph calculation device, federal graph calculation equipment and storage medium
CN117034287A (en) Multiparty joint modeling safety enhancement method based on privacy computing interconnection and interworking technology
US11290456B2 (en) Secret equality determination system, secret equality determination method and secret equality determination program recording medium
Li et al. Privacy-preserving data aggregation for big data in financial institutions
KR101181558B1 (en) Anonymous Authentication Method For Mobile Satellite Communication Systems
US20230188330A1 (en) System and method for identity-based key agreement for secure communication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant