CN116263817A

CN116263817A - Data access control method and related system

Info

Publication number: CN116263817A
Application number: CN202111535163.6A
Authority: CN
Inventors: 陈景顺; 周明耀
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2021-12-15
Filing date: 2021-12-15
Publication date: 2023-06-16

Abstract

The application provides a data access control method, which is executed by a data access control system, wherein the system comprises a data protection unit, and the data protection unit provides access rights for owners of data and/or authorized entities of the data, and the method comprises the following steps: and receiving a data access request of the application, wherein the data access request is used for requesting to access the target data in the data protection unit, sending an authorization request to an owner of the target data according to the data access request, and sending encrypted target data to the application when receiving an authorization response. The method stores the data subjected to access control in the data protection unit, the data access control system performs dynamic real-time authorization on the target data of the application request, and the authorized authority is given to the owner of the target data, so that the owner of the target data can control the access of the target data, and even an administrator cannot access the target data when the data access control system does not have the authorization of the owner of the target data, thereby guaranteeing the data security.

Description

Data access control method and related system

Technical Field

The present invention relates to the field of data security technologies, and in particular, to a data access method, a data access system, a computer cluster, a computer readable storage medium, and a computer program product.

Background

With the continued development of computer technology, many businesses are gradually migrated from an offline mode to an online mode. The service is migrated from the offline mode to the online mode, and the computing resource and the storage resource are consumed. If the computing center is built by itself, not only is a lot of hardware cost and operation and maintenance cost spent, but also the resources of the computing center are not run at all times and cannot be shared, resulting in huge waste. Based on this, one mainstream approach is to lease resources on demand. A user, such as an individual, enterprise, or organization, may request lease computing resources, storage resources from a service provider (e.g., cloud service provider, smart computing service provider) based on business needs.

The computing resources, storage resources, provided by the service provider are typically provided by a centrally deployed computing center (also referred to as a computing center, data center). Users often need to upload data to a centralized computing center for computation or storage, however, the computing center often serves multiple users, thus increasing the risk of data theft.

How to provide a data access control method to protect data security is a major concern in the industry.

Disclosure of Invention

The data access control system dynamically authorizes the target data requested by the application in real time and gives the authorized authority to the owner of the target data, so that the owner of the target data can control the access of the target data, and even an administrator cannot access the target data when the owner of the target data is not authorized, thereby guaranteeing the data security. The application also provides a system, a computing device cluster, a computer readable storage medium and a computer program product corresponding to the method.

In a first aspect, the present application provides a data access control method. The method may be performed by a data access control system. The data access control system comprises a data protection unit. The data protection unit provides access rights to the owner of the data and/or to an authorised entity of the data.

Specifically, the data access control system receives a data access request of an application, the data access request being for requesting access to the target data stored in the data protection unit, and then the data access control system sends an authorization request to an owner of the target data according to the data access request, and sends encrypted target data to the application when receiving an authorization response of the owner of the target data.

The data access control system stores the data subjected to access control in the data protection unit, the data protection unit has the capability of defending against operating system level attacks, and supports authorization verification, so that any tenant can be prevented from reading data or writing data from the data protection unit without authorization. In the scheme, the data access control system dynamically authorizes the target data requested by the application in real time and gives the authorized authority to the owner of the target data, so that the owner of the target data can control the access to the target data, and even an administrator (for example, a service provider) cannot access the target data when the authority of the owner of the target data is not provided, thereby guaranteeing the data security.

In some possible implementations, after receiving the authorization response of the owner of the target data, the data access control system may further perform identity verification on the owner of the target data to determine whether the tenant that sends the authorization response has corresponding rights, for example, whether the tenant is a real target data owner. When the identity verification passes, then the data access control system may send the encrypted target data to the application.

In the method, the data access control system performs identity verification on the owner of the target data before returning the encrypted target data, so that other users are prevented from impersonating the owner of the target data to authorize, and the safety of the target data is ensured.

In some possible implementations, the data access control system may present an authorization interface to the owner of the target data in accordance with the authorization request. The authorization interface includes an identification of the application and an identification of the target data. In this way, the owner of the target data can determine which application or applications are requesting the target data based on the identity of the application and the identity of the target data, and to do so whether authorization is to be performed. When the owner of the target data determines authorization, a client of the owner (e.g., tenant) of the target data may generate an authorization response based on an authorization operation of the owner of the target data on the target data.

In the method, the authority of authorization is given to the owner of the target data, so that the owner of the target data controls the access to the target data, and even an administrator (for example, a service provider) cannot access the target data when the authority of the owner of the target data is not provided, thereby ensuring the data security.

In some possible implementations, the data access control system may further receive an authentication credential transmitted by the owner of the target data over the secure channel, and authenticate the owner of the target data based on the authentication credential. And when the identity authentication is passed, the data access control system presents an authorization interface to the owner of the target data according to the authorization request.

The data access control system may send a code corresponding to the authorization interface to the owner of the target data, and the client of the owner of the target data may load the code corresponding to the authorization interface to present the authorization interface to the owner of the target data.

In the method, the data access control system performs identity authentication based on the authentication credentials of the owners of the target data before presenting the authorization interface, so that the risk that some illegal molecules impersonate the owners of the target data to cause the leakage or tampering of the target data is avoided. Moreover, the identity certificate does not need to be bound with the application, so that the safety is further ensured, and the attack range is reduced.

In some possible implementations, the data access control system may also perform a validity check on the application before sending an authorization request to the owner of the target data. For example, the data access control system can perform validity check on the application based on information such as certificates of the application, so as to avoid illegal application from requesting target data.

In some possible implementations, the data protection unit is a cryptographic engine or trusted execution environment. Whether the encryption machine or the executable environment has the capability of defending against operating system level attacks, and supporting authorization checking, any tenant can be prevented from unauthorized reading or writing of data. Therefore, data access control can be provided, and the safety of target data is ensured.

In some possible implementations, the target data includes confidential data or an encryption key used to encrypt the confidential data. That is, the method can be used for controlling access to confidential data, such as the structure, weight and the like of a neural network model, and controlling an encryption key used for encrypting the confidential data, so that the security of the confidential data is ensured.

In a second aspect, the present application provides a data access control system. The data access control system comprises a data protection unit, wherein the data protection unit provides access rights for owners of data and/or authorized entities of the data;

the data protection unit is used for receiving a data access request of an application, wherein the data access request is used for requesting to access target data stored in the data protection unit, sending an authorization request to an owner of the target data according to the data access request, and sending the encrypted target data to the application when receiving an authorization response of the owner of the target data.

In some possible implementations, the data protection unit is further configured to:

identity verification is carried out on the owner of the target data;

the data protection unit is specifically configured to:

and when the identity verification passes, sending the encrypted target data to the application.

presenting an authorization interface to an owner of the target data according to the authorization request, wherein the authorization interface comprises an identification of the application and an identification of the target data;

an authorization response of the owner of the target data is generated based on an authorization operation of the owner of the target data on the target data.

In some possible implementations, the system further includes:

the identity authentication unit is used for receiving authentication credentials transmitted by the owners of the target data through the secure channel, and carrying out identity authentication on the owners of the target data according to the authentication credentials;

the data protection unit is specifically configured to:

and when the identity authentication passes, presenting an authorization interface to an owner of the target data according to the authorization request.

In some possible implementations, the system further includes:

And the management platform is used for verifying the validity of the application before sending an authorization request to the owner of the target data.

In some possible implementations, the data protection unit is a cryptographic engine or trusted execution environment.

In some possible implementations, the target data includes confidential data or an encryption key used to encrypt the confidential data.

In a third aspect, the present application provides a computing device cluster comprising at least one computing device. The at least one computing device includes at least one processor and at least one memory. The processor and the memory communicate with each other. The at least one processor is configured to execute instructions stored in the at least one memory to cause a computing device or cluster of computing devices to perform the method of the first aspect or any implementation of the first aspect.

In a fourth aspect, the present application provides a computer-readable storage medium having stored therein instructions that instruct a computing device or cluster of computing devices to perform the method of the first aspect or any implementation of the first aspect.

In a fifth aspect, the present application provides a computer program product comprising instructions which, when run on a computing device or cluster of computing devices, cause the computing device or cluster of computing devices to perform the method of the first aspect or any implementation of the first aspect.

Further combinations of the present application may be made to provide further implementations based on the implementations provided in the above aspects.

Drawings

In order to more clearly illustrate the technical method of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below.

Fig. 1 is a schematic architecture diagram of a data access control system according to an embodiment of the present application;

fig. 2 is a flowchart of a method for registering target data according to an embodiment of the present application;

fig. 3 is an interaction flow chart of a data access control method provided in an embodiment of the present application;

FIG. 4 is an interface schematic diagram of an authorization interface according to an embodiment of the present disclosure;

fig. 5 is a schematic structural diagram of a computing device cluster according to an embodiment of the present application.

Detailed Description

The terms "first", "second" in the embodiments of the present application are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more such feature.

Some technical terms related to the embodiments of the present application will be first described.

A computing force center, also referred to as a computing center, refers to a cluster of computers formed by a plurality of computers for providing computing or storage resources. The computing force center may include different types of cloud computing centers, intelligent computing centers, and the like. The cloud computing center virtualizes the scattered computers, thereby realizing the computer cluster of scheduling resources according to the need. An intelligent computing power center is a cluster of computers built on the basis of artificial intelligence (artificial intelligence, AI) chips for implementing AI capabilities such as model training and/or model reasoning.

The computing center may typically provide resources to users for use in a leased manner. Users (e.g., individual users, enterprise users, etc.) who lease resources may also be referred to as tenants. To enable operation of the business, the tenant typically needs to upload data to a computing force center for computation. For example, during model training, the tenant may upload training data and AI models to the computing center in order to train the AI models at the computing center via the training data.

In order to ensure the data security of the computing center, it is a common way to protect the data by data encryption. The data encryption specifically refers to the encryption protection of data by using an encryption key. However, data encryption is essentially a measure of the risk of transferring, in particular the risk of protecting the data to the protection of the encryption key. The computing center may protect the encryption key through a key management system (key management system, KMS).

An Application (APP) of the user may bind the access key. The access key comprises two parts, an access key ID (AK) and a cryptographic access key (secret access key, SK), and may thus also be denoted AK/SK. When the APP executes the operation, the APP can apply for obtaining the encryption key from the KMS according to the authentication credentials of the user, such as AK/SK. The fake APP does not have AK/SK of the user, and the KMS can reject the application of the fake APP, so that the security of the authentication credentials is guaranteed.

However, the above method further transfers the risk of protecting the encryption key to protecting the authentication credentials of the user. Since no scheme for protecting the authentication credentials is provided, once the authentication credentials are stolen, there is a high probability that the data is stolen. Moreover, the above scheme exposes the authentication credentials of the user to the APP, increasing the risk of the authentication credentials being stolen. After the authentication credentials of the user are stolen, the user may have other rights besides the encryption key, so that the attack scope is further increased.

In view of this, the embodiment of the application provides a data access control method. The method may be performed by a data access control system. The data access control system comprises a data protection unit. The data protection unit provides access rights to the owner of the data and/or to an authorised entity of the data.

In order to make the technical solution of the present application clearer and easier to understand, the system architecture of the embodiments of the present application is described below with reference to the accompanying drawings.

Referring to the architecture diagram of the data access control system shown in fig. 1, fig. 1 is illustrated with data access control in a smart computing power center 100. As shown in fig. 1, intelligent computing power center 100 includes data access control system 10 and work node 20. Wherein the worker node 20 employs AI chips to better support model training or model reasoning. A communication connection is established between data access control system 10 and working node 20. To secure data, the communication connection between data access control system 10 and working node 20 may be a secure channel.

Specifically, the working node 20 is deployed with a training/reasoning application 22 (for convenience of description, in some cases, also simply referred to as the application 22 in this embodiment), and the application 22 may mount a training data set ciphertext and a pre-training model ciphertext, and send a data access request to the data access control system 10 for requesting target data stored in the data protection unit 12 of the data access control system 10. In this embodiment, the target data may be an encryption key employed to encrypt the training data set and the pre-training model.

The data access control system 10 transmits an authorization request to the owner of the target data in accordance with the data access request. When an authorization response of the owner of the target data is received, the encrypted target data is sent to the application 22. The encrypted target data may be data obtained by encrypting the encryption key by using an envelope encryption method. The application 22 may decrypt the target data from the encrypted target data to obtain an encryption key, and then decrypt the training data set ciphertext and the pre-training model ciphertext using the encryption key to obtain training data plaintext and model plaintext. The application 22 loads the model plaintext and training data plaintext as described above, and can retrain the pre-trained model. When training is complete, application 22 may utilize the trained model to infer.

In the example of fig. 1, the data access control system 10 further comprises an identity authentication unit 14 and a management platform 16. The management platform 16 may perform validity verification on the application 22 when receiving a data access request sent by the application 22. When the verification passes, the management platform 16 forwards the data access request of the application 22 to the data protection unit 12. Wherein the data protection unit 12 may also be referred to as AI-vacult. The data protection unit 12 may construct an authorization request and send the authorization request to the owner of the target data. The owner of the target data is specifically the tenant of the intelligent computing power center 100. The owner of the target data may initiate identity authentication to the identity authentication unit 14 upon an authorization request. For example, the owner of the target data may send the identity credential to the identity authentication unit 14, and the identity authentication unit 14 authenticates the owner of the target data with the identity credential and then returns an authentication result. When the authentication result characterizes the identity authentication to pass, an authorization interface can be presented to the owner of the target data. When the owner of the target data triggers an authorization operation through the authorization interface, the client corresponding to the owner of the target data may generate an authorization response through the authorization operation and send the authorization response to the data protection unit 12. The data protection unit 12 may encrypt the target data and return it to the management platform 16, and the management platform 16 forwards the encrypted target data to the application 22.

To achieve data access control, the owner of the target data may first register the target data with the data protection unit 12 of the data access control system 10. The data registration process is described below with reference to the accompanying drawings.

Referring to a flowchart of a registration method of target data described in fig. 2, the method includes:

s202: the data access control system 10 receives a data registration request of a tenant.

The data registration request includes target data. The target data may be confidential data or an encryption key used to encrypt the confidential data. Wherein the confidential data may be data that is identified as confidential and has a high security requirement. For example, for AI traffic, the confidential data may include one or more of AI model and training data. For another example, for non-AI traffic, the confidential data may include one or more of business logic, performance data, and the like.

To ensure data security, the data access control system 10 may receive a data registration request of a tenant through a secure channel. Specifically, a secure channel based on a secure socket layer (secure socket layer, SSL) may be established between a client of the tenant (e.g., a web client such as a browser) and the data security unit 12 of the data access control system 10, so as to ensure security of the data registration request. A secure channel based on transport layer security agreements (Transport Layer Security, TLS) may also be established between the tenant's client and the data security unit 12 of the data access control system 10. As such, the data security unit 12 of the data access control system 10 may receive the data registration request from the tenant through the above-described secure channel.

S204: the data access control system 10 performs identity authentication on the tenant according to the data registration request. When the identity authentication is passed, S206 is executed; otherwise, the registration flow is ended.

Specifically, the data protection unit 12 (i.e., AI-vacult) in the data access control system 10 may authenticate the tenant by the federated identity authentication unit 14 upon receiving the data registration request. The identity authentication unit 14 may be a trusted identity and access management (Identity and Access Management, IAM) component, where a trusted IAM is the basic component of a computing center.

The trusted IAM may receive an authentication credential of the tenant, which may be AK/SK, for example, and then perform identity authentication on the tenant based on the authentication credential to determine identity authenticity of the tenant. Specifically, the trusted IAM receives the AK/SK of the tenant, may generate an authentication string using the same SK corresponding to the AK and the same authentication mechanism, and compare the authentication string with the authentication string included in the data registration request. If the authentication character strings are the same, the IAM confirms that the current tenant is a real user and is not a fake user; if the authentication strings are different, the IAM may return an error code.

S206: the data access control system 10 verifies the registration authority of the tenant. When the verification passes, S208 is performed; otherwise, the registration process is ended.

Specifically, an administrator of the data access control system 10 may set a tenant permitted to register with the trusted AI-vaclt, and delete the permitted user. For example, after the tenant purchases the corresponding value-added service, the administrator may add the identity of the tenant to the permission list, and after the value-added service purchased by the tenant expires, the administrator may remove the identity of the tenant from the permission list.

Based on this, the data access control system 10 (e.g., trusted AI-vacult) may match the identity of the current tenant with the identity in the permission list. If the identification of the current tenant hits in the permission list, the current tenant is indicated to have registration authority, and the registration authority verification for the tenant is passed. If the identity of the current tenant is not hit in the permission list, the fact that the current tenant does not have the registration authority is indicated, and the registration authority verification for the tenant is not passed.

Note that, the registration method of the target data in the embodiment of the present application may not be executed in S204 or S206. For example, when the access control service is a non-value added service, the data access control system 10 may provide the registration authority for each real user, and thus the step of checking the registration authority is not required, that is, the data access control system 10 may not perform S206 described above.

S208: the data access control system 10 registers target data.

The data access control system 10 may store the target data in the data registration request to a database of trusted AI-VAULTs to effect registration of the target data. Further, the data access control system 10 may also generate an access policy for the target data. For example, the access policy may be to allow the owner of the target data (e.g., to send a combination of data registration requests) to have access and authorization rights.

In some possible implementations, the tenant may also carry the identity of the authorized user in the data registration request. Accordingly, the access policy may also be to allow the owner of the target data as well as the authorized user to have access and authorized rights. Of course, the access policy may also be to allow the owner of the target data and the authorized user to have access rights, and allow the owner of the target data to have authorized rights.

In this embodiment, the tenant registers the target data in the data protection unit 12 of the data access control system 10, for example, a trusted AI-vacult, which controls all accesses to the target data, and only the owner or authorized entity (for example, an authorized user) of the target data can access the target data, so that the security of the target data is ensured.

After registration of the target data is completed, the data access control system 10 may perform access control on the target data. The data access control method according to the embodiment of the present application will be described in detail from the viewpoint of interaction.

Referring to the interactive flow chart of the data access control method shown in fig. 3, the method comprises:

s302: the application 22 sends a data access request to the data access control system 10.

The application 22 may be an owner of the target data (e.g., a tenant that registers the target data) or an application deployed by another tenant. In some embodiments, the application 22 may be an AI application, such as a training/reasoning application. In other embodiments, the application 22 may also be a non-AI application, such as a database application or the like.

Taking the application scenario of the intelligent computing center as an example, the application 22 may be a training/reasoning application deployed by a tenant registering target data using a kubernetes platform, or a training/reasoning application deployed by other tenants using a kubernetes platform. To enable model training or reasoning, the application 22 may send a data access request to the data access control system 10 to obtain target data stored in the data protection unit 12 of the data access control system 10. In this example, the target data may be an encryption key used to encrypt confidential data such as training data sets, pre-training models, and the like.

It should be noted that, in other possible implementations of the embodiments of the present application, the target data may also be confidential data itself. Wherein the confidential data may be data that is identified as confidential and that has a high security requirement. For example, the confidential data corresponding to the AI application may be at least one of a training data set, a pre-training model, etc., and the confidential data corresponding to the non-AI application may be one or more of business logic, performance data, etc.

S304: the management platform 16 in the data access control system 10 verifies the legitimacy of the application 22. If the check passes, S306 is executed.

The management platform 16 is one of the basic components of a computing center for managing applications deployed at the computing center. Currently, a widely used management platform includes kubernetes. kubernetes may verify the legitimacy of the application 22 through a token in the data registration request. Specifically, kubernetes includes an api server that can locally calculate the token, and then compare the locally calculated token with the token in the data access request to verify the token of the data access request, thereby implementing verification of the legitimacy of the application 22.

When the management platform 16 determines that the application 22 is a legitimate application, the management platform 16 may execute S306 to execute a subsequent flow. When the management platform 16 determines that the application 22 is an illegal application, the management platform 16 may end the current flow. It should be noted that, in some embodiments, the management platform 16 may not execute the above S304, for example, when the applications deployed in the computing center are all legal applications, or the functions of verifying the validity of the applications may be implemented by the data protection unit 12, the data access control system 10 may not include the above management platform 16, and the management platform does not need to execute the above S304.

S306: the management platform 16 forwards the data access request to the data protection unit 12.

The management platform 16 and the data protection unit 12 are both trusted entities in the data access control system 10, and the management platform 16 and the data protection unit 12 are mutually trusted, so that the management platform 16 can forward data access requests to the data protection unit 12. Wherein a secure channel is established between the management platform 16 and the data protection unit 12. The management platform 16 may forward the data access request to the data protection unit 12 via the secure channel described above.

The data protection unit 12 is a core component of the data access control system 10. The component has the ability to defend against operating system level attacks, preventing any unauthorized user from accessing the target data stored in the component. Further, the component also has authorization verification capability, and can verify the tenant performing the authorization operation to determine whether the tenant has the authorization authority. In some embodiments, the data protection unit 12 may be a trusted execution environment (trusted execution environment, TEE), or an encryptor, to which embodiments of the present application are not limited.

S308: the data protection unit 12 constructs an authorization request from the data access request.

Specifically, the data protection unit 12 may construct an authorization request according to the identification of the target data in the data access request and the identification of the application 22, where the authorization request is used to request to obtain authorization, so as to obtain the right to access the target data. Further, the data protection unit 12 may also combine the account number of the login application 22 and/or the namespace to which the account number belongs when constructing the authorization request.

In some possible implementations, the data protection unit 12 may also construct an authorization request according to the data access request when querying the user authorized by the application 22, so as to avoid an unauthorized user from requesting the target data and ensure the security of the target data.

S310: the data protection unit 12 sends an authorization request to the client of the tenant.

S312: the client of the tenant sends an authentication request to the authentication unit 14 according to the authorization request.

Specifically, after receiving the authorization request, the tenant may perform identity authentication to the data access control system 10 to prove that the tenant has authorization rights, and the client of the tenant may return to the authorization interface, so that the tenant decides whether to authorize. The client of the tenant may send authentication credentials of the tenant, for example, AK/SK of the tenant, and the identity authentication unit 14 performs identity authentication on the tenant according to the AK/SK to obtain an identity authentication result.

S314: the identity authentication unit 14 returns an authentication result. When the authentication result characterizes the identity authentication pass, S316 is performed.

When the authentication result indicates that the identity authentication passes, the tenant is the owner of the target data or an authorized entity (authorized user) of the owner of the target data and has authorized authority. S316 may thus be performed to facilitate real-time authorization of the data access request.

It should be noted that, S312 to S314 are optional steps in the embodiments of the present application, and the methods of the embodiments of the present application may be performed without performing S312 to S314. For example, a tenant's client may present an authorization interface directly to the tenant so that the tenant feels whether to authorize the data access request in real-time.

S316: the client presents an authorization interface to the tenant.

For ease of understanding, the following is illustrated in connection with an interface diagram of an authorization interface. Referring to the interface schematic of the authorization interface shown in fig. 4, the authorization interface 400 includes an identification 402 of the target data and an identification 404 of the application 22 for exposing to the tenant which application requests what target data. The identification of the target data may be, for example, a hash value of the target data. In some embodiments, the identification of the target data may also be the name (e.g., file name) of the target data. The identification of the application 22 may be an icon of the application. In some embodiments, the identification of the application 22 may also be the name of the application 22. Further, the authorization interface 400 may also include an account number (or user name) 406 of the login application 22 and a namespace 408 to which the account number belongs, so that the tenant can view which user of the application 22 requests the target data.

The authorization interface 400 further includes an authorization control 407 and a denial authorization control 409. When the tenant triggers the authorization control 407, an authorization operation may be triggered, and when the tenant triggers the denial of authorization control 409, a denial of authorization operation may be triggered. In some embodiments, the authorization control 407 and the denial of authorization control 409 may be integrated in one control, and the tenant may trigger an authorization or denial of authorization operation by switching the control to a different mode.

S318: and the client receives the authorization operation of the tenant through the authorization interface and generates an authorization response.

Specifically, the client may obtain the identifier of the application 22 and the identifier of the target data when receiving the authorization operation of the tenant, and generate the authorization response according to the identifier of the application 22 and the identifier of the target data. Wherein the client may also generate an authorization response from the account number (or user name) of the login application 22.

It should be noted that, S316 to S318 are a specific implementation manner of generating the authorization response in the embodiment of the present application, and in other possible implementation manners of the embodiment of the present application, the authorization response may also be generated directly in the background without passing through the authorization interface.

S320: the client of the tenant sends an authorization response to the data protection unit 12.

S322: the data protection unit 12 performs identity verification on the tenant, and S324 is executed after the verification is passed.

The data protection unit 12 may perform identity verification on the tenant based on the authentication credential of the tenant to determine whether the tenant is a real tenant (an owner or an authorized entity of the target data), so as to avoid that a fake tenant authorizes the data access request, resulting in reduced security of the target data.

S324: the data protection unit 12 performs authority verification on the tenant, and S326 is executed after the verification is passed.

Specifically, the data protection unit 12 may determine whether the tenant is the owner of the target data by comparing the identity of the tenant that sent the authorization response with the identity of the tenant that registered the target data. When the tenant is the owner of the target data, the tenant has authorized rights, so that rights verification can be realized.

Further, when the owner of the target data registers the target data and an authorized entity (for example, an authorized user) of the target data is further set, the data protection unit 12 may further compare the identity of the tenant that sends the authorization response with the identity of the authorized entity, so as to determine whether the tenant is the authorized entity of the target data. Wherein the data protection unit 12 may determine whether the tenant is an authorized entity of the target data in case it is determined that the tenant is not an owner of the target data. When the tenant is an authorized entity of the target data, the tenant has authorized rights, so that rights verification can be realized.

It should be noted that, S322 to S324 are optional steps in the embodiments of the present application, and the data access control method performed in the embodiments of the present application may not perform the steps or perform one of the steps. And the two steps can be executed in parallel, or the authority verification is executed first and then the identity verification is executed.

S326: the data protection unit 12 returns the encrypted target data to the management platform 16.

S328: the management platform 16 returns the encrypted target data.

Specifically, the data protection unit 12 may encrypt the target data in an envelope encryption manner, obtain encrypted target data, and then return the encrypted target data to the application 22 with the management platform 16 as an intermediary. In some embodiments, the data protection unit 12 may also return the encrypted target data directly to the application 22 without going through the management platform 16.

Among other things, a secure channel may also be established between the management platform 16 and the application 22, such as a SSL or TLS based secure channel. In this manner, the management platform 16 may also return the encrypted target data to the application 22 via the secure channel, thereby ensuring the security of the target data.

The embodiment shown in fig. 3 describes a specific implementation manner of the data access control method of the present application, and in practical application, the data access control system 10 may not execute S304, S306, S322, S324, or the client of the tenant may not execute S312, S314. In addition, the client of the tenant does not need to be implemented through S316 to S318 when generating the authorization response, for example, the client of the tenant may directly determine in the background whether the data access request meets the requirement of authorization, and when meeting the requirement of authorization, generate the authorization response. Similarly, the data access control system 10 may return the encrypted target data directly to the application 22 without performing S326 and S328 when returning the encrypted target data.

Based on the above description, the embodiments of the present application provide a data access control method. In this method, confidential data requiring high security or target data such as an encryption key for encrypting the confidential data are stored in the data protection unit 12 of the data access control system 10. The data protection unit 12 has the capability of preventing any user from unauthorized reading or writing of the target data, and ensures the storage security of the target data. Moreover, the data protection unit 12 and the trusted entities such as the identity authentication unit 14 and the management platform 16 form a minimum trust set, and the entities in the minimum trust set are mutually trusted and interact through a secure channel. By means of entity interaction in the minimum trust set, dynamic real-time authorization of target data requested by the application 22 can be achieved, and the authorized right is given to owners of the target data, any user including an administrator cannot access the target data when the user does not have authorization, so that risk of revealing the target data by the administrator is avoided, and safety of the target data is further guaranteed.

The data access control method can be applied to different scenes. In some embodiments, the data access control method may be applied to intelligent computing scenarios of an intelligent computing force center or a cloud computing center to achieve protection of training data sets and AI models. In other embodiments, the data access control method may also be applied to Yun Bian collaborative scenarios. The following describes different application scenarios respectively.

In the first application scenario, the intelligent computing center or the cloud computing center takes kubernetes as the management platform 16, and constructs the data protection unit 12 based on the KMS system of the encryption machine, and in addition, the intelligent computing center or the cloud computing center is further provided with the identity authentication unit 14. The data protection unit 12, the authentication unit 14 and the management platform 16 described above form the data access control system 10. The three entities in the data access control system 10 are trusted entities that mutually trust each other to form a minimum set of trust (also referred to as a minimum set of trust, minimum domain of trust). And a secure channel is established between trusted entities in the minimum trust set and is used for guaranteeing transmission security.

Specifically, the tenant locally encrypts the training data set or the AI model by using an encryption key to obtain a training data set ciphertext or a model ciphertext. After the identity authentication of the tenant through the identity authentication unit 14 of the computing center, such as IAM, the encryption key is registered to the data protection unit 12 through the secure channel, such as AI-vacult, and the access policy of the encryption key is set, including allowing the tenant to perform authorization by itself, performing decryption using the encryption key, updating/deleting the encryption key, etc., or authorizing other tenants to perform decryption using the encryption key. In addition, the tenant also uploads encrypted data, such as training data set ciphertext and model ciphertext, to the intelligent computing center.

When a tenant deploys a training or reasoning application by itself or other tenants using a management platform 16, such as a kubernetes platform, this application generates a data access request to request an encryption key from the AI-vacult through the api server of the kubernetes platform. Wherein the api server will check the token of the data access request, ensure that the data access request is from the correct account number, and then forward the data access request to the AI-vaclt. AI-vacult ensures that the data access request comes from the api server, confirms that the data access request is not authorized, and forwards the data access request to the tenant. And the tenant receives the data access request, then provides the authentication credentials again for login, and checks the content of the data access request. The client of the tenant can present an authorization interface to the tenant according to the content of the data access request, the authorization interface displays which APP under the account requests which target data of the tenant, and the tenant can execute authorization or refuses authorization operation based on the information displayed by the authorization interface. When the tenant executes the authorization operation, the AI-VAULT receives the authorization response, and the AI-VAULT encrypts the encryption key by adopting an envelope according to the authorization response and returns the encrypted encryption key to the application through the secure channel. After receiving the encryption key encrypted by the envelope, the APP decrypts the encryption key from the envelope, and then decrypts the training data set ciphertext and the model ciphertext by utilizing the encryption key (the encryption key and the decryption key are the same in a symmetrical encryption mechanism) to obtain the training data set plaintext and the model plaintext. In this way, the training or reasoning function of the application may function normally.

Compared with the scheme of binding AK/SK of the tenant to the application, the data access control method of the embodiment of the application does not expose the authentication credentials of the tenant to the outside, ensures the safety of the authentication credentials, further avoids the risk of leakage or theft of target data caused by leakage or theft of the authentication credentials, and ensures the safety of the target data. Moreover, the tenant can carry out real-time authorization on own target data under the condition that authentication credentials are not provided for other tenants, so that the target data is flexibly authorized for other tenants to use, on one hand, the service requirements are met, and on the other hand, the safety of the target data is guaranteed.

In a second application scenario, a secure channel is established between the cloud computing center and an edge node in an edge environment. When an application deployed on an edge node requires target data stored in a cloud computing center, the application may send a data access request to data access control system 10 for requesting the target data. The target data may be stored in the data protection unit 12 of the data access control system 10 in the cloud computing center, and the data protection unit 12 may be specifically constructed by a trusted execution environment.

Wherein a user may send a data access request to the data access control system 10 through an application while trying the AI model. In this example, the target data of the application request may be a model ciphertext, which is authorized by the data access control system 10 by the method of embodiments of the present application to pass the model ciphertext from the cloud computing center to the edge node. Then, the application deployed on the edge node decrypts the model ciphertext, so that the corresponding model can be loaded and reasoning can be carried out.

When the user finishes the trial, the user can acquire long-term authorization through a purchase mode. In particular, the owner of the target data may register the target data with a trusted area of the edge node, such as the TEE of the edge node, thereby enabling long-term authorization. .

The method can provide a centralized authorization mechanism for owners of the target data, not only realizes the protection of the target data, but also realizes flexible authorization and helps the owners of the target data to realize asset turnover quickly.

The data access control method according to the embodiment of the present application is described in detail above with reference to fig. 1 to 4, and the data access control system provided by the embodiment of the present application will be described below with reference to the accompanying drawings.

Referring to the schematic structure of the data access control system 10 shown in fig. 1, the data access control system 10 comprises a data protection unit 12, said data protection unit 12 providing access rights to the owners of the data and/or to authorized entities of said data.

The data protection unit 12 is configured to receive a data access request of an application, where the data access request is used to request access to target data stored in the data protection unit, send an authorization request to an owner of the target data according to the data access request, and send encrypted target data to the application when receiving an authorization response of the owner of the target data.

In some possible implementations, the data protection unit 12 is further configured to:

identity verification is carried out on the owner of the target data;

the data protection unit 12 is specifically configured to:

In some possible implementations, the data access control system 10 further includes:

an identity authentication unit 14, configured to receive an authentication credential transmitted by an owner of the target data through a secure channel, and perform identity authentication on the owner of the target data according to the authentication credential;

the data protection unit 12 is specifically configured to:

a management platform 16 for verifying the validity of the application before sending an authorization request to the owner of the target data.

In some possible implementations, the data protection unit 12 is a cryptographic engine or trusted execution environment.

The data access control system 10 according to the embodiments of the present application may correspond to performing the methods described in the embodiments of the present application, and the above and other operations and/or functions of the respective modules/units of the data access control system 10 are respectively for implementing the respective flows of the respective methods in the embodiments shown in fig. 3, which are not repeated herein for brevity.

The embodiment of the application also provides a computing device cluster. The cluster of computing devices includes at least one computing device, which may be, for example, a server. The cluster of computing devices is particularly useful for implementing the functionality of the data access control system 10 in the embodiment shown in fig. 1.

Fig. 5 provides a schematic diagram of a computing device cluster, and as shown in fig. 5, the computing device cluster 50 includes a plurality of computing devices 500, the computing devices 500 including a bus 501, a processor 502, a communication interface 503, and a memory 504. The processor 502, the memory 504 and the communication interface 503 communicate via a bus 501.

Bus 501 may be a peripheral component interconnect standard (peripheral component interconnect, PCI) bus or an extended industry standard architecture (extended industry standard architecture, EISA) bus, among others. The buses may be divided into address buses, data buses, control buses, etc. For ease of illustration, only one thick line is shown in fig. 5, but not only one bus or one type of bus.

The processor 502 may be any one or more of a central processing unit (central processing unit, CPU), a graphics processor (graphics processing unit, GPU), a Microprocessor (MP), or a digital signal processor (digital signal processor, DSP).

The communication interface 503 is for communication with the outside. For example, the communication interface 503 is configured to receive a data access request of an application, send an authorization request to an owner of target data, receive an authorization response of the owner of target data, send encrypted target data to the application, and so on.

The memory 504 may include volatile memory (RAM), such as random access memory (random access memory). The memory 504 may also include a non-volatile memory (ROM), such as a read-only memory (ROM), a flash memory, a Hard Disk Drive (HDD), or a solid state drive (solid state drive, SSD).

The memory 504 has stored therein computer readable instructions that are executed by the processor 502 to cause the cluster of computing devices 50 to perform the aforementioned data access control methods (or to implement the functions of the aforementioned data access control system 10).

In particular, in the case of implementing the embodiment of the system shown in fig. 1, and in the case where the functions of the modules or units of the data access control system 10 (e.g., the identity authentication unit 14, the management platform 16) described in fig. 1 are implemented by software, software or program code required to perform the functions of the modules or units in fig. 1 may be stored in at least one memory 504 in the computing device cluster 50. The at least one processor 502 executes the program code stored in the memory 504 to cause the cluster of computing devices 50 to perform the aforementioned data access control methods.

Embodiments of the present application also provide a computer-readable storage medium. The computer readable storage medium may be any available medium that can be stored by a computing device or a data storage device such as a data center containing one or more available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid state disk), etc. The computer-readable storage medium includes instructions that instruct a computing device or cluster of computing devices to perform the data access control method described above.

Embodiments of the present application also provide a computer program product. The computer program product includes one or more computer instructions. When the computer instructions are loaded and executed on a computing device, the processes or functions described in accordance with the embodiments of the present application are produced in whole or in part. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website, computing device, or data center to another website, computing device, or data center by a wired (e.g., coaxial cable, fiber optic, digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer program product may be a software installation package that can be downloaded and executed on a computing device or cluster of computing devices in the event that any of the aforementioned methods of data access control are desired.

The descriptions of the processes or structures corresponding to the drawings have emphasis, and the descriptions of other processes or structures may be referred to for the parts of a certain process or structure that are not described in detail.

Claims

1. A data access control method, performed by a data access control system comprising a data protection unit providing access rights to an owner of data and/or an authorised entity of the data, the method comprising:

receiving a data access request of an application, wherein the data access request is used for requesting to access target data stored in the data protection unit;

sending an authorization request to an owner of the target data according to the data access request;

when an authorization response of an owner of the target data is received, the encrypted target data is sent to the application.

2. The method of claim 1, wherein upon receiving an authorization response of an owner of the target data, the method further comprises:

identity verification is carried out on the owner of the target data;

said sending encrypted said target data to said application comprising:

3. The method according to claim 1 or 2, characterized in that the method further comprises:

4. A method according to claim 3, characterized in that the method further comprises:

receiving an authentication credential transmitted by an owner of the target data through a secure channel;

carrying out identity authentication on the owner of the target data according to the authentication credentials;

the presenting an authorization interface to the owner of the target data according to the authorization request comprises:

5. The method of any of claims 1 to 4, wherein prior to sending an authorization request to the owner of the target data, the method further comprises:

And carrying out validity check on the application.

6. The method according to any of claims 1 to 5, wherein the data protection unit is an encryptor or trusted execution environment.

7. The method according to any one of claims 1 to 6, wherein the target data includes confidential data or an encryption key for encrypting the confidential data.

8. A data access control system, characterized in that the data access control system comprises a data protection unit providing access rights to an owner of data and/or an authorized entity of the data;

9. The system of claim 8, wherein the data protection unit is further configured to:

identity verification is carried out on the owner of the target data;

The data protection unit is specifically configured to:

10. The system according to claim 8 or 9, wherein the data protection unit is further configured to:

11. The system of claim 10, wherein the system further comprises:

the data protection unit is specifically configured to:

12. The system according to any one of claims 8 to 11, wherein the system further comprises:

13. The system according to any of claims 8 to 12, wherein the data protection unit is an encryptor or trusted execution environment.

14. The system of any of claims 8 to 13, wherein the target data comprises confidential data or an encryption key used to encrypt the confidential data.

15. A cluster of computing devices, characterized in that it comprises at least one computing device comprising at least one processor and at least one memory, the at least one memory having stored therein computer-readable instructions that are executed by the at least one processor to cause the cluster of computing devices to perform the method of any of claims 1 to 7.

16. A computer-readable storage medium comprising computer-readable instructions that, when run on a computing device or cluster of computing devices, cause the computing device or cluster of computing devices to perform the method of any of claims 1-7.

17. A computer program product comprising computer readable instructions which, when run on a computing device or cluster of computing devices, cause the computing device or cluster of computing devices to perform the method of any of claims 1 to 7.