CN116484432B

CN116484432B - Longitudinal joint query method and device based on multiparty security calculation

Info

Publication number: CN116484432B
Application number: CN202310743151.5A
Authority: CN
Inventors: 陈超超; 郑小林; 刘鹏; 巫锡斌
Original assignee: Hangzhou Jinzhita Technology Co ltd
Current assignee: Hangzhou Jinzhita Technology Co ltd
Priority date: 2023-06-21
Filing date: 2023-06-21
Publication date: 2023-09-19
Anticipated expiration: 2043-06-21
Also published as: CN116484432A

Abstract

The present specification provides a longitudinal joint query method and device based on multiparty security computation, which is applied to a task initiating node, wherein the task initiating node is a target computing node in a multiparty security computing network, and comprises: determining a first secret sharing state table and a first valid vector of local data in response to the request; constructing a second effective vector of the first secret sharing state table according to the filtering condition in the request, and fusing the second effective vector and the second effective vector into a third effective vector; sequencing the first secret sharing state table according to grouping conditions and a third effective vector in the request, aggregating the sequencing results by utilizing a grouping aggregation strategy, and determining a second secret sharing state table and a fourth effective vector according to the aggregation result; and fusing the fourth effective vector and the third effective vector into a fifth effective vector, and sorting the second secret sharing state table according to the sorting condition in the request and the fifth effective vector to obtain the target secret sharing state table.

Description

Longitudinal joint query method and device based on multiparty security calculation

Technical Field

The present disclosure relates to the field of multiparty security computing technologies, and in particular, to a longitudinal joint query method and device based on multiparty security computing.

Background

With the development of internet technology, online services provide more and more convenient services for users. And simultaneously, a large amount of related data about the user is generated on each service platform. In practical application, the user data is relatively important data for each platform, and on the basis, the privacy computing platform gradually enters the field of view of people to solve the problem of 'data island', and realize cross-domain joint multiparty data mining, joint modeling and the like under the condition that private data of enterprises are protected from leaving domains. In the prior art, as different platforms hold different data, the comprehensiveness and the accuracy of the query can be ensured by combining the data held by the different platforms and then querying the data; however, since the data are private data with respect to the platform, if the data are directly used for merging queries, not only leakage of the data will be caused, but also security risks will be generated, so an effective solution is needed to solve the above-mentioned problems.

Disclosure of Invention

In view of this, the embodiments of the present disclosure provide a longitudinal joint query method based on multiparty security computation. The present specification also relates to a longitudinal joint query device based on multiparty security computation, a computing device, and a computer-readable storage medium, which solve the technical defects existing in the prior art.

According to a first aspect of embodiments of the present disclosure, there is provided a longitudinal joint query method based on multiparty security computation, applied to a task initiation node, where the task initiation node is a target computing node in a multiparty security computing network, including:

determining a first secret sharing state table and a first effective vector of local data in response to a query request;

constructing a second effective vector of the first secret sharing state table according to the filtering condition in the query request, and fusing the first effective vector and the second effective vector into a third effective vector;

sorting the first secret sharing state table according to grouping conditions and the third effective vector in the query request, aggregating the sorting results by using a grouping aggregation strategy, and determining a second secret sharing state table and a fourth effective vector according to the aggregation result;

and fusing the fourth effective vector and the third effective vector into a fifth effective vector, and sequencing the second secret sharing state table according to the sequencing condition in the query request and the fifth effective vector to obtain a target secret sharing state table.

Optionally, the determining the first secret sharing state table and the first valid vector of the local data in response to the query request includes:

Determining a federated computing node in the multiparty secure computing network in response to a query request;

combining local data corresponding to each target computing node in the multiparty secure computing network through the joint computing node;

and determining a first secret sharing state table and a first effective vector corresponding to each target computing node according to the merging processing result.

Optionally, the merging, by the joint computing node, the local data corresponding to each target computing node in the multiparty secure computing network includes:

determining a data identifier of local data of each target computing node in the multiparty secure computing network;

processing the data identifier corresponding to each target computing node through the joint computing node to obtain a Boolean secret sharing state effective vector and Boolean sharing state identifier information of each target computing node;

and determining the merging processing result of the local data corresponding to each target computing node according to the Boolean secret sharing state effective vector, the Boolean sharing state identification information and the preset attribute secret sharing state information.

Optionally, the constructing the second valid vector of the first secret sharing state table according to the filtering condition in the query request includes:

Under the condition that the query request carries a filtering condition, filtering the first secret sharing state table according to the filtering condition, and obtaining a second effective vector according to a filtering result;

and under the condition that the query request carries a plurality of filtering conditions, respectively filtering the first secret sharing state table according to each filtering condition to obtain initial effective vectors corresponding to each filtering condition, and carrying out logic operation on the initial effective vectors corresponding to each filtering condition according to a preset secret sharing strategy to obtain second effective vectors.

Optionally, the sorting the first secret sharing state table according to the grouping condition in the query request and the third valid vector includes:

under the condition that the query request carries a grouping condition, updating the grouping condition according to the third effective vector, and sequencing the first secret sharing state table according to the updated grouping condition;

under the condition that the query request carries a plurality of grouping conditions, updating each grouping condition according to the third effective vector, constructing a low-order priority ordering strategy according to a preset initial ordering strategy and the updated grouping conditions, and ordering the first secret sharing state table by using the low-order priority ordering strategy.

Optionally, the aggregating the ordering result by using a packet aggregation policy, determining the second secret sharing state table and the fourth effective vector according to the aggregation result, including:

extracting the grouping conditions and the aggregation conditions from the query request, and generating the grouping aggregation strategy according to the grouping conditions and the aggregation conditions;

and aggregating the third secret sharing state table corresponding to the sequencing result according to the grouping aggregation strategy, and determining the second secret sharing state table and the fourth effective vector according to the aggregation result.

Optionally, the sorting the second secret sharing state table according to the sorting condition in the query request and the fifth valid vector, to obtain a target secret sharing state table, includes:

under the condition that the query request carries an ordering condition, updating the ordering condition according to the fifth effective vector, and ordering the second secret sharing state table according to the updated ordering condition to obtain the target secret sharing state table;

under the condition that the query request carries a plurality of sorting conditions, each sorting condition is respectively updated according to the fifth effective vector, a target sorting strategy is constructed according to a preset intermediate sorting strategy and the updated plurality of sorting conditions, and the second secret sharing state table is sorted by utilizing the target sorting strategy, so that the target secret sharing state table is obtained.

Optionally, the fusing the first active vector and the second active vector into a third active vector includes:

performing logic operation on the first effective vector and the second effective vector to obtain the third effective vector;

the fusing the fourth significant vector and the third significant vector into a fifth significant vector includes:

and carrying out logic operation on the fourth effective vector and the third effective vector to obtain the fifth effective vector.

Optionally, the method further comprises:

decrypting the target secret sharing state table under the condition that the target computing node is a task initiating node corresponding to the query request;

and obtaining target data according to the decryption result, and responding to the query request.

According to a second aspect of embodiments of the present disclosure, there is provided a longitudinal joint query device based on multiparty security computation, applied to a task initiation node, wherein the task initiation node is a target computing node in a multiparty security computing network, including:

a determining module configured to determine a first secret sharing state table and a first valid vector of local data in response to a query request;

The construction module is configured to construct a second effective vector of the first secret sharing state table according to the filtering condition in the query request, and fuse the first effective vector and the second effective vector into a third effective vector;

the aggregation module is configured to sort the first secret sharing state table according to grouping conditions in the query request and the third effective vector, aggregate the sorting results by using a grouping aggregation strategy, and determine a second secret sharing state table and a fourth effective vector according to the aggregation result;

the sorting module is configured to fuse the fourth effective vector and the third effective vector into a fifth effective vector, sort the second secret sharing state table according to the sorting condition in the query request and the fifth effective vector, and obtain a target secret sharing state table.

According to a third aspect of embodiments of the present specification, there is provided a computing device comprising:

a memory and a processor;

the memory is used for storing computer executable instructions, and the processor is used for implementing the steps of the longitudinal joint query method based on multiparty security calculation when executing the computer executable instructions.

According to a fourth aspect of embodiments of the present specification, there is provided a computer-readable storage medium storing computer-executable instructions which, when executed by a processor, implement the steps of the multi-party security computation based longitudinal joint query method.

According to the longitudinal joint query method based on multiparty security calculation, in order to achieve data alignment of each target computing node in a multiparty security computing network before data query, longitudinal query is supported, any one target computing node can firstly determine a first secret sharing state table and a first effective vector corresponding to local data in response to a query request, then a second effective vector of the first secret sharing state table is constructed according to filtering conditions in the query request, the second effective vector and the first effective vector are fused into a third effective vector, the first secret sharing state table is ordered by combining grouping conditions in the first query request, and the ordering results are aggregated by utilizing a grouping aggregation strategy, so that an ordered second secret sharing state table and a fourth effective vector corresponding to the second secret sharing state table can be obtained preliminarily; and then fusing the fourth effective vector and the third effective vector into a fifth effective vector, and sequencing the second secret sharing state table according to the sequencing condition in the query request and the fifth effective vector, so as to obtain the target secret sharing state table after the plurality of target computing nodes are aligned. Under the combined query scene, the query operation can be completed by combining the target secret sharing state table aligned by each target computing node, so that the comprehensiveness of the query result is ensured, the effect that the data held by the target computing node are available but invisible is achieved, and the data security is effectively ensured.

Drawings

FIG. 1 is a schematic diagram of a longitudinal joint query method based on multiparty security computing according to an embodiment of the present disclosure;

FIG. 2 is a flow chart of a method for longitudinal joint query based on multiparty security computing, according to one embodiment of the present disclosure;

FIG. 3 is a schematic diagram of a longitudinal joint query data in a longitudinal joint query method based on multiparty security computation according to an embodiment of the present disclosure;

FIG. 4 is a schematic diagram of a hierarchy of a longitudinal joint query model in a longitudinal joint query method based on multiparty security computation according to an embodiment of the present disclosure;

FIG. 5 is a flowchart of a process for a longitudinal joint query model in a longitudinal joint query method based on multiparty security computation according to an embodiment of the present disclosure;

FIG. 6 is a process flow diagram of a longitudinal joint query method based on multiparty security computing provided in an embodiment of the present disclosure;

FIG. 7 is a schematic structural diagram of a longitudinal joint query device based on multiparty security computation according to an embodiment of the present disclosure;

FIG. 8 is a block diagram of a computing device according to one embodiment of the present disclosure.

Detailed Description

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present description. This description may be embodied in many other forms than described herein and similarly generalized by those skilled in the art to whom this disclosure pertains without departing from the spirit of the disclosure and, therefore, this disclosure is not limited by the specific implementations disclosed below.

The terminology used in the one or more embodiments of the specification is for the purpose of describing particular embodiments only and is not intended to be limiting of the one or more embodiments of the specification. As used in this specification, one or more embodiments and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used in one or more embodiments of the present specification refers to and encompasses any or all possible combinations of one or more of the associated listed items.

It should be understood that, although the terms first, second, etc. may be used in one or more embodiments of this specification to describe various information, these information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, a first may also be referred to as a second, and similarly, a second may also be referred to as a first, without departing from the scope of one or more embodiments of the present description. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "responsive to a determination", depending on the context.

In the present specification, a longitudinal joint query method based on multiparty security computation is provided, and the present specification relates to a longitudinal joint query device based on multiparty security computation, a computing device, and a computer-readable storage medium, which are described in detail in the following embodiments one by one.

In practical applications, data sharing between enterprises is not performed in many cases because the data is used as private data of each enterprise. However, in some special scenarios, it may be necessary to integrate data of different enterprises to complete data queries for actual business scenarios, and on this basis, it may be necessary to complete the data queries on the basis of multiparty security calculations.

Assume that two participants a and B, a have table R1 (ID, a, B, C) in their relational databases and table R2 (ID, D, E, F) in their relational databases; wherein the number of rows of the table R1 is m, the number of rows of the table R2 is n, the attribute ID is a unique primary key of the tables R1 and R2, and the tables R1 and R2 have the same meaning on the attribute ID, such as a user identification card number; as shown in fig. 3, when a desires to perform a joint query on the aligned data of the two tables R1 and R2, a may be used as a task initiator at this time, and the joint query is recorded as a contract function F, where the function is input as R1 on the a side, R2 on the B side, the output of the function is the result of the query on the a side, and there is no output content on the B side, as shown in the following formulas (1) and (2), where the contract function F, and the data mode (Schema) of the tables R1 and R2 is public information.

In the calculation process of the contract function F, data security and accuracy of query results need to be ensured. Therefore, in terms of data security, in the calculation process of the function F, any party cannot infer relevant information of other party data according to all the information obtained by the method. The task initiator does not include information that can be presumed from the output result R. In terms of query result accuracy, the output result R obtained at the task initiator should be consistent with the output result of the ideal model. The output result of the ideal model is: the trusted third party gathers R1 and R2 together, and directly carries out the output result of the longitudinal joint query by using plaintext data.

However, the functions supported by the joint query SQL in the prior art are relatively single, for example, only support the functions of intersection and simple counting, and cannot be applied to complex query scenarios, for example: grouping, conditional filtering, etc. Can not be well applied in the actual application scene. There is therefore a need for an effective solution to the above problems.

Referring to the schematic diagram shown in fig. 1, in the longitudinal joint query method based on multiparty security computation provided in this specification, in order to enable each target computing node in the multiparty security computing network to implement data alignment before data query, and support longitudinal query, any target computing node may determine a first secret sharing state table and a first effective vector corresponding to local data in response to a query request, then construct a second effective vector of the first secret sharing state table according to a filtering condition in the query request, fuse the second effective vector with the first effective vector into a third effective vector, then sequence the first secret sharing state table in combination with a grouping condition in the first query request, and aggregate the sequencing result by using a grouping aggregation policy, so as to obtain an ordered second secret sharing state table and a corresponding fourth effective vector preliminarily; and then fusing the fourth effective vector and the third effective vector into a fifth effective vector, and sequencing the second secret sharing state table according to the sequencing condition in the query request and the fifth effective vector, so as to obtain the target secret sharing state table after the plurality of target computing nodes are aligned. Under the combined query scene, the query operation can be completed by combining the target secret sharing state table aligned by each target computing node, so that the comprehensiveness of the query result is ensured, the effect that the data held by the target computing node are available but invisible is achieved, and the data security is effectively ensured.

Fig. 2 is a flowchart of a longitudinal joint query method based on multiparty security computation, which is applied to a task initiating node, wherein the task initiating node is a target computing node in a multiparty security computing network, and specifically includes the following steps:

in step S202, a first secret sharing state table and a first valid vector of the local data are determined in response to the query request.

The longitudinal joint query method based on multiparty security computation is applied to any one of the multiparty security computation network nodes; that is, when there is a joint query data requirement between any two or more computing nodes in the multiparty secure computing network, any one of the two or more computing nodes is a target computing node, and the data alignment and query process of each computing node are the same as the description provided in this embodiment, which is convenient for description, only the data alignment process and query of one of the target computing nodes are described. Any computing node with data alignment and joint query requirements can be used as a task initiating node, and a node which cooperates with the task initiating node to perform joint data query is a task association node.

In addition, it should be noted that the data held by the computing nodes that jointly perform the data query are stored in the relational database, and each computing node holds the data and has the attribute ID, and the meaning of the attribute ID at each computing node is the same, so that after the two computing nodes can perform the data alignment, the corresponding target data can be jointly queried for subsequent service processing. Meanwhile, the method provided by the embodiment can be applied to any joint query scene, such as A holds medical data of a user, B holds attribute data of the user, when data query is needed to be performed on user A, query can be completed by combining A and B on the premise of ensuring the safety of the respective data of A and B, and the medical data and the attribute data of the user A can be determined for use in subsequent business scenes, such as insurance claims and the like.

Based on the above, the query request specifically refers to a request for triggering a data alignment processing task, the request is an SQL request, and the local data specifically refers to data held by a task initiator corresponding to a task initiating node, and the data is privacy data relative to other nodes, so that the aligned query is required through the embodiment provided by the specification, and the joint query is ensured to be completed under the condition of data security. Correspondingly, the first secret sharing state table specifically refers to an encrypted data table obtained after local data held by a task initiator are connected, and is used for realizing that the alignment processing stage can be completed in an encrypted state, so that data leakage is avoided. Correspondingly, the valid vector specifically refers to a flag information vector related to the validity of the data in the secret sharing state table, and the first valid vector is the flag information vector related to the validity of the data in the first secret sharing state table.

That is, after the task initiating node starts to query the task, the task associating party which needs to perform data alignment and query jointly with the task initiating party will perform the same process synchronously, that is, the task initiating node will construct a first secret sharing state of local data in response to the query request, and determine a first effective vector corresponding to the first secret sharing state at the same time, so that the task initiating party and the task associating party can be supported to perform data alignment based on the secret sharing state table and the effective vector conveniently, and then perform joint query operation based on the aligned data.

Further, in the process of constructing the first secret sharing state table and the first effective vector, the task initiator with the requirement of the joint query data and the task association party need to perform the same operation, and in order to quickly complete the alignment processing, the joint computing nodes in the multiparty secure computing network can complete corresponding processing; in this embodiment, the specific implementation manner is as follows:

determining a federated computing node in the multiparty secure computing network in response to a query request; combining local data corresponding to each target computing node in the multiparty secure computing network through the joint computing node; and determining a first secret sharing state table and a first effective vector corresponding to each target computing node according to the merging processing result.

Specifically, the joint computing node specifically refers to a computing node which is trusted by both a task initiator and a task associated party and cannot perform data leakage, and belongs to a multiparty secure computing network.

Based on this, when data alignment and processing according to a query request is required, a joint computing node can be determined in the multiparty secure computing network in response to the query request; local data corresponding to each target computing node in the multiparty secure computing network are combined through the joint computing nodes; therefore, the first secret sharing state table and the first effective vector corresponding to each target computing node are determined according to the merging processing result, and the subsequent alignment and data query operation is convenient on the basis.

In conclusion, the first secret sharing state table and the first effective vector are constructed by combining the joint computing nodes, so that the data can be ensured to be finished through a unified algorithm, data leakage cannot be caused, and the subsequent data alignment processing operation is more convenient.

Furthermore, when the joint computing node performs local data merging processing, the joint computing node performs local data merging processing aiming at a task initiator and a task association party respectively; in this embodiment, the specific implementation manner is as follows:

Determining a data identifier of local data of each target computing node in the multiparty secure computing network; processing the data identifier corresponding to each target computing node through the joint computing node to obtain a Boolean secret sharing state effective vector and Boolean sharing state identifier information of each target computing node; and determining the merging processing result of the local data corresponding to each target computing node according to the Boolean secret sharing state effective vector, the Boolean sharing state identification information and the preset attribute secret sharing state information.

Specifically, the data identifier specifically refers to an attribute ID corresponding to the data. Correspondingly, the Boolean sharing state effective vector specifically refers to an effective vector obtained after processing the data identifier corresponding to the computing node; the boolean sharing state identification information is the identification information obtained after boolean operation.

Based on the above, when the joint computing node performs data combination aiming at each target computing node, the joint computing node determines the data identification of the local data of each target computing node in the multiparty secure computing network; processing the data identifier corresponding to each target computing node through the joint computing node, so as to obtain the Boolean secret sharing state effective vector and the Boolean sharing state identifier information of each target computing node; and determining the merging processing result of the local data corresponding to each target computing node according to the Boolean secret sharing state effective vector, the Boolean sharing state identification information and the preset attribute secret sharing state information.

Taking the data table R1 held by a and the data table R2 held by B as an example for illustration, in the joint query SQL model, the processing logic is as follows:

SELECT SUM(AggVal), COUNT(AggVal)

FROM A.R1

JOIN B.R2 ON A.R1.ID = B.R2.ID

WHERE Cond1 AND Cond2

GROUP BY GroupKeys

ORDER BY OrderKeys；

when the first secret sharing state table and the first effective vector are generated based on the local data, the first secret sharing state table and the first effective vector are actually realized through a connection algorithm, namely, a plurality of connection modes exist for connection operation in the joint query according to the JOIN clause in the joint query: equivalent connection, conditional connection, etc. In consideration of the problem of connection in equivalence without repeated values, the connection operation between the relations can be realized by using a privacy intersection algorithm. That is, table R1 of a and table R2 of B are equivalent internal connections without repetition values according to the condition a.r1.id=b.r2.id. For the connection substructure, a combination of secret sharing intersection and an unintentional radix ordering algorithm can be adopted.

In the secret sharing intersection phase, an algorithm can be used, the input is R1.ID on the A side, the input is R2.ID on the B side, and the algorithm is a Boolean secret sharing state result of both effective vectors on the A side and the B side. After the secret sharing intersection is completed, the data of a and B are still out of order, i.e. the data rows with the same ID in a and B are not in the same position in the two participant tables, so the data of a and B with the same ID need to be aligned.

The data alignment mode is to share effective vectors of the Boolean secret with R1 of Alice and R2 of Bob respectivelyIs +.>Performing connection to obtain->Thereafter, the remaining attributes are then secretDense sharing as load->The careless radix ordering is then used. It is possible to move the data with an effective vector of 0 to the upper half of the table and the data with an effective vector of 1 to the lower half of the table after sorting. Then intercepting the ordered secret sharing state according to the minimum value min (m, n) of the R1 line number m and the R2 line number n>After line min (m, n), intercept the effective vector +.>After the min (m, n) line. Finally, the Boolean sharing state ID, the secret sharing state load of A and the secret sharing state load of B are spliced to obtain the alignment data [ R ] of the secret sharing state]I.e. +.>Realizing the output of a secret sharing state table, namely the alignment data R, in the connection stage]And effective vector->The method is convenient for the following A and B to align the secret sharing state table for inquiring and using.

In summary, by combining the local data and then constructing the effective vector and the secret sharing state table, it can be ensured that the secret sharing state table contains all data identifiers of the current query requirement corresponding to the task initiating node, so that the follow-up joint query of the data meeting the use requirement is facilitated.

Step S204, a second effective vector of the first secret sharing state table is constructed according to the filtering condition in the query request, and the first effective vector and the second effective vector are fused into a third effective vector.

Specifically, after the first secret sharing state table and the first effective vector are obtained, in order to enable the task initiator and the task association party to quickly align data, filtering conditions can be read in the query request to achieve the second effective vector of the first secret sharing state table based on the filtering conditions, and the first effective vector and the second effective vector are fused into a third effective vector, so that subsequent use is facilitated.

The filtering condition specifically refers to a condition for normalizing the query content corresponding to the query request, and is used for filtering useless data in the first secret sharing state table, and constructing a second effective vector based on the remaining content. Correspondingly, the third effective vector specifically refers to a vector expression obtained by fusing the first effective vector and the second effective vector, and is used for finishing data alignment by combining other conditions in the query request later, so as to support multiparty joint query.

Furthermore, because the query request is the basis for triggering the data alignment and the subsequent joint query request, corresponding processing is required to be completed according to the conditions carried in the query request, namely, the filtering condition carried in the query request is required to be combined to filter useless data, and different numbers of filtering conditions are required to be processed differently; in this embodiment, the specific implementation manner is as follows:

(1) And under the condition that the query request carries a filtering condition, filtering the first secret sharing state table according to the filtering condition, and obtaining a second effective vector according to a filtering result.

Based on this, under the condition that the query request carries a filtering condition, the description can directly perform filtering processing, that is, perform filtering processing on the first secret sharing state table according to the filtering condition, so as to obtain the second effective vector according to the filtering processing result.

(2) And under the condition that the query request carries a plurality of filtering conditions, respectively filtering the first secret sharing state table according to each filtering condition to obtain initial effective vectors corresponding to each filtering condition, and carrying out logic operation on the initial effective vectors corresponding to each filtering condition according to a preset secret sharing strategy to obtain second effective vectors.

Specifically, the initial effective vector specifically refers to an effective vector corresponding to each filtering condition obtained according to a filtering result after the first secret sharing state table is filtered according to a plurality of filtering conditions. Accordingly, the logical operation specifically means an and, or, not operation on the initial valid vector.

Based on this, under the circumstance that the query request carries a plurality of filtering conditions, the filtering conditions are described to be complex, so that the filtering processing needs to be performed on the first secret sharing state table according to each filtering condition to obtain an initial effective vector corresponding to each filtering condition, and logic operation is performed on the initial effective vector corresponding to each filtering condition according to a preset secret sharing strategy to obtain a second effective vector.

Along the above example, filtering the secret sharing state table may be implemented using a selection algorithm, i.e., the selection algorithm corresponds to the WHERE clause in the joint query statement. Without loss of generality, it is assumed that at the selection algorithm step, what is required to be processed isSelection under individual conditions,/->。

If the selection algorithm is only single, k=1, and aiming at the condition that only one selection condition exists in the WHERE, namely single selection, the comparison algorithm of secret sharing can be directly used, and the comparison result of secret sharing can be obtainedThe method comprises the steps of carrying out a first treatment on the surface of the Wherein the results are 0,1, which can be converted into +.>。

If multiple condition judgment exists in WHERE, it is assumed that the comparison results obtained by judging condition 1 and condition 2 are respectivelyAnd->. For OR, AND, NOT three that may occur in WHERE Logical operations may use arithmetic secret shared additions and multiplications, i.e. may be constructed as in table 1 below:

TABLE 1

The data security protection strategy of the selection algorithm is to use comparison based on secret sharing and the above table 1 to realize logical operation through multiplication/addition of arithmetic secret sharing, and finally output an effective vector for secret sharingI.e. +.>=。

Furthermore, when the effective vectors are fused, the method can be realized in a logic operation mode; in this embodiment, the specific implementation manner is as follows: and carrying out logic operation on the first effective vector and the second effective vector to obtain the third effective vector. That is, when the effective vectors are combined, the method can be directly completed by adopting a logic operation mode, so that a third effective vector is obtained.

Comprehensive, in order to ensure that the subsequent longitudinal joint query can be realized, the filtering condition in the query request is required to complete the conversion of the effective vector before the target secret sharing state table is obtained, and the realization can be finally used for limiting the query range, so that the final target secret sharing state table does not contain redundant information and is more attached to the query request.

Step S206, sorting the first secret sharing state table according to the grouping condition and the third effective vector in the query request, aggregating the sorting result by using a grouping aggregation strategy, and determining a second secret sharing state table and a fourth effective vector according to the aggregation result.

Specifically, after the third effective vector and the first secret sharing state table are obtained, the first secret sharing state table may be ordered according to the grouping condition and the third effective vector in the query request, so as to group the same data together, and then the grouping aggregation policy is used to aggregate the ordering result, so that the second secret sharing state table and the fourth effective vector may be determined according to the aggregation result.

Specifically, the grouping condition is specifically a condition of grouping the data with the same attribute in the first secret sharing state table together, and is used for realizing the ordering of the data with the same identifier, and all parties adopt the grouping mode to group the data, so that the high alignment of the secret sharing state table can be ensured, the data with the same identifier can be conveniently and subsequently aggregated together, and the volume of the secret sharing state table is reduced; correspondingly, the grouping aggregation policy specifically refers to a policy for aggregating the sorted secret sharing state tables, and is used for aggregating the data with the same identifier.

Further, when the first secret sharing state table is ordered according to the grouping condition and the third effective vector, the purpose is to achieve the aim of alignment, and different grouping conditions adopt different processing modes; in this embodiment, the specific implementation manner is as follows:

(1) And under the condition that the query request carries a grouping condition, updating the grouping condition according to the third effective vector, and sequencing the first secret sharing state table according to the updated grouping condition.

Based on this, in the case that the query request carries one grouping condition, the description can be directly ordered, and then the grouping condition can be updated according to the third effective vector, so that the first secret sharing state table is ordered according to the updated grouping condition.

(2) Under the condition that the query request carries a plurality of grouping conditions, updating each grouping condition according to the third effective vector, constructing a low-order priority ordering strategy according to a preset initial ordering strategy and the updated grouping conditions, and ordering the first secret sharing state table by using the low-order priority ordering strategy.

Specifically, the low-order priority ordering strategy is specifically a strategy of prioritizing packets with the smallest aggregate data volume, and is used for realizing that all parties can order the first secret sharing state table in the same way, so that the secret sharing state tables of all parties can achieve the aim of alignment, and longitudinal joint query is convenient.

Based on this, under the circumstance that the query request carries a plurality of grouping conditions, it is stated that the grouping can be performed after policy generation, then each grouping condition can be updated according to the third effective vector, and a low-order priority policy is constructed according to the preset initial ordering policy and the updated plurality of grouping conditions, so that the first secret sharing state table can be ordered by using the low-order priority policy.

Along with the above example, the sorting of the secret sharing state table can be achieved using a grouping algorithm, i.e., the grouping corresponds to the GROUP operation in the joint query. Without loss of generality, according toGrouping, the effective vector generated by the front step is [ v ]]By adding a valid vector before the grouping attribute, i.e. +.>The purpose of distinguishing effective data from invalid data is achieved.

The algorithm adopted for the grouping sub-structure is a table [ R ] of secret sharing states according to KEY]The sorting algorithm adopts an algorithm in the sorting of the careless base, and the data with the same KEY are arranged at adjacent positions through the sorting algorithm. For the case of grouping according to multiple KEYs, the KEY is traversed from right to left by the least significant priority (Least Significant Digit first, LSD) method, i.e. In the order of key at a time _i The loaded careless cardinality sorting is performed. I.e. output the ordered list [ R ] according to the key]. Namely, tables R1 and R2, corresponding to a and B, respectively, and ordered.

In summary, the first secret sharing state table is ordered according to the grouping conditions and the grouping aggregation strategy, so that the secret sharing state tables of all parties can be ensured to achieve the aim of alignment, and the longitudinal joint query is convenient to use.

Furthermore, after the first secret sharing state table is sequenced, the data with the same attribute ID is combined, so that the data with the same attribute ID between the task initiator and the task associated party can be ensured to be highly aligned; in this embodiment, the specific implementation manner is as follows:

extracting the grouping conditions and the aggregation conditions from the query request, and generating the grouping aggregation strategy according to the grouping conditions and the aggregation conditions; and aggregating the third secret sharing state table corresponding to the sequencing result according to the grouping aggregation strategy, and determining the second secret sharing state table and the fourth effective vector according to the aggregation result.

Specifically, the grouping condition specifically refers to a condition of grouping data in the secret sharing state table, and is used for ordering the data with the same identifier together; accordingly, an aggregation policy specifically refers to a policy that aggregates data that is grouped together.

Based on this, in order to enable the same data to be put together to be completed when aligned, a grouping condition and an aggregation condition can be extracted from a query request, and a grouping aggregation policy can be generated according to the grouping condition and the aggregation condition; and at the moment, the third secret sharing state table corresponding to the sequencing result is aggregated according to the grouping aggregation strategy, and the second secret sharing state table and the fourth effective vector can be determined according to the aggregation result.

Along with the above example, the aggregation of the data in the secret sharing state table can be achieved using an aggregation algorithm, i.e., the aggregation corresponds to the Agg operation in the joint query. After the grouping algorithm is completed, the secure linear aggregation algorithm is used according to the KEY of the grouping and the attribute to be aggregated, and the aggregation algorithm can be completed. After the secure linear aggregation algorithm is completed, the aggregation result of each packet is stored in the last row of the same packet. That is, the output using this algorithm is:the packet aggregation result is stored in the table R of the last row of the current packet]And the effective vector v generated in the aggregation stage _agg ]。

By combining the grouping condition and the aggregation condition, the secret sharing state table is processed, so that the secret sharing state expression of each party can be ensured to be always high, and the follow-up use is satisfied.

Step S208, fusing the fourth effective vector and the third effective vector into a fifth effective vector, and sorting the second secret sharing state table according to the sorting condition in the query request and the fifth effective vector to obtain a target secret sharing state table.

Specifically, after the third effective vector, the fourth effective vector and the second secret sharing state table are obtained, the fourth effective vector and the third effective vector can be fused into the fifth effective vector, and at this time, the second secret sharing state table is ordered according to the ordering condition in the query request and the fifth effective vector, so that the target secret sharing state table can be obtained.

The target secret sharing state table is used for supporting longitudinal joint query, and after the multiparty data tables are processed into the target secret sharing state table, the target secret sharing state table can jointly support longitudinal joint query so as to realize the feedback of a query result in response to a query request and be used for downstream service processing. Correspondingly, the ordering condition specifically refers to a condition that the secret sharing state table is aligned, so that the secret sharing state tables of all parties can be ordered in the same way, and subsequent use is convenient.

Further, when the fourth effective vector and the third effective vector are fused, a logic operation mode can be adopted for realizing; in this embodiment, the specific implementation manner is as follows: and carrying out logic operation on the fourth effective vector and the third effective vector to obtain the fifth effective vector.

Further, after the second secret sharing state table and the fifth effective vector are obtained, the second secret sharing state table is ordered by combining the ordering condition in the query request and the fifth effective vector, so that data alignment processing between the task initiator and the task associated party can be realized, and on the basis, the joint query can ensure the query accuracy, and different ordering conditions correspond to different ordering modes, in this embodiment, the specific implementation manner is as follows:

(1) And under the condition that the query request carries a sorting condition, updating the sorting condition according to the fifth effective vector, and sorting the second secret sharing state table according to the updated sorting condition to obtain the target secret sharing state table.

Based on the above, under the condition that the query request carries a sorting condition, the direct sorting is described to obtain an alignment result, that is, the sorting condition is updated according to the fifth effective vector, and the second secret sharing state table is sorted according to the updated sorting condition, so as to obtain the target secret sharing state table.

(2) Under the condition that the query request carries a plurality of sorting conditions, each sorting condition is respectively updated according to the fifth effective vector, a target sorting strategy is constructed according to a preset intermediate sorting strategy and the updated plurality of sorting conditions, and the second secret sharing state table is sorted by utilizing the target sorting strategy, so that the target secret sharing state table is obtained.

Based on the above, under the condition that the query request carries a plurality of sorting conditions, the accurate alignment can be achieved after the update is described, so that each sorting condition can be updated according to the fifth effective vector, a target sorting strategy is constructed according to a preset intermediate sorting strategy and the updated plurality of sorting conditions, and the second secret sharing state table is sorted by using the target sorting strategy, so that the target secret sharing state table can be obtained.

Along the above example, ordering of data in the secret sharing state table may be achieved using an ordering algorithm, i.e., the ordering corresponds to Order operations in the federated query. Without loss of generality, according toSequencing, wherein the effective vector generated by the front step is [ v ]]By adding a valid vector before the grouping attribute, i.e. +.>The purpose of distinguishing effective data from invalid data is achieved.

The algorithm adopted for the grouping sub-structure is a table [ R ] of secret sharing states according to KEY]The sorting algorithm adopts an algorithm in the sorting of the careless base, and the data with the same KEY are arranged at adjacent positions through the sorting algorithm. For the case of grouping according to multiple KEYs, the KEY is traversed from right to left by the least significant priority (Least Significant Digit first, LSD) method, i.e. In the order of key at a time _i The loaded careless cardinality sorting is performed. I.e. output the ordered list [ R ] according to the key]. Namely, tables R1 and R2, corresponding to a and B, respectively, and ordered. And at this point tables R1 and R2 are aligned, i.e. each row of data belongs to the same attribute ID.

In addition, when the effective vectors are combined, whether the combination of the first effective vector and the second effective vector or the combination of the third effective vector and the fourth effective vector, namely, the connection algorithm, the selection algorithm and the aggregation algorithm, are sequentially generated、And->The three secret sharing states of the effective vectors, so that the logical AND of the effective vectors can be calculated to realize the combination of the effective vectors. Therefore, logical AND operation combination is inserted between the algorithm and the grouping algorithm>Obtaining the vector after combination +.>And then it is put intoAs input content for the grouping algorithm; inserting a logical AND operation between the sorting algorithm and the aggregation algorithm for merging +.>And->The method comprises the steps of carrying out a first treatment on the surface of the Obtain the vector after combination->It is sufficient to use this as the input content for the ranking algorithm.

In addition, since the alignment processing stage is completed according to the secret sharing state table, decryption is required after the alignment is completed, and in this embodiment, the specific implementation manner is as follows:

Decrypting the target secret sharing state table under the condition that the target computing node is a task initiating node corresponding to the query request; and obtaining target data according to the decryption result, and responding to the query request.

Referring to the schematic diagram shown in fig. 4, in the joint query SQL model, the method can be split into a joint query substructure layer, a secure relation algebra layer, a multiparty secure computing basic operator layer, and support at the joint query substructure layer: connection, selection (single condition, multi-condition fusion), grouping, aggregation, and ordering, and the numbers in the figures represent the processing order of the substructures. Support at the secure relational algebra layer: secret sharing intersection, careless radix ordering, and secure linear aggregation. At the multiparty secure computing base operator layer, it is dependent: arithmetic secret sharing, boolean secret sharing, secret sharing comparison, secret sharing addition, secret sharing multiplication and boolean and arithmetic secret sharing conversion. That is, the scheme provided by the embodiment can be realized by the mutual cooperation of a joint query substructure layer, a secure relation algebra layer and a multiparty secure computing basic operator layer in the joint query SQL model.

For example, referring to the schematic diagram shown in fig. 5, it is assumed that a owns the relational data table R1 (ID, a, B, C), and B owns the relational data table R2 (ID, D, E, F), and the specific implementation is as follows:

(1) The connection sub-structure is as follows: a inputs into Table R1, B inputs into Table R2, and by executing the join algorithm, the outputs on side A and side B are the combined secret sharing state Table [ R ]]And effective vector；

(2) Selecting a substructure: a and B inputs [ R]According to the filtering condition in the joint inquiry, fusing the multiple conditions in the request, and outputting an effective vector in a secret sharing state；

(3) Efficient vector merging: the inputs of A and B are the effective vectors generated by the join algorithmAnd the effective vector generated by the selection algorithm +.>Will->And->Merging into a valid vector->；

(4) Grouping substructures: the inputs of A and B are a secret sharing state table [ R ] and an effective vector [ v ] of the pre-step, the secret sharing state table [ R ] is ordered according to grouping conditions key and the effective vector [ v ] in the joint query, and the ordered secret sharing state table [ R ] is output;

(5) The polymeric substructures: a and B are input as a secret sharing state table [ R]According to the grouping attribute and the aggregation attribute of grouping aggregation, performing safe linear aggregation, and outputting a secret sharing state table [ R ] after aggregation]And effective vector；

(6) Efficient vector merging: the effective vector generated by the aggregation algorithmAnd the effective vector v generated by the preceding step]Merging into a new effective vector v ]；

(7) Ordering substructures: a and B input a secret sharing state table [ R ] and an effective vector [ v ] generated in the front step, and sort the secret sharing state table [ R ] according to sorting condition attributes and the effective vector [ v ] in the joint query, so as to output the sorted secret sharing state table [ R ].

And finally, if the result is output at the task initiator, recovering the secret sharing state table [ R ] into a plaintext to obtain the result of the joint query.

The application of the longitudinal joint query method based on multiparty security computation in the text data alignment scene provided in the present specification is taken as an example, and the longitudinal joint query method based on multiparty security computation is further described below with reference to fig. 6. Fig. 6 is a process flow diagram of a longitudinal joint query method based on multiparty security computation according to an embodiment of the present disclosure, and it should be noted that, the method provided by this embodiment is used for processing a data query requirement between a task initiator and a task associated party, and before data query, data related to the task initiator and the task associated party need to be aligned first, and privacy data cannot be revealed, so that the query requirement is satisfied after data alignment; step S6002 to step S6016 are data alignment processing procedures of the task initiator, step S6102 to step S6116 are data alignment processing procedures of the task associated party, and each stage of processing of the task initiator and the task associated party is performed synchronously, which is specifically implemented as follows:

in step S6002, a first secret sharing state table and a first valid vector of the local data are determined in response to the query request.

In step S6004, in the case that the query request carries multiple filtering conditions, filtering is performed on the first secret sharing state table according to each filtering condition, so as to obtain an initial effective vector corresponding to each filtering condition, and logic operation is performed on the initial effective vector corresponding to each filtering condition according to a preset secret sharing policy, so as to obtain a second effective vector.

In step S6006, a logic operation is performed on the first valid vector and the second valid vector to obtain a third valid vector.

In step S6008, in the case that the query request carries multiple grouping conditions, each grouping condition is updated according to the third effective vector, a low-order priority policy is constructed according to the preset initial order policy and the updated multiple grouping conditions, and the first secret sharing state table is ordered by using the low-order priority policy.

Step S6010, extracting grouping conditions and aggregation conditions in the query request, and generating a grouping aggregation policy according to the grouping conditions and the aggregation conditions.

Step S6012, aggregating the third secret sharing state table corresponding to the sequencing result according to the grouping aggregation strategy, and determining the second secret sharing state table and the fourth effective vector according to the aggregation result.

In step S6014, a logic operation is performed on the fourth effective vector and the third effective vector to obtain a fifth effective vector.

In step S6016, in the case that the query request carries a plurality of sorting conditions, each sorting condition is updated according to the fifth effective vector, a target sorting policy is constructed according to the preset intermediate sorting policy and the updated plurality of sorting conditions, and the second secret sharing state table is sorted by using the target sorting policy, so as to obtain the first target secret sharing state table.

In step S6102, a fourth secret sharing state table and a sixth valid vector of the local data are determined in response to the query request.

In step S6104, in the case that the query request carries a plurality of filtering conditions, filtering is performed on the fourth secret sharing state table according to each filtering condition to obtain an initial effective vector corresponding to each filtering condition, and logic operation is performed on the initial effective vector corresponding to each filtering condition according to a preset secret sharing policy to obtain a seventh effective vector.

In step S6106, the sixth effective vector and the seventh effective vector are logically operated to obtain an eighth effective vector.

In step S6108, in the case that the query request carries a plurality of grouping conditions, each grouping condition is updated according to the eighth effective vector, a low-order priority policy is constructed according to the preset initial order policy and the updated plurality of grouping conditions, and the fourth secret sharing state table is ordered by using the low-order priority policy.

Step S6110, extracting grouping conditions and aggregation conditions from the query request, and generating a grouping aggregation strategy according to the grouping conditions and the aggregation conditions.

And step S6112, aggregating the sixth secret sharing state table corresponding to the sequencing result according to the grouping aggregation strategy, and determining the fifth secret sharing state table and the ninth effective vector according to the aggregation result.

In step S6114, a logic operation is performed on the ninth effective vector and the eighth effective vector to obtain a tenth effective vector.

Step S6116, under the condition that the query request carries a plurality of sorting conditions, updating each sorting condition according to the tenth effective vector, constructing a target sorting strategy according to a preset intermediate sorting strategy and the updated plurality of sorting conditions, and sorting the fifth secret sharing state table by using the target sorting strategy to obtain a second target secret sharing state table.

In step S6202, in response to the data query request submitted by the trusted participant, the target data is queried in the plaintext data generated by the first target secret sharing state table and the second target secret sharing state table, as a response to the data query request.

The trusted party specifically refers to a third party trusted by both the task initiator and the task associated party, after the two parties finish data alignment, the aligned first target secret sharing state table and the aligned second target secret sharing state table can be both sent to the trusted party, the trusted party uses a public key to decrypt the data, after plaintext data is obtained, the data can be longitudinally queried in the aligned data in response to a data query request, and a query result is output, so that the downstream service is convenient to use. Ensuring that the queried data is more comprehensive.

Corresponding to the method embodiment, the present disclosure further provides an embodiment of a longitudinal joint query device based on multiparty security computation, and fig. 7 shows a schematic structural diagram of a longitudinal joint query device based on multiparty security computation according to an embodiment of the present disclosure. As shown in fig. 7, the apparatus is applied to a task initiating node, where the task initiating node is a target computing node in a multiparty secure computing network, and includes:

a determining module 702 configured to determine a first secret sharing state table and a first valid vector of local data in response to a query request;

a construction module 704, configured to construct a second valid vector of the first secret sharing state table according to a filtering condition in the query request, and fuse the first valid vector and the second valid vector into a third valid vector;

the aggregation module 706 is configured to sort the first secret sharing state table according to the grouping condition and the third effective vector in the query request, aggregate the sorting result by using a grouping aggregation policy, and determine a second secret sharing state table and a fourth effective vector according to the aggregation result;

the sorting module 708 is configured to fuse the fourth valid vector and the third valid vector into a fifth valid vector, and sort the second secret sharing state table according to the sorting condition in the query request and the fifth valid vector, so as to obtain a target secret sharing state table.

In an alternative embodiment, the determining module 702 is further configured to:

In an alternative embodiment, the building block 704 is further configured to:

Under the condition that the query request carries a filtering condition, filtering the first secret sharing state table according to the filtering condition, and obtaining a second effective vector according to a filtering result; and under the condition that the query request carries a plurality of filtering conditions, respectively filtering the first secret sharing state table according to each filtering condition to obtain initial effective vectors corresponding to each filtering condition, and carrying out logic operation on the initial effective vectors corresponding to each filtering condition according to a preset secret sharing strategy to obtain second effective vectors.

In an alternative embodiment, the aggregation module 706 is further configured to:

under the condition that the query request carries a grouping condition, updating the grouping condition according to the third effective vector, and sequencing the first secret sharing state table according to the updated grouping condition; under the condition that the query request carries a plurality of grouping conditions, updating each grouping condition according to the third effective vector, constructing a low-order priority ordering strategy according to a preset initial ordering strategy and the updated grouping conditions, and ordering the first secret sharing state table by using the low-order priority ordering strategy.

In an alternative embodiment, the ranking module 708 is further configured to:

under the condition that the query request carries an ordering condition, updating the ordering condition according to the fifth effective vector, and ordering the second secret sharing state table according to the updated ordering condition to obtain the target secret sharing state table; under the condition that the query request carries a plurality of sorting conditions, each sorting condition is respectively updated according to the fifth effective vector, a target sorting strategy is constructed according to a preset intermediate sorting strategy and the updated plurality of sorting conditions, and the second secret sharing state table is sorted by utilizing the target sorting strategy, so that the target secret sharing state table is obtained.

In an alternative embodiment, the building block 704 is further configured to:

the ranking module 708 is further configured to:

In an alternative embodiment, the apparatus further comprises:

the decryption module is configured to decrypt the target secret sharing state table under the condition that the target computing node is a task initiating node corresponding to the query request; and obtaining target data according to the decryption result, and responding to the query request.

According to the longitudinal joint query device based on multiparty security calculation, in order to achieve data alignment of each target computing node in a multiparty security computing network before data query, longitudinal query is supported, any one target computing node can firstly determine a first secret sharing state table and a first effective vector corresponding to local data in response to a query request, then a second effective vector of the first secret sharing state table is constructed according to filtering conditions in the query request, the second effective vector and the first effective vector are fused into a third effective vector, the first secret sharing state table is ordered by combining grouping conditions in the first query request, and the ordering results are aggregated by utilizing a grouping aggregation strategy, so that an ordered second secret sharing state table and a fourth effective vector corresponding to the second secret sharing state table can be obtained preliminarily; and then fusing the fourth effective vector and the third effective vector into a fifth effective vector, and sequencing the second secret sharing state table according to the sequencing condition in the query request and the fifth effective vector, so as to obtain the target secret sharing state table after the plurality of target computing nodes are aligned. Under the combined query scene, the query operation can be completed by combining the target secret sharing state table aligned by each target computing node, so that the comprehensiveness of the query result is ensured, the effect that the data held by the target computing node are available but invisible is achieved, and the data security is effectively ensured.

The foregoing is a schematic solution of a longitudinal joint query device based on multiparty security computation in this embodiment. It should be noted that, the technical solution of the longitudinal joint query device based on multiparty security computation and the technical solution of the longitudinal joint query method based on multiparty security computation belong to the same concept, and details of the technical solution of the longitudinal joint query device based on multiparty security computation, which are not described in detail, can be referred to the description of the technical solution of the longitudinal joint query method based on multiparty security computation.

Fig. 8 illustrates a block diagram of a computing device 800 provided in accordance with an embodiment of the present specification. The components of computing device 800 include, but are not limited to, memory 810 and processor 820. Processor 820 is coupled to memory 810 through bus 830 and database 850 is used to hold data.

Computing device 800 also includes access device 840, access device 840 enabling computing device 800 to communicate via one or more networks 860. Examples of such networks include public switched telephone networks (PSTN, public Switched Telephone Network), local area networks (LAN, local Area Network), wide area networks (WAN, wide Area Network), personal area networks (PAN, personal Area Network), or combinations of communication networks such as the internet. Access device 840 may include one or more of any type of network interface, wired or wireless, such as a network interface card (NIC, network interface controller), such as an IEEE802.11 wireless local area network (WLAN, wireless Local Area Network) wireless interface, a worldwide interoperability for microwave access (Wi-MAX, worldwide Interoperability for Microwave Access) interface, an ethernet interface, a universal serial bus (USB, universal Serial Bus) interface, a cellular network interface, a bluetooth interface, a near field communication (NFC, near Field Communication) interface, and so forth.

In one embodiment of the application, the above-described components of computing device 800, as well as other components not shown in FIG. 8, may also be connected to each other, such as by a bus. It should be understood that the block diagram of the computing device illustrated in FIG. 8 is for exemplary purposes only and is not intended to limit the scope of the present application. Those skilled in the art may add or replace other components as desired.

Computing device 800 may be any type of stationary or mobile computing device, including a mobile computer or mobile computing device (e.g., tablet, personal digital assistant, laptop, notebook, netbook, etc.), mobile phone (e.g., smart phone), wearable computing device (e.g., smart watch, smart glasses, etc.), or other type of mobile device, or a stationary computing device such as a desktop computer or personal computer (PC, personal Computer). Computing device 800 may also be a mobile or stationary server.

Wherein processor 820 is configured to execute computer-executable instructions for:

The foregoing is a schematic illustration of a computing device of this embodiment. It should be noted that, the technical solution of the computing device and the technical solution of the longitudinal joint query method based on multiparty security computation belong to the same concept, and details of the technical solution of the computing device, which are not described in detail, can be referred to the description of the technical solution of the longitudinal joint query method based on multiparty security computation.

An embodiment of the present disclosure also provides a computer-readable storage medium storing computer instructions that, when executed by a processor, are configured to:

The above is an exemplary version of a computer-readable storage medium of the present embodiment. It should be noted that, the technical solution of the storage medium and the technical solution of the longitudinal joint query method based on multiparty security computation belong to the same concept, and details of the technical solution of the storage medium, which are not described in detail, can be referred to the description of the technical solution of the longitudinal joint query method based on multiparty security computation.

The foregoing describes specific embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.

The computer instructions include computer program code that may be in source code form, object code form, executable file or some intermediate form, etc. The computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth. It should be noted that the content of the computer readable medium can be increased or decreased appropriately according to the requirements of the patent practice, for example, in some areas, according to the patent practice, the computer readable medium does not include an electric carrier signal and a telecommunication signal.

It should be noted that, for the sake of simplicity of description, the foregoing method embodiments are all expressed as a series of combinations of actions, but it should be understood by those skilled in the art that the present description is not limited by the order of actions described, as some steps may be performed in other order or simultaneously in accordance with the present description. Further, those skilled in the art will appreciate that the embodiments described in the specification are all preferred embodiments, and that the acts and modules referred to are not necessarily all necessary in the specification.

In the foregoing embodiments, the descriptions of the embodiments are emphasized, and for parts of one embodiment that are not described in detail, reference may be made to the related descriptions of other embodiments.

The preferred embodiments of the present specification disclosed above are merely used to help clarify the present specification. Alternative embodiments are not intended to be exhaustive or to limit the invention to the precise form disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the disclosure and the practical application, to thereby enable others skilled in the art to best understand and utilize the disclosure. This specification is to be limited only by the claims and the full scope and equivalents thereof.

Claims

1. The longitudinal joint query method based on multiparty security computation is characterized by being applied to a task initiating node, wherein the task initiating node is a target computing node in a multiparty security computing network, and comprises the following steps:

a first secret sharing state table and a first effective vector of local data are determined in response to a query request, wherein the first secret sharing state table is an encrypted data table obtained after the local data held by a task initiator are connected, and the effective vector is a flag information vector related to data validity in the secret sharing state table;

2. The method of claim 1, wherein determining the first secret sharing state table and the first valid vector of the local data in response to the query request comprises:

3. The method according to claim 2, wherein the merging, by the joint computing node, local data corresponding to each target computing node in the multiparty secure computing network includes:

4. The method of claim 1, wherein constructing the second valid vector of the first secret sharing state table according to the filtering condition in the query request comprises:

5. The method of claim 1, wherein the ordering the first secret sharing state table according to the grouping condition in the query request and the third valid vector comprises:

6. The method of claim 1, wherein aggregating the ordering results using a packet aggregation policy, determining the second secret sharing state table and the fourth valid vector based on the aggregation result, comprises:

7. The method of claim 1, wherein the sorting the second secret sharing state table according to the sorting condition in the query request and the fifth valid vector to obtain a target secret sharing state table comprises:

8. The method of any of claims 1-7, wherein the fusing the first active vector and the second active vector into a third active vector comprises:

9. The method according to any one of claims 1-7, further comprising:

10. The longitudinal joint query device based on multiparty secure computing is characterized by being applied to a task initiating node, wherein the task initiating node is a target computing node in a multiparty secure computing network, and comprises:

the determining module is configured to determine a first secret sharing state table and a first effective vector of local data in response to a query request, wherein the first secret sharing state table is an encrypted data table obtained after the local data held by a task initiator are connected, and the effective vector is a flag information vector related to data validity in the secret sharing state table;

11. A computing device comprising a memory and a processor; the memory is configured to store computer executable instructions and the processor is configured to execute the computer executable instructions to implement the steps of the method of any one of claims 1 to 9.

12. A computer readable storage medium storing computer instructions which, when executed by a processor, implement the steps of the method of any one of claims 1 to 9.