CN117034304A - Data processing method, apparatus, computer device, storage medium, and program product - Google Patents

Data processing method, apparatus, computer device, storage medium, and program product Download PDF

Info

Publication number
CN117034304A
CN117034304A CN202310770127.0A CN202310770127A CN117034304A CN 117034304 A CN117034304 A CN 117034304A CN 202310770127 A CN202310770127 A CN 202310770127A CN 117034304 A CN117034304 A CN 117034304A
Authority
CN
China
Prior art keywords
data
service
service data
prime number
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310770127.0A
Other languages
Chinese (zh)
Inventor
何佳豪
吴嘉
张晶奇
李腾飞
彭昶
丁二帅
张一大
惠超
吕志博
刘丽娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of China Ltd
Original Assignee
Bank of China Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of China Ltd filed Critical Bank of China Ltd
Priority to CN202310770127.0A priority Critical patent/CN117034304A/en
Publication of CN117034304A publication Critical patent/CN117034304A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The application relates to a data processing method, a data processing device, computer equipment, a storage medium and a program product, and relates to the technical field of artificial intelligence. The method comprises the following steps: in response to a processing request of target service data, firstly homomorphic encryption is carried out on original service data of the target service data to obtain service ciphertext data, then the service ciphertext data is sent to a data user according to an identifier of the data user carried in the processing request so as to indicate the processing of the service ciphertext data, and finally homomorphic decryption is carried out on a service data processing result returned by the data user to obtain a data processing result of the target service data. By adopting the method, the privacy security of the data can be improved.

Description

Data processing method, apparatus, computer device, storage medium, and program product
Technical Field
The present application relates to the field of artificial intelligence, and in particular, to a data processing method, apparatus, computer device, storage medium, and program product.
Background
With the rapid development of information technology, data needs to be subjected to multi-dimensional analysis or calculation so as to realize conversion and release of data value.
In the related art, taking a bank as an example, when analyzing and calculating data of the bank, the data is provided to a data application party, and then the data application party processes the data to obtain a data processing result. For example, in performing analysis calculations on portions of data within a bank, the data may be provided to an artificial intelligence modeler to facilitate analysis of the data by the constructed artificial intelligence model.
However, the related art has a problem in that the privacy security of data is low during the data processing.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a data processing method, apparatus, computer device, storage medium, and program product that can improve privacy security of data.
In a first aspect, the present application provides a data processing method. The method comprises the following steps:
in response to a processing request of target service data, homomorphic encryption is carried out on original service data of the target service data to obtain service ciphertext data; the processing request carries the identification of the data user;
according to the identification of the data user, sending the service ciphertext data to the data user so as to instruct the service ciphertext data to be processed;
Homomorphic decryption is carried out on the service data processing result returned by the data user, and the data processing result of the target service data is obtained.
In one embodiment, homomorphic encryption is performed on original service data of target service data to obtain service ciphertext data, including:
preprocessing original service data to obtain preprocessed service data;
acquiring a public key of the preprocessing service data;
and homomorphic encryption is carried out on the preprocessed service data according to the public key of the preprocessed service data, so as to obtain service ciphertext data.
In one embodiment, obtaining a public key of the pre-processed service data includes:
acquiring a first prime number and a second prime number which meet preset conditions;
substituting the prime number product between the first prime number and the second prime number, the least common multiple and a preset positive integer into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
and if the remainder calculation result is not equal to 0, determining the prime number product and the preset positive integer as the public key of the preprocessing service data.
In one embodiment, homomorphic decryption is performed on a service data processing result returned by a data user to obtain a data processing result of target service data, including:
Acquiring a private key of a service data processing result;
and homomorphic decryption is carried out on the service data processing result according to the private key of the service data processing result, so that the data processing result of the target service data is obtained.
In one embodiment, obtaining a private key of a service data processing result includes:
acquiring a first prime number and a second prime number which meet preset conditions;
substituting the prime number product between the first prime number and the second prime number, the least common multiple and a preset positive integer into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
and if the remainder calculation result is not equal to 0, determining the least common multiple and the remainder calculation result as a private key of the service data processing result.
In one embodiment, the method further comprises:
acquiring a data use record uploaded to a blockchain platform by a data user; the data use record comprises the data use amount and the data use times of the data use party;
determining an amount of resources used by the data consumer based on the data usage record;
and sending a resource transfer instruction to the data user according to the used resource amount, wherein the resource transfer instruction is used for acquiring the resource which is the same as the used resource amount from the data user.
In one embodiment, determining the amount of resources used by the data consumer based on the data usage record includes:
and under the condition that the blockchain platform meets the preset triggering condition, analyzing the data use record according to the intelligent contract on the blockchain platform to determine the use resource quantity of the data user.
In one embodiment, the processing of the service ciphertext data by the data consumer includes: training based on the service ciphertext data to obtain an artificial intelligent model; correspondingly, homomorphic decryption is carried out on the service data processing result returned by the data user, and the data processing result of the target service data is obtained, which comprises the following steps:
homomorphic decryption is carried out on the artificial intelligent model returned by the data user to obtain a homomorphic decrypted artificial intelligent model;
and processing the target service data through the homomorphic decrypted artificial intelligent model to obtain a data processing result of the target service data.
In a second aspect, the application further provides a data processing device. The device comprises:
the data acquisition module is used for responding to the processing request of the target service data, and homomorphic encryption is carried out on the original service data of the target service data to obtain service ciphertext data; the processing request carries the identification of the data user;
The data processing module is used for sending the service ciphertext data to the data user according to the identification of the data user so as to instruct the service ciphertext data to be processed;
and the result acquisition module is used for homomorphic decryption of the service data processing result returned by the data user and acquiring the data processing result of the target service data.
In a third aspect, the present application also provides a computer device. The computer device comprises a memory storing a computer program and a processor implementing the steps of the method in any of the embodiments of the first aspect described above when the computer program is executed.
In a fourth aspect, the present application also provides a computer-readable storage medium. The computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the method in any of the embodiments of the first aspect described above.
In a fifth aspect, the present application also provides a computer program product. The computer program product comprising a computer program which, when executed by a processor, implements the steps of the method in any of the embodiments of the first aspect described above.
The data processing method, the device, the computer equipment, the storage medium and the program product respond to the processing request of the target service data, firstly homomorphic encryption is carried out on the original service data of the target service data to obtain service ciphertext data, then the service ciphertext data is sent to the data user according to the identification of the data user carried in the processing request so as to indicate the service ciphertext data to be processed, and finally homomorphic decryption is carried out on the service data processing result returned by the data user to obtain the data processing result of the target service data. The data processing flow in the method comprises the following steps: encrypting the original service data, processing the service ciphertext data by the data user, returning a service data processing result, and homomorphic decrypting the service data processing result. Wherein, the processing object of the data user is the business ciphertext data, namely the encrypted original business data, and then the returned business data processing result is naturally encrypted. In the whole data processing flow, the processing operation of the data user is carried out based on the encrypted data, namely the data user does not need to know the original business data, and the privacy security of the original business data in the processing process is improved to a certain extent by the processing mode. In this case, the whole data processing flow constructed by combining the encryption process of the original service data and the homomorphic decryption process of the service data result returned by the data user can ensure the privacy security of the original service data as much as possible.
Drawings
FIG. 1 is an internal block diagram of a computer device in one embodiment;
FIG. 2 is a flow diagram of a data processing method in one embodiment;
FIG. 3 is a flow chart of the homomorphic encryption implementation steps in one embodiment;
FIG. 4 is a flowchart illustrating a business ciphertext data acquisition step in one embodiment;
FIG. 5 is a flow chart of a public key obtaining step in one embodiment;
FIG. 6 is a flow chart of a process result acquisition step in one embodiment;
FIG. 7 is a flow chart of a private key obtaining step in one embodiment;
FIG. 8 is a flow chart of a data processing method according to another embodiment;
FIG. 9 is a flowchart of a process result acquisition step in another embodiment;
FIG. 10 is a block diagram of a data processing apparatus in one embodiment.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
The data processing method provided by the embodiment of the application can be applied to computer equipment. The computer device may be a server, the internal structure of which may be as shown in FIG. 1. The computer device includes a processor, a memory, an Input/Output interface (I/O) and a communication interface. The processor, the memory and the input/output interface are connected through a system bus, and the communication interface is connected to the system bus through the input/output interface. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is for storing data processing data. The input/output interface of the computer device is used to exchange information between the processor and the external device. The communication interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a data processing method. It will be appreciated by those skilled in the art that the architecture shown in fig. 1 is merely a block diagram of some of the architecture relevant to the present inventive arrangements and is not limiting as to the computer device to which the present inventive arrangements may be implemented, as a particular computer device may include more or less components than those shown, or may be combined with some components, or may have a different arrangement of components.
The data is used as a key element of network space, and is faced with network security risks such as information leakage, monitoring, destruction, abuse and the like, the privacy problem behind the data is more serious, the privacy problem occurs when combining privacy leakage events, and the data security is knocked off. Therefore, how to protect the privacy security of data and how to manage the use behavior of data becomes an important problem to be solved in this field.
In the related art, to protect the privacy security of data, a distributed machine learning algorithm is used to process the data, such as the federal learning (Federated Learning) method. The core idea of the algorithm is to perform distributed model training among a plurality of data sources with local data, and build a global model based on virtual fusion data by exchanging model parameters or intermediate results. Because the method only exchanges model parameters or intermediate results, local data is not required to be exchanged, and the balance between data privacy protection and data sharing calculation can be realized.
However, in the related art, the model training requires a lot of computation resources including a graphic processor (Graphics Processing Unit, GPU), a central processor (Central Processing Unit, CPU), a tensor processor (Tensor Processing Unit, TPU), and the like. In practical applications, for some data providers that have local data, if the local data size is large, performing model training locally may have a problem of insufficient computing resources. In addition, in the process of mutually exchanging model parameters or intermediate results by the data providers, the model parameters or intermediate results are easily tampered or destroyed, thereby causing data leakage or failure of model training.
In the embodiment of the application, the target service data is provided by the data provider and the data user by decoupling the data provider and the data user, and the data user performs data calculation processing, so that the calculation burden of the data provider is reduced. In addition, before the target service data is provided for the data user, the target service data is homomorphic encrypted, so that the data processing process of the data user achieves the purpose of availability and invisibility. And then homomorphic decryption is carried out on the service data processing result returned by the data user, so that the data processing result of the target service data is obtained, and the conversion and release of the data value are realized on the premise of fully protecting the data and privacy safety.
It should be noted that the beneficial effects or the technical problems to be solved by the embodiments of the present application are not limited to this one, but may be other implicit or related problems, and particularly, reference may be made to the following description of embodiments.
The following describes the technical scheme of the present application and how the technical scheme of the present application solves the above technical problems in detail with specific embodiments. The following embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
In one embodiment, as shown in FIG. 2, a data processing method is provided, the method comprising the steps of:
s201, in response to a processing request of target service data, homomorphic encryption is carried out on original service data of the target service data to obtain service ciphertext data; the processing request carries the identification of the data user.
The data user refers to an artificial intelligence modeling party, and can be a platform with super computing power or computing resources such as mobile edge computing (Mobile Edge Computing, MEC) or cloud computing. The method is used for acquiring one type or a plurality of types of data to be processed according to the use requirement, and inputting the data to be processed into an initial intelligent model for training to generate an artificial intelligent model, such as a logistic regression model, a decision tree model, a convolutional neural network model, a cyclic neural network model and the like. The target service data in the embodiment of the application refers to data to be processed.
It should be noted that the target service data may be a set of service data or a plurality of sets of service data, and the target service data includes the original service data.
In the actual data processing process, the processing request of the target service data can be started by the data user based on the use requirement, or can be triggered by the data provider comprising the target service data.
Optionally, if the data user needs to perform artificial intelligence model training, a corresponding processing request is sent to a data provider including target service data according to target service data required by model training, and the processing request carries an identifier of the data user so as to instruct the data provider to send the target service data to the data user according to the identifier of the data user.
Optionally, if the data provider needs to acquire the artificial intelligence model of the target service data, the processing request of the target service data is triggered, and the processing request carries the identifier of the data user, so as to clearly process the data user of the target service data.
In addition, the target service data includes original service data, and the original service data has privacy and is stored inside the data provider. In consideration of the privacy of the original service data, in practical application, the data provider generally does not directly provide the original service data to the data consumer, but processes the original service data, and provides the processed data to the data consumer, so as to improve the security of the original service data.
Illustratively, the data provider in the embodiment of the present application may be a financial institution, an operator, etc., and if the data provider is a financial institution, the original business data in the target business data may be transaction data of each financial institution; if the data provider is an operator, the original service data in the target service data may be a call record of the operator, etc.
And responding to the processing request of the target service data, determining the original service data of the target service data, and selecting a homomorphic encryption algorithm to homomorphic encrypt the original service data to obtain service ciphertext data.
The homomorphic encryption belongs to one branch of privacy calculation, and is a cryptography technology based on a calculation complexity theory of mathematical problems. And processing the homomorphic encrypted data to obtain an output, and homomorphic decrypting the output, wherein the result is consistent with the output result obtained by processing the unencrypted original data by the same method. The embodiment of the application does not limit homomorphic encryption algorithm in homomorphic encryption technology.
Optionally, a semi-homomorphic encryption algorithm, such as a multiplication homomorphic encryption algorithm, an addition homomorphic encryption algorithm or a limited number of full homomorphic encryption algorithms, is selected to homomorphic encrypt the original service data of the target service data, so as to obtain the service ciphertext data.
Optionally, an homomorphic encryption algorithm, such as a BFV scheme, a GSW scheme, a CKKS scheme, etc., is selected to homomorphic encrypt the original service data of the target service data, so as to obtain service ciphertext data.
In the embodiment of the application, for data processing in the composite residual type field, such as financial data processing of a financial institution and operation data processing of an operation institution, a Paillier homomorphic encryption algorithm is adopted to homomorphic encrypt original service data of target service data, so as to obtain service ciphertext data. The algorithm satisfies both the addition homomorphism, i.e., ciphertext multiplication equals plaintext addition, and scalar multiplication homomorphism.
S202, according to the identification of the data user, the service ciphertext data is sent to the data user to instruct the service ciphertext data to be processed.
Under the condition of acquiring the service ciphertext data, determining a data provider and a data consumer of the service ciphertext data according to the identification of the data consumer carried in the processing request, and further obtaining a transmission path of the service ciphertext data. Then, the service ciphertext data is transmitted to the data consumer according to the transmission path.
In the process of sending the service ciphertext data to the data user, the processing requirement of the service ciphertext data can be sent to the data user together, so that the data user is instructed to process the service ciphertext data according to the processing requirement.
The processing requirements include the iteration times of the service ciphertext data and the artificial intelligent model corresponding to the service ciphertext data, and then the data user inputs the service ciphertext data into the designated artificial intelligent model for training after receiving the service ciphertext data, and sets the training times of the artificial intelligent model as the iteration times in the processing requirements.
S203, homomorphic decryption is carried out on the service data processing result returned by the data user, and the data processing result of the target service data is obtained.
After the data consumer processes the service ciphertext data, a service data result is generated, and the service data result is returned to the data provider corresponding to the target service data.
After receiving the service data processing result, the data provider performs homomorphic decryption on the service data processing result according to a homomorphic decryption algorithm corresponding to homomorphic encryption, and since the service data processing result is obtained by homomorphic encryption on the original service data in the target service data, the service processing result after homomorphic decryption is also the data processing result of the original service data in the target service data, namely the data processing result of the target service data.
Referring to fig. 3, fig. 3 shows the implementation effect of homomorphic encryption. As can be seen from fig. 3, after homomorphic encryption is performed on the original service data in the target service data, service ciphertext data is obtained, certain specific data calculation is performed on the service ciphertext data to obtain a service data processing result, and plaintext after corresponding homomorphic decryption is equivalent to directly performing the same calculation on the plaintext data, so as to realize "computable invisibility" of the original service data.
In the embodiment of the application, in response to a processing request of target service data, firstly homomorphic encryption is carried out on original service data of the target service data to obtain service ciphertext data, then the service ciphertext data is sent to a data user according to an identifier of the data user carried in the processing request so as to indicate the processing of the service ciphertext data, and finally homomorphic decryption is carried out on a service data processing result returned by the data user to obtain a data processing result of the target service data. The data processing flow in the data processing method provided by the embodiment of the application comprises the following steps: encrypting the original service data, processing the service ciphertext data by the data user, returning a service data processing result, and homomorphic decrypting the service data processing result. Wherein, the processing object of the data user is the business ciphertext data, namely the encrypted original business data, and then the returned business data processing result is naturally encrypted. In the whole data processing flow, the processing operation of the data user is carried out based on the encrypted data, namely the data user does not need to know the original business data, and the privacy security of the original business data in the processing process is improved to a certain extent by the processing mode. In this case, the whole data processing flow constructed by combining the encryption process of the original service data and the homomorphic decryption process of the service data result returned by the data user can ensure the privacy security of the original service data as much as possible.
In the data processing process, the service ciphertext data is obtained by homomorphic encryption of the original service data, and the effectiveness of the original service data is affected by considering the possible problems of data deletion and data repetition of the original data, so that the accuracy of the service ciphertext data is affected, and data preprocessing is generally performed to improve the accuracy of the service ciphertext data. Based on this, the steps of acquiring the service ciphertext data from the original service data will be described below by way of one embodiment.
In one embodiment, as shown in fig. 4, performing homomorphic encryption on original service data of target service data to obtain service ciphertext data includes:
s401, preprocessing the original service data to obtain preprocessed service data.
Wherein the preprocessing operation includes removing duplicate data, removing outlier data containing missing values, and the like.
Optionally, the original service data is input into a preprocessing model, the preprocessing model screens the original service data, abnormal data in the original service data is removed, and the preprocessed service data is output.
S402, obtaining a public key of the preprocessing service data.
The public key and the private key are a key pair (i.e., a public key and a private key, i.e., an asymmetric encryption mode) obtained by a homomorphic encryption algorithm. The public key is the part of the secret key which is disclosed to the outside, and the private key is the part which is not disclosed and is kept by the data provider.
The public key in the embodiment of the application is used for encrypting the preprocessing service data by the data provider, and the data provider keeps the private key, namely the data provider can homomorphism decrypt the preprocessing service data and the calculation result of the preprocessing service data according to the private key, thereby ensuring the safety of the data transmission and processing process.
S403, homomorphic encryption is carried out on the preprocessed service data according to the public key of the preprocessed service data, and service ciphertext data is obtained.
And the data provider homomorphic encrypts the preprocessed service data according to a public key in the homomorphic encryption algorithm to acquire service ciphertext data.
According to the embodiment of the application, the situation that data loss and data repetition possibly exist in the original service data is considered, the original service data is preprocessed to obtain the preprocessed service data, so that the effectiveness of the original service data is improved, and the accuracy of the service ciphertext data is improved. And the original service data is homomorphic encrypted through the public key, so that the security of the service ciphertext data can be further improved.
When homomorphic encryption is performed on the preprocessed service data, multiple homomorphic encryption algorithm selection modes exist, and correspondingly, multiple public key acquisition modes exist. Next, the step of obtaining the public key will be described by way of one embodiment.
In one embodiment, as shown in fig. 5, obtaining the public key of the pre-processed service data includes:
s501, a first prime number and a second prime number meeting preset conditions are obtained.
Two prime numbers are randomly selected, the two prime numbers are required to meet the preset condition, and if the two prime numbers do not meet the preset condition, the random numbers are reselected.
Taking the first prime number as p and the second prime number as q as an example, the expression corresponding to the preset condition is as follows:
gcd(pq,(p-1)(q-1))=1
in the above equation, gcd () represents an operation taking the maximum common factor.
S502, substituting prime number products, the least common multiple and a preset positive integer between the first prime number and the second prime number into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number.
Multiplying the first prime number and the second prime number to obtain prime number product; subtracting 1 from the value of the first prime number and the value of the second prime number respectively to obtain the minimum common multiple of the first prime number subtracted by 1 and the second prime number subtracted by 1; and randomly selecting a positive integer as a preset positive integer in a numerical range smaller than the square of prime number product.
Taking the first prime number as p and the second prime number as q as an example, the expression of prime number product n is as follows:
n=pq
the preset positive integer g can be obtained according to prime number product, and g is smaller than n 2
The expression of the least common multiple λ is as follows:
λ=lcm(p-1,q-1)
in the above equation, lcm () represents an operation taking the least common multiple.
And under the condition of obtaining prime number product n, preset positive integer g and least common multiple lambda, combining a remainder calculation formula to obtain a remainder calculation result. The expression of the remainder calculation formula is as follows:
u=(L(g λ mod n 2 )) -1 mod n
in the above expression, mod represents a remainder taking operation, L () represents a rounding-down operation, and the corresponding expression is as follows:
s503, if the remainder calculation result is not equal to 0, determining the prime number product and the preset positive integer as the public key of the preprocessing service data.
If the remainder calculation result u is not equal to 0, the public key of the preprocessing service data is determined to be (n, g).
If the remainder calculation result u is equal to 0, the preset positive integer g may be reselected according to the value of the data product, or the first prime number p and the second prime number q may be reselected according to a preset condition.
In the embodiment of the application, the remainder calculation result is obtained by selecting the first prime number, the second prime number and the positive integer and combining a plurality of preset conditions and the data calculation function, then the remainder calculation result is evaluated, and the public key for preprocessing the service data is determined based on the evaluation result, so that the mode of determining the public key is logically compact, and the safety intensity of the public key can be improved to a certain extent.
Corresponding to the homomorphic encryption algorithm, when homomorphic decryption is performed on the service data processing result, a corresponding private key is required to be obtained according to the public key of the preprocessed service data, and homomorphic decryption is performed on the service data processing result. Next, the step of acquiring the data processing result will be described by way of an example.
In one embodiment, as shown in fig. 6, performing homomorphic decryption on a service data processing result returned by a data user to obtain a data processing result of target service data, where the method includes:
s601, obtaining a private key of a service data processing result.
The public key and the private key are a key pair (i.e., a public key and a private key, i.e., an asymmetric encryption mode) obtained by a homomorphic encryption algorithm. The public key is the part of the secret key which is disclosed to the outside, and the private key is the part which is not disclosed and is kept by the data provider.
In the process of determining the homomorphic encryption algorithm, the public key and the private key are determined simultaneously, that is, the private key of the service data processing result in the embodiment of the present application and the public key of the preprocessing service data in the foregoing embodiment are a set of key pairs.
S602, homomorphic decryption is carried out on the service data processing result according to the private key of the service data processing result, and the data processing result of the target service data is obtained.
The private key in the embodiment of the application is used for homomorphic decryption of the service data processing result by the data provider, namely the data consumer does not support homomorphic decryption of the service data processing result, and the data provider supports homomorphic decryption of the service data processing result, so that the data provider obtains the homomorphic decrypted calculation result, namely the data processing result of the target service data, according to the service data processing result homomorphic decryption of the private key.
The embodiment of the application encrypts the original service data by using the asymmetry of the homomorphic encryption algorithm and decrypts the service data processing result homomorphically by using the private key under the condition of acquiring the service data processing result, thereby realizing the privacy calculation of the target service data. The homomorphic encryption algorithm can realize basic encryption operation and simultaneously can perform various calculations based on ciphertext service data, namely, calculation before homomorphic decryption can be equivalent to calculation after homomorphic decryption. In addition, in the embodiment of the application, the data provider only needs to acquire the final result, and does not need to acquire the intermediate calculation content of the service ciphertext data, so that the storage burden of the data provider is reduced, and the privacy of the service ciphertext data processing process of the data consumer is ensured as much as possible.
It should be noted that the public key and the private key are present in pairs, that is, the step of obtaining the private key and the step of obtaining the public key in the following embodiments are performed simultaneously. Based on this, the step of obtaining the private key will be described below by way of one embodiment.
The contents of S701 to S702 in the embodiment of the present application are the same as those of S501 to S502 in the embodiment shown in fig. 5, and specifically, the contents of S501 to S502 in the embodiment shown in fig. 5 may be referred to, and are not described herein.
In one embodiment, as shown in fig. 7, obtaining a private key of a service data processing result includes:
s701, a first prime number and a second prime number satisfying a preset condition are acquired.
Two prime numbers are randomly selected, the two prime numbers are required to meet the preset condition, and if the two prime numbers do not meet the preset condition, the random numbers are reselected.
Taking the first prime number as p and the second prime number as q as an example, the expression corresponding to the preset condition is as follows:
gcd(pq,(p-1)(q-1))=1
in the above equation, gcd () represents an operation taking the maximum common factor.
S702, substituting prime number products, the least common multiple and a preset positive integer between the first prime number and the second prime number into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number.
Multiplying the first prime number and the second prime number to obtain prime number product; subtracting 1 from the value of the first prime number and the value of the second prime number respectively to obtain the minimum common multiple of the first prime number subtracted by 1 and the second prime number subtracted by 1; and randomly selecting a positive integer as a preset positive integer in a numerical range smaller than the square of prime number product.
Taking the first prime number as p and the second prime number as q as an example, the expression of prime number product n is as follows:
n=pq
the preset positive integer g can be obtained according to prime number product, and g is smaller than n 2
The expression of the least common multiple λ is as follows:
λ=lcm(p-1,q-1)
in the above equation, lcm () represents an operation taking the least common multiple.
And under the condition of obtaining prime number product n, preset positive integer g and least common multiple lambda, combining a remainder calculation formula to obtain a remainder calculation result. The expression of the remainder calculation formula is as follows:
u=(L(g λ mod n 2 )) -1 mod n
in the above expression, mod represents a remainder taking operation, L () represents a rounding-down operation, and the corresponding expression is as follows:
s703, if the remainder calculation result is not equal to 0, determining the least common multiple and the remainder calculation result as the private key of the service data processing result.
If the remainder calculation result u is not equal to 0, the public key of the preprocessing service data is determined to be (lambda, u).
If the remainder calculation result u is equal to 0, the preset positive integer g may be reselected according to the value of the data product, or the first prime number p and the second prime number q may be reselected according to a preset condition.
In the embodiment of the application, in the determining process of the homomorphic encryption algorithm, the standards of the public key and the private key are the same, and the public key and the private key are asymmetrically encrypted, so that the encryption mode can further improve the safety and privacy of the whole target service data processing.
As can be seen from the foregoing embodiments, the target service data is processed by using the homomorphic encryption technology, and the multiple ciphertexts can be calculated and then homomorphic decrypted, so that each ciphertext does not need to be homomorphic decrypted, which is costly in calculation. In addition, the homomorphic encryption technology can be used for realizing the calculation of the ciphertext by the keyless party, and the ciphertext calculation does not need to pass through the keyless party, so that the communication cost can be reduced, the calculation task can be transferred, and the calculation cost of each party can be balanced. Furthermore, the homomorphic encryption technology can be utilized to enable the data provider to only acquire the final result, but cannot acquire the information of each ciphertext, so that the information security can be improved.
In order to prevent the target service data from being used illegally under the condition of receiving the data processing result of the target service data, the service ciphertext data using behavior of the data using party can be monitored and audited. Based on this, a data processing method based on data audit requirements is described below by way of one embodiment.
In one embodiment, as shown in fig. 8, the method further comprises:
s801, acquiring a data use record uploaded to a blockchain platform by a data user; the data usage record includes the data usage amount of the data usage party and the data usage number.
The data user records the use behavior of the data of each data provider on the blockchain platform, and each data provider judges whether the data is used in disorder by checking the corresponding use behavior record on the blockchain.
The data usage records comprise time stamps, specific data usage behaviors (such as training for an XX model), data usage amounts, data usage times and the like.
S802, determining the amount of resources used by a data user based on the data use record.
And under the condition that the blockchain platform meets the preset triggering condition, analyzing the data use record according to the intelligent contract on the blockchain platform to determine the use resource quantity of the data user.
The intelligent contracts are pre-negotiated by the data provider and the data consumer and are deployed on the blockchain platform, and the intelligent contracts in the embodiment of the application comprise calculation standards of the data consumption resources, trigger conditions of the data consumption resources and the like.
Illustratively, the trigger condition of the data usage resource may be a preset data resource calculation time or the like.
For example, the calculation criteria of the data usage resources may be determined according to the number of data usage times or the data usage amount.
Taking a processing request of a data provider for triggering target service data based on a use requirement as an example, a calculation standard is described as follows: because the data user can use the same target data to train different models, the repeated use of the data is realized. In this case, if the data amount is relatively small, the resources may be calculated according to the number of times of use, and if the data amount is relatively large, the resources may also be calculated according to the need, i.e., how much data is used to pay for the corresponding resources accordingly. In addition, the data user can also synthesize the calculation resources according to the data use amount and the data use times.
For example, the data consumer trains the convolutional neural network, takes data with a size of 1 batch size (batch_size) as a minimum unit, and the resource corresponding to each batch_size is N, if the data consumer uses 5 times of data, and each time the data size is 100 batch_size, the used resource size of the data consumer is n×100×5.
S803, according to the amount of the used resources, a resource transfer instruction is sent to the data consumer, where the resource transfer instruction is used to obtain the same resources as the amount of the used resources from the data consumer.
In an actual scene, the data provider triggers a processing request of target service data based on actual demands, instructs a data consumer to process data, generates a data usage record based on the data processing operation after the data consumer has executed the data processing operation, generates a usage resource amount based on the data usage record, and requests the data provider to transfer resources corresponding to the usage resource amount to the data consumer.
In another scenario, a data consumer triggers a processing request of target service data based on actual requirements, instructs a data provider to provide the target service data, generates a data usage record based on the data processing operation after the data consumer performs the data processing operation, further determines an amount of usage resources, and transfers resources corresponding to the amount of usage resources to the data provider.
In the embodiment of the application, the data use record is uploaded to the blockchain platform, so that a data provider can conveniently monitor the data use operation of a data user. In addition, intelligent contracts are deployed on the blockchain platform, so that public and transparent resource exchange between a data user and a data provider is facilitated, and the whole data processing process is clearer and clearer.
The data consumer has various ways of processing the service ciphertext data, such as statistical analysis of the service ciphertext data, or prediction of the service ciphertext data. In view of this, the following describes, by way of an embodiment, a step of obtaining a data processing result by a data provider, taking a case where a data consumer processes service ciphertext data, specifically, generates an artificial intelligence model based on service ciphertext data.
In one embodiment, as shown in fig. 9, processing the service ciphertext data includes: training based on the service ciphertext data to obtain an artificial intelligent model; correspondingly, homomorphic decryption is carried out on the service data processing result returned by the data user, and the data processing result of the target service data is obtained, which comprises the following steps:
s901, homomorphic decryption is carried out on the artificial intelligent model returned by the data user to obtain the homomorphic decrypted artificial intelligent model.
Because the service ciphertext data is obtained by homomorphic encryption of the original service data in the target service data, the artificial intelligence model obtained based on the training of the service ciphertext data is also encrypted. It should be noted that, the artificial intelligence model is usually characterized in terms of functions and parameters, that is, the artificial intelligence model returned by the data consumer in the embodiment of the present application is also an encrypted data set in nature.
In order to analyze the original service data, homomorphic decryption is required to be performed on the artificial intelligent model returned by the data user, and the obtained homomorphic decrypted artificial intelligent model is equivalent to the data processing mode of obtaining the target service data, and specifically may include processing logic and parameters.
S902, processing the target service data through the homomorphic decrypted artificial intelligent model to obtain a data processing result of the target service data.
And obtaining a processing mode of the service ciphertext data according to the homomorphic decrypted artificial intelligent model, taking the processing mode of the service ciphertext data as a processing mode of original service data in the target service data, and then processing the original data in the target service data according to the processing mode to obtain a data processing result of the target service data.
In the embodiment of the application, the problem that the quantity of the artificial intelligent model parameters returned by the data user is large is caused by a plurality of intermediate processing steps possibly involved in the processing of the business ciphertext data by the data user, and the data user is controlled to return to the finally generated artificial intelligent model, so that the storage burden of a data provider is reduced to a certain extent. In addition, in the embodiment of the application, the data user does not return the intermediate process of the artificial intelligent model to the data provider, so that the privacy of the data processing process of the data user is improved.
In one embodiment, a data processing method is provided, the method comprising the steps of:
(1) And responding to the processing request of the target service data, preprocessing the original service data, and obtaining preprocessed service data.
(2) And acquiring a first prime number and a second prime number which meet preset conditions.
(3) Substituting the prime number product between the first prime number and the second prime number, the least common multiple and the preset positive integer into a remainder calculation formula to obtain a remainder calculation result. Wherein the least common multiple is determined based on the first prime number and the second prime number.
(4) If the remainder calculation result is not equal to 0, determining prime number product sum and a preset positive integer as a public key for preprocessing service data; and determining the least common multiple and the remainder calculation result as a private key of the service data processing result.
(5) And homomorphic encryption is carried out on the preprocessed service data according to the public key of the preprocessed service data, so as to obtain service ciphertext data.
(6) And sending the business ciphertext data to the data user according to the identification of the data user carried in the processing request so as to instruct the data user to train based on the business ciphertext data to obtain the artificial intelligence model.
(7) And homomorphic decryption is carried out on the artificial intelligent model returned by the data user according to the private key of the service data processing result, and the artificial intelligent model after homomorphic decryption is obtained.
(8) And processing the target service data through the homomorphic decrypted artificial intelligent model to obtain a data processing result of the target service data.
(9) Acquiring a data use record uploaded to a blockchain platform by a data user; the data usage record includes the data usage amount of the data usage party and the data usage number.
(10) And under the condition that the blockchain platform meets the preset triggering condition, analyzing the data use record according to the intelligent contract on the blockchain platform to determine the use resource quantity of the data user.
(11) And sending a resource transfer instruction to the data user according to the used resource amount, wherein the resource transfer instruction is used for acquiring the resource which is the same as the used resource amount from the data user.
In the embodiment of the application, in response to a processing request of target service data, firstly homomorphic encryption is carried out on original service data of the target service data to obtain service ciphertext data, then the service ciphertext data is sent to a data user according to an identifier of the data user carried in the processing request so as to indicate the processing of the service ciphertext data, and finally homomorphic decryption is carried out on a service data processing result returned by the data user to obtain a data processing result of the target service data. The data processing flow in the data processing method provided by the embodiment of the application comprises the following steps: encrypting the original service data, processing the service ciphertext data by the data user, returning a service data processing result, and homomorphic decrypting the service data processing result. Wherein, the processing object of the data user is the business ciphertext data, namely the encrypted original business data, and then the returned business data processing result is naturally encrypted. In the whole data processing flow, the processing operation of the data user is carried out based on the encrypted data, namely the data user does not need to know the original business data, and the privacy security of the original business data in the processing process is improved to a certain extent by the processing mode. In this case, the whole data processing flow constructed by combining the encryption process of the original service data and the homomorphic decryption process of the service data result returned by the data user can ensure the privacy security of the original service data as much as possible.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides a data processing device for realizing the above related data processing method. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitation of one or more embodiments of the data processing device provided below may refer to the limitation of the data processing method hereinabove, and will not be repeated herein.
In one embodiment, as shown in FIG. 10, there is provided a data processing apparatus comprising: a data acquisition module 1001, a data processing module 1002, and a result acquisition module 1003, wherein:
the data acquisition module 1001 is configured to perform homomorphic encryption on original service data of target service data to obtain service ciphertext data in response to a processing request of the target service data; the processing request carries the identification of the data user;
the data processing module 1002 is configured to send the service ciphertext data to the data consumer according to the identifier of the data consumer, so as to instruct the service ciphertext data to be processed;
the result obtaining module 1003 is configured to homomorphically decrypt a service data processing result returned by the data user, and obtain a data processing result of the target service data.
In one embodiment, the data acquisition module 1001 includes: the system comprises a data preprocessing unit, a public key acquisition unit and a data encryption unit, wherein:
the data preprocessing unit is used for preprocessing the original service data to obtain preprocessed service data;
the public key acquisition unit is used for acquiring a public key of the preprocessing service data;
and the data encryption unit is used for homomorphic encryption of the preprocessing service data according to the public key of the preprocessing service data to obtain service ciphertext data.
In one embodiment, the public key obtaining unit includes a first obtaining subunit, a second obtaining subunit, and a first determining subunit, wherein:
the first acquisition subunit is used for acquiring a first prime number and a second prime number which meet preset conditions;
the second obtaining subunit is used for substituting the prime number product between the first prime number and the second prime number, the least common multiple and a preset positive integer into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
and the first determining subunit is used for determining the prime number product and the preset positive integer as the public key of the preprocessing service data if the remainder calculation result is not equal to 0.
In one embodiment, the result acquisition module 1003 includes: the system comprises a private key acquisition unit and a data homomorphic decryption unit, wherein:
the private key acquisition unit is used for acquiring a private key of the service data processing result;
and the data homomorphic decryption unit is used for homomorphic decryption of the service data processing result according to the private key of the service data processing result to obtain the data processing result of the target service data.
In one embodiment, the private key obtaining unit includes a third obtaining subunit, a fourth obtaining subunit, and a second determining subunit, where:
The third acquisition subunit is used for acquiring a first prime number and a second prime number which meet preset conditions;
a fourth obtaining subunit, configured to substitute the prime number product between the first prime number and the second prime number, the least common multiple, and a preset positive integer into a remainder calculation formula, to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
and the second determining subunit is used for determining the least common multiple and the remainder calculation result as the private key of the service data processing result if the remainder calculation result is not equal to 0.
In one embodiment, the data processing apparatus further comprises: the system comprises a record acquisition module, a resource quantity determination module and a resource transfer module, wherein:
the record acquisition module is used for acquiring a data use record uploaded to the blockchain platform by the data user; the data use record comprises the data use amount and the data use times of the data use party;
the resource amount determining module is used for determining the use resource amount of the data user based on the data use record;
and the resource transfer module is used for sending a resource transfer instruction to the data user according to the used resource quantity, wherein the resource transfer instruction is used for acquiring the resource which is the same as the used resource quantity from the data user.
In one embodiment, the resource amount determining module is further configured to analyze the data usage record according to an intelligent contract on the blockchain platform to determine a usage resource amount of the data consumer when the blockchain platform meets a preset trigger condition.
In one embodiment, the result acquisition module 1003 further includes: the system comprises a model homomorphic decryption unit and a model processing unit, wherein:
the model homomorphic decryption unit is used for homomorphic decrypting the artificial intelligent model returned by the data user to obtain a homomorphic decrypted artificial intelligent model;
and the model processing unit is used for processing the target service data through the homomorphic decrypted artificial intelligent model to obtain a data processing result of the target service data.
Each of the modules in the above-described data processing apparatus may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of:
In response to a processing request of target service data, homomorphic encryption is carried out on original service data of the target service data to obtain service ciphertext data; the processing request carries the identification of the data user;
according to the identification of the data user, sending the service ciphertext data to the data user so as to instruct the service ciphertext data to be processed;
homomorphic decryption is carried out on the service data processing result returned by the data user, and the data processing result of the target service data is obtained.
In one embodiment, the processor when executing the computer program further performs the steps of:
preprocessing original service data to obtain preprocessed service data;
acquiring a public key of the preprocessing service data;
and homomorphic encryption is carried out on the preprocessed service data according to the public key of the preprocessed service data, so as to obtain service ciphertext data.
In one embodiment, the processor when executing the computer program further performs the steps of:
acquiring a first prime number and a second prime number which meet preset conditions;
substituting the prime number product between the first prime number and the second prime number, the least common multiple and a preset positive integer into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
And if the remainder calculation result is not equal to 0, determining the prime number product and the preset positive integer as the public key of the preprocessing service data.
In one embodiment, the processor when executing the computer program further performs the steps of:
acquiring a private key of a service data processing result;
and homomorphic decryption is carried out on the service data processing result according to the private key of the service data processing result, so as to obtain the data processing result of the target service data.
In one embodiment, the processor when executing the computer program further performs the steps of:
acquiring a first prime number and a second prime number which meet preset conditions;
substituting the prime number product between the first prime number and the second prime number, the least common multiple and a preset positive integer into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
and if the remainder calculation result is not equal to 0, determining the least common multiple and the remainder calculation result as a private key of the service data processing result.
In one embodiment, the processor when executing the computer program further performs the steps of:
acquiring a data use record uploaded to a blockchain platform by a data user; the data use record comprises the data use amount and the data use times of the data use party;
Determining an amount of resources used by the data consumer based on the data usage record;
and sending a resource transfer instruction to the data user according to the used resource amount, wherein the resource transfer instruction is used for acquiring the resource which is the same as the used resource amount from the data user.
In one embodiment, the processor when executing the computer program further performs the steps of:
and under the condition that the blockchain platform meets the preset triggering condition, analyzing the data use record according to the intelligent contract on the blockchain platform to determine the use resource quantity of the data user.
In one embodiment, the processor when executing the computer program further performs the steps of:
homomorphic decryption is carried out on the artificial intelligent model returned by the data user to obtain a homomorphic decrypted artificial intelligent model;
and processing the target service data through the homomorphic decrypted artificial intelligent model to obtain a data processing result of the target service data.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:
in response to a processing request of target service data, homomorphic encryption is carried out on original service data of the target service data to obtain service ciphertext data; the processing request carries the identification of the data user;
According to the identification of the data user, sending the service ciphertext data to the data user so as to instruct the service ciphertext data to be processed;
homomorphic decryption is carried out on the service data processing result returned by the data user, and the data processing result of the target service data is obtained.
In one embodiment, the computer program when executed by the processor further performs the steps of:
preprocessing original service data to obtain preprocessed service data;
acquiring a public key of the preprocessing service data;
and homomorphic encryption is carried out on the preprocessed service data according to the public key of the preprocessed service data, so as to obtain service ciphertext data.
In one embodiment, the computer program when executed by the processor further performs the steps of:
acquiring a first prime number and a second prime number which meet preset conditions;
substituting the prime number product between the first prime number and the second prime number, the least common multiple and a preset positive integer into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
and if the remainder calculation result is not equal to 0, determining the prime number product and the preset positive integer as the public key of the preprocessing service data.
In one embodiment, the computer program when executed by the processor further performs the steps of:
Acquiring a private key of a service data processing result;
and homomorphic decryption is carried out on the service data processing result according to the private key of the service data processing result, so that the data processing result of the target service data is obtained.
In one embodiment, the computer program when executed by the processor further performs the steps of:
acquiring a first prime number and a second prime number which meet preset conditions;
substituting the prime number product between the first prime number and the second prime number, the least common multiple and a preset positive integer into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
and if the remainder calculation result is not equal to 0, determining the least common multiple and the remainder calculation result as a private key of the service data processing result.
In one embodiment, the computer program when executed by the processor further performs the steps of:
acquiring a data use record uploaded to a blockchain platform by a data user; the data use record comprises the data use amount and the data use times of the data use party;
determining an amount of resources used by the data consumer based on the data usage record;
and sending a resource transfer instruction to the data user according to the used resource amount, wherein the resource transfer instruction is used for acquiring the resource which is the same as the used resource amount from the data user.
In one embodiment, the computer program when executed by the processor further performs the steps of:
and under the condition that the blockchain platform meets the preset triggering condition, analyzing the data use record according to the intelligent contract on the blockchain platform to determine the use resource quantity of the data user.
In one embodiment, the processor when executing the computer program further performs the steps of:
homomorphic decryption is carried out on the artificial intelligent model returned by the data user to obtain a homomorphic decrypted artificial intelligent model;
and processing the target service data through the homomorphic decrypted artificial intelligent model to obtain a data processing result of the target service data.
In one embodiment, a computer program product is provided comprising a computer program which, when executed by a processor, performs the steps of:
in response to a processing request of target service data, homomorphic encryption is carried out on original service data of the target service data to obtain service ciphertext data; the processing request carries the identification of the data user;
according to the identification of the data user, sending the service ciphertext data to the data user so as to instruct the service ciphertext data to be processed;
Homomorphic decryption is carried out on the service data processing result returned by the data user, and the data processing result of the target service data is obtained.
In one embodiment, the computer program when executed by the processor further performs the steps of:
preprocessing original service data to obtain preprocessed service data;
acquiring a public key of the preprocessing service data;
and homomorphic encryption is carried out on the preprocessed service data according to the public key of the preprocessed service data, so as to obtain service ciphertext data.
In one embodiment, the computer program when executed by the processor further performs the steps of:
acquiring a first prime number and a second prime number which meet preset conditions;
substituting the prime number product between the first prime number and the second prime number, the least common multiple and a preset positive integer into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
and if the remainder calculation result is not equal to 0, determining the prime number product and the preset positive integer as the public key of the preprocessing service data.
In one embodiment, the computer program when executed by the processor further performs the steps of:
acquiring a private key of a service data processing result;
and homomorphic decryption is carried out on the service data processing result according to the private key of the service data processing result, so that the data processing result of the target service data is obtained.
In one embodiment, the computer program when executed by the processor further performs the steps of:
acquiring a first prime number and a second prime number which meet preset conditions;
substituting the prime number product between the first prime number and the second prime number, the least common multiple and a preset positive integer into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
and if the remainder calculation result is not equal to 0, determining the least common multiple and the remainder calculation result as a private key of the service data processing result.
In one embodiment, the computer program when executed by the processor further performs the steps of:
acquiring a data use record uploaded to a blockchain platform by a data user; the data use record comprises the data use amount and the data use times of the data use party;
determining an amount of resources used by the data consumer based on the data usage record;
and sending a resource transfer instruction to the data user according to the used resource amount, wherein the resource transfer instruction is used for acquiring the resource which is the same as the used resource amount from the data user.
In one embodiment, the computer program when executed by the processor further performs the steps of:
and under the condition that the blockchain platform meets the preset triggering condition, analyzing the data use record according to the intelligent contract on the blockchain platform to determine the use resource quantity of the data user.
In one embodiment, the processor when executing the computer program further performs the steps of:
homomorphic decryption is carried out on the artificial intelligent model returned by the data user to obtain a homomorphic decrypted artificial intelligent model;
and processing the target service data through the homomorphic decrypted artificial intelligent model to obtain a data processing result of the target service data. .
It should be noted that, the user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present application are information and data authorized by the user or sufficiently authorized by each party, and the collection, use and processing of the related data need to comply with the related laws and regulations and standards of the related country and region.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the embodiments provided herein may include at least one of a relational database and a non-relational database. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processor referred to in the embodiments provided in the present application may be a general-purpose processor, a central processing unit, a graphics processor, a digital signal processor, a programmable logic unit, a data processing logic unit based on quantum computing, or the like, but is not limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples illustrate only a few embodiments of the application and are described in detail herein without thereby limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of the application should be assessed as that of the appended claims.

Claims (12)

1. A method of data processing, the method comprising:
in response to a processing request of target service data, homomorphic encryption is carried out on original service data of the target service data to obtain service ciphertext data; the processing request carries the identification of the data user;
according to the identification of the data user, the service ciphertext data is sent to the data user so as to instruct the service ciphertext data to be processed;
Homomorphic decryption is carried out on the service data processing result returned by the data user, and the data processing result of the target service data is obtained.
2. The method according to claim 1, wherein homomorphic encrypting the original service data of the target service data to obtain service ciphertext data comprises:
preprocessing the original service data to obtain preprocessed service data;
acquiring a public key of the preprocessing service data;
and homomorphic encryption is carried out on the preprocessing service data according to the public key of the preprocessing service data, so as to obtain the service ciphertext data.
3. The method of claim 2, wherein the obtaining the public key of the pre-processed service data comprises:
acquiring a first prime number and a second prime number which meet preset conditions;
substituting prime number products, least common multiple and a preset positive integer between the first prime number and the second prime number into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
and if the remainder calculation result is not equal to 0, determining the prime number product and the preset positive integer as a public key of the preprocessing service data.
4. A method according to any one of claims 1 to 3, wherein the homomorphic decryption of the service data processing result returned by the data consumer to obtain the data processing result of the target service data includes:
acquiring a private key of the service data processing result;
and homomorphic decryption is carried out on the service data processing result according to the private key of the service data processing result, so that the data processing result of the target service data is obtained.
5. The method of claim 4, wherein obtaining the private key of the business data processing result comprises:
acquiring a first prime number and a second prime number which meet preset conditions;
substituting prime number products, least common multiple and a preset positive integer between the first prime number and the second prime number into a remainder calculation formula to obtain a remainder calculation result; the least common multiple is determined based on the first prime number and the second prime number;
and if the remainder calculation result is not equal to 0, determining the least common multiple and the remainder calculation result as a private key of the service data processing result.
6. A method according to any one of claims 1-3, wherein the method further comprises:
Acquiring a data use record uploaded to a blockchain platform by the data consumer; the data use record comprises the data use quantity and the data use times of the data use party;
determining an amount of resources used by the data consumer based on the data usage record;
according to the used resource quantity, sending a resource transfer instruction to the data user; the resource transfer instruction is used for acquiring the resources with the same amount as the used resources from the data user.
7. The method of claim 6, wherein the determining the amount of resources used by the data consumer based on the data usage record comprises:
and under the condition that the blockchain platform meets the preset triggering condition, analyzing the data use record according to the intelligent contract on the blockchain platform to determine the use resource quantity of the data user.
8. A method according to any one of claims 1-3, wherein the processing of the traffic ciphertext data by the data consumer comprises: training based on the service ciphertext data to obtain an artificial intelligent model; correspondingly, the homomorphic decryption is carried out on the service data processing result returned by the data user, and the data processing result of the target service data is obtained, which comprises the following steps:
Homomorphic decryption is carried out on the artificial intelligent model returned by the data user to obtain a homomorphic decrypted artificial intelligent model;
and processing the target service data through the homomorphic decrypted artificial intelligent model to obtain a data processing result of the target service data.
9. A data processing apparatus, the apparatus comprising:
the data acquisition module is used for responding to the processing request of the target service data, and homomorphic encryption is carried out on the original service data of the target service data to obtain service ciphertext data; the processing request carries the identification of the data user;
the data processing module is used for sending the service ciphertext data to the data user according to the identification of the data user so as to instruct the service ciphertext data to be processed;
and the result acquisition module is used for homomorphic decryption of the service data processing result returned by the data user to obtain the data processing result of the target service data.
10. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any one of claims 1 to 8 when the computer program is executed.
11. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 8.
12. A computer program product comprising a computer program, characterized in that the computer program, when executed by a processor, implements the steps of the method of any one of claims 1 to 8.
CN202310770127.0A 2023-06-27 2023-06-27 Data processing method, apparatus, computer device, storage medium, and program product Pending CN117034304A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310770127.0A CN117034304A (en) 2023-06-27 2023-06-27 Data processing method, apparatus, computer device, storage medium, and program product

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310770127.0A CN117034304A (en) 2023-06-27 2023-06-27 Data processing method, apparatus, computer device, storage medium, and program product

Publications (1)

Publication Number Publication Date
CN117034304A true CN117034304A (en) 2023-11-10

Family

ID=88636111

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310770127.0A Pending CN117034304A (en) 2023-06-27 2023-06-27 Data processing method, apparatus, computer device, storage medium, and program product

Country Status (1)

Country Link
CN (1) CN117034304A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117892332A (en) * 2024-03-13 2024-04-16 苏州元脑智能科技有限公司 Intelligent transportation system, data privacy calculation method, electronic equipment and medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117892332A (en) * 2024-03-13 2024-04-16 苏州元脑智能科技有限公司 Intelligent transportation system, data privacy calculation method, electronic equipment and medium
CN117892332B (en) * 2024-03-13 2024-05-24 苏州元脑智能科技有限公司 Intelligent transportation system, data privacy calculation method, electronic equipment and medium

Similar Documents

Publication Publication Date Title
Chen et al. When homomorphic encryption marries secret sharing: Secure large-scale sparse logistic regression and applications in risk control
US20240113858A1 (en) Systems and Methods for Performing Secure Machine Learning Analytics Using Homomorphic Encryption
EP3234792B1 (en) Verification of data processes in a network of computing resources
Jiang et al. Flashe: Additively symmetric homomorphic encryption for cross-silo federated learning
CN104521178B (en) The method and system of the multi-party cloud computing of safety
WO2019007396A1 (en) Method and device for conducting encrypted transaction based on smart contract, and blockchain
CN112968764A (en) Multi-link cipher logical block chain
Jayapandian et al. Secure and efficient online data storage and sharing over cloud environment using probabilistic with homomorphic encryption
CN112202554B (en) Information processing method, device and equipment for generating key based on attribute of information
Papadimitriou et al. DStress: Efficient differentially private computations on distributed data
CN115473715B (en) Forward secure ciphertext equivalent test public key encryption method, device, system and medium
CN117034304A (en) Data processing method, apparatus, computer device, storage medium, and program product
CN113259084A (en) Method and device for pre-warning of mortgage risk of movable property, computer equipment and storage medium
CN116684102A (en) Message transmission method, message verification method, device, equipment, medium and product
CN115712689A (en) Method and device for classifying electricity users and computer equipment
CN115118520A (en) Data processing method and device and server
CN115599959A (en) Data sharing method, device, equipment and storage medium
CN113191893A (en) Data risk prediction method, device, electronic device, medium, and program product
CN113064899A (en) Storage method and device for asset security type evidence of general certificate transaction and electronic equipment
Tillem et al. Mining Encrypted Software Logs using Alpha Algorithm.
CN112749780A (en) Data processing method, device and equipment
Kumar et al. Integrating machine learning algorithms with an advanced encryption scheme: enhancing data security and privacy
CN117171766B (en) Data protection method, system and medium based on deep neural network model
CN113065156B (en) Multi-party combined data processing method and device for controlling time delay
CN117078442A (en) Tariff warranty establishment and receiving method, device and equipment based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination