CN117077089A - Algorithm authorization system and method - Google Patents
Algorithm authorization system and method Download PDFInfo
- Publication number
- CN117077089A CN117077089A CN202311109752.7A CN202311109752A CN117077089A CN 117077089 A CN117077089 A CN 117077089A CN 202311109752 A CN202311109752 A CN 202311109752A CN 117077089 A CN117077089 A CN 117077089A
- Authority
- CN
- China
- Prior art keywords
- algorithm
- authorization
- unit
- service
- service module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 242
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000012795 verification Methods 0.000 claims abstract description 28
- 238000012423 maintenance Methods 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 5
- 230000000977 initiatory effect Effects 0.000 claims description 4
- 238000004891 communication Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 238000012545 processing Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/73—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
Abstract
The application discloses an algorithm authorization system and method, and relates to the technical field of algorithm authorization. The system comprises: the algorithm service module is used for receiving the algorithm starting task, sending an algorithm authorization request to the algorithm authorization service module, and receiving and starting the algorithm model according to the algorithm authorization license; and the algorithm authorization service module is used for receiving and inquiring the algorithm model authorization data according to the algorithm authorization request, acquiring and carrying out signature verification according to the unique identifier of the server hardware, and returning the algorithm authorization license to the algorithm service module after the verification is passed. The application is based on the uniqueness of the server hardware identification and the independent service of the algorithm authorization, ensures the authorization safety of the algorithm model, does not need to independently develop and maintain the algorithm authorization aiming at specific projects, and improves the management efficiency of the algorithm authorization.
Description
Technical Field
The application relates to the technical field of algorithm authorization, in particular to an algorithm authorization system and method.
Background
In the prior art, the general algorithm authorization adopts the following modes: writing authorization related information into the algorithm model according to project requirements; and when the algorithm is started, directly calling and inquiring authorization information in the algorithm model, and carrying out the authorization starting of the algorithm model.
The prior art scheme has the following problems:
1. the algorithm model is required to be re-manufactured according to project algorithm authorization requirements, and the efficiency is low.
2. The hardware related verification is not available, the algorithm model copy prevention is not realized, and the safety is not high.
Disclosure of Invention
In order to overcome the problems or at least partially solve the problems, the application provides an algorithm authorization system and an algorithm authorization method, which are based on the uniqueness of a server hardware identifier and an algorithm authorization independent service, ensure the authorization safety of an algorithm model, do not need to independently develop and maintain the algorithm authorization aiming at specific projects, and improve the management efficiency of the algorithm authorization.
In order to solve the technical problems, the application adopts the following technical scheme:
in a first aspect, the present application provides an algorithm authorization system, including an algorithm service module and an algorithm authorization service module, wherein:
the algorithm service module is used for receiving the algorithm starting task, sending an algorithm authorization request to the algorithm authorization service module, and receiving and starting the algorithm model according to the algorithm authorization license;
and the algorithm authorization service module is used for receiving and inquiring the algorithm model authorization data according to the algorithm authorization request, acquiring and carrying out signature verification according to the unique identifier of the server hardware, and returning the algorithm authorization license to the algorithm service module after the verification is passed.
The system ensures the authorization safety of the algorithm model based on the uniqueness of the server hardware identifier and the independent service of the algorithm authorization through the cooperation of the algorithm service module and the algorithm authorization service module, does not need to independently develop and maintain the algorithm authorization aiming at specific projects, and improves the management efficiency of the algorithm authorization.
Based on the first aspect, further, the algorithm service module includes an algorithm task receiving unit, an algorithm authorization query unit, an algorithm authorization starting unit, and an algorithm model unit, where:
the algorithm task receiving unit is used for receiving an algorithm starting task;
the algorithm authorization query unit is used for sending an algorithm authorization request to the algorithm authorization service module according to the algorithm starting task; receiving algorithm authorization permission information returned by the algorithm authorization service module;
the algorithm authorization starting unit is used for determining whether the algorithm model is started or not according to the algorithm authorization permission information obtained by the algorithm authorization inquiring unit;
and the algorithm model unit is used for starting the algorithm model according to the starting instruction of the algorithm authorization starting unit.
Based on the first aspect, the algorithm service module further comprises a heartbeat maintenance unit, which is used for providing heartbeat maintenance between the algorithm authorization service module and the algorithm service module.
Based on the first aspect, further, the algorithm authorization service module includes a signature file management unit, a signature file verification unit, an algorithm authorization service starting unit, an algorithm authorization management unit, and an algorithm authorization permission unit, wherein:
the signature file management unit is used for uniformly managing the imported signature files, wherein the signature files are obtained by encrypting the identification of the server GPU card and the algorithm authorization information by adopting a data encryption algorithm;
the signature file verification unit is used for reading the hardware information of the server and verifying the signature file according to a pre-recorded private encryption and decryption algorithm;
the algorithm authorization service starting unit is used for starting the algorithm authorization service after the verification is passed;
the algorithm authorization management unit is used for managing algorithm authorization;
and the algorithm authorization permission unit is used for sending the algorithm authorization permission to the algorithm service module according to the authorization information provided by the algorithm authorization management unit.
In a second aspect, the present application provides an algorithm authorization method of the algorithm authorization system according to any one of the first aspects, comprising the steps of:
the algorithm service receives an algorithm starting task;
the algorithm service requests algorithm authorization from the algorithm authorization service;
the algorithm authorization service queries algorithm model authorization data and returns algorithm authorization permissions;
the algorithm service receives the authorization permission and starts the algorithm model.
Based on the second aspect, the algorithm authorization method further comprises the following steps:
acquiring a unique identifier of a server GPU card;
creating a signature file based on the identification of the server GPU card and the algorithm authorization information, and importing the signature file into the algorithm authorization service;
the algorithm authorization service obtains a unique identifier of the server GPU card and verifies the signature file;
after the verification is passed, the algorithm authorization service is started.
Based on the second aspect, further, the algorithm model authorization data includes an algorithm identifier, an authorized total path number, a remaining authorized path number, an authorized validity period, and a key field.
Based on the second aspect, further, the algorithm starting task includes an algorithm model to be started and a path number to be started.
In a third aspect, the present application provides an electronic device comprising a memory for storing one or more programs; a processor; the method of any of the second aspects described above is implemented when one or more programs are executed by a processor.
In a fourth aspect, the present application provides a computer readable storage medium having stored thereon a computer program which when executed by a processor implements a method as in any of the second aspects above.
The application has at least the following advantages or beneficial effects:
the application provides an algorithm authorization system and an algorithm authorization method, which are based on the uniqueness of a server hardware identifier and an algorithm authorization independent service, ensure the authorization safety of an algorithm model, do not need to independently develop and maintain the algorithm authorization aiming at a specific project, and improve the management efficiency of the algorithm authorization.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments will be briefly described below, it being understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic block diagram of an algorithmic authorization system in accordance with an embodiment of the present application;
FIG. 2 is a flowchart of an algorithm authorization method according to an embodiment of the present application;
FIG. 3 is a flowchart illustrating a process for securely starting an algorithm authorization service in an algorithm authorization method according to an embodiment of the present application;
fig. 4 is a block diagram of an electronic device according to an embodiment of the present application.
Reference numerals illustrate: 100. an algorithm service module; 110. an algorithm task receiving unit; 120. an algorithm authorization query unit; 130. an algorithm authorization starting unit; 140. an algorithm model unit; 150. a heartbeat maintenance unit; 200. an algorithm authorization service module; 210. a signature file management unit; 220. a signature file verification unit; 230. an algorithm authorization service starting unit; 240. an algorithm authorization management unit; 250. an algorithm authorization permission unit; 101. a memory; 102. a processor; 103. a communication interface.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application. The components of the embodiments of the present application generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the application, as presented in the figures, is not intended to limit the scope of the application, as claimed, but is merely representative of selected embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In the description of the embodiments of the present application, "plurality" means at least 2.
Examples:
as shown in fig. 1, in a first aspect, an embodiment of the present application provides an algorithm authorization system, including an algorithm service module 100 and an algorithm authorization service module 200, wherein:
the algorithm service module 100 is configured to receive an algorithm starting task, send an algorithm authorization request to the algorithm authorization service module 200, and receive and license a starting algorithm model according to the algorithm authorization;
the algorithm authorization service module 200 is configured to receive and query the algorithm model authorization data according to the algorithm authorization request, acquire and perform signature verification according to the unique identifier of the server hardware, and return an algorithm authorization license to the algorithm service module 100 after the verification is passed.
The system ensures the authorization safety of the algorithm model based on the uniqueness of the server hardware identifier and the independent service of the algorithm authorization through the cooperation of the algorithm service module 100 and the algorithm authorization service module 200, does not need to independently develop and maintain the algorithm authorization aiming at specific projects, and improves the management efficiency of the algorithm authorization.
Based on the first aspect, further, in some embodiments of the present application, as shown in fig. 1, the algorithm service module 100 includes an algorithm task receiving unit 110, an algorithm authorization query unit 120, an algorithm authorization starting unit 130, and an algorithm model unit 140, where:
an algorithm task receiving unit 110 for receiving an algorithm start task; the method comprises an algorithm model to be started and the number of paths to be started; the algorithm model to be started is uniquely identified by an algorithm identification; the number of paths to be started refers to the number of paths to be accessed to a camera for intelligent analysis.
An algorithm authorization query unit 120, configured to send an algorithm authorization request to the algorithm authorization service module 200 according to an algorithm start task; and receives the algorithm authorization permission information returned by the algorithm authorization service module 200; according to the algorithm model to be started and the camera road number information to be started acquired by the algorithm task receiving unit 110, an algorithm authorization request is sent to the algorithm authorization service module 200; and receives the algorithm authorization permission information returned from the algorithm authorization service module 200.
An algorithm authorization initiation unit 130, configured to determine whether the algorithm model is initiated according to the algorithm authorization permission information obtained by the algorithm authorization query unit 120;
the algorithm model unit 140 is configured to start the algorithm model according to a start instruction of the algorithm authorization start unit 130.
Based on the first aspect, further, as shown in fig. 1, the algorithm service module 100 includes a heartbeat maintenance unit 150, configured to provide heartbeat maintenance between the algorithm authorization service module 200 and the algorithm service module 100.
Based on the first aspect, further, in some embodiments of the present application, as shown in fig. 1, the above-mentioned algorithm authorization service module 200 includes a signature file management unit 210, a signature file verification unit 220, an algorithm authorization service initiation unit 230, an algorithm authorization management unit 240, and an algorithm authorization permission unit 250, wherein:
the signature file management unit 210 is configured to uniformly manage the imported signature files, where the signature files are obtained by encrypting the identifier of the server GPU card and the algorithm authorization information by using a data encryption algorithm; the signature file is a signature file which is manufactured by an algorithm manufacturer by carrying out data encryption according to the acquired information related to the server hardware; the information related to the server hardware is specifically obtained by obtaining a unique identifier of a server GPU card; the server GPU card can be provided with a plurality of GPU cards according to actual installation and deployment conditions. The step of creating the signature file specifically refers to creating the signature file based on the identification of the server GPU card and the algorithm authorization information; the signature file is to encrypt the identification of the server GPU card and the algorithm authorization information by adopting a data encryption algorithm; the algorithm used for data encryption is a manufacturer private encryption algorithm so as to ensure the security. The private encryption algorithm of the manufacturer can be a non-industry marked encryption algorithm which is self-developed by the manufacturer, and also can adopt an AES encryption algorithm, and an encryption key is randomly generated by the manufacturer so as to ensure the data security. The signature file also contains algorithm authorization information; the algorithm authorization information mainly comprises: algorithm identification, total number of authorized routes, residual number of authorized routes, authorized validity period and the like; the algorithm authorization information is also encrypted.
The signature file verification unit 220 is used for reading the hardware information of the server and verifying the signature file according to a pre-recorded private encryption and decryption algorithm; the verification specifically comprises the following steps: and reading the unique identification information of the server GPU card, comparing the unique identification information with the unique identification information of the GPU card in the decrypted signature file, and if the comparison data are consistent, checking the task.
An algorithm authorization service starting unit 230, configured to start an algorithm authorization service after the verification is passed; if the verification is not passed, the algorithm authorization service is not started.
An algorithm authorization management unit 240, configured to manage algorithm authorization; the management includes receiving an authorization service request sent by the algorithm service module 100, and querying algorithm authorization of the system; the algorithmic authorization of the system includes: algorithm identification, total number of authorized routes, number of remaining authorized routes, authorized validity period, and key field.
The algorithm authorization permission unit 250 is configured to send an algorithm authorization permission to the algorithm service module 100 according to the authorization information provided by the algorithm authorization management unit 240. The algorithm authorization permissions include: the algorithm identifies, whether authorization is allowed, etc.
As shown in fig. 2, in a second aspect, an embodiment of the present application provides an algorithm authorization method of the algorithm authorization system according to any one of the first aspect, including the steps of:
s201: the algorithm service receives an algorithm starting task; the algorithm task of the algorithm service is received and used for receiving an algorithm starting task, wherein the algorithm task comprises an algorithm model to be started and a road number to be started; the algorithm model to be started is uniquely identified by an algorithm identification; the number of paths to be started refers to the number of paths to be accessed to a camera for intelligent analysis.
S202: the algorithm service requests algorithm authorization from the algorithm authorization service; the algorithm authorization query of the algorithm service is used for receiving the acquired algorithm model to be started and the started camera road number information according to the algorithm task, and sending an algorithm authorization request to the algorithm authorization service; and receiving algorithm authorization permission information returned by the algorithm authorization service.
S203: the algorithm authorization service queries algorithm model authorization data and returns algorithm authorization permissions; the algorithm authorization management of the algorithm authorization service receives an authorization service request sent by the algorithm service and inquires the algorithm authorization of the system; the algorithm authorization of the system comprises the following steps: algorithm identification, total number of authorized routes, number of remaining authorized routes, authorized validity period and key field; the algorithm authorization permission of the algorithm authorization service sends the algorithm authorization permission to the algorithm service; the algorithm authorization permissions described above include: the algorithm identifies, whether authorization is allowed, etc.
The algorithm service receives the authorization permission and starts the algorithm model.
S204: whether the algorithm authorizes permission to allow startup; and judging whether the algorithm model is allowed to start or not according to the returned authorization service.
S205: starting an algorithm model; if the algorithm model is allowed to start, the algorithm model is started.
S206: prompting that the algorithm is not authorized; if the algorithm model is not allowed to start, the algorithm is prompted to be unauthorized.
Based on the second aspect, in some embodiments of the application, as shown in fig. 3, the method for algorithmic authorization further comprises the steps of:
s301: acquiring a unique identifier of a server GPU card; specifically, in order to acquire unique identification information of the algorithm server GPU card when the system is installed and initialized, a GPU card can be uniquely determined through the unique identification of the GPU card; the server GPU card can be provided with a plurality of GPU cards according to actual installation and deployment conditions.
S302: creating a signature file based on the identification of the server GPU card and the algorithm authorization information, and importing the signature file into the algorithm authorization service; encrypting data according to the obtained identification of the server GPU card, and manufacturing a signature file; the algorithm used for encrypting the data is a manufacturer private encryption algorithm so as to ensure the security; the signature file also contains algorithm authorization information; the algorithm authorization information is also encrypted; the authorization information mainly includes: algorithm identification, total number of authorized routes, number of remaining authorized routes, authorized validity period, etc.
S303: the algorithm authorization service obtains a unique identifier of the server GPU card and verifies the signature file; the verification of the signature file of the algorithm authorization service is that the algorithm authorization service reads the related information of the server hardware, specifically the unique identifier of the server GPU card, and the verification of the signature file is carried out based on the encryption and decryption algorithm proprietary to the manufacturer.
S304: judging whether the signature file passes verification or not; determining whether the signature file passes verification;
s305: after the verification is passed, starting an algorithm authorization service;
s306: if the signature file is not verified, the algorithm authorization service is not started.
The application is based on the uniqueness of the server hardware identification and the independent service of the algorithm authorization, ensures the authorization safety of the algorithm model, does not need to independently develop and maintain the algorithm authorization aiming at specific projects, and improves the management efficiency of the algorithm authorization.
As shown in fig. 4, in a third aspect, an embodiment of the present application provides an electronic device, which includes a memory 101 for storing one or more programs; a processor 102. The method of any of the second aspects described above is implemented when one or more programs are executed by the processor 102.
And a communication interface 103, where the memory 101, the processor 102 and the communication interface 103 are electrically connected directly or indirectly to each other to realize data transmission or interaction. For example, the components may be electrically connected to each other via one or more communication buses or signal lines. The memory 101 may be used to store software programs and modules that are stored within the memory 101 for execution by the processor 102 to perform various functional applications and data processing. The communication interface 103 may be used for communication of signaling or data with other node devices.
The Memory 101 may be, but is not limited to, a random access Memory (Random Access Memory, RAM), a Read Only Memory (ROM), a programmable Read Only Memory (Programmable Read-Only Memory, PROM), an erasable Read Only Memory (Erasable Programmable Read-Only Memory, EPROM), an electrically erasable Read Only Memory (Electric Erasable Programmable Read-Only Memory, EEPROM), etc.
The processor 102 may be an integrated circuit chip with signal processing capabilities. The processor 102 may be a general purpose processor including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but also digital signal processors (Digital Signal Processing, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), field programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
In the embodiments provided in the present application, it should be understood that the disclosed method and system may be implemented in other manners. The above-described method and system embodiments are merely illustrative, for example, flow charts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of methods and systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form a single part, or each module may exist alone, or two or more modules may be integrated to form a single part.
In a fourth aspect, embodiments of the present application provide a computer readable storage medium having stored thereon a computer program which, when executed by the processor 102, implements a method as in any of the second aspects described above. The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The above is only a preferred embodiment of the present application, and is not intended to limit the present application, but various modifications and variations can be made to the present application by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the protection scope of the present application.
It will be evident to those skilled in the art that the application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive, the scope of the application being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Claims (10)
1. An algorithm authorization system, comprising an algorithm service module and an algorithm authorization service module, wherein:
the algorithm service module is used for receiving the algorithm starting task, sending an algorithm authorization request to the algorithm authorization service module, and receiving and starting the algorithm model according to the algorithm authorization license;
and the algorithm authorization service module is used for receiving and inquiring the algorithm model authorization data according to the algorithm authorization request, acquiring and carrying out signature verification according to the unique identifier of the server hardware, and returning the algorithm authorization license to the algorithm service module after the verification is passed.
2. The system of claim 1, wherein the algorithm service module comprises an algorithm task receiving unit, an algorithm authorization query unit, an algorithm authorization initiation unit, and an algorithm model unit, wherein:
the algorithm task receiving unit is used for receiving an algorithm starting task;
the algorithm authorization query unit is used for sending an algorithm authorization request to the algorithm authorization service module according to the algorithm starting task; receiving algorithm authorization permission information returned by the algorithm authorization service module;
the algorithm authorization starting unit is used for determining whether the algorithm model is started or not according to the algorithm authorization permission information obtained by the algorithm authorization inquiring unit;
and the algorithm model unit is used for starting the algorithm model according to the starting instruction of the algorithm authorization starting unit.
3. An algorithmic authorization system according to claim 1, wherein the algorithmic service module comprises a heartbeat maintenance unit for providing heartbeat maintenance between the algorithmic authorization service module and the algorithmic service module.
4. The system of claim 1, wherein the algorithm authorization service module comprises a signature file management unit, a signature file verification unit, an algorithm authorization service initiation unit, an algorithm authorization management unit, and an algorithm authorization permission unit, wherein:
the signature file management unit is used for uniformly managing the imported signature files, wherein the signature files are obtained by encrypting the identification of the server GPU card and the algorithm authorization information by adopting a data encryption algorithm;
the signature file verification unit is used for reading the hardware information of the server and verifying the signature file according to a pre-recorded private encryption and decryption algorithm;
the algorithm authorization service starting unit is used for starting the algorithm authorization service after the verification is passed;
the algorithm authorization management unit is used for managing algorithm authorization;
and the algorithm authorization permission unit is used for sending the algorithm authorization permission to the algorithm service module according to the authorization information provided by the algorithm authorization management unit.
5. An algorithmic authorization method for an algorithmic authorization system according to any one of claims 1 to 4, comprising the steps of:
the algorithm service receives an algorithm starting task;
the algorithm service requests algorithm authorization from the algorithm authorization service;
the algorithm authorization service queries algorithm model authorization data and returns algorithm authorization permissions;
the algorithm service receives the authorization permission and starts the algorithm model.
6. An algorithmic authorization method according to claim 5, further comprising the steps of:
acquiring a unique identifier of a server GPU card;
creating a signature file based on the identification of the server GPU card and the algorithm authorization information, and importing the signature file into the algorithm authorization service;
the algorithm authorization service obtains a unique identifier of the server GPU card and verifies the signature file;
after the verification is passed, the algorithm authorization service is started.
7. An algorithmic authorization method according to claim 5, wherein the algorithmic model authorization data includes algorithmic identification, total number of authorized ways, number of remaining authorized ways, authorization validity period, key field.
8. An algorithm authorization method according to claim 5, wherein the algorithm start task includes an algorithm model to be started and a number of paths to be started.
9. An electronic device, comprising:
a memory for storing one or more programs;
a processor;
the method of any of claims 5-8 is implemented when the one or more programs are executed by the processor.
10. A computer readable storage medium, on which a computer program is stored, which computer program, when being executed by a processor, implements the method according to any of claims 5-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311109752.7A CN117077089B (en) | 2023-08-30 | 2023-08-30 | Algorithm authorization system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311109752.7A CN117077089B (en) | 2023-08-30 | 2023-08-30 | Algorithm authorization system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117077089A true CN117077089A (en) | 2023-11-17 |
| CN117077089B CN117077089B (en) | 2024-03-12 |
Family
ID=88702133
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311109752.7A Active CN117077089B (en) | 2023-08-30 | 2023-08-30 | Algorithm authorization system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117077089B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017095256A1 (en) * | 2015-12-04 | 2017-06-08 | Intel Corporation | Native code authorization verification library |
| EP3447667A1 (en) * | 2017-08-23 | 2019-02-27 | Bundesdruckerei GmbH | Cryptographic security for a distributed data storage |
| GB201913969D0 (en) * | 2018-09-28 | 2019-11-13 | Infosys Ltd | System and method for decentralized identity management, authentication and authorization of applications |
| EP3835978A1 (en) * | 2019-12-11 | 2021-06-16 | The Boeing Company | Software license manager |
| US20210182407A1 (en) * | 2019-12-11 | 2021-06-17 | The Boeing Company | Execution type software license management |
| CN113065119A (en) * | 2021-03-26 | 2021-07-02 | 西安交大捷普网络科技有限公司 | Authorization method of network equipment |
| CN113434824A (en) * | 2021-06-30 | 2021-09-24 | 平安科技(深圳)有限公司 | Software service authorization management method, device, equipment and storage medium |
| CN114186199A (en) * | 2022-02-15 | 2022-03-15 | 北京安帝科技有限公司 | License authorization method and device |
| CN116260652A (en) * | 2023-03-10 | 2023-06-13 | 统信软件技术有限公司 | Authorization method, system, computing device and readable storage medium |
-
2023
- 2023-08-30 CN CN202311109752.7A patent/CN117077089B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017095256A1 (en) * | 2015-12-04 | 2017-06-08 | Intel Corporation | Native code authorization verification library |
| EP3447667A1 (en) * | 2017-08-23 | 2019-02-27 | Bundesdruckerei GmbH | Cryptographic security for a distributed data storage |
| GB201913969D0 (en) * | 2018-09-28 | 2019-11-13 | Infosys Ltd | System and method for decentralized identity management, authentication and authorization of applications |
| EP3835978A1 (en) * | 2019-12-11 | 2021-06-16 | The Boeing Company | Software license manager |
| US20210182407A1 (en) * | 2019-12-11 | 2021-06-17 | The Boeing Company | Execution type software license management |
| CN113065119A (en) * | 2021-03-26 | 2021-07-02 | 西安交大捷普网络科技有限公司 | Authorization method of network equipment |
| CN113434824A (en) * | 2021-06-30 | 2021-09-24 | 平安科技(深圳)有限公司 | Software service authorization management method, device, equipment and storage medium |
| CN114186199A (en) * | 2022-02-15 | 2022-03-15 | 北京安帝科技有限公司 | License authorization method and device |
| CN116260652A (en) * | 2023-03-10 | 2023-06-13 | 统信软件技术有限公司 | Authorization method, system, computing device and readable storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 许冬霞;: "一种软件在线授权系统的安全模型", 电脑知识与技术, no. 22, 5 August 2010 (2010-08-05) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117077089B (en) | 2024-03-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107862215B (en) | Data storage method, data query method and device | |
| EP1485769B1 (en) | A method and arrangement for protecting software | |
| US5935246A (en) | Electronic copy protection mechanism using challenge and response to prevent unauthorized execution of software | |
| US8800058B2 (en) | Licensing verification for application use | |
| CN111723383B (en) | Data storage and verification method and device | |
| CN101689237B (en) | Activation system architecture | |
| CN104216907A (en) | Method, device and system for providing database access control | |
| CN113656780B (en) | Cross-chain access control method and device | |
| CN112967054B (en) | Data management method, device and equipment | |
| CN111932261A (en) | Asset data management method and device based on verifiable statement | |
| CN111625783A (en) | Software authorization management system based on multi-stage encryption | |
| JPH10260939A (en) | Client machine authentication method of computer network, client machine, host machine and computer system | |
| CN112000933B (en) | Application software activation method and device, electronic equipment and storage medium | |
| CN117077089B (en) | Algorithm authorization system and method | |
| CN115514578B (en) | Block chain based data authorization method and device, electronic equipment and storage medium | |
| CN109302442B (en) | Data storage proving method and related equipment | |
| CN115776396A (en) | Data processing method and device, electronic equipment and storage medium | |
| CN115048672A (en) | Data auditing method and device based on block chain, processor and electronic equipment | |
| CN114861144A (en) | Data authority processing method based on block chain | |
| CN113239405A (en) | Electronic archive information management system based on block chain | |
| CN111611587A (en) | Secure data processing apparatus | |
| CN110798321A (en) | Article information service method based on block chain | |
| CN113179311A (en) | Block chain authority multiple control method and system | |
| CN117528501B (en) | Anti-cracking RFID tag, initializing method and reading method thereof | |
| CN117176472B (en) | Data tamper-proof method, device and system based on intelligent password security equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |