CN117235802B

CN117235802B - Condition trace query method, system and medium based on privacy calculation

Info

Publication number: CN117235802B
Application number: CN202311500985.XA
Authority: CN
Inventors: 赵玺
Original assignee: Basebit Shanghai Information Technology Co ltd; Xiamen Yifang Jianshu Information Technology Co ltd; Wing Fang Jianshu Beijing Information Technology Co ltd
Current assignee: Basebit Shanghai Information Technology Co ltd; Xiamen Yifang Jianshu Information Technology Co ltd; Wing Fang Jianshu Beijing Information Technology Co ltd
Priority date: 2023-11-13
Filing date: 2023-11-13
Publication date: 2024-01-26
Anticipated expiration: 2043-11-13
Also published as: CN117235802A

Abstract

The embodiment of the application provides a conditional trace query method, a conditional trace query system and a conditional trace query medium based on privacy calculation. The method comprises the following steps: the interactive service end blocks the query data through a block model, generates encryption related information, and compares the encryption related information with the information distribution table regenerated by the providing end, encrypts and transmits the data block to the providing end to decrypt and inquire the data and the identifier, decrypts and compares the data, transmits the data to the query end to decrypt and acquire the identifier, and then carries out data trace query on the data end; the interactive terminal carries out data block division and key setting according to the information of the inquiring terminal and the required data, sets an allocation table by comparing with the providing terminal, obtains target data and identifiers by generating an inquiring instruction to the providing terminal, returns the target data, decrypts the target data, compares the target data in a range, encrypts and sends the data identifiers to the inquiring terminal for decryption and carries out data trace inquiry on the providing terminal according to the identifiers after the comparison, and the trace inquiry of the data is realized based on three-party data inquiry transmission comparison.

Description

Condition trace query method, system and medium based on privacy calculation

Technical Field

The application relates to the field of big data and data query, in particular to a condition trace query method, a system and a medium based on privacy calculation.

Background

In the current field of network information interaction and acquisition sharing, in order to obtain or give information data, information leakage of interaction parties often occurs, so that privacy or information is in risk loopholes, therefore, in order to protect information of both sides of inquiry and provision from being ascertained by the other side, information to be protected is protected and hidden, the current data inquiry interaction technology is to define a data position identifier of object information data to be inquired according to data set of an inquirer and a provider under the condition that other information data of the information data provider is not revealed, and then transmit the data to the inquirer from the provider or combining with a third party to obtain a corresponding inquiry result.

In view of the above problems, an effective technical solution is currently needed.

Disclosure of Invention

The embodiment of the application aims to provide a condition hidden trace query method, a system and a medium based on privacy calculation, which can carry out data block division and key setting according to query end information and demand data through an interactive service end and compare a providing end setting allocation table, obtain target data and an identifier through generating a query instruction to the providing end and returning the target data, decrypt the target data and carry out range comparison, encrypt and send the data identifier to the query end for decryption and carry out data hidden trace query according to the identifier on the providing end through comparison, realize that the condition hidden trace query according to the demand of the query end and the providing end is obtained through the third party data interactive query transmission comparison based on three party data block and encryption transmission, and ensure the safety and the hidden trace query.

The embodiment of the application also provides a conditional trace query method based on privacy calculation, which comprises the following steps:

the data interaction service side obtains user side attribute characteristic information of the data query user side and data query demand characteristic information of the query demand data, performs identification processing on the user side attribute characteristic information and the data query demand characteristic information through a preset data interaction service model to obtain data query service characteristic data, and processes to obtain a ciphertext decryption key and a data query characteristic response factor;

The data interaction server obtains a corresponding data level block model by comparing and inquiring the data query service characteristic data through a preset data level block model library, blocks the query demand data to obtain a plurality of query data blocks, extracts the data block query characteristic data of each query data block, processes the data block query characteristic data to obtain a data block encryption level coefficient, and queries the data block encryption level coefficient to obtain a corresponding data block key;

the data interaction service end performs comparison through a preset data providing comparison list according to the data block query characteristic data of each query data block and the data block encryption level coefficient to obtain corresponding data providing ends, and maps and inputs each data providing end and the corresponding query data block and the data block related information into a preset data query service distribution table;

the data interaction server encrypts the query data blocks by combining the corresponding data block keys to obtain data query encryption instructions, and sends the data query encryption instructions to the corresponding data providing end, the data providing end decrypts the data query encryption instructions, performs comparison query collection according to instruction list data to obtain encrypted target collection data, and obtains corresponding data positioning identifiers to be sent to the data interaction server together;

The data interaction service end receives the encrypted target set data, queries and obtains a corresponding data block key through the data query service distribution table according to a corresponding query data block of the corresponding data providing end to decrypt the encrypted target set data to obtain decrypted target set data, and performs algorithm comparison with data block query feature data of the query data block to obtain a hierarchy range comparison result;

if the hierarchy range comparison result meets the preset requirement, the data interaction server encrypts the data positioning identifier corresponding to the decrypted target set data meeting the requirement by combining with the corresponding data block key, and gathers all encrypted identifiers meeting the comparison requirement to obtain target data positioning ciphertext data and sends the target data positioning ciphertext data to the data query user;

and the data query user end decrypts the target data positioning ciphertext data according to the corresponding ciphertext decryption key to obtain a plurality of data positioning identifiers, and performs data hiding query on each data providing end according to each data positioning identifier.

Optionally, in the conditional trace query method based on privacy computation according to the embodiment of the present application, the data interaction service side obtains user attribute feature information of a data query user side and data query requirement feature information of query requirement data, performs identification processing on the user attribute feature information and the data query requirement feature information through a preset data interaction service model to obtain data query service feature data, and obtains a ciphertext decryption key and a data query characteristic response factor by processing, including:

The data interaction server acquires attribute characteristic information of a user end of the data query user end and data query demand characteristic information of query demand data;

the user side attribute characteristic information comprises user privacy level information, user side authority information and user side authorized domain information, and the data query demand characteristic information comprises query data condition information, query data privacy level information and query data volume information;

identifying and processing the attribute characteristic information of the user side and the data query demand characteristic information through a preset data interaction service model to obtain data query service characteristic data, wherein the data query service characteristic data comprises demand data content data, data demand privacy grade data, data query range data and demand data preset level data;

obtaining a corresponding ciphertext decryption key according to the data demand privacy level data;

and processing the data query service characteristic data to obtain a data query characteristic response factor.

Optionally, in the method for conditional trace query based on privacy computation according to the embodiment of the present application, the data interaction server performs comparative query through a preset data hierarchy block model library according to the data query service feature data to obtain a corresponding data hierarchy block model, performs block segmentation on the query requirement data to obtain a plurality of query data blocks, extracts data block query feature data of each query data block, and processes the data block query feature data to obtain a data block encryption hierarchy coefficient, and queries according to the data block encryption hierarchy coefficient to obtain a corresponding data block key, including:

The data interaction server side obtains a corresponding data level block model by comparing and inquiring through a preset data level block model library according to the data query service characteristic data;

partitioning the query demand data according to the data hierarchy partitioning model to obtain a plurality of query data blocks;

the data interaction server side extracts data block query characteristic data corresponding to each query data block, wherein the data block query characteristic data comprises data block query level data, data block query condition range data and data block criticality identification data;

obtaining a data block encryption level coefficient according to the data block inquiry level data, the data block inquiry condition range data and the data block criticality identification data in combination with the data inquiry characteristic response factor;

inquiring a preset data hierarchy key database according to the data block encryption hierarchy coefficient to obtain a data block key corresponding to the inquired data block;

the data block key includes a data block encryption key, a data block decryption key, and a data block level public key.

Optionally, in the privacy-based computing method for conditional trace query, the data interaction service end performs comparison according to the data block query feature data of each query data block and the data block encryption hierarchy coefficient through a preset data providing comparison list to obtain a corresponding data providing end, and maps and inputs each data providing end into a preset data query service allocation table in combination with each query data block and related information of the data block, including:

The data interaction server performs comparison query by combining the data block encryption level coefficient according to the data block query level data and the data block query condition range data of each query data block through a preset data providing comparison list, and obtains a corresponding data providing end matched with each query data block;

and carrying out information association mapping according to the data providing ends and the corresponding query data blocks by combining the corresponding data block query characteristic data and the data block keys, and inputting information after mapping association into a preset data query service allocation table.

Optionally, in the method for conditional trace query based on privacy computation according to the embodiment of the present application, the data interaction server encrypts each query data block in combination with a corresponding data block key to obtain a data query encryption instruction, and sends the data query encryption instruction to a corresponding data providing end, where each data providing end decrypts the data query encryption instruction, performs a comparison query set according to instruction list data to obtain encrypted target set data, and obtains a corresponding data positioning identifier to send the data positioning identifier to the data interaction server together, including:

the data interaction server encrypts the query data blocks in combination with the corresponding data block encryption keys to obtain data query encryption instructions;

Sending each data inquiry encryption instruction to the corresponding data providing end;

each data providing end decrypts the received data inquiry encryption instruction, and performs comparison inquiry according to instruction list data of a database of a preset data providing end to obtain a plurality of encryption target data conforming to the data inquiry encryption instruction;

the method comprises the steps of collecting a plurality of encrypted target data as encrypted target set data, and obtaining corresponding data positioning identifiers;

and sending the encrypted target set data and the data positioning identifier to the data interaction server.

Optionally, in the method for conditional trace query based on privacy computation according to the embodiment of the present application, the data interaction server receives the encrypted target set data, queries, according to a corresponding query data block of a corresponding data provider, a corresponding data block key through the data query service allocation table to obtain the encrypted target set data, decrypts the encrypted target set data to obtain decrypted target set data, and performs algorithm comparison with data block query feature data of the query data block to obtain a hierarchical range comparison result, where the method includes:

the data interaction server receives the encrypted target set data sent by each data providing end;

Inquiring through the data inquiry service distribution table according to the inquiry data block corresponding to the data providing end to obtain a corresponding data block decryption key;

decrypting the encrypted target set data according to the data block decryption key to obtain decrypted target set data;

and comparing the decryption target set data with the data block query level data and the data block query condition range data of the query data block through a preset comparison algorithm to obtain a level range comparison result.

Optionally, in the method for conditional trace query based on privacy computation according to the embodiment of the present application, if the hierarchical scope comparison result meets a preset requirement, the data interaction server encrypts a data location identifier corresponding to the decrypted target set data that meets the requirement in combination with a corresponding data block key, and aggregates all encrypted identifiers that meet the comparison requirement to obtain target data location ciphertext data, and sends the target data location ciphertext data to the data query client, where the method includes:

if the hierarchy range comparison result meets the preset requirement, the data interaction server encrypts the data positioning identifier corresponding to the decryption target set data meeting the requirement according to the hierarchy public key of the corresponding data block in the data query service allocation table;

Collecting the data positioning identifiers encrypted by the data block level public keys which meet all the comparison requirements to obtain target data positioning ciphertext data;

and sending the target data positioning ciphertext data to the data query user terminal.

In a second aspect, an embodiment of the present application provides a conditional track query system based on privacy computation, the system including: the system comprises a memory and a processor, wherein the memory comprises a program of a conditional trace query method based on privacy calculation, and the program of the conditional trace query method based on privacy calculation realizes the following steps when being executed by the processor:

Optionally, in the privacy-based computing condition-based trace query system described in the embodiment of the present application, the data interaction service side obtains user-side attribute feature information of a data query user side and data query requirement feature information of query requirement data, performs identification processing on the user-side attribute feature information and the data query requirement feature information through a preset data interaction service model to obtain data query service feature data, and obtains a ciphertext decryption key and a data query feature response factor by processing, including:

In a third aspect, an embodiment of the present application further provides a computer readable storage medium, where the computer readable storage medium includes a conditional track query method program based on privacy calculation, where the conditional track query method program based on privacy calculation implements the steps of the conditional track query method based on privacy calculation as described in any one of the foregoing embodiments when the conditional track query method program based on privacy calculation is executed by a processor.

It can be seen from the above that, in the condition-based trace query method, system and medium provided in the embodiments of the present application, the attribute feature information of the user side and the data query demand feature information are processed through the preset data interaction service model by the data interaction service side to obtain the data query service feature data and the ciphertext decryption key, the query demand data is partitioned by the preset data hierarchy partitioning model library to obtain the corresponding data hierarchy partitioning model, the data block encryption hierarchy coefficient corresponding data block key is obtained by extracting the data block query feature data, the list comparison is performed according to the data block query feature data to obtain the corresponding data providing side, and the preset data query service allocation table is input by combining the corresponding query data blocks and the related information map, each inquiry data block is combined with a data block key to encrypt and obtain a data inquiry encryption instruction and is sent to a corresponding data providing end, the data providing end decrypts the data inquiry encryption instruction, obtains encryption target set data and a data positioning identifier by contrast inquiry and is sent, the data interaction service end inquires and obtains a corresponding data block key according to the inquiry data block of the data providing end through a data inquiry service distribution table to decrypt the encryption target set data to obtain decryption target set data, and carries out algorithm comparison with data block inquiry characteristic data of the inquiry data block to obtain a hierarchical range comparison result, if the result meets the preset requirement, the data interaction service end combines the decryption target set data positioning identifier meeting the requirement with the corresponding data block key encryption set to obtain target data positioning ciphertext data and is sent to a data inquiry user end, the data inquiry user terminal decrypts the target data positioning ciphertext data according to the corresponding ciphertext decryption key to obtain a plurality of data positioning identifiers and performs data hiding inquiry on each data providing terminal; the interactive service end performs data block division and key setting according to the information of the query end and the required data, and compares the data block division and key setting with the providing end setting allocation table, obtains target data and identifiers by generating a query instruction to the providing end and returns the target data, decrypts the target data and performs range comparison, and then encrypts and sends the data identifiers to the query end for decryption and performs data trace query on the providing end according to the identifiers after the comparison, so that the condition on-demand trace query of the query end and the providing end is obtained based on the third-party data block and encryption transmission interactive query comparison, and the safety and the trace query of the condition trace query are ensured.

Additional features and advantages of the application will be set forth in the description which follows, and in part will be apparent from the description, or may be learned by practice of the embodiments of the application. The objects and other advantages of the present application may be realized and attained by the structure particularly pointed out in the written description and drawings.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and should not be considered as limiting the scope, and other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a flowchart of a conditional trace query method based on privacy computation according to an embodiment of the present application;

fig. 2 is a flowchart of obtaining data query service feature data, a ciphertext decryption key and a data query characteristic response factor according to the conditional trace query method based on privacy calculation provided in the embodiment of the present application;

FIG. 3 is a flowchart of obtaining a data block key according to a conditional trace query method based on privacy calculations according to an embodiment of the present application;

FIG. 4 is a flowchart of updating a preset data query service allocation table according to an input of the conditional trace query method based on privacy calculation according to an embodiment of the present application;

fig. 5 is a flowchart of obtaining and sending encrypted target set data and a data location identifier according to the conditional track query method based on privacy calculation according to the embodiment of the present application.

Detailed Description

The following description of the embodiments of the present application will be made clearly and completely with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. The components of the embodiments of the present application, which are generally described and illustrated in the figures herein, may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present application, as provided in the accompanying drawings, is not intended to limit the scope of the application, as claimed, but is merely representative of selected embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, are intended to be within the scope of the present application.

It should be noted that like reference numerals and letters refer to like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only to distinguish the description, and are not to be construed as indicating or implying relative importance.

Referring to fig. 1, fig. 1 is a flowchart of a conditional track query method based on privacy calculations in some embodiments of the present application. The condition hiding track inquiring method based on privacy calculation is used in terminal equipment, such as a computer, a mobile phone terminal and the like. The conditional trace query method based on privacy calculation comprises the following steps:

s11, the data interaction service end obtains user end attribute characteristic information of the data query user end and data query demand characteristic information of query demand data, the user end attribute characteristic information and the data query demand characteristic information are subjected to identification processing through a preset data interaction service model to obtain data query service characteristic data, and a ciphertext decryption key and a data query characteristic response factor are obtained through processing;

s12, the data interaction server performs comparison query through a preset data level block model library according to the data query service characteristic data to obtain a corresponding data level block model, blocks the query demand data to obtain a plurality of query data blocks, extracts data block query characteristic data of each query data block, processes the data block query characteristic data to obtain a data block encryption level coefficient, and queries according to the data block encryption level coefficient to obtain a corresponding data block key;

S13, the data interaction service end performs comparison through a preset data providing comparison list according to the data block query characteristic data of each query data block and the data block encryption level coefficient, obtains corresponding data providing ends, and maps and inputs each data providing end and each query data block and data block related information into a preset data query service distribution table;

s14, the data interaction server encrypts the query data blocks by combining the corresponding data block keys to obtain data query encryption instructions, and sends the data query encryption instructions to the corresponding data providing end, wherein the data providing end decrypts the data query encryption instructions, performs comparison query collection according to instruction list data to obtain encryption target collection data, obtains corresponding data positioning identifiers and sends the data positioning identifiers to the data interaction server together;

s15, the data interaction service end receives the encrypted target set data, queries and acquires a corresponding data block key through the data query service distribution table according to a corresponding query data block of the corresponding data providing end to decrypt the encrypted target set data to acquire decrypted target set data, and performs algorithm comparison with data block query feature data of the query data block to acquire a hierarchical range comparison result;

S16, if the hierarchical range comparison result meets the preset requirement, the data interaction server encrypts the data positioning identifier corresponding to the decrypted target set data meeting the requirement by combining with the corresponding data block key, and gathers all encrypted identifiers meeting the comparison requirement to obtain target data positioning ciphertext data and sends the target data positioning ciphertext data to the data query user;

s17, the data query user terminal decrypts the target data positioning ciphertext data according to the corresponding ciphertext decryption key to obtain a plurality of data positioning identifiers, and performs data trace query on each data providing terminal according to each data positioning identifier.

Wherein, in order to realize the information inquiry and data interaction process of the inquiring party and the provider, the hierarchical setting and key protection are carried out according to the condition limit, the hidden inquiry interaction technology of the data block encryption and interaction transmission is realized, the data interaction service end is set, the attribute characteristic information of the user end of the data inquiry and the data inquiry demand characteristic information of the inquiry demand data are obtained, the identification processing is carried out through the preset data interaction service model, the data inquiry service characteristic data are obtained, the ciphertext decryption key and the data inquiry characteristic response factor are obtained, namely, the personalized information of the inquiring end and the data inquiry demand condition are processed through the third party service end, the characteristic data reflecting the inquiry end condition and the inquiry data condition are obtained, the corresponding data hierarchical block model is obtained through the comparison inquiry of the preset data hierarchical block model base according to the characteristic data, namely, the data block model meeting the inquiry demand is obtained through the identification of the characteristic data, a plurality of inquiry data blocks are obtained through the block division of the inquiry demand data, the function of hidden inquiry is played through the data inquiry demand characteristic information of the dividing data block dispersion inquiry party, the data block inquiry characteristic data is extracted, the data block encryption key is obtained, the data block encryption coefficient is obtained through the comparison of the data block encryption coefficient corresponding to the data of the data block encryption request according to the preset data hierarchy, the data is obtained, the data encryption key coefficient is matched with the data hierarchy key block encryption is obtained by the data encryption coefficient is matched with the data hierarchy key block encryption, mapping each data providing end with corresponding query data blocks and related information of the data blocks, inputting the data blocks into a preset data query service allocation table for carrying out relevant information backup and update, wherein the allocation table is not open to both the query party and the provider, the query party and the provider cannot acquire information and intention of the other party, the query data blocks of the query party are subjected to hidden protection, the server encrypts the query data blocks with corresponding data block keys to obtain data query encryption instructions, the transmission of the encryption instructions can also protect query interaction information from being leaked, the instructions are sent to the corresponding data providing end for decryption, the providing end carries out comparison query on the decrypted instructions according to the data of a preset instruction list to obtain required encrypted target data, and the providing end cannot acquire the actual meaning of the encrypted target data because the instruction list is established by the server and transmitted to the providing end, the providing end sends the set of the encrypted target data obtained by the comparison list and the data positioning identifier to the service end together to complete the hidden inquiry of the data block, the service end obtains the corresponding data block key by the data inquiry service distribution table according to the comparison information of the data block, decrypts the encrypted target set data to obtain decrypted target set data, then compares the decrypted target data with the inquired data block by a preset comparison algorithm to obtain a hierarchical range comparison result, namely compares the inquired target data with the data block to check the data range thereof so that the obtained target data does not exceed the requirement range of the inquirer, protects the information data of the provider from being scattered and leaked to the inquirer, and if the comparison result meets the preset requirement, indicates that the target data does not exceed the range, the server encrypts the data positioning identifiers corresponding to the decrypted target set data in combination with the corresponding data block keys, gathers all encrypted identifiers meeting comparison requirements to obtain target data positioning ciphertext data and sends the target data positioning ciphertext data to the data query end, namely, the target data and the identifiers which are compliant are encrypted to generate ciphertext and are transmitted to the query end to play a role of data protection, the data query user end decrypts the target data positioning ciphertext data according to the corresponding ciphertext decryption keys provided by the server end to obtain a plurality of data positioning identifiers, the query end only acquires positioning identifiers of query data and cannot acquire other information and overscope information, protection of provider information is achieved, and then data hiding query is conducted on each data providing end according to each data positioning identifier, so that information protection of both query providing parties and data blocking secret setting and interactive transmission of the data are achieved.

Referring to fig. 2, fig. 2 is a flowchart of obtaining data query service feature data, a ciphertext decryption key, and a data query feature response factor according to a conditional track query method based on privacy calculations in some embodiments of the present application. According to the embodiment of the invention, the data interaction service side obtains the attribute characteristic information of the user side of the data query user side and the data query demand characteristic information of the query demand data, and the data query service characteristic data is obtained by carrying out identification processing on the attribute characteristic information of the user side and the data query demand characteristic information through a preset data interaction service model, and a ciphertext decryption key and a data query characteristic response factor are obtained by processing, specifically:

s21, the data interaction server acquires attribute characteristic information of a user side of the data query user side and data query demand characteristic information of query demand data;

s22, the attribute characteristic information of the user side comprises user privacy level information, user side authority information and user side authorized domain information, and the data query demand characteristic information comprises query data condition information, query data privacy level information and query data volume information;

s23, identifying and processing the attribute characteristic information of the user side and the data query demand characteristic information through a preset data interaction service model to obtain data query service characteristic data, wherein the data query service characteristic data comprises demand data content data, data demand privacy grade data, data query range data and demand data preset level data;

S24, obtaining a corresponding ciphertext decryption key according to the data demand privacy level data;

s25, processing the data query service characteristic data to obtain a data query characteristic response factor.

Wherein, in order to obtain the block encryption transmission adapted to the data query interaction, the evaluation is needed according to the private level condition of the query party and the condition of the data to be queried, so as to clearly query the evaluation result of the data, the adaptive encryption and interaction setting is made, in order to obtain the encryption medium adapted to the query party and the query data characteristics, the user side attribute characteristic information of the data query user side and the data query demand characteristic information of the query demand data are obtained through the data interaction service side of the third party, wherein, the user side attribute characteristic information comprises the private level condition information of the user, such as the professional, the identity, the confidentiality demand and the like, the authority preset information of the user side, the query access authorized domain range and the authorized level information of the user side, the data query demand characteristic information comprises the preset condition information of the query data, the privacy and the level information of the query data and the quantity information of the query data, then the information is identified and processed according to a preset data interaction service model to obtain data query service characteristic data, namely, the user information of a query end and the information of query data are identified through the model to obtain the characteristic data reflecting the service requirement of the query data, wherein the characteristic data comprises the content of the requirement data, the data requirement privacy level, the data query range and the data of a preset level of the requirement data, and meanwhile, a corresponding ciphertext decryption key is obtained according to the data requirement privacy level data, the ciphertext key is a level preset key, and the data query characteristic response factor is obtained through calculation according to the data query service characteristic data through a calculation formula, namely, the processing of the individual information of the query end and the data query requirement condition through a third party service end is realized to obtain a measurement result factor reflecting the query requirement condition, the calculation formula of the data query characteristic response factor is as follows:

；

Wherein,response factor for data query characteristics, +.>、/>、/>、/>The data of the required data content, the data required privacy level, the data query range and the required data are respectively preset into the hierarchy data,>for presetting user terminal authority level security coefficient, +.>、/>、/>、/>The characteristic coefficient is preset (the confidentiality coefficient and the characteristic coefficient are obtained through inquiring a database of a preset data interaction service platform).

Referring to fig. 3, fig. 3 is a flowchart of obtaining a data block key according to a conditional track query method based on privacy calculations in some embodiments of the present application. According to the embodiment of the invention, the data interaction server obtains a corresponding data level block model by comparing and inquiring the data query service characteristic data through a preset data level block model library, blocks the query demand data to obtain a plurality of query data blocks, extracts the data block query characteristic data of each query data block, processes the data block query characteristic data to obtain a data block encryption level coefficient, and obtains a corresponding data block key according to the data block encryption level coefficient query:

s31, the data interaction server side obtains a corresponding data level block model through comparison query through a preset data level block model library according to the data query service characteristic data;

S32, partitioning the query demand data according to the data level partitioning model to obtain a plurality of query data blocks;

s33, the data interaction server extracts data block query characteristic data corresponding to each query data block, wherein the data block query characteristic data comprises data block query level data, data block query condition range data and data block criticality identification data;

s34, processing according to the data block query level data, the data block query condition range data and the data block criticality identification data in combination with the data query characteristic response factor to obtain a data block encryption level coefficient;

s35, inquiring through a preset data hierarchy key database according to the data block encryption hierarchy coefficient to obtain a data block key corresponding to the inquired data block;

s36, the data block key includes a data block encryption key, a data block decryption key, and a data block level public key.

In order to realize information hiding protection of a query party and interaction safety of query data, the query data is subjected to block setting according to the level as required, and an adaptive data block key is set, an adaptive data level block model is obtained through comparing and querying data query service characteristic data through a preset data level block model library, namely, a data block model with similarity to the characteristic data meeting preset comparison query requirements is obtained through identifying the characteristic data, then query demand data is blocked according to the model to obtain a plurality of query data blocks, privacy information of the query party is scattered through dividing the data blocks to realize hiding query, then the data block query characteristic data of each query data block is combined with response factors to calculate to obtain a data block encryption level coefficient, namely, an evaluation coefficient of an encryption demand level of the query data block is obtained, a corresponding data block key is obtained through key data block query according to the data block encryption level coefficient, namely, the adaptive encryption key is obtained according to the data condition of each divided query data block, and the data block encryption level key is set according to the demand, wherein the data block encryption level is calculated as follows:

；

Wherein,encryption of hierarchical coefficients for a data block, ">、/>、/>Respectively inquiring hierarchy data of the data block, inquiring condition range data of the data block and key identification data of the data block, < +.>Response factor for data query characteristics, +.>、、/>The characteristic coefficient is preset (the characteristic coefficient is obtained through inquiring a database of a preset data interaction service platform).

Referring to fig. 4, fig. 4 is a flowchart of updating a preset data query service allocation table according to an input of a conditional track query method based on privacy calculations in some embodiments of the present application. According to the embodiment of the invention, the data interaction service end performs comparison through a preset data providing comparison list according to the data block query characteristic data of each query data block and the data block encryption level coefficient, obtains a corresponding data providing end, and maps and inputs each data providing end and each query data block and data block related information into a preset data query service distribution list, wherein the data query service distribution list comprises the following specific steps:

s41, the data interaction server performs comparison query through a preset data providing comparison list according to the data block query level data and the data block query condition range data of each query data block and the data block encryption level coefficient, and obtains a corresponding data providing end matched with each query data block;

S42, carrying out information association mapping according to the data providing ends and the corresponding query data blocks by combining the corresponding data block query characteristic data and the data block keys, and inputting the information after mapping association into a preset data query service allocation table.

In order to map the characteristics and the secret key of the query data block of the related query party and the related information of the corresponding provider conveniently, and enable the information not to be known by the query party and the provider, so as to carry out mutual hiding protection on the query intention and the provider of the query party, an independent data query service allocation table is required to be established by a third party service end, list comparison query is carried out through a preset data providing comparison list according to the query characteristic data of the data block and the encryption hierarchy coefficient of the data block, a data providing end matched with the query data block is obtained, the data providing ends are mapped by combining the corresponding query data block and the related information of the data block, the related information is input into the preset data query service allocation table for carrying out relevant information backup and update, the allocation table is not open to the query party and the provider, and the two parties cannot acquire the information and intention of the other party, and the service end is only used for carrying out information setting and control on the data query and interaction process.

Referring to fig. 5, fig. 5 is a flowchart of a method for obtaining and transmitting encrypted target set data and a data location identifier according to a conditional track query method based on privacy calculations in some embodiments of the present application. According to the embodiment of the invention, the data interaction server encrypts the query data blocks by combining the corresponding data block keys to obtain the data query encryption command, and sends the data query encryption command to the corresponding data providing end, and the data providing end decrypts the data query encryption command, obtains the encryption target set data by comparing the query set according to the command list data, obtains the corresponding data positioning identifier and sends the data positioning identifier to the data interaction server together, specifically:

s51, the data interaction server encrypts each inquiry data block in combination with the corresponding data block encryption key to obtain a data inquiry encryption instruction;

s52, sending each data inquiry encryption instruction to the corresponding data providing end;

s53, each data providing end decrypts the received data inquiry encryption instruction, and performs comparison inquiry according to instruction list data of a database of a preset data providing end to obtain a plurality of encryption target data conforming to the data inquiry encryption instruction;

S54, a plurality of encryption target data sets are used as encryption target set data, and corresponding data positioning identifiers are obtained;

and S55, the encrypted target set data and the data positioning identifier are sent to the data interaction server.

The method for obtaining the decryption instruction by decrypting the encryption instruction is not specifically designed, the instruction key can be preset by the server according to the instruction encryption and decryption requirements and is transmitted to the data providing end, the data providing end carries out comparison query on the decrypted instruction according to an instruction list of a preset database to obtain adaptive encrypted target data, the instruction list is a preset list which is generated by a third party server according to corresponding setting of a plurality of query instructions and the target data, the server sets the list and transmits the list to each data providing end for temporary storage, so that the data providing end carries out comparison query according to the received decryption instruction to obtain encrypted target data conforming to the instruction, and the positioning identifiers of the collected encrypted target data are commonly transmitted back to the server.

According to the embodiment of the invention, the data interaction server receives the encrypted target set data, queries and obtains a corresponding data block key through the data query service distribution table according to a corresponding query data block of the corresponding data providing end to decrypt the encrypted target set data to obtain decrypted target set data, and performs algorithm comparison with data block query feature data of the query data block to obtain a hierarchical range comparison result, wherein the method specifically comprises the steps of:

The server receives the encrypted target set data sent by each providing end, obtains a corresponding data block key through a data query service distribution table according to the comparison information of the data blocks, decrypts the encrypted target set data, obtains decrypted target set data, namely obtains queried demand data after decryption, protects the data privacy of the provider by a query party without over-range data for checking the difference degree between queried data and the data block to be queried, compares the decrypted target data with the queried data block through a preset comparison algorithm to obtain a hierarchy range comparison result, and verifies the data range of the comparison result, wherein the comparison algorithm of the hierarchy range and the condition range of the data is set as required according to the actual scene requirements such as the field, the mode, the type attribute and the like of data query, and the scheme is not particularly limited.

According to the embodiment of the present invention, if the hierarchical scope comparison result meets a preset requirement, the data interaction server encrypts a data positioning identifier corresponding to the decrypted target set data and a corresponding data block key, and gathers all encrypted identifiers meeting the comparison requirement to obtain target data positioning ciphertext data and sends the target data positioning ciphertext data to the data query client, specifically:

If the level range comparison result meets the preset requirement, the target set data is indicated to be not out of range, the server encrypts the data positioning identifier corresponding to the decrypted target set data by combining the corresponding data block level public key in the allocation table, and gathers all encrypted identifiers meeting the comparison requirement to obtain target data positioning ciphertext data, and sends the target data positioning ciphertext data to the data query end, namely, the target data and the identifiers of the compliance are encrypted to generate ciphertext and are transmitted to the query end, so that the encryption leakage prevention function in data transmission is achieved, the target data source is protected from being known by the query end, the query end can only obtain the positioning identifier of the data meeting the query requirement, and then the data query user end decrypts the target data positioning ciphertext data according to the corresponding ciphertext decryption key provided by the server end to obtain a plurality of data positioning identifiers, and further queries the data according to the identifiers.

The invention also discloses a condition trace inquiry system based on privacy calculation, which comprises a memory and a processor, wherein the memory comprises a condition trace inquiry method program based on privacy calculation, and the following steps are realized when the condition trace inquiry method program based on privacy calculation is executed by the processor to correct data of sign dissimilarity:

According to the embodiment of the invention, the data interaction service side obtains the attribute characteristic information of the user side of the data query user side and the data query demand characteristic information of the query demand data, and the data query service characteristic data is obtained by carrying out identification processing on the attribute characteristic information of the user side and the data query demand characteristic information through a preset data interaction service model, and a ciphertext decryption key and a data query characteristic response factor are obtained by processing, specifically:

；

According to the embodiment of the invention, the data interaction server obtains a corresponding data level block model by comparing and inquiring the data query service characteristic data through a preset data level block model library, blocks the query demand data to obtain a plurality of query data blocks, extracts the data block query characteristic data of each query data block, processes the data block query characteristic data to obtain a data block encryption level coefficient, and obtains a corresponding data block key according to the data block encryption level coefficient query:

；

Wherein,encryption of hierarchical coefficients for a data block, ">、/>、/>Respectively inquiring hierarchy data of the data block, inquiring condition range data of the data block and key identification data of the data block, < +.>Response factor for data query characteristics, +.>、/>、/>The characteristic coefficient is preset (the characteristic coefficient is obtained through inquiring a database of a preset data interaction service platform).

According to the embodiment of the invention, the data interaction service end performs comparison through a preset data providing comparison list according to the data block query characteristic data of each query data block and the data block encryption level coefficient, obtains a corresponding data providing end, and maps and inputs each data providing end and each query data block and data block related information into a preset data query service distribution list, wherein the data query service distribution list comprises the following specific steps:

According to the embodiment of the invention, the data interaction server encrypts the query data blocks by combining the corresponding data block keys to obtain the data query encryption command, and sends the data query encryption command to the corresponding data providing end, and the data providing end decrypts the data query encryption command, obtains the encryption target set data by comparing the query set according to the command list data, obtains the corresponding data positioning identifier and sends the data positioning identifier to the data interaction server together, specifically:

A third aspect of the present invention provides a readable storage medium, including a conditional track query method program based on privacy calculations, which when executed by a processor, implements the steps of the conditional track query method based on privacy calculations as described in any one of the above.

The invention discloses a condition hidden inquiring method, system and medium based on privacy computation, which processes attribute characteristic information of a user terminal and data inquiring demand characteristic information through a data interaction service terminal through a preset data interaction service model to obtain data inquiring service characteristic data and ciphertext decryption keys, then obtains a corresponding data hierarchy block model through comparison of a preset data hierarchy block model library to block inquiring demand data, extracts data block inquiring characteristic data to obtain a data block encryption hierarchy coefficient corresponding data block key, then obtains a corresponding data providing terminal through list comparison according to the data block inquiring characteristic data, and combines all corresponding inquiring data blocks and related information to map and input a preset data inquiring service distribution table, each inquiry data block is combined with a data block key to encrypt and obtain a data inquiry encryption instruction and is sent to a corresponding data providing end, the data providing end decrypts the data inquiry encryption instruction, obtains encryption target set data and a data positioning identifier by contrast inquiry and is sent, the data interaction service end inquires and obtains a corresponding data block key according to the inquiry data block of the data providing end through a data inquiry service distribution table to decrypt the encryption target set data to obtain decryption target set data, and carries out algorithm comparison with data block inquiry characteristic data of the inquiry data block to obtain a hierarchical range comparison result, if the result meets the preset requirement, the data interaction service end combines the decryption target set data positioning identifier meeting the requirement with the corresponding data block key encryption set to obtain target data positioning ciphertext data and is sent to a data inquiry user end, the data inquiry user terminal decrypts the target data positioning ciphertext data according to the corresponding ciphertext decryption key to obtain a plurality of data positioning identifiers and performs data hiding inquiry on each data providing terminal; the interactive service end performs data block division and key setting according to the information of the query end and the required data, and compares the data block division and key setting with the providing end setting allocation table, obtains target data and identifiers by generating a query instruction to the providing end and returns the target data, decrypts the target data and performs range comparison, and then encrypts and sends the data identifiers to the query end for decryption and performs data trace query on the providing end according to the identifiers after the comparison, so that the condition on-demand trace query of the query end and the providing end is obtained based on the third-party data block and encryption transmission interactive query comparison, and the safety and the trace query of the condition trace query are ensured.

In the several embodiments provided in this application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above described device embodiments are only illustrative, e.g. the division of the units is only one logical function division, and there may be other divisions in practice, such as: multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. In addition, the various components shown or discussed may be coupled or directly coupled or communicatively coupled to each other via some interface, whether indirectly coupled or communicatively coupled to devices or units, whether electrically, mechanically, or otherwise.

The units described above as separate components may or may not be physically separate, and components shown as units may or may not be physical units; can be located in one place or distributed to a plurality of network units; some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each functional unit in each embodiment of the present invention may be integrated in one processing unit, or each unit may be separately used as one unit, or two or more units may be integrated in one unit; the integrated units may be implemented in hardware or in hardware plus software functional units.

Those of ordinary skill in the art will appreciate that: all or part of the steps for implementing the above method embodiments may be implemented by hardware related to program instructions, and the foregoing program may be stored in a readable storage medium, where the program, when executed, performs steps including the above method embodiments; and the aforementioned storage medium includes: a mobile storage device, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk or an optical disk, or the like, which can store program codes.

Alternatively, the above-described integrated units of the present invention may be stored in a readable storage medium if implemented in the form of software functional modules and sold or used as separate products. Based on such understanding, the technical solution of the embodiments of the present invention may be embodied in essence or a part contributing to the prior art in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the methods described in the embodiments of the present invention. And the aforementioned storage medium includes: a removable storage device, ROM, RAM, magnetic or optical disk, or other medium capable of storing program code.

Claims

1. The conditional trace query method based on privacy calculation is characterized by comprising the following steps of:

2. The method for conditional trace query based on privacy computation according to claim 1, wherein the data interaction server obtains user attribute feature information of a data query user and data query demand feature information of query demand data, performs identification processing on the user attribute feature information and the data query demand feature information through a preset data interaction service model to obtain data query service feature data, and processes to obtain a ciphertext decryption key and a data query characteristic response factor, and the method comprises the steps of:

3. The privacy-based computing conditional trace query method as claimed in claim 2, wherein the data interaction server obtains a corresponding data hierarchy block model by comparing query through a preset data hierarchy block model library according to the data query service feature data, and blocks the query demand data to obtain a plurality of query data blocks, extracts data block query feature data of each query data block, and processes the data block query feature data to obtain a data block encryption hierarchy factor, and obtains a corresponding data block key according to the data block encryption hierarchy factor query, and the method comprises the steps of:

4. The privacy-based computing conditional trace query method as set forth in claim 3, wherein the data interaction server performs a comparison by a preset data providing comparison list according to the data block query feature data of each query data block and the data block encryption hierarchy coefficient, obtains corresponding data providing terminals, and maps each data providing terminal to a preset data query service allocation table in combination with corresponding query data blocks and data block related information, the method comprising:

5. The method for conditional trace query based on privacy computing according to claim 4, wherein the data interaction server encrypts the query data blocks in combination with the corresponding data block keys to obtain data query encryption instructions, and sends the data query encryption instructions to the corresponding data providing terminals, and the data providing terminals decrypt the data query encryption instructions and perform query set comparison according to the instruction list data to obtain encrypted target set data, and obtain corresponding data positioning identifiers and send the encrypted target set data to the data interaction server together, and the method comprises the steps of:

6. The method for conditional trace query based on privacy computing according to claim 5, wherein the data interaction server receives the encrypted target set data, queries and obtains a corresponding data block key according to a corresponding query data block of a corresponding data providing end through the data query service allocation table to decrypt the encrypted target set data to obtain decrypted target set data, and performs algorithm comparison with data block query feature data of the query data block to obtain a hierarchical range comparison result, and the method comprises the following steps:

7. The method for conditional trace query based on privacy computation according to claim 6, wherein if the hierarchical scope comparison result meets a preset requirement, the data interaction server encrypts the data location identifier corresponding to the decrypted target set data and the corresponding data block key, and aggregates all encrypted identifiers meeting the comparison requirement to obtain target data location ciphertext data and sends the target data location ciphertext data to the data query client, wherein the method comprises the steps of:

8. A conditional track query system based on privacy calculations, the system comprising: the system comprises a memory and a processor, wherein the memory comprises a program of a conditional trace query method based on privacy calculation, and the program of the conditional trace query method based on privacy calculation realizes the following steps when being executed by the processor:

9. The privacy-based computing conditional trace query system of claim 8, wherein the data interaction server obtains user attribute feature information of a data query user and data query demand feature information of query demand data, performs recognition processing on the user attribute feature information and the data query demand feature information through a preset data interaction service model to obtain data query service feature data, and processes to obtain a ciphertext decryption key and a data query characteristic response factor, and the method comprises the following steps:

10. A computer readable storage medium, characterized in that the computer readable storage medium comprises a conditional track inquiry method program based on privacy calculation, which when executed by a processor, implements the steps of the conditional track inquiry method based on privacy calculation according to any one of claims 1 to 7.