CN117349856A - Data circulation method and device, storage medium and electronic equipment - Google Patents

Data circulation method and device, storage medium and electronic equipment Download PDF

Info

Publication number
CN117349856A
CN117349856A CN202311227145.0A CN202311227145A CN117349856A CN 117349856 A CN117349856 A CN 117349856A CN 202311227145 A CN202311227145 A CN 202311227145A CN 117349856 A CN117349856 A CN 117349856A
Authority
CN
China
Prior art keywords
data
function
execution environment
function script
original data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311227145.0A
Other languages
Chinese (zh)
Inventor
潘无穷
李婷婷
韦韬
吴文钦
霍传冰
白晓媛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN202311227145.0A priority Critical patent/CN117349856A/en
Publication of CN117349856A publication Critical patent/CN117349856A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The specification discloses a data circulation method, a data circulation device, a storage medium and electronic equipment. In the data circulation method provided by the specification, original data sent by a provider is received, and the original data is encrypted in a trusted execution environment to obtain encrypted data; when a function script sent by a requester is received, determining encryption data corresponding to original data required by each function script as operation data of the function script; transmitting the function script and the operation data to a general execution environment, and executing the function script in the general execution environment according to the operation data to obtain an encryption result; transmitting the encryption result to the trusted execution environment, and decrypting the encryption result in the trusted execution environment to obtain an operation result; and returning the operation result to the requester.

Description

Data circulation method and device, storage medium and electronic equipment
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a data circulation method, a data circulation device, a storage medium, and an electronic device.
Background
Data circulation refers to data-oriented behavior between a data provider and a data requester according to certain circulation rules. In the data circulation technology, the biggest difficulty lies in how to circulate the value of data, and meanwhile, the privacy data of one party is ensured not to be stolen by other parties. Today, existing solutions are addressed with trusted execution environments (Trusted execution environment, TEE). TEE provides a secure isolation environment that prevents malicious administrators or physical owners from snooping. The data provider may send the data to the TEE with confidence and complete the calculation in the TEE, returning the result to the data requester.
Currently, the perfection of software ecology inside a TEE and performance optimization remain challenging. In existing methods of data streaming using a TEE, computing software needs to be placed within the TEE. However, for large computing frameworks, it is very complex to place them within a TEE, which can result in a significant degradation in their computing performance. Meanwhile, to achieve the expected security, the interested party needs to verify the code logic inside the TEE. Then, each code update of the computing framework requires the related party to re-verify, which is difficult to implement in practice.
Therefore, how to reduce the complexity of the data circulation process while ensuring the security is a urgent problem to be solved.
Disclosure of Invention
The present disclosure provides a data circulation method, apparatus, storage medium and electronic device, so as to at least partially solve the foregoing problems in the prior art.
The technical scheme adopted in the specification is as follows:
the specification provides a data circulation method, which includes:
receiving original data sent by a provider, and encrypting the original data in a trusted execution environment to obtain encrypted data;
when a function script sent by a requester is received, determining encryption data corresponding to original data required by each function script as operation data of the function script;
transmitting the function script and the operation data to a general execution environment, and executing the function script in the general execution environment according to the operation data to obtain an encryption result;
transmitting the encryption result to the trusted execution environment, and decrypting the encryption result in the trusted execution environment to obtain an operation result;
and returning the operation result to the requester.
Optionally, encrypting the original data to obtain encrypted data, which specifically includes:
determining the function type of the original data participation aiming at each original data;
and encrypting the original data according to the function type to obtain the encrypted data of the original data.
Optionally, before receiving the function script sent by the requesting party, the method further includes:
carrying out identity verification on the requester;
when the result of the identity verification is passing, receiving the function script sent by the requester;
and when the authentication result is failure, returning the authentication result to the requester.
Optionally, before transferring the function script and the operation data to the general execution environment, the method further comprises:
determining the type of the function executed by the function script;
and when the function type is the appointed function type, decrypting the operation data of the function script in the trusted execution environment, and executing the function script by adopting the original data required by the function script to obtain an operation result.
Optionally, before transferring the function script and the operation data to the general execution environment, the method further comprises:
And encrypting the parameters contained in the function script by adopting the same encryption mode as that when the operation data are obtained.
Optionally, before returning the operation result to the requester, the method further includes:
judging whether the operation result meets the specification according to the function script;
returning the operation result to the requesting party, wherein the operation result comprises the following specific steps:
when the operation result meets the specification, returning the operation result to the requester;
and returning an error prompt when the operation result does not accord with the specification.
Optionally, the method further comprises:
and updating a key adopted when encrypting the original data every time the appointed duration passes, and re-encrypting the original data by adopting the updated key to obtain encrypted data.
The present specification provides a data flow device comprising:
the receiving module is used for receiving the original data sent by the provider and encrypting the original data in a trusted execution environment to obtain encrypted data;
the determining module is used for determining encryption data corresponding to original data required by each function script as operation data of the function script when the function script sent by the requesting party is received;
The transmission module is used for transmitting the function script and the operation data to a general execution environment, and executing the function script in the general execution environment according to the operation data to obtain an encryption result;
the decryption module is used for transmitting the encryption result to the trusted execution environment and decrypting the encryption result in the trusted execution environment to obtain an operation result;
and the return module is used for returning the operation result to the requester.
Optionally, the receiving module is specifically configured to determine, for each piece of original data, a function type in which the piece of original data participates; and encrypting the original data according to the function type to obtain the encrypted data of the original data.
Optionally, the device further comprises a verification module, specifically configured to perform identity verification on the requester; when the result of the identity verification is passing, receiving the function script sent by the requester; and when the authentication result is failure, returning the authentication result to the requester.
Optionally, the device further comprises an execution module, specifically configured to determine a type of a function executed by the function script; and when the function type is the appointed function type, decrypting the operation data of the function script in the trusted execution environment, and executing the function script by adopting the original data required by the function script to obtain an operation result.
Optionally, the device further includes an encryption module, specifically configured to encrypt parameters included in the function script in the same encryption manner as when the operation data is obtained.
Optionally, the device further comprises a judging module, specifically configured to judge whether the operation result meets a specification according to the function script;
the return module is specifically configured to return the operation result to the requester when the operation result meets a specification; and returning an error prompt when the operation result does not accord with the specification.
Optionally, the device further includes an updating module, specifically configured to update a key used when encrypting the original data every time a specified duration passes, and re-encrypt the original data with the updated key to obtain encrypted data.
The present specification provides a computer readable storage medium storing a computer program which when executed by a processor implements the above data flow method.
The present specification provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the data flow method described above when executing the program.
The above-mentioned at least one technical scheme that this specification adopted can reach following beneficial effect:
in the data circulation method provided by the specification, original data sent by a provider is received, and the original data is encrypted in a trusted execution environment to obtain encrypted data; when a function script sent by a requester is received, determining encryption data corresponding to original data required by each function script as operation data of the function script; transmitting the function script and the operation data to a general execution environment, and executing the function script in the general execution environment according to the operation data to obtain an encryption result; transmitting the encryption result to the trusted execution environment, and decrypting the encryption result in the trusted execution environment to obtain an operation result; and returning the operation result to the requester.
When the data circulation method provided by the specification is adopted, the original data of the provider and the function script of the requester can be stored in a trusted execution environment; encrypting the original data to obtain encrypted data, and determining the encrypted data required by the function script as operation data; transmitting the function script and the encrypted data to a general execution environment for execution to obtain an encryption result; and finally, returning the encryption result to the trusted execution environment, and returning the operation result obtained by decryption to the requester. The method can decouple the calculated ecology and the safe ecology, strip the calculated process from the trusted execution environment, ensure the data security, exert all the calculation performance to the greatest extent, promote the efficiency of data circulation, and keep the feasibility of the respective sustainable development of the calculated ecology and the safe ecology.
Drawings
The accompanying drawings, which are included to provide a further understanding of the specification, illustrate and explain the exemplary embodiments of the present specification and their description, are not intended to limit the specification unduly. Attached at
In the figure:
fig. 1 is a schematic flow chart of a data circulation method provided in the present specification;
FIG. 2 is a schematic diagram of a data flow device provided in the present specification;
fig. 3 is a schematic view of an electronic device corresponding to fig. 1 provided in the present specification.
Detailed Description
Currently, data flow techniques implemented with TEE require that computing software be placed within the TEE isolation environment, but in practice, there are many imperfections in this approach. For example, the environment inside the TEE limits the scope of performance exertion and deployability of computing software. And in the long term this approach may result in the coupling of computational ecology (e.g., spark etc. computing software) and secure ecology (TEE), the development being constrained and limited by each other.
In order to solve the above problems, the present specification proposes a method capable of decoupling a computational ecology from a safe ecology, and simultaneously capable of normally completing a data flow objective.
For the purposes of making the objects, technical solutions and advantages of the present specification more apparent, the technical solutions of the present specification will be clearly and completely described below with reference to specific embodiments of the present specification and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, of the embodiments of the present specification. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are intended to be within the scope of the present disclosure.
The following describes in detail the technical solutions provided by the embodiments of the present specification with reference to the accompanying drawings.
Fig. 1 is a flow chart of a data circulation method provided in the present specification, which includes the following steps:
s100: and receiving the original data sent by the provider, and encrypting the original data in a trusted execution environment to obtain encrypted data.
In the present specification, an execution body for implementing a data circulation method may refer to a designated device such as a server provided on a service platform, and for convenience of description, only the server is taken as an execution body in the present specification to describe a data circulation method provided in the present specification.
The method provided in the present specification is mainly used for achieving the goal of data circulation. At least two parties are needed to participate in the data circulation process, one party is a data provider, the other party is a data requester, and the requester utilizes the data of the provider to realize required functions, such as searching, inquiring, various operations and the like. Based on this, the raw data sent by the provider may be received first in this step.
In the execution subject of the method, a trusted execution environment exists simultaneously with a generic execution environment. The trusted execution environment is used for guaranteeing the safety of the original data, and cannot be invaded by the outside; the general execution environment is used for executing various functional scripts, and is a common and common execution environment. Data exchange can be performed between the trusted execution environment and the general execution environment. After receiving the original data, the original data can be firstly flowed into a trusted execution environment, and the original data is encrypted in the trusted execution environment to obtain encrypted data.
It should be noted that, in general, only memory for performing various operations exists in the trusted execution environment, and there is no actual storage space, so when no operation is performed on data, the data remains in the execution body, but is stored outside the trusted execution environment. With the method, since the original data sent by the provider needs to be protected, the original data is encrypted in the trusted execution environment at the first time when the original data is received, and the obtained encrypted data is stored outside the trusted execution environment to wait for subsequent calls.
The trusted execution environment is a software and hardware combination technology for ensuring the safety of application programs and data, is a safe software environment, and can ensure that the running programs and data are not subjected to malicious operation or tampering so as to ensure the safe running of mobile applications and services. The method can also effectively prevent invasion and counterfeiting, can realize private and protected application program execution, and can protect the security of the storage of sensitive information and the privacy of users.
Since the inside of the trusted execution environment is not hacked by the outside, the provider participating in the data circulation can input the original data into the trusted execution environment with confidence in the case where the inside of the trusted execution environment itself is determined to be secure in advance. As indicated in the present specification, there is a major disadvantage in executing operations in a trusted execution environment, so in the data circulation method provided in the present specification, a part of operations is stripped from the trusted execution environment and is executed in a general execution environment, so as to ensure maximum performance.
And if the function script is to be executed in the general execution environment, the function script and the required data thereof need to be transmitted to the general execution environment. However, since the general execution environment is at risk of being invaded, the original data cannot be directly and locally transmitted to the general execution environment, but the original data needs to be encrypted first, and the encrypted data is transmitted to the general execution environment in a subsequent step.
More preferably, in order to enable the original data to be better adapted to the function script after being encrypted, and to further prevent the encrypted data from being broken maliciously, different encryption modes can be adopted for encrypting different original data when the original data is encrypted. Specifically, for each piece of original data, determining the function type of the original data; and encrypting the original data according to the function type to obtain the encrypted data of the original data.
Among them, the function types may include, but are not limited to, single value queries, range queries, four-rule operations, connections, and the like. The encryption may be performed in different ways for the original data participating in different function types. For example, when one raw data is used for a single value query, it may be deterministically encrypted; when one piece of original data is used for range query, the original data can be encrypted in order; when one piece of original data is used for four arithmetic operations, homomorphic encryption can be carried out on the original data; when one piece of original data is used for connection, the same deterministic encryption can be performed on all the original data possibly connected with the original data; additionally, when one piece of raw data is not used to participate in any function, it may be generally symmetrically encrypted.
It should be noted that there may be more than one encrypted data for one original data. When one original data may participate in a plurality of different function types, it is necessary to correspondingly encrypt the original data according to all the function types in which the original data may participate, so as to obtain a plurality of different encrypted data for subsequent steps.
S102: when a function script transmitted by a requester is received, for each function script, encrypted data corresponding to original data required by the function script is determined as operation data of the function script.
In step S102, the original data is encrypted to obtain encrypted data, and the encrypted data is continuously stored in the execution body of the method, and waits for a call request from the requester. The requester sends a function script, which is a code frame for implementing various functions required by the requester, to the execution body, and after providing the function script with required original data, the function script can implement the corresponding functions. One or more of the provider and the requester may exist during the actual application, and this specification is not limited in particular.
When the function scripts transmitted by the requesting party are received, the encryption data required by each function script can be determined in the step and used as the operation data of each function script. Since in the method, it is desirable to place the execution process of the function script outside the trusted execution environment, that is, in the general execution environment, the function script cannot directly operate on the original data itself, but needs to operate on encrypted data. Based on the above, after determining the original data required by one function script, the corresponding encrypted data can be determined as the operation data of the function script.
It should be noted that when one piece of original data has a plurality of different encrypted data, after determining the function type implemented by the function script, the encrypted data corresponding to the same function type is found in each piece of encrypted data of the original data and used as the operation data of the function script.
Additionally, during data circulation, the provider and the requester typically belong to a strict cooperative relationship, and the provider does not want its own data to be used by a third party other than the requester who has the cooperative relationship. Therefore, strict control over the identity of the requesting party must be exercised. In particular, the requestor may be authenticated prior to storing the functional script in a trusted execution environment; when the result of the identity verification is passing, the function script sent by the requester can be received; and when the authentication result is failure, returning the authentication result to the requester.
There are various ways to authenticate the requester, for example, the identity of the requester may be stored in advance in the execution body, and the present specification is not limited in particular. By the method, the received function scripts can be guaranteed to be sent by the approved requesting party, and the original data of the hands-free provider is prevented from being utilized by a third party.
S104: and transmitting the function script and the operation data to a general execution environment, and executing the function script in the general execution environment according to the operation data to obtain an encryption result.
After determining the operation data required by each function script, the function script and the operation data can be transmitted to a general execution environment together in the step, and then the corresponding function script is executed according to the operation data in the general execution environment. In this step, since each operation data used is encrypted data, the result obtained after executing each function script is also encrypted.
Additionally, it has to be considered that in the practical application process, there are some operations that cannot be implemented after encryption, such as trigonometric functions. For this part of the operation, no matter what encryption method is adopted, the result obtained by directly performing the operation on the original data is necessarily different from the result obtained by encrypting the original data and performing the operation and then decrypting the original data, so that this part of the operation cannot be performed in a general execution environment, but needs to be completed in a trusted execution environment.
Specifically, before the function script and the operation data are transmitted to a general execution environment, determining a function type executed by the function script for each function script; and when the function type is the appointed function type, decrypting the operation data of the function script in the trusted execution environment, and executing the function script by adopting the original data required by the function script to obtain an operation result. Wherein the specified function type may include, but is not limited to, trigonometric functions, exponential functions, logarithmic functions, and the like. For the type of function that cannot be performed after encryption, the unencrypted original data may be employed directly in the trusted execution environment.
Furthermore, for the requester, a part of parameters related to the key data or privacy of the requester may be included in the function script, and the requester does not want the part of the data to be revealed. Therefore, the parameters contained in the function script can be protected by encryption. Specifically, for each functional script, the parameters included in the functional script may be encrypted in the same manner as when the operation data is obtained, before the functional script and the operation data are transferred to the general execution environment.
When the operation data of the function script, namely the encryption data corresponding to the original data required by the function script, are determined, the encryption mode when the operation data is obtained can be correspondingly known. Further, the parameters in the function script can be encrypted in the same manner as in the case of obtaining the operation data. Therefore, parameters in the function script can be guaranteed not to leak, and the follow-up function script can still be executed smoothly. For example, assuming that the content of one function script is "a user with a query height between 170 cm and 180 cm", the two parameters "170" and "180" in the function script may relate to the service information of the requesting party, so that the two parameters may be encrypted to change the content of the function script into "a user with a query height between X cm and Y cm", where X and Y are ciphertext corresponding to "170" and "180", respectively.
S106: transmitting the encryption result to the trusted execution environment, and decrypting the encryption result in the trusted execution environment to obtain an operation result.
In a general execution environment, after each function script is executed to obtain an encryption result, the encryption result can be transmitted back to a trusted execution environment in the step, and the decryption result is decrypted in the trusted execution environment to obtain a corresponding operation result. It is conceivable that, when decrypting the encryption result, it is necessary to decrypt with a key corresponding to the time when obtaining the corresponding encrypted data.
S108: and returning the operation result to the requester.
Finally, the decrypted operation result obtained in step S108 is returned to the requester, so that data circulation can be realized.
Additionally, before returning the result of the operation to the requestor, it is also considered that in a general execution environment, there is a risk that the data is modified. In the case of intrusion by a third party or malicious behavior by an administrator, data in a general execution environment may be replaced, for example, operation data of a function script may be replaced with other unknown data, or the like. This also results in the possibility that the encryption result obtained after execution of the function script in a general execution environment may be incorrect. In order to avoid the situation as much as possible, before the decrypted operation result is returned to the requester, further verification of the operation result is required to ensure that the operation result is reasonable. Specifically, whether the operation result meets the specification can be judged according to the function script, and corresponding subsequent processing is performed according to the judgment result. Namely, when the operation result meets the specification, returning the operation result to the requester; and returning an error prompt when the operation result does not accord with the specification.
When judging whether the operation result accords with the specification according to the function script, the judgment can be mainly carried out from two aspects. In one aspect, the corresponding key may be uniquely determined based on the type of function implemented by the function script. Under normal conditions, when a function script runs in a general execution environment, parameters and corresponding operation data of the function script are encrypted by adopting a unique key, and further the obtained encryption result can be decrypted by adopting a corresponding key. If the data is replaced halfway, the operation data or the encryption result is changed by a person, the original key cannot be decrypted correctly with a high probability. Therefore, it can be first confirmed whether or not the key used for decryption can match the key used for encryption.
On the other hand, whether the characteristics of the operation result, such as format, magnitude and the like, are matched with the function script can be judged. In some cases, the calculation result obtained by decryption may have a larger output difference from the function script, and is easy to judge. For example, a number of values are returned upon a single value query; a floating point type value is returned when the integer value is queried, etc. In the above case, it can be clearly judged that the operation result is incorrect.
In summary, whether the operation result meets the specification can be determined according to the key corresponding to the function type of the function script and whether the operation result is matched with the function script. In the case that the operation result does not meet the specification, the operation result can be considered to be wrong and possibly changed, and at the moment, the operation result cannot be returned to the requester any more, but an error prompt needs to be returned, and corresponding processing is performed later, for example, the operation is performed again or the general execution environment is verified.
It should be noted that the encrypted data itself may be cracked, and in this method, even if a malicious third party cannot directly steal the original data from the general execution environment, the malicious third party can still steal the encrypted data. Although the encrypted data itself does protect the original data from the eavesdropper, in general, the more the eavesdropper gets the encrypted data, the greater the likelihood of cracking the encryption. Thus, it is contemplated that encryption of the original data in the trusted execution environment may be periodically updated during the course of the actual application. Specifically, the key used in encrypting the original data may be updated every time a specified period of time passes, and the original data may be re-encrypted using the updated key to obtain encrypted data. And updating each key and re-encrypting each original data by taking the designated time period as a period, thereby effectively preventing the encryption from being cracked due to the leakage of excessive encrypted data.
When the data circulation method provided by the specification is adopted, the original data of the provider and the function script of the requester can be stored in a trusted execution environment; encrypting the original data to obtain encrypted data, and determining the encrypted data required by the function script as operation data; transmitting the function script and the encrypted data to a general execution environment for execution to obtain an encryption result; and finally, returning the encryption result to the trusted execution environment, and returning the operation result obtained by decryption to the requester. The method can decouple the calculated ecology and the safe ecology, strip the calculated process from the trusted execution environment, ensure the data security, exert all the calculation performance to the greatest extent, promote the efficiency of data circulation, and keep the feasibility of the respective sustainable development of the calculated ecology and the safe ecology.
The foregoing describes one or more methods for implementing data circulation in the present specification, and based on the same ideas, the present specification also provides a corresponding data circulation device, as shown in fig. 2.
Fig. 2 is a schematic diagram of a data flow device provided in the present specification, including:
the receiving module 200 is configured to receive original data sent by a provider, and encrypt the original data in a trusted execution environment to obtain encrypted data;
A determining module 202, configured to determine, for each function script, encrypted data corresponding to original data required by the function script as operation data of the function script when the function script sent by the requesting party is received;
a transmission module 204, configured to transmit the function script and the operation data to a general execution environment, and execute the function script in the general execution environment according to the operation data, so as to obtain an encryption result;
the decryption module 206 is configured to transmit the encryption result to the trusted execution environment, and decrypt the encryption result in the trusted execution environment to obtain an operation result;
and a return module 208, configured to return the operation result to the requester.
Optionally, the receiving module 200 is specifically configured to determine, for each piece of original data, a function type in which the piece of original data participates; and encrypting the original data according to the function type to obtain the encrypted data of the original data.
Optionally, the apparatus further comprises a verification module 210, specifically configured to perform identity verification on the requester; when the result of the identity verification is passing, receiving the function script sent by the requester; and when the authentication result is failure, returning the authentication result to the requester.
Optionally, the apparatus further includes an execution module 212, specifically configured to determine a type of function executed by the function script; and when the function type is the appointed function type, decrypting the operation data of the function script in the trusted execution environment, and executing the function script by adopting the original data required by the function script to obtain an operation result.
Optionally, the apparatus further includes an encryption module 214, specifically configured to encrypt parameters included in the function script in the same encryption manner as when the operation data is obtained.
Optionally, the apparatus further includes a judging module 216, specifically configured to judge whether the operation result meets a specification according to the function script;
the returning module 208 is specifically configured to return the operation result to the requester when the operation result meets a specification; and returning an error prompt when the operation result does not accord with the specification.
Optionally, the apparatus further includes an updating module 218, specifically configured to update a key used when encrypting the original data every time a specified duration passes, and re-encrypt the original data using the updated key to obtain encrypted data.
The present specification also provides a computer readable storage medium storing a computer program operable to perform a data flow method as provided in fig. 1 above.
The present specification also provides a schematic structural diagram of an electronic device corresponding to fig. 1 shown in fig. 3. At the hardware level, the electronic device includes a processor, an internal bus, a network interface, a memory, and a non-volatile storage, as described in fig. 3, although other hardware required by other services may be included. The processor reads the corresponding computer program from the nonvolatile memory into the memory and then runs the computer program to implement the data flow method described in fig. 1. Of course, other implementations, such as logic devices or combinations of hardware and software, are not excluded from the present description, that is, the execution subject of the following processing flows is not limited to each logic unit, but may be hardware or logic devices.
In the 90 s of the 20 th century, improvements to one technology could clearly be distinguished as improvements in hardware (e.g., improvements to circuit structures such as diodes, transistors, switches, etc.) or software (improvements to the process flow). However, with the development of technology, many improvements of the current method flows can be regarded as direct improvements of hardware circuit structures. Designers almost always obtain corresponding hardware circuit structures by programming improved method flows into hardware circuits. Therefore, an improvement of a method flow cannot be said to be realized by a hardware entity module. For example, a programmable logic device (Programmable Logic Device, PLD) (e.g., field programmable gate array (Field Programmable Gate Array, FPGA)) is an integrated circuit whose logic function is determined by the programming of the device by a user. A designer programs to "integrate" a digital system onto a PLD without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Moreover, nowadays, instead of manually manufacturing integrated circuit chips, such programming is mostly implemented by using "logic compiler" software, which is similar to the software compiler used in program development and writing, and the original code before the compiling is also written in a specific programming language, which is called hardware description language (Hardware Description Language, HDL), but not just one of the hdds, but a plurality of kinds, such as ABEL (Advanced Boolean Expression Language), AHDL (Altera Hardware Description Language), confluence, CUPL (Cornell University Programming Language), HDCal, JHDL (Java Hardware Description Language), lava, lola, myHDL, PALASM, RHDL (Ruby Hardware Description Language), etc., VHDL (Very-High-Speed Integrated Circuit Hardware Description Language) and Verilog are currently most commonly used. It will also be apparent to those skilled in the art that a hardware circuit implementing the logic method flow can be readily obtained by merely slightly programming the method flow into an integrated circuit using several of the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer readable medium storing computer readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, application specific integrated circuits (Application Specific Integrated Circuit, ASIC), programmable logic controllers, and embedded microcontrollers, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, atmel AT91SAM, microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic of the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller in a pure computer readable program code, it is well possible to implement the same functionality by logically programming the method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers, etc. Such a controller may thus be regarded as a kind of hardware component, and means for performing various functions included therein may also be regarded as structures within the hardware component. Or even means for achieving the various functions may be regarded as either software modules implementing the methods or structures within hardware components.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. One typical implementation is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being functionally divided into various units, respectively. Of course, the functions of each element may be implemented in one or more software and/or hardware elements when implemented in the present specification.
It will be appreciated by those skilled in the art that embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, the present specification may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present description can take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The present description is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the specification. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
It will be appreciated by those skilled in the art that embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, the present specification may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present description can take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.
The foregoing is merely exemplary of the present disclosure and is not intended to limit the disclosure. Various modifications and alterations to this specification will become apparent to those skilled in the art. Any modifications, equivalent substitutions, improvements, or the like, which are within the spirit and principles of the present description, are intended to be included within the scope of the claims of the present description.

Claims (16)

1. A data flow method, comprising:
receiving original data sent by a provider, and encrypting the original data in a trusted execution environment to obtain encrypted data;
when a function script sent by a requester is received, determining encryption data corresponding to original data required by each function script as operation data of the function script;
Transmitting the function script and the operation data to a general execution environment, and executing the function script in the general execution environment according to the operation data to obtain an encryption result;
transmitting the encryption result to the trusted execution environment, and decrypting the encryption result in the trusted execution environment to obtain an operation result;
and returning the operation result to the requester.
2. The method of claim 1, wherein encrypting the original data to obtain encrypted data specifically comprises:
determining the function type of the original data participation aiming at each original data;
and encrypting the original data according to the function type to obtain the encrypted data of the original data.
3. The method of claim 1, prior to receiving the function script sent by the requestor, the method further comprising:
carrying out identity verification on the requester;
when the result of the identity verification is passing, receiving the function script sent by the requester;
and when the authentication result is failure, returning the authentication result to the requester.
4. The method of claim 1, prior to transferring the functional script and the operation to a general execution environment, the method further comprising:
Determining the type of the function executed by the function script;
and when the function type is the appointed function type, decrypting the operation data of the function script in the trusted execution environment, and executing the function script by adopting the original data required by the function script to obtain an operation result.
5. The method of claim 1, prior to transferring the functional script and the operation to a general execution environment, the method further comprising:
and encrypting the parameters contained in the function script by adopting the same encryption mode as that when the operation data are obtained.
6. The method of claim 1, prior to returning the result of the operation to the requestor, the method further comprising:
judging whether the operation result meets the specification according to the function script;
returning the operation result to the requesting party, wherein the operation result comprises the following specific steps:
when the operation result meets the specification, returning the operation result to the requester;
and returning an error prompt when the operation result does not accord with the specification.
7. The method of claim 1, the method further comprising:
and updating a key adopted when encrypting the original data every time the appointed duration passes, and re-encrypting the original data by adopting the updated key to obtain encrypted data.
8. A data flow-through device, comprising:
the receiving module is used for receiving the original data sent by the provider and encrypting the original data in a trusted execution environment to obtain encrypted data;
the determining module is used for determining encryption data corresponding to original data required by each function script as operation data of the function script when the function script sent by the requesting party is received;
the transmission module is used for transmitting the function script and the operation data to a general execution environment, and executing the function script in the general execution environment according to the operation data to obtain an encryption result;
the decryption module is used for transmitting the encryption result to the trusted execution environment and decrypting the encryption result in the trusted execution environment to obtain an operation result;
and the return module is used for returning the operation result to the requester.
9. The apparatus according to claim 8, wherein the receiving module is specifically configured to determine, for each raw data, a function type in which the raw data participates; and encrypting the original data according to the function type to obtain the encrypted data of the original data.
10. The apparatus of claim 8, further comprising a verification module, in particular for authenticating the requestor; when the result of the identity verification is passing, receiving the function script sent by the requester; and when the authentication result is failure, returning the authentication result to the requester.
11. The apparatus of claim 8, further comprising an execution module, in particular for determining a type of function performed by the function script; and when the function type is the appointed function type, decrypting the operation data of the function script in the trusted execution environment, and executing the function script by adopting the original data required by the function script to obtain an operation result.
12. The apparatus according to claim 8, further comprising an encryption module, in particular configured to encrypt parameters included in the function script in the same manner as when the operation data is obtained.
13. The apparatus of claim 8, further comprising a judging module, specifically configured to judge whether the operation result meets a specification according to the function script;
the return module is specifically configured to return the operation result to the requester when the operation result meets a specification; and returning an error prompt when the operation result does not accord with the specification.
14. The device of claim 8, further comprising an updating module, specifically configured to update a key used for encrypting the original data every time a specified period of time elapses, and re-encrypt the original data using the updated key to obtain encrypted data.
15. A computer readable storage medium storing a computer program which, when executed by a processor, implements the method of any of the preceding claims 1-7.
16. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any of the preceding claims 1-7 when the program is executed.
CN202311227145.0A 2023-09-20 2023-09-20 Data circulation method and device, storage medium and electronic equipment Pending CN117349856A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311227145.0A CN117349856A (en) 2023-09-20 2023-09-20 Data circulation method and device, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311227145.0A CN117349856A (en) 2023-09-20 2023-09-20 Data circulation method and device, storage medium and electronic equipment

Publications (1)

Publication Number Publication Date
CN117349856A true CN117349856A (en) 2024-01-05

Family

ID=89358469

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311227145.0A Pending CN117349856A (en) 2023-09-20 2023-09-20 Data circulation method and device, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN117349856A (en)

Similar Documents

Publication Publication Date Title
US11531758B2 (en) Provision of domains in secure enclave to support multiple users
US11848753B2 (en) Securing audio communications
CN110222531B (en) Method, system and equipment for accessing database
KR101641809B1 (en) Method and system for distributed off-line logon using one-time passwords
CN108063756B (en) Key management method, device and equipment
KR20190099054A (en) Blockchain node communication method and apparatus
CN109154972B (en) Using hardware-based security isolation regions to prevent piracy and cheating on electronic devices
KR20220069117A (en) System access using a mobile device
WO2014063361A1 (en) Methods and apparatus for data access control
KR101745843B1 (en) Methods and devices for protecting private data
US11455432B1 (en) Multi-user storage volume encryption via secure processor
CN111461883A (en) Transaction processing method and device based on block chain and electronic equipment
CN113704826A (en) Privacy protection-based business risk detection method, device and equipment
WO2015154469A1 (en) Database operation method and device
CN111600882A (en) Block chain-based account password management method and device and electronic equipment
CN116629381A (en) Federal migration learning method and device, storage medium and electronic equipment
CN117349856A (en) Data circulation method and device, storage medium and electronic equipment
CN115941336A (en) Data processing method, device and equipment
CN110457959B (en) Information transmission method and device based on Trust application
CN114553428B (en) Trusted verification system, trusted verification device, trusted verification storage medium and electronic equipment
Raza et al. A secure authentication protocol against the co-located app attack in ble
CN114301606B (en) Unmanned equipment key management system, method, device, equipment and storage medium
EP4145762B1 (en) Method and system for enabling secure processing of data using a processing application
CN112953893B (en) Identity verification method, device, equipment and system based on privacy protection
CN116050847A (en) Data risk assessment method and device, storage medium and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination