CN117454410B - Enterprise knowledge brain data storage method based on privacy calculation - Google Patents
Enterprise knowledge brain data storage method based on privacy calculation Download PDFInfo
- Publication number
- CN117454410B CN117454410B CN202311786852.3A CN202311786852A CN117454410B CN 117454410 B CN117454410 B CN 117454410B CN 202311786852 A CN202311786852 A CN 202311786852A CN 117454410 B CN117454410 B CN 117454410B
- Authority
- CN
- China
- Prior art keywords
- modification
- access
- interval
- data type
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 210000004556 brain Anatomy 0.000 title claims abstract description 34
- 238000004364 calculation method Methods 0.000 title claims abstract description 17
- 238000013500 data storage Methods 0.000 title claims abstract description 15
- 230000004048 modification Effects 0.000 claims abstract description 305
- 238000012986 modification Methods 0.000 claims abstract description 305
- 230000008859 change Effects 0.000 claims abstract description 91
- 230000000875 corresponding effect Effects 0.000 claims description 26
- 238000010606 normalization Methods 0.000 claims description 19
- 238000012545 processing Methods 0.000 claims description 18
- 238000013507 mapping Methods 0.000 claims description 6
- 230000002596 correlated effect Effects 0.000 claims description 5
- 238000003064 k means clustering Methods 0.000 claims description 5
- 238000012163 sequencing technique Methods 0.000 claims description 4
- 230000006870 function Effects 0.000 description 12
- 230000008569 process Effects 0.000 description 10
- 230000035945 sensitivity Effects 0.000 description 10
- 238000004458 analytical method Methods 0.000 description 7
- 230000014509 gene expression Effects 0.000 description 5
- 238000011161 development Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 238000011156 evaluation Methods 0.000 description 3
- 238000007726 management method Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000002860 competitive effect Effects 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000013439 planning Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000013068 supply chain management Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/088—Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Complex Calculations (AREA)
Abstract
The invention relates to the technical field of data encryption storage, in particular to an enterprise knowledge brain data storage method based on privacy calculation. The method comprises the steps of obtaining multiple data types in an enterprise knowledge brain intelligent system, and obtaining the access degree of each data type according to the access duration and the access times of the data types; obtaining a modification characteristic value according to the degree of frequency of modification of the data types, and carrying out clustering classification based on the degree of operation of each data type to obtain a modification degree cluster; combining the modification characteristic value in the modification degree cluster and the interval change of the modification time and the access time to obtain the access operation coefficient of the data type; and obtaining the key length range of the data type according to the access degree and the access operation coefficient for encryption storage. The invention combines the accessed and modified real-time change characteristics of the data types, improves the encryption quality of each data type, and further ensures the security of enterprise knowledge brain data storage.
Description
Technical Field
The invention relates to the technical field of data encryption storage, in particular to an enterprise knowledge brain data storage method based on privacy calculation.
Background
The enterprise knowledge brain is an intelligent system integrating a large amount of enterprise related data, and aims to help enterprises to improve decision-making efficiency, optimize business processes and enhance market competitiveness through data analysis and learning technology thereof. Privacy computing techniques, such as encryption algorithms, etc., can process and analyze data without exposing the original data content, which is intuitively important for protecting data privacy, adhering to laws and regulations, and maintaining business competitive advantages. Along with the expansion of enterprise scale and the improvement of informatization degree, enterprise knowledge management becomes vital, and through privacy calculation, enterprises can utilize big data and artificial intelligence technology to promote business efficiency and decision quality when guaranteeing data privacy, and a large amount of sensitive information that exists in the relevant data of enterprise for protection privacy becomes an urgent task.
Because the data in the enterprise knowledge brain intelligent system has multi-source complexity, the data features are complex and various, in the existing encryption method according to the data features, the encryption effect by using the key is relatively fixed, for frequently changeable data, the length of the key influences the quality of the data encryption processing, if the key is longer, the encryption processing time is increased, and if the key is shorter, the data security cannot be ensured, so that the encryption quality of the whole enterprise knowledge brain data cannot be ensured, and the safe storage of the data is further influenced.
Disclosure of Invention
In order to solve the technical problems that the encryption quality of the whole enterprise knowledge brain data cannot be ensured and the safe storage of the data is affected in the prior art, the invention aims to provide the enterprise knowledge brain data storage method based on privacy calculation, and the adopted technical scheme is as follows:
the invention provides an enterprise knowledge brain data storage method based on privacy calculation, which comprises the following steps:
acquiring data information of at least two data types from an enterprise knowledge brain intelligent system; the data information includes: the access times, the access time of each access, the modification times and the modification time of each modification;
in each data type, according to the fluctuation condition of the access time length and the access times, obtaining the access degree of each data type; obtaining a modification characteristic value of each data type according to the modification times and the frequency of the modification time of each data type; clustering the data types according to the modification characteristic value of each data type to obtain a modification degree cluster; obtaining access operation coefficients of each data type according to the duty ratio condition of the modification characteristic value in each modification degree cluster, the interval change condition of the access time of each data type in the corresponding modification degree cluster and the interval change condition of the modification time;
determining a key length range of each data type according to the access degree and the access operation coefficient of each data type; the corresponding data type is stored encrypted based on the key length range of each data type.
Further, the access degree obtaining method includes:
for any one data type, calculating the average value of all access time durations in the data type, and obtaining the average time duration of the data type; calculating standard deviations of all access time durations in the data type, and performing negative correlation mapping to obtain time duration confidence coefficient of the data type; acquiring a time index of the data type according to the average time length and the time confidence coefficient of the data type; the average time length and the time length confidence are positively correlated with the time length index;
and carrying out normalization processing on the product of the time index of the data type and the access times to obtain the access degree of the data type.
Further, the method for acquiring the modification characteristic value comprises the following steps:
for any one data type, calculating the time difference between the modification time of every two adjacent modification times in the data type, and obtaining a modification interval of the data type; calculating the average value of all the modification interval segments in the data type, and performing negative correlation mapping to serve as a modification interval index of the data type;
and carrying out normalization processing on the product of the number of modification times and the modification interval index in the data type to obtain the modification characteristic value of the data type.
Further, the method for acquiring the access operation coefficient comprises the following steps:
calculating the average value of all the modification characteristic values in each modification degree cluster to serve as the modification value of each modification degree cluster; taking the accumulated values of the modification values of all the modification degree clusters as modification indexes;
taking each data type as a target class in sequence, and taking the ratio of the modification value of the modification degree cluster where the target class is positioned to the modification index as the modification duty ratio of the target class;
calculating the time difference between the access time of every two adjacent accesses in the target class, and obtaining the access interval section of the target class; sequencing all the access interval segments according to a time sequence order to obtain an access interval sequence of a target class; sequencing all the modification interval segments according to a time sequence order to obtain a modification interval sequence of the target class; obtaining the access influence confidence of each access interval according to the distribution position of each access interval in the access interval sequence; obtaining modification influence confidence of each modification interval according to the distribution position of each modification interval in the modification interval sequence;
obtaining an access change value of the target class according to the change degree of the difference between the access interval sections in the access interval sequence of the target class; obtaining a modification change value of the target class according to the change degree of the difference between the modification interval sections in the modification interval sequence of the target class; carrying out weighted summation on the access change value and the modification change value of the target class, and carrying out normalization processing to obtain an access operation index of the target class;
taking the product of the access operation index and the modification duty ratio of the target class as the access operation coefficient of the target class.
Further, according to the distribution position of each access interval in the access interval sequence, obtaining the access influence confidence of each access interval; obtaining the modification influence confidence of each modification interval according to the distribution position of each modification interval in the modification interval sequence, wherein the modification influence confidence comprises the following steps:
taking the sequence number of each access interval segment in the access interval sequence as the access sequence number of each access interval segment; normalizing the access sequence number of each access interval segment to obtain the access influence confidence of each access interval segment;
taking the serial number of each modification interval section in the modification interval sequence as the modification serial number of each modification interval section; and normalizing the modification sequence number of each modification interval segment to obtain the modification influence confidence of each modification interval segment.
Further, the access change value of the target class is obtained through the change degree of the difference between the access interval sections in the access interval sequence of the target class; obtaining a modification change value of the target class according to the change degree of the difference between the modification interval sections in the modification interval sequence of the target class, wherein the modification change value comprises the following steps:
when the access interval section in the access interval sequence is not the last access interval section, taking the ratio of the corresponding access interval section to the next access interval section as an access change difference value of the corresponding access interval section; when the access interval segment in the access interval sequence is the last access interval segment, setting the access variation difference value of the last access interval segment as the access variation difference value of the previous access interval segment;
taking the product of the access change difference value of each access interval segment and the access influence confidence as an access change index of each access interval segment; taking the average value of all access change indexes in the target class as an access change value of the target class;
when the access interval section in the modification interval sequence is not the last modification interval section, the ratio of the corresponding modification interval section to the next modification interval section is used as a modification change difference value of the corresponding modification interval; when the modification interval section in the modification interval sequence is the last modification interval section, setting the modification change difference value of the last modification interval section as the modification change difference value of the previous modification interval section;
taking the product of the modification change difference value of each modification interval section and the modification influence confidence coefficient as a modification change index of each modification interval section; and taking the average value of all the modification change indexes in the target class as the modification change value of the target class.
Further, the method for acquiring the key length range includes:
normalizing the product of the access degree and the access operation coefficient of each data type to obtain the security degree of each data type;
for any data type, rounding up the product of the safety degree of the data type and a preset standard length value to obtain the minimum boundary value of the data type; taking the sum of the minimum boundary value and the value 1 as the maximum boundary value of the data type;
calculating the minimum boundary value as the number of times of a power function based on 2 to obtain a key lower boundary value of the data type; calculating the maximum boundary value as the number of times of a power function based on 2 to obtain the key upper boundary value of the data type;
and taking a data range formed by the key lower boundary value and the key upper boundary value of the data type as a key length range of the data type.
Further, the encrypting and storing the corresponding data type based on the key length range of each data type includes:
and in the key length range of each data type, acquiring two prime numbers by utilizing prime number theorem, and encrypting and storing the data in each data type by adopting an RSA encryption algorithm through the two prime numbers.
Further, the preset standard length value is set to 1024.
Further, the method for obtaining the modification degree cluster comprises the following steps: and clustering by adopting a K-means clustering algorithm.
The invention has the following beneficial effects:
according to the method, various data types in the enterprise knowledge brain intelligent system are acquired, sensitivity of different data types is evaluated by combining access records, access degree of each data type is obtained through access duration and access frequency, and initial evaluation is carried out on the security level of the data type according to the accessed degree of the data. Further, considering that the importance degree of different data types under the real-time condition of the enterprise change development can be changed, firstly obtaining a modification characteristic value according to the modified frequency degree of each data type, reflecting the operated degree of each data type, carrying out clustering classification based on the operated degree of each data type, and then obtaining an access operation coefficient reflecting the real-time importance degree by combining the time change condition of different data types in each category and the access and modification condition of the different data types. And finally, combining the access degree and the access operation coefficient, completing the evaluation of the security of each data type in real time, obtaining a self-adaptive key length range, and carrying out encryption storage through a proper key length range. The invention combines the accessed and modified real-time change characteristics of different data types, improves the encryption quality of each data type, ensures the encryption security and simultaneously improves the encryption efficiency, thereby ensuring the security of enterprise knowledge brain data storage.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions and advantages of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are only some embodiments of the invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of an enterprise knowledge brain data storage method based on privacy calculation according to an embodiment of the present invention.
Detailed Description
In order to further describe the technical means and effects adopted by the invention to achieve the preset aim, the following detailed description is given below of a method for storing enterprise knowledge brain data based on privacy calculation according to the invention, and the detailed description of the specific implementation, structure, characteristics and effects thereof is given below with reference to the accompanying drawings and the preferred embodiments. In the following description, different "one embodiment" or "another embodiment" means that the embodiments are not necessarily the same. Furthermore, the particular features, structures, or characteristics of one or more embodiments may be combined in any suitable manner.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
The following specifically describes a specific scheme of the enterprise knowledge brain data storage method based on privacy calculation provided by the invention with reference to the accompanying drawings.
Referring to fig. 1, a flowchart of an enterprise knowledge brain data storage method based on privacy computation according to an embodiment of the present invention is shown, the method includes the following steps:
s1: acquiring data information of at least two data types from an enterprise knowledge brain intelligent system; the data information includes: the number of accesses, the access time per access, the access duration per access, the number of modifications, and the modification time per modification.
Generally, an enterprise knowledge brain intelligent system provides an application program interface, various data access and processing needs to be processed through the interface, and data types in the enterprise knowledge brain intelligent system include but are not limited to: personal data: such as employee personal information, customer personal information, etc., which typically involve personal privacy, require strict adherence to data protection laws for privacy processing; sensitive business data: such as financial data or core business process confidentiality, which are critical to enterprise operation, and need to be protected from disclosure by privacy; enterprise management data: such as employee management structures or employee payroll data, which are related to the development planning of enterprises, are required to be stored in an encrypted manner.
Because of the multi-source complexity of the data types, the data volume in each type of data is also huge, and the characteristic analysis of the data is difficult and has low accuracy, in the embodiment of the invention, by acquiring the data information of at least two data types from the enterprise knowledge brain intelligent system, the data types such as employee information, commodity information, order data or employee payroll and the like, the data information of different data types is analyzed according to the sensitivity degree, and the sensitivity degree reflects the possibility of each data type being attacked by observation, wherein the data information comprises: the number of accesses, the access time per access, the access duration per access, the number of modifications, and the modification time per modification. The more data types are browsed, the higher the sensitivity of the data is, the more security needs to be ensured.
S2: in each data type, according to the fluctuation condition of the access time length and the access times, obtaining the access degree of each data type; obtaining a modification characteristic value of each data type according to the modification times and the frequency of the modification time of each data type; clustering the data types according to the modification characteristic value of each data type to obtain a modification degree cluster; and obtaining the access operation coefficient of each data type according to the duty ratio condition of the modification characteristic value in each modification degree cluster, the interval change condition of the access time of each data type in the corresponding modification degree cluster and the interval change condition of the modification time.
In the enterprise knowledge brain data, when the degree of data access is higher, the data is explained to be the key data which is very likely to be operated by the enterprise, the data is very likely to be stolen by attack, the security level which needs to be protected is also higher, and therefore, the importance of each data type can be primarily evaluated according to the degree of data type access. For example, for sales enterprises, when the data type is order data or inventory data, the order data and inventory data may be critical to the retail enterprises, the data directly relates to core business processes such as product sales, supply chain management and the like, and is part of an organization core business, and the data may be frequently accessed and used and have long access time, so the access time length and access times of the data may be relatively high. Therefore, firstly, in each data type, the access degree of each data type is obtained according to the fluctuation condition of the access time length and the access times.
Preferably, for any one data type, calculating the average value of all access time lengths in the data type, and obtaining the average time length of the data type, wherein the overall access time length condition of the data type is reflected through the average time length. Calculating standard deviations of all access time durations in the data type, and carrying out negative correlation mapping to obtain time duration confidence coefficient of the data type, wherein when the access time durations in the data type tend to be consistent, namely the fluctuation deviation degree is lower, the reliability of analysis based on the whole access time duration is higher, and when the fluctuation change of the access time duration in the data type is complex, the reliability of analysis based on the whole access time duration is lower.
Further, according to the average time length and the time length confidence coefficient of the data type, a time length index of the data type is obtained, the average time length and the time length confidence coefficient are positively correlated with the time length index, and the importance degree of the integral access time length representation of the data type is reflected through the time length index. And carrying out normalization processing on the product of the time index of the data type and the access times to obtain the access degree of the data type, reflecting the access frequency condition of the data type through the access times, and obtaining the access degree reflecting the data sensitivity by combining the time index. In the embodiment of the invention, the expression of the access degree is:
in the method, in the process of the invention,denoted as +.>The degree of access of the individual data types>Denoted as +.>Number of accesses of individual data types, +.>Denoted as +.>The>Access duration of the secondary access->Denoted as +.>The average duration of the individual data types,expressed as an exponential function based on natural constants, < ->It should be noted that, normalization is a technical means well known to those skilled in the art, and the normalization function may be selected by linear normalization or standard normalization, and the specific normalization method is not limited herein.
Wherein,denoted as +.>Standard deviation of all access durations in the individual data types,denoted as +.>Duration confidence of individual data types, +.>Denoted as +.>In the embodiment of the invention, the average time length and the time length confidence coefficient are reflected to be positively correlated with the time length index in the form of product, and in other embodiments of the invention, other basic mathematical operations can be used to reflect that the average time length and the time length confidence coefficient are positively correlated with the time length index, such as addition and the like, without limitation.
Meanwhile, in the daily operation development of enterprises, the situation that different types of data in the enterprise knowledge brain data are accessed changes, and some accesses are not only browsing but also modifying the data. For example, when the data type is employee information, access is generally increased only when personnel change such as dispatching occurs to the employees, and when dispatching occurs to the employees, modification operation is performed on the data in the corresponding data type. Therefore, the modification information of each data type also reflects the sensitivity of the data under different conditions, because an attacker has more opportunities to analyze the modes, the rules and the like according to the modification conditions, so that key data of some enterprises are leaked, and the modification characteristics of each data type are further considered, namely, the modification characteristic value of each data type is obtained according to the modification times and the frequency of the modification time of each data type.
Preferably, for any one data type, the time difference between the modification times of every two adjacent modifications in the data type is calculated, and a modification interval of the data type is obtained, wherein the modification interval represents the time interval of modifying the data type. And calculating the average value of all the modification interval segments in the data type, and performing negative correlation mapping to serve as a modification interval index of the data type, wherein the modification interval index represents the time for analyzing the data type as a whole to modify. And carrying out normalization processing on the product of the number of modification times and the modification interval index in the data type to obtain a modification characteristic value of the data type, reflecting the frequent condition of modification through the number of modification times, and combining the modification interval index to obtain the modification characteristic value reflecting the integral modification condition of the data type. In the embodiment of the invention, the expression for modifying the characteristic value is:
in the method, in the process of the invention,denoted as +.>Modified characteristic value of individual data types, +.>Denoted as +.>Number of modifications of the individual data types>Denoted as +.>Average value of all modification intervals in each data type,/->Expressed as an exponential function based on natural constants, < ->Represented as a normalization function.
Wherein,denoted as +.>The shorter the time interval of the data type being modified, the larger the modification interval index, and the higher the number of modification times, the larger the modification characteristic value of the whole data type, which characterizes the frequency of the data type being modified.
And clustering the data types according to the modification characteristic value of each data type to obtain a modification degree cluster, and classifying and clustering the data types based on the frequent modification conditions of the data types, so that different security weights are distributed among the data types with different degree modification conditions, and the encryption processing conditions of the whole data are reasonably distributed. In one embodiment of the present invention, a K-means clustering algorithm is adopted to cluster data types based on modification feature values of each data type to obtain a modification degree cluster, a preset K value in the K-means clustering algorithm is set to be 5, a specific numerical value implementer can adjust according to specific implementation conditions, the limitation is not needed here, and it is to be noted that the K-means clustering algorithm is a technical means well known to those skilled in the art, and details are not needed here.
The importance weight of each data type is comprehensively distributed through the modification proportion of different degrees, the real-time importance of each data type is considered, namely, the closer to the current browsed and modified frequent degree, the larger the influence proportion is, so that the access operation coefficient of each data type is obtained according to the proportion condition of the modification characteristic value in each modification degree cluster and the interval change condition of the access time and the interval change condition of the modification time of each data type in the corresponding modification degree cluster.
Preferably, an average value of all the modification feature values in each modification degree cluster is calculated as a modification value of each modification degree cluster, and an accumulated value of the modification values of all the modification degree clusters is used as a modification index. And sequentially taking each data type as a target class, carrying out the same analysis on all the data types, taking the ratio of the modification value of the modification degree cluster where the target class is positioned to the modification index as the modification duty ratio of the target class, and reflecting the security allocation degree of each target class based on the history overall modification degree through the duty ratio degree of the modification value.
Further, calculating the time difference between the access time of every two adjacent accesses in the target class, and obtaining the access interval section of the target class, wherein the access interval section reflects the time interval of accessing the target class. Sorting all the access interval segments according to a time sequence order to obtain an access interval sequence of a target class, sorting all the modification interval segments according to the time sequence order to obtain a modification interval sequence of the target class, obtaining the distribution of the access interval and the modification interval at different times through the time sequence order to improve the influence of the real-time performance of the target class, further obtaining the access influence confidence coefficient of each access interval segment according to the distribution position of each access interval segment in the access interval sequence, and obtaining the modification influence confidence coefficient of each modification interval segment according to the distribution position of each modification interval segment in the modification interval sequence.
In one embodiment of the invention, the influence degree of each time interval is directly reflected by the sequence number, and the larger the sequence number is, the more the sequence number is distributed in the time sequence, namely the closer to the current actual situation, the higher the influence degree is, so that the sequence number of each access interval in the access interval sequence is used as the access sequence number of each access interval, the access sequence number of each access interval is subjected to normalization processing, and the access influence confidence of each access interval is obtained. Taking the serial number of each modification interval segment in the modification interval sequence as the modification serial number of each modification interval segment, and carrying out normalization processing on the modification serial number of each modification interval segment to obtain the modification influence confidence coefficient of each modification interval segment. In the embodiment of the invention, the expressions of accessing the influence confidence and modifying the influence confidence are as follows:
in the method, in the process of the invention,denoted as +.>The access influence confidence of the individual access interval, +.>Denoted as +.>Access sequence number of each access interval, +.>Denoted as +.>Modification of the individual modification interval influences the confidence level, +.>Denoted as +.>Modification sequence number of each modification interval, +.>Represented as hyperbolic tangent function, for normalization processing.
Further, the change of the time interval needs to be analyzed, the change of the time interval is shorter and shorter, the frequency of access or modification is higher, and the data sensitivity is higher, so that the access change value of the target class is obtained through the change degree of the difference between the access interval sections in the access interval sequence of the target class; and obtaining the modification change value of the target class according to the change degree of the difference between the modification interval sections in the modification interval sequence of the target class.
Preferably, when the access interval in the access interval sequence is not the last access interval, the ratio of the corresponding access interval to the next access interval is used as the access variation difference value of the corresponding access interval, when the access interval is shorter, the access variation difference value is larger, and when the access interval in the access interval sequence is the last access interval, the access variation difference value of the last access interval is set as the access variation difference value of the previous access interval.
Taking the product of the access change difference value of each access interval section and the access influence confidence as an access change index of each access interval section, comprehensively representing the sensitivity degree of each access interval section by the influence degree of the position of each access interval section and the change degree of each access interval section, and taking the average value of all access change indexes in the target class as the access change value of the target class. The influence degree of frequent change conditions corresponding to the accessed target class is reflected through the access change value.
Similarly, the same analysis is carried out on each modification interval, namely when the access interval in the modification interval sequence is not the last modification interval, the ratio of the corresponding modification interval to the next modification interval is used as the modification change difference value of the corresponding modification interval; when the modification interval segment in the modification interval sequence is the last modification interval segment, the modification variation difference value of the last modification interval segment is set to be the same as the modification variation difference value of the previous modification interval segment. Taking the product of the modification change difference value of each modification interval section and the modification influence confidence coefficient as a modification change index of each modification interval section, and taking the average value of all modification change indexes in the target class as the modification change value of the target class. And the influence degree of the frequent change condition corresponding to the modification on the target class is reflected by the modification change value.
Further, the access change value and the modification change value of the target class are weighted and summed, normalization processing is carried out to obtain access operation indexes of the target class, and real-time data importance degree analysis is carried out by integrating modification conditions and access conditions. Taking the product of the access operation index and the modification duty ratio of the target class as the access operation coefficient of the target class, wherein the access operation coefficient can be combined with the distribution degree of the whole modification condition to comprehensively represent the real-time importance of the target class. In the embodiment of the invention, the expression of the access operation coefficient is:
in the method, in the process of the invention,denoted as +.>Access operation coefficients of individual data types, +.>Denoted as +.>Modification value of individual modification degree cluster, < ->Expressed as total number of degree of modification clusters, +.>Denoted as +.>The (th) of the data type>Modification value of individual modification degree cluster, < ->Denoted as +.>Total number of access intervals in a data type, < >>Denoted as +.>The access influence confidence of the individual access interval, +.>Denoted as +.>Access variation difference value of individual access interval, < ->Denoted as +.>Total number of modification intervals in the individual data types, +.>Denoted as +.>Modification of the individual modification interval influences the confidence level, +.>Denoted as +.>Modification variation difference value of each modification interval, < ->Expressed as a normalization function>And->Expressed as weighted weights, < > in the present embodiment>Set to 0.7%>Set to 0.3, the specific numerical implementation can be adjusted according to the specific implementation.
Wherein,expressed as modification index->Denoted as +.>Modified duty cycle of individual data types +.>Denoted as +.>An access change indicator for each access interval, +.>Denoted as +.>Access change value of data type, +.>Denoted as +.>Modification change index of each modification interval, +.>Denoted as +.>Modified change value of data type, +.>Denoted as +.>Access operation index of individual data type. When the time interval between access time is shorter, the time interval between modification time is shorter, the access change index and the modification change index are larger, the access operation index is larger, and when the modification duty ratio is also larger, the degree of the accessed processing of the corresponding data type is larger in real time, the sensitivity of the current data is higher, and higher security protection is needed.
Thus, the access degree and the modification degree are integrated, and the access degree and the access operation coefficient of each data type are obtained through the real-time property reflected by the time interval change.
S3: determining a key length range of each data type according to the access degree and the access operation coefficient of each data type; the corresponding data type is stored encrypted based on the key length range of each data type.
Combining the primary analysis importance degree of each data type and the data security sensitivity degree with real-time property, the self-adaptive key length obtaining range of each data type, namely, determining the key length range of each data type according to the access degree and the access operation coefficient of each data type.
Preferably, the product of the access degree and the access operation coefficient of each data type is normalized to obtain the security degree of each data type, and for any data type, the product of the security degree of the data type and a preset standard length value is rounded up to obtain the minimum boundary value of the data type, where in the embodiment of the present invention, the expression of the minimum boundary value is:
in the method, in the process of the invention,denoted as +.>Minimum boundary value of individual data types, +.>Denoted as +.>Access operation coefficients of individual data types, +.>Denoted as +.>The degree of access of the individual data types>Expressed as a round-up function,>expressed as a normalization function>The preset standard length value is shown as 1024, and the practitioner can adjust the preset standard length value according to the specific implementation situation.
Further, the sum of the minimum boundary value and the value 1 is taken as the maximum boundary value of the data type, namely the maximum boundary value+1, calculating the minimum boundary value as the number of times of the power function based on 2 to obtain a key lower boundary value of the data type, calculating the maximum boundary value as the number of times of the power function based on 2 to obtain a key upper boundary value of the data type, forming a data range of the key lower boundary value and the key upper boundary value of the data type,as key length range of the data type, i.e. +.>The key length of the individual data types is in the range +.>。
Finally, the corresponding data types are encrypted and stored based on the key length range of each data type, and in the embodiment of the invention, in the key length range of each data type, two prime numbers are obtained by utilizing prime number theorem, and the data in each data type is encrypted and stored by adopting RSA encryption algorithm through the two prime numbers. It should be noted that, the method for obtaining the prime number according to the prime number theorem and the RSA encryption algorithm are all technical means well known to those skilled in the art, and are not described herein.
In summary, the invention acquires a plurality of data types in the enterprise knowledge brain intelligent system, evaluates the sensibility of different data types by combining access records, acquires the access degree of each data type through the access duration and the access frequency, and initially evaluates the security level of the data type according to the accessed degree of the data. Further, considering that the importance degree of different data types under the real-time condition of the enterprise change development can be changed, firstly obtaining a modification characteristic value according to the modified frequency degree of each data type, reflecting the operated degree of each data type, carrying out clustering classification based on the operated degree of each data type, and then obtaining an access operation coefficient reflecting the real-time importance degree by combining the time change condition of different data types in each category and the access and modification condition of the different data types. And finally, combining the access degree and the access operation coefficient, completing the evaluation of the security of each data type in real time, obtaining a self-adaptive key length range, and carrying out encryption storage through a proper key length range. The invention combines the accessed and modified real-time change characteristics of different data types, improves the encryption quality of each data type, ensures the encryption security and simultaneously improves the encryption efficiency, thereby ensuring the security of enterprise knowledge brain data storage.
It should be noted that: the sequence of the embodiments of the present invention is only for description, and does not represent the advantages and disadvantages of the embodiments. The processes depicted in the accompanying drawings do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments.
Claims (6)
1. An enterprise knowledge brain data storage method based on privacy calculation, which is characterized by comprising the following steps:
acquiring data information of at least two data types from an enterprise knowledge brain intelligent system; the data information includes: the access times, the access time of each access, the modification times and the modification time of each modification;
in each data type, according to the fluctuation condition of the access time length and the access times, obtaining the access degree of each data type; obtaining a modification characteristic value of each data type according to the modification times and the frequency of the modification time of each data type; clustering the data types according to the modification characteristic value of each data type to obtain a modification degree cluster; obtaining access operation coefficients of each data type according to the duty ratio condition of the modification characteristic value in each modification degree cluster, the interval change condition of the access time of each data type in the corresponding modification degree cluster and the interval change condition of the modification time;
determining a key length range of each data type according to the access degree and the access operation coefficient of each data type; encrypting and storing the corresponding data types based on the key length range of each data type;
the access degree obtaining method comprises the following steps:
for any one data type, calculating the average value of all access time durations in the data type, and obtaining the average time duration of the data type; calculating standard deviations of all access time durations in the data type, and performing negative correlation mapping to obtain time duration confidence coefficient of the data type; acquiring a time index of the data type according to the average time length and the time confidence coefficient of the data type; the average time length and the time length confidence are positively correlated with the time length index;
carrying out normalization processing on the product of the time index of the data type and the access times to obtain the access degree of the data type;
the method for acquiring the modification characteristic value comprises the following steps:
for any one data type, calculating the time difference between the modification time of every two adjacent modification times in the data type, and obtaining a modification interval of the data type; calculating the average value of all the modification interval segments in the data type, and performing negative correlation mapping to serve as a modification interval index of the data type;
normalizing the product of the number of modification times and the modification interval index in the data type to obtain a modification characteristic value of the data type;
the access operation coefficient acquisition method comprises the following steps:
calculating the average value of all the modification characteristic values in each modification degree cluster to serve as the modification value of each modification degree cluster; taking the accumulated values of the modification values of all the modification degree clusters as modification indexes;
taking each data type as a target class in sequence, and taking the ratio of the modification value of the modification degree cluster where the target class is positioned to the modification index as the modification duty ratio of the target class;
calculating the time difference between the access time of every two adjacent accesses in the target class, and obtaining the access interval section of the target class; sequencing all the access interval segments according to a time sequence order to obtain an access interval sequence of a target class; sequencing all the modification interval segments according to a time sequence order to obtain a modification interval sequence of the target class; obtaining the access influence confidence of each access interval according to the distribution position of each access interval in the access interval sequence; obtaining modification influence confidence of each modification interval according to the distribution position of each modification interval in the modification interval sequence;
obtaining an access change value of the target class according to the change degree of the difference between the access interval sections in the access interval sequence of the target class; obtaining a modification change value of the target class according to the change degree of the difference between the modification interval sections in the modification interval sequence of the target class; carrying out weighted summation on the access change value and the modification change value of the target class, and carrying out normalization processing to obtain an access operation index of the target class;
taking the product of the access operation index and the modification duty ratio of the target class as the access operation coefficient of the target class;
the method for acquiring the key length range comprises the following steps:
normalizing the product of the access degree and the access operation coefficient of each data type to obtain the security degree of each data type;
for any data type, rounding up the product of the safety degree of the data type and a preset standard length value to obtain the minimum boundary value of the data type; taking the sum of the minimum boundary value and the value 1 as the maximum boundary value of the data type;
calculating the minimum boundary value as the number of times of a power function based on 2 to obtain a key lower boundary value of the data type; calculating the maximum boundary value as the number of times of a power function based on 2 to obtain the key upper boundary value of the data type;
and taking a data range formed by the key lower boundary value and the key upper boundary value of the data type as a key length range of the data type.
2. The enterprise knowledge brain data storage method based on privacy calculation according to claim 1, wherein the access influence confidence of each access interval is obtained according to the distribution position of each access interval in the access interval sequence; obtaining the modification influence confidence of each modification interval according to the distribution position of each modification interval in the modification interval sequence, wherein the modification influence confidence comprises the following steps:
taking the sequence number of each access interval segment in the access interval sequence as the access sequence number of each access interval segment; normalizing the access sequence number of each access interval segment to obtain the access influence confidence of each access interval segment;
taking the serial number of each modification interval section in the modification interval sequence as the modification serial number of each modification interval section; and normalizing the modification sequence number of each modification interval segment to obtain the modification influence confidence of each modification interval segment.
3. The enterprise knowledge brain data storage method based on privacy calculation according to claim 1, wherein the access variation value of the target class is obtained by the variation degree of the difference between the access intervals in the access interval sequence of the target class; obtaining a modification change value of the target class according to the change degree of the difference between the modification interval sections in the modification interval sequence of the target class, wherein the modification change value comprises the following steps:
when the access interval section in the access interval sequence is not the last access interval section, taking the ratio of the corresponding access interval section to the next access interval section as an access change difference value of the corresponding access interval section; when the access interval segment in the access interval sequence is the last access interval segment, setting the access variation difference value of the last access interval segment as the access variation difference value of the previous access interval segment;
taking the product of the access change difference value of each access interval segment and the access influence confidence as an access change index of each access interval segment; taking the average value of all access change indexes in the target class as an access change value of the target class;
when the access interval section in the modification interval sequence is not the last modification interval section, the ratio of the corresponding modification interval section to the next modification interval section is used as a modification change difference value of the corresponding modification interval; when the modification interval section in the modification interval sequence is the last modification interval section, setting the modification change difference value of the last modification interval section as the modification change difference value of the previous modification interval section;
taking the product of the modification change difference value of each modification interval section and the modification influence confidence coefficient as a modification change index of each modification interval section; and taking the average value of all the modification change indexes in the target class as the modification change value of the target class.
4. The method for storing enterprise knowledge brain data based on privacy calculation according to claim 1, wherein said encrypting and storing the corresponding data types based on the key length range of each data type comprises:
and in the key length range of each data type, acquiring two prime numbers by utilizing prime number theorem, and encrypting and storing the data in each data type by adopting an RSA encryption algorithm through the two prime numbers.
5. The method for storing business knowledge brain data based on privacy calculation according to claim 1, wherein said preset standard length value is set to 1024.
6. The method for storing enterprise knowledge brain data based on privacy calculation according to claim 1, wherein the method for obtaining the modification degree cluster is as follows: and clustering by adopting a K-means clustering algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311786852.3A CN117454410B (en) | 2023-12-25 | 2023-12-25 | Enterprise knowledge brain data storage method based on privacy calculation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311786852.3A CN117454410B (en) | 2023-12-25 | 2023-12-25 | Enterprise knowledge brain data storage method based on privacy calculation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117454410A CN117454410A (en) | 2024-01-26 |
| CN117454410B true CN117454410B (en) | 2024-03-12 |
Family
ID=89580282
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311786852.3A Active CN117454410B (en) | 2023-12-25 | 2023-12-25 | Enterprise knowledge brain data storage method based on privacy calculation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117454410B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117857555B (en) * | 2024-03-05 | 2024-05-14 | 浙江万雾信息科技有限公司 | Data sharing method and system based on edge calculation |
| CN117932310B (en) * | 2024-03-21 | 2024-06-04 | 临沂润恒信息科技有限公司 | Intelligent management method and system for technological achievement transaction conversion integrated information |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112287390A (en) * | 2020-10-23 | 2021-01-29 | 杭州数梦工场科技有限公司 | Self-adaptive baseline adjusting method and device |
| CN116155923A (en) * | 2022-12-19 | 2023-05-23 | 江苏中博通信有限公司 | Intelligent bid-inviting big data cloud storage system and method |
| CN116644468A (en) * | 2023-05-12 | 2023-08-25 | 淮南矿业(集团)有限责任公司煤业分公司 | Intelligent information storage system for fault monitoring of mine ventilator |
| CN116644437A (en) * | 2023-06-14 | 2023-08-25 | 中国联合网络通信集团有限公司 | Data security assessment method, device and storage medium |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120167164A1 (en) * | 2005-11-16 | 2012-06-28 | Azos Ai, Llc | System, method, and apparatus for encryption key cognition incorporating autonomous security protection |
| US20130133026A1 (en) * | 2005-11-16 | 2013-05-23 | Shelia Jean Burgess | System, method, and apparatus for data, data structure, or encryption cognition incorporating autonomous security protection |
| US11263328B2 (en) * | 2018-09-13 | 2022-03-01 | Vmware, Inc. | Encrypted log aggregation |
-
2023
- 2023-12-25 CN CN202311786852.3A patent/CN117454410B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112287390A (en) * | 2020-10-23 | 2021-01-29 | 杭州数梦工场科技有限公司 | Self-adaptive baseline adjusting method and device |
| CN116155923A (en) * | 2022-12-19 | 2023-05-23 | 江苏中博通信有限公司 | Intelligent bid-inviting big data cloud storage system and method |
| CN116644468A (en) * | 2023-05-12 | 2023-08-25 | 淮南矿业(集团)有限责任公司煤业分公司 | Intelligent information storage system for fault monitoring of mine ventilator |
| CN116644437A (en) * | 2023-06-14 | 2023-08-25 | 中国联合网络通信集团有限公司 | Data security assessment method, device and storage medium |
Non-Patent Citations (2)
| Title |
|---|
| 属性感知的MCS任务分配与隐私保护协同机制;杨鹏;吴其明;;华南理工大学学报(自然科学版);20200815(第08期);全文 * |
| 移动群智感知中用户隐私度量与隐私保护研究;马蓉;陈秀华;刘慧;熊金波;;信息网络安全;20180810(第08期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117454410A (en) | 2024-01-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN117454410B (en) | Enterprise knowledge brain data storage method based on privacy calculation | |
| Templ et al. | Statistical disclosure control for micro-data using the R package sdcMicro | |
| Awal et al. | Using linear regression to forecast future trends in crime of Bangladesh | |
| JP2021504789A (en) | ESG-based corporate evaluation execution device and its operation method | |
| CN113095927B (en) | Method and equipment for identifying suspected transactions of backwashing money | |
| US20110078141A1 (en) | Database and Method for Evaluating Data Therefrom | |
| Ma et al. | A hybrid methodologies for intrusion detection based deep neural network with support vector machine and clustering technique | |
| CN102648467B (en) | Database and method for evaluating the data from database | |
| WO2019200742A1 (en) | Short-term profit prediction method, apparatus, computer device, and storage medium | |
| Kotenko et al. | Parallelization of security event correlation based on accounting of event type links | |
| CN116034379A (en) | Activity level measurement using deep learning and machine learning | |
| Pristyanto et al. | The effect of feature selection on classification algorithms in credit approval | |
| Chaudhary et al. | Comparative analysis of entropy weight method and c5 classifier for predicting employee churn | |
| Sönmez et al. | Anomaly detection using data mining methods in it systems: a decision support application | |
| Otoom | Abmj: An ensemble model for risk prediction in software requirements | |
| Banirostam et al. | A model to detect the fraud of electronic payment card transactions based on stream processing in big data | |
| Marella et al. | Detecting fraudulent credit card transactions using outlier detection | |
| Singh et al. | Detecting intrusive transactions in databases using partially-ordered sequential rule mining and fractional-distance based anomaly detection | |
| Liu | Design of XGBoost prediction model for financial operation fraud of listed companies | |
| CN113095604B (en) | Fusion method, device and equipment of product data and storage medium | |
| Marwah et al. | Lung Cancer Survivability prediction with Recursive Feature Elimination using Random Forest and Ensemble Classifiers | |
| Al-Janabi | A novel agent-DKGBM predictor for business intelligence and analytics toward enterprise data discovery | |
| Al Abid et al. | Simplified Novel Approach for Accurate Employee Churn Categorization using MCDM, De-Pareto Principle Approach, and Machine Learning | |
| Xu et al. | Logistics Supply Chain Network Risk Prediction Model Based on Intelligent Random Forest Model | |
| Tatarinova et al. | Constructing a Model for the Dynamic Evaluation of Vulnerability in Software Based on Public Sources |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |