CN117478437B - Data sharing method, device, equipment and storage medium - Google Patents

Data sharing method, device, equipment and storage medium Download PDF

Info

Publication number
CN117478437B
CN117478437B CN202311825152.0A CN202311825152A CN117478437B CN 117478437 B CN117478437 B CN 117478437B CN 202311825152 A CN202311825152 A CN 202311825152A CN 117478437 B CN117478437 B CN 117478437B
Authority
CN
China
Prior art keywords
data
encryption
decryption
data sharing
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202311825152.0A
Other languages
Chinese (zh)
Other versions
CN117478437A (en
Inventor
张旭
孙华锦
胡雷钧
王小伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Suzhou Metabrain Intelligent Technology Co Ltd
Original Assignee
Suzhou Metabrain Intelligent Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou Metabrain Intelligent Technology Co Ltd filed Critical Suzhou Metabrain Intelligent Technology Co Ltd
Priority to CN202311825152.0A priority Critical patent/CN117478437B/en
Publication of CN117478437A publication Critical patent/CN117478437A/en
Application granted granted Critical
Publication of CN117478437B publication Critical patent/CN117478437B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of data security, and discloses a data sharing method, a device, equipment and a storage medium, which are applied to target data sharing equipment in a data sharing cluster, wherein first shared data are stored in the target data sharing equipment, and the method comprises the following steps: acquiring cluster information of a data sharing cluster, wherein the cluster information comprises communication information and encryption and decryption information of each data sharing device; generating a first encryption key based on the encryption and decryption information; encrypting the first shared data based on the first encryption key to obtain first encrypted data; acquiring other data sharing devices which are communicated with the target data sharing device based on the communication information; the first encrypted data is sent to other data sharing equipment, so that the other data sharing equipment can gather the first encrypted data and the stored second shared data and update the first encrypted data in an iterative manner after decrypting the first encrypted data based on encryption and decryption information; the invention can perform data sharing and aggregation among data sharing devices on the basis of protecting data security.

Description

Data sharing method, device, equipment and storage medium
Technical Field
The present invention relates to the field of data security technologies, and in particular, to a data sharing method, device, equipment, and storage medium.
Background
With the advent of the internet and the big data age, the demands of various fields for artificial intelligence performance are also continuously increasing. To improve data processing, computing, and storage efficiency, data sharing clustered distributed online machine learning has evolved. However, in the process of data sharing and aggregation of the data sharing cluster, the aggregated data information is exposed in the cluster and is easily stolen by a snooper. Therefore, how to share data under the condition of protecting data security becomes a problem to be solved in industry.
Disclosure of Invention
In view of the above, the present invention provides a data sharing method, apparatus, device and storage medium, so as to solve the problem that in the existing data sharing cluster, in the process of data sharing and aggregation, the aggregated data information is exposed in the cluster and is easily stolen by a snooper.
In a first aspect, the present invention provides a data sharing method, applied to a target data sharing device in a data sharing cluster, where the target data sharing device stores first shared data, the method includes: acquiring cluster information of the data sharing cluster, wherein the cluster information comprises communication information and encryption and decryption information of each data sharing device, and the communication information is used for representing communication relations among the data sharing devices in the data sharing cluster; generating a first encryption key based on the encryption and decryption information; encrypting the first shared data based on the first encryption key to obtain first encrypted data; acquiring other data sharing devices which are communicated with the target data sharing device based on the communication information; and sending the first encrypted data to the other data sharing equipment so that the other data sharing equipment can acquire second aggregation data by aggregating the first encrypted data and the stored second shared data after decrypting the first encrypted data based on the encryption and decryption information, and carrying out iterative updating on the second aggregation data based on a target aggregation value. Through the process, data sharing and aggregation among the data sharing devices can be performed on the basis of protecting user data security, and therefore consistency and reliability of data aggregation of each data sharing device in the data sharing cluster are improved.
In some optional embodiments, the encryption and decryption information includes an environment parameter and a first encryption key value and a second encryption key value of the target data sharing device at a target time, where the environment parameter includes an initial value and a number of iterations, and the first encryption key is obtained after the initial value and the first encryption key value and the second encryption key value of the target data sharing device at the target time are updated based on the number of iterations.
In some optional embodiments, the generating a first encryption key based on the encryption and decryption information includes:
acquiring a first encryption key value and a second encryption key value of the target data sharing equipment at a target moment, wherein the value range of the first encryption key value and the second encryption key value is more than 0 and less than 1;
generating a first encryption key stream based on the first encryption key value and the environmental parameter;
generating a second encryption key stream based on the second encryption key value and the environmental parameter;
the first encryption key is generated based on the first encryption key stream and the second encryption key stream.
In some optional embodiments, the generating the first encryption key stream based on the first encryption key value and the environmental parameter includes:
Obtaining a first encryption parameter based on the product of the first encryption key value and the initial value;
subtracting the first encryption key value from 1 to obtain a second encryption parameter;
and iteratively updating the product of the first encryption parameter and the second encryption parameter based on the iteration times to obtain the first encryption key stream.
In some optional embodiments, the generating the model of the first encryption key stream based on the first encryption key value and the environmental parameter is:
wherein,the value range is 3.57-4 for the initial value corresponding to the first encryption key value; />For the first encryption key stream->For the number of iterations, the value range is more than 0 and less than 1.
In some alternative embodiments, generating a second encryption key stream based on the second encryption key value and the environmental parameter includes:
obtaining a third encryption parameter based on the product of the second encryption key value and the initial value;
subtracting the second encryption key value from 1 to obtain a fourth encryption parameter;
and iteratively updating the product of the third encryption parameter and the fourth encryption parameter based on the iteration times to obtain the second encryption key stream.
In some optional embodiments, the generating the model of the second encryption key stream based on the second encryption key value and the environmental parameter is:
wherein,the value range is 3.57-4 for the initial value corresponding to the second encryption key value; />For the second encryption key stream->For the number of iterations, the value range is more than 0 and less than 1.
In some alternative embodiments, generating the first encryption key based on the first encryption key stream and the second encryption key stream includes:
acquiring a first key stream weight of the first encryption key stream and a second key stream weight of the second encryption key stream;
and fusing the first encryption key stream and the second encryption key stream based on the first key stream weight and the second key stream weight to obtain the first encryption key.
In some optional embodiments, the sending the first encrypted data to the other data sharing device further includes:
acquiring second encrypted data sent by the other data sharing devices;
generating a first decryption key based on the encryption and decryption information;
decrypting the second encrypted data based on the first decryption key to obtain second shared data shared by the other data sharing devices;
And aggregating the first shared data and the second shared data to obtain first aggregated data.
In some optional embodiments, after aggregating the first shared data with the second shared data to obtain first aggregated data, the method further includes:
acquiring a target aggregation value of the data sharing cluster;
iteratively updating the aggregation data based on the target aggregation value to obtain updated aggregation data;
and if the updated aggregate data is in the range corresponding to the target aggregate value, determining that the updated aggregate data is the target shared data of the target data sharing device.
In some optional embodiments, the encryption and decryption information further includes a first decryption key value and a second decryption key value of the target data sharing device at a target time, and generating the first decryption key based on the encryption and decryption information includes:
acquiring a third decryption key value and a fourth decryption key value of the other data sharing equipment at a target moment;
correspondingly comparing the third decryption key value and the fourth decryption key value with the first decryption key value and the second decryption key value to obtain a comparison result;
And generating the first decryption key based on the comparison result and the environment parameter.
In some optional embodiments, the generating the first decryption key based on the comparison result and the environmental parameter includes:
when the comparison result represents that the third decryption key value and the fourth decryption key value are the same as the first decryption key value and the second decryption key value, generating a first decryption key stream based on the first decryption key value and the environment parameter;
generating a second decryption key stream based on the second decryption key value and the environmental parameter;
the first decryption key is generated based on the first decryption key stream and the second decryption key stream.
In some optional embodiments, the generating the first decryption key stream based on the first decryption key value and the environmental parameter includes:
obtaining a first decryption parameter based on the product of the first decryption key value and the initial value;
subtracting the first decryption key value from 1 to obtain a second decryption parameter;
and iteratively updating the product of the first decryption parameter and the second decryption parameter based on the iteration times to obtain the first decryption key stream.
In some optional embodiments, the generating a second decryption key stream based on the second decryption key value and the environmental parameter includes:
obtaining a third decryption parameter based on the product of the second decryption key value and the initial value;
subtracting the second decryption key value from 1 to obtain a fourth decryption parameter;
and iteratively updating the product of the third decryption parameter and the fourth decryption parameter based on the iteration times to obtain the second decryption key stream.
In some optional embodiments, the generating the first decryption key based on the first decryption key stream and the second decryption key stream includes:
acquiring a first key stream weight of the first decryption key stream and a second key stream weight of the second decryption key stream;
and fusing the first decryption key stream and the second decryption key stream based on the first key stream weight and the second key stream weight to obtain the first decryption key.
In some optional embodiments, the acquiring the first shared data includes:
receiving local prediction data uploaded by a plurality of connected working machines, wherein the local prediction data is calculated by the working machines based on a target training set and a kernel function, and the target training set is determined by stream data received by the working machines and a stored local training set;
And aggregating a plurality of the local prediction data to obtain the first shared data.
In some optional embodiments, the aggregating the first shared data with the second shared data to obtain first aggregated data includes:
acquiring a first sharing weight of the first sharing data and a second sharing weight of the second sharing data;
and aggregating the first shared data and the second shared data based on the first shared weight and the second shared weight to obtain the first aggregated data.
In a second aspect, the present invention provides a data sharing apparatus, the apparatus mainly comprising: the device comprises an information acquisition module, a key generation module, a data encryption module, a device acquisition module and a data sharing module; the information acquisition module is used for acquiring cluster information of a data sharing cluster, wherein the cluster information comprises communication information and encryption and decryption information of each data sharing device, and the communication information is used for representing communication relations among the data sharing devices in the data sharing cluster; the key generation module is used for generating a first encryption key based on the encryption and decryption information; the data encryption module is used for encrypting the first shared data based on the first encryption key to obtain first encrypted data; the device acquisition module is used for acquiring other data sharing devices which are communicated with the target data sharing device based on the communication information; and the data sharing module is used for sending the first encrypted data to the other data sharing equipment so that the other data sharing equipment decrypts the first encrypted data based on the encryption and decryption information and aggregates the first encrypted data with the stored second shared data to obtain second aggregated data, and iteratively updates the second aggregated data based on a target aggregation value. Through the process, data sharing and aggregation among the data sharing devices can be performed on the basis of protecting user data security, and therefore consistency and reliability of data aggregation of each data sharing device in the data sharing cluster are improved.
In a third aspect, the present invention provides a computer device comprising: the data sharing method comprises the steps of storing computer instructions in a memory and a processor, wherein the memory and the processor are in communication connection, and the processor executes the computer instructions, so that the data sharing method of the first aspect or any corresponding implementation mode is executed.
In a fourth aspect, the present invention provides a computer-readable storage medium having stored thereon computer instructions for causing a computer to perform the data sharing method of the first aspect or any of its corresponding embodiments.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the description of the embodiments or the prior art will be briefly described, and it is obvious that the drawings in the description below are some embodiments of the present invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic illustration of an application environment of an embodiment of the present invention;
FIG. 2 is a flow chart of a data sharing method according to an embodiment of the present invention;
FIG. 3 is a flow chart of another data sharing method according to an embodiment of the present invention;
FIG. 4 is a flow chart of a method of sharing data according to an embodiment of the present invention;
FIG. 5 is a flow chart of a method for sharing data according to an embodiment of the present invention;
FIG. 6 is a block diagram of a data sharing device according to an embodiment of the present invention;
fig. 7 is a schematic diagram of a hardware structure of a computer device according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The terms first and second in the description and claims of the invention and in the above-mentioned figures are used for distinguishing between different objects and not for describing a particular sequential order. Furthermore, the term "include" and any variations thereof is intended to cover non-exclusive protection. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed steps or elements but may include other steps or elements not listed or inherent to such process, method, article, or apparatus. The term "plurality" in the present invention may mean at least two, for example, two, three or more, and embodiments of the present invention are not limited.
Referring to fig. 1, fig. 1 is a schematic diagram of an application environment according to an embodiment of the present invention, where a data sharing cluster of the schematic diagram includes a working machine, and the working machine may include a processor and a memory. The plurality of work machines may be communicatively coupled via a network to corresponding data sharing devices that may be used to provide services (e.g., data sharing services, etc.) for computing programs installed on the clients, and databases may be provided on or independent of the data sharing devices for providing data storage services for the data sharing devices. The data sharing devices can communicate with each other, namely, the working machines in the data sharing cluster are grouped, and each group of working machines is provided with a data sharing device for local prediction aggregation; the layout of the data sharing devices is sparse, and the data sharing devices form a complete graph; that is, the target shared data obtained by aggregation of one data sharing device can be communicated with other data sharing devices. In addition, a processing engine may be run in the data sharing device, which may be used to perform the steps performed by the data sharing device.
Specifically, assume that there is an array office sharing clusterWork machine, and will->The average of the working machines is ∈>A group. In practice, the work machines may not be distributed equally, and for convenience of description, it is assumed that users in the cloud server network are distributed equally, so each group contains +.>And a working machine. For each group->A working machine is equipped with a data sharing device, so a data sharing device and +.>The working machines form a data sharing subsystem; while different data sharing devices construct a sparse cloud server network, each working machine and other different data sharing devicesWith the transmission of information therebetween. Defining a data sharing cluster as +.>Wherein->Is composed of->A set of individual data sharing devices, +.>Is a directed set of edges that connect individual data sharing devices. />Is a weight matrix and wherein the elements are +.>. Whereas for any data sharing device +.>All working machines coordinated therewithWe define the working machine set +.>Make->. We use three data sharing devices (such as data sharing device 1, data sharing device 2 and data sharing device 3) and 300 working machines (such as working machine 1, working machine 2 … … working machine 300), i.e. +. >,/>
Alternatively, the working machine may be, but not limited to, a terminal capable of calculating data, such as a mobile terminal (e.g., tablet computer), a notebook computer, a PC (Personal Computer ) or the like, and the network may include, but is not limited to: wide area networks, metropolitan area networks, local area networks, and the like. The data sharing device may include, but is not limited to, any hardware device that may perform a calculation.
In addition, in this embodiment, the above-mentioned data sharing method may be applied, but not limited to, to an independent processing device with a relatively high processing capability, without performing data interaction. For example, the processing device may be, but is not limited to, a more processing-capable terminal device, i.e., the various operations of the data sharing method described above may be integrated into a single processing device. The above is merely an example, and is not limited in any way in the present embodiment.
According to an embodiment of the present invention, there is provided a data sharing method embodiment, it being noted that the steps shown in the flowcharts of the figures may be performed in a computer system such as a set of computer executable instructions, and although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that herein.
In this embodiment, a data sharing method is provided, which may be used in the target data sharing device in the data sharing cluster, where the target data sharing device stores first shared data, and fig. 2 is a flowchart of the data sharing method according to an embodiment of the present invention, as shown in fig. 2, where the flowchart includes the following steps:
step S201, obtaining cluster information of a data sharing cluster, where the cluster information includes communication information and encryption and decryption information of each data sharing device.
The communication information is used for representing the communication relation between each data sharing device in the data sharing cluster and the communication relation between each data sharing device and the corresponding multiple working machines.
As described above, by acquiring the cluster information of the data cluster, the target data sharing device acquires the device information of the other data sharing devices connected with the target data sharing device based on the communication relationship of each data sharing device in the cluster information, and encrypts and shares the stored first shared data of the target data sharing device based on the encryption information.
In some alternative embodiments, the communication information between the data sharing devices and the corresponding multiple working machines is obtained through the cluster information of the data sharing cluster. Based on the communication information between the data sharing devices, device information of other data sharing devices connected with the target data sharing device, working machine information corresponding to the target data sharing device, and working machine information corresponding to the other data sharing devices can be obtained. And receiving the local prediction data uploaded by the connected multiple working machines through the target data sharing equipment, and aggregating the multiple local prediction data to obtain first shared data. Similarly, the other data sharing devices receive the local prediction data uploaded by the connected multiple working machines, and aggregate the multiple local prediction data to obtain second shared data.
The local prediction data is calculated by the working machine based on a target training set and a kernel function, wherein the target training set is determined by stream data received by the working machine and the stored local training set. For any working machine, when the working machine receives corresponding stream data at the current moment, traversing the local training set to obtain the data distance between the stream data and each local training data in the local training set; then, based on the stream data and the data distance, such as Min distance and Manhattan distance, of each local training data in the local training set, a data distance list is generated, each data distance in the data distance list is ordered, and the data with the minimum target data distance is selected to form a target training set; and then, calculating Gaussian posterior probability distribution on the target training set through a kernel function, thereby obtaining local prediction data of the current working machine.
In some optional embodiments, when the plurality of local prediction data are aggregated to obtain the first shared data, the first local prediction data set and the first calculation weight set may be obtained based on the local prediction data uploaded by the plurality of working machines and the corresponding first calculation weights; the first global prediction data is determined based on the first local prediction data set and the first computational weight set. The first calculation weight is the weight occupied by each working machine in the corresponding target data sharing equipment, and the importance degree of each working machine in the corresponding target data sharing equipment is determined.
Wherein the first local prediction data set includes a first local prediction expected set and a first local prediction Fang Chaji, and the first calculated weight set includes a first local prediction expected weight set corresponding to the first local prediction expected set and a first local prediction variance weight set corresponding to the first local prediction variance set. When determining the first shared data based on the first local prediction data set and the first calculation weight set, the first shared expected set may be determined based on the local prediction data in the first local prediction expected set and the local prediction expected weight corresponding to the first local prediction expected set; determining a first shared variance set based on local prediction variances in the first local prediction variance set and local prediction variance weights corresponding to the first local prediction variance weight set; the first shared data is determined based on the first global expected set and the first global difference set.
In some optional embodiments, when determining the first shared data of the target data sharing device based on the first global expected set and the first global variance set, a weighted average calculation may be performed on a plurality of local prediction expected in the first global expected set to obtain a first global expected; performing weighted average calculation on a plurality of local prediction variances in the first global variance set to obtain a first global variance; first shared data of the target data sharing device is determined based on the first global expectation and the first global variance. The calculation of the second shared data is the same as the method for obtaining the first shared data, which is not described herein.
Step S202, a first encryption key is generated based on the encryption and decryption information.
As described above, by generating the first encryption key based on the encryption and decryption information, encryption sharing of the first shared data based on the first encryption key is facilitated.
In some optional embodiments, the encryption and decryption information includes an environment parameter and a first encryption key value and a second encryption key value of the target data sharing device at the target time, the environment parameter includes an initial value and an iteration number, and the first encryption key is obtained after the initial value and the first encryption key value and the second encryption key value of the target data sharing device at the target time are updated based on the iteration number.
In some alternative embodiments, when the first encryption key is generated based on the encryption and decryption information, the first encryption key value and the second encryption key value at the target time may be generated based on the environmental parameter and the target data sharing device.
Specifically, a first encryption key value and a second encryption key value of the target data sharing device at a target time may be obtained first, a first encryption key stream is generated based on the first encryption key value and an environmental parameter, a second encryption key stream is generated based on the second encryption key value and the environmental parameter, and then a first encryption key is generated based on the first encryption key stream and the second encryption key stream. The first encryption key value and the second encryption key value are iteratively updated based on the environment parameters, so that the reliability of generation of the first encryption key stream and the second encryption key stream is guaranteed, meanwhile, the first encryption key is generated based on the first encryption key stream and the second encryption key stream, the reliability of the key is further improved, and a necessary condition is provided for encryption sharing of the first shared data through generation of the first encryption key.
In step S203, the first shared data is encrypted based on the first encryption key, so as to obtain first encrypted data.
As described above, the first shared data is encrypted based on the first encryption key, thereby ensuring the reliability of the sharing of the first shared data.
In some alternative embodiments, the first encryption key and the first shared data may be input into a target encryption model, thereby obtaining first encrypted data. The data encryption model is a chaotic encryption model.
In some alternative embodiments, the first encrypted data may be obtained based on a product of the target constant and the first shared data, the target constant value may be obtained based on a subtraction of 1 from the target constant, and then the first encrypted value may be obtained based on a product of the target constant value and the first encryption key and the first encrypted value. Wherein, the value of the target constant is 0.01. Alternatively, in other implementations, the target constant may have a value ranging from 0.01 to 0.06.
Step S204, other data sharing devices that communicate with the target data sharing device are acquired based on the communication information.
As described above, by acquiring the other data sharing device in communication with the target data sharing device based on the communication information, the target data sharing device is facilitated to feed back its own first encrypted data to the other data sharing device.
In some optional embodiments, when acquiring other data sharing devices communicating with the target data sharing device based on the communication information, the position information of the target data sharing device in the communication diagram may be acquired, other management nodes sending data to the target data sharing device are determined based on the position information of the target data sharing device in the communication diagram, and the object proximity set is obtained based on the other management nodes sending data to the target data sharing device; and taking the data sent by each data sharing device in the object adjacent set as second shared data. Wherein the communication graph may be a communication directed graph.
Step S205, the first encrypted data is sent to other data sharing devices, so that the other data sharing devices can acquire second aggregated data by aggregating the first encrypted data and stored second shared data after decrypting the first encrypted data based on encryption and decryption information, and the second aggregated data is updated iteratively based on a target aggregation value.
As described above, the first encrypted data is sent to the other data sharing devices, so that the other data sharing devices acquire second aggregated data by aggregating the first encrypted data and the stored second shared data after decrypting the first encrypted data based on the encryption and decryption information, and the second aggregated data is iteratively updated based on the target aggregated value, so that the data sharing security of each data sharing device in the data sharing cluster is improved, and the data consistency among each data sharing device in the data sharing cluster is improved.
In some optional embodiments, when the target data sharing device encrypts the first shared data and sends the encrypted first shared data to other data sharing devices in communication with the target data sharing device, because the other data sharing devices also store encryption and decryption information at a target time, when the other data sharing devices receive the first encrypted data sent by the target data sharing device, the other data sharing devices can determine the encryption and decryption information for decrypting the first encrypted data at the target time based on the encryption time of the first encrypted data, decrypt the first shared data from the first encrypted data based on the encryption and decryption information, and meanwhile, because the other data sharing devices store the second shared data, when the other data sharing devices decrypt the first shared data sent by the target data sharing device, the other data sharing devices aggregate the first shared data with the second shared data stored by the other data sharing devices to obtain the second aggregated data, and iteratively update the second aggregated data based on the target aggregated value.
In some alternative embodiments, the first shared data and the second shared data may be weighted averaged when the first shared data and the second shared data are aggregated.
In some optional embodiments, when the first shared data and the second shared data are aggregated to obtain first aggregated data, a first shared weight of the first shared data and a second shared weight of the second shared data may be obtained; and aggregating the first shared data and the second shared data based on the first shared weight and the second shared weight to obtain the first aggregated data.
According to the data sharing method provided by the embodiment, firstly, disk information of a target encrypted disk and a target data access password are acquired so as to finish issuing authorized access to a target data access port based on the disk information of the target encrypted disk; generating a first decryption key based on the administrator password to decrypt the storage master key from the first ciphertext, thereby providing necessary conditions for registration and authorization of the target data access password; when the stored key abstract is the same as the original stored key abstract, generating a second encryption key based on the target data access password to encrypt the stored master key to obtain a second ciphertext, and storing the second ciphertext into the target encryption disk, thereby completing the authorization of the target data access password and providing necessary conditions for reading decrypted data through the target data access password in the later period; if the received access instruction carries the target data access password, decrypting the second ciphertext based on the carried target data access password to obtain a storage master key, so that the encryption writing and decryption reading of the target data are realized according to the storage master key; the first encrypted data is sent to other data sharing devices, so that the other data sharing devices acquire second aggregated data by aggregating the first encrypted data and stored second shared data after decrypting the first encrypted data based on encryption and decryption information, and the second aggregated data is iteratively updated based on a target aggregation value, thereby improving the data sharing safety of each data sharing device in the data sharing cluster and improving the data consistency among each data sharing device in the data sharing cluster. Therefore, the invention can carry out data sharing and aggregation among the data sharing devices on the basis of protecting the data security of the user, and avoids the situation that aggregated data information is exposed in the cluster and is easily stolen by a snooper in the process of carrying out data sharing and aggregation on the data sharing cluster, thereby improving the consistency and reliability of carrying out data aggregation on each data sharing device in the data sharing cluster.
In this embodiment, a data sharing method is provided, which may be used in the target data sharing device in the data sharing cluster, where the target data sharing device stores first shared data, and fig. 3 is a flowchart of the data sharing method according to the embodiment of the present invention, as shown in fig. 3, where the flowchart includes the following steps:
step S301, cluster information of a data sharing cluster is acquired, where the cluster information includes communication information and encryption and decryption information of each data sharing device.
The communication information is used for representing the communication relation between each data sharing device in the data sharing cluster and the communication relation between each data sharing device and the corresponding multiple working machines.
As described above, by acquiring the cluster information of the data cluster, the target data sharing device acquires the device information of the other data sharing devices connected with the target data sharing device based on the communication relationship of each data sharing device in the cluster information, and encrypts and shares the stored first shared data of the target data sharing device based on the encryption information.
Please refer to step S201 in the embodiment shown in fig. 2 in detail, which is not described herein.
Step S302, a first encryption key is generated based on the encryption and decryption information.
As described above, by generating the first encryption key based on the encryption and decryption information, encryption sharing of the first shared data based on the first encryption key is facilitated.
Specifically, the step S302 includes:
in step S3021, a first encryption key value and a second encryption key value of the target data sharing apparatus at a target time are obtained.
The range of the first encryption key value and the second encryption key value is more than 0 and less than 1.
As described above, the first encryption key value and the second encryption key value of the target data sharing device at the target time are acquired, so that the corresponding first encryption key stream and second encryption key stream are generated based on the first encryption key value and the second encryption key value.
In some optional embodiments, the first encryption key value and the second encryption key value of the target data sharing device at the target moment may be two random numbers generated based on a random number generation model, or may be character values of two data sharing passwords selected by a user, which is not limited herein.
In step S3022, a first encryption key stream is generated based on the first encryption key value and the environmental parameter.
As described above, the generation of the initial encryption key stream based on the first encryption key stream is facilitated by generating the first encryption key stream based on the first encryption key value and the environmental parameter.
In some optional embodiments, when the first encryption key stream is generated based on the first encryption key value and the environment parameter, the first encryption parameter may be obtained based on a product of the first encryption key value and the initial value; obtaining a second encryption parameter based on subtracting the first encryption key value from 1; and carrying out iterative updating on the product of the first encryption parameter and the second encryption parameter based on the iterative times to obtain a first encryption key stream.
Specifically, the model for generating the first encryption key stream based on the first encryption key value and the environmental parameter is as follows:
wherein,the value range is 3.57-4 for the initial value corresponding to the first encryption key value, namely the first initial value;for the first encryption key stream->For the number of iterations, the value range is more than 0 and less than 1.
In step S3023, a second encryption key stream is generated based on the second encryption key value and the environmental parameter.
As above, the generation of the initial encryption key stream based on the second encryption key stream is facilitated by generating the second encryption key stream based on the second encryption key value and the environmental parameter.
In some optional embodiments, when the second encryption key stream is generated based on the second encryption key value and the environmental parameter, the third encryption parameter may be obtained based on a product of the second encryption key value and the initial value; obtaining a fourth encryption parameter based on subtracting the second encryption key value from 1; and carrying out iterative updating on the product of the third encryption parameter and the fourth encryption parameter based on the iterative times to obtain a second encryption key stream.
Specifically, the model for generating the second encryption key stream based on the second encryption key value and the environmental parameter is:
wherein,the value range is 3.57-4 for the initial value corresponding to the second encryption key value, namely the second initial value;for the second encryption key stream->For the number of iterations, the value range is more than 0 and less than 1.
In some alternative embodiments, the initial value corresponding to the first encryption key value may be the same as or different from the initial value corresponding to the second encryption key value. Similarly, the first encryption key value may be the same as or different from the second encryption key value. The user can make a determination according to the needs.
In step S3024, a first encryption key is generated based on the first encryption key stream and the second encryption key stream.
As described above, the first encryption key is generated based on the first encryption key stream and the second encryption key stream, so that the first shared data is encrypted based on the first encryption key, and the security of data sharing is ensured.
In some alternative embodiments, when the first encryption key is generated based on the first encryption key stream and the second encryption key stream, the first encryption key stream and the second encryption key stream may be subjected to linear combination operation to obtain the first encryption key.
Performing linear combination operation on the first encryption key stream and the second encryption key stream to obtain a formula of the first encryption key:
wherein,for the first encryption key->For the number of iterations->For the first linear coefficient +.>Is a second linear coefficient; />For a first encryption key stream; />Is the second encryption key stream.
In some alternative embodiments, when the first encryption key stream and the second encryption key stream are subjected to linear combination operation to obtain the first encryption key, the first key stream weight of the first encryption key stream and the second key stream weight of the second encryption key stream may be obtained first, and then the first encryption key may be obtained based on the product of the first encryption key stream and the first key stream weight and the product of the second encryption key stream and the second key stream weight. The first encryption key is obtained based on the product of the first encryption key stream and the first key stream weight plus the product of the second encryption key stream and the second key stream weight.
Step S303, encrypt the first shared data based on the first encryption key, get the first encrypted data.
As described above, the first shared data is encrypted based on the first encryption key, thereby ensuring the reliability of the sharing of the first shared data.
In some alternative embodiments, the first encrypted data may be obtained based on a product of the target constant and the first shared data, the target constant value may be obtained based on a subtraction of 1 from the target constant, and then the first encrypted value may be obtained based on a product of the target constant value and the first encryption key and the first encrypted value. Wherein, the value of the target constant is 0.01. Alternatively, in other implementations, the target constant may have a value ranging from 0.01 to 0.06.
The encryption model for acquiring the first encrypted data is as follows:
wherein,for the first encrypted data->For the first shared data to be used,ifor the numbering of the data sharing devices,sis a target constant.
Specifically, since the first shared data includes a first global expectation and a first global variance. Therefore, when encrypting the first shared data, the first global expectation and the first global variance can be respectively encrypted based on the encryption model of the first encrypted data, so as to obtain the first encrypted data. The first global expectation and the first global variance may also be taken as a whole, i.e. the first shared data, which is then encrypted based on an encryption model of the first encrypted data.
Step S304, other data sharing devices that communicate with the target data sharing device are acquired based on the communication information.
As described above, by acquiring the other data sharing device in communication with the target data sharing device based on the communication information, the target data sharing device is facilitated to feed back its own first encrypted data to the other data sharing device.
Please refer to step S204 in the embodiment shown in fig. 2 in detail, which is not described herein.
Step S305, the first encrypted data is sent to other data sharing devices, so that the other data sharing devices can obtain second aggregated data by aggregating the first encrypted data and the stored second shared data after decrypting the first encrypted data based on the encryption and decryption information, and iteratively update the second aggregated data based on the target aggregation value.
As described above, the first encrypted data is sent to the other data sharing devices, so that the other data sharing devices acquire second aggregated data by aggregating the first encrypted data and the stored second shared data after decrypting the first encrypted data based on the encryption and decryption information, and the second aggregated data is iteratively updated based on the target aggregated value, so that the data sharing security of each data sharing device in the data sharing cluster is improved, and the data consistency among each data sharing device in the data sharing cluster is improved.
Please refer to step S205 in the embodiment shown in fig. 2 in detail, which is not described herein.
According to the data sharing method provided by the embodiment, firstly, disk information of a target encrypted disk and a target data access password are acquired so as to finish issuing authorized access to a target data access port based on the disk information of the target encrypted disk; generating a first decryption key based on the administrator password to decrypt the storage master key from the first ciphertext, thereby providing necessary conditions for registration and authorization of the target data access password; when the stored key abstract is the same as the original stored key abstract, generating a second encryption key based on the target data access password to encrypt the stored master key to obtain a second ciphertext, and storing the second ciphertext into the target encryption disk, thereby completing the authorization of the target data access password and providing necessary conditions for reading decrypted data through the target data access password in the later period; if the received access instruction carries the target data access password, decrypting the second ciphertext based on the carried target data access password to obtain a storage master key, so that the encryption writing and decryption reading of the target data are realized according to the storage master key; the first encrypted data is sent to other data sharing devices, so that the other data sharing devices acquire second aggregated data by aggregating the first encrypted data and stored second shared data after decrypting the first encrypted data based on encryption and decryption information, and the second aggregated data is iteratively updated based on a target aggregation value, thereby improving the data sharing safety of each data sharing device in the data sharing cluster and improving the data consistency among each data sharing device in the data sharing cluster. Therefore, the invention can carry out data sharing and aggregation among the data sharing devices on the basis of protecting the data security of the user, and avoids the situation that aggregated data information is exposed in the cluster and is easily stolen by a snooper in the process of carrying out data sharing and aggregation on the data sharing cluster, thereby improving the consistency and reliability of carrying out data aggregation on each data sharing device in the data sharing cluster.
In this embodiment, a data sharing method is provided, which may be used in the target data sharing device in the data sharing cluster, where the target data sharing device stores first shared data, and fig. 4 is a flowchart of the data sharing method according to the embodiment of the present invention, as shown in fig. 4, where the flowchart includes the following steps:
step S401, acquiring cluster information of a data sharing cluster, where the cluster information includes communication information and encryption and decryption information of each data sharing device.
The communication information is used for representing the communication relation between each data sharing device in the data sharing cluster and the communication relation between each data sharing device and the corresponding multiple working machines.
As described above, by acquiring the cluster information of the data cluster, the target data sharing device acquires the device information of the other data sharing devices connected with the target data sharing device based on the communication relationship of each data sharing device in the cluster information, and encrypts and shares the stored first shared data of the target data sharing device based on the encryption information.
Please refer to step S201 in the embodiment shown in fig. 2 in detail, which is not described herein.
Step S402, a first encryption key is generated based on the encryption and decryption information.
As described above, by generating the first encryption key based on the encryption and decryption information, encryption sharing of the first shared data based on the first encryption key is facilitated.
Please refer to step S302 in the embodiment shown in fig. 3 in detail, which is not described herein.
Step S403, encrypt the first shared data based on the first encryption key to obtain first encrypted data.
As described above, the first shared data is encrypted based on the first encryption key, thereby ensuring the reliability of the sharing of the first shared data.
Please refer to step S203 in the embodiment shown in fig. 2 in detail, which is not described herein.
Step S404, other data sharing devices that communicate with the target data sharing device are acquired based on the communication information.
As described above, by acquiring the other data sharing device in communication with the target data sharing device based on the communication information, the target data sharing device is facilitated to feed back its own first encrypted data to the other data sharing device.
Please refer to step S204 in the embodiment shown in fig. 2 in detail, which is not described herein.
Step S405, the first encrypted data is sent to the other data sharing device, and the second encrypted data sent by the other data sharing device is obtained.
As described above, the other data sharing device decrypts the first encrypted data based on the encryption and decryption information and aggregates the first encrypted data with the stored second shared data by transmitting the first encrypted data to the other data sharing device, and decrypts the second encrypted data based on the encryption and decryption information and aggregates the second encrypted data with the stored first shared data by acquiring the second encrypted data transmitted by the other data sharing device.
Step S406, a first decryption key is generated based on the encryption and decryption information.
As described above, the first decryption key is generated based on the encryption and decryption information, so that the second shared data is decrypted and aggregated based on the first decryption key, and the data sharing security of each data sharing device in the data sharing cluster is improved.
Specifically, a first decryption key value and a second decryption key value of the target data sharing device at a target time may be obtained first, a first decryption key stream is generated based on the first decryption key value and an environmental parameter, a second decryption key stream is generated based on the second decryption key value and the environmental parameter, and then a first decryption key is generated based on the first decryption key stream and the second decryption key stream.
Step S407, decrypting the second encrypted data based on the first decryption key to obtain the shared second shared data of the other data sharing devices.
As above, the second encrypted data is decrypted based on the first decryption key so as to obtain the shared second shared data of the other data sharing device.
In some optional embodiments, when the target data sharing device encrypts the first shared data and sends the encrypted first encrypted data to other data sharing devices in communication with the target data sharing device, because the other data sharing devices also store the encryption and decryption information of the target time, when the other data sharing devices receive the first encrypted data sent by the target data sharing device, the other data sharing devices can determine the encryption and decryption information of decrypting the first encrypted data at the target time based on the encryption time of the first encrypted data, decrypt the first shared data from the first encrypted data based on the encryption and decryption information, and meanwhile, because the other data sharing devices store the second shared data, when the other data sharing devices decrypt the first shared data sent by the target data sharing device, the other data sharing devices aggregate the first shared data with the second shared data stored by the other data sharing devices.
In some optional embodiments, when the target data sharing device encrypts and transmits the first shared data of the target data sharing device to other data sharing devices in communication with the target data sharing device, the other data sharing devices connected with the target data sharing device also encrypt and share the second shared data stored by the target data sharing device. At this time, when the target encryption sharing device receives the second encrypted data sent by the other data sharing devices, encryption and decryption information for decrypting the second encrypted data at the target time can be determined based on the encryption time of the second encrypted data, and the second shared data can be decrypted from the second encrypted data based on the encryption and decryption information. Meanwhile, as the first shared data is stored in the target data sharing device, when the target data sharing device decrypts the second shared data sent by other data sharing devices, the second shared data and the first shared data stored by the target data sharing device are aggregated.
In some alternative embodiments, the first decryption key and the second encrypted data may be input into a target decryption model, resulting in the second shared data. The data encryption model is a chaotic encryption model.
In some alternative embodiments, the target constant value may be obtained based on subtracting the target constant from 1, then obtaining the first decryption value based on the product of the first decryption key and the target constant value, and dividing the target constant by the difference between the second encrypted data and the first decryption value to obtain the second shared data. Wherein, the value of the target constant is 0.01. Alternatively, in other implementations, the target constant may have a value ranging from 0.01 to 0.06.
The decryption model for obtaining the second shared data is as follows:
wherein,for the second encrypted data->For the second shared data to be shared by,ifor the numbering of the data sharing devices,sis a target constant.
In step S408, the first shared data and the second shared data are aggregated to obtain aggregated data.
As described above, the first shared data and the second shared data are aggregated to obtain the aggregated data, so as to improve the data sharing security of each data sharing device in the data sharing cluster.
In some optional embodiments, when the first shared data and the second shared data are aggregated, the first shared data and the second shared data may be weighted-averaged to obtain the aggregated data.
In some optional embodiments, when the first shared data and the second shared data are aggregated to obtain first aggregated data, a first shared weight of the first shared data and a second shared weight of the second shared data may be obtained; and aggregating the first shared data and the second shared data based on the first shared weight and the second shared weight to obtain the first aggregated data.
According to the data sharing method provided by the embodiment, firstly, cluster information of a data cluster is acquired so that a target data sharing device can acquire device information of other data sharing devices connected with the target data sharing device based on communication relations of all data sharing devices in the cluster information, and the stored first sharing data is encrypted and shared based on the adding and dissolving information; generating a first encryption key based on encryption and decryption information so as to facilitate encryption sharing of the first shared data based on the first encryption key; the method comprises the steps that other data sharing devices which are communicated with a target data sharing device are obtained based on communication information, so that the target data sharing device can feed first encrypted data of the target data sharing device back to the other data sharing devices; the first encrypted data is sent to other data sharing devices, so that the other data sharing devices decrypt the first encrypted data based on encryption and decryption information and aggregate the first encrypted data with stored second shared data, and the second encrypted data sent by the other data sharing devices is obtained, so that the second encrypted data is decrypted based on encryption and decryption information and aggregate the second encrypted data with stored first shared data; generating a first decryption key based on encryption and decryption information so as to facilitate decryption and aggregation of second shared data based on the first decryption key, thereby improving data sharing security of each data sharing device in the data sharing cluster; decrypting the second encrypted data based on the first decryption key so as to obtain shared second shared data of the other data sharing devices; the first shared data and the second shared data are aggregated to obtain aggregated data, so that the data sharing safety of each data sharing device in the data sharing cluster is improved. Therefore, the invention can carry out data sharing and aggregation among the data sharing devices on the basis of protecting the data security of the user, and avoids the situation that aggregated data information is exposed in the cluster and is easily stolen by a snooper in the process of carrying out data sharing and aggregation on the data sharing cluster, thereby improving the consistency and reliability of carrying out data aggregation on each data sharing device in the data sharing cluster.
In this embodiment, a data sharing method is provided, which may be used in the target data sharing device in the data sharing cluster, where the target data sharing device stores first shared data, and fig. 5 is a flowchart of the data sharing method according to an embodiment of the present invention, as shown in fig. 5, where the flowchart includes the following steps:
in step S501, cluster information of the data sharing cluster is obtained, where the cluster information includes communication information and encryption and decryption information of each data sharing device.
The communication information is used for representing the communication relation between each data sharing device in the data sharing cluster and the communication relation between each data sharing device and the corresponding multiple working machines.
As described above, by acquiring the cluster information of the data cluster, the target data sharing device acquires the device information of the other data sharing devices connected with the target data sharing device based on the communication relationship of each data sharing device in the cluster information, and encrypts and shares the stored first shared data of the target data sharing device based on the encryption information.
Please refer to step S201 in the embodiment shown in fig. 2 in detail, which is not described herein.
Step S502 generates a first encryption key based on the encryption and decryption information.
As described above, by generating the first encryption key based on the encryption and decryption information, encryption sharing of the first shared data based on the first encryption key is facilitated.
Please refer to step S302 in the embodiment shown in fig. 3 in detail, which is not described herein.
In step S503, the first shared data is encrypted based on the first encryption key, so as to obtain first encrypted data.
As described above, the first shared data is encrypted based on the first encryption key, thereby ensuring the reliability of the sharing of the first shared data.
Please refer to step S203 in the embodiment shown in fig. 2 in detail, which is not described herein.
Step S504, other data sharing devices that communicate with the target data sharing device are acquired based on the communication information.
As described above, by acquiring the other data sharing device in communication with the target data sharing device based on the communication information, the target data sharing device is facilitated to feed back its own first encrypted data to the other data sharing device.
Please refer to step S204 in the embodiment shown in fig. 2 in detail, which is not described herein.
In step S505, the first encrypted data is transmitted to the other data sharing device, and the second encrypted data transmitted by the other data sharing device is acquired.
As described above, the other data sharing device decrypts the first encrypted data based on the encryption and decryption information and aggregates the first encrypted data with the stored second shared data by transmitting the first encrypted data to the other data sharing device, and decrypts the second encrypted data based on the encryption and decryption information and aggregates the second encrypted data with the stored first shared data by acquiring the second encrypted data transmitted by the other data sharing device.
Please refer to step S405 in the embodiment shown in fig. 4 in detail, which is not described herein.
Step S506, a first decryption key is generated based on the encrypted and decrypted information.
As described above, the first decryption key is generated based on the encryption and decryption information, so that the second shared data is decrypted and aggregated based on the first decryption key, and the data sharing security of each data sharing device in the data sharing cluster is improved.
In some optional embodiments, the encryption and decryption information further includes an initial decryption key stream corresponding to the initial encryption key stream, and when the first decryption key is generated based on the encryption and decryption information, the first decryption key may be generated based on the environment parameter and the initial decryption key stream.
Specifically, the encryption and decryption information further includes a first decryption key value and a second decryption key value of the target data sharing device at the target time, and step S506 includes:
In step S5061, the third decryption key value and the fourth decryption key value of the other data sharing device at the target time are obtained.
As described above, by acquiring the third decryption key value and the fourth decryption key value of the other data sharing device at the target time, and the first decryption key value and the second decryption key value of the target data sharing device at the target time, it is convenient to determine whether the third decryption key value and the fourth decryption key value of the other data sharing device at the target time are the same as the first decryption key value and the second decryption key value of the target data sharing device at the target time.
In step S5062, the third decryption key value and the fourth decryption key value are compared with the first decryption key value and the second decryption key value, thereby obtaining a comparison result.
As described above, by comparing the third decryption key value and the fourth decryption key value with the corresponding first decryption key value and second decryption key value, it is determined whether or not the two are identical.
In some optional embodiments, when the third decryption key value is the same as the first decryption key value and the fourth decryption key value is the same as the second decryption key value, it indicates that the decryption key value of the target data sharing device at the target time is the same, and the decryption key of the target data sharing device may be directly used to decrypt the second encrypted data sent by other data sharing devices.
In step S5063, a first decryption key is generated based on the comparison result and the environmental parameter.
As described above, the first decryption key is generated based on the comparison result and the environmental parameter so as to decrypt with the second encrypted data transmitted by the other data sharing device based on the first decryption key.
In some optional embodiments, the initial decryption key stream includes a first decryption key stream and a second decryption key stream, when the first decryption key is generated based on the comparison result and the environmental parameter, and when the comparison result indicates that the third decryption key value and the fourth decryption key value are the same as the first decryption key value and the second decryption key value, the first decryption key stream is generated based on the first decryption key value and the environmental parameter; generating a second decryption key stream based on the second decryption key value and the environmental parameter; the first decryption key is generated based on the first decryption key stream and the second decryption key stream.
In some optional embodiments, when generating the first decryption key stream based on the first decryption key value and the environment parameter, the first decryption parameter may be obtained based on a product of the first decryption key value and the initial value; subtracting the first decryption key value from 1 to obtain a second decryption parameter; and iteratively updating the product of the first decryption parameter and the second decryption parameter based on the iteration times to obtain the first decryption key stream.
Specifically, the model for generating the first decryption key stream based on the first decryption key value and the environmental parameter is:
wherein,the value range is 3.57-4 for the initial value corresponding to the first decryption key value, namely the first initial value;for the first decryption key stream +_>For the number of iterations, the value range is more than 0 and less than 1.
In some optional embodiments, when generating the second decryption key stream based on the second decryption key value and the environment parameter, a third decryption parameter may be obtained based on a product of the second decryption key value and the initial value; subtracting the second decryption key value from 1 to obtain a fourth decryption parameter; and iteratively updating the product of the third decryption parameter and the fourth decryption parameter based on the iteration times to obtain the second decryption key stream.
Specifically, the model for generating the second decryption key stream based on the second decryption key value and the environmental parameter is:
wherein,the value range is 3.57-4 for the initial value corresponding to the second decryption key value, namely the second initial value;for the second decryption key stream +.>For the number of iterations, the value range is more than 0 and less than 1.
In some alternative embodiments, when the first decryption key is generated based on the first decryption key stream and the second decryption key stream, the first decryption key stream and the second decryption key stream may be subjected to linear combination operation to obtain the first decryption key.
Performing linear combination operation on the first decryption key stream and the second decryption key stream to obtain a formula of the first decryption key:
wherein,for the first decryption key->For the number of iterations->For the first linear coefficient +.>Is a second linear coefficient;for a first decryption key stream; />For the second decryption key stream.
In some optional embodiments, when the first decryption key stream and the second decryption key stream are subjected to linear combination operation to obtain the first decryption key, the first key stream weight of the first decryption key stream and the second key stream weight of the second decryption key stream may be obtained first; and fusing the first decryption key stream and the second decryption key stream based on the first key stream weight and the second key stream weight to obtain the first decryption key. The first decryption key is obtained based on the product of the first decryption key stream and the first key stream weight plus the product of the second decryption key stream and the second key stream weight.
Step S507, the second encrypted data is decrypted based on the first decryption key, and shared second shared data of other data sharing devices is obtained.
As described above, the second shared data is decrypted based on the first decryption key, thereby ensuring the reliability of the sharing of the second shared data.
In some alternative embodiments, the target constant value may be obtained based on subtracting the target constant from 1, then obtaining the first decryption value based on the product of the first decryption key and the target constant value, and dividing the target constant by the difference between the second encrypted data and the first decryption value to obtain the second shared data. Wherein, the value of the target constant is 0.01. Alternatively, in other implementations, the target constant may have a value ranging from 0.01 to 0.06.
The decryption model for obtaining the second shared data is as follows:
wherein,for the second encrypted data->For the second shared data to be shared by,ifor the numbering of the data sharing devices,sis a target constant.
Step S508, the first shared data and the second shared data are aggregated to obtain aggregated data.
As described above, the first shared data and the second shared data are aggregated to obtain the aggregated data, so as to improve the data sharing security of each data sharing device in the data sharing cluster.
Please refer to step S408 in the embodiment shown in fig. 4, which is not described herein.
In some optional embodiments, after the first shared data and the second shared data are aggregated to obtain the first aggregated data, a target aggregate value of the data sharing cluster may also be obtained; iteratively updating the first aggregation data based on the target aggregation value to obtain updated first aggregation data; and if the updated first aggregate data is in the range corresponding to the target aggregate value, determining that the updated first aggregate data is the target shared data of the target data sharing device.
In some alternative embodiments, the reference input mean is determined from the updated aggregate data of the previous time, and may also be determined based on a weighted average of the aggregate data of the target management node itself and the aggregate data of other management nodes connected to the target management node.
Specifically, since the first shared data includes the first global expectation and the first global variance, the corresponding target aggregate value includes the target data aggregate value and the target variance aggregate value. Therefore, when the first shared data and the second shared data are aggregated, the first global expectation in the first shared data and the second global expectation in the second shared data can be aggregated to obtain first global aggregated data; and aggregating the first global variance in the first shared data with the second global variance in the second shared data to obtain a first global aggregate variance. When the first aggregate data is iteratively updated based on the target aggregate value, the first global aggregate data can be iteratively updated through the target aggregate value to obtain updated first global aggregate data, and if the updated first global aggregate data is in a range corresponding to the target aggregate value, the updated first global aggregate data is determined to be target global shared data of the target data sharing device; and carrying out iterative updating on the first global aggregation variance through the target variance aggregation value to obtain an updated first global aggregation variance, and if the updated first global aggregation variance is in a range corresponding to the target variance aggregation value, determining that the updated first global aggregation variance is the target global sharing variance of the target data sharing device, wherein the target global sharing data and the target global sharing variance form target sharing data of the target data sharing device.
The update model of the target global shared data is as follows:
the update model of the target global sharing variance is as follows:
wherein,sharing data for a target->For target global sharing variance +.>Auxiliary data for sharing data for the target, +.>Auxiliary data for target global shared variance +.>Aggregating value variables for target data,/>Aggregate value variable for target variance, +.>、/>Is->To update the coefficients +.>The importance degree of other data sharing devices which are communicated with the target data sharing device in the communication diagram in the data sharing cluster is shown.
The update model of the target shared data is as follows:
wherein,sharing data for a target->Auxiliary data for the target shared data,aggregate value variable for target data, +.>、/>Is->To update the coefficients +.>For communicating with the target in the graphThe importance of other data sharing devices that the data sharing device communicates with in the data sharing cluster.
As described above, when the updated aggregate data is within the range corresponding to the target aggregate value, it is determined that the updated aggregate data is the target shared data of the target data sharing device, that is, the target global prediction data meeting the data consistency of the prediction result of each management node in the cloud server network, and a necessary condition is provided for updating the local prediction data in the working machines of the subsequent data sharing cluster.
According to the data sharing method, the cluster information of the data cluster is acquired, so that the target data sharing device can acquire the device information of other data sharing devices connected with the target data sharing device based on the communication relation of all the data sharing devices in the cluster information, and the stored first sharing data is encrypted and shared based on the adding and dissolving information; generating a first encryption key based on encryption and decryption information so as to facilitate encryption sharing of the first shared data based on the first encryption key; the method comprises the steps that other data sharing devices which are communicated with a target data sharing device are obtained based on communication information, so that the target data sharing device can feed first encrypted data of the target data sharing device back to the other data sharing devices; the first encrypted data is sent to other data sharing devices, so that the other data sharing devices decrypt the first encrypted data based on encryption and decryption information and aggregate the first encrypted data with stored second shared data, and the second encrypted data sent by the other data sharing devices is obtained, so that the second encrypted data is decrypted based on encryption and decryption information and aggregate the second encrypted data with stored first shared data; generating a first decryption key based on encryption and decryption information so as to facilitate decryption and aggregation of second shared data based on the first decryption key, thereby improving data sharing security of each data sharing device in the data sharing cluster; decrypting the second encrypted data based on the first decryption key so as to obtain shared second shared data of the other data sharing devices; the first shared data and the second shared data are aggregated to obtain aggregated data, so that the data sharing safety of each data sharing device in the data sharing cluster is improved. Therefore, the invention can carry out data sharing and aggregation among the data sharing devices on the basis of protecting the data security of the user, and avoids the situation that aggregated data information is exposed in the cluster and is easily stolen by a snooper in the process of carrying out data sharing and aggregation on the data sharing cluster, thereby improving the consistency and reliability of carrying out data aggregation on each data sharing device in the data sharing cluster.
The embodiment also provides a data sharing device, which is used for implementing the foregoing embodiments and preferred embodiments, and is not described in detail. As used below, the term "module" may be a combination of software and/or hardware that implements a predetermined function. While the means described in the following embodiments are preferably implemented in software, implementation in hardware, or a combination of software and hardware, is also possible and contemplated.
The embodiment provides a data sharing device, which is applied to a target data sharing device in a data sharing cluster, where first shared data is stored in the target data sharing device, as shown in fig. 6, and includes:
the information obtaining module 601 is configured to obtain cluster information of the data sharing cluster, where the cluster information includes communication information and encryption and decryption information of each data sharing device, and the communication information is used to represent a communication relationship between each data sharing device in the data sharing cluster.
The key generation module 602 is configured to generate a first encryption key based on the encryption and decryption information.
The data encryption module 603 is configured to encrypt the first shared data based on the first encryption key, to obtain first encrypted data.
The device acquisition module 604 is configured to acquire, based on the communication information, another data sharing device that communicates with the target data sharing device.
The data sharing module 605 is configured to send the first encrypted data to the other data sharing devices, so that the other data sharing devices decrypt the first encrypted data based on the encryption and decryption information, aggregate the first encrypted data with stored second shared data to obtain second aggregated data, and iteratively update the second aggregated data based on a target aggregation value.
In some optional embodiments, the encryption and decryption information includes an environment parameter and a first encryption key value and a second encryption key value of the target data sharing device at a target time, where the environment parameter includes an initial value and an iteration number, and the first encryption key is obtained after the initial value and the first encryption key value and the second encryption key value of the target data sharing device at the target time are updated based on the iteration number.
In some alternative embodiments, the key generation module 602 includes:
the key value acquisition unit is used for acquiring a first encryption key value and a second encryption key value of the target data sharing device at the target moment, wherein the value range of the first encryption key value and the second encryption key value is more than 0 and less than 1.
And the first key stream generating unit is used for generating a first encryption key stream based on the first encryption key value and the environment parameter.
And the second key stream generating unit is used for generating a second encryption key stream based on the second encryption key value and the environment parameter.
And the encryption key generation unit is used for generating a first encryption key based on the first encryption key stream and the second encryption key stream.
In some optional embodiments, the first key stream generating unit is specifically configured to obtain a first encryption parameter based on a product of the first encryption key value and the initial value; subtracting the first encryption key value from 1 to obtain a second encryption parameter; and iteratively updating the product of the first encryption parameter and the second encryption parameter based on the iteration times to obtain the first encryption key stream.
The model for generating the first encryption key stream based on the first encryption key value and the environment parameter is as follows:
wherein,the value range is 3.57-4 for the initial value corresponding to the first encryption key value; />For the first encryption key stream->For the number of iterations, the value range is more than 0 and less than 1.
In some optional embodiments, the second key stream generating unit is specifically configured to obtain a third encryption parameter based on a product of the second encryption key value and the initial value; subtracting the second encryption key value from 1 to obtain a fourth encryption parameter; and iteratively updating the product of the third encryption parameter and the fourth encryption parameter based on the iteration times to obtain the second encryption key stream.
Wherein the model for generating the second encryption key stream based on the second encryption key value and the environmental parameter is:
wherein,the value range is 3.57-4 for the initial value corresponding to the second encryption key value; />For the second encryption key stream->For the number of iterations, the value range is more than 0 and less than 1.
In some optional embodiments, the encryption key generation unit is specifically configured to obtain a first key stream weight of the first encryption key stream and a second key stream weight of the second encryption key stream; and fusing the first encryption key stream and the second encryption key stream based on the first key stream weight and the second key stream weight to obtain the first encryption key.
In some alternative embodiments, the data sharing module 605 includes;
an encrypted data acquisition unit configured to acquire second encrypted data transmitted by other data sharing devices;
and the decryption key generation unit is used for generating a first decryption key based on the encryption and decryption information.
And the encrypted data decryption unit is used for decrypting the second encrypted data based on the first decryption key to obtain the shared second shared data of other data sharing devices.
And the shared data aggregation unit is used for aggregating the first shared data with the second shared data to obtain first aggregated data.
In some optional embodiments, the shared data aggregation unit is further configured to obtain a target aggregate value of the data sharing cluster; iteratively updating the aggregated data based on the target aggregated value to obtain updated aggregated data; and if the updated aggregate data is in the range corresponding to the target aggregate value, determining that the updated aggregate data is the target shared data of the target data sharing device.
In some optional embodiments, the encryption and decryption information further includes an initial decryption key stream corresponding to the initial encryption key stream, and the decryption key generation unit is further configured to generate the first decryption key based on the environment parameter and the initial decryption key stream.
In some optional embodiments, the encryption and decryption information further includes a first decryption key value and a second decryption key value of the target data sharing device at a target time, and the decryption key generating unit includes:
and the key value acquisition subunit is used for acquiring the third decryption key value and the fourth decryption key value of other data sharing devices at the target moment.
And the key value comparison subunit is used for correspondingly comparing the third decryption key value and the fourth decryption key value with the first decryption key value and the second decryption key value to obtain a comparison result.
And the decryption key generation subunit is used for generating a first decryption key based on the comparison result and the environment parameter.
In some optional embodiments, the decryption key generation subunit is specifically configured to generate, when the comparison result indicates that the third decryption key value and the fourth decryption key value are the same as the corresponding first decryption key value and the second decryption key value, a first decryption key stream based on the first decryption key value and the environmental parameter;
generating a second decryption key stream based on the second decryption key value and the environmental parameter;
the first decryption key is generated based on the first decryption key stream and the second decryption key stream.
Specifically, when the first decryption key stream is generated based on the first decryption key value and the environment parameter, the first decryption parameter can be obtained based on the product of the first decryption key value and the initial value; subtracting the first decryption key value from 1 to obtain a second decryption parameter; and iteratively updating the product of the first decryption parameter and the second decryption parameter based on the iteration times to obtain the first decryption key stream.
Specifically, when the second decryption key stream is generated based on the second decryption key value and the environment parameter, a third decryption parameter may be obtained based on the product of the second decryption key value and the initial value; subtracting the second decryption key value from 1 to obtain a fourth decryption parameter; and iteratively updating the product of the third decryption parameter and the fourth decryption parameter based on the iteration times to obtain the second decryption key stream.
Specifically, when generating a first decryption key based on a first decryption key stream and a second decryption key stream, a first key stream weight of the first decryption key stream and a second key stream weight of the second decryption key stream may be obtained; and fusing the first decryption key stream and the second decryption key stream based on the first key stream weight and the second key stream weight to obtain the first decryption key.
In some optional embodiments, the shared data aggregation unit is further configured to obtain a first sharing weight of the first shared data and a second sharing weight of the second shared data; and aggregating the first shared data and the second shared data based on the first shared weight and the second shared weight to obtain the first aggregated data.
In some optional embodiments, the information obtaining module 601 is further configured to receive local prediction data uploaded by a plurality of connected working machines, where the local prediction data is calculated by a working machine based on a target training set and a kernel function, and the target training set is determined by stream data received by the working machine and a stored local training set; and aggregating a plurality of the local prediction data to obtain the first shared data.
Further functional descriptions of the above respective modules and units are the same as those of the above corresponding embodiments, and are not repeated here.
The data sharing device in this embodiment is presented as a functional unit, where the unit refers to an ASIC (application specific integrated circuit) circuit, a processor and a memory that execute one or more software or firmware programs, and/or other devices that can provide the above functions.
The embodiment of the invention also provides computer equipment, which is provided with the data sharing device shown in the figure 6.
Referring to fig. 7, fig. 7 is a schematic structural diagram of a computer device according to an alternative embodiment of the present invention, as shown in fig. 7, the computer device includes: one or more processors 10, memory 20, and interfaces for connecting the various components, including high-speed interfaces and low-speed interfaces. The various components are communicatively coupled to each other using different buses and may be mounted on a common motherboard or in other manners as desired. The processor may process instructions executing within the computer device, including instructions stored in or on memory to display graphical information of the GUI on an external input/output device, such as a display device coupled to the interface. In some alternative embodiments, multiple processors and/or multiple buses may be used, if desired, along with multiple memories and multiple memories. Also, multiple computer devices may be connected, each providing a portion of the necessary operations (e.g., as a server array, a set of blade servers, or a multiprocessor system). One processor 10 is illustrated in fig. 7.
The processor 10 may be a central processor, a network processor, or a combination thereof. The processor 10 may further include a hardware chip, among others. The hardware chip may be an application specific integrated circuit, a programmable logic device, or a combination thereof. The programmable logic device may be a complex programmable logic device, a field programmable gate array, a general-purpose array logic, or any combination thereof.
Wherein the memory 20 stores instructions executable by the at least one processor 10 to cause the at least one processor 10 to perform a method for implementing the embodiments described above.
The memory 20 may include a storage program area that may store an operating system, at least one application program required for functions, and a storage data area; the storage data area may store data created from the use of the computer device of the presentation of a sort of applet landing page, and the like. In addition, the memory 20 may include high-speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid-state storage device. In some alternative embodiments, memory 20 may optionally include memory located remotely from processor 10, which may be connected to the computer device via a network. Examples of such networks include, but are not limited to, the internet, intranets, server clusters, mobile communication networks, and combinations thereof.
Memory 20 may include volatile memory, such as random access memory; the memory may also include non-volatile memory, such as flash memory, hard disk, or solid state disk; the memory 20 may also comprise a combination of the above types of memories.
The computer device also includes a communication interface 30 for the computer device to communicate with other devices or communication networks.
The embodiments of the present invention also provide a computer readable storage medium, and the method according to the embodiments of the present invention described above may be implemented in hardware, firmware, or as a computer code which may be recorded on a storage medium, or as original stored in a remote storage medium or a non-transitory machine readable storage medium downloaded through a network and to be stored in a local storage medium, so that the method described herein may be stored on such software process on a storage medium using a general purpose computer, a special purpose processor, or programmable or special purpose hardware. The storage medium can be a magnetic disk, an optical disk, a read-only memory, a random access memory, a flash memory, a hard disk, a solid state disk or the like; further, the storage medium may also comprise a combination of memories of the kind described above. It will be appreciated that a computer, processor, microprocessor controller or programmable hardware includes a storage element that can store or receive software or computer code that, when accessed and executed by the computer, processor or hardware, implements the methods illustrated by the above embodiments.
Although embodiments of the present invention have been described in connection with the accompanying drawings, various modifications and variations may be made by those skilled in the art without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope of the invention as defined by the appended claims.

Claims (20)

1. A data sharing method, applied to a target data sharing device in a data sharing cluster, where first shared data is stored in the target data sharing device, the method includes:
acquiring cluster information of the data sharing cluster, wherein the cluster information comprises communication information and encryption and decryption information of each data sharing device, and the communication information is used for representing communication relations among the data sharing devices in the data sharing cluster;
generating a first encryption key based on the encryption and decryption information;
encrypting the first shared data based on the first encryption key to obtain first encrypted data;
acquiring other data sharing devices which are communicated with the target data sharing device based on the communication information;
and sending the first encrypted data to the other data sharing equipment so that the other data sharing equipment can acquire second aggregation data by aggregating the first encrypted data and the stored second shared data after decrypting the first encrypted data based on the encryption and decryption information, and carrying out iterative updating on the second aggregation data based on a target aggregation value.
2. The method of claim 1, wherein the encryption and decryption information includes an environment parameter and a first encryption key value and a second encryption key value of the target data sharing device at a target time, the environment parameter includes an initial value and a number of iterations, and the first encryption key is obtained by iteratively updating the initial value and the first encryption key value and the second encryption key value of the target data sharing device at the target time based on the number of iterations.
3. The method of claim 2, wherein the generating a first encryption key based on the encryption and decryption information comprises:
acquiring a first encryption key value and a second encryption key value of the target data sharing equipment at a target moment, wherein the value range of the first encryption key value and the second encryption key value is more than 0 and less than 1;
generating a first encryption key stream based on the first encryption key value and the environmental parameter;
generating a second encryption key stream based on the second encryption key value and the environmental parameter;
the first encryption key is generated based on the first encryption key stream and the second encryption key stream.
4. The method of claim 3, wherein the generating a first encryption key stream based on the first encryption key value and the environmental parameter comprises:
obtaining a first encryption parameter based on the product of the first encryption key value and the initial value;
subtracting the first encryption key value from 1 to obtain a second encryption parameter;
and iteratively updating the product of the first encryption parameter and the second encryption parameter based on the iteration times to obtain the first encryption key stream.
5. The method of claim 3, wherein the generating a model of a first encryption key stream based on the first encryption key value and the environmental parameter is:
wherein,the value range is 3.57-4 for the initial value corresponding to the first encryption key value; />For the first encryption key stream->For the number of iterations, the value range is more than 0 and less than 1.
6. The method of claim 3, wherein the generating a second encryption key stream based on the second encryption key value and the environmental parameter comprises:
obtaining a third encryption parameter based on the product of the second encryption key value and the initial value;
Subtracting the second encryption key value from 1 to obtain a fourth encryption parameter;
and iteratively updating the product of the third encryption parameter and the fourth encryption parameter based on the iteration times to obtain the second encryption key stream.
7. The method of claim 6, wherein the generating a model of a second encryption key stream based on the second encryption key value and the environmental parameter is:
wherein,the value range is 3.57-4 for the initial value corresponding to the second encryption key value; />For the second encryption key stream->For the number of iterations, the value range is more than 0 and less than 1.
8. The method of claim 3, wherein the generating the first encryption key based on the first encryption key stream and the second encryption key stream comprises:
acquiring a first key stream weight of the first encryption key stream and a second key stream weight of the second encryption key stream;
and fusing the first encryption key stream and the second encryption key stream based on the first key stream weight and the second key stream weight to obtain the first encryption key.
9. The method of claim 2, wherein the sending the first encrypted data to the other data sharing device further comprises:
Acquiring second encrypted data sent by the other data sharing devices;
generating a first decryption key based on the encryption and decryption information;
decrypting the second encrypted data based on the first decryption key to obtain second shared data shared by the other data sharing devices;
and aggregating the first shared data and the second shared data to obtain first aggregated data.
10. The method of claim 9, wherein after aggregating the first shared data with the second shared data to obtain first aggregated data, the method further comprises:
acquiring a target aggregation value of the data sharing cluster;
iteratively updating the aggregation data based on the target aggregation value to obtain updated aggregation data;
and if the updated aggregate data is in the range corresponding to the target aggregate value, determining that the updated aggregate data is the target shared data of the target data sharing device.
11. The method of claim 9, wherein the encryption and decryption information further includes a first decryption key value and a second decryption key value for the target data sharing device at a target time, wherein generating the first decryption key based on the encryption and decryption information comprises:
Acquiring a third decryption key value and a fourth decryption key value of the other data sharing equipment at a target moment;
correspondingly comparing the third decryption key value and the fourth decryption key value with the first decryption key value and the second decryption key value to obtain a comparison result;
and generating the first decryption key based on the comparison result and the environment parameter.
12. The method of claim 11, wherein the generating the first decryption key based on the comparison result and the environmental parameter comprises:
when the comparison result represents that the third decryption key value and the fourth decryption key value are the same as the first decryption key value and the second decryption key value, generating a first decryption key stream based on the first decryption key value and the environment parameter;
generating a second decryption key stream based on the second decryption key value and the environmental parameter;
the first decryption key is generated based on the first decryption key stream and the second decryption key stream.
13. The method of claim 12, wherein the generating a first decryption key stream based on the first decryption key value and the environmental parameter comprises:
Obtaining a first decryption parameter based on the product of the first decryption key value and the initial value;
subtracting the first decryption key value from 1 to obtain a second decryption parameter;
and iteratively updating the product of the first decryption parameter and the second decryption parameter based on the iteration times to obtain the first decryption key stream.
14. The method of claim 12, wherein the generating a second decryption key stream based on the second decryption key value and the environmental parameter comprises:
obtaining a third decryption parameter based on the product of the second decryption key value and the initial value;
subtracting the second decryption key value from 1 to obtain a fourth decryption parameter;
and iteratively updating the product of the third decryption parameter and the fourth decryption parameter based on the iteration times to obtain the second decryption key stream.
15. The method of claim 14, wherein the generating the first decryption key based on the first decryption key stream and the second decryption key stream comprises:
acquiring a first key stream weight of the first decryption key stream and a second key stream weight of the second decryption key stream;
And fusing the first decryption key stream and the second decryption key stream based on the first key stream weight and the second key stream weight to obtain the first decryption key.
16. The method of claim 1, wherein the obtaining the first shared data comprises:
receiving local prediction data uploaded by a plurality of connected working machines, wherein the local prediction data is calculated by the working machines based on a target training set and a kernel function, and the target training set is determined by stream data received by the working machines and a stored local training set;
and aggregating a plurality of the local prediction data to obtain the first shared data.
17. The method of claim 9, wherein aggregating the first shared data with the second shared data to obtain first aggregated data comprises:
acquiring a first sharing weight of the first sharing data and a second sharing weight of the second sharing data;
and aggregating the first shared data and the second shared data based on the first shared weight and the second shared weight to obtain the first aggregated data.
18. A data sharing apparatus, applied to a target data sharing device in a data sharing cluster, where first shared data is stored in the target data sharing device, the apparatus comprising:
the information acquisition module is used for acquiring cluster information of a data sharing cluster, wherein the cluster information comprises communication information and encryption and decryption information of each data sharing device, and the communication information is used for representing communication relations among the data sharing devices in the data sharing cluster;
the key generation module is used for generating a first encryption key based on the encryption and decryption information;
the data encryption module is used for encrypting the first shared data based on the first encryption key to obtain first encrypted data;
the device acquisition module is used for acquiring other data sharing devices which are communicated with the target data sharing device based on the communication information;
and the data sharing module is used for sending the first encrypted data to the other data sharing equipment so that the other data sharing equipment can acquire second aggregated data by aggregating the first encrypted data and the stored second shared data after decrypting the first encrypted data based on the encryption and decryption information, and can perform iterative updating on the second aggregated data based on a target aggregated value.
19. A computer device, comprising:
a memory and a processor in communication with each other, the memory having stored therein computer instructions which, upon execution, cause the processor to perform the method of any of claims 1 to 17.
20. A computer readable storage medium having stored thereon computer instructions for causing a computer to perform the method of any one of claims 1 to 17.
CN202311825152.0A 2023-12-27 2023-12-27 Data sharing method, device, equipment and storage medium Active CN117478437B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311825152.0A CN117478437B (en) 2023-12-27 2023-12-27 Data sharing method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311825152.0A CN117478437B (en) 2023-12-27 2023-12-27 Data sharing method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN117478437A CN117478437A (en) 2024-01-30
CN117478437B true CN117478437B (en) 2024-03-01

Family

ID=89638246

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311825152.0A Active CN117478437B (en) 2023-12-27 2023-12-27 Data sharing method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN117478437B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108111540A (en) * 2018-01-30 2018-06-01 西安电子科技大学 The hierarchical access control system and method for data sharing are supported in a kind of cloud storage
US11128448B1 (en) * 2013-11-06 2021-09-21 Pure Storage, Inc. Quorum-aware secret sharing
WO2022251987A1 (en) * 2021-05-29 2022-12-08 华为技术有限公司 Data encryption and decryption method and apparatus
CN116436682A (en) * 2023-04-23 2023-07-14 浙江网商银行股份有限公司 Data processing method, device and system
CN117118598A (en) * 2023-03-14 2023-11-24 荣耀终端有限公司 Data sharing method, electronic equipment and computer cluster

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103761083B (en) * 2013-12-31 2017-04-05 华为技术有限公司 A kind of data sharing method, device and terminal
WO2019117625A1 (en) * 2017-12-12 2019-06-20 Samsung Electronics Co., Ltd. Apparatus and method for sharing content

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11128448B1 (en) * 2013-11-06 2021-09-21 Pure Storage, Inc. Quorum-aware secret sharing
CN108111540A (en) * 2018-01-30 2018-06-01 西安电子科技大学 The hierarchical access control system and method for data sharing are supported in a kind of cloud storage
WO2022251987A1 (en) * 2021-05-29 2022-12-08 华为技术有限公司 Data encryption and decryption method and apparatus
CN117118598A (en) * 2023-03-14 2023-11-24 荣耀终端有限公司 Data sharing method, electronic equipment and computer cluster
CN116436682A (en) * 2023-04-23 2023-07-14 浙江网商银行股份有限公司 Data processing method, device and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘胜娟 ; 王博丞 ; 闫燕勤 ; 杜劝劝 ; .云教学场景下文件共享系统的研究与设计.教育现代化.2018,(第38期),全文. *

Also Published As

Publication number Publication date
CN117478437A (en) 2024-01-30

Similar Documents

Publication Publication Date Title
US11902413B2 (en) Secure machine learning analytics using homomorphic encryption
US11487969B2 (en) Apparatuses, computer program products, and computer-implemented methods for privacy-preserving federated learning
US20180212758A1 (en) Secure Probabilistic Analytics Using an Encrypted Analytics Matrix
US10956584B1 (en) Secure data processing
US11507683B2 (en) Query processing with adaptive risk decisioning
US10990687B2 (en) System and method for user managed encryption recovery using blockchain for data at rest
CN107750363A (en) Securing communications with hardware accelerators to increase workflow security
US10754954B2 (en) Securely exchanging information during application startup
US10536276B2 (en) Associating identical fields encrypted with different keys
US20210037100A1 (en) Method and control system for controlling and/or monitoring devices
CN112380568B (en) Data management method, device, computer equipment and storage medium
CN113821810B (en) Data processing method and system, storage medium and electronic equipment
CN112990276A (en) Federal learning method, device, equipment and storage medium based on self-organizing cluster
CN113422683A (en) Edge cloud cooperative data transmission method, system, storage medium and terminal
CN110378128A (en) Data ciphering method, device and terminal device
GB2546612A (en) Password-authenticated public key encryption and decryption
CN111079153B (en) Security modeling method and device, electronic equipment and storage medium
US10754987B2 (en) Secure micro-service data and service provisioning for IoT platforms
US10693628B2 (en) Enabling distance-based operations on data encrypted using a homomorphic encryption scheme with inefficient decryption
KR20220134572A (en) Secure private key distribution between endpoint instances
CN117478437B (en) Data sharing method, device, equipment and storage medium
US11799629B2 (en) Access authorization utilizing homomorphically encrypted access authorization objects
CN114861200B (en) Data processing method, device, equipment and storage medium
US20230085239A1 (en) Querying fully homomorphic encryption encrypted databases using client-side preprocessing or post-processing
JP2022141962A (en) Data query and write method, device, electronic apparatus, readable storage medium, and computer program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant