CN117786739A - Data processing method, server and system - Google Patents

Data processing method, server and system Download PDF

Info

Publication number
CN117786739A
CN117786739A CN202311749185.1A CN202311749185A CN117786739A CN 117786739 A CN117786739 A CN 117786739A CN 202311749185 A CN202311749185 A CN 202311749185A CN 117786739 A CN117786739 A CN 117786739A
Authority
CN
China
Prior art keywords
data
privacy
enhancement
data block
processed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311749185.1A
Other languages
Chinese (zh)
Inventor
孙军芳
张海宁
李海龙
王光辉
苟晓侃
宋继红
李生帛
张容福
张广德
马进财
李晓艳
马静
马英辉
王钰琳
雷晓萍
赵云鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
State Grid Qinghai Electric Power Co Ltd
Information and Telecommunication Branch of State Grid Qinghai Electric Power Co Ltd
Original Assignee
State Grid Corp of China SGCC
State Grid Qinghai Electric Power Co Ltd
Information and Telecommunication Branch of State Grid Qinghai Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, State Grid Qinghai Electric Power Co Ltd, Information and Telecommunication Branch of State Grid Qinghai Electric Power Co Ltd filed Critical State Grid Corp of China SGCC
Priority to CN202311749185.1A priority Critical patent/CN117786739A/en
Publication of CN117786739A publication Critical patent/CN117786739A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The application discloses a data processing method, a server and a system, and relates to the technical field of privacy enhancement. The method comprises the following steps: responding to data to be processed sent by a data owner, dividing the data to be processed into a plurality of privacy data blocks, wherein the enhancement degrees corresponding to the privacy data blocks are different; processing at least one privacy data block according to the enhancement degree corresponding to the privacy data block by adopting a preset enhancement mode corresponding to the enhancement degree to obtain the privacy enhancement data block; and sending data to be transmitted to a data user, wherein the data to be transmitted comprises privacy enhanced data blocks. The method is convenient for distinguishing various privacy data blocks in the data to be processed, and correspondingly carries out privacy enhancement of different degrees, so that the data with high enhancement degree can be better protected, and the security of the privacy data is improved.

Description

Data processing method, server and system
Technical Field
The application relates to the technical field of privacy enhancement, in particular to a data processing method, a server and a system.
Background
Along with the increasing degree of digitization of society, data are collected and applied on a large scale, so that the value of the data is discovered and becomes a valuable asset. However, in the application process of the data, there is a problem of disclosure of the privacy information, and security of the data application is reduced. How to recognize the private data and improve the protection of the private data is called as a problem to be solved urgently.
Disclosure of Invention
The application provides a data processing method, a server and a system, which can improve the identification accuracy of private data and improve the protection of the private data.
In a first aspect, the present application provides a data processing method, the method including: responding to data to be processed sent by a data owner, dividing the data to be processed into a plurality of privacy data blocks, wherein the enhancement degrees corresponding to the privacy data blocks are different; processing at least one privacy data block according to the enhancement degree corresponding to the privacy data block by adopting a preset enhancement mode corresponding to the enhancement degree to obtain the privacy enhancement data block; and sending data to be transmitted to a data user, wherein the data to be transmitted comprises privacy enhanced data blocks.
In a second aspect, the present application provides a data processing method, the method comprising: receiving data to be transmitted sent by a server, wherein the data to be transmitted comprises privacy enhancement data blocks, the privacy enhancement data blocks are data blocks obtained by processing at least one privacy data block by the server in a preset enhancement mode corresponding to the enhancement degree according to the enhancement degree corresponding to the privacy data blocks, and the privacy data blocks are any one of a plurality of data blocks provided by a data owner; and carrying out statistical analysis on the data to be transmitted, and determining a data processing result.
In a third aspect, the present application provides a privacy enhancement server comprising: the division module is configured to respond to the data to be processed sent by the data owner and divide the data to be processed into a plurality of privacy data blocks, and the enhancement degrees corresponding to the privacy data blocks are different; the processing module is configured to process at least one privacy data block according to the enhancement degree corresponding to the privacy data block by adopting a preset enhancement mode corresponding to the enhancement degree to obtain the privacy enhancement data block; and the sending module is configured to send data to be transmitted to the data user, wherein the data to be transmitted comprises privacy enhanced data blocks.
In a fourth aspect, the present application provides a data processing system comprising: a privacy enhancement server, a data owner device and a data consumer device in communication connection; a privacy enhancing server configured to execute any one of the data processing methods applied to the privacy enhancing server in the embodiments of the present application; a data consumer device configured to execute any one of the data processing methods of the embodiments of the present application applied to the data consumer device; and the data owner device is configured to send the data to be processed to the privacy enhancement server so that the privacy enhancement server processes the data to be processed to generate the data to be transmitted.
According to the data processing method, the server and the system, the data to be processed is divided into the privacy data blocks by responding to the data to be processed sent by the data owner, the enhancement degrees corresponding to the privacy data blocks are different, so that different privacy data blocks in the data to be processed can be distinguished, privacy enhancement of different degrees is correspondingly carried out, and data with high enhancement degrees can be better protected; according to the enhancement degree corresponding to the privacy data blocks, processing at least one privacy data block by adopting a preset enhancement mode corresponding to the enhancement degree to obtain the privacy enhancement data block, so that the privacy enhancement data block obtained after processing can be processed with higher protection degree, and the safety of the privacy data is ensured; and sending data to be transmitted to the data user, wherein the data to be transmitted comprises privacy enhanced data blocks, so that the data user can obtain the required data and meanwhile, the data with high privacy data degree can be prevented from being revealed.
Drawings
The accompanying drawings are included to provide a further understanding of embodiments of the present application and are incorporated in and constitute a part of this specification, illustrate embodiments of the present application and together with the description serve to explain the present application, not to limit the present application. The above and other features and advantages will become more readily apparent to those of ordinary skill in the art by describing in detail exemplary embodiments with reference to the accompanying drawings in which.
Fig. 1 shows a flow chart of a data processing method according to an embodiment of the present application.
Fig. 2 shows a flow chart of a data processing method according to an embodiment of the present application.
Fig. 3 shows a block diagram of a privacy enhancement server according to an embodiment of the present application.
FIG. 4 illustrates a block diagram of the components of a data processing system provided in an embodiment of the present application.
FIG. 5 is a flow chart illustrating a method of operating a data processing system according to an embodiment of the present application.
Fig. 6 shows a block diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The following detailed description of specific embodiments of the present application refers to the accompanying drawings. It should be understood that the detailed description is presented herein for purposes of illustration and explanation only and is not intended to limit the present application. It will be apparent to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present application by showing examples of the present application.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
For the purpose of making the objects, technical solutions and advantages of the present application more apparent, the embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
In the related technical scheme, all data of the user are encrypted, and interference factors such as noise are added in the encryption process, so that the processed data cannot reveal private data of the user. However, in the above processing procedure, "privacy on demand" cannot be realized, that is, corresponding protection measures cannot be adopted for different private data according to the importance degree of the privacy of the user, so that the data processing overhead of the system is increased, and the processing efficiency of the data is reduced.
Fig. 1 shows a flow chart of a data processing method according to an embodiment of the present application. The data processing method is applicable to a privacy enhancement server. As shown in fig. 1, the data processing method includes, but is not limited to, the following steps.
In step S101, in response to the data to be processed sent by the data owner, the data to be processed is divided into a plurality of private data blocks.
Wherein, the enhancement degree corresponding to each privacy data block is different. For example, the data to be processed includes: and the power utilization data of the power users, such as user personal information, such as user addresses, identity information and the like.
In the technical solution according to the present application, the acquisition of the personal information of the user complies with the relevant national laws and regulations (for example, information security technology personal information security standards). The information obtaining mode is to clearly inform the user and pass through legal way; the obtained information type is directly related to the business function of the product or service, and the obtained information is the lowest frequency and the least quantity of information is collected; collecting personal information without violating the autonomous willingness of the personal information body; obtaining authorization consent when personal information is collected; when obtaining the personal information indirectly, or disclosing a dataset for the network, or otherwise, and following the regulatory requirements for obtaining the indirect personal information.
Step S102, processing at least one privacy data block by adopting a preset enhancement mode corresponding to the enhancement degree according to the enhancement degree corresponding to the privacy data block to obtain the privacy enhanced data block.
Step S103, sending the data to be transmitted to the data user.
Wherein the data to be transmitted comprises privacy enhanced data blocks.
In this embodiment, the data to be processed is divided into a plurality of private data blocks by responding to the data to be processed sent by the data owner, so that each private data block has different enhancement degrees, and thus each different private data block in the data to be processed can be distinguished, and privacy enhancement of different degrees can be correspondingly performed, so that data with high enhancement degrees can be better protected; according to the enhancement degree corresponding to the privacy data blocks, processing at least one privacy data block by adopting a preset enhancement mode corresponding to the enhancement degree to obtain the privacy enhancement data block, so that the privacy enhancement data block obtained after processing can be processed with higher protection degree, and the safety of the privacy data is ensured; and sending data to be transmitted to the data user, wherein the data to be transmitted comprises privacy enhanced data blocks, so that the data user can obtain the required data and meanwhile, the data with high privacy data degree can be prevented from being revealed.
The embodiment of the present application provides another possible implementation manner, in response to the to-be-processed data sent by the data owner in step S101, the dividing the to-be-processed data into a plurality of private data blocks may be implemented in the following manner: receiving data to be processed sent by a data owner; dividing the data to be processed into a preset number of privacy data blocks.
The privacy data block comprises a data number, an enhancement degree and original privacy data, wherein the data number is determined based on a preset number.
It should be noted that, each private data block corresponds to a unique data number, and the data number can represent the position of the original private data in the private data block in the data to be processed.
The enhancement degree can comprise two enhancement degrees of 'strong' and 'weak', and also can comprise three enhancement degrees of 'strong', 'medium', and 'weak', etc. The above enhancement levels are only exemplified, and can be specifically set according to actual needs, and other enhancement levels not described are also within the protection scope of the present application, and are not described herein.
The data to be processed is divided to obtain the preset number of private data blocks, so that different private data blocks can be conveniently and respectively processed, encryption processing is selectively performed on certain private data blocks based on the use requirement or the processing requirement, the 'privacy on demand' can be realized, and the data processing efficiency is improved.
In some exemplary embodiments, the enhancement level corresponding to the private data block includes a first enhancement level, and the preset enhancement mode includes a homomorphic encryption mode.
In step S102, according to the enhancement degree corresponding to the privacy data block, at least one privacy data block is processed by adopting a preset enhancement mode corresponding to the enhancement degree, so as to obtain a privacy enhancement data block, which can be implemented in the following manner: under the condition that the enhancement degree corresponding to the privacy data block is determined to be the first enhancement degree, encrypting the original privacy data in the privacy data block in a homomorphic encryption mode to obtain encrypted data; and generating a privacy enhanced data block according to the encrypted data, the homomorphic encryption mode and the corresponding encryption parameters.
Wherein the first enhancement degree is the highest intensity degree among the enhancement degrees. The homomorphic encryption manner may include at least one of an addition homomorphic manner, a multiplication homomorphic manner, a mixed multiplication homomorphic manner, a subtraction homomorphic manner, a division homomorphic manner, an algebraic homomorphic manner, and an arithmetic homomorphic manner. The algebraic homomorphic mode is to process the original privacy data in the privacy data block by using the addition homomorphic mode and the multiplication homomorphic mode simultaneously; the arithmetic homomorphism mode is to process the original privacy data in the privacy data block by using the addition homomorphism, the subtraction homomorphism, the multiplication homomorphism and the division homomorphism simultaneously. Different homomorphic encryption modes correspond to different encryption parameters.
By homomorphic encryption processing is carried out on the privacy data block corresponding to the first enhancement degree with the highest level in the enhancement degrees, the original privacy data in the privacy data block can be most effectively protected, and the original privacy data is prevented from being revealed.
In some exemplary embodiments, the enhancement levels corresponding to the privacy data block further include a second enhancement level and/or a third enhancement level, where the second enhancement level is weaker than the first enhancement level, and the third enhancement level is weaker than the second enhancement level, and the preset enhancement mode further includes a federal learning model and/or a differential privacy algorithm.
In step S102, according to the enhancement degree corresponding to the privacy data block, at least one privacy data block is processed by adopting a preset enhancement mode corresponding to the enhancement degree, so as to obtain a privacy enhancement data block, which can be implemented in the following manner: under the condition that the enhancement degree corresponding to the privacy data block is determined to be the second enhancement degree, processing the original privacy data in the privacy data block by adopting a federal learning model to obtain processed data; generating a privacy enhancement data block according to the processed data and parameter information corresponding to the federal learning model; and under the condition that the enhancement degree corresponding to the privacy data block is determined to be the third enhancement degree, processing the original privacy data in the privacy data block by adopting a differential privacy algorithm to obtain processed data, and generating the privacy enhancement data block according to the processed data and parameter information corresponding to the differential privacy algorithm.
The method comprises the steps of processing original privacy data in a privacy data block by adopting different levels of processing modes according to different enhancement degrees so as to distinguish different privacy protection levels.
Under the condition of a second enhancement degree with the enhancement degree in the middle, processing the original privacy data in the privacy data block by adopting a federal learning model; under the condition of the third enhancement degree with the weakest enhancement degree, adopting a differential privacy algorithm to process the original privacy data in the privacy data block; different levels of original privacy data can be obtained, the data security is ensured, the data processing complexity can be reduced, the data processing amount is reduced, and the data processing efficiency is improved.
In some exemplary embodiments, the number of privacy-enhancing data blocks is the same as the number of privacy data blocks, or the number of privacy-enhancing data blocks is less than the number of privacy data blocks.
When the number of the privacy enhanced data blocks is the same as the number of the privacy data blocks, it is indicated that all data in the data to be processed needs to be encrypted so as to ensure the security of the data to be transmitted.
When the number of the privacy-enhanced data blocks is smaller than that of the privacy data blocks, only partial data in the data to be processed can be encrypted, other data are not encrypted, the processing amount of the data is reduced, and the processing efficiency of the data is accelerated; and the partial data in the data to be processed is encrypted in a targeted manner, so that the demand of the data owner on the privacy data on demand can be met, the data user equipment can not know the privacy data which the data owner wants to protect, and meanwhile, other data except the privacy enhancement data block in the data to be processed which the data user equipment wants to acquire can be acquired rapidly and accurately, and the processing efficiency of the data user equipment on the data is improved.
In some exemplary embodiments, before sending the data to be transmitted to the data consumer in step S103, the method includes: and encrypting the privacy enhanced data block by adopting a preset public key to generate data to be transmitted.
The preset public key is used for negotiating the determined public key between the data owner and the data user.
The privacy enhanced data block is encrypted by using the preset public key, so that the safety of the data to be transmitted in the transmission process can be ensured, the preset public key negotiates the determined public key with the data owner and the data user, only the data owner and the data user can encrypt or decrypt the data to be transmitted, and the third party equipment cannot acquire the preset public key, so that the third party equipment cannot acquire the essential information of the data to be transmitted even if intercepting the data to be transmitted, and the possibility of leakage of the data to be transmitted is reduced.
Fig. 2 shows a flow chart of a data processing method according to an embodiment of the present application. The data processing method can be applied to data user equipment (such as mobile phones, personal computers and other terminal equipment). As shown in fig. 2, the data processing method includes, but is not limited to, the following steps.
In step S201, data to be transmitted sent by the server is received.
The data to be transmitted comprises privacy enhancement data blocks, wherein the privacy enhancement data blocks are data blocks obtained by processing at least one privacy data block by a server according to the enhancement degree corresponding to the privacy data blocks in a preset enhancement mode corresponding to the enhancement degree, and the privacy data blocks are any one of a plurality of data blocks provided by a data owner.
Step S202, carrying out statistical analysis on data to be transmitted, and determining a data processing result.
In some exemplary embodiments, before performing the statistical analysis on the data to be transmitted in step S202 to determine the data processing result, the method further includes: and decrypting the data to be transmitted by adopting the private key of the current equipment to obtain the privacy enhanced data block and other privacy data blocks except the privacy enhanced data block.
Wherein the private key of the current device matches a preset public key used by the server.
By decrypting the data to be transmitted by adopting the private key of the data consumer device, other privacy data blocks except the privacy enhanced data block required by the data consumer device can be obtained, so that the data consumer device can conveniently analyze the data based on the other privacy data blocks except the privacy enhanced data block, and the required data processing result is obtained. For example, the data processing result includes information such as data statistics trend.
Moreover, since the data consumer device does not have a decryption method for obtaining the privacy-enhanced data block, the data consumer device cannot decrypt the privacy-enhanced data block any more, so that the security of the original privacy data in the privacy-enhanced data block can be included.
Fig. 3 shows a block diagram of a privacy enhancement server according to an embodiment of the present application. As shown in fig. 3, the privacy enhancement server 300 includes, but is not limited to, the following modules.
The dividing module 301 is configured to divide the data to be processed into a plurality of private data blocks in response to the data to be processed sent by the data owner, where the respective private data blocks have different enhancement degrees.
The processing module 302 is configured to process at least one privacy data block according to the enhancement degree corresponding to the privacy data block by adopting a preset enhancement mode corresponding to the enhancement degree, so as to obtain the privacy enhancement data block.
The sending module 303 is configured to send data to be transmitted to the data consumer, the data to be transmitted comprising privacy enhanced data blocks.
It should be noted that, the privacy enhancing server 300 in the embodiment of the present application can execute any data processing method applied to the privacy enhancing server in the present application, which is not described herein.
In this embodiment, the partitioning module is configured to partition the data to be processed into a plurality of private data blocks in response to the data to be processed sent by the data owner, where each private data block has different enhancement degrees, so as to distinguish each different private data block in the data to be processed, and perform privacy enhancement in different degrees correspondingly, so that data with high enhancement degrees can be better protected; the privacy enhancement data block is obtained by processing at least one privacy data block by a preset enhancement mode corresponding to the enhancement degree according to the enhancement degree corresponding to the privacy data block by using a processing module, so that the privacy enhancement data block obtained after processing can be processed with higher protection degree, and the safety of the privacy data is ensured; and the sending module is used for sending data to be transmitted to the data user, wherein the data to be transmitted comprises privacy enhanced data blocks, so that the data user can obtain the required data and can avoid the leakage of the data with high privacy data degree.
It should be noted that each module in this embodiment is a logic module, and in practical application, one logic unit may be one physical unit, or may be a part of one physical unit, or may be implemented by a combination of multiple physical units. In addition, in order to highlight the innovative part of the present application, elements that are not so close to solving the technical problem presented in the present application are not introduced in the present embodiment, but it does not indicate that other elements are not present in the present embodiment.
FIG. 4 illustrates a block diagram of the components of a data processing system provided in an embodiment of the present application. As shown in fig. 4, the data processing system includes, but is not limited to, the following: a privacy enhancing server 401, a data owner device 402 and a data consumer device 403 in communication.
The privacy enhancement server 401 is configured to execute any one of the data processing methods applied to the privacy enhancement server in the embodiments of the present application.
The data consumer device 403 is configured to perform any of the data processing methods of the embodiments of the present application applied to the data consumer device.
The data owner device 402 is configured to send the data to be processed to the privacy enhancing server, so that the privacy enhancing server processes the data to be processed to generate data to be transmitted.
FIG. 5 is a flow chart illustrating a method of operating a data processing system according to an embodiment of the present application. As shown in FIG. 5, the method of operation of the data processing system includes, but is not limited to, the steps of:
in step S501, the data owner device 402 establishes a communication connection with the privacy enhancement server 401 by means of message interaction.
Wherein the data owner device 402 may register and log into the privacy enhancement server 401 through its internally installed application.
The data owner device 402 may also send a login request to the privacy enhancing server 401, and in response to the login response fed back by the privacy enhancing server 401, determine that the data owner device 402 establishes a communication connection with the privacy enhancing server 401.
In step S502, the data owner device 402 transmits the data to be processed to the privacy enhancement server 401.
The data to be processed is data that the data owner device 402 wants to share with the data consumer device 403 for the data consumer device 403 to use, but includes private data. In order to protect the security of the private data, the privacy enhancement server 401 needs to perform corresponding processing on the data to be processed, so as to avoid disclosure of the private data.
Wherein the data to be processed may comprise at least one of the following data: the method comprises the steps of electric meter numbering, acquisition time of data to be processed, electric meter number, payment time, address information, mobile phone number, identity information of a user corresponding to the electric meter, bank card information of the user, payment amount, temperature, sunshine duration and electricity type (at least one of industrial electricity, agricultural electricity, commercial electricity and civil electricity).
In step S503, the privacy enhancement server 401 divides the data to be processed into a preset number of privacy data blocks.
The privacy data block comprises a data number, an enhancement degree and original privacy data, wherein the data number is determined based on a preset number.
For example, the above-described division process may be implemented using formula (1):
DF1=F1(Dnum, Level) (1)
where DF1 represents a divided privacy data block, F1 represents a function of a dividing method, and Dnum represents a preset number, that is, the data owner device 402 needs to divide the data to be processed into Dnum privacy data blocks. The preset number is an integer greater than or equal to 1.
In some embodiments, when dividing the data to be processed, the data to be processed may be longitudinally divided, or may be transversely divided, or may be divided according to a specific service with a preset division rule, which is not limited in this application and will not be described herein.
It should be noted that, the F1 function is a functional component, and specific algorithms of the functional component are different in different systems or based on different service requirement scenarios.
The Level represents the degree of enhancement, for example, a first degree of enhancement, a second degree of enhancement, a third degree of enhancement, and the like, which are sequentially decreased in degree. For another example, the Level may include two enhancement levels of "strong" and "weak", or may include three enhancement levels of "strong", "medium", and "weak", etc. The above enhancement levels are only exemplified, and can be specifically set according to actual needs, and other enhancement levels not described are also within the protection scope of the present application, and are not described herein.
It should be noted that, the divided privacy data block DF1 may be an ordered sequence, for example, the DF1 includes D1, D2, D3, … …, dn, etc., and the positions of each privacy data block in the data to be processed can be expressed sequentially through the ordered sequence, so as to facilitate the subsequent combined reduction of the data to be processed.
Wherein n represents a preset number, and n is an integer greater than or equal to 1. Each privacy data block corresponds to a unique data number, and the data number can represent the position of the original privacy data in the privacy data block in the data to be processed.
For example, setting n to 8, and performing longitudinal segmentation on the data to be processed, the following 8 private data blocks can be obtained: d1 (electricity meter number, solar duration); d2 (type of electricity used); … … …; d7 (electricity meter number); d8 (address information, mobile phone number, owner identity information corresponding to the ammeter).
In step S504, the privacy enhancing server 401 processes at least one privacy data block in a preset enhancing manner corresponding to the enhancing degree, so as to obtain a privacy enhancing data block.
The data consumer device 403 applies for the data to be processed stored using the data consumer device 402 to the data consumer device 402 and performs a statistical analysis on the data to be processed. The data owner device 402 encrypts the enhanced privacy data D1, D2, D3, … …, D8 with the public key of the data consumer device 403 to form an encrypted data packet DF3, and sends the encrypted data packet DF3 to the data consumer device 403 via the network.
The preset enhancement mode comprises the following steps: at least one of a hash algorithm, homomorphic encryption, federal learning model, and differential privacy algorithm.
For example, under the condition that the enhancement degree corresponding to the privacy data block is determined to be a first enhancement degree, encrypting original privacy data in the privacy data block by adopting a homomorphic encryption mode to obtain encrypted data, wherein the first enhancement degree is the highest intensity degree in a plurality of enhancement degrees; and generating a privacy enhanced data block according to the encrypted data, the homomorphic encryption mode and the corresponding encryption parameters.
For example, for a Level of "strong" D1, D1 may be processed using homomorphic encryption (e.g., paillier algorithm); wherein, each parameter in homomorphic encryption algorithm can be set as follows:
the two large primes chosen at random are: p=11, q=13;
a random integer g=2 in the public key;
λ=lcm (p-1, q-1) =60, μ=25, and random number r=3 in the private key.
The homomorphic encryption method is to perform addition and multiplication operations on the ring of the plaintext and then encrypt the plaintext, and then perform corresponding operations on the ciphertext after encryption, so that the result is equivalent. Because of this good property, the original private data in the private data block can be homomorphic encrypted, and the information in the original private data cannot be revealed.
And, only the data owner (e.g., data owner device 402) can decrypt and view the encrypted data to secure the original private data in the private data block.
For another example, under the condition that the enhancement degree corresponding to the privacy data block is determined to be the second enhancement degree, the federal learning model is adopted to process the original privacy data in the privacy data block, and processed data is obtained; and generating a privacy enhanced data block according to the processed data and parameter information corresponding to the federal learning model.
Federal machine learning (Federated machine learning/Federated Learning), also known as federal learning, is a machine learning technique that uses a single device or system to perform collaborative learning to obtain a federal learning model, while maintaining data local (i.e., privacy enhancing server 401). For example, the privacy enhancing server 401 is a generic server that improves the federal learning model by learning data on the privacy enhancing server 401; then, only the updated model parameters are sent to the centralized model on a centralized server (for example, a cloud server and the like); the updated model parameters can be combined with updated parameters of other devices, so that a shared federal learning model is obtained, the data storage capacity on the centralized server can be reduced, and the learning efficiency can be accelerated.
And under the condition that the enhancement degree corresponding to the privacy data block is determined to be the third enhancement degree, processing the original privacy data in the privacy data block by adopting a differential privacy algorithm to obtain processed data, and generating the privacy enhancement data block according to the processed data and parameter information corresponding to the differential privacy algorithm.
The differential privacy algorithm is a mode of adding processed interference information into the original privacy data in the privacy data block, so that the original privacy data can be hidden, the obtained processed data can enhance the data security, and the risk of being leaked is reduced. For example, differential privacy algorithms include localized (Local) differential privacy used by clients, distributed (Distributed) differential privacy perturbed by trusted intermediate nodes, centralized (Centralized) differential privacy completed by servers, hybrid differential privacy fused with at least two of the foregoing, and the like.
Wherein the second degree of enhancement is weaker than the first degree of enhancement, the third degree of enhancement is weaker than the second degree of enhancement,
in some embodiments, the above processing of the private data block may be implemented using equation (2):
DF2=F2(Ekind, k1, k2, ……, km) (2)
wherein DF2 represents the privacy-enhanced data block obtained after the above processing; DF2 may include: d11, D22, D33, &..the use of the compounds of the invention is also described herein, also an ordered sequence, wherein, the privacy-enhanced data blocks Dnn are in one-to-one correspondence with the privacy data blocks Dn in the privacy data block DF1, nn represents a preset number, and nn is an integer greater than or equal to 1.
F2 represents a data processing method, ekind represents a preset enhancement mode, k1, k2, … …, km respectively represent parameters corresponding to the preset enhancement mode, and m is an integer greater than or equal to 1.
For example, when Ekind is set to 1, the preset enhancement mode used for characterization is a homomorphic encryption mode, and the parameters to be used include: an addition homomorphic parameter k1, a multiplication homomorphic parameter k2, a mixed multiplication homomorphic parameter k3, a subtraction homomorphic parameter k4, a division homomorphic parameter k5, an algebraic homomorphic parameter k6, an arithmetic homomorphic parameter k7, and the like.
Wherein, each different parameter can represent the weight value in each different homomorphic processing procedure in the homomorphic encryption mode. For example, if an addition homomorphism is used, the corresponding addition homomorphism parameter k1 is 1, and the other parameters are 0; if the multiplication homomorphism is used, the corresponding multiplication homomorphism parameter k2 is 1, and the other parameters are 0; etc.
It should be noted that, when the coefficient homomorphism parameter k6 is 1, it means that the data processing needs to be performed by using the addition homomorphism and the multiplication homomorphism modes at the same time; when the arithmetic homomorphism parameter k7 is 1, it means that the addition homomorphism, the subtraction homomorphism, the multiplication homomorphism, and the division homomorphism need to be used at the same time.
For another example, when Ekind is set to 2, the preset enhancement mode used for characterization is a differential privacy algorithm, and the parameters to be used include: global average of scores k1, data bias term parameter k2, etc.
When Ekind is set to 3, the preset enhancement mode used for characterization is a federal learning model, and at this time, parameters to be used include: the number of models processed in combination, k1, the number of rollback intervals, k2, the number of pruning intervals, k3, etc.
It should be noted that, the convolutional layer is pruned in a structured manner by the pruning wheel, and the global model is rolled back by the rolling wheel based on the set model rolling back conditions. For example, if the number of return rollers is set to 30 and the number of pruning wheel intervals is set to 70, the 70 th wheel is a pruning wheel and the 100 th (i.e., 70+30) th wheel is a return roller.
In the training process of the federal learning model, whether the current wheel is a rollback wheel or not is judged, and if the current wheel is the rollback wheel, the model precision of the updated federal learning model to be pruned is calculated. If the current wheel is not the return wheel, judging whether the current wheel is a pruning wheel or not. If the current wheel is a pruning wheel, pruning is carried out on the updated federal learning model to be pruned according to the pruning rate of the convolution layer corresponding to the current wheel, and the federal learning model to be pruned after pruning is determined to be a target model.
Step S505, the privacy enhancement server 401 encrypts at least one privacy enhancement data block obtained by the method with a preset public key to generate data to be transmitted; and sends the data to be transmitted to the data consumer device 403.
The data to be transmitted may further include other data blocks except the privacy enhanced data block, and since the enhancement degree of the other data blocks is lower than the preset threshold, the corresponding preset enhancement mode may be not processing, that is, encryption processing is not performed on the other data blocks, so that the processing time of the data is reduced, and the data processing efficiency is improved.
In step S506, after receiving the data to be transmitted, the data consumer device 403 decrypts the data to be transmitted using the private key of the data consumer device 403 to obtain the privacy-enhanced data block and other data blocks except the privacy-enhanced data block.
After receiving the encrypted data packet DF3, the data consumer device 403 logs in the privacy enhancement server 401 and deploys the encrypted data packet DF3 to a local client of the data consumer device 403, then decrypts the DF3 by using a private key of the data consumer device 403, and performs inverse operation on components provided by the privacy enhancement server 401 to obtain D1, D2, D3, … … and D8, and on the basis, the data consumer device 403 performs statistical analysis and utilization on the private data D1, D2, D3, … … and D8.
In step S507, the data consumer device 403 analyzes the data blocks other than the privacy enhanced data block to obtain the data processing result desired by the data consumer device 403.
It should be noted that, since the privacy enhanced data block is a data block processed by the preset enhancement mode, it can be ensured that the privacy data block with the enhancement degree higher than the preset threshold is not acquired by the data consumer device 403, so as to reduce the possibility of disclosure of the privacy data and improve the security of the privacy data.
In this embodiment, the privacy enhancement server 401 divides the data to be processed into a preset number of privacy data blocks, so that different modes of processing can be performed on each privacy data block based on the enhancement degree corresponding to each privacy data block, so that the "privacy on demand" can be realized, the processes such as the data processing process (such as the data encryption and decryption process and the joint operation process) can be reduced as much as possible, the data processing delay can be reduced, the security of the privacy data can be ensured, the occurrence of the condition of system resource waste caused by the enhancement processing on the privacy data with weak enhancement degree can be reduced, and the processing efficiency of the data can be improved.
In the above embodiment, the "privacy on demand", that is, the privacy enhancement technology with pertinence is adopted for different data types in different scenes, the user sets the data (that is, the data to be processed) to be subjected to the privacy enhancement processing by himself, only the data to be processed is subjected to the data classification, and the combination of various different privacy enhancement technologies is adopted to enhance pertinence for the data to be processed, so as to minimize the processes of encryption, decryption, joint operation and the like. The method has the advantages that computing resources (such as resources for encryption processing of data without privacy enhancement requirements) are saved, processes of encryption, decryption, joint operation and the like are reduced, and system resource occupation proportion and calculation effort cost caused by unnecessary privacy enhancement are reduced; the encryption quality of the data can be improved, and the risk of sensitive information leakage when the data value is discovered by the data user equipment 403 is reduced.
Fig. 6 shows a block diagram of an electronic device according to an embodiment of the present application.
As shown in fig. 6, the electronic device 600 includes an input device 601, an input interface 602, a central processor 603, a memory 604, an output interface 605, and an output device 606. The input interface 602, the central processor 603, the memory 604, and the output interface 605 are connected to each other through a bus 607, and the input device 601 and the output device 606 are connected to the bus 607 through the input interface 602 and the output interface 605, respectively, and further connected to other components of the electronic device 600.
Specifically, the input device 601 receives input information from the outside and transmits the input information to the central processor 603 through the input interface 602; the central processor 603 processes the input information based on computer executable instructions stored in the memory 604 to generate output information, temporarily or permanently stores the output information in the memory 604, and then transmits the output information to the output device 606 through the output interface 605; the output device 606 outputs the output information to the outside of the electronic device 600 for use by a user.
In one embodiment, the electronic device shown in fig. 6 may include: a memory configured to store a program; and a processor configured to execute the program stored in the memory to perform the data processing method described in the above embodiment.
In one embodiment, the electronic device shown in FIG. 6 may be implemented as a data processing system, which may include: a memory configured to store a program; and a processor configured to execute the program stored in the memory to perform the data processing method described in the above embodiment.
The foregoing is merely exemplary embodiments of the present application and is not intended to limit the scope of the present application. In general, the various embodiments of the application may be implemented in hardware or special purpose circuits, software, logic or any combination thereof. For example, some aspects may be implemented in hardware, while other aspects may be implemented in firmware or software which may be executed by a controller, microprocessor or other computing device, although the application is not limited thereto.
Embodiments of the present application may be implemented by a data processor of a mobile device executing computer program instructions, e.g. in a processor entity, either in hardware, or in a combination of software and hardware. The computer program instructions may be assembly instructions, instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source or object code written in any combination of one or more programming languages.
The block diagrams of any logic flow in the figures of this application may represent program steps, or may represent interconnected logic circuits, modules, and functions, or may represent a combination of program steps and logic circuits, modules, and functions. The computer program may be stored on a memory. The memory may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as, but not limited to, read Only Memory (ROM), random Access Memory (RAM), optical storage devices and systems (digital versatile disk DVD or CD optical disk), etc. The computer readable medium may include a non-transitory storage medium. The data processor may be of any type suitable to the local technical environment, such as, but not limited to, general purpose computers, special purpose computers, microprocessors, digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), programmable logic devices (FGPAs), and processors based on a multi-core processor architecture.
By way of exemplary and non-limiting example, a detailed description of exemplary embodiments of the present application has been provided above. Various modifications and adaptations to the above embodiments may become apparent to those skilled in the art without departing from the scope of the present disclosure, in view of the accompanying drawings and claims. Accordingly, the proper scope of the disclosure is to be determined according to the claims.

Claims (10)

1. A method of data processing, the method comprising:
responding to data to be processed sent by a data owner, dividing the data to be processed into a plurality of privacy data blocks, wherein the enhancement degrees corresponding to the privacy data blocks are different;
processing at least one privacy data block by adopting a preset enhancement mode corresponding to the enhancement degree according to the enhancement degree corresponding to the privacy data block to obtain a privacy enhancement data block;
and sending data to be transmitted to a data user, wherein the data to be transmitted comprises the privacy enhanced data block.
2. The method of claim 1, wherein the dividing the data to be processed into a plurality of private data blocks in response to the data to be processed sent by the data owner comprises:
receiving data to be processed sent by the data owner;
dividing the data to be processed into a preset number of privacy data blocks;
the privacy data block comprises a data number, an enhancement degree and original privacy data, wherein the data number is determined based on the preset number.
3. The method according to claim 2, wherein the enhancement level corresponding to the privacy data block includes a first enhancement level, and the preset enhancement mode includes a homomorphic encryption mode;
Processing at least one privacy data block by adopting a preset enhancement mode corresponding to the enhancement degree according to the enhancement degree corresponding to the privacy data block to obtain a privacy enhanced data block, wherein the processing comprises the following steps:
under the condition that the enhancement degree corresponding to the privacy data block is determined to be a first enhancement degree, encrypting original privacy data in the privacy data block in a homomorphic encryption mode to obtain encrypted data, wherein the first enhancement degree is the highest intensity degree in a plurality of enhancement degrees;
and generating the privacy enhanced data block according to the encrypted data, the homomorphic encryption mode and the corresponding encryption parameters.
4. A method according to claim 3, wherein the corresponding enhancement levels of the privacy data block further comprise a second enhancement level and/or a third enhancement level, the second enhancement level being weaker than the first enhancement level and the third enhancement level being weaker than the second enhancement level, the preset enhancement mode further comprising a federal learning model and/or a differential privacy algorithm;
processing at least one privacy data block by adopting a preset enhancement mode corresponding to the enhancement degree according to the enhancement degree corresponding to the privacy data block to obtain a privacy enhanced data block, wherein the processing comprises the following steps:
Under the condition that the enhancement degree corresponding to the privacy data block is determined to be the second enhancement degree, processing the original privacy data in the privacy data block by adopting a federal learning model to obtain processed data; generating the privacy enhanced data block according to the processed data and the parameter information corresponding to the federal learning model;
and under the condition that the enhancement degree corresponding to the privacy data block is the third enhancement degree, adopting a differential privacy algorithm to process the original privacy data in the privacy data block to obtain processed data, and generating the privacy enhancement data block according to the processed data and parameter information corresponding to the differential privacy algorithm.
5. The method according to any of claims 1 to 4, wherein the number of privacy enhanced data blocks is the same as the number of privacy data blocks or the number of privacy enhanced data blocks is less than the number of privacy data blocks.
6. The method according to any of claims 1 to 4, characterized in that before the sending of the data to be transmitted to the data consumer, the method comprises:
Encrypting the privacy enhanced data block by adopting a preset public key to generate the data to be transmitted; the preset public key is a public key determined by negotiation between the data owner and the data user.
7. A method of data processing, the method comprising:
receiving data to be transmitted sent by a server, wherein the data to be transmitted comprises privacy enhancement data blocks, the privacy enhancement data blocks are data blocks obtained by processing at least one privacy data block by the server according to enhancement degrees corresponding to the privacy data blocks in a preset enhancement mode corresponding to the enhancement degrees, and the privacy data blocks are any one of a plurality of data blocks provided by a data owner;
and carrying out statistical analysis on the data to be transmitted, and determining a data processing result.
8. The method of claim 7, wherein the statistical analysis is performed on the data to be transmitted, and wherein prior to determining the data processing result, the method further comprises:
decrypting the data to be transmitted by adopting a private key of the current equipment to obtain the privacy enhanced data block and other data blocks except the privacy enhanced data block;
Wherein the private key of the current device matches a preset public key used by the server.
9. A privacy enhancing server, comprising:
the dividing module is configured to respond to data to be processed sent by a data owner and divide the data to be processed into a plurality of privacy data blocks, and the enhancement degrees corresponding to the privacy data blocks are different;
the processing module is configured to process at least one privacy data block by adopting a preset enhancement mode corresponding to the enhancement degree according to the enhancement degree corresponding to the privacy data block to obtain a privacy enhancement data block;
and the sending module is configured to send data to be transmitted to a data user, wherein the data to be transmitted comprises the privacy enhanced data block.
10. A data processing system, comprising: a privacy enhancement server, a data owner device and a data consumer device in communication connection;
the privacy enhancing server configured to perform the data processing method of any one of claims 1 to 6;
the data consumer device configured to perform the data processing method of any one of claims 7 to 8;
The data owner device is configured to send data to be processed to the privacy enhancement server, so that the privacy enhancement server processes the data to be processed to generate data to be transmitted.
CN202311749185.1A 2023-12-19 2023-12-19 Data processing method, server and system Pending CN117786739A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311749185.1A CN117786739A (en) 2023-12-19 2023-12-19 Data processing method, server and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311749185.1A CN117786739A (en) 2023-12-19 2023-12-19 Data processing method, server and system

Publications (1)

Publication Number Publication Date
CN117786739A true CN117786739A (en) 2024-03-29

Family

ID=90382748

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311749185.1A Pending CN117786739A (en) 2023-12-19 2023-12-19 Data processing method, server and system

Country Status (1)

Country Link
CN (1) CN117786739A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112528316A (en) * 2020-09-18 2021-03-19 江苏方天电力技术有限公司 Privacy protection lineage workflow publishing method based on Bayesian network
CN114564740A (en) * 2021-02-06 2022-05-31 陈笑男 Big data anonymization processing method and big data processing equipment
CN116702206A (en) * 2023-06-16 2023-09-05 阳光电源股份有限公司 Data processing method, system and related equipment
CN116761165A (en) * 2023-07-11 2023-09-15 沈阳理工大学 Position protection method based on dynamic privacy budget mechanism

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112528316A (en) * 2020-09-18 2021-03-19 江苏方天电力技术有限公司 Privacy protection lineage workflow publishing method based on Bayesian network
CN114564740A (en) * 2021-02-06 2022-05-31 陈笑男 Big data anonymization processing method and big data processing equipment
CN116702206A (en) * 2023-06-16 2023-09-05 阳光电源股份有限公司 Data processing method, system and related equipment
CN116761165A (en) * 2023-07-11 2023-09-15 沈阳理工大学 Position protection method based on dynamic privacy budget mechanism

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
清华大学金融科技研究院: "《数据要素化100问》", 28 February 2023, 人民日报出版社, pages: 71 - 72 *
莫宏伟: "《人工智能伦理导论》", 28 February 2022, 西安电子科技大学出版社, pages: 176 *

Similar Documents

Publication Publication Date Title
US20210173618A1 (en) Converting a boolean masked value to an arithmetically masked value for cryptographic operations
Badsha et al. Privacy preserving user-based recommender system
WO2020015478A1 (en) Model-based prediction method and device
CN111586000B (en) Full-proxy homomorphic re-encryption transmission system and operation mechanism thereof
EP3506547A1 (en) Providing security against user collusion in data analytics using random group selection
CN111371545B (en) Encryption method and system based on privacy protection
Huang et al. Achieving accountable and efficient data sharing in industrial internet of things
US7860245B2 (en) Methods and systems for multi-party sorting of private values
EP3230921B1 (en) Multiplicative masking for cryptographic operations
CN110166423B (en) User credit determination method, device and system and data processing method
Pillai et al. Privacy-Preserving Network Traffic Analysis Using Homomorphic Encryption
CN112953974B (en) Data collision method, device, equipment and computer readable storage medium
CN111143862B (en) Data processing method, query method, device, electronic equipment and system
CN113704799A (en) Method, device, equipment, storage medium and program product for processing box data
CN110737905B (en) Data authorization method, data authorization device and computer storage medium
US10650083B2 (en) Information processing device, information processing system, and information processing method to determine correlation of data
CN111159730B (en) Data processing method, query method, device, electronic equipment and system
WO2024138854A1 (en) Method and system for protecting privacy in federated learning prediction stage
CN116644472A (en) Data encryption and data decryption methods and devices, electronic equipment and storage medium
CN115599959A (en) Data sharing method, device, equipment and storage medium
CN117786739A (en) Data processing method, server and system
CN112749780B (en) Data processing method, device and equipment
Mahdikhani et al. Achieve privacy-preserving simplicial depth query over collaborative cloud servers
CN115037442B (en) Model effect detection method and device, storage medium and equipment
CN112948080B (en) Data processing method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination