CN117874806A

CN117874806A - Privacy joint computing method and device based on trusted execution environment

Info

Publication number: CN117874806A
Application number: CN202311734044.2A
Authority: CN
Inventors: 许川; 卫骞; 赵华宇; 杜浩; 赵东; 王兆凯; 卞阳; 张伟奇
Original assignee: Hangzhou Fucan Technology Co ltd
Current assignee: Hangzhou Fucan Technology Co ltd
Priority date: 2023-12-14
Filing date: 2023-12-14
Publication date: 2024-04-12

Abstract

The application discloses a privacy joint calculation method and device based on a trusted execution environment. Acquiring privacy joint calculation request data; carrying out data synchronization processing on the privacy joint calculation request data based on a preset trusted execution environment program to obtain encrypted calculation data, wherein the encrypted calculation data is used for representing a data sharing party; after the privacy joint calculation task execution request data is obtained, carrying out data auditing processing on the privacy joint calculation task execution request data to obtain auditing result data, wherein the privacy joint calculation task execution request data comprises the privacy joint calculation task execution data; and performing task execution processing on the privacy joint calculation task execution data according to the auditing result data. And the verification based on the feasible execution environment is performed through the privacy joint calculation task, and the data file and the identity of the sharing party in the privacy joint calculation are verified, so that the technical effect of improving the data security is realized.

Description

Privacy joint computing method and device based on trusted execution environment

Technical Field

The application relates to the field of digital networking, in particular to a privacy joint computing method and device based on a trusted execution environment.

Background

The digital networking is a "virtual/data" network formed over the "physical/machine" internet by connecting together a large variety of heterogeneous data platforms and systems via a data-centric open software architecture and standardized interoperability protocols based on software definitions. In a digital networking system, data circulation interaction and joint calculation have data leakage risks, so that data are difficult to fully fuse and use, and the value of the data cannot be exerted to the greatest extent. Under the traditional joint computing scene, the memory of the computing task process is not encrypted, the computing process is not protected, the data can be detected, and the risk of data leakage exists.

Therefore, the joint computation in the prior art digital networking system has the problem of lower data security.

Disclosure of Invention

The main aim of the application is to provide a privacy joint calculation method and device based on a trusted execution environment, so as to solve the problem of low data security in joint calculation in a digital networking system in the prior art, and realize the technical effect of improving the data security.

In order to achieve the above object, a first aspect of the present application proposes a privacy joint computing method based on a trusted execution environment, applied to a data sharing scenario between an initiator and a participant, the method comprising:

Acquiring privacy joint calculation request data, wherein the privacy joint calculation request data is request data for representing privacy joint calculation task data synchronization;

performing data synchronization processing on the privacy joint calculation request data based on a preset trusted execution environment program to obtain encrypted calculation data, wherein the encrypted calculation data is used for representing a data sharing party;

after the privacy joint calculation task execution request data is obtained, carrying out data auditing treatment on the privacy joint calculation task execution request data to obtain auditing result data, wherein the privacy joint calculation task execution request data comprises privacy joint calculation task execution data;

and performing task execution processing on the privacy joint calculation task execution data according to the auditing result data.

Further, performing data synchronization processing on the privacy joint calculation request data based on a preset trusted execution environment program to obtain encrypted calculation data includes:

performing verification processing based on a first identity to the privacy joint calculation request data to obtain first identity verification result data, wherein the first identity verification result data is data for representing a first data sharing party identity verification result;

If the corresponding verification result of the first identity verification result data is verification passing, acquiring first encrypted data based on data synchronization processing of a preset trusted execution environment program, wherein the first encrypted data is encrypted data used for representing a first data sharing party;

and performing verification processing based on a preset trusted execution environment program on the first encrypted data to obtain the encrypted calculation data, wherein the encrypted calculation data is an encrypted data file which passes the verification based on the preset trusted execution environment program.

Further, performing authentication processing based on the first identity on the privacy joint calculation request data to obtain first identity authentication result data includes:

performing identification processing based on a first identity to the privacy joint calculation request data to obtain first identity data, wherein the first identity data is data for representing the identity of a first data sharing party, and the first identity data comprises a first identity public key and a first identity signature;

performing verification processing based on a preset collaboration list on the first identity public key to obtain first identity public key verification result data;

Performing verification processing based on signature legitimacy on the first identity signature to obtain first identity signature verification result data;

and determining the first identity verification result data according to the first identity public key verification result data and the first identity signature verification result data.

Further, performing verification processing based on a preset trusted execution environment program on the first encrypted data, and obtaining the encrypted computing data includes:

performing decryption processing based on a preset trusted execution environment program on the first encrypted data file to obtain a data decryption key;

decrypting the encrypted data file by the data decryption key and a preset decryption algorithm to obtain process calculation data;

performing a legal verification process based on the data signature on the process calculation data to determine whether the data signature of the process calculation data is legal,

if the data signature of the process calculation data is illegal, ending the privacy joint calculation task;

and if the data signature of the process calculation data is legal, carrying out file encryption storage processing on the process calculation data based on a preset encryption algorithm to obtain the encryption calculation data.

Further, after the privacy joint computing task execution request data is obtained, performing data auditing processing on the privacy joint computing task execution request data to obtain auditing result data, wherein the auditing result data comprises:

performing recognition processing based on data characteristics on the privacy joint calculation task execution request data to obtain a task data file and task code data, wherein the privacy joint calculation task execution request data is data for representing that an initiator requests to execute privacy joint calculation;

performing recognition processing based on data identification on the task data file to obtain task identification data, wherein the task identification data is identification data used for representing a participant corresponding to the task data file;

and carrying out data auditing processing on the task data file and the task code file based on a preset trusted execution environment program according to the task identification data to obtain the auditing result data.

Further, before acquiring the privacy joint calculation request data, the privacy joint calculation method further includes:

acquiring preset trusted execution environment program data, wherein the preset trusted execution environment program data is data for representing a trusted execution environment program;

Performing first configuration processing based on a preset pivot node on the preset trusted execution environment program data, and returning preset trusted execution environment program configuration information;

acquiring program request data, wherein the program request data is data for representing a trusted execution environment program requesting to use a preset hub node;

and performing audit verification processing based on a preset trusted authority on the preset trusted execution environment program according to the program request data to obtain the preset trusted execution environment program.

Further, performing a first configuration process based on a preset pivot node on the preset trusted execution environment program data, and returning the preset trusted execution environment program configuration information includes:

performing verification processing based on program compiling on the preset trusted execution environment program data to judge whether the preset trusted execution environment program data is tampered or not;

performing deployment starting processing on the preset trusted execution environment program data;

and carrying out registration processing on the preset trusted execution environment program data, and returning the configuration information of the preset trusted execution environment program.

According to a second aspect of the present application, a privacy joint computing device based on a trusted execution environment is provided, which is applied to a data sharing scenario between an initiator and a participant, and the device comprises:

The first request module is used for acquiring privacy joint calculation request data, wherein the privacy joint calculation request data is request data used for representing privacy joint calculation task data synchronization;

the request verification module is used for carrying out data synchronization processing on the privacy joint calculation request data based on a preset trusted execution environment program to obtain encryption calculation data, wherein the encryption calculation data is encryption data used for representing a data sharing party;

the data auditing module is used for carrying out data auditing processing on the privacy joint calculation task execution request data after acquiring the privacy joint calculation task execution request data to obtain auditing result data, wherein the privacy joint calculation task execution request data comprises privacy joint calculation task execution data;

and the task execution module is used for executing task execution processing on the privacy joint calculation task execution data according to the auditing result data.

According to a third aspect of the present application, a computer-readable storage medium is provided, where computer instructions are stored, and the computer instructions are configured to cause the computer to perform the above-mentioned privacy joint calculation method based on a trusted execution environment.

According to a fourth aspect of the present application, there is provided an electronic device comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to cause the at least one processor to perform the above-described privacy joint calculation method based on a trusted execution environment.

The technical scheme provided by the embodiment of the application can comprise the following beneficial effects:

in the application, acquiring privacy joint calculation request data, wherein the privacy joint calculation request data is request data for representing privacy joint calculation task data synchronization; performing data synchronization processing on the privacy joint calculation request data based on a preset trusted execution environment program to obtain encrypted calculation data, wherein the encrypted calculation data is used for representing a data sharing party; after the privacy joint calculation task execution request data is obtained, carrying out data auditing treatment on the privacy joint calculation task execution request data to obtain auditing result data, wherein the privacy joint calculation task execution request data comprises privacy joint calculation task execution data; and performing task execution processing on the privacy joint calculation task execution data according to the auditing result data. In the privacy joint calculation process, the authentication based on the feasible execution environment is carried out through the privacy joint calculation task, and the data file and the identity of the sharing party in the privacy joint calculation are authenticated, so that the problem of lower data security in the joint calculation in the digital networking system in the prior art is solved, and the technical effect of improving the data security is realized.

Drawings

The accompanying drawings, which are incorporated in and constitute a part of this application, are included to provide a further understanding of the application and to provide a further understanding of the application with regard to the other features, objects and advantages of the application. The drawings of the illustrative embodiments of the present application and their descriptions are for the purpose of illustrating the present application and are not to be construed as unduly limiting the present application. In the drawings:

fig. 1 is a schematic diagram of implementing privacy joint calculation based on hub nodes in a digital networking scenario provided by the present application;

FIG. 2 is a flowchart of a privacy joint calculation method based on a trusted execution environment provided by the present application;

FIG. 3 is a flowchart of a method for performing data synchronization processing based on a preset trusted execution environment program provided by the present application;

FIG. 4 is a flowchart of a privacy joint calculation method based on a trusted execution environment provided by the present application;

fig. 5a and 5b are schematic flow diagrams of data auditing processing for privacy joint computing task execution request data provided in the present application;

FIG. 6 is a flowchart of a privacy joint calculation method based on trusted execution environment provided by the present application;

fig. 7a and fig. 7b are flowcharts of a method for deploying, starting and registering a TEE program of a hub node of digital network;

FIG. 8 is a flowchart of a method for a digital network supply and demand node to apply for a TEE procedure using a hub node;

fig. 9 is a schematic diagram of a privacy joint computing device based on a trusted execution environment provided in the present application.

Detailed Description

In order to make the present application solution better understood by those skilled in the art, the following description will be made in detail and with reference to the accompanying drawings in the embodiments of the present application, it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, shall fall within the scope of the present application.

It should be noted that the terms "first," "second," and the like in the description and claims of the present application and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate in order to describe the embodiments of the present application described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

In the present application, the terms "upper", "lower", "left", "right", "front", "rear", "top", "bottom", "inner", "outer", "middle", "vertical", "horizontal", "lateral", "longitudinal" and the like indicate an azimuth or a positional relationship based on that shown in the drawings. These terms are used primarily to better describe the present application and its embodiments and are not intended to limit the indicated device, element or component to a particular orientation or to be constructed and operated in a particular orientation.

Also, some of the terms described above may be used to indicate other meanings in addition to orientation or positional relationships, for example, the term "upper" may also be used to indicate some sort of attachment or connection in some cases. The specific meaning of these terms in this application will be understood by those of ordinary skill in the art as appropriate.

Furthermore, the terms "mounted," "configured," "provided," "connected," "coupled," and "sleeved" are to be construed broadly. For example, "connected" may be in a fixed connection, a removable connection, or a unitary construction; may be a mechanical connection, or an electrical connection; may be directly connected, or indirectly connected through intervening media, or may be in internal communication between two devices, elements, or components. The specific meaning of the terms in this application will be understood by those of ordinary skill in the art as the case may be.

In a digital networking system, data leakage risks exist in data circulation interaction and data joint calculation of all parties, so that all parties have worry about multi-play joint calculation, and data value is difficult to develop.

The trusted execution environment (Trusted Execution Environment, TEE) constructs a secure area in the central processing unit by a software and hardware method, ensures that the programs and data loaded therein are protected in confidentiality and integrity, and the programs running in the trusted execution environment are called TEE programs.

In an alternative embodiment of the present application, a privacy joint calculation method based on a preset trusted execution environment is provided, in a scenario of digital networking, data interaction is performed through a hub node of the digital networking, so that in the embodiment of the present application, a TEE program is deployed at the hub node, registered and authenticated with a third party trusted authority through the TEE program, so that a supply and demand node of the digital networking trusts a certain hub node TEE program, and fig. 1 is a schematic diagram of implementing privacy joint calculation based on the hub node in the scenario of digital networking provided by the present application. Because the privacy joint computation implemented based on the TEE program has versatility, there is no number limitation on the supply and demand nodes participating in the joint privacy computation.

In an alternative embodiment of the present application, a privacy joint computing method based on a trusted execution environment is provided, which is applied to a data sharing scenario between an initiator and a participant, when a node initiates a privacy joint computing task request, an implementation process of performing a privacy joint computing task in the trusted execution environment is implemented, and fig. 2 is a flowchart of the privacy joint computing method based on the trusted execution environment provided in the present application, as shown in fig. 2, and the method includes the following steps:

s101: acquiring privacy joint calculation request data;

the privacy joint calculation request data is request data for representing the synchronization of the privacy joint calculation task data; the privacy joint calculation is used in a data sharing scene between an initiator and a participant, and comprises a plurality of data sharing parties, wherein the data sharing parties can be the initiator and also can be the participant, the data sharing parties can provide own data, the TEE program based on the hub node initiates a privacy joint calculation task, and the data sharing parties in the privacy joint calculation task are the supply and demand nodes of the data networking. The TEE program is deployed at the hub node of the quantity network scene, and registers and authenticates with the third party trusted authority through the TEE program, so that the supply and demand nodes of the digital network trust a certain hub node TEE program. For example, n insurance companies agree to perform joint calculation, and use a certain hub node TEE program to perform joint calculation, where n insurance companies all share data, and n insurance companies all send privacy joint calculation requests to the TEE program.

S102: carrying out data synchronization processing based on a preset trusted execution environment program on the privacy joint calculation request data to obtain encrypted calculation data;

the encryption calculation data is encryption data used for representing a data sharing party;

after receiving the privacy joint calculation request data, the TEE program checks the identity and task related characteristics of each data sharing party requesting the privacy joint calculation, and when the verification passes, the TEE program is used for synchronizing the encrypted data of each data sharing party, the TEE program encrypts and stores the encrypted data of each data sharing party into the TEE program again after receiving the encrypted data of each data sharing party, and the data of each data sharing party can be used for calculation of different joint calculation tasks after being processed and stored into the TEE program. Fig. 3 is a flowchart of a method for performing data synchronization processing based on a preset trusted execution environment program provided in the present application.

In another alternative embodiment of the present application, a privacy joint calculation method based on a trusted execution environment is provided, and fig. 4 is a flowchart of a privacy joint calculation method based on a trusted execution environment provided in the present application, as shown in fig. 4, and the method includes the following steps:

s201: performing verification processing based on the first identity characteristic on the privacy joint calculation request data to obtain first identity verification result data;

The first identity verification result data is data used for representing the identity characteristic verification result of the first data sharing party;

when a privacy joint calculation task request is initiated, a data synchronization request is initiated, data is synchronized to a TEE program, a data synchronization interface is requested, and the data synchronization interface comprises the following parameters:

a. request header: auth-pub is the identity public key of the requesting party. Authsig is the signature value of the requestor on the requestor.

b. Request body: size is the data file size. A crypto_key is a key encrypted with the identity public key of the TEE program. File_sig is a signature value of plaintext data of a data file. Url is the address of the data file. And 5. The verification is an encrypted verification parameter and corresponds to an encryption algorithm. Filename is the data file name.

In another optional embodiment of the present application, there is provided a privacy joint calculation method based on a trusted execution environment, including:

performing identification processing based on a first identity feature on the privacy joint calculation request data to obtain first identity feature data, wherein the first identity feature data is data used for representing the identity feature of an initiator, and comprises a first identity public key and a first identity signature; performing verification processing based on a preset collaboration list on the first identity public key to obtain first identity public key verification result data; performing verification processing based on signature legitimacy on the first identity signature to obtain first identity signature verification result data; and determining the first identity verification result data according to the first identity public key verification result data and the first identity signature verification result data. After receiving the data synchronization request, the TEE program checks whether the auth-pub is in the supply-demand cooperation list, and when the auth-pub checking result is in the supply-demand cooperation list, the first identity public key passes the checking, and the checking processing of the first identity signature is carried out, namely, whether the auth-sig signature value is legal is checked; and when the auth-pub verification result is not in the supply and demand list, the first identity public key verification is not passed, and the process is ended.

S202: if the corresponding verification result of the first identity verification result data is verification passing, acquiring first encrypted data based on data synchronization processing of a preset trusted execution environment program;

the first encrypted data is encrypted data for representing a first data sharing party;

s203: and performing verification processing based on a preset trusted execution environment program on the first encrypted data to obtain encrypted calculation data.

The encrypted calculation data is an encrypted data file which is verified and passed based on a preset trusted execution environment program.

In another optional embodiment of the present application, there is provided a privacy joint calculation method based on a trusted execution environment, including: performing decryption processing based on a preset trusted execution environment program on the first encrypted data file to obtain a data decryption key; decrypting the encrypted data file by using the data decryption key and a preset decryption algorithm to obtain process calculation data; performing legal verification processing based on the data signature on the process calculation data to judge whether the data signature of the process calculation data is legal or not, and ending the privacy joint calculation task if the data signature of the process calculation data is illegal; if the data signature of the process calculation data is legal, file encryption and storage processing based on a preset encryption algorithm is carried out on the process calculation data, so that the encrypted calculation data is obtained.

If the first identity verification result of the data sharing party passes, the TEE program downloads the data file provided by the encrypted data sharing party according to url, wherein encryption and verification processing are carried out on the process, specifically, a private key of the TEE program is used for decrypting the crypto_key to obtain a data decryption key file_key, the file_key and the verification are used for decrypting the data file, and whether the file_sig value is legal or not is verified, after the verification is passed, the TEE program runs a key B for encrypting the file and preserving the file in a lasting mode, wherein the key B is an encryption and decryption key of the data file in running mode, the key B is a new key derived from the private key and the key A, the same TEE program and the measurement value are consistent, so that the key A is consistent, and data encrypted by the key A can be used in intercommunication. But the public and private keys are not consistent every time they are generated, so the derived keys B are not consistent, wherein the data can be used inter-working after the same TEE program is deployed by setting the keys B to prevent multiple services from being used.

S103: after the privacy joint calculation task execution request data is obtained, carrying out data auditing treatment on the privacy joint calculation task execution request data to obtain auditing result data;

the privacy joint calculation task execution request data comprises privacy joint calculation task execution data;

performing recognition processing based on data characteristics on the privacy joint calculation task execution request data to obtain a task data file and task code data, wherein the data used for representing that an initiator requests to execute privacy joint calculation is used when the privacy joint calculation task execution request data; performing recognition processing based on data identification on a task data file to obtain task identification data, wherein the task identification data is identification data used for representing a participant corresponding to the task data file; and carrying out data auditing processing on the task data file and the task code file based on a preset trusted execution environment program according to the task identification data to obtain auditing result data, wherein the data auditing processing comprises the following steps: and sending the required data file and the task code to the TEE program, wherein the required data file is a list used for representing the required file of the joint calculation task initiated by the initiator, the TEE program checks whether the required file is uploaded and synchronized to the TEE program in the process of executing the task, when the required file is determined to be in the TEE program, the private key of the TEE is used for signing the whole data file and the task code, the signature value is returned to the initiator, the initiator sends the signature to other participants for checking, and after all authorized signatures are obtained, the data checking passes and the next operation is executed.

Fig. 5a and 5b are schematic flow diagrams of data auditing processing for private joint calculation task execution request data, as shown in fig. 5, after each data sharing party synchronizes data to a TEE program of a certain hub node, one of the data sharing parties initiates a joint calculation task execution request, that is, the initiator generates private joint calculation task execution request data, where the private joint calculation task execution request data includes private joint calculation task execution data, and the private joint calculation task execution data includes joint calculation task code data and data files required by the joint calculation task, where the data files required by the joint calculation task are synchronized by the data sharing party to data files in the TEE program. And initiating a joint calculation task execution request, wherein the initiator definitely uses the data files of the participants to provide joint calculation task codes, transmitting a required data file list and the task codes to all the participants for checking, and calling a task calculation interface of the TEE program after all the checking passes. For example, 4 insurance companies A, B, C and D agree on a TEE program of a hub node to perform joint calculation, the A, B, C and D synchronize respective data to the TEE program, the A company requests to perform joint calculation task execution, a data file B of the B and C companies is needed, the joint computing task execution comprises three participants, a participant 1 (a task initiator) sends a task code and a required data file list to a TEE program, the TEE program checks whether data files exist or not, and then a signature value sig_tee is generated according to the task code and the data file list and returned to the participant 1.b. Participant 1 sends the task code, the required data file list and sig_tee to participants 2 and 3. Parties 2 and 3 check if sig_tee is legal, respectively, and review the task code and data file. And generating sig_2 and sig_3 according to the task code, the required data file list and the sig_tee respectively, and returning to the participant 1.c. Party 1 sends the task code, the required file list and the signature list (sig_2, sig_3) to the TEE program, which verifies signature sig_2 and sig_3 using the public keys of parties 2 and 3, respectively. And executing the task code after the verification is passed.

S104: and performing task execution processing on the privacy joint calculation task execution data according to the auditing result data.

In the embodiment of the application, by performing a verification process based on the TEE program on the aggregate calculation task request, the task code can only run in the designated TEE program, and only a designated data file list can be used in the running process. Whether the codes are replaced, the hub TEE replacing program or the data file replacing list cannot be executed, and the data security of joint calculation in the digital networking scene is improved.

In another alternative embodiment of the present application, a privacy joint computing method based on a trusted execution environment is provided, which is used for deployment starting and registration of a pivot node trusted execution environment program in a digital networking scenario, and fig. 6 is a flowchart of the privacy joint computing method based on the trusted execution environment provided in the present application, as shown in fig. 6, and the method includes the following steps:

s301: acquiring program data of a preset trusted execution environment;

the preset trusted execution environment program data is data used for representing a trusted execution environment program, the preset trusted execution environment program data is data of a program file which is not deployed to the hub node, and the preset trusted execution environment program data is deployed, started and registered in the data node of the digital network.

S302: performing first configuration processing based on a preset pivot node on preset trusted execution environment program data, and returning preset trusted execution environment program configuration information;

the first configuration process is a process for deploying a TEE program of the digital network hub node, and the TEE program is deployed to the digital network hub node.

In another optional embodiment of the present application, there is provided a privacy joint calculation method based on a trusted execution environment, including: performing verification processing based on program compiling on the preset trusted execution environment program data to judge whether the preset trusted execution environment program data is tampered or not; performing deployment starting processing on preset trusted execution environment program data; registering and registering the preset trusted execution environment program data, and returning the configuration information of the preset trusted execution environment program.

S303: acquiring program request data;

the program request data is data for representing a trusted execution environment program requesting to use a preset hub node;

s304: and performing audit verification processing based on a preset trusted authority on the preset trusted execution environment program according to the program request data to obtain the preset trusted execution environment program.

In an alternative embodiment of the present application, a method for starting and registering a hub node TEE program deployment of digital networking is provided, and fig. 7a and fig. 7b are flowcharts of a method for starting and registering a hub node TEE program deployment of digital networking provided in the present application, including the following steps:

1) When the TEE program is compiled, a metric value (hash value) is generated according to codes and configurations, when the TEE program is loaded into a memory, a CPU calculates the memory data hash value according to a preset sequence, and compares the memory data hash value with the metric value generated during compiling, so that whether the TEE program is tampered is judged, the CPU generates a secret key A according to the metric value of the TEE program, the secret keys generated by different TEE programs are different, and the secret keys can only be read by the corresponding TEE programs.

2) The TEE program is deployed and started for the first time, an asymmetric key, namely a public key, is generated, the public key represents the identification ID of the current TEE program, the private key is encrypted by using the key A and then is stored in a TEE program configuration file (the file is created by the TEE program during initialization), and the public key is published in a plaintext mode.

3) And deriving a new key B by using the private key and the key A, wherein the key B is an encryption and decryption key of the data file in the running process, and the step is to prevent the data from being used in intercommunication after the same TEE program deploys a plurality of services. The same TEE procedure, the metrics are consistent, so key a is consistent and data encrypted using key a can be used inter-working. But the public and private keys are not consistent every time they are generated, so the derived key B is not consistent.

4) And checking the dependency file list, wherein the TEE program has a dependency system library file, hash values of the files relied by the TEE program during compiling are written into the dependency file list, and whether the hash values of the dependency files are changed or not is checked during starting of the TEE program and loading of the dependency files during running of the TEE.

5) After the TEE program is initialized and loaded, a server service is started, and the server service provides interface request processing capacity and comprises the following interfaces:

a. the authentication interface is an open interface, the communication request and the returned content are in plaintext, the requested content C1, and the returned information needs to contain the following contents (other contents can also be contained):

a) Response head: auth-pub is the public key of the identity of the TEE program. Authsig is the signature of the TEE program private key on the response body.

b) Response body: codes is the main stream Cheng Yuanma of the TEE program. Deps is the TEE program's dependency file list. The attestation presets a certificate in the CPU to request the remote attestation generated by the content C1 as input for the CPU manufacturer, and uses the certificate or tool provided by the CPU manufacturer to check the remote attestation to judge whether the current content is returned from the TEE, and compares whether the remote attestation contains C1. Timestamp is the timestamp of the response.

b. And the registration interface is only allowed to be accessed once, and is used for the authority service to access and inject the public key certificate of the authority service after the authority service examines the registration application of the TEE program, wherein the authority service is a third-party authority trusted mechanism.

c. And the data synchronization interface is used for synchronizing data into the TEE program by the supply and demand nodes of the digital network.

d. And the task computing interface is used for initiating a joint computing task by the supply and demand nodes of the digital network.

6) The TEE program of the pivot node registers with the authority service, submits the identity public key, the relying file list, the interface list and the interface document description of the TEE program. The authority service accesses the authentication interface of the TEE program, compares the acquired information with the submitted information, verifies whether the attestation remotely judges the TEE program, manually audits the code content, requests the registration interface of the TEE program to inject a public key certificate after the audit is passed, and registers the TEE program of the hub node when the success is returned.

In another alternative embodiment of the present application, a method flow of applying a TEE procedure using a hub node by a supply and demand node of the internet of things is provided, and fig. 8 is a flowchart of a method flow of applying a TEE procedure using a hub node by a supply and demand node of the internet of things provided in the present application, including:

1) And acquiring the TEE program information of the related pivot node from the authoritative service, wherein the pivot node address of the TEE program, the identity public key of the TEE program, the dependency file list, the interface list and the interface document are positioned.

2) And applying the use authority of the TEE program corresponding to the hub node to the authoritative service, and requesting the supply and demand node cooperation application interface of the TEE program to carry the identity public key of the supply and demand node after the authoritative service passes the verification.

3) And after receiving the request of the authoritative service, the TEE program uses the public key certificate of the authoritative service to check whether the request is legal, and adds the identity public key of the supply and demand node into the supply and demand cooperation list after the verification is passed.

4) When the subsequent supply and demand node uses the TEE program, checking whether the identity public key of the supply and demand node is in the supply and demand cooperation list.

When a plurality of supply and demand nodes apply for using the TEE program, repeating the steps.

In another alternative embodiment of the present application, a privacy joint computing device based on a trusted execution environment is provided, and fig. 9 is a schematic diagram of a privacy joint computing device based on a trusted execution environment provided in the present application, as shown in fig. 9, where the device includes:

a first request module 41, configured to obtain privacy joint calculation request data, where the privacy joint calculation request data is request data for representing synchronization of privacy joint calculation task data;

the request verification module 42 is configured to perform data synchronization processing on the privacy joint calculation request data based on a preset trusted execution environment program to obtain encrypted calculation data, where the encrypted calculation data is encrypted data used for representing a data sharing party;

The data auditing module 43 is configured to perform data auditing processing on the privacy joint calculation task execution request data after the privacy joint calculation task execution request data is acquired, so as to obtain auditing result data, where the privacy joint calculation task execution request data includes privacy joint calculation task execution data;

and the task execution module 44 is used for performing task execution processing on the privacy joint calculation task execution data according to the auditing result data.

The specific manner in which the operations of the units in the above embodiments are performed has been described in detail in the embodiments related to the method, and will not be described in detail here.

In summary, the privacy joint calculation request data is obtained, wherein the privacy joint calculation request data is request data for representing the synchronization of privacy joint calculation task data; performing data synchronization processing on the privacy joint calculation request data based on a preset trusted execution environment program to obtain encrypted calculation data, wherein the encrypted calculation data is used for representing a data sharing party; after the privacy joint calculation task execution request data is obtained, carrying out data auditing treatment on the privacy joint calculation task execution request data to obtain auditing result data, wherein the privacy joint calculation task execution request data comprises privacy joint calculation task execution data; and performing task execution processing on the privacy joint calculation task execution data according to the auditing result data. In the privacy joint calculation process, the authentication based on the feasible execution environment is carried out through the privacy joint calculation task, and the data file and the identity of the sharing party in the privacy joint calculation are authenticated, so that the problem of lower data security in the joint calculation in the digital networking system in the prior art is solved, and the technical effect of improving the data security is realized.

It should be noted that the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer executable instructions, and that although a logical order is illustrated in the flowcharts, in some cases the steps illustrated or described may be performed in an order other than that illustrated herein.

It will be apparent to those skilled in the art that the elements or steps of the application described above may be implemented in a general purpose computing device, they may be concentrated on a single computing device, or distributed across a network of computing devices, or they may alternatively be implemented in program code executable by computing devices, such that they may be stored in a memory device for execution by the computing devices, or they may be separately fabricated into individual integrated circuit modules, or multiple modules or steps within them may be fabricated into a single integrated circuit module. Thus, the present application is not limited to any specific combination of hardware and software.

The foregoing description is only of the preferred embodiments of the present application and is not intended to limit the same, but rather, various modifications and variations may be made by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principles of the present application should be included in the protection scope of the present application.

Claims

1. A method for privacy joint computation based on a trusted execution environment, which is applied to a data sharing scene between an initiator and a participant, the method comprising:

2. The privacy joint calculation method of claim 1, wherein performing data synchronization processing on the privacy joint calculation request data based on a preset trusted execution environment program to obtain encrypted calculation data includes:

3. The privacy joint calculation method of claim 2, wherein performing authentication processing based on the first identity on the privacy joint calculation request data to obtain first identity authentication result data includes:

4. The privacy joint calculation method of claim 2, wherein performing a verification process based on a preset trusted execution environment program on the first encrypted data to obtain the encrypted calculation data includes:

5. The privacy joint computing method according to claim 1, wherein after the privacy joint computing task execution request data is acquired, performing data auditing processing on the privacy joint computing task execution request data to obtain auditing result data includes:

6. The privacy joint calculation method of claim 1, wherein before acquiring the privacy joint calculation request data, the privacy joint calculation method further comprises:

7. The privacy joint calculation method of claim 6, wherein performing a first configuration process based on a preset hub node on the preset trusted execution environment program data, returning preset trusted execution environment program configuration information includes:

8. A privacy joint computing device based on a trusted execution environment, for use in a data sharing scenario between an initiator and a participant, the device comprising:

9. A computer-readable storage medium storing computer instructions for causing the computer to perform the trusted execution environment-based privacy joint calculation method of any one of claims 1 to 7.

10. An electronic device, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores a computer program executable by the at least one processor to cause the at least one processor to perform the trusted execution environment-based privacy joint calculation method of any one of claims 1-7.