TW202145040A - Security protection method for model parameters, security protection device, computer device - Google Patents

Security protection method for model parameters, security protection device, computer device Download PDF

Info

Publication number
TW202145040A
TW202145040A TW109117739A TW109117739A TW202145040A TW 202145040 A TW202145040 A TW 202145040A TW 109117739 A TW109117739 A TW 109117739A TW 109117739 A TW109117739 A TW 109117739A TW 202145040 A TW202145040 A TW 202145040A
Authority
TW
Taiwan
Prior art keywords
parameter information
security protection
configuration file
parameter
data model
Prior art date
Application number
TW109117739A
Other languages
Chinese (zh)
Inventor
洪乾文
詹大緯
Original Assignee
鴻海精密工業股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 鴻海精密工業股份有限公司 filed Critical 鴻海精密工業股份有限公司
Priority to TW109117739A priority Critical patent/TW202145040A/en
Publication of TW202145040A publication Critical patent/TW202145040A/en

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention provides a security protection method for model parameters, a security protection device and a computer device. The method is applied to the computer device, and the computer device is connected with at least one security protection device, the method includes: training a data model and obtaining parameter information in the data model; encrypting the parameter information and generating a configuration file including encrypted parameter information; sending the configuration file to the security protection device. The method is also applied to the security protection device, the method includes: receiving the configuration file sent by the computer device, finding the encrypted parameter information in the configuration file, acquiring the decryption key, decrypting the parameter information, and configuring the parameter information in a data model.

Description

模型參數的安全保護方法、安全保護裝置及電腦裝置Model parameter safety protection method, safety protection device and computer device

本發明涉及大數據分析技術領域,具體涉及一種模型參數的安全保護方法、安全保護裝置及電腦裝置。The invention relates to the technical field of big data analysis, in particular to a security protection method for model parameters, a security protection device and a computer device.

在大數據時代,人們會對生活、生產中的各種資料藉由不同的資料模型進行分析,運用資料分析的結果為生產生活提供便利。因此資料模型的構建是資料分析的關鍵一環,其中資料模型的參數設置直接影響了資料模型的分析效率及分析精度。現有的資料模型在應用過程中並未對資料模型的參數進行保護,存在資料模型參數洩露等安全問題。In the era of big data, people will use different data models to analyze various data in life and production, and use the results of data analysis to provide convenience for production and life. Therefore, the construction of the data model is a key part of data analysis, and the parameter setting of the data model directly affects the analysis efficiency and accuracy of the data model. The existing data model does not protect the parameters of the data model during the application process, and there are security problems such as leakage of data model parameters.

鑒於以上內容,有必要提出一種圖像標識方法、圖像標識裝置、電腦裝置和存儲介質,使得圖像標識以更加智慧、高效的方式進行。In view of the above content, it is necessary to propose an image identification method, an image identification device, a computer device and a storage medium, so that the image identification can be carried out in a more intelligent and efficient manner.

本申請的第一方面提供一種模型參數的安全保護方法,所述方法應用於電腦裝置中,所述電腦裝置與至少一個安全保護裝置進行通信連接,所述方法包括: 訓練資料模型,並獲取所述資料模型中的參數資訊; 加密所述參數資訊,並生成包括加密參數資訊的配置文件; 發送所述配置文件至安全保護裝置。A first aspect of the present application provides a security protection method for model parameters, the method is applied to a computer device, and the computer device is communicatively connected to at least one security protection device, and the method includes: training a data model, and obtaining parameter information in the data model; encrypting the parameter information, and generating a configuration file including the encrypted parameter information; Send the configuration file to the security device.

優選地,所述參數資訊包括:人工神經網路演算法中神經元的權重和神經元的偏移值中的一種或多種。Preferably, the parameter information includes: one or more of neuron weights and neuron offset values in the artificial neural network road algorithm.

優選地,所述加密所述參數資訊,並生成包括加密參數資訊的配置文件的步驟包括: 對所述參數資訊進行二值化處理; 調用編譯器中的加密演算法對二值化的參數資訊進行加密,其中所述加密演算法包括對稱加密演算法和非對稱加密演算法。Preferably, the step of encrypting the parameter information and generating a configuration file including the encrypted parameter information includes: performing binarization processing on the parameter information; An encryption algorithm in the compiler is called to encrypt the binarized parameter information, wherein the encryption algorithm includes a symmetric encryption algorithm and an asymmetric encryption algorithm.

優選地,所述方法包括: 接收安全保護裝置發出的發送配置文件的請求資訊; 根據所述安全保護裝置的帳戶資訊,判斷所述安全保護裝置是否具備獲取所述配置文件的許可權; 若所述安全保護裝置具備所述許可權,將所述配置文件發送至所述安全保護裝置。Preferably, the method includes: Receive the request information sent by the security device to send the configuration file; According to the account information of the security protection device, determine whether the security protection device has the permission to acquire the configuration file; If the security protection device has the permission, the configuration file is sent to the security protection device.

本申請的第二方面提供一種電腦裝置,所述電腦裝置包括處理器和記憶體,所述處理器用於執行所述記憶體中存儲的電腦程式時實現如前所述的模型參數安全保護方法。A second aspect of the present application provides a computer device, the computer device includes a processor and a memory, and the processor is configured to implement the aforementioned model parameter security protection method when executing a computer program stored in the memory.

本申請的第三方面提供一種模型參數的安全保護方法,所述方法應用於安全保護裝置中,所述安全保護裝置與電腦裝置通信,所述方法包括: 接收所述電腦裝置發送的配置文件; 查找所述配置文件中的已加密的參數資訊; 獲取解密密鑰,解密所述參數資訊; 在資料模型中配置所述參數資訊。A third aspect of the present application provides a method for safety protection of model parameters, the method is applied in a safety protection device, the safety protection device communicates with a computer device, and the method includes: receiving a configuration file sent by the computer device; Find encrypted parameter information in the configuration file; Obtain the decryption key, and decrypt the parameter information; The parameter information is configured in the data model.

優選地,所述獲取解密密鑰,解密所述參數資訊的步驟包括: 接收電腦裝置發送的解密密鑰,利用所述解密密鑰對所述參數資訊進行解密。Preferably, the step of obtaining the decryption key and decrypting the parameter information includes: Receive the decryption key sent by the computer device, and use the decryption key to decrypt the parameter information.

優選地,所述獲取解密密鑰,解密所述參數資訊的步驟還包括: 查找預設的解密程式,對所述參數資訊進行解密。Preferably, the step of obtaining the decryption key and decrypting the parameter information further comprises: Search for a preset decryption program to decrypt the parameter information.

優選地,所述在資料模型中配置所述參數資訊的步驟包括: 在資料模型的參數及參數位置對照表中,獲取參數的位置資訊; 從所述資料模型中確定所述位置資訊對應的參數名稱,根據所述參數名稱在解密的參數資訊中查找對應的解密參數; 將查找到的解密參數載入到所述資料模型中與所述位置資訊對應的位置。Preferably, the step of configuring the parameter information in the data model includes: Obtain the location information of the parameters in the parameter and parameter location comparison table of the data model; Determine the parameter name corresponding to the location information from the data model, and search for the corresponding decryption parameter in the decrypted parameter information according to the parameter name; The searched decryption parameters are loaded into the data model at the location corresponding to the location information.

本申請的第四方面提供一種安全保護裝置,所述裝置包括: 記憶體:用於存儲電腦程式; 處理器:執行所述記憶體中的電腦程式時實現如前所述的模型參數的安全保護方法。A fourth aspect of the present application provides a safety protection device, the device comprising: Memory: used to store computer programs; Processor: implements the aforementioned security protection method for model parameters when executing the computer program in the memory.

本發明模型參數的安全保護方法、安全保護裝置及電腦裝置,所述電腦裝置訓練資料模型,提取所述資料模型的參數資訊,對所述參數資訊加密後生成配置文件發送至安全防護裝置,所述安全防護裝置接收所述配置文件,對所述配置文件中的參數資訊進行解密後,載入到資料模型中。藉由所述模型參數的安全保護方法使得模型的參數的安全性得到保障。The security protection method, security protection device and computer device for model parameters of the present invention, the computer device trains a data model, extracts parameter information of the data model, encrypts the parameter information to generate a configuration file and sends it to the security protection device, so The security protection device receives the configuration file, decrypts the parameter information in the configuration file, and loads it into the data model. The security of the parameters of the model is guaranteed by the security protection method of the model parameters.

為了能夠更清楚地理解本發明的上述目的、特徵和優點,下面結合附圖和具體實施例對本發明進行詳細描述。需要說明的是,在不衝突的情況下,本申請的實施例及實施例中的特徵可以相互組合。In order to more clearly understand the above objects, features and advantages of the present invention, the present invention will be described in detail below with reference to the accompanying drawings and specific embodiments. It should be noted that the embodiments of the present application and the features in the embodiments may be combined with each other in the case of no conflict.

在下面的描述中闡述了很多具體細節以便於充分理解本發明,所描述的實施例僅僅是本發明一部分實施例,而不是全部的實施例。基於本發明中的實施例,本領域普通技術人員在沒有做出創造性勞動前提下所獲得的所有其他實施例,都屬於本發明保護的範圍。In the following description, many specific details are set forth in order to facilitate a full understanding of the present invention, and the described embodiments are only some, but not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

除非另有定義,本文所使用的所有的技術和科學術語與屬於本發明的技術領域的技術人員通常理解的含義相同。本文中在本發明的說明書中所使用的術語只是為了描述具體的實施例的目的,不是旨在於限制本發明。Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terms used herein in the description of the present invention are for the purpose of describing specific embodiments only, and are not intended to limit the present invention.

實施例一Example 1

參閱圖1所示,為本發明實施例一提供的模型參數的安全保護方法的應用環境架構示意圖。Referring to FIG. 1 , it is a schematic diagram of an application environment architecture of the security protection method for model parameters provided by Embodiment 1 of the present invention.

本發明中的模型參數的安全保護方法應用在電腦裝置1中,所述電腦裝置1和至少一個安全保護裝置2藉由網路建立通信連接。所述網路可以是有線網路,也可以是無線網路,例如無線電、無線保真(Wireless Fidelity, WIFI)、蜂窩、衛星、廣播等。The security protection method for model parameters in the present invention is applied in a computer device 1, and the computer device 1 and at least one security protection device 2 establish a communication connection through a network. The network may be a wired network or a wireless network, such as radio, Wireless Fidelity (WIFI), cellular, satellite, broadcast, and the like.

所述電腦裝置1用於訓練資料模型,獲取所述資料模型中的參數資訊;加密所述參數資訊,生成包括加密參數資訊的配置文件;並將所述配置文件發送至安全保護裝置2。在本發明又一實施方式中,所述電腦裝置1還用於存儲用於訓練的資料模型的樣本資訊。所述樣本資訊用於訓練所述資料模型的參數。The computer device 1 is used for training a data model, obtaining parameter information in the data model; encrypting the parameter information, generating a configuration file including the encrypted parameter information; and sending the configuration file to the security protection device 2 . In yet another embodiment of the present invention, the computer device 1 is further configured to store sample information of the data model used for training. The sample information is used to train parameters of the data model.

所述安全保護裝置2用於接收所述配置文件,查找所述配置文件中的已加密的參數資訊;獲取解密密鑰,解密所述參數資訊;在資料模型中配置所述參數資訊。The security protection device 2 is used for receiving the configuration file, searching for encrypted parameter information in the configuration file, obtaining a decryption key, and decrypting the parameter information; and configuring the parameter information in a data model.

所述電腦裝置1可以為安裝有模型參數的安全保護軟體的電子設備,例如個人電腦、伺服器等,其中,所述伺服器可以是單一的伺服器、伺服器集群或雲伺服器等。The computer device 1 may be an electronic device installed with security protection software for model parameters, such as a personal computer, a server, etc., wherein the server may be a single server, a server cluster, or a cloud server.

所述安全保護裝置2可以為安裝有模型參數的安全保護軟體的電子設備,包括但不限於單片機、現場可程式設計邏輯閘陣列、智慧手機、智慧穿戴設備、平板電腦、膝上型便捷電腦、臺式電腦等。The safety protection device 2 can be an electronic device equipped with a safety protection software of model parameters, including but not limited to a single chip microcomputer, a field programmable logic gate array, a smart phone, a smart wearable device, a tablet computer, a laptop convenient computer, desktop computer, etc.

實施例二Embodiment 2

請參閱圖2所示,是本發明實施例二提供的應用於電腦裝置的模型參數的安全保護方法流程圖。根據不同的需求,所述流程圖中步驟的順序可以改變,某些步驟可以省略。Please refer to FIG. 2 , which is a flowchart of a method for security protection of model parameters applied to a computer device according to Embodiment 2 of the present invention. According to different requirements, the order of the steps in the flowchart can be changed, and some steps can be omitted.

步驟S11、訓練資料模型,獲取所述資料模型中的參數資訊。Step S11 , training a data model, and acquiring parameter information in the data model.

在本發明一實施例中,所述資料模型為基於人工神經網路的資料模型。所述參數資訊包括人工神經網路的神經元的權重和神經元的偏移值中的一種或多種。In an embodiment of the present invention, the data model is a data model based on an artificial neural network. The parameter information includes one or more of the weights of the neurons of the artificial neural network and the offset values of the neurons.

在一實施方式中,所述資料模型應用於圖像檢測領域,用於獲取待檢測圖像中的特徵資訊,所述資料模型的訓練過程包括: 獲取多幅已知特徵資訊的圖像; 將所述圖像分為訓練集和驗證集; 建立一基於人工神經網路的資料模型,並利用所述訓練集對所述基於人工神經網路的資料模型進行訓練; 利用所述驗證集對訓練後的所述基於人工神經網路的資料模型進行驗證,並根據驗證結果統計得到一模型預測準確率; 判斷所述模型預測準確率是否小於預設閾值; 若所述模型預測準確率不小於所述預設閾值,將訓練完成的所述基於人工神經網路的資料模型作為用於獲取待檢測圖像中的特徵資訊的資料模型。In one embodiment, the data model is applied in the field of image detection to obtain feature information in the image to be detected, and the training process of the data model includes: Obtain multiple images with known feature information; dividing the image into a training set and a validation set; establishing an artificial neural network-based data model, and using the training set to train the artificial neural network-based data model; Use the verification set to verify the data model based on the artificial neural network after training, and statistically obtain a model prediction accuracy rate according to the verification result; Judging whether the prediction accuracy of the model is less than a preset threshold; If the prediction accuracy of the model is not less than the preset threshold, the trained data model based on the artificial neural network is used as the data model for acquiring feature information in the image to be detected.

若所述模型預測準確率小於所述預設閾值,調整所述基於人工神經網路的資料模型的神經元的權重和神經元的偏移值,並利用所述訓練集重新對基於人工神經網路的資料模型進行訓練; 利用所述驗證集對重新訓練的基於人工神經網路的資料模型進行驗證,並根據每一驗證結果重新統計得到一模型預測準確率,並判斷重新統計得到的模型預測準確率是否小於所述預設閾值; 若所述重新統計得到的模型預測準確率不小於所述預設閾值,將重新訓練完成的基於人工神經網路的資料模型作為用於獲取待檢測圖像中的特徵資訊的資料模型; 若所述重新統計得到的模型預測準確率小於所述預設閾值,重複上述步驟直至藉由所述驗證集驗證得到的模型預測準確率不小於所述預設閾值。If the prediction accuracy of the model is less than the preset threshold, adjust the neuron weights and neuron offsets of the artificial neural network-based data model, and use the training set to recalculate the artificial neural network-based data model. The data model of the road is trained; Use the verification set to verify the retrained artificial neural network-based data model, re-statistically obtain a model prediction accuracy rate according to each verification result, and determine whether the re-statistically obtained model prediction accuracy rate is smaller than the prediction accuracy rate of the model. set threshold; If the model prediction accuracy obtained from the re-statistics is not less than the preset threshold, the retrained data model based on the artificial neural network is used as the data model for acquiring feature information in the image to be detected; If the model prediction accuracy obtained from the re-statistics is less than the preset threshold, the above steps are repeated until the model prediction accuracy obtained by the verification set is not less than the preset threshold.

獲取訓練完成的基於人工神經網路的資料模型,按照神經元的位置資訊提取所述資料模型中的神經元的權重和神經元的偏移值。Acquire the data model based on the artificial neural network that has been trained, and extract the weight of the neuron and the offset value of the neuron in the data model according to the position information of the neuron.

步驟S12、加密所述參數資訊,並生成包括加密參數資訊的配置文件。Step S12, encrypt the parameter information, and generate a configuration file including the encrypted parameter information.

在本發明一實施方式中,所述步驟還包括對所述參數資訊進行二值化處理。藉由編譯器將所述參數資訊編譯成二進位碼。In an embodiment of the present invention, the step further includes performing a binarization process on the parameter information. The parameter information is compiled into binary code by a compiler.

所述加密所述參數資訊的方法包括對稱加密演算法、非對稱加密演算法中的任意一種。其中,所述對稱加密演算法包括但不限於DES (Data Encryption Standard 資料加密標準)、IDEA(International Data Encryption Algorithm國際資料加密演算法)、AES(Advanced Encryption Standard高級加密標準)。所述非對稱加密演算法包括但不限於RSA(Rivest Shamir Adleman加密演算法)、Elgamal加密演算法、背包演算法。The method for encrypting the parameter information includes any one of a symmetric encryption algorithm and an asymmetric encryption algorithm. The symmetric encryption algorithms include but are not limited to DES (Data Encryption Standard), IDEA (International Data Encryption Algorithm), and AES (Advanced Encryption Standard). The asymmetric encryption algorithm includes but is not limited to RSA (Rivest Shamir Adleman encryption algorithm), Elgamal encryption algorithm, and knapsack algorithm.

將加密後的參數資訊按照編譯器的格式要求生成配置文件。所述編譯器包括但不限於C語言、Python語音、JAVA語言。Generate a configuration file from the encrypted parameter information according to the format requirements of the compiler. The compiler includes but is not limited to C language, Python speech, and JAVA language.

步驟S13、發送所述配置文件至安全保護裝置。Step S13, sending the configuration file to the security protection device.

在一實施方式中,所述輸出配置文件的方式還可以包括:接收安全保護裝置發出的發送配置文件的請求資訊;根據所述安全保護裝置的帳戶資訊,判斷所述安全保護裝置是否具備獲取所述配置文件的許可權;若所述安全保護裝置具備所述許可權,將所述配置文件發送至所述安全保護裝置。In one embodiment, the method of outputting the configuration file may further include: receiving request information from a security protection device for sending a configuration file; and judging whether the security protection device has the ability to obtain the information according to the account information of the security protection device. the permission of the configuration file; if the security protection device has the permission, send the configuration file to the security protection device.

請參閱圖3所示,是本發明實施例二提供的應用於安全保護裝置的模型參數的安全保護方法流程圖。根據不同的需求,所述流程圖中步驟的順序可以改變,某些步驟可以省略。Please refer to FIG. 3 , which is a flowchart of a security protection method applied to a model parameter of a security protection device according to Embodiment 2 of the present invention. According to different requirements, the order of the steps in the flowchart can be changed, and some steps can be omitted.

步驟S21、接收所述電腦裝置發送的配置文件。Step S21, receiving the configuration file sent by the computer device.

步驟S22、查找所述配置文件中的已加密的參數資訊。Step S22, searching for encrypted parameter information in the configuration file.

在本發明一實施方式中,藉由預設在所述安全保護裝置中的程式語言藉由關鍵字查找的方式,查找所述配置文件中的參數資訊。In an embodiment of the present invention, the parameter information in the configuration file is searched by a keyword search method using a programming language preset in the security protection device.

步驟S23、獲取解密密鑰,解密所述參數資訊。Step S23: Obtain a decryption key, and decrypt the parameter information.

在本發明一實施方式中,所述獲取解密密鑰,解密所述參數資訊的步驟可以包括:接收電腦裝置發送的解密密鑰,利用所述解密密鑰對所述參數資訊進行解密。所述方法適應於獲取到的參數資訊的加密方式為非對稱加密的方式實現。In an embodiment of the present invention, the step of obtaining a decryption key and decrypting the parameter information may include: receiving a decryption key sent by a computer device, and decrypting the parameter information by using the decryption key. The method is adapted to be implemented in the manner of asymmetric encryption as the encryption method of the acquired parameter information.

在本發明又一實施方式中,所述獲取解密密鑰,解密所述參數資訊的步驟還可以包括: 查找預設的解密程式,對所述參數資訊進行解密。所述方法適應於所述參數資訊的加密方式藉由對稱加密的方式實現。In yet another embodiment of the present invention, the step of obtaining the decryption key and decrypting the parameter information may further include: Search for a preset decryption program to decrypt the parameter information. The method is adapted to the encryption method of the parameter information by means of symmetric encryption.

步驟S24、在資料模型中配置所述參數資訊。Step S24, configure the parameter information in the data model.

在本發明一實施方式,所述步驟S24的實施步驟可以包括: 在資料模型的參數及參數位置對照表中,獲取參數的位置資訊。所述安全保護裝置2中預存了資料模型的類型、用途、所述資料模型所需的參數名稱及所述參數的位置資訊,並將所述參數名稱及所述參數的位置資訊對應存儲於參數及參數位置對照表中。In an embodiment of the present invention, the implementation steps of step S24 may include: Obtain the location information of the parameter in the parameter and parameter location comparison table of the data model. The safety protection device 2 pre-stores the type and purpose of the data model, the parameter name required by the data model and the location information of the parameter, and stores the parameter name and the location information of the parameter in the parameter correspondingly. and the parameter position comparison table.

從所述資料模型中確定所述位置資訊對應的參數名稱,根據所述參數名稱在解密的參數資訊中查找對應的解密參數。The parameter name corresponding to the location information is determined from the data model, and the corresponding decryption parameter is searched in the decrypted parameter information according to the parameter name.

將查找到的解密參數載入到所述資料模型中與所述位置資訊對應的位置。The searched decryption parameters are loaded into the data model at the location corresponding to the location information.

上述圖2、圖3詳細介紹了本發明的模型參數的安全保護方法,下面結合圖4、圖5對實現所述模型參數的安全保護方法的硬體裝置架構進行介紹。The above-mentioned FIG. 2 and FIG. 3 describe the security protection method of the model parameters of the present invention in detail. The following describes the hardware device architecture for realizing the security protection method of the model parameters with reference to FIG. 4 and FIG. 5 .

應所述瞭解,所述實施例僅為說明之用,在專利申請範圍上並不受此結構的限制。It should be understood that the embodiments are only used for illustration, and are not limited by this structure in the scope of the patent application.

實施例三Embodiment 3

圖4是本發明實施例三提供的電腦裝置示意圖。FIG. 4 is a schematic diagram of a computer device according to Embodiment 3 of the present invention.

所述電腦裝置1包括第一記憶體20、第一處理器30以及存儲在所述第一記憶體20中並可在所述第一處理器30上運行的第一電腦程式40,例如模型參數的安全保護方法程式。所述第一處理器30執行所述第一電腦程式40時實現上述模型參數的安全保護方法實施例中的步驟,例如圖2所示的步驟S11~S14。The computer device 1 includes a first memory 20, a first processor 30, and a first computer program 40 stored in the first memory 20 and executable on the first processor 30, such as model parameters security protection method program. When the first processor 30 executes the first computer program 40 , the steps in the above-mentioned embodiment of the security protection method for model parameters are implemented, for example, steps S11 to S14 shown in FIG. 2 .

所述電腦裝置1可以是桌上型電腦、筆記本、掌上型電腦及雲端伺服器等計算設備。本領域技術人員可以理解,所述示意圖僅僅是電腦裝置1的示例,並不構成對電腦裝置1的限定,可以包括比圖示更多或更少的部件,或者組合某些部件,或者不同的部件,例如所述電腦裝置1還可以包括輸入輸出設備、網路接入設備、匯流排等。The computer device 1 may be a computing device such as a desktop computer, a notebook, a palmtop computer, and a cloud server. Those skilled in the art can understand that the schematic diagram is only an example of the computer device 1, and does not constitute a limitation on the computer device 1. It may include more or less components than the one shown, or combine some components, or different Components, such as the computer device 1, may also include input and output devices, network access devices, bus bars, and the like.

所稱第一處理器30可以是中央處理單元(Central Processing Unit,CPU),還可以是其他通用處理器、數位訊號處理器 (Digital Signal Processor,DSP)、專用積體電路 (Application Specific Integrated Circuit,ASIC)、現成可程式設計閘陣列 (Field-Programmable Gate Array,FPGA) 或者其他可程式設計邏輯器件、分立門或者電晶體邏輯器件、分立硬體元件等。通用處理器可以是微處理器或者所述第一處理器30也可以是任何常規的處理器等,所述第一處理器30是所述電腦裝置1的控制中心,利用各種介面和線路連接整個電腦裝置1的各個部分。The so-called first processor 30 may be a central processing unit (Central Processing Unit, CPU), and may also be other general-purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The general-purpose processor can be a microprocessor or the first processor 30 can also be any conventional processor, etc. The first processor 30 is the control center of the computer device 1, and uses various interfaces and lines to connect the entire system. Various parts of the computer device 1 .

所述第一記憶體20可用於存儲所述第一電腦程式40和/或模組/單元,所述第一處理器30藉由運行或執行存儲在所述第一記憶體20內的電腦程式和/或模組/單元,以及調用存儲在第一記憶體20內的資料,實現所述電腦裝置1的各種功能。所述第一記憶體20可主要包括存儲程式區和存儲資料區,其中,存儲程式區可存儲作業系統、至少一個功能所需的應用程式(比如聲音播放功能、圖像播放功能等)等;存儲資料區可存儲根據電腦裝置1的使用所創建的資料(比如音訊資料、電話本等)等。此外,第一記憶體20可以包括高速隨機存取記憶體,還可以包括非易失性記憶體,例如硬碟、記憶體、插接式硬碟,智慧存儲卡(Smart Media Card, SMC),安全數位(Secure Digital, SD)卡,快閃記憶體卡(Flash Card)、至少一個磁碟記憶體件、快閃記憶體器件、或其他易失性固態記憶體件。The first memory 20 can be used to store the first computer program 40 and/or modules/units, and the first processor 30 runs or executes the computer program stored in the first memory 20 and/or modules/units, and call the data stored in the first memory 20 to realize various functions of the computer device 1 . The first memory 20 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function (such as a sound playback function, an image playback function, etc.), etc.; The data storage area can store data (such as audio data, phone book, etc.) created according to the use of the computer device 1 and the like. In addition, the first memory 20 may include a high-speed random access memory, and may also include a non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), Secure Digital (SD) card, Flash Card, at least one disk memory device, flash memory device, or other volatile solid state memory device.

所述電腦裝置1集成的模組/單元如果以軟體功能單元的形式實現並作為獨立的產品銷售或使用時,可以存儲在一個電腦可讀取存儲介質中。基於這樣的理解,本發明實現上述實施例方法中的全部或部分流程,也可以藉由電腦程式來指令相關的硬體來完成,所述的電腦程式可存儲於一電腦可讀存儲介質中,所述電腦程式在被處理器執行時,可實現上述各個方法實施例的步驟。其中,所述電腦程式包括電腦程式代碼,所述電腦程式代碼可以為原始程式碼形式、物件代碼形式、可執行檔或某些中間形式等。所述電腦可讀介質可以包括:能夠攜帶所述電腦程式代碼的任何實體或裝置、記錄介質、U盤、移動硬碟、磁碟、光碟、電腦記憶體、唯讀記憶體(ROM,Read-Only Memory)、隨機存取記憶體(RAM,Random Access Memory)、電載波信號、電信信號以及軟體分發介質等。需要說明的是,所述電腦可讀介質包含的內容可以根據司法管轄區內立法和專利實踐的要求進行適當的增減,例如在某些司法管轄區,根據立法和專利實踐,電腦可讀介質不包括電載波信號和電信信號。If the modules/units integrated in the computer device 1 are implemented in the form of software functional units and sold or used as independent products, they may be stored in a computer-readable storage medium. Based on this understanding, the present invention realizes all or part of the processes in the methods of the above embodiments, and can also be completed by instructing the relevant hardware through a computer program, and the computer program can be stored in a computer-readable storage medium, When the computer program is executed by the processor, the steps of the above method embodiments can be implemented. Wherein, the computer program includes computer program code, and the computer program code may be in the form of original code, object code, executable file, or some intermediate form. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, U disk, removable hard disk, magnetic disk, optical disk, computer memory, read-only memory (ROM, Read-only memory) Only Memory), random access memory (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium, etc. It should be noted that the content contained in the computer-readable medium may be appropriately increased or decreased according to the requirements of legislation and patent practice in the jurisdiction, for example, in some jurisdictions, according to legislation and patent practice, the computer-readable medium Electric carrier signals and telecommunication signals are not included.

圖5是本發明實施例三提供的安全保護裝置的示意圖。FIG. 5 is a schematic diagram of a safety protection device provided in Embodiment 3 of the present invention.

所述安全保護裝置2包括第二記憶體50、第二處理器60以及存儲在所述第二記憶體50中並可在所述第二處理器60上運行的第二電腦程式70,例如模型參數的安全保護方法程式。所述第二處理器60執行所述第二電腦程式70時實現上述模型參數的安全保護方法實施例中的步驟,例如圖3所示的步驟S21~S24。The safety protection device 2 includes a second memory 50, a second processor 60, and a second computer program 70, such as a model, stored in the second memory 50 and executable on the second processor 60 Parameter security method program. When the second processor 60 executes the second computer program 70 , the steps in the above-mentioned embodiment of the security protection method for model parameters are implemented, for example, steps S21 to S24 shown in FIG. 3 .

所述安全保護裝置2可以是智慧手機、智慧穿戴設備等計算設備。本領域技術人員可以理解,所述示意圖僅僅是安全保護裝置2的示例,並不構成對安全保護裝置2的限定,可以包括比圖示更多或更少的部件,或者組合某些部件,或者不同的部件,例如所述安全保護裝置2還可以包括輸入輸出設備、網路接入設備、匯流排等。The security protection device 2 may be a computing device such as a smart phone or a smart wearable device. Those skilled in the art can understand that the schematic diagram is only an example of the safety protection device 2, and does not constitute a limitation on the safety protection device 2, and may include more or less components than the one shown, or combine certain components, or Different components, for example, the safety protection device 2 may also include input and output devices, network access devices, bus bars, and the like.

所稱第二處理器60可以是中央處理單元(Central Processing Unit,CPU),還可以是其他通用處理器、數位訊號處理器 (Digital Signal Processor,DSP)、專用積體電路 (Application Specific Integrated Circuit,ASIC)、現成可程式設計閘陣列 (Field-Programmable Gate Array,FPGA) 或者其他可程式設計邏輯器件、分立門或者電晶體邏輯器件、分立硬體元件等。通用處理器可以是微處理器或者所述第二處理器60也可以是任何常規的處理器等,所述第二處理器60是所述電腦裝置1的控制中心,利用各種介面和線路連接整個電腦裝置1的各個部分。The so-called second processor 60 may be a central processing unit (Central Processing Unit, CPU), and may also be other general-purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The general-purpose processor can be a microprocessor or the second processor 60 can also be any conventional processor, etc. The second processor 60 is the control center of the computer device 1, and uses various interfaces and lines to connect the entire Various parts of the computer device 1 .

所述第二記憶體50可用於存儲所述第二電腦程式70和/或模組/單元,所述第二處理器60藉由運行或執行存儲在所述第二記憶體50內的電腦程式和/或模組/單元,以及調用存儲在第二記憶體50內的資料,實現所述電腦裝置1的各種功能。所述第二記憶體50可主要包括存儲程式區和存儲資料區,其中,存儲程式區可存儲作業系統、至少一個功能所需的應用程式(比如聲音播放功能、圖像播放功能等)等;存儲資料區可存儲根據安全保護裝置2的使用所創建的資料(比如音訊資料、電話本等)等。此外,第二記憶體50可以包括高速隨機存取記憶體,還可以包括非易失性記憶體,例如硬碟、記憶體、插接式硬碟,智慧存儲卡(Smart Media Card, SMC),安全數位(Secure Digital, SD)卡,快閃記憶體卡(Flash Card)、至少一個磁碟記憶體件、快閃記憶體器件、或其他易失性固態記憶體件。The second memory 50 can be used to store the second computer program 70 and/or modules/units, and the second processor 60 executes or executes the computer program stored in the second memory 50 by running or executing the second computer program 70 . and/or modules/units, and call the data stored in the second memory 50 to realize various functions of the computer device 1 . The second memory 50 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function (such as a sound playback function, an image playback function, etc.), etc.; The storage data area can store data (such as audio data, phone book, etc.) created according to the use of the security device 2 . In addition, the second memory 50 may include a high-speed random access memory, and may also include a non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), Secure Digital (SD) card, Flash Card, at least one disk memory device, flash memory device, or other volatile solid state memory device.

所述安全保護裝置2集成的模組/單元如果以軟體功能單元的形式實現並作為獨立的產品銷售或使用時,可以存儲在一個電腦可讀取存儲介質中。基於這樣的理解,本發明實現上述實施例方法中的全部或部分流程,也可以藉由電腦程式來指令相關的硬體來完成,所述的電腦程式可存儲於一電腦可讀存儲介質中,所述電腦程式在被處理器執行時,可實現上述各個方法實施例的步驟。其中,所述電腦程式包括電腦程式代碼,所述電腦程式代碼可以為原始程式碼形式、物件代碼形式、可執行檔或某些中間形式等。所述電腦可讀介質可以包括:能夠攜帶所述電腦程式代碼的任何實體或裝置、記錄介質、U盤、移動硬碟、磁碟、光碟、電腦記憶體、唯讀記憶體(ROM,Read-Only Memory)、隨機存取記憶體(RAM,Random Access Memory)、電載波信號、電信信號以及軟體分發介質等。需要說明的是,所述電腦可讀介質包含的內容可以根據司法管轄區內立法和專利實踐的要求進行適當的增減,例如在某些司法管轄區,根據立法和專利實踐,電腦可讀介質不包括電載波信號和電信信號。If the modules/units integrated in the security protection device 2 are implemented in the form of software functional units and sold or used as independent products, they can be stored in a computer-readable storage medium. Based on this understanding, the present invention realizes all or part of the processes in the methods of the above embodiments, and can also be completed by instructing the relevant hardware through a computer program, and the computer program can be stored in a computer-readable storage medium, When the computer program is executed by the processor, the steps of the above method embodiments can be implemented. Wherein, the computer program includes computer program code, and the computer program code may be in the form of original code, object code, executable file, or some intermediate form. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, U disk, removable hard disk, magnetic disk, optical disk, computer memory, read-only memory (ROM, Read-only memory) Only Memory), random access memory (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium, etc. It should be noted that the content contained in the computer-readable medium may be appropriately increased or decreased according to the requirements of legislation and patent practice in the jurisdiction, for example, in some jurisdictions, according to legislation and patent practice, the computer-readable medium Electric carrier signals and telecommunication signals are not included.

對於本領域技術人員而言,顯然本發明不限於上述示範性實施例的細節,而且在不背離本發明的精神或基本特徵的情況下,能夠以其他的具體形式實現本發明。因此,無論從哪一點來看,均應將實施例看作是示範性的,而且是非限制性的,本發明的範圍由所附請求項而不是上述說明限定,因此旨在將落在請求項的等同要件的含義和範圍內的所有變化涵括在本發明內。不應將請求項中的任何附圖標記視為限制所涉及的請求項。此外,顯然“包括”一詞不排除其他單元或步驟,單數不排除複數。電腦裝置請求項中陳述的多個單元或電腦裝置也可以由同一個單元或電腦裝置藉由軟體或者硬體來實現。第一,第二等詞語用來表示名稱,而並不表示任何特定的順序。It will be apparent to those skilled in the art that the present invention is not limited to the details of the above-described exemplary embodiments, but that the present invention may be embodied in other specific forms without departing from the spirit or essential characteristics of the invention. Therefore, the embodiments are to be regarded in all respects as illustrative and not restrictive, and the scope of the present invention is defined by the appended claims rather than the foregoing description, and is therefore intended to fall within the scope of the claims. All changes within the meaning and range of the equivalents of , are included in the present invention. Any reference sign in a claim should not be construed as limiting the claim to which it relates. Furthermore, it is clear that the word "comprising" does not exclude other units or steps and the singular does not exclude the plural. A plurality of units or computer devices stated in the computer device claim may also be implemented by the same unit or computer device by software or hardware. The terms first, second, etc. are used to denote names and do not denote any particular order.

最後應說明的是,以上實施例僅用以說明本發明的技術方案而非限制,儘管參照較佳實施例對本發明進行了詳細說明,本領域的普通技術人員應當理解,可以對本發明的技術方案進行修改或等同替換,而不脫離本發明技術方案的精神和範圍。Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention and not to limit them. Although the present invention has been described in detail with reference to the preferred embodiments, those of ordinary skill in the art should understand that the technical solutions of the present invention can be Modifications or equivalent substitutions can be made without departing from the spirit and scope of the technical solutions of the present invention.

1:電腦裝置 2:安全保護裝置 20:第一記憶體 30:第一處理器 40:第一電腦程式 50:第二記憶體 60:第二處理器 70:第二電腦程式1: Computer device 2: Safety protection device 20: first memory 30: The first processor 40: The first computer program 50: Second memory 60: Second processor 70: Second computer program

圖1是本發明實施例一提供的模型參數的安全保護方法的應用環境架構示意圖。FIG. 1 is a schematic diagram of an application environment architecture of a security protection method for model parameters provided by Embodiment 1 of the present invention.

圖2是本發明實施例二提供的應用於電腦裝置的模型參數的安全保護方法流程圖。FIG. 2 is a flowchart of a method for security protection of model parameters applied to a computer device according to Embodiment 2 of the present invention.

圖3是本發明實施例二提供的應用於安全保護裝置的模型參數的安全保護方法流程圖。FIG. 3 is a flowchart of a safety protection method applied to a model parameter of a safety protection device according to Embodiment 2 of the present invention.

圖4是本發明實施例三提供的電腦裝置示意圖。FIG. 4 is a schematic diagram of a computer device according to Embodiment 3 of the present invention.

圖5是本發明實施例三提供的安全保護裝置的示意圖。FIG. 5 is a schematic diagram of a safety protection device provided in Embodiment 3 of the present invention.

Claims (10)

一種模型參數的安全保護方法,所述方法應用於電腦裝置中,所述電腦裝置與至少一個安全保護裝置進行通信連接,其改良在於,所述方法包括: 訓練資料模型,並獲取所述資料模型中的參數資訊; 加密所述參數資訊,並生成包括加密參數資訊的配置文件; 發送所述配置文件至安全保護裝置。A security protection method for model parameters, the method is applied to a computer device, and the computer device is connected in communication with at least one security protection device. The improvement is that the method includes: training a data model, and obtaining parameter information in the data model; encrypting the parameter information, and generating a configuration file including the encrypted parameter information; Send the configuration file to the security device. 如請求項1所述之模型參數的安全保護方法,其中,所述參數資訊包括:人工神經網路演算法中神經元的權重和神經元的偏移值中的一種或多種。The security protection method for model parameters according to claim 1, wherein the parameter information includes: one or more of neuron weights and neuron offset values in the artificial neural network road algorithm. 如請求項1所述之模型參數的安全保護方法,其中,所述加密所述參數資訊,並生成包括加密參數資訊的配置文件的步驟包括: 對所述參數資訊進行二值化處理; 調用編譯器中的加密演算法對二值化的參數資訊進行加密,其中所述加密演算法包括對稱加密演算法和非對稱加密演算法。The security protection method for model parameters according to claim 1, wherein the step of encrypting the parameter information and generating a configuration file including the encrypted parameter information includes: performing binarization processing on the parameter information; An encryption algorithm in the compiler is called to encrypt the binarized parameter information, wherein the encryption algorithm includes a symmetric encryption algorithm and an asymmetric encryption algorithm. 如請求項1所述之模型參數的安全保護方法,其中,所述方法包括: 接收安全保護裝置發出的發送配置文件的請求資訊; 根據所述安全保護裝置的帳戶資訊,判斷所述安全保護裝置是否具備獲取所述配置文件的許可權; 若所述安全保護裝置具備所述許可權,將所述配置文件發送至所述安全保護裝置。The security protection method for model parameters according to claim 1, wherein the method includes: Receive the request information sent by the security device to send the configuration file; According to the account information of the security protection device, determine whether the security protection device has the permission to acquire the configuration file; If the security protection device has the permission, the configuration file is sent to the security protection device. 一種電腦裝置,其改良在於:所述電腦裝置包括處理器和記憶體,所述處理器用於執行所述記憶體中存儲的電腦程式時實現如請求項1至請求項4中任一項所述的模型參數的安全保護方法。A computer device, the improvement is that: the computer device includes a processor and a memory, and the processor is configured to implement any one of claim 1 to claim 4 when executing a computer program stored in the memory The security method of the model parameters. 一種模型參數的安全保護方法,所述方法應用於安全保護裝置中,所述安全保護裝置與電腦裝置通信,其改良於,所述方法包括: 接收所述電腦裝置發送的配置文件; 查找所述配置文件中的已加密的參數資訊; 獲取解密密鑰,解密所述參數資訊; 在資料模型中配置所述參數資訊。A safety protection method for model parameters, the method is applied in a safety protection device, the safety protection device communicates with a computer device, and is improved in that the method comprises: receiving a configuration file sent by the computer device; Find encrypted parameter information in the configuration file; Obtain the decryption key, and decrypt the parameter information; The parameter information is configured in the data model. 如請求項6所述之模型參數的安全保護方法,其中,所述獲取解密密鑰,解密所述參數資訊的步驟包括: 接收電腦裝置發送的解密密鑰,利用所述解密密鑰對所述參數資訊進行解密。The security protection method for model parameters according to claim 6, wherein the step of obtaining a decryption key and decrypting the parameter information comprises: Receive the decryption key sent by the computer device, and use the decryption key to decrypt the parameter information. 如請求項6所述之模型參數的安全保護方法,其中,所述獲取解密密鑰,解密所述參數資訊的步驟還包括: 查找預設的解密程式,對所述參數資訊進行解密。The security protection method for model parameters according to claim 6, wherein the step of obtaining a decryption key and decrypting the parameter information further comprises: Search for a preset decryption program to decrypt the parameter information. 如請求項6所述之模型參數的安全保護方法,其中,所述在資料模型中配置所述參數資訊的步驟包括: 在資料模型的參數及參數位置對照表中,獲取參數的位置資訊; 從所述資料模型中確定所述位置資訊對應的參數名稱,根據所述參數名稱在解密的參數資訊中查找對應的解密參數; 將查找到的解密參數載入到所述資料模型中與所述位置資訊對應的位置。The security protection method for model parameters according to claim 6, wherein the step of configuring the parameter information in the data model comprises: Obtain the location information of the parameters in the parameter and parameter location comparison table of the data model; Determine the parameter name corresponding to the location information from the data model, and search for the corresponding decryption parameter in the decrypted parameter information according to the parameter name; The searched decryption parameters are loaded into the data model at the location corresponding to the location information. 一種安全保護裝置,其改良在於,所述裝置包括: 記憶體:用於存儲電腦程式; 處理器:執行所述記憶體中的電腦程式時實現如請求項6至請求項9中任一項所述的模型參數的安全保護方法。A safety protection device, which is improved in that the device comprises: Memory: used to store computer programs; Processor: when executing the computer program in the memory, the security protection method for the model parameters described in any one of claim 6 to claim 9 is implemented.
TW109117739A 2020-05-27 2020-05-27 Security protection method for model parameters, security protection device, computer device TW202145040A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW109117739A TW202145040A (en) 2020-05-27 2020-05-27 Security protection method for model parameters, security protection device, computer device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW109117739A TW202145040A (en) 2020-05-27 2020-05-27 Security protection method for model parameters, security protection device, computer device

Publications (1)

Publication Number Publication Date
TW202145040A true TW202145040A (en) 2021-12-01

Family

ID=80783866

Family Applications (1)

Application Number Title Priority Date Filing Date
TW109117739A TW202145040A (en) 2020-05-27 2020-05-27 Security protection method for model parameters, security protection device, computer device

Country Status (1)

Country Link
TW (1) TW202145040A (en)

Similar Documents

Publication Publication Date Title
US20200336299A1 (en) Method and system for managing decentralized data access permissions through a blockchain
CN110351239B (en) Block chain-based electronic contract storage method and device and electronic equipment
CN110457912B (en) Data processing method and device and electronic equipment
CN107241364B (en) File downloading method and device
US10395062B2 (en) Method and server for authenticating and verifying file
CN110445617B (en) Vehicle parking image storage method, device and system based on block chain
CN112788001B (en) Data encryption-based data processing service processing method, device and equipment
CN111985921B (en) Verification processing method based on block chain offline payment and digital financial service platform
US11829476B2 (en) Computing device and model parameters security protection method
CN110737905B (en) Data authorization method, data authorization device and computer storage medium
CN114091690A (en) Method for training federated learning model, method for calling federated learning model and federated learning system
CN112381000A (en) Face recognition method, device, equipment and storage medium based on federal learning
CN111147248A (en) Encrypted transmission method, device and system of face feature library and storage medium
CN114301677A (en) Key negotiation method, device, electronic equipment and storage medium
TW202145040A (en) Security protection method for model parameters, security protection device, computer device
WO2023155641A1 (en) Processing of data
CN109286616B (en) Permission verification method and device based on block chain technology
CN115442021A (en) Data matching method, device, system, equipment and medium
CN114595465A (en) Data encryption processing method and device and electronic equipment
KR101721582B1 (en) System, method and computer program for non-face-to-face verification of user using voice data
CN112749780A (en) Data processing method, device and equipment
CN115550071B (en) Data processing method, device, storage medium and equipment
Huang et al. Research on ciphertext speech biohashing authentication based on chaotic system and improved public chain
JP7343035B2 (en) Data distribution device and method, data request device and method, data distribution system, and program
TWI769672B (en) Data sharing authorization method, blockchain system, sharing device, and query device