TWI733106B - Model-based prediction method and device - Google Patents

Model-based prediction method and device Download PDF

Info

Publication number
TWI733106B
TWI733106B TW108115549A TW108115549A TWI733106B TW I733106 B TWI733106 B TW I733106B TW 108115549 A TW108115549 A TW 108115549A TW 108115549 A TW108115549 A TW 108115549A TW I733106 B TWI733106 B TW I733106B
Authority
TW
Taiwan
Prior art keywords
model
calculation
data
encryption
result
Prior art date
Application number
TW108115549A
Other languages
Chinese (zh)
Other versions
TW202006615A (en
Inventor
林文珍
殷山
劉正
Original Assignee
開曼群島商創新先進技術有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 開曼群島商創新先進技術有限公司 filed Critical 開曼群島商創新先進技術有限公司
Publication of TW202006615A publication Critical patent/TW202006615A/en
Application granted granted Critical
Publication of TWI733106B publication Critical patent/TWI733106B/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Abstract

本說明書實施例提供基於模型的預測方法和裝置,一種所述方法在資料需求方執行,所述資料需求方包括預先訓練好的計算模型,所述方法包括:通過對所述計算模型的至少一個參數進行加密,生成加密模型;將所述加密模型提供給資料提供方,其中,所述資料提供方儲存有第一資料;向所述資料提供方發送關於所述第一資料和所述加密模型的計算請求;從所述資料提供方接收與所述計算請求對應的計算結果;以及基於所述計算結果,獲取所述計算模型的明文預測結果。The embodiments of this specification provide a model-based prediction method and device. One of the methods is executed on the data demander, the data demander includes a pre-trained calculation model, and the method includes: by comparing at least one of the calculation models The parameters are encrypted to generate an encryption model; the encryption model is provided to a data provider, wherein the data provider stores first data; and the data provider sends information about the first data and the encryption model to the data provider Calculation request; receiving the calculation result corresponding to the calculation request from the data provider; and obtaining the plaintext prediction result of the calculation model based on the calculation result.

Description

基於模型的預測方法和裝置Model-based prediction method and device

本說明書實施例關於資料處理技術領域,更具體地,關於基於模型的預測方法和裝置。The embodiments of this specification relate to the field of data processing technology, and more specifically, to model-based prediction methods and devices.

在資料分析、資料採擷、經濟預測等領域,經常使用模型對巨量資料進行處理,以分析、發現潛在的資料價值。在實際應用場景中,為了更準確地刻畫目標群體或變數,通常需要使用測試資料進行訓練,得到可以準確描述目標群體或變數的特徵。然而不同的商家擁有的資料類型或特徵往往是不健全的,通過單一的資料難以準確地刻畫目標。為了得到更好的模型預測結果,通常商家間會選擇資料合作的方式,結合不同的資料或特徵標籤共同完成模型計算,以求共贏。在多方資料合作過程中,又涉及資料安全和模型安全等問題。一方面,資料提供方不想輸出自己的價值資料給資料需求方,洩漏私有資料;另一方面,模型中包含的特徵標籤等資訊也是商家的私有資料,具有重要的商業價值,擔憂資料合作過程中的模型安全問題,導致資料合作受阻。 針對上述問題,傳統的解決方案包括,將資料和模型放置在一個可信第三方(如共創實驗室等),進行模型預測。對可信第三方的資料出入進行嚴格控制,保證資訊安全。 因此,需要一種更有效的基於模型的預測方案。In the fields of data analysis, data acquisition, economic forecasting, etc., models are often used to process huge amounts of data to analyze and discover potential data values. In actual application scenarios, in order to more accurately describe the target group or variable, it is usually necessary to use test data for training to obtain characteristics that can accurately describe the target group or variable. However, the types or characteristics of data owned by different businesses are often unsound, and it is difficult to accurately describe the target through a single data. In order to obtain better model prediction results, businesses usually choose the way of data cooperation, combining different data or feature tags to complete the model calculation together, in order to achieve a win-win situation. In the process of multi-party data cooperation, issues such as data security and model security are also involved. On the one hand, the data provider does not want to export its own value data to the data demander, leaking private data; on the other hand, the feature tags and other information contained in the model are also the private data of the merchant, which has important commercial value. The security issues of the model resulted in the obstruction of data cooperation. To solve the above problems, traditional solutions include placing data and models in a trusted third party (such as a co-creation laboratory, etc.) for model prediction. Strictly control the data access of trusted third parties to ensure information security. Therefore, a more effective model-based forecasting scheme is needed.

本說明書實施例旨在提供一種更有效的基於模型的預測方案,以解決現有技術中的不足。 為實現上述目的,本說明書一個方面提供一種基於模型的預測方法,所述方法在資料需求方執行,所述資料需求方包括預先訓練好的計算模型,所述方法包括:通過對所述計算模型的至少一個參數進行加密,生成加密模型;將所述加密模型提供給資料提供方,其中,所述資料提供方儲存有第一資料;向所述資料提供方發送關於所述第一資料和所述加密模型的計算請求;從所述資料提供方接收與所述計算請求對應的計算結果;以及基於所述計算結果,獲取所述計算模型的明文預測結果。 在一個實施例中,在所述基於模型的預測方法中,所述資料需求方安裝有資料需求方計算引擎,其中,通過對所述計算模型的至少一個參數進行加密,生成加密模型包括,通過使用所述資料需求方計算引擎對所述計算模型的至少一個參數進行加密,生成加密模型。 在一個實施例中,在所述基於模型的預測方法中,所述資料提供方安裝有資料提供方計算引擎,其中,從所述資料提供方接收與所述計算請求對應的計算結果包括,通過所述資料需求方計算引擎從所述資料提供方計算引擎接收所述計算結果。 在一個實施例中,在所述基於模型的預測方法中,對所述計算模型的至少一個參數進行加密包括,通過以下一種加密方法對所述至少一個參數進行加密:同態加密方法、混淆電路方法以及差分隱私方法。 在一個實施例中,在所述基於模型的預測方法中,所述計算模型為邏輯回歸模型或線性回歸模型,所述加密方法為同態加密方法,所述計算結果為同態密文結果,其中,基於所述計算結果,獲取所述計算模型的明文預測結果包括:使用與所述計算模型對應的私密金鑰對所述同態密文結果進行解密,以獲取所述計算模型的明文預測結果,其中,所述私密金鑰在本地預先生成。 在一個實施例中,在所述基於模型的預測方法中,所述計算模型為GBDT模型,所述加密方法為混淆電路方法。 在一個實施例中,在所述基於模型的預測方法中,所述計算模型為評分卡模型,所述加密方法為差分隱私方法。 本說明書另一方面提供一種基於模型的預測方法,所述方法在資料提供方執行,所述資料提供方儲存有第一資料,所述方法包括:從資料需求方獲取加密模型,其中,所述資料需求方包括預先訓練好的計算模型,所述加密模型通過由所述資料需求方對所述計算模型的至少一個參數進行加密而生成;從所述資料需求方接收關於所述第一資料和所述加密模型的計算請求;根據所述計算請求,使用所述加密模型基於所述第一資料進行計算,以獲取計算結果;以及將所述計算結果發送給所述資料需求方。 在一個實施例中,在所述基於模型的預測方法中,所述加密模型為通過同態加密方法所獲取的第一加密模型,其中,根據所述計算請求,使用所述加密模型基於所述第一資料進行計算,以獲取計算結果包括:在所述第一加密模型中,使用預先獲取的所述資料需求方的公開金鑰基於所述第一資料進行同態計算,以獲取同態密文結果,其中,所述公開金鑰由所述資料需求方針對所述計算模型預先生成。 本說明書另一方面提供一種基於模型的預測裝置,所述裝置在資料需求方實施,所述資料需求方包括預先訓練好的計算模型,所述裝置包括:生成單元,配置為通過對所述計算模型的至少一個參數進行加密,生成加密模型;提供單元,配置為將所述加密模型提供給資料提供方,其中,所述資料提供方儲存有第一資料;發送單元,配置為向所述資料提供方發送關於所述第一資料和所述加密模型的計算請求;接收單元,配置為從所述資料提供方接收與所述計算請求對應的計算結果;以及獲取單元,配置為基於所述計算結果,獲取所述計算模型的明文預測結果。 在一個實施例中,在所述基於模型的預測裝置中,所述資料需求方安裝有資料需求方計算引擎,其中,所述生成單元還配置為通過使用所述資料需求方計算引擎對所述計算模型的至少一個參數進行加密,生成加密模型。 在一個實施例中,在所述基於模型的預測裝置中,所述資料提供方安裝有資料提供方計算引擎,其中,所述接收單元還配置為,通過所述資料需求方計算引擎從所述資料提供方計算引擎接收所述計算結果。 在一個實施例中,在所述基於模型的預測裝置中,所述生成單元還配置為,通過以下一種加密方法對所述至少一個參數進行加密:同態加密方法、混淆電路方法以及差分隱私方法。 在一個實施例中,在所述基於模型的預測裝置中,所述計算模型為邏輯回歸模型或線性回歸模型,所述加密方法為同態加密方法,所述計算結果為同態密文結果,其中,基於所述計算結果,獲取所述計算模型的明文預測結果包括:使用與所述計算模型對應的私密金鑰對所述同態密文結果進行解密,以獲取所述計算模型的明文預測結果,其中,所述私密金鑰在本地預先生成。 本說明書另一方面提供一種基於模型的預測裝置,所述裝置在資料提供方實施,所述資料提供方儲存有第一資料,所述裝置包括:獲取單元,配置為從資料需求方獲取加密模型,其中,所述資料需求方包括預先訓練好的計算模型,所述加密模型通過由所述資料需求方對所述計算模型的至少一個參數進行加密而生成;接收單元,配置為從所述資料需求方接收關於所述第一資料和所述加密模型的計算請求;計算單元,配置為根據所述計算請求,使用所述加密模型基於所述第一資料進行計算,以獲取計算結果;以及發送單元,配置為將所述計算結果發送給所述資料需求方。 在一個實施例中,在所述基於模型的預測裝置中,所述加密模型為通過同態加密方法獲取的第一加密模型,其中,根據所述計算請求,使用所述加密模型基於所述第一資料進行計算,以獲取計算結果包括:在所述第一加密模型中,使用預先獲取的所述資料需求方的公開金鑰基於所述第一資料進行同態計算,以獲取同態密文結果,其中,所述公開金鑰由所述資料需求方針對所述計算模型預先生成。 本說明書另一方面提供一種計算設備,包括記憶體和處理器,其特徵在於,所述記憶體中儲存有可執行程式碼,所述處理器執行所述可執行程式碼時,實現上述基於模型的預測方法。 通過根據本說明書實施例的模型預測方案,不需要可信的第三方,資料和模型由資料合作方各自持有,規避了資料和模型集中在一起的隱私安全問題,也減少了大批量資料傳輸帶來的傳輸安全隱患等問題。該方案為純軟體方案,除基本的伺服器等,沒有其他額外的硬體要求,不會引入其他硬體安全性漏洞。並且對接成本不高。資料提供方和資料需求方只需要docker部署特定引擎,即可線上完成計算。另外,針對不同的模型特性,使用不同的模型加密方式,提高了計算結果的準確度。The embodiments of this specification aim to provide a more effective model-based prediction solution to solve the deficiencies in the prior art. In order to achieve the above objective, one aspect of this specification provides a model-based prediction method, which is executed on the data demander, the data demander includes a pre-trained calculation model, and the method includes: Encrypt at least one parameter of, to generate an encryption model; provide the encryption model to the data provider, wherein the data provider stores the first data; send to the data provider information about the first data and the A calculation request of the encryption model; receiving a calculation result corresponding to the calculation request from the data provider; and obtaining a plaintext prediction result of the calculation model based on the calculation result. In one embodiment, in the model-based prediction method, the data demander is equipped with a data demander calculation engine, wherein, by encrypting at least one parameter of the calculation model, generating an encrypted model includes: Encrypt at least one parameter of the calculation model using the data requester calculation engine to generate an encryption model. In one embodiment, in the model-based prediction method, the data provider is equipped with a data provider calculation engine, wherein receiving the calculation result corresponding to the calculation request from the data provider includes: The data requester calculation engine receives the calculation result from the data provider calculation engine. In one embodiment, in the model-based prediction method, encrypting at least one parameter of the calculation model includes encrypting the at least one parameter by one of the following encryption methods: homomorphic encryption method, obfuscation circuit Methods and differential privacy methods. In one embodiment, in the model-based prediction method, the calculation model is a logistic regression model or a linear regression model, the encryption method is a homomorphic encryption method, and the calculation result is a homomorphic ciphertext result, Wherein, based on the calculation result, obtaining the plaintext prediction result of the calculation model includes: decrypting the homomorphic ciphertext result using a private key corresponding to the calculation model to obtain the plaintext prediction result of the calculation model As a result, wherein the private key is generated locally in advance. In one embodiment, in the model-based prediction method, the calculation model is a GBDT model, and the encryption method is an obfuscated circuit method. In one embodiment, in the model-based prediction method, the calculation model is a score card model, and the encryption method is a differential privacy method. Another aspect of this specification provides a model-based prediction method. The method is executed on a data provider, and the data provider stores first data. The method includes: obtaining an encryption model from a data requester, wherein the The data demander includes a pre-trained calculation model, and the encryption model is generated by encrypting at least one parameter of the calculation model by the data demander; receiving information about the first data and data from the data demander A calculation request for the encryption model; according to the calculation request, use the encryption model to perform calculations based on the first data to obtain a calculation result; and send the calculation result to the data requester. In one embodiment, in the model-based prediction method, the encryption model is a first encryption model obtained by a homomorphic encryption method, wherein, according to the calculation request, the encryption model is used based on the Performing calculation on the first data to obtain the calculation result includes: in the first encryption model, performing a homomorphic calculation based on the first data using the public key of the data requester obtained in advance to obtain a homomorphic secret The result of the text, wherein the public key is pre-generated by the data requester for the calculation model. Another aspect of this specification provides a model-based prediction device, which is implemented on the data demander, the data demander includes a pre-trained calculation model, and the device includes: a generating unit configured to calculate At least one parameter of the model is encrypted to generate an encrypted model; the providing unit is configured to provide the encrypted model to the data provider, wherein the data provider stores the first data; the sending unit is configured to send the data to the data provider. The provider sends a calculation request regarding the first data and the encryption model; a receiving unit configured to receive a calculation result corresponding to the calculation request from the data provider; and an acquiring unit configured to be based on the calculation As a result, the plaintext prediction result of the calculation model is obtained. In one embodiment, in the model-based forecasting device, the data demander is equipped with a data demander calculation engine, wherein the generating unit is further configured to use the data demander calculation engine to At least one parameter of the calculation model is encrypted to generate an encrypted model. In one embodiment, in the model-based prediction device, the data provider is equipped with a data provider calculation engine, and the receiving unit is further configured to receive data from the data requester calculation engine through the data requester calculation engine. The data provider calculation engine receives the calculation result. In one embodiment, in the model-based prediction device, the generating unit is further configured to encrypt the at least one parameter by one of the following encryption methods: a homomorphic encryption method, an obfuscated circuit method, and a differential privacy method . In one embodiment, in the model-based prediction device, the calculation model is a logistic regression model or a linear regression model, the encryption method is a homomorphic encryption method, and the calculation result is a homomorphic ciphertext result, Wherein, based on the calculation result, obtaining the plaintext prediction result of the calculation model includes: decrypting the homomorphic ciphertext result using a private key corresponding to the calculation model to obtain the plaintext prediction result of the calculation model As a result, wherein the private key is generated locally in advance. Another aspect of this specification provides a model-based prediction device, the device is implemented on a data provider, the data provider stores first data, and the device includes: an acquisition unit configured to acquire an encryption model from a data requester , Wherein the data demander includes a pre-trained calculation model, and the encryption model is generated by encrypting at least one parameter of the calculation model by the data demander; the receiving unit is configured to receive data from the data The demander receives a calculation request regarding the first data and the encryption model; a calculation unit configured to perform calculations based on the first data using the encryption model according to the calculation request to obtain a calculation result; and send The unit is configured to send the calculation result to the data requester. In one embodiment, in the model-based prediction device, the encryption model is a first encryption model obtained by a homomorphic encryption method, wherein, according to the calculation request, the encryption model is used based on the first encryption model. Performing calculation on a data to obtain a calculation result includes: in the first encryption model, performing a homomorphic calculation based on the first data using the public key of the data requester obtained in advance to obtain a homomorphic ciphertext As a result, wherein the public key is generated in advance by the data requester for the calculation model. Another aspect of this specification provides a computing device, including a memory and a processor, characterized in that executable program codes are stored in the memory, and when the processor executes the executable program codes, the aforementioned model-based Forecasting method. Through the model prediction scheme according to the embodiment of this specification, a trusted third party is not required. The data and model are held by the data partner separately, which avoids the privacy and security problem of data and model concentration, and also reduces the transmission of large quantities of data. Problems such as transmission safety hazards brought by. This solution is a pure software solution. Except for the basic server, there are no additional hardware requirements and no other hardware security vulnerabilities will be introduced. And the docking cost is not high. The data provider and data demander only need docker to deploy a specific engine to complete the calculation online. In addition, for different model characteristics, different model encryption methods are used to improve the accuracy of the calculation results.

下面將結合圖式描述本說明書實施例。 圖1示出了根據本說明書實施例的執行模型預測的系統100的示意圖。如圖1所示,系統100包括資料需求方11和資料提供方12。資料需求方11為模型擁有方,其包括訓練好的計算模型,如圖中所示,在資料需求方11,私有資料A包括訓練好的模型的特徵標籤等資料,計算邏輯(模型/規則)通過所述計算模型體現。資料提供方為資料擁有方,圖中所示的私有資料B即為資料提供方擁有的資料,該資料可使用上述計算模型進行計算。如圖中所示,在資料需求方11預先安裝有例如安全計算引擎,在所述資料提供方12安裝有例如安全計算引擎。所述資料需求方11和資料提供方12通過其各自的安全計算引擎執行例如安全計算和計算中的通信。具體是,資料需求方11在本地使用所述計算引擎對計算模型進行加密,也即對私有資料A進行加密,並將加密後的加密模型發送給資料提供方12,並向資料提供方12發送關於該加密模型和私有資料B的計算請求。資料提供方12在接收到計算請求之後,在其本地的計算引擎中使用接收的加密模型基於私有資料B進行計算,並通過計算引擎將計算結果發送給資料需求方11。資料需求方11基於上述計算結果獲取最終的明文結果。 圖1所示的系統100只是示意性的,根據本說明書實施例的系統100不限於圖1所示的結構。例如,在資料需求方11和資料提供方12不必需安全計算引擎,而是可以包括任何計算軟體,只要其能滿足上述計算需求即可。另外,資料需求方11也可以包括需要進行模型預測的資料,即,資料需求方11可以同時作為另一個資料提供方,資料提供方12也可以擁有模型,即,資料提供方12可以同時作為另一個資料需求方。 圖2示出了根據本說明書實施例的一種基於模型的預測方法的流程圖。所述方法在資料需求方執行,所述資料需求方包括預先訓練好的計算模型。所述方法包括: 在步驟S202,通過對所述計算模型的至少一個參數進行加密,生成加密模型; 在步驟S204,將所述加密模型提供給資料提供方,其中,所述資料提供方儲存有第一資料; 在步驟S206,向所述資料提供方發送關於所述第一資料和所述加密模型的計算請求; 在步驟S208,從所述資料提供方接收與所述計算請求對應的計算結果;以及 在步驟S210,基於所述計算結果,獲取所述計算模型的明文預測結果。 首先,在步驟S202,通過對所述計算模型的至少一個參數進行加密,生成加密模型。 在一個實施例中,所述計算模型例如是邏輯回歸模型(LR模型),LR模型的預測函數如下文的公式(1)所示:

Figure 02_image001
其中ω、λ為模型係數,屬於資料需求方。x為計算所需的輸入,屬於資料提供方的私有資料,即上述第一資料。這裡ω、λ、x可以是單個數值,也可以是向量,下文中以ω和x都為包括多個數值的向量為例進行說明。 為了減少計算量,同時為了減少模型參數的洩漏風險,只對公式(1)中的ω參數進行同態加密計算,從而獲取與ωx對應的加密模型。首先,資料需求方生成並儲存用於進行上述同態加密的公開金鑰和私密金鑰,並使用公開金鑰對ω中包括的各數值分別進行同態加密,從而獲取與ω對應的第一加密向量。之後,資料需求方將ω替換成第一加密向量,生成加密模型。所述加密模型中包括第一加密向量、以及與ωx對應的計算規則,即將第一加密向量與第二加密向量(與x對應的同態加密向量)進行點積的運算規則。這裡,加密模型以設定檔的形式表示,可以理解,加密模型不限於設定檔的形式,而可以為其它形式,例如腳本、可執行程式等。 所述計算模型不限於LR模型,所述加密方法也不限於同態加密方法。例如,在一個實施例中,所述計算模型為線性回歸模型,資料需求方可同樣地使用同態加密方法生成加密模型。在一個實施例中,所述計算模型為GBDT模型,資料需求方可通過混淆電路方法生成加密模型。在一個實施例中,所述計算模型為評分卡模型,資料需求方可通過差分隱私方法生成加密模型。評分卡模型最終結果只需輸出分類,不需要精確的計算結果。從而可以使用差分隱私方法模糊化模型係數,加入微小雜訊,而不會影響整體的決策分類。 在一個實施例中,如圖1中所示,資料需求方預先安裝有專用的安全計算引擎,資料需求方通過該計算引擎進行對所述參數的加密,以生成加密模型。 在步驟S204,將所述加密模型提供給資料提供方,其中,所述資料提供方儲存有第一資料。資料需求方在生成所述加密模型之後,例如可通過本地的產品控制台將所述加密模型推送給資料提供方。將所述加密模型提供給資料提供方不限於上述方式,例如,資料需求方還可以通過硬碟儲存的形式將儲存有加密模型的硬碟提供給資料提供方。資料提供方接收所述加密模型之後,可在資料提供方部署該加密模型,以使用該加密模型進行本地的計算。例如,可將模型設定檔載入到一個進程中,然後通過調用該進程進行模型計算。這裡,本領域技術人員可以理解,依據不同的計算環境,可以實施不同的部署方法,在此不進行詳細說明。 在步驟S206,向所述資料提供方發送關於所述第一資料和所述加密模型的計算請求。這裡,第一資料(即上文中的x)例如為特定對象(對象ID)的特徵向量資料。所述計算請求中可包括所述對象ID和所述加密模型的模型ID,或者,所述計算請求中可包括與所述對象ID對應的資訊,例如對象ID的手機號、護照號等資訊。從而資料提供方基於該計算請求,可獲取所述對象ID和所述加密模型,並基於所述對象ID獲取所述第一資料,從而可基於該計算請求進行計算。 在步驟S208,從所述資料提供方接收與所述計算請求對應的計算結果。 例如,在上述計算模型為LR模型的實施例中,所述加密模型是與公式(1)中的ωx對應的加密模型。資料提供方在接收上述關於第一資料和所述加密模型的計算請求之後,在該加密模型中,使用預先獲取的所述資料需求方的公開金鑰基於x進行同態計算,以獲取同態密文結果,其中,所述公開金鑰由所述資料需求方針對所述計算模型預先生成。該同態密文結果即與ωx對應的同態密文結果。之後,資料提供方將所述同態密文結果發送給所述資料需求方。從而所述資料需求方從資料提供方獲取基於所述計算請求的同態密文結果。 在上述計算模型為GBDT模型的實施例中,加密方法為混淆電路方法。所述加密模型中的加密參數為所述GBDT模型中的至少一個參數的混淆值。所述資料提供方使用所述加密的GBDT模型基於所述第一資料進行計算,從而可獲取混淆值結果。之後,資料提供方將該混淆值結果發送給資料需求方。從而,資料需求方從資料提供方獲取基於所述計算請求的混淆值結果。 在上述計算模型為評分卡模型中,資料需求方通過差分隱私方法模糊該模型的係數,同時不影響模型的預測結果。從而,資料提供方直接將第一資料x輸入該經過加密的評分卡模型,可基本準確地獲取該評分卡模型的明文預測結果。之後,資料提供方將該明文預測結果發送給所述資料需求方。 在一個實施例中,如圖1所示,在第一伺服器和資料提供方都預先部署有安全計算引擎。在該情況中,由資料需求方的安全計算引擎從資料提供方的安全計算引擎接收與所述計算請求對應的計算結果。該計算引擎在計算出加密模型的計算結果之後,可對該計算結果附上加密模型的標識,並發送給所述資料需求方的安全計算引擎,從而可確保該計算結果的真實性。 在步驟S210,基於所述計算結果,獲取所述計算模型的明文預測結果。 在所述計算結果為同態密文結果的實施例中,資料需求方使用上述在本地生成的與所述計算模型對應的私密金鑰對所述同態密文結果進行解密,從而獲取與該計算結果對應的明文結果。根據同態加密原理,該明文結果等同於將ω和x直接點積所獲得的值。在獲得ωx的點積的明文值之後,資料需求方將該明文值代入公式(1)中進行計算,從而可最終獲取上述LR模型對第一資料的預測結果。 在所述計算結果為混淆值結果的實施例中,資料需求方基於該混淆值結果獲取其原始值,從而獲取上述GBDT模型對第一資料的明文預測結果。 在所述計算結果為加密評分卡模型的明文預測結果的情況中,根據差分隱私加密原理,資料需求方可直接將該明文預測結果作為所述評分卡模型的明文預測結果。 在一個實施例中,所述資料需求方安裝有資料需求方計算引擎,所述資料提供方安裝有資料提供方計算引擎。例如資料需求方和資料提供方可分別通過Docker(一種開源的應用容器引擎)部署上述資料需求方計算引擎和資料提供方計算引擎,即資料需求方計算引擎和資料提供方計算引擎可理解為軟體。其中所述資料需求方的計算在所述資料需求方計算引擎內進行,所述資料提供方的計算在所述資料提供方計算引擎內進行。例如,資料需求方對模型的加密計算、對密文結果的解密計算可通過資料需求方計算引擎進行,資料提供方基於所述加密模型對第一資料的計算可通過資料提供方計算引擎進行。另外,上述資料需求方計算引擎和資料提供方計算引擎還具備通信功能,例如,資料需求方可通過資料需求方計算引擎向所述資料提供方發送關於所述第一資料和所述加密模型的計算請求,資料提供方可通過資料提供方計算引擎向所述資料需求方發送與所述計算請求對應的計算結果。 圖3示出根據本說明書實施例的一種基於模型的預測方法的流程圖。所述方法在資料提供方執行,所述資料提供方儲存有第一資料。所述方法包括以下步驟S302-S308。 在步驟S302,從資料需求方獲取加密模型,其中,所述資料需求方包括預先訓練好的計算模型,所述加密模型通過由所述資料需求方對所述計算模型的至少一個參數進行加密而生成。該步驟的具體實施可參考上文對圖2中步驟S202和步驟S204的相應描述,在此不再贅述。 在步驟S304,從所述資料需求方接收關於所述第一資料和所述加密模型的計算請求。該步驟的具體實施可參考上文對圖2中步驟S206的相應描述,在此不再贅述。 在步驟S306,根據所述計算請求,使用所述加密模型基於所述第一資料進行計算,以獲取計算結果。該步驟的具體實施可參考上文對圖2中步驟S208的相應描述,在此不再贅述。 在步驟S308,將所述計算結果發送給所述資料需求方。該步驟的具體實施可參考上文對圖2中步驟S208的相應描述,在此不再贅述。 在一個實施例中,如上文對圖2中步驟S208的相應描述,所述加密模型為通過同態加密方法對上述LR模型或線性回歸模型的至少一個參數進行加密所獲取的第一加密模型。其中,根據所述計算請求,使用所述加密模型基於所述第一資料進行計算,以獲取計算結果包括:在所述第一加密模型中,使用預先獲取的所述資料需求方的公開金鑰基於所述第一資料進行同態計算,以獲取同態密文結果,其中,所述公開金鑰由所述資料需求方針對所述計算模型預先生成。所述預先獲取的公開金鑰例如是由所述資料需求方預先發送給所述資料提供方的,或者,所述資料需求方預先向資料提供方提供與所述公開金鑰相關的資訊,所述資料提供方預先基於該資訊推導出述公開金鑰,等等 圖4示出根據本說明書實施例的一種基於模型的預測裝置400。所述裝置在資料需求方實施,所述資料需求方包括預先訓練好的計算模型。所述裝置包括: 生成單元41,配置為通過對所述計算模型的至少一個參數進行加密,生成加密模型; 提供單元42,配置為將所述加密模型提供給資料提供方,其中,所述資料提供方儲存有第一資料; 發送單元43,配置為向所述資料提供方發送關於所述第一資料和所述加密模的計算請求; 接收單元44,配置為從所述資料提供方接收與所述計算請求對應的計算結果;以及 獲取單元45,配置為基於所述計算結果,獲取所述計算模型的明文預測結果。 在一個實施例中,在所述基於模型的預測裝置中,所述資料需求方安裝有資料需求方計算引擎,其中,所述生成單元41還配置為通過使用所述資料需求方計算引擎對所述計算模型的至少一個參數進行加密,生成加密模型。 在一個實施例中,在所述基於模型的預測裝置中,所述資料提供方安裝有資料提供方計算引擎,其中,所述接收單元44還配置為通過所述資料需求方計算引擎從所述資料提供方計算引擎接收與所述計算請求對應的計算結果。 在一個實施例中,在所述基於模型的預測裝置中,所述生成單元41還配置為通過以下一種加密方法對所述至少一個參數進行加密:同態加密方法、混淆電路方法以及差分隱私方法。 在一個實施例中,在所述基於模型的預測裝置中,所述計算模型為邏輯回歸模型或線性回歸模型,所述加密方法為同態加密方法,所述計算結果為同態密文結果,其中,所述獲取單元45配置為:使用與所述計算模型對應的私密金鑰對所述同態密文結果進行解密,以獲取所述計算模型的明文預測結果,其中,所述私密金鑰在本地預先生成。 圖5示出根據本說明書實施例的一種基於模型的預測裝置500。所述裝置在資料提供方實施,所述資料提供方儲存有第一資料,所述裝置包括: 獲取單元51,配置為從資料需求方獲取加密模型,其中,所述資料需求方包括預先訓練好的計算模型,所述加密模型通過由所述資料需求方對所述計算模型的至少一個參數進行加密而生成; 接收單元52,配置為從所述資料需求方接收關於所述第一資料和所述加密模型的計算請求; 計算單元53,配置為根據所述計算請求,使用所述加密模型基於所述第一資料進行計算,以獲取計算結果;以及 發送單元54,配置為將所述計算結果發送給所述資料需求方。 在一個實施例中,在所述基於模型的預測裝置中,所述加密模型為通過同態加密方法對LR模型或線性回歸模型的至少一個參數進行加密所獲取的第一加密模型,其中,所述計算單元53還配置為:在所述第一加密模型中,使用預先獲取的所述資料需求方的公開金鑰基於所述第一資料進行同態計算,以獲取同態密文結果,其中,所述公開金鑰由所述資料需求方針對所述計算模型預先生成。 在一個實施例中,在所述基於模型的預測裝置中,所述資料提供方安裝有資料提供方計算引擎,其中,所述計算單元53還配置為通過所述資料提供方計算引擎,基於所述計算請求,根據所述加密模型對所述第一資料進行計算,以獲取計算結果。 本說明書另一方面如果一種計算設備,包括記憶體和處理器,其特徵在於,所述記憶體中儲存有可執行程式碼,所述處理器執行所述可執行程式碼時,實現上述基於模型的預測方法。 通過根據本說明書實施例的模型預測方案,不需要可信的第三方,資料和模型由資料合作方各自持有,規避了資料和模型集中在一起的隱私安全問題,也減少了大批量資料傳輸帶來的傳輸安全隱患等問題。該方案為純軟體方案,除基本的伺服器等,沒有其他額外的硬體要求,不會引入其他硬體安全性漏洞。並且對接成本不高。資料提供方和資料需求方只需要docker部署特定計算引擎,即可線上完成計算。另外,針對不同的模型特性,使用不同的模型加密方式,提高了計算結果的準確度。 本說明書中的各個實施例均採用遞進的方式描述,各個實施例之間相同相似的部分互相參見即可,每個實施例重點說明的都是與其他實施例的不同之處。尤其,對於系統實施例而言,由於其基本相似於方法實施例,所以描述的比較簡單,相關之處參見方法實施例的部分說明即可。 上述對本說明書特定實施例進行了描述。其它實施例在所附申請專利範圍的範圍內。在一些情況下,在申請專利範圍中記載的動作或步驟可以按照不同於實施例中的順序來執行並且仍然可以實現期望的結果。另外,在圖式中描繪的過程不一定要求示出的特定順序或者連續順序才能實現期望的結果。在某些實施方式中,多工處理和並行處理也是可以的或者可能是有利的。 本領域普通技術人員應該還可以進一步意識到,結合本文中所公開的實施例描述的各示例的單元及演算法步驟,能夠以電子硬體、電腦軟體或者二者的結合來實現,為了清楚地說明硬體和軟體的可互換性,在上述說明中已經按照功能一般性地描述了各示例的組成及步驟。這些功能究竟以硬體還是軟體方式來執軌道,取決於技術方案的特定應用和設計約束條件。本領域普通技術人員可以對每個特定的應用來使用不同方法來實現所描述的功能,但是這種實現不應認為超出本申請的範圍。 結合本文中所公開的實施例描述的方法或演算法的步驟可以用硬體、處理器執軌道的軟體模組,或者二者的結合來實施。軟體模組可以置於隨機記憶體(RAM)、記憶體、唯讀記憶體(ROM)、電可程式設計ROM、電可擦除可程式設計ROM、暫存器、硬碟、抽取式磁碟、CD-ROM、或技術領域內所公知的任意其它形式的儲存媒體中。 以上所述的具體實施方式,對本發明的目的、技術方案和有益效果進行了進一步詳細說明,所應理解的是,以上所述僅為本發明的具體實施方式而已,並不用於限定本發明的保護範圍,凡在本發明的精神和原則之內,所做的任何修改、等同替換、改進等,均應包含在本發明的保護範圍之內。The embodiments of this specification will be described below in conjunction with the drawings. Fig. 1 shows a schematic diagram of a system 100 for performing model prediction according to an embodiment of the present specification. As shown in FIG. 1, the system 100 includes a data requester 11 and a data provider 12. The data requester 11 is the model owner, which includes the trained calculation model. As shown in the figure, on the data requester 11, the private data A includes the feature label of the trained model and other data, and the calculation logic (model/rule) Reflected by the calculation model. The data provider is the data owner, and the private data B shown in the figure is the data owned by the data provider. The data can be calculated using the above calculation model. As shown in the figure, a secure computing engine is pre-installed on the data requester 11, and a secure computing engine is installed on the data provider 12, for example. The data requester 11 and the data provider 12 perform, for example, secure computing and communication in computing through their respective secure computing engines. Specifically, the data requester 11 uses the calculation engine locally to encrypt the calculation model, that is, encrypts the private data A, and sends the encrypted encryption model to the data provider 12 and sends it to the data provider 12 The calculation request regarding the encryption model and the private data B. After receiving the calculation request, the data provider 12 uses the received encryption model in its local calculation engine to perform calculations based on the private data B, and sends the calculation result to the data requester 11 through the calculation engine. The data requester 11 obtains the final plaintext result based on the above calculation result. The system 100 shown in FIG. 1 is only schematic, and the system 100 according to the embodiment of the present specification is not limited to the structure shown in FIG. 1. For example, the data requester 11 and the data provider 12 do not need a secure computing engine, but can include any computing software, as long as it can meet the aforementioned computing requirements. In addition, the data demander 11 can also include data that needs to be modeled. That is, the data demander 11 can be another data provider at the same time, and the data provider 12 can also have a model, that is, the data provider 12 can be another data provider at the same time. A data requester. Fig. 2 shows a flowchart of a model-based prediction method according to an embodiment of the present specification. The method is executed on the data demand side, and the data demand side includes a pre-trained calculation model. The method includes: in step S202, generating an encryption model by encrypting at least one parameter of the calculation model; in step S204, providing the encryption model to a data provider, wherein the data provider stores First data; In step S206, send a calculation request regarding the first data and the encryption model to the data provider; In step S208, receive a calculation result corresponding to the calculation request from the data provider And in step S210, based on the calculation result, obtain the plaintext prediction result of the calculation model. First, in step S202, an encrypted model is generated by encrypting at least one parameter of the calculation model. In an embodiment, the calculation model is, for example, a logistic regression model (LR model), and the prediction function of the LR model is shown in the following formula (1):
Figure 02_image001
Among them, ω and λ are model coefficients, which belong to the data demand side. x is the input required for calculation and belongs to the private data of the data provider, that is, the first data mentioned above. Here, ω, λ, and x can be a single value or a vector. In the following description, both ω and x are vectors that include multiple values. In order to reduce the amount of calculation and to reduce the risk of leakage of model parameters, only the ω parameter in formula (1) is subjected to homomorphic encryption calculations, so as to obtain the encryption model corresponding to ωx. First, the data requester generates and stores the public key and private key used for the above-mentioned homomorphic encryption, and uses the public key to homomorphically encrypt the values included in ω, thereby obtaining the first corresponding to ω. Encryption vector. After that, the data requester replaces ω with the first encryption vector to generate an encryption model. The encryption model includes a first encryption vector and a calculation rule corresponding to ωx, that is, a dot product operation rule of the first encryption vector and the second encryption vector (the homomorphic encryption vector corresponding to x). Here, the encryption model is expressed in the form of a configuration file. It can be understood that the encryption model is not limited to the form of a configuration file, but can be in other forms, such as scripts, executable programs, and so on. The calculation model is not limited to the LR model, and the encryption method is not limited to the homomorphic encryption method. For example, in one embodiment, the calculation model is a linear regression model, and the data requester can also use the homomorphic encryption method to generate the encryption model. In one embodiment, the calculation model is a GBDT model, and the data requester can generate the encryption model by obfuscating the circuit method. In one embodiment, the calculation model is a score card model, and the data requester can generate an encryption model through a differential privacy method. The final result of the scorecard model only needs to output the classification, and does not require precise calculation results. Therefore, the differential privacy method can be used to fuzzify the model coefficients and add small noise without affecting the overall decision classification. In one embodiment, as shown in FIG. 1, the data requester is pre-installed with a dedicated secure calculation engine, and the data requester encrypts the parameters through the calculation engine to generate an encryption model. In step S204, the encryption model is provided to a data provider, wherein the data provider stores the first data. After the data demander generates the encryption model, for example, the encryption model can be pushed to the data provider through the local product console. Providing the encryption model to the data provider is not limited to the above methods. For example, the data demander can also provide the hard disk storing the encryption model to the data provider in the form of hard disk storage. After the data provider receives the encryption model, the encryption model can be deployed on the data provider to use the encryption model for local calculations. For example, the model configuration file can be loaded into a process, and then the model calculation can be performed by calling the process. Here, those skilled in the art can understand that according to different computing environments, different deployment methods can be implemented, which will not be described in detail here. In step S206, a calculation request regarding the first data and the encryption model is sent to the data provider. Here, the first data (ie, x in the above) is, for example, feature vector data of a specific object (object ID). The calculation request may include the object ID and the model ID of the encryption model, or the calculation request may include information corresponding to the object ID, such as the object ID's mobile phone number, passport number, and other information. Therefore, the data provider can obtain the object ID and the encryption model based on the calculation request, and obtain the first data based on the object ID, so that calculation can be performed based on the calculation request. In step S208, a calculation result corresponding to the calculation request is received from the data provider. For example, in the embodiment in which the calculation model is the LR model, the encryption model is an encryption model corresponding to ωx in formula (1). After the data provider receives the aforementioned calculation request for the first data and the encryption model, in the encryption model, it uses the pre-obtained public key of the data requester to perform homomorphic calculations based on x to obtain homomorphisms The ciphertext result, wherein the public key is generated in advance by the data requester for the calculation model. The homomorphic ciphertext result is the homomorphic ciphertext result corresponding to ωx. After that, the data provider sends the homomorphic ciphertext result to the data requester. Therefore, the data demander obtains the homomorphic ciphertext result based on the calculation request from the data provider. In the foregoing embodiment where the calculation model is the GBDT model, the encryption method is the obfuscated circuit method. The encryption parameter in the encryption model is a confusion value of at least one parameter in the GBDT model. The data provider uses the encrypted GBDT model to perform calculations based on the first data, so that the confusion value result can be obtained. After that, the data provider sends the result of the confusion value to the data demander. Thus, the data demander obtains the confusion value result based on the calculation request from the data provider. In the above calculation model is the score card model, the data demander uses the differential privacy method to blur the coefficients of the model without affecting the prediction results of the model. Therefore, the data provider directly inputs the first data x into the encrypted scorecard model, and can basically accurately obtain the plaintext prediction result of the scorecard model. After that, the data provider sends the plaintext prediction result to the data demander. In one embodiment, as shown in FIG. 1, a secure computing engine is pre-deployed on the first server and the data provider. In this case, the secure calculation engine of the data requester receives the calculation result corresponding to the calculation request from the secure calculation engine of the data provider. After the calculation engine calculates the calculation result of the encryption model, it can attach the identification of the encryption model to the calculation result and send it to the secure calculation engine of the data requester, thereby ensuring the authenticity of the calculation result. In step S210, based on the calculation result, a plaintext prediction result of the calculation model is obtained. In the embodiment where the calculation result is a homomorphic ciphertext result, the data requester uses the above-mentioned locally generated private key corresponding to the calculation model to decrypt the homomorphic ciphertext result, so as to obtain the result of the homomorphic ciphertext. The plaintext result corresponding to the calculation result. According to the principle of homomorphic encryption, the plaintext result is equivalent to the value obtained by direct dot product of ω and x. After obtaining the plaintext value of the dot product of ωx, the data demander substitutes the plaintext value into the formula (1) for calculation, so that the prediction result of the first data by the LR model can be finally obtained. In the embodiment where the calculation result is the confusion value result, the data demander obtains its original value based on the confusion value result, thereby obtaining the plaintext prediction result of the first data by the GBDT model. In the case where the calculation result is the plaintext prediction result of the encrypted scorecard model, according to the principle of differential privacy encryption, the data requester can directly use the plaintext prediction result as the plaintext prediction result of the scorecard model. In one embodiment, the data demander is installed with a data demander calculation engine, and the data provider is installed with a data provider calculation engine. For example, the data demander and the data provider can deploy the data demander computing engine and the data provider computing engine respectively through Docker (an open source application container engine), that is, the data demander computing engine and the data provider computing engine can be understood as software . The calculation of the data demander is performed in the calculation engine of the data demander, and the calculation of the data provider is performed in the calculation engine of the data provider. For example, the data requester's encryption calculation of the model and the decryption calculation of the ciphertext result can be performed by the data requester's calculation engine, and the data provider's calculation of the first data based on the encryption model can be performed by the data provider's calculation engine. In addition, the aforementioned data demander calculation engine and data provider calculation engine also have communication functions. For example, the data demander can send information about the first data and the encryption model to the data provider through the data demander calculation engine. For a calculation request, the data provider may send the calculation result corresponding to the calculation request to the data requester through the data provider calculation engine. Fig. 3 shows a flowchart of a model-based prediction method according to an embodiment of the present specification. The method is executed on a data provider, and the data provider stores the first data. The method includes the following steps S302-S308. In step S302, an encryption model is obtained from a data demander, wherein the data demander includes a pre-trained calculation model, and the encryption model is obtained by encrypting at least one parameter of the calculation model by the data demander. generate. For the specific implementation of this step, reference may be made to the corresponding description of step S202 and step S204 in FIG. 2 above, which will not be repeated here. In step S304, a calculation request regarding the first data and the encryption model is received from the data demander. For the specific implementation of this step, reference may be made to the corresponding description of step S206 in FIG. 2 above, which will not be repeated here. In step S306, according to the calculation request, the encryption model is used to perform calculation based on the first data to obtain a calculation result. For the specific implementation of this step, reference may be made to the corresponding description of step S208 in FIG. 2 above, which will not be repeated here. In step S308, the calculation result is sent to the data requester. For the specific implementation of this step, reference may be made to the corresponding description of step S208 in FIG. 2 above, which will not be repeated here. In one embodiment, as described above for step S208 in FIG. 2, the encryption model is a first encryption model obtained by encrypting at least one parameter of the aforementioned LR model or linear regression model through a homomorphic encryption method. Wherein, according to the calculation request, using the encryption model to perform calculations based on the first data to obtain a calculation result includes: in the first encryption model, using a pre-obtained public key of the data requester A homomorphic calculation is performed based on the first data to obtain a homomorphic ciphertext result, wherein the public key is pre-generated by the data requester for the calculation model. The pre-obtained public key is, for example, sent to the data provider in advance by the data demander, or the data demander provides the data provider with information related to the public key in advance, so The data provider derives the public key based on the information in advance, etc. FIG. 4 shows a model-based prediction device 400 according to an embodiment of the present specification. The device is implemented on the data demander, and the data demander includes a pre-trained calculation model. The device includes: a generating unit 41 configured to generate an encryption model by encrypting at least one parameter of the calculation model; and a providing unit 42 configured to provide the encryption model to a data provider, wherein the data The provider stores the first data; the sending unit 43 is configured to send a calculation request regarding the first data and the encryption module to the data provider; the receiving unit 44 is configured to receive the data from the data provider The calculation result corresponding to the calculation request; and the obtaining unit 45 is configured to obtain the plaintext prediction result of the calculation model based on the calculation result. In one embodiment, in the model-based forecasting device, the data demander is equipped with a data demander calculation engine, and the generating unit 41 is further configured to use the data demander calculation engine to calculate the data demander. At least one parameter of the calculation model is encrypted to generate an encrypted model. In one embodiment, in the model-based prediction device, the data provider is installed with a data provider calculation engine, wherein the receiving unit 44 is further configured to receive data from the data requester calculation engine through the data requester calculation engine. The data provider calculation engine receives the calculation result corresponding to the calculation request. In one embodiment, in the model-based prediction device, the generating unit 41 is further configured to encrypt the at least one parameter by one of the following encryption methods: a homomorphic encryption method, an obfuscated circuit method, and a differential privacy method . In one embodiment, in the model-based prediction device, the calculation model is a logistic regression model or a linear regression model, the encryption method is a homomorphic encryption method, and the calculation result is a homomorphic ciphertext result, Wherein, the obtaining unit 45 is configured to decrypt the homomorphic ciphertext result using a private key corresponding to the calculation model to obtain a plaintext prediction result of the calculation model, wherein the private key Pre-generated locally. Fig. 5 shows a model-based prediction device 500 according to an embodiment of the present specification. The device is implemented on a data provider, the data provider stores first data, and the device includes: an acquiring unit 51 configured to acquire an encryption model from a data requester, wherein the data requester includes a pre-trained The encryption model is generated by encrypting at least one parameter of the calculation model by the data demander; the receiving unit 52 is configured to receive information about the first data and the data from the data demander The calculation request of the encryption model; the calculation unit 53 is configured to perform calculations based on the first data using the encryption model according to the calculation request to obtain the calculation result; and the sending unit 54 is configured to send the calculation result Sent to the data requester. In one embodiment, in the model-based prediction device, the encryption model is a first encryption model obtained by encrypting at least one parameter of an LR model or a linear regression model by a homomorphic encryption method, wherein The calculation unit 53 is further configured to: in the first encryption model, use a pre-obtained public key of the data requester to perform homomorphic calculation based on the first data to obtain a homomorphic ciphertext result, wherein , The public key is generated in advance by the data requester for the calculation model. In one embodiment, in the model-based prediction device, the data provider is equipped with a data provider calculation engine, and the calculation unit 53 is further configured to use the data provider calculation engine based on the data provider calculation engine. In the calculation request, calculation is performed on the first data according to the encryption model to obtain a calculation result. In another aspect of this specification, if a computing device includes a memory and a processor, it is characterized in that executable code is stored in the memory, and when the processor executes the executable code, the aforementioned model-based Forecasting method. Through the model prediction scheme according to the embodiment of this specification, a trusted third party is not required. The data and model are held by the data partner separately, which avoids the privacy and security problem of data and model concentration, and also reduces the transmission of large quantities of data. Problems such as transmission safety hazards brought by. This solution is a pure software solution. Except for the basic server, there are no additional hardware requirements and no other hardware security vulnerabilities will be introduced. And the docking cost is not high. The data provider and data demander only need docker to deploy a specific computing engine to complete the calculation online. In addition, for different model characteristics, different model encryption methods are used to improve the accuracy of the calculation results. The various embodiments in this specification are described in a progressive manner, and the same or similar parts between the various embodiments can be referred to each other, and each embodiment focuses on the difference from other embodiments. In particular, as for the system embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for related parts, please refer to the part of the description of the method embodiment. The foregoing describes specific embodiments of this specification. Other embodiments are within the scope of the attached patent application. In some cases, the actions or steps described in the scope of the patent application may be performed in a different order than in the embodiments and still achieve desired results. In addition, the processes depicted in the drawings do not necessarily require the specific order or sequential order shown in order to achieve the desired result. In some embodiments, multiplexing and parallel processing are also possible or may be advantageous. Those of ordinary skill in the art should be further aware that the units and algorithm steps of the examples described in the embodiments disclosed herein can be implemented by electronic hardware, computer software, or a combination of the two, for clarity To illustrate the interchangeability of hardware and software, the composition and steps of each example have been described in general in accordance with the function in the above description. Whether these functions are implemented in hardware or software depends on the specific application and design constraints of the technical solution. A person of ordinary skill in the art may use different methods for each specific application to implement the described functions, but such implementation should not be considered as going beyond the scope of the present application. The steps of the method or algorithm described in combination with the embodiments disclosed in this document can be implemented by hardware, a software module that executes a track by a processor, or a combination of the two. The software module can be placed in random memory (RAM), memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, scratchpad, hard disk, removable disk , CD-ROM, or any other form of storage media known in the technical field. The specific embodiments described above further describe the purpose, technical solutions and beneficial effects of the present invention in detail. It should be understood that the above are only specific embodiments of the present invention, and are not intended to limit the scope of the present invention. The scope of protection, any modification, equivalent replacement, improvement, etc., made within the spirit and principle of the present invention shall be included in the scope of protection of the present invention.

11‧‧‧資料需求方 12‧‧‧資料提供方 100‧‧‧系統 41‧‧‧生成單元 42‧‧‧提供單元 43‧‧‧發送單元 44‧‧‧接收單元 45‧‧‧獲取單元 400‧‧‧基於模型的預測裝置 51‧‧‧獲取單元 52‧‧‧接收單元 53‧‧‧計算單元 54‧‧‧發送單元 500‧‧‧基於模型的預測裝置11‧‧‧Data requester 12‧‧‧Data provider 100‧‧‧System 41‧‧‧Generating Unit 42‧‧‧Providing Unit 43‧‧‧Sending unit 44‧‧‧Receiving unit 45‧‧‧Acquisition Unit 400‧‧‧Model-based forecasting device 51‧‧‧Acquisition Unit 52‧‧‧Receiving unit 53‧‧‧Computer unit 54‧‧‧Sending unit 500‧‧‧Model-based forecasting device

通過結合圖式描述本說明書實施例,可以使得本說明書實施例更加清楚: 圖1示出了根據本說明書實施例的執行模型預測的系統100的示意圖; 圖2示出了根據本說明書實施例的一種基於模型的預測方法的流程圖; 圖3示出根據本說明書實施例的一種基於模型的預測方法的流程圖; 圖4示出根據本說明書實施例的一種基於模型的預測裝置400;以及 圖5示出根據本說明書實施例的一種基於模型的預測裝置500。By describing the embodiments of this specification in combination with the drawings, the embodiments of this specification can be made clearer: Fig. 1 shows a schematic diagram of a system 100 for performing model prediction according to an embodiment of the present specification; Figure 2 shows a flow chart of a model-based prediction method according to an embodiment of this specification; Fig. 3 shows a flowchart of a model-based prediction method according to an embodiment of the present specification; Fig. 4 shows a model-based prediction device 400 according to an embodiment of the present specification; and Fig. 5 shows a model-based prediction device 500 according to an embodiment of the present specification.

11‧‧‧資料需求方 11‧‧‧Data requester

12‧‧‧資料提供方 12‧‧‧Data provider

100‧‧‧系統 100‧‧‧System

Claims (17)

一種基於模型的預測方法,該方法在資料需求方執行,該資料需求方包括預先訓練好的計算模型,該方法包括:通過對該計算模型的至少一個參數進行加密,生成加密模型;將該加密模型提供給資料提供方,其中,該資料提供方儲存有第一資料;向該資料提供方發送關於該第一資料和該加密模型的計算請求;從該資料提供方接收與該計算請求對應的計算結果;以及基於該計算結果,獲取該計算模型的明文預測結果。 A model-based prediction method, which is executed on a data demander, the data demander includes a pre-trained calculation model, and the method includes: generating an encryption model by encrypting at least one parameter of the calculation model; The model is provided to the data provider, where the data provider stores the first data; sends a calculation request for the first data and the encryption model to the data provider; receives the calculation request corresponding to the data provider from the data provider Calculation result; and based on the calculation result, obtain the plaintext prediction result of the calculation model. 根據請求項1所述的基於模型的預測方法,其中,該資料需求方安裝有資料需求方計算引擎,其中,通過對該計算模型的至少一個參數進行加密,生成加密模型包括:通過使用該資料需求方計算引擎對該計算模型的至少一個參數進行加密,生成加密模型。 The model-based prediction method according to claim 1, wherein the data demander is equipped with a data demander calculation engine, and generating the encrypted model by encrypting at least one parameter of the calculation model includes: using the data The demand-side calculation engine encrypts at least one parameter of the calculation model to generate an encrypted model. 根據請求項2所述的基於模型的預測方法,其中,該資料提供方安裝有資料提供方計算引擎,其中,從該資料提供方接收與該計算請求對應的計算結果包括:通過該資 料需求方計算引擎從該資料提供方計算引擎接收該計算結果。 The model-based prediction method according to claim 2, wherein the data provider is equipped with a data provider calculation engine, and receiving the calculation result corresponding to the calculation request from the data provider includes: The material demand side calculation engine receives the calculation result from the data provider calculation engine. 根據請求項1所述的基於模型的預測方法,其中,對該計算模型的至少一個參數進行加密包括:通過以下一種加密方法對所述至少一個參數進行加密:同態加密方法、混淆電路方法以及差分隱私方法。 The model-based prediction method according to claim 1, wherein encrypting at least one parameter of the calculation model includes: encrypting the at least one parameter by one of the following encryption methods: a homomorphic encryption method, a confusion circuit method, and Differential privacy method. 根據請求項4所述的基於模型的預測方法,其中該計算模型為邏輯回歸模型或線性回歸模型,該加密方法為同態加密方法,該計算結果為同態密文結果,其中,基於該計算結果,獲取該計算模型的明文預測結果包括:使用與該計算模型對應的私密金鑰對該同態密文結果進行解密,以獲取該計算模型的明文預測結果,其中,該私密金鑰在本地預先生成。 The model-based prediction method according to claim 4, wherein the calculation model is a logistic regression model or a linear regression model, the encryption method is a homomorphic encryption method, and the calculation result is a homomorphic ciphertext result, wherein, based on the calculation As a result, obtaining the plaintext prediction result of the calculation model includes: decrypting the homomorphic ciphertext result using the private key corresponding to the calculation model to obtain the plaintext prediction result of the calculation model, wherein the private key is locally Pre-generated. 根據請求項4所述的基於模型的預測方法,其中該計算模型為GBDT模型,該加密方法為混淆電路方法。 The model-based prediction method according to claim 4, wherein the calculation model is a GBDT model, and the encryption method is an obfuscated circuit method. 根據請求項4所述的基於模型的預測方法,其中該計算模型為評分卡模型,該加密方法為差分隱私方法。 The model-based prediction method according to claim 4, wherein the calculation model is a score card model, and the encryption method is a differential privacy method. 一種基於模型的預測方法,該方法在資料提供方執 行,該資料提供方儲存有第一資料,該方法包括:從資料需求方獲取加密模型,其中,該資料需求方包括預先訓練好的計算模型,該加密模型通過由該資料需求方對該計算模型的至少一個參數進行加密而生成;從該資料需求方接收關於該第一資料和該加密模型的計算請求;根據該計算請求,使用該加密模型基於該第一資料進行計算,以獲取計算結果;以及將該計算結果發送給該資料需求方。 A model-based forecasting method that is implemented by the data provider OK, the data provider stores the first data, and the method includes: obtaining an encryption model from the data requester, wherein the data requester includes a pre-trained calculation model, and the encryption model is calculated by the data requester. At least one parameter of the model is encrypted and generated; receiving a calculation request for the first data and the encryption model from the data requester; according to the calculation request, using the encryption model to perform calculations based on the first data to obtain the calculation result ; And send the calculation result to the data requester. 一種基於模型的預測裝置,該裝置在資料需求方實施,該資料需求方包括預先訓練好的計算模型,該裝置包括:生成單元,配置為通過對該計算模型的至少一個參數進行加密,生成加密模型;提供單元,配置為將該加密模型提供給資料提供方,其中,該資料提供方儲存有第一資料;發送單元,配置為向該資料提供方發送關於該第一資料和該加密模型的計算請求;接收單元,配置為從該資料提供方接收與該計算請求對應的計算結果;以及獲取單元,配置為基於該計算結果,獲取該計算模型的明文預測結果。 A model-based prediction device, which is implemented on a data demander, the data demander includes a pre-trained calculation model, and the device includes: a generating unit configured to encrypt at least one parameter of the calculation model to generate encryption Model; a providing unit configured to provide the encryption model to a data provider, wherein the data provider stores the first data; a sending unit configured to send information about the first data and the encryption model to the data provider Calculation request; a receiving unit configured to receive a calculation result corresponding to the calculation request from the data provider; and an obtaining unit configured to obtain a plaintext prediction result of the calculation model based on the calculation result. 根據請求項9所述的基於模型的預測裝置,其中,該資料需求方安裝有資料需求方計算引擎,其中,該生成單元還配置為通過使用該資料需求方計算引擎對該計算模型的至少一個參數進行加密,生成加密模型。 The model-based prediction device according to claim 9, wherein the data demander is equipped with a data demander calculation engine, and the generating unit is further configured to use the data demander calculation engine for at least one of the calculation models The parameters are encrypted to generate an encrypted model. 根據請求項10所述的基於模型的預測裝置,其中,該資料提供方安裝有資料提供方計算引擎,其中,該接收單元還配置為通過該資料需求方計算引擎從該資料提供方計算引擎接收該計算結果。 The model-based prediction device according to claim 10, wherein the data provider is equipped with a data provider calculation engine, and the receiving unit is further configured to receive from the data provider calculation engine through the data requester calculation engine The calculation result. 根據請求項9所述的基於模型的預測裝置,其中,該生成單元還配置為,通過以下一種加密方法對所述至少一個參數進行加密:同態加密方法、混淆電路方法以及差分隱私方法。 The model-based prediction device according to claim 9, wherein the generating unit is further configured to encrypt the at least one parameter by one of the following encryption methods: a homomorphic encryption method, an obfuscated circuit method, and a differential privacy method. 根據請求項12所述的基於模型的預測裝置,其中該計算模型為邏輯回歸模型或線性回歸模型,該加密方法為同態加密方法,該計算結果為同態密文結果,其中,該獲取單元還配置為:使用與該計算模型對應的私密金鑰對該同態密文結果進行解密,以獲取該計算模型的明文預測結果,其中,該私密金鑰在本地預先生成。 The model-based prediction device according to claim 12, wherein the calculation model is a logistic regression model or a linear regression model, the encryption method is a homomorphic encryption method, the calculation result is a homomorphic ciphertext result, and the acquiring unit It is also configured to decrypt the homomorphic ciphertext result by using the private key corresponding to the calculation model to obtain the plaintext prediction result of the calculation model, wherein the private key is generated locally in advance. 根據請求項12所述的基於模型的預測裝置,其中該計 算模型為GBDT模型,該加密方法為混淆電路方法。 The model-based prediction device according to claim 12, wherein the calculation The calculation model is the GBDT model, and the encryption method is the obfuscated circuit method. 根據請求項13所述的基於模型的預測裝置,其中該計算模型為評分卡模型,該加密方法為差分隱私方法。 The model-based prediction device according to claim 13, wherein the calculation model is a score card model, and the encryption method is a differential privacy method. 一種基於模型的預測裝置,該裝置在資料提供方實施,該資料提供方儲存有第一資料,該裝置包括:獲取單元,配置為從資料需求方獲取加密模型,其中,該資料需求方包括預先訓練好的計算模型,該加密模型通過由該資料需求方對該計算模型的至少一個參數進行加密而生成;接收單元,配置為從該資料需求方接收關於該第一資料和該加密模型的計算請求;計算單元,配置為根據該計算請求,使用該加密模型基於該第一資料進行計算,以獲取計算結果;以及發送單元,配置為將該計算結果發送給該資料需求方。 A model-based prediction device implemented on a data provider, the data provider stores first data, and the device includes: an acquisition unit configured to acquire an encryption model from a data demander, wherein the data demander includes pre- A trained calculation model, where the encryption model is generated by encrypting at least one parameter of the calculation model by the data requester; the receiving unit is configured to receive calculations on the first data and the encryption model from the data requester Request; a calculation unit configured to perform calculations based on the first data using the encryption model according to the calculation request to obtain a calculation result; and a sending unit configured to send the calculation result to the data requester. 一種計算設備,包括記憶體和處理器,其特徵在於,該記憶體中儲存有可執行程式碼,該處理器執行該可執行程式碼時,實現請求項1-8中任一項所述的方法。 A computing device, comprising a memory and a processor, characterized in that executable program codes are stored in the memory, and when the processor executes the executable program codes, the requirements described in any one of claim items 1-8 are realized. method.
TW108115549A 2018-07-17 2019-05-06 Model-based prediction method and device TWI733106B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810785420.3A CN109033854B (en) 2018-07-17 2018-07-17 Model-based prediction method and device
CN201810785420.3 2018-07-17

Publications (2)

Publication Number Publication Date
TW202006615A TW202006615A (en) 2020-02-01
TWI733106B true TWI733106B (en) 2021-07-11

Family

ID=64643504

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108115549A TWI733106B (en) 2018-07-17 2019-05-06 Model-based prediction method and device

Country Status (3)

Country Link
CN (1) CN109033854B (en)
TW (1) TWI733106B (en)
WO (1) WO2020015478A1 (en)

Families Citing this family (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109033854B (en) * 2018-07-17 2020-06-09 阿里巴巴集团控股有限公司 Model-based prediction method and device
CN111435452B (en) * 2019-01-11 2023-11-03 百度在线网络技术(北京)有限公司 Model training method, device, equipment and medium
EP3602379B1 (en) * 2019-01-11 2021-03-10 Advanced New Technologies Co., Ltd. A distributed multi-party security model training framework for privacy protection
CN110032893B (en) * 2019-03-12 2021-09-28 创新先进技术有限公司 Security model prediction method and device based on secret sharing
CN111797126B (en) * 2019-04-08 2024-04-02 阿里巴巴集团控股有限公司 Data processing method, device and equipment
CN110210233A (en) * 2019-04-19 2019-09-06 平安科技(深圳)有限公司 Joint mapping method, apparatus, storage medium and the computer equipment of prediction model
CN110113203B (en) * 2019-04-30 2021-10-22 创新先进技术有限公司 Method and equipment for security assessment of encryption model
CN110163008B (en) * 2019-04-30 2023-03-07 创新先进技术有限公司 Security audit method and system for deployed encryption model
CN110263919A (en) * 2019-06-20 2019-09-20 福州数据技术研究院有限公司 A kind of reverse transmittance nerve network training method based on medical treatment & health data safety
CN110457912B (en) * 2019-07-01 2020-08-14 阿里巴巴集团控股有限公司 Data processing method and device and electronic equipment
CN110190946B (en) * 2019-07-12 2021-09-03 之江实验室 Privacy protection multi-organization data classification method based on homomorphic encryption
WO2021004551A1 (en) * 2019-09-26 2021-01-14 深圳前海微众银行股份有限公司 Method, apparatus, and device for optimization of vertically federated learning system, and a readable storage medium
CN110751330B (en) * 2019-10-18 2022-07-22 支付宝(杭州)信息技术有限公司 Prediction method and device based on tree model
CN111126628B (en) * 2019-11-21 2021-03-02 支付宝(杭州)信息技术有限公司 Method, device and equipment for training GBDT model in trusted execution environment
CN111125727B (en) * 2019-12-03 2021-05-14 支付宝(杭州)信息技术有限公司 Confusion circuit generation method, prediction result determination method, device and electronic equipment
CN111045688A (en) * 2019-12-06 2020-04-21 支付宝(杭州)信息技术有限公司 Method and system for model safe deployment and prediction
US11228423B2 (en) 2020-01-12 2022-01-18 Advanced New Technologies Co., Ltd. Method and device for security assessment of encryption models
CN111539769A (en) * 2020-04-27 2020-08-14 支付宝(杭州)信息技术有限公司 Training method and device of anomaly detection model based on differential privacy
US20210350264A1 (en) * 2020-05-07 2021-11-11 Baidu Usa Llc Method for obfuscated ai model training for data processing accelerators
CN112231746B (en) * 2020-09-10 2024-02-02 杭州锘崴信息科技有限公司 Joint data analysis method, device, system and computer readable storage medium
CN112668748A (en) * 2020-09-16 2021-04-16 华控清交信息科技(北京)有限公司 Prediction method and device and electronic equipment
CN114124343B (en) * 2020-11-16 2023-11-14 神州融安数字科技(北京)有限公司 Risk scoring information query method, device, system and equipment for protecting privacy
CN112330048A (en) * 2020-11-18 2021-02-05 中国光大银行股份有限公司 Scoring card model training method and device, storage medium and electronic device
CN117235796A (en) * 2023-09-27 2023-12-15 青岛中企英才集团文化传媒有限公司 Electronic commerce data processing method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013006785A2 (en) * 2011-07-07 2013-01-10 Meng-Day Yu Cryptographic security using fuzzy credentials for device and server communications
CN107124276A (en) * 2017-04-07 2017-09-01 西安电子科技大学 A kind of safe data outsourcing machine learning data analysis method
US20180089574A1 (en) * 2016-09-27 2018-03-29 Nec Corporation Data processing device, data processing method, and computer-readable recording medium
CN108228830A (en) * 2018-01-03 2018-06-29 广东工业大学 A kind of data processing system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102436489B (en) * 2011-11-03 2013-08-21 北京数码大方科技股份有限公司 Processing method, device and system of three-dimensional model data
CN104780214B (en) * 2015-04-20 2018-07-27 河海大学常州校区 Cloud manufacture system based on cloud computing and 3 D-printing
CN109033854B (en) * 2018-07-17 2020-06-09 阿里巴巴集团控股有限公司 Model-based prediction method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013006785A2 (en) * 2011-07-07 2013-01-10 Meng-Day Yu Cryptographic security using fuzzy credentials for device and server communications
US20180089574A1 (en) * 2016-09-27 2018-03-29 Nec Corporation Data processing device, data processing method, and computer-readable recording medium
CN107124276A (en) * 2017-04-07 2017-09-01 西安电子科技大学 A kind of safe data outsourcing machine learning data analysis method
CN108228830A (en) * 2018-01-03 2018-06-29 广东工业大学 A kind of data processing system

Also Published As

Publication number Publication date
TW202006615A (en) 2020-02-01
CN109033854B (en) 2020-06-09
WO2020015478A1 (en) 2020-01-23
CN109033854A (en) 2018-12-18

Similar Documents

Publication Publication Date Title
TWI733106B (en) Model-based prediction method and device
CN111162896B (en) Method and device for data processing by combining two parties
TWI762776B (en) Input acquisition method and device for secure multi-party computation agreement
US11620109B2 (en) Converting a boolean masked value to an arithmetically masked value for cryptographic operations
CN110414567B (en) Data processing method and device and electronic equipment
CN110991655B (en) Method and device for processing model data by combining multiple parties
US10547444B2 (en) Cloud encryption key broker apparatuses, methods and systems
CN110912713B (en) Method and device for processing model data by multi-party combination
Rahulamathavan et al. Privacy-preserving multi-class support vector machine for outsourcing the data classification in cloud
CN109687952A (en) Data processing method and its device, electronic device and storage medium
CN111898145A (en) Neural network model training method, device, equipment and medium
Erkin et al. Privacy-preserving distributed clustering
US11101981B2 (en) Generating a pseudorandom number based on a portion of shares used in a cryptographic operation
CN115238172A (en) Federal recommendation method based on generation of countermeasure network and social graph attention network
CN113221153B (en) Graph neural network training method and device, computing equipment and storage medium
KR102045843B1 (en) Method and apparatus for block encryption algorithm
Chillotti et al. New challenges for fully homomorphic encryption
Amanullah et al. An Effective double verification-based method for certifying information safety in cloud computing
CN107919953A (en) Data notarization method, apparatus, equipment, medium and server
CN104468535B (en) It is adapted to ciphertext storage and connection query system and the method for cloud environment
JPWO2017065122A1 (en) Secret authentication code adding apparatus, secret authentication code adding method, and program
Geetha et al. Blockchain based Mechanism for Cloud Security
US20220173900A1 (en) Deterministic random blinding
Sathishkumar et al. Trust management scheme for authentication in secure cloud computing using double encryption method
Aggarwal et al. A Novel Framework for Image Encryption by Integrating Modified Moth Flame Optimization and Logistic Chaotic Map for Enhanced Security