CN112825520B - User privacy data processing method, device, system and storage medium - Google Patents

User privacy data processing method, device, system and storage medium Download PDF

Info

Publication number
CN112825520B
CN112825520B CN201911148329.1A CN201911148329A CN112825520B CN 112825520 B CN112825520 B CN 112825520B CN 201911148329 A CN201911148329 A CN 201911148329A CN 112825520 B CN112825520 B CN 112825520B
Authority
CN
China
Prior art keywords
data
network application
key
user
privacy data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911148329.1A
Other languages
Chinese (zh)
Other versions
CN112825520A (en
Inventor
刘童桐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Communications Ltd Research Institute filed Critical China Mobile Communications Group Co Ltd
Priority to CN201911148329.1A priority Critical patent/CN112825520B/en
Publication of CN112825520A publication Critical patent/CN112825520A/en
Application granted granted Critical
Publication of CN112825520B publication Critical patent/CN112825520B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Automation & Control Theory (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a user privacy data processing method, device, system and storage medium. Wherein the method comprises the following steps: receiving a data access right request sent by a first network application, wherein the data access right request is used for acquiring access right when the first network application executes corresponding management operation on user privacy data of a target user; inquiring the access level of user privacy data of a target user according to the data access permission request, and generating a corresponding authorization request to a communication terminal of the target user according to the access level; receiving a management operation request sent by the first network application, wherein the management operation request is generated after the first network application obtains the authorization of a target user; and executing corresponding management operation on the user privacy data of the target user according to the management operation request. The method can effectively avoid the theft and abuse of the user privacy data and improve the safety of the user privacy data.

Description

User privacy data processing method, device, system and storage medium
Technical Field
The present invention relates to the field of data processing, and in particular, to a method, apparatus, system, and storage medium for processing user privacy data.
Background
With the wide application of the mobile internet and the internet of things, more and more user data are collected by network application companies, and how to protect user privacy data is more and more concerned by society. The General Data Protection Regulations (GDPR) of the european union, released in 5 in 2018, are the most important data privacy protection laws worldwide for 20 years, and are the biggest and punishable data protection laws from the past. GDPR will have a significant impact on how global enterprises store, share and use customer data. This is a legal framework for managing the private identifiable information (PII, personally identifiable information) of residents of the member countries of the european union.
In the related art, in order to meet the requirements that user data is collected, shared and used in an appropriate manner, security of user privacy data is often poor.
Disclosure of Invention
In view of this, the embodiments of the present invention provide a method, an apparatus, a system, and a storage medium for processing user privacy data, which aim to improve the security of user privacy data.
The technical scheme of the embodiment of the invention is realized as follows:
the embodiment of the invention provides a user privacy data processing method which is applied to a data management system and comprises the following steps:
Receiving a data access right request sent by a first network application, wherein the data access right request is used for acquiring access right when the first network application executes corresponding management operation on user privacy data of a target user;
inquiring the access level of user privacy data of a target user according to the data access permission request, and generating a corresponding authorization request to a communication terminal of the target user according to the access level;
receiving a management operation request sent by the first network application, wherein the management operation request is generated after the first network application obtains the authorization of a target user;
and executing corresponding management operation on the user privacy data of the target user according to the management operation request.
The embodiment of the invention also provides a device for processing the user privacy data, which comprises:
the receiving module is used for receiving a data access right request sent by the first network application and receiving a management operation request sent by the first network application; the data access right request is used for acquiring access right when the first network application executes corresponding management operation on user privacy data of a target user, and the management operation request is generated after the first network application obtains authorization of the target user;
The access authorization module is used for inquiring the access level of the user privacy data of the target user according to the data access right request and generating a corresponding authorization request to the communication terminal of the target user according to the access level;
and the data management module is used for executing corresponding management operation on the user privacy data of the target user according to the management operation request.
The embodiment of the invention also provides a data management system, which comprises: a processor and a memory for storing a computer program capable of running on the processor, wherein the processor is adapted to perform the steps of the method according to any of the embodiments of the invention when the computer program is run.
The embodiment of the invention also provides a storage medium, and the storage medium stores a computer program, and the computer program realizes the steps of the method of any embodiment of the invention when being executed by a processor.
According to the technical scheme provided by the embodiment of the invention, the encrypted data of the user privacy data is managed through the data management system, and the network application accesses the data management system, so that the access right corresponding to the corresponding management operation needs to be obtained before the corresponding management operation is executed on the user privacy data of the target user, the centralized management on the user privacy data is realized, the corresponding management operation on the user privacy data needs to be executed after the corresponding authorization of the target user is obtained, the embezzlement and abuse of the user privacy data can be effectively avoided, and the safety of the user privacy data is improved.
Drawings
FIG. 1 is a flow chart of a user privacy data processing method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a network structure of a cloud private data management system to which the embodiment of the present invention is applied;
fig. 3 is a schematic structural diagram of a cloud private data management system according to an embodiment of the invention;
FIG. 4 is a schematic diagram illustrating a flow of storing user privacy data according to an embodiment of the present invention;
FIG. 5 is a flowchart illustrating a usage of user privacy data according to an embodiment of the present invention;
FIG. 6 is a schematic diagram illustrating a flow of user privacy data delivery according to an embodiment of the present invention;
FIG. 7 is a schematic diagram illustrating a configuration of a user privacy data processing apparatus according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a data management system according to an embodiment of the invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used herein in the description of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention.
In the related art, aiming at how to protect private data of a user from misuse or disclosure when the user uses a network application, the following technical schemes are mainly provided:
Scheme one, data generation stage, uses access restrictions and fake data techniques.
Data generation can be classified into active data generation and passive data generation. Active data generation is the provision of data to a third party by a data owner, while passive data generation is the online operation (e.g., browsing) of the data owner, or the collection of data that the data owner may not be aware of. Privacy risks in the data generation process can be minimized by restricting access to or falsifying data.
a, access restriction: if the data owner deems that it should not be shared, the provision of such data, such as authorization for GPS (global positioning system) on the handset, may be denied. If the data owner passively provides the data, some measure may be taken to ensure privacy, such as anti-trace extension plugins, script interception, encryption tools.
b, falsification data: in some scenarios, access to sensitive data is completely denied, and technical services provided by the network application cannot be obtained, in which case the user may provide counterfeited data, commonly known as a waistcoat, small-size. For example, a user registers for an account in a new wave, the user name is new wave, and if registered easily in the internet, wang Wangyi is called, so that once leaked, it is known who has made the question.
And in the scheme II and the data storage stage, encryption technology is mainly used.
A classification is made into identity-based encryption (IBE), attribute-based encryption (ABE), and storage path encryption. In addition, to protect sensitive information, a hybrid cloud may also be used, with sensitive information stored on a private cloud.
Scheme three, data processing stage, including privacy protection data issue (PPDP) and aggregate analysis.
In PPDP, anonymization techniques such as generalization and suppression are used to protect the privacy of data, and the techniques can be further classified into clustering, classification-based techniques and association rule mining techniques. While clustering and classification separate input data into different groups, mining can find valuable data in the input data based on association rules.
In actual application, each network application independently stores user privacy data, and management levels are uneven. In addition, in the mode that various network applications independently store the user privacy data, if the user privacy data is once revealed by a certain merchant, the revealing source and the responsibility main body are difficult to track, and effective restraint cannot be formed. Again, to provide business services, user privacy data is not directly transferred between merchants, e.g., merchant a may directly provide the merchant B with the user privacy data held therein without soliciting user opinion, resulting in unauthorized access to the user data. For example, after receiving a commodity order of a user, an online shopping enterprise directly provides information such as contact information, address and the like of the user to a selected logistics enterprise under the condition that the opinion of the user is not solicited, so that the logistics enterprise has the knowledge of a large amount of user privacy data, and the user does not know the information.
Based on this, in various embodiments of the present invention, the user privacy data of the plurality of network applications are centrally managed by the data management system, and each network application accesses the data management system, before executing the corresponding management operation on the user privacy data of the target user, needs to obtain the access right corresponding to the corresponding management operation, so that it is ensured that the corresponding management operation on the user privacy data needs to be executed after obtaining the corresponding authorization of the target user, thus effectively avoiding the theft and abuse of the user privacy data, and improving the security of the user privacy data.
The embodiment of the invention provides a user privacy data processing method, which is applied to a data management system, as shown in fig. 1, and comprises the following steps:
step 101, receiving a data access right request sent by a first network application, wherein the data access right request is used for acquiring access rights of the first network application when corresponding management operation is performed on user privacy data of a target user;
here, the data management system has a private data access interface (also referred to as a private data management interface) to an external open user, and each network application may connect to the data management system through the access interface. The data access rights request may include: network application identification, user identification and management operation identification.
Step 102, inquiring the access level of the user privacy data of the target user according to the data access right request, and generating a corresponding authorization request to the communication terminal of the target user according to the access level;
the data management system queries the access level of the user privacy data of the target user according to the data access authority request. In practical application, the user privacy data of each user can preset different access levels according to the accessed network application identifier and/or management operation identifier.
In an application example, the access level of the user privacy data is classified as follows:
1) Open to trusted parties: if the user sets the network application A as a trusted party, the encrypted private data is directly opened for the network application A.
2) User password: the user password that is established for the web application needs to be verified to access the encrypted private data.
3) Cell phone authentication code: the encrypted private data needs to be accessed by means of the received mobile phone verification code.
4) Electronic token: the encrypted private data needs to be accessed by means of an electronic token developed separately by a third party.
After the data management system inquires the access level of the current data access right request, if the access level corresponding to the data access right request requires the authorization of the user (such as the access levels 2 to 4), a corresponding authorization request is generated according to the access level to the communication terminal of the target user, so that the target user can conveniently authorize the authorization request corresponding to the corresponding management operation request, and the network application is prevented from directly transmitting the user privacy data to other network applications without user authorization.
Step 103, receiving a management operation request sent by the first network application, wherein the management operation request is generated after the first network application obtains the authorization of a target user;
after receiving the authorization request sent by the data management system, the communication terminal of the target user performs corresponding authorization if the authorization request is agreed, for example, a user password, a mobile phone verification code or an electronic token which is set by the network application is input, and the input authorization information is determined to match the authorization request, so that the first network application obtains reply information through which the corresponding management operation request is authorized. The reply information can be directly sent to the communication equipment where the first network application is located by the communication terminal of the target user, or fed back to the data management system by the communication terminal of the target user, and sent to the communication equipment where the first network application is located by the data management system. Here, the communication terminal of the target user may be a mobile phone, a tablet computer, a notebook, or the like. The communication device where the first network application is located may be a desktop computer, a tablet computer, a notebook computer, a mobile phone, etc.
After receiving the reply message, the first network application generates a management operation request and sends the management operation request to the data management system, wherein the management operation request can include: user identification, user privacy data identification, management operation identification and network application identification.
And 104, executing corresponding management operation on the user privacy data of the target user according to the management operation request.
Here, the data management system performs a corresponding management operation on the user privacy data of the target user according to the management operation request, so as to implement management of the user privacy data of the target user. The management operation includes at least one of: store, use, transfer, and delete.
The data management system in the embodiment of the invention can be realized based on a server of a cloud service to form a cloud privacy data management system (also called a cloud system), thereby realizing centralized management of user privacy data. Fig. 2 shows a network structure schematic diagram of a cloud private data management system to which the embodiment of the invention is applied. Each network application (such as application A, B, C) can access the cloud privacy data management system, and each user can access the user privacy data of the user or other users through the corresponding network application.
In one embodiment, as shown in fig. 3, the cloud privacy data management system includes: a privacy data ranking module 301, a privacy data storage module 302, a privacy data querying module 303, a privacy data clearing module 304, a user login authentication module 305, and a key creation updating module 306.
Wherein the privacy data classification module 301 is responsible for providing a function for a user to set an access level of user privacy data.
The privacy data storage module 302 is responsible for storing the user privacy data filled by the user after encryption processing, and the stored data comprises: user identification, network application identification, user number, privacy data identification, access level, and privacy data encryption result. The user number may be a mobile phone number used by the user to receive a mobile phone verification code, and the privacy data identifier may be used to classify the user privacy data, for example, divide the user privacy data into: 1) Basic identity information such as name, address, ID card number, etc.; 2) Network data such as location, IP address, cookie data, RFID tags, etc.; 3) Healthcare and genetic data; 4) Biometric data such as fingerprints, irises, etc.; 5) Race or ethnic data; 6) Political views; 7) And (5) sex orientation. The access level can be set according to the types of different user privacy data, so that when the user privacy data corresponding to the different types are accessed, the authorization of the corresponding access level needs to be acquired.
In an embodiment, the private data storage module 302 is further responsible for storing a management log corresponding to the management operation of the private data of the user, so as to facilitate the audit at a later time. The management log may include: user identification, network application identification, and privacy data management operation record.
The private data query module 303 is responsible for providing the capability of the network application to query the private data of the user, and after the encryption result of the private data of the user is queried, the private data can be decrypted by using the second key of the cloud private data management system and the first key of the network application, so as to obtain the content of the original private data of the user.
The privacy data clearing module 304 is configured to clear relevant privacy data records stored on the cloud privacy data management system according to data compliance requirements, initiated by a user or a network application, according to information such as a user identifier, a network application identifier, and the like, and generate log records for clearing operations.
The user login authentication module 305 is responsible for providing a function of login management cloud privacy data management system for a user, so that the user can log in the cloud privacy data management system and directly perform management operation of user privacy data.
The key creation update module 306 is configured to generate or update a first key for each network application and a second key for the data management system using a key generation algorithm. Here, the key may be periodically generated or updated according to the user identification, the current date, and the privacy data category, and the key may be globally created and updated not only for itself, but also for the network application. By periodically updating the key, the confidentiality of the user's private data can be further improved.
The user privacy data processing method according to the embodiment of the invention is described below by carrying out different management operations on the user privacy data in combination with the data management system.
1. User privacy data store
When the network application is used as a service caller and the user privacy data is stored, an access interface of the data management system is called, if the user authorization is required to be obtained, after the user authorization is obtained, the user privacy data filled by the user is encrypted to send a data storage request (i.e. a management operation request) to the data management system, the user sets an access level by himself, the data management system stores the encrypted data of the user privacy data and the corresponding access level, and the data management system only returns the encrypted data of the user privacy data to the network application for storage, so that the network application cannot directly obtain the user privacy data, and the safety of the user privacy data is ensured.
In an embodiment, storing the user privacy data of the target user according to the management operation request includes:
the data management system receives encrypted data sent by the first network application, wherein the encrypted data is generated by the first network application after carrying out secondary encryption on user privacy data of a target user according to a first key of the first network application and a second key of the data management system;
The data management system sets and stores the access level of the user privacy data of the target user;
the data management system stores the encrypted data.
In an embodiment, before the receiving the encrypted data sent by the first network application, the method further includes:
the data management system receives a first key creation request or a first key update request sent by the first network application;
the data management system sends a newly created first key or an updated first key to the first network application based on the first key creation request or the first key update request; the newly created first key or the updated first key is used by the first network application to encrypt the user privacy data for a first time.
In the actual application, if the first network application does not have the first key, a first key creation request is sent to the data management system, and the first key created by the data management system based on the request is received. If the first network application has the first key, a first key updating request is sent to the data management system according to the set updating period, and the first key created by the data management system based on the request is received.
In an embodiment, before the receiving the encrypted data sent by the first network application, the method further includes:
the data management system updates a second key of the data management system for the second encryption and sends the updated second key to the first network application.
In an embodiment, the first key and the second key are asymmetric encryption keys, and an encryption formula of the user privacy data is: c' =encryptm (encryptA (C, CA), CM), the decryption formula of the user privacy data is: c=decrypta (decryptM (C ', CM '), CA '). Wherein, the liquid crystal display device comprises a liquid crystal display device,
c is original user privacy data;
c' is the encryption result of the user privacy data;
CA is the public key of network application A;
CA' is the private key of network application A;
CM is the public key of the cloud private data management system M;
CM is the private key of the cloud private data management system M;
encryptA (x) applies the a selected encryption algorithm for the selected network;
decryptA (x) applies a selected decryption algorithm for a selected network;
encryptM (x) is an encryption algorithm selected by the cloud private data management system M;
the decryptM (x) is a decryption algorithm selected by the cloud private data management system M.
Here, the asymmetric encryption algorithm may employ RSA, elgamal, knapsack algorithm, rabin, D-H, ECC (elliptic curve encryption algorithm), or the like.
In one embodiment, the process of encrypting user privacy data is as follows: the network application a wants to store the user privacy data C on the cloud system (i.e. the data management system), firstly encrypts the user privacy data by using the public key CA of the network application a to obtain encryptA (C, CA), and then encrypts the user privacy data by using the public key CM of the cloud system for the second time to obtain the encryption result C' of the user privacy data.
In one embodiment, the process of decrypting the user privacy data is as follows: the network application A wants to read the user privacy data C from the cloud system, firstly, the cloud system uses the private key CM 'to decrypt to obtain decryptM (C', CM '), and then the network application A uses the private key CA' to decrypt for the second time to obtain the original user privacy data C.
In one embodiment, as shown in fig. 4, the storage flow of the user privacy data includes:
step 401, filling in privacy data;
the user accesses the web application and fills in the user privacy data of the user.
Step 402, a key creation request is provided;
the network application makes a key creation request to the cloud private data management system.
Step 403, returning the newly created key for the network application;
the key creation updating module of the cloud privacy data management system creates a key of the network application based on the key creation request, and returns the newly created key to the network application.
Step 404, calling a privacy data management interface to encrypt the privacy data;
the network application calls a privacy data management interface of the cloud privacy data management system to encrypt the privacy data filled in by the user (encryption is carried out by sequentially using a public key of the network application and a public key of the cloud privacy data management system).
Step 405, setting a privacy data level;
the user sets the access level of the input user privacy data.
Step 406, storing the private data encryption result;
the cloud privacy data management system stores encrypted data of user privacy data and corresponding access levels.
Step 407, returning the private data encryption result and keeping in the network application.
The athletic privacy data management system returns the encrypted data of the user privacy data to the network application.
In an embodiment, said storing said encrypted data comprises:
storing the encrypted data and basic information of the encrypted data to corresponding storage addresses respectively, wherein the basic information comprises at least one of the following: user identification, network application identification, user number, privacy data category, access level of privacy data, first key, second key.
By separately storing the encrypted data of the user privacy data and the basic information of the encrypted data, the corresponding basic information cannot be obtained after the encrypted data of the user privacy data is revealed, or the encrypted data of the user privacy data cannot be obtained after the basic information is revealed.
2. User privacy data usage
When the network application needs to use the user privacy data, a privacy data management interface of the cloud privacy data management system is called, and after the user authorization is requested according to the access level of the user privacy data, a decryption result of the user privacy data is obtained. Optionally, the cloud system also records a log of data usage.
In an embodiment, the user privacy data of the target user is requested to be used according to the management operation, including:
inquiring and obtaining the encrypted data of the user privacy data of the target user according to the management operation request;
after the encrypted data is decrypted for the first time, the encrypted data is sent to the first network application, so that the first network application decrypts the data after the first decryption for the second time, and the user privacy data is obtained;
the encrypted data are generated by sequentially carrying out secondary encryption on the user privacy data through a first key of the first network application and a second key of the data management system.
In one embodiment, as shown in fig. 5, the usage flow of the user privacy data includes:
step 501, calling a privacy data management interface and submitting the use requirement of privacy data;
the network application inquires a data access right request of user privacy data of a target user from a privacy data inquiry module through a privacy data management interface of the cloud system.
Step 502, inquiring the privacy data level;
and the privacy data query module of the cloud system queries the corresponding access level according to the data access right request and feeds the access level back to the privacy data classification module.
Step 503, requesting user authorization according to different levels;
and the privacy data grading module of the cloud system generates an authorization request to the communication terminal of the user according to the corresponding access level, and requests the user to authorize.
Step 504, obtaining user authorization;
the user inputs corresponding authorization information, authorizes the corresponding network application, and returns the authorization result to the network application.
Step 505, submitting a private data query requirement;
and when the network application determines that the authorization result is that the authorization is passed, submitting a privacy data query requirement to the cloud system.
Step 506, inquiring the privacy data;
and the privacy data query module of the cloud system queries the encrypted data of the user privacy data according to the query requirement.
Step 507, returning a cloud system decryption result;
the privacy data storage module of the cloud system decrypts the encrypted data for the first time by using the private key of the cloud system, and returns the result of the first decryption to the network application.
Step 508, the network application decrypts itself;
and the network application decrypts the result of the first decryption for the second time by using the private key to obtain the original user privacy data.
Step 509, a log of private data usage is recorded.
And the cloud system acquires feedback of the user privacy data according to the network application and records the privacy data use log.
3. User privacy data delivery
In order to provide business services, the network application may need to provide the private data of the user to other network applications, and in the embodiment of the present invention, the private data needs to be encrypted by means of the cloud system capability and then transmitted to the target network application. Optionally, the cloud system also records a data transfer log.
In one embodiment, the transferring the user privacy data of the target user according to the management operation request includes:
the data management system queries and obtains first encrypted data of user privacy data of the target user according to the management operation request; the first encrypted data is generated by sequentially carrying out secondary encryption on the user privacy data through a first key of the first network application and a second key of the data management system;
The data management system decrypts the encrypted data for the first time and then sends the decrypted data to the first network application, so that the first network application decrypts the data after the first decryption for the second time to obtain the user privacy data;
the data management system receives second encrypted data sent by the first network application, wherein the second encrypted data is used for transmitting the user privacy data to a second network application, and the second encrypted data is generated by the first network application after the user privacy data is encrypted for the second time according to a third key of the second network application and a second key of the data management system;
and the data management system decrypts the second encrypted data for the first time and then sends the second encrypted data to the second network application, so that the second network application decrypts the data decrypted for the first time for the second time, and the user privacy data is obtained.
In an embodiment, before the receiving the second encrypted data sent by the first network application, the method further includes:
the data management system receives a third key creation request or a third key update request sent by the second network application;
The data management system sends a newly created third key or an updated third key to the first network application and/or the second network application based on the third key creation request or the third key update request; the newly created third key or the updated third key is used by the first network application to encrypt the user privacy data for a first time.
And in the actual application, if the second network application does not have the third key, sending a third key creation request to the data management system, and receiving the third key created by the data management system based on the request. If the third key exists in the second network application, a third key updating request is sent to the data management system according to the set updating period, and the third key created by the data management system based on the request is received. The newly created third key may be transferred by the second network application to the first network application or by the data management system to the first network application.
In one embodiment, as shown in fig. 6, the transfer flow of the user privacy data includes:
step 601, multiplexing the privacy data use flow;
the network application a adopts the use flow of the user privacy data as shown in fig. 5 to obtain the user privacy data of the target user.
Step 602, obtaining original user privacy data C;
the network application A acquires the original user privacy data C through interaction with the cloud system.
Step 603, a key access request is proposed;
the network application B sends a key creation request to the cloud system.
Step 604, returning the newly created key for application B;
the key creation updating module of the cloud system creates a new key for the network application B, and returns the newly created key to the network application B.
Step 605, providing a public key CB to application a;
the network application B sends the public key CB in the key to the network application a.
Step 606, encrypting the private data C using the public key CB of the application B;
and the network application A encrypts the original user privacy data C for the first time according to the received public key CB of the network application B to obtain encrypteB (C, CB).
Step 607, re-encrypting using the cloud system public key CM;
the network application A uses the public key CM of the cloud system to encrypt for the second time and sends the encrypted data to the cloud system, so that the information is prevented from being intercepted or tampered by an attacker in the sending process.
Step 608, after performing decryption using the private key CM', sending encryptB (C, CB) to the network application B;
the cloud system decrypts the received encrypted data for the first time by using the private key CM', obtains encrypteB (C, CB), and sends the encrypteB (C, CB) to the network application B.
Step 609, performing secondary decryption by using the private key CB' to obtain the original user privacy data C;
the network application B uses the private key CB' to decrypt for the second time to obtain the original user privacy data C.
In step 610, a private data transfer log is recorded on the cloud system.
And the cloud system records a transfer log of the user privacy data according to the feedback result of the network application B.
4. User privacy data deletion
The cloud system can receive a privacy data clearing instruction initiated by a user or a network application, and clear user privacy data stored on the cloud server.
In an embodiment, the user privacy data processing method further includes: based on the corresponding management operation, a management log for managing the user privacy data of the target user is generated. Here, the management log includes: storing logs, using logs, passing logs, and deleting logs. Because the cloud system can record the relevant logs of the process of using, transmitting, storing and deleting the user privacy data by the network application, once the user privacy data leakage event occurs, the user can track the data leakage source and the responsibility main body through the logs recorded by the cloud system, and the requirement of post audit of the user privacy data can be met.
From the above description, it can be seen that the user privacy data processing method according to the embodiment of the invention can meet the requirement of centralized management of user privacy data, and avoid management inaccuracy caused by excessive storage of user privacy data.
In addition, the embodiment of the invention enhances the user authorization management in the management operation process of the user privacy number, and in the scenes of network application storage, use, transmission, deletion of the user privacy data and the like, after the user authorization is obtained according to the access level, the party can execute corresponding management operation, thereby improving the transparency of the use process of the user privacy data and reducing the risk of revealing the privacy data.
In addition, the embodiment of the invention can effectively ensure the post audit of the private data of the user. The cloud system can record relevant logs of processes such as network application use, transmission and deletion of user privacy data, and once a user privacy data leakage event occurs, a user can track a data leakage source and a responsibility main body through the logs recorded by the cloud system.
Thirdly, the embodiment of the invention can effectively ensure the data storage safety of the private data of the user. The network application respectively encrypts the private data filled in by the user twice by using public keys of the user and a middle person (namely a cloud private data management system), the user sets the private data level by himself, and finally the network application and the middle person store data encryption results, and under the condition that the user authorization is not obtained, either party cannot unilaterally decrypt to obtain the original data content.
Further, the embodiment of the invention can effectively ensure the safety of the transmission process of the private data of the user. Because the user privacy data is not directly transmitted between the sender and the receiver, but is transmitted through man-in-the-middle, an attacker cannot observe the real communication data between the sender and the receiver, and the security of the privacy data transmission is improved.
In order to implement the method of the embodiment of the present invention, the embodiment of the present invention further provides a user privacy data processing apparatus, as shown in fig. 7, where the apparatus includes: a receiving module 701, an access authorization module 702, a data management module 703, wherein,
a receiving module 701, configured to receive a data access right request sent by a first network application and receive a management operation request sent by the first network application; the data access right request is used for acquiring access right when the first network application executes corresponding management operation on user privacy data of a target user, and the management operation request is generated after the first network application obtains authorization of the target user;
the access authorization module 702 is configured to query an access level of user privacy data of a target user according to the data access permission request, and generate a corresponding authorization request to a communication terminal of the target user according to the access level;
The data management module 703 is configured to perform a corresponding management operation on the user privacy data of the target user according to the management operation request.
In one embodiment, the data management module 703 is specifically configured to:
inquiring and obtaining the encrypted data of the user privacy data of the target user according to the management operation request;
after the encrypted data is decrypted for the first time, the encrypted data is sent to the first network application, so that the first network application decrypts the data after the first decryption for the second time, and the user privacy data is obtained;
the encrypted data are generated by sequentially carrying out secondary encryption on the user privacy data through a first key of the first network application and a second key of the data management system.
In one embodiment, the data management module 703 is specifically configured to:
receiving encrypted data sent by the first network application, wherein the encrypted data is generated by the first network application after performing secondary encryption on user privacy data of a target user according to a first key of the first network application and a second key of the data management system;
setting and storing the access level of the user privacy data of the target user;
Storing the encrypted data.
In an embodiment, the data management module 703 is further configured to:
receiving a first key creation request or a first key update request sent by the first network application;
based on the first key creation request or the first key update request, sending a newly created first key or an updated first key to the first network application; the newly created first key or the updated first key is used by the first network application to encrypt the user privacy data for a first time.
In an embodiment, the data management module 703 is further configured to:
updating a second key of the data management system for the second encryption and transmitting the updated second key to the first network application.
In one embodiment, the data management module 703 is specifically configured to:
storing the encrypted data and basic information of the encrypted data to corresponding storage addresses respectively, wherein the basic information comprises at least one of the following: user identification, network application identification, user number, privacy data category, access level of privacy data, first key, second key.
In one embodiment, the data management module 703 is specifically configured to:
Inquiring and obtaining first encrypted data of user privacy data of the target user according to the management operation request; the first encrypted data is generated by sequentially carrying out secondary encryption on the user privacy data through a first key of the first network application and a second key of the data management system;
after the encrypted data is decrypted for the first time, the encrypted data is sent to the first network application, so that the first network application decrypts the data after the first decryption for the second time, and the user privacy data is obtained;
receiving second encrypted data sent by the first network application, wherein the second encrypted data is used for transmitting the user privacy data to a second network application, and the second encrypted data is generated after the first network application performs secondary encryption on the user privacy data according to a third key of the second network application and a second key of the data management system;
and after the first decryption is carried out on the second encrypted data, the second encrypted data is sent to the second network application, so that the second network application carries out second decryption on the data after the first decryption, and the user privacy data is obtained.
In an embodiment, the data management module 703 is further configured to:
receiving a third key creation request or a third key update request sent by the second network application;
based on the third key creation request or the third key update request, sending a newly created third key or an updated third key to the first network application and/or the second network application; the newly created third key or the updated third key is used by the first network application to encrypt the user privacy data for a first time.
In an embodiment, the data management module 703 is further configured to:
based on the corresponding management operation, a management log for managing the user privacy data of the target user is generated.
In practical applications, the receiving module 701, the access authorization module 702 and the data management module 703 may be implemented by a processor in the user privacy data processing device. Of course, the processor needs to run a computer program in memory to implement its functions.
It should be noted that: in the user privacy data processing apparatus provided in the above embodiment, when performing user privacy data processing, only the division of each program module is used for illustration, in practical application, the processing allocation may be performed by different program modules according to needs, that is, the internal structure of the apparatus is divided into different program modules, so as to complete all or part of the processing described above. In addition, the user privacy data processing device and the user privacy data processing method embodiment provided in the foregoing embodiments belong to the same concept, and specific implementation processes thereof are detailed in the method embodiment, and are not repeated here.
Based on the hardware implementation of the program modules, and in order to implement the method of the embodiment of the present invention, the embodiment of the present invention further provides a data management system. Fig. 8 shows only an exemplary structure of the data management system, not all of which may be implemented as needed.
As shown in fig. 8, a data management system 800 provided in an embodiment of the present invention includes: at least one processor 801, memory 802, and at least one network interface 803. The various components in the data management system 800 are coupled together by a bus system 804. It is to be appreciated that the bus system 804 is employed to enable connected communications between these components. The bus system 804 includes a power bus, a control bus, and a status signal bus in addition to a data bus. But for clarity of illustration the various buses are labeled as bus system 804 in fig. 8.
The memory 802 in embodiments of the present invention is used to store various types of data to support the operation of the data management system 800. Examples of such data include: any computer program for operating on the data management system 800.
The user privacy data processing method disclosed by the embodiment of the invention can be applied to the processor 801 or can be realized by the processor 801. The processor 801 may be an integrated circuit chip with signal processing capabilities. In implementation, the steps of the user privacy data processing method may be performed by integrated logic circuitry of hardware or instructions in software form in the processor 801. The processor 801 may be a general purpose processor, a digital signal processor (DSP, digital Signal Processor), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like. The processor 801 may implement or perform the methods, steps, and logic blocks disclosed in embodiments of the present invention. The general purpose processor may be a microprocessor or any conventional processor or the like. The steps of the method disclosed in the embodiment of the invention can be directly embodied in the hardware of the decoding processor or can be implemented by combining hardware and software modules in the decoding processor. The software module may be located in a storage medium, where the storage medium is located in a memory 802, and the processor 801 reads information in the memory 802, and in combination with its hardware, performs the steps of the user privacy data processing method provided by the embodiment of the present invention.
In an exemplary embodiment, the data management system 800 may be implemented by one or more application specific integrated circuits (ASICs, application Specific Integrated Circuit), DSPs, programmable logic devices (PLDs, programmable Logic Device), complex programmable logic devices (CPLDs, complex Programmable Logic Device), FPGAs, general purpose processors, controllers, microcontrollers (MCUs, micro Controller Unit), microprocessors, or other electronic elements for performing the aforementioned methods.
It is to be appreciated that memory 802 can be either volatile memory or nonvolatile memory, and can include both volatile and nonvolatile memory. Wherein the nonvolatile Memory may be Read Only Memory (ROM), programmable Read Only Memory (PROM, programmable Read-Only Memory), erasable programmable Read Only Memory (EPROM, erasable Programmable Read-Only Memory), electrically erasable programmable Read Only Memory (EEPROM, electrically Erasable Programmable Read-Only Memory), magnetic random access Memory (FRAM, ferromagnetic random access Memory), flash Memory (Flash Memory), magnetic surface Memory, optical disk, or compact disk Read Only Memory (CD-ROM, compact Disc Read-Only Memory); the magnetic surface memory may be a disk memory or a tape memory. The volatile memory may be random access memory (RAM, random Access Memory), which acts as external cache memory. By way of example, and not limitation, many forms of RAM are available, such as static random access memory (SRAM, static Random Access Memory), synchronous static random access memory (SSRAM, synchronous Static Random Access Memory), dynamic random access memory (DRAM, dynamic Random Access Memory), synchronous dynamic random access memory (SDRAM, synchronous Dynamic Random Access Memory), double data rate synchronous dynamic random access memory (ddr SDRAM, double Data Rate Synchronous Dynamic Random Access Memory), enhanced synchronous dynamic random access memory (ESDRAM, enhanced Synchronous Dynamic Random Access Memory), synchronous link dynamic random access memory (SLDRAM, syncLink Dynamic Random Access Memory), direct memory bus random access memory (DRRAM, direct Rambus Random Access Memory). The memory described by embodiments of the present invention is intended to comprise, without being limited to, these and any other suitable types of memory.
In an exemplary embodiment, the present invention also provides a storage medium, i.e., a computer storage medium, which may be specifically a computer readable storage medium, for example, including a memory 802 storing a computer program, where the computer program may be executed by the processor 801 of the data management system 800 to perform the steps described in the method of the embodiment of the present invention. The computer readable storage medium may be ROM, PROM, EPROM, EEPROM, flash Memory, magnetic surface Memory, optical disk, or CD-ROM.
It should be noted that: "first," "second," etc. are used to distinguish similar objects and not necessarily to describe a particular order or sequence.
In addition, the embodiments of the present invention may be arbitrarily combined without any collision.
The foregoing is merely illustrative of the present invention, and the present invention is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.

Claims (12)

1. A method of user privacy data processing, characterized by being applied to a data management system, the method comprising:
receiving a data access right request sent by a first network application, wherein the data access right request is used for acquiring access right when the first network application executes corresponding management operation on user privacy data of a target user;
inquiring the access level of user privacy data of a target user according to the data access permission request, and generating a corresponding authorization request to a communication terminal of the target user according to the access level;
receiving a management operation request sent by the first network application, wherein the management operation request is generated after the first network application obtains the authorization of a target user;
executing corresponding management operation on the user privacy data of the target user according to the management operation request; the management operation includes at least one of: store, use, transfer, and delete.
2. The method of claim 1, wherein requesting use of the user privacy data of the target user in accordance with the management operation comprises:
inquiring and obtaining the encrypted data of the user privacy data of the target user according to the management operation request;
After the encrypted data is decrypted for the first time, the encrypted data is sent to the first network application, so that the first network application decrypts the data after the first decryption for the second time, and the user privacy data is obtained;
the encrypted data are generated by sequentially carrying out secondary encryption on the user privacy data through a first key of the first network application and a second key of the data management system.
3. The method of claim 1, wherein requesting storage of user privacy data of a target user in accordance with the management operation comprises:
receiving encrypted data sent by the first network application, wherein the encrypted data is generated by the first network application after performing secondary encryption on user privacy data of a target user according to a first key of the first network application and a second key of the data management system;
setting and storing the access level of the user privacy data of the target user;
storing the encrypted data.
4. A method according to claim 3, wherein prior to said receiving encrypted data sent by said first network application, said method further comprises:
Receiving a first key creation request or a first key update request sent by the first network application;
based on the first key creation request or the first key update request, sending a newly created first key or an updated first key to the first network application; the newly created first key or the updated first key is used by the first network application to encrypt the user privacy data for a first time.
5. A method according to claim 3, wherein prior to said receiving said encrypted data sent by said first network application, said method further comprises:
updating a second key of the data management system for the second encryption and transmitting the updated second key to the first network application.
6. A method according to claim 3, wherein said storing said encrypted data comprises:
storing the encrypted data and basic information of the encrypted data to corresponding storage addresses respectively, wherein the basic information comprises at least one of the following: user identification, network application identification, user number, privacy data category, access level of privacy data, first key, second key.
7. The method of claim 1, wherein delivering user privacy data of the target user in accordance with the management operation request comprises:
inquiring and obtaining first encrypted data of user privacy data of the target user according to the management operation request; the first encrypted data is generated by sequentially carrying out secondary encryption on the user privacy data through a first key of the first network application and a second key of the data management system;
after the encrypted data is decrypted for the first time, the encrypted data is sent to the first network application, so that the first network application decrypts the data after the first decryption for the second time, and the user privacy data is obtained;
receiving second encrypted data sent by the first network application, wherein the second encrypted data is used for transmitting the user privacy data to a second network application, and the second encrypted data is generated after the first network application performs secondary encryption on the user privacy data according to a third key of the second network application and a second key of the data management system;
and after the first decryption is carried out on the second encrypted data, the second encrypted data is sent to the second network application, so that the second network application carries out second decryption on the data after the first decryption, and the user privacy data is obtained.
8. The method of claim 7, wherein prior to receiving the second encrypted data sent by the first network application, the method further comprises:
receiving a third key creation request or a third key update request sent by the second network application;
based on the third key creation request or the third key update request, sending a newly created third key or an updated third key to the first network application and/or the second network application; the newly created third key or the updated third key is used by the first network application to encrypt the user privacy data for a first time.
9. The method according to claim 1, wherein the method further comprises:
based on the corresponding management operation, a management log for managing the user privacy data of the target user is generated.
10. A user privacy data processing apparatus, the apparatus comprising:
the receiving module is used for receiving a data access right request sent by the first network application and receiving a management operation request sent by the first network application; the data access right request is used for acquiring access right when the first network application executes corresponding management operation on user privacy data of a target user, and the management operation request is generated after the first network application obtains authorization of the target user;
The access authorization module is used for inquiring the access level of the user privacy data of the target user according to the data access right request and generating a corresponding authorization request to the communication terminal of the target user according to the access level;
the data management module is used for executing corresponding management operation on the user privacy data of the target user according to the management operation request; the management operation includes at least one of: store, use, transfer, and delete.
11. A data management system, comprising: a processor and a memory for storing a computer program capable of running on the processor, wherein,
the processor being adapted to perform the steps of the method of any of claims 1 to 9 when the computer program is run.
12. A storage medium having a computer program stored thereon, which, when executed by a processor, implements the steps of the method according to any of claims 1 to 9.
CN201911148329.1A 2019-11-21 2019-11-21 User privacy data processing method, device, system and storage medium Active CN112825520B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911148329.1A CN112825520B (en) 2019-11-21 2019-11-21 User privacy data processing method, device, system and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911148329.1A CN112825520B (en) 2019-11-21 2019-11-21 User privacy data processing method, device, system and storage medium

Publications (2)

Publication Number Publication Date
CN112825520A CN112825520A (en) 2021-05-21
CN112825520B true CN112825520B (en) 2023-08-15

Family

ID=75907236

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911148329.1A Active CN112825520B (en) 2019-11-21 2019-11-21 User privacy data processing method, device, system and storage medium

Country Status (1)

Country Link
CN (1) CN112825520B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2022038201A (en) * 2020-08-26 2022-03-10 トヨタ自動車株式会社 Information processing system, information processing method, and program
CN114244583A (en) * 2021-11-30 2022-03-25 珠海大横琴科技发展有限公司 Data processing method and device based on mobile client
CN114567477B (en) * 2022-02-24 2024-03-22 特赞(上海)信息科技有限公司 Multi-party collaborative authority management method, device, terminal and storage medium
CN114422265B (en) * 2022-02-28 2024-05-03 海信集团控股股份有限公司 Data access method and server
CN114598542A (en) * 2022-03-21 2022-06-07 深圳市远行科技股份有限公司 User information security processing method and device, intelligent terminal and storage medium
CN114938298A (en) * 2022-05-16 2022-08-23 中国银行股份有限公司 Data transmission method and related device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108924137A (en) * 2018-07-04 2018-11-30 吴科 Method for secret protection and system under a kind of environment of internet of things
CN109495426A (en) * 2017-09-12 2019-03-19 腾讯科技(深圳)有限公司 A kind of data access method, device and electronic equipment
CN110363025A (en) * 2019-06-28 2019-10-22 北京淇瑀信息科技有限公司 A kind of user data privacy management method, apparatus and electronic equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109495426A (en) * 2017-09-12 2019-03-19 腾讯科技(深圳)有限公司 A kind of data access method, device and electronic equipment
CN108924137A (en) * 2018-07-04 2018-11-30 吴科 Method for secret protection and system under a kind of environment of internet of things
CN110363025A (en) * 2019-06-28 2019-10-22 北京淇瑀信息科技有限公司 A kind of user data privacy management method, apparatus and electronic equipment

Also Published As

Publication number Publication date
CN112825520A (en) 2021-05-21

Similar Documents

Publication Publication Date Title
CN112825520B (en) User privacy data processing method, device, system and storage medium
US11870816B1 (en) Trusted-code generated requests
CN111191286B (en) HyperLegger Fabric block chain private data storage and access system and method thereof
Kaaniche et al. Data security and privacy preservation in cloud storage environments based on cryptographic mechanisms
US11290446B2 (en) Access to data stored in a cloud
WO2021003980A1 (en) Blacklist sharing method and apparatus, computer device and storage medium
US8447983B1 (en) Token exchange
US8850593B2 (en) Data management using a virtual machine-data image
US10673906B2 (en) Access control using impersonization
US20210218720A1 (en) Systems and methods for secure custodial service
JP2023502346A (en) Quantum secure networking
KR20050119133A (en) User identity privacy in authorization certificates
WO2019203936A1 (en) Systems and methods for use in computer network security
CN113609221A (en) Data storage method, data access device and storage medium
CN114500069A (en) Method and system for storing and sharing electronic contract
CN111917711B (en) Data access method and device, computer equipment and storage medium
US11764976B2 (en) System and method for secure internet communications
CN115442115A (en) Risk data pushing method, system, server and trusted unit
Stingl et al. Health records and the cloud computing paradigm from a privacy perspective
CN113328860A (en) Block chain-based user privacy data security providing method
Katre et al. Trusted third party for data security in cloud environment
Guo et al. Search engine based proper privacy protection scheme
CN117294465B (en) Attribute encryption system and method based on cross-domain communication
Kalyanaraman et al. Privacy Preserving Integrated Way with Cloud Security
WO2024026428A1 (en) Digital identity allocation, assignment, and management

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant