CN113407990A - Data circulation processing method, device, system, electronic device and storage medium - Google Patents

Data circulation processing method, device, system, electronic device and storage medium Download PDF

Info

Publication number
CN113407990A
CN113407990A CN202110606197.3A CN202110606197A CN113407990A CN 113407990 A CN113407990 A CN 113407990A CN 202110606197 A CN202110606197 A CN 202110606197A CN 113407990 A CN113407990 A CN 113407990A
Authority
CN
China
Prior art keywords
data
key
sandbox
domain
result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110606197.3A
Other languages
Chinese (zh)
Inventor
何志坚
范渊
刘博�
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
DBAPPSecurity Co Ltd
Hangzhou Dbappsecurity Technology Co Ltd
Original Assignee
Hangzhou Dbappsecurity Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Dbappsecurity Technology Co Ltd filed Critical Hangzhou Dbappsecurity Technology Co Ltd
Priority to CN202110606197.3A priority Critical patent/CN113407990A/en
Publication of CN113407990A publication Critical patent/CN113407990A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/1734Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The application relates to a data circulation processing method, a device, a system, an electronic device and a storage medium, wherein the processing method comprises the following steps: acquiring original data; encrypting the original data based on the acquired first key to obtain encrypted data, and synchronizing the encrypted data to a pre-configured calculation domain; decrypting the encrypted data based on the first key through the secure sandbox of the computing domain to obtain decrypted data; and inputting the decrypted data into the security sandbox to obtain a plaintext data result. By the method and the device, the problems of low privacy and safety of data circulation processing are solved, and the data circulation method based on multi-party safe calculation is realized.

Description

Data circulation processing method, device, system, electronic device and storage medium
Technical Field
The present application relates to the field of data processing, and in particular, to a method, an apparatus, a system, an electronic apparatus, and a storage medium for data circulation.
Background
With the rapid development of the internet of things, the basic resource of data is irrevocable to innovation and development in the fields of intelligent interconnection of everything, calculation perception, cloud increment, artificial intelligence, unmanned driving, unmanned aerial vehicles, intelligent robots, 5G, virtual reality, China manufacturing 2025, precise hospitals, sports and the like, so that the data becomes the important basis of digital economy, and data circulation becomes the inevitable choice for releasing data value.
In the related art, encryption protection and tracing management for data such as key data and private information are lacked in the process of opening data circulation. For example, medical data is independently stored in each hospital, a medical research enterprise needs to model through a large number of data samples, and when the health condition of citizens in the province is analyzed, each hospital provides medical original data to the medical research enterprise through administrative orders, medical data is easily leaked and tampered in the sharing process, so that the privacy and the safety of data circulation processing are low.
At present, no effective solution is provided for the problem of low privacy and security of data circulation processing in the related technology.
Disclosure of Invention
The embodiment of the application provides a data circulation processing method, device, system, electronic device and storage medium, so as to at least solve the problem of low privacy and safety of data circulation processing in the related technology.
In a first aspect, an embodiment of the present application provides a method for processing data circulation, where the method includes:
acquiring original data;
encrypting the original data based on the acquired first key to obtain encrypted data, and synchronizing the encrypted data to a pre-configured calculation domain;
decrypting the encrypted data based on the first key through a security sandbox of the computing domain to obtain decrypted data;
and inputting the decrypted data into the safety sandbox to obtain a plaintext data result.
In some of these embodiments, said synchronizing said encrypted data to said computing domain comprises:
uploading the encrypted data to a preconfigured isolation domain and synchronizing the encrypted data to the computing domain; and the isolation domain and the computation domain are transmitted through a unidirectional network gate.
In some embodiments, the decrypting, by the secure sandbox of the computing domain, the encrypted data based on the first key results in decrypted data; inputting the decrypted data into the secure sandbox, and obtaining a plaintext data result comprises:
binding a sandbox environment of the secure sandbox with an intelligent contract; wherein each of the smart contracts includes a debug sandbox and an execution sandbox of the secure sandbox;
obtaining sample data, and inputting the sample data into the debugging sandbox to obtain a data model;
decrypting the encrypted data based on the first key according to the intelligent contract to obtain decrypted data;
and inputting the decrypted data into the execution sandbox, and executing the data model to obtain the plaintext data result.
In some embodiments, the inputting the decrypted data into the secure sandbox to obtain the plaintext data result includes:
acquiring an encryption result set output by the security sandbox;
storing the encryption result set to the computing domain based on the first key, and encrypting and decrypting the first key according to a public and private key pair to obtain a second key;
and carrying out decryption downloading processing on the encryption result set based on the second secret key to obtain the plaintext data result.
In some embodiments, after obtaining the plaintext data result, the method further includes:
and encrypting the plaintext data result to obtain a ciphertext result, and storing the ciphertext result to a storage device.
In a second aspect, an embodiment of the present application provides a data circulation processing method, where the method is applied to an audit scenario, and the method includes:
acquiring original data and sample data which are uploaded by a data sharing party and used for auditing;
encrypting the original data based on the acquired first key to obtain encrypted data, and synchronizing the encrypted data and the sample data to a pre-configured calculation domain;
obtaining an audit result of a Service Data Objects (SDO) operator for the sample Data, and decrypting the encrypted Data based on the first secret key through a security sandbox of the computing domain to obtain decrypted Data under the condition that the audit result is that the sample Data passes;
and inputting the decrypted data into the safety sandbox to obtain a plaintext data result.
In a third aspect, an embodiment of the present application provides a processing apparatus for data circulation, where the apparatus includes: the device comprises an acquisition module, an encryption module, a decryption module and a plaintext module;
the acquisition module is used for acquiring original data;
the encryption module is used for encrypting the original data based on the acquired first key to obtain encrypted data and synchronizing the encrypted data to a pre-configured calculation domain;
the decryption module is used for decrypting the encrypted data based on the first secret key through the security sandbox of the computing domain to obtain decrypted data;
and the plaintext module is used for inputting the decrypted data into the secure sandbox to obtain a plaintext data result.
In a fourth aspect, an embodiment of the present application provides a data circulation processing apparatus, where the apparatus is applied to an audit scenario, and the apparatus includes: the device comprises an acquisition module, an encryption module, a decryption module and a plaintext module;
the acquisition module is used for acquiring original data and sample data which are uploaded by a data sharing party and are used for auditing;
the encryption module is used for encrypting the original data based on the acquired first key to obtain encrypted data, and synchronizing the encrypted data and the sample data to a pre-configured calculation domain;
the decryption module is configured to obtain an audit result of an SDO operator for the sample data, and decrypt, by using the secure sandbox in the computing domain, the encrypted data based on the first key to obtain decrypted data when the audit result indicates that the sample data passes through;
and the plaintext module is used for inputting the decrypted data into the safety sandbox to obtain a plaintext data result.
In a fifth aspect, an embodiment of the present application provides a data circulation processing system, where the system includes a multi-party trusted computing device and a key management device;
the multi-party trusted computing device obtaining raw data;
the multi-party trusted computing device obtains a first key of the key management device; the key management equipment encrypts the original data based on the first key to obtain encrypted data, and synchronizes the encrypted data to the computing domain;
the multi-party trusted computing device decrypts the encrypted data based on the first key through a secure sandbox of the computing domain to obtain decrypted data;
the multi-party trusted computing device inputs the decrypted data into the secure sandbox to obtain a plaintext data result.
In a sixth aspect, an embodiment of the present application provides an electronic apparatus, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and when the processor executes the computer program, the processor implements the processing method for data circulation as described in the first and second aspects.
In a seventh aspect, an embodiment of the present application provides a storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the processing method for data circulation according to the first aspect and the second aspect.
Compared with the related art, the data circulation processing method, the data circulation processing device, the data circulation processing system, the electronic device and the storage medium provided by the embodiment of the application acquire original data; encrypting the original data based on the acquired first key to obtain encrypted data, and synchronizing the encrypted data to a pre-configured calculation domain; decrypting the encrypted data based on the first key through the secure sandbox of the computing domain to obtain decrypted data; the decrypted data is input into the security sandbox to obtain a plaintext data result, so that the problems of low privacy and security of data circulation processing are solved, and the data circulation method based on multi-party security calculation is realized.
The details of one or more embodiments of the application are set forth in the accompanying drawings and the description below to provide a more thorough understanding of the application.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
FIG. 1 is a schematic structural diagram of a data flow-through platform according to an embodiment of the present application;
FIG. 2 is a flow chart of a method of data currency processing according to an embodiment of the present application;
FIG. 3 is a system architecture diagram of platform security according to an embodiment of the present application;
FIG. 4 is a schematic illustration of a transmission security according to an embodiment of the present application;
FIG. 5 is a flow chart of another method of data currency processing according to an embodiment of the present application;
FIG. 6 is a schematic diagram of a method for processing data traffic in accordance with a preferred embodiment of the present application;
FIG. 7 is a block diagram of a data flow processing device according to an embodiment of the present application;
FIG. 8 is a block diagram of a data flow processing system according to an embodiment of the present application;
fig. 9 is a block diagram of the inside of a computer device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be described and illustrated below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments provided in the present application without any inventive step are within the scope of protection of the present application. Moreover, it should be appreciated that in the development of any such actual implementation, as in any engineering or design project, numerous implementation-specific decisions must be made to achieve the developers' specific goals, such as compliance with system-related and business-related constraints, which may vary from one implementation to another.
Reference in the specification to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the specification. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Those of ordinary skill in the art will explicitly and implicitly appreciate that the embodiments described herein may be combined with other embodiments without conflict.
Unless defined otherwise, technical or scientific terms referred to herein shall have the ordinary meaning as understood by those of ordinary skill in the art to which this application belongs. Reference to "a," "an," "the," and similar words throughout this application are not to be construed as limiting in number, and may refer to the singular or the plural. The present application is directed to the use of the terms "including," "comprising," "having," and any variations thereof, which are intended to cover non-exclusive inclusions; for example, a process, method, system, article, or apparatus that comprises a list of steps or modules (elements) is not limited to the listed steps or elements, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus. Reference to "connected," "coupled," and the like in this application is not intended to be limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect. Reference herein to "a plurality" means greater than or equal to two. "and/or" describes an association relationship of associated objects, meaning that three relationships may exist, for example, "A and/or B" may mean: a exists alone, A and B exist simultaneously, and B exists alone. Reference herein to the terms "first," "second," "third," and the like, are merely to distinguish similar objects and do not denote a particular ordering for the objects.
In this embodiment, a data circulation platform is provided, and fig. 1 is a schematic structural diagram of a data circulation platform according to an embodiment of the present application, and as shown in fig. 1, the data circulation platform includes a key management device, a multi-party trusted computing device, and a blockchain audit device. Wherein, this data circulation platform passes through five big safety technique guarantee data circulation in-process full life cycle's safety, and these five big safety technique include: platform security, transmission security, storage security, computational security and audit security. Specifically, the data sharers include government affairs, finance, medical, education, enterprises and the internet; and the data sharing party encrypts the original data to obtain encrypted data and uploads the encrypted data to the isolation domain of the data circulation platform. The isolation domain synchronizes the encrypted data to the calculation domain of the circulation data platform through a firewall or a gatekeeper, and encrypts, stores and processes each original data. The key management device is used for processing such as encryption key generation, decryption, distribution or backup, and the key cannot be output from the device. The block chain auditing equipment is used for preventing a security event of the data circulation platform caused by illegal operation of a user, and needs to perform detailed recording and auditing on the operation behavior of the user on the data circulation platform. The SDO operator applies for the intelligent contract conditions through the operation domain. The operation domain performs model development and contract execution. The calculation domain is based on the intelligent contract, the debugging sandbox uses the sample data to perform data modeling, the execution sandbox uses the data model of the debugging sandbox to perform data operation according to the intelligent contract conditions, and then an encryption result set is generated and issued to the data beneficiary. And the data beneficiary carries out local decryption on the encryption result set to finally obtain a plaintext data result.
And the data beneficiary downloads the result set to the local, and decrypts the result set by using a private key to obtain the data plaintext of the result set.
The present embodiment further provides a data circulation processing method, and fig. 2 is a flowchart of a data circulation processing method according to an embodiment of the present application, and as shown in fig. 2, the flowchart includes the following steps:
step S210, acquiring raw data.
The original data may include acquired government public data, medical data or audit data. Specifically, referring to fig. 1, data sharing parties such as government affairs, finance, medical treatment, education, enterprises or the internet can upload respective original data. The uploading mode of the original data can be as follows: importing data in a form of a table; alternatively, the raw data may be uploaded by directly connecting to the database.
Step S220, encrypt the original data based on the obtained first key to obtain encrypted data, and synchronize the encrypted data to a pre-configured calculation domain.
Wherein, the step S220 is performed based on the key management device in fig. 1; the key management device is used for full life cycle encryption in data circulation, provides independent unified key management, supports an independent key management system, and comprises encryption key generation, distribution, backup and recovery devices, and the key cannot be output from the device. The encryption Key is uniformly protected by a master Key, and the master Key is generated and managed by a Key Management Service (KMS) through hardware cryptographic equipment, so that the security of the master Key is ensured. Specifically, a user downloads a private key KA from the data circulation platform, or the user registers a public key KB to the data circulation platform, and the data circulation platform encrypts a distributed first secret key R by using the public key KB and issues the first secret key R to the user; the user decrypts the key R encrypted by the public key KB by using the private key KA to obtain the key R. The original data is then encrypted with the key R and uploaded to the computational domain. It should be noted that, the above encryption method may adopt a homomorphic encryption function, that is, the original data of the plaintext is first subjected to addition and multiplication operations and then encrypted, and the ciphertext is subjected to corresponding operations after encryption, so that the result is equivalent, and the data can be processed by a third party without information leakage.
Step S230, decrypting the encrypted data based on the first key through the secure sandbox in the computing domain to obtain decrypted data; and inputting the decrypted data into the security sandbox to obtain a plaintext data result.
Specifically, firstly, data model development is carried out on the security sandbox by using obtained sample data, accuracy of a data model is checked through the sample data of a plaintext, then, according to intelligent contract conditions, encrypted original data are decrypted based on a first secret key to obtain decrypted data, the decrypted data are transmitted into the security sandbox to execute the data model, and finally, a plaintext data result is calculated through the security sandbox.
Or, the local client can be connected with a cloud framework to realize data circulation, encrypted data operation, data encryption inquiry or secret sharing; the client is continuously online, original data are encrypted into a ciphertext M through an encryption method, a hash algorithm is used to obtain BF, and the BF is uploaded to the data circulation platform; the data circulation platform carries out hash value matching, if the matching is successful, the data circulation platform decrypts the data into a plaintext in a calculation domain, multi-party data calculation is carried out according to an intelligent contract, a result set obtained through calculation is encrypted by the encryption method, a hash value BF1 is obtained through a hash algorithm, the result set is transmitted to a data beneficiary and is subjected to local hash conversion, and finally a private key is used for decryption to obtain the plaintext data result.
Through the steps S210 to S230, the encrypted data obtained by encrypting the original data are synchronized to the calculation domain, data modeling is carried out through the calculation domain, and finally the calculated plaintext data result is appointed to the user, so that the data can be calculated under the ciphertext, and the calculation result of the ciphertext is identical to the calculation effect of the plaintext, so that the original data are not local through the encryption technology, the risk of privacy data leakage in the data sharing process is avoided, the problems of low privacy and safety of data circulation processing are solved, and the data circulation method based on multi-party safety calculation is realized.
In some embodiments, the synchronizing the encrypted data to the computing domain further comprises: uploading the encrypted data to a preconfigured isolation domain, and synchronizing the encrypted data to the computing domain; wherein, the isolated domain and the computation domain are transmitted through a unidirectional network gate. Specifically, data are encrypted and uploaded to an isolation domain, then are synchronized to an inner network computing domain through a one-way gatekeeper, and meanwhile, encrypted data of the isolation domain are deleted; the isolated domain is therefore only a dataset transition domain. Fig. 3 is a system architecture diagram of platform security according to an embodiment of the present application, please refer to fig. 1 and 3, the data circulation platform can be divided into three domains, namely, an isolation domain, a computation domain and an operation domain, by the platform security technology; all operations of the data circulation platform are performed in an operation domain, such as login, contract application, or data set auditing. The domains can be transmitted through a one-way network gate or a firewall and the like so as to ensure that the computing domain is in an intranet environment and cannot be invaded and interfered by the outside. If the following encryption result set is obtained after the decrypted data is input into the secure sandbox of the computing domain, the encryption result set can be synchronized into the isolated domain through the unidirectional gatekeeper, and the plaintext data result of the isolated domain is deleted after the downloading is completed.
Through the embodiment, the isolation domain and the calculation domain are configured based on the platform security technology, so that the calculation cluster is divided into the isolation domain, the calculation domain and the operation domain, data is transmitted through the unidirectional network gate, the absolute security of the calculation domain is ensured, and the security of data circulation processing is further effectively improved.
In some embodiments, the step S230 further includes the following steps:
step S231, binding the sandbox environment of the security sandbox with the intelligent contract; wherein each of the intelligent contracts includes a debug sandbox and an execution sandbox within the security sandbox.
The computing security technology used in the data circulation platform relies on a bottom layer big data computing cluster, and is matched with modules such as a debugging sandbox, an execution computing sandbox, identity authentication, block chain compliance audit and the like, and is combined with unified key management and encryption and decryption services provided by a key management system, so that a safe and credible big data computing cluster is constructed, and the data security is guaranteed, and meanwhile, the data is available, invisible and unavailable.
Based on a safe computing sandbox technology, binding a sandbox environment with an intelligent data contract, creating an independent container environment for each computing task, and completely isolating data among different contracts; each contract comprises two environments, namely a debugging sandbox and an execution sandbox, the debugging sandbox is used for a model developer to develop and test a business model, and the execution sandbox is responsible for loading real data to perform calculation on the debugged model; the calculation tasks and operations in the sandbox are audited and recorded in detail and stored in a block chain, operation monitoring and historical playback are achieved, and tracing of subsequent events is facilitated. Finally, the data can be invisible and invisible, and the data can be unrecoverable, so that the reliability, controllability and traceability of the safe calculation of the multi-party data are guaranteed.
It should be noted that, in this implementation, the trusted execution environment is built on a big data underlying architecture, supports distributed task scheduling, and can dynamically expand capacity according to a service development condition. The data circulation platform provides development pages such as Hive, Spark, Python, shell and the like. Hive is a data warehouse tool based on Hadoop, and is used for extracting, converting, loading, inquiring and analyzing large-scale data stored in Hadoop. The hive data warehouse tool can map the structured data file into a database table, provide SQL query function and convert SQL sentences into MapReduce tasks for execution. Spark is a fast general-purpose computing engine designed specially for large-scale data processing, and is a general parallel framework similar to Hadoop MapReduce. Different from MapReduce, Job intermediate output results of Spark can be stored in a memory, so that HDFS reading and writing are not needed any more, and the method can optimize iterative workload besides providing interactive query. Python provides an efficient high-level data structure and also enables simple and efficient object-oriented programming. Is a programming language for writing scripts and rapidly developing applications. The method is widely applied to machine learning and data mining.
Step S232, sample data is obtained and input into the safety debugging sandbox to obtain a data model; decrypting the encrypted data based on the first key according to the intelligent contract to obtain decrypted data; and inputting the decrypted data into the secure computing sandbox, and executing the data module to obtain the plaintext data result.
Through the steps S231 to S232, the debugging sandbox is separated from the execution sandbox, the debugging sandbox performs data modeling by using the sample data, and the execution sandbox performs data operation by using the data model of the debugging sandbox according to the intelligent contract conditions, so that a trusted execution environment of pure software provided by a bottom-layer big data computing cluster is realized. In addition, the data model is bound with the intelligent contract, so that automatic digital model operation is realized, and data circulation is more intelligent; because the data model is modeled under the condition of sample data plaintext, the accuracy of the data model can be fully ensured, and the safety of the original data is ensured.
In some embodiments, the entering the decrypted data into the secure sandbox of the computing domain to obtain the plaintext data result further includes the following steps: acquiring an encryption result set output by the security sandbox; storing the encryption result set to the calculation domain based on the first key, and encrypting and decrypting the first key according to a public and private key pair to obtain a second key; and carrying out decryption downloading processing on the encryption result set based on the second secret key to obtain the plaintext data result.
The transmission security technology used in the data circulation platform encrypts data through the key management device, and ensures the encryption of the data in the whole life cycle in the circulation process. Fig. 4 is a schematic diagram of transmission security according to an embodiment of the present application, and as shown in fig. 4, an execution flow of the transmission security technology includes a data set uploading flow and an encryption result set downloading flow. In the data set uploading process, after the user signature is authorized, the big data trusted execution environment decrypts the data and participates in calculation. Specifically, a user registers a public key to a data circulation platform through a client; the data circulation platform encrypts a temporary data key by using a user public key and issues the temporary data key to a user of a client; the user uses the private key to decrypt and obtain a temporary data key; the temporary data key encrypts the upload data. In the data set downloading process, the security sandbox calculates an encryption result set, the encryption result set is encrypted and stored in a computing domain security area through a first secret key B, the data circulation platform encrypts the first secret key B by using a public key KB and sends the encrypted first secret key B to a user, the user decrypts the encrypted first secret key B by using a private key KA to obtain a second secret key R, and the downloaded encrypted encryption result set which is encrypted before is decrypted by using the second secret key locally to obtain a plaintext encryption result set.
In some embodiments, after the step S230 is executed, the method for processing data circulation further includes the following steps: and encrypting the plaintext data result to obtain a ciphertext result, and storing the ciphertext result to a storage device in the data circulation platform. Referring to fig. 1, the storage security technology used in the data circulation platform actively destroys the data through ciphertext storage after each process is finished, thereby realizing controllable data circulation.
Fig. 5 is a flowchart of another data flow processing method according to an embodiment of the present application, and as shown in fig. 5, the data flow processing method is applied to an audit scenario and can be executed by the above block chain audit device; the process comprises the following steps:
step S510, obtaining original data and sample data uploaded by the data sharing party for auditing.
Wherein, the data sharing side can use three kinds of modes to upload data to the platform, and three kinds of modes are respectively: single off-line data uploading, T-N data uploading and database link uploading. The single off-line data uploading refers to the uploading of data in a form of a table, and the data can be uploaded only once in a single time. T-N data uploading refers to uploading data in a form of a table, and incremental continuous uploading and updating can be performed. The database linking uploading refers to directly uploading data to the platform by docking the database. When the data is uploaded, two data copies are transmitted, one is sample data, and the other is complete original data. The sample data is uploaded through a plaintext, so that modeling, debugging and using are facilitated, and the complete original data is encrypted and uploaded by using a secret key and stored in a safety area.
Step S520, obtaining the auditing result of the SDO operator for the sample data, authorizing the intelligent contract application under the condition that the auditing result is that the sample data passes, and debugging the data model for the sample data based on the intelligent contract.
Step S530, when it is detected that the debugging of the data model passes, transmitting the original data to the calculation domain, and performing calculation on the original data according to the data model to obtain a plaintext data result.
It should be noted that, the audit security technology used in the data circulation platform stores the compliance audit log by using a block chain technology, and avoids the audit log from being lost or tampered. Meanwhile, by combining the log and flow analysis technology, the operation behavior of the user is accurately recorded and verified, the behavior of the user is intelligently analyzed, abnormal phenomena are timely found, and non-compliant operation is prevented.
Specifically, fig. 6 is a schematic diagram of a processing method for data circulation according to a preferred embodiment of the present application, and as shown in fig. 6, the data circulation flow based on multi-party secure computing includes: and the data sharing party uploads the data to the platform in a single off-line data uploading mode, a T-N data uploading mode or a database link uploading mode. And the SDO operator checks whether the sample data uploaded by the data sharing party is valid data, if so, the valid data passes through the data sharing party, and if not, the data is rejected. And the SDO applies for the intelligent contract condition, and the beneficiary authorizes the intelligent contract application, so that the intelligent contract condition is prevented from being inconsistent with the requirement of the beneficiary. And the data sharing party applies for authorization to the data set, so that the data circulation direction is controllable. After the intelligent contract passes, the SDO carries out data modeling debugging on the sample data according to contract conditions, and if the debugging fails, whether the sample data is real or not and whether a modeling program is accurate or not need to be checked. If the debugging is successful, the scheduling task can be executed, the original data are decrypted and transmitted into the calculation domain, the original data are calculated according to the data model to obtain a result set, and the result set is stored in the safety area. The data sharing party needs to audit the result set data, and the result set is prevented from carrying the private data. And the data beneficiary downloads the result set to the local, and decrypts the result set by using a private key to obtain the data plaintext of the result set.
It should be noted that the steps illustrated in the above-described flow diagrams or in the flow diagrams of the figures may be performed in a computer system, such as a set of computer-executable instructions, and that, although a logical order is illustrated in the flow diagrams, in some cases, the steps illustrated or described may be performed in an order different than here.
The present embodiment further provides a data flow processing apparatus, which is used to implement the foregoing embodiments and preferred embodiments, and the description of the apparatus is omitted for brevity. As used hereinafter, the terms "module," "unit," "subunit," and the like may implement a combination of software and/or hardware for a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 7 is a block diagram of a data flow processing apparatus according to an embodiment of the present application, and as shown in fig. 7, the apparatus includes: an acquisition module 72, an encryption module 74, a decryption module 76, and a plaintext module 78.
The acquiring module 72 is used for acquiring original data; the encryption module 74 is configured to encrypt the original data based on the obtained first key to obtain encrypted data, and synchronize the encrypted data to a preconfigured calculation domain; the decryption module 76 is configured to decrypt, by the secure sandbox in the computing domain, the encrypted data based on the first key to obtain decrypted data; the plaintext block 78 is configured to obtain a plaintext result when the decrypted data is input into the secure sandbox.
Through the embodiment, the encryption module 74 synchronizes the encrypted data obtained by encrypting the original data to the calculation domain, the decryption module 76 and the plaintext module 78 perform data modeling through the calculation domain, and finally, the calculated plaintext data result is designated to the user, so that the data can be calculated under the ciphertext, and the result obtained by the ciphertext calculation is the same as the plaintext calculation effect, thereby ensuring that the original data is not local through the encryption technology, avoiding the risk of private data leakage in the data sharing process, solving the problems of low privacy and safety of data circulation processing, and realizing data circulation based on multiparty safety calculation.
In some embodiments, the encryption module 74 is further configured to upload the encrypted data to a preconfigured isolated domain and synchronize the encrypted data to the computing domain; wherein, the isolated domain and the computation domain are transmitted through a unidirectional network gate.
In some embodiments, the decryption module 76 is further configured to bind the sandboxed environment of the secure sandbox to the smart contract; each intelligent contract comprises a debugging sandbox and an execution sandbox in the safety sandbox; the decryption module 76 obtains sample data and inputs the sample data into the debugging sandbox to obtain a data model; the decryption module 76 decrypts the encrypted data based on the first key according to the smart contract to obtain decrypted data; the plaintext block 78 is further configured to input the decrypted data into the execution sandbox and execute the data model to obtain the plaintext data result.
In some embodiments, the plaintext block 78 is further configured to obtain an encrypted result set output by the secure sandbox; the plaintext module 78 stores the encrypted result set to the computational domain based on the first key, and encrypts and decrypts the first key according to a public/private key pair to obtain a second key; the plaintext module 78 decrypts and downloads the encrypted result set based on the second key to obtain the plaintext data result.
In some embodiments, the processing device for data circulation further includes a storage module; the storage module is used for encrypting the plaintext data result to obtain a ciphertext result and storing the ciphertext result to the storage device.
This embodiment also provides a processing apparatus for data circulation, and the apparatus is applied to the audit scenario, and the apparatus includes: the device comprises an acquisition module, an encryption module, a decryption module and a plaintext module.
The acquisition module is used for acquiring original data and sample data which are uploaded by a data sharing party and used for auditing; the encryption module is used for encrypting the original data based on the acquired first key to obtain encrypted data, and synchronizing the encrypted data and the sample data to a pre-configured calculation domain; the decryption module is configured to obtain an audit result of the SDO operator for the sample data, and decrypt the encrypted data based on the first key through the secure sandbox of the computing domain to obtain decrypted data when the audit result indicates that the sample data passes through; the plaintext module is used for inputting the decrypted data into the secure sandbox to obtain a plaintext data result.
The above modules may be functional modules or program modules, and may be implemented by software or hardware. For a module implemented by hardware, the modules may be located in the same processor; or the modules can be respectively positioned in different processors in any combination.
The embodiment also provides a data circulation processing system, wherein the data circulation processing system can also be called a fully-encrypted secure trusted multiparty secure computing platform or the data circulation platform. FIG. 8 is a block diagram of a data-flow processing system according to an embodiment of the present application, which includes a multi-party trusted computing device 82 and a key management device 84, as shown in FIG. 8.
The multi-party trusted computing 82 device obtains raw data; the multi-party trusted computing device 82 obtains a first key of the key management device 84; wherein the key management device 84 encrypts the original data based on the first key to obtain encrypted data, and synchronizes the encrypted data to the computing domain; the multi-party trusted computing device 82 decrypts the encrypted data based on the first key via the secure sandbox of the computing domain to obtain decrypted data; the multi-party trusted computing device 82 inputs the decrypted data into the secure sandbox, resulting in a clear data result.
Through the embodiment, the multi-party trusted computing equipment 82 synchronizes the encrypted data obtained by encrypting the original data to the computing domain, performs data modeling through the computing domain, and finally, assigns the result of the computed plaintext data to the user specified by the result, so that the data can be computed in the ciphertext, and the result obtained by the ciphertext computation is the same as the plaintext computation effect, thereby ensuring that the original data is not local through the encryption technology, avoiding the risk of private data leakage in the data sharing process, solving the problems of low privacy and safety of data circulation processing, and realizing the data circulation method based on multi-party secure computation.
In some embodiments, a computer device is provided, and the computer device may be a server, and fig. 9 is a structural diagram of the inside of a computer device according to the embodiment of the present application, as shown in fig. 9. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used to store the first key. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a processing method of data circulation.
Those skilled in the art will appreciate that the architecture shown in fig. 9 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
The present embodiment also provides an electronic device comprising a memory having a computer program stored therein and a processor configured to execute the computer program to perform the steps of any of the above method embodiments.
Optionally, the electronic apparatus may further include a transmission device and an input/output device, wherein the transmission device is connected to the processor, and the input/output device is connected to the processor.
Optionally, in this embodiment, the processor may be configured to execute the following steps by a computer program:
s1, raw data is acquired.
And S2, encrypting the original data based on the acquired first key to obtain encrypted data, and synchronizing the encrypted data to a pre-configured calculation domain.
And S3, decrypting the encrypted data based on the first key through the security sandbox of the computing domain to obtain decrypted data.
And S4, inputting the decrypted data into the security sandbox to obtain a plaintext data result.
It should be noted that, for specific examples in this embodiment, reference may be made to examples described in the foregoing embodiments and optional implementations, and details of this embodiment are not described herein again.
In addition, in combination with the data circulation processing method in the foregoing embodiments, the embodiments of the present application may provide a storage medium to implement. The storage medium having stored thereon a computer program; the computer program, when executed by a processor, implements any one of the processing methods for data flow in the above embodiments.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It should be understood by those skilled in the art that various features of the above-described embodiments can be combined in any combination, and for the sake of brevity, all possible combinations of features in the above-described embodiments are not described in detail, but rather, all combinations of features which are not inconsistent with each other should be construed as being within the scope of the present disclosure.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (11)

1. A method for processing data traffic, the method comprising:
acquiring original data;
encrypting the original data based on the acquired first key to obtain encrypted data, and synchronizing the encrypted data to a pre-configured calculation domain;
decrypting the encrypted data based on the first key through a security sandbox of the computing domain to obtain decrypted data;
and inputting the decrypted data into the safety sandbox to obtain a plaintext data result.
2. The processing method of claim 1, wherein the synchronizing the encrypted data to the computational domain comprises:
uploading the encrypted data to a preconfigured isolation domain and synchronizing the encrypted data to the computing domain; and the isolation domain and the computation domain are transmitted through a unidirectional network gate.
3. The processing method according to claim 1, wherein the decrypting the encrypted data based on the first key by the secure sandbox of the computing domain results in decrypted data; inputting the decrypted data into the secure sandbox, and obtaining a plaintext data result comprises:
binding a sandbox environment of the secure sandbox with an intelligent contract; wherein each of the smart contracts includes a debug sandbox and an execution sandbox of the secure sandbox;
obtaining sample data, and inputting the sample data into the debugging sandbox to obtain a data model;
decrypting the encrypted data based on the first key according to the intelligent contract to obtain decrypted data;
and inputting the decrypted data into the execution sandbox, and executing the data model to obtain the plaintext data result.
4. The process of claim 1, wherein said inputting said decrypted data into said secure sandbox resulting in plaintext data comprises:
acquiring an encryption result set output by the security sandbox;
storing the encryption result set to the computing domain based on the first key, and encrypting and decrypting the first key according to a public and private key pair to obtain a second key;
and carrying out decryption downloading processing on the encryption result set based on the second secret key to obtain the plaintext data result.
5. The processing method according to any one of claims 1 to 4, wherein after obtaining the plaintext data result, the method further comprises:
and encrypting the plaintext data result to obtain a ciphertext result, and storing the ciphertext result to a storage device.
6. A data circulation processing method is applied to an audit scene, and comprises the following steps:
acquiring original data and sample data which are uploaded by a data sharing party and used for auditing;
encrypting the original data based on the acquired first key to obtain encrypted data, and synchronizing the encrypted data and the sample data to a pre-configured calculation domain;
obtaining an auditing result of the SDO operator for the sample data, and decrypting the encrypted data based on the first secret key through a security sandbox of the computing domain to obtain decrypted data under the condition that the auditing result is that the sample data passes;
and inputting the decrypted data into the safety sandbox to obtain a plaintext data result.
7. A device for processing data traffic, the device comprising: the device comprises an acquisition module, an encryption module, a decryption module and a plaintext module;
the acquisition module is used for acquiring original data;
the encryption module is used for encrypting the original data based on the acquired first key to obtain encrypted data and synchronizing the encrypted data to a pre-configured calculation domain;
the decryption module is used for decrypting the encrypted data based on the first secret key through the security sandbox of the computing domain to obtain decrypted data;
and the plaintext module is used for inputting the decrypted data into the secure sandbox to obtain a plaintext data result.
8. A data circulation processing device, wherein the device is applied to an audit scene, and the device comprises: the device comprises an acquisition module, an encryption module, a decryption module and a plaintext module;
the acquisition module is used for acquiring original data and sample data which are uploaded by a data sharing party and are used for auditing;
the encryption module is used for encrypting the original data based on the acquired first key to obtain encrypted data, and synchronizing the encrypted data and the sample data to a pre-configured calculation domain;
the decryption module is configured to obtain an audit result of an SDO operator for the sample data, and decrypt, by using the secure sandbox in the computing domain, the encrypted data based on the first key to obtain decrypted data when the audit result indicates that the sample data passes through;
and the plaintext module is used for inputting the decrypted data into the safety sandbox to obtain a plaintext data result.
9. A data flow processing system, the system comprising a multi-party trusted computing device and a key management device;
the multi-party trusted computing device obtaining raw data;
the multi-party trusted computing device obtains a first key of the key management device; the key management equipment encrypts the original data based on the first key to obtain encrypted data, and synchronizes the encrypted data to the computing domain;
the multi-party trusted computing device decrypts the encrypted data based on the first key through a secure sandbox of the computing domain to obtain decrypted data;
the multi-party trusted computing device inputs the decrypted data into the secure sandbox to obtain a plaintext data result.
10. An electronic device comprising a memory and a processor, wherein the memory stores a computer program, and the processor is configured to execute the computer program to perform the method for processing data circulation according to any one of claims 1 to 6.
11. A storage medium having a computer program stored thereon, wherein the computer program is configured to execute the method for data flow-through processing according to any one of claims 1 to 6 when the computer program runs.
CN202110606197.3A 2021-05-26 2021-05-26 Data circulation processing method, device, system, electronic device and storage medium Pending CN113407990A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110606197.3A CN113407990A (en) 2021-05-26 2021-05-26 Data circulation processing method, device, system, electronic device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110606197.3A CN113407990A (en) 2021-05-26 2021-05-26 Data circulation processing method, device, system, electronic device and storage medium

Publications (1)

Publication Number Publication Date
CN113407990A true CN113407990A (en) 2021-09-17

Family

ID=77675552

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110606197.3A Pending CN113407990A (en) 2021-05-26 2021-05-26 Data circulation processing method, device, system, electronic device and storage medium

Country Status (1)

Country Link
CN (1) CN113407990A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114500068A (en) * 2022-02-10 2022-05-13 广州云羲网络科技有限公司 Information data exchange system based on safety isolation network gate
CN115242553A (en) * 2022-09-21 2022-10-25 航天宏图信息技术股份有限公司 Data exchange method and system supporting secure multi-party computation

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104135475A (en) * 2014-07-18 2014-11-05 国家电网公司 Safety protection method of electric power information for mobile Internet
US10474836B1 (en) * 2017-04-26 2019-11-12 Wells Fargo Bank, N.A. Systems and methods for a generated fraud sandbox
CN111277553A (en) * 2018-12-05 2020-06-12 阿里巴巴集团控股有限公司 Credible node determination method and device based on block chain network
CN112347517A (en) * 2021-01-07 2021-02-09 南京区盟链信息科技有限公司 KYC compliance supervision system based on multi-party safety calculation
CN112347470A (en) * 2020-11-27 2021-02-09 国家电网有限公司大数据中心 Power grid data protection method and system based on block chain and data security sandbox

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104135475A (en) * 2014-07-18 2014-11-05 国家电网公司 Safety protection method of electric power information for mobile Internet
US10474836B1 (en) * 2017-04-26 2019-11-12 Wells Fargo Bank, N.A. Systems and methods for a generated fraud sandbox
CN111277553A (en) * 2018-12-05 2020-06-12 阿里巴巴集团控股有限公司 Credible node determination method and device based on block chain network
CN112347470A (en) * 2020-11-27 2021-02-09 国家电网有限公司大数据中心 Power grid data protection method and system based on block chain and data security sandbox
CN112347517A (en) * 2021-01-07 2021-02-09 南京区盟链信息科技有限公司 KYC compliance supervision system based on multi-party safety calculation

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114500068A (en) * 2022-02-10 2022-05-13 广州云羲网络科技有限公司 Information data exchange system based on safety isolation network gate
CN114500068B (en) * 2022-02-10 2024-01-09 广州云羲网络科技有限公司 Information data exchange system based on safety isolation gatekeeper
CN115242553A (en) * 2022-09-21 2022-10-25 航天宏图信息技术股份有限公司 Data exchange method and system supporting secure multi-party computation

Similar Documents

Publication Publication Date Title
Zheng et al. Aggregation service for federated learning: An efficient, secure, and more resilient realization
US20200204341A1 (en) Secure Machine Learning Analytics Using Homomorphic Encryption
CN107800787B (en) Distributed big data real-time exchange sharing computer network system
CN112182644B (en) Data processing method and device and electronic equipment
JP6321049B2 (en) Secret calculation method, secret calculation system
US20200125739A1 (en) Distributed learning preserving model security
CN111784001A (en) Model training method and device and computer readable storage medium
CN113407990A (en) Data circulation processing method, device, system, electronic device and storage medium
CN113407627A (en) Intelligent medical network system based on block chain and medical data sharing method
CN111753324A (en) Private data processing method, private data computing method and applicable equipment
CN114996762A (en) Medical data sharing and privacy protection method and system based on federal learning
US20220271914A1 (en) System and Method for Providing a Secure, Collaborative, and Distributed Computing Environment as well as a Repository for Secure Data Storage and Sharing
Veeraragavan et al. Decansec: A decentralized architecture for secure statistical computations on distributed health registry data
Dean et al. Engineering scalable, secure, multi-tenant cloud for healthcare data
Li et al. Efficient privacy-preserving skyline queries over outsourced cloud
US20210344478A1 (en) Decision tree-based inference on homomorphically-encrypted data without bootstrapping
Ali et al. Architectural Design for Data Security in Cloud-based Big Data Systems
Rhazlane et al. Intelligent multi agent system based solution for data protection in the cloud
Patel et al. A survey: Secure cloud data storage and access control system using blockchain
Vinothkumar et al. Secure aware disaster recovery in cloud using an adaptive coati optimization algorithm
Bahrami A dynamic cloud with data privacy preservation
Rozenberg et al. D4. 3–FINAL REPORT ON PLATFORM IMPLEMENTATION AND PETS INTEGRATION
Sarhan Protecting sensitive data in clouds using active data bundles and agent-based secure multi-party computation
US20230107510A1 (en) Systems and methods for zero-trust algorithm deployment and operation on a protected dataset
Rozenberg et al. D4. 1–FUNCTIONAL DESIGN AND PLATFORM ARCHITECTURE

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210917

RJ01 Rejection of invention patent application after publication