CN116975792A

CN116975792A - Data processing method, apparatus, computer device, storage medium, and program product

Info

Publication number: CN116975792A
Application number: CN202210425217.1A
Authority: CN
Inventors: 黄江泉
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2022-04-21
Filing date: 2022-04-21
Publication date: 2023-10-31

Abstract

The application provides a data processing method, a data processing device, computer equipment, a storage medium and a program product, and relates to the technical fields of cloud security, artificial intelligence, intelligent traffic, auxiliary driving and the like. Decrypting the authorization file based on the hardware information of the second device, and decrypting the model ciphertext data through the central processing unit when verifying that the second device has deployment permission based on authorization verification information obtained by decryption; the model ciphertext data is ciphertext data obtained by encrypting the model key data at least twice, and the model key data is obtained by decrypting the model key data at least once again through the graphic processor so as to run the model service program. Because the instruction set of the graphic processor has high cracking difficulty and the graphic processor performs decryption operation in the video memory, the key data of the model in the plaintext is avoided, the intellectual property of the model service program and the key data is protected, and the safety and the reliability of the whole service deployment process are improved.

Description

Data processing method, apparatus, computer device, storage medium, and program product

Technical Field

The application relates to the technical fields of cloud security, artificial intelligence, intelligent traffic, auxiliary driving and the like, and relates to a data processing method, a data processing device, computer equipment, a storage medium and a program product.

Background

With the development of technology, the artificial intelligence technology is rapidly advanced, and the artificial intelligence technology is widely applied to a plurality of fields such as computer vision, knowledge representation, automatic reasoning, natural language processing and the like. Currently, each large service provider serves as a service provider of an artificial intelligence service, and provides the service to a party purchasing the service in a privately deployed manner, namely privately deploys the artificial intelligence service to a device to be deployed purchasing the service.

In the related art, the following data processing procedure is generally adopted to deploy services: the device to be deployed receives the authorization file of the service providing device, and after the authorization file passes through verification in the memory, the device to be deployed decrypts the related data of the artificial intelligence service in the memory so as to provide the service to the outside by using the decrypted data.

However, the plaintext data exists in the memory after the decryption in the above manner, so that the decrypted related data of the artificial intelligence service is easy to steal, and the security of deploying the service in the above data processing process is low.

Disclosure of Invention

The application provides a data processing method, a data processing device, computer equipment, a storage medium and a program product, which can solve the problem of lower safety in the related technology. The technical scheme is as follows:

in one aspect, a data processing method is provided, the method including:

sending a deployment request for model service to a first device, and receiving an authorization file, model ciphertext data and a model service program returned by the first device, wherein the model ciphertext data is ciphertext data obtained by encrypting model key data at least twice;

decrypting the authorization file based on the hardware information of the second device to obtain authorization verification information;

in response to verifying that the second device has deployment rights based on the authorization verification information, decrypting the model ciphertext data by a central processor;

decrypting the decrypted model ciphertext data at least once again through the graphic processor to obtain the model key data;

the model service program is run to provide the model service based on the model key data.

In another aspect, a data processing method is provided, the method including:

Receiving a deployment request sent by a second device, and acquiring hardware information and deployment request time of the second device based on the deployment request;

responding to the deployment request time to verify that the second equipment has deployment permission, generating an authorization file based on the hardware information, and encrypting model key data corresponding to the model service at least twice to obtain model ciphertext data;

and sending the authorization file, the model ciphertext data and a model service program to the second device, wherein the model service program is execution logic for providing the model service based on the model key data.

In another aspect, there is provided a data processing apparatus, the apparatus comprising:

the request sending module is used for sending a deployment request of the model service to the first equipment;

the data receiving module is used for receiving an authorization file, model ciphertext data and a model service program returned by the first equipment, wherein the model ciphertext data is ciphertext data obtained by encrypting model key data at least twice;

the authorization file decryption module is used for decrypting the authorization file based on the hardware information of the second equipment to obtain authorization verification information;

The central processing unit decryption module is used for responding to the verification that the second equipment has the deployment authority based on the authorization verification information, and decrypting the model ciphertext data through the central processing unit;

the graphic processor decryption module is used for decrypting the decrypted model ciphertext data at least once again through the graphic processor to obtain the model key data;

and the service providing module is used for running the model service program based on the model key data so as to provide the model service.

In one possible implementation, the authorization file includes first ciphertext data and second ciphertext data; the authorization file decryption module is used for:

mapping the hardware information to a first key;

decrypting the first ciphertext data based on the first key to obtain a second key;

and decrypting the second ciphertext data based on the second key to obtain the authorization verification information.

In one possible embodiment, the authorization check information includes a rights validity period; the apparatus further includes, when verifying that the second device has a deployment right based on the authorization check information:

The first verification module is used for acquiring a first verification result of the second device based on the authority validity period and the deployment request time of the second device, wherein the first verification result indicates whether the second device has the deployment authority or not when the second device has the deployment request time.

In one possible implementation, the authorization verification information further includes a third key; the device when obtaining the deployment request time, further comprises:

the third key acquisition module is used for acquiring a third key from the authorization check information;

the deployment request time acquisition module is used for decrypting the pre-stored target hidden file based on the third key to obtain the deployment request time, and the target hidden file comprises the encrypted deployment request time.

In one possible implementation, the authorization check information includes hardware check information; the apparatus further comprises:

the second verification module is used for acquiring a second verification result of the second device based on the hardware verification information and the hardware information of the second device, and the second verification result indicates whether the second device has deployment permission when the hardware information is configured.

In one possible implementation manner, the second verification module is further configured to map the hardware information into hardware information to be verified; reading the hardware verification information and the hardware information to be verified into a video memory of the second device; and comparing the hardware verification information in the video memory with the information to be verified of the hardware through the graphic processor to obtain the second verification result.

In one possible implementation, the graphics processor decryption module includes:

the second video memory reading unit is used for reading the decrypted model ciphertext data into the video memory of the second device;

and the graphic processor decryption unit is used for mapping the hardware information into a fourth key through the graphic processor, and decrypting the decrypted model ciphertext data in the video memory at least once again based on the fourth key to obtain the model key data.

In one possible implementation, the hardware information includes information of the graphics processor; the graphic processor decryption unit is used for mapping information of the graphic processor into a fourth key in a video memory through the graphic processor.

In one possible implementation manner, the authorization verification information further includes a fifth key, and the central processing unit decryption module includes:

A fifth key extraction unit for extracting the fifth key from the authorization check information;

and the CPU decryption unit is used for decrypting the model ciphertext data in the memory based on the fifth key through the CPU.

In one possible implementation manner, the request sending module includes:

the machine encryption file acquisition unit is used for encrypting the hardware information, the deployment request time and the third key by adopting the first public key to obtain a machine encryption file;

and the request sending unit is used for sending the deployment request to the first equipment based on the machine encrypted file, wherein the deployment request carries the machine encrypted file.

the request receiving module is used for receiving a deployment request sent by the second equipment;

the acquisition module is used for acquiring the hardware information and the deployment request time of the second equipment based on the deployment request;

the authorization file generation module is used for responding to the deployment request time to verify that the second equipment has the deployment authority, and generating an authorization file based on the hardware information;

The model key data encryption module is used for encrypting the model key data corresponding to the model service at least twice to obtain model ciphertext data;

and the data sending module is used for sending the authorization file, the model ciphertext data and the model service program to the second equipment, wherein the model service program is execution logic for providing the model service based on the model key data.

In one possible implementation manner, the authorization file generation module includes:

the mapping unit is used for mapping the hardware information into a first key and hardware verification information respectively;

the first ciphertext data acquisition unit is used for encrypting the second key based on the first key to obtain first ciphertext data;

the second ciphertext data acquisition unit is used for encrypting the authority validity period, the hardware verification information, the third key and the fifth key based on the second key to obtain second ciphertext data;

an authorization file generation unit, configured to generate the authorization file based on the first ciphertext data and the second ciphertext data;

the permission validity period is used for verifying whether the second device has deployment permission or not when the second device is in the deployment request time;

The hardware verification information is used for verifying whether the second device has deployment permission when the hardware information is configured;

the third key is used for decrypting the target hidden file prestored in the second device to obtain deployment request time;

the fifth key is used for encrypting the model critical data.

In one possible implementation manner, the model key data encryption module includes:

the first encryption unit is used for encrypting the model key data based on the fifth key;

and the second encryption unit is used for encrypting the encrypted model key data at least once again based on a fourth key to obtain the model ciphertext data, and the fourth key is obtained based on the hardware information mapping.

In one possible implementation, the hardware information includes information of a graphics processor of the second device;

the model key data encryption module is further used for extracting information of the graphic processor from the hardware information and mapping the information of the graphic processor into the fourth key.

In one possible implementation, the deployment request carries a machine encrypted file; the acquisition module comprises:

An obtaining unit, configured to obtain the machine encrypted file from the deployment request;

and the decryption unit is used for decrypting the machine encrypted file based on a first private key corresponding to the first public key to obtain the hardware information, the deployment request time and the third key of the second equipment.

In another aspect, a computer device is provided, including a memory, a processor, and a computer program stored on the memory, the processor executing the computer program to implement the data processing method described above.

In another aspect, a computer readable storage medium is provided, on which a computer program is stored, which computer program, when being executed by a processor, implements the above-mentioned data processing method.

In another aspect, a computer program product is provided, comprising a computer program which, when executed by a processor, implements the data processing method described above.

The technical scheme provided by the embodiment of the application has the beneficial effects that:

according to the data processing method provided by the application, the authorization file, the model ciphertext data and the model service program of the first equipment are received, the authorization file is decrypted based on the hardware information of the second equipment, and the model ciphertext data is decrypted through the central processing unit when the second equipment is verified to have the deployment permission based on the authorization verification information obtained by decryption; the security of the verification process based on the authorization file is ensured; the model ciphertext data is ciphertext data obtained by encrypting the model key data at least twice, and the decrypted model ciphertext data is decrypted at least once again by the graphic processor to obtain the model key data; so as to run the model service based on the model critical data. Because the instruction set of the graphic processor has high cracking difficulty, the high reliability of the service deployment process is ensured; and the graphic processor performs decryption operation in the video memory, and the video memory is independent of the system memory, so that the existence of a plaintext of decrypted model key data in the memory is avoided, the safety of the key data is improved, the intellectual property of a model service program and the key data is protected, and the safety and reliability of the whole service deployment process are improved.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings that are required to be used in the description of the embodiments of the present application will be briefly described below.

FIG. 1 is a schematic diagram of an implementation environment for implementing a data processing method according to an embodiment of the present application;

fig. 2 is a schematic diagram of interaction of data processing signaling according to an embodiment of the present application;

FIG. 3 is a flowchart illustrating an implementation of an authorization file generation and model resource encryption tool according to an embodiment of the present application;

fig. 4 is a schematic flow chart of generating a file to be authorized and model ciphertext data according to an embodiment of the present application;

FIG. 5 is a schematic flow chart of a data processing method according to an embodiment of the present application;

FIG. 6 is a schematic diagram illustrating an initialization and operation process of a model service program according to an embodiment of the present application;

FIG. 7 is a schematic diagram of a data processing apparatus according to an embodiment of the present application;

FIG. 8 is a schematic diagram of a data processing apparatus according to an embodiment of the present application;

fig. 9 is a schematic structural diagram of a computer device according to an embodiment of the present application.

Detailed Description

Embodiments of the present application are described below with reference to the drawings in the present application. It should be understood that the embodiments described below with reference to the drawings are exemplary descriptions for explaining the technical solutions of the embodiments of the present application, and the technical solutions of the embodiments of the present application are not limited.

As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless expressly stated otherwise, as understood by those skilled in the art. It should be further understood that the terms "comprises" and "comprising," when used in this embodiment of the present application, specify the presence of stated features, information, data, steps, operations, but do not preclude the presence or addition of other features, information, data, steps, operations, etc. that may be implemented as support for the present application.

It will be appreciated that in the specific embodiment of the present application, information related to the device in which the object is located, such as hardware information of the second device, information of the GPU (Graphics Processing Unit, graphics processor), information of the CPU (Central Processing Unit ) and the like, any data related to the object, when the above embodiment of the present application is applied to a specific product or technology, permission or consent of the object needs to be obtained, and collection, use and processing of related data need to comply with related laws and regulations and standards of related countries and regions.

The following description and illustrations of the terms and related techniques involved in the present application are provided:

a first device: a device of a service provider; in the present application, the service provider can provide a model service.

A second device: the device of the service to-be-deployed party that requests the deployment model service from the service provider may also be referred to as a to-be-deployed device.

Model service: a service using an AI model obtained by AI (Artificial Intelligence) technology as a support; by way of example, the AI model can be trained using machine learning in AI techniques to obtain an error correction model that is used to identify errors in the specified information; such as grammar errors, word spelling errors, etc., in the specified sentence. For example, the service deployer may correspond to an application platform, and the service deployer may provide an error correction service to a usage object of the application platform using an error correction model provided by a service provider.

Model key data: the data for providing the model service may include, for example, model data and resource files. The model data may include a model structure of an AI model providing a model service, a network layer included in the model, weights of respective network layers, network parameters, and the like, and the resource file includes resources corresponding to the AI model, for example, the resource file may include a dictionary, a vocabulary, and the like, which are required when using the error correction model.

Model service program: is execution logic that provides the model service based on the model critical data.

Fig. 1 is a schematic diagram of an implementation environment of a data processing method according to the present application. As shown in fig. 1, the implementation environment includes: a first device 11, a second device 12 and a terminal 13.

A network connection is established between the first device 11 and the second device 12. The second device 12 may send a deployment request to the first device 11 based on the network connection, the deployment request requesting deployment of the model service at the second device 11. The first device 11 returns an authorization file, model ciphertext data, and model servlets to the second device 12 based on the deployment request. The authorization file is used for verifying the deployment authority of the second device on the model service, the model ciphertext data is ciphertext data obtained by encrypting the model key data at least twice, and the model service program is execution logic for providing the model service based on the model key data. The second device 12 may decrypt the model ciphertext data at least twice to obtain model key data when verifying that the second device has the deployment right based on the authorization file, and run a model service program using the model key data to provide the model service to the outside.

A network connection is established between the second device 12 and the terminal 13. The terminal 13 may send a service request to the second device 12 based on the network connection, the service request being for requesting to provide a model service. The second device 12 runs the model service program by using the model key data based on the service request, obtains a model service result corresponding to the terminal 13, and returns the model service result to the terminal 13. The second device 12 may be, for example, a background server corresponding to a target application providing a model service. The terminal 13 can have the target application installed thereon. The terminal 13 and the background service may interact with data based on the target application. For example, the terminal 13 displays an application page in the target application program, and sends a service request to the second device 12 based on a model service triggered by a trigger operation of the target object in a certain application page. The second device 12 runs a model service program, the second device 12 executes the running logic for acquiring the model service result based on the model key data based on the model service program, and returns the model service result to the terminal 13 to provide the model service to the terminal 13.

The target application may be any application, program plug-in, applet, application platform, etc. that is provided with a model service. By way of example, the target application may be an error correction application and the model service may be an error correction service. For example, errors that may exist in the sentence of the target language are identified by the error correction model. The application does not limit the type of the target language, the type of the identified errors and the like; for example, the target language may be a language such as chinese, english, etc.; the identified errors may include, but are not limited to, text writing errors, grammar errors, word spelling errors, punctuation errors, and the like. Of course, the model service may also be a service provided by other models, for example, the model service may also be an object recognition service provided by an object recognition model, such as recognizing traffic lights, surrounding vehicles, lane lines, roadblocks, obstacles, and the like in a traffic road image.

The first device 11 and the second device 12 may be provided as servers. The server may be an independent physical server, or a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server or a server cluster for providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, basic cloud computing services such as big data and artificial intelligent platforms, and the like. The terminal 13 may be a smart phone, a tablet computer, a notebook computer, a digital broadcast receiver, a desktop computer, a vehicle-mounted terminal (for example, a vehicle-mounted navigation terminal, a vehicle-mounted computer, etc.), a smart home appliance, a smart speaker, a smart watch, a car terminal, a voice interaction device, etc. The servers and the terminals and the servers can be directly or indirectly connected through wired or wireless communication, and can also be determined based on actual application scene requirements, and the method is not limited herein.

The application provides a data processing method, which relates to the following artificial intelligence technology, cloud security, cloud computing technology and the like. By way of example, the service provider and the service to-be-deployed party can encrypt and decrypt the authorization file and the key data of the model by utilizing technologies such as big data processing, cloud computing and the like, so as to ensure the safety of service deployment. In addition, the model service provided by the application can be a service which takes artificial intelligence technology as technical support. For example, a service provider trains a model with a certain function by using machine learning, computer vision technology, and the like, so as to provide a corresponding model service for a service to-be-deployed party.

It should be appreciated that artificial intelligence (Artificial Intelligence, AI) is the theory, method, technique and application system that simulates, extends and expands human intelligence, senses the environment, obtains knowledge and uses knowledge to obtain optimal results using a digital computer or a machine controlled by a digital computer. In other words, artificial intelligence is an integrated technology of computer science that attempts to understand the essence of intelligence and to produce a new intelligent machine that can react in a similar way to human intelligence. Artificial intelligence, i.e. research on design principles and implementation methods of various intelligent machines, enables the machines to have functions of sensing, reasoning and decision. Artificial intelligence infrastructure technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technologies, operation/interaction systems, mechatronics, and the like.

By way of example, the present application may utilize cloud security techniques, and when privating deployment model services, a service provider may obtain hardware information of a service party to be deployed in advance, encrypt an authorization file, encrypt model critical data, etc.; the security of each link related to the service provider and the service to-be-deployed party in the privately-deployed process is ensured, for example, the security of the processes of authorization verification and decryption of the service to-be-deployed party to obtain the key data of the model is ensured.

It should be understood that Cloud Security (Cloud Security) refers to a generic term for Security software, hardware, objects, institutions, and secure Cloud platforms that are based on Cloud computing business model applications. The main research directions of cloud security include: 1. cloud computing safety, which mainly researches how to ensure the safety of the cloud and various applications on the cloud, including cloud computer system safety, safe storage and isolation of object data, object access authentication, information transmission safety, network attack protection, compliance audit and the like; 2. clouding of a safety infrastructure, mainly researching how to build and integrate safety infrastructure resources by adopting cloud computing, and optimizing a safety protection mechanism, wherein the cloud computing technology is used for constructing a super-large-scale safety event and an information acquisition and processing platform, realizing acquisition and association analysis of mass information, and improving the control capability and risk control capability of the whole-network safety event; 3. cloud security services, mainly research on various security services provided for objects based on cloud computing platforms, such as anti-virus services and the like.

In the application, the cloud computing technology can be adopted to realize the processes of hardware information storage, key generation, generation of the first ciphertext data, the second ciphertext data and the like of the authorized equipment with the deployment authority at the service provider. It should be appreciated that Cloud Computing (Cloud Computing) is a Computing model that distributes Computing tasks across a large pool of computer-made resources, enabling various application systems to acquire Computing power, storage space, and information services as needed. The network that provides the resources is referred to as the "cloud". Resources in the cloud are infinitely expandable in the sense of users, and can be acquired at any time, used as needed, expanded at any time and paid for use as needed.

It should be noted that, for the central processing unit in the claims, the following embodiments of the present application are represented by a CPU; for the graphics processor in the claims, the following embodiments of the present application are denoted by GPU, that is, in the following embodiments, CPU may refer to a central processor and GPU refers to a graphics processor.

Fig. 2 is a signaling interaction schematic diagram of a data processing method according to an embodiment of the present application. The method is achieved through interaction of the first device and the second device. As shown in fig. 2, the method includes the following steps 201 to 206. The first device is a device of a service provider, and the second device is a device of a service to-be-deployed party requesting deployment of model service; through steps 201 to 206, the first device generates an authorization file, model ciphertext data, and a model service program required for the model service to be deployed, and sends the authorization file, the model ciphertext data, and the model service program to the second device.

Step 201, the second device sends a deployment request for the model service to the first device.

The deployment request is for requesting deployment of the model service at the second device. The deployment request may carry hardware information and deployment request time of the second device, and in a possible implementation manner, the second device may acquire the hardware information and the deployment request time, and send a deployment request to the first device based on the hardware information and the deployment request time. The hardware information of the second device may include CPU information, hard disk information, and GPU information, where the GPU information may also include at least one of a GPU number, a GPU model, and a GPU serial number. Alternatively, the GPU information may include complete information of the GPU, e.g., the GPU information may include the number of GPUs, GPU models, and GPU serial numbers in the second device. The CPU information may include a CPU serial number of the second device, and of course, the CPU information may also include a CPU core number, a CPU model number, and the like; the hard disk information may include a hard disk serial number of the second device, and of course, the hard disk information may also include parameter information such as a hard disk model number, a rotation speed, and the like. The deployment request time may be a timestamp T0 of a current machine time of the second device, where the second device may acquire hardware information of the second device, and synchronously read a current system time of the second device, and generate the deployment request based on the hardware information and the current machine time of the second device.

In one possible embodiment, the hardware information may be authorized hardware information indicating a hardware configuration of the device having the deployment right, and the authorized hardware information may be a hardware configuration supported by a model service purchased by the service to be deployed party; when the service to-be-deployed party purchases the model service, the second device can be used as an authorized device to acquire the information of the currently configured hardware as the hardware configuration supported by the model service, namely the authorized hardware information, and the hardware configured by the second device has the deployment authority only when the hardware accords with the authorized hardware information.

In one possible implementation, the second device may also store the deployment request time locally. The process of the second device locally storing the deployment request time includes: the second device encrypts the deployment request time by adopting a third key, and generates a target hidden file based on the encrypted deployment request time, and the second device stores the target hidden file to a target storage address of the second device. For example, the second device may write the timestamp T0 of the current machine time into the hidden file1 (file), and encrypt the file1 with the third key K1 to obtain the target hidden file. The second device can encrypt the file1 file by adopting a symmetric encryption algorithm and a third key K1; the symmetric encryption algorithm may be configured based on the need, and may be DES (Data Encryption Standard ) algorithm, TDEA (Triple Data Encryption Algorithm, triple data encryption algorithm), or the like, for example. It should be noted that the present application is exemplified by a symmetric encryption algorithm, and of course, an asymmetric encryption algorithm may be used to encrypt the data, which is not limited by the present application. The third key may be a randomly generated key, a preconfigured key specified by the service provider, or the present application is not limited thereto.

In one possible implementation, the deployment request may also carry a third key, which may be a key used to encrypt the deployment request time. Step 201 may include: the second equipment encrypts the hardware information, the deployment request time and the third key by adopting the first public key to obtain a machine encrypted file; the second device sends the deployment request to the first device based on the machine encrypted file, the deployment request carrying the machine encrypted file. The second device may encrypt the hardware information, the deployment request time, and the third key using an asymmetric encryption algorithm and the first public key, and write the encrypted hardware information, the deployment request time, and the third key into the machine encrypted file. For example, the second device encrypts the current machine time T0, the third key K1, and the hardware information using an asymmetric encryption algorithm and the first public key PublicKey0 (public key), and then writes the encrypted information into the file machineinfo. The asymmetric encryption algorithm may be an RSA algorithm (RSA is formed by spelling together three surname initial letters of Ron Rivest, adi samer, leonard Adleman, and lennard admaman which propose the algorithm; of course, the asymmetric encryption algorithm may also be DSA (Digital Signature Algorithm ), ECC (Ellipse CurveCtyptography, elliptic curve encryption algorithm), and the like, which is not limited in the present application.

The second device may also encrypt the hardware information, the third key, and the deployment request time by using a symmetric encryption algorithm, and the first public key may be replaced by a key corresponding to the symmetric encryption algorithm. The present application is exemplified by the asymmetric encryption algorithm and the first public key, but the encryption method of the hardware information, the third key and the deployment request time is not limited.

It should be noted that, the second device may execute the above step 201 by running a preconfigured program code, for example, the second device may install in advance a machine information acquisition tool provided by a service provider, the second device may execute a step of acquiring hardware information of the second device through the machine information acquisition tool, and acquire a current machine time T0 when the machine information acquisition tool executes the step, and may encrypt T0, hardware information, and K1 by using an asymmetric encryption algorithm based on PublicKey0, and write the encrypted T0, K1, and hardware information into a machineinfo. The second device sends a deployment request to the first device, where the deployment request may carry the machineinfo.

Step 202, the first device receives a deployment request of the second device, and obtains hardware information and deployment request time of the second device based on the deployment request.

The first device extracts hardware information and deployment request time from the deployment request. In one possible implementation, when the deployment request carries a machine encrypted file, step 202 may include: the first device may employ retrieving the machine encrypted file from the deployment request; the first device decrypts the machine encrypted file based on a first private key corresponding to the first public key to obtain hardware information, deployment request time and a third key of the second device. For example, when the asymmetric encryption algorithm is an RSA algorithm, the first device decrypts the machineinfo.bin file by using a first private key PrivateKey0 (private key) corresponding to a first public key0 of the RSA algorithm, to obtain hardware information, a current machine time T0 of the second device, and a third key K1.

The second equipment encrypts the hardware information, the deployment request time and the third key by adopting the first public key to generate a machine encryption file, and the first equipment decrypts the hardware information, the deployment request time and the third key from the machine encryption file by adopting the corresponding first private key, so that the safety of information transmission is ensured, and the safety of service privatization deployment is further improved. And the second equipment locally stores the target hidden file, encrypts the third key adopted by the encrypted deployment request time again and then sends the encrypted third key to the first equipment so that the second equipment can decrypt the local target hidden file by using the third key sent by the first equipment to obtain the deployment request time, thereby enabling the second equipment to perform authorization verification by using the local deployment request time, ensuring the security of the deployment request time and further improving the security and reliability of the authorization verification of the subsequent second equipment.

Step 203, the first device responds to the deployment request time to verify that the second device has the deployment authority, and generates an authorization file based on the hardware information.

The first device may verify the deployment right of the second device based on the deployment request time, and in an example, the process of verifying the first device includes: the first device obtains the current standard time, the first device determines the time difference between the deployment request time and the current standard time, the first device determines that the second device has deployment authority in response to the time difference being within a target threshold range, and the first device executes the step of generating an authorization file based on the hardware information. Wherein the current standard time may be an accurate current time provided by the first device. The target threshold range may be configured on an as-needed basis, for example, the target threshold range may be a threshold range of less than 1 day, less than 1 week, or greater than 0 and less than 6 hours.

In response to the magnitude of the time difference not being within the target threshold, the first device determining that the second device does not have deployment rights, the first device terminating execution of the process of generating the authorization file; at this time, the first device may correct the time of the second device, and acquire the deployment request time and the hardware information from the second device again. For example, the first device may send a response message of the authorization failure to the second device, and when the second device receives the effect message of the authorization failure, the second device may synchronize the machine time of the second device to the standard time using the machine information acquiring tool, and perform the process of step 201 again. The first device receives a deployment request sent by the second device again, and generates an authorization file based on the hardware information when the second device is verified to have the deployment right based on the deployment request time.

In one possible implementation, the first device may write the encrypted rights validity period, hardware verification information, and a third key of the second device to an authorization file, so that the second device performs authorization verification based on information in the authorization file. The step of the first device generating an authorization file based on the hardware information includes the following steps 2031 to 2034.

In step 2031, the first device maps the hardware information to a first key and hardware verification information, respectively.

The authorization file is used for verifying the deployment right of the second device to the model service.

For example, the first device may map the hardware information to the first key using pre-configured relationship data. The first key is a key that encrypts the second key to generate the first ciphertext data. The second key is a key that encrypts the rights expiration date, the third key, the fifth key, and the hardware verification information to generate second ciphertext data.

In one example, the first device may extract GPU information of the second device from the hardware information, and map the GPU information to the first key using the first relationship data. For example, the first relationship data may be a first pre-configured target algorithm, where the first target algorithm may be a pre-configured algorithm, and for example, the first key may be data obtained by xoring a GPU serial number and model number; alternatively, the first key may be value data from a specified bit of the GPU serial number, for example, the 8 th bit of the GPU serial number is taken as the first key. The present application is merely exemplified by this example to illustrate the first target Algorithm, and of course, the first relational data may be other algorithms, for example, the first relational data is MD5 Algorithm (Message-Digest Algorithm 5), SHA-2 (Secure Hash Algorithm 2, secure encryption Algorithm 2), or other algorithms, and the application is not limited to the Algorithm or the operation mode of the first relational data.

For example, the first device may generate the hardware verification information using pre-configured relationship data. In one example, the first device may map the hardware information to the hardware verification information using the second relationship data. The hardware verification information may indicate a hardware configuration of the authorized device so that the second device verifies whether the hardware configuration of the second device to be deployed is consistent with the authorized device using the hardware verification information at the time of authorization verification. For example, the second relationship data may include at least one of a preconfigured screening algorithm, a digest algorithm, or an arithmetic algorithm; the filtering algorithm may be an algorithm for filtering the specified item information in the hardware information of the second device, such as filtering the information of the specified hardware of the second device, filtering the information of the specified item parameter of the specified hardware, and the like. The Digest Algorithm may be an MD5 Algorithm (Message-Digest Algorithm 5), a CRC (CyclicRedundancy Check ) Algorithm, SHA (Secure Hash Algorithm, secure encryption Algorithm), or the like. The algorithm may be a pre-configured algorithm such as an exclusive or operation, an and operation, an or operation, an addition, a subtraction, etc.

Step 2032, encrypting, by the first device, the second key based on the first key, to obtain first ciphertext data.

For example, the first device may encrypt the second key with the first key, and use the encrypted second key as the first ciphertext data. In one possible implementation, the second key may be a randomly generated key or a pre-configured designated key.

In an example, the second key may be a key corresponding to an asymmetric algorithm, and then the second key may be a second public key and a second private key. In step 2032, the first device may encrypt the second public key PubilcKey1 (public key) with the first key K3 to obtain an encrypted second public key PubilcKey1Enc, and use the encrypted second public key PubilcKey1Enc as the first ciphertext data. In another example, the second key may also be a key corresponding to a symmetric algorithm, where the second key may be used as an encryption key or a decryption key, and in this step, the second key may not distinguish between a public key and a private key, and the first device directly encrypts the second key with the first key to obtain the first ciphertext data.

It should be noted that, the first key may be a key corresponding to a symmetric encryption algorithm, and the first device may encrypt the second key (for example, encrypt the second public key) by using the symmetric encryption algorithm and the first key to obtain the first ciphertext data.

Step 2033, the first device encrypts the rights validity period, the hardware verification information, the third key and the fifth key based on the second key, to obtain second ciphertext data.

The authorization file may include the hardware verification information of the second device, the validity period of the right, and of course, may also include a third key and a fifth key. The permission validity period is used for verifying whether the second equipment has deployment permission or not at the deployment request time; the hardware verification information is used for verifying whether the second device has deployment authority when the hardware information is configured; the third key is used for decrypting the target hidden file prestored in the second equipment to obtain deployment request time; the fifth key is used to encrypt the model critical data.

The rights validity period may include a start time T1 and an end time T2 at which the authorized device has the deployment rights, indicating that the authorized device has valid deployment rights from T1 to T2; the service to-be-deployed party can purchase the model service within the appointed validity period from the service provider, and the service to-be-deployed party has the deployment authority of the model service within the appointed validity period, and naturally also has the authority of using the model service. The first device may acquire a permission validity period corresponding to a second device where the service to-be-deployed party is located, where the permission validity period may be a time period during which the service to-be-deployed party has a deployment permission.

The third key may be denoted as K1, where the third key is sent by the second device and is a key used by the second device to encrypt the deployment request time, and may also be used to decrypt the target hidden file to obtain the deployment request time. The fifth key may be a randomly generated or preconfigured key, for example, the fifth key K2 may be a symmetric encryption key preconfigured by the service provider.

The first device can splice the hardware verification information, the third key, the fifth key and the authority validity period to obtain initial spliced data, and encrypt the initial spliced data by adopting the second key to obtain second ciphertext data. In an example, when the second key is a key corresponding to an asymmetric algorithm, the first device may encrypt the permission validity period, the hardware verification information, the third key, and the fifth key by using a second private key corresponding to the second key and a corresponding asymmetric encryption algorithm, to obtain second ciphertext data. For example, a pre-configured splicing algorithm may be used to splice two or more items of data, for example, the pre-configured splicing algorithm may be a column splicing algorithm, a row splicing algorithm, or the like.

For example, the first device performs stitching and transformation on the T1, T2, the hardware verification information, the third key K1, and the fifth key K2 to obtain initial stitching data; and encrypting the initial spliced data by adopting an asymmetric encryption algorithm RSA and a second private key PrivateKey1 to obtain InfoEnc, namely second ciphertext data.

It should be noted that, in step 2033 is one possible implementation manner of "step a, the first device encrypts authorization check information based on the second key to obtain the second ciphertext data", where in step a, the authorization check information is information for verifying the deployment right of the second device. In a possible example, for the manner of step 2033, the authorization check information needs to include four kinds of information, namely, a rights validity period, hardware check information, a third key, and a fifth key. In another example, the authorization-checking information includes at least a rights validity period. In another example, the authorization check information may also include hardware check information, or the authorization check information may also include a third key and a fifth key. In another possible implementation manner, the authorization verification information may directly include the deployment request time, for example, the authorization verification information may include the following four items: rights expiration date, hardware verification information, fifth key, deployment request time. Step 2033 may be replaced with: the first device may encrypt the rights expiration date, the hardware verification information, the fifth key, and the deployment request time based on the second key, to obtain second ciphertext data. Correspondingly, the subsequent second device can acquire the deployment request time from the authorization file so as to verify the authority by utilizing the deployment request time and the authority validity period. The present application will be described with reference to the above examples only, but the present application is not limited to the data included in the second ciphertext data. For example, the second ciphertext data may further include a verification period, such that the second device periodically verifies whether the second device is currently authorized based on the current time and the authorization-to-use period of the second device, in accordance with the verification period.

Step 2034, the first device generates the authorization file based on the first ciphertext data and the second ciphertext data.

The first device splices the first ciphertext data and the second ciphertext data, and writes the spliced first ciphertext data and second ciphertext data into an initial file to obtain the authorization file.

For example, the first device may splice the first ciphertext data PubilcKey1Enc obtained in step 2032 and the second ciphertext data InfoEnc obtained in step 2033, and write the spliced data into the license.

And 204, the first equipment encrypts the model key data corresponding to the model service at least twice to obtain model ciphertext data.

The model ciphertext data is ciphertext data obtained by encrypting the model key data at least twice. The first device may encrypt the model critical data based on the fifth key; and the first device encrypts the encrypted model key data at least once again based on a fourth key, to obtain the model ciphertext data, the fourth key being mapped based on the hardware information.

In one possible implementation, the first device may be based on mapping hardware information to the fourth key. Illustratively, the hardware information includes information of a graphics processor GPU of the second device; the fourth key obtaining mode includes: the first device may extract GPU information of the second device from the hardware information, mapping the GPU information to a fourth key. The first device may map the GPU information to a fourth key, which may be denoted as K4, using the third relationship data. It should be noted that, the third relationship data may be a second target algorithm that is preconfigured, and the second target algorithm may be a preconfigured algorithm. The implementation manner that the first device adopts the third relation data to map the GPU information into the fourth key is the same process as the process that adopts the first relation data to map the GPU information into the first key, and will not be described in detail here.

Illustratively, taking the example of encrypting the model critical data twice, the first device may encrypt the model critical data once using the symmetric encryption algorithm and the fifth key K2, and continue to encrypt the once-encrypted model critical data again using the symmetric encryption algorithm and the fourth key K4. Of course, the application can also encrypt the model key data encrypted once twice based on the fourth key; for example, the first device may further map the fourth key and the GPU information to a sixth key using the fourth relationship data, and the first device may perform third encryption on the secondarily encrypted model key data using the sixth key; the fourth relationship data may be an algorithm that maps the fourth key and the GPU information into one key, for example, performing exclusive or, remainder, multiplication, etc. on the fourth key and the GPU information to obtain the sixth key. Of course, the GPU information may be mapped to the seventh key directly by using the fifth relationship data, and the third encryption may be performed on the secondarily encrypted model key data by using the seventh key, which is not limited by the present application.

Step 205, the first device sends the authorization file, the model ciphertext data, and the model service program to the second device.

The model service program is execution logic that provides the model service based on the model critical data.

It should be noted that, the first device may execute the steps 203 to 204 by running a preconfigured authorization file generation and model resource encryption tool. The authorization file generating and model resource encrypting tool can be a pre-configuration tool deployed on the authorization file managing device, that is, the authorization file generating and model resource encrypting tool can be operated on the authorization file managing device, and the first device can be used as the authorization file managing device to operate the authorization file generating and model resource encrypting tool. Alternatively, the authorization file generation and model resource encryption tool may be integrated in the authorization file management platform, and the first device may call the authorization file generation and model resource encryption tool of the authorization file management platform through a network connection to execute the steps 203 to 204, so as to obtain the authorization file and generate the model ciphertext data.

Step 206, the second device receives the authorization file, the model ciphertext data and the model service program returned by the first device.

FIG. 3 is a flowchart of an authorization file generation and model resource encryption tool according to the present application. As shown in fig. 3, the first device reads in the machinenfo. Bin file through the authorization file generation and model resource encryption tool, and parses and decrypts the two files to obtain the hardware information of the second device, the deployment request time T0 and the third key K1. And then, based on the time difference value between the deployment request time T0 and the current standard time T, checking whether the second equipment has the deployment authority. After the second device is successfully checked, algorithms such as screening, summarizing, calculating and the like are performed on the hardware information of the second device, so that verification information V1 for checking whether the hardware of the second device is consistent with the authorized device, namely hardware verification information, is generated. And generates a first key K3 and a fourth key K4 based on the GPU information in the hardware information. And then, reading in model key data such as a model and a resource file, performing primary encryption on the model key data by using a fifth key K2, performing secondary encryption on the primary encrypted model key data by using a fourth key K4, and writing the secondary encrypted model key data into the file to obtain the file comprising the model ciphertext data. Then, encrypting the second public key PubilcKey1 by using the first secret key K3 to obtain first ciphertext data PubilcKey1Enc; encrypting the hardware verification information V1, the third key K1, the fifth key K2 and the authority validity periods T1 and T2 by using the second private key PrivateKey1 to obtain second ciphertext data InfoEnc; pubilcKey1Enc and Infoenc are written into an authorization file license.

As shown in fig. 4, first, a machine information acquisition tool is run on a second device to be privately deployed, and a machinenfo. Bin file is generated and sent to a first device of a service provider.

The service provider generates an authorization file by running an authorization file generation and model resource encryption tool on the first device; or the first equipment of the service provider generates the authorization file by calling an authorization file generation and model resource encryption tool of the authorization file management platform; the first device performs encryption processing on the model critical data (such as the model and the resource file). And the first equipment sends the generated authorization file, the at least twice encrypted model key data and the AI model service program to the second equipment to be privately deployed.

The second device receives and installs the AI model service program. The AI model service program can complete operations such as authorization file verification, model ciphertext data decryption and the like during service initialization, so that the AI model service program can be operated later, and the second device can operate the AI model service program to provide model services to the outside.

The process of providing the model service is described by performing authority verification and decryption on the second device based on the authorization file to obtain the model key data and running the model service program in the following manner with the flow shown in fig. 5.

Fig. 5 is a flow chart of a data processing method according to an embodiment of the present application. The subject of execution of the method is a second device. As shown in fig. 5, the method includes the following steps 501 to 501.

Step 501, the second device sends a deployment request for the model service to the first device, and receives an authorization file, model ciphertext data and a model service program returned by the first device.

The model ciphertext data is ciphertext data obtained by encrypting the model key data at least twice.

The second device sends a deployment request to the first device based on the step 201, and the first device executes the steps 202 to 205, and returns the authorization file, the model ciphertext data and the model service program to the second device, where the second device obtains the authorization file, the model ciphertext data and the model service program. That is, the implementation manner of step 501 may be the interactive execution process of steps 201 to 206 shown in fig. 2, which is not described in detail herein.

Step 502, the second device decrypts the authorization file based on the hardware information of the second device, and obtains authorization verification information.

The hardware information may be information of hardware currently configured by the second device. The hardware information may include CPU information, GPU information, and hard disk information. The second device may obtain current hardware information of the second device, generate a first key based on the current hardware information, and decrypt the authorization file with the first key to obtain the authorization verification information. In one possible implementation, the authorization file includes first ciphertext data and second ciphertext data; the first ciphertext data includes an encrypted second key that includes authorization check information that is encrypted using the second key. The second device may decrypt the first ciphertext data and the second ciphertext data sequentially based on the hardware information. For example, this step 502 may include the following steps 5021 to 5023.

Step 5021, the second device maps the hardware information to the first key.

The second device may generate the first key in the same manner as the first device generates the first key. The second device may also map the current hardware information to the first key using pre-configured relationship data.

In one example, the second device may extract GPU information of the second device from the current hardware information, and map the GPU information to the first key using the first relationship data. For example, the first relationship data may be a preconfigured first target algorithm, which may be a preconfigured algorithm. It should be noted that, the second device may obtain the GPU information through the GPU of the second device, and map the GPU information into the first key K3 through the GPU in the video memory.

It should be noted that, the implementation manner of mapping the current hardware information to the first key by the second device is the same as the process of mapping the current hardware information to the first key by the first device in step 2031, which is not described here again.

Step 5022, the second device decrypts the first ciphertext data based on the first key to obtain a second key.

The second device decrypts the first ciphertext data using a symmetric encryption algorithm and the first key to obtain a second key. In one example, the second key may be a second public key corresponding to an asymmetric encryption algorithm. The second device may decrypt the first ciphertext data PubilcKey1Enc using the first key K3 to obtain a second public key PubilcKey1 by the CPU of the second device.

It should be noted that, after the second device receives the authorization file, the second device may read the authorization file into the memory through the CPU, and parse the authorization file in the memory to obtain the first ciphertext data PubilcKey1Enc and the second ciphertext data InfoEnc. And the second device decrypts the first ciphertext data in the memory by adopting a symmetric encryption algorithm and the first key K3 through the CPU to obtain a second public key PubilcKey1.

And step 5023, the second device decrypts the second ciphertext data based on the second key to obtain the authorization verification information.

The second device may decrypt the second ciphertext data based on the second key to obtain the authorization check information via the CPU. In one example, the second device decrypts the second ciphertext data using an asymmetric encryption algorithm and a second public key to obtain the authorization check information. In an example, the authorization check information includes at least a rights validity period, and the authorization check information may further include one or more of hardware check information, a third key, a fifth key, and a verification period. In another example, the authorization check information includes at least a rights validity period, and the authorization check information may further include one or more of hardware check information, a request deployment time, a fifth key, and a verification period.

That is, the authorization check information includes at least a rights expiration date. In addition, in an example, the authorization check information may also include hardware check information, a third key, and a fifth key; and the second equipment decrypts the target hidden file in the local target storage address based on the third key to obtain the deployment request time. In another example, the authorization check information may also include hardware check information, deployment request time, a fifth key; so that the second device extracts the deployment request time from the authorization check information. In another example, the authorization verification information may also include a verification period; so that the second device periodically verifies the deployment right of the second device according to the verification period.

And step 503, the second device responds to the verification that the second device has the deployment authority based on the authorization verification information, and the CPU decrypts the model ciphertext data.

In one possible implementation manner, the authorization verification information further includes a fifth key, and when the second device verifies that the second device has the deployment right based on the authorization verification information, the second device may extract the fifth key from the authorization verification information, and decrypt, by the CPU, the model ciphertext data in the memory based on the fifth key. For example, the second device may decrypt the model ciphertext data read into the memory once by the CPU using the fifth key K2 and the symmetric encryption algorithm.

In one possible implementation, the authorization check information includes an entitlement validity period; the second device may verify based on the rights expiration date. Correspondingly, the step of verifying that the second device has the deployment right based on the authorization verification information comprises the following steps: the second device obtains a first verification result of the second device based on the permission validity period and the deployment request time of the second device, and the first verification result indicates whether the second device has the deployment permission or not at the deployment request time. The second device judges whether the deployment request time is in the authority validity period through the CPU, and if the deployment request time is in the authority validity period, the second device is determined to have deployment authority; for example, when the deployment request time, that is, the current machine time T0 of the second device acquired in step 201 is within the range of the authority validity period (T1, T2), the second device has the deployment authority at the deployment request time.

If the deployment request time is not in the authority validity period, which means that the second device is not in the valid authorization time when the deployment request time is, it is determined that the second device does not have the deployment authority, that is, the initialization is terminated based on the verification failure of the authorization file. The second device may again perform step 201 described above to again request deployment of the service.

In an example, the second device may further obtain, by the CPU, a current system timestamp T when the second device executes step 503, and determine a size between the current system timestamp T and a deployment request time T0, where the second device has a deployment right when the deployment request time T0 is less than or equal to the current system timestamp T; when the deployment request time T0 is greater than the current system time stamp T, it is indicated that there is a possibility that the time of the current system of the second device is reduced, and therefore, the second device does not have deployment authority, that is, the initialization is terminated based on the verification failure of the authorization file. The second device may again perform step 201 described above to again request deployment of the service.

In one possible implementation, the authorization check information further includes a third key, and the second device may decrypt the deployment request time from the local target hidden file based on the third key. Alternatively, the authorization check information may directly include the deployment request time, and the manner in which the second device obtains the deployment request time includes both the following manner 1 and manner 2.

Mode 1, the second device obtains a third key from the authorization verification information; and the second device decrypts the pre-stored target hidden file based on the third key to obtain the deployment request time, wherein the target hidden file comprises the encrypted deployment request time.

Illustratively, the target hidden file is stored at a target storage address of the second device. The second device may obtain the target hidden file from a target storage address. The second device may extract the third key in the authorization check information from the memory by using the CPU, and decrypt the target hidden file1 using the symmetric encryption algorithm and the third key K1 to obtain the deployment request time T0.

Mode 2, the authorization check information may also directly include the deployment request time. The second device may extract the deployment request time T0 in the authorization check information from the memory through the CPU.

And 504, the second device decrypts the decrypted model ciphertext data at least once again through the GPU to obtain the model key data.

The second device can read the decrypted model ciphertext data into a video memory of the second device; the second device maps the current hardware information into a fourth key through the GPU, and decrypts the decrypted model ciphertext data in the video memory at least once again based on the fourth key to obtain the model key data. Illustratively, the second device may map the current hardware information to the fourth key using the pre-configured relationship data by the GPU.

In one example, the current hardware information includes information of a current GPU of the second device; the second device may generate the fourth key using information of the GPU. The mapping of the current hardware information to the fourth key may include: the second device maps information of the GPU to a fourth key in the video memory through the GPU. The second device may map the GPU information to obtain the fourth key in the same mapping manner that the first device maps to obtain the fourth key. For example, the second device may map the information of the GPU to the fourth key K4 using the third relationship data used by the first device. The third relationship data may be a preconfigured second target algorithm.

It should be noted that, the implementation manner that the second device adopts the third relationship data to map the GPU information to the fourth key is a process that the second device adopts the third relationship data to map the GPU information to the fourth key, which is the same as the first device, and will not be described in detail here.

In one possible implementation, the authorization check information further includes hardware check information; the second device may also use the hardware verification information to perform the rights verification again before decrypting the model ciphertext data again through the GPU, that is, before step 504, may also perform the rights verification based on the hardware verification information through the following step B.

And B, the second equipment acquires a second verification result of the second equipment based on the hardware verification information and the hardware information of the second equipment.

The second verification result indicates whether the second device has deployment permission when configuring the hardware information. The hardware information may be current hardware information of the second device. Illustratively, the second device may perform authority verification through the GPU, and step B may include: the second device maps the hardware information into hardware information to be verified; the second device reads the hardware verification information and the hardware to-be-verified information into a video memory of the second device; and the second equipment compares the hardware verification information in the video memory with the hardware to-be-verified information through the GPU to obtain a second verification result.

The second device may generate the hardware information to be verified in the same manner as the first device generates the hardware verification information. For example, the second device may map the current hardware information to the hardware information to be verified using the second relationship data. The hardware to-be-verified information may indicate a hardware configuration currently configured by the second device, and the hardware verification information may indicate a hardware configuration of the authorized device. The second device can utilize the hardware verification information and the hardware to-be-verified information to verify whether the current hardware configuration of the second device to be deployed is consistent with that of the authorized device, so as to verify whether the second device has the deployment authority under the current hardware information configuration.

The second device may copy the hardware information to be verified and the hardware verification information to the video memory through the CPU, and perform a comparison operation on the hardware information to be verified and the hardware verification information in the video memory through the GPU to obtain a second verification result; the comparison operation is used for comparing whether the comparison result between the hardware information to be verified and the hardware verification information meets the target similarity condition. If the result of the comparison operation between the hardware verification information and the hardware to-be-verified information in the video memory by the GPU accords with the target similar condition, the result shows that the hardware verification information and the hardware to-be-verified information are consistent, and the second equipment has deployment authority when the hardware information is configured.

If the result of the comparison operation between the hardware verification information and the hardware to-be-verified information does not meet the target similar condition, the fact that the hardware information of the authorization device is inconsistent with the current hardware information of the second device is indicated, the second device has the possibility of changing hardware currently, for example, the configuration of the to-be-deployed device is upgraded by increasing the number of cores of the CPU, the number of the GPU and the like, and the second device does not have deployment permission when the current hardware information is configured, namely, the initialization is terminated based on verification failure of the authorization file. The second device may again perform step 201 described above to again request deployment of the service.

The target similarity condition is used for measuring the information similarity between the hardware verification information and the information to be verified of the hardware, and for example, the target similarity condition may include that the information similarity exceeds a target threshold. For example, the target threshold may be configured based on need, e.g., the target threshold may be 99%, 98%, 90%, 99.99%, etc. If the target similarity condition is met, the consistency between the two information is higher, and the current configuration information of the second device can be considered as the hardware configuration of the authorized device.

For example, the steps 502 to 504 may be performed during the initialization process of the model service program, where the model service program may link the authorization file check and the model resource decryption tool library in a static link manner, and the model service program may call an interface in the authorization file check and the model resource decryption tool library during the initialization process, for example, call an authorization file check and model resource file decryption interface in the tool library, where the code corresponding to the authorization file check and model resource file decryption interface is expressed as: the "int validate License And Decrypt Data (license data, model data, resource data)" includes that the parameters of the license file checksum and the model resource file decryption interface are the content of the license file license and the model ciphertext data (including the encrypted model data and the resource file data), and the interface may be used to parse the content of the license file, obtain the hardware information of the device to generate the hardware to-be-verified information, and execute the steps of verification and decryption, that is, the execution process of the steps 502 to 504.

As shown in fig. 4, the AI model service program is initialized when being started, and the AI model service program can be linked with an authorization file verification and model resource decryption tool library in a static link mode, wherein interfaces such as authorization file analysis, authorization file verification and model resource decryption are provided in the tool library. The second device executes the call to the interface provided in the tool library by running the AI model service program, so as to execute the above steps 502 to 504 by executing the call to the interface, thereby completing operations such as authorization file verification and model resource decryption.

The process of initializing the AI model service program comprises the steps of verifying whether an authorization file is valid (such as whether the current time is within the authority validity period, whether the hardware information of the second device is consistent with the hardware information of the authorized device described by the authorization file, and the like), decrypting the model and the resource file once and twice, loading the decrypted model by the AI model service program, and the like; that is, the above steps 502 to 504 are performed by calling the interfaces of the above-mentioned authorization file verification, the authorization file parsing provided in the model resource decryption tool library, the authorization file verification, and the model resource decryption in the initialization process. Abnormal conditions such as invalid authorization files, model and resource decryption failure occur in the initialization process, and initialization failure is caused.

It should be noted that, in step 201, the second device acquires the hardware information to send a deployment request to the first device, so that the first device generates the first key, the fourth key, and the hardware verification information based on the hardware information, and the authorization file includes the hardware verification information.

In the execution flow of the second device shown in fig. 5, after the second device receives the authorization file, the model ciphertext data and the model ciphertext data of the first device, the second device may acquire current hardware information of the second device again, so that the second device generates the first key and the fourth key based on the current hardware information, decrypts the authorization file by using the first key, and decrypts the model ciphertext data decrypted by the CPU again by using the fourth key. In step 504, the second device may generate, by the GPU, a fourth key in the video memory based on the GPU information, and decrypt, by the GPU, the model ciphertext data read into the video memory at least once again based on the fourth key, thereby restoring the model key data in the video memory.

Because the GPU is an external device independent of the CPU, the video memory used by the GPU is also independent of the system memory, and the instruction set of the GPU is also greatly different from the general CPU, the reverse and cracking difficulty of the GPU is far higher than that of the traditional CPU at present, so that the authorized verification process can be effectively prevented from being cracked and bypassed, the model key data in the video memory is not easy to steal, the safety of the model key data is ensured, the safety of service deployment is ensured, and the intellectual property of the model key data is protected.

The application also carries out authorization verification again by utilizing the hardware information in the step B, and particularly carries out the step 504 when the comparison operation result indicates that the hardware verification information and the hardware information to be verified are consistent, thereby ensuring that the fourth secret key obtained by the second equipment based on the current hardware information is consistent with the fourth secret key obtained by the first equipment based on the hardware information, enabling the second equipment to also carry out at least decryption on the model ciphertext data by utilizing the same secret key as the key of the first equipment secondary encryption model key data, and further ensuring the reliability of the whole decryption model key data.

And by verifying the operation between the hardware verification information and the hardware to-be-verified information in the video memory by the GPU, the advantages that the GPU instruction set is not easy to crack, the video memory and the system memory are mutually independent and the like are utilized, the comparison operation process, the comparison operation result or the bypass comparison operation process and the like are prevented from being modified by some means, the safety of the comparison operation process is protected, and the safety of the authorization verification of service deployment is further improved.

Step 505, the second device runs the model service program to provide the model service based on the model key data.

After the second device starts to run the model service based on the model key data, the second device can also periodically detect whether the current time of the second device is within the authority validity period based on the current time and the authority validity period of the second device, and when the current time of the second device is not within the authority validity period, the running of the model service program can be terminated, so that the normal running of the service when the authority is expired is avoided, the second device is ensured to use the model service of the service provider only within the purchased validity period, and the model service provided by the service provider and the intellectual property rights of the model key data are further protected.

For example, the authorization check information may further include a verification period, and the second device may periodically detect whether the current time of the second device is within the rights validity period according to the verification period. The second device may, for example, perform the periodic detection of whether the second device is currently within the rights expiration period by invoking an authorized time validity check interface in the linked tool library. For example, the program code corresponding to the authorized time validity check interface may be expressed as "intcheckdatevadate ()".

As shown in fig. 4, after the initialization of the AI model service program is completed, the AI model service program may be privately deployed on the second device, that is, the second device may run the AI model service program based on the model key data to support the second device to provide the model service to the outside. Of course, in order to prevent the AI model service program from still providing the service normally after the authority validity period expires, the AI model service program may call the authorization file validity checking interface periodically (or after a certain number of requests) to check whether the authorization file is valid at the current time, and if the current time is not within the authority validity period, that is, if the authority expiration abnormality occurs, the AI model service program may immediately terminate the operation, so that the second device stops providing the model service to the outside.

Fig. 6 is a schematic workflow diagram of the second device during the initialization process of the model service program. As shown in fig. 6, the second device acquires machine hardware environment information through the CPU, where the machine hardware environment information may include current hardware information, such as CPU information, hard disk information, GPU information, and the like; generating hardware information V1 to be verified by CPU by using the current hardware information ¹ Obtaining GPU information through a GPU and generating a first secret key K3; then, reading and analyzing the authorization file in the memory by the CPU to obtain first ciphertext data PubilcKey1Enc and second ciphertext data InfoEnc, and if analysis fails, exiting the program; the CPU decrypts the first ciphertext data PubilcKey1Enc by using the first key K3 to obtain a second public key PubilcKey1, decrypts the second ciphertext data Infoenc by using the second public key PubilcKey1 to obtain authority validity periods T1 and T2, hardware verification information V1, a third key K1 and a fifth key K2, and if decryption fails, the program exits. Judging whether the current time is between T1 and T2 or not by the CPU, if so, checking successfully, and if not, checking failed, and if not, exiting the program. Then, the model ciphertext data including the encrypted model, the resource file, and the like is read into the memory by the CPU, and the model ciphertext data is decrypted once using the fifth key K2. The CPU will be hard Piece verification information V1 and hardware to-be-verified information V1 ¹ And copying the decrypted model ciphertext data to the GPU so as to read the model ciphertext data into a video memory. Hardware verification information V1 and hardware to-be-verified information V1 are verified through GPU ¹ Performing comparison operation, if the comparison results V1 and V1 ¹ If the initialization is inconsistent, the initialization fails and the program exits; if the results V1 and V1 are aligned ¹ And if the model cipher text data are consistent, the GPU acquires the GPU information to generate a fourth key K4, and the model cipher text data which are decrypted once are decrypted for the second time by using the fourth key K4 in the video memory, so that the model key data are restored. Then, the second device loads the decrypted model key data through the model service program, and operates the model service program to provide the model service to the outside. During the running of the program, the second device can periodically utilize the current time and the authority limit period in the authorization file to detect whether the authorization is valid, namely whether the current time is in the authority limit period, if so, the second device can continue to normally run the model service program to provide services for the outside, and if not, the program exits if the verification fails.

According to the data processing method, the authorization file, the model ciphertext data and the model service program of the first equipment are received, the authorization file is decrypted based on the hardware information of the second equipment, and the model ciphertext data is decrypted through the CPU when the second equipment is verified to have the deployment right based on authorization verification information obtained by decryption; the security of the verification process based on the authorization file is ensured; the model ciphertext data is ciphertext data obtained by encrypting the model key data at least twice, and the decrypted model ciphertext data is decrypted at least once again through the GPU to obtain the model key data; so as to run the model service based on the model critical data. The GPU instruction set is utilized to have high cracking difficulty, so that high reliability of the service deployment process is ensured; and the GPU performs decryption operation in the video memory, and the video memory is independent of the system memory, so that the existence of a plaintext of decrypted model key data in the memory is avoided, the safety of the key data is improved, the intellectual property of a model service program and the key data is protected, and the safety and reliability of the whole service deployment process are improved.

Fig. 7 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present application. As shown in fig. 7, the apparatus includes:

a request sending module 701, configured to send a deployment request of a model service to a first device;

the data receiving module 702 is configured to receive an authorization file, model ciphertext data and a model service program returned by the first device, where the model ciphertext data is ciphertext data obtained by encrypting model key data at least twice;

an authorization file decryption module 703, configured to decrypt the authorization file based on the hardware information of the second device, to obtain authorization verification information;

the CPU decryption module 704 is configured to decrypt the model ciphertext data through the central processing unit CPU in response to verifying that the second device has the deployment right based on the authorization verification information;

the GPU decryption module 705 is configured to decrypt the decrypted model ciphertext data at least once again through the GPU of the graphics processor, to obtain the model key data;

a service providing module 706, configured to run the model service program to provide the model service based on the model key data.

Mapping the hardware information to a first key;

In one possible embodiment, the authorization check information includes an entitlement validity period; the apparatus further includes, when verifying that the second device has the deployment right based on the authorization check information:

the first verification module is used for acquiring a first verification result of the second equipment based on the authority validity period and the deployment request time of the second equipment, and the first verification result indicates whether the second equipment has the deployment authority or not at the deployment request time.

In one possible embodiment, the authorization verification information further includes a third key; the device when obtaining the deployment request time, further comprises:

the deployment request time acquisition module is used for decrypting the pre-stored target hidden file based on the third key to obtain the deployment request time, wherein the target hidden file comprises the encrypted deployment request time.

In one possible embodiment, the authorization check information includes hardware check information; the apparatus further comprises:

the second verification module is configured to obtain a second verification result of the second device based on the hardware verification information and the hardware information of the second device, where the second verification result indicates whether the second device has deployment permission when configuring the hardware information.

In one possible implementation manner, the second verification module is further configured to map the hardware information into hardware information to be verified; reading the hardware verification information and the hardware to-be-verified information into a video memory of the second device; and comparing the hardware verification information in the video memory with the information to be verified of the hardware through the GPU to obtain a second verification result.

In one possible implementation, the GPU decryption module includes:

and the GPU decryption unit is used for mapping the hardware information into a fourth key through the GPU, and decrypting the decrypted model ciphertext data in the video memory at least once again based on the fourth key to obtain the model key data.

In one possible implementation, the hardware information includes information of the GPU; the GPU decryption unit is used for mapping the information of the GPU into a fourth key in the video memory through the GPU.

In one possible implementation, the authorization verification information further includes a fifth key, and the CPU decryption module includes:

In one possible implementation, the request sending module includes:

Fig. 8 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present application. As shown in fig. 8, the apparatus includes:

a request receiving module 801, configured to receive a deployment request sent by a second device;

an obtaining module 802, configured to obtain, based on the deployment request, hardware information of the second device and a deployment request time;

an authorization file generation module 803, configured to generate an authorization file based on the hardware information in response to verifying that the second device has the deployment right based on the deployment request time;

the model key data encryption module 804 is configured to encrypt the model key data corresponding to the model service at least twice to obtain model ciphertext data;

the data sending module 805 is configured to send the authorization file, the model ciphertext data, and a model service program to the second device, where the model service program is execution logic that provides the model service based on the model key data.

In one possible implementation, the authorization file generation module includes:

an authorization file generation unit for generating the authorization file based on the first ciphertext data and the second ciphertext data;

the permission validity period is used for verifying whether the second equipment has deployment permission or not at the deployment request time;

the hardware verification information is used for verifying whether the second device has deployment authority when the hardware information is configured;

the third key is used for decrypting the target hidden file prestored in the second equipment to obtain deployment request time;

the fifth key is used to encrypt the model critical data.

In one possible implementation, the model critical data encryption module includes:

a first encryption unit configured to encrypt the model key data based on the fifth key;

and the second encryption unit is used for encrypting the encrypted model key data at least once again based on a fourth key to obtain the model ciphertext data, wherein the fourth key is obtained based on the hardware information mapping.

In one possible implementation, the hardware information includes information of a graphics processor GPU of the second device;

the model key data encryption module is further configured to extract information of the GPU from the hardware information, and map the information of the GPU to the fourth key.

According to the data processing method provided by the application, when a deployment request of second equipment is received, the hardware information and the deployment request time of the second equipment are acquired; generating an authorization file based on the hardware information when verifying that the second device has deployment rights based on the deployment request time; encrypting the model key data corresponding to the model service at least twice to obtain model ciphertext data; then the authorization file, the model ciphertext data and the model service program are sent to the second equipment, the model service program is based on execution logic of the model service provided by the model key data, so that the second equipment needs to decrypt the authorization file based on hardware information, and the model key data can be obtained through at least two decryption steps including at least one decryption step of CPU and GPU; the security of the verification process based on the authorization file is ensured; the GPU instruction set is utilized to have high cracking difficulty, so that high reliability of the service deployment process is ensured; and the GPU performs decryption operation in the video memory, and the video memory is independent of the system memory, so that the existence of a plaintext of decrypted model key data in the memory is avoided, the safety of the key data is improved, the intellectual property of a model service program and the key data is protected, and the safety and reliability of the whole service deployment process are improved.

The device of the embodiment of the present application may perform the method provided by the embodiment of the present application, and its implementation principle is similar, and actions performed by each module in the device of the embodiment of the present application correspond to steps in the method of the embodiment of the present application, and detailed functional descriptions of each module of the device may be referred to the descriptions in the corresponding methods shown in the foregoing, which are not repeated herein.

Fig. 9 is a schematic structural diagram of a computer device according to an embodiment of the present application. As shown in fig. 9, the computer device includes: a memory, a processor and a computer program stored on the memory, the processor executing the above computer program to implement the steps of the data processing method, the steps being implementable in comparison with the related art:

In an alternative embodiment, a computer device is provided, as shown in fig. 9, the computer device 900 shown in fig. 9 includes: a processor 901 and a memory 903. The processor 901 is coupled to a memory 903, such as via a bus 902. Optionally, the computer device 900 may also include a transceiver 904, where the transceiver 904 may be used for data interaction between the computer device and other computer devices, such as transmission of data and/or reception of data, etc. It should be noted that, in practical application, the transceiver 904 is not limited to one, and the structure of the computer device 900 is not limited to the embodiment of the present application.

The processor 901 may be a CPU (Central Processing Unit ), general purpose processor, DSP (Digital Signal Processor, data signal processor), ASIC (Application Specific Integrated Circuit ), FPGA (Field Programmable Gate Array, field programmable gate array) or other programmable logic device, transistor logic device, hardware components, or any combination thereof. Which may implement or perform the various exemplary logic blocks, modules and circuits described in connection with this disclosure. The processor 901 may also be a combination that implements computing functionality, e.g., comprising one or more microprocessor combinations, a combination of DSP and microprocessor, etc.

Bus 902 may include a path to transfer information between the components. Bus 902 may be a PCI (Peripheral Component Interconnect, peripheral component interconnect Standard) bus or an EISA (Extended Industry Standard Architecture ) bus, or the like. The bus 902 may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, only one thick line is shown in fig. 9, but not only one bus or one type of bus.

The Memory 903 may be a ROM (Read Only Memory) or other type of static storage device that can store static information and instructions, a RAM (Random Access Memory ) or other type of dynamic storage device that can store information and instructions, an EEPROM (Electrically Erasable Programmable Read Only Memory ), a CD-ROM (Compact Disc ReadOnly Memory, compact disc Read Only Memory) or other optical disk storage, optical disk storage (including compact discs, laser discs, optical discs, digital versatile discs, blu-ray discs, etc.), magnetic disk storage media/other magnetic storage devices, or any other medium that can be used to carry or store a computer program and that can be Read by a computer, without limitation.

The memory 903 is used to store a computer program for executing an embodiment of the present application, and is controlled to be executed by the processor 901. The processor 901 is arranged to execute a computer program stored in the memory 903 to implement the steps shown in the foregoing method embodiments.

Among them, electronic devices include, but are not limited to: a server, a terminal, or a cloud computing center device, etc.

Embodiments of the present application provide a computer readable storage medium having a computer program stored thereon, which when executed by a processor, implements the steps of the foregoing method embodiments and corresponding content.

The embodiment of the application also provides a computer program product, which comprises a computer program, wherein the computer program can realize the steps and corresponding contents of the embodiment of the method when being executed by a processor.

The terms "first," "second," "third," "fourth," "1," "2," and the like in the description and in the claims and in the above figures, if any, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate, such that the embodiments of the application described herein may be implemented in other sequences than those illustrated or otherwise described.

It should be understood that, although various operation steps are indicated by arrows in the flowcharts of the embodiments of the present application, the order in which these steps are implemented is not limited to the order indicated by the arrows. In some implementations of embodiments of the application, the implementation steps in the flowcharts may be performed in other orders as desired, unless explicitly stated herein. Furthermore, some or all of the steps in the flowcharts may include multiple sub-steps or multiple stages based on the actual implementation scenario. Some or all of these sub-steps or phases may be performed at the same time, or each of these sub-steps or phases may be performed at different times, respectively. In the case of different execution time, the execution sequence of the sub-steps or stages can be flexibly configured according to the requirement, which is not limited by the embodiment of the present application.

The foregoing is merely an optional implementation manner of some of the implementation scenarios of the present application, and it should be noted that, for those skilled in the art, other similar implementation manners based on the technical ideas of the present application are adopted without departing from the technical ideas of the scheme of the present application, and the implementation manner is also within the protection scope of the embodiments of the present application.

Claims

1. A method of data processing, the method comprising:

responding to the verification that the second equipment has deployment authority based on the authorization verification information, and decrypting the model ciphertext data through a central processing unit;

2. The method of claim 1, wherein the authorization file includes first ciphertext data and second ciphertext data; the decrypting the authorization file based on the hardware information of the second device, and obtaining authorization verification information includes:

mapping the hardware information to a first key;

3. The method of claim 1, wherein the authorization-checking information includes a rights validity period; the verifying that the second device has the deployment authority based on the authorization verification information comprises:

and based on the permission validity period and the deployment request time of the second device, acquiring a first verification result of the second device, wherein the first verification result indicates whether the second device has the deployment permission or not at the deployment request time.

4. A method according to claim 3, wherein the authorization check information further comprises a third key; the deployment request time obtaining mode comprises the following steps:

acquiring a third key from the authorization verification information;

decrypting the pre-stored target hidden file based on the third key to obtain the deployment request time, wherein the target hidden file comprises the encrypted deployment request time.

5. The method of claim 1, wherein the authorization check information comprises hardware check information; the method further comprises the steps of:

And acquiring a second verification result of the second device based on the hardware verification information and the hardware information of the second device, wherein the second verification result indicates whether the second device has deployment permission when the hardware information is configured.

6. The method of claim 5, wherein the obtaining a second verification result of the second device based on the hardware verification information and the hardware information of the second device comprises:

mapping the hardware information into hardware information to be verified;

reading the hardware verification information and the hardware information to be verified into a video memory of the second device;

and comparing the hardware verification information in the video memory with the information to be verified of the hardware through the graphic processor to obtain the second verification result.

7. The method of claim 1, wherein decrypting, by the graphics processor, the decrypted model ciphertext data at least one more time, the model key data comprising:

reading the decrypted model ciphertext data into a video memory of the second device;

and mapping the hardware information into a fourth key through the graphic processor, and decrypting the decrypted model ciphertext data in the video memory at least once again based on the fourth key to obtain the model key data.

8. The method of claim 7, wherein the hardware information includes information of the graphics processor; said mapping, by said graphics processor, said hardware information to a fourth key comprises:

and mapping information of the graphic processor into a fourth key in a video memory through the graphic processor.

9. The method of claim 1, wherein the authorization verification information further comprises a fifth key, and wherein decrypting the model ciphertext data by the central processor comprises:

extracting the fifth key from the authorization verification information;

and decrypting, by the central processing unit, the model ciphertext data in the memory based on the fifth key.

10. The method of claim 1, wherein the sending a deployment request for a model service to the first device comprises:

encrypting the hardware information, the deployment request time and the third key by adopting a first public key to obtain a machine encryption file;

and sending the deployment request to the first device based on the machine encrypted file, wherein the deployment request carries the machine encrypted file.

11. A method of data processing, the method comprising:

12. The method of claim 11, wherein the generating an authorization file based on the hardware information comprises:

mapping the hardware information into a first key and hardware verification information respectively;

encrypting the second key based on the first key to obtain first ciphertext data;

encrypting the authority validity period, the hardware verification information, the third key and the fifth key based on the second key to obtain second ciphertext data;

generating the authorization file based on the first ciphertext data and the second ciphertext data;

the fifth key is used for encrypting the model critical data.

13. The method of claim 12, wherein encrypting the model key data corresponding to the model service at least twice to obtain model ciphertext data comprises:

encrypting the model critical data based on the fifth key;

and encrypting the encrypted model key data at least once again based on a fourth key to obtain the model ciphertext data, wherein the fourth key is obtained based on the hardware information mapping.

14. The method of claim 13, wherein the hardware information comprises information of a graphics processor of the second device; the fourth key obtaining mode includes:

and extracting the information of the graphic processor from the hardware information, and mapping the information of the graphic processor into the fourth key.

15. The method of claim 11, wherein the deployment request carries a machine encrypted file; the obtaining the hardware information of the second device and the deployment request time based on the deployment request includes:

acquiring the machine encryption file from the deployment request;

and decrypting the machine encrypted file based on a first private key corresponding to the first public key to obtain the hardware information, the deployment request time and the third key of the second equipment.

16. A data processing apparatus, the apparatus comprising:

17. A data processing apparatus, the apparatus comprising:

18. A computer device comprising a memory, a processor and a computer program stored on the memory, characterized in that the processor executes the computer program to implement the method of any one of claims 1 to 15.

19. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the method of any one of claims 1 to 15.

20. A computer program product comprising a computer program, characterized in that the computer program, when executed by a processor, implements the method of any one of claims 1 to 15.