CN117874789B - A dynamic privacy data encryption method and system - Google Patents

Abstract

The present invention discloses a dynamic privacy data encryption method and system, the method comprising: step S1: automatically identifying and partitioning sensitive data; step S2: updating data blocks and associating data blocks with MPC tasks; step S3: implementing a dynamic incremental encryption mechanism; step S4: the storage node applies the incrementally encrypted data to the relevant data blocks, while keeping the encryption state of the unchanged data unchanged. The dynamic privacy data encryption method proposed in the present invention is aimed at data security and privacy protection, two increasingly important technical issues in the commercial field. By combining automatic identification of sensitive data, data partitioning, association with multi-party computing MPC tasks, dynamic incremental encryption and other technical means, the automatic identification and protection of sensitive data and the enhancement of data privacy and security are achieved.

Description

A dynamic privacy data encryption method and system

Technical Field

The present invention belongs to the field of computer technology, and in particular relates to a dynamic privacy data encryption method and system.

Background Art

With the rapid development of information technology, data has become one of the most valuable resources in enterprises. Especially with the continuous advancement of big data, cloud computing and Internet of Things technologies, the collection, storage, processing and analysis of data have become more frequent and complex. Business data usually contains a large amount of sensitive information, such as personal privacy data, financial information, etc. Once this information is leaked, it may cause significant economic losses and reputation damage to the enterprise.

Currently, data encryption is a common means of protecting business data from unauthorized access. However, traditional data encryption methods usually encrypt the entire data set when the data is stored. This static encryption method has some defects. First, when the data needs to be updated or processed, the entire encrypted data set may need to be decrypted and re-encrypted, which is not only inefficient, but also poses security risks during the data decryption process. Secondly, static encryption methods are not conducive to achieving fine-grained control over data access rights and do not meet the dual needs of modern business for data security and flexibility.

Therefore, there is an urgent need for a new type of dynamic privacy data encryption method and system that can achieve efficient and secure management of commercial sensitive data and protect commercial interests and customer trust.

Summary of the invention

In view of the defects existing in the above-mentioned prior art, the present invention provides a dynamic privacy data encryption method, which comprises:

Step S1: Automatically identify and partition sensitive data;

Among them, sensitive data is automatically analyzed and identified, and partitioned according to the sensitivity level. The data in each partition is divided into blocks according to its relevance to a specific multi-party computing MPC task, forming multiple data blocks in each group;

Step S2: Update the data block and associate the data block with the MPC task;

Step S3: Implement dynamic incremental encryption mechanism;

Among them, the relevant MPC participants enable the incremental encryption function and implement incremental encryption for the changed data based on the data block size, current task processing status and resource availability;

Wherein, the incremental encryption is based on a dynamic authority key;

After the incremental encryption is completed, the MPC participant distributes the incrementally encrypted data to all storage nodes.

Step S4: The storage node applies the incrementally encrypted data to the relevant data blocks while keeping the encryption status of the unchanged data unchanged.

Wherein, in step S2, the data block is updated and the data block is associated with the MPC task, specifically including:

The system detects this update through the registered event listener; finds the MPC task associated with this data block and determines whether the current task is affected; the system sends a security notification to the participants involved in the current MPC task; after receiving the notification, the MPC participant starts the incremental encryption algorithm and only encrypts and transmits the changed data part.

Wherein, in step S1:

Before starting automatic identification, collect and pre-process data;

Conduct sensitivity assessment on pre-processed data, including keyword feature extraction, keyword matching based on regular expressions to identify sensitive data in business data, and determine the sensitivity level of pre-processed data based on pre-defined sensitive data identifiers and business rules;

Depending on the level of sensitivity of the data, the data is partitioned into different categories.

Wherein, in step S1:

Data partitioning is completed, and the data partition is divided into multiple data blocks, each data block is associated with a specific MPC task;

The MPC task uses the corresponding encryption protocol and algorithm for each data block of each sensitivity level;

The organization of data blocks within a partition is determined based at least on the computational complexity of the encryption algorithm, network bandwidth, and processor capability.

Among them, all parameters are initialized to calculate the data block size, including the following parameters:

C: encryption algorithm computational complexity;

P: Processor processing power;

B: Network bandwidth;

T_max: maximum allowed encryption operation delay time;

S_sec: security parameters;

O: Algorithm overhead;

Then, the data block size N1 is calculated based on the maximum delay, including the maximum delay time based on each encryption operation, and the size of the data block is determined using the following formula:

N1＝(T_max-O)*P/C，

in,

(T_max-O) represents the actual time used for data encryption, and P/C represents the amount of data that can be processed per unit time, which is used to limit the degree of restriction of the CPU's processing capacity on the data block size;

Meanwhile, the data block size N2 is calculated based on the network bandwidth, including using the following formula to determine the data block size N2 based on the amount of data that the network can transmit within the T_max time: N2=B*T_max; wherein N2 should be less than or equal to the maximum amount of data that the network can transmit within T_max;

And, according to the security parameter S_sec, the size of the data block is adjusted according to different security requirements. For data requiring higher security, the security is increased by reducing the size of the data block, which is expressed by the formula: N_adj = N*S_sec;

Determine the size of the data block based on processor power, network bandwidth, and security requirements:

The final data block size N_final is the minimum value of the calculation results of the above factors:

N_final=min(N,N_adj,B*T_max),

The N_final is the organization method of the data blocks in the corresponding partition.

The determination of S_sec includes using a mapping from sensitivity level to security weight.

The determination of S_sec includes calculating S_sec according to the following formula:

S_sec=W_sec*F_legal*F_threat*F_env,

in,

W_sec: security weight defined according to sensitivity level;

F_legal: legal requirement factor;

F_threat: Threat model factor;

F_env: Environmental factor.

Among them, F_threat is calculated using the following formula:

F_threat=F_threat=b+(b*(1-(Σ(Score_i)/(N*Max_Score)))), where:

b: The constant of the lower limit of the parameter value, indicating the maximum degree of influence of the set factor; Score_i: The score of the i-th potential threat;

N: the number of potential threats;

Max_Score: The maximum score of a single potential threat.

The step S3 implements a dynamic incremental encryption mechanism, including: the system determines an incremental encryption strategy for the current MPC task according to the data block size, the current CPU load, the memory usage and the network bandwidth;

And, a new authority key is generated based on the current data version number, and incremental encryption is performed based on the authority key.

The present invention also discloses a dynamic privacy data encryption system, including a memory and a processor, wherein the memory stores computer program code, and the processor is used to execute the computer program code to implement the aforementioned dynamic privacy data encryption method.

The present invention automatically identifies sensitive data and partitions it, which helps reduce human errors and improves the efficiency and accuracy of sensitive data protection. By associating with MPC tasks and implementing dynamic incremental encryption, only authorized participants can access and process data, thereby enhancing data security. In addition, incremental encryption allows only the changed data blocks to be processed, which can also reduce the amount of calculation and improve the flexibility and efficiency of data processing.

BRIEF DESCRIPTION OF THE DRAWINGS

By reading the detailed description below with reference to the accompanying drawings, the above and other purposes, features and advantages of the exemplary embodiments of the present disclosure will become readily understood. In the accompanying drawings, several embodiments of the present disclosure are shown in an exemplary and non-limiting manner, and the same or corresponding reference numerals represent the same or corresponding parts, wherein:

FIG. 1 is a flow chart showing a dynamic privacy data encryption method according to an embodiment of the present invention.

DETAILED DESCRIPTION

In order to make the purpose, technical scheme and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings. Obviously, the described embodiments are only part of the embodiments of the present invention, rather than all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by ordinary technicians in this field without creative work are within the scope of protection of the present invention.

The terms used in the embodiments of the present invention are only for the purpose of describing specific embodiments, and are not intended to limit the present invention. The singular forms "a", "said" and "the" used in the embodiments of the present invention and the appended claims are also intended to include plural forms, unless the context clearly indicates other meanings, and "multiple" generally includes at least two.

It should be understood that although the terms first, second, third, etc. may be used to describe ... in the embodiments of the present invention, these ... should not be limited to these terms. These terms are only used to distinguish .... For example, without departing from the scope of the embodiments of the present invention, the first ... may also be referred to as the second ..., and similarly, the second ... may also be referred to as the first ....

It should be understood that the term "and/or" used in this article is only a description of the association relationship of associated objects, indicating that there can be three relationships. For example, A and/or B can represent: A exists alone, A and B exist at the same time, and B exists alone. In addition, the character "/" in this article generally indicates that the associated objects before and after are in an "or" relationship.

As used herein, the words "if" and "if" may be interpreted as "at the time of" or "when" or "in response to determining" or "in response to detecting", depending on the context. Similarly, the phrases "if it is determined" or "if (stated condition or event) is detected" may be interpreted as "when it is determined" or "in response to determining" or "when detecting (stated condition or event)" or "in response to detecting (stated condition or event)", depending on the context.

It should also be noted that the terms "include", "comprises" or any other variations thereof are intended to cover non-exclusive inclusion, so that a product or device including a series of elements includes not only those elements, but also other elements not explicitly listed, or also includes elements inherent to such product or device. In the absence of more restrictions, the elements defined by the sentence "comprises a ..." do not exclude the existence of other identical elements in the product or device including the elements.

The dynamic privacy data encryption method proposed in this invention mainly targets data security and privacy protection, two increasingly important technical issues in the business field. By combining the steps of automatic identification of sensitive data, data partitioning, association with multi-party computing (MPC) tasks, dynamic incremental encryption, etc., the automatic identification and protection of sensitive data and the enhancement of data privacy and security are achieved.

As shown in FIG1 , the present invention discloses a dynamic privacy data encryption method, the method comprising:

Step S1: Automatically identify and partition sensitive data.

In step S1, sensitive data needs to be automatically analyzed and identified, and partitioned according to sensitivity levels. The data of each partition is divided into blocks according to its relevance to a specific MPC (multi-party computing) task, and multiple data blocks are formed in each group. The same data block organization structure is applied in each distributed storage node to facilitate the unified management and storage of the data block structure, and different versions of data packets can be stored in each data block.

Step S2: Update the data block and associate the data block with the MPC task.

In step S2, when a data block is ready to be updated, it needs to be associated with the relevant MPC task. When a data block changes, all participants of the relevant MPC task are notified and the incremental encryption mechanism is activated.

Step S3: Implement a dynamic incremental encryption mechanism.

In step S3, the relevant MPC participants enable the incremental encryption function. Incremental encryption is performed on the changed data based on the data block size, the current task processing status, and the resource availability, wherein the incremental encryption is based on a dynamic authority key. After the incremental encryption is completed, the MPC participants distribute the incrementally encrypted data to all storage nodes.

Step S4: Incremental decryption and application results

In step S4, the storage node applies the incrementally encrypted data to the relevant data blocks while keeping the encryption status of the unchanged data unchanged.

The present invention automatically identifies sensitive data and partitions it, which helps reduce human errors and improves the efficiency and accuracy of sensitive data protection. By associating with MPC tasks and implementing dynamic incremental encryption, only authorized participants can access and process data, thereby enhancing data security. In addition, incremental encryption allows only the changed data blocks to be processed, which can also reduce the amount of calculation and improve the flexibility and efficiency of data processing.

In order to automatically identify and mark sensitive data, and to partition the data appropriately according to its sensitivity level, the data must first be collected and preprocessed before starting the automatic identification. Preprocessing may include cleaning the data (removing duplicates, correcting errors, filling missing values), format standardization (unifying date formats), and text standardization.

Then, the sensitivity of the preprocessed data is assessed, including keyword feature extraction and keyword matching based on regular expressions to identify sensitive data in commercial data.

Regular expressions are a rule-based algorithm that determines the sensitivity level of data based on predefined sensitive data identifiers and business rules for preprocessed data.

In the commercial system, sensitive data includes but is not limited to personal identity information (such as ID card number, mobile phone number), financial information (such as bank card number), personal privacy (such as address, email address), etc. Among them, ID card number (18 digits, the last digit may be a number or letter X), mobile phone number (currently China's mobile phone number is 11 digits and starts with 13, 14, 15, 16, 17, 18, 19), bank card number (usually 16 to 19 digits), email address (simple email address matching), address (matching Chinese characters and common address components). As the rules and standards are updated, regular expressions need to be updated regularly to adapt to the new format.

According to the level of sensitive data, data is partitioned into different categories. Partitioning is performed based on the sensitivity level of data (such as level 1 to 5), where low-level data has lower sensitivity and high-level data has higher sensitivity.

For the sensitivity level, optionally, the sensitivity level is determined according to the following rules:

Sensitivity level 1, such as publicly released information. Sensitivity level 2, such as a customer's personal email address. Sensitivity level 3, such as a customer's residential address information. Sensitivity level 4, such as a customer's mobile phone number and ID number. Sensitivity level 5, such as a bank card number and the corresponding bank account transaction information.

Once the data partitioning is completed, the data partition is divided into multiple data blocks, and each block of data needs to be associated with a specific MPC task.

The MPC task is to perform encryption processing on the data block to ensure the appropriate encryption strength.

Associate data blocks with corresponding MPC tasks according to their sensitivity levels. Ensure that MPC tasks use the corresponding encryption protocols and algorithms for data blocks of each sensitivity level. Determine the organization of data blocks within a partition based on factors such as the computational complexity of the encryption algorithm, network bandwidth, and processor capabilities.

The data blocks are divided based on the computational complexity of the encryption algorithm, including when the created data blocks are smaller, it indicates that the data sensitivity is higher and an encryption algorithm with higher computational complexity needs to be applied. Conversely, when the created data blocks are larger, it indicates that the data sensitivity is lower and an encryption algorithm with lower computational complexity can be applied to reduce the total number of encryption operations.

Specifically, all parameters are initialized to calculate the data block size, including the following parameters:

C: The computational complexity of the encryption algorithm, expressed as the number of CPU cycles required per bit.

P: The processing power of the processor, expressed in the number of bits that can be processed per second (bps).

B: Network bandwidth, expressed in the number of bits that can be transmitted per second (bps).

T_max: Maximum allowed encryption operation delay time (seconds).

S_sec: security parameter, data block size coefficient determined according to security requirements.

O: Algorithm overhead, expressed as a non-data-dependent constant time (seconds). The non-data-dependent algorithm overhead can be determined by the algorithm initialization time.

Then, the data block size N1 is calculated based on the maximum delay, including the maximum delay time based on each encryption operation, and the size of the data block is determined using the following formula:

N1＝(T_max-O)*P/C，

in,

(T_max-O) represents the actual time used for data encryption, and P/C represents the amount of data that can be processed per unit time, which is used to limit the degree of limitation of the data block size by the upper limit of the CPU's processing capacity.

At the same time, the data block size N2 is calculated based on the network bandwidth, including using the following formula to determine the data block size N2 based on the amount of data that the network can transmit within T_max time: N2 = B*T_max. In this case, N2 should be less than or equal to the maximum amount of data that the network can transmit within T_max.

In addition, the size of the data block needs to be adjusted according to different security requirements based on the security parameter S_sec. For data that requires higher security, the security is increased by reducing the size of the data block, which is expressed by the formula: N_adj = N*S_sec.

If S_sec is less than 1, it means that the size of the data block needs to be reduced to improve security; if S_sec is greater than 1, the size of the data block can be increased.

Finally, the size of the data block is determined by comprehensively considering factors such as processing power, network bandwidth, and security requirements. Therefore, the final data block size N_final is the minimum value of the calculation results of the above factors: N_final = min(N, N_adj, B*T_max).

The N_final is the organization method of the data blocks in the corresponding partition. Since the S_sec of different partitions is different, and the processing power P of the CPU allocated to the partitions may be different, the complexity of the encryption algorithm of different partitions may also be different, the organization method of the data blocks in different partitions is different.

There are two ways to determine S_sec:

Method 1: Use the mapping of sensitivity levels to security weights.

Specifically, each level is assigned a security weight W_sec, which is scaled according to the sensitivity level of the data.

Level 1: W_sec = 1.0 (default weight, no additional security measures required)

Level 2: W_sec = 0.8

Level 3: W_sec = 0.6

Level 4: W_sec = 0.4

Level 5: W_sec = 0.2 (highest level of sensitivity, requiring the smallest data block)

Here, a W_sec value less than 1 indicates that as the sensitivity level increases, the size of the data block needs to be reduced to improve security.

Method 2: If data partitioning is based only on data attributes, and there are multiple data contents with different attributes in one partition, when data is divided into blocks, it is ensured that there are only data contents with the same attribute in one data block. For example, if the partition of level 1 contains bank card number, transaction record, transaction amount, transaction time and other information at the same time, but only the bank card number is saved for a specific data block, the security weight W_sec of different data blocks in the same data partition may be determined according to method 2, making the allocation of security weight W_sec more flexible.

The following is the formula for calculating S_sec in method 2:

S_sec=W_sec*F_legal*F_threat*F_env,

in,

W_sec: Security weight defined according to sensitivity level (refer to method 1).

F_legal: Legal requirement factor. If there is a legal requirement, the strictness of F_legal is determined. This value is between a constant b (e.g. 0.5) and 1.

F_threat: Threat model factor. F_threat is determined based on the number of high-risk threats. This value is between a constant b (e.g. 0.5) and 1.

F_env: Environmental factor, determined according to the security level of the data processing environment. This value is between the constant b (e.g. 0.5) and 1.

The legal requirement factor (F_legal) reflects the strictness of the data protection and privacy laws that an organization must comply with. This factor can be determined based on the complexity of the legal requirements, the severity of the fines, and the cost of compliance. The value of F_legal should be between 0 and 1. The smaller the value, the stricter the legal requirements and the more security measures required to ensure compliance.

The threat model factor (F_threat) takes into account the type and severity of security threats faced by the organization. Data of different attribute types and different business models face different threat models. For example, bank card information may face higher threats than email information. Optionally, the value of F_threat is between a constant b (e.g., 0.5) and 1. The larger the value, the higher the possibility and impact of potential threats, and more security measures are needed to mitigate the risk.

F_threat can be determined based on the scoring calculation method, including:

Identify all potential threats that may affect data security, such as external attacks (such as DDoS attacks, phishing attacks); internal threats (such as malicious insiders, misoperation); system vulnerabilities (such as software not updated).

Assess the likelihood and impact of threats. For each potential threat, assess its likelihood of occurrence and the impact it would have on the organization. The following scores can be used:

0 points: The threat is unlikely to occur or the impact is negligible.

1 point: The threat possibility is low and the impact is small.

2 points: The threat possibility is medium and the impact is significant.

3 points: The threat possibility is high and the impact is serious.

Finally, calculate F_threat. Use the following formula to calculate F_threat:

F_threat=F_threat=b+(b*(1-(Σ(Score_i)/(N*Max_Score)))),

In this formula:

b: A constant for the lower limit of the parameter value, indicating the maximum degree of influence of the set factor, for example, it is set to 0.5.

Score_i: The score of the i-th potential threat.

N: The number of potential threats.

Max_Score: The maximum score of a single potential threat (3 in this example).

Based on the above formula, when all potential threats have the highest scores (ie, the least secure), the value of F_threat will be b, and if all potential threats have the lowest scores (ie, the safest), the value of F_threat will be 1 (when b is 0.5).

For the environmental factor F_env, the security level can be determined based on the control measures related to the security of the data processing environment, including physical security measures (such as intranet and extranet), and the configuration level of network security equipment (such as firewalls and intrusion detection systems). The higher the security level, the higher the environmental factor F_env, and the lower the security level, the lower the environmental factor F_env.

For updating the data block in step S2, and associating the data block with the MPC task, it includes: the system detects the update through the registered event listener; finds the MPC task associated with the data block and determines that the current task is affected; the system sends a security notification to the participants participating in the current MPC task; after receiving the notification, the MPC participant starts the incremental encryption algorithm and only encrypts and transmits the changed data part; the MPC participant updates the local calculation and recalculates or adjusts the part that it is responsible for.

First, there must be a mechanism to monitor when a data block is ready to be updated, including through version control, triggers, or event monitoring. The data owner or controller should manage the data block version and generate an update event when the data block is about to be updated. Add a trigger condition for version upgrade, which can be determined by the amount of data accumulated.

Each data block update event needs to be associated with one or more MPC tasks, including maintaining a map to record which MPC tasks depend on which data blocks. When a data block is updated, this map is queried to find the affected MPC tasks.

When an update occurs, the system needs to notify the participants of the relevant MPC tasks. This can be achieved through a secure messaging system to ensure that the participants receive notifications and understand that the data blocks they depend on have been updated.

Since MPC tasks usually involve sensitive data, an incremental encryption mechanism should be used to protect the security of data when updating data blocks, during which only the changed parts are re-encrypted and distributed instead of the entire data block.

After receiving the update notification, participants need to adjust their own calculation part according to the new data block content, including re-running certain calculation steps or completely restarting the MPC process.

For an MPC instance, each MPC participant can be based on the following framework, including using open source MPC protocol libraries, protecting data transmission over the network through TLS (Transport Layer Security) or DTLS (Datagram Transport Layer Security) protocols, using distributed locks or consensus algorithms to synchronize operations, using database encryption, secure storage or key management systems to manage data, deploying HSM to enhance key security and encryption operations, and creating secure enclaves on SGX-enabled CPUs to perform sensitive calculations.

The step S3 implements a dynamic incremental encryption mechanism, including: the system determines the incremental encryption strategy for the current MPC task based on the data block size, current CPU load, memory usage and network bandwidth. And, the system generates a new authority key based on the current data version number, and performs incremental encryption based on the authority key. In this step, encryption is only applied to the changed data blocks, without re-encrypting the entire data set. The encrypted incremental version of the data block is sent to all storage nodes through a secure communication channel. Each storage node confirms the received data block, verifies and synchronizes it, manages the version of the data of each storage node, and ensures that all participants are using the latest encrypted data block.

Realize refined management of data blocks of different versions and parallel encryption to improve encryption speed.

Optionally, the authority key can be generated based on the current data version number, combined with a key generation function KeyGen, which can use a hash algorithm or a pseudo-random function to generate a key from the data version number:

Permission_Key=KeyGen(Data_Version),

The KeyGen function here is a deterministic function to ensure that the same input (data version number) will produce the same permission key. The deterministic function KeyGen is used to generate permission keys, and its core feature is that it always produces the same output for the same input. KeyGen usually uses a cryptographically secure hash function or a pseudo-random function to input the data version number to generate the key, such as Permission_Key = SHA256 (Data_Version), where Data_Version is the main input for key generation, and SHA256 is a one-way hash function that ensures that the original input cannot be reversed. Since KeyGen uses the SHA256 hash function to generate the key, the length of Permission_Key will be fixed because the output length of SHA256 is fixed. The output length of the SHA256 hash function is 256 bits (i.e. 32 bytes). Regardless of the length of the input data, SHA256 always produces an output of a fixed length. This means that the length of Permission_Key will always be 256 bits when using SHA256.

Optionally, the data block size, current CPU load, memory usage and network bandwidth determine the incremental encryption strategy of the current MPC task, so that the parameters of the encryption operation are dynamically adjusted according to the performance parameters of the system, including the selection of encryption algorithm, key size, and concurrency of encryption operations.

The following are the calculation formulas and parameter definitions for incremental encryption strategy formulation:

BlockSize_Changed: the size of the data block containing the data packet to be incrementally encrypted. The value of BlockSize_Changed is N_final determined in step S1 for the data block corresponding to the data packet to be incrementally encrypted.

CPU_Load: The current CPU load percentage, expressed as a value between 0 and 100.

Memory_Usage: The amount of memory currently used.

Memory_Total: Total system memory.

Network_Bandwidth: The currently available network bandwidth.

Data_Version: The version number of the current data.

According to system resources and data block status, formulate the following incremental encryption strategy:

(1) Key length Key_Length:

Key_Length=f(CPU_Load,Memory_Usage,Network_Bandwidth)

The f function can choose an appropriate key length based on system resource parameters. High CPU load and memory usage may mean choosing a shorter key length to reduce computational overhead.

Optionally, function f selects a key length based on system resource parameters, where the key length selection requires a balance between security and performance. Optionally, the key length is dynamically adjusted based on CPU load, memory usage, and network bandwidth.

The bases for defining key lengths are:

Key_Length_Max: Optional maximum key length, for example 256 bits.

Key_Length_Min: Optional minimum key length, for example 128 bits.

Define resource usage thresholds, including:

CPU_Load_Max: The maximum acceptable percentage of CPU load, for example 80%.

Memory_Usage_Max: The maximum acceptable percentage of memory usage, for example 75%.

Network_Bandwidth_Min: The minimum acceptable value of network bandwidth, for example 1Mbps.

Determine Key_Length = f(CPU_Load, Memory_Usage, Network_Bandwidth), that is, dynamically adjust the key length Key_Length according to the CPU load, memory usage and network bandwidth.

First, convert the memory usage Memory_Usage into a percentage Memory_Usage_Percent: Memory_Usage_Percent = (Memory_Usage/Memory_Total)*100

Then, calculate the resource pressure index Stress_Index, the value range is [0,1]:

Stress_Index=(CPU_Load/CPU_Load_Max+Memory_Usage_Percent/Memory_Usage_Max+(Network_Bandwidth_Min/Network_Bandwidth))/3,

Select the key length Key_Length_1 according to the resource pressure index Stress_Index:

Key_Length_1=Key_Length_Max-(Stress_Index*(Key_Length_Max-Key_Length_Min)),

Finally, you need to ensure that the key Key_Length is not less than the minimum value:

Key_Length=max(Key_Length_1,Key_Length_Min).

Among them, Stress_Index is a calculation indicator that takes into account CPU load, memory usage percentage and network bandwidth. When the Stress_Index value increases, it means that the pressure on system resources increases. The key length Key_Length is dynamically adjusted between the maximum value Key_Length_Max and the minimum value Key_Length_Min. When the system pressure increases, a shorter key length is selected to reduce the calculation overhead. The above f function ensures that the key length will not be lower than the defined minimum security standard Key_Length_Min.

Among them, the Key_Length variable defines the length of the encryption key. Key_Length is used to control the key length of Permission_Key. The encryption key length (Key_Length) in the system needs to be dynamically adjusted to be less than or equal to the length of the SHA256 output. The SHA256 output needs to be truncated to match the required Key_Length. Specifically, the first Key_Length bits of the Permission_Key output of SHA256 are truncated to obtain a key with a length of Key_Length.

(2) Encryption algorithm Encryption_Algorithm selection:

Encryption_Algorithm=g(BlockSize_Changed),

The g function can select a suitable encryption algorithm according to the size of the data block where the data packet to be incrementally encrypted is located. Since the size of the data block where the data packet to be incrementally encrypted is located reflects the security sensitivity of the data in the data packet, a smaller data block requires an encryption algorithm with a higher computational workload to provide higher security.

Optionally, the g function should select different encryption algorithms based on the size of the data block containing the data packet to be incrementally encrypted, and define two thresholds for dividing the size interval of the data block containing the data packet to be incrementally encrypted: BlockSize_Small_Threshold: defines the maximum threshold for small data blocks, BlockSize_Medium_Threshold: defines the maximum threshold for medium data blocks.

The corresponding encryption algorithm is determined according to the different intervals of the size of the data block of the data packet to be incrementally encrypted, including:

When the size of the data block where the data packet to be incrementally encrypted is located is less than BlockSize_Small_Threshold, the Algorithm_Secure mode is entered, and the more secure encryption algorithm RSA asymmetric encryption algorithm is used.

When the size of the data block containing the data packet to be incrementally encrypted is between BlockSize_Small_Threshold and BlockSize_Medium_Threshold, the system enters Algorithm_Balanced mode and adopts the encryption algorithm AES-CBC algorithm that balances security and performance.

When the size of the data block containing the data packet to be incrementally encrypted is greater than BlockSize_Medium_Threshold, the Algorithm_Fast mode is entered, and the AES-CTR algorithm, which has a smaller calculation amount and is executed faster, is used.

(3) Concurrency of encryption operation Encryption_Concurrency:

Encryption_Concurrency=h(Network_Bandwidth,Memory_Usage)

The h function can determine the number of concurrent encryption tasks based on the available network bandwidth and memory usage. When the network bandwidth is large and the memory usage is not high, the concurrency can be increased to speed up the encryption process.

The h function that determines the number of encryption tasks that can be executed simultaneously based on network bandwidth and memory usage includes:

Define thresholds for resource usage:

Network_Bandwidth_Max: The maximum value of the network bandwidth.

Memory_Usage_Max: The maximum amount of memory usage that can be allocated to encryption operations in the total system memory.

Determine the scope of defining concurrency:

Concurrency_Min: minimum concurrency, for example 1 (indicates that at least one encryption operation is running).

Concurrency_Max: Maximum concurrency, for example 256 (based on the maximum number of concurrent connections that the system can handle).

The specific form of the h function is: h(Network_Bandwidth,Memory_Usage), which includes the following processes:

First, calculate the current network bandwidth utilization, assuming that higher bandwidth utilization allows more concurrent encryption operations:

Network_Utilization=Network_Bandwidth/Network_Bandwidth_Max,

Then, calculate the current memory utilization. Lower memory utilization allows more concurrent encryption operations, so:

Memory_Utilization=Memory_Usage/Memory_Usage_Max, Memory_Available=1-Memory_Utilization.

After that, the concurrency of the encryption operation Encryption_Concurrency_1 is calculated, which depends on the network resource utilization Network_Utilization and the memory resource utilization Memory_Available:

Encryption_Concurrency_1=int((Network_Utilization+Memory_Available)/2*Concurrency_Max).

Finally, the range of Encryption_Concurrency_1 is limited to obtain the final encryption operation concurrency Encryption_Concurrency, including:

Encryption_Concurrency=max(Encryption_Concurrency_1,Concurrency_Min),

Encryption_Concurrency=min(Encryption_Concurrency_1,Concurrency_Max).

Among them, Network_Utilization and Memory_Available are two factors between 0 and 1, representing the utilization of network bandwidth and available memory respectively.

By taking the average of network bandwidth utilization and memory availability, a standardized concurrency factor is calculated and multiplied by Concurrency_Max to get the initial concurrency number.

The final concurrency is then adjusted by ensuring that the concurrency is not less than Concurrency_Min and not greater than Concurrency_Max. The int function is used to ensure that the concurrency is an integer, which is mathematically equivalent to the calculation function rounded down.

Finally, encryption is applied based on the determined dynamic incremental encryption strategy:

Encrypted_Block＝Encrypt(Data,Permission_Key,Encryption_Algorithm)

Among them, Encrypt is the encryption function, Data is the incremental data packet to be encrypted, Permission_Key is the permission key used for encryption, and Encryption_Algorithm is the algorithm selected according to the policy.

The system can dynamically adjust its incremental encryption method to best utilize current system resources while ensuring data security.

Encryption_Algorithm is an encryption algorithm, which defines how to use the limited length key Permission_Key and the selected encryption algorithm to encrypt Data under the condition of set concurrency. The set algorithm may be RSA, AES-CTR and AES-CBC algorithms. The set concurrency range is 1-256, and the limit length is 128-256 bits.

Finally, the Encrypt function combines the Data, Permission_Key, and Encryption_Algorithm to generate the Encrypted_Block.

Optionally, in a multi-party computing (MPC) scenario, participants usually need to share information while maintaining the privacy of the data. After completing the incremental encryption, the MPC participants will distribute the encrypted data block (Encrypted_Block) to all storage nodes.

MPC participants first determine which data has changed since the last update. Then, they encrypt this incremental data using the Permission_Key and the selected Encryption_Algorithm to generate an Encrypted_Block.

After encryption is completed, the MPC participant sends the Encrypted_Block to every storage node in the network.

The MPC participant sends the limited key length Key_Length and Encrypted_Block to each storage node in the network.

After receiving the Encrypted_Block, the storage node will store it locally. Since the data is encrypted, the data content can remain safe even if the storage node is attacked or damaged.

In a distributed storage system, users usually need to access encrypted data stored on nodes in a secure manner. In the present invention, when it is necessary to access or process these data, authorized users can obtain the decrypted Encrypted_Block based on the corresponding decryption key storage node, thereby obtaining the original incremental data, including:

Before a user initiates a request to a storage node, the user needs to pass the system's identity authentication to confirm whether the user has the authority to access the data corresponding to a specific version number. Once the verification is passed, the user requests a data packet with a specific version number and its corresponding key length Key_Length. After the storage node receives the request, it verifies whether the user's request is valid. The verification of the user's request is valid, including confirming whether the request is sent within a preset time period after the verification is passed. Once it is confirmed that the user has the right to access the data, the storage node sends the requested data packet (still encrypted) and the required Key_Length to the user.

The user generates the corresponding encryption key through the key generation mechanism (KeyGen function) based on the provided version number and Key_Length. The version number and key length are public, and the key itself is private.

The user uses the generated key to decrypt the received encrypted data. After successful decryption, the user can access the plaintext version of the data and perform subsequent operations such as reading, editing, or processing the data.

Through the method and system of the present invention, the use of incremental encryption and decryption reduces the need for encryption of the entire data set, and only processes the changed parts, thereby improving the speed of data processing. In addition, through dynamic permission keys and data management mechanisms associated with MPC tasks, fine-grained control of data access rights is allowed, which improves the flexibility of permission management. In addition, by partitioning sensitive data and implementing incremental encryption, the present invention greatly enhances data privacy protection, reduces the risk of data leakage, and uses dynamic incremental encryption based on the current task processing situation and resource availability, which helps to optimize resource usage and reduce operation and maintenance costs.

It should be noted that the computer-readable medium disclosed above may be a computer-readable signal medium or a computer-readable storage medium or any combination of the above two. The computer-readable storage medium may be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, device or device, or any combination of the above. More specific examples of computer-readable storage media may include, but are not limited to: an electrical connection with one or more wires, a portable computer disk, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the above. In the present disclosure, a computer-readable storage medium may be any tangible medium containing or storing a program that may be used by or in combination with an instruction execution system, device or device. In the present disclosure, a computer-readable signal medium may include a data signal propagated in a baseband or as part of a carrier wave, in which a computer-readable program code is carried. This propagated data signal may take a variety of forms, including but not limited to an electromagnetic signal, an optical signal, or any suitable combination of the above. The computer readable signal medium may also be any computer readable medium other than a computer readable storage medium, which may send, propagate or transmit a program for use by or in conjunction with an instruction execution system, apparatus or device. The program code contained on the computer readable medium may be transmitted using any suitable medium, including but not limited to: wires, optical cables, RF (radio frequency), etc., or any suitable combination of the above.

The computer-readable medium may be included in the electronic device, or may exist independently without being installed in the electronic device.

Computer program code for performing the operations of the present disclosure may be written in one or more programming languages, or a combination thereof, including object-oriented programming languages, such as Java, Smalltalk, C++, and conventional procedural programming languages, such as "C" or similar programming languages. The program code may be executed entirely on the user's computer, partially on the user's computer, as a separate software package, partially on the user's computer and partially on a remote computer, or entirely on a remote computer or server. In cases involving a remote computer, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or may be connected to an external computer (e.g., through the Internet using an Internet service provider).

The flow chart and block diagram in the accompanying drawings illustrate the possible architecture, function and operation of the system, method and computer program product according to various embodiments of the present disclosure. In this regard, each square box in the flow chart or block diagram can represent a module, a program segment or a part of a code, and the module, the program segment or a part of the code contains one or more executable instructions for realizing the specified logical function. It should also be noted that in some implementations as replacements, the functions marked in the square box can also occur in a sequence different from that marked in the accompanying drawings. For example, two square boxes represented in succession can actually be executed substantially in parallel, and they can sometimes be executed in the opposite order, depending on the functions involved. It should also be noted that each square box in the block diagram and/or flow chart, and the combination of the square boxes in the block diagram and/or flow chart can be implemented with a dedicated hardware-based system that performs a specified function or operation, or can be implemented with a combination of dedicated hardware and computer instructions.

The units involved in the embodiments described in the present disclosure may be implemented by software or hardware, wherein the name of a unit does not, in some cases, constitute a limitation on the unit itself.

The above introduces the preferred embodiments of the present invention, which is intended to make the spirit of the present invention clearer and easier to understand, but is not intended to limit the present invention. All modifications, substitutions, and improvements made within the spirit and principles of the present invention should be included in the scope of protection outlined by the claims attached to the present invention.

Claims (7)

1. A dynamic privacy data encryption method, the method comprising: Step S1: Automatically identify and partition sensitive data; Among them, sensitive data is automatically analyzed and identified, and partitioned according to the sensitivity level. The data in each partition is divided into blocks according to its relevance to a specific multi-party computing MPC task, forming multiple data blocks in each partition; Step S2: Update the data block and associate the data block with the MPC task; Step S3: Implement dynamic incremental encryption mechanism; Among them, the relevant MPC participants enable the incremental encryption function and implement incremental encryption for the changed data based on the data block size, current task processing status and resource availability; Wherein, the incremental encryption is based on a dynamic authority key; After the incremental encryption is completed, the MPC participant distributes the incrementally encrypted data to all storage nodes; Step S4: The storage node applies the incrementally encrypted data to the relevant data blocks, while keeping the encryption state of the unchanged data unchanged; Wherein, in step S1: Data partitioning is completed, and the data partition is divided into multiple data blocks, each data block is associated with a specific MPC task; The MPC task uses the corresponding encryption protocol and algorithm for each data block of each sensitivity level; The organization of the data blocks in the partition is determined based on at least the computational complexity of the encryption algorithm, the network bandwidth, and the processor capability; all parameters are initialized to calculate the size of the data block, including the following parameters: C: encryption algorithm computational complexity; P: Processor processing power; B: Network bandwidth; T_max: maximum allowed encryption operation delay time; S_sec: security parameters; O: Algorithm overhead; Then, the data block size N1 is calculated based on the maximum delay, including the maximum delay time based on each encryption operation, and the size of the data block is determined using the following formula: N1＝(T_max-O)*P/C， in, (T_max-O) represents the actual time used for data encryption, and P/C represents the amount of data that can be processed per unit time, which is used to limit the degree of restriction of the CPU's processing capacity on the data block size; Meanwhile, the data block size N2 is calculated based on the network bandwidth, including using the following formula to determine the data block size N2 based on the amount of data that the network can transmit within the T_max time: N2=B*T_max; wherein N2 should be less than or equal to the maximum amount of data that the network can transmit within T_max; And, according to the security parameter S_sec, the size of the data block is adjusted according to different security requirements. For data requiring higher security, the security is increased by reducing the size of the data block, which is expressed by the formula: N_adj = N*S_sec; Determine the size of the data block based on processor power, network bandwidth, and security requirements: The final data block size N_final is the minimum value of the calculation results based on processor power, network bandwidth, and security requirements: N_final=min(N,N_adj,B*T_max), The N_final is the organization mode of the data blocks in the corresponding partition; Wherein, in step S2, the data block is updated and the data block is associated with the MPC task, which specifically includes: The system detects this update through the registered event listener; finds the MPC task associated with this data block and determines whether the current task is affected; the system sends a security notification to the participants involved in the current MPC task; after receiving the notification, the MPC participant starts the incremental encryption algorithm and only encrypts and transmits the changed data part. 2. A dynamic privacy data encryption method as claimed in claim 1, characterized in that in step S1: Before starting automatic identification, collect and pre-process data; Conduct sensitivity assessment on pre-processed data, including keyword feature extraction, keyword matching based on regular expressions to identify sensitive data in business data, and determine the sensitivity level of pre-processed data based on pre-defined sensitive data identifiers and business rules; Depending on the level of sensitivity of the data, the data is partitioned into different categories. 3. A dynamic privacy data encryption method as described in claim 1, characterized in that the determination of S_sec includes using a mapping from sensitivity level to security weight. 4. A dynamic privacy data encryption method as claimed in claim 1, characterized in that the determination of S_sec includes calculating S_sec according to the following formula: S_sec=W_sec*F_legal*F_threat*F_env, in, W_sec: security weight defined according to sensitivity level; F_legal: legal requirement factor; F_threat: Threat model factor; F_env: Environmental factor. 5. A dynamic privacy data encryption method as claimed in claim 1, characterized in that F_threat is calculated using the following formula: F_threat=F_threat=b+(b*(1-(Σ(Score_i)/(N*Max_Score)))), In this formula: b: The constant of the lower limit of the parameter value, indicating the maximum degree of influence of the set factor; Score_i: the score of the i-th potential threat; N: the number of potential threats; Max_Score: The maximum score of a single potential threat. 6. A dynamic privacy data encryption method as claimed in claim 1, characterized in that the dynamic incremental encryption mechanism is implemented in step S3, including: the system determines the incremental encryption strategy of the current MPC task according to the data block size, current CPU load, memory usage and network bandwidth; And, a new authority key is generated based on the current data version number, and incremental encryption is performed based on the authority key. 7. A dynamic privacy data encryption system, comprising a memory and a processor, wherein the memory stores computer program code, and the processor is used to execute the computer program code to implement the dynamic privacy data encryption method of claims 1-6.