[go: up one dir, main page]

CN119420496B - Data monitoring method, electronic device, and computer-readable storage medium - Google Patents

Data monitoring method, electronic device, and computer-readable storage medium

Info

Publication number
CN119420496B
CN119420496B CN202411320265.XA CN202411320265A CN119420496B CN 119420496 B CN119420496 B CN 119420496B CN 202411320265 A CN202411320265 A CN 202411320265A CN 119420496 B CN119420496 B CN 119420496B
Authority
CN
China
Prior art keywords
ciphertext
data
target
parameter
cloud
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202411320265.XA
Other languages
Chinese (zh)
Other versions
CN119420496A (en
Inventor
赵伟
王哲宏
郭振斌
程永霄
陈思
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Huacheng Software Technology Co Ltd
Original Assignee
Hangzhou Huacheng Software Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Huacheng Software Technology Co Ltd filed Critical Hangzhou Huacheng Software Technology Co Ltd
Priority to CN202411320265.XA priority Critical patent/CN119420496B/en
Publication of CN119420496A publication Critical patent/CN119420496A/en
Application granted granted Critical
Publication of CN119420496B publication Critical patent/CN119420496B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

本申请公开了一种数据监测方法、电子设备和计算机可读存储介质,数据监测方法包括:响应于本地终端得到待监测数据及其匹配的参考数据,获取目标密钥,利用目标密钥对待监测数据进行加密得到第一密文,利用目标密钥对参考数据进行加密得到第二密文,将第一密文和第二密文传输至第一云端;利用目标密钥和扰动参数,对第一密文和第二密文进行加密,得到目标密文并传输至第二云端;利用解密密钥对目标密文进行解密,得到解密数据并传输至第一云端;其中,解密密钥与目标密钥对应;基于解密数据和扰动参数,获取待监测数据对应的监测结果。通过上述方式,本申请能够提高数据监测的安全性。

The present application discloses a data monitoring method, an electronic device, and a computer-readable storage medium. The data monitoring method includes: obtaining the data to be monitored and its matching reference data in response to a local terminal, obtaining a target key, encrypting the data to be monitored using the target key to obtain a first ciphertext, encrypting the reference data using the target key to obtain a second ciphertext, and transmitting the first ciphertext and the second ciphertext to a first cloud; encrypting the first ciphertext and the second ciphertext using the target key and a disturbance parameter to obtain a target ciphertext and transmit it to a second cloud; decrypting the target ciphertext using a decryption key to obtain decrypted data and transmit it to the first cloud; wherein the decryption key corresponds to the target key; and obtaining a monitoring result corresponding to the data to be monitored based on the decrypted data and the disturbance parameter. In the above manner, the present application can improve the security of data monitoring.

Description

Data monitoring method, electronic device and computer readable storage medium
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a data monitoring method, an electronic device, and a computer readable storage medium.
Background
With the continuous development of intelligence, data monitoring is being used in more and more fields. At present, one mode of monitoring data is to store and analyze the acquired data to be monitored by using an intelligent terminal, the mode needs to occupy the storage space of the intelligent terminal and consume a large amount of operation cost of the intelligent terminal, or the other mode is to send the acquired data to be monitored to a cloud server, and the data to be monitored is stored and monitored by a monitoring model deployed at the cloud server, but the mode is easy to cause data leakage in the process of uploading the data to be monitored to the cloud server, so that the safety is poor.
In view of this, how to provide a data monitoring method with high monitoring efficiency and high security is a problem to be solved.
Disclosure of Invention
The application mainly solves the technical problem of providing a data monitoring method, electronic equipment and a computer readable storage medium, which can improve the safety of data monitoring.
The technical scheme includes that the data monitoring method is applied to a data monitoring system, the data monitoring system comprises a local terminal, a first cloud end and a second cloud end, the data monitoring method comprises the steps of responding to the local terminal to obtain data to be monitored and matched reference data thereof, obtaining a target secret key, encrypting the data to be monitored by the target secret key to obtain a first ciphertext, encrypting the reference data by the target secret key to obtain a second ciphertext, transmitting the first ciphertext and the second ciphertext to the first cloud end, encrypting the first ciphertext and the second ciphertext by the target secret key and disturbance parameters to obtain a target ciphertext and transmitting the target ciphertext to the second cloud end, decrypting the target ciphertext by a decryption secret key to obtain decryption data and transmitting the decryption data to the first cloud end, and obtaining a monitoring result corresponding to the data to be monitored based on the decryption data and the disturbance parameters.
In order to solve the technical problem, the application adopts another technical scheme that the electronic equipment comprises a memory and a processor which are mutually coupled, wherein the memory stores program instructions, and the processor is used for executing the program instructions to realize the data monitoring method according to the technical scheme.
In order to solve the technical problem, another technical scheme adopted by the application is to provide a computer readable storage medium, wherein program instructions are stored on the computer readable storage medium, and the program instructions realize the data monitoring method in the technical scheme when being executed by a processor.
The data monitoring method has the advantages that the target secret key, the encrypted first ciphertext and the encrypted second ciphertext are sent to the first cloud end by the local terminal, so that the first cloud end encrypts the first ciphertext and the second ciphertext for one round by using the disturbance parameters to obtain the target ciphertext containing the comparison relation between the data to be monitored and the reference data, unlike the situation of the prior art. And the first cloud end sends the target ciphertext to the second cloud end, so that the second cloud end decrypts the target ciphertext to obtain decrypted data containing the disturbing parameters. And processing the decrypted data by using the first cloud to obtain a monitoring result. According to the method, in the process of data monitoring, the first cloud end and the second cloud end can not acquire specific information of data to be monitored and reference data all the time, data storage and data processing cost of a local terminal are saved, and meanwhile data monitoring safety is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art. Wherein:
FIG. 1 is a schematic diagram of a data monitoring system according to an embodiment of the present application;
FIG. 2 is a flow chart of an embodiment of a data monitoring method according to the present application;
Fig. 3 is a flowchart of step S101 in fig. 1 according to another embodiment;
fig. 4 is a flowchart of step S101 in fig. 1 according to another embodiment;
FIG. 5 is a flowchart of step S102 in FIG. 1 according to another embodiment;
FIG. 6 is a schematic diagram of an embodiment of an electronic device of the present application;
fig. 7 is a schematic diagram of a computer-readable storage medium according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, but not all embodiments, and that different embodiments may be adaptively combined. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
Referring to fig. 1, fig. 1 is a schematic structural diagram of an embodiment of a data monitoring system according to the present application. The data monitoring system comprises a local terminal, a first cloud end and a second cloud end which are mutually coupled.
In an implementation scenario, the local terminal includes an acquisition device and a processing device that are coupled to each other, where the acquisition device is configured to acquire data to be monitored, and send the acquired data to be monitored to the processing device. The processing device is used for determining matched reference data according to the received data to be monitored.
The processing device may be a mobile phone, a tablet computer, or the like. The acquisition device can be a sensor or a smart bracelet, etc.
In a specific application scenario, the reference data is automatically determined by the processing device according to the data type of the data to be monitored, for example, when the data to be monitored is the acquired actual temperature, the reference data is the threshold temperature. Or the reference data may be set by the relevant object on the processing device.
Referring to fig. 2, fig. 2 is a flow chart of an embodiment of a data monitoring method according to the present application, where the method is applied to a data monitoring system, and the implementation process includes:
S101, responding to a local terminal to obtain data to be monitored and matched reference data thereof, obtaining a target key, encrypting the data to be monitored by using the target key to obtain a first ciphertext, encrypting the reference data by using the target key to obtain a second ciphertext, and transmitting the first ciphertext and the second ciphertext to a first cloud.
In one embodiment, after obtaining the data to be monitored and the matched reference data, the local terminal obtains, on the processing device, a target key for encrypting the data to be monitored and the reference data. And encrypting the data to be monitored by using the target key to obtain a corresponding first ciphertext. And encrypting the reference data by using the target key to obtain a corresponding second ciphertext. The target key is obtained by encrypting a plurality of target parameters.
In one implementation scenario, an encryption key is generated in advance on the local terminal, and a plurality of target parameters are encrypted using the encryption key to generate the target key.
Further, the process of obtaining the first ciphertext and the second ciphertext in response to the encryption is implemented in the local terminal, and after the first ciphertext and the second ciphertext are obtained, the local terminal transmits the first ciphertext, the second ciphertext and the target key to the first cloud.
In another embodiment, after obtaining the data to be detected and the matched reference data thereof, the local terminal performs preprocessing on the data to be detected and the matched reference data thereof, and encrypts the preprocessed data to be detected and the preprocessed reference data by using the target key to obtain a corresponding first ciphertext and a corresponding second ciphertext. The preprocessing process comprises the step of converting the data to be detected and the matched reference data into integers.
In a specific application scenario, in response to the to-be-monitored data being 37.5 and the matched reference data being 37.0, in order to facilitate subsequent calculation and improve accuracy of subsequent data monitoring, the to-be-monitored data and the reference data are multiplied by 10 respectively, so as to obtain 375 of the preprocessed to-be-monitored data and 370 of the preprocessed reference data.
S102, encrypting the first ciphertext and the second ciphertext by using the target secret key and the disturbance parameter, obtaining a target ciphertext and transmitting the target ciphertext to the second cloud.
In one embodiment, on the first cloud end, the perturbation parameters are determined from the first ciphertext and the second ciphertext. And carrying out joint encryption on the first ciphertext and the second ciphertext by utilizing the target key and the disturbance parameter to obtain a corresponding target ciphertext.
Further, the first cloud end is utilized to send the generated target ciphertext to the second cloud end.
The target key only encrypts the data, but does not support decrypting the encrypted data, so that even if the first cloud obtains the target key, the first ciphertext and the second ciphertext sent by the processing device, the first ciphertext or the second ciphertext cannot be decrypted by using the target key, and the corresponding data to be monitored or the reference data are obtained.
And S103, decrypting the target ciphertext by using a decryption key to obtain decryption data and transmitting the decryption data to the first cloud, wherein the decryption key corresponds to the target key.
In an embodiment, on the second cloud end, the target ciphertext sent by the first cloud end is decrypted according to the decryption key, so as to obtain corresponding decrypted data. Wherein the decryption key is determined based on an encryption key used to generate the target key, the decryption data comprising amplitude information between the data to be monitored and the reference data.
Further, the second cloud end is utilized to transmit the decrypted data to the first cloud end.
S104, based on the decrypted data and the disturbance parameters, obtaining a monitoring result corresponding to the data to be monitored.
In an embodiment, the first cloud receives the decrypted data sent by the second cloud, and analyzes the decrypted data according to the disturbance parameters by using the first cloud to determine a corresponding monitoring result.
In an implementation scenario, in response to the decrypted data including amplitude information between the data to be monitored and the reference data, the first cloud end is utilized to analyze the decrypted data according to the disturbance parameters, and then the amplitude information is determined to correspond to the decrypted data, so that a monitoring result is obtained according to the decrypted data.
Further, after the monitoring result is obtained, the first cloud end is utilized to judge whether the monitoring result meets a preset alarm condition.
The method comprises the steps of enabling a first cloud to send a monitoring result to processing equipment in response to the monitoring result meeting a preset alarm condition, and enabling the processing equipment to alarm according to the monitoring result after receiving the monitoring result. Or in response to the monitoring result not meeting the preset alarm condition, continuously utilizing the processing equipment to acquire the data to be monitored acquired by the acquisition equipment, and sequentially executing the subsequent steps to judge whether the data to be monitored acquired subsequently meets the preset alarm condition.
According to the data monitoring method, the local terminal sends the target secret key, the encrypted first ciphertext and the encrypted second ciphertext to the first cloud end, so that the first cloud end encrypts the first ciphertext and the second ciphertext for one round by utilizing the disturbance parameters, and the target ciphertext containing the comparison relation between the data to be monitored and the reference data is obtained. And the first cloud end sends the target ciphertext to the second cloud end, so that the second cloud end decrypts the target ciphertext to obtain decrypted data containing the disturbing parameters. And processing the decrypted data by using the first cloud to obtain a monitoring result. According to the method, in the process of data monitoring, the first cloud end and the second cloud end can not acquire specific information of data to be monitored and reference data all the time, data storage and data processing cost of a local terminal are saved, and meanwhile data monitoring safety is improved.
Referring to fig. 3, fig. 3 is a flowchart of step S101 in fig. 1 according to another embodiment. Specifically, in response to the local terminal including the acquisition device and the processing device, the process of acquiring the target key in step S101 includes:
s201, acquiring a first target parameter and a second target parameter.
In one embodiment, a first target parameter and a second target parameter are obtained on a processing device. The second target parameter is used for determining a comparison relation between the data to be monitored and the reference data.
In a specific application scenario, the first target parameter is 0, and the second target parameter is-1.
S202, encrypting the first target parameters for a plurality of times by using processing equipment to obtain a plurality of first weights, and encrypting the second target parameters by using the processing equipment to obtain a second weight.
In one embodiment, on a processing device, a first target parameter is encrypted multiple times using a symmetric homomorphic encryption (SYMMETRIC HOMOMORPHIC ENCRYPTION, SHE) algorithm, each time to obtain a corresponding first weight, and a second target parameter is encrypted using the symmetric homomorphic encryption algorithm to obtain a corresponding second weight.
In an implementation scenario, an encryption key corresponding to a symmetric homomorphic encryption algorithm is predetermined by a processing device, a first target parameter is encrypted by the encryption key to obtain a corresponding first weight, and a second target parameter is encrypted by the encryption key to obtain a corresponding second weight.
Specifically, a plurality of initial parameters matching the above-described symmetric homomorphic encryption algorithm are predetermined, the initial parameters including a security parameter (k 0,k1,k2), and the security parameter satisfying k 0<<k1<k2. In addition, the initial parameters also comprise two reference prime numbers and random coefficients, and the encryption keys corresponding to the symmetrical homomorphic encryption algorithm are determined according to the reference prime numbers and the random coefficients Wherein p and q are two reference prime numbers, and the bit lengths of p and q are k 0,Is a random number with a bit length of k 2.
In one embodiment, the specific calculation formula of the first target parameter or the second target parameter by using the encryption key is as follows:
Wherein x represents a first target parameter or a second target parameter, and E (x) represents a first weight obtained after encryption when x represents the first target parameter, r and r' represent random coefficients, and Representing the product of the reference prime number p and the reference prime number q, mo d representing the remainder function.
It should be noted that, due to the difference of random coefficients in different encryption rounds, the obtained weights are different even if the same data is encrypted. For example, when the first target parameter is 0, the first target parameter is encrypted for multiple times by using the encryption key, and the obtained first weights are different.
In addition, after the encryption key is determined on the processing device, the processing device is used for sending the encryption key to the second cloud end as a decryption key so as to facilitate the subsequent second cloud end to decrypt the related data according to the decryption key.
And S203, determining a target key based on the first weight and the second weight.
In one embodiment, the first weight and the second weight obtained after encryption are used as the target key.
In a specific application scenario, in step S202, the first target parameter is 0, the second target parameter is-1, the first target parameter is encrypted twice by using the encryption key to obtain a first weight E (0) 1 and a first weight E (0) 2, and the second target parameter is encrypted once by using the encryption key to obtain a second weight E (-1). And determining the target key as pk= [ E (0) 1,E(0)2, E (-1) ] according to the obtained first weight and second weight.
According to the scheme, different first weights are determined according to the first target parameter 0, and the second weights are determined according to the second target parameter-1, so that related data are encrypted according to the first weights, and the comparison relation between the data to be monitored and the reference data is determined by using the second weights, thereby avoiding leakage of the data to be monitored in the data monitoring process, and improving the safety of data monitoring.
Referring to fig. 4, fig. 4 is a flowchart of step S101 in fig. 1 according to another embodiment. Specifically, the implementation process of encrypting the data to be monitored on the processing device to obtain the first ciphertext in step S101 includes:
S301, acquiring a first encryption parameter and a second encryption parameter, acquiring a first reference sub-ciphertext by using processing equipment according to the first encryption parameter and the current first weight, and acquiring a second reference sub-ciphertext by using processing equipment according to the second encryption parameter and other first weights.
In one embodiment, after determining the target key, determining a first encryption parameter and a second encryption parameter, and obtaining a first reference sub-ciphertext and a second reference sub-ciphertext by using the first weight, the first encryption parameter and the second encryption parameter in the target key.
Specifically, in response to the steps mentioned in the corresponding embodiments, encrypting the first target parameter twice and obtaining corresponding first weights respectively, obtaining a product of the first encryption parameter and one of the first weights, and taking the product as a first reference sub-ciphertext, and obtaining a product of the second encryption parameter and the other first weight, and determining a second reference sub-ciphertext according to the product.
S302, enabling the processing equipment to obtain a first ciphertext according to the data to be monitored, the first reference sub-ciphertext and the second reference sub-ciphertext.
In one embodiment, the processing device is caused to take the sum of the data to be monitored, the first reference sub-ciphertext and the second reference sub-ciphertext as the first ciphertext.
In a specific application scenario, a specific calculation formula of the first ciphertext is as follows:
Wherein m 1 represents data to be monitored, E (m 1) represents a first ciphertext, r 1 represents a first encryption parameter, and R 2 denotes a second encryption parameter, andK 2 Reference may be made to the values of the related parameters in step S202. The symmetric homomorphic encryption algorithm satisfies various operation properties, such as :E(m1)+E(m2)=E(m1+m2);E(m1)*E(m2)=E(m1*m2);E(m1)+m2=E(m1+m2);E(m1)*m2=E(m1*m2),, so that the first ciphertext obtained by the encryption in the process cannot influence the data to be monitored.
In addition, the process of encrypting the reference data on the processing device in step S101 to obtain the second ciphertext is similar to the process of obtaining the first ciphertext, and the detailed process may refer to steps S301 to S302 described above, and will not be explained in detail here.
Referring to fig. 5, fig. 5 is a flowchart of step S102 in fig. 1 according to another embodiment. The disturbance parameters include a first random parameter and at least one second random parameter, and the first random parameter is selected from the first candidate parameter and the second candidate parameter, the implementation process of step S102 includes:
s401, acquiring a variation amplitude ciphertext based on the target key, the first ciphertext and the second ciphertext.
In one embodiment, a first product of the second weight and the second ciphertext is obtained on the first cloud end.
Further, the first cloud is utilized to take the sum of the first ciphertext and the first product as the amplitude-variable ciphertext. The variation amplitude ciphertext is used for representing the difference value between the encrypted data to be monitored and the reference data.
In a specific application scenario, in order to realize monitoring of the data to be monitored, a comparison relation between the data to be monitored and the reference data needs to be determined, and since the second weight is obtained by encrypting the second target parameter-1, a specific calculation formula of the amplitude-of-change ciphertext is as follows:
f=E(T)+E(H)·E(-1)
where f represents the amplitude of variation ciphertext, E (T) represents the first ciphertext, E (H) represents the second weight, and E (-1) represents the second ciphertext.
S402, for any second random parameter, acquiring a target encryption weight based on the first random parameter, the second random parameter and the target key.
In an embodiment, the perturbation parameters include a first random parameter and at least one second random parameter, and the first random parameter is selected from a first candidate parameter and a second candidate parameter that are opposite numbers to each other. And aiming at each second random parameter, acquiring a second product of the first random parameter and the second random parameter by using the first cloud end, and encrypting the second product by using the first weight by using the first cloud end to obtain the target encryption weight.
In an implementation scenario, the disturbance parameters include a first random parameter and two predetermined second random parameters, where the first random parameter is randomly determined from the first candidate parameter-1 and the second candidate parameter 1, i.e., the first random parameter is-1 or 1. For each second random parameter, the specific calculation formula of the target encryption weight is as follows:
Where s denotes a first random parameter, t 1 denotes one of the second random parameters, t 2 denotes the other second random parameter, And t 1>t2>0;E(s·t1) and E (s·t 2) denote the target encryption weights obtained from the corresponding second random parameters, respectively.
S403, acquiring a target ciphertext based on the variation amplitude ciphertext and the target encryption weight, and transmitting the target ciphertext to the second cloud.
In one embodiment, in response to obtaining the target encryption weights corresponding to the two different second random parameters in step S402, a third product of one of the target encryption weights and the ciphertext with varying amplitude is obtained, a sum of the third product and the other target encryption weight is used as the target ciphertext, and the target ciphertext is transmitted to the second cloud.
Specifically, the specific calculation formula of the target ciphertext is as follows:
E(λ)=E(s·t1)·(E(T)+E(H)·E(-1))+E(s·t2)
where E (λ) represents the target ciphertext.
In another embodiment, the number of second random parameters may be other, such as three or four, etc.
According to the scheme, any one of the two candidate parameters with the opposite numbers is selected as the first random parameter, so that after the target ciphertext is decrypted by the subsequent second cloud, the size relation between the data to be monitored and the reference data cannot be judged under the condition that the specific numerical value of the first random parameter cannot be known, and the safety in the data monitoring process is ensured. In addition, by setting a plurality of second random parameters, the difficulty in encrypting the first ciphertext and the second ciphertext is improved, so that the safety of data monitoring is improved.
In an embodiment, in response to the target ciphertext obtained in step S401 to step S403 being transmitted to the second cloud end, the implementation process of step S103 in fig. 1 includes decrypting, on the second cloud end, the target ciphertext obtained in step S403 according to the decryption key received by the second cloud end and the plurality of operation properties satisfied by the symmetric homomorphic encryption algorithm mentioned in the corresponding embodiment, to obtain corresponding decrypted data, and transmitting the decrypted data to the first cloud end. The specific expression formula of the decrypted data obtained after decryption is as follows:
λ=s·t1·(T-H)+s·t2
The λ represents the decrypted data, and because the first cloud transmits the target ciphertext to the second cloud without transmitting the disturbance parameter to the second cloud, the second cloud cannot determine the specific value of the data to be monitored or the specific value of the reference data through the decrypted data even if the second cloud decrypts the target ciphertext to obtain the decrypted data, and cannot determine the specific value of the difference between the data to be monitored and the reference data, so that the safety of the data in the cloud is improved.
Further, after the decrypted data is transmitted to the first cloud, the implementation process of step S104 in fig. 1 includes determining, by the first cloud, a monitoring result according to the first random parameter and the amplitude information in the decrypted data. The amplitude information is used for representing the difference value between the data to be monitored and the reference data.
Specifically, since t 1>t2 >0, the first cloud end determines a comparison relationship between the data to be monitored and the reference data, that is, determines a magnitude relationship between the data to be monitored and the reference value, according to the specific value of the first random parameter. For example, when the first random parameter is-1, if λ is greater than 0, then T < H, and if λ is less than 0, then T+.H. Or when the first random parameter is 1, if lambda is greater than 0, then T is greater than or equal to H, and if lambda is less than 0, then T is less than H. According to the method, the first cloud end determines whether the (T-H) is 0, positive number or negative number according to the first random parameter and the decryption data, so that the size relation between the data to be monitored and the reference data is judged under the condition that the specific numerical value of the data to be monitored and the specific numerical value of the reference data are not required to be determined, and the risk of leakage in the data transmission process is reduced.
In an implementation scenario, T is greater than or equal to H in the monitoring result as meeting a preset alarm condition. And responding to the monitoring result to meet a preset alarm condition, indicating that the value of the data to be monitored is higher, enabling the first cloud end to send the monitoring result to the processing equipment, and giving an alarm through the processing equipment.
In a specific application scenario, the data T to be monitored is a temperature, the reference data H is a threshold temperature, and when the monitoring result shows that the data T to be monitored is greater than the reference data H, the monitoring result is judged to meet a preset alarm condition, so that the first cloud end sends the monitoring result to the processing equipment, and the processing equipment sends an alarm signal. The processing equipment can transmit the alarm signal by sending out corresponding alarm audio, or the processing equipment can display related information on the display interface so as to transmit the alarm signal.
In yet another embodiment, the first target parameter may be encrypted multiple times by using the encryption key to obtain a corresponding number of first weights, and the second target parameter may be encrypted once by using the encryption key to obtain a second weight. For example, if the first target parameter is encrypted three times, the obtained target key is pk= [ E (0) 1,E(0)2,E(0)3, E (-1) ]. Based on this, the specific calculation formula of the first ciphertext in step S302 may be as follows:
According to the scheme, the first target parameters are encrypted for multiple times to obtain multiple first weights, so that the encryption difficulty is improved, and the safety of data monitoring is improved.
In yet another embodiment, the perturbation parameters include a first random parameter and a second random parameter, and the second random parameter is selected from the first candidate parameter and the second candidate parameter, and the implementation of step S102 includes obtaining the amplitude-of-variation ciphertext based on the target key, the first ciphertext, and the second ciphertext. For specific implementation, reference may be made to the corresponding embodiments described above.
Further, a target encryption weight is obtained based on the first random parameter, the second random parameter, and the target key. And acquiring a target ciphertext based on the amplitude-of-change ciphertext and the target encryption weight, and transmitting the target ciphertext to the second cloud.
Specifically, a product of the target encryption weight and the amplitude variation ciphertext is obtained, the product is used as a target ciphertext, and the target ciphertext is transmitted to the second cloud end. The specific calculation formula of the target ciphertext in this embodiment is as follows:
E(λ)=E(s·t1)·(E(T)+E(H)·E(-1))
According to the scheme, the first ciphertext and the second ciphertext are encrypted only through the determined second random parameter, so that the target ciphertext is obtained, and the acquisition efficiency of the target ciphertext is improved.
In still another embodiment, in order to improve the data monitoring efficiency and save the consumption of computing resources, the disturbance parameters may include only the first random parameters, and based on this, the specific implementation process of step S102 includes obtaining the amplitude-of-variation ciphertext based on the target key, the first ciphertext and the second ciphertext. For specific implementation, reference may be made to the corresponding embodiments described above.
Further, a target encryption weight is obtained based on the first random parameter. When the target key is pk= [ E (0) 1,E(0)2, E (-1) |, the specific calculation formula of the target encryption weight is as follows:
further, based on the amplitude-of-change ciphertext and the target encryption weight, a target ciphertext is obtained, and the target ciphertext is transmitted to the second cloud. The specific calculation formula of the target ciphertext is as follows:
E(λ)=E(s)·(E(T)+E(H)·E(-1))
Further, the target ciphertext is decrypted by the second cloud end, the expression formula of decrypted data obtained after decryption is lambda=s. (T-H), and the decrypted data is transmitted to the first cloud end. And the first cloud end determines a monitoring result according to the first random parameter and amplitude information in the decrypted data. For example, when the first random parameter is-1, T < H is indicated if λ is greater than 0, and T+.H is indicated if λ is less than or equal to 0. Or when the first random parameter is 1, if lambda is greater than or equal to 0, then T is greater than or equal to H, and if lambda is less than 0, then T is less than H.
Referring to fig. 6, fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the application. The electronic device comprises a memory 10 and a processor 20 coupled to each other. The memory 10 has stored therein program instructions for execution by the processor 20 to implement the data monitoring method as set forth in any of the above embodiments. In particular, the electronic device includes, but is not limited to, a desktop computer, a notebook computer, a tablet computer, a server, etc., without limitation. Processor 20 may also be referred to as a CPU (Center Processing Unit, central processing unit). The processor 20 may be an integrated circuit chip having signal processing capabilities. The Processor 20 may also be a general purpose Processor, a digital signal Processor (DIGITAL SIGNAL Processor, DSP), an Application SPECIFIC INTEGRATED Circuit (ASIC), a Field-Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic device, a discrete gate or transistor logic device, a discrete hardware component. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. In addition, the processor 20 may be commonly implemented by an integrated circuit chip.
Referring to fig. 7, fig. 7 is a schematic structural diagram of an embodiment of a computer readable storage medium according to the present application. The storage medium 30 has stored thereon program instructions 40 that can be executed by a processor, the program instructions 40 when executed by the processor implementing the data monitoring method as mentioned in any of the embodiments above.
In the several embodiments provided in the present application, it should be understood that the disclosed method and apparatus may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of modules or units is merely a logical functional division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical, or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor (processor) to execute all or part of the steps of the methods of the embodiments of the present application. The storage medium includes a U disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, an optical disk, or other various media capable of storing program codes.
The foregoing description is only of embodiments of the present application, and is not intended to limit the scope of the application, and all equivalent structures or equivalent processes using the descriptions and the drawings of the present application or directly or indirectly applied to other related technical fields are included in the scope of the present application.

Claims (10)

1. The data monitoring method is characterized by being applied to a data monitoring system, wherein the data monitoring system comprises a local terminal, a first cloud end and a second cloud end, and the data monitoring method comprises the following steps:
The method comprises the steps that a target secret key is obtained in response to the local terminal to obtain data to be monitored and matched reference data of the data to be monitored, the target secret key is used for encrypting the data to be monitored to obtain a first ciphertext, the target secret key is used for encrypting the reference data to obtain a second ciphertext, and the first ciphertext and the second ciphertext are transmitted to a first cloud;
Encrypting the first ciphertext and the second ciphertext by using the target key and the disturbance parameter to obtain a target ciphertext and transmitting the target ciphertext to the second cloud;
decrypting the target ciphertext by using a decryption key to obtain decryption data and transmitting the decryption data to the first cloud, wherein the decryption key corresponds to the target key;
And acquiring a monitoring result corresponding to the data to be monitored based on the decrypted data and the disturbance parameters.
2. The method of claim 1, wherein the local terminal comprises an acquisition device and a processing device, and wherein the obtaining the target key comprises:
Acquiring a first target parameter and a second target parameter;
Encrypting the first target parameters for multiple times by using the processing equipment to obtain multiple first weights, and encrypting the second target parameters by using the processing equipment to obtain second weights;
the target key is determined based on the first weight and the second weight.
3. The method according to claim 2, wherein encrypting the data to be monitored with the target key to obtain a first ciphertext comprises:
obtaining a first reference sub-ciphertext according to the first encryption parameter and the current first weight by using the processing equipment, and obtaining a second reference sub-ciphertext according to the second encryption parameter and other first weights by using the processing equipment;
And enabling the processing equipment to obtain the first ciphertext according to the data to be monitored, the first reference sub-ciphertext and the second reference sub-ciphertext.
4. The method of claim 2, wherein the perturbation parameters include a first random parameter and at least one second random parameter, the first random parameter being selected from a first candidate parameter and a second candidate parameter, the encrypting the first ciphertext and the second ciphertext using the target key and the perturbation parameter to obtain a target ciphertext and transmitting the target ciphertext to the second cloud comprises:
Acquiring a variation amplitude ciphertext based on the target key, the first ciphertext, and the second ciphertext, and
For any one of the second random parameters, acquiring a target encryption weight based on the first random parameter, the second random parameter and the target key;
and acquiring the target ciphertext based on the amplitude-of-change ciphertext and the target encryption weight, and transmitting the target ciphertext to a second cloud.
5. The method of claim 4, wherein the obtaining the amplitude-of-change ciphertext based on the target key, the first ciphertext, and the second ciphertext comprises:
Acquiring a first product of the second weight and the second ciphertext by using the first cloud;
And using the first cloud to take the sum of the first ciphertext and the first product as the amplitude-variable ciphertext.
6. The method of claim 4, wherein the obtaining, for any of the second random parameters, a target encryption weight based on the first random parameter, the second random parameter, and the target key comprises:
Acquiring a second product of the first random parameter and the second random parameter by using the first cloud;
and encrypting the second product by the first cloud end through the first weight to obtain the target encryption weight.
7. The method of claim 4, wherein the obtaining, based on the decrypted data and the disturbance parameter, a monitoring result corresponding to the data to be monitored comprises:
and determining the monitoring result by the first cloud according to the first random parameter and amplitude information in the decrypted data, wherein the amplitude information is used for representing a difference value between the data to be monitored and the reference data.
8. The method of claim 7, wherein after obtaining the monitoring result corresponding to the data to be monitored based on the decrypted data and the disturbance parameter, the method comprises:
and responding to the monitoring result to meet a preset alarm condition, and enabling the first cloud end to send the monitoring result to the processing equipment.
9. An electronic device comprising a memory and a processor coupled to each other, the memory having program instructions stored therein, the processor configured to execute the program instructions to implement the data monitoring method of any of claims 1-8.
10. A computer readable storage medium having stored thereon program instructions, which when executed by a processor implement the data monitoring method according to any of claims 1-8.
CN202411320265.XA 2024-09-20 2024-09-20 Data monitoring method, electronic device, and computer-readable storage medium Active CN119420496B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411320265.XA CN119420496B (en) 2024-09-20 2024-09-20 Data monitoring method, electronic device, and computer-readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411320265.XA CN119420496B (en) 2024-09-20 2024-09-20 Data monitoring method, electronic device, and computer-readable storage medium

Publications (2)

Publication Number Publication Date
CN119420496A CN119420496A (en) 2025-02-11
CN119420496B true CN119420496B (en) 2025-10-03

Family

ID=94464549

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411320265.XA Active CN119420496B (en) 2024-09-20 2024-09-20 Data monitoring method, electronic device, and computer-readable storage medium

Country Status (1)

Country Link
CN (1) CN119420496B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115801308A (en) * 2022-09-16 2023-03-14 北京瑞莱智慧科技有限公司 Data processing method, related device and storage medium
WO2024174107A1 (en) * 2023-02-21 2024-08-29 北京信息科学技术研究院 Homomorphic decryption method and apparatus, and non-volatile storage medium and computer device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110011784B (en) * 2019-04-04 2021-06-08 东北大学 KNN classification service system and method supporting privacy protection
CN116028257A (en) * 2023-02-20 2023-04-28 中移动信息技术有限公司 Abnormal data detection method, device, electronic equipment and computer storage medium
CN116881950B (en) * 2023-09-05 2023-11-10 北京天润基业科技发展股份有限公司 Processing method and device of privacy data, electronic equipment and readable storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115801308A (en) * 2022-09-16 2023-03-14 北京瑞莱智慧科技有限公司 Data processing method, related device and storage medium
WO2024174107A1 (en) * 2023-02-21 2024-08-29 北京信息科学技术研究院 Homomorphic decryption method and apparatus, and non-volatile storage medium and computer device

Also Published As

Publication number Publication date
CN119420496A (en) 2025-02-11

Similar Documents

Publication Publication Date Title
CN110087237B (en) Privacy protection method and device based on data disturbance and related components
CN108040191B (en) Image encryption and decryption method based on hash chain compressed sensing
CN103905469B (en) Security control system and method applied to smart grid wireless sensing network and cloud computing
CN110611568B (en) Dynamic encryption and decryption method, device and equipment based on multiple encryption and decryption algorithms
CN118350452B (en) Federated learning method, client, server and system based on attention mechanism
WO2023059501A1 (en) Statistically private oblivious transfer from cdh
CN118842652A (en) Cloud photo frame data end-to-end secure encryption transmission method based on security requirements
CN109495266B (en) Data encryption method and device based on random number
CN112699391B (en) Target data sending method and privacy computing platform
US9509511B2 (en) Identity based encryption
CN119420496B (en) Data monitoring method, electronic device, and computer-readable storage medium
CN115567933A (en) Channel key generation method and data transmission method
CN110012099A (en) Information monitoring system and method
CN112580077B (en) Information processing method, device, equipment and storage medium
CN117633848B (en) User information joint processing method, device, equipment and computer readable medium
CN116781425B (en) Service data acquisition method, device, equipment and storage medium
CN110995749A (en) Block chain encryption method and device, electronic equipment and storage medium
CN115801266B (en) Data transmission methods, apparatus, computer equipment and storage media
Xia et al. Teva: Training-efficient and verifiable aggregation for federated learning for consumer electronics in industry 5.0
CN118300785A (en) Safe data encryption method and device for electric power Internet of things
Sapna et al. An Efficient Internet of Things Interoperability Model Using Secure Access Control Mechanism.
Tao et al. EPPSA: Efficient Privacy‐Preserving Statistical Aggregation Scheme for Edge Computing‐Enhanced Wireless Sensor Networks
CN119382873B (en) Data processing methods, media, and program products for secure computing
CN117349867B (en) Intelligent contract deployment method, system, equipment and medium
CN119094554A (en) Remote management system, method, electronic device and storage medium for electric power equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant