CN111949986B - Service processing method, system and storage medium - Google Patents
Service processing method, system and storage medium Download PDFInfo
- Publication number
- CN111949986B CN111949986B CN202010103073.9A CN202010103073A CN111949986B CN 111949986 B CN111949986 B CN 111949986B CN 202010103073 A CN202010103073 A CN 202010103073A CN 111949986 B CN111949986 B CN 111949986B
- Authority
- CN
- China
- Prior art keywords
- data
- execution environment
- verification
- service processing
- artificial intelligence
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a service processing method, a service processing system and a storage medium. The service processing method is applicable to a service processing system at least comprising terminal equipment, wherein the terminal equipment is used for providing an untrusted execution environment and a trusted execution environment, an artificial intelligent model is installed in the untrusted execution environment, and the service processing method comprises the following steps: operating an artificial intelligent model in an untrusted execution environment during the operation of a service processing task by the terminal equipment to obtain data to be processed; executing a business processing task by utilizing the data to be processed under the condition that the credibility verification result of the artificial intelligent model is credible; the trust verification results are from a trusted execution environment. The application confirms the credibility verification result stored in the credible execution environment to identify the artificial intelligent model running in the untrustworthy execution environment and the running result thereof as honest and untrustworthy.
Description
Technical Field
The present application relates to the field of computers, and in particular, to a service processing method, a service processing system based on an artificial intelligence model, a terminal device, a server device, a service processing software system, and a computer readable storage medium.
Background
As the hardware of the terminal devices is upgraded, more and more terminal devices are able to handle artificial intelligence models, e.g., trained neural network models, etc. Wherein the input of some artificial intelligence models involves security level data, such as PIN codes, fingerprint features, etc., which makes it necessary for the terminal device to have a higher capability of protecting the security level data.
However, the terminal devices are of a wide variety and security is uneven; furthermore, the security level data does not necessarily need to be or can be stably stored in the terminal device, and some of the security level data may be face features, fingerprint features, voiceprint features, and the like. This makes it necessary to ensure the trustworthiness of the program itself installed in the terminal device that processes the security level data.
Disclosure of Invention
In view of the above-described drawbacks of the related art, an object of the present application is to provide a service processing method, an artificial intelligence model-based service processing system, a terminal device, a server device, a service processing software system, and a computer-readable storage medium.
To achieve the above and other related objects, in a first aspect, the present application discloses a service processing method, which is applicable to a service processing system including at least a terminal device, where an artificial intelligence model running in an untrusted execution environment is configured in the terminal device, and the service processing method includes: operating the artificial intelligent model during the operation of the service processing task by the terminal equipment to obtain data to be processed; executing the business processing task by utilizing the data to be processed under the condition that the credibility verification result of the artificial intelligent model is credible; the trust verification results are from a trusted execution environment.
The second aspect of the present application provides a service processing method, which is applicable to a service processing system constructed by a terminal device and a server device, and includes: obtaining a credibility verification result; the credibility verification result is obtained by carrying out credibility verification on an artificial intelligent model operated in an untrusted execution environment in the terminal equipment; during the operation of the service processing task, under the condition that the credibility verification result is confirmed to be credible, the service processing task and the terminal equipment cooperatively process the data to be processed in the terminal equipment to execute the corresponding service processing task; wherein the data to be processed is obtained by running the artificial intelligence model in the untrusted execution environment.
A third aspect of the present application provides a service processing system based on an artificial intelligence model, including: a terminal device, at least providing an untrusted execution environment and a trusted execution environment, for executing the service processing method according to the first aspect; the server side equipment is communicated with the terminal equipment and is used for sending at least one verification execution program which is generated in advance to the terminal equipment so as to obtain a credibility verification result after the execution of the credible execution environment in the terminal equipment.
In certain embodiments of the third aspect, the service-side device performs the service processing method as described in the second aspect based on a triggering operation of the terminal device.
A fourth aspect of the present application provides a terminal device, including: a storage device for storing a program describing the artificial intelligence model, at least one service processing program, and a trust verification result; processing means in communication with said memory means via a bus, comprising: a first processing unit configured in an untrusted execution environment for invoking and executing the at least one business process program and running the artificial intelligence model in the untrusted execution environment to perform the business process method according to any of the first aspects; the second processing unit is configured in the trusted execution environment and is used for reading the credibility verification result; wherein data is communicated between the trusted execution environment and the untrusted execution environment.
A fifth aspect of the present application provides a terminal device, comprising: a storage device for storing a program describing the artificial intelligence model, at least one service processing program, and a trust verification result; processing means in communication with said storage means via a bus, configured in an untrusted execution environment for invoking and executing said at least one business process program, and running said artificial intelligence model in said untrusted execution environment to perform the business process method according to the first aspect; the interface device is used for being in communication connection with verification equipment to obtain a credibility verification result; wherein the verification device provides a trusted execution environment and stores the trust verification result.
A sixth aspect of the present application provides a server device, including: the interface device is used for receiving the data to be processed and the credibility verification result from the terminal equipment; a storage device for storing at least one program; processing means for invoking said at least one program to coordinate said interface means and storage means to perform the business processing method as described in the two aspects.
A seventh aspect of the present application provides a computer-readable storage medium storing at least one program which, when called, executes and implements the service processing method according to any one of the first aspects, or executes and implements the service processing method according to any one of the second aspects.
An eighth aspect of the present application provides a service processing software system configured in a service processing system at least including a terminal device, where the terminal device is configured to provide an untrusted execution environment and a trusted execution environment, and the untrusted execution environment is installed with an artificial intelligence model, where the service processing software system includes: the service operation module is used for operating the artificial intelligent model in the untrusted execution environment during the operation of the service processing task so as to obtain data to be processed; and the service processing task is executed by utilizing the data to be processed in a state that the credibility verification result is credible; the trust verification result is obtained by performing trust verification on an artificial intelligent model operated in the untrusted execution environment, and the trust verification result is from the trusted execution environment.
A ninth aspect of the present application provides a service processing software system configured in a service processing system configured by a terminal device and a server device, where the service processing software system includes: the service operation module is used for acquiring a credibility verification result from the terminal equipment; the credibility verification result is obtained by carrying out credibility verification on an artificial intelligent model operated in an untrusted execution environment in the terminal equipment; and the terminal equipment is used for cooperatively processing the data to be processed in the terminal equipment to execute the corresponding business processing task under the state that the credibility verification result is credible during the operation of the business processing task; wherein the data to be processed is obtained by running the artificial intelligence model in the untrusted execution environment.
In summary, the service processing method, the service processing system, the terminal device, the server device, the service processing software system and the computer readable storage medium provided by the application identify the artificial intelligent model running in the untrusted execution environment and the running result thereof as honest and untampered by confirming the credibility verification result stored in the trusted execution environment, thus ensuring that the running result provided by the artificial intelligent model used by the service processing task is security level data. Is especially suitable for the fields of security, finance, insurance, investment and the like.
Drawings
The specific features of the application related to the application are shown in the appended claims. A better understanding of the features and advantages of the application in accordance with the present application will be obtained by reference to the exemplary embodiments and the accompanying drawings that are described in detail below. The brief description of the drawings is as follows:
fig. 1 shows a schematic structural diagram of a terminal device according to the present application in some examples.
Fig. 2 is a schematic flow chart of performing operation security verification in the verification method of the present application.
Fig. 3 is a schematic flow chart of the operability verification performed in the verification method of the present application.
Fig. 4 is a schematic flow chart of the integrity verification performed in the verification method of the present application.
Fig. 5 shows a flow chart of the service processing performed by the service processing system according to the present application using the trust verification result.
Fig. 6 is a flow chart illustrating the execution of a business processing task for the business processing system of the present application.
Fig. 7 is a diagram showing the architecture of the software trust verification system of the present application.
Fig. 8 is a schematic diagram of a network architecture provided by the present application based on the authentication scheme and the service processing scheme according to the present application.
Fig. 9 is a schematic diagram of a trusted verification device according to the present application in an embodiment.
FIG. 10 is a schematic diagram of a second software trust verification system according to the present application in an embodiment.
Detailed Description
Further advantages and effects of the present application will become apparent to those skilled in the art from the disclosure of the present application, which is described by the following specific examples.
Although the terms first, second, etc. may be used herein to describe various elements or parameters in some examples, these elements or parameters should not be limited by these terms. These terms are only used to distinguish one parameter from another. For example, a first operational result may be referred to as a second operational result, and similarly, a second operational result may be referred to as a first operational result without departing from the scope of the various described embodiments. The first and second operational results are both described as one operational result, but they are not the same operational result unless the context clearly indicates otherwise.
Furthermore, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context indicates otherwise. It will be further understood that the terms "comprises," "comprising," "includes," and/or "including" specify the presence of stated features, steps, operations, elements, components, items, categories, and/or groups, but do not preclude the presence, presence or addition of one or more other features, steps, operations, elements, components, items, categories, and/or groups. The terms "or" and/or "as used herein are to be construed as inclusive, or meaning any one or any combination. Thus, "A, B or C" or "A, B and/or C" means "any of the following: a, A is as follows; b, a step of preparing a composite material; c, performing operation; a and B; a and C; b and C; A. b and C). An exception to this definition will occur only when a combination of elements, functions, steps or operations are in some way inherently mutually exclusive.
Terminal devices generally refer to devices that input information such as programs and/or data to a remote computer via a communication facility, or that receive information such as processing results output by a remote computer. The terminal devices are typically located at convenient locations where a communication facility can be used to connect work with a remote computer, with a number of discrete terminal devices being communicatively connected to the remote computer via the communication facility.
The terminal device not only has the functions of inputting information and outputting information, but also is suitable for a workplace so as to provide computing processing operation matched with the workplace. Here, the calculation processing operation performed by the terminal device is generally performed by a service processing program (also referred to as Application, APP) stored in the terminal device in advance. When the service processing program is called, the terminal device can perform calculation processing on the information acquired locally or the information input by a remote computer to provide corresponding service processing tasks.
The service processing program is usually executed by the terminal device alone or by the terminal device and the remote computer in a matched manner, and provides a richer use experience program for a user holding the terminal device in order to perfect the deficiency and individuation of the original system of the terminal device. Examples of the service processing procedure include: and providing the program of the internet service for the user and providing the program of the local operation for the user. Depending on the workplace of the terminal device, its pre-stored service processing program may come from an application Store (APP Store), or a program implanted before delivery. Taking a terminal device as a mobile terminal device as an example, the service processing program includes: social class applications, e-commerce shopping class applications, hotel travel class applications, search class applications, and the like. Taking a terminal device as a security monitoring terminal device as an example, the service processing program comprises: a living body recognition class program, a posture tracking/recognition class program, a traffic monitoring class program, and the like. Taking a terminal device as an example of a payment terminal device, the service processing program comprises: self-service payment type programs, transfer transaction type programs, commodity identification type programs, and the like. Taking a terminal device as an access control terminal device as an example, the service processing program comprises: and providing access control business class programs according to the identified user rights, the user gestures and the like.
In the above-described exemplary terminal devices, the terminal devices are often in data communication with a remote computer located in the internet through a mobile network for convenience of carrying and installation. For this purpose, the terminal device is usually equipped with a SIM card for accessing the mobile network, in which a secure memory unit is provided for storing the PIN code, which makes it possible for the terminal device to provide on hardware some secure memory for storing data of the security level. However, as the computing power of the terminal device increases, security level data such as PIN codes, for example, needs to be read out from the secure memory at the time of operation, which makes it possible for the PIN codes to be in an untrusted execution environment. Alternatively, the data of the other security levels may not come from the secure memory, but from the acquisition hardware of the terminal device, from a remote computer, or from other terminal devices, etc. To maintain privacy and data security, in some examples, the terminal device stores and executes programs that process security-level data by a trusted execution environment that the terminal device separately configures. In the case that the hardware configurations of the terminal devices on the market are different, the trusted execution environments configured in the terminal devices on the market are not uniform, so that the capabilities of the trusted execution environments for processing data are different, and therefore, programs with high requirements on computing capabilities usually run in untrusted execution environments. Examples of such programs include those designed using artificial intelligence models, or the business processes mentioned above, and the like. The artificial intelligence model refers to data processing logic designed by using a machine-learning algorithm, and is used for identifying, classifying, verifying and the like related to business processing on input data. The artificial intelligence model programmatically describes the corresponding processing logic and operates in an untrusted execution environment. Wherein a program describing an artificial intelligence model is said to run when it is called for execution. Wherein the machine-learnable algorithm includes, but is not limited to: neural network algorithms, decision tree algorithms, clustering algorithms, random forest algorithms, genetic algorithms, etc. Artificial intelligence models functionally include, but are not limited to, any of the following: a biometric model, an image recognition model, or a text recognition model. Under the scene related to user authority authentication, security protection and the like, the artificial intelligent model is used for extracting biological characteristic data, identifying identity or identifying gesture of biological data acquired by the terminal equipment when running in an untrusted execution environment. Wherein the biometric data includes, but is not limited to: biometric data generated based on image data provided by the imaging device or biometric data generated based on fingerprint data provided by the fingerprint acquisition device. Wherein the image data includes face image data, human body posture image data, or other image data such as plants, animals, etc. The face image data includes, but is not limited to, facial feature image data, facial expression image data, and the like. The human body pose image data includes, but is not limited to: with/without occlusion, whole body pose image data with/without occlusion, etc. Examples of the identification include: identifying the true identity of a user, identifying the preset identity of the user in terminal equipment and the like; wherein the true identity comprises an identity provable by a certificate; the preset identity comprises an identity which can be proved by the identity configuration information of the terminal equipment. For example, artificial intelligence models operate in an untrusted execution environment to identify the degree of matching of user facial feature data with facial feature data in an identity card. As another example, artificial intelligence models operate in an untrusted execution environment to identify a degree of match of a user's fingerprint feature data with pre-stored fingerprint feature data. Examples of gesture recognition include recognizing a person's expression, recognizing a human body's static motion, or recognizing a human body's dynamic motion, etc. Such as identifying blinks, movements of the head, lips, etc., identifying gesture movements, identifying limb movements, etc.
In order to provide a corresponding credibility verification result for the artificial intelligent model and the operation result thereof which are operated in the unreliable execution environment and are considered to be credible by the business processing task, the business processing task which uses the artificial intelligent model and the operation result thereof can be helped to treat the operation process of the artificial intelligent model and the operation result thereof as having the security level as the PIN code.
To this end, in some examples, a trusted execution environment with greater computing capabilities is built into the terminal device to perform the trust verification. In other examples, the terminal device is external to a trusted verification device capable of providing a trusted execution environment. The trusted verification device is an external device, which includes but is not limited to: a master device or a slave device connected with the terminal device through a data interface, a remote server, etc. The trusted verification device may be connected to the terminal device via a wired interface, for example via a USB interface. For example, as the master device, the trusted verification device may be a portable terminal (such as a smart phone, a PAD, etc.), which controls the terminal device in a verification mode/operation mode, wherein in the verification mode, the trusted verification device performs a trusted verification for an artificial intelligence model running in the terminal device; in the operation mode, the trusted verification device assists the terminal device in performing the service processing tasks, wherein the service processing tasks are performed by running the artificial intelligence model. As another example, as a slave device, the trust verification device may be an integrated circuit (e.g., U-shield, etc.) with processing capabilities that performs trust verification under the scheduling of business processing tasks that are run in the terminal device. The trust verification device may also communicate with the terminal device via a network interface, e.g., the trust verification device is a server device in communication with the terminal device that performs trust verification on an artificial intelligence model running in the terminal device using a communication mechanism.
Wherein the trusted execution environment at least comprises a secure operating system (trust OS) running in the terminal device, the secure operating system being used to provide protection measures such as copyright, data security and the like for the running program. The protection measures can be according to specifications such as TEE, or other customized protection specifications. The trusted execution environment further includes a first hardware unit that operates under a driven operation of hardware by the secure operating system. Wherein the first hardware unit may be shared with an untrusted execution environment in the terminal device or configured separately. For example, the first hardware unit in the trusted execution environment comprises a separately configured processor, or is one of a plurality of independent virtual processors in the host processor. For another example, the first hardware unit in the trusted execution environment includes an independent secure memory (such as a secure memory in a SIM card), or an independent storage area obtained by configuring a storage device in the terminal device. For another example, the first hardware unit in the trusted environment further includes a network interface for performing network communication and a bus interface for performing internal data transmission in the terminal device, and various interfaces in the trusted environment implement data transmission under the protection specification based on the corresponding interface protocol.
An untrusted execution environment is configured in the terminal device. The untrusted execution environment includes at least an Operating System (OS) running in the terminal device in parallel with a secure operating system (trust OS). In other words, the terminal device may be configured with a separate secure operating system (trust OS) and Operating System (OS). Examples of the Operating System (OS) include: an operating system of an IOS architecture, an operating system of an Android architecture, or an operating system of a Window architecture, etc. An Operating System (OS) in the terminal device is used to provide basic transactions such as managing and configuring memory, determining priority of supply and demand of system resources, controlling input and output devices of the terminal device, operating network and managing file system for running service processing program and running artificial intelligence model program. The untrusted execution environment further includes a second hardware unit in the terminal device that operates under a driven operation of the Operating System (OS) on hardware. Wherein the second hardware unit may be shared with a trusted execution environment or configured separately. For example, the second hardware unit in the untrusted execution environment may comprise a separately configured processor, or may be one of a plurality of separate virtual processors configured for the host processor. For another example, the second hardware unit in the untrusted execution environment includes a separate memory (such as a storage device including a nonvolatile memory and a volatile memory), or other storage areas of the storage areas in the untrusted execution environment, where the storage devices in the terminal device are configured. For another example, the second hardware unit in the trusted environment further includes a network interface for performing network communication and a bus interface for performing internal data transmission in the terminal device, and the various interfaces in the untrusted environment may perform data transmission according to the corresponding interface protocols.
Taking the example that the trusted execution environment is configured in the terminal equipment, the terminal equipment comprises a storage device and a processing device. The processing device further comprises a first processing unit and a second processing unit.
The storage device is used for storing the artificial intelligent model, storing at least one verification execution program and at least one service processing program, storing a credibility verification result obtained by executing a verification method described below, and the like. In some examples, the storage device may be configured in a trusted execution environment and an untrusted execution environment in accordance with the storage rights. For example, the storage device sets higher read-write permission for at least one verification executing program, and the programs with lower read-write permission such as the service processing program call any verification executing program five times at runtime. In other examples, referring to fig. 1, a schematic diagram of a terminal device in some examples is shown, where the storage device includes a first storage unit 111 configured in an untrusted execution environment 11 and a second storage unit 121 configured in a trusted execution environment 12. The second storage unit 121 includes the aforementioned secure memory, and may further include a volatile storage medium such as a cache. At least one authentication execution program is stored in the second storage unit 121. The first storage unit 111 includes a nonvolatile memory, and may include a volatile storage medium such as a cache, a memory controller, and the like. The program describing the artificial intelligence model, the at least one business process program, and the like are stored in the first storage unit 111.
The processing device and the storage device are connected through a communication standard inside a computer such as a bus, where, taking fig. 1 as an example, the first processing unit 112 is configured in the untrusted execution environment 11, and is used to call and execute the at least one service processing program, and run the artificial intelligence model in the untrusted execution environment 11 to execute a service processing method; the second processing unit 122 is configured in the trusted execution environment 12 for invoking and executing the at least one authentication execution program to perform the authentication method.
Taking the trusted execution environment configured in the trusted verification device as an example, please refer to fig. 9, which shows a schematic diagram of the trusted verification device. Wherein the trusted verification device 3 comprises a device configured in a trusted execution environment: an interface unit 303, a processing unit 302, and a storage unit 301. The interface unit 303 is at least used for data communication with a terminal device, and includes a serial interface and/or a network interface. The authentication device 3 may contain only a serial interface, for example a USB interface, to connect the terminal device 1; it may also contain only network interfaces, such as SIM card readers, wifi network interfaces, to communicate with the terminal device; a serial interface through which the terminal device 1 is connected, a network interface through which communication with other servers (such as the authentication server 2) is performed, and the like may also be included. Wherein the storage unit 301 may correspond to the second storage unit in the above example, or other memory. For example, the memory unit includes a nonvolatile memory, a volatile memory, and the like. The processing unit 302 may correspond to the second processing unit in the above example, or other processor that may perform data processing and mathematical calculations, such as an FPGA, a CPU, or an integrated circuit containing a processor, etc.
In some examples, the terminal device further comprises acquisition means (not shown) for acquiring biological data; the artificial intelligence model is used for carrying out feature extraction or identification processing on the collected biological data to obtain data to be processed. The business processes and verification processes involved in this example will also be described in detail later.
For ease of description, the processes that follow that involve execution by hardware units in a trusted execution environment under the coordination of a calling program are referred to as operations (processes) performed by the trusted execution environment, or operations (or processes) that may be performed by the trusted execution environment. The processes that follow that involve execution by hardware units in the untrusted execution environment under the coordination of the calling program are referred to as operations (processes) performed by the untrusted execution environment, or operations (or processes) that the untrusted execution environment runs.
Here, data communication is performed between the untrusted execution environment and the trusted execution environment so that data stored in one execution environment may be processed in another execution environment. For example, a payment program running in an untrusted execution environment executes corresponding payment processing logic by reading security level data stored in the trusted execution environment. As another example, a verification executive running in a trusted execution environment performs trust verification by reading data generated by an artificial intelligence model running in an untrusted execution environment.
In order to improve the security of data communication between the untrusted execution environment and the trusted execution environment, that is, to prevent the security problems of data leakage, tampering and the like during the data communication of the two execution environments, the terminal device performs security protection on the data interacted between the untrusted execution environment and the trusted execution environment. In some examples, data communication is based on cryptography between the untrusted execution environment and the trusted execution environment. For example, data transferred between the untrusted execution environment and the trusted execution environment is encrypted with a key to secure the data. As another example, certificates are utilized to verify data transferred between an untrusted execution environment and a trusted execution environment.
When an artificial intelligence model operated by an untrusted execution environment affects some business processing results and the business processing results affect security monitoring, account rights, building access, funds circulation and the like, the artificial intelligence model and data output by the artificial intelligence model need to be trusted. To this end, the application provides a method for trusted verification of an artificial intelligence model. The trusted verification method is suitable for a trusted verification system at least comprising terminal equipment. Wherein the trusted execution environment in the terminal device stores at least one verification execution program corresponding to the artificial intelligence model. The at least one verification execution program is used for executing a process of verifying the credibility of an artificial intelligence model operated by an untrusted execution environment in the terminal equipment when the operation is invoked.
Wherein in some embodiments, the at least one authentication execution program is included in a service processing program (APP) of the artificial intelligence model, and is downloaded to the terminal device (or trusted authentication device) along with the service processing program along with the user downloading operation.
In still other embodiments, the at least one authentication execution program may also be derived from the trusted authentication system, which includes not only the terminal device (or the trusted authentication device), but also a trusted authentication server (or referred to as a trusted authentication server device).
Here, for convenience of example, the following process is taken as an example of the trusted execution environment built in the terminal device, and it should be noted that the following process may be performed by using software and hardware of the trusted authentication device externally connected to the terminal device.
The trusted verification server may be a single server, a server cluster, a distributed server cluster, a cloud server, or the like, which provides verification execution programs for a plurality of terminal devices configured with an artificial intelligence model. Here, according to the actual design, the service end is provided by a cloud service end provided by a cloud provider. The Cloud Service end comprises a Public Cloud (Public Cloud) Service end and a Private Cloud (Private Cloud) Service end, wherein the Public or Private Cloud Service end comprises Software-as-a-Service (SaaS), platform-as-a-Service (Platform-as-Service), infrastructure-as-a-Service (IaaS) and the like. The private cloud service end is, for example, an ali cloud computing service platform, an Amazon (Amazon) cloud computing service platform, a hundred degree cloud computing platform, a Tencel cloud computing platform, and the like.
In some examples, the trusted verification server comprises an interface device, a storage device, and a processing device.
The interface device is in data connection with the processing device, and can be connected through a bus or can carry out data transmission through a communication network. For this purpose, the interface means include, but are not limited to, a network card, a mobile network access module, a bus interface connected to the processing means via a bus, a serial interface such as USB, etc. The interface devices communicate data through the Internet, a mobile network and a local area network. For example, the interface device of the trusted verification server is in communication connection with the interface device of the artificial intelligence model provider, the interface device of the terminal equipment and the like, and the artificial intelligence model provider uploads the program describing the data processing relationship of the artificial intelligence model to be issued to the trusted verification server through the communicated interface device. The artificial intelligent model is used for carrying out identity recognition or gesture recognition on biological data acquired by the terminal equipment when in operation. For example, feature extraction is performed on face features and body state features in the acquired images. As another example, fingerprint feature extraction is performed on the collected fingerprint information. For another example, at least one of the extracted face features, body state features, or fingerprint features is identified. And for example, performing expression recognition on the extracted facial features. And for example, performing gesture recognition on the extracted morphological characteristics.
The storage device includes, but is not limited to: read-Only Memory (ROM), random access Memory (Random Access Memory, RAM), nonvolatile Memory (NVRAM). For example, the storage means comprises a flash memory device or other non-volatile solid state storage device. In some embodiments, the storage device may also include memory remote from the one or more processing devices, such as network-attached memory accessed via RF circuitry or external ports and a communication network, which may be the internet, one or more intranets, a Local Area Network (LAN), a Wide Area Network (WAN), a Storage Area Network (SAN), etc., or a suitable combination thereof. The storage device also includes a memory controller that can control access control to memory by mobile devices such as a Central Processing Unit (CPU) and interface devices or other components. The storage means stores therein a program describing the data processing relationships of the artificial intelligence model received from the interface means, and at least one authentication execution program corresponding to the artificial intelligence model.
The processing device is connected with the interface device and the storage device and is used for calling and executing at least one program to coordinate the interface device and the storage device to execute and send the at least one verification execution program to the terminal equipment installed with the artificial intelligent model. The processing means comprises one or more general-purpose Central Processing Units (CPU), one or more application specific processors (ASIC), one or more digital signal processors (Digital Signal Processor, abbreviated DSP), one or more field programmable logic arrays (Field Programmable Gate Array, abbreviated FPGA), one or more graphics processor GPU, or any combination thereof. The processing means is further operatively coupled with interface means which may enable the processing means to interact with various terminal devices. For example, the processing device reads a verification execution program or the like stored in the storage device.
The at least one verification execution program is used for executing the credibility verification of the artificial intelligent model operated by the terminal equipment when being called, and comprises the program itself obtained by compiling codes and verification configuration information required by the execution of the program itself. Wherein the trust verification is a verification of the operation process and the operation result of the artificial intelligence model for confirming that the operation process of the artificial intelligence model operated in the untrusted execution environment is honest and not tampered, and the operation result thereof is honest, not tampered and not destroyed, thereby the operation result provided by the artificial intelligence model used when the terminal device performs the business processing task accords with objective facts.
Wherein, the verification input data refers to input data required for verifying the artificial intelligent model, and the verification configuration information refers to configuration information related to a type that can be verified by at least one verification execution program, and examples thereof include at least one of the following: information related to the result of the verification operation, information related to the operation of the trusted execution environment in the scheduling terminal device. The at least one verification executing program can be determined according to the type of the operated artificial intelligent model, the service processing task for starting the artificial intelligent model, the vulnerability easy to generate during the operation of the artificial intelligent model and the like, and the operation result output by the operation of the artificial intelligent model is ensured to be trusted during the service processing process during the operation. In business processing tasks such as payment, security, account authentication and the like, the verification result is used for providing a basis for the trust of the security level data of the operation result output by the artificial intelligent model operating in the untrusted execution environment.
In some examples, the interface device of the trusted verification server receives at least one verification execution program corresponding to a certain artificial intelligent model, stores the verification execution program in the storage device through the processing device, reads the corresponding at least one verification execution program from the storage device when the terminal device requests to download the program describing the artificial intelligent model, and sends the corresponding at least one verification execution program to the corresponding terminal device through the interface device together with the program describing the artificial intelligent model.
In still other examples, the processing device selects at least one verification executive from a set of verification executives that matches the artificial intelligence model based on the artificial intelligence model.
Here, the artificial intelligence model provider provides not only the program itself describing the artificial intelligence model but also related information of the artificial intelligence model. Wherein the related information includes at least one of: file information of the uploaded artificial intelligence model, type of the artificial intelligence model, input/output data specification, and operation environment, etc. For example, the processing means obtains the program describing the artificial intelligence model and the related information by presenting an interface for uploading the program describing the artificial intelligence model and the related information to a provider. The file information includes, but is not limited to, version information, file header information, and the like. Types of artificial intelligence models include, but are not limited to, types related to usage scenarios, or types related to algorithms involved, etc. Examples of the types related to the use scenario include at least one of: facial recognition type, animal/plant recognition type, expression recognition type, gesture recognition type, character recognition type, and the like. Examples of the types associated with the algorithms involved include at least one of: CNN algorithm type, markov algorithm type, random forest algorithm type, genetic algorithm type, LSTM algorithm type, etc. Input/output data specifications include, but are not limited to: input data specifications, output data specifications, or resource occupancy specifications, etc. Examples of input data specifications include at least one of: the data type, amount of data, etc., for example, the input data type includes at least one of: data objects, data object formats, character strings, integer numbers, floating point numbers, and the like. Examples of output data specifications include: data type, amount of data, etc., for example, the output data type includes at least one of: data objects, formats of data objects, strings, integer numbers, floating point numbers, and the like. Examples of resource occupancy specifications include at least one of: memory occupation, external resource types to be called, etc., wherein examples of the external resource types include at least one of the following: the internal resources and rights of the terminal equipment, the type of service provided by the Internet server and the like.
The processing device converts the related information into a database operation statement, selects a storage address of at least one verification execution program matched with the artificial intelligent model from a database, and acquires each verification execution program. The database is a data management system for the processing device to query, write, read, delete, etc. the stored information according to the related information, and examples of the data management system are but not limited to: oracle, mySQL, etc. The set of authentication executives may be stored in the storage means of the trusted authentication server or in a storage server in communication with the trusted authentication server, the processing means determining the selected at least one authentication executor using the address links stored in the database, and transmitting the corresponding authentication executor to the terminal device.
In still other examples, the processing device preferentially selects the verification execution program from the database, and if the type or number of selected verification execution programs does not meet the requirements for trustworthiness verification, prompts the staff to generate and supplement the verification execution program associated with the relevant information and lacking to the database and the verification execution program set.
It should be noted that, the manner of triggering the trusted verification server to send the corresponding verification executing program is not only triggered by the downloading request as illustrated in the above example, but also the request information for obtaining the corresponding verification executing program may be sent by the corresponding service processing task when the terminal device invokes the service processing program that needs to run the artificial intelligent model. The request information includes, but is not limited to: version information of the artificial intelligence model, terminal equipment information, and the like.
Here, the at least one authentication execution program includes at least one of: the system comprises a verification execution program for performing operation safety verification on an artificial intelligent model, a verification execution program for performing single-operation safety verification on the artificial intelligent model, a verification execution program for performing multi-operation safety verification on the artificial intelligent model, or a verification execution program for performing integrity verification on the artificial intelligent model.
The operation security verification refers to verifying the security of the called resources when the program describing the artificial intelligence model operates the artificial intelligence model due to being called. The resources include, but are not limited to: memory resources of the terminal device, processor resources, software resources installed in the terminal device, etc.
The single operation security verification refers to security verification of data output by an artificial intelligence model operated based on single input data when a program describing the artificial intelligence model operates the artificial intelligence model due to being called, which includes but is not limited to: verifying the data format of the output data, verifying the value of the output data, and the like.
The multi-operation security verification refers to security verification of data batched out by an artificial intelligence model to be run based on batched input data when a program describing the artificial intelligence model runs the artificial intelligence model due to being called, and includes, but is not limited to: verifying probability distribution of data output in batch, and the like.
The integrity verification refers to verifying the integrity of the program files and the configuration files thereof describing the artificial intelligence model, and includes, but is not limited to, verifying the integrity of the program files and the configuration files thereof describing the artificial intelligence model based on cryptographic techniques, wherein the cryptographic techniques include, for example, techniques of verifying using numerical signatures, hash values, or the like, corresponding to the respective files. In some examples, the trusted verification server also generates a second key corresponding to the artificial intelligence model, the second key being used to be read by the verification execution program and to perform the integrity verification. Wherein the second key is a key associated with a program file, and/or a configuration file of the artificial intelligence model generated using a random number.
The trusted authentication server sends at least one authentication execution program corresponding to the artificial intelligence model to a secure memory in a trusted execution environment in the corresponding terminal device for execution at the terminal device to perform the authentication operation.
In order to improve the safety of data transmission between the trusted verification server and the terminal equipment, the trusted verification server and the terminal equipment establish a safe communication channel. For this purpose, the trusted authentication server can generate or select a first key for secure communication corresponding to the terminal device and transmit at least one authentication execution program to the corresponding terminal device using a data transmission mechanism set based on cryptographic techniques. Examples of the data transmission mechanism include: transmitting the encrypted at least one authentication execution program to the corresponding terminal device using the shared key technique/asymmetric key technique; alternatively, the at least one authentication execution program is transmitted to the corresponding terminal device using the digital certificate signed by the certification authority. Here, the first key corresponds to one of the shared key, the asymmetric key, or the digital certificate.
At least one authentication execution program stored in a secure memory in a trusted execution environment of a terminal device
. At least one authentication execution program stored in the trusted execution environment may be updated in order to match the version of the artificial intelligence model and/or in order to prevent at least one authentication execution program or authentication input information used by the authentication execution program from being cracked, corrupted, etc. In some examples, the update procedure required for the update operation may be obtained based on an update period of the trusted verification server, and/or a version update of the artificial intelligence model. For example, the trusted execution environment obtains the updated program provided by the trusted verification server and obtains at least one updated verification execution program after running. Wherein, in order to ensure the data security of the update program in the data transmission process, the data communication between the trusted execution environment and the trusted verification server can be performed based on cryptography technology. For example, the update program is encrypted with a key. As another example, an update program or the like is signed with an approved digital certificate.
When the trusted execution environment invokes the installed or updated at least one verification execution program, the artificial intelligence model running in the untrusted environment is verified for trustworthiness. Here, the at least one authentication execution program may execute the trust authentication based on the authentication initiation step.
In some examples, the at least one verification executive is invoked to perform a trust verification of the updated artificial intelligence model when invoked by the trusted execution environment, based on the monitored update operation of the artificial intelligence model. Wherein, the update operation of the artificial intelligence model refers to updating the version of the program describing the artificial intelligence model, and comprises updating the program, adding or deleting the configuration information of the program, updating the version information of the program, and the like.
Here, the trusted execution environment or the untrusted execution environment performs an update operation of monitoring a program describing the artificial intelligence model, and invokes the at least one verification execution program when the update operation is monitored. For example, when the untrusted execution environment monitors that the terminal device system upgrade operation and/or the version of the program describing the artificial intelligence model installed in the terminal device is updated, a start-up instruction is issued to the trusted execution environment, which invokes the at least one verification execution program based on the start-up instruction to perform a trust verification on the updated artificial intelligence model. For another example, the trusted execution environment monitors version information of a program describing the artificial intelligence model, and when version information variation is monitored, the at least one verification execution program is called to perform credibility verification on the updated artificial intelligence model.
In still other examples, trust verification of the invoked artificial intelligence model is initiated based on the monitored invoked operation of the artificial intelligence model. Wherein, the called operation of the artificial intelligence model refers to the operation of calling a program describing the artificial intelligence model according to an instruction to run the artificial intelligence model. The trusted execution environment here invokes the at least one verification execution program upon monitoring that the artificial intelligence model is running.
In still other examples, the trust verification of the artificial intelligence model is initiated according to a preset verification period. The trusted execution environment calls the at least one verification execution program according to a preset verification period and sends an instruction for operating the artificial intelligent model to the untrusted execution environment so as to perform the credibility verification on the artificial intelligent model. The verification period may be fixed, or a time interval may be set starting from a start time/an end time of the last execution of the trust verification. For example, the trusted execution environment performs the last execution of the trust verification according to the update operation of the artificial intelligence model, and starts timing from the end of the last execution at intervals of the verification period to determine the starting time of performing the trust verification again.
It should be noted that the trusted execution environment may initiate the step of verifying the trust according to at least one initiation method described above.
The execution of the initiated trust verification includes: and in the trusted execution environment, performing credibility verification on the artificial intelligent model running in the untrusted execution environment to obtain a credibility verification result. Wherein the trustworthiness verification information includes, but is not limited to: occupancy information for software, hardware resources in an untrusted execution environment during operation of the artificial intelligence model, temporary data and/or output data generated during operation of the artificial intelligence model, and the like.
In some examples, the trusted execution environment initiates an operation of trust verification in accordance with the operation of the artificial intelligence model, taking data that the artificial intelligence model needs to enter at runtime as verification input data, and obtaining corresponding trust verification information.
In other examples, the trusted execution environment further outputs various types of validation input data for the trusted execution environment to the untrusted execution environment, and the artificial intelligence model is caused to operate in the untrusted execution environment, thereby obtaining corresponding trusted validation information.
The manner of booting described in the examples above, verifying multiple sources of input data, and multiple kinds of trust verification operations, the trust verification operations comprising at least one of:
referring to fig. 2, a flow chart for performing operation security verification is shown. In step S110, the artificial intelligence model is run in the untrusted execution environment using the first verification input data extracted from the trusted execution environment, to obtain a first running result. In step S120, in the trusted execution environment, the first execution result is subjected to execution security verification.
Here, the first verification input data is pre-stored in the trusted execution environment and is used for performing operation security verification on the artificial intelligence model. When running security verification is executed, the first verification input data is read by a trusted execution environment and transmitted to an untrusted execution environment so that the artificial intelligence model processes the first verification input data; the method comprises the steps that an untrusted execution environment transmits a first operation result generated during operation of an artificial intelligence model to a trusted execution environment, and the trusted execution environment performs operation security verification on the first operation result. The artificial intelligence model operation period comprises operation start, operation in-process and operation end, and correspondingly, the first operation result comprises operation information generated at any moment in the operation period. Wherein the first operational result comprises at least one of: the operation result related to the memory occupation or the operation result related to the request of the external program. Examples of the operation result related to the memory occupation include operation information of whether the memory occupied during the operation of the artificial intelligence model overflows or not, and the like. Examples of the operation result related to the request external program include request information, snoop information, etc. of the request external program generated during the operation of the artificial intelligence model. For example, the artificial intelligence model generates request information during operation for establishing communication with a server in the internet; as another example, request information for starting other services in the terminal device, or monitoring information for monitoring a preset function port of the terminal device, etc. are generated during the operation of the artificial intelligence model. And the trusted execution environment performs operation security verification on the acquired first operation result according to the execution logic of each verification execution program of the corresponding operation security verification type. For example, a first operation result indicating that the memory has no overflow is determined as a verification result that the operation security is qualified. For another example, whether the IP address of the server in the request information in the first operation result is in a white list/a black list is analyzed, and the operation security qualification/disqualification verification result is determined according to the analysis result. For another example, the monitoring authority of the monitoring information in the first operation result is analyzed, and the operation safety qualification/disqualification verification result is determined according to the analysis result.
Referring to fig. 3, a flow chart for performing operability verification is shown. In step S210, the artificial intelligence model is caused to run in the untrusted execution environment using at least one second verification input data extracted from the trusted execution environment and to output respective second running results corresponding to the respective second verification input data. In step S220, in the trusted execution environment, operability verification is performed on each of the second execution results.
Here, the second validation input data is stored in the trusted execution environment and is used to perform operability validation on the artificial intelligence model. When operability verification is performed, the second verification input data is read by the trusted execution environment and transmitted to the untrusted execution environment so that the artificial intelligence model processes the second verification input data; wherein the untrusted execution environment transmits a second execution result generated during execution of the artificial intelligence model to the trusted execution environment, the trusted execution environment performing operability verification on the second execution result. Wherein the operability verification includes: single-operability security verification and multi-operability security verification. Wherein the second authentication input data may be the same authentication input data as the first authentication input data mentioned in the example of fig. 2 or different authentication input data. The second operation result is an operation result output after the second verification input data is subjected to data processing by the artificial intelligent model, and the second operation result is a corresponding operation result output according to the type of the data processed by the artificial intelligent model and the integrated function; the second operation result includes at least one of: the data format includes a Boolean type, a character string type, a numerical value type, or a custom type, and the numerical value includes an integer numerical value, a floating point numerical value, and the like. For example, when the artificial intelligence model is run, the artificial intelligence model is used for verifying the identity of the face in the image data, the output running result is the confidence that the identity of the verified face is user a or not user a, or the output running result is the confidence that the identity of the verified face is user a, user B and user C respectively.
During single operability security verification, step S220 includes matching a second operation result generated during a single operation of the artificial intelligence model with a pre-stored target operation result to determine whether the artificial intelligence model is operable according to the corresponding matching result. And analyzing whether the confidence coefficient a% and the prestored target operation result a' are within a preset error range by the trusted execution environment by taking a second operation result generated when the artificial intelligent model is operated for a single time as the confidence coefficient a% for identifying the human body gesture in the image data as the gesture A, if so, determining that the matching result is operable, otherwise, determining that the matching result is not operable. And (3) taking a second operation result generated during single operation of the artificial intelligent model as a human body gesture in the identification image data as a gesture B, and comparing whether the human body gesture is consistent with a prestored target operation result B' or not by the trusted execution environment, if so, determining that the matching result is operable, otherwise, determining that the matching result is not operable. For another example, the trusted execution environment detects whether the number of bits, the data type, etc. of the second running result match the target running result, if so, it determines that the matching result is operable, otherwise, it determines that the matching result is not operable.
During the multi-operability security verification, the trusted execution environment inputs the stored second verification input data into the artificial intelligence model operated by the untrusted execution environment to cause the artificial intelligence model to perform batch processing, and correspondingly, the step S220 includes counting a distribution of a plurality of second operation results generated when the artificial intelligence model is batch-operated; and determining whether the artificial intelligence model is operable according to the similarity between the counted distribution result and the expected distribution. Wherein the expected distribution may be preset fixed or determined based on statistically pre-stored target operating results. For example, the expected distribution is obtained by counting each target operation result corresponding to each second verification input data by the trusted execution environment.
Taking an artificial intelligent model for security monitoring as an example, the trusted execution environment inputs a plurality of stored second verification input data simulating security monitoring diversity into an artificial intelligent model operated by an untrusted execution environment, the artificial intelligent model outputs second operation results corresponding to the second verification input data during batch processing, and feeds the second operation results back to the trusted execution environment, the trusted execution environment counts the second operation data according to a plurality of event types involved in a security monitoring scene, so as to obtain probability distribution of the data of the artificial intelligent model in the security monitoring scene, the obtained distribution results are subjected to similarity matching with expected distribution, if the similarity is within a preset error range, the matching results are determined to be operable, otherwise, the matching results are determined to be inoperable. The event types related in the security monitoring scene are related according to the monitored security scene, for example, the security scene is a public place such as a road, a shop and the like, and the event types comprise at least one of the following: a theft event type, a violation/violation event type, etc. For another example, if the security scene is four places such as a house, the event type includes at least one of the following: a theft event type, a pet event type, a person's sudden illness event type, etc.
It should be noted that the above examples may also be applied in account authentication scenarios such as terminal payment, account login, etc. Taking an artificial intelligent model for terminal payment as an example, the trusted execution environment inputs second verification input data of a plurality of stored fingerprint information for simulating terminal payment into an artificial intelligent model operated by an untrusted execution environment, the artificial intelligent model outputs second operation results corresponding to the second verification input data during batch processing, and feeds the second operation results back to the trusted execution environment, the trusted execution environment counts the second operation data according to a plurality of event types related to a terminal payment scene, so as to obtain probability distribution of the data of the artificial intelligent model in the terminal payment scene, the obtained distribution results are subjected to similarity matching with expected distribution, if the similarity is within a preset error range, the matching results are determined to be operable, otherwise, the artificial intelligent model is determined to be inoperable. The event types related to the terminal payment scene comprise: person/company/mother/son/affinity account matching success, person/company/mother/son/affinity account matching failure, payment success, payment failure, funds transfer status, etc.
The target operation results mentioned in the examples above may be from each operation result passing the trust verification in the history verification operation of the terminal device, or from the verification server. In some examples, the trusted execution environment saves the verified trusted execution results of the last execution and its input data and acts as the target execution result and its second verification input data when performing operational verification. In still other examples, the trusted execution environment computes the verified trusted execution results of the past runs and their input data and obtains an expected distribution, the expected distribution obtained for use in performing the operability verification. In still other examples, the trusted execution environment obtains second verification input data and target operation results thereof from a verification server.
Wherein, by using the above-mentioned acquisition modes of each example, the target operation result includes at least one of the following: a verified second operation result obtained when the artificial intelligence model has executed the operability verification for the past time; a verified second operation result obtained by the historical version of the artificial intelligence model when the operability verification is performed; or a verified second operation result obtained when performing the operability verification by other artificial intelligence models of the same class as the artificial intelligence model. For example, the trusted execution environment takes a second operation result with operability verification in the past reliability verification of the same version of artificial intelligent model as a target operation result, and takes input information corresponding to the target operation result as second verification input information for later use in the same type of operability verification of the version of artificial intelligent model. For another example, the trusted execution environment uses second operation results with operation verification in the past credibility verification of the artificial intelligent models of different versions as target operation results, stores input information corresponding to the target operation results as second verification input information, and selects the corresponding second verification input information and target operation results from the stored second verification input information and target operation results thereof according to relevant verification configuration information aiming at the current version so as to execute the operation verification of the current time. For another example, the target operation result obtained by the trusted execution environment is provided by the verification server, where the target operation result provided by the verification server is a verified second operation result obtained by the verification server when the artificial intelligent model or other artificial intelligent models similar to the artificial intelligent model perform the operability verification, and a verification manner of the verification result is the same as or similar to that of the verification performed by the terminal device, and will not be described in detail herein.
Referring to fig. 4, a flow chart for performing integrity verification is shown. In step S310, data communication between the trusted execution environment and the untrusted execution environment is established. In step S320, in the trusted execution environment, each file required to run the artificial intelligence model is integrity verified based on cryptographic techniques.
The process of establishing the data communication may here be a separate step or a step performed by the trusted execution environment during the integrity verification for reading information stored in the untrusted execution environment in relation to the files. Wherein the information related to each file includes, but is not limited to: file signatures, certificates, etc. For example, each file required for running the artificial intelligent model is configured with each file signature, a key for verifying the file signature is pre-stored in a trusted execution environment, the trusted execution environment reads each file signature, analyzes each signature by using the key to obtain information such as version information, file header information and the like which can be used for detecting the integrity of the artificial intelligent model, and matches each analyzed information with each file to obtain a verification result of the integrity of the corresponding file.
It should be noted that any of the above examples of performing the trust verification may be performed simultaneously or sequentially. For example, operability verification and operation security verification may be performed synchronously during operation of the artificial intelligence performance model. The above examples of trust verification may be initiated using different policies. For example, the integrity verification may be performed only at the time of the initial or version update. As another example, all types of trust verification may be performed using a predetermined period or artificial intelligence model runtime. The above examples of trust verifications are not necessarily all configured in a terminal device, and the trusted execution environment may assert that the artificial intelligence model is trusted through any one or more types of trust verifications.
It should also be noted that at least one of the above examples of trust verification may implement trust verification of an artificial intelligence model during operation of the artificial intelligence model by a service processing task in the terminal device. In other words, during the execution of the artificial intelligence model in an untrusted execution environment, the following steps are performed in the trusted execution environment: and reading the credibility verification information provided by the artificial intelligent model from the untrusted execution environment, and carrying out credibility verification on the artificial intelligent model according to the credibility verification information so as to obtain a credibility verification result. The service processing task is service logic executed when a service processing program in the terminal equipment is mobilized; the business processing task starts an artificial intelligent model to input data related to business processing into the artificial intelligent model, obtains an operation result provided by the artificial intelligent model, and executes subsequent business logic by using the operation result.
In some examples, the service processing task performs unlocking operation of the terminal screen by using operation of the artificial intelligence model, coordinates an acquisition device of the terminal device to acquire biological feature data of a user, starts to operate the artificial intelligence model so as to identify the biological feature data, and performs unlocking/unlocking operation according to an operation result output by the artificial intelligence model; the trusted execution environment determines that the untrusted execution environment runs the artificial intelligent model by monitoring a task list of the terminal equipment, acquires the credibility verification information provided during the running of the artificial intelligent model, and performs credibility verification on the acquired credibility verification information by utilizing the modes provided by the examples. The operation security verification includes verifying whether a memory in the credibility verification information overflows or whether a data format accords with a preset format, and the operability verification includes verifying whether a data type of an operation result in the credibility verification information accords with the preset format or whether a numerical value is within a preset range or whether distribution of the operation result of the statistical accumulation operation accords with an expected distribution, and the integrity verification includes checking whether information in each file signature required by the currently operated artificial intelligent model accords with related information of each file, and the like.
In accordance with the trust verification method described in the above examples, the process of performing trust verification for an artificial intelligence model running on a certain terminal device is as follows: a provider of an artificial intelligent model uploads a program describing the artificial intelligent model to be issued and related information of the artificial intelligent model to a trusted verification server in advance so that a technician can generate at least one verification execution program, and the at least one verification execution program is issued at the trusted verification server; after the program describing the artificial intelligent model is released, a user installs the program describing the artificial intelligent model in an untrusted execution environment of the terminal equipment by using a program installation operation, wherein the program installed in the terminal equipment further comprises a service processing program, and the service processing program executes a service processing task when running, wherein the service processing task not only calls the program of the artificial intelligent model to run the artificial intelligent model in the execution process, but also needs to acquire a verification result of the artificial intelligent model to confirm that the running result provided by the artificial intelligent model is trusted, and therefore, based on a reading request of the service processing task, the trusted execution environment of the terminal equipment establishes safe data communication with a trusted verification server based on a cryptography technology, and acquires and runs at least one verification execution program corresponding to the artificial intelligent model from the trusted verification server to execute the trusted verification until various types of verification results of the trusted verification are obtained. The manner in which the trust verification is performed may be as described in the foregoing examples and will not be described in detail herein. And the service processing task determines to continue executing/exiting the current task according to the obtained verification result.
With the above examples relating to data security using cryptography, the trusted authentication server may further manage a first key for secure communication transmission of the at least one authentication executable and/or a second key required for integrity verification of the artificial intelligence model for the purpose of obtaining and running the at least one authentication executable in cooperation with the terminal device.
The first key and the second key can be used alternatively or both according to a preset communication mode between the trusted verification server and the terminal device and a verification type configured for the trusted verification of the corresponding artificial intelligent model. The trusted verification server can update each key by managing the validity period of each key, or update each key according to the period of the database turning. The trusted verification server side can also acquire the operation frequency of various artificial intelligent models according to the data communication with the terminal equipment, so as to determine the unused artificial intelligent model, version information thereof and the like, and delete or disable corresponding keys according to the determined version information of the unused artificial intelligent model. The trusted verification server also generates a corresponding first key and/or second key according to the updated version (or the new artificial intelligent model) uploaded by the provider of the artificial intelligent model and various related information thereof. Thus realizing dynamic management of various keys.
It should be noted that the trusted verification server may also manage other keys related to the trusted verification, for example, keys required for data transmission between a trusted execution environment and an untrusted execution environment inside the terminal device. The management of these other keys by the trust verification server should be regarded as one of the ways of dynamic management of various keys under the technical framework of trust verification provided by the present application, and the way of management of the first key and the second key is the same or similar, and will not be described in detail here.
The computer device participating in the service processing task may confirm the trustworthiness of the operation result output by the artificial intelligence model according to the trustworthiness verification result obtained by using various kinds of trustworthiness verification, in other words, the trustworthiness verification result is used to provide the corresponding artificial intelligence model with the trusted/untrusted verification information for the executed service processing task. The computer device may be the terminal device or a server device that communicates with the terminal device. The service end device may include functions provided by the verification service end, or may be a separate service device for completing a service processing task in cooperation with the terminal device, or a computing device of another terminal or service end for completing a service processing task in cooperation with the terminal device. Taking the example that a trusted execution environment of the terminal equipment stores a trusted verification result, and an untrusted execution environment of the terminal equipment confirms the trusted verification result during the execution of a service processing task; or the trusted execution environment sends the credibility verification result to a service processing server-side device communicated with the terminal device, and the service processing server-side device executes a confirmation operation so that the service processing task can carry out subsequent processing on the operation result of the artificial intelligent model when confirming that the credibility verification result is credible. Taking the example that the trusted execution environment of the verification device stores a trusted verification result, the verification device sends the trusted verification result to the terminal device, so that the terminal device confirms the trusted verification result; or the verification device sends the credibility verification result to a service processing server device communicated with the terminal device, and the service processing server device executes a confirmation operation so that the service processing task can carry out subsequent processing on the operation result of the artificial intelligent model when confirming that the credibility verification result is credible.
Referring to fig. 5, a flowchart of a service process performed using the trust verification result is shown. Specifically, in step S410, during the operation of the service processing task by the terminal device, the artificial intelligence model is operated in the untrusted execution environment to obtain data to be processed. In step S420, in a state that the trust verification result of the artificial intelligence model is confirmed to be trusted, executing the service processing task by using the data to be processed; the trust verification results are from the trusted execution environment.
The terminal device performs a service processing task according to the current device state or according to the monitored event of the user operation. During the operation of the service processing task by the terminal equipment, the service processing task indicates the operation of the artificial intelligent model which is subjected to the credibility verification test in the untrusted execution environment in the terminal equipment, an operation result is obtained based on the operated artificial intelligent model, and data to be processed is obtained based on the operation result; the data to be processed needs to be processed continuously under the state that the credibility verification result of the corresponding artificial intelligent model stored in the credible execution environment is credible, so as to complete the corresponding business processing task. The data to be processed can be an operation result, and the operation result indicates that the data output by the artificial intelligent model is to be processed by a business processing task; the data to be processed can be intermediate data in the execution process of the business processing task, which is obtained after the business processing task carries out subsequent processing on the operation result.
In some examples, the manner of confirming the trust verification result in step S420 includes: validating the trust verification result read from the trusted execution environment in the untrusted execution environment during execution of the business process task to confirm that the executed artificial intelligence model is trusted; and performing data processing operations in the business processing tasks on the data to be processed in the untrusted execution environment.
Taking the service processing task as a screen unlocking task as an example, when the terminal equipment is in a screen locking state, starting the unlocking task by an untrusted execution environment of the terminal equipment and monitoring biological data provided by a camera device or a fingerprint acquisition device of the terminal equipment, inputting the biological data into an artificial intelligent model by the unlocking task when the biological data is received to obtain an operation result which is matched with a preset biological feature, taking the operation result as data to be processed, when the service processing task uses the data to be processed to execute a subsequent task of unlocking/maintaining a screen locking, further reading a credibility verification result stored in a credibility execution environment of the terminal equipment to confirm, and when the credibility verification result indicates that all credibility verifications of the artificial intelligent model are credible, executing unlocking operation by the service processing task, namely switching a display interface of the terminal equipment from a screen locking interface to an unlocking interface (such as a desktop interface and the like); otherwise, the screen locking interface is maintained or a warning prompt is given.
It should be noted that the above unlocking example is only an example, and virtually any service processing task that is completely executed by the terminal device may be used to confirm the trust verification result before processing the operation result of the artificial intelligence model in the service processing task, before operating the artificial intelligence model, or any link before completing the service processing task, so that the artificial intelligence model and the operation result thereof have the trust of security level data. The service processing task examples applicable to the above operations further include: a plant identification type service processing task, a mobile phone system account authentication type service processing task and the like.
In other examples, the manner of confirming the trust verification result in step S420 includes: and sending the credibility verification result to a server-side device in the service processing system so as to confirm the credibility verification result by the server-side device.
Taking the unlocking task as an example, at any moment when the unlocking task is not executed, sending a credibility verification result in the credible execution environment to the server-side equipment, acquiring confirmation information fed back by the server-side equipment, if the confirmation information is credible, continuing to execute the unlocking task in a credible state, otherwise, maintaining the screen locking state.
Taking the service processing task as an example of a payment task, the terminal device executes a payment task of transferring payment with the amount of c in a fund account P of a user to a payment with the fund account Q under the payment operation of the user, the payment task receives biological data provided by a camera device or a fingerprint acquisition device of the terminal device when executing, inputs the biological data into an artificial intelligent model to obtain extracted biological characteristic information, sends the biological characteristic information to a server device, so that the server device performs characteristic matching and determines the fund account P corresponding to the biological characteristic information, and executes a subsequent payment task of transferring payment c in the fund account P to the fund account Q. Before feature matching or before transfer operation is performed, the server device also obtains and confirms a credibility verification result in a credible execution environment in the terminal device, and when the credibility verification result indicates that all the credibility verifications of the artificial intelligent model are credible, a service processing task performs subsequent feature matching operation or transfer operation; otherwise, a transfer failure prompt or a matching unsuccessful prompt is given.
It should be noted that the above confirmation method is only an example, and the confirmation method may also be performed in the terminal device, similar to the unlocking example, and will not be described in detail herein.
It should be further noted that the above payment examples are only examples, and virtually any service processing task that is cooperatively executed by using the terminal device and the server device may be used to confirm the trust verification result before processing the operation result of the artificial intelligence model in the service processing task, before operating the artificial intelligence model, or any link before completing the service processing task, so that the artificial intelligence model and the operation result thereof have the trust of security level data. The service processing task examples applicable to the above operations further include: the security monitoring system comprises a security monitoring service processing task, an access control service processing task, a remote account authentication service processing task and the like.
It should also be noted that the step of confirming the trust verification result in the above example may also be performed in an untrusted execution environment of the terminal device.
In addition, in one aspect, in order to ensure that data communication between a server device and a terminal device has security during data communication, the step of transmitting the trust verification result to the server device at least when transmitting the trust verification result includes: and transmitting the credibility verification result to the server-side equipment by utilizing the secure data communication between the trusted execution environment and the server-side equipment. For example, the trusted execution environment and the server device transmit the trust verification result by using a shared key. For another example, the trusted execution environment and the server device transmit the trust verification result by means of an authenticated digital certificate.
On the other hand, in order to ensure that various data required for a business processing task including data to be processed, which is transmitted between a terminal device and a server device, are secure, the business processing method further includes a step of encrypting data including the data to be processed, which is related to the business processing task, during execution of the business processing task.
The process of executing the service processing task by the service processing system including the terminal device and the server device is described by taking the encryption processing of the data to be processed and executing the subsequent service task by using the encrypted data to be processed as an example.
In some specific examples, the manner in which the terminal device encrypts the to-be-processed data obtained based on the operation result of the artificial intelligence model includes encrypting the to-be-processed data using a key, and transmitting the encrypted to-be-processed data to the server device, so that the server device performs the data processing operation in the service processing task using the encrypted to-be-processed data. The key may be a shared key between the terminal device and the server device, or may be an asymmetric key. And the server side equipment obtains the data to be processed through decryption operation by using the secret key, and carries out subsequent processing on the data to be processed to complete the business processing task.
In other specific examples, the encryption processing includes: dispersing the data to be processed into N data fragments to be processed; wherein N > 1. Here, the dispersion method may be a random number summation method for performing the dispersion process. For example, X1 and X2 are randomly generated, dividing the data to be processed into X into three data slices to be processed is X1, X2, and (X-X1-X2), respectively. The dispersion mode can also be dispersion treatment based on a Shamir dispersion algorithm, wherein the number N of dispersion is larger than or equal to the minimum number Kmin of fragments required by the data to be processed to be recovered, and N is larger than or equal to Kmin. The distributed number N is larger than the minimum number Kmin, so that the phenomenon that the recovery of the data to be processed is not influenced when the computing equipment for partially processing/partially storing the data to be processed is abnormal can be effectively prevented, and the execution of the whole business processing task is not influenced.
The process of executing the subsequent business processing task by using the scattered N pieces of data to be processed by using the scattered processing mode comprises the following steps: and sending at least part of the data fragments to be processed to a multiparty security computing system in communication with the service processing system, so that the multiparty security computing system can execute the service processing task on each data fragment to be processed based on a multiparty security protocol.
Here, the multiparty Secure computing system is to use multiple computing nodes to perform data processing on part of tasks in the service processing task through Secure multiparty computing (Secure Multi-Party Computation) so as to solve the problem of securely computing one agreed data processing without a trusted third party.
The computing nodes in the multiparty secure computing system can be single computer equipment, or entity equipment or virtual equipment used in a service system based on a cloud architecture. Wherein the single computer device may be an autonomously configured computer device that may perform the business processing tasks, which may be located in a private machine room or in a rented machine location in a public machine room. The computing node may also be a computer device in a business service system, for example, the computing node is a terminal device, and/or a server device. For example, at least one of the server devices is at least one computing node in a multi-party secure computing system. In addition, the form and the set geographical position of the entity or the virtual device of the computing node are not limited. For example, computing nodes may be located on different virtual devices of the same physical server and managed individually by management rights. The service system of the cloud architecture comprises a public cloud service end and a private cloud service end, wherein the public or private cloud service end comprises SaaS, paaS, iaS and the like. The private cloud service end is, for example, an Arian cloud computing service platform, an Amazon cloud computing service platform, a hundred degree cloud computing platform, a Tencent cloud computing platform and the like. The virtual device may be one of devices in which an entity server virtualizes an exclusive device into a plurality of logical devices through a virtual technology for use by a plurality of service processing tasks at the same time.
The multiparty security protocol is a computing protocol, which is set according to the number of computing nodes participating in the multiparty security computing system and is used for coordinating each computing node to execute rules such as mathematical computation, logical computation, data transmission computation and the like. For example, a multiparty security protocol is a computation rule set with a maximum of four compute nodes and employing a secret sharing algorithm, which includes, but is not limited to: including addition, subtraction, multiplication, bit extraction, inadvertent transmission, and the like. Wherein, each computing node uses the shared random number to execute local computation to obtain intermediate data or computation results which can be counteracted.
Taking the multiplication of two numbers by four computing nodes as an example, the first computing node and the second computing node share a random number r 12 And r' 12 And causing the third and fourth computing nodes to share a random number r ab And r' ab The method comprises the steps of carrying out a first treatment on the surface of the The first computing node and the second computing node respectively multiply and cancel the private data set held by the first computing node and the second computing nodeRandom number r 12 And r' 12 So that the first computing node obtains the intermediate data t 1 And t' 1 And the second computing node obtains the intermediate data t 2 And t' 2 The method comprises the steps of carrying out a first treatment on the surface of the The third computing node and the fourth computing node respectively carry out multiplication on the private data sets held by the third computing node and the fourth computing node and are used for counteracting the random number r ab And r' ab So that the first computing node obtains the intermediate data t a And t a And the second computing node obtains the intermediate data t b And t' b The method comprises the steps of carrying out a first treatment on the surface of the Causing the first computing node and the third computing node to replace respective one of the intermediate data, and the first computing node and the fourth computing node to replace respective one of the intermediate data; causing the second computing node and the third computing node to replace respective one of the intermediate data, and the second computing node and the fourth computing node to replace respective one of the intermediate data; each computing node is made to perform local computation including addition by using the intermediate data paired based on the permutation operation, so that each computing node obtains two computation results including the offset random number.
For example, the number X is dispersed into { X }, in advance 1 ,x 2 Sum { x' 1 ,x′ 2 -a }; the number Y is dispersed into { Y } 1 ,y 2 Sum { y' 1 ,y′ 2 }. Causing the first computing node to execute a rule t 1 =x 1 ×y′ 1 -r 12 And t' 1 =x′ 1 ×y 1 -r′ 12 And obtain intermediate data t 1 And t' 1 The method comprises the steps of carrying out a first treatment on the surface of the Causing the second computing node to perform a calculation based on formula t 2 =x 2 ×y′ 2 +r 12 And based on formula t' 2 =x′ 2 ×y 2 +r′ 12 Obtaining intermediate data t by local calculation 2 And t' 2 . Wherein r is 12 And r' 12 Is a shared random number between the first computing node and the second computing node.
It should be noted that, the above manner of subtracting the random number by the first computing node and adding the random number by the second computing node is merely an example, and a manner of adding the random number by the first computing node and subtracting the random number by the second computing node may also be adopted.
Causing the third computing node to execute a process based on formula t a =x a ×y′ a -r ab And based on formula t' a =x′ a ×y a -r′ ab Obtaining intermediate data t by local calculation a And t' a The method comprises the steps of carrying out a first treatment on the surface of the Causing the fourth computing node to perform a calculation based on formula t b =x b ×y′ b +r ab And based on formula t' b =x′ b ×y b +r′ ab Obtaining intermediate data t by local calculation b And t' b . Wherein r is ab And r' ab Is a shared random number between the first computing node and the second computing node.
It should be noted that, the above manner of subtracting the random number by the third computing node and adding the random number by the fourth computing node is merely an example, and a manner of adding the random number by the third computing node and subtracting the random number by the fourth computing node may also be adopted.
Let the first computing node send the intermediate data t 1 Send to the fourth computing node and send the intermediate data t' 1 Transmitting to a third computing node; let the second computing node send the intermediate data t 2 Send to the third computing node and send the intermediate data t' 2 Transmitting to a fourth computing node; let the third computing node to send the intermediate data t a Send to the second computing node and send the intermediate data t' a Transmitting to a first computing node; let the fourth computing node to send the intermediate data t b Send to the first computing node and send the intermediate data t' b And transmitting to the second computing node.
It should be noted that, the permutation mode is set according to multiparty multiplication calculation, and the permutation mode can be adaptively adjusted according to multiplication local calculation performed by an actual calculation node, which is not exemplified here.
Causing the first computing node to execute a formula z-based algorithm 1 =t 1 +t b And z' 1 =t′ 1 +t′ a To obtain a calculation result z 1 And z' 1 The method comprises the steps of carrying out a first treatment on the surface of the The second computing node performs the execution based on formula z 2 =t 2 +t a And z' 2 =t′ 2 +t′ b To obtain a calculation result z 2 And z' 2 The method comprises the steps of carrying out a first treatment on the surface of the The third computing node performs the execution based on formula z a =t a +t 2 And z' a =t′ a +t′ 1 To obtain a calculation result z a And z' a The method comprises the steps of carrying out a first treatment on the surface of the The fourth computing node performs the function based on formula z b =t b +t 1 And z' b =t′ b +t′ 2 To obtain a calculation result z b And z' b 。
Here, the calculation results obtained by the first calculation node and the second calculation node, and the third calculation node and the fourth calculation node can be restored to the calculation results of X by Y. For example, (z) 1 +z 2 ) The result is calculated as X times Y.
Taking the k bit number in the binary number of the number X extracted by the cooperation of four computing nodes as an example, the steps of enabling each computing node to respectively perform local computation on the acquired data set and interact intermediate data generated by the local computation to obtain computing results respectively held by each computing node include: the four computing nodes obtain respective computing results by utilizing data interaction of k rounds of 1-bit replacement data, wherein the computing results are used for extracting binary bits in the data X; k is the binary number to be extracted corresponding to the data X. Wherein the data set is obtained after the data X is dispersed.
For example, a first computing node, a second computing node, a third computing node, and a fourth computing node in the multi-party secure computing system sequentially acquire a data set { x } 1 Data set { x }, data set 2 Data set { x }, data set a } and data set { x } b -a }; wherein { x 1 ,x 2 ,x a ,x b And the data X is private data of binary representation obtained by random dispersion processing, wherein each data group and the data X have the same binary bit number k. The multiparty secure computing system performs the steps of:
Each computing node respectively initializes a bit value { c }, which is used for output 1 ,c′ 1 },{c 2 ,c′ 2 },{c a ,c′ a },{c b ,c′ b -a }; causing the first and second computing nodes to share a random number r 12 And b 12 The method comprises the steps of carrying out a first treatment on the surface of the Causing the third and fourth computing nodes to share a random number b ab The method comprises the steps of carrying out a first treatment on the surface of the Wherein the random number r 12 、b 12 And b ab Is a binary random number generated based on the extracted number of bits k.
The first computing node and the second computing node use the random number r 12 For the private data x held by each 1 And x 2 Logically processing the kth bit to obtain binary intermediate data u with the kth bit unification 1 And u 2 。
Let the first computing node send the intermediate data u 1 Transmitting to the third computing node, and performing the operation based on the formula u by the third computing node 1 ∧x a Logic calculation of (a) and obtaining intermediate data u a 。
The following loop calculation is set based on the k value: each computing node pair secret data x 1 With a shared random number b based on the ith bit and output bit position of (b) 12 Or b ab Logic calculation of (2) and obtaining intermediate data of the ith round; performing replacement processing on the intermediate data obtained in each round, and assigning corresponding output bits; the first computing node and the third computing node perform intermediate data replacement processing, and the second computing node and the fourth computing node perform intermediate data replacement processing;
Each computing node utilizes the assigned output bit and the random number to carry out logic computation on the k bit value of the private data to obtain a computing result.
First computing nodeThe calculated result c' 1 Providing to a third computing node; the second computing node computes the result c' 2 Providing to a fourth computing node; the third computing node computes the result c a Providing to a second computing node; the fourth computing node calculates the result c b The first computing node is provided such that each computing node holds two computing results. The calculation result held by each calculation node can be restored to the extracted binary bit number of the kth bit.
Taking the example of using four computing nodes to cooperate with the carelessly transmitted data X, enabling the four computing nodes to perform local computation and data interaction based on sharable random bit values for representing the transmitted/not transmitted data C, and obtaining respective held computing results; wherein the calculation result includes a result for indicating that the corresponding data X is transmitted or a result for indicating that the corresponding private data is not transmitted.
For example, the array of fragments of the data X obtained by each computing node is { X }, in order 1 ,x′ 1 },{x 2 ,x′ 2 },{x a ,x′ a },{x b ,x′ b -a }; in other words, data { x 1 ,x′ 1 ,x 2 ,x′ 2 ,x a ,x′ a ,x b ,x′ b The data X is obtained by random dispersion treatment; each computing node obtains sharable random bit value { c } which is respectively set based on private data to be shared 1 ,c′ 1 },{c 2 ,c′ 2 },{c a ,c′ a },{c b ,c′ b -a }; the multiparty secure computing system performs the steps of:
enabling the first computing node and the second computing node to share a first type random number r 12 And r' 12 The method comprises the steps of carrying out a first treatment on the surface of the The first computing node and the third computing node share a second class random number r' 1a The method comprises the steps of carrying out a first treatment on the surface of the The first computing node and the fourth computing node share a second class random number r 1b The method comprises the steps of carrying out a first treatment on the surface of the Enabling the second computing node and the third computing node to share a second class random number r 2a The method comprises the steps of carrying out a first treatment on the surface of the The second computing node and the fourth computing node share a second classRandom number r' 2b The method comprises the steps of carrying out a first treatment on the surface of the Enabling the third computing node and the fourth computing node to share a first-class random number r ab And r' ab 。
And each computing node performs mathematical computation with the first type of random numbers on whether to transmit the array by using the bit values configured by each computing node, and performs mathematical computation with the second type of random numbers on whether to transmit the first type of random numbers by using the bit values configured by each computing node so as to obtain intermediate data and intermediate random numbers.
And enabling the first computing node and the second computing node to respectively perform the replacement operation of the intermediate data and the intermediate random number with the third computing node and the fourth computing node.
And enabling each computing node to execute mathematical computation comprising counteracting the second type of random numbers and obtain respective held computing results. The calculation result held by each calculation node can be restored to the transmitted data X or null.
Under the above-mentioned multiparty secure computing protocol of a multiparty secure computing system comprising four computing nodes, a more optimized, more complex mathematical or logical computation is also available. And will not be described in detail herein. In addition, a multiparty secure computing system comprising four computing nodes does not necessarily perform computations with four computing nodes, e.g., addition and subtraction computations may use two or three of the computing nodes to perform multiparty secure computations.
Based on the above example of the multi-party security protocol executed by the multi-party security computing system including four computing nodes, it is known that part of the data processing in the business processing task may be executed by the multi-party security computing system. For example, a part of the service processing task which is completed independently at the terminal device or the service end device is submitted to the multiparty security computing system to be executed. Therefore, intermediate data/service processing results and the like of the service processing task are convenient to have higher safety, and the problems that a single computing device is easy to reveal private data and the like are effectively reduced.
To this end, for the decentralized encrypted data segments to be processed, the step S420 further includes sending at least a portion of the data segments to a multi-party secure computing system in communication with the service processing system, for the multi-party secure computing system to perform the service processing task on each data segment to be processed based on a multi-party secure protocol.
The terminal device sends at least part of the data fragments to be processed to the multiparty secure computing system according to the transmission protocol of the data fragments of the business processing system and the multiparty secure computing system. The service processing system at least comprises terminal equipment and can also comprise server equipment according to logic of service processing tasks. According to the multiparty security computing protocol, each computing node in the multiparty computing security system performs multiparty security computing on the received data fragments to be processed, and obtains the computing result fragments which are dispersedly held. The business processing system can recover the calculation result by selecting a plurality of calculation result fragments, and the calculation result is used for completing the business processing task.
Taking a terminal device as cashing terminal device, wherein an artificial intelligent model operated by an untrusted execution environment is used for extracting face characteristic data in a face image as an example description, the cashing terminal device operates a payment service processing task under the operation of a salesman, during the execution of the payment service processing task, the cashing terminal device acquires the collection amount input by the salesman and acquires the face image shot by a camera device connected with the cashing terminal device, the artificial intelligent model is operated in the untrusted execution environment of the cashing terminal device to extract the face characteristic data in the face image, the face characteristic data is scattered and processed into face characteristic data fragments, under the coordination of a server device, the cashing terminal device sends request information to one or more computing nodes in a multiparty security computing system so as to distribute the face characteristic data fragments, and each computing node constructs the security transmission communication with the cashing terminal device based on a cryptography technology and acquires at least part of the face characteristic data fragments; each computing node in the multiparty security computing system executes the recognition operation of the face feature data according to the preset multiparty security protocol so as to match the face feature data with the fund account, the matched computing result is recovered at the server-side equipment, and the server-side equipment continues to execute the transfer of the collection amount in the matched fund account to the fund account corresponding to the cashing terminal equipment. The step of confirming the credibility verification result can be executed by a multiparty security computing system, so that the multiparty security computing system also constructs secure transmission communication with the cashing terminal equipment to acquire the credibility verification result when receiving request information generated for transmitting the face feature data fragments, and completes secure transmission communication constructed with an untrusted execution environment of the cashing terminal equipment when confirming that the credibility verification result is credible, thereby ensuring that an artificial intelligent model used by a payment service processing task and the face feature data provided by the artificial intelligent model are secure. The step of validating the trust verification result may also be performed by a server device (or a terminal device), where the multiparty security computing system may further need to obtain authorization of the server device (or the terminal device) when receiving the face feature data fragments, where the authorization may be sent by the server device (or the terminal device) to the multiparty security computing system after validating the trust verification result.
It should be noted that, the above-mentioned payment service processing task is only an example, and in other payment service processing tasks, the data to be processed includes: the identification result data of the biological characteristics obtained by identification or the biological characteristic data obtained by extraction. The identification result data of the biological characteristics can be identity identification result data and the like; the biometric data may be fingerprint feature data, lip feature data, or the like.
The related business processing tasks can be business processing tasks based on identity verification or other business processing tasks such as business processing tasks based on biological feature recognition. Examples of the service processing task based on identity verification include: an access control type business processing task, a financial account type business processing task, an insurance type business processing task and the like. Examples of the service processing task based on the biometric feature recognition include: animal and plant identification service processing tasks, account authentication service processing tasks and the like.
Among other business processing tasks, the artificial intelligence model may further include at least one of: a biometric model, an image recognition model, or a text recognition model. Correspondingly, the data to be processed comprises: the identification result data of the artificial intelligence model or the data extracted by the artificial intelligence model. The recognition result data of the artificial intelligent model comprises plant recognition result data, expression recognition result data, gesture recognition result data, semantic recognition result data and the like. Examples of the extracted data include: feature data for clustering, local feature data, global feature data, etc.
In addition, in accordance with the foregoing description of various examples of initiating verification, the trusted execution environment sets version-or time-dependent usage restrictions for the trust verification results.
In some examples, the trust verification result is related to a version of the artificial intelligence model. In other words, the initiation of the trust verification is set in accordance with the version update of the artificial intelligence model. Correspondingly, when the credibility verification result is confirmed, version information of the artificial intelligent model corresponding to the credibility verification result is also confirmed. For example, the trusted execution environment of the terminal device provides a trusted verification result and version information of the corresponding artificial intelligent model according to a read operation of the untrusted execution environment, and the untrusted execution environment compares the version information of the artificial intelligent model stored by itself with the version information from the trusted execution environment and confirms whether the trusted verification result is trusted. For another example, the server device obtains the trust verification result and version information V1 of the corresponding artificial intelligent model from the trusted execution environment of the terminal device, obtains version information V1 'of the artificial intelligent model provided by the untrusted execution environment of the terminal device, compares the version information V1 and V1', and confirms whether the trust verification result is trusted.
During the service processing task, the method of confirming the computer device related to the service processing task by combining the version information and the credibility verification result is only used as an example, and the credibility verification result and the version information can be used to generate a signature for confirming the computer device by means of signature verification and the like.
In still other examples, the trust verification result is valid for a period of time. In other words, the initiation of the trust verification is set depending on the verification period, the verification interval, and the like of the artificial intelligence model. Correspondingly, when the credibility verification result is confirmed, the time-related information of the artificial intelligent model corresponding to the credibility verification result is also confirmed. For example, the trusted execution environment of the terminal device provides the trusted verification result and the information of the current verification period according to the read operation of the untrusted execution environment, and the untrusted execution environment confirms whether the current moment is in the current verification period according to the system time to confirm that the trusted verification result is valid and confirms whether the trusted verification result is trusted. For another example, the server device obtains the trusted verification result and the corresponding verification completion time from the trusted execution environment of the terminal device, confirms that the time difference between the current system time and the verification completion time is not greater than the verification interval, and confirms whether the trusted verification result is trusted.
In other examples, the trusted execution environment monitors usage restrictions of stored trust verification results and deletes the trust verification results or marks the trust verification results as invalid when the lifetime expires, so as to perform validation operations accordingly during execution of the business process task.
It should be noted that the examples related to the usage limitation may be used alternatively or in combination, and will not be described in detail herein.
Taking a service processing system including a terminal device and a server device as an example, a description is given of an execution process of a service processing task performed by the service processing system, and referring to fig. 6, a flowchart of the service processing task performed by the service processing system is shown.
In step S510, the terminal device runs the artificial intelligence model in its untrusted execution environment during running the business process task to obtain data to be processed.
Here, the step S510 is the same as or similar to the step S410 described above, and will not be described in detail herein.
In step S520, during the operation of the service processing task, in a state where the trust verification result is confirmed to be trusted, the server device and the terminal device cooperatively process the data to be processed in the terminal device to execute the corresponding service processing task.
Here, the step S520 is the same as or similar to each example of performing the service processing task in cooperation with the server device and the terminal device in the step S420, and will not be described in detail herein.
The application also provides a first software trusted verification system which runs in the terminal equipment comprising the trusted execution environment and the untrusted execution environment. The first software credibility verification system verifies the credibility of the artificial intelligent model for at least one software function provided by the verification execution program in running and cooperative cooperation among the modules. Wherein the first software trusted verification system comprises: and the verification starting module and the verification module. In some examples, referring to fig. 7, an architecture diagram of a first software trust verification system is shown, wherein the first software trust verification system further comprises a first interface module 613.
Wherein, referring to fig. 7, the first interface module 613 is configured to obtain a verification execution program required for the trust verification; wherein the verification executive is executed in the trusted execution environment to perform a trust verification of the artificial intelligence model running in the untrusted execution environment. Here, the first interface module 613 is a software module configured to perform network transmission with an external device based on a network interface protocol in the trusted execution environment, and corresponds to a communication step of communicating with the trusted authentication server in the foregoing authentication method, so as to obtain an authentication execution program required for the trusted authentication from the trusted authentication server 2. Here, the manner of acquiring the verification execution program by the first interface module 613 is the same as or similar to the manner of acquiring the verification execution program in the aforementioned verification method, and will not be described in detail herein. For example, secure communications are constructed using cryptographic techniques to transfer authentication executions and the like.
Referring to fig. 7, the authentication initiation module 612 is configured to initiate the authentication module 611. Here, the manner in which the authentication initiation module 612 initiates the authentication module 611 may correspond to any one or more of the authentication initiation steps described above. The logic and functionality involved in the verification initiation step is hereby incorporated by reference. For example, based on the monitored update operation of the artificial intelligence model 710, a trust verification of the updated artificial intelligence model is initiated. As another example, trust verification of the invoked artificial intelligence model 710 is initiated based on the monitored invocation of the artificial intelligence model 710. The trust verification of the artificial intelligence model 710 is then initiated, e.g., according to a preset verification period.
The verification module is used for performing credibility verification on the artificial intelligent model running in the untrusted execution environment in the trusted execution environment to obtain a verification result; the credibility verification result is used for credibility verification of computer equipment for processing data output by the artificial intelligence model. Here, the verification module corresponds to a verification step in the verification method when executed, and thus, the logic and functions involved in the verification step are incorporated herein by reference.
The verification module includes a first verification sub-module, a second verification sub-module, and a third verification sub-module (all not shown) according to the verification type of the trust verification.
Wherein the first verification sub-module is configured to cause the artificial intelligence model to operate in an untrusted execution environment using first verification input data extracted from the trusted execution environment; and performing operation security verification on a first operation result generated during operation of the artificial intelligence model in the trusted execution environment. Here, the first verification submodule corresponds to an operation security verification step in the verification method when executed, and thus, logic and functions involved in the operation security verification step are cited herein.
The second verification sub-module is used for enabling the artificial intelligent model to run in the untrusted execution environment by utilizing at least one second verification input data extracted from the trusted execution environment and outputting second running results corresponding to the second verification input data; and in the trusted execution environment, performing operability verification on each second verification result. Here, the second verification submodule corresponds to an operability verification step in the verification method when executed, and thus, the logic and functions involved in the operability verification step are incorporated herein by reference.
The third verification sub-module is used for carrying out integrity verification on all files required for running the artificial intelligent model based on a cryptographic technology in the trusted execution environment. Here, the third verification submodule corresponds to an integrity verification step in the verification method when executed, and thus, the logic and functions involved in the integrity verification step are incorporated herein by reference.
The trust verification result obtained by the trust verification operation of the software trust verification system is used when the terminal equipment executes the business processing task so as to confirm that the artificial intelligent model and the operation result thereof are trusted. To this end, the software trust verification system also provides a second interface module (not shown) for providing a transfer function when invoked on the trust verification result. Here, the second interface module is configured to provide any one of the following transmissions: 1) Providing the credibility verification result to a business processing task configured in the terminal equipment, so that the business processing task can carry out subsequent processing on the operation result of the artificial intelligent model when confirming that the credibility verification result is credible; 2) And sending the credibility verification result to service processing server equipment communicated with the terminal equipment, so that the service processing task can carry out subsequent processing on the operation result of the artificial intelligent model when confirming that the credibility verification result is credible.
Here, the second interface module performs the validation step applied to the service processing method, so that the logic and functions related to the validation step, such as the reliability verification result reading operation and the network transmission operation, are cited herein.
Referring to fig. 10, the present application further provides a second software trust verification system. Unlike the aforementioned first software trusted verification system, the second software trusted verification system is configured in the aforementioned verification device 8 and is operated in the verification device 8 including the trusted execution environment, and data communication is performed between the verification device 8 and the terminal device 7 including the untrusted execution environment, so as to perform the trusted verification on the artificial intelligence model 710 operated in the untrusted execution environment. The artificial intelligence model 710 is also invoked by the business processing task 720 to run to provide the business processing task with the results of the run.
Here, in comparison with the aforementioned first software trusted verification system, the execution of the verification module 811, the first interface module 813, and the verification start module 812 included in the second software trusted verification system is the same as or similar to the execution of the corresponding verification module 611, the first interface module 613, and the verification start module 612 in the first software trusted verification system, respectively, and will not be described in detail herein. In contrast to the first software trust verification system, referring to fig. 10, in an example, the second interface module 814 in the second software trust verification system may provide the trust verification result to the terminal device for performing the validation operation by using a data transmission protocol such as a transmission protocol of a serial interface or a transmission protocol of a network interface. In yet another example, a second interface module (not shown) in the second software trust verification system further provides the trust verification result to a service processing server device in communication with the terminal device for performing a validation operation by using a data transmission protocol such as a transmission protocol of a serial interface or a transmission protocol of a network interface. In this way, the service processing task performs subsequent processing on the operation result of the artificial intelligent model when the credibility of the credibility verification result is confirmed.
Based on the technical idea of service processing, the application also provides a service processing software system which is configured in a service processing system at least comprising terminal equipment, wherein the terminal equipment is used for providing an untrusted execution environment and a trusted execution environment, and an artificial intelligent model is installed in the untrusted execution environment.
The service processing software system is a software module in the configuration and service processing system, executes a service processing function by calling a service processing program, and at least comprises the service processing module configured in the terminal equipment.
The business processing module is used for operating the artificial intelligent model in the untrusted execution environment during the operation of the business processing task so as to obtain data to be processed; and the service processing task is executed by utilizing the data to be processed in a state that the credibility verification result is credible; the trust verification result is obtained by performing trust verification on an artificial intelligent model operated in the untrusted execution environment, and the trust verification result is from the trusted execution environment.
Here, the execution of the service processing module corresponds to each step executed by the terminal device in the foregoing steps S410 to S420.
In some examples, the terminal device further includes a validation module for validating the trust verification result read from the trusted execution environment in the untrusted execution environment during execution of the business processing task by the business processing module to validate that the running artificial intelligence model is trusted.
Taking the example of the service processing module executing a screen unlocking task, when the terminal equipment is in a screen locking state, the service processing module executing the unlocking task and monitoring biological data provided by a camera device or a fingerprint acquisition device of the terminal equipment, and inputting the biological data into an artificial intelligent model to obtain an operation result which is matched with a preset biological feature when the biological data is received, wherein the operation result is used as data to be processed, the confirmation module further reads a credibility verification result stored in a credible execution environment of the terminal equipment for confirmation when the data to be processed is utilized to execute a subsequent task of unlocking/maintaining the screen locking, and when the credibility verification result indicates that all credibility verifications of the artificial intelligent model are credible, the service processing module continues to execute the unlocking operation according to the feedback of the confirmation module, namely, a display interface of the terminal equipment is switched from a screen locking interface to an unlocking interface (such as a desktop interface and the like); otherwise, the screen locking interface is maintained or a warning prompt is given.
The above examples provide a way for the service processing module in the terminal device to perform the service processing tasks, but are merely examples and not limiting of the service processing tasks that can be performed by the service processing module.
In other examples, the validation module sends the trust verification result to a server device in the business processing system for the server device to validate the trust verification result. Taking the unlocking task as an example, the service task module instructs the confirmation module to send the credibility verification result in the credible execution environment to the server-side equipment at any moment when the unlocking task is not executed, and acquires the confirmation information fed back by the server-side equipment, if the confirmation information is credible, the unlocking task is continuously executed in a credible state, otherwise, the screen locking state is maintained.
In another embodiment, the service processing system further comprises a server device. For convenience of the following description, the service operation module configured in the terminal device is referred to as a first service operation module, and the service operation module configured in the server device is referred to as a second service operation module. The confirmation module configured in the terminal device is called a first confirmation module, and the confirmation module configured in the server device is called a second confirmation module.
The first service operation module and the second service operation module may correspond to the service processing tasks cooperatively executed by the terminal device and the server device in steps S410 to S420.
Taking the first service operation module and the second service operation module cooperatively execute a payment task as an example, the first service operation module executes a payment task of transferring payment with the amount of c in a fund account P of a user to a payment with the fund account Q under the payment operation of the user, the first service operation module receives biological data provided by a camera device or a fingerprint acquisition device of a terminal device when executing, inputs the biological data into an artificial intelligent model to obtain extracted biological feature information, sends the biological feature information to the second service operation module, and the second service operation module performs feature matching and determines the fund account P corresponding to the biological feature information and executes a subsequent payment task of transferring payment c in the fund account P to the fund account Q. In some examples, before performing feature matching or before performing operations such as transferring, the second service running module acquires a credibility verification result in a credible execution environment in the terminal device and performs confirmation, and when the credibility verification result indicates that all kinds of credibility verification of the artificial intelligent model are credible, the second service running module performs subsequent feature matching operations or transferring operations based on confirmation information provided by the second confirmation module; otherwise, the second service operation module gives a transfer failure prompt or a matching unsuccessful prompt and the like. In other examples, before the first service processing module starts the artificial intelligent model or sends out the data to be processed, the validation module reads the credibility verification result in the credibility execution environment and validates the credibility verification result, when the credibility verification result indicates that all the credibility verifications of the artificial intelligent model are credible, the second service operation module executes starting the artificial intelligent model or sending out the data to be processed based on the validation information provided by the second validation module, and sends the data to be processed to the second service operation module for the second service operation module to continue to execute subsequent operations.
The first service processing module and the second service processing module may further perform a service processing task for the encrypted data to be processed, which corresponds to the process of processing the encrypted data to be processed in the aforementioned step S420, which will not be described in detail herein.
Taking a terminal device as cashing terminal device, wherein an artificial intelligent model operated by an untrusted execution environment is used for extracting face characteristic data in a face image as an example description, a first service processing module is operated under the operation of a service operator to execute a payment service processing task, during the execution of the payment service processing task, the first service processing module acquires the collection amount input by the service operator, acquires the face image shot by a camera device connected with the cashing terminal device, and operates the artificial intelligent model in the untrusted execution environment of the cashing terminal device to extract the face characteristic data in the face image, the first service processing module dispersedly processes the face characteristic data into face characteristic data fragments, a second service processing module coordinates the communicable computing nodes to form a multiparty security computing system, and instructs the first service processing module to send request information to one or more computing nodes in the multiparty security computing system so as to distribute the face characteristic data fragments, and each computing node constructs secure transmission communication with the cashing terminal device based on cryptography technology and obtains at least one part of the face characteristic data fragments; each computing node in the multiparty security computing system executes the recognition operation of the face feature data according to the preset multiparty security protocol so as to match the face feature data with the fund account, the matched computing result is recovered in the second service processing module, and the second service processing module continues to execute the transfer of the collection amount in the matched fund account to the fund account corresponding to the cashing terminal device. The step of confirming the credibility verification result can be executed by a multiparty security computing system, so that the multiparty security computing system also constructs secure transmission communication with the cashing terminal equipment to acquire the credibility verification result when receiving request information generated for transmitting the face feature data fragments, and completes secure transmission communication constructed with an untrusted execution environment of the cashing terminal equipment when confirming that the credibility verification result is credible, thereby ensuring that an artificial intelligent model used by a payment service processing task and the face feature data provided by the artificial intelligent model are secure. The step of validating the trust verification result may be performed by a second validation module (or a first validation module), where the multiparty security computing system may further obtain authorization from the second validation module (or the first validation module) when the face feature data fragment is received, where the authorization may be sent to the multiparty security computing system by the second validation module (or the first validation module) after validating the trust verification result.
Referring to fig. 8, a schematic diagram of a network architecture provided based on the authentication scheme and the service processing scheme according to the present application is shown. By way of example shown in fig. 8, the terminal device is configured with an untrusted execution environment and a trusted execution environment using hardware devices and software programs installed in advance. Wherein the hardware device such as a storage device, a processing device, an acquisition device, etc., and the software program such as a verification execution program, a business processing program, a program describing an artificial intelligence model, etc. Invoking corresponding programs in an untrusted execution environment to run an artificial intelligence model, a business processing module and the like and storing various data such as biological data, running results and the like during the running of the artificial intelligence model and the business processing module; and calling a corresponding program in the trusted execution environment to run the verification module and the like, and storing the credibility verification result obtained by the verification module. The server device comprises a trusted verification server, a multiparty secure computing system and business service devices. The trusted verification server is computer equipment matched with the terminal equipment for trusted verification; the multiparty Secure computing system is used for executing partial data processing in the business processing task by utilizing a multiparty Secure computing protocol (Secure Multi-Party Computation, abbreviated as MPC); the business service equipment is computer equipment which cooperates with the terminal equipment to execute business processing tasks. The business service equipment is in communication connection with the credibility verification server and the multiparty safety computing system. The trusted verification server downloads the verification execution program into a trusted execution environment of the terminal equipment through a secure communication channel in advance.
The service processing module executes a service processing task in the operation period, biological data is acquired through the acquisition device according to the service processing task, the biological data is input into the operated artificial intelligent model, the artificial intelligent model is detected by the verification starting module and starts the verification module in the operation period, the verification module performs credibility verification on the artificial intelligent model by utilizing the biological data, the obtained credibility verification result is stored in a credible execution environment, the operation result obtained by the operation of the artificial intelligent model is encrypted and processed to obtain to-be-processed data fragments, and the terminal equipment requests the service equipment to perform subsequent processing on the to-be-processed data fragments so as to continuously execute the service processing task. On one hand, the service device obtains a credibility verification result to confirm the credibility of the artificial intelligent model and the data fragments to be processed in the terminal device, on the other hand, a plurality of computing nodes are selected to form a multiparty security computing system, after confirming the credibility, the service device instructs the terminal device to send at least part of the data fragments to be processed to the multiparty security computing system so as to execute multiparty security computation to obtain computation results held by the computing nodes, and the service device or the service device instructs the external service device to utilize the computation results to perform recovery operation, so that the processing data of the service processing part executed by the multiparty security computing system is obtained, and the service processing task is completed based on the processing data.
It should be noted that the foregoing examples are merely examples, and the new examples obtained are still under the technical architecture of the present solution according to the substitution of the foregoing example portions.
The present application also provides a computer readable and writable storage medium storing a computer program of a data processing method, where the computer program of the data processing method implements the service processing method according to the above embodiment when executed.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application.
In the embodiments provided herein, the computer-readable storage medium may include read-only memory, random-access memory, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, flash memory, U-disk, removable hard disk, or any other medium that can be used to store desired program code in the form of instructions or data structures and that can be accessed by a computer. In addition, any connection is properly termed a computer-readable medium. For example, if the instructions are transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital Subscriber Line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium. It should be understood, however, that computer-readable and data storage media do not include connections, carrier waves, signals, or other transitory media, but are intended to be directed to non-transitory, tangible storage media. Disk and disc, as used herein, includes Compact Disc (CD), laser disc, optical disc, digital Versatile Disc (DVD), floppy disk and blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers.
In one or more exemplary aspects, the functions described by the computer program of the data processing method of the present application may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, these functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. The steps of a method or algorithm disclosed in the present application may be embodied in a processor-executable software module, which may be located on a tangible, non-transitory computer-readable and writable storage medium. Tangible, non-transitory computer readable and writable storage media may be any available media that can be accessed by a computer.
The flowcharts and block diagrams in the figures described above illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Based on the above-mentioned business processing method, business processing system, terminal equipment, service end equipment, business processing software system and computer readable storage medium, the application discloses the following technical scheme:
1. a service processing method, suitable for use in a service processing system including at least a terminal device, wherein the terminal device is configured with an artificial intelligence model running in an untrusted execution environment, the service processing method comprising:
operating the artificial intelligent model during the operation of the service processing task by the terminal equipment to obtain data to be processed;
executing the business processing task by utilizing the data to be processed under the condition that the credibility verification result of the artificial intelligent model is credible; the trust verification results are from a trusted execution environment.
2. The service processing method according to embodiment 1, wherein the manner of confirming the trust verification result includes:
validating the trust verification result read from the trusted execution environment in the untrusted execution environment during execution of the business process task to confirm that the executed artificial intelligence model is trusted; or alternatively
And sending the credibility verification result to a server-side device in the service processing system so as to confirm the credibility verification result by the server-side device.
3. The service processing method according to embodiment 2, wherein the step of sending the trust verification result to the server device includes: and transmitting the credibility verification result to the server-side equipment by utilizing the secure data communication between the trusted execution environment and the server-side equipment.
4. The business processing method according to embodiment 1, wherein the trust verification result is related to a version of the artificial intelligence model; or the trust verification result is valid for a period of time.
5. The service processing method according to embodiment 1, further comprising a step of encrypting the data to be processed.
6. The service processing method according to embodiment 5, wherein the encryption processing manner includes: dispersing the data to be processed into N data fragments to be processed; wherein N > 1.
7. The service processing method according to embodiment 6, wherein the step of executing the service processing task using the data to be processed includes:
Transmitting at least part of the data to be processed to a multiparty secure computing system in communication with the business processing system in order to
And the multiparty security computing system executes the business processing task on each data fragment to be processed based on the multiparty security protocol.
8. The business processing method of embodiment 7, wherein the computing node in the multiparty secure computing system comprises:
computer equipment in the business processing system.
9. The service processing method according to embodiment 5, wherein the encryption processing manner includes: and encrypting the data to be processed by using the secret key.
10. The service processing method according to embodiment 9, wherein the step of executing the service processing task using the data to be processed includes: and sending the encrypted data to be processed to a server device in the service processing system, so that the server device performs data processing operation in the service processing task by utilizing the encrypted data to be processed.
11. The business processing method of embodiment 1, wherein the artificial intelligence model comprises at least one of the following: a biometric model, an image recognition model, or a text recognition model.
12. The service processing method according to embodiment 11, wherein the data to be processed includes: the identification result data of the artificial intelligence model or the data extracted by the artificial intelligence model.
13. The service processing method according to embodiment 12, wherein the data to be processed includes: the identification result data of the biological characteristics obtained by identification or the biological characteristic data obtained by extraction.
14. The service processing method according to embodiment 1 or 12, wherein the service processing task includes: a business processing task based on identity verification or a business processing task based on biological feature recognition.
15. The service processing method according to embodiment 1, wherein the step of executing the service processing task using the data to be processed includes: and executing data processing operation in the business processing task on the data to be processed in the untrusted execution environment.
16. The business processing method of embodiment 1 wherein said executing said artificial intelligence model in an untrusted execution environment is during; the business processing method further comprises the following steps in the trusted execution environment: and reading the credibility verification information provided by the artificial intelligent model from the untrusted execution environment, and carrying out credibility verification on the artificial intelligent model according to the credibility verification information so as to obtain a credibility verification result.
17. The business processing method of embodiment 1, wherein the step of running the artificial intelligence model in an untrusted execution environment comprises: and operating the artificial intelligent model to perform data processing related to biological feature processing on the acquired data provided by the acquisition device of the terminal equipment.
18. The service processing method according to embodiment 1, wherein the trusted execution environment is configured in the terminal device; or the trusted execution environment is configured in the verification device, wherein the terminal device is in communication connection with the verification device.
19. The service processing method is suitable for a service processing system constructed by terminal equipment and service end equipment, and comprises the following steps:
obtaining a trust verification result from a trusted execution environment; the credibility verification result is obtained by carrying out credibility verification on an artificial intelligent model operated in an untrusted execution environment in the terminal equipment;
during the operation of the service processing task, under the condition that the credibility verification result is confirmed to be credible, the service processing task and the terminal equipment cooperatively process the data to be processed in the terminal equipment to execute the corresponding service processing task; wherein the data to be processed is obtained by running the artificial intelligence model in the untrusted execution environment.
20. The service processing method according to embodiment 19, wherein the trust verification result is from a trusted execution environment of the terminal device or from a verification device in communication with the terminal device.
21. The business processing method of embodiment 19, wherein the trust verification result is related to a version of the artificial intelligence model; or the trust verification result is valid for a period of time.
22. The business processing method of embodiment 19 or 20, wherein the step of obtaining the trust verification result from a trusted execution environment comprises:
the trusted execution environment and the server side equipment are used for carrying out secure data communication to obtain the trusted verification result;
and confirming the credibility of the acquired data to be processed by confirming the credibility verification result.
23. The service processing method according to embodiment 19, wherein the step of cooperatively processing the data to be processed in the terminal device with the terminal device to perform the corresponding service processing task includes: a data processing operation is performed on the received encrypted data to be processed.
24. The service processing method according to embodiment 19, wherein the step of cooperatively processing the data to be processed in the terminal device with the terminal device to perform the corresponding service processing task includes:
And distributing at least one data fragment to be processed from the terminal equipment to a multiparty security computing system communicated with the service processing system, so that the multiparty security computing system can execute the service processing task on each data fragment to be processed based on a multiparty security protocol.
25. The business processing method of embodiment 24, wherein the computing nodes in the multiparty secure computing system comprise:
and the terminal equipment or the server equipment in the service processing system.
26. The business processing method of embodiment 19, wherein the artificial intelligence model comprises: a biometric model, an image recognition model, or a text recognition model.
27. The service processing method according to embodiment 26, wherein the data to be processed includes: the identification result data of the artificial intelligence model or the data extracted by the artificial intelligence model.
28. The service processing method according to embodiment 27, wherein the data to be processed includes: the identification result data of the biological characteristics obtained by identification or the biological characteristic data obtained by extraction.
29. The service processing method according to embodiment 19 or 28, wherein the service processing task includes: a business processing task based on identity verification or a business processing task based on biological feature recognition.
30. A business processing system based on an artificial intelligence model, comprising:
a terminal device, at least providing an untrusted execution environment, for executing the service processing method according to any one of embodiments 1 to 18;
a server device, in communication with the terminal device, for transmitting at least one authentication execution program generated in advance to
The terminal equipment is used for obtaining a credibility verification result after the execution of the credible execution environment in the terminal equipment.
31. The service processing system based on an artificial intelligence model according to embodiment 30, wherein the service-side device performs the service processing method according to any one of embodiments 19 to 29 based on a trigger operation of the terminal device.
32. A terminal device, comprising:
a storage device for storing a program describing the artificial intelligence model, at least one service processing program, and a trust verification result;
processing means in communication with said memory means via a bus, comprising:
a first processing unit configured in an untrusted execution environment for invoking and executing the at least one business process program and running the artificial intelligence model in the untrusted execution environment to perform the business process method of any one of embodiments 1-18;
The second processing unit is configured in the trusted execution environment and is used for reading the credibility verification result;
wherein data is communicated between the trusted execution environment and the untrusted execution environment.
33. The terminal device according to embodiment 32, wherein the terminal device further comprises acquisition means for acquiring biological data; the artificial intelligence model is used for carrying out feature extraction or identification processing on the collected biological data.
34. The terminal device of embodiment 32, wherein the terminal device comprises: payment terminal equipment, mobile terminal equipment, entrance guard terminal equipment, or security monitoring terminal equipment.
35. A terminal device, comprising:
a storage device for storing a program describing the artificial intelligence model, at least one service processing program, and a trust verification result;
processing means in communication with said storage means via a bus, configured in an untrusted execution environment for invoking and executing said at least one business process program, and running said artificial intelligence model in said untrusted execution environment to perform the business process method of any of embodiments 1-18;
The interface device is used for being in communication connection with verification equipment to obtain a credibility verification result; wherein the verification device provides a trusted execution environment and stores the trust verification result.
36. A server device, comprising:
the interface device is used for receiving the data to be processed and the credibility verification result from the terminal equipment;
a storage device for storing at least one program;
processing means for invoking said at least one program to coordinate said interface means and storage means to perform a business processing method as described in any of embodiments 19-29.
37. The server device of embodiment 36, wherein the interface means is further configured to receive an artificial intelligence model to be verified;
the storage device also stores at least one verification execution program corresponding to the artificial intelligent model;
the processing means is further for coordinating the interface means and the storage means to perform the steps of: transmitting the at least one authentication execution program to a terminal device installed with the artificial intelligence model;
wherein the at least one authentication executive is configured to perform a trust authentication on the artificial intelligence model running in an untrusted execution environment of the terminal device.
38. A business process software system, wherein the business process software system is configured in a business process system at least comprising a terminal device, wherein an artificial intelligence model running in an untrusted execution environment is configured in the terminal device, the business process software system comprising:
the service operation module is used for operating the artificial intelligent model during the operation of the service processing task so as to obtain data to be processed; and the service processing task is executed by utilizing the data to be processed in a state that the credibility verification result is credible; wherein the trust verification results in a trust of execution in the untrusted execution environment
The artificial intelligence model is obtained through credibility verification, and the credibility verification result is obtained from a credible execution environment.
39. The business process software system of embodiment 38, further comprising a validation module for validating the trust verification result using:
validating the trust verification result read from the trusted execution environment in the untrusted execution environment during execution of the business processing task by the business processing module to confirm that the operational artificial intelligence model is trusted; or alternatively
And sending the credibility verification result to a server-side device in the service processing system so as to confirm the credibility verification result by the server-side device.
40. The business process software system of embodiment 39, wherein said validation module is configured to send said trust verification result to said server device using secure data communications between said trusted execution environment and said server device.
41. The business process software system of embodiment 38 wherein the trust verification result is related to a version of the artificial intelligence model; or the trust verification result is valid for a period of time.
42. The business processing software system of embodiment 38, wherein the business operation module is further configured to encrypt the data to be processed.
43. The business process software system of embodiment 42, wherein the encryption processing means comprises: dispersing the data to be processed into N data fragments to be processed; wherein N > 1.
44. The business process software system of embodiment 43, wherein the business execution module is configured to send at least a portion of the data fragments to be processed to a multi-party secure computing system in communication with the business process system, so that the multi-party secure computing system performs the business process tasks on each of the data fragments to be processed based on a multi-party secure protocol.
45. The business process software system of embodiment 42, wherein the encryption processing means comprises: and encrypting the data to be processed by using the secret key.
46. The business process software system of embodiment 45, wherein the operation module is configured to send the encrypted data to be processed to a server device, so that the server device performs the data processing operation in the business process task using the encrypted data to be processed.
47. The business process software system of embodiment 38, wherein the artificial intelligence model comprises at least one of:
a biometric model, an image recognition model, or a text recognition model.
48. The business process software system of embodiment 47, wherein the data to be processed comprises: the identification result data of the artificial intelligence model or the data extracted by the artificial intelligence model.
49. The business process software system of embodiment 48, wherein the data to be processed comprises: the identification result data of the biological characteristics obtained by identification or the biological characteristic data obtained by extraction.
50. The business processing software system of embodiment 38 or 48, wherein the business processing tasks include: a business processing task based on identity verification or a business processing task based on biological feature recognition.
51. The business process software system of embodiment 38, wherein said business execution module is configured to perform data processing operations in said business process tasks on said data to be processed in said untrusted execution environment.
52. The business process software system of embodiment 38, further comprising a verification module configured to read the trust verification information provided by the artificial intelligence model from the untrusted execution environment, and perform trust verification on the artificial intelligence model according to the trust verification information to obtain a trust verification result.
53. The business process software system of embodiment 38, wherein the business execution module runs the artificial intelligence model in an untrusted execution environment in a manner comprising: and operating the artificial intelligent model to perform data processing related to biological feature processing on the acquired data provided by the acquisition device of the terminal equipment.
54. The business process software system of embodiment 38, wherein said trusted execution environment is configured in said terminal device; or the trusted execution environment is configured in the verification device, wherein the terminal device is in communication connection with the verification device.
55. A service processing software system, wherein the service processing software system is configured in a service processing system constructed by a terminal device and a server device, and the service processing software system comprises:
the service operation module is used for acquiring a credibility verification result from the terminal equipment; the credibility verification result is obtained by carrying out credibility verification on an artificial intelligent model operated in an untrusted execution environment in the terminal equipment; and the terminal equipment is used for cooperatively processing the data to be processed in the terminal equipment to execute the corresponding business processing task under the state that the credibility verification result is credible during the operation of the business processing task;
wherein the data to be processed is obtained by running the artificial intelligence model in the untrusted execution environment.
56. The business process software system of embodiment 55, wherein the trust verification result is pre-stored in a trusted execution environment of the terminal device.
57. The business process software system of embodiment 55 wherein the trust verification result is related to a version of the artificial intelligence model; or the trust verification result is valid for a period of time.
58. The business process software system of embodiment 55 or 56, wherein the business execution module is configured to perform the following procedure:
the credibility verification result is obtained by utilizing the safety data communication between the terminal equipment and the server equipment;
and confirming the credibility of the acquired data to be processed by confirming the credibility verification result.
59. The business process software system of embodiment 55, wherein the business operation module is configured to receive encrypted data to be processed, so as to cooperatively process the encrypted data to be processed with the terminal device.
60. The business process software system of embodiment 55, wherein the business execution module is configured to distribute at least one pending data fragment from the terminal device to a multi-party secure computing system in communication with the business process system, so that the multi-party secure computing system performs the business process task on each pending data fragment based on a multi-party secure protocol.
61. The business process software system of embodiment 55, wherein the artificial intelligence model comprises: a biometric model, an image recognition model, or a text recognition model.
62. The business processing software system of embodiment 61, wherein the data to be processed comprises: the identification result data of the biological characteristics obtained by identification or the biological characteristic data obtained by extraction.
63. The business process software system of embodiment 55, wherein the data to be processed comprises: the identification result data of the biological characteristics obtained by identification or the biological characteristic data obtained by extraction.
64. The business processing software system of embodiment 55 or 61, wherein the business processing tasks include: a business processing task based on identity verification or a business processing task based on biological feature recognition.
65. A computer-readable storage medium in which at least one program is stored, which when called, performs and implements the service processing method according to any one of embodiments 1 to 18, or performs and implements the service processing method according to any one of embodiments 19 to 29.
The above embodiments are merely illustrative of the principles of the present application and its effectiveness, and are not intended to limit the application. Modifications and variations may be made to the above-described embodiments by those skilled in the art without departing from the spirit and scope of the application. Accordingly, it is intended that all equivalent modifications and variations of the application be covered by the claims, which are within the ordinary skill of the art, be within the spirit and scope of the present disclosure.
Claims (57)
1. A service processing method, adapted for use in a service processing system including at least a terminal device, wherein the terminal device is configured with an artificial intelligence model running in an untrusted execution environment, the service processing method comprising:
operating the artificial intelligent model during the operation of the service processing task by the terminal equipment to obtain data to be processed; the data to be processed comprises: the identification result data of the artificial intelligence model or the data extracted by the artificial intelligence model;
executing the business processing task by utilizing the data to be processed under the condition that the credibility verification result of the artificial intelligent model is credible; the credibility verification result is from a credible execution environment;
the method for confirming the credibility verification result comprises the following steps: validating the trust verification result read from the trusted execution environment in the untrusted execution environment during execution of the business process task to confirm that the executed artificial intelligence model is trusted; or sending the credibility verification result to a server-side device in the service processing system so that the server-side device can confirm the credibility verification result; the trust verification result is related to a version of the artificial intelligence model; or the trust verification result is valid for a period of time.
2. The service processing method according to claim 1, wherein the step of transmitting the trust verification result to the server device includes: and transmitting the credibility verification result to the server-side equipment by utilizing the secure data communication between the trusted execution environment and the server-side equipment.
3. The service processing method according to claim 1, further comprising the step of subjecting the data to be processed to encryption processing.
4. A service processing method according to claim 3, wherein the encryption processing means comprises: dispersing the data to be processed into N data fragments to be processed; wherein N > 1.
5. The service processing method according to claim 4, wherein the step of performing the service processing task using the data to be processed comprises:
and sending at least part of the data fragments to be processed to a multiparty security computing system in communication with the service processing system, so that the multiparty security computing system can execute the service processing task on each data fragment to be processed based on a multiparty security protocol.
6. The business processing method of claim 5, wherein the computing nodes in the multiparty secure computing system comprise: computer equipment in the business processing system.
7. A service processing method according to claim 3, wherein the encryption processing means comprises: and encrypting the data to be processed by using the secret key.
8. The service processing method according to claim 7, wherein the step of performing the service processing task using the data to be processed comprises: and sending the encrypted data to be processed to a server device in the service processing system, so that the server device performs data processing operation in the service processing task by utilizing the encrypted data to be processed.
9. The business processing method of claim 1, wherein the artificial intelligence model comprises at least one of: a biometric model, an image recognition model, or a text recognition model.
10. The traffic processing method according to claim 1, wherein the data to be processed comprises: the identification result data of the biological characteristics obtained by identification or the biological characteristic data obtained by extraction.
11. The service processing method according to claim 1, wherein the service processing task comprises: a business processing task based on identity verification or a business processing task based on biological feature recognition.
12. The service processing method according to claim 1, wherein the step of performing the service processing task using the data to be processed comprises: and executing data processing operation in the business processing task on the data to be processed in the untrusted execution environment.
13. The business processing method of claim 1, wherein during execution of the artificial intelligence model in the untrusted execution environment; the business processing method further comprises the following steps in the trusted execution environment: and reading the credibility verification information provided by the artificial intelligent model from the untrusted execution environment, and carrying out credibility verification on the artificial intelligent model according to the credibility verification information so as to obtain a credibility verification result.
14. The business processing method of claim 1, wherein the step of running the artificial intelligence model in the untrusted execution environment comprises: and operating the artificial intelligent model to perform data processing related to biological feature processing on the acquired data provided by the acquisition device of the terminal equipment.
15. The service processing method according to claim 1, wherein the trusted execution environment is configured in the terminal device; or the trusted execution environment is configured in the verification device, wherein the terminal device is in communication connection with the verification device.
16. The service processing method is characterized by being applied to a service processing system constructed by terminal equipment and service end equipment, and comprises the following steps:
obtaining a trust verification result from a trusted execution environment; the credibility verification result is obtained by carrying out credibility verification on an artificial intelligent model operated in an untrusted execution environment in the terminal equipment; the trust verification result is related to a version of the artificial intelligence model; or the trust verification result is valid for a period of time;
during the operation of the service processing task, under the condition that the credibility verification result is confirmed to be credible, the service processing task and the terminal equipment cooperatively process the data to be processed in the terminal equipment to execute the corresponding service processing task; wherein the data to be processed is obtained by running the artificial intelligence model in the untrusted execution environment; the data to be processed comprises: the identification result data of the artificial intelligence model or the data extracted by the artificial intelligence model;
the method for confirming the credibility verification result comprises the following steps: validating the trust verification result read from the trusted execution environment in the untrusted execution environment during execution of the business process task to confirm that the executed artificial intelligence model is trusted; or sending the credibility verification result to a server-side device in the service processing system so that the server-side device can confirm the credibility verification result.
17. The traffic processing method according to claim 16, wherein the trust verification result is from a trusted execution environment of the terminal device or from a verification device in communication with the terminal device.
18. The method according to claim 16 or 17, wherein the step of obtaining a trust verification result from a trusted execution environment comprises:
the trusted execution environment and the server side equipment are used for carrying out secure data communication to obtain the trusted verification result;
and confirming the credibility of the acquired data to be processed by confirming the credibility verification result.
19. The service processing method according to claim 16, wherein the step of processing the data to be processed in the terminal device in cooperation with the terminal device to perform the corresponding service processing task includes: a data processing operation is performed on the received encrypted data to be processed.
20. The service processing method according to claim 16, wherein the step of processing the data to be processed in the terminal device in cooperation with the terminal device to perform the corresponding service processing task includes:
And distributing at least one data fragment to be processed from the terminal equipment to a multiparty security computing system communicated with the service processing system, so that the multiparty security computing system can execute the service processing task on each data fragment to be processed based on a multiparty security protocol.
21. The business processing method of claim 20, wherein the computing nodes in the multiparty secure computing system comprise: and the terminal equipment or the server equipment in the service processing system.
22. The business processing method of claim 16, wherein the artificial intelligence model comprises: a biometric model, an image recognition model, or a text recognition model.
23. The traffic processing method according to claim 16, wherein the data to be processed comprises: the identification result data of the biological characteristics obtained by identification or the biological characteristic data obtained by extraction.
24. The service processing method according to claim 16 or 23, wherein the service processing task comprises: a business processing task based on identity verification or a business processing task based on biological feature recognition.
25. A business processing system based on an artificial intelligence model, comprising:
terminal equipment, at least providing an untrusted execution environment, for executing the service processing method according to any of claims 1-15;
the server side equipment is communicated with the terminal equipment and is used for sending at least one verification execution program which is generated in advance to the terminal equipment so as to obtain a credibility verification result after the execution of the credible execution environment in the terminal equipment.
26. The service processing system based on artificial intelligence model according to claim 25, wherein the service side device performs the service processing method according to any one of claims 16 to 24 based on a trigger operation of the terminal device.
27. A terminal device, comprising:
a storage device for storing a program describing the artificial intelligence model, at least one service processing program, and a trust verification result;
processing means in communication with said memory means via a bus, comprising:
a first processing unit configured in an untrusted execution environment for invoking and executing the at least one business process program and running the artificial intelligence model in the untrusted execution environment to perform the business process method of any of claims 1-15;
The second processing unit is configured in the trusted execution environment and is used for reading the credibility verification result;
wherein data is communicated between the trusted execution environment and the untrusted execution environment.
28. The terminal device according to claim 27, characterized in that the terminal device further comprises acquisition means for acquiring biological data; the artificial intelligence model is used for carrying out feature extraction or identification processing on the collected biological data.
29. The terminal device according to claim 27, characterized in that the terminal device comprises: payment terminal equipment, mobile terminal equipment, entrance guard terminal equipment, or security monitoring terminal equipment.
30. A terminal device, comprising:
a storage device for storing a program describing the artificial intelligence model, at least one service processing program, and a trust verification result;
processing means in communication with said storage means via a bus, configured in an untrusted execution environment for invoking and executing said at least one business process program, and running said artificial intelligence model in said untrusted execution environment to perform the business process method of any of claims 1-15;
The interface device is used for being in communication connection with verification equipment to obtain a credibility verification result; wherein the verification device provides a trusted execution environment and stores the trust verification result.
31. A server device, comprising:
the interface device is used for receiving the data to be processed and the credibility verification result from the terminal equipment;
a storage device for storing at least one program;
processing means for invoking said at least one program to coordinate said interface means and storage means to perform the service processing method of any of claims 16-24.
32. The server-side appliance of claim 31, wherein the interface device is further configured to receive an artificial intelligence model to be validated;
the storage device also stores at least one verification execution program corresponding to the artificial intelligent model;
the processing means is further for coordinating the interface means and the storage means to perform the steps of: transmitting the at least one authentication execution program to a terminal device installed with the artificial intelligence model;
wherein the at least one authentication executive is configured to perform a trust authentication on the artificial intelligence model running in an untrusted execution environment of the terminal device.
33. A business process software system configured in a business process system comprising at least a terminal device, the terminal device having an artificial intelligence model configured to operate in an untrusted execution environment, the business process software system comprising:
the service operation module is used for operating the artificial intelligent model during the operation of the service processing task so as to obtain data to be processed; the data to be processed comprises: the identification result data of the artificial intelligence model or the data extracted by the artificial intelligence model; and the service processing task is executed by utilizing the data to be processed in a state that the credibility verification result is credible; the credibility verification result is obtained by carrying out credibility verification on an artificial intelligent model operated in the untrusted execution environment, and is from a trusted execution environment; the trust verification result is related to a version of the artificial intelligence model; or the trust verification result is valid for a period of time;
a confirmation module, configured to confirm the trust verification result by using the following manner: validating the trust verification result read from the trusted execution environment in the untrusted execution environment during execution of the business processing task by a business processing module to confirm that the running artificial intelligence model is trusted; or alternatively
And sending the credibility verification result to a server-side device in the service processing system so as to confirm the credibility verification result by the server-side device.
34. The business process software system of claim 33, wherein said validation module is configured to send said trust verification result to said server device using secure data communications between said trusted execution environment and said server device.
35. The business process software system of claim 33, wherein said business execution module is further configured to encrypt said data to be processed.
36. The business process software system of claim 35, wherein the encryption process comprises: dispersing the data to be processed into N data fragments to be processed; wherein N > 1.
37. The business process software system of claim 36, wherein said business execution module is configured to send at least a portion of the data fragments to be processed to a multi-party secure computing system in communication with said business process system for said multi-party secure computing system to perform said business process tasks on each data fragment to be processed based on a multi-party secure protocol.
38. The business process software system of claim 35, wherein the encryption process comprises: and encrypting the data to be processed by using the secret key.
39. The business process software system of claim 38, wherein the execution module is configured to send the encrypted data to be processed to a server device to cause the server device to perform the data processing operation in the business process task using the encrypted data to be processed.
40. The business process software system of claim 33, wherein the artificial intelligence model comprises at least one of: a biometric model, an image recognition model, or a text recognition model.
41. The business process software system of claim 40, wherein the data to be processed comprises: the identification result data of the artificial intelligence model or the data extracted by the artificial intelligence model.
42. The business process software system of claim 41, wherein the data to be processed comprises: the identification result data of the biological characteristics obtained by identification or the biological characteristic data obtained by extraction.
43. The business processing software system of claim 33 or 40, wherein the business processing tasks comprise: a business processing task based on identity verification or a business processing task based on biological feature recognition.
44. The business processing software system of claim 33, wherein said business execution module is configured to perform data processing operations in said business processing tasks on said data to be processed in said untrusted execution environment.
45. The business process software system of claim 33, further comprising a verification module for reading the trust verification information provided by the artificial intelligence model from the untrusted execution environment and performing trust verification on the artificial intelligence model based on the trust verification information to obtain a trust verification result.
46. The business processing software system of claim 33, wherein the business execution module operates the artificial intelligence model in an untrusted execution environment in a manner comprising: and operating the artificial intelligent model to perform data processing related to biological feature processing on the acquired data provided by the acquisition device of the terminal equipment.
47. The business processing software system of claim 33, wherein the trusted execution environment is configured in the terminal device; or the trusted execution environment is configured in the verification device, wherein the terminal device is in communication connection with the verification device.
48. A service processing software system, configured in a service processing system constructed by a terminal device and a server device, wherein the service processing software system comprises:
the service operation module is used for acquiring a credibility verification result from the terminal equipment; the credibility verification result is obtained by carrying out credibility verification on an artificial intelligent model operated in an untrusted execution environment in the terminal equipment; the trust verification result is related to a version of the artificial intelligence model; or the trust verification result is valid for a period of time; and the terminal equipment is used for cooperatively processing the data to be processed in the terminal equipment to execute the corresponding business processing task under the state that the credibility verification result is credible during the operation of the business processing task; wherein the data to be processed is obtained by running the artificial intelligence model in the untrusted execution environment; the data to be processed comprises: the identification result data of the artificial intelligence model or the data extracted by the artificial intelligence model;
The method for confirming the credibility verification result comprises the following steps: validating the trust verification result read from the trusted execution environment in the untrusted execution environment during execution of the business process task to confirm that the executed artificial intelligence model is trusted; or sending the credibility verification result to a server-side device in the service processing system so that the server-side device can confirm the credibility verification result.
49. The business process software system of claim 48, wherein said trust verification results are pre-stored in a trusted execution environment of said terminal device.
50. The business processing software system of claim 48 or 49, wherein the business execution module is configured to perform the following:
the credibility verification result is obtained by utilizing the safety data communication between the terminal equipment and the server equipment;
and confirming the credibility of the acquired data to be processed by confirming the credibility verification result.
51. The business process software system of claim 48, wherein said business execution module is configured to receive encrypted data to be processed so as to cooperatively process the encrypted data to be processed with said terminal device.
52. A business process software system as claimed in claim 48, wherein said business execution module is configured to distribute at least one pending data fragment from said terminal device to a multi-party secure computing system in communication with said business process system for said multi-party secure computing system to perform said business process tasks on each pending data fragment based on a multi-party secure protocol.
53. The business process software system of claim 48, wherein said artificial intelligence model comprises: a biometric model, an image recognition model, or a text recognition model.
54. The business process software system of claim 53, wherein said data to be processed comprises: the identification result data of the biological characteristics obtained by identification or the biological characteristic data obtained by extraction.
55. The business process software system of claim 48, wherein said data to be processed comprises: the identification result data of the biological characteristics obtained by identification or the biological characteristic data obtained by extraction.
56. The business processing software system of claim 48 or 53, wherein the business processing tasks comprise: a business processing task based on identity verification or a business processing task based on biological feature recognition.
57. A computer-readable storage medium storing at least one program that when invoked performs and implements the service handling method of any one of claims 1-15, or performs and implements the service handling method of any one of claims 16-24.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010103073.9A CN111949986B (en) | 2020-02-19 | 2020-02-19 | Service processing method, system and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010103073.9A CN111949986B (en) | 2020-02-19 | 2020-02-19 | Service processing method, system and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111949986A CN111949986A (en) | 2020-11-17 |
CN111949986B true CN111949986B (en) | 2023-10-03 |
Family
ID=73336932
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010103073.9A Active CN111949986B (en) | 2020-02-19 | 2020-02-19 | Service processing method, system and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111949986B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112989386B (en) * | 2021-03-31 | 2023-09-22 | 苏州黑云智能科技有限公司 | Blacklist sharing method and system based on careless transmission |
CN113095430B (en) * | 2021-04-26 | 2022-02-01 | 北京瑞莱智慧科技有限公司 | Model updating method capable of protecting privacy, object identification method, system, device, medium and equipment |
CN113641423B (en) * | 2021-08-31 | 2023-07-07 | 青岛海信传媒网络技术有限公司 | Display device and system starting method |
CN116614312B (en) * | 2023-07-19 | 2024-04-09 | 北京云尚汇信息技术有限责任公司 | Security verification method and system for cloud computing system |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105429808A (en) * | 2015-12-31 | 2016-03-23 | 公安部第三研究所 | Trusted computing-based dynamic management service system and method |
CN106921799A (en) * | 2017-02-24 | 2017-07-04 | 深圳市金立通信设备有限公司 | A kind of mobile terminal safety means of defence and mobile terminal |
CN107808098A (en) * | 2017-09-07 | 2018-03-16 | 阿里巴巴集团控股有限公司 | A kind of model safety detection method, device and electronic equipment |
CN109117625A (en) * | 2017-06-22 | 2019-01-01 | 华为技术有限公司 | The determination method and device of AI software systems safe condition |
CN109218260A (en) * | 2017-07-03 | 2019-01-15 | 深圳市中兴微电子技术有限公司 | A kind of authentication protection system and method based on dependable environment |
CN109635584A (en) * | 2018-11-23 | 2019-04-16 | 浙江工商大学 | A kind of data link privacy calculation method based on block chain |
CN109787943A (en) * | 2017-11-14 | 2019-05-21 | 华为技术有限公司 | A kind of method and apparatus of resisting abnegation service aggression |
CN110677418A (en) * | 2019-09-29 | 2020-01-10 | 四川虹微技术有限公司 | Trusted voiceprint authentication method and device, electronic equipment and storage medium |
CN110704850A (en) * | 2019-09-03 | 2020-01-17 | 华为技术有限公司 | Artificial intelligence AI model operation method and device |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9621547B2 (en) * | 2014-12-22 | 2017-04-11 | Mcafee, Inc. | Trust establishment between a trusted execution environment and peripheral devices |
US10204229B2 (en) * | 2017-03-21 | 2019-02-12 | Nxp B.V. | Method and system for operating a cache in a trusted execution environment |
US20190116038A1 (en) * | 2017-10-12 | 2019-04-18 | Rivetz Corp. | Attestation With Embedded Encryption Keys |
US10922441B2 (en) * | 2018-05-04 | 2021-02-16 | Huawei Technologies Co., Ltd. | Device and method for data security with a trusted execution environment |
US11443182B2 (en) * | 2018-06-25 | 2022-09-13 | International Business Machines Corporation | Privacy enhancing deep learning cloud service using a trusted execution environment |
-
2020
- 2020-02-19 CN CN202010103073.9A patent/CN111949986B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105429808A (en) * | 2015-12-31 | 2016-03-23 | 公安部第三研究所 | Trusted computing-based dynamic management service system and method |
CN106921799A (en) * | 2017-02-24 | 2017-07-04 | 深圳市金立通信设备有限公司 | A kind of mobile terminal safety means of defence and mobile terminal |
CN109117625A (en) * | 2017-06-22 | 2019-01-01 | 华为技术有限公司 | The determination method and device of AI software systems safe condition |
CN109218260A (en) * | 2017-07-03 | 2019-01-15 | 深圳市中兴微电子技术有限公司 | A kind of authentication protection system and method based on dependable environment |
CN107808098A (en) * | 2017-09-07 | 2018-03-16 | 阿里巴巴集团控股有限公司 | A kind of model safety detection method, device and electronic equipment |
CN109787943A (en) * | 2017-11-14 | 2019-05-21 | 华为技术有限公司 | A kind of method and apparatus of resisting abnegation service aggression |
CN109635584A (en) * | 2018-11-23 | 2019-04-16 | 浙江工商大学 | A kind of data link privacy calculation method based on block chain |
CN110704850A (en) * | 2019-09-03 | 2020-01-17 | 华为技术有限公司 | Artificial intelligence AI model operation method and device |
CN110677418A (en) * | 2019-09-29 | 2020-01-10 | 四川虹微技术有限公司 | Trusted voiceprint authentication method and device, electronic equipment and storage medium |
Non-Patent Citations (1)
Title |
---|
TEE技术应用到智能设备生物识别场景的安全性分析;魏凡星 等;移动通信(第21期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN111949986A (en) | 2020-11-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111949972B (en) | Verification method, system, equipment and storage medium of artificial intelligent model | |
CN111949986B (en) | Service processing method, system and storage medium | |
CN111683071B (en) | Private data processing method, device, equipment and storage medium of block chain | |
US20230208834A1 (en) | Identity management system | |
CN110569658B (en) | User information processing method and device based on blockchain network, electronic equipment and storage medium | |
US20180218454A1 (en) | Managing participation in a monitored system using blockchain technology | |
US20240080205A1 (en) | System and method for off-chain cryptographic transaction verification | |
US20190384934A1 (en) | Method and system for protecting personal information infringement using division of authentication process and biometric authentication | |
US11121857B2 (en) | Systems, devices, and methods for in-field authenticating of autonomous robots | |
CN107169344B (en) | Method for blocking unauthorized application and apparatus using the same | |
US11409875B2 (en) | Trust in block-chain implementations using compute resource configuration and verification systems and methods | |
CN112631605A (en) | Code compiling method, device, equipment and storage medium of federal learning model | |
CN107077574A (en) | Trust service for client devices | |
KR102218572B1 (en) | Processing method for preventing replication attacks, and server and client | |
CN113261253B (en) | Method and system for controlling release of resources | |
US10579830B1 (en) | Just-in-time and secure activation of software | |
US11556630B2 (en) | Private password constraint validation | |
US20180218364A1 (en) | Managing distributed content using layered permissions | |
US11146961B2 (en) | Third party certificate management for native mobile apps and internet of things apps | |
CN108604280B (en) | Transaction method, transaction information processing method, transaction terminal and server | |
KR101769861B1 (en) | User biometric authentication method and system using HSM smart card without password exposure | |
US8904508B2 (en) | System and method for real time secure image based key generation using partial polygons assembled into a master composite image | |
US12039044B2 (en) | Data security in a metaverse environment | |
US20230403288A1 (en) | Securing data in a metaverse environment using simulated data interactions | |
KR20230080677A (en) | High-speed blockchain system and method for processing an information using the same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |