Search

CN-121814475-B - Security collaborative computing gateway for industrial sensitive data stream and privacy protection method

CN121814475BCN 121814475 BCN121814475 BCN 121814475BCN-121814475-B

Abstract

The invention provides a security collaborative computing gateway and a privacy protection method for industrial sensitive data streams, the method comprises the steps of carrying out protocol frame decomposition and point location semantic mapping on the industrial data streams through the gateway to generate minimized semantic data streams and binding privacy protection constraints, calculating semantic key access marks according to collaborative task requirements, solidifying processing logic into executable objects, carrying out security collaborative computing according to the executable objects, packaging result streams and constraint views into privacy protection result packages, and carrying out restricted use gating marks based on purposes, operation types and validity period computation when receiving use requests, and carrying out restricted unpacking or compliance degradation delivery. The invention realizes fine granularity authority control and dynamic privacy protection of the industrial sensitive data in the cooperative computing process, ensures that the data can be invisible or limited to be visible, effectively prevents sensitive information from being leaked, and improves the industrial data circulation safety.

Inventors

  • Cai Hujia
  • PANG HUAXIN
  • ZHENG TIANFENG
  • HUANG ZHIWEN

Assignees

  • 广州云天数据技术有限公司

Dates

Publication Date
20260512
Application Date
20260310

Claims (8)

  1. 1. The security collaborative computing and privacy protection method for the industrial sensitive data stream is characterized by comprising the following steps of: S1, a security collaborative computing gateway receives an industrial sensitive data stream, performs protocol deframes and point location semantic mapping on the industrial sensitive data stream, generates a minimized semantic data stream, generates privacy protection constraint containing allowable application range, allowable processing type range, valid period and condition triggering rule for each semantic key in the minimized semantic data stream, and generates the minimized semantic data stream comprising: Identifying a frame head, reading a length domain, extracting a function code or an object identifier by using a state machine frame analyzer and completing verification; Extracting the address, object path or register location as a structured field using a field interpreter; Mapping the structured field into semantic keys through a point location semantic mapping table, outputting discrete identifications to the enumerated fields, splitting the para-segment fields into discrete semantic keys according to the bitwise segments, and expanding the para-segment fields into semantic keys according to preset slicing rules; The minimized semantic data stream is not included in the fields which are not covered in the point location semantic mapping table, and default marks are marked in the minimized semantic data stream and are marked as unavailable for the missing or analysis failure fields; generating privacy preserving constraints includes: configuring a fixed sensitive semantic key set and a conditional triggering rule for each semantic key, wherein the conditional triggering rule only refers to semantic fields in the minimized semantic data stream; compiling the condition triggering rule into an expression tree consisting of comparison operation and logic operation, and if the condition triggering rule relates to numerical threshold comparison, carrying out normalized mapping on fields participating in comparison according to numerical scale definition in the point semantic mapping table; Generating a sensitive trigger mark for each semantic key at each sequence index, and setting the sensitive trigger mark as a sensitive trigger state value when the semantic key belongs to the fixed sensitive semantic key set or meets the condition trigger rule, or setting the sensitive trigger mark as a non-sensitive trigger state value; S2, the security collaborative computing gateway receives collaborative task demands, calculates an admission mark of each semantic key according to the collaborative task demands, the minimized semantic data stream and the privacy protection constraint, and solidifies a field selection set, an operation template and an output specification into an executable object; s3, the security collaborative computing gateway executes security collaborative computing on the minimized semantic data stream according to the executable object to generate a result stream, and packages the result stream, a constraint view and a control identifier corresponding to the privacy protection constraint into a privacy protection result packet; And S4, the security collaborative computing gateway receives a use request aiming at the privacy protection result packet, calculates a limited use gating mark according to a use identifier in the use request, an operation type and a valid period in the privacy protection result packet, executes limited decapsulation or compliance degradation delivery according to the limited use gating mark, and outputs a final delivery result.
  2. 2. The method for security collaborative computing and privacy protection for industry sensitive data flows according to claim 1, wherein computing admission indicia for each semantic key comprises: Judging whether the semantic key is quoted by the cooperative task requirement, if not, judging that the quote condition is not satisfied; Querying an availability flag of the semantic key in the minimized semantic data stream, and judging that the availability condition is not met if the availability flag is marked as unavailable; checking the allowed use, the allowed processing type and the sensitive trigger mark at the current sequence index of the semantic key in the privacy protection constraint, and if the allowed use, the allowed processing type and the sensitive trigger mark at the current sequence index are not satisfied, judging that the constraint condition is not satisfied; and when the reference condition, the available condition and the constraint condition are simultaneously met, setting the admission mark as an admission permission mark value, and otherwise setting the admission prohibition mark value.
  3. 3. The method for security collaborative computing and privacy protection for industrial sensitive data streams of claim 1, wherein the solidifying as an executable object comprises: Generating at least one candidate execution object, wherein each candidate execution object corresponds to a different output granularity or operation degradation path; For each candidate execution object, calculating a dimensionless cost, wherein the dimensionless cost is determined based on a weighted sum of a sensitive trigger mark and an output granularity deviation mark of the included semantic key set; Selecting the candidate execution object with the minimum dimensionless cost as the final executable object; when the sensitive trigger mark indicates a sensitive trigger state value, the output specification of the executable object contains a granularity degradation requirement, and the accurate value output is changed into interval output or event output.
  4. 4. The method for security collaborative computing and privacy protection for industrial sensitive data streams of claim 1, wherein the performing secure collaborative computing comprises: Establishing a runtime context organized by semantic keys and sequential indexes, adopting a window alignment mode for continuous semantic keys, and adopting a trigger alignment mode for event-type or state-type semantic keys; According to the operation template in the executable object, sliding window statistics, event counting, state change detection or intra-segment aggregation are carried out on the effective samples in the window; and in the calculation process, the granularity constraint is directly executed according to the output specification in the executable object, when the coarse granularity output is specified, the calculation result is accumulated according to interval statistics, event output or paragraph output modes, and the fine result is not generated and then cut.
  5. 5. The method for security collaborative computing and privacy protection for an industrial sensitive data stream according to claim 1, wherein the encapsulating into a privacy protection result packet comprises: extracting application, permission processing type, effective period and output granularity information which are in one-to-one correspondence with the current result field from the executable object to form a constraint view; generating a unique control identifier and writing the unique control identifier into the head of the result packet; after carrying out deterministic serialization on a field list, granularity enumeration and deadline enumeration, calculating a constraint abstract, and writing the constraint abstract and the control identifier into a packet head of the privacy protection result packet; And serializing the calculated result stream record according to the field, adding field level meta information to form an encapsulation load, and forming the privacy protection result packet together with the constraint view, the control identifier and the constraint abstract.
  6. 6. The method for security collaborative computing and privacy protection for industrial sensitive data streams of claim 1, wherein the computing the limited use gating indicia comprises: Analyzing the application identification and the operation type from the application request, and reading an allowable application set, an allowable processing type set and a valid period range from a constraint view of the privacy protection result packet; Judging whether the application identifier belongs to the allowed application set, judging whether the operation type belongs to the allowed processing type set, and judging whether the current sequence index falls within the valid period range; And when all three judging results are true, setting the restricted use gating mark as a delivery permission mark value, otherwise, setting the restricted use gating mark as a delivery prohibition mark value.
  7. 7. The method for security collaborative computing and privacy protection for industry sensitive data flows according to claim 6, wherein outputting the final delivery results comprises: When the limited use gating mark is a delivery permission mark value, performing limited decapsulation, performing field level selection and granularity matching on the encapsulation load in the privacy protection result packet according to output granularity enumeration in the constraint view, and outputting a final delivery result containing an interval proportion, an event count or an aggregation value; And when the limited use gating mark is a delivery prohibition mark value, performing compliance degradation delivery, outputting an expiration state if the current sequence index exceeds the valid period range, outputting an unavailable state if the use mark does not belong to the allowed use set, and outputting a summary field with coarser granularity if the operation type does not belong to the allowed processing type set.
  8. 8. An industrial sensitive data stream oriented secure collaborative computing gateway, the gateway comprising: The data acquisition and semanteme module is used for receiving an industrial sensitive data stream, carrying out protocol deframed and point location semantic mapping on the industrial sensitive data stream, generating a minimized semantic data stream, and generating privacy protection constraint for each semantic key in the minimized semantic data stream, wherein the generating the minimized semantic data stream comprises: Identifying a frame head, reading a length domain, extracting a function code or an object identifier by using a state machine frame analyzer and completing verification; Extracting the address, object path or register location as a structured field using a field interpreter; Mapping the structured field into semantic keys through a point location semantic mapping table, outputting discrete identifications to the enumerated fields, splitting the para-segment fields into discrete semantic keys according to the bitwise segments, and expanding the para-segment fields into semantic keys according to preset slicing rules; The minimized semantic data stream is not included in the fields which are not covered in the point location semantic mapping table, and default marks are marked in the minimized semantic data stream and are marked as unavailable for the missing or analysis failure fields; generating privacy preserving constraints includes: configuring a fixed sensitive semantic key set and a conditional triggering rule for each semantic key, wherein the conditional triggering rule only refers to semantic fields in the minimized semantic data stream; compiling the condition triggering rule into an expression tree consisting of comparison operation and logic operation, and if the condition triggering rule relates to numerical threshold comparison, carrying out normalized mapping on fields participating in comparison according to numerical scale definition in the point semantic mapping table; Generating a sensitive trigger mark for each semantic key at each sequence index, and setting the sensitive trigger mark as a sensitive trigger state value when the semantic key belongs to the fixed sensitive semantic key set or meets the condition trigger rule, or setting the sensitive trigger mark as a non-sensitive trigger state value; The task binding and object solidifying module is used for receiving the cooperative task demand, calculating the admission mark of each semantic key according to the cooperative task demand, the minimized semantic data stream and the privacy protection constraint, and solidifying the field selection set, the operation template and the output specification into an executable object; The collaborative computing and result packaging module is used for executing safe collaborative computing on the minimized semantic data stream according to the executable object to generate a result stream, and packaging the result stream, the constraint view and the control identifier into a privacy protection result packet; And the limited delivery control module is used for receiving the use request aiming at the privacy protection result package, calculating a limited use gating mark according to the use request and constraint information in the privacy protection result package, executing limited unpacking or compliance degradation delivery according to the limited use gating mark, and outputting a final delivery result.

Description

Security collaborative computing gateway for industrial sensitive data stream and privacy protection method Technical Field The invention belongs to the field of industrial Internet, and particularly relates to a security collaborative computing gateway and a privacy protection method for industrial sensitive data streams. Background With the deep cooperation of the industrial Internet and the cross-enterprise data, a large amount of data of a production site is generated and converged at the edge side in a continuous data stream form and is used for equipment state monitoring, quality tracing, energy consumption optimization, supply chain cooperation, compliance reconciliation and other services. The industrial data is usually from PLC, SCADA, DCS and other control systems and is borne on Modbus, OPCUA and various private protocols, the data structure is strongly dependent on point location mapping, equipment examples and process states, and the industrial data has the characteristics of multiple protocols, strong field semantics, tight time sequence association, high updating frequency and the like. More importantly, the industrial sensitivity is not always 'cut at one time' to the whole stream, but is reflected in field level, segment level and condition triggering type sensitivity, namely, the information such as recipe parameters, calibration coefficients, key process segment indexes, production line identification and the like has commercial confidential attributes under specific working conditions or events. In the prior art, network layer encryption, static access control, boundary isolation or simple desensitization are mostly adopted when industrial data is protected, safety calculation is introduced into partial scenes to reduce the risk of plaintext leakage, but systematic contradiction on engineering is still exposed in the cooperative calculation scenes of industrial sensitive data streams, on one hand, the fine perception of industrial protocol and point semantics is lacked, the protection requirement is difficult to fall to granularity of 'semantic key-working condition-time segment', the real-time property and usability are excessively influenced, or the risk that reconstruction or deduction occurs is caused due to insufficient protection, on the other hand, the cooperative calculation output is always continuous result flow, the scheme focuses more on leakage control of calculation stages, but lacks executable constraints on the purpose, operation type, effective period and output granularity after the result is sent out, and the result is easily multiplexed by cross-purpose, continuously processed or spliced with external data once the output is sent out, and key process semantics are reversely exposed, furthermore, the point stability and maintainability are emphasized, the point position change and strategy adjustment are frequent, the white list is difficult to be manually maintained or the manual security is difficult to work to be consistently carried out for forming a usable boundary and a functional list. Disclosure of Invention The invention aims to design the security collaborative computing gateway and the privacy protection method for the industrial sensitive data stream, which can enable collaborative parties to continuously obtain available results on the premise of not exposing key process semantics, and simultaneously obviously reduce the secondary abuse and inference risk of the results. To achieve the above object, in a first aspect of the present invention, there is provided a method for security collaborative computing and privacy protection for an industrial sensitive data stream, the method comprising: s1, a security collaborative computing gateway receives an industrial sensitive data stream, carries out protocol deframes and point location semantic mapping on the industrial sensitive data stream, generates a minimized semantic data stream, and generates privacy protection constraint comprising an allowable use range, an allowable processing type range, an effective period and a condition triggering rule for each semantic key in the minimized semantic data stream; S2, the security collaborative computing gateway receives collaborative task demands, calculates an admission mark of each semantic key according to the collaborative task demands, the minimized semantic data stream and the privacy protection constraint, and solidifies a field selection set, an operation template and an output specification into an executable object; s3, the security collaborative computing gateway executes security collaborative computing on the minimized semantic data stream according to the executable object to generate a result stream, and packages the result stream, a constraint view and a control identifier corresponding to the privacy protection constraint into a privacy protection result packet; And S4, the security collaborative computing gateway receives a use request aiming at th