Nothing Special   »   [go: up one dir, main page]

WO2020233038A1 - Blacklist cloud sharing verification method based on homomorphic encryption, and related apparatus - Google Patents

Blacklist cloud sharing verification method based on homomorphic encryption, and related apparatus Download PDF

Info

Publication number
WO2020233038A1
WO2020233038A1 PCT/CN2019/120154 CN2019120154W WO2020233038A1 WO 2020233038 A1 WO2020233038 A1 WO 2020233038A1 CN 2019120154 W CN2019120154 W CN 2019120154W WO 2020233038 A1 WO2020233038 A1 WO 2020233038A1
Authority
WO
WIPO (PCT)
Prior art keywords
blacklist
verification
server
encrypted
risk
Prior art date
Application number
PCT/CN2019/120154
Other languages
French (fr)
Chinese (zh)
Inventor
郭鸿程
Original Assignee
深圳壹账通智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳壹账通智能科技有限公司 filed Critical 深圳壹账通智能科技有限公司
Publication of WO2020233038A1 publication Critical patent/WO2020233038A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption

Definitions

  • This application relates to the field of computer technology, in particular to a method and related devices for blacklist cloud sharing verification based on homomorphic encryption.
  • each enterprise maintains its own blacklist database to resist some malicious attacks. Although there may be some duplicate blacklists in the blacklist database between each company, because each company involves different fields, there are many different blacklists in the blacklist database between each company. With the development of the times, when companies are interviewing job applicants, they generally determine whether to recruit the job applicant based on the content of the job applicant’s resume and simple communication during the interview. However, this approach cannot take into account the conduct of the job applicant.
  • the embodiment of the application discloses a method and related device for verification of blacklist cloud sharing based on homomorphic encryption, implements the embodiment of the application, and implements the embodiment of the application to ensure the security and privacy of information under blacklist sharing.
  • the first aspect of the embodiments of the present application provides a blacklist cloud sharing verification method based on homomorphic encryption, including:
  • the second aspect of the embodiments of the present application provides a blacklist cloud sharing verification device based on homomorphic encryption, including:
  • the first receiving module is configured to receive a blacklist verification request sent by the first server, wherein the blacklist verification request carries a blacklist verification identifier and encrypted user information of the job applicant;
  • a search module which is used to search for the first encrypted blacklist matching the blacklist verification identifier from the blacklist library
  • An obtaining module configured to obtain a public key stored in association with the first encryption blacklist
  • An encryption module configured to perform homomorphic encryption on the encrypted user information and the first encryption blacklist by using the public key to obtain a homomorphic encryption result
  • the first sending module is configured to send a blacklist matching request to a second server, wherein the blacklist matching request carries the homomorphic encryption result, and the blacklist matching request is used to instruct the second server to use a private key Performing homomorphic decryption on the homomorphic encryption result to obtain a blacklist verification result;
  • a second receiving module configured to receive a blacklist matching response sent by the second server, wherein the blacklist matching response carries the blacklist verification result;
  • the second sending module is configured to send a blacklist verification response to the first server, wherein the blacklist verification response carries the blacklist verification result, and the blacklist verification response is used to instruct the first server to Perform risk assessment on the blacklist verification result to obtain a risk assessment value to determine whether to hire the job applicant based on the risk assessment value.
  • the third aspect of the embodiments of the present application provides an information processing electronic device, including a processor, a memory, a communication interface, and one or more programs, wherein the one or more programs are stored in the memory, and Instructions configured to be executed by the processor to execute steps in any one of an information processing method.
  • the fourth aspect of the embodiments of the present application provides a computer non-volatile readable storage medium, the computer non-volatile readable storage medium is used to store a computer program, and the stored computer program is executed by the processor, To implement the method described in any one of the information processing methods.
  • homomorphic decryption is used to obtain a blacklist verification result when the second server does not know user information, thereby realizing the separation of data processing rights and data ownership, and ensuring the security of all information Sex and privacy.
  • it has realized the rational use of blacklist resources, prevented companies from hiring job seekers with bad credit and fraud, and safeguarded corporate interests in all aspects. It also realizes the security and privacy of information under the blacklist sharing, and realizes the rational use of blacklist resources, prevents companies from hiring job applicants with bad credit and fraudulent behaviors, and safeguards corporate interests in all aspects.
  • FIG. 1 is a schematic flowchart of a method for blacklist cloud sharing verification based on homomorphic encryption according to an embodiment of the application;
  • FIG. 2 is a schematic flow diagram of another method for blacklist cloud sharing verification based on homomorphic encryption provided by an embodiment of the application;
  • FIG. 3 is a schematic diagram of a blacklist cloud sharing verification device based on homomorphic encryption provided by an embodiment of the application.
  • Fig. 1 is a schematic flowchart of a method for verifying a blacklist cloud sharing based on homomorphic encryption according to an embodiment of the application.
  • a method for blacklist cloud sharing verification based on homomorphic encryption provided by an embodiment of the present application may include:
  • the cloud verification center receives a blacklist verification request sent by the first server.
  • the blacklist verification request carries the blacklist verification identifier and the encrypted user information of the job applicant.
  • the cloud verification center may include a server, for example.
  • the cloud verification center searches the blacklist database for the first encrypted blacklist that matches the blacklist verification identifier.
  • the cloud verification center obtains the public key stored in association with the first encryption blacklist.
  • the cloud verification center uses the public key to perform homomorphic encryption on the encrypted user information and the first encryption blacklist to obtain a homomorphic encryption result.
  • the homomorphic encryption may be any one of addition homomorphism, multiplication homomorphism, mixed multiplication homomorphism, subtraction homomorphism, division homomorphism, algebraic homomorphism, and arithmetic homomorphism, for example.
  • homomorphic encryption is a cryptographic technique based on the computational complexity theory of mathematical problems.
  • the homomorphic encrypted data is processed to obtain an output, and the output is decrypted.
  • the result is the same as the output period information obtained by processing the unencrypted original data in the same method.
  • the cloud verification center sends a blacklist matching request to the second server.
  • the blacklist matching request carries the homomorphic encryption result
  • the blacklist matching request is used to instruct the second server to use a private key to homomorphically decrypt the homomorphic encryption result to obtain a blacklist verification result.
  • the cloud verification center receives a blacklist matching response sent by the second server.
  • the blacklist matching response carries the blacklist verification result.
  • the cloud verification center sends a blacklist verification response to the first server.
  • the blacklist verification response carries the blacklist verification result
  • the blacklist verification response is used to instruct the first server to perform a risk assessment on the blacklist verification result to obtain a risk assessment value based on the The risk assessment value determines whether to hire the job applicant.
  • FIG. 2 is a schematic flowchart of another method for blacklist cloud sharing verification based on homomorphic encryption provided by an embodiment of the application.
  • a method for blacklist cloud sharing verification based on homomorphic encryption provided by an embodiment of the present application may include:
  • the cloud verification center receives a public key request sent by the first server.
  • the public key request carries a public key identifier
  • the public key identifier is generated by the first server based on the blacklist verification identifier.
  • the cloud verification center searches for the public key matching the public key identifier from the blacklist database.
  • the cloud verification center sends a public key response to the first server.
  • the public key response carries the public key
  • the public key response is used to instruct the first server to use the public key to encrypt user information to be encrypted to obtain the encrypted user information.
  • the user information to be encrypted may include, for example, name, gender, age, ID number, contact information, graduate school, etc.
  • the cloud verification center receives the blacklist verification request sent by the first server.
  • the blacklist verification request carries the blacklist verification identifier and the encrypted user information of the job applicant.
  • the cloud verification center may include a server, for example.
  • the cloud verification center searches the blacklist database for the first encrypted blacklist that matches the blacklist verification identifier.
  • the method before the searching from the blacklist database for the first encrypted blacklist matching the blacklist verification identifier, the method further includes: Receive a request to join a cloud verification center sent by the second server, where the request to join a cloud verification center carries the identity authentication information and identity authentication public key of the second server; and determine the Internet Protocol address in the identity authentication information Comply with the preset legal Internet protocol address; use the identity authentication public key to perform identity authentication on the signature information in the identity authentication information; when the identity authentication is passed, send a blacklist request to the second server, where the The blacklist request is used to instruct the second server to use the public key to encrypt the first blacklist to be encrypted to obtain the first encrypted blacklist; receive the blacklist response sent by the second server, where: The blacklist response carries the first encryption blacklist and the public key; the public key and the first encryption blacklist are associated and stored in the blacklist library.
  • IP address refers to Internet Protocol Address (Internet Protocol Address, also translated as Internet Protocol Address), which is the abbreviation of IP Address.
  • IP address is a unified address format provided by the IP protocol. It assigns a logical address to each network and each host on the Internet to shield differences in physical addresses.
  • the signature information is obtained by the second server using the identity authentication private key to encrypt the enterprise information.
  • the enterprise information may include, for example, enterprise name, organization code, contact information, business address, business scope, etc.
  • the cloud verification center receives the request to join the cloud verification center that carries the identity authentication information and the identity verification public key of the second server sent by the second server.
  • the second server can send the encrypted blacklist to the cloud verification center, thus ensuring a reasonable joining principle;
  • the blacklist response sent by the second server where the blacklist response carries the first encrypted blacklist and the public key to obtain the public key, which can allow the first server to encrypt user information to be encrypted, or use the public key to implement homomorphic encryption;
  • the public key and the first encrypted blacklist are stored in the blacklist database in association with each other, so that the cloud verification center can obtain the public key.
  • the blacklist response further carries an encrypted blacklist identifier and J pieces of blacklist term data in the first blacklist to be encrypted , J is a positive integer, the encrypted blacklist identifier is used to indicate that the J pieces of blacklist deadline data belong to the first encrypted blacklist, and each of the J pieces of blacklist deadline data is used for Indicates the time limit for the personal bad information to be recorded in the first blacklist to be encrypted.
  • the method further includes: Obtain the time when the public key and the first encrypted blacklist are stored in the blacklist library in association with each other at a preset time interval to obtain N storage periods, where N is a positive integer; and the N storage periods are Input the preset encryption blacklist storage period function in the order of time to obtain N output period data; in the order of time, the N output period data are sequentially connected to each of the J pieces of blacklist period data.
  • the deadline data is compared, and it is determined that there is first output deadline data larger than H pieces of blacklist deadline data in the N pieces of output deadline data, where the H pieces of blacklist deadline data belong to the J pieces of blacklist deadline data, 0 ⁇ H ⁇ J and H is an integer; call the blacklist overdue identifier generation algorithm for the H pieces of blacklist expiration data to generate H blacklist overdue identifiers, wherein each of the H blacklist overdue identifiers is overdue The identifier is used to indicate that the personal bad information has expired; sending a blacklist update request to the second server, wherein the blacklist update request carries the H blacklist expiration identifiers, and the blacklist update request is used for Instruct the second server to delete H pieces of personal bad information matching the H blacklist expiration identifiers in the first blacklist to be encrypted, to obtain a second blacklist to be encrypted, and use the public key to pair the The second blacklist to be encrypted is encrypted to obtain a second encrypted blacklist; the blacklist update
  • J can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
  • N may be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
  • H can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
  • the blacklist deadline data can be as shown in the following table:
  • the left ellipsis in the above table indicates the blacklist period (days), and the right ellipsis indicates the specific number of days.
  • the preset time may include, for example, half an hour, one day, three days, one week, two weeks, one month, three months, six months, one year and other times.
  • the preset time can be set by the administrator in advance. Or the preset time can also be recorded in the configuration file, and the preset time can be determined by querying the configuration file.
  • personal bad information may include, for example, name, gender, age, ID number, contact information, reason for dishonesty, time of dishonesty, incident of dishonesty, location of dishonesty, etc.
  • the public key and the time when the first encrypted blacklist is associated and stored in the blacklist library are obtained every preset time interval to obtain N storage time periods, and the storage time period is obtained through each preset time interval, A dynamic monitoring blacklist library will be implemented; N storage periods are input into the preset encryption blacklist storage period function in the order of time, and N output period data are obtained, and the N storage periods are input into the preset encryption in the order of time
  • the blacklist storage period function realizes the orderly acquisition of output period data, which speeds up the processing speed of the cloud verification center; the N output period data are sequentially processed with each blacklist period data in the J blacklist period data in chronological order
  • it is determined that there are first output deadline data larger than H pieces of blacklist deadline data in the N output deadline data and by sequentially comparing the N output deadline data with each blacklist deadline data in the J blacklist deadline data, quickly Obtain the first output deadline data that is greater than H blacklist deadline data among the N output deadline data, so as to determine that H black
  • the cloud verification center obtains the public key stored in association with the first encryption blacklist.
  • the cloud verification center uses the public key to perform homomorphic encryption on the encrypted user information and the first encryption blacklist to obtain a homomorphic encryption result.
  • the homomorphic encryption may be any one of addition homomorphism, multiplication homomorphism, mixed multiplication homomorphism, subtraction homomorphism, division homomorphism, algebraic homomorphism, and arithmetic homomorphism, for example.
  • homomorphic encryption is a cryptographic technique based on the computational complexity theory of mathematical problems.
  • the homomorphic encrypted data is processed to obtain an output, and the output is decrypted.
  • the result is the same as the output period information obtained by processing the unencrypted original data in the same method.
  • the cloud verification center sends a blacklist matching request to the second server.
  • the blacklist matching request carries the homomorphic encryption result
  • the blacklist matching request is used to instruct the second server to use a private key to homomorphically decrypt the homomorphic encryption result to obtain a blacklist verification result.
  • the cloud verification center receives a blacklist matching response sent by the second server.
  • the blacklist matching response carries the blacklist verification result.
  • the cloud verification center sends a blacklist verification response to the first server.
  • the blacklist verification response carries the blacklist verification result
  • the blacklist verification response is used to instruct the first server to perform a risk assessment on the blacklist verification result to obtain a risk assessment value based on the The risk assessment value determines whether to hire the job applicant.
  • the method further includes: receiving the blacklist verification request sent by the first server, wherein the blacklist verification request carries M blacklist verification identifiers and M encrypted user information of M job applicants; search for M encrypted blacklists matching the M blacklist verification identifiers from the blacklist database, where the M blacklists The list verification identifiers correspond to the M encrypted blacklists one-to-one; obtain the M public keys stored in association with the M encrypted blacklists; use the M public keys to pair the M encrypted user information and the Perform homomorphic encryption on M encryption blacklists to obtain M homomorphic encryption results, where the i-th homomorphic encryption result in the M homomorphic encryption results is determined by the i-th public key in the M public keys The key encrypts the i-th encrypted user information and the i-th encrypted blacklist, the i-th encrypted user information belongs to the M encrypted user information, and the i-th encrypted blacklist belongs to the M Encrypted black
  • M can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
  • i can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
  • K can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
  • L can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
  • N may be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
  • the method further include:
  • S5 Determine L risk levels corresponding to the L pieces of blacklist term data, where the blacklist term data is proportional to the risk level;
  • n can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
  • the determination of L pieces of blacklist term data corresponding to L Risk level including:
  • blacklist deadline data is greater than the preset blacklist deadline data, determining a risk level evaluation function corresponding to the blacklist deadline data from a risk level evaluation function library;
  • the L pieces of risk level evaluation data are calculated according to the preset risk level evaluation weights to obtain L risk levels.
  • the x in the above table represents the blacklist period with the largest blacklist period, a represents the preset blacklist period data, and y represents the risk level evaluation data.
  • different risk level evaluation data corresponding to different preset risk level evaluation weights can be as shown in the following table:
  • Risk assessment data Preset risk level assessment weight 1.5 1.5/3+0.28 3.2 3.2/3+0.28 ... ...
  • the method further includes:
  • blacklist term data is not greater than the preset blacklist term data, input the L pieces of blacklist term data into a risk prediction model to obtain a risk prediction value;
  • the warning message carries the risk prediction value and the first set of blacklist verification results, and the warning message is used to instruct the first server to predict based on the risk
  • the value marks the job seeker corresponding to the first set of blacklist verification results as untrusted job seekers.
  • the public key request also carries
  • the method further includes:
  • a risk prediction score message carrying the risk prediction score and the second set of blacklist verification results is sent to the first server, wherein the risk prediction score message is used to instruct the first server to predict the risk based on the risk
  • the job applicants corresponding to the second group of blacklist verification results are evaluated by scoring, and it is determined whether to admit the job applicants corresponding to the second group of blacklist verification results.
  • a blacklist cloud sharing verification device 300 based on homomorphic encryption may include:
  • the first receiving module 301 is configured to receive a blacklist verification request sent by the first server.
  • the blacklist verification request carries the blacklist verification identifier and the encrypted user information of the job applicant.
  • the cloud verification center may include a server, for example.
  • the first receiving module 301 is further configured to receive a public key request sent by the first server, where the public key request carries a public key identifier, and the public key identifier is determined by the first server based on the The blacklist verification identifier is generated; the search module 302 is also used to search for the public key matching the public key identifier from the blacklist library; the first receiving module 301 is also used to send The first server sends a public key response, where the public key response carries the public key, and the public key response is used to instruct the first server to use the public key to encrypt user information to be encrypted to obtain the encryption User Info.
  • the device further includes a processing module 308, and the first receiving module 301 is further configured to receive a request to join a cloud verification center sent by the second server, wherein the request to join a cloud verification center carries the The identity authentication information and identity authentication public key of the second server; the processing module 308 is used to determine that the Internet protocol address in the identity authentication information meets the preset legal Internet protocol address; the processing module 308 is also used to use The identity authentication public key performs identity authentication on the signature information in the identity authentication information; the first sending module 305 is further configured to send a blacklist request to the second server when the identity authentication is passed, where: The blacklist request is used to instruct the second server to use the public key to encrypt the first blacklist to be encrypted to obtain the first encrypted blacklist; the first receiving module 301 is also used to receive The blacklist response sent by the second server, where the blacklist response carries the first encrypted blacklist and the public key; the processing module 308 is further configured to combine the public key and the first The encrypted blacklist is associated and stored in the black
  • the blacklist response further carries an encrypted blacklist identifier and J pieces of blacklist expiration data in the first blacklist to be encrypted, where J is a positive integer, and the encrypted blacklist identifier is used to indicate that J Pieces of blacklist expiration data belong to the first encrypted blacklist, and each piece of blacklist expiration data in the J pieces of blacklist expiration data is used to indicate the time period during which personal bad information is recorded on the first blacklist to be encrypted,
  • the processing module 308 is further configured to obtain the time when the public key and the first encrypted blacklist are stored in the blacklist library in association with each other for a preset period of time, to obtain N storage periods, where N is a positive integer
  • the processing module 308 is also used to input the N storage periods in the order of time into the preset encryption blacklist storage period function to obtain N output period data; the processing module 308 is also used to The N pieces of output deadline data are compared with each piece of blacklist deadline data in the J pieces of blacklist deadline data in chronological order, and it is determined that there
  • the first output deadline data wherein, the H pieces of blacklist deadline data belong to the J pieces of blacklist deadline data, 0 ⁇ H ⁇ J and H is an integer; the processing module 308 is also used to compare the H pieces
  • the blacklist expiration date data calls the blacklist overdue indicator generation algorithm to generate H blacklist overdue indicators, where each of the H blacklist overdue indicators is used to indicate that the personal bad information has expired;
  • first The sending module 305 is further configured to send a blacklist update request to the second server, where the blacklist update request carries the H blacklist expiration identifiers, and the blacklist update request is used to indicate the second
  • the server deletes H pieces of personal bad information matching the H blacklist expiration identifiers from the first blacklist to be encrypted to obtain a second blacklist to be encrypted, and uses the public key to blacklist the second to be encrypted
  • the list is encrypted to obtain a second encrypted blacklist;
  • the first receiving module 301 is further configured to receive a blacklist update response sent by the second server,
  • the first receiving module is further configured to receive the blacklist verification request sent by the first server, wherein the blacklist verification request carries M blacklist verification identifiers and M job applicants’ information M encrypted user information;
  • the search module 302 is also used to search for M encrypted blacklists matching the M blacklist verification identifiers from the blacklist library, wherein the M blacklist verification identifiers One-to-one correspondence with the M encrypted blacklists;
  • the obtaining module 303 is also used to obtain M public keys stored in association with the M encrypted blacklists;
  • the encryption module 304 is also used to use the M public keys perform homomorphic encryption on the M encrypted user information and the M encrypted blacklists to obtain M homomorphic encryption results, where the i-th homomorphic of the M homomorphic encryption results
  • the encryption result is obtained by encrypting the i-th encrypted user information and the i-th encrypted blacklist by the i-th public key among the M public keys, and the i-th encrypted user information belongs to the M encrypted users Information,
  • the i group of blacklist verification results the i-th second server belongs to the M second servers, the i-th group of blacklist verification results include K blacklist verification results, and K is a positive integer;
  • a receiving module 301 is further configured to receive M blacklist matching responses sent by the M second servers, where the M second servers correspond to the M blacklist matching responses one-to-one, and the M A blacklist matching response carries the M groups of blacklist verification results;
  • the processing module 308 is also used to call the file generation interface to generate a blacklist verification report containing the N groups of blacklist verification results;
  • the first sending module 305 is also used to send to the first server
  • processing module 308 is also used for the processing module 308 .
  • S5 Determine L risk levels corresponding to the L pieces of blacklist term data, where the blacklist term data is proportional to the risk level;
  • the processing module 308 is further configured to filter out the blacklist deadline data with the largest blacklist deadline from the L pieces of blacklist deadline data; and compare the blacklist deadline data with the preset blacklist deadline data Comparison to determine whether the blacklist expiration data is greater than the preset blacklist expiration data; if the blacklist expiration data is greater than the preset blacklist expiration data, it is determined from the risk level evaluation function library to The risk level evaluation function corresponding to the blacklist term data; the L pieces of blacklist term data are respectively input into the risk level evaluation function to obtain L pieces of risk level evaluation data; the risk is extracted from the L pieces of risk level evaluation data The risk grade assessment data with the largest grade assessment data; determine the preset risk grade assessment weight corresponding to the risk grade assessment data; calculate the L pieces of risk grade assessment data according to the preset risk grade assessment weight to obtain L risk grades.
  • the processing module 308 is further configured to, if the blacklist period data is not greater than the preset blacklist period data, input the L pieces of blacklist period data into the risk prediction model to obtain a risk prediction
  • the processing module 308 is also used to compare the risk prediction value with a preset risk prediction value to determine whether the risk prediction value exceeds the preset risk prediction value; the processing module 308 also If the risk prediction value exceeds the preset risk prediction value, determine the first set of blacklist verification results among the N sets of blacklist verification results corresponding to the risk prediction value; the first sending The module 305 is further configured to send a warning message to the first server, where the warning message carries the risk prediction value and the first set of blacklist verification results, and the warning message is used to indicate the first set of blacklist verification results.
  • the server marks the job seeker corresponding to the first set of blacklist verification results as untrusted job seekers based on the risk prediction value.
  • the public key request also carries member information of the first server
  • the processing module 308 is further configured to determine the member if the risk prediction value does not exceed the preset risk prediction value The member level in the information; the processing module 308 is also used to compare the member level with a preset member level to determine that the member level is higher than the preset member level; the processing module 308 is also used to The risk prediction value is input into a risk prediction scoring model to obtain a risk prediction score; the processing module 308 is also used to determine the second set of blacklists in the N sets of blacklist verification results corresponding to the risk prediction score Verification result; the first sending module 305 is further configured to send a risk prediction score message carrying the risk prediction score and the second set of blacklist verification results to the first server, wherein the risk prediction score The message is used to instruct the first server to evaluate the job seeker corresponding to the second set of blacklist verification results based on the risk prediction score, and determine whether to admit the job seeker corresponding to the second set of blacklist verification results .
  • the searching module 302 is configured to search for the first encrypted blacklist matching the blacklist verification identifier from the blacklist database.
  • the obtaining module 303 is configured to obtain the public key stored in association with the first encryption blacklist.
  • the encryption module 304 is configured to use the public key to perform homomorphic encryption on the encrypted user information and the first encryption blacklist to obtain a homomorphic encryption result.
  • the homomorphic encryption may be any one of addition homomorphism, multiplication homomorphism, mixed multiplication homomorphism, subtraction homomorphism, division homomorphism, algebraic homomorphism, and arithmetic homomorphism, for example.
  • homomorphic encryption is a cryptographic technique based on the computational complexity theory of mathematical problems.
  • the homomorphic encrypted data is processed to obtain an output, and the output is decrypted.
  • the result is the same as the output period information obtained by processing the unencrypted original data in the same method.
  • the first sending module 305 is configured to send a blacklist matching request to the second server.
  • the blacklist matching request carries the homomorphic encryption result
  • the blacklist matching request is used to instruct the second server to use a private key to homomorphically decrypt the homomorphic encryption result to obtain a blacklist verification result.
  • the second receiving module 306 is configured to receive a blacklist matching response sent by the second server.
  • the blacklist matching response carries the blacklist verification result.
  • the second sending module 307 is configured to send a blacklist verification response to the first server.
  • the blacklist verification response carries the blacklist verification result
  • the blacklist verification response is used to instruct the first server to perform a risk assessment on the blacklist verification result to obtain a risk assessment value based on the The risk assessment value determines whether to hire the job applicant.
  • the embodiment of the present application also provides an electronic device for information processing, including a processor, a memory, a communication interface, and one or more programs, wherein the one or more programs are stored in the memory and configured
  • the instructions are executed by the processor to execute the steps in any one of the information processing methods.
  • the embodiment of the present application also provides a computer non-volatile readable storage medium, the computer non-volatile readable storage medium is used to store a computer program, and the stored computer program is executed by the processor to realize A method according to any one of the information processing methods.
  • the disclosed device may be implemented in other ways.
  • the device embodiments described above are only illustrative.
  • the division of the modules is only a logical function division, and there may be other divisions in actual implementation, for example, multiple modules or components may be combined or may be Integrate into another system, or some features can be ignored or not implemented.
  • the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or modules, and may be in electrical or other forms.
  • modules described as separate components may or may not be physically separated, and the components displayed as modules may or may not be physical modules, that is, they may be located in one place, or they may be distributed to multiple network modules. Some or all of the modules may be selected according to actual needs to achieve the objectives of the solutions of the embodiments.
  • each functional module in each embodiment of the present application may be integrated into one processing module, or each module may exist alone physically, or two or more modules may be integrated into one module.
  • the above-mentioned integrated modules can be implemented in the form of hardware or software functional modules.
  • the integrated module is implemented in the form of a software function module and sold or used as an independent product, it can be stored in a computer readable storage medium.
  • the technical solution of the present application essentially or the part that contributes to the prior art or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage
  • the medium includes several instructions to enable a computer device (which may be a personal computer, a merchant node, or a network device, etc.) to perform all or part of the steps of the methods described in the various embodiments of the present application.
  • the aforementioned storage media include: U disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disk or optical disk and other media that can store program code .

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present application relates to cloud storage. Disclosed is a blacklist cloud sharing verification method based on homomorphic encryption. The method comprises: receiving a blacklist verification request sent by a first server and carrying a blacklist verification identifier and encrypted user information of a job seeker; searching a blacklist library for a first encrypted blacklist matching the blacklist verification identifier; acquiring a public key; performing, by means of the public key, homomorphic encryption on the encrypted user information and the first encrypted blacklist to obtain a homomorphic encryption result; sending, to a second server, a blacklist matching request carrying the homomorphic encryption result, wherein the blacklist matching request is used for indicating that the second server performs, by means of a private key, homomorphic decryption on the homomorphic encryption result to obtain a blacklist verification result; receiving a blacklist matching response sent by the second server and carrying the blacklist verification result; and sending, to the first server, a blacklist verification response carrying the blacklist verification result. By means of implementing the embodiments of the present application, the security and privacy of information are guaranteed during blacklist sharing.

Description

基于同态加密的黑名单云共享验证的方法和相关装置Homomorphic encryption-based blacklist cloud sharing verification method and related device
本申请要求于2019年05月21日提交中国专利局、申请号为2019104219862、申请名称为“基于同态加密的黑名单云共享验证的方法和相关装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the Chinese Patent Office on May 21, 2019, the application number is 2019104219862, and the application name is "The method and related device for homomorphic encryption-based blacklist cloud sharing verification", all of which The content is incorporated in this application by reference.
技术领域Technical field
本申请涉及计算机技术领域,尤其涉及基于同态加密的黑名单云共享验证的方法和相关装置。This application relates to the field of computer technology, in particular to a method and related devices for blacklist cloud sharing verification based on homomorphic encryption.
背景技术Background technique
目前,每个企业都会维护各自的黑名单库,来抵抗一些恶意攻击。虽然每个企业之间的黑名单库中可能存在一些重复的黑名单,但是因为每个企业涉及的领域不同,所以每个企业之间的黑名单库又有很多不同的黑名单。随着时代的发展,在企业面试求职者时,一般根据求职者的简历内容以及面试过程的简单交流来确定是否招聘该求职者。然而,这种方式不能考量求职者的品行。因此,为实现资源的合理运用,现在很多企业会将黑名单放置在第三方平台,从而可以将需要验证的用户信息与第三方平台中所有的黑名单进行匹配,以确定与用户信息对应的求职者是否有不良征信行为、欺诈行为等,从而帮助企业是否录用该求职者。Currently, each enterprise maintains its own blacklist database to resist some malicious attacks. Although there may be some duplicate blacklists in the blacklist database between each company, because each company involves different fields, there are many different blacklists in the blacklist database between each company. With the development of the times, when companies are interviewing job applicants, they generally determine whether to recruit the job applicant based on the content of the job applicant’s resume and simple communication during the interview. However, this approach cannot take into account the conduct of the job applicant. Therefore, in order to achieve reasonable use of resources, many companies now place blacklists on third-party platforms, so that user information that needs to be verified can be matched with all blacklists in the third-party platform to determine the job search corresponding to the user information Whether the applicant has bad credit reporting, fraud, etc., so as to help the company whether to hire the job applicant.
然而,在这种共享方式中,无论是黑名单验证过程,还是黑名单上传至第三方平台过程,由于均未采用加密手段,从而存在信息被截取的问题,不仅导致用户信息丢失,还导致黑名单信息泄露。另外,由于第三方平台拥有企业上传的所有黑名单信息,导致所有黑名单信息全都暴露给了第三方平台,对各个企业用户来说体验不好。同样的,求职者的用户信息也暴露给了第三方平台。因此,这种方式信息的安全性和私密性都不足。However, in this sharing method, no matter it is the blacklist verification process or the process of uploading the blacklist to a third-party platform, since neither encryption is used, there is a problem of information being intercepted, which not only leads to the loss of user information, but also leads to blacklisting. List information leaked. In addition, since the third-party platform owns all the blacklist information uploaded by the company, all the blacklist information is exposed to the third-party platform, which is a bad experience for all enterprise users. Similarly, the user information of job applicants is also exposed to third-party platforms. Therefore, the security and privacy of information in this way are insufficient.
发明内容Summary of the invention
本申请实施例公开了基于同态加密的黑名单云共享验证的方法和相关装置,实施本申请实施例,实施本申请实施例,实现在黑名单共享下确保信息的安全性和私密性。The embodiment of the application discloses a method and related device for verification of blacklist cloud sharing based on homomorphic encryption, implements the embodiment of the application, and implements the embodiment of the application to ensure the security and privacy of information under blacklist sharing.
本申请实施例第一方面提供了基于同态加密的黑名单云共享验证的方法,包括:The first aspect of the embodiments of the present application provides a blacklist cloud sharing verification method based on homomorphic encryption, including:
接收第一服务器发送的黑名单验证请求,其中,所述黑名单验证请求携带黑名单验证标识和求职者的加密用户信息;Receiving a blacklist verification request sent by the first server, where the blacklist verification request carries the blacklist verification identifier and the encrypted user information of the job applicant;
从黑名单库中查找与所述黑名单验证标识匹配的第一加密黑名单;Searching for the first encrypted blacklist matching the blacklist verification identifier from the blacklist database;
获取与所述第一加密黑名单关联存储的公钥;Obtaining a public key stored in association with the first encryption blacklist;
采用所述公钥对所述加密用户信息和所述第一加密黑名单进行同态加密,得到同态加密结果;Homomorphic encryption of the encrypted user information and the first encryption blacklist by using the public key to obtain a homomorphic encryption result;
向第二服务器发送黑名单匹配请求,其中,所述黑名单匹配请求携带所述同态加密结果,所述黑名单匹配请求用于指示所述第二服务器采用私钥对所述同态加密结果进行同态解密得到黑名单验证结果;Send a blacklist matching request to a second server, where the blacklist matching request carries the homomorphic encryption result, and the blacklist matching request is used to instruct the second server to use a private key to encrypt the homomorphic result Perform homomorphic decryption to obtain the blacklist verification result;
接收所述第二服务器发送的黑名单匹配响应,其中,所述黑名单匹配响应携带所述黑名单验证结果;Receiving a blacklist matching response sent by the second server, where the blacklist matching response carries the blacklist verification result;
向所述第一服务器发送黑名单验证响应,其中,所述黑名单验证响应携带所述黑名单验证结果,所述黑名单验证响应用于指示所述第一服务器对所述黑名单验证结果进行风险评估,得到风险评估值,以基于所述风险评估值确定是否录用所述求职者。Send a blacklist verification response to the first server, where the blacklist verification response carries the blacklist verification result, and the blacklist verification response is used to instruct the first server to perform the blacklist verification result Risk assessment to obtain a risk assessment value to determine whether to hire the job applicant based on the risk assessment value.
本申请实施例第二方面提供了一种基于同态加密的黑名单云共享验证装置,包括:The second aspect of the embodiments of the present application provides a blacklist cloud sharing verification device based on homomorphic encryption, including:
第一接收模块,用于接收第一服务器发送的黑名单验证请求,其中,所述黑名单验证请求携带黑名单验证标识和求职者的加密用户信息;The first receiving module is configured to receive a blacklist verification request sent by the first server, wherein the blacklist verification request carries a blacklist verification identifier and encrypted user information of the job applicant;
查找模块,用于从黑名单库中查找与所述黑名单验证标识匹配的第一加密黑名单;A search module, which is used to search for the first encrypted blacklist matching the blacklist verification identifier from the blacklist library;
获取模块,用于获取与所述第一加密黑名单关联存储的公钥;An obtaining module, configured to obtain a public key stored in association with the first encryption blacklist;
加密模块,用于采用所述公钥对所述加密用户信息和所述第一加密黑名单进行同态加密,得到同态加密结果;An encryption module, configured to perform homomorphic encryption on the encrypted user information and the first encryption blacklist by using the public key to obtain a homomorphic encryption result;
第一发送模块,用于向第二服务器发送黑名单匹配请求,其中,所述黑名单匹配请求携带所述同态加密结果,所述黑名单匹配请求用于指示所述第二服务器采用私钥对所述同态加密结果进行同态解密得到黑名单验证结果;The first sending module is configured to send a blacklist matching request to a second server, wherein the blacklist matching request carries the homomorphic encryption result, and the blacklist matching request is used to instruct the second server to use a private key Performing homomorphic decryption on the homomorphic encryption result to obtain a blacklist verification result;
第二接收模块,用于接收所述第二服务器发送的黑名单匹配响应,其中,所述黑名单匹配响应携带所述黑名单验证结果;A second receiving module, configured to receive a blacklist matching response sent by the second server, wherein the blacklist matching response carries the blacklist verification result;
第二发送模块,用于向所述第一服务器发送黑名单验证响应,其中,所述黑名单验证响应携带所述黑名单验证结果,所述黑名单验证响应用于指示所述第一服务器对所述黑名单验证结果进行风险评估,得到风险评估值,以基于所述风险评估值确定是否录用所述求职者。The second sending module is configured to send a blacklist verification response to the first server, wherein the blacklist verification response carries the blacklist verification result, and the blacklist verification response is used to instruct the first server to Perform risk assessment on the blacklist verification result to obtain a risk assessment value to determine whether to hire the job applicant based on the risk assessment value.
本申请实施例第三方面提供了一种信息处理的电子设备,包括处理器、存储器、通信接口以及一个或多个程序,其中,所述一个或多个程序被存储在所述存储器中,并且被配置由所述处理器执行,以执行一种信息处理方法中任一项方法中的步骤的指令。The third aspect of the embodiments of the present application provides an information processing electronic device, including a processor, a memory, a communication interface, and one or more programs, wherein the one or more programs are stored in the memory, and Instructions configured to be executed by the processor to execute steps in any one of an information processing method.
本申请实施例第四方面提供了一种计算机非易失性可读存储介质,所述计算机非易失性可读存储介质用于存储计算机程序,所述存储计算机程序被所述处理器执行,以实现一种信息处理方法中任一项所述的方法。The fourth aspect of the embodiments of the present application provides a computer non-volatile readable storage medium, the computer non-volatile readable storage medium is used to store a computer program, and the stored computer program is executed by the processor, To implement the method described in any one of the information processing methods.
可以看出,上述技术方案中,采用同态解密实现了在第二服务器未知用户信息的情况下得到了黑名单验证结果,从而实现了数据处理权与数据所有权的分离,确保了所有信息的安全性和私密性。同时,实现了黑名单资源的合理运用,避免企业录用具备不良征信行为、欺诈行为的求职者,全方面维护了企业利益。也实现了在黑名单共享下确保信息的安全性和私密性,且实现黑名单资源的合理运用,避免企业录用具备不良征信行为、欺诈行为的求职者,全方面维护了企业利益。It can be seen that in the above technical solution, homomorphic decryption is used to obtain a blacklist verification result when the second server does not know user information, thereby realizing the separation of data processing rights and data ownership, and ensuring the security of all information Sex and privacy. At the same time, it has realized the rational use of blacklist resources, prevented companies from hiring job seekers with bad credit and fraud, and safeguarded corporate interests in all aspects. It also realizes the security and privacy of information under the blacklist sharing, and realizes the rational use of blacklist resources, prevents companies from hiring job applicants with bad credit and fraudulent behaviors, and safeguards corporate interests in all aspects.
附图说明Description of the drawings
为了更清楚地说明本申请实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly describe the technical solutions in the embodiments of the present application or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the drawings in the following description are only These are some embodiments of the present application. For those of ordinary skill in the art, other drawings can be obtained based on these drawings without creative work.
其中:among them:
图1为本申请实施例提供的一种基于同态加密的黑名单云共享验证的方法的流程示意图;FIG. 1 is a schematic flowchart of a method for blacklist cloud sharing verification based on homomorphic encryption according to an embodiment of the application;
图2为本申请实施例提供的又一种基于同态加密的黑名单云共享验证的方法的流程示意图;2 is a schematic flow diagram of another method for blacklist cloud sharing verification based on homomorphic encryption provided by an embodiment of the application;
图3为本申请实施例提供的一种基于同态加密的黑名单云共享验证装置的示意图。FIG. 3 is a schematic diagram of a blacklist cloud sharing verification device based on homomorphic encryption provided by an embodiment of the application.
具体实施方式Detailed ways
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described embodiments are only a part of the embodiments of the present application, rather than all of the embodiments. Based on the embodiments in this application, all other embodiments obtained by those of ordinary skill in the art without creative work fall within the protection scope of this application.
以下分别进行详细说明。Detailed descriptions are given below.
本申请的说明书和权利要求书及上述附图中的术语“第一”、“第二”、“第三”是用于区别不同对象,而不是用于描述特定顺序。此外,术语“包括”和“具有”以及它们任何变形,意图在于覆盖不排他的包含。The terms "first", "second", and "third" in the specification and claims of this application and the above-mentioned drawings are used to distinguish different objects, rather than to describe a specific sequence. In addition, the terms "including" and "having" and any variations thereof are intended to cover non-exclusive inclusion.
首先,参见图1,图1为本申请的一个实施例提供的一种基于同态加密的黑名单云共享 验证的方法的流程示意图。其中,如图1所示,本申请的一个实施例提供的一种基于同态加密的黑名单云共享验证的方法可以包括:First, referring to Fig. 1, Fig. 1 is a schematic flowchart of a method for verifying a blacklist cloud sharing based on homomorphic encryption according to an embodiment of the application. Wherein, as shown in FIG. 1, a method for blacklist cloud sharing verification based on homomorphic encryption provided by an embodiment of the present application may include:
101、云验证中心接收第一服务器发送的黑名单验证请求。101. The cloud verification center receives a blacklist verification request sent by the first server.
其中,所述黑名单验证请求携带黑名单验证标识和求职者的加密用户信息。Wherein, the blacklist verification request carries the blacklist verification identifier and the encrypted user information of the job applicant.
其中,云验证中心例如可以包括服务器。The cloud verification center may include a server, for example.
102、云验证中心从黑名单库中查找与所述黑名单验证标识匹配的第一加密黑名单。102. The cloud verification center searches the blacklist database for the first encrypted blacklist that matches the blacklist verification identifier.
103、云验证中心获取与所述第一加密黑名单关联存储的公钥。103. The cloud verification center obtains the public key stored in association with the first encryption blacklist.
104、云验证中心采用所述公钥对所述加密用户信息和所述第一加密黑名单进行同态加密,得到同态加密结果。104. The cloud verification center uses the public key to perform homomorphic encryption on the encrypted user information and the first encryption blacklist to obtain a homomorphic encryption result.
可选的,同态加密例如可以为加法同态、乘法同态、混合乘法同态、减法同态、除法同态、代数同态、算术同态中的任意一种。Optionally, the homomorphic encryption may be any one of addition homomorphism, multiplication homomorphism, mixed multiplication homomorphism, subtraction homomorphism, division homomorphism, algebraic homomorphism, and arithmetic homomorphism, for example.
其中,同态加密是基于数学难题的计算复杂性理论的密码学技术。对经过同态加密的数据进行处理得到一个输出,将这一输出进行解密,其结果与用同一方法处理未加密的原始数据得到的输出期限信息是一样的。Among them, homomorphic encryption is a cryptographic technique based on the computational complexity theory of mathematical problems. The homomorphic encrypted data is processed to obtain an output, and the output is decrypted. The result is the same as the output period information obtained by processing the unencrypted original data in the same method.
105、云验证中心向第二服务器发送黑名单匹配请求。105. The cloud verification center sends a blacklist matching request to the second server.
其中,所述黑名单匹配请求携带所述同态加密结果,所述黑名单匹配请求用于指示所述第二服务器采用私钥对所述同态加密结果进行同态解密得到黑名单验证结果。Wherein, the blacklist matching request carries the homomorphic encryption result, and the blacklist matching request is used to instruct the second server to use a private key to homomorphically decrypt the homomorphic encryption result to obtain a blacklist verification result.
106、云验证中心接收所述第二服务器发送的黑名单匹配响应。106. The cloud verification center receives a blacklist matching response sent by the second server.
其中,所述黑名单匹配响应携带所述黑名单验证结果。Wherein, the blacklist matching response carries the blacklist verification result.
107、云验证中心向所述第一服务器发送黑名单验证响应。107. The cloud verification center sends a blacklist verification response to the first server.
其中,所述黑名单验证响应携带所述黑名单验证结果,所述黑名单验证响应用于指示所述第一服务器对所述黑名单验证结果进行风险评估,得到风险评估值,以基于所述风险评估值确定是否录用所述求职者。Wherein, the blacklist verification response carries the blacklist verification result, and the blacklist verification response is used to instruct the first server to perform a risk assessment on the blacklist verification result to obtain a risk assessment value based on the The risk assessment value determines whether to hire the job applicant.
参见图2,图2为本申请的一个实施例提供的又一种基于同态加密的黑名单云共享验证的方法的流程示意图。其中,如图2所示,本申请的一个实施例提供的一种基于同态加密的黑名单云共享验证的方法可以包括:Refer to FIG. 2, which is a schematic flowchart of another method for blacklist cloud sharing verification based on homomorphic encryption provided by an embodiment of the application. Wherein, as shown in FIG. 2, a method for blacklist cloud sharing verification based on homomorphic encryption provided by an embodiment of the present application may include:
201、云验证中心接收所述第一服务器发送的公钥请求。201. The cloud verification center receives a public key request sent by the first server.
其中,所述公钥请求携带公钥标识,所述公钥标识由所述第一服务器基于所述黑名单验证标识生成得到。Wherein, the public key request carries a public key identifier, and the public key identifier is generated by the first server based on the blacklist verification identifier.
202、云验证中心从所述黑名单库中查找与所述公钥标识匹配的所述公钥。202. The cloud verification center searches for the public key matching the public key identifier from the blacklist database.
203、云验证中心向所述第一服务器发送公钥响应。203. The cloud verification center sends a public key response to the first server.
其中,所述公钥响应携带所述公钥,所述公钥响应用于指示所述第一服务器采用所述公钥对待加密用户信息进行加密,得到所述加密用户信息。Wherein, the public key response carries the public key, and the public key response is used to instruct the first server to use the public key to encrypt user information to be encrypted to obtain the encrypted user information.
可选的,待加密用户信息例如可以包括:姓名、性别、年龄、身份证号码、联系方式、本科毕业学校等。Optionally, the user information to be encrypted may include, for example, name, gender, age, ID number, contact information, graduate school, etc.
204、云验证中心接收第一服务器发送的黑名单验证请求。204. The cloud verification center receives the blacklist verification request sent by the first server.
其中,所述黑名单验证请求携带黑名单验证标识和求职者的加密用户信息。Wherein, the blacklist verification request carries the blacklist verification identifier and the encrypted user information of the job applicant.
其中,云验证中心例如可以包括服务器。The cloud verification center may include a server, for example.
205、云验证中心从黑名单库中查找与所述黑名单验证标识匹配的第一加密黑名单。205. The cloud verification center searches the blacklist database for the first encrypted blacklist that matches the blacklist verification identifier.
可选的,第一方面,在本申请的一种可能的实施方式中,所述从黑名单库中查找与所述黑名单验证标识匹配的第一加密黑名单之前,所述方法还包括:接收所述第二服务器发送的加入云验证中心请求,其中,所述加入云验证中心请求携带所述第二服务器的身份认证信息和身份认证公钥;确定所述身份认证信息中的互联网协议地址符合预设合法互联网协议地址;采用所述身份认证公钥对所述身份认证信息中的签名信息进行身份认证;在身份认证通过时,向所述第二服务器发送黑名单请求,其中,所述黑名单请求用于指示所述第二服务器采用所 述公钥对第一待加密黑名单进行加密,得到所述第一加密黑名单;接收所述第二服务器发送的黑名单响应,其中,所述黑名单响应携带所述第一加密黑名单和所述公钥;将所述公钥和所述第一加密黑名单关联存储在所述黑名单库。Optionally, in the first aspect, in a possible implementation manner of the present application, before the searching from the blacklist database for the first encrypted blacklist matching the blacklist verification identifier, the method further includes: Receive a request to join a cloud verification center sent by the second server, where the request to join a cloud verification center carries the identity authentication information and identity authentication public key of the second server; and determine the Internet Protocol address in the identity authentication information Comply with the preset legal Internet protocol address; use the identity authentication public key to perform identity authentication on the signature information in the identity authentication information; when the identity authentication is passed, send a blacklist request to the second server, where the The blacklist request is used to instruct the second server to use the public key to encrypt the first blacklist to be encrypted to obtain the first encrypted blacklist; receive the blacklist response sent by the second server, where: The blacklist response carries the first encryption blacklist and the public key; the public key and the first encryption blacklist are associated and stored in the blacklist library.
其中,IP地址是指互联网协议地址(Internet Protocol Address,又译为网际协议地址),是IP Address的缩写。IP地址是IP协议提供的一种统一的地址格式,它为互联网上的每一个网络和每一台主机分配一个逻辑地址,以此来屏蔽物理地址的差异。Among them, IP address refers to Internet Protocol Address (Internet Protocol Address, also translated as Internet Protocol Address), which is the abbreviation of IP Address. The IP address is a unified address format provided by the IP protocol. It assigns a logical address to each network and each host on the Internet to shield differences in physical addresses.
可选的,签名信息由第二服务器采用身份认证私钥对企业信息加密得到。Optionally, the signature information is obtained by the second server using the identity authentication private key to encrypt the enterprise information.
其中,企业信息例如可以包括:企业名称、组织机构代码、联系方式、商家地址、经营范围等。Among them, the enterprise information may include, for example, enterprise name, organization code, contact information, business address, business scope, etc.
可以看出,上述技术方案中,云验证中心接收第二服务器发送的携带第二服务器的身份认证信息和身份认证公钥的加入云验证中心请求,这样为云验证中心对第二服务器的身份的验证提供方便;确定身份认证信息中的互联网协议地址符合预设合法互联网协议地址,确保第二服务器的逻辑地址的合法性;采用身份认证公钥对身份认证信息中的签名信息进行身份认证,确保了第二服务器携带的签名信息未被篡改,保证了第二服务器的合法性,;在身份认证通过时,向第二服务器发送黑名单请求,其中,黑名单请求用于指示第二服务器采用公钥对第一待加密黑名单进行加密,得到第一加密黑名单,在身份认证通过时,才同意第二服务器可以将加密黑名单发送至云验证中心,从而确保了一个合理的加入原则;接收第二服务器发送的黑名单响应,其中,黑名单响应携带第一加密黑名单和公钥,得到公钥,可以让第一服务器加密待加密用户信息,也可以采用公钥实现同态加密;将公钥和第一加密黑名单关联存储在黑名单库,实现云验证中心获取公钥。综上,通过设置加入云验证中心的条件,从而确保了黑名单的准确性,为后续良性的黑名单库建设做铺垫。It can be seen that in the above technical solution, the cloud verification center receives the request to join the cloud verification center that carries the identity authentication information and the identity verification public key of the second server sent by the second server. Provide convenience for verification; determine that the Internet Protocol address in the identity authentication information conforms to the preset legal Internet protocol address to ensure the legitimacy of the logical address of the second server; use the identity authentication public key to authenticate the signature information in the identity authentication information to ensure The signature information carried by the second server has not been tampered with, ensuring the legitimacy of the second server; when the identity authentication is passed, a blacklist request is sent to the second server, where the blacklist request is used to instruct the second server to adopt public The key encrypts the first blacklist to be encrypted to obtain the first encrypted blacklist. Only when the identity authentication is passed, it is agreed that the second server can send the encrypted blacklist to the cloud verification center, thus ensuring a reasonable joining principle; The blacklist response sent by the second server, where the blacklist response carries the first encrypted blacklist and the public key to obtain the public key, which can allow the first server to encrypt user information to be encrypted, or use the public key to implement homomorphic encryption; The public key and the first encrypted blacklist are stored in the blacklist database in association with each other, so that the cloud verification center can obtain the public key. In summary, by setting the conditions for joining the cloud verification center, the accuracy of the blacklist is ensured and pave the way for the subsequent construction of a benign blacklist database.
可选的,基于第一方面,在本申请的第一种可能的实施方式中,所述黑名单响应还携带加密黑名单标识和所述第一待加密黑名单中的J条黑名单期限数据,J为正整数,所述加密黑名单标识用于表示所述J条黑名单期限数据属于所述第一加密黑名单,所述J条黑名单期限数据中的每条黑名单期限数据用于表示个人不良信息记录在所述第一待加密黑名单的时间期限,在所述将所述公钥和所述第一加密黑名单关联存储在所述黑名单库之后,所述方法还包括:每间隔预设时段获取所述公钥和所述第一加密黑名单关联存储在所述黑名单库的时间,得到N个存储时段,其中,N为正整数;将所述N个存储时段按照时间的先后顺序输入预设加密黑名单存储期限函数,得到N个输出期限数据;将所述N个输出期限数据按照时间的先后顺序依次与所述J条黑名单期限数据中的每条黑名单期限数据进行对比,确定所述N个输出期限数据中存在大于H条黑名单期限数据的第一输出期限数据,其中,所述H条黑名单期限数据属于所述J条黑名单期限数据,0<H≤J且H为整数;对所述H条黑名单期限数据调用黑名单超期标识生成算法生成H个黑名单超期标识,其中,所述H个黑名单超期标识中的每条黑名单超期标识用于表示所述个人不良信息已失效;向所述第二服务器发送黑名单更新请求,其中,所述黑名单更新请求携带所述H个黑名单超期标识,所述黑名单更新请求用于指示所述第二服务器将所述第一待加密黑名单中与所述H个黑名单超期标识匹配的H条个人不良信息删除,得到第二待加密黑名单,采用所述公钥对所述第二待加密黑名单进行加密,得到第二加密黑名单;接收所述第二服务器发送黑名单更新响应,其中,所述黑名单更新响应携带所述第二加密黑名单;将与所述公钥关联存储的所述第一加密黑名单替换成所述第二加密黑名单。Optionally, based on the first aspect, in the first possible implementation manner of this application, the blacklist response further carries an encrypted blacklist identifier and J pieces of blacklist term data in the first blacklist to be encrypted , J is a positive integer, the encrypted blacklist identifier is used to indicate that the J pieces of blacklist deadline data belong to the first encrypted blacklist, and each of the J pieces of blacklist deadline data is used for Indicates the time limit for the personal bad information to be recorded in the first blacklist to be encrypted. After the associated storage of the public key and the first encrypted blacklist in the blacklist library, the method further includes: Obtain the time when the public key and the first encrypted blacklist are stored in the blacklist library in association with each other at a preset time interval to obtain N storage periods, where N is a positive integer; and the N storage periods are Input the preset encryption blacklist storage period function in the order of time to obtain N output period data; in the order of time, the N output period data are sequentially connected to each of the J pieces of blacklist period data. The deadline data is compared, and it is determined that there is first output deadline data larger than H pieces of blacklist deadline data in the N pieces of output deadline data, where the H pieces of blacklist deadline data belong to the J pieces of blacklist deadline data, 0 <H≤J and H is an integer; call the blacklist overdue identifier generation algorithm for the H pieces of blacklist expiration data to generate H blacklist overdue identifiers, wherein each of the H blacklist overdue identifiers is overdue The identifier is used to indicate that the personal bad information has expired; sending a blacklist update request to the second server, wherein the blacklist update request carries the H blacklist expiration identifiers, and the blacklist update request is used for Instruct the second server to delete H pieces of personal bad information matching the H blacklist expiration identifiers in the first blacklist to be encrypted, to obtain a second blacklist to be encrypted, and use the public key to pair the The second blacklist to be encrypted is encrypted to obtain a second encrypted blacklist; the blacklist update response sent by the second server is received, wherein the blacklist update response carries the second encrypted blacklist; it will communicate with the public The first encryption blacklist stored in association with the key is replaced with the second encryption blacklist.
其中,J例如可等于1、2、3、5、6、11、13、20或其他值。Wherein, J can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
其中,N例如可等于1、2、3、5、6、11、13、20或其他值。Wherein, N may be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
其中,H例如可等于1、2、3、5、6、11、13、20或其他值。Wherein, H can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
其中,在一种可选方案中,黑名单期限数据可以如下表所示:Among them, in an optional scheme, the blacklist deadline data can be as shown in the following table:
黑名单期限(天)Blacklist period (days) 22
黑名单期限(天)Blacklist period (days) 1515
黑名单期限(天)Blacklist period (days) 3030
上表中的左侧省略号表示黑名单期限(天),右侧省略号表示具体天数。The left ellipsis in the above table indicates the blacklist period (days), and the right ellipsis indicates the specific number of days.
可选的,预设时间例如可以包括:半小时,1天、3天、一周、2周、一个月、3个月、6个月、1年等其他时间。Optionally, the preset time may include, for example, half an hour, one day, three days, one week, two weeks, one month, three months, six months, one year and other times.
其中,预设时间可由管理员事先设定。或者预设时间也可记录在配置文件中,可通过查询配置文件来确定预设时间。Among them, the preset time can be set by the administrator in advance. Or the preset time can also be recorded in the configuration file, and the preset time can be determined by querying the configuration file.
可选的,预设加密黑名单存储期限函数为y=x+sin(x/6),其中,y为输出期限数据,x为存储时段。Optionally, the preset encryption blacklist storage period function is y=x+sin(x/6), where y is the output period data, and x is the storage period.
其中,个人不良信息例如可以包括:姓名、性别、年龄、身份证号码、联系方式、失信原因、失信时间、失信事件、失信地点等。Among them, personal bad information may include, for example, name, gender, age, ID number, contact information, reason for dishonesty, time of dishonesty, incident of dishonesty, location of dishonesty, etc.
可以看出,上述技术方案中,每间隔预设时段获取公钥和第一加密黑名单关联存储在所述黑名单库的时间,得到N个存储时段,通过每间隔预设时段获取存储时段,将实现动态监听黑名单库;将N个存储时段按照时间的先后顺序输入预设加密黑名单存储期限函数,得到N个输出期限数据,通过按照时间的先后顺序将N个存储时段输入预设加密黑名单存储期限函数,实现有序得到输出期限数据,加快了云验证中心处理速度;将N个输出期限数据按照时间的先后顺序依次与J条黑名单期限数据中的每条黑名单期限数据进行对比,确定N个输出期限数据中存在大于H条黑名单期限数据的第一输出期限数据,通过依次将N个输出期限数据与J条黑名单期限数据中的每条黑名单期限数据对比,快速得到N个输出期限数据中存在大于H条黑名单期限数据的第一输出期限数据,从而确定J条黑名单期限数据中有H条黑名单期限数据已经失效;对H条黑名单期限数据调用黑名单超期标识生成算法生成H个黑名单超期标识,其中,H个黑名单超期标识中的每条黑名单超期标识用于表示个人不良信息已失效,生成H个黑名单超期标识,为第二服务器删除待加密黑名单中已失效的个人不良信息做准备;向第二服务器发送黑名单更新请求,其中,黑名单更新请求携带H个黑名单超期标识,黑名单更新请求用于指示第二服务器将第一待加密黑名单中与H个黑名单超期标识匹配的H条个人不良信息删除,得到第二待加密黑名单,采用公钥对第二待加密黑名单进行加密,得到第二加密黑名单,从而让第二服务器根据H个黑名单超期标识删除H条个人不良信息,以得到第二待加密黑名单,接着采用公钥对第二待加密黑名单进行加密,得到第二加密黑名单,为后续将第二加密黑名单发给云验证中心做准备;接收第二服务器发送黑名单更新响应,其中,黑名单更新响应携带第二加密黑名单,实现了数据的传输;将与公钥关联存储的第一加密黑名单替换成第二加密黑名单,从而实现了黑名单库中失效个人不良信息的删除,节省了存储空间,减轻了云验证中心的存储成本。It can be seen that in the above technical solution, the public key and the time when the first encrypted blacklist is associated and stored in the blacklist library are obtained every preset time interval to obtain N storage time periods, and the storage time period is obtained through each preset time interval, A dynamic monitoring blacklist library will be implemented; N storage periods are input into the preset encryption blacklist storage period function in the order of time, and N output period data are obtained, and the N storage periods are input into the preset encryption in the order of time The blacklist storage period function realizes the orderly acquisition of output period data, which speeds up the processing speed of the cloud verification center; the N output period data are sequentially processed with each blacklist period data in the J blacklist period data in chronological order By comparison, it is determined that there are first output deadline data larger than H pieces of blacklist deadline data in the N output deadline data, and by sequentially comparing the N output deadline data with each blacklist deadline data in the J blacklist deadline data, quickly Obtain the first output deadline data that is greater than H blacklist deadline data among the N output deadline data, so as to determine that H blacklist deadline data in the J blacklist deadline data has expired; call black for H blacklist deadline data The list overdue identifier generation algorithm generates H blacklist overdue identifiers, of which, each of the H blacklist overdue identifiers is used to indicate that personal bad information has expired, and H blacklist overdue identifiers are generated, which are the second server Prepare for deleting invalid personal bad information in the blacklist to be encrypted; send a blacklist update request to the second server, where the blacklist update request carries H blacklist expiration identifiers, and the blacklist update request is used to instruct the second server to H pieces of personal bad information matching the H blacklist expiration identifiers in the first blacklist to be encrypted are deleted, and the second blacklist to be encrypted is obtained, and the second blacklist to be encrypted is encrypted with the public key to obtain the second encrypted blacklist , So that the second server deletes H pieces of personal bad information according to the H blacklist expiration flags to obtain the second blacklist to be encrypted, and then uses the public key to encrypt the second blacklist to be encrypted to obtain the second encrypted blacklist, Prepare for the subsequent sending of the second encrypted blacklist to the cloud verification center; receive the blacklist update response sent by the second server, where the blacklist update response carries the second encrypted blacklist to realize the transmission of data; it will be associated with the public key The stored first encrypted blacklist is replaced with the second encrypted blacklist, thereby realizing the deletion of invalid personal bad information in the blacklist database, saving storage space and reducing the storage cost of the cloud verification center.
206、云验证中心获取与所述第一加密黑名单关联存储的公钥。206. The cloud verification center obtains the public key stored in association with the first encryption blacklist.
207、云验证中心采用所述公钥对所述加密用户信息和所述第一加密黑名单进行同态加密,得到同态加密结果。207. The cloud verification center uses the public key to perform homomorphic encryption on the encrypted user information and the first encryption blacklist to obtain a homomorphic encryption result.
可选的,同态加密例如可以为加法同态、乘法同态、混合乘法同态、减法同态、除法同态、代数同态、算术同态中的任意一种。Optionally, the homomorphic encryption may be any one of addition homomorphism, multiplication homomorphism, mixed multiplication homomorphism, subtraction homomorphism, division homomorphism, algebraic homomorphism, and arithmetic homomorphism, for example.
其中,同态加密是基于数学难题的计算复杂性理论的密码学技术。对经过同态加密的数据进行处理得到一个输出,将这一输出进行解密,其结果与用同一方法处理未加密的原始数据得到的输出期限信息是一样的。Among them, homomorphic encryption is a cryptographic technique based on the computational complexity theory of mathematical problems. The homomorphic encrypted data is processed to obtain an output, and the output is decrypted. The result is the same as the output period information obtained by processing the unencrypted original data in the same method.
208、云验证中心向第二服务器发送黑名单匹配请求。208. The cloud verification center sends a blacklist matching request to the second server.
其中,所述黑名单匹配请求携带所述同态加密结果,所述黑名单匹配请求用于指示所述第二服务器采用私钥对所述同态加密结果进行同态解密得到黑名单验证结果。Wherein, the blacklist matching request carries the homomorphic encryption result, and the blacklist matching request is used to instruct the second server to use a private key to homomorphically decrypt the homomorphic encryption result to obtain a blacklist verification result.
209、云验证中心接收所述第二服务器发送的黑名单匹配响应。209. The cloud verification center receives a blacklist matching response sent by the second server.
其中,所述黑名单匹配响应携带所述黑名单验证结果。Wherein, the blacklist matching response carries the blacklist verification result.
210、云验证中心向所述第一服务器发送黑名单验证响应。210. The cloud verification center sends a blacklist verification response to the first server.
其中,所述黑名单验证响应携带所述黑名单验证结果,所述黑名单验证响应用于指示所述第一服务器对所述黑名单验证结果进行风险评估,得到风险评估值,以基于所述风险评估值确定是否录用所述求职者。Wherein, the blacklist verification response carries the blacklist verification result, and the blacklist verification response is used to instruct the first server to perform a risk assessment on the blacklist verification result to obtain a risk assessment value based on the The risk assessment value determines whether to hire the job applicant.
可选的,第一方面,在本申请的一种可能的实施方式中,所述方法还包括:接收所述第一服务器发送的所述黑名单验证请求,其中,所述黑名单验证请求携带M个黑名单验证标识和M个求职者的M个加密用户信息;从所述黑名单库中查找与所述M个黑名单验证标识匹配的M个加密黑名单,其中,所述M个黑名单验证标识与所述M个加密黑名单一一对应;获取与所述M个加密黑名单关联存储的M个公钥;采用所述M个公钥对所述M个加密用户信息和所述M个加密黑名单进行同态加密,得到M个同态加密结果,其中,所述M个同态加密结果中的第i个同态加密结果由所述M个公钥中的第i个公钥对所述第i个加密用户信息和第i个加密黑名单加密得到,所述第i个加密用户信息属于所述M个加密用户信息,所述第i个加密黑名单属于所述M个加密黑名单,0<i≤M且i为整数;向M个第二服务器发送M个黑名单匹配请求,其中,所述M个第二服务器与所述M个黑名单匹配请求一一对应,所述M个黑名单匹配请求携带所述M个同态加密结果,所述M个黑名单匹配请求中的第i个黑名单匹配请求用于指示第i个第二服务器采用第i个私钥对所述第i个同态加密结果进行同态解密得到M组黑名单验证结果中的第i组黑名单验证结果,所述第i个第二服务器属于所述M个第二服务器,所述第i组黑名单验证结果中包含K条黑名单验证结果,K为正整数;接收所述M个第二服务器发送的M个黑名单匹配响应,其中,所述M个第二服务器与所述M个黑名单匹配响应一一对应,所述M个黑名单匹配响应携带所述M组黑名单验证结果;按照预设不重复规则对所述M组黑名单验证结果中的每组黑名单验证结果进行筛选,以得到N组黑名单验证结果,其中,所述N组黑名单验证结果中的每组黑名单验证结果包含L条黑名单验证结果,N为正整数,N=M,L≤K且L为正整数;调用文件生成接口生成包含所述N组黑名单验证结果的黑名单验证报告;向所述第一服务器发送所述黑名单验证响应,其中,所述黑名单验证响应携带所述黑名单验证报告,所述黑名单验证响应用于指示所述第一服务器提取所述黑名单验证报告中的所述N组黑名单验证结果,对所述N组黑名单验证结果进行风险评估,得到N个风险评估值,以基于所述N个风险评估值确定是否录用所述M个求职者。Optionally, in the first aspect, in a possible implementation manner of the present application, the method further includes: receiving the blacklist verification request sent by the first server, wherein the blacklist verification request carries M blacklist verification identifiers and M encrypted user information of M job applicants; search for M encrypted blacklists matching the M blacklist verification identifiers from the blacklist database, where the M blacklists The list verification identifiers correspond to the M encrypted blacklists one-to-one; obtain the M public keys stored in association with the M encrypted blacklists; use the M public keys to pair the M encrypted user information and the Perform homomorphic encryption on M encryption blacklists to obtain M homomorphic encryption results, where the i-th homomorphic encryption result in the M homomorphic encryption results is determined by the i-th public key in the M public keys The key encrypts the i-th encrypted user information and the i-th encrypted blacklist, the i-th encrypted user information belongs to the M encrypted user information, and the i-th encrypted blacklist belongs to the M Encrypted blacklist, 0<i≤M and i is an integer; sending M blacklist matching requests to M second servers, where the M second servers correspond to the M blacklist matching requests one-to-one, The M blacklist matching requests carry the M homomorphic encryption results, and the i-th blacklist matching request in the M blacklist matching requests is used to instruct the i-th second server to use the i-th private key Performing homomorphic decryption on the i-th homomorphic encryption result to obtain the i-th group of blacklist verification results in the M groups of blacklist verification results, the i-th second server belongs to the M second servers, the The i-th group of blacklist verification results contains K blacklist verification results, and K is a positive integer; M blacklist matching responses sent by the M second servers are received, where the M second servers are There is a one-to-one correspondence between M blacklist matching responses, and the M blacklist matching responses carry the M groups of blacklist verification results; each group of blacklist verification results in the M groups of blacklist verification results are verified according to a preset non-repetition rule The results are screened to obtain N sets of blacklist verification results, where each set of blacklist verification results in the N sets of blacklist verification results includes L blacklist verification results, N is a positive integer, N=M, L≤ K and L are positive integers; call the file generation interface to generate a blacklist verification report containing the N groups of blacklist verification results; send the blacklist verification response to the first server, where the blacklist verification response carries The blacklist verification report, and the blacklist verification response is used to instruct the first server to extract the N sets of blacklist verification results in the blacklist verification report, and risk the N sets of blacklist verification results After evaluation, N risk assessment values are obtained, so as to determine whether to hire the M job applicants based on the N risk assessment values.
其中,M例如可等于1、2、3、5、6、11、13、20或其他值。Wherein, M can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
其中,i例如可等于1、2、3、5、6、11、13、20或其他值。Wherein, i can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
其中,K例如可等于1、2、3、5、6、11、13、20或其他值。Wherein, K can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
其中,L例如可等于1、2、3、5、6、11、13、20或其他值。Wherein, L can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
其中,N例如可等于1、2、3、5、6、11、13、20或其他值。Wherein, N may be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
可选的,基于第一方面,在本申请的第一种可能的实施方式中,在所述调用文件生成接口生成包含所述N组黑名单验证结果的黑名单验证报告之前,所述方法还包括:Optionally, based on the first aspect, in the first possible implementation manner of this application, before the calling file generation interface generates a blacklist verification report containing the N groups of blacklist verification results, the method further include:
S1:将n设置为初始值为1的整数;S1: Set n to an integer whose initial value is 1;
S2:检测n是否小于或等于N,若是,则执行S3,若否,则执行S9;S2: Check whether n is less than or equal to N, if yes, execute S3, if not, execute S9;
S3:获取第n组黑名单验证结果中的所述L条黑名单验证结果,其中,所述第n组黑名单验证结果属于所述N组黑名单验证结果;S3: Obtain the L blacklist verification results in the nth group of blacklist verification results, where the nth group of blacklist verification results belong to the N groups of blacklist verification results;
S4:提取所述L条黑名单验证结果中的L条黑名单期限数据;S4: Extract L pieces of blacklist term data from the L pieces of blacklist verification results;
S5:确定与所述L条黑名单期限数据对应的L个风险等级,其中,黑名单期限数据与风险等级成正比;S5: Determine L risk levels corresponding to the L pieces of blacklist term data, where the blacklist term data is proportional to the risk level;
S6:将与所述L个风险等级对应的所述L条黑名单期限数据按照风险等级从高到低的顺 序进行排列,得到排列后的L条黑名单验证结果;S6: Arrange the L pieces of blacklist term data corresponding to the L risk levels in the order of risk level from high to low, and obtain the L blacklist verification results after the arrangement;
S7:将所述排列后的L条黑名单验证结果添加至所述第n组黑名单验证结果;S7: Add the arranged L blacklist verification results to the nth group of blacklist verification results;
S8:将(n+1)赋值给n,返回执行S2;S8: Assign (n+1) to n and return to execute S2;
S9:结束排列。S9: End the arrangement.
其中,n例如可等于1、2、3、5、6、11、13、20或其他值。Wherein, n can be equal to 1, 2, 3, 5, 6, 11, 13, 20 or other values, for example.
可选的,基于第一方面或第一方面的第一种可能的实施方式,在本申请的第二种可能的实施方式中,所述确定与所述L条黑名单期限数据对应的L个风险等级,包括:Optionally, based on the first aspect or the first possible implementation manner of the first aspect, in the second possible implementation manner of the present application, the determination of L pieces of blacklist term data corresponding to L Risk level, including:
从所述L条黑名单期限数据中筛选出黑名单期限最大的黑名单期限数据;Filter out the blacklist term data with the largest blacklist term from the L pieces of blacklist term data;
将所述黑名单期限数据与预设黑名单期限数据进行对比,以确定所述黑名单期限数据是否大于所述预设黑名单期限数据;Comparing the blacklist deadline data with preset blacklist deadline data to determine whether the blacklist deadline data is greater than the preset blacklist deadline data;
若所述黑名单期限数据大于所述预设黑名单期限数据,则从风险等级评估函数库中确定与所述黑名单期限数据对应的风险等级评估函数;If the blacklist deadline data is greater than the preset blacklist deadline data, determining a risk level evaluation function corresponding to the blacklist deadline data from a risk level evaluation function library;
将所述L条黑名单期限数据分别输入所述风险等级评估函数,以得到L条风险等级评估数据;Input the L pieces of blacklist term data into the risk level evaluation function to obtain L pieces of risk level evaluation data;
从所述L条风险等级评估数据中提取风险等级评估数据最大的风险等级评估数据;Extracting the risk grade assessment data with the largest risk grade assessment data from the L pieces of risk grade assessment data;
确定与风险等级评估数据对应的预设风险等级评估权重;Determine the preset risk level evaluation weight corresponding to the risk level evaluation data;
按照预设风险等级评估权重对所述L条风险等级评估数据进行计算,得到L个风险等级。The L pieces of risk level evaluation data are calculated according to the preset risk level evaluation weights to obtain L risk levels.
其中,在一种可选方案中,不同的黑名单期限数据对应的不同的风险等级评估函数,可以如下表所示:Among them, in an optional scheme, different risk level evaluation functions corresponding to different blacklist deadline data can be as shown in the following table:
黑名单期限最大的黑名单期限(天)Maximum blacklist period (days) 预设黑名单期限数据(天)Default blacklist period data (days) 风险等级评估函数Risk rating function
1515 1010 y=x/a+cos(x-a)y=x/a+cos(x-a)
3030 1010 y=x a/1+tan(x/a) y=x a/1 +tan(x/a)
上表中的x表示黑名单期限最大的黑名单期限,a表示预设黑名单期限数据,y表示风险等级评估数据。The x in the above table represents the blacklist period with the largest blacklist period, a represents the preset blacklist period data, and y represents the risk level evaluation data.
其中,在一种可选方案中,不同的风险等级评估数据对应的不同的预设风险等级评估权重,可以如下表所示:Among them, in an optional scheme, different risk level evaluation data corresponding to different preset risk level evaluation weights can be as shown in the following table:
风险等级评估数据Risk assessment data 预设风险等级评估权重Preset risk level assessment weight
1.51.5 1.5/3+0.281.5/3+0.28
3.23.2 3.2/3+0.283.2/3+0.28
可选的,基于第一方面或第一方面的第一种或第二种的可能的实施方式,在本申请的第三种可能的实施方式中,所述方法还包括:Optionally, based on the first aspect or the first or second possible implementation manner of the first aspect, in a third possible implementation manner of the present application, the method further includes:
若所述黑名单期限数据不大于所述预设黑名单期限数据,则将所述L条黑名单期限数据输入风险预测模型,以得到风险预测值;If the blacklist term data is not greater than the preset blacklist term data, input the L pieces of blacklist term data into a risk prediction model to obtain a risk prediction value;
将所述风险预测值与预设风险预测值进行对比,以确定所述风险预测值是否超过所述预设风险预测值;Comparing the risk prediction value with a preset risk prediction value to determine whether the risk prediction value exceeds the preset risk prediction value;
若所述风险预测值超过所述预设风险预测值,则确定与所述风险预测值对应的所述N组黑名单验证结果中的第一组黑名单验证结果;If the risk prediction value exceeds the preset risk prediction value, determining the first set of blacklist verification results among the N sets of blacklist verification results corresponding to the risk prediction value;
向所述第一服务器发送警示消息,其中,所述警示消息携带所述风险预测值和所述第一组黑名单验证结果,所述警示消息用于指示所述第一服务器基于所述风险预测值将与所述第一组黑名单验证结果对应的求职者标记为不可信求职者。Send a warning message to the first server, where the warning message carries the risk prediction value and the first set of blacklist verification results, and the warning message is used to instruct the first server to predict based on the risk The value marks the job seeker corresponding to the first set of blacklist verification results as untrusted job seekers.
可选的,基于第一方面或第一方面的第一种或第二种或第三种的可能的实施方式,在本申请的第四种可能的实施方式中,所述公钥请求还携带所述第一服务器的会员信息,所述方法还包括:Optionally, based on the first aspect or the first or second or third possible implementation manner of the first aspect, in the fourth possible implementation manner of this application, the public key request also carries For the member information of the first server, the method further includes:
若所述风险预测值未超过所述预设风险预测值,则确定所述会员信息中的会员等级;If the risk prediction value does not exceed the preset risk prediction value, determining the member level in the member information;
将所述会员等级与预设会员等级进行对比,以确定所述会员等级高于预设会员等级;Comparing the member level with the preset member level to determine that the member level is higher than the preset member level;
将所述风险预测值输入风险预测评分模型,得到风险预测评分;Input the risk prediction value into a risk prediction scoring model to obtain a risk prediction score;
确定与所述风险预测评分对应的所述N组黑名单验证结果中的第二组黑名单验证结果;Determining the second set of blacklist verification results among the N sets of blacklist verification results corresponding to the risk prediction score;
向所述第一服务器发送携带所述风险预测评分和所述第二组黑名单验证结果的风险预测评分消息,其中,所述风险预测评分消息用于指示所述第一服务器基于所述风险预测评分评估与所述第二组黑名单验证结果对应的求职者,确定是否录取所述与所述第二组黑名单验证结果对应的求职者。A risk prediction score message carrying the risk prediction score and the second set of blacklist verification results is sent to the first server, wherein the risk prediction score message is used to instruct the first server to predict the risk based on the risk The job applicants corresponding to the second group of blacklist verification results are evaluated by scoring, and it is determined whether to admit the job applicants corresponding to the second group of blacklist verification results.
参见图3,本申请的一个实施例提供的一种基于同态加密的黑名单云共享验证装置300可以包括:Referring to FIG. 3, a blacklist cloud sharing verification device 300 based on homomorphic encryption provided by an embodiment of the present application may include:
第一接收模块301,用于接收第一服务器发送的黑名单验证请求。The first receiving module 301 is configured to receive a blacklist verification request sent by the first server.
其中,所述黑名单验证请求携带黑名单验证标识和求职者的加密用户信息。Wherein, the blacklist verification request carries the blacklist verification identifier and the encrypted user information of the job applicant.
其中,云验证中心例如可以包括服务器。The cloud verification center may include a server, for example.
可选的,第一接收模块301,还用于接收所述第一服务器发送的公钥请求,其中,所述公钥请求携带公钥标识,所述公钥标识由所述第一服务器基于所述黑名单验证标识生成得到;所述查找模块302,还用于从所述黑名单库中查找与所述公钥标识匹配的所述公钥;第一接收模块301,还用于向所述第一服务器发送公钥响应,其中,所述公钥响应携带所述公钥,所述公钥响应用于指示所述第一服务器采用所述公钥对待加密用户信息进行加密,得到所述加密用户信息。Optionally, the first receiving module 301 is further configured to receive a public key request sent by the first server, where the public key request carries a public key identifier, and the public key identifier is determined by the first server based on the The blacklist verification identifier is generated; the search module 302 is also used to search for the public key matching the public key identifier from the blacklist library; the first receiving module 301 is also used to send The first server sends a public key response, where the public key response carries the public key, and the public key response is used to instruct the first server to use the public key to encrypt user information to be encrypted to obtain the encryption User Info.
可选的,所述装置还包括处理模块308,所述第一接收模块301,还用于接收所述第二服务器发送的加入云验证中心请求,其中,所述加入云验证中心请求携带所述第二服务器的身份认证信息和身份认证公钥;所述处理模块308,用于确定所述身份认证信息中的互联网协议地址符合预设合法互联网协议地址;所述处理模块308,还用于采用所述身份认证公钥对所述身份认证信息中的签名信息进行身份认证;所述第一发送模块305,还用于在身份认证通过时,向所述第二服务器发送黑名单请求,其中,所述黑名单请求用于指示所述第二服务器采用所述公钥对第一待加密黑名单进行加密,得到所述第一加密黑名单;所述第一接收模块301,还用于接收所述第二服务器发送的黑名单响应,其中,所述黑名单响应携带所述第一加密黑名单和所述公钥;所述处理模块308,还用于将所述公钥和所述第一加密黑名单关联存储在所述黑名单库。Optionally, the device further includes a processing module 308, and the first receiving module 301 is further configured to receive a request to join a cloud verification center sent by the second server, wherein the request to join a cloud verification center carries the The identity authentication information and identity authentication public key of the second server; the processing module 308 is used to determine that the Internet protocol address in the identity authentication information meets the preset legal Internet protocol address; the processing module 308 is also used to use The identity authentication public key performs identity authentication on the signature information in the identity authentication information; the first sending module 305 is further configured to send a blacklist request to the second server when the identity authentication is passed, where: The blacklist request is used to instruct the second server to use the public key to encrypt the first blacklist to be encrypted to obtain the first encrypted blacklist; the first receiving module 301 is also used to receive The blacklist response sent by the second server, where the blacklist response carries the first encrypted blacklist and the public key; the processing module 308 is further configured to combine the public key and the first The encrypted blacklist is associated and stored in the blacklist library.
可选的,所述黑名单响应还携带加密黑名单标识和所述第一待加密黑名单中的J条黑名单期限数据,J为正整数,所述加密黑名单标识用于表示所述J条黑名单期限数据属于所述第一加密黑名单,所述J条黑名单期限数据中的每条黑名单期限数据用于表示个人不良信息记录在所述第一待加密黑名单的时间期限,所述处理模块308,还用于每间隔预设时段获取所述公钥和所述第一加密黑名单关联存储在所述黑名单库的时间,得到N个存储时段,其中,N为正整数;所述处理模块308,还用于将所述N个存储时段按照时间的先后顺序输入预设加密黑名单存储期限函数,得到N个输出期限数据;所述处理模块308,还用于将所述N个输出期限数据按照时间的先后顺序依次与所述J条黑名单期限数据中的每条黑名单期限数据进行对比,确定所述N个输出期限数据中存在大于H条黑名单期限数据的第一输出期限数据,其中,所述H条黑名单期限数据属于所述J条黑名单期限数据,0<H≤J且H为整数;所述处理模块308,还用于对所述H条黑名单期限数据调用黑名单超期标识生成算法生成H个黑名单超期标识,其中,所述H个黑名单超期标识中的每条黑名单超期标识用于表示所述个人不良信息已失效;第一发送模块305,还用于向所述第二服务器发送黑名单更新请求,其中,所述黑名单更新请求携带所述H个黑名单超期标识,所述黑名单更新请求用于指示所述第二服务器将所述第一待加密黑名单中与所述H个黑名单超期标识匹配的H条个人不良信息删除,得到第二待加密黑名单,采用所述公钥对所述第二待加密黑名单进行加密,得到第二加密黑 名单;所述第一接收模块301,还用于接收所述第二服务器发送黑名单更新响应,其中,所述黑名单更新响应携带所述第二加密黑名单;所述处理模块308,还用于将与所述公钥关联存储的所述第一加密黑名单替换成所述第二加密黑名单。Optionally, the blacklist response further carries an encrypted blacklist identifier and J pieces of blacklist expiration data in the first blacklist to be encrypted, where J is a positive integer, and the encrypted blacklist identifier is used to indicate that J Pieces of blacklist expiration data belong to the first encrypted blacklist, and each piece of blacklist expiration data in the J pieces of blacklist expiration data is used to indicate the time period during which personal bad information is recorded on the first blacklist to be encrypted, The processing module 308 is further configured to obtain the time when the public key and the first encrypted blacklist are stored in the blacklist library in association with each other for a preset period of time, to obtain N storage periods, where N is a positive integer The processing module 308 is also used to input the N storage periods in the order of time into the preset encryption blacklist storage period function to obtain N output period data; the processing module 308 is also used to The N pieces of output deadline data are compared with each piece of blacklist deadline data in the J pieces of blacklist deadline data in chronological order, and it is determined that there are more than H pieces of blacklist deadline data among the N pieces of output deadline data. The first output deadline data, wherein, the H pieces of blacklist deadline data belong to the J pieces of blacklist deadline data, 0<H≤J and H is an integer; the processing module 308 is also used to compare the H pieces The blacklist expiration date data calls the blacklist overdue indicator generation algorithm to generate H blacklist overdue indicators, where each of the H blacklist overdue indicators is used to indicate that the personal bad information has expired; first The sending module 305 is further configured to send a blacklist update request to the second server, where the blacklist update request carries the H blacklist expiration identifiers, and the blacklist update request is used to indicate the second The server deletes H pieces of personal bad information matching the H blacklist expiration identifiers from the first blacklist to be encrypted to obtain a second blacklist to be encrypted, and uses the public key to blacklist the second to be encrypted The list is encrypted to obtain a second encrypted blacklist; the first receiving module 301 is further configured to receive a blacklist update response sent by the second server, wherein the blacklist update response carries the second encrypted blacklist The processing module 308 is also used to replace the first encrypted blacklist stored in association with the public key with the second encrypted blacklist.
可选的,所述第一接收模块,还用于接收所述第一服务器发送的所述黑名单验证请求,其中,所述黑名单验证请求携带M个黑名单验证标识和M个求职者的M个加密用户信息;所述查找模块302,还用于从所述黑名单库中查找与所述M个黑名单验证标识匹配的M个加密黑名单,其中,所述M个黑名单验证标识与所述M个加密黑名单一一对应;所述获取模块303,还用于获取与所述M个加密黑名单关联存储的M个公钥;所述加密模块304,还用于采用所述M个公钥对所述M个加密用户信息和所述M个加密黑名单进行同态加密,得到M个同态加密结果,其中,所述M个同态加密结果中的第i个同态加密结果由所述M个公钥中的第i个公钥对所述第i个加密用户信息和第i个加密黑名单加密得到,所述第i个加密用户信息属于所述M个加密用户信息,所述第i个加密黑名单属于所述M个加密黑名单,0<i≤M且i为整数;所述第一发送模块305,还用于向M个第二服务器发送M个黑名单匹配请求,其中,所述M个第二服务器与所述M个黑名单匹配请求一一对应,所述M个黑名单匹配请求携带所述M个同态加密结果,所述M个黑名单匹配请求中的第i个黑名单匹配请求用于指示第i个第二服务器采用第i个私钥对所述第i个同态加密结果进行同态解密得到M组黑名单验证结果中的第i组黑名单验证结果,所述第i个第二服务器属于所述M个第二服务器,所述第i组黑名单验证结果中包含K条黑名单验证结果,K为正整数;所述第一接收模块301,还用于接收所述M个第二服务器发送的M个黑名单匹配响应,其中,所述M个第二服务器与所述M个黑名单匹配响应一一对应,所述M个黑名单匹配响应携带所述M组黑名单验证结果;所述处理模块308,还用于按照预设不重复规则对所述M组黑名单验证结果中的每组黑名单验证结果进行筛选,以得到N组黑名单验证结果,其中,所述N组黑名单验证结果中的每组黑名单验证结果包含L条黑名单验证结果,N为正整数,N=M,L≤K且L为正整数;所述处理模块308,还用于调用文件生成接口生成包含所述N组黑名单验证结果的黑名单验证报告;所述第一发送模块305,还用于向所述第一服务器发送所述黑名单验证响应,其中,所述黑名单验证响应携带所述黑名单验证报告,所述黑名单验证响应用于指示所述第一服务器提取所述黑名单验证报告中的所述N组黑名单验证结果,对所述N组黑名单验证结果进行风险评估,得到N个风险评估值,以基于所述N个风险评估值确定是否录用所述M个求职者。Optionally, the first receiving module is further configured to receive the blacklist verification request sent by the first server, wherein the blacklist verification request carries M blacklist verification identifiers and M job applicants’ information M encrypted user information; the search module 302 is also used to search for M encrypted blacklists matching the M blacklist verification identifiers from the blacklist library, wherein the M blacklist verification identifiers One-to-one correspondence with the M encrypted blacklists; the obtaining module 303 is also used to obtain M public keys stored in association with the M encrypted blacklists; the encryption module 304 is also used to use the M public keys perform homomorphic encryption on the M encrypted user information and the M encrypted blacklists to obtain M homomorphic encryption results, where the i-th homomorphic of the M homomorphic encryption results The encryption result is obtained by encrypting the i-th encrypted user information and the i-th encrypted blacklist by the i-th public key among the M public keys, and the i-th encrypted user information belongs to the M encrypted users Information, the i-th encrypted blacklist belongs to the M encrypted blacklists, 0<i≤M and i is an integer; the first sending module 305 is also used to send M blacklists to M second servers A list matching request, wherein the M second servers correspond to the M blacklist matching requests one-to-one, the M blacklist matching requests carry the M homomorphic encryption results, and the M blacklists The i-th blacklist matching request in the matching request is used to instruct the i-th second server to use the i-th private key to homomorphically decrypt the i-th homomorphic encryption result to obtain the first among the M groups of blacklist verification results. The i group of blacklist verification results, the i-th second server belongs to the M second servers, the i-th group of blacklist verification results include K blacklist verification results, and K is a positive integer; A receiving module 301 is further configured to receive M blacklist matching responses sent by the M second servers, where the M second servers correspond to the M blacklist matching responses one-to-one, and the M A blacklist matching response carries the M groups of blacklist verification results; the processing module 308 is further configured to screen each group of blacklist verification results in the M groups of blacklist verification results according to a preset non-repetition rule, In order to obtain N sets of blacklist verification results, each of the N sets of blacklist verification results includes L blacklist verification results, N is a positive integer, N=M, L≤K and L is A positive integer; the processing module 308 is also used to call the file generation interface to generate a blacklist verification report containing the N groups of blacklist verification results; the first sending module 305 is also used to send to the first server The blacklist verification response, wherein the blacklist verification response carries the blacklist verification report, and the blacklist verification response is used to instruct the first server to extract the N groups in the blacklist verification report Blacklist verification results, risk assessment is performed on the N groups of blacklist verification results, and N risk assessment values are obtained, so as to determine whether or not based on the N risk assessment values Employ the M job applicants.
可选的,所述处理模块308,还用于Optionally, the processing module 308 is also used for
S1:将n设置为初始值为1的整数;S1: Set n to an integer whose initial value is 1;
S2:检测n是否小于或等于N,若是,则执行S3,若否,则执行S9;S2: Check whether n is less than or equal to N, if yes, execute S3, if not, execute S9;
S3:获取第n组黑名单验证结果中的所述L条黑名单验证结果,其中,所述第n组黑名单验证结果属于所述N组黑名单验证结果;S3: Obtain the L blacklist verification results in the nth group of blacklist verification results, where the nth group of blacklist verification results belong to the N groups of blacklist verification results;
S4:提取所述L条黑名单验证结果中的L条黑名单期限数据;S4: Extract L pieces of blacklist term data from the L pieces of blacklist verification results;
S5:确定与所述L条黑名单期限数据对应的L个风险等级,其中,黑名单期限数据与风险等级成正比;S5: Determine L risk levels corresponding to the L pieces of blacklist term data, where the blacklist term data is proportional to the risk level;
S6:将与所述L个风险等级对应的所述L条黑名单期限数据按照风险等级从高到低的顺序进行排列,得到排列后的L条黑名单验证结果;S6: Arrange the L pieces of blacklist term data corresponding to the L risk levels in the order of risk levels from high to low, and obtain the L blacklist verification results after the arrangement;
S7:将所述排列后的L条黑名单验证结果添加至所述第n组黑名单验证结果;S7: Add the arranged L blacklist verification results to the nth group of blacklist verification results;
S8:将(n+1)赋值给n,返回执行S2;S8: Assign (n+1) to n and return to execute S2;
S9:结束排列。S9: End the arrangement.
可选的,所述处理模块308,还用于从所述L条黑名单期限数据中筛选出黑名单期限最大的黑名单期限数据;将所述黑名单期限数据与预设黑名单期限数据进行对比,以确定所述黑名单期限数据是否大于所述预设黑名单期限数据;若所述黑名单期限数据大于所述预设黑 名单期限数据,则从风险等级评估函数库中确定与所述黑名单期限数据对应的风险等级评估函数;将所述L条黑名单期限数据分别输入所述风险等级评估函数,以得到L条风险等级评估数据;从所述L条风险等级评估数据中提取风险等级评估数据最大的风险等级评估数据;确定与风险等级评估数据对应的预设风险等级评估权重;按照预设风险等级评估权重对所述L条风险等级评估数据进行计算,得到L个风险等级。Optionally, the processing module 308 is further configured to filter out the blacklist deadline data with the largest blacklist deadline from the L pieces of blacklist deadline data; and compare the blacklist deadline data with the preset blacklist deadline data Comparison to determine whether the blacklist expiration data is greater than the preset blacklist expiration data; if the blacklist expiration data is greater than the preset blacklist expiration data, it is determined from the risk level evaluation function library to The risk level evaluation function corresponding to the blacklist term data; the L pieces of blacklist term data are respectively input into the risk level evaluation function to obtain L pieces of risk level evaluation data; the risk is extracted from the L pieces of risk level evaluation data The risk grade assessment data with the largest grade assessment data; determine the preset risk grade assessment weight corresponding to the risk grade assessment data; calculate the L pieces of risk grade assessment data according to the preset risk grade assessment weight to obtain L risk grades.
可选的,所述处理模块308,还用于若所述黑名单期限数据不大于所述预设黑名单期限数据,则将所述L条黑名单期限数据输入风险预测模型,以得到风险预测值;所述处理模块308,还用于将所述风险预测值与预设风险预测值进行对比,以确定所述风险预测值是否超过所述预设风险预测值;所述处理模块308,还用于若所述风险预测值超过所述预设风险预测值,则确定与所述风险预测值对应的所述N组黑名单验证结果中的第一组黑名单验证结果;所述第一发送模块305,还用于向所述第一服务器发送警示消息,其中,所述警示消息携带所述风险预测值和所述第一组黑名单验证结果,所述警示消息用于指示所述第一服务器基于所述风险预测值将与所述第一组黑名单验证结果对应的求职者标记为不可信求职者。Optionally, the processing module 308 is further configured to, if the blacklist period data is not greater than the preset blacklist period data, input the L pieces of blacklist period data into the risk prediction model to obtain a risk prediction The processing module 308 is also used to compare the risk prediction value with a preset risk prediction value to determine whether the risk prediction value exceeds the preset risk prediction value; the processing module 308 also If the risk prediction value exceeds the preset risk prediction value, determine the first set of blacklist verification results among the N sets of blacklist verification results corresponding to the risk prediction value; the first sending The module 305 is further configured to send a warning message to the first server, where the warning message carries the risk prediction value and the first set of blacklist verification results, and the warning message is used to indicate the first set of blacklist verification results. The server marks the job seeker corresponding to the first set of blacklist verification results as untrusted job seekers based on the risk prediction value.
可选的,所述公钥请求还携带所述第一服务器的会员信息,所述处理模块308,还用于若所述风险预测值未超过所述预设风险预测值,则确定所述会员信息中的会员等级;所述处理模块308,还用于将所述会员等级与预设会员等级进行对比,以确定所述会员等级高于预设会员等级;所述处理模块308,还用于将所述风险预测值输入风险预测评分模型,得到风险预测评分;所述处理模块308,还用于确定与所述风险预测评分对应的所述N组黑名单验证结果中的第二组黑名单验证结果;所述第一发送模块305,还用于向所述第一服务器发送携带所述风险预测评分和所述第二组黑名单验证结果的风险预测评分消息,其中,所述风险预测评分消息用于指示所述第一服务器基于所述风险预测评分评估与所述第二组黑名单验证结果对应的求职者,确定是否录取所述与所述第二组黑名单验证结果对应的求职者。Optionally, the public key request also carries member information of the first server, and the processing module 308 is further configured to determine the member if the risk prediction value does not exceed the preset risk prediction value The member level in the information; the processing module 308 is also used to compare the member level with a preset member level to determine that the member level is higher than the preset member level; the processing module 308 is also used to The risk prediction value is input into a risk prediction scoring model to obtain a risk prediction score; the processing module 308 is also used to determine the second set of blacklists in the N sets of blacklist verification results corresponding to the risk prediction score Verification result; the first sending module 305 is further configured to send a risk prediction score message carrying the risk prediction score and the second set of blacklist verification results to the first server, wherein the risk prediction score The message is used to instruct the first server to evaluate the job seeker corresponding to the second set of blacklist verification results based on the risk prediction score, and determine whether to admit the job seeker corresponding to the second set of blacklist verification results .
查找模块302,用于从黑名单库中查找与所述黑名单验证标识匹配的第一加密黑名单。The searching module 302 is configured to search for the first encrypted blacklist matching the blacklist verification identifier from the blacklist database.
获取模块303,用于获取与所述第一加密黑名单关联存储的公钥。The obtaining module 303 is configured to obtain the public key stored in association with the first encryption blacklist.
加密模块304,用于采用所述公钥对所述加密用户信息和所述第一加密黑名单进行同态加密,得到同态加密结果。The encryption module 304 is configured to use the public key to perform homomorphic encryption on the encrypted user information and the first encryption blacklist to obtain a homomorphic encryption result.
可选的,同态加密例如可以为加法同态、乘法同态、混合乘法同态、减法同态、除法同态、代数同态、算术同态中的任意一种。Optionally, the homomorphic encryption may be any one of addition homomorphism, multiplication homomorphism, mixed multiplication homomorphism, subtraction homomorphism, division homomorphism, algebraic homomorphism, and arithmetic homomorphism, for example.
其中,同态加密是基于数学难题的计算复杂性理论的密码学技术。对经过同态加密的数据进行处理得到一个输出,将这一输出进行解密,其结果与用同一方法处理未加密的原始数据得到的输出期限信息是一样的。Among them, homomorphic encryption is a cryptographic technique based on the computational complexity theory of mathematical problems. The homomorphic encrypted data is processed to obtain an output, and the output is decrypted. The result is the same as the output period information obtained by processing the unencrypted original data in the same method.
第一发送模块305,用于向第二服务器发送黑名单匹配请求。The first sending module 305 is configured to send a blacklist matching request to the second server.
其中,所述黑名单匹配请求携带所述同态加密结果,所述黑名单匹配请求用于指示所述第二服务器采用私钥对所述同态加密结果进行同态解密得到黑名单验证结果。Wherein, the blacklist matching request carries the homomorphic encryption result, and the blacklist matching request is used to instruct the second server to use a private key to homomorphically decrypt the homomorphic encryption result to obtain a blacklist verification result.
第二接收模块306,用于接收所述第二服务器发送的黑名单匹配响应。The second receiving module 306 is configured to receive a blacklist matching response sent by the second server.
其中,所述黑名单匹配响应携带所述黑名单验证结果。Wherein, the blacklist matching response carries the blacklist verification result.
第二发送模块307,用于向所述第一服务器发送黑名单验证响应。The second sending module 307 is configured to send a blacklist verification response to the first server.
其中,所述黑名单验证响应携带所述黑名单验证结果,所述黑名单验证响应用于指示所述第一服务器对所述黑名单验证结果进行风险评估,得到风险评估值,以基于所述风险评估值确定是否录用所述求职者。Wherein, the blacklist verification response carries the blacklist verification result, and the blacklist verification response is used to instruct the first server to perform a risk assessment on the blacklist verification result to obtain a risk assessment value based on the The risk assessment value determines whether to hire the job applicant.
本申请实施例还提供了一种信息处理的电子设备,包括处理器、存储器、通信接口以及一个或多个程序,其中,所述一个或多个程序被存储在所述存储器中,并且被配置由所述处理器执行,以执行一种信息处理方法中任一项方法中的步骤的指令。The embodiment of the present application also provides an electronic device for information processing, including a processor, a memory, a communication interface, and one or more programs, wherein the one or more programs are stored in the memory and configured The instructions are executed by the processor to execute the steps in any one of the information processing methods.
本申请实施例还提供了一种计算机非易失性可读存储介质,所述计算机非易失性可读存储介质用于存储计算机程序,所述存储计算机程序被所述处理器执行,以实现一种信息处理 方法中任一项所述的方法。The embodiment of the present application also provides a computer non-volatile readable storage medium, the computer non-volatile readable storage medium is used to store a computer program, and the stored computer program is executed by the processor to realize A method according to any one of the information processing methods.
在本申请所提供的几个实施例中,应所述理解到,所揭露的装置,可通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如所述模块的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个模块或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或模块的间接耦合或通信连接,可以是电性或者其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed device may be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of the modules is only a logical function division, and there may be other divisions in actual implementation, for example, multiple modules or components may be combined or may be Integrate into another system, or some features can be ignored or not implemented. In addition, the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or modules, and may be in electrical or other forms.
所述作为分离部件说明的模块可以是或者也可以不是物理上分开的,作为模块显示的部件可以是或者也可以不是物理模块,即可以位于一个地方,或者也可以分布到多个网络模块上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。The modules described as separate components may or may not be physically separated, and the components displayed as modules may or may not be physical modules, that is, they may be located in one place, or they may be distributed to multiple network modules. Some or all of the modules may be selected according to actual needs to achieve the objectives of the solutions of the embodiments.
另外,在本申请各个实施例中的各功能模块可以集成在一个处理模块中,也可以是各个模块单独物理存在,也可以两个或两个以上模块集成在一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。In addition, each functional module in each embodiment of the present application may be integrated into one processing module, or each module may exist alone physically, or two or more modules may be integrated into one module. The above-mentioned integrated modules can be implemented in the form of hardware or software functional modules.
所述集成的模块如果以软件功能模块的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者所述技术方案的全部或部分可以以软件产品的形式体现出来,所述计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可为个人计算机、商家节点或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated module is implemented in the form of a software function module and sold or used as an independent product, it can be stored in a computer readable storage medium. Based on this understanding, the technical solution of the present application essentially or the part that contributes to the prior art or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage The medium includes several instructions to enable a computer device (which may be a personal computer, a merchant node, or a network device, etc.) to perform all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage media include: U disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disk or optical disk and other media that can store program code .
以上所述,以上实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的范围。As mentioned above, the above embodiments are only used to illustrate the technical solutions of the present application, not to limit them; although the present application has been described in detail with reference to the foregoing embodiments, a person of ordinary skill in the art should understand that: The technical solutions recorded in the embodiments are modified, or some of the technical features are equivalently replaced; these modifications or replacements do not cause the essence of the corresponding technical solutions to deviate from the scope of the technical solutions of the embodiments of the present application.

Claims (20)

  1. 基于同态加密的黑名单云共享验证的方法,其特征在于,包括:The blacklist cloud sharing verification method based on homomorphic encryption is characterized by including:
    接收第一服务器发送的黑名单验证请求,其中,所述黑名单验证请求携带黑名单验证标识和求职者的加密用户信息;Receiving a blacklist verification request sent by the first server, where the blacklist verification request carries the blacklist verification identifier and the encrypted user information of the job applicant;
    从黑名单库中查找与所述黑名单验证标识匹配的第一加密黑名单;Searching for the first encrypted blacklist matching the blacklist verification identifier from the blacklist database;
    获取与所述第一加密黑名单关联存储的公钥;Obtaining a public key stored in association with the first encryption blacklist;
    采用所述公钥对所述加密用户信息和所述第一加密黑名单进行同态加密,得到同态加密结果;Homomorphic encryption of the encrypted user information and the first encryption blacklist by using the public key to obtain a homomorphic encryption result;
    向第二服务器发送黑名单匹配请求,其中,所述黑名单匹配请求携带所述同态加密结果,所述黑名单匹配请求用于指示所述第二服务器采用私钥对所述同态加密结果进行同态解密得到黑名单验证结果;Send a blacklist matching request to a second server, where the blacklist matching request carries the homomorphic encryption result, and the blacklist matching request is used to instruct the second server to use a private key to encrypt the homomorphic result Perform homomorphic decryption to obtain the blacklist verification result;
    接收所述第二服务器发送的黑名单匹配响应,其中,所述黑名单匹配响应携带所述黑名单验证结果;Receiving a blacklist matching response sent by the second server, where the blacklist matching response carries the blacklist verification result;
    向所述第一服务器发送黑名单验证响应,其中,所述黑名单验证响应携带所述黑名单验证结果,所述黑名单验证响应用于指示所述第一服务器对所述黑名单验证结果进行风险评估,得到风险评估值,以基于所述风险评估值确定是否录用所述求职者。Send a blacklist verification response to the first server, where the blacklist verification response carries the blacklist verification result, and the blacklist verification response is used to instruct the first server to perform the blacklist verification result Risk assessment to obtain a risk assessment value to determine whether to hire the job applicant based on the risk assessment value.
  2. 根据权利要求1所述的方法,其特征在于,在所述接收第一服务器发送的黑名单验证请求之前,所述方法还包括:The method according to claim 1, wherein before said receiving the blacklist verification request sent by the first server, the method further comprises:
    接收所述第一服务器发送的公钥请求,其中,所述公钥请求携带公钥标识,所述公钥标识由所述第一服务器基于所述黑名单验证标识生成得到;Receiving a public key request sent by the first server, where the public key request carries a public key identifier, and the public key identifier is generated by the first server based on the blacklist verification identifier;
    从所述黑名单库中查找与所述公钥标识匹配的所述公钥;Searching for the public key matching the public key identifier from the blacklist library;
    向所述第一服务器发送公钥响应,其中,所述公钥响应携带所述公钥,所述公钥响应用于指示所述第一服务器采用所述公钥对待加密用户信息进行加密,得到所述加密用户信息。Send a public key response to the first server, where the public key response carries the public key, and the public key response is used to instruct the first server to use the public key to encrypt user information to be encrypted to obtain The encrypted user information.
  3. 根据权利要求1所述的方法,其特征在于,所述从黑名单库中查找与所述黑名单验证标识匹配的第一加密黑名单之前,所述方法还包括:The method according to claim 1, characterized in that before said searching from a blacklist library for a first encrypted blacklist matching the blacklist verification identifier, the method further comprises:
    接收所述第二服务器发送的加入云验证中心请求,其中,所述加入云验证中心请求携带所述第二服务器的身份认证信息和身份认证公钥;Receiving a request to join a cloud verification center sent by the second server, where the request to join a cloud verification center carries identity authentication information and an identity authentication public key of the second server;
    确定所述身份认证信息中的互联网协议地址符合预设合法互联网协议地址;Determining that the internet protocol address in the identity authentication information conforms to a preset legal internet protocol address;
    采用所述身份认证公钥对所述身份认证信息中的签名信息进行身份认证;Using the identity authentication public key to perform identity authentication on the signature information in the identity authentication information;
    在身份认证通过时,向所述第二服务器发送黑名单请求,其中,所述黑名单请求用于指示所述第二服务器采用所述公钥对第一待加密黑名单进行加密,得到所述第一加密黑名单;When the identity authentication is passed, a blacklist request is sent to the second server, where the blacklist request is used to instruct the second server to use the public key to encrypt the first blacklist to be encrypted to obtain the The first encryption blacklist;
    接收所述第二服务器发送的黑名单响应,其中,所述黑名单响应携带所述第一加密黑名单和所述公钥;Receiving a blacklist response sent by the second server, where the blacklist response carries the first encryption blacklist and the public key;
    将所述公钥和所述第一加密黑名单关联存储在所述黑名单库。The public key and the first encryption blacklist are associated and stored in the blacklist database.
  4. 根据权利要求3所述的方法,其特征在于,所述黑名单响应还携带加密黑名单标识和所述第一待加密黑名单中的J条黑名单期限数据,J为正整数,所述加密黑名单标识用于表示所述J条黑名单期限数据属于所述第一加密黑名单,所述J条黑名单期限数据中的每条黑名单期限数据用于表示个人不良信息记录在所述第一待加密黑名单的时间期限,在所述将所述公钥和所述第一加密黑名单关联存储在所述黑名单库之后,所述方法还包括:The method according to claim 3, wherein the blacklist response further carries an encrypted blacklist identifier and J pieces of blacklist term data in the first blacklist to be encrypted, J is a positive integer, and the encrypted blacklist The blacklist identifier is used to indicate that the J pieces of blacklist expiration data belong to the first encrypted blacklist, and each piece of blacklist expiration data in the J pieces of blacklist expiration data is used to indicate that personal bad information is recorded in the first encrypted blacklist. A time limit for the blacklist to be encrypted, after the associated storage of the public key and the first encrypted blacklist in the blacklist library, the method further includes:
    每间隔预设时段获取所述公钥和所述第一加密黑名单关联存储在所述黑名单库的时间,得到N个存储时段,其中,N为正整数;Acquiring the time when the public key and the first encrypted blacklist are stored in the blacklist library in association with each other at a preset time interval to obtain N storage time intervals, where N is a positive integer;
    将所述N个存储时段按照时间的先后顺序输入预设加密黑名单存储期限函数,得到N个输出期限数据;Input the N storage periods into a preset encryption blacklist storage period function in a time sequence to obtain N output period data;
    将所述N个输出期限数据按照时间的先后顺序依次与所述J条黑名单期限数据中的每条 黑名单期限数据进行对比,确定所述N个输出期限数据中存在大于H条黑名单期限数据的第一输出期限数据,其中,所述H条黑名单期限数据属于所述J条黑名单期限数据,0<H≤J且H为整数;Compare the N output deadline data with each blacklist deadline data in the J blacklist deadline data in chronological order, and determine that there are more than H blacklist deadlines in the N output deadline data The first output deadline data of the data, wherein the H pieces of blacklist deadline data belong to the J pieces of blacklist deadline data, 0<H≤J and H is an integer;
    对所述H条黑名单期限数据调用黑名单超期标识生成算法生成H个黑名单超期标识,其中,所述H个黑名单超期标识中的每条黑名单超期标识用于表示所述个人不良信息已失效;The blacklist overdue identifier generation algorithm is invoked on the H pieces of blacklist expiration data to generate H blacklist overdue identifiers, wherein each of the H blacklist overdue identifiers is used to represent the personal bad information expired;
    向所述第二服务器发送黑名单更新请求,其中,所述黑名单更新请求携带所述H个黑名单超期标识,所述黑名单更新请求用于指示所述第二服务器将所述第一待加密黑名单中与所述H个黑名单超期标识匹配的H条个人不良信息删除,得到第二待加密黑名单,采用所述公钥对所述第二待加密黑名单进行加密,得到第二加密黑名单;Send a blacklist update request to the second server, where the blacklist update request carries the H blacklist expiration identifiers, and the blacklist update request is used to instruct the second server to set the first waiting The H pieces of personal bad information that match the H blacklist expiration identifiers in the encryption blacklist are deleted to obtain a second blacklist to be encrypted, and the public key is used to encrypt the second blacklist to be encrypted to obtain a second Encryption blacklist;
    接收所述第二服务器发送黑名单更新响应,其中,所述黑名单更新响应携带所述第二加密黑名单;Receiving a blacklist update response sent by the second server, where the blacklist update response carries the second encrypted blacklist;
    将与所述公钥关联存储的所述第一加密黑名单替换成所述第二加密黑名单。Replacing the first encryption blacklist stored in association with the public key with the second encryption blacklist.
  5. 根据权利要求1至4任意一项所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 1 to 4, wherein the method further comprises:
    接收所述第一服务器发送的所述黑名单验证请求,其中,所述黑名单验证请求携带M个黑名单验证标识和M个求职者的M个加密用户信息;Receiving the blacklist verification request sent by the first server, wherein the blacklist verification request carries M blacklist verification identifiers and M encrypted user information of M job applicants;
    从所述黑名单库中查找与所述M个黑名单验证标识匹配的M个加密黑名单,其中,所述M个黑名单验证标识与所述M个加密黑名单一一对应;Search for M encrypted blacklists matching the M blacklist verification identifiers from the blacklist database, where the M blacklist verification identifiers correspond to the M encrypted blacklists one-to-one;
    获取与所述M个加密黑名单关联存储的M个公钥;Acquiring M public keys stored in association with the M encryption blacklists;
    采用所述M个公钥对所述M个加密用户信息和所述M个加密黑名单进行同态加密,得到M个同态加密结果,其中,所述M个同态加密结果中的第i个同态加密结果由所述M个公钥中的第i个公钥对所述第i个加密用户信息和第i个加密黑名单加密得到,所述第i个加密用户信息属于所述M个加密用户信息,所述第i个加密黑名单属于所述M个加密黑名单,0<i≤M且i为整数;Use the M public keys to homomorphically encrypt the M encrypted user information and the M encrypted blacklist to obtain M homomorphic encryption results, where the i-th of the M homomorphic encryption results A homomorphic encryption result is obtained by encrypting the i-th encrypted user information and the i-th encrypted blacklist by the i-th public key among the M public keys, and the i-th encrypted user information belongs to the M Encrypted user information, the i-th encrypted blacklist belongs to the M encrypted blacklists, 0<i≤M and i is an integer;
    向M个第二服务器发送M个黑名单匹配请求,其中,所述M个第二服务器与所述M个黑名单匹配请求一一对应,所述M个黑名单匹配请求携带所述M个同态加密结果,所述M个黑名单匹配请求中的第i个黑名单匹配请求用于指示第i个第二服务器采用第i个私钥对所述第i个同态加密结果进行同态解密得到M组黑名单验证结果中的第i组黑名单验证结果,所述第i个第二服务器属于所述M个第二服务器,所述第i组黑名单验证结果中包含K条黑名单验证结果,K为正整数;Send M blacklist matching requests to M second servers, where the M second servers correspond to the M blacklist matching requests one-to-one, and the M blacklist matching requests carry the M identical The i-th blacklist matching request in the M blacklist matching requests is used to instruct the i-th second server to use the i-th private key to homomorphically decrypt the i-th homomorphic encryption result Obtain the i-th group of blacklist verification results in the M groups of blacklist verification results, the i-th second server belongs to the M second servers, and the i-th group of blacklist verification results include K blacklist verifications As a result, K is a positive integer;
    接收所述M个第二服务器发送的M个黑名单匹配响应,其中,所述M个第二服务器与所述M个黑名单匹配响应一一对应,所述M个黑名单匹配响应携带所述M组黑名单验证结果;M blacklist matching responses sent by the M second servers are received, where the M second servers correspond to the M blacklist matching responses one-to-one, and the M blacklist matching responses carry the M group blacklist verification result;
    按照预设不重复规则对所述M组黑名单验证结果中的每组黑名单验证结果进行筛选,以得到N组黑名单验证结果,其中,所述N组黑名单验证结果中的每组黑名单验证结果包含L条黑名单验证结果,N为正整数,N=M,L≤K且L为正整数;Each group of blacklist verification results in the M groups of blacklist verification results is screened according to a preset non-repetition rule to obtain N groups of blacklist verification results, wherein each group of blacklist verification results in the N groups of blacklist verification results The list verification result includes L blacklist verification results, where N is a positive integer, N=M, L≤K and L is a positive integer;
    调用文件生成接口生成包含所述N组黑名单验证结果的黑名单验证报告;Calling the file generation interface to generate a blacklist verification report containing the N groups of blacklist verification results;
    向所述第一服务器发送所述黑名单验证响应,其中,所述黑名单验证响应携带所述黑名单验证报告,所述黑名单验证响应用于指示所述第一服务器提取所述黑名单验证报告中的所述N组黑名单验证结果,对所述N组黑名单验证结果进行风险评估,得到N个风险评估值,以基于所述N个风险评估值确定是否录用所述M个求职者。Send the blacklist verification response to the first server, where the blacklist verification response carries the blacklist verification report, and the blacklist verification response is used to instruct the first server to extract the blacklist verification According to the verification results of the N groups of blacklists in the report, a risk assessment is performed on the verification results of the N groups of blacklists to obtain N risk assessment values, so as to determine whether to hire the M job applicants based on the N risk assessment values .
  6. 根据权利要求5所述的方法,其特征在于,在所述调用文件生成接口生成包含所述N组黑名单验证结果的黑名单验证报告之前,所述方法还包括:The method according to claim 5, characterized in that, before the calling file generation interface generates a blacklist verification report containing the N groups of blacklist verification results, the method further comprises:
    S1:将n设置为初始值为1的整数;S1: Set n to an integer whose initial value is 1;
    S2:检测n是否小于或等于N,若是,则执行S3,若否,则执行S9;S2: Check whether n is less than or equal to N, if yes, execute S3, if not, execute S9;
    S3:获取第n组黑名单验证结果中的所述L条黑名单验证结果,其中,所述第n组黑名 单验证结果属于所述N组黑名单验证结果;S3: Obtain the L blacklist verification results in the nth group of blacklist verification results, where the nth group of blacklist verification results belong to the N group of blacklist verification results;
    S4:提取所述L条黑名单验证结果中的L条黑名单期限数据;S4: Extract L pieces of blacklist term data from the L pieces of blacklist verification results;
    S5:确定与所述L条黑名单期限数据对应的L个风险等级,其中,黑名单期限数据与风险等级成正比;S5: Determine L risk levels corresponding to the L pieces of blacklist term data, where the blacklist term data is proportional to the risk level;
    S6:将与所述L个风险等级对应的所述L条黑名单期限数据按照风险等级从高到低的顺序进行排列,得到排列后的L条黑名单验证结果;S6: Arrange the L pieces of blacklist term data corresponding to the L risk levels in the order of risk levels from high to low, and obtain the L blacklist verification results after the arrangement;
    S7:将所述排列后的L条黑名单验证结果添加至所述第n组黑名单验证结果;S7: Add the arranged L blacklist verification results to the nth group of blacklist verification results;
    S8:将(n+1)赋值给n,返回执行S2;S8: Assign (n+1) to n and return to execute S2;
    S9:结束排列。S9: End the arrangement.
  7. 根据权利要求6所述的方法,其特征在于,所述确定与所述L条黑名单期限数据对应的L个风险等级,包括:The method according to claim 6, wherein the determining the L risk levels corresponding to the L pieces of blacklist term data includes:
    从所述L条黑名单期限数据中筛选出黑名单期限最大的黑名单期限数据;Filter out the blacklist term data with the largest blacklist term from the L pieces of blacklist term data;
    将所述黑名单期限数据与预设黑名单期限数据进行对比,以确定所述黑名单期限数据是否大于所述预设黑名单期限数据;Comparing the blacklist deadline data with preset blacklist deadline data to determine whether the blacklist deadline data is greater than the preset blacklist deadline data;
    若所述黑名单期限数据大于所述预设黑名单期限数据,则从风险等级评估函数库中确定与所述黑名单期限数据对应的风险等级评估函数;If the blacklist deadline data is greater than the preset blacklist deadline data, determining a risk level evaluation function corresponding to the blacklist deadline data from a risk level evaluation function library;
    将所述L条黑名单期限数据分别输入所述风险等级评估函数,以得到L条风险等级评估数据;Input the L pieces of blacklist term data into the risk level evaluation function to obtain L pieces of risk level evaluation data;
    从所述L条风险等级评估数据中提取风险等级评估数据最大的风险等级评估数据;Extracting the risk grade assessment data with the largest risk grade assessment data from the L pieces of risk grade assessment data;
    确定与风险等级评估数据对应的预设风险等级评估权重;Determine the preset risk level evaluation weight corresponding to the risk level evaluation data;
    按照预设风险等级评估权重对所述L条风险等级评估数据进行计算,得到L个风险等级。The L pieces of risk level evaluation data are calculated according to the preset risk level evaluation weights to obtain L risk levels.
  8. 根据权利要求7所述的方法,其特征在于,所述方法还包括:若所述黑名单期限数据不大于所述预设黑名单期限数据,则将所述L条黑名单期限数据输入风险预测模型,以得到风险预测值;The method according to claim 7, wherein the method further comprises: if the blacklist deadline data is not greater than the preset blacklist deadline data, inputting the L pieces of blacklist deadline data into the risk prediction Model to get the risk prediction value;
    将所述风险预测值与预设风险预测值进行对比,以确定所述风险预测值是否超过所述预设风险预测值;Comparing the risk prediction value with a preset risk prediction value to determine whether the risk prediction value exceeds the preset risk prediction value;
    若所述风险预测值超过所述预设风险预测值,则确定与所述风险预测值对应的所述N组黑名单验证结果中的第一组黑名单验证结果;If the risk prediction value exceeds the preset risk prediction value, determining the first set of blacklist verification results among the N sets of blacklist verification results corresponding to the risk prediction value;
    向所述第一服务器发送警示消息,其中,所述警示消息携带所述风险预测值和所述第一组黑名单验证结果,所述警示消息用于指示所述第一服务器基于所述风险预测值将与所述第一组黑名单验证结果对应的求职者标记为不可信求职者。Send a warning message to the first server, where the warning message carries the risk prediction value and the first set of blacklist verification results, and the warning message is used to instruct the first server to predict based on the risk The value marks the job seeker corresponding to the first set of blacklist verification results as untrusted job seekers.
  9. 根据权利要求1至7任意一项所述的方法,其特征在于,所述公钥请求还携带所述第一服务器的会员信息,所述方法还包括:The method according to any one of claims 1 to 7, wherein the public key request also carries member information of the first server, and the method further comprises:
    若所述风险预测值未超过所述预设风险预测值,则确定所述会员信息中的会员等级;If the risk prediction value does not exceed the preset risk prediction value, determining the member level in the member information;
    将所述会员等级与预设会员等级进行对比,以确定所述会员等级高于预设会员等级;Comparing the member level with the preset member level to determine that the member level is higher than the preset member level;
    将所述风险预测值输入风险预测评分模型,得到风险预测评分;Input the risk prediction value into a risk prediction scoring model to obtain a risk prediction score;
    确定与所述风险预测评分对应的所述N组黑名单验证结果中的第二组黑名单验证结果;Determining the second set of blacklist verification results among the N sets of blacklist verification results corresponding to the risk prediction score;
    向所述第一服务器发送携带所述风险预测评分和所述第二组黑名单验证结果的风险预测评分消息,其中,所述风险预测评分消息用于指示所述第一服务器基于所述风险预测评分评估与所述第二组黑名单验证结果对应的求职者,确定是否录取所述与所述第二组黑名单验证结果对应的求职者。A risk prediction score message carrying the risk prediction score and the second set of blacklist verification results is sent to the first server, wherein the risk prediction score message is used to instruct the first server to predict the risk based on the risk The job applicants corresponding to the second group of blacklist verification results are evaluated by scoring, and it is determined whether to admit the job applicants corresponding to the second group of blacklist verification results.
  10. 一种基于同态加密的黑名单云共享验证装置,其特征在于,包括:A blacklist cloud sharing verification device based on homomorphic encryption is characterized by comprising:
    第一接收模块,用于接收第一服务器发送的黑名单验证请求,其中,所述黑名单验证请求携带黑名单验证标识和求职者的加密用户信息;The first receiving module is configured to receive a blacklist verification request sent by the first server, wherein the blacklist verification request carries a blacklist verification identifier and encrypted user information of the job applicant;
    查找模块,用于从黑名单库中查找与所述黑名单验证标识匹配的第一加密黑名单;A search module, which is used to search for the first encrypted blacklist matching the blacklist verification identifier from the blacklist library;
    获取模块,用于获取与所述第一加密黑名单关联存储的公钥;An obtaining module, configured to obtain a public key stored in association with the first encryption blacklist;
    加密模块,用于采用所述公钥对所述加密用户信息和所述第一加密黑名单进行同态加密,得到同态加密结果;An encryption module, configured to perform homomorphic encryption on the encrypted user information and the first encryption blacklist by using the public key to obtain a homomorphic encryption result;
    第一发送模块,用于向第二服务器发送黑名单匹配请求,其中,所述黑名单匹配请求携带所述同态加密结果,所述黑名单匹配请求用于指示所述第二服务器采用私钥对所述同态加密结果进行同态解密得到黑名单验证结果;The first sending module is configured to send a blacklist matching request to a second server, wherein the blacklist matching request carries the homomorphic encryption result, and the blacklist matching request is used to instruct the second server to use a private key Performing homomorphic decryption on the homomorphic encryption result to obtain a blacklist verification result;
    第二接收模块,用于接收所述第二服务器发送的黑名单匹配响应,其中,所述黑名单匹配响应携带所述黑名单验证结果;A second receiving module, configured to receive a blacklist matching response sent by the second server, wherein the blacklist matching response carries the blacklist verification result;
    第二发送模块,用于向所述第一服务器发送黑名单验证响应,其中,所述黑名单验证响应携带所述黑名单验证结果,所述黑名单验证响应用于指示所述第一服务器对所述黑名单验证结果进行风险评估,得到风险评估值,以基于所述风险评估值确定是否录用所述求职者。The second sending module is configured to send a blacklist verification response to the first server, wherein the blacklist verification response carries the blacklist verification result, and the blacklist verification response is used to instruct the first server to Perform risk assessment on the blacklist verification result to obtain a risk assessment value to determine whether to hire the job applicant based on the risk assessment value.
  11. 根据权利要求10所述的装置,其特征在于,第一接收模块,还用于接收所述第一服务器发送的公钥请求,其中,所述公钥请求携带公钥标识,所述公钥标识由所述第一服务器基于所述黑名单验证标识生成得到;所述查找模块,还用于从所述黑名单库中查找与所述公钥标识匹配的所述公钥;第一接收模块,还用于向所述第一服务器发送公钥响应,其中,所述公钥响应携带所述公钥,所述公钥响应用于指示所述第一服务器采用所述公钥对待加密用户信息进行加密,得到所述加密用户信息。The device according to claim 10, wherein the first receiving module is further configured to receive a public key request sent by the first server, wherein the public key request carries a public key identifier, and the public key identifier Generated by the first server based on the blacklist verification identifier; the search module is further configured to search for the public key matching the public key identifier from the blacklist library; the first receiving module, It is also used to send a public key response to the first server, where the public key response carries the public key, and the public key response is used to instruct the first server to use the public key to perform encrypted user information. Encryption to obtain the encrypted user information.
  12. 根据权利要求10所述的装置,其特征在于,所述装置还包括处理模块,所述第一接收模块,还用于接收所述第二服务器发送的加入云验证中心请求,其中,所述加入云验证中心请求携带所述第二服务器的身份认证信息和身份认证公钥;所述处理模块,用于确定所述身份认证信息中的互联网协议地址符合预设合法互联网协议地址;所述处理模块,还用于采用所述身份认证公钥对所述身份认证信息中的签名信息进行身份认证;所述第一发送模块,还用于在身份认证通过时,向所述第二服务器发送黑名单请求,其中,所述黑名单请求用于指示所述第二服务器采用所述公钥对第一待加密黑名单进行加密,得到所述第一加密黑名单;所述第一接收模块,还用于接收所述第二服务器发送的黑名单响应,其中,所述黑名单响应携带所述第一加密黑名单和所述公钥;所述处理模块,还用于将所述公钥和所述第一加密黑名单关联存储在所述黑名单库。The device according to claim 10, wherein the device further comprises a processing module, and the first receiving module is further configured to receive a request to join a cloud verification center sent by the second server, wherein the joining The cloud verification center requests to carry the identity authentication information and identity authentication public key of the second server; the processing module is configured to determine that the Internet Protocol address in the identity authentication information conforms to a preset legal Internet Protocol address; the processing module , Is also configured to use the identity authentication public key to perform identity authentication on the signature information in the identity authentication information; the first sending module is also used to send a blacklist to the second server when the identity authentication is passed Request, wherein the blacklist request is used to instruct the second server to use the public key to encrypt the first blacklist to be encrypted to obtain the first encrypted blacklist; the first receiving module also uses After receiving the blacklist response sent by the second server, wherein the blacklist response carries the first encrypted blacklist and the public key; the processing module is further configured to combine the public key with the public key The first encryption blacklist is associated and stored in the blacklist library.
  13. 根据权利要求12所述的装置,其特征在于,所述黑名单响应还携带加密黑名单标识和所述第一待加密黑名单中的J条黑名单期限数据,J为正整数,所述加密黑名单标识用于表示所述J条黑名单期限数据属于所述第一加密黑名单,所述J条黑名单期限数据中的每条黑名单期限数据用于表示个人不良信息记录在所述第一待加密黑名单的时间期限,所述处理模块,还用于每间隔预设时段获取所述公钥和所述第一加密黑名单关联存储在所述黑名单库的时间,得到N个存储时段,其中,N为正整数;所述处理模块,还用于将所述N个存储时段按照时间的先后顺序输入预设加密黑名单存储期限函数,得到N个输出期限数据;所述处理模块,还用于将所述N个输出期限数据按照时间的先后顺序依次与所述J条黑名单期限数据中的每条黑名单期限数据进行对比,确定所述N个输出期限数据中存在大于H条黑名单期限数据的第一输出期限数据,其中,所述H条黑名单期限数据属于所述J条黑名单期限数据,0<H≤J且H为整数;所述处理模块,还用于对所述H条黑名单期限数据调用黑名单超期标识生成算法生成H个黑名单超期标识,其中,所述H个黑名单超期标识中的每条黑名单超期标识用于表示所述个人不良信息已失效;第一发送模块,还用于向所述第二服务器发送黑名单更新请求,其中,所述黑名单更新请求携带所述H个黑名单超期标识,所述黑名单更新请求用于指示所述第二服务器将所述第一待加密黑名单中与所述H个黑名单超期标识匹配的H条个人不良信息删除,得到第二待加密黑名单,采用所述公钥对所述第二待加密黑名单进行加密,得到第二加密黑名单;所述第一接收模块,还用于接收所述第二服务器发送黑名单更新响应,其中,所述黑名单更新响应携带所述第二加密黑名单;所述处理模块,还用于将与 所述公钥关联存储的所述第一加密黑名单替换成所述第二加密黑名单。The device according to claim 12, wherein the blacklist response further carries an encrypted blacklist identifier and J pieces of blacklist term data in the first blacklist to be encrypted, J is a positive integer, and the encrypted blacklist The blacklist identifier is used to indicate that the J pieces of blacklist expiration data belong to the first encrypted blacklist, and each piece of blacklist expiration data in the J pieces of blacklist expiration data is used to indicate that personal bad information is recorded in the first encrypted blacklist. A time limit for the blacklist to be encrypted, the processing module is further configured to obtain the time when the public key and the first encrypted blacklist are associated and stored in the blacklist library at intervals of a preset period of time, to obtain N storage Time period, where N is a positive integer; the processing module is further configured to input the N storage time periods into a preset encrypted blacklist storage period function in time order to obtain N output period data; the processing module , And also used to compare the N pieces of output deadline data with each piece of blacklist deadline data in the J pieces of blacklist deadline data in chronological order, and determine that there is more than H The first output deadline data of pieces of blacklist deadline data, wherein the H pieces of blacklist deadline data belong to the J pieces of blacklist deadline data, 0<H≤J and H is an integer; the processing module is also used for The blacklist overdue identifier generation algorithm is invoked on the H pieces of blacklist expiration data to generate H blacklist overdue identifiers, wherein each of the H blacklist overdue identifiers is used to represent the personal bad information Has expired; the first sending module is also used to send a blacklist update request to the second server, wherein the blacklist update request carries the H blacklist expiration identifiers, and the blacklist update request is used to indicate The second server deletes H pieces of personal bad information matching the H blacklist expiration identifiers in the first blacklist to be encrypted to obtain a second blacklist to be encrypted, and uses the public key to pair the first The second encrypted blacklist is encrypted to obtain a second encrypted blacklist; the first receiving module is further configured to receive a blacklist update response sent by the second server, where the blacklist update response carries the second Encryption blacklist; the processing module is further configured to replace the first encryption blacklist stored in association with the public key with the second encryption blacklist.
  14. 根据权利要求10至13任意一项所述的装置,其特征在于,所述第一接收模块,还用于接收所述第一服务器发送的所述黑名单验证请求,其中,所述黑名单验证请求携带M个黑名单验证标识和M个求职者的M个加密用户信息;The device according to any one of claims 10 to 13, wherein the first receiving module is further configured to receive the blacklist verification request sent by the first server, wherein the blacklist verification request Request to carry M blacklist verification identifiers and M encrypted user information of M job applicants;
    所述查找模块,还用于从所述黑名单库中查找与所述M个黑名单验证标识匹配的M个加密黑名单,其中,所述M个黑名单验证标识与所述M个加密黑名单一一对应;The search module is further configured to search for M encrypted blacklists matching the M blacklist verification identifiers from the blacklist library, wherein the M blacklist verification identifiers are the same as the M encrypted blacklists. One-to-one correspondence between lists;
    所述获取模块,还用于获取与所述M个加密黑名单关联存储的M个公钥;The obtaining module is further configured to obtain M public keys stored in association with the M encrypted blacklists;
    所述加密模块,还用于采用所述M个公钥对所述M个加密用户信息和所述M个加密黑名单进行同态加密,得到M个同态加密结果,其中,所述M个同态加密结果中的第i个同态加密结果由所述M个公钥中的第i个公钥对所述第i个加密用户信息和第i个加密黑名单加密得到,所述第i个加密用户信息属于所述M个加密用户信息,所述第i个加密黑名单属于所述M个加密黑名单,0<i≤M且i为整数;The encryption module is further configured to use the M public keys to perform homomorphic encryption on the M encrypted user information and the M encrypted blacklists to obtain M homomorphic encryption results, wherein the M The i-th homomorphic encryption result in the homomorphic encryption result is obtained by encrypting the i-th encrypted user information and the i-th encrypted blacklist by the i-th public key among the M public keys. Pieces of encrypted user information belong to the M pieces of encrypted user information, the i-th encrypted blacklist belongs to the M pieces of encrypted blacklist, 0<i≤M and i is an integer;
    所述第一发送模块,还用于向M个第二服务器发送M个黑名单匹配请求,其中,所述M个第二服务器与所述M个黑名单匹配请求一一对应,所述M个黑名单匹配请求携带所述M个同态加密结果,所述M个黑名单匹配请求中的第i个黑名单匹配请求用于指示第i个第二服务器采用第i个私钥对所述第i个同态加密结果进行同态解密得到M组黑名单验证结果中的第i组黑名单验证结果,所述第i个第二服务器属于所述M个第二服务器,所述第i组黑名单验证结果中包含K条黑名单验证结果,K为正整数;The first sending module is further configured to send M blacklist matching requests to M second servers, where the M second servers correspond to the M blacklist matching requests one-to-one, and the M The blacklist matching request carries the M homomorphic encryption results, and the i-th blacklist matching request in the M blacklist matching requests is used to instruct the i-th second server to use the i-th private key to pair the i homomorphic encryption results are homomorphically decrypted to obtain the i-th group of blacklist verification results in the M groups of blacklist verification results, the i-th second server belongs to the M second servers, and the i-th group of blacklist verification results The list verification result contains K blacklist verification results, and K is a positive integer;
    所述第一接收模块,还用于接收所述M个第二服务器发送的M个黑名单匹配响应,其中,所述M个第二服务器与所述M个黑名单匹配响应一一对应,所述M个黑名单匹配响应携带所述M组黑名单验证结果;The first receiving module is further configured to receive M blacklist matching responses sent by the M second servers, where the M second servers correspond to the M blacklist matching responses one-to-one, so The M blacklist matching responses carry the M groups of blacklist verification results;
    所述处理模块,还用于按照预设不重复规则对所述M组黑名单验证结果中的每组黑名单验证结果进行筛选,以得到N组黑名单验证结果,其中,所述N组黑名单验证结果中的每组黑名单验证结果包含L条黑名单验证结果,N为正整数,N=M,L≤K且L为正整数;The processing module is further configured to screen each group of blacklist verification results in the M groups of blacklist verification results according to a preset non-repetition rule to obtain N groups of blacklist verification results, wherein the N groups of blacklist verification results Each group of blacklist verification results in the list verification results includes L blacklist verification results, where N is a positive integer, N=M, L≤K and L is a positive integer;
    所述处理模块,还用于调用文件生成接口生成包含所述N组黑名单验证结果的黑名单验证报告;The processing module is further configured to call a file generation interface to generate a blacklist verification report containing the N groups of blacklist verification results;
    所述第一发送模块,还用于向所述第一服务器发送所述黑名单验证响应,其中,所述黑名单验证响应携带所述黑名单验证报告,所述黑名单验证响应用于指示所述第一服务器提取所述黑名单验证报告中的所述N组黑名单验证结果,对所述N组黑名单验证结果进行风险评估,得到N个风险评估值,以基于所述N个风险评估值确定是否录用所述M个求职者。The first sending module is further configured to send the blacklist verification response to the first server, wherein the blacklist verification response carries the blacklist verification report, and the blacklist verification response is used to instruct all The first server extracts the N sets of blacklist verification results in the blacklist verification report, performs risk assessment on the N sets of blacklist verification results, and obtains N risk assessment values based on the N risk assessments The value determines whether to hire the M job applicants.
  15. 根据权利要求14所述的装置,其特征在于,所述处理模块,还用于The device according to claim 14, wherein the processing module is also used for
    S1:将n设置为初始值为1的整数;S1: Set n to an integer whose initial value is 1;
    S2:检测n是否小于或等于N,若是,则执行S3,若否,则执行S9;S2: Check whether n is less than or equal to N, if yes, execute S3, if not, execute S9;
    S3:获取第n组黑名单验证结果中的所述L条黑名单验证结果,其中,所述第n组黑名单验证结果属于所述N组黑名单验证结果;S3: Obtain the L blacklist verification results in the nth group of blacklist verification results, where the nth group of blacklist verification results belong to the N groups of blacklist verification results;
    S4:提取所述L条黑名单验证结果中的L条黑名单期限数据;S4: Extract L pieces of blacklist term data from the L pieces of blacklist verification results;
    S5:确定与所述L条黑名单期限数据对应的L个风险等级,其中,黑名单期限数据与风险等级成正比;S5: Determine L risk levels corresponding to the L pieces of blacklist term data, where the blacklist term data is proportional to the risk level;
    S6:将与所述L个风险等级对应的所述L条黑名单期限数据按照风险等级从高到低的顺序进行排列,得到排列后的L条黑名单验证结果;S6: Arrange the L pieces of blacklist term data corresponding to the L risk levels in the order of risk levels from high to low, and obtain the L blacklist verification results after the arrangement;
    S7:将所述排列后的L条黑名单验证结果添加至所述第n组黑名单验证结果;S7: Add the arranged L blacklist verification results to the nth group of blacklist verification results;
    S8:将(n+1)赋值给n,返回执行S2;S8: Assign (n+1) to n and return to execute S2;
    S9:结束排列。S9: End the arrangement.
  16. 根据权利要求15所述的装置,其特征在于,所述处理模块,还用于从所述L条黑名单期限数据中筛选出黑名单期限最大的黑名单期限数据;将所述黑名单期限数据与预设黑 名单期限数据进行对比,以确定所述黑名单期限数据是否大于所述预设黑名单期限数据;若所述黑名单期限数据大于所述预设黑名单期限数据,则从风险等级评估函数库中确定与所述黑名单期限数据对应的风险等级评估函数;将所述L条黑名单期限数据分别输入所述风险等级评估函数,以得到L条风险等级评估数据;从所述L条风险等级评估数据中提取风险等级评估数据最大的风险等级评估数据;确定与风险等级评估数据对应的预设风险等级评估权重;按照预设风险等级评估权重对所述L条风险等级评估数据进行计算,得到L个风险等级。The device according to claim 15, wherein the processing module is further configured to filter out the blacklist deadline data with the largest blacklist deadline from the L pieces of blacklist deadline data; and convert the blacklist deadline data It is compared with the preset blacklist term data to determine whether the blacklist term data is greater than the preset blacklist term data; if the blacklist term data is greater than the preset blacklist term data, the risk level Determine the risk level evaluation function corresponding to the blacklist term data in the evaluation function library; input the L pieces of blacklist term data into the risk level evaluation function to obtain L pieces of risk level evaluation data; The risk grade assessment data with the largest risk grade assessment data is extracted from the pieces of risk grade assessment data; the preset risk grade assessment weight corresponding to the risk grade assessment data is determined; the L pieces of risk grade assessment data are performed according to the preset risk grade assessment weight Calculate to get L risk levels.
  17. 根据权利要求16所述的装置,其特征在于,所述处理模块,还用于若所述黑名单期限数据不大于所述预设黑名单期限数据,则将所述L条黑名单期限数据输入风险预测模型,以得到风险预测值;所述处理模块,还用于将所述风险预测值与预设风险预测值进行对比,以确定所述风险预测值是否超过所述预设风险预测值;所述处理模块,还用于若所述风险预测值超过所述预设风险预测值,则确定与所述风险预测值对应的所述N组黑名单验证结果中的第一组黑名单验证结果;所述第一发送模块,还用于向所述第一服务器发送警示消息,其中,所述警示消息携带所述风险预测值和所述第一组黑名单验证结果,所述警示消息用于指示所述第一服务器基于所述风险预测值将与所述第一组黑名单验证结果对应的求职者标记为不可信求职者。The device according to claim 16, wherein the processing module is further configured to input the L pieces of blacklist deadline data if the blacklist deadline data is not greater than the preset blacklist deadline data A risk prediction model to obtain a risk prediction value; the processing module is also used to compare the risk prediction value with a preset risk prediction value to determine whether the risk prediction value exceeds the preset risk prediction value; The processing module is further configured to determine the first set of blacklist verification results among the N sets of blacklist verification results corresponding to the risk prediction value if the risk prediction value exceeds the preset risk prediction value The first sending module is further configured to send a warning message to the first server, wherein the warning message carries the risk prediction value and the first set of blacklist verification results, and the warning message is used for Instruct the first server to mark job seekers corresponding to the first group of blacklist verification results as untrusted job seekers based on the risk prediction value.
  18. 根据权利要求10至17任意一项所述的装置,其特征在于,所述公钥请求还携带所述第一服务器的会员信息,所述处理模块,还用于若所述风险预测值未超过所述预设风险预测值,则确定所述会员信息中的会员等级;所述处理模块,还用于将所述会员等级与预设会员等级进行对比,以确定所述会员等级高于预设会员等级;所述处理模块,还用于将所述风险预测值输入风险预测评分模型,得到风险预测评分;所述处理模块,还用于确定与所述风险预测评分对应的所述N组黑名单验证结果中的第二组黑名单验证结果;所述第一发送模块,还用于向所述第一服务器发送携带所述风险预测评分和所述第二组黑名单验证结果的风险预测评分消息,其中,所述风险预测评分消息用于指示所述第一服务器基于所述风险预测评分评估与所述第二组黑名单验证结果对应的求职者,确定是否录取所述与所述第二组黑名单验证结果对应的求职者。The device according to any one of claims 10 to 17, wherein the public key request also carries member information of the first server, and the processing module is further configured to: if the risk prediction value does not exceed The preset risk prediction value determines the member level in the member information; the processing module is also used to compare the member level with the preset member level to determine that the member level is higher than the preset member level Membership level; the processing module is also used to input the risk prediction value into a risk prediction scoring model to obtain a risk prediction score; the processing module is also used to determine the N groups of blacks corresponding to the risk prediction score The second set of blacklist verification results in the list verification results; the first sending module is further configured to send to the first server a risk prediction score carrying the risk prediction score and the second set of blacklist verification results Message, wherein the risk prediction score message is used to instruct the first server to evaluate job applicants corresponding to the second set of blacklist verification results based on the risk prediction score, and determine whether to admit the second set of blacklist verification results. Job applicants corresponding to the group blacklist verification result.
  19. 一种信息处理的电子设备,其特征在于,包括处理器、存储器、通信接口以及一个或多个程序,其中,所述一个或多个程序被存储在所述存储器中,并且被配置由所述处理器执行,以执行权利要求1-9任一项方法中的步骤的指令。An electronic device for information processing, which is characterized by comprising a processor, a memory, a communication interface, and one or more programs, wherein the one or more programs are stored in the memory and configured by the The processor executes the instructions to execute the steps in the method of any one of claims 1-9.
  20. 一种计算机非易失性可读存储介质,其特征在于,所述计算机非易失性可读存储介质用于存储计算机程序,所述存储计算机程序被所述处理器执行,以实现权利要求1-9任一项所述的方法。A computer non-volatile readable storage medium, wherein the computer non-volatile readable storage medium is used to store a computer program, and the stored computer program is executed by the processor to implement claim 1 -9 The method described in any one.
PCT/CN2019/120154 2019-05-21 2019-11-22 Blacklist cloud sharing verification method based on homomorphic encryption, and related apparatus WO2020233038A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910421986.2 2019-05-21
CN201910421986.2A CN110232283A (en) 2019-05-21 2019-05-21 The method and relevant apparatus of blacklist cloud shared authentication based on homomorphic cryptography

Publications (1)

Publication Number Publication Date
WO2020233038A1 true WO2020233038A1 (en) 2020-11-26

Family

ID=67861458

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/120154 WO2020233038A1 (en) 2019-05-21 2019-11-22 Blacklist cloud sharing verification method based on homomorphic encryption, and related apparatus

Country Status (2)

Country Link
CN (1) CN110232283A (en)
WO (1) WO2020233038A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110232283A (en) * 2019-05-21 2019-09-13 深圳壹账通智能科技有限公司 The method and relevant apparatus of blacklist cloud shared authentication based on homomorphic cryptography
CN111461728B (en) * 2020-03-31 2023-03-10 支付宝(杭州)信息技术有限公司 Risk identification method, device and system
CN114584283A (en) * 2022-03-21 2022-06-03 深圳壹账通智能科技有限公司 Privacy protection method, device, equipment and storage medium for blacklist matching

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103281377A (en) * 2013-05-31 2013-09-04 北京鹏宇成软件技术有限公司 Cryptograph data storage and searching method for cloud
WO2016180264A1 (en) * 2015-05-13 2016-11-17 阿里巴巴集团控股有限公司 Method and apparatus for acquiring an electronic file
CN110232283A (en) * 2019-05-21 2019-09-13 深圳壹账通智能科技有限公司 The method and relevant apparatus of blacklist cloud shared authentication based on homomorphic cryptography

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8468595B1 (en) * 2006-03-22 2013-06-18 Trend Micro Incorporated Content filtering prior to data encryption
WO2018090183A1 (en) * 2016-11-15 2018-05-24 深圳达闼科技控股有限公司 Identity authentication method, terminal device, authentication server and electronic device
CN107231434A (en) * 2017-07-10 2017-10-03 北京小米移动软件有限公司 The control method and device of terminal device
CN109327418A (en) * 2017-07-31 2019-02-12 平安科技(深圳)有限公司 Data sharing method, device and computer readable storage medium
CN108494738B (en) * 2018-02-27 2020-10-27 华南理工大学 Verifiable post-quantum electronic voting system and implementation method thereof
CN109711973A (en) * 2018-11-09 2019-05-03 深圳壹账通智能科技有限公司 Methods of risk assessment and device, storage medium, computer equipment
CN109669986A (en) * 2018-12-12 2019-04-23 深圳乐信软件技术有限公司 Blacklist sharing method, device, equipment and storage medium based on block chain

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103281377A (en) * 2013-05-31 2013-09-04 北京鹏宇成软件技术有限公司 Cryptograph data storage and searching method for cloud
WO2016180264A1 (en) * 2015-05-13 2016-11-17 阿里巴巴集团控股有限公司 Method and apparatus for acquiring an electronic file
CN110232283A (en) * 2019-05-21 2019-09-13 深圳壹账通智能科技有限公司 The method and relevant apparatus of blacklist cloud shared authentication based on homomorphic cryptography

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
CHEN, ZHENHUA ET AL.: "Secure Multiparty Computation of Set Membership and Its Applications", ACTA ELECTRONICA SINICA, 31 May 2017 (2017-05-31), DOI: 20200113165919X *

Also Published As

Publication number Publication date
CN110232283A (en) 2019-09-13

Similar Documents

Publication Publication Date Title
WO2020098336A1 (en) Data sharing method and apparatus, and digital gateway and computer-readable storage medium
US11652608B2 (en) System and method to protect sensitive information via distributed trust
US10972264B2 (en) Method for realizing network electronic identity identification information protection based on key dispersion calculation
CN112073484B (en) GDPR compliance supervision method and system based on alliance chain
CN109241753A (en) A kind of data sharing method and system based on block chain
US20120331284A1 (en) Media Agnostic, Distributed, and Defendable Data Retention
WO2020233038A1 (en) Blacklist cloud sharing verification method based on homomorphic encryption, and related apparatus
CN111800252A (en) Information auditing method and device based on block chain and computer equipment
US20200311307A1 (en) System and method for providing anonymous validation of a query among a plurality of nodes in a network
Abedi et al. Developing regulatory standards for the concept of security in online dispute resolution systems
CN105978855A (en) System and method for protecting personal information security in real-name system
CN110493011B (en) Block chain-based certificate issuing management method and device
Hicks SoK: Log based transparency enhancing technologies
US20230085763A1 (en) Method and system for unified social media ecosystem with self verification and privacy preserving proofs
CN102833239B (en) Method for implementing nesting protection of client account information based on network identity
CN113536372B (en) Data processing method and device and electronic equipment
TWI737139B (en) Personal data protection application system and personal data protection application method
CN112257084A (en) Personal information storage and monitoring method, system and storage medium based on block chain
Judy Flava Survey of Triangle Security in Cloud
US11159578B1 (en) Apparatus and method for managing digital identities and controlling their correlation to legal identities
CN117499159B (en) Block chain-based data transaction method and device and electronic equipment
RU2795371C1 (en) Method and system of depersonalized assessment of clients of organizations for carrying out operations between organizations
Nepali et al. SocBridge: Bridging the gap between online social networks
Gundabattini Privacy of Cloud Data using Public Audit
Sriharsha Privacy threats and vulnerabilities: Reinvent your privacy engineering practices and win

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19929698

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 01.03.2022)

122 Ep: pct application non-entry in european phase

Ref document number: 19929698

Country of ref document: EP

Kind code of ref document: A1