Abstract

Embodiments of this specification provide language model training methods and apparatuses based on continual pre-training. In one example method, a soft prompt feature corresponding to each current training sample in a current domain is obtained. A latent feature corresponding to each piece of text data in the current domain is obtained. A cross-domain loss value is determined based on a difference between the obtained latent feature and a latent feature obtained based on an initial current language model in a previous domain. When a training termination condition for the current domain is not satisfied, model parameters are adjusted based on the cross-domain loss value. When a training termination condition for the current domain is satisfied, the model training process is repeated by continuing using a training sample set in a next domain, until a training termination condition for continual pre-training is satisfied.

IPC Classes  ?

• G06N 3/094 - Adversarial learning
• G06N 3/0475 - Generative networks

Abstract

Methods and apparatuses for determining a similarity between text and a video are described. In an example, an initial text feature and an initial video feature that correspond to text and a video are respectively obtained by using a text feature extraction model and a video feature extraction model. The initial text feature is processed based on a syntactic level analysis result of the text, to obtain text features that correspond to elements in the syntactic level analysis result. A video level analysis result corresponding to the syntactic level analysis result is constructed based on a degree of matching between the text features and the initial video feature. Video features corresponding to elements in the video level analysis result are obtained. A similarity between the text and the video is determined based on a similarity between a text feature and a video feature corresponding to elements in a corresponding level.

IPC Classes  ?

• G06V 20/40 - ScenesScene-specific elements in video content
• G06F 40/211 - Syntactic parsing, e.g. based on context-free grammar [CFG] or unification grammars

Abstract

Embodiments of this specification provide a method and an apparatus for device management in a target operating system. The target operating system is written in a Rust language. The Rust language includes an unsafe keyword. The method relates to a device driver of a peripheral device and a device management module. The method includes: receiving, by an interface module in the device management module, a target request sent by the device driver, where the target request is an operation request related to interrupt configuration or access of the peripheral device, and the interface module includes no code segment using the unsafe keyword; performing, by the interface module, a security check related to the operation request; and after the security check succeeds, performing, by a kernel code module in the device management module, a target operation corresponding to the operation request by using code that includes the unsafe keyword.

IPC Classes  ?

• G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs

Abstract

Embodiments of this specification provide a method and an apparatus for managing a user-mode program in a target operating system. The target operating system is written in a Rust language. The Rust language includes an unsafe keyword. The method includes: in response to a kernel processing program requesting, by calling an interface function, to enter a user mode to execute a target program, confirming, by the user-mode interface module, security of a register access related to the request, where the kernel processing program is located at a non-privilege level and has no permission to use the unsafe keyword, and the user-mode interface module does not include the unsafe keyword; and activating, by the basic code module, a target page table corresponding to the target program through the register access by using first code that includes the unsafe keyword, and setting a mode of the operating system to the user mode.

IPC Classes  ?

• G06F 8/30 - Creation or generation of source code

Abstract

Embodiments of this specification provide a method and an apparatus for memory management in a target operating system. The target operating system is written in a Rust language. The Rust language includes an unsafe keyword. The method is performed by a memory management module. The memory management module includes a management interface module and a kernel code module. The method includes: receiving, by the management interface module, a memory request sent by program code, where neither the program code nor the management interface module includes a code segment using the unsafe keyword; and when target security assurance is ensured based on the management interface module, performing, by the kernel code module, a memory operation corresponding to the memory request by using code that includes the unsafe keyword, where the target security assurance is related to the memory operation.

IPC Classes  ?

• G06F 12/14 - Protection against unauthorised use of memory

Abstract

One or more embodiments of the present description disclose a detection method and apparatus for a generated image. The method comprises: first, acquiring a target image; second, selecting a partial image of the target image, and reconstructing the partial image on the basis of the remaining image of the target image except the partial image, so as to acquire a reconstructed image consisting of the remaining image and the reconstructed partial image; then, inputting the reconstructed image into a pre-trained classification model to obtain a reconstruction effect category of the reconstructed image; and finally, on the basis of the reconstruction effect category of the reconstructed image, determining whether the target image is a real image or a generated image.

IPC Classes  ?

• G06V 10/764 - Arrangements for image or video recognition or understanding using pattern recognition or machine learning using classification, e.g. of video objects

Abstract

Embodiments of this specification provide node election voting methods and apparatuses based on a consensus system. The consensus system includes a first node device and a second node device, and a master node device. When determining that the master node device is not in a working state, the first node device sends a first pre-election message. When receiving the first pre-election message, the second node device stores the first pre-election message in a cache. When determining that the master node device is still in the working state, the second node device maintains a waiting state of the first pre-election message in the cache; and when determining that the master node device is not in the working state, the second node device sends a pre-voting message to the corresponding first node device, so that the first node device sends a formal first election message to another node device.

IPC Classes  ?

• H04L 41/00 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
• H04L 43/0805 - Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability

Abstract

Embodiments of this specification provide methods and apparatuses for multi-party joint data processing to protect data privacy. The method is performed by the ith party, and includes: acquiring two calculation fragments corresponding to the ith party from three calculation fragments obtained by dividing calculation data; determining a first result fragment of a product result of the target data and the calculation data based on the fragment sum value, the specified fragment, and the two calculation fragments, and sending the first result fragment to a next participating party of the ith party; and receiving a second result fragment of the product result from a previous participating party of the ith party, where the second result fragment is determined by the previous participating party based on a fragment sum value and a specified fragment that are held by the previous participating party, and two calculation fragments corresponding to the previous participating party.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

Embodiments of this specification provide a method and apparatus for calculating contrastive loss through multiple graphics processing units. The method includes: processing a feature of a target batch of samples through N graphics processing units divided into M processing unit groups, where each processing unit group includes one or more graphics processing units; separately determining, by each processing unit group, a partial feature similarity between features processed by a graphics processing unit, and storing the partial feature similarity into a corresponding video memory of the graphics processing unit included in the processing unit group; separately determining, according to the partial feature similarity stored in the corresponding video memory of the graphics processing unit included in each processing unit group, group contrastive loss corresponding to each processing unit group; and determining overall contrastive loss according to the group contrastive loss corresponding to each processing unit group.

IPC Classes  ?

• G06T 1/20 - Processor architecturesProcessor configuration, e.g. pipelining
• G06V 10/74 - Image or video pattern matchingProximity measures in feature spaces

Abstract

Embodiments of this specification provide a data storage method and apparatus, and a data reading method and apparatus. The data storage method is applied to a knowledge graph platform, and includes: splitting target knowledge graph data, to determine at least two pieces of to-be-stored target subgraph data, where the target knowledge graph data include a target entity node and at least one edge associated with the target entity node, and each piece of to-be-stored target subgraph data includes the target entity node and an edge with at least one target attribute; and storing the at least two pieces of to-be-stored target subgraph data in at least two consecutive data blocks based on an edge attribute, where an end entity identifier of to-be-stored target subgraph data stored in a previous data block is the same as a start entity identifier of to-be-stored target subgraph data stored in a current data block.

IPC Classes  ?

• G06F 16/28 - Databases characterised by their database models, e.g. relational or object models
• G06F 16/901 - IndexingData structures thereforStorage structures

Abstract

Embodiments of this specification provide methods and apparatuses for performing data fragmentation on a knowledge graph. The method is used to split a knowledge graph into a plurality of pieces of data respectively included in a plurality of devices. First, initial splitting is performed on a plurality of edges in the knowledge graph. Any first device selects a diffusion node from end nodes of a first part of edges; obtains, as a to-be-fragmented edge, an edge that is in the knowledge graph and that uses the diffusion node as an end node on one side; and adds a target edge in the to-be-fragmented edge to first fragmented data of the first device. Then, the first device obtains a fragmented node in fragmented data of another device; adjusts the first diffusion velocity; and continues to select a diffusion node based on an adjusted first diffusion velocity, and cyclically performs the step.

IPC Classes  ?

• G06N 5/043 - Distributed expert systemsBlackboards

Abstract

This specification discloses model ownership verification methods and apparatuses, storage media, and electronic devices. The method includes: adding a specified feature to an original sample without adjusting an annotation of the original sample, to cause an annotation of an adjusted sample to be the same as the annotation of the original sample corresponding to the adjusted sample, and in a case that ownership of the model to be verified cannot be determined through the annotations, determining whether a sample for training a model to be verified comes from an edge node based on a gradient obtained by inputting the adjusted sample into the model to be verified and a gradient obtained by inputting the adjusted sample into a benign model trained through the original sample.

IPC Classes  ?

• G06N 20/00 - Machine learning

Abstract

Embodiments of the present description provide a model service providing method and apparatus capable of protecting data privacy, and relates to a client and a server, wherein the server deploys a prediction model, and the prediction model comprises a first hidden layer provided with an activation function. The method comprises: on the basis of a first shard of a function input of an activation function, n-1 demarcation values of n segmentation intervals, and a second shard correspondingly hold by a client, a server performs MPC size comparison calculation n-1 times, so as to obtain n first shards of n hit results of the function input for the n segmentation intervals; on the basis of total n+1 first shards respectively corresponding to the function input and the n hit results, n interval functions corresponding to the n segmentation intervals, and n+1 second shards correspondingly hold by the client, the server performs MPC to obtain a first shard of a function output of a segmentation function formed by the n interval functions, wherein the segmentation function is used for fitting the activation function, and at least one of the n interval functions is in a high-order polynomial form.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

Implementations of the present specification provide a computing task processing method and apparatus. In the computing task processing method, a first computing task can be obtained, and the first computing task includes a first operator execution logic graph used for task computing; operator reconstruction is performed on the first operator execution logic graph based on an operator dependency in the first operator execution logic graph and a data cache capacity for operator computing, to obtain a second operator execution logic graph; and a second computing task including the second operator execution logic graph is provided to a task execution apparatus for execution by the task execution apparatus.

IPC Classes  ?

• G06F 9/52 - Program synchronisationMutual exclusion, e.g. by means of semaphores
• G06N 3/08 - Learning methods

Abstract

The embodiments of the present specification relate to a method and apparatus for training a risk identification model. The method comprises: first, acquiring a first sample set having hard labels and a second sample set having no label, wherein any sample set comprises transaction samples, and each hard label indicates whether a transaction is a risk transaction; then, performing sample enhancement on the first sample set on the basis of an interpolation method, and using the enhanced first sample set to perform training, so as to obtain a first model; subsequently, inputting, into the first model, transaction samples in a complete sample set formed by the first sample set and the second sample set, so as to obtain soft labels concerning risk prediction; finally, inputting the transaction samples in the first sample set into a second model, and determining a first loss on the basis of the hard labels; inputting the transaction samples in the complete sample set into the second model, and determining a second loss on the basis of the soft labels; and training the second model on the basis of a total predicted loss determined by means of the first loss and the second loss, wherein the second model is used for predicting whether each transaction is a risky transaction.

IPC Classes  ?

• G06F 18/214 - Generating training patternsBootstrap methods, e.g. bagging or boosting

Abstract

The embodiments of the present description provide a code analysis method and apparatus. The code analysis method comprises: in the process of performing code analysis on a program code, firstly acquiring an analysis task of performing code analysis on the program code; then, on the basis of a code structure type corresponding to the analysis task, determining from a relational database a data table storing code structure data of the program code under the code structure type; next, performing code structure data reading and data structure relationship reading in the data table, so as to obtain the code structure data and a data structure relationship; and finally, analyzing and processing the code structure data and the data structure relationship according to a code analysis mode of the analysis task, so as to obtain a code analysis result.

IPC Classes  ?

• G06F 11/36 - Prevention of errors by analysis, debugging or testing of software

Abstract

A data query method is performed by a query engine, and includes: receiving a user query, wherein the user query includes an SQL query statement and a Gremlin graph query statement embedded into the SQL query statement, the Gremlin graph query statement indicates to perform matching on one or more types of graph elements in a target graph, and the one or more types of graph elements include at least one of a point type, an edge type, or a path type; parsing the user query, to determine an execution plan; and performing a data query based on the execution plan.

IPC Classes  ?

• G06F 16/2453 - Query optimisation
• G06F 16/2452 - Query translation

Abstract

The disclosure provides a method and an apparatus for updating a knowledge graph. In a process of providing knowledge graph-based data support for a current service, a knowledge graph is updated by combining online and offline manners. The knowledge graph is constructed offline by using full service data, and full entity linking and entity normalization are performed to initialize the knowledge graph. An incremental update condition is set to perform a plurality of rounds of incremental update. During one round of incremental update, real-time linking is performed based on service data generated in real time, to provide online knowledge graph update; and when the preset incremental update condition is met, incremental linking is performed based on service data newly added in a current incremental update period, to provide offline knowledge graph update and use an updated knowledge graph as an initial knowledge graph in a next round of incremental update.

IPC Classes  ?

• G06N 5/022 - Knowledge engineeringKnowledge acquisition

Abstract

Implementations of the present specification provide a method for managing a distributed database, a device, and a storage medium. The distributed database includes a plurality of storage nodes, the plurality of storage nodes are divided into a plurality of node groups, and each node group includes at least one storage node configured to store a data copy corresponding to the data. The method includes: receiving a data access request for the data stored in the distributed database; and determining, in response to the data access request, whether a target node group on which an online operation or maintenance task is being executed exists in the plurality of node groups; and allocating the data access request to storage nodes in node groups other than the target node group for execution in response to that the target node group exists in the plurality of node groups. Through the above manner, the distributed database can also provide an external data access service while the operation or maintenance task is executed on the distributed database.

IPC Classes  ?

• G06F 3/06 - Digital input from, or digital output to, record carriers

Abstract

Method, apparatus and computer-readable media are provided. During graph data partitioning, graph nodes in graph data are partitioned based on degrees of the graph nodes according to a computing load balancing allocation algorithm, such that the graph nodes are partitioned as primary graph nodes into graph data partitions. Subsequently, edge data of associated edges of the primary graph nodes are allocated to corresponding graph data partitions, where the associated edges include outgoing edges and/or incoming edges. Additionally, for an associated edge of a primary graph node, a replica of another graph node that corresponds to the primary graph node for the associated edges is constructed to be stored as a mirror graph node in the graph data partition corresponding to the primary graph node.

IPC Classes  ?

• G06F 16/27 - Replication, distribution or synchronisation of data between databases or within a distributed database systemDistributed database system architectures therefor
• G06F 16/901 - IndexingData structures thereforStorage structures

Abstract

A computer implemented method for graph data storage includes acquiring connection relationship information between any two nodes in a relationship network graph including a directed connecting edge between nodes. Based on the connection relationship information, a first mapping relationship between an identifier of each node and a node identifier of an outgoing edge-connected node of the node in a compressed sparse row format is stored. A second mapping relationship between the identifier of each node and a node identifier of an incoming edge-connected node of the node in a compressed sparse column format is stored. A set of attribute information in the relationship network graph is acquired, where the set of attribute information comprises several node attributes, several edge attributes, and/or several pieces of temporary information. Using column storage, storing each attribute value of a same attribute in the set of attribute information in continuous space.

IPC Classes  ?

• H03M 7/30 - CompressionExpansionSuppression of unnecessary data, e.g. redundancy reduction

Abstract

Computer-implemented methods, devices and storage media are described for allocating a memory of a database. The database includes a storage engine for data storage based on a log-structured merge (LSM) tree, and at least one database instance. The memory is configured to store data in a MemTable and an immutable MemTable respectively corresponding to the at least one database instance. An example method includes: determining a quantity of data stored in each database instance in the database in a historical period; predicting a memory needed by each database instance in a next period, where the memory needed by the database instance in the next period is positively correlated with the quantity of data stored in the database instance in the historical period; and allocating the memory for each database instance in the next period based on the predicted memory needed by the database instance in the next period.

IPC Classes  ?

• G06F 12/02 - Addressing or allocationRelocation
• G06F 16/22 - IndexingData structures thereforStorage structures

Abstract

Disclosed in the present description are a method and apparatus for training a text classification model, and a medium and an electronic device. The method comprises: determining a text sample, and determining a plurality of pre-trained teacher models; then, according to an ascending order of parameter counts of the teacher models, sequentially for each teacher model, inputting the text sample into the teacher model to determine a pseudo-labeling result, inputting the text sample into a student model to be trained to determine a classification result, and training said student model at least on the basis of the pseudo-labeling result obtained on the basis of the teacher model, and the classification result; and then, using the trained student model as a text classification model. By means of teachers guiding the training of a student model, the text representation capability and classification accuracy of a text classification model are improved.

IPC Classes  ?

• G06F 16/35 - ClusteringClassification

Abstract

A graphics processing unit (GPU) task is executed in a confidential compute architecture. GPU software in a non-secure world configures, based on task code and a cache description of a GPU task, a stub data structure including cache areas allocated based on the cache description and metadata indicating each cache area. In a realm segment in a memory, a root world root monitor configures a real data structure corresponding to the stub data structure, and stores to-be-processed confidential data. The root monitor updates a granule protection table (GPT) table so that based on an updated GPT table, a target segment storing the metadata and the task code is accessible to a GPU and has realm world permission for all other objects. The root monitor modifies a target mapping relationship so that the GPU executes the GPU task by using the target segment and the real data structure.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 9/50 - Allocation of resources, e.g. of the central processing unit [CPU]

Abstract

Disclosed in embodiments of the present description are an identity information processing method, apparatus and device, and a medium. The method may comprise: acquiring an information acquisition request sent by a first application server and used for acquiring identity information of a target user in a first application; on the basis of the information acquisition request, searching for first identity information of the target user in a second application, the first identity information being identity information determined by a second application server during use of the second application by the target user; and sending the first identity information to the first application server, so that the first application server generates second identity information of the target user in the first application on the basis of the first identity information.

IPC Classes  ?

• H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system

Abstract

The present invention relates to an authentication method and apparatus, and a readable storage medium and an electronic device. The authentication method is applied to a server, and a first aspect program is pre-injected at a first predefined pointcut of the server. The authentication method comprises: when a client accesses a server, receiving an access request which is sent by the client and is used for accessing the server, wherein the access request carries identity information of the client (S110); a first aspect program determining the identity of the client on the basis of the identity information of the client, determining an access permission of the client on the basis of the identity of the client, and then acquiring access data on the basis of the access permission of the client (S120); and sending the access data to the client (S130). In the authentication method and apparatus, and readable storage medium and electronic device in the present description, an authentication function is realized by means of aspect programs pre-injected at predefined pointcuts of a client and a server, so that the authentication function is decoupled from other functions of the server, thereby preventing the other functions from being interfered with, and privacy data leakage can be prevented by means of authentication.

IPC Classes  ?

• H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system

Abstract

Embodiments of the present description provide an anomaly detection model training method and device. The anomaly detection model training method comprises: after obtaining first institution description data for model training under a preset institution category, on the basis of the preset institution category and at least one of the data type and description type of the first institution description data, selecting an anomaly detection unit in an anomaly detection unit set, and on the basis of the anomaly detection unit, constructing a model to be trained; and on the basis of the first institution description data, performing model training on said model to obtain an anomaly detection model, so as to perform anomaly detection processing on second institution description data under the preset institution category by means of the anomaly detection model.

IPC Classes  ?

• G06F 18/24 - Classification techniques

Abstract

Disclosed in the present description are a model training method and apparatus, a service execution method and apparatus, and a storage medium and a device. A server can obtain a second feature extraction model by means of two-stage training, so as to adjust, by means of the second feature extraction model, a structured feature representation, which is output by a first feature extraction model, thereby reducing the difference between the structured feature representation, which is output by the first feature extraction model, and a text feature representation corresponding to text data required by a text generation model, and thus the accuracy of a result of service execution performed by means of the text generation model can be improved.

IPC Classes  ?

• G06F 18/213 - Feature extraction, e.g. by transforming the feature spaceSummarisationMappings, e.g. subspace methods
• G06F 18/214 - Generating training patternsBootstrap methods, e.g. bagging or boosting

Abstract

Disclosed in embodiments of the present application is a Bluetooth positioning method, comprising: binding at least one second device in a positioning APP of a first device; the second device broadcasts a Bluetooth signal; in response to the scanned Bluetooth signal, the first device performs positioning to obtain location information; the first device uploads the location information to a distributed storage center; and in response to a search operation of a user on the second device in the positioning APP, the positioning APP obtains the location information from the distributed storage center by means of an APP server, and uses the location information as the location information of the second device. The present method provides an open positioning solution, which is not limited to a specific terminal or APP, so that the Bluetooth positioning method can be applicable to more scenarios. The system and the device in the embodiments of the present application also have the described beneficial effect.

IPC Classes  ?

• H04W 4/02 - Services making use of location information

Abstract

Disclosed in the embodiments of the present description are an information self-verification method and system, and an electronic device and a medium. The information self-verification method comprises: acquiring user information; performing fraud risk detection on the user information to obtain a fraud risk degree corresponding to a user; on the basis of the fraud risk degree, extracting text information, image features and user behavior auxiliary information that correspond to the user information; and on the basis of a multi-modal large model, performing fusion processing on the text information, the image features and the user behavior auxiliary information to generate a self-verification result corresponding to the user. The embodiments of the present description improve the accuracy and effectiveness of a self-verification system.

IPC Classes  ?

• G06Q 40/03 - CreditLoansProcessing thereof
• G06V 10/80 - Fusion, i.e. combining data from various sources at the sensor level, preprocessing level, feature extraction level or classification level
• G06V 10/764 - Arrangements for image or video recognition or understanding using pattern recognition or machine learning using classification, e.g. of video objects
• G06V 30/10 - Character recognition
• G06Q 50/00 - Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism

Abstract

Disclosed in the embodiments of the present description are a video bitrate calculation method and system. The method comprises: acquiring a frame rate and a bitrate of a source video, and acquiring a frame rate of a target video; on the basis of the frame rate of the source video and the frame rate of the target video, obtaining a mapping frame rate of the target video by means of calculation; and on the basis of the mapping frame rate of the target video and the frame rate and bitrate of the source video, obtaining a first bitrate of the target video by means of calculation. The system comprises: a frame rate and bitrate acquisition module, which is used for acquiring a frame rate and a bitrate of a source video, and acquiring a frame rate of a target video; a mapping frame rate calculation module, which is used for obtaining, on the basis of the frame rate of the source video and the frame rate of the target video, a mapping frame rate of the target video by means of calculation; and a first bitrate calculation module, which is used for obtaining, on the basis of the mapping frame rate of the target video and the frame rate and bitrate of the source video, a first bitrate of the target video by means of calculation.

IPC Classes  ?

• H04N 19/146 - Data rate or code amount at the encoder output
• H04N 21/2662 - Controlling the complexity of the video stream, e.g. by scaling the resolution or bitrate of the video stream based on the client capabilities

Abstract

A computer-implemented method for distributed graph database replica expansion and performed by a second data storage data node to be expanded includes, in response to reception of graph data migration information, entering a data copy-only mode and initiating graph data migration from a first data storage node to obtain a data snapshot of a first graph data shard. Following graph data migration, entering a data storage service mode and sending a graph data shard deletion notification to the first data storage node to delete the first graph data shard. In the data storage service mode, performing data synchronization with a corresponding first graph data shard of a primary replica based on a data point in the data snapshot. The first data storage node deletes a migrated graph data shard in response to the graph data shard deletion notification.

IPC Classes  ?

• G06F 16/27 - Replication, distribution or synchronisation of data between databases or within a distributed database systemDistributed database system architectures therefor
• G06F 16/21 - Design, administration or maintenance of databases
• G06F 16/901 - IndexingData structures thereforStorage structures

Abstract

Implementations of the present specification provide a data writing, data recovery, and data reading method, and a corresponding secure disk apparatus. The data writing method includes following: User data blocks are first written into a write cache, and a plurality of user data blocks identified by LBAs are read from the write cache under a certain condition. For each user data block, an HBA is allocated to the user data block, authenticated encryption is performed on the user data block to generate an encrypted data block and authentication information, and first metadata corresponding to the user data block is generated, where the first metadata is organized in a form of a KV pair and includes the LBA, the HBA, and the authentication information. A plurality of write commands for the plurality of user data blocks are submitted to a host disk for the disk to store the encrypted data block based on the corresponding HBA. In addition, the first metadata corresponding to each user data block is further written into a first metadata table maintained by using an LSM tree. Then, a synchronization operation command is sent to the LSM tree and the host disk for the LSM tree and the host disk to complete data write persistence.

IPC Classes  ?

• G06F 21/78 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
• G06F 16/11 - File system administration, e.g. details of archiving or snapshots
• G06F 21/60 - Protecting data
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

Embodiments of this specification provide a user authentication information-based registration method and apparatus and a user authentication information-based query method and apparatus. The registration method includes: User equipment receives authentication information submitted by a first user in a process of registering with a server; obtains a public-private key pair by using a key generation algorithm and based on the random number r and a public parameter pp; performs a hash operation based on at least the password pwd, to obtain a user key value user_key; obtains a registration ciphertext Cregister by using an encryption algorithm and based on the public key pk and the user key value user_key; obtains, based on the private key sk and the registration ciphertext Cregister, a determining trapdoor tdregister that matches the registration ciphertext Cregister; and uploads the registration ciphertext Cregister and the determining trapdoor tdregister to the server.

IPC Classes  ?

• H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
• H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
• H04L 9/08 - Key distribution
• H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy

Abstract

One or more embodiments of the present description provide a risk control method and system based on differential privacy, an electronic device, and a storage medium. The risk control method comprises: generating or receiving a risk control strategy, and obtaining a credit limit of a user on the basis of the risk control strategy; receiving a query request of a risk control data demander, wherein the query request comprises a user identifier and a credit limit to be granted; generating a confusion value and an associated probability, and obtaining a confusion credit limit for the corresponding user on the basis of the query request, the credit limit, the confusion value, and the associated probability; and comparing the confusion credit limit with the credit limit to be granted, and generating a response to the query request on the basis of the comparison result. The risk control system comprises a strategy component, a query receiving component, a privacy protection component, and a response component.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

According to an example, each piece of first-type service data is modeled as a vertex in a graph; each piece of second-type service data is modeled as an edge in the graph; a structural feature value corresponding to each vertex is obtained based on a predetermined structural feature corresponding to the first-type service data; a structural feature value corresponding to each edge is obtained based on a predetermined structural feature corresponding to the second-type service data, where the structural feature is a feature commonly used in at least two application scenarios; and modeling is performed by using each vertex, the structural feature value of the vertex, each edge, and the structural feature value of the edge, to obtain a structural graph, where each vertex and each edge in the structural graph are mounted with corresponding structural feature values.

IPC Classes  ?

• G06N 5/022 - Knowledge engineeringKnowledge acquisition

Abstract

Embodiments of this specification provide a shard storage method and apparatus for a graph and a subgraph sampling method and apparatus for a graph. In a distributed storage process of a graph, local identifiers of a vertex and an edge are implicitly stored, and data is stored in an ordered manner, so that the local identifiers of the vertex and the edge can be implicitly calculated. A connecting edge is stored in a CSR format, to ensure that a first-order neighbor of a node is contiguously stored in a memory. In this way, there can be a higher data loading speed and lower memory occupation.

IPC Classes  ?

• G06N 3/04 - Architecture, e.g. interconnection topology

Abstract

A time series model training method, includes: obtaining a historical memory sequence collected by using a memory management module, wherein the historical memory sequence includes a plurality of memory use amounts arranged in a time sequence, each memory use amount is a maximum memory use amount in a corresponding time period, and the maximum memory use amount is obtained through collection for an off-heap memory of a Java virtual machine; and training a time series model based on the historical memory sequence, to obtain the trained time series model to forecast a memory use amount in a future time period.

IPC Classes  ?

• G06F 9/455 - EmulationInterpretationSoftware simulation, e.g. virtualisation or emulation of application or operating system execution engines

Abstract

In a pan-identity authentication method and system provided by the present description, after receiving a pan-identity authentication request corresponding to a target user, a computing device may determine at least one authentication question corresponding to a target pan-identity, and obtain an answer of the target user to the at least one authentication question, so as to authenticate whether the target user has the target pan-identity on the basis of the answer. The present description achieves effective pan-identity authentication in a question and answer mode, thereby improving the accuracy of authentication results. Furthermore, the target user can only publish content related to the pan-identity thereof that has passed the authentication, thereby improving the content publishing quality.

IPC Classes  ?

• G06F 21/31 - User authentication

Abstract

Embodiments of this specification provide a large language model-based knowledge mining method and apparatus. In the large language model-based knowledge mining method, structural knowledge for a source entity is obtained based on a predetermined entity graph; a candidate relation set is determined based on a target property of the source entity in the predetermined entity graph; a corresponding target relation set and inheritable knowledge are output by using a large language model and based on the structural knowledge, the candidate relation set, and additional knowledge for the source entity; a candidate entity word set corresponding to the provided relation is output by using the large language model and based on the source entity, the relation in the target relation set, and at least one of the structural knowledge, the additional knowledge, and the inheritable knowledge; and then an entity related to the source entity and a corresponding relation are obtained.

IPC Classes  ?

• G06N 5/022 - Knowledge engineeringKnowledge acquisition

Abstract

Disclosed in one or more embodiments of the present description are a biometric attack detection method and apparatus. The method comprises: acquiring a biometric video which is captured in a preset illumination mode and used for biometric attack detection, and extracting multiple lighting frames from the acquired biometric video and a non-lighting frame corresponding to each lighting frame; respectively calculating a video frame difference feature between each lighting frame and a corresponding non-lighting frame; performing feature fusion processing on multiple video frame difference features to obtain a fused video frame difference feature; and inputting the fused video frame difference feature into a pre-trained biometric attack detection model to obtain a biometric attack detection result, wherein the biometric attack detection model is a model obtained by training on the basis of a biometric image, a non-biometric image, and a preset loss function.

IPC Classes  ?

• G06V 40/40 - Spoof detection, e.g. liveness detection

Abstract

Embodiments of the present application provide a voice synthesis method and apparatus, a device, and a storage medium. The method comprises: inputting a text sequence of a speech to be synthesized into a phoneme prediction model to obtain a phoneme sequence corresponding to the text sequence; splitting the phoneme sequence into a multi-dimensional sequence, wherein the multi-dimensional sequence comprises a letter sequence and a tone sequence, the letter sequence consists of letter symbols in the phoneme sequence, and the tone sequence consists of tone symbols in the phoneme sequence; inputting the multi-dimensional sequence into an acoustic model to predict a speech feature corresponding to the phoneme sequence, wherein the acoustic model is used for predicting, on the basis of the multi-dimensional sequence, the speech feature corresponding to the phoneme sequence and is pre-trained on the basis of a multi-dimensional sequence obtained by splitting a phoneme sequence sample; and inputting the speech feature corresponding to the phoneme sequence into a vocoder to obtain a speech corresponding to the text sequence.

IPC Classes  ?

• G10L 13/10 - Prosody rules derived from textStress or intonation
• G10L 19/16 - Vocoder architecture

Abstract

Disclosed in the present description are an anti-theft detection method and apparatus for a model, and a storage medium and an electronic device. An anti-theft detection model comprises a cloner and a generator, wherein the cloner is used for cloning a pre-trained service model, and the generator is used for generating simulation service data to be input into the cloner. The method comprises: first, inputting noise into a generator, so as to obtain first simulation service data, and obtaining a first service result of the first simulation service data by means of a cloner; then, on the basis of the first service result and the first simulation service data, training the generator by taking as a training target an improvement in the error rate of the result output by the cloner; next, inputting the noise into the trained generator, so as to obtain second simulation service data, and obtaining a second service result of the second simulation service data and a label by means of the cloner and a service model; and finally, training the cloner on the basis of the second service result and the label, and detecting the anti-theft capability of the service model by using the number of iterations of the cloner during training.

IPC Classes  ?

• G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
• G06N 3/0475 - Generative networks
• G06N 3/0464 - Convolutional networks [CNN, ConvNet]
• G06N 3/09 - Supervised learning

Abstract

Disclosed in embodiments of the present application are a third-party payment method and system. In the method, a payment request generated by a third-party server contains user information parameters and is associated with current ordering user identity information; upon receiving the payment request, a payment platform writes payment user identity information into the user information parameters, so that the third-party server can verify the consistency of the payment user identity information and the ordering user identity information on the basis of the user information parameters; and the payment platform performs a payment operation only when the third-party server verifies that the payment user identity information is consistent with the ordering user identity information. On the basis of the mechanism, during third-party payment, potential attack risks can be automatically detected, potential external phishing attacks can be defended against, user fund loss can be avoided, and a personal data protection capability can be provided. The system of the embodiments of the present application also has the described beneficial effects.

IPC Classes  ?

• G06Q 20/38 - Payment protocolsDetails thereof
• G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists
• G06Q 20/06 - Private payment circuits, e.g. involving electronic currency used only among participants of a common payment scheme
• G06Q 20/08 - Payment architectures
• G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices

Abstract

Disclosed in the present description are a service execution method and apparatus, a storage medium and an electronic device, used for privacy protection. The method comprises determining a process number of a target process and determining a target injection point in the target process; on the basis of the process number and the target injection point, injecting a preset byte code program into the target injection point of the target process; and by means of the byte code program, acquiring original service data at the target injection point in the target process and calling a data security component to process the original service data to obtain processed service data, so as to continue to execute the remaining service corresponding to the process on the basis of the processed service data. According to the method, the data security component can be called by means of the byte code program to process the original service data at the target injection point in a service link, and then the process can continue to execute the service on the basis of the processed service data, such that compared with the prior art, the efficiency of adding a security processing policy in the service link is improved to a certain extent.

IPC Classes  ?

• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
• G06F 9/448 - Execution paradigms, e.g. implementations of programming paradigms

Abstract

A risk control method. The method comprises: determining each user to be subjected to risk control, and obtaining user data of said users; on the basis of specified attributes of the users to be subjected to risk control, grouping said users to obtain each user group, separately inputting user data corresponding to the user groups into a risk control model, and obtaining first features corresponding to the user groups; inputting the user data of the users to be subjected to risk control into the risk control model, and obtaining initial features corresponding to said users; on the basis of attribute intervals corresponding to the specified attributes, performing feature scaling on the initial features, and obtaining second features corresponding to the users to be subjected to risk control; fusing the obtained first features and second features to obtain fused features; inputting the fused features into the risk control model, and obtaining a risk control result outputted by the risk control model; and, on the basis of the risk control result, performing risk control on the users to be subjected to risk control.

IPC Classes  ?

• G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists
• G06F 18/24 - Classification techniques
• G06F 18/213 - Feature extraction, e.g. by transforming the feature spaceSummarisationMappings, e.g. subspace methods
• G06F 18/25 - Fusion techniques

Abstract

Disclosed in embodiments of the present application are a third-party authorized login method and system. In the method, during third-party authorized login for a fast application (APP), an engine APP identifies identity information of a target quick APP, and transmits the identity information to a mobile APP together with an authorization request; and subsequently, the mobile application further needs to collect identity information of the engine APP, and transmits the identity information of the engine APP and the identity information of the target quick APP to an application server for security detection. Thus, the mobile APP can ensure the legitimacy of the target quick APP interacting with the mobile APP, that is, it is ensured that an authorization credential of a user is transmitted to a legitimate third party, thereby ensuring execution of a third-party authorized login process in a secure execution environment. The system in the embodiments of the present application also has the beneficial effects.

IPC Classes  ?

• H04L 9/40 - Network security protocols

Abstract

A model training method and apparatus, a storage medium, and an electronic device. The method comprises acquiring sample data (S100); for a feature value of each dimension comprised in the sample data, determining, as the degree of association corresponding to the dimension, the degree of association between the feature value of the dimension and a deviation obtained by a target model for the sample data during pre-training, wherein the deviation is a deviation between an output result of the target model for the sample data during pre-training and an actual result corresponding to the sample data, and the greater the degree of association, the greater the degree of influence of the change in the feature value of the dimension on the output result of the target model (S102); on the basis of the degree of association corresponding to each dimension, adjusting feature values of at least some of dimensions comprised in the sample data to obtain supplementary sample data (S104); and training the target model by means of the supplementary sample data to obtain a trained target model, so as to execute a target service by means of the trained target model (S106).

IPC Classes  ?

• G06N 20/00 - Machine learning

Abstract

A computer-implemented method includes determination of n noised codes corresponding to n video frames of an original video. A text code corresponding to a description text guiding video editing is determined. Denoising processing, using n Unet models obtained by using the text code and copying a Unet model, is performed on the n noised codes, where a pre-trained text-to-image model includes the Unet model, which includes a self-attention layer connected after a target network layer, and where the denoising processing includes performing, in a self-attention layer of any ith Unet model, attention calculation based on an output of a target network layer of the ith Unet model and an output of a target network layer in a predetermined target Unet model. Decoding processing is separately performed on the n denoised codes by an image decoder to obtain n target images to form an edited target video.

IPC Classes  ?

• G06T 5/70 - DenoisingSmoothing
• G06T 5/50 - Image enhancement or restoration using two or more images, e.g. averaging or subtraction
• G06T 7/13 - Edge detection
• G06T 7/20 - Analysis of motion
• G06T 7/50 - Depth or shape recovery
• H04N 19/172 - Methods or arrangements for coding, decoding, compressing or decompressing digital video signals using adaptive coding characterised by the coding unit, i.e. the structural portion or semantic portion of the video signal being the object or the subject of the adaptive coding the unit being an image region, e.g. an object the region being a picture, frame or field

Abstract

This specification provides a meta learning method of a deep learning model and a meta learning system of a deep learning model, and relates to the field of deep learning technologies. The meta learning method of a deep learning model is applied to a cluster including N processing nodes, and the method includes: obtaining a training dataset, where the training dataset includes training samples corresponding to a plurality of tasks; and performing a plurality of times of iterative training on the deep learning model based on the training dataset in parallel by using the N processing nodes in the cluster, to obtain a meta learning parameter of the deep learning model, In each time of iterative training, each of the N processing nodes learns some parameters of the deep learning model by using some training samples in the training dataset, and the some training samples correspond to a same task.

IPC Classes  ?

• G06N 3/0985 - Hyperparameter optimisationMeta-learningLearning-to-learn
• G06N 3/084 - Backpropagation, e.g. using gradient descent

Abstract

A data processing method for an encrypted database is performed by a heterogeneous processing platform including a first computing unit implemented by a general processing unit and a second computing unit implemented by a dedicated acceleration unit. The method includes: obtaining, by the first computing unit, a ciphertext parameter and a database instruction from a user end device, where the database instruction instructs to perform a target operation on the encrypted database; converting the database instruction into a computing instruction to be executed by the second computing unit, and transmitting the computing instruction to the second computing unit; performing, by the second computing unit according to the computing instruction, a cryptographic operation corresponding to the target operation on ciphertext data in the encrypted database and the ciphertext parameter, to obtain a ciphertext result; and transmitting, by the second computing unit, the ciphertext result to the first computing unit.

IPC Classes  ?

• H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
• G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules

Abstract

Separately training a content understanding model and a content generation model with an image-text pair formed by an image and a text in a target training set. Sample processing is performed on a noise-containing sample set, including: inputting a first image in any first image-text pair in the noise-containing sample set into the content understanding model to obtain several candidate texts; separately inputting a first text in the first image-text pair and the several candidate texts into the content generation model to obtain multiple candidate images; performing similarity matching between the multiple candidate images and the first image to determine a target text; and continuing to train the content understanding model and the content generation model by forming a second image-text pair by using the first image and the target text and adding the second image-text pair to the target training set.

IPC Classes  ?

• G06V 10/774 - Generating sets of training patternsBootstrap methods, e.g. bagging or boosting
• G06V 10/72 - Data preparation, e.g. statistical preprocessing of image or video features
• G06V 10/74 - Image or video pattern matchingProximity measures in feature spaces

Abstract

Embodiments of this specification relate to a hypergraph data storage method and apparatus with a temporal characteristic and a hypergraph data query method and apparatus with a temporal characteristic. The storage method includes: obtaining raw edge data of a first hyperedge; storing first target data of the N nodes in a second storage table in a first file, and determining first storage location information of the N nodes in the second storage table; forming first hyperedge data based on the first number and the first storage location information, and storing the first hyperedge data in a first storage table in the first file; and storing the first file in a first file directory in a file system based on the first time, where the first file directory corresponds to a first time window, and the first time falls within the first time window.

IPC Classes  ?

• G06F 16/13 - File access structures, e.g. distributed indices
• G06F 16/14 - Details of searching files based on file metadata

Abstract

Embodiments of the present specification provide a data processing method and apparatus, a terminal, a computer-readable storage medium, and a computer program product. The method comprises: a feature checking system generating a probe factor on the basis of offline full features and a table association corresponding thereto; an online feature extraction system performing feature extraction on online incremental data on the basis of the probe factor, so as to obtain online incremental features; and the feature checking system performing feature matching between the offline full features and the online incremental features to obtain a matching result, determining an abnormal feature from the online incremental features on the basis of the matching result, and outputting alarm information regarding the abnormal feature.

IPC Classes  ?

• G06F 18/2433 - Single-class perspective, e.g. one-against-all classificationNovelty detectionOutlier detection

Abstract

Embodiments of this specification provide a method and an apparatus for generating a prompt based on a knowledge graph. In the method, a reasoning rule and an instance subgraph from the knowledge graph that match each other can be obtained in a plurality of manners. A question and answer template is constructed based on the reasoning rule. The question and answer template includes a question template and an answer template, and the answer template includes a cause template and a result template. A target text can be generated based on a combination of the question and answer template and the instance subgraph. The target text includes a question text and an answer text, and the answer text includes a cause text and a result text. The target text is used as a prompt to adjust a language model.

IPC Classes  ?

• G06N 5/04 - Inference or reasoning models
• G06N 5/02 - Knowledge representationSymbolic representation

Abstract

This specification discloses service processing methods, apparatuses, and storage media. In an implementation, a method comprises obtaining a data processing request from a client device deployed at an application layer in a terminal device, transmitting service data comprised in the data processing request to a system layer of the terminal device to determine, in the system layer, system data that match the service data, inputting the service data and the system data into a data processing model for performing data processing on the service data and the system data to obtain a data processing result, wherein the data processing model is pre-deployed in the system layer in the terminal device, and performing, by the client device, service processing based on data processing result obtained from the system layer.

IPC Classes  ?

• H04L 67/51 - Discovery or management thereof, e.g. service location protocol [SLP] or web services
• H04L 41/16 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence

Abstract

Disclosed in the present description are an encrypted data querying method and apparatus, a storage medium and an electronic device. The method is applied to a terminal, and comprises: acquiring a plurality of pieces of encrypted data comprising encrypted keys and encrypted values; sorting the plurality of pieces of encrypted data to obtain an encrypted data sequence; segmenting the encrypted data sequence to determine a plurality of segmentation sequences; for each segmentation sequence, determining an encrypted access address of the segmentation sequence and storing a correspondence; receiving a range of encrypted keys to be queried sent by other terminals; determining an encrypted access address range corresponding to the range of the encrypted keys to be queried; and obtaining a query result on the basis of the encrypted access address range and the correspondence, and returning the query result to the other terminals. According to the method, when encrypted data is queried, only encrypted data in the encrypted access address range needs to be queried, such that the resource waste caused by querying encrypted data on the basis of an encrypted access address is reduced, and the query efficiency is improved.

IPC Classes  ?

• G06F 16/903 - Querying

Abstract

Disclosed in the embodiments of the present description is a pairing method for a digital key, which method is applied to a client. The pairing method comprises: on the basis of a unique identifier of a target in-vehicle terminal, completing binding with the target in-vehicle terminal; in response to an activation operation of a user, on the basis of an initial physical address of the target in-vehicle terminal, establishing a communication connection with the target in-vehicle terminal; acquiring a digital certificate and a public key, which digital certificate is signed and issued by the target in-vehicle terminal, so as to obtain a digital key; synchronizing the public key and the digital certificate to a server, and acquiring a reset physical address issued by the server; and sending the reset physical address to the target in-vehicle terminal, and on the basis of the reset physical address, re-establishing a communication connection with the target in-vehicle terminal, so as to complete pairing between the digital key and the target in-vehicle terminal. Correspondingly, disclosed in the present invention are a pairing system for a digital key, and an electronic device.

IPC Classes  ?

• H04L 9/40 - Network security protocols

Abstract

Embodiments of this specification disclose payment methods, apparatuses, and devices based on near field communication, and media. The solution includes: sending, by a mobile terminal with a near field communication function, an electromagnetic signal used to trigger an NFC tag; obtaining tag information in the NFC tag in response to the electromagnetic signal, where the tag information includes payment link information; displaying, based on the payment link information, a payment page including user information of a first transaction party; obtaining payment information provided by a second transaction party based on the payment page; and sending a payment processing request including the payment information to a server, where the server is configured to complete payment based on the payment processing request.

IPC Classes  ?

• G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices
• G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists

Abstract

Disclosed in embodiments of the present description are a video generation method and apparatus. According to the video generation method, incremental learning training is performed on a neural radiance field model of a target scene by collecting a supplementary sample image, and view information is continuously supplemented to learn and optimize the representation ability for the target scene.

IPC Classes  ?

• H04N 21/81 - Monomedia components thereof

Abstract

Provided in the embodiments of the present description are a digital-avatar processing method and apparatus. The digital-avatar processing method comprises: with the aid of the user identifier of a user accessing a digital avatar by means of a target service, querying a digital-avatar identifier of the user on the target service; on this basis, on one hand, performing, for the digital-avatar identifier, a trigger detection of a cache condition of a static hotspot avatar set of the target service, and on the other hand, performing, for the digital-avatar identifier, a match detection of a dynamic cached avatar set of the target service; and in the case where either of the trigger detection and the match detection is passed, on the basis of a digital-avatar address corresponding to the digital-avatar identifier, acquiring first avatar information of a matched static hotspot avatar or second avatar information of a matched dynamic cached avatar, and performing digital-avatar rendering.

IPC Classes  ?

• G06F 21/33 - User authentication using certificates

Abstract

Embodiments of this specification provide a method and an apparatus for generating graph data to be applied to a benchmark test. A plurality of entity vertices and corresponding entity account vertices of the entity vertices are created by using a vertex generation framework, and an owning relationship is created between the entity vertices and the corresponding entity account vertices. A start point entity account vertex set and an endpoint entity account vertex set are determined based on the created entity account vertices by using a vertex block framework, where there is no overlapping entity account vertex between the start point entity account vertex set and the endpoint entity account vertex set. Then, an account association relationship between the entity account vertices is created based on the start point entity account vertex set and the endpoint entity account vertex set by using a vertex relationship generation framework.

IPC Classes  ?

• G06F 11/3668 - Testing of software

Abstract

The present specification discloses a service execution method and apparatus, a storage medium, and an electronic device. The service execution method comprises: a client sending to a server corresponding to the client an information acquisition request for a third-party server side, so that the server sends to the client pre-stored first verification information corresponding to the third-party server side, wherein the first verification information is generated by the server on the basis of a digital certificate of the third-party server side after a trust relationship has been established between a service party corresponding to the server and the third-party server side; sending to the third-party server side a verification request used to verify service compliance of the third-party server side, so that the third-party server side sends the digital certificate to the client; on the basis of the received digital certificate, generating second verification information corresponding to the third-party server side; and on the basis of the first verification information and the second verification information, performing service compliance verification on the third-party server side, and on the basis of the verification result, executing a target service.

IPC Classes  ?

• H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system

Abstract

Provided in the embodiments of the present description are a risk identification method and apparatus, and a device and a storage medium. The method comprises: on the basis of relationship data of first entities in a first entity set, constructing a first entity relationship graph corresponding to the first entity set; determining a sample risk entity set from the first entity set; on the basis of nodes and edge relationships therebetween in the first entity relationship graph, determining a set of connected paths between sample risk entities in the sample risk entity set; on the basis of nodes passed through by the set of connected paths and edge relationships thereof, generating a graph risk entity search policy; and using the graph risk entity search policy to determine a target risk entity set from a second entity relationship graph corresponding to a second entity set.

IPC Classes  ?

• G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists
• G06Q 40/00 - FinanceInsuranceTax strategiesProcessing of corporate or income taxes
• G06F 16/2458 - Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
• G06F 16/2455 - Query execution
• G06N 5/022 - Knowledge engineeringKnowledge acquisition

Abstract

Embodiments of the present description provide a credit-based transaction processing method and device. The credit-based transaction processing method comprises: on the basis of a credit payment channel selected by an institution member of an institution for a commodity order, querying a payment configuration of the credit payment channel configured by a merchant; determining a payment type of the institution member under the credit payment channel on the basis of the payment configuration and credit data; when a payment condition under the payment type is triggered, sending a payment request for the commodity order to a payment platform; and acquiring a settlement pending bill generated by the payment platform on the basis of a credit payment result, so that the institution settles the settlement pending bill by means of an institution account.

IPC Classes  ?

• G06Q 20/10 - Payment architectures specially adapted for electronic funds transfer [EFT] systemsPayment architectures specially adapted for home banking systems

Abstract

This specification discloses data query methods and apparatuses, storage media, and electronic devices. In an example method, a query statement input by a user is obtained, where the query statement is used to query data from a database. Based on the query statement, an execution plan corresponding to the query statement is generated. Based on the execution plan, each query operation involved in the execution plan and an execution order of query operations are; determined. A target operation from the query operations is determined based on the execution order of the query operations, where the target operation is an operation other than a last query operation to be executed among the query operations. When executing the execution plan, deduplication is performed on duplicate results included in query results obtained by executing the target operation. Based on deduplicated query results, query data corresponding to the query statement is obtained.

IPC Classes  ?

• G06F 16/2455 - Query execution
• G06F 40/211 - Syntactic parsing, e.g. based on context-free grammar [CFG] or unification grammars

Abstract

A receipt processing method for a transaction bill includes: obtaining at least one transaction bill, the at least one transaction bill being obtained after transaction processing is performed with a merchant based on a payment voucher of an institution; classifying the at least one transaction bill based on a merchant identifier if a receipt generation policy of the institution is a periodic generation policy, to obtain a bill subset corresponding to each merchant; sending a receipt application to a receipt service platform of each merchant, to perform receipt issuance for the bill subset; and receiving a receipt that is of each bill subset and that is returned by the receipt service platform, reading receipt additional information of the receipt, and associating the receipt additional information with the receipt.

IPC Classes  ?

• G06Q 40/12 - Accounting

Abstract

A service processing method includes: based on an access instruction of a user for a target service, generating a service code creation request including service access information and a user identity identifier and sending the service code creation request to a service platform; performing service code rendering based on service code information returned after the service platform performs service code creation, and sending a rendered service code corresponding to the access instruction to the user; performing payment processing based on a payment request submitted after a merchant terminal scans the service code, and reading invoice application information associated with a service code identifier included in the payment request after payment succeeds; and sending the invoice application information to the merchant terminal to perform invoice issuance.

IPC Classes  ?

• G06Q 20/32 - Payment architectures, schemes or protocols characterised by the use of specific devices using wireless devices

Abstract

Embodiments of this specification provide a credit-based transaction processing method and apparatus. The credit-based transaction processing method includes: querying, based on a credit payment channel selected by an institutional member of an institution for a commodity order, a payment configuration of the credit payment channel configured by a merchant; determining a payment type of the institutional member in the credit payment channel by using the payment configuration and credit data; sending a payment request for the commodity order to a payment platform if a payment condition in the payment type is triggered; and obtaining a to-be-settled bill generated by the payment platform based on a credit payment result, so that the institution settles the to-be-settled bill by using an institutional account.

IPC Classes  ?

• G06Q 20/24 - Credit schemes, i.e. "pay after"
• G06Q 30/04 - Billing or invoicing
• G06Q 40/02 - Banking, e.g. interest calculation or account maintenance

Abstract

This specification discloses methods, computer-readable media and apparatuses for service execution. In an example, each condition used to construct a rule and an evaluation indicator corresponding to each condition are displayed. Conditions selected by a user from candidate conditions are determined in response to a selection operation of the user. For each candidate condition, a temporary rule is determined based on the candidate condition and the conditions already selected by the user. A degree of reasonableness of each temporary rule is tested based on historical service data, and an evaluation indicator corresponding to each candidate condition is determined based on the degree of reasonableness of each temporary rule and displayed. A target rule is determined in response to a determining operation of the user. A service is executed based on the target rule and service data corresponding to an invocation instruction for invoking the target rule.

IPC Classes  ?

• G06Q 10/0635 - Risk analysis of enterprise or organisation activities

Abstract

Embodiments of this specification provide signature authentication methods and apparatuses. A service private key for signature authentication is embedded in a trusted execution environment (TEE) of a terminal device in which a client device is located. In an implementation, a method includes the following. The client device sends a signature authentication request to a server. The client device receives authentication data information sent from the server. The client device encrypts the authentication data information by using a key that is pre-synchronized with the TEE. The client device sends encrypted authentication data information to the TEE. The client device then receives the signature data sent from the TEE and sends the signature data to the server.

IPC Classes  ?

• H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
• H04L 9/08 - Key distribution

Abstract

This specification discloses methods, apparatuses, and storage media for security verification. In an implementation, a verification unit in an electronic device sends a verification instruction for a device to be verified to a channel management unit in the electronic device, configuration information of the device is obtained based on verification instruction by using the channel management unit, and the configuration information is sent to the verification unit. The verification unit verifies the received configuration information based on stored verification information. After verification succeeds, the electronic device starts. The configuration information of the device is sent by using the channel management unit to the verification unit for verification, so as to implement security verification in a start process of the electronic device, thereby ensuring information security.

IPC Classes  ?

• G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Abstract

This application relates to methods and apparatuses for mobile-terminal aspect-oriented security. In an implementation, a method includes: after aspect-oriented security on a mobile terminal is turned on with a service application program on a mobile terminal, determining whether the mobile terminal is at risk of being attacked. In response to determining that the mobile terminal is at risk: determining, based on a manner the mobile terminal is attacked, an attacked function in the service application program as an injection point and injecting an aspect program from the injection point by using an aspect base of the aspect-oriented security on the mobile terminal to execute an aspect-oriented security service by using the injected aspect program. Or in response to determining that the mobile terminal is not at risk, turning off the aspect-oriented security on the mobile terminal.

IPC Classes  ?

• G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
• G06F 21/55 - Detecting local intrusion or implementing counter-measures

Abstract

This application relates to methods, storage media, and apparatuses. A virtual machine is disposed on a mobile terminal and is configured to run aspect-oriented security on the mobile terminal. In an example method, after a service application program installed on the mobile terminal is started, the virtual machine determines whether the aspect-oriented security on the mobile terminal satisfies a secure running condition. If yes, the virtual machine acquires an encrypted aspect configuration, decrypts the encrypted aspect configuration, and injects an aspect program into the service application program based on the decrypted aspect configuration by using a predetermined aspect base to execute an aspect-oriented security service by using the aspect program. Otherwise, the virtual machine exits the service application program.

IPC Classes  ?

• G06F 21/54 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by adding security routines or objects to programs

Abstract

Disclosed in the embodiments of the present description are a method, apparatus and device for generating an artistic code image, and a medium. The scheme may comprise: acquiring a code image generation request that is generated on the basis of a trigger operation of a user; on the basis of the code image generation request, generating initial QR code image data; acquiring feature information corresponding to a promotion object; and using a generative artificial intelligence algorithm, and using the feature information to process the initial QR code image data, so as to obtain an artistic code image.

IPC Classes  ?

• G06T 11/00 - 2D [Two Dimensional] image generation

Abstract

A computer-implemented method for prototype chain pollution vulnerability protection is described. Whether a request interface receives a request is detected. If the request interface receives the request, an aspect proxy function pre-injected into the request interface is started. The aspect proxy function detects whether the request contains a prototype property, and, if the request contains the prototype property, the request is intercepted.

IPC Classes  ?

• G06F 21/55 - Detecting local intrusion or implementing counter-measures

Abstract

A computer-implemented method for applet platform key negotiation, includes receiving a first request sent by an applet application, wherein the first request is used to request to authorize a login to a first server used to provide a service to the applet application. A second request is sent to a second server and used to request to authorize a login to the first server, where the second server is used to provide a service to an applet platform. An authorization certificate and a session key that are sent by the second server are received, where the authorization certificate and the session key are determined by the second server based on the second request. The session key is stored. The authorization certificate is sent to the first server, where the authorization certificate is a certificate indicating that the second server authorizes the first server to request the session key.

IPC Classes  ?

• H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
• H04L 9/08 - Key distribution

Abstract

This specification discloses methods, apparatuses, and storage media for an offline identity verification. In an example, identity information to be verified of a user that is collected by a terminal device in an offline state is obtained. The identity information to be verified is signed to obtain signed identity information to be verified. The signed identity information to be verified is sent to a secure environment. Signature verification is performed on the signed identity information to be verified in the secure environment. The identity information to be verified is compared with standard identity information stored in the secure environment after signature verification on the signed identity information to be verified is passed, to obtain a first comparison result. Offline identity verification is performed on the user according to the first comparison result.

IPC Classes  ?

• G06Q 20/40 - Authorisation, e.g. identification of payer or payee, verification of customer or shop credentialsReview and approval of payers, e.g. check of credit lines or negative lists

Abstract

This specification provides methods, computer-readable media, and apparatuses for signature authentication. A server performs signature authentication on a terminal device. A service private key required for signature authentication is embedded in a trusted execution environment (TEE) of the terminal device. The TEE verifies a biological feature entered by a user, and after verification succeeds, the TEE completes a signature required by a signature authentication request. The server receives a signature authentication request sent by the terminal device, determines that the terminal device is a contaminated device, and in response, determines a dynamic signature parameter that needs to be used for the current signature authentication, re-authorizes the terminal device to enable verification permissions, notifies the terminal device to collect the dynamic signature parameter, receives a value of the dynamic signature parameter sent by the terminal device, and performs signature authentication based on the value of the dynamic signature parameter.

IPC Classes  ?

• H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
• H04L 9/08 - Key distribution

Abstract

Disclosed in embodiments of the present description are a method, apparatus and device for generating an artistic QR code, and a medium. The solution may comprise: acquiring target data for being carried in a QR code image; on the basis of the length of encoded data corresponding to the target data, determining a QR code template; according to a first number of mask patterns, processing an initial QR code image generated for the target data on the basis of the QR code template, to obtain a plurality of QR code images, the first number of mask patterns comprising a plurality of different mask patterns; respectively fusing the plurality of QR code images with an artistic image to be fitted, to obtain a plurality of artistic QR code images; using a preset usability evaluation rule to perform usability evaluation on the plurality of artistic QR code images to obtain evaluation scores corresponding to the artistic QR code images; and outputting the artistic QR code image having the highest evaluation score.

IPC Classes  ?

• G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light

Abstract

Disclosed in embodiments of the present description are a method, apparatus and device for generating an artistic QR code, and a medium. The solution can comprise: acquiring a first area image, corresponding to a padding area in a QR code template, in an artistic image to be fused, wherein the padding area is an area, used for placing padding bit characters in an encoded data stream, in the QR code template; on the basis of a binarized sequence value corresponding to the first area image, generating a padding data sequence in a padding bit area in the encoded data stream corresponding to the QR code template; generating an initial QR code image on the basis of the padding data sequence; and fusing the initial QR code image with a second area image of said artistic image to generate an artistic QR code image, wherein the second area image is an image other than the first area image in said artistic image.

IPC Classes  ?

• G06K 7/14 - Methods or arrangements for sensing record carriers by electromagnetic radiation, e.g. optical sensingMethods or arrangements for sensing record carriers by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light

Abstract

This specification provides an LSM tree-based data storage method and a related device, applied to an LSM tree-based data storage system. The method includes: determining whether the first storage layer meets a merge condition for merging with the second storage layer, and if yes, selecting a to-be-merged target file from the at least one first file stored at the first storage layer, where the target file includes data corresponding to a target type; and searching the plurality of second sub-files for a target sub-file that includes data corresponding to the target type, and merging the target file and the target sub-file.

IPC Classes  ?

• G06F 3/06 - Digital input from, or digital output to, record carriers
• G06F 16/22 - IndexingData structures thereforStorage structures

Abstract

An application switching method includes: obtaining a first touch operation performed by a user on a content display page of a first application; determining whether the first touch operation satisfies a predetermined operation condition; displaying a navigation page in at least a partial area on the content display page if the predetermined operation condition is satisfied, where the navigation page includes at least a first entry icon of an applet of the first application; obtaining a second touch operation performed by the user to select the first entry icon on the navigation page; and switching, based on the second touch operation, to an applet page corresponding to the first entry icon selected by the user.

IPC Classes  ?

• G06F 3/0483 - Interaction with page-structured environments, e.g. book metaphor
• G06F 3/0484 - Interaction techniques based on graphical user interfaces [GUI] for the control of specific functions or operations, e.g. selecting or manipulating an object, an image or a displayed text element, setting a parameter value or selecting a range
• G06F 9/451 - Execution arrangements for user interfaces

Abstract

This specification discloses data transmission methods and apparatuses, storage media, and electronic devices. An example method includes in response to receiving a connection request from a client device, determining, by a server, whether the connection request comprises session state information. The session state information comprises parameters and a session identifier, where data transmission between the server and the client device is performed through a session based on the parameters. In response to determining that the connection request comprises the session state information, the server resumes the session based on the session state information, and performs data transmission with the client device through the resumed session. In response to determining that the connection request is absent of the session state information, the server creates a session between the server and the client device, and sends session state information corresponding to the created session to the client device.

IPC Classes  ?

• H04L 9/40 - Network security protocols
• H04L 9/08 - Key distribution

Abstract

Provided in the embodiments of the present description are an order settlement processing method and apparatus. The order settlement processing method comprises: on the basis of institution member information carried in a settlement request for a transaction order, which settlement request is submitted by a merchant, determining a target institution to which an institution member belongs; on the basis of an amount to be settled of the transaction order and available balances of a plurality of fund channels of the target institution, performing settlement detection on the plurality of fund channels; on the basis of settlement detection results, determining a fund channel combination from the plurality of fund channels for performing combined settlement on said amount; and sending a corresponding calling request to each fund channel in the fund channel combination, so as to perform settlement processing on said amount by means of each fund channel.

IPC Classes  ?

• G06Q 20/12 - Payment architectures specially adapted for electronic shopping systems

Abstract

An interaction processing method includes: receiving a dynamic image of a gesture move of a user; performing gesture recognition on the dynamic image to obtain gesture recognition result image data of the dynamic image; performing object detection based on the image data, to determine a hand shape change and a gesture motion trajectory of the user; determining, based on the hand shape change and the gesture motion trajectory, a corresponding gesture and an instruction mapped to the gesture; and executing the instruction.

IPC Classes  ?

• G06V 40/20 - Movements or behaviour, e.g. gesture recognition
• G06T 7/20 - Analysis of motion
• G06T 7/50 - Depth or shape recovery
• G06V 20/70 - Labelling scene content, e.g. deriving syntactic or semantic representations
• G06V 40/12 - Fingerprints or palmprints

Abstract

Implementations of the present specification disclose a graph structure data processing method and a storage engine and device for graph structure data. The method can be implemented by using the storage engine for graph structure data, and includes: receiving a storage request for first data of a target graph, the storage request including a graph identifier of the target graph and the first data; obtaining historical data of the target graph corresponding to the graph identifier from a storage component based on the graph identifier, determining target data that corresponds to a change of the first data of the target graph relative to the historical data, and generating version information corresponding to the target data, the target data including data of a node in the first data of the target graph and/or data of an edge in the first data of the target graph; and mapping a node and/or an edge associated with the target data in the target graph, and storing the target data in the storage component with reference to the version information.

IPC Classes  ?

• G06F 16/332 - Query formulation
• G06F 16/23 - Updating

Abstract

A client application in a rich execution environment sends a registration instruction of a secure memory to a trusted application in a trusted execution environment, where the registration instruction carries a memory address. Based on the registration instruction, a trusted application calls a registration interface of an operating system in a trusted execution environment, and sends a registration request of the secure memory to a processor trusted framework unit, so that the processor trusted framework unit updates, based on the registration request, an attribute of memory space corresponding to the memory address to a secure attribute.

IPC Classes  ?

• G06F 21/78 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
• G06F 12/02 - Addressing or allocationRelocation

Abstract

Embodiments of this specification provide an FHE chip and a computing device. The FHE chip includes a MIN and n PEs, and n is an integer greater than 1. The n PEs are configured to execute n operation tasks that belong to a ciphertext operation in parallel in a process of performing the ciphertext operation on target ciphertext by the FHE chip, where the target ciphertext is obtained by processing raw data based on an FHE algorithm. The MIN is configured to support a first PE in transmitting switching data to a second PE, where the switching data belongs to an operation result generated by the first PE by executing the operation task, and the first PE and the second PE belong to the n PEs.

IPC Classes  ?

• H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols

Abstract

This application relates to methods, readable storage media and apparatuses for federated learning. In an example, a first aspect program is injected at a gradient sending function of a federated learning device by using a pre-deployed aspect framework. A to-be-trained model is trained based on local training data to obtain a plaintext gradient of the to-be-trained model. The plaintext gradient is sent to a federated learning server by using the gradient sending function. The plaintext gradient is intercepted and encrypted by using the first aspect program to obtain a ciphertext gradient. The ciphertext gradient is sent to the federated learning server by using the first aspect program, so that the federated learning server decrypts received ciphertext gradients sent by federated learning devices, and updates parameters of the to-be-trained model based on the plaintext gradients obtained after the decryption.

IPC Classes  ?

• H04L 9/40 - Network security protocols
• G06N 20/00 - Machine learning

Abstract

A computer-implemented method for addressing testing includes, applying to addressing middleware in a test cloud architecture, creating virtual middleware in response to a received creation request for the virtual middleware. In response to a configuration request for the virtual middleware, at least one actual address is selected from actual addresses of nodes as an address of the virtual middleware, and a channel is established from the virtual middleware to a user according to the address of the virtual middleware. When the addressing middleware is in test, a test case containing an addressing request used to address the virtual middleware is run. Based on attribute information of a user who sends the addressing request and the channel, an address of the virtual middleware is determined as a test address and compared with a pre-determined standard address as a test result of the addressing middleware.

IPC Classes  ?

• H04L 61/5046 - Resolving address allocation conflictsTesting of addresses

Abstract

Provided in the embodiments of the present description are a method and apparatus for evaluating a large code model. The method comprises: on the basis of a test problem for code generation, determining prompt information, inputting the prompt information into a large code model, so as to obtain output information of the large code model, and extracting code text from the output information; separating an execution code and a code annotation from the code text, compiling the execution code, and determining a compilation pass rate on the basis of whether the compilation is passed, and if the compilation is passed, executing a corresponding test case for the execution code, and determining an overall pass rate on the basis of whether the test case is passed; determining a semantic similarity on the basis of the code annotation and a reference annotation corresponding to the code annotation; and determining a comprehensive score on the basis of the compilation pass rate, the overall pass rate and the semantic similarity.

IPC Classes  ?

• G06F 11/36 - Prevention of errors by analysis, debugging or testing of software

Abstract

A computer-implemented method includes determining a quantity of reserved resources that need to be reserved in one node. Nodes in which quantities of current remaining resources are less than a quantity of reserved resources are determined. For each determined node, calculating a total quantity of resources occupied by allocated service requests in the node and determining whether the node is capable of satisfying the quantity of reserved resources. If yes, marking the node as a migratable node. One migrating node is selected from migratable nodes and corresponding M allocated service requests are migrated to at least one other node. Resources occupied by the M allocated service requests are released, where M satisfies a condition that after the resources occupied by the M allocated service requests are released, a quantity of remaining resources in the migrating node is not less than the quantity of reserved resources.

IPC Classes  ?

• G06F 9/48 - Program initiatingProgram switching, e.g. by interrupt

Abstract

A computer-implemented method for graph data query includes receiving a query request for graph data. A search start node in the graph data is determined. Starting from the search start node and along an edge in the graph data, the graph data is searched for a target node that meets the query request. Based on query data that needs to be returned in response to the query request, whether the target node needs to be materialized is determined. If the target node does not need to be materialized, corresponding query data is returned as returning corresponding query data.

IPC Classes  ?

• G06F 16/2457 - Query processing with adaptation to user needs
• G06F 16/248 - Presentation of query results
• G06F 16/28 - Databases characterised by their database models, e.g. relational or object models

Abstract

Disclosed are a security environment verification method and apparatus, a storage medium, and an electronic device. The method is applied to a trusted execution environment (TEE), a device where the TEE is located is provided with a physical peripheral, the physical peripheral is used for protecting the device, and the physical peripheral comprises anti-theft hardware. A random number generated when a specified moment reaches is sent to the anti-theft hardware, so as to receive a signature result returned by the anti-theft hardware; a public key bound with the TEE is used to perform signature verification on the signature result; if the signature verification is passed, it is determined that the physical peripheral is normal, and if the signature verification is not passed, it is determined that the physical peripheral is abnormal; and the verification result is sent to a user. According to the method, the TEE communicates with the anti-theft hardware, and the verification result obtained by the TEE by using the anti-theft hardware is sent to the user, so that the user knows whether there is a physical peripheral for the TEE and whether the physical peripheral operates normally.

IPC Classes  ?

• H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system

Abstract

This specification relates to storage methods, systems, and apparatuses for graph data. The graph data includes a node and an edge. The storage method includes: storing, in a point table of a data block, node information of several nodes in the graph data, where the node information includes a node identifier; storing edge information of edges of the several nodes in an edge table of the data block, where the edge information includes node identifiers of target nodes connected to the edges; storing attribute information of the several nodes in a point attribute table of the data block; and storing attribute information of the edges of the several nodes in an edge attribute table of the data block.

IPC Classes  ?

• G06F 16/901 - IndexingData structures thereforStorage structures

Abstract

This specification provides a key management method and a related device, which are applied to security hardware. The method includes: preventing, in response to a start instruction for the electronic device, the CPU from being started, and encrypting a second key corresponding to the security hardware by using the stored first key; sending an encrypted second key to the storage medium, so that the storage medium decrypts the encrypted second key by using the first key, and stores a decrypted second key, where the second key is stored in volatile storage space of the storage medium, and the second key is used to encrypt data when the data is written into the storage medium, and decrypt data when the data is read; and controlling, in response to that the storage medium successfully stores the second key, the CPU to be started.

IPC Classes  ?

• H04L 9/08 - Key distribution
• H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms

Abstract

A method comprises: determining a container directory entry in a container virtual file system corresponding to a container, where the container virtual file system is configured to manage at least one file corresponding to the container, and has a container directory entry that reflects a hierarchical relationship between the at least one file; and tagging the container directory entry in the container virtual file system as a first control level, to make a distinction from a control level of a directory entry that is different from that in the container virtual file system and that is in a host virtual file system of a processing device, where the host virtual file system is configured to manage files in the processing device, and has a directory entry that reflects a hierarchical relationship between the files in the processing device.

IPC Classes  ?

• G06F 16/11 - File system administration, e.g. details of archiving or snapshots

Abstract

Provided is a secure deep link-based implementation system for a tripartite identity-verification protocol, the implementation system comprising a service requester and a service provider. The service requester sends an identity verification request, receives an application credential token by means of a secure deep link, and sends an identity verification request containing the application credential token. The corresponding service provider receives the identity verification request and determines whether the identity verification request includes the application credential token. If the token is not included, the service provider acquires the pre-registered secure deep link of the service requester on the basis of a first identity verification request, generates the application credential token on the basis of the first identity verification request, and returns the application credential token by means of the secure deep link. If the token is included, the service provider verifies the application credential token; and if the verification is successful, the service provider executes identity verification; otherwise, the service provider rejects executing face-based identity verification. A corresponding implementation method is provided. The implementation system for a tripartite identity-verification protocol can assist the service provider for identity verification in acquiring information of an external service requester, without relying on a system interface.

IPC Classes  ?

• H04W 12/065 - Continuous authentication

Abstract

Disclosed in the present description are a service processing method and apparatus, a storage medium and an electronic device. The service processing method comprises: a target terminal device sending a service request to a server, so that the server encrypts target data by means of a pre-stored public key, and sends encrypted data to the target terminal device and at least some of terminal devices having a service binding relationship with the target terminal device, wherein the public key is generated by private keys which are issued by the server to each terminal device; after acquiring the encrypted data, decrypting the encrypted data by means of locally stored private keys, so as to obtain decrypted data fragments, and receiving the decrypted data fragments sent by the at least some of terminal devices; determining whether the number of acquired different decrypted data fragments is less than a preset number threshold value; and if not, determining the target data on the basis of each acquired decrypted data fragment, and performing service processing on the basis of the target data.

IPC Classes  ?

• H04L 9/08 - Key distribution
• G06F 21/60 - Protecting data