Patents by Inventor Qunshan HUANG
Qunshan HUANG has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240362243Abstract: This specification provides a multi-party database including a central node and a plurality of databases. The central node has a disclosed first interface. Each of a plurality of query engines corresponding to the plurality of databases includes a second interface configured to interact with the first interface. The central node can determine a plurality of target databases related to a query request from the plurality of databases based on the query request; and send a query indication to a plurality of target query engines corresponding to the plurality of target databases through the first interface. The plurality of target query engines can receive the query indication from second interfaces in the plurality of target query engines, and execute the query indication to obtain a query result; and send the query result to the first interface in the central node through the second interfaces.Type: ApplicationFiled: July 7, 2022Publication date: October 31, 2024Inventors: Qunshan HUANG, Shunde CAO, Yang YANG, Jun QI, Lei WANG, Benyu ZHANG, Pu DUAN, Jian DU, Qingkai MAO, Yang ZHAO, Kefeng YU
-
Publication number: 20240135024Abstract: Methods, systems, and apparatuses, including computer programs encoded on computer storage media, for data communication with differentially private intersection dataset. On example method includes: determining a plurality of bias parameters based on a parameter for establishing a differential privacy (DP) data protection; determining an intersection dataset based on client data from a client device and server data from the server device; updating the intersection dataset based on the client data and the plurality of bias parameters; and returning the updated intersection data having the DP data protection to the client device.Type: ApplicationFiled: December 20, 2023Publication date: April 25, 2024Inventors: Jian DU, Pu DUAN, Benyu ZHANG, Yang YANG, Qunshan HUANG
-
Publication number: 20240054129Abstract: Implementations of this specification provide query optimization methods, apparatuses, and systems for secure multi-party databases. In an implementation, a method includes: receiving a current query associated with a plurality of target database of a multi-party database system, generating a plurality of execution plans for the current query, determining, for each execution plan, a respective cost computation formula of a plurality of cost computation values for computing an execution cost of jointly executing the execution plan by the plurality of target databases, receiving a secure computation result from each of a plurality of query engines corresponding to the plurality of target databases, and determining an optimal execution plan having a lowest cost value in the plurality of cost computation formulas based on the secure computation result.Type: ApplicationFiled: October 23, 2023Publication date: February 15, 2024Applicant: Alipay (Hangzhou) Information Technology Co., Ltd.Inventors: Yang YANG, Qunshan Huang, Jun Qi, Shunde Cao, Pu Duan, Jian Du, Qingkai Mao, Yang Zhao, Kefeng Yu, Lei Wang, Benyu Zhang
-
Publication number: 20240045985Abstract: This specification provides example data query methods, apparatuses, and systems for a multi-party secure database. In an example computer-implemented method, a central node receives a data query request from a data requester, where the data query request relates to one or more pieces of target data stored at one or more data providers. The central node determines whether the data query request satisfies respective security requirements of the one or more pieces of target data. In response to determining that the data query request satisfies respective security requirements of the one or more pieces of target data, the central node processes the one or more pieces of target data to obtain result data; and sends the result data to the data requester. The central node can restrict query of the target data by the data requester based on the security requirement of the target data stored at the data provider.Type: ApplicationFiled: October 23, 2023Publication date: February 8, 2024Applicant: Alipay (Hangzhou) Information Technology Co., Ltd.Inventors: Yang YANG, Qunshan Huang, Jun Qi, Shunde Cao, Pu Duan, Jian Du, Qingkai Mao, Yang Zhao, Kefeng Yu, Lei Wang, Benyu Zhang
-
Patent number: 11792190Abstract: The implementations provide a method and an apparatus for establishing a trusted cluster. The method is used to form a trusted computing cluster by using N trusted computing units, the method including: grouping the N trusted computing units into a plurality of groups; identifying a first trusted computing unit in each group, and causing first trusted computing units in the plurality of groups to each respectively perform inter-unit trust authentication with other trusted computing units in a same group in parallel; performing inter-group trust authentication between/among the plurality of groups in parallel to obtain the N trusted computing units on which trust authentication succeeds; and propagating secret information in the N trusted computing units on which trust authentication succeeds, so that the N trusted computing units obtain the same secret information to form the trusted computing cluster.Type: GrantFiled: November 16, 2021Date of Patent: October 17, 2023Assignee: Advanced New Technologies Co., Ltd.Inventors: Qunshan Huang, Xingyu Chen, Ling Xie, Lei Wang
-
Patent number: 11728978Abstract: Some embodiments of the present specification provide a method and an apparatus for establishing a trusted channel between a user and a trusted computing cluster. According to the method, when a user wants to establish a trusted channel with a trusted computing cluster, the user only negotiates a session key with any first trusted computing unit in the cluster to establish the trusted channel. Then, the first trusted computing unit encrypts the session key using a cluster key common to the trusted computing cluster to which the first trusted computing unit belongs, and sends the encrypted session key to a cluster manager. The cluster manager transmits the encrypted session key in the trusted computing cluster, so that other trusted computing units in the cluster obtain the session key and join the trusted channel. Thus, the user establishes a trusted channel with the entire trusted computing cluster.Type: GrantFiled: August 12, 2021Date of Patent: August 15, 2023Assignee: Advanced New Technologies Co., Ltd.Inventors: Aihui Zhou, Qunshan Huang, Chaofan Yu, Weiwen Cai, Lei Wang
-
Publication number: 20220078187Abstract: The implementations provide a method and an apparatus for establishing a trusted cluster. The method is used to form a trusted computing cluster by using N trusted computing units, the method including: grouping the N trusted computing units into a plurality of groups; identifying a first trusted computing unit in each group, and causing first trusted computing units in the plurality of groups to each respectively perform inter-unit trust authentication with other trusted computing units in a same group in parallel; performing inter-group trust authentication between/among the plurality of groups in parallel to obtain the N trusted computing units on which trust authentication succeeds; and propagating secret information in the N trusted computing units on which trust authentication succeeds, so that the N trusted computing units obtain the same secret information to form the trusted computing cluster.Type: ApplicationFiled: November 16, 2021Publication date: March 10, 2022Inventors: Qunshan HUANG, Xingyu CHEN, Ling XIE, Lei WANG
-
Publication number: 20220021520Abstract: Some embodiments of the present specification provide a method and an apparatus for establishing a trusted channel between a user and a trusted computing cluster. According to the method, when a user wants to establish a trusted channel with a trusted computing cluster, the user only negotiates a session key with any first trusted computing unit in the cluster to establish the trusted channel. Then, the first trusted computing unit encrypts the session key using a cluster key common to the trusted computing cluster to which the first trusted computing unit belongs, and sends the encrypted session key to a cluster manager. The cluster manager transmits the encrypted session key in the trusted computing cluster, so that other trusted computing units in the cluster obtain the session key and join the trusted channel. Thus, the user establishes a trusted channel with the entire trusted computing cluster.Type: ApplicationFiled: August 12, 2021Publication date: January 20, 2022Inventors: Aihui ZHOU, Qunshan HUANG, Chaofan YU, Weiwen CAI, Lei WANG
-
Patent number: 11196741Abstract: The implementations provide a method and an apparatus for establishing a trusted cluster. The method is used to form a trusted computing cluster by using N trusted computing units, the method including: grouping the N trusted computing units into a plurality of groups; identifying a first trusted computing unit in each group, and causing first trusted computing units in the plurality of groups to each respectively perform inter-unit trust authentication with other trusted computing units in a same group in parallel; performing inter-group trust authentication between/among the plurality of groups in parallel to obtain the N trusted computing units on which trust authentication succeeds; and propagating secret information in the N trusted computing units on which trust authentication succeeds, so that the N trusted computing units obtain the same secret information to form the trusted computing cluster.Type: GrantFiled: January 28, 2021Date of Patent: December 7, 2021Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.Inventors: Qunshan Huang, Xingyu Chen, Ling Xie, Lei Wang
-
Patent number: 11121865Abstract: Some embodiments of the present specification provide a method and an apparatus for establishing a trusted channel between a user and a trusted computing cluster. According to the method, when a user wants to establish a trusted channel with a trusted computing cluster, the user only negotiates a session key with any first trusted computing unit in the cluster to establish the trusted channel. Then, the first trusted computing unit encrypts the session key using a cluster key common to the trusted computing cluster to which the first trusted computing unit belongs, and sends the encrypted session key to a cluster manager. The cluster manager transmits the encrypted session key in the trusted computing cluster, so that other trusted computing units in the cluster obtain the session key and join the trusted channel. Thus, the user establishes a trusted channel with the entire trusted computing cluster.Type: GrantFiled: January 26, 2021Date of Patent: September 14, 2021Assignee: Advanced New Technologies Co., Ltd.Inventors: Aihui Zhou, Qunshan Huang, Chaofan Yu, Weiwen Cai, Lei Wang
-
Publication number: 20210184838Abstract: Some embodiments of the present specification provide a method and an apparatus for establishing a trusted channel between a user and a trusted computing cluster. According to the method, when a user wants to establish a trusted channel with a trusted computing cluster, the user only negotiates a session key with any first trusted computing unit in the cluster to establish the trusted channel. Then, the first trusted computing unit encrypts the session key using a cluster key common to the trusted computing cluster to which the first trusted computing unit belongs, and sends the encrypted session key to a cluster manager. The cluster manager transmits the encrypted session key in the trusted computing cluster, so that other trusted computing units in the cluster obtain the session key and join the trusted channel. Thus, the user establishes a trusted channel with the entire trusted computing cluster.Type: ApplicationFiled: January 26, 2021Publication date: June 17, 2021Inventors: Aihui ZHOU, Qunshan HUANG, Chaofan YU, Weiwen CAI, Lei WANG
-
Publication number: 20210185038Abstract: The implementations provide a method and an apparatus for establishing a trusted cluster. The method is used to form a trusted computing cluster by using N trusted computing units, the method including: grouping the N trusted computing units into a plurality of groups; identifying a first trusted computing unit in each group, and causing first trusted computing units in the plurality of groups to each respectively perform inter-unit trust authentication with other trusted computing units in a same group in parallel; performing inter-group trust authentication between/among the plurality of groups in parallel to obtain the N trusted computing units on which trust authentication succeeds; and propagating secret information in the N trusted computing units on which trust authentication succeeds, so that the N trusted computing units obtain the same secret information to form the trusted computing cluster.Type: ApplicationFiled: January 28, 2021Publication date: June 17, 2021Inventors: Qunshan HUANG, Xingyu CHEN, Ling XIE, Lei WANG
-
Patent number: 11038673Abstract: Implementations of the present specification provide a data processing method and apparatus. A method performed by a data provider includes: obtaining first encrypted data of first plaintext data, a first key used to decrypt the first encrypted data, and authorization information about the first plaintext data; sending a verification request to a data manager, the data manager including a first trusted execution environment; receiving authentication information from the data manager, and performing verification based on the authentication information; when the verification succeeds, securely transmitting the first key and the authorization information to the first trusted execution environment; and providing the first encrypted data to the data manager.Type: GrantFiled: January 27, 2021Date of Patent: June 15, 2021Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.Inventors: Chaofan Yu, Qunshan Huang, Lei Wang
-
Publication number: 20210152343Abstract: Implementations of the present specification provide a data processing method and apparatus. A method performed by a data provider includes: obtaining first encrypted data of first plaintext data, a first key used to decrypt the first encrypted data, and authorization information about the first plaintext data; sending a verification request to a data manager, the data manager including a first trusted execution environment; receiving authentication information from the data manager, and performing verification based on the authentication information; when the verification succeeds, securely transmitting the first key and the authorization information to the first trusted execution environment; and providing the first encrypted data to the data manager.Type: ApplicationFiled: January 27, 2021Publication date: May 20, 2021Inventors: Chaofan YU, Qunshan HUANG, Lei WANG