CN109740370A - Data access method and its device, electronic equipment, computer-readable medium - Google Patents
Data access method and its device, electronic equipment, computer-readable medium Download PDFInfo
- Publication number
- CN109740370A CN109740370A CN201811519271.2A CN201811519271A CN109740370A CN 109740370 A CN109740370 A CN 109740370A CN 201811519271 A CN201811519271 A CN 201811519271A CN 109740370 A CN109740370 A CN 109740370A
- Authority
- CN
- China
- Prior art keywords
- private data
- data access
- access request
- block
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
This application discloses a kind of data access method and its device, electronic equipment, computer-readable mediums, data access method includes: the private data access request for obtaining and initiating, and judges whether the object of the private data access request has legal private data access authority;If the object of the private data access request has legal private data access authority, the private data of cochain storage is opened and is accessed to the object.Access of the embodiment of the present application by public chain to private data avoids network security problem caused by the directly user terminal of access private data.
Description
Technical field
This application involves internet areas, and in particular to Internet technical field more particularly to a kind of data access method
And its device, electronic equipment, computer-readable medium.
Background technique
Nowadays, big data cloud storage popularity is higher and higher, and undoubtedly the privacy of its information also has and is compromised
Risk, thus caused problem of data safety is to cannot be neglected.
Data are often stored in the database with certain forms, and user is facilitated to access and operate.Nowadays, big data is relied on
Occur in more extensive more open cloud platform, on the one hand changes people's lives mode and the cognition to data, on the other hand
Also to the safeguard protection of sensitive private data, more stringent requirements are proposed, and private data is frequently retained in user local, and one
Denier allows other accessed nodes on network to access the user local for being stored with private data in order to shared, and will certainly give should
User locally brings security risk.
Summary of the invention
The purpose of the application is to propose a kind of data access method and its device, electronic equipment, computer-readable medium,
For solving the above problem in the prior art.
In a first aspect, the embodiment of the present application provides a kind of data access method comprising:
The private data access request initiated is obtained, it is legal to judge whether the object of the private data access request has
Private data access authority;
If the object of the private data access request has legal private data access authority, by cochain storage
Private data opening accesses to the object.
Optionally, in any embodiment of the application, judge whether the object of the private data access request has
Legal private data access authority, comprising: parsing is carried out to the private data access request and obtains object identity therein,
By being matched in the library of object, if finding the described pair of mark mark of record in the library of object, described in judgement
The object of private data access request has legal private data access authority.
Optionally, in any embodiment of the application, judge whether the object of the private data access request has
Legal private data access authority, comprising: the first dynamically verifying information of object input is parsed, described in judgement
Whether the dynamically verifying information of object input matches with the second dynamically verifying information for being sent to the object, if matching, sentences
The object of the fixed private data access request has legal private data access authority.
Optionally, in any embodiment of the application, the private data of cochain storage is opened and is carried out to the object
Access, comprising: according to nearby principle, select access price most from multiple block nodes from management node in block chain network
A small block node accesses the private data of the storage on the block node by the way that API is open to the object.
Optionally, in any embodiment of the application, the private data of cochain storage is opened and is carried out to the object
Access, comprising: the block node of the public chain verifies the identity of the object again, authorizes after being verified described
The permission of the block node of public chain described in object accesses.
Optionally, in any embodiment of the application, the block node of the public chain to the identity of the object into
Verifying includes: that the block node on the public chain determines that the access token that the object provides is pushed with management node to row again
To the token matched of institute's block node, then it is verified.
Optionally, in any embodiment of the application, the private data of cochain storage is opened and is carried out to the object
Access, comprising: by generate include the public chain storage address two dimensional code with the private data that stores cochain it is open to
The object accesses.
Optionally, in any embodiment of the application, further includes: establish physics between the private data before and after cochain
Isolation is accessed the private data opening that cochain stores to the object with controlling.
Second aspect, the embodiment of the present application provide a kind of data access device comprising:
Judging unit judges pair of the private data access request for obtaining the private data access request initiated
As if it is no with legal private data access authority;
Permission open cell, if the object of the private data access request has legal private data access authority,
Then the private data of cochain storage is opened and is accessed to the object.
The third aspect, the embodiment of the present application provide a kind of electronic equipment, comprising:
One or more processors;
Computer-readable medium is configured to store one or more programs,
When one or more of programs are executed by one or more of processors, so that one or more of processing
Device realizes the method as described in above-mentioned any embodiment.
Fourth aspect, the embodiment of the present application provide a kind of computer-readable medium, are stored thereon with computer program, should
The method as described in above-mentioned any embodiment is realized when program is executed by processor.
Data access method and its device provided by the present application, electronic equipment in computer-readable medium, pass through and obtain hair
The private data access request risen, judges whether the object of the private data access request has legal private data access
Permission;If the object of the private data access request has legal private data access authority, the private that cochain is stored
There is data opening to access to the object, the access by public chain to private data avoids and directly accesses privately owned number
According to user terminal caused by network security problem.
Detailed description of the invention
By reading a detailed description of non-restrictive embodiments in the light of the attached drawings below, the application's is other
Feature, objects and advantages will become more apparent upon:
Fig. 1 is the structural schematic diagram of block chain network in the embodiment of the present application one;
Fig. 2 is data access method flow diagram in the embodiment of the present application two;
Fig. 3 is data access method flow diagram in the embodiment of the present application three;
Fig. 4 is the structural schematic diagram of data access device in the embodiment of the present application four;
Fig. 5 is the structural schematic diagram of electronic equipment in the embodiment of the present application five;
Fig. 6 is the hardware configuration of electronic equipment in the embodiment of the present application six.
Specific embodiment
The application is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouched
The specific embodiment stated only is only configured to explain related invention, rather than the restriction to the invention.It also should be noted that being
Convenient for description, part relevant to related invention is illustrated only in attached drawing.
It should be noted that in the absence of conflict, the features in the embodiments and the embodiments of the present application can phase
Mutually combination.The application is described in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
Data access method and its device provided by the present application, electronic equipment in computer-readable medium, are deposited by treating
Storage data carry out classification and handle to obtain the security level of the data to be stored;It is more than setting security level to wherein security level
The data to be stored of boundary carries out asymmetric encryption processing, realizes the secure storage to data, avoid data malice distort,
The adverse consequences that leakage, loss, damage etc. will cause.
Fig. 1 is the structural schematic diagram of block chain network in the embodiment of the present application one;As shown in Figure 1, the block chain network is
Based on the peer-to-peer network of P2P as composed by several nodes.Each node in block chain network maintains a string using close
Code learns the associated block chain generated of method.Newest block is obtained between each node by broadcasting, to guarantee each
Block between node is synchronous maintenance.Each node has the account for describing its identity, this account is by public and private key
To composition.The Hash encoded radio of public key is the address for being somebody's turn to do " account ".Private key is taken care of by account owner, can not disclose.
In order to understand public technology scheme more easily, then to possible block involved in each embodiment of the disclosure
Chain network structure is introduced.For example, Fig. 1 is a kind of block chain network structural representation shown according to an exemplary embodiment
Figure.As shown in Figure 1, the block chain network may include: new node 110, destination node 120, trusted node 130, management node
140, node 150 is participated in.Wherein:
New node 110 can include but is not limited to various terminals, the light node of block chain, the full node of block chain etc., need
The block chain account of oneself is generated, but can be with any block data of asynchronous target block chain network.
Destination node 120, can include but is not limited to various terminals, can be the arbitrary node in block chain network, together
Walk the block data of block chain network.
Trusted node 130, can include but is not limited to various terminals, be that management node 140 is preset in block chain network
Default trusted node, can have multiple.
Management node 140, can include but is not limited to various terminals, and the management node in block chain network can configure
The permissions of other block chain node accounts.
Node 150 is participated in, can include but is not limited to various terminals, appointing in addition to defaulting trusted node in block chain network
Meaning node, quantity are unlimited.
In block chain network, each node can be generated by running block chain program on corresponding node server
The block chain node account of oneself.Management node 140 can pass through the permissions of each node of node control platform configuration, example
Such as access permission permission, authority configuration is sent in block chain network in a manner of trading, the verifying through block chain network node
Block chain is written afterwards, and eventually by all nodes of P2P Network Synchronization to block chain network.
Fig. 2 is data access method flow diagram in the embodiment of the present application two;As shown in Fig. 2, it may include as follows
Step:
S201, the private data access request initiated is obtained, judges whether the object of the private data access request has
There is legal private data access authority;
It originally is in embodiment, private data can specifically be specified by user, can also be carried out by the management node of block chain
It judges automatically, alternatively, private data can also be only stored in the data on privately owned chain.Block node on the privately owned chain can be
The personal terminal of user.
In the present embodiment, the format of private data without limitation, for example can be text, can be video, audio, picture
Any format, the size of private data is not specially required.
Further, in an application scenarios, judge that the object of the private data access request is in step s 201
It is no have legal private data access authority when, specifically can be by carrying out parsing acquisition to the private data access request
Object identity therein, by being matched in the library of object, if finding described pair of mark of record in the library of object
Mark then determines that the object of the private data access request has legal private data access authority.In other words, herein
Judgement scheme is preferably applied in other block nodes in the accessible block network of the ability being only added in block chain network
Private data, i.e. block node in block network can access mutually the block node in data, such as privately owned chain and want
Access the data of other block node in the privately owned chain.
Alternatively, in an other application scenarios, pair of the private data access request is judged in step s 201
As if it is no with legal private data access authority when can by the first dynamically verifying information that the object is inputted into
Row parsing, judge the dynamically verifying information of object input be sent to the object the second dynamically verifying information whether
Match, if matching, determines that the object of the private data access request has legal private data access authority.In other words,
Judgement scheme herein is preferably applied in block node in the object accesses block network being not added in block chain network
Private data, i.e., the block node in block network can to outside block network access object provide need access number
According to.
Further, above-mentioned first dynamic authentication message can be short message verification code or dynamic password etc..Above-mentioned institute
To carry out the matching of the first dynamically verifying information and the second dynamically verifying information, mainly consider due to block network be
The access module of P2P, for preventing dynamically verifying information problem of data safety caused by illegal intercept.
If the object of S202, the private data access request has legal private data access authority, by cochain
The private data opening of storage accesses to the object, physical isolation is had between the private data before and after cochain, with control
The private data that cochain stores is opened and is accessed to the object by system.
In the present embodiment, in step S202 by the private data of cochain storage is open access to the object when according to
Nearby principle selects the smallest block section of access price from management node in block chain network from multiple block nodes
Point accesses the private data of the storage on the block node by the way that API is open to the object.
In a concrete application scene, the management node in Local Area Network can be with multiple block node broadcasts privates therein
There is data access request, at first by the block node returning response information of the private data access request, then shows the block
Node is the smallest block node of access price, it should be noted that as stated in the background art, if directly accessing private data
User terminal, then due in the block network, it is easy to lead to other network security problems, and the private data is stored
Memory node on public chain is equivalent to and provides backup private data, indirect by accessing the block node on public chain
Backup Data is obtained, so as to avoid directly network security problem caused by private data is obtained from user terminal.
The private data being stored on public chain preferably passes through rivest, shamir, adelman encryption, calculates in asymmetric encryption
Key pair used in method includes different public key and private key, in a concrete application scene, the generating mode of public key and private key
It is as follows:
In a concrete application scene, specifically key can be generated with RSA Algorithm, detailed process is such as follows:
1.1 selection two different Big prime p and q;
1.2 calculate product n=pq and Φ (n)=(p-1) (q-1);
1.3 selections are greater than the 1 random integers e for being less than Φ (n), so that gcd (e, Φ (n))=1;Gcd, that is, greatest common divisor.
1.4 calculating d make d*e=1mod Φ (n);Note: i.e. d*emod Φ (n)=1.
1.5 pairs of each key k=(n, p, q, d, e), definition enciphering transformation are Ek (x)=xe mod n, decryption transformation
For Dk (x)=yd mod n, x, y ∈ Zn here;
1.6p, q are destroyed, and with { e, n } for public-key cryptography, { d, n } is private cipher key.
Example:
2.1 assume p=3, q=11 (p, q are prime numbers), then N=pq=33;
2.2r=Φ (n)=(p-1) (q-1)=(3-1) (11-1)=20;
2.3 enable e=3, then, d=7 according to gcd (e, Φ (n))=1, i.e. gcd (e, 20)=1.
It arrives here, public key and key have determined.Public key is (N, e)=(33,3), and key is (N, d)=(33,7).
Fig. 3 is data access method flow diagram in the embodiment of the present application three;As shown in figure 3, it may include as follows
Step:
S301, the private data access request initiated is obtained, judges whether the object of the private data access request has
There is legal private data access authority;
Similar to the aforementioned embodiment, judgement scheme herein, which is preferably applied in, is only added to just may be used in block chain network
To access the private data of other block nodes in the block network, i.e. block node in block network can mutual access number
According to, for example a block node in privately owned chain will access the data of other block node in the privately owned chain.Alternatively, alternative
Ground, judgement scheme herein are preferably applied in block section in the object accesses block network being not added in block chain network
The private data of point, i.e. block node in block network can provide the access needed to the access object outside block network
Data.
If the object of S302, the private data access request has legal private data access authority, the public affairs
The block node of chain verifies the identity of the object again altogether, authorizes after being verified public described in the object accesses
The permission of the block node of chain.
Further, the block node of the public chain verifies the identity of the object again in step 302
When, the block node on the public chain determines that the access token that the object provides and management node are pushed to institute's block node
Token matched, then be verified and authorize the permission of the block node of public chain described in the object accesses.
It is carried out further, in this embodiment in step 302 opening the private data of cochain storage to the object
It is open to described with the private data for storing cochain by generating the two dimensional code including the public chain storage address when access
Object accesses, to facilitate user that can directly access by mobile terminal, improves the convenience of data access.
Further, in a concrete application scene, between step S301 and 302, further includes: the private before and after cochain
Have and establish physical isolation between data, the private data opening that cochain stores is accessed to the object with controlling, thus
It ensure that the private data that private data access request is directed to access cochain storage, and the not privately owned number before cochain
According to ensure that the safety of data.
Further, in above-described embodiment, above-mentioned private data can be assigned to item property, according to the number of access,
Or the data volume size of private data carries out charging, with the back end reward stored to above-mentioned cochain.
In addition, the reliability in order to guarantee data, is accompanied with unique timestamp in the private data of cochain storage, with root
The reliability demonstration of data is carried out according to the timestamp.
Fig. 4 is the structural schematic diagram of data access device in the embodiment of the present application four;As shown in figure 4, comprising:
Judging unit 401 judges the private data access request for obtaining the private data access request initiated
Whether object has legal private data access authority;
Permission open cell 402, if the object of the private data access request has legal private data access right
The private data of cochain storage is then opened and is accessed to the object by limit.
Further, in the present embodiment or other embodiments, the judging unit 401 is further used for the private
There is data access request to carry out parsing and obtain object identity therein, by being matched in the library of object, if described
It is legal privately owned then to determine that the object of the private data access request has for the described pair of mark mark that record is found in library of object
Data access authority.
Further, in the present embodiment or other embodiments, the judging unit 401 is further used for described right
As the first dynamically verifying information of input is parsed, judge the dynamically verifying information of the object input be sent to it is described right
Whether the second dynamically verifying information of elephant matches, if matching, it is legal to determine that the object of the private data access request has
Private data access authority.
Further, in the present embodiment or other embodiments, the visit permission open cell 402 be further used for by
According to nearby principle, the smallest block section of access price is selected from multiple block nodes from management node in block chain network
Point accesses the private data of the storage on the block node by the way that API is open to the object.
Further, in the present embodiment or other embodiments, the visit permission open cell 402 is further used for institute
The block node for stating public chain verifies the identity of the object again, is authorized described in the object accesses after being verified
The permission of the block node of public chain.
Further, in the present embodiment or other embodiments, the visit permission open cell 402 is further used for institute
State the order that the access token that the block node on public chain determines that the object provides is pushed to institute's block node with management node
Board matching, then be verified.
Further, in the present embodiment or other embodiments, the visit permission open cell 402 is further used for leading to
The private data that two dimensional code of the generation including the public chain storage address is crossed to store cochain is open to carry out to the object
Access.
Fig. 5 is the structural schematic diagram of electronic equipment in the embodiment of the present application five;The electronic equipment may include:
One or more processors 501;
Computer-readable medium 502 is configurable to store one or more programs,
When one or more of programs are executed by one or more of processors, so that one or more of processing
Device realizes the access method as described in above-mentioned any embodiment.
Fig. 6 is the hardware configuration of electronic equipment in the embodiment of the present application six;As shown in fig. 6, the hardware knot of the electronic equipment
Structure may include: processor 601, communication interface 602, computer-readable medium 603 and communication bus 604;
Wherein processor 601, communication interface 602, computer-readable medium 603 are completed each other by communication bus 604
Communication;
Optionally, communication interface 602 can be the interface of communication module, such as the interface of gsm module;
Wherein, processor 601 is specifically configurable to: being obtained the private data access request of initiation, is judged described privately owned
Whether the object of data access request has legal private data access authority;If the object of the private data access request
With legal private data access authority, then the private data of cochain storage is opened and accessed to the object.
Processor 601 can be general processor, including central processing unit (Central Processing Unit, abbreviation
CPU), network processing unit (Network Processor, abbreviation NP) etc.;It can also be digital signal processor (DSP), dedicated
Integrated circuit (ASIC), ready-made programmable gate array (FPGA) either other programmable logic device, discrete gate or transistor
Logical device, discrete hardware components.It may be implemented or execute disclosed each method, step and the logic in the embodiment of the present application
Block diagram.General processor can be microprocessor or the processor is also possible to any conventional processor etc..
In above-described embodiment, electronic equipment can be the intelligent terminal of front end, or the server on backstage, when for before
When the intelligent terminal at end, to be intelligent appliance.The household electrical appliances may include following at least one, such as: TV, digital video disc
(DVD) player, audio device, refrigerator, air-conditioning, vacuum cleaner, oven, micro-wave oven, washing machine, air purifier, machine top
Box, home automation controlling panel, security control panel, TV box are (for example, SAMSUNG HOMESYNCTM, APPLE TVTM
Or GOOGLE TVTM), game machine (for example, XBOXTM and PLAYSTATIONTM), electronic dictionary, electron key, video camera and
Digital photo frame.
According to another embodiment, electronic equipment may include following at least one: various Medical Devices are (for example, various
Portable medical measuring device is (for example, blood glucose monitoring device, heart rate monitor apparatus, blood pressure measurement device, body temperature measuring devices
Deng), magnetic resonance angiography (MRA), magnetic resonance imaging (MRI), computed tomography (CT) instrument and Ultrasound Instrument), navigation
Equipment, global positioning system (GPS) receiver, event data recorder (EDR), flight data recorder (FDR), vehicle entertainment
Information equipment, the electronic equipment navigation equipment and gyro compass of ship (for example, be used for) for ship, avionic device,
Safety equipment, motor vehicle head unit, household or industrial robot, the ATM (ATM) in bank, the sale in shop
Point (POS) or internet of things equipment are (for example, bulb, various sensors, voltameter or gas gauge, sprinkling equipment, fire protection warning
Device, constant temperature controller, street lamp, toaster, sports apparatus, boiler, heater, water heater etc.).
According to some embodiments, electronic equipment may include following at least one: furniture or building/structure a part,
Electron plate, electronic signature receiving device, projector and various types of measuring instruments are (for example, watermeter, voltameter, gas gauge
Or radio wave meter).It can be the one or more of above-mentioned various equipment according to the electronic equipment of the various embodiments of the disclosure
Combination.It can be flexible apparatus according to the electronic equipment of some embodiments of the disclosure.In addition, according to disclosure embodiment party
The electronic equipment of formula is not limited to above equipment, and may include the new electronic equipment developed according to technology.
Particularly, in accordance with an embodiment of the present disclosure, it may be implemented as computer above with reference to the process of flow chart description
Software program.For example, embodiment of the disclosure includes a kind of computer program product comprising be carried on computer-readable medium
On computer program, which includes to be configured to the program code of method shown in execution flow chart.Such
In embodiment, which can be downloaded and installed from network by communications portion, and/or from detachable media quilt
Installation.When the computer program is executed by central processing unit (CPU), the above-mentioned function limited in the present processes is executed
Energy.It should be noted that computer-readable medium described herein can be computer-readable signal media or computer
Readable storage medium storing program for executing either the two any combination.Computer-readable medium for example can be, but not limited to be electricity, magnetic,
Optical, electromagnetic, the system of infrared ray or semiconductor, device or device, or any above combination.Computer-readable storage medium
The more specific example of matter can include but is not limited to: have the electrical connections of one or more conducting wires, portable computer diskette,
Hard disk, random access storage medium (RAM), read-only storage medium (ROM), erasable type may be programmed read-only storage medium (EPROM or
Flash memory), optical fiber, the read-only storage medium of portable compact disc (CD-ROM), optical storage media part, magnetic storage medium part or
Above-mentioned any appropriate combination.In this application, computer readable storage medium can be it is any include or storage program
Tangible medium, the program can be commanded execution system, device or device use or in connection.And in the application
In, computer-readable signal media may include in a base band or as carrier wave a part propagate data-signal, wherein
Carry computer-readable program code.The data-signal of this propagation can take various forms, including but not limited to electric
Magnetic signal, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be computer-readable and deposit
Any computer-readable medium other than storage media, which can send, propagate or transmission configuration is served as reasons
Instruction execution system, device or device use or program in connection.The journey for including on computer-readable medium
Sequence code can transmit with any suitable medium, including but not limited to: wireless, electric wire, optical cable, RF etc. are above-mentioned
Any appropriate combination.
It can be write by one or more programming languages or combinations thereof in terms of the operation for being configured to execute the application
Calculation machine program code, described program design language include object oriented program language-such as Java, Smalltalk, C
++, further include conventional procedural programming language-such as " C " language or similar programming language.Program code can
Fully to execute, partly execute on the user computer on the user computer, be executed as an independent software package,
Part executes on the remote computer or executes on a remote computer or server completely on the user computer for part.
In situations involving remote computers, remote computer can pass through the network of any kind: including local area network (LAN) or extensively
Domain net (WAN)-be connected to subscriber computer, or, it may be connected to outer computer (such as provided using Internet service
Quotient is connected by internet).
Flow chart and block diagram in attached drawing are illustrated according to the system of the various embodiments of the application, method and computer journey
The architecture, function and operation in the cards of sequence product.In this regard, each box in flowchart or block diagram can generation
A part of one module, program segment or code of table, a part of the module, program segment or code are matched comprising one or more
It is set to the executable instruction of logic function as defined in realizing.There is specific precedence relationship in above-mentioned specific embodiment, but these are successively
Relationship is only exemplary, when specific implementation, these steps may less, more or execution sequence have adjustment.I.e.
In some implementations as replacements, function marked in the box can also be sent out in a different order than that indicated in the drawings
It is raw.For example, two boxes succeedingly indicated can actually be basically executed in parallel, they sometimes can also be by opposite suitable
Sequence executes, and this depends on the function involved.It is also noted that each box and block diagram in block diagram and or flow chart
And/or the combination of the box in flow chart, can with execute as defined in functions or operations dedicated hardware based system come
It realizes, or can realize using a combination of dedicated hardware and computer instructions.
Being described in unit involved in the embodiment of the present application can be realized by way of software, can also be by hard
The mode of part is realized.Described unit also can be set in the processor, for example, can be described as: a kind of processor packet
Include judging unit, for obtain initiate private data access request, judge the private data access request object whether
With legal private data access authority;Permission open cell, if the object of the private data access request is with legal
Private data access authority, then accessed to the object by the private data of cochain storage is open.For example, permission is open
Unit is also described as " the open unit to access to the object of private data for storing cochain ".
As on the other hand, present invention also provides a kind of computer-readable mediums, are stored thereon with computer program, should
The method as described in above-mentioned any embodiment is realized when program is executed by processor.
As on the other hand, present invention also provides a kind of computer-readable medium, which be can be
Included in device described in above-described embodiment;It is also possible to individualism, and without in the supplying device.Above-mentioned calculating
Machine readable medium carries one or more program, when said one or multiple programs are executed by the device, so that should
Device: obtaining the private data access request of initiation, and it is legal to judge whether the object of the private data access request has
Private data access authority;It, will if the object of the private data access request has legal private data access authority
The private data opening of cochain storage accesses to the object.
Statement " first ", " second " used in various embodiments of the present disclosure, " first " or " described the
Two " can modify various parts and unrelated with sequence and/or importance, but these statements do not limit corresponding component.The above statement
It is only configured to the purpose for distinguishing element and other elements.For example, the first user equipment and second user equipment indicate different
User equipment, although being both user equipment.For example, first element can under the premise of without departing substantially from the scope of the present disclosure
Referred to as second element, similarly, second element can be referred to as first element.
When an element (for example, first element) referred to as " (operationally or can with another element (for example, second element)
Communicatedly) connection " or " (operationally or communicably) being attached to " another element (for example, second element) or " being connected to " are another
When one element (for example, second element), it is thus understood that an element is connected directly to another element or an element
Another element is indirectly connected to via another element (for example, third element).On the contrary, it is appreciated that when element (for example,
First element) it referred to as " is directly connected to " or when " directly connection " to another element (second element), then without element (for example, the
Three elements) it is inserted between the two.
Term " module " used herein or " functional unit " can for example mean to include hardware, software and firmware
Unit or include two or more in hardware, software and firmware combined unit." module " can be " single with such as term
Member ", " logic ", " logical block ", " component " or " circuit " convertibly use." module " or " functional unit " can be integral part
The minimum unit of part element or a part of integrated component element." module " can be for executing one or more functions most
Junior unit or part of it." module " or " functional unit " mechanically or is electrically implemented.For example, according to the " mould of the disclosure
Block " or " functional unit " may include following at least one: specific integrated circuit (ASIC) chip, field programmable gate array (FPGA)
And it is known or leaved for development from now on for executing the programmable logic device of operation.
Above description is only the preferred embodiment of the application and the explanation to institute's application technology principle.Those skilled in the art
Member is it should be appreciated that invention scope involved in the application, however it is not limited to technology made of the specific combination of above-mentioned technical characteristic
Scheme, while should also cover in the case where not departing from foregoing invention design, it is carried out by above-mentioned technical characteristic or its equivalent feature
Any combination and the other technical solutions formed.Such as features described above has similar function with (but being not limited to) disclosed herein
Can technical characteristic replaced mutually and the technical solution that is formed.
Claims (10)
1. a kind of data access method characterized by comprising
The private data access request initiated is obtained, judges whether the object of the private data access request has legal private
There is data access authority;
If the object of the private data access request has legal private data access authority, by the privately owned of cochain storage
Data opening accesses to the object.
2. the method according to claim 1, wherein judging whether the object of the private data access request has
There is legal private data access authority, comprising: parsing is carried out to the private data access request and obtains object mark therein
Know, by being matched in the library of object, if finding the described pair of mark mark of record in the library of object, determines institute
The object for stating private data access request has legal private data access authority.
3. the method according to claim 1, wherein judging whether the object of the private data access request has
There is legal private data access authority, comprising: parse to the first dynamically verifying information of object input, judge institute
Whether the dynamically verifying information for stating object input matches with the second dynamically verifying information for being sent to the object, if matching,
Determine that the object of the private data access request has legal private data access authority.
4. the method according to claim 1, wherein by the private data of cochain storage it is open to the object into
Row access, comprising: according to nearby principle, select access price from multiple block nodes from management node in block chain network
The smallest block node visits the private data of the storage on the block node by the way that API is open to the object
It asks.
5. the method according to claim 1, wherein by the private data of cochain storage it is open to the object into
Row access, comprising: the block node of the public chain verifies the identity of the object again, and institute is authorized after being verified
State the permission of the block node of public chain described in object accesses.
6. according to the method described in claim 5, it is characterized in that, the block node of the public chain is to the identity of the object
Carrying out verifying again includes: that the block node on the public chain determines that the access token of the object offer is pushed away with management node
The token matched for giving institute's block node, then be verified.
7. the method according to claim 1, wherein by the private data of cochain storage it is open to the object into
Row access, comprising: open with the private data for storing cochain by generating the two dimensional code including the public chain storage address
It accesses to the object.
8. method according to claim 1-7, which is characterized in that further include: the private data before and after cochain
Between establish physical isolation, accessed with controlling to open private data that cochain store to the object.
9. a kind of data access device characterized by comprising
Judging unit judges that the object of the private data access request is for obtaining the private data access request initiated
It is no that there is legal private data access authority;
Permission open cell will if the object of the private data access request has legal private data access authority
The private data opening of cochain storage accesses to the object.
10. a kind of electronic equipment, comprising:
One or more processors;
Computer-readable medium is configured to store one or more programs,
When one or more of programs are executed by one or more of processors, so that one or more of processors are real
The now method as described in any in claim 1-7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811519271.2A CN109740370A (en) | 2018-12-12 | 2018-12-12 | Data access method and its device, electronic equipment, computer-readable medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811519271.2A CN109740370A (en) | 2018-12-12 | 2018-12-12 | Data access method and its device, electronic equipment, computer-readable medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109740370A true CN109740370A (en) | 2019-05-10 |
Family
ID=66358896
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811519271.2A Pending CN109740370A (en) | 2018-12-12 | 2018-12-12 | Data access method and its device, electronic equipment, computer-readable medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109740370A (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110190967A (en) * | 2019-06-03 | 2019-08-30 | 北京共识数信科技有限公司 | A kind of aeronautical material information sharing method based on block chain |
CN110827168A (en) * | 2019-09-26 | 2020-02-21 | 国网山东省电力公司菏泽供电公司 | Electric quantity data processing method based on block chain and electronic equipment |
CN110851862A (en) * | 2019-10-31 | 2020-02-28 | 中电科大数据研究院有限公司 | Private and private data protection mechanism in alliance chain |
CN111046427A (en) * | 2019-12-13 | 2020-04-21 | 北京启迪区块链科技发展有限公司 | Block chain-based data access control method, device, equipment and medium |
CN111970297A (en) * | 2020-08-26 | 2020-11-20 | 杭州甘道智能科技有限公司 | Blood data sharing method, device, sharing server and storage medium |
CN113453227A (en) * | 2021-09-01 | 2021-09-28 | 清华大学 | Chain establishment rejection method and device and electronic equipment |
CN113626626A (en) * | 2021-07-08 | 2021-11-09 | 支付宝(杭州)信息技术有限公司 | Multi-person shared photo storage method, device and equipment |
CN114223233A (en) * | 2019-08-13 | 2022-03-22 | 上海诺基亚贝尔股份有限公司 | Data security for network slice management |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105554004A (en) * | 2015-12-24 | 2016-05-04 | 北京轻元科技有限公司 | Authentication system and authentication method for container services in hybrid cloud computing environment |
US20170230375A1 (en) * | 2016-02-10 | 2017-08-10 | Bank Of America Corporation | System for centralized control of secure access to process data network |
CN108235806A (en) * | 2017-12-28 | 2018-06-29 | 深圳达闼科技控股有限公司 | Method, device and system for safely accessing block chain, storage medium and electronic equipment |
CN108418795A (en) * | 2018-01-30 | 2018-08-17 | 百度在线网络技术(北京)有限公司 | Data access method, device, system and the computer-readable medium of transregional piece of chain |
CN108665946A (en) * | 2018-05-08 | 2018-10-16 | 阿里巴巴集团控股有限公司 | A kind of access method and device of business datum |
-
2018
- 2018-12-12 CN CN201811519271.2A patent/CN109740370A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105554004A (en) * | 2015-12-24 | 2016-05-04 | 北京轻元科技有限公司 | Authentication system and authentication method for container services in hybrid cloud computing environment |
US20170230375A1 (en) * | 2016-02-10 | 2017-08-10 | Bank Of America Corporation | System for centralized control of secure access to process data network |
CN108235806A (en) * | 2017-12-28 | 2018-06-29 | 深圳达闼科技控股有限公司 | Method, device and system for safely accessing block chain, storage medium and electronic equipment |
CN108418795A (en) * | 2018-01-30 | 2018-08-17 | 百度在线网络技术(北京)有限公司 | Data access method, device, system and the computer-readable medium of transregional piece of chain |
CN108665946A (en) * | 2018-05-08 | 2018-10-16 | 阿里巴巴集团控股有限公司 | A kind of access method and device of business datum |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110190967A (en) * | 2019-06-03 | 2019-08-30 | 北京共识数信科技有限公司 | A kind of aeronautical material information sharing method based on block chain |
CN114223233A (en) * | 2019-08-13 | 2022-03-22 | 上海诺基亚贝尔股份有限公司 | Data security for network slice management |
CN110827168A (en) * | 2019-09-26 | 2020-02-21 | 国网山东省电力公司菏泽供电公司 | Electric quantity data processing method based on block chain and electronic equipment |
CN110851862A (en) * | 2019-10-31 | 2020-02-28 | 中电科大数据研究院有限公司 | Private and private data protection mechanism in alliance chain |
CN110851862B (en) * | 2019-10-31 | 2023-08-04 | 中电科大数据研究院有限公司 | Private and privacy data protection method in alliance chain |
CN111046427A (en) * | 2019-12-13 | 2020-04-21 | 北京启迪区块链科技发展有限公司 | Block chain-based data access control method, device, equipment and medium |
CN111970297A (en) * | 2020-08-26 | 2020-11-20 | 杭州甘道智能科技有限公司 | Blood data sharing method, device, sharing server and storage medium |
CN113626626A (en) * | 2021-07-08 | 2021-11-09 | 支付宝(杭州)信息技术有限公司 | Multi-person shared photo storage method, device and equipment |
CN113626626B (en) * | 2021-07-08 | 2023-12-12 | 支付宝(中国)网络技术有限公司 | Photo storage method, device and equipment for sharing by multiple persons |
CN113453227A (en) * | 2021-09-01 | 2021-09-28 | 清华大学 | Chain establishment rejection method and device and electronic equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109740370A (en) | Data access method and its device, electronic equipment, computer-readable medium | |
US10609039B2 (en) | Traitor tracing for obfuscated credentials | |
US11469891B2 (en) | Expendable cryptographic key access | |
EP3318036B1 (en) | Resource-driven dynamic authorization framework | |
US11336635B2 (en) | Systems and methods for authenticating device through IoT cloud using hardware security module | |
CN111147472B (en) | Lightweight authentication method and system for intelligent electric meter under edge computing scene | |
CN109788025B (en) | Data grading method and device, electronic equipment and computer readable medium | |
US9021568B2 (en) | Verification method for verifying validity of program, and verification system | |
US9531533B2 (en) | Rule-based validity of cryptographic key material | |
CN110300972B (en) | Anonymous attestation | |
US9686244B2 (en) | Rule-based validity of cryptographic key material | |
WO2015004831A1 (en) | Cryptographic communication device, cryptographic communication method, and computer program therefor | |
US20150271158A1 (en) | Rule-based Validity of Cryptographic Key Material | |
BR112013007261B1 (en) | appliance and method for utility device management | |
CN105893853B (en) | The method and delegation system of one of multiple hardware security modules are assigned to guest system | |
US11290269B2 (en) | Self certification of devices for secure transactions | |
JP2015532561A (en) | Method, system, and computer program product for determining the geographical location of a virtual disk image running on a data center server in a data center | |
CN109739927A (en) | Date storage method and its device, electronic equipment, computer-readable medium | |
CN108040044A (en) | A kind of management method and system for realizing eSIM card security authentications | |
CN109753810A (en) | Data classification storage and its device, electronic equipment, computer-readable medium | |
CN109783190A (en) | Data migration method and its device, electronic equipment, computer-readable medium | |
CN109756561A (en) | Date storage method and its device, electronic equipment, computer-readable medium | |
KR101836211B1 (en) | Electronic device authentication manager device | |
JP2015130549A (en) | System including meter for measuring consumption energy and management system for managing consumption energy | |
CN109753417A (en) | Abnormal process management method and its device, electronic equipment, computer-readable medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190510 |
|
RJ01 | Rejection of invention patent application after publication |