CN111339206A - Data sharing method and device based on block chain - Google Patents

Data sharing method and device based on block chain Download PDF

Info

Publication number
CN111339206A
CN111339206A CN202010168034.7A CN202010168034A CN111339206A CN 111339206 A CN111339206 A CN 111339206A CN 202010168034 A CN202010168034 A CN 202010168034A CN 111339206 A CN111339206 A CN 111339206A
Authority
CN
China
Prior art keywords
information
service node
user
block chain
hash value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010168034.7A
Other languages
Chinese (zh)
Other versions
CN111339206B (en
Inventor
洪蜀宁
余昌龙
熊潇
庄磊
刘俊杰
雷刚
黄发培
胡伟
邹浩
李诗寰
彭聪
郁微
王雪
钱程
尹涛
边鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CCB Finetech Co Ltd
Original Assignee
China Construction Bank Corp
CCB Finetech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Construction Bank Corp, CCB Finetech Co Ltd filed Critical China Construction Bank Corp
Priority to CN202010168034.7A priority Critical patent/CN111339206B/en
Publication of CN111339206A publication Critical patent/CN111339206A/en
Application granted granted Critical
Publication of CN111339206B publication Critical patent/CN111339206B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2219Large Object storage; Management thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2471Distributed queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computational Linguistics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Mathematical Physics (AREA)
  • Fuzzy Systems (AREA)
  • Computing Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a data sharing method and device based on a block chain, and relates to the technical field of computers. One embodiment of the method comprises: receiving a data uploading request of a first service node, wherein the data uploading request indicates information of a first user served by the first service node; extracting first summary information corresponding to the information of the first user from the information of the first user; generating a first hash value corresponding to the first summary information; and correspondingly uploading the first abstract information, the first hash value and the first service node identifier to a block chain, and storing the information of the first user to a local database. The implementation method not only reduces the data amount stored on the block chain, but also further ensures the data security while realizing the data sharing.

Description

Data sharing method and device based on block chain
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a data sharing method and apparatus based on a block chain.
Background
The block chain has the advantages of decentralization, non-tampering and the like, so that the block chain is widely applied to the aspect of data sharing and storage. At present, all kinds of blockchain data are shared in a way that all data are encrypted and then placed on blockchains, and each blockchain data node stores copies of all data of other nodes.
In the process of implementing the invention, the inventor finds that at least the following problems exist in the prior art: although the data uploaded to the block chain is encrypted, due to the fact that the data of all the data nodes are consistent, once one data node is attacked or invaded, all the data are leaked, and certain risk of leakage still exists for some data with high confidentiality requirements; in addition, as the amount of data uploaded to the block chain is gradually increased, the data storage space is increased, and the efficiency of querying and acquiring data from the block chain is greatly reduced.
Disclosure of Invention
In view of this, the embodiments of the present invention provide a data sharing method and apparatus based on a block chain, which not only reduce the amount of data stored on the block chain, but also further ensure the security of the data while implementing data sharing.
To achieve the above object, according to an aspect of the embodiments of the present invention, there is provided a data sharing method based on a block chain, including:
receiving a data uploading request of a first service node, wherein the data uploading request indicates information of a first user served by the first service node;
extracting first summary information corresponding to the information of the first user from the information of the first user;
generating a first hash value corresponding to the first summary information;
and correspondingly uploading the first abstract information, the first hash value and the first service node identifier to a block chain, and storing the information of the first user to a local database.
Optionally, the method further comprises:
before uploading the first summary information, the first hash value and a first service node identifier to a block chain correspondingly, judging whether the first hash value exists on the block chain or not;
if the first abstract information does not exist, uploading the first abstract information, the first hash value and the first service node identification to a block chain correspondingly;
if the first summary information exists, whether the service node identification corresponding to the first hash value stored in the block chain is consistent with the first service node identification is continuously judged, and if the service node identification is not consistent with the first hash value, the first summary information, the first hash value and the first service node identification are uploaded to the block chain correspondingly.
Optionally, the method further comprises:
under the condition that the first hash value does not exist on the block chain, adding a first reward value to a reward value corresponding to the first service node;
and adding a second reward value to the reward value corresponding to the first service node under the condition that the first hash value exists on the block chain but the stored service node identifier corresponding to the first hash value is inconsistent with the first service node identifier, wherein the second reward value is smaller than the first reward value.
Optionally, the method further comprises:
under the condition that a second service node requests to acquire the information of the first user, acquiring a public key of the second service node and the first summary information from the block chain;
searching the information of the first user corresponding to the first abstract information from a local database according to the first abstract information;
encrypting the information of the first user by using the public key of the second service node;
and uploading the encrypted information of the first user to the block chain, so that the second service node can acquire the information of the first user from the block chain.
Optionally, the method further comprises:
receiving a data acquisition request sent by a first service node, wherein the data acquisition request indicates second summary information corresponding to information of a second user to be acquired and a public key of the first service node;
acquiring one or more service node identifications corresponding to a second hash value from the block chain according to the second hash value corresponding to the second abstract information;
selecting one or more service node identifications from the service node identifications;
and acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
Optionally, the method further comprises:
and after the information of the second user encrypted by the public key of the first service node is acquired from the blockchain, decrypting the information of the second user by using a private key corresponding to the public key of the first service node.
Optionally, the method further comprises:
after the information of the second user is decrypted by using a private key corresponding to the public key of the first service node, extracting third summary information corresponding to the information of the second user from the information of the second user;
generating a third hash value corresponding to the third summary information;
and judging whether the third hash value is consistent with the second hash value or not, if so, displaying the information of the second user to the first service node, and if not, complaining to the block chain according to the decrypted information of the second user.
Optionally, the method further comprises:
under the condition of a request for success of complaint to the block chain, notifying the first service node that the data acquisition request fails;
and under the condition that complaint to the block chain is failed, displaying the decrypted information of the second user to the first service node.
Optionally, the method further comprises:
and after displaying the decrypted information of the second user to the first service node, correspondingly storing the information of the second user, the second abstract information, the selected service node identifier and the second hash value to a local database.
Alternatively,
and deducting a third reward value from the reward value corresponding to the first service node when acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
To achieve the above object, according to another aspect of the embodiments of the present invention, there is provided a data sharing apparatus based on a block chain, including: the device comprises an uploading request receiving module, a summary information extracting module, a hash value generating module and a data uploading module; wherein the content of the first and second substances,
the upload request receiving module is configured to receive a data upload request of a first service node, where the data upload request indicates information of a first user served by the first service node;
the abstract information extraction module is used for extracting first abstract information corresponding to the information of the first user from the information of the first user;
the hash value generation module is used for generating a first hash value corresponding to the first abstract information;
and the data uploading module is used for uploading the first summary information, the first hash value and the first service node identifier to a block chain correspondingly, and storing the information of the first user in a local database.
Optionally, the data uploading module is further configured to,
before uploading the first summary information, the first hash value and a first service node identifier to a block chain correspondingly, judging whether the first hash value exists on the block chain or not;
if the first abstract information does not exist, uploading the first abstract information, the first hash value and the first service node identification to a block chain correspondingly;
if the first summary information exists, whether the service node identification corresponding to the first hash value stored in the block chain is consistent with the first service node identification is continuously judged, and if the service node identification is not consistent with the first hash value, the first summary information, the first hash value and the first service node identification are uploaded to the block chain correspondingly.
Optionally, the data uploading module is further configured to,
under the condition that the first hash value does not exist on the block chain, adding a first reward value to a reward value corresponding to the first service node;
and adding a second reward value to the reward value corresponding to the first service node under the condition that the first hash value exists on the block chain but the stored service node identifier corresponding to the first hash value is inconsistent with the first service node identifier, wherein the second reward value is smaller than the first reward value.
Optionally, the data uploading module is further configured to,
under the condition that a second service node requests to acquire the information of the first user, acquiring a public key of the second service node and the first summary information from the block chain;
searching the information of the first user corresponding to the first abstract information from a local database according to the first abstract information;
encrypting the information of the first user by using the public key of the second service node;
and uploading the encrypted information of the first user to the block chain, so that the second service node can acquire the information of the first user from the block chain.
Optionally, the method further comprises: a data acquisition module; the data acquisition module is used for acquiring the data,
receiving a data acquisition request sent by a first service node, wherein the data acquisition request indicates second summary information corresponding to information of a second user to be acquired and a public key of the first service node;
acquiring one or more service node identifications corresponding to a second hash value from the block chain according to the second hash value corresponding to the second abstract information;
selecting one or more service node identifications from the service node identifications;
and acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
Optionally, the data obtaining module is further configured to,
and after the information of the second user encrypted by the public key of the first service node is acquired from the blockchain, decrypting the information of the second user by using a private key corresponding to the public key of the first service node.
Optionally, the data obtaining module is further configured to,
after the information of the second user is decrypted by using a private key corresponding to the public key of the first service node, extracting third summary information corresponding to the information of the second user from the information of the second user;
generating a third hash value corresponding to the third summary information;
and judging whether the third hash value is consistent with the second hash value or not, if so, displaying the information of the second user to the first service node, and if not, complaining to the block chain according to the decrypted information of the second user.
Optionally, the data obtaining module is further configured to,
under the condition of a request for success of complaint to the block chain, notifying the first service node that the data acquisition request fails;
and under the condition that complaint to the block chain is failed, displaying the decrypted information of the second user to the first service node.
Optionally, the data obtaining module is further configured to,
and after displaying the decrypted information of the second user to the first service node, correspondingly storing the information of the second user, the second abstract information, the selected service node identifier and the second hash value to a local database.
Optionally, the data obtaining module is further configured to,
and deducting a third reward value from the reward value corresponding to the first service node when acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
To achieve the above object, according to still another aspect of embodiments of the present invention, there is provided an electronic device for data sharing, including:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement a method as any one of the blockchain based data sharing methods described above.
To achieve the above object, according to still another aspect of embodiments of the present invention, there is provided a computer readable medium having a computer program stored thereon, wherein the program, when executed by a processor, implements any one of the above-described methods for sharing data based on a blockchain.
The invention has the following advantages or beneficial effects: only the summary information of the user information and the corresponding hash value are uploaded to the block chain, so that the data size stored in the block chain is reduced; meanwhile, the quick query of the service node for the information of the available users is realized through the summary information of the user information stored in the block chain and the corresponding hash value, and the query efficiency is improved; and if and only if the information of the user is requested to be acquired, the public key of the service node requesting to acquire the information of the user is used for encrypting the data and uploading the encrypted data to the block chain, so that the corresponding user information can be decrypted only by the service node requesting the information by using the private key corresponding to the public key, and the information security is improved.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
fig. 1 is a schematic diagram of a main flow of a block chain-based data sharing method according to an embodiment of the present invention;
fig. 2 is a schematic diagram of a main flow of another data sharing method based on a block chain according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a main flow of another block chain-based data sharing method according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a main flow of a data acquisition method based on a block chain according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of the main modules of a block chain based data sharing apparatus according to an embodiment of the present invention;
FIG. 6 is a schematic diagram of the main structure of a blockchain-based data sharing system according to an embodiment of the present invention;
fig. 7 is a schematic diagram of a main flow of a data acquisition method applied to a data sharing system based on a block chain according to an embodiment of the present invention;
FIG. 8 is an exemplary system architecture diagram in which embodiments of the present invention may be employed;
fig. 9 is a schematic structural diagram of a computer system suitable for implementing a terminal device or a server according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
Fig. 1 is a schematic diagram of a main flow of a data sharing method based on a block chain according to an embodiment of the present invention, and as shown in fig. 1, the data sharing method may specifically include the following steps:
step S101, a data upload request of a first service node is received, where the data upload request indicates information of a first user served by the first service node. That is, the data upload request indicates information of a first user that the first service node wants to upload to the blockchain to implement sharing with other service nodes, the information of the first user includes but is not limited to: user blacklist information, user white list, user credit investigation records, etc. The first service node refers to a service system, such as a banking system, a bank credit system, and the like, which can produce information of the first user, upload information of the user to the blockchain, and query and acquire information of other users from the blockchain.
Step S102, extracting first summary information corresponding to the information of the first user from the information of the first user. Specifically, the information of the first user is taken as user blacklist information for example, and the user blacklist information records one or more users included in a blacklist and specific details of the users included in the blacklist; if the first user is a natural person, the corresponding first summary information may include one or more of the following: user name, user certificate type and user certificate number; if the first user is an enterprise, the first summary information may include one or more of the following: business name, business organization code, taxpayer identification number, etc. In addition, the first user may be an organization such as a social group, a fund organization, or the like.
Step S103, generating a first hash value corresponding to the first digest information. Hash (Hash) is the conversion of an input of arbitrary length (also called a pre-mapped pre-image) into a fixed-length output by a Hash algorithm, where the output is the Hash value generated by the Hash algorithm. The first hash values and the first summary information have a one-to-one correspondence relationship, the first hash values corresponding to different first summary information are necessarily different, and the first hash values corresponding to the same first summary information are necessarily the same and have a fixed length, so that the storage and the query are facilitated.
And step S104, uploading the first summary information, the first hash value and the first service node identifier to a block chain correspondingly, and storing the information of the first user in a local database. Specifically, the first summary information, the first hash value, and the first service node identifier may be stored in a user information table on the blockchain, and it is agreed that the first hash value and the first service node corresponding to the first summary information are stored in a row or a same column, so as to locate the corresponding first summary information or the first service node identifier according to the first hash value. The first service node identifier is a number, ID, name, etc. for distinguishing different service nodes.
In an optional implementation manner, before uploading the first summary information, the first hash value and the first service node identifier correspondingly to a blockchain, determining whether the first hash value already exists on the blockchain; if the first abstract information does not exist, uploading the first abstract information, the first hash value and the first service node identification to a block chain correspondingly; if the first summary information exists, whether the service node identification corresponding to the first hash value stored in the block chain is consistent with the first service node identification is continuously judged, and if the service node identification is not consistent with the first hash value, the first summary information, the first hash value and the first service node identification are uploaded to the block chain correspondingly.
That is to say, before uploading the first summary information, the first hash value and the first service node identifier to the block chain correspondingly, it is first determined whether the first summary information already exists on the block chain through the first hash value, if so, it is determined whether the service node uploading the first summary information is consistent with the current first service node based on the first service node identifier, if not, the service node uploading is continued, and if so, the service node uploading is not continued, so as to avoid that the same service node repeatedly uploads the information of the same user and resources are wasted maliciously. Meanwhile, it may be noted that the information details (specific matters for selecting blacklists) and the like of the corresponding first users in different service nodes may be different for the same first summary information (such as blacklist user names, identification numbers and the like), so that one or more service nodes are allowed to upload the first summary information, the first hash value, and the first service node to the block chain, respectively. Based on this, the other service nodes may select the source of the first summary information according to the actual requirement and the first service node identifier to obtain the information of the first user corresponding to the first summary information.
In an optional embodiment, in a case that the first hash value does not exist on the blockchain, adding a first reward value to a reward value corresponding to the first service node; and adding a second reward value to the reward value corresponding to the first service node under the condition that the first hash value exists on the block chain but the stored service node identifier corresponding to the first hash value is inconsistent with the first service node identifier, wherein the second reward value is smaller than the first reward value. Therefore, the first service node can be stimulated to upload more different first summary information and first user information based on the reward value management mechanism, and therefore sharing of the first user information is achieved. The first prize value and the second prize value may be set according to actual requirements, for example, the first prize value is 10, and the second prize value is half (i.e. 5) of the first prize value. It should be noted that the purpose of the incentive value management mechanism is to encourage the first service node to upload more first summary information or first user information, but at the same time avoid repeatedly uploading the same first summary information or first user information as much as possible. Therefore, in the case that the first summary information to be uploaded by the first service node is that other service nodes have already been uploaded onto the blockchain, the reward value given to the first service node is appropriately reduced, that is, smaller than the second reward value needs to be smaller than the first reward value, so as to guide the first service node to upload different first summary information while not reducing the aggressiveness of the first service node.
In an optional implementation manner, in a case that a second service node requests to acquire information of the first user, a public key of the second service node and the first summary information are acquired from the block chain; searching the information of the first user corresponding to the first abstract information from a local database according to the first abstract information; encrypting the information of the first user by using the public key of the second service node; and uploading the encrypted information of the first user to the block chain, so that the second service node can acquire the information of the first user from the block chain.
It is understood that the first service node may learn, on the blockchain, that the second service node, i.e., other service nodes, request to acquire the information of the first user, or may learn, through other communication channels (e.g., mail, etc.) established with the second service node, that the second service node requests to acquire the information of the first user. When the first summary information, the first hash value and the first service node identifier corresponding to the information of the first user are uploaded to the block chain, the information of the first user is stored in the local database, so that the corresponding information of the first user can be searched from the local database according to the first summary information corresponding to the information of the first user, which is acquired by the request of the second service node. On the basis, the mode that the public key of the second service node is used for encrypting the information of the first user and then uploading the information is a block chain is adopted, so that the safety and the privacy of the information of the first user are ensured, and only the second service node with the corresponding private key can acquire and decrypt the information of the first user. Thus, the safety of the information of the first user is ensured.
Therefore, when the first service node requests to upload, only the first summary information, the first hash value and the first service node identifier corresponding to the information of the first user are uploaded to the block chain correspondingly, so that the storage space occupied by storing more and more information of the first user in the block chain is reduced; meanwhile, the query efficiency of querying the corresponding first abstract information and the corresponding first service node identifier on the block chain is improved through the first hash value; furthermore, only when the second service data requests to acquire the information of the first user, the public key of the second service node is used for encrypting the information of the first user and uploading the information to the blockchain, so that the second service node acquires and decrypts the information of the first user from the blockchain, the information sharing of the first user is realized, the information security of the first user is ensured, and the information leakage of the first user is avoided.
In an optional implementation manner, a data acquisition request sent by a first service node is received, where the data acquisition request indicates second summary information corresponding to information of a second user to be acquired and a public key of the first service node; acquiring one or more service node identifications corresponding to a second hash value from the block chain according to the second hash value corresponding to the second abstract information; selecting one or more service node identifications from the service node identifications; and acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
It can be understood that, in the data sharing method implemented by the blockchain, the first service node itself may not only upload the information of the first user and the information of the first summary to the blockchain, but also obtain, from the blockchain, the information of the second user corresponding to the second summary information uploaded by other service nodes according to actual needs. In addition, different service nodes may upload the same second summary information, so that there may be multiple sources of the second summary information queried from the block chain according to the second hash value, that is, there may be multiple corresponding second service node identifiers, and therefore, one or more second service node identifiers may be selected according to actual requirements to obtain information of the second user uploaded by the corresponding second service nodes.
In an optional implementation manner, after the information of the second user encrypted by using the public key of the first service node is acquired from the blockchain, the information of the second user is decrypted by using a private key corresponding to the public key of the first service node. It can be understood that, in order to ensure the security of the obtained information of the second user, the public key of the first service node is used to encrypt the information of the second user, so that the information of the second user can be decrypted only by the first service node using the private key corresponding to the public key, thereby ensuring the security of data.
On the basis, after the information of the second user is decrypted by using a private key corresponding to the public key of the first service node, third summary information corresponding to the information of the second user is extracted from the information of the second user; generating a third hash value corresponding to the third summary information; and judging whether the third hash value is consistent with the second hash value or not, if so, displaying the information of the second user to the first service node, and if not, complaining to the block chain according to the decrypted information of the second user.
That is, after the information plaintext of the second user acquired from the block chain is decrypted by using the private key corresponding to the public key of the first service node, the information plaintext of the second user is further verified, so that the acquired information plaintext of the first user is ensured to be the information of the second user actually desired to be acquired. If not, the contract layer of the block chain can be complained according to the information plaintext of the second user, the corresponding second summary information and the like.
Further, in case of a request for success of complaint to the blockchain, notifying the first service node that the data acquisition request failed; and under the condition that complaint to the block chain is failed, displaying the decrypted information of the second user to the first service node.
In an optional implementation manner, after the decrypted information of the second user is displayed to the first service node, the information of the second user, the second digest information, the selected service node identifier, and the second hash value are correspondingly stored in a local database. Therefore, the local reuse can be performed for multiple times according to the acquisition once, and resource waste caused by the fact that the information of the second user is acquired from the block chain repeatedly for multiple times is avoided.
In an optional implementation manner, when the information of the second user encrypted by using the public key of the first service node is acquired from the block chain according to the selected service node identifier, the second hash value, and the public key of the first service node, a third reward value is deducted from the reward value corresponding to the first service node. That is to say, the first service node may obtain more reward values by uploading different information of the first user, and at the same time, the information of the second user uploaded by other service nodes may be obtained from the blockchain only by deducting a certain reward value, so that the incentive for the information of the user uploaded by the service node is realized, and the service node may be prevented from abusing the information of the second user obtained from the blockchain.
Based on the embodiment, the data volume stored on the block chain is reduced by uploading only the summary information of the user information and the corresponding hash value to the block chain; meanwhile, the quick query of the service node for the information of the available users is realized through the summary information of the user information stored in the block chain and the corresponding hash value, and the query efficiency is improved; and if and only if the information of the user is requested to be acquired, the public key of the service node requesting to acquire the information of the user is used for encrypting the data and uploading the encrypted data to the block chain, so that the corresponding user information can be decrypted only by the service node requesting the information by using the private key corresponding to the public key, and the information security is improved.
Referring to fig. 2, on the basis of the foregoing embodiment, an embodiment of the present invention provides another data sharing method based on a block chain, where the method specifically includes the following steps:
step S201, a data upload request of a first service node is received, where the data upload request indicates information of a first user served by the first service node.
Step S202, extracting first summary information corresponding to the information of the first user from the information of the first user.
Step S203, generating a first hash value corresponding to the first digest information.
Step S204, judging whether the first hash value exists on the block chain; if the signal exists, the following step S205 is continuously executed, and if the signal does not exist, the following step S206 is continuously executed.
Step S205, continuously determining whether the service node identifier corresponding to the first hash value stored in the block chain is consistent with the first service node identifier; if the two pieces of summary information are consistent, the first summary information, the first hash value and the first service node identifier are not uploaded, and if the two pieces of summary information, the first hash value and the first service node identifier are not consistent, the following step S206 is continuously executed.
Step S206, correspondingly uploading the first summary information, the first hash value and the first service node identification to a block chain, correspondingly uploading the first summary information, the first hash value and the first service node identification to the block chain, and storing the information of the first user in a local database.
On the basis, under the condition that a second service node requests to acquire the information of the first user, acquiring a public key of the second service node and the first abstract information from the block chain; searching the information of the first user corresponding to the first abstract information from a local database according to the first abstract information; encrypting the information of the first user by using the public key of the second service node; and uploading the encrypted information of the first user to the block chain, so that the second service node can acquire the information of the first user from the block chain.
In addition, a data acquisition request sent by a first service node can be received, wherein the data acquisition request indicates second summary information corresponding to information of a second user to be acquired and a public key of the first service node; acquiring one or more service node identifications corresponding to a second hash value from the block chain according to the second hash value corresponding to the second abstract information; selecting one or more service node identifications from the service node identifications; and acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
On the basis, after the information of the second user encrypted by the public key of the first service node is acquired from the blockchain, the information of the second user is decrypted by using a private key corresponding to the public key of the first service node.
Further, after the information of the second user is decrypted by using a private key corresponding to the public key of the first service node, third digest information corresponding to the information of the second user is extracted from the information of the second user; generating a third hash value corresponding to the third summary information; and judging whether the third hash value is consistent with the second hash value or not, if so, displaying the information of the second user to the first service node, and if not, complaining to the block chain according to the decrypted information of the second user. Based on this, in case of a request for success of complaint to the blockchain, notifying the first service node that the data acquisition request failed; and under the condition that complaint to the block chain is failed, displaying the decrypted information of the second user to the first service node.
In addition, after the decrypted information of the second user is displayed to the first service node, the information of the second user, the second summary information, the selected service node identifier, and the second hash value are correspondingly stored in a local database.
It is worth noting that in order to stimulate a first service node to upload more different first summary information, a first reward value is added to a reward value corresponding to the first service node under the condition that the first hash value does not exist on the block chain; and adding a second reward value to the reward value corresponding to the first service node under the condition that the first hash value exists on the block chain but the stored service node identifier corresponding to the first hash value is inconsistent with the first service node identifier, wherein the second reward value is smaller than the first reward value.
Correspondingly, in order to avoid that the first service node abuses the information of the second user acquired from the block chain, when the information of the second user encrypted by the public key of the first service node is acquired from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node, a third reward value is deducted from the reward value corresponding to the first service node.
Referring to fig. 3, on the basis of the foregoing embodiment, an embodiment of the present invention provides another data sharing method based on a block chain, where the method specifically includes the following steps:
step S301, receiving a data upload request of a first service node, where the data upload request indicates information of a first user served by the first service node
Step S302, extracting first summary information corresponding to the information of the first user from the information of the first user
Step S303, generating a first hash value corresponding to the first digest information.
Step S304, the first summary information, the first hash value and the first service node identification are uploaded to a block chain correspondingly, and the information of the first user is stored in a local database.
In addition, before uploading the first summary information, the first hash value and the first service node identifier to a block chain correspondingly, judging whether the first hash value exists on the block chain or not;
if the first abstract information does not exist, uploading the first abstract information, the first hash value and the first service node identification to a block chain correspondingly;
if the first summary information exists, whether the service node identification corresponding to the first hash value stored in the block chain is consistent with the first service node identification is continuously judged, and if the service node identification is not consistent with the first hash value, the first summary information, the first hash value and the first service node identification are uploaded to the block chain correspondingly.
Step S305, when a second service node requests to acquire information of the first user, acquiring a public key of the second service node and the first summary information from the block chain.
Step S306, searching the information of the first user corresponding to the first summary information from a local database according to the first summary information.
Step S307, using the public key of the second service node to encrypt the information of the first user.
Step S308, the encrypted information of the first user is uploaded to the block chain, so that the second service node obtains the information of the first user from the block chain.
It is worth noting that in order to stimulate a first service node to upload more different first summary information, a first reward value is added to a reward value corresponding to the first service node under the condition that the first hash value does not exist on the block chain; and adding a second reward value to the reward value corresponding to the first service node under the condition that the first hash value exists on the block chain but the stored service node identifier corresponding to the first hash value is inconsistent with the first service node identifier, wherein the second reward value is smaller than the first reward value.
Correspondingly, in order to avoid that the first service node abuses the information of the second user acquired from the block chain, when the information of the second user encrypted by the public key of the first service node is acquired from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node, a third reward value is deducted from the reward value corresponding to the first service node.
Referring to fig. 4, on the basis of the foregoing embodiment, an embodiment of the present invention provides a data acquisition method based on a block chain, where the method specifically includes the following steps:
step S401, receiving a data obtaining request sent by a first service node, where the data obtaining request indicates second summary information corresponding to information of a second user to be obtained and a public key of the first service node.
Step S402, according to a second hash value corresponding to the second digest information, obtaining one or more service node identifiers corresponding to the second hash value from the block chain.
Step S403, selecting one or more service node identifiers from the service node identifiers.
It can be understood that, in the data sharing method implemented by the blockchain, the first service node itself may not only upload the information of the first user and the information of the first summary to the blockchain, but also obtain, from the blockchain, the information of the second user corresponding to the second summary information uploaded by other service nodes according to actual needs. In addition, different service nodes may upload the same second summary information, so that there may be multiple sources of the second summary information queried from the block chain according to the second hash value, that is, there may be multiple corresponding second service node identifiers, and therefore, one or more second service node identifiers may be selected according to actual requirements to obtain information of the second user uploaded by the corresponding second service nodes.
Step S404, obtaining the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value, and the public key of the first service node.
Step S405, decrypting the information of the second user by using a private key corresponding to the public key of the first service node. It can be understood that, in order to ensure the security of the obtained information of the second user, the public key of the first service node is used to encrypt the information of the second user, so that the information of the second user can be decrypted only by the first service node using the private key corresponding to the public key, thereby ensuring the security of data.
Step S406, extracting third summary information corresponding to the information of the second user from the information of the second user.
Step S407, a third hash value corresponding to the third digest information is generated.
Step S408 is to determine whether the third hash value is consistent with the second hash value, if so, continue to execute step S409, and if not, continue to execute step S410. That is, after the information plaintext of the second user acquired from the block chain is decrypted by using the private key corresponding to the public key of the first service node, the information plaintext of the second user is further verified, so that the acquired information plaintext of the first user is ensured to be the information of the second user actually desired to be acquired. If not, the contract layer of the block chain can be complained according to the information plaintext of the second user, the corresponding second summary information and the like.
Step S409, displaying the information of the second user to the first service node.
Step S410, complain to the block chain according to the decrypted information of the second user.
Further, in case of a request for success of complaint to the blockchain, notifying the first service node that the data acquisition request failed; and under the condition that complaint to the block chain is failed, displaying the decrypted information of the second user to the first service node.
Referring to fig. 5, on the basis of the above embodiment, an embodiment of the present invention provides a data sharing apparatus 500 based on a block chain, including: an upload request receiving module 501, a summary information extracting module 502, a hash value generating module 503, and a data upload module 504; wherein the content of the first and second substances,
the upload request receiving module 501 is configured to receive a data upload request of a first service node, where the data upload request indicates information of a first user served by the first service node;
the summary information extraction module 502 is configured to extract first summary information corresponding to the information of the first user from the information of the first user;
the hash value generating module 503 is configured to generate a first hash value corresponding to the first digest information;
the data uploading module 504 is configured to upload the first summary information, the first hash value, and the first service node identifier to a block chain correspondingly, and store the information of the first user in a local database.
Optionally, the data uploading module 504 is further configured to,
before uploading the first summary information, the first hash value and a first service node identifier to a block chain correspondingly, judging whether the first hash value exists on the block chain or not;
if the first abstract information does not exist, uploading the first abstract information, the first hash value and the first service node identification to a block chain correspondingly;
if the first summary information exists, whether the service node identification corresponding to the first hash value stored in the block chain is consistent with the first service node identification is continuously judged, and if the service node identification is not consistent with the first hash value, the first summary information, the first hash value and the first service node identification are uploaded to the block chain correspondingly.
Optionally, the data uploading module 504 is further configured to,
under the condition that the first hash value does not exist on the block chain, adding a first reward value to a reward value corresponding to the first service node;
and adding a second reward value to the reward value corresponding to the first service node under the condition that the first hash value exists on the block chain but the stored service node identifier corresponding to the first hash value is inconsistent with the first service node identifier, wherein the second reward value is smaller than the first reward value.
Optionally, the data uploading module 504 is further configured to,
under the condition that a second service node requests to acquire the information of the first user, acquiring a public key of the second service node and the first summary information from the block chain;
searching the information of the first user corresponding to the first abstract information from a local database according to the first abstract information;
encrypting the information of the first user by using the public key of the second service node;
and uploading the encrypted information of the first user to the block chain, so that the second service node can acquire the information of the first user from the block chain.
Optionally, the method further comprises: a data acquisition module 505; the data acquisition module 505 is configured to,
receiving a data acquisition request sent by a first service node, wherein the data acquisition request indicates second summary information corresponding to information of a second user to be acquired and a public key of the first service node;
acquiring one or more service node identifications corresponding to a second hash value from the block chain according to the second hash value corresponding to the second abstract information;
selecting one or more service node identifications from the service node identifications;
and acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
Optionally, the data obtaining module 504 is further configured to,
and after the information of the second user encrypted by the public key of the first service node is acquired from the blockchain, decrypting the information of the second user by using a private key corresponding to the public key of the first service node.
Optionally, the data obtaining module 504 is further configured to,
after the information of the second user is decrypted by using a private key corresponding to the public key of the first service node, extracting third summary information corresponding to the information of the second user from the information of the second user;
generating a third hash value corresponding to the third summary information;
and judging whether the third hash value is consistent with the second hash value or not, if so, displaying the information of the second user to the first service node, and if not, complaining to the block chain according to the decrypted information of the second user.
Optionally, the data obtaining module 504 is further configured to,
under the condition of a request for success of complaint to the block chain, notifying the first service node that the data acquisition request fails;
and under the condition that complaint to the block chain is failed, displaying the decrypted information of the second user to the first service node.
Optionally, the data obtaining module 504 is further configured to,
and after displaying the decrypted information of the second user to the first service node, correspondingly storing the information of the second user, the second abstract information, the selected service node identifier and the second hash value to a local database.
Optionally, the data obtaining module 504 is further configured to,
and deducting a third reward value from the reward value corresponding to the first service node when acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
Referring to fig. 6, on the basis of the foregoing embodiment, an embodiment of the present invention provides a data sharing system based on a block chain, where the data sharing system based on the block chain specifically includes: the system comprises a block chain, one or more data sharing devices based on the block chain and a corresponding service node. It can be understood that, in this embodiment, only the data sharing device 1 based on the blockchain, the data sharing device 2 based on the blockchain, and the corresponding service nodes are the first service node and the second service node, respectively, are taken as an example for description, and in an actual implementation process, the number of the data sharing devices or the service nodes based on the blockchain may be further changed according to an actual requirement.
Referring to fig. 7, on the basis of the foregoing embodiment, an embodiment of the present invention provides a data acquisition method applied to a data sharing system based on a block chain, where the method specifically includes the following steps:
step S701, the data sharing apparatus 1 based on the block chain receives a data upload request of the first service node, where the data upload request indicates information of a first user served by the first service node.
Step S702, the data sharing apparatus 1 based on the block chain extracts first summary information corresponding to the information of the first user from the information of the first user.
Step S703 is performed to generate a first hash value corresponding to the first digest information based on the data sharing apparatus 1 of the block chain.
Step S704, correspondingly uploading the first summary information, the first hash value, and the first service node identifier to a block chain, and storing the information of the first user in a local database.
In an optional implementation manner, before uploading the first summary information, the first hash value and the first service node identifier correspondingly to a blockchain, determining whether the first hash value already exists on the blockchain; if the first abstract information does not exist, uploading the first abstract information, the first hash value and the first service node identification to a block chain correspondingly; if the first summary information exists, whether the service node identification corresponding to the first hash value stored in the block chain is consistent with the first service node identification is continuously judged, and if the service node identification is not consistent with the first hash value, the first summary information, the first hash value and the first service node identification are uploaded to the block chain correspondingly.
In an optional embodiment, in a case that the first hash value does not exist on the blockchain, adding a first reward value to a reward value corresponding to the first service node; and adding a second reward value to the reward value corresponding to the first service node under the condition that the first hash value exists on the block chain but the stored service node identifier corresponding to the first hash value is inconsistent with the first service node identifier, wherein the second reward value is smaller than the first reward value.
Step S705, the data sharing apparatus 2 based on the block chain receives an information obtaining request of the first user of the second service node, where the obtaining request indicates the public key of the second service node and the first abstract of the information of the first user.
Step S706, the data sharing device 2 based on the block chain obtains, according to the first hash value corresponding to the first digest information, one or more service node identifiers corresponding to the first hash value from the block chain.
Step S707, the data sharing device 2 based on the block chain selects the first service node identifier, that is, selects to obtain the information of the first user corresponding to the first summary information uploaded by the first service node. It can be understood that, in this embodiment, only the first service node identifier is taken as an example for description, and in an actual execution process, one or more service node identifiers may be selected according to an actual requirement.
Step S708, the data sharing device 2 based on the block chain requests to acquire the information of the first user according to the first summary information, the first service node identifier, and the public key of the second service node, that is, uploads the first summary information, the first service node identifier, and the public key of the second service node to the block chain to request to acquire the information of the first user.
Step S709, the data sharing device 2 based on the block chain obtains the first summary information, the first service node identifier, and the response identifier corresponding to the public key of the second service node from the block chain, so as to obtain the information of the first user from the block chain according to the response identifier. Specifically, when the response identifier is received, the message receiving process is started to wait for a notification that the first service node encrypts the information of the first user according to the party public key of the second service node and then uploads the encrypted information to the chain, and after the data arrives and receives the message notification on the chain, the data is queried in the block chain according to the request response ID. The response identifier is randomly generated and corresponds to each data acquisition request in a one-to-one manner.
Step S710, the data sharing apparatus 1 based on the block chain returns the first summary information and the public key of the second service node from the block chain.
In step S711, the data sharing apparatus 1 based on the block chain searches the local database for the information of the first user according to the first summary information.
In step S712, the data sharing apparatus 1 based on the block chain encrypts the information of the first user according to the public key of the second service node.
In step S713, the data sharing apparatus 1 based on the block chain uploads the information of the first user encrypted by using the public key of the second service node to the block chain.
In step S714, the data sharing device 2 based on the block chain obtains the encrypted information of the first user from the block chain according to the corresponding identifier.
Step S715, the data sharing device 2 based on the block chain decrypts the information of the first user by using the private key corresponding to the public key of the second service node.
Step S716, extracting fourth summary information from the decrypted information of the first user.
In step S717, a fourth hash value of the fourth digest information is generated.
Step S718, determining whether the first hash value and the fourth hash value are consistent; if the two match, the following step S719 continues to be executed, and if the two do not match, the following step S720 continues to be executed.
And step S719, in a case that the first hash value is consistent with the fourth hash value, displaying the decrypted information of the first user to the second service node.
In step S720, if the first hash value and the fourth hash value are not identical, the block chain is complained. Further, in case of a request for success of complaint to the blockchain, notifying the first service node that the data acquisition request failed; and under the condition that complaint to the block chain is failed, displaying the decrypted information of the second user to the first service node.
It is worth noting that in order to stimulate a first service node to upload more different first summary information, a first reward value is added to a reward value corresponding to the first service node under the condition that the first hash value does not exist on the block chain; and adding a second reward value to the reward value corresponding to the first service node under the condition that the first hash value exists on the block chain but the stored service node identifier corresponding to the first hash value is inconsistent with the first service node identifier, wherein the second reward value is smaller than the first reward value.
Correspondingly, in order to avoid that the first service node abuses the information of the second user acquired from the block chain, when the information of the second user encrypted by the public key of the first service node is acquired from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node, a third reward value is deducted from the reward value corresponding to the first service node.
Fig. 8 shows an exemplary system architecture 800 to which a blockchain-based data sharing method or a blockchain-based data sharing apparatus according to an embodiment of the present invention may be applied).
As shown in fig. 8, the system architecture 800 may include terminal devices 801, 802, 803, a network 804, and a server 805. The network 804 serves to provide a medium for communication links between the terminal devices 801, 802, 803 and the server 805. Network 804 may include various types of connections, such as wire, wireless communication links, or fiber optic cables, to name a few.
A user may use the terminal devices 801, 802, 803 to interact with a server 805 over a network 804 to receive or send messages or the like. The terminal devices 801, 802, 803 may have installed thereon various communication client applications, such as shopping applications, web browser applications, search applications, instant messaging tools, mailbox clients, social platform software, and the like.
The terminal devices 801, 802, 803 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 805 may be a server that provides various services, such as a background management server that supports shopping websites browsed by users using the terminal devices 801, 802, 803. The background management server can analyze and process the received data such as the product information inquiry request and feed back the processing result to the terminal equipment.
It should be noted that the data sharing method based on the blockchain provided by the embodiment of the present invention is generally executed by the server 805, and accordingly, the data sharing apparatus based on the blockchain is generally disposed in the server 805.
It should be understood that the number of terminal devices, networks, and servers in fig. 8 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring now to FIG. 9, shown is a block diagram of a computer system 900 suitable for use with a terminal device implementing an embodiment of the present invention. The terminal device shown in fig. 9 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 9, the computer system 900 includes a Central Processing Unit (CPU)901 that can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)902 or a program loaded from a storage section 908 into a Random Access Memory (RAM) 903. In the RAM 903, various programs and data necessary for the operation of the system 900 are also stored. The CPU 901, ROM 902, and RAM 903 are connected to each other via a bus 904. An input/output (I/O) interface 905 is also connected to bus 904.
The following components are connected to the I/O interface 905: an input portion 906 including a keyboard, a mouse, and the like; an output section 907 including components such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 908 including a hard disk and the like; and a communication section 909 including a network interface card such as a LAN card, a modem, or the like. The communication section 909 performs communication processing via a network such as the internet. The drive 910 is also connected to the I/O interface 905 as necessary. A removable medium 911 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 910 as necessary, so that a computer program read out therefrom is mounted into the storage section 908 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 909, and/or installed from the removable medium 911. The above-described functions defined in the system of the present invention are executed when the computer program is executed by a Central Processing Unit (CPU) 901.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules described in the embodiments of the present invention may be implemented by software or hardware. The described modules may also be provided in a processor, which may be described as: a processor comprises an uploading request receiving module, a summary information extracting module, a hash value generating module and a data uploading module. The names of these modules do not in some cases form a limitation on the module itself, for example, the hash value generation module may also be described as a "module for generating a first hash value corresponding to the first digest information".
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to comprise: receiving a data uploading request of a first service node, wherein the data uploading request indicates information of a first user served by the first service node; extracting first summary information corresponding to the information of the first user from the information of the first user; generating a first hash value corresponding to the first summary information; and correspondingly uploading the first abstract information, the first hash value and the first service node identifier to a block chain, and storing the information of the first user to a local database.
According to the technical scheme of the embodiment of the invention: only the summary information of the user information and the corresponding hash value are uploaded to the block chain, so that the data size stored in the block chain is reduced; meanwhile, the quick query of the service node for the information of the available users is realized through the summary information of the user information stored in the block chain and the corresponding hash value, and the query efficiency is improved; and if and only if the information of the user is requested to be acquired, the public key of the service node requesting to acquire the information of the user is used for encrypting the data and uploading the encrypted data to the block chain, so that the corresponding user information can be decrypted only by the service node requesting the information by using the private key corresponding to the public key, and the information security is improved.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (22)

1. A method for sharing data based on block chains is characterized by comprising the following steps:
receiving a data uploading request of a first service node, wherein the data uploading request indicates information of a first user served by the first service node;
extracting first summary information corresponding to the information of the first user from the information of the first user;
generating a first hash value corresponding to the first summary information;
and correspondingly uploading the first abstract information, the first hash value and the first service node identifier to a block chain, and storing the information of the first user to a local database.
2. The method for sharing data based on block chains according to claim 1, further comprising:
before uploading the first summary information, the first hash value and a first service node identifier to a block chain correspondingly, judging whether the first hash value exists on the block chain or not;
if the first abstract information does not exist, uploading the first abstract information, the first hash value and the first service node identification to a block chain correspondingly;
if the first summary information exists, whether the service node identification corresponding to the first hash value stored in the block chain is consistent with the first service node identification is continuously judged, and if the service node identification is not consistent with the first hash value, the first summary information, the first hash value and the first service node identification are uploaded to the block chain correspondingly.
3. The method of claim 2, further comprising:
under the condition that the first hash value does not exist on the block chain, adding a first reward value to a reward value corresponding to the first service node;
and adding a second reward value to the reward value corresponding to the first service node under the condition that the first hash value exists on the block chain but the stored service node identifier corresponding to the first hash value is inconsistent with the first service node identifier, wherein the second reward value is smaller than the first reward value.
4. The method of claim 3, further comprising:
under the condition that a second service node requests to acquire the information of the first user, acquiring a public key of the second service node and the first summary information from the block chain;
searching the information of the first user corresponding to the first abstract information from a local database according to the first abstract information;
encrypting the information of the first user by using the public key of the second service node;
and uploading the encrypted information of the first user to the block chain, so that the second service node can acquire the information of the first user from the block chain.
5. The method of claim 3, further comprising:
receiving a data acquisition request sent by a first service node, wherein the data acquisition request indicates second summary information corresponding to information of a second user to be acquired and a public key of the first service node;
acquiring one or more service node identifications corresponding to a second hash value from the block chain according to the second hash value corresponding to the second abstract information;
selecting one or more service node identifications from the service node identifications;
and acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
6. The method of claim 5, further comprising:
and after the information of the second user encrypted by the public key of the first service node is acquired from the blockchain, decrypting the information of the second user by using a private key corresponding to the public key of the first service node.
7. The method of claim 6, further comprising:
after the information of the second user is decrypted by using a private key corresponding to the public key of the first service node, extracting third summary information corresponding to the information of the second user from the information of the second user;
generating a third hash value corresponding to the third summary information;
and judging whether the third hash value is consistent with the second hash value or not, if so, displaying the information of the second user to the first service node, and if not, complaining to the block chain according to the decrypted information of the second user.
8. The method of claim 7, further comprising:
notifying the first service node that the data acquisition request fails when complaint to the blockchain is successful;
and under the condition that complaint to the block chain is failed, displaying the decrypted information of the second user to the first service node.
9. The method of claim 8, further comprising:
and after displaying the decrypted information of the second user to the first service node, correspondingly storing the information of the second user, the second abstract information, the selected service node identifier and the second hash value to a local database.
10. The blockchain-based data sharing method according to claim 5,
and deducting a third reward value from the reward value corresponding to the first service node when acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
11. An apparatus for sharing data based on a blockchain, comprising: the device comprises an uploading request receiving module, a summary information extracting module, a hash value generating module and a data uploading module; wherein the content of the first and second substances,
the upload request receiving module is configured to receive a data upload request of a first service node, where the data upload request indicates information of a first user served by the first service node;
the abstract information extraction module is used for extracting first abstract information corresponding to the information of the first user from the information of the first user;
the hash value generation module is used for generating a first hash value corresponding to the first abstract information;
and the data uploading module is used for uploading the first summary information, the first hash value and the first service node identifier to a block chain correspondingly, and storing the information of the first user in a local database.
12. The device according to claim 11, wherein the data uploading module is further configured to,
before uploading the first summary information, the first hash value and a first service node identifier to a block chain correspondingly, judging whether the first hash value exists on the block chain or not;
if the first abstract information does not exist, uploading the first abstract information, the first hash value and the first service node identification to a block chain correspondingly;
if the first summary information exists, whether the service node identification corresponding to the first hash value stored in the block chain is consistent with the first service node identification is continuously judged, and if the service node identification is not consistent with the first hash value, the first summary information, the first hash value and the first service node identification are uploaded to the block chain correspondingly.
13. The blockchain-based data sharing apparatus according to claim 12, wherein the data uploading module is further configured to,
under the condition that the first hash value does not exist on the block chain, adding a first reward value to a reward value corresponding to the first service node;
and adding a second reward value to the reward value corresponding to the first service node under the condition that the first hash value exists on the block chain but the stored service node identifier corresponding to the first hash value is inconsistent with the first service node identifier, wherein the second reward value is smaller than the first reward value.
14. The blockchain-based data sharing apparatus according to claim 13, wherein the data uploading module is further configured to,
under the condition that a second service node requests to acquire the information of the first user, acquiring a public key of the second service node and the first summary information from the block chain;
searching the information of the first user corresponding to the first abstract information from a local database according to the first abstract information;
encrypting the information of the first user by using the public key of the second service node;
and uploading the encrypted information of the first user to the block chain, so that the second service node can acquire the information of the first user from the block chain.
15. The device for sharing data based on block chains according to claim 13, further comprising: a data acquisition module; the data acquisition module is used for acquiring the data,
receiving a data acquisition request sent by a first service node, wherein the data acquisition request indicates second summary information corresponding to information of a second user to be acquired and a public key of the first service node;
acquiring one or more service node identifications corresponding to a second hash value from the block chain according to the second hash value corresponding to the second abstract information;
selecting one or more service node identifications from the service node identifications;
and acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
16. The device according to claim 15, wherein the data obtaining module is further configured to,
and after the information of the second user encrypted by the public key of the first service node is acquired from the blockchain, decrypting the information of the second user by using a private key corresponding to the public key of the first service node.
17. The device according to claim 16, wherein the data obtaining module is further configured to,
after the information of the second user is decrypted by using a private key corresponding to the public key of the first service node, extracting third summary information corresponding to the information of the second user from the information of the second user;
generating a third hash value corresponding to the third summary information;
and judging whether the third hash value is consistent with the second hash value or not, if so, displaying the information of the second user to the first service node, and if not, complaining to the block chain according to the decrypted information of the second user.
18. The device according to claim 17, wherein the data obtaining module is further configured to,
under the condition of a request for success of complaint to the block chain, notifying the first service node that the data acquisition request fails;
and under the condition that complaint to the block chain is failed, displaying the decrypted information of the second user to the first service node.
19. The device according to claim 18, wherein the data obtaining module is further configured to,
and after displaying the decrypted information of the second user to the first service node, correspondingly storing the information of the second user, the second abstract information, the selected service node identifier and the second hash value to a local database.
20. The device according to claim 15, wherein the data obtaining module is further configured to,
and deducting a third reward value from the reward value corresponding to the first service node when acquiring the information of the second user encrypted by using the public key of the first service node from the block chain according to the selected service node identifier, the second hash value and the public key of the first service node.
21. An electronic device for data sharing, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-10.
22. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-10.
CN202010168034.7A 2020-03-11 2020-03-11 Block chain-based data sharing method and device Active CN111339206B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010168034.7A CN111339206B (en) 2020-03-11 2020-03-11 Block chain-based data sharing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010168034.7A CN111339206B (en) 2020-03-11 2020-03-11 Block chain-based data sharing method and device

Publications (2)

Publication Number Publication Date
CN111339206A true CN111339206A (en) 2020-06-26
CN111339206B CN111339206B (en) 2023-07-18

Family

ID=71182226

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010168034.7A Active CN111339206B (en) 2020-03-11 2020-03-11 Block chain-based data sharing method and device

Country Status (1)

Country Link
CN (1) CN111339206B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111814193A (en) * 2020-08-31 2020-10-23 支付宝(杭州)信息技术有限公司 Information sharing method, device and equipment
CN113392144A (en) * 2021-08-18 2021-09-14 北京邮电大学 Museum service data storage and query method and system based on block chain
CN113486393A (en) * 2021-06-16 2021-10-08 中国联合网络通信集团有限公司 Block chain-based personal information sharing method, node, device and storage medium

Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018012872A1 (en) * 2016-07-14 2018-01-18 주식회사 코인플러그 Method for providing recording and verification service for data received and transmitted by messenger service, and server using method
CN108063752A (en) * 2017-11-02 2018-05-22 暨南大学 A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology
CN108768700A (en) * 2018-05-11 2018-11-06 北京奇虎科技有限公司 Reward distribution method, apparatus and system in a kind of block chain
CN108880784A (en) * 2018-05-28 2018-11-23 江苏众享金联科技有限公司 User privacy information shared system under a kind of different trust domain of solution based on block chain
CN109040012A (en) * 2018-06-19 2018-12-18 西安电子科技大学 A kind of data security protecting and sharing method based on block chain and system and application
CN109389485A (en) * 2018-09-30 2019-02-26 深圳市有情矿技术有限公司 Block chain dynamic exciting method under autonomous domain model based on information sharing contribution margin
CN109462588A (en) * 2018-11-13 2019-03-12 上海物融智能科技有限公司 A kind of decentralization data trade method and system based on block chain
CN109669986A (en) * 2018-12-12 2019-04-23 深圳乐信软件技术有限公司 Blacklist sharing method, device, equipment and storage medium based on block chain
CN109831501A (en) * 2019-01-30 2019-05-31 京东数字科技控股有限公司 Information dispensing method and system based on block chain
US10417219B1 (en) * 2018-03-28 2019-09-17 Macrogen, Inc. Data sharing method based on plurality of blockchains
CN110349056A (en) * 2019-06-03 2019-10-18 阿里巴巴集团控股有限公司 Transaction processing system and method based on block chain
CN110460590A (en) * 2018-12-07 2019-11-15 深圳市智税链科技有限公司 Data managing method, device, medium and the electronic equipment of block catenary system
CN110601853A (en) * 2019-09-17 2019-12-20 腾讯科技(深圳)有限公司 Block chain private key generation method and equipment
CN110611657A (en) * 2019-08-16 2019-12-24 中国人民银行数字货币研究所 File stream processing method, device and system based on block chain
CN110839015A (en) * 2019-10-12 2020-02-25 深圳壹账通智能科技有限公司 Log storage and reading method, device, equipment and medium based on block chain

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018012872A1 (en) * 2016-07-14 2018-01-18 주식회사 코인플러그 Method for providing recording and verification service for data received and transmitted by messenger service, and server using method
CN108063752A (en) * 2017-11-02 2018-05-22 暨南大学 A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology
US10417219B1 (en) * 2018-03-28 2019-09-17 Macrogen, Inc. Data sharing method based on plurality of blockchains
CN108768700A (en) * 2018-05-11 2018-11-06 北京奇虎科技有限公司 Reward distribution method, apparatus and system in a kind of block chain
CN108880784A (en) * 2018-05-28 2018-11-23 江苏众享金联科技有限公司 User privacy information shared system under a kind of different trust domain of solution based on block chain
CN109040012A (en) * 2018-06-19 2018-12-18 西安电子科技大学 A kind of data security protecting and sharing method based on block chain and system and application
CN109389485A (en) * 2018-09-30 2019-02-26 深圳市有情矿技术有限公司 Block chain dynamic exciting method under autonomous domain model based on information sharing contribution margin
CN109462588A (en) * 2018-11-13 2019-03-12 上海物融智能科技有限公司 A kind of decentralization data trade method and system based on block chain
CN110460590A (en) * 2018-12-07 2019-11-15 深圳市智税链科技有限公司 Data managing method, device, medium and the electronic equipment of block catenary system
CN109669986A (en) * 2018-12-12 2019-04-23 深圳乐信软件技术有限公司 Blacklist sharing method, device, equipment and storage medium based on block chain
CN109831501A (en) * 2019-01-30 2019-05-31 京东数字科技控股有限公司 Information dispensing method and system based on block chain
CN110349056A (en) * 2019-06-03 2019-10-18 阿里巴巴集团控股有限公司 Transaction processing system and method based on block chain
CN110611657A (en) * 2019-08-16 2019-12-24 中国人民银行数字货币研究所 File stream processing method, device and system based on block chain
CN110601853A (en) * 2019-09-17 2019-12-20 腾讯科技(深圳)有限公司 Block chain private key generation method and equipment
CN110839015A (en) * 2019-10-12 2020-02-25 深圳壹账通智能科技有限公司 Log storage and reading method, device, equipment and medium based on block chain

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111814193A (en) * 2020-08-31 2020-10-23 支付宝(杭州)信息技术有限公司 Information sharing method, device and equipment
US11514445B2 (en) 2020-08-31 2022-11-29 Alipay (Hangzhou) Information Technology Co., Ltd. Information sharing methods, apparatuses, and devices
CN113486393A (en) * 2021-06-16 2021-10-08 中国联合网络通信集团有限公司 Block chain-based personal information sharing method, node, device and storage medium
CN113392144A (en) * 2021-08-18 2021-09-14 北京邮电大学 Museum service data storage and query method and system based on block chain

Also Published As

Publication number Publication date
CN111339206B (en) 2023-07-18

Similar Documents

Publication Publication Date Title
CN108123800B (en) Key management method, key management device, computer equipment and storage medium
CN113364760A (en) Data encryption processing method and device, computer equipment and storage medium
CN111339206B (en) Block chain-based data sharing method and device
CN108777685B (en) Method and apparatus for processing information
CN113536327A (en) Data processing method, device and system
CN111181920A (en) Encryption and decryption method and device
CN114239072A (en) Block chain node management method and block chain network
CN111931204A (en) Encryption and de-duplication storage method and terminal equipment for distributed system
WO2024060630A1 (en) Data transmission management method, and data processing method and apparatus
CN107707528B (en) Method and device for isolating user information
CN111767550A (en) Data storage method and device
CN111984613B (en) Method, device and system for sharing files
CN111984616B (en) Method, device and system for updating shared file
CN111030930B (en) Decentralized network data fragment transmission method, device, equipment and medium
CN113761566A (en) Data processing method and device
CN113761585A (en) Data processing method, device and system
CN112182603A (en) Anti-crawler method and device
CN111984615B (en) File sharing method, device and system
CN116112172B (en) Android client gRPC interface security verification method and device
CN113132115B (en) Certificate switching method, device and system
CN110611656B (en) Identity management method, device and system based on master identity multiple mapping
CN113420331B (en) Method and device for managing file downloading permission
CN113297605B (en) Copy data management method, apparatus, electronic device, and computer readable medium
CN111786874B (en) Caller identification method and device
CN113449321B (en) Ciphertext retrieval method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20220926

Address after: 12 / F, 15 / F, 99 Yincheng Road, China (Shanghai) pilot Free Trade Zone, Pudong New Area, Shanghai, 200120

Applicant after: Jianxin Financial Science and Technology Co.,Ltd.

Address before: 25 Financial Street, Xicheng District, Beijing 100033

Applicant before: CHINA CONSTRUCTION BANK Corp.

Applicant before: Jianxin Financial Science and Technology Co.,Ltd.

GR01 Patent grant
GR01 Patent grant