CN111404895A - Method, equipment and storage medium for distributing and recovering readable permission of shared data - Google Patents
Method, equipment and storage medium for distributing and recovering readable permission of shared data Download PDFInfo
- Publication number
- CN111404895A CN111404895A CN202010150009.6A CN202010150009A CN111404895A CN 111404895 A CN111404895 A CN 111404895A CN 202010150009 A CN202010150009 A CN 202010150009A CN 111404895 A CN111404895 A CN 111404895A
- Authority
- CN
- China
- Prior art keywords
- key
- encryption
- intelligent contract
- data
- party
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/76—Proxy, i.e. using intermediary entity to perform cryptographic operations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method, equipment and a storage medium for distributing and recovering readable permission of shared data, and belongs to the technical field of block chains. The method comprises the steps that an intelligent contract initialization interface generates a key pair for proxy re-encryption, a public key cpk and a private key csk are abandoned; generating a re-encrypted key rekeyB by the public key cpk and a first node private key nsk, sending the key rekeyB to a first block chain node to be stored locally, and uplink storing the public key cpk of the intelligent contract; encrypting the re-encryption key rekeyA by using the public key cpk to generate a key rekeyA1, and storing the uplink; the intelligent contract re-encryption interface is used for re-encrypting the ciphertext data by using a user re-encryption key stored by a contract; the re-encryption key rekeyB of the first party is deleted. When the user wants to recover the readable rights of the shared user, only the contract needs to be triggered to delete the heavy encryption key from the contract storage area.
Description
Technical Field
The present invention relates to the field of block chain technologies, and in particular, to a method, an apparatus, and a storage medium for allocating and recovering a readable permission of shared data.
Background
The block chain technology is characterized by being not falsifiable and traceable; once the data is uplinked, there is either an uplink record or an uplink metadata record. And the blockchain is used as a publicized open source and semi-open source platform, even if data to be actually shared is obtained through contract calculation after the block chain is linked, an attacker still can calculate and obtain the required data through an open source logic algorithm or directly from a browser. Therefore, in the conventional technology and scheme, once the encrypted data is authorized to be shared, the recovery of the readable authority is difficult to realize as long as the encrypted data is open-source.
The scheme based on encrypted data sharing is generally realized by adopting a trusted third-party cloud platform, and the encryption method and the metadata of the third-party cloud platform are not open to the outside and belong to centralized realization of a closed source. The authorization of data sharing and the authorization are operated by the cloud platform agent. The data sharing authorization and recovery scheme based on the cloud platform has the defects that the centralized service has the problem of single-point failure of a service provider; and the centralized service is closed source, and the centralized trust problem exists. Malicious tampering of the data ciphertext by a cloud service provider can not be avoided, so that a receiver can share wrong information. Once the centralized cloud platform does nothing using this mechanism, data sharing is also meaningless.
Disclosure of Invention
1. Technical problem to be solved by the invention
In order to overcome the technical problem, the invention provides a method, a device and a storage medium for distributing and recovering the readable authority of shared data. When the user wants to recover the readable rights of the shared user, only the contract needs to be triggered to delete the heavy encryption key from the contract storage area.
2. Technical scheme
In order to solve the problems, the technical scheme provided by the invention is as follows:
a shared data readable permission distribution and recovery method, comprising: the intelligent contract initialization interface generates a key pair for proxy re-encryption, the public key cpk and the private key csk are abandoned; generating a re-encrypted key rekeyB by the public key cpk and a first node private key nsk, sending the key rekeyB to a first block chain node to be stored locally, and uplink storing the public key cpk of the intelligent contract; the intelligent contract encryption interface encrypts the uplink data A through a public key cpk of the intelligent contract to form a ciphertext A1; the first node accesses the intelligent contract decryption interface and decrypts the ciphertext A1 through a first node private key nsk; encrypting the re-encryption key rekeyA by using the public key cpk to generate a key rekeyA1, and storing the uplink; the intelligent contract re-encryption interface is used for re-encrypting the ciphertext data by using a user re-encryption key stored by a contract; the re-encryption key rekeyB of the first party is deleted.
Preferably, the algorithm for proxy re-encryption is bls12, or bn 256.
Preferably, the block chain is an ether house and a super book.
Preferably, the smart contract is a solid, or a chaincode.
A shared data readable permission distribution and recovery method, comprising: the first node creates a proxy re-encrypted key pair, public key npk, private key nsk; for decrypting smart contract data; the at least one first party creates a proxy re-encrypted key pair, public key npk, private key nsk; encrypting the shared plaintext data A into shared ciphertext data A1 by using a public key npk and uploading the shared ciphertext data A1 to a block chain; at least one second party applies for data sharing to the first party and sends a proxy re-encrypted public key tpk created by the second party to the first party; the first party generates a re-encrypted key rekeyA for the public key tpk of the second party by using a private key nsk; the first party sends the re-encryption key rekeyA to the intelligent contract, and the intelligent contract encrypts the re-encryption key rekeyA by using the public key cpk to generate a key rekeyA1 and stores the uplink; the second direction requests data sharing for the intelligent contract, and the intelligent contract decrypts the key rekeyA1 through the decryption interface to obtain a re-encryption key rekeyA; the intelligent contract uses the re-encryption key rekeyA to re-encrypt the shared ciphertext data A1 to generate a re-encrypted ciphertext A2; the intelligent contract sends the re-encrypted ciphertext A2 to the second party, and the second party decrypts the re-encrypted ciphertext A2 by using a private key tsk to obtain shared plaintext data A; and (4) permission recovery: the first party sends an instruction for deleting the re-encryption key rekeyA to the intelligent contract, and the storage area of the intelligent contract does not store the re-encryption key rekeyA of the first party any more.
Preferably, the algorithm for proxy re-encryption is bls12, or bn 256.
Preferably, the block chain is an ether house and a super book.
Preferably, the smart contract is a solid, or a chaincode.
An apparatus, the apparatus comprising: one or more processors; memory for storing one or more programs that, when executed by the one or more processors, cause the one or more processors to perform a method as described above.
A storage medium storing a computer program which, when executed by a processor, implements a method as claimed in any one of the preceding claims.
3. Advantageous effects
Compared with the prior art, the technical scheme provided by the invention has the following beneficial effects:
(1) carrying out agent re-encryption based on the intelligent contract, and carrying out encryption protection on a re-encryption key by using the intelligent contract; the block chain node maintains the re-encryption key of the intelligent contract, and does not carry out chain winding, so that all nodes of chain winding data are ensured to be consistent; a node decryption interface is arranged in the contract, so that public and private keys of the node and a contract re-encryption secret key stored in the node are not exposed; the contract code is public and anyone can check the contract in advance to protect the data sharing logic.
(2) The block chain is used for realizing the granting and recovery of the data sharing authority, and the block chain is completely transparent to the user, so that the block chain is credible based on the algorithm for the sharing platform and cannot be considered to intervene, and the malicious tampering and leakage of the data are caused; in combination with the contract non-tampering characteristic of the intelligent contract, once the contract establishes the uplink, the data sharing process can be executed only according to the process, so that the risk of repudiation of the user is avoided; by adopting double proxy re-encryption, a receiver sharing data cannot acquire any plaintext data from a chain and can decrypt the plaintext data into a secret key of the plaintext data, so that the operation right of the data is mastered on a data sender, and the data cannot be directly leaked or leaked through decryption under the condition of open source.
(3) Compared with the existing cloud platform encrypted data sharing technology, the agent re-encryption sharing of the block chain has more credibility.
Drawings
Fig. 1 is a flowchart of a method for allocating and recovering read permission of shared data according to an embodiment 1 of the present invention.
Fig. 2 is a flowchart of a method for allocating and recovering read permission of shared data according to embodiment 2 of the present invention.
Fig. 3 is a scene diagram illustrating a shared data readable permission allocation and recovery method according to an embodiment of the present invention.
FIG. 4 is a schematic diagram of an apparatus according to the present invention.
Detailed Description
For a further understanding of the present invention, reference will now be made in detail to the embodiments illustrated in the drawings.
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the present invention are shown in the drawings. The terms first, second, and the like in the present invention are provided for convenience of describing the technical solution of the present invention, and have no specific limiting effect, but are all generic terms, and do not limit the technical solution of the present invention. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
Example 1
The proxy re-encryption scheme based on the block chain is used, because the block chain is open-source in a public range or an organization range, the data sharing algorithm and the data on the chain are public and transparent, and the whole process is authorized to be known by a data sender and a data sharing party. Therefore, the risk of data malicious exploitation in a centralized mode does not exist, and even if the shared ciphertext data is maliciously tampered by individual nodes, the data submitted by the malicious nodes is rejected due to the consensus mechanism of the block chains.
However, as the block chain is open source and the data is transparent, a plurality of protection processes are needed in the data encryption layer, so that the data sharing party is prevented from knowing the data ciphertext and the decryption algorithm; and the problem that the ciphertext is cracked or the right of the shared data cannot be recovered can be solved.
When proxy re-encryption is used on the blockchain, because the re-encryption key generated by data transmission is linked in a plaintext mode, a uplink record exists and cannot be tampered. When the data sharing of the data sender is finished and the shared data right needs to be recovered, the data receiver knows the re-encryption key, the ciphertext and the decryption algorithm, so that the recovered shared data can still be decrypted. Using a contract-based proxy re-encryption scheme, secondary encryption of uplink data can be implemented to enable readable grant and reclamation of shared data. The user shared data encryption uplink can use proxy re-encryption to encrypt ciphertext uplink, and the re-encryption key uses a contract proxy re-encryption public key to encrypt and store, so that the re-encryption key of the user is not obtained by the shared user through a block chain browser or open source code calculation, and the purpose that the readable authority can not be recovered is achieved. When the user wants to recover the readable rights of the shared user, only the contract needs to be triggered to delete the heavy encryption key from the contract storage area. In this process, the proxy re-encryption private key of the contract cannot be uplink, the re-encryption private key of the contract cannot be uplink, and each node of uplink data is guaranteed to be the same to guarantee achievement of consensus.
The embodiment provides a method for distributing and recovering shared data readable rights, as shown in fig. 1 and 3, including: the intelligent contract initialization interface generates a key pair for proxy re-encryption, the public key cpk and the private key csk are abandoned; generating a re-encrypted key rekeyB by the public key cpk and a first node private key nsk, sending the key rekeyB to a first block chain node to be stored locally, and uplink storing the public key cpk of the intelligent contract; the intelligent contract encryption interface encrypts the uplink data A through a public key cpk of the intelligent contract to form a ciphertext A1; the first node accesses the intelligent contract decryption interface and decrypts the ciphertext A1 through a first node private key nsk; encrypting the re-encryption key rekeyA by using the public key cpk to generate a key rekeyA1, and storing the uplink; the intelligent contract re-encryption interface is used for re-encrypting the ciphertext data by using a user re-encryption key stored by a contract; the re-encryption key rekeyB of the first party is deleted.
The proxy re-encryption algorithm is bls12, or bn 256. The block chain is an Ether house and a super account book. The intelligent contract is a solid, or a chaincode.
The data sharing scheme of using the contract to carry out proxy re-encryption avoids leakage of the re-encryption key, and even if a data receiving party can know the encryption algorithm and the ciphertext of the re-encryption key of a sending party user, the re-encryption ciphertext cannot be generated for the user to be decrypted by the private key of the user.
In the process, the node private key can decrypt to obtain the plaintext of the re-encrypted key of the data sender, but for the node, the re-encrypted plaintext has no meaning, and the plaintext data of the user cannot be obtained without the private key of the sender or the receiver.
The other private key capable of obtaining the re-encrypted key is discarded when the data sender creates the contract account, thereby ensuring that only the node account capable of decrypting the re-encrypted key is available.
Example 2
A shared data readable right distributing and recovering method, as shown in fig. 2 and 3, comprising: the first node creates a proxy re-encrypted key pair, public key npk, private key nsk; for decrypting smart contract data; the at least one first party creates a proxy re-encrypted key pair, public key npk, private key nsk; encrypting the shared plaintext data A into shared ciphertext data A1 by using a public key npk and uploading the shared ciphertext data A1 to a block chain; at least one second party applies for data sharing to the first party and sends a proxy re-encrypted public key tpk created by the second party to the first party; the first party generates a re-encrypted key rekeyA for the public key tpk of the second party by using a private key nsk; the first party sends the re-encryption key rekeyA to the intelligent contract, and the intelligent contract encrypts the re-encryption key rekeyA by using the public key cpk to generate a key rekeyA1 and stores the uplink; the second direction requests data sharing for the intelligent contract, and the intelligent contract decrypts the key rekeyA1 through the decryption interface to obtain a re-encryption key rekeyA; the intelligent contract uses the re-encryption key rekeyA to re-encrypt the shared ciphertext data A1 to generate a re-encrypted ciphertext A2; the intelligent contract sends the re-encrypted ciphertext A2 to the second party, and the second party decrypts the re-encrypted ciphertext A2 by using a private key tsk to obtain shared plaintext data A; and (4) permission recovery: the first party sends an instruction for deleting the re-encryption key rekeyA to the intelligent contract, and the storage area of the intelligent contract does not store the re-encryption key rekeyA of the first party any more.
The proxy re-encryption algorithm is bls12, or bn 256. The block chain is an Ether house and a super account book. The intelligent contract is a solid, or a chaincode.
The contract-bound encryption key is stored below the node account and is not used as data for chaining, so that the common identification failure caused by different data can be avoided during common identification, and in the whole process, the data for chaining comprises: the encrypted ciphertext data, the encrypted sender re-encrypted ciphertext and the re-encrypted public key of the contract account are unrelated to the nodes and are the same at all the nodes, so that the consistency of the consensus data can be ensured.
Example 3
An apparatus, the apparatus comprising: one or more processors; memory for storing one or more programs that, when executed by the one or more processors, cause the one or more processors to perform a method as described above.
A storage medium storing a computer program which, when executed by a processor, implements the method as described in embodiment 1 above.
Fig. 4 is a schematic structural diagram of an apparatus according to an embodiment of the present invention.
As shown in fig. 4, as another aspect, the present application also provides an apparatus 500 including one or more Central Processing Units (CPUs) 501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM503, various programs and data necessary for the operation of the apparatus 500 are also stored. The CPU501, ROM502, and RAM503 are connected to each other via a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
To the I/O interface 505, AN input section 506 including a keyboard, a mouse, and the like, AN output section 507 including a keyboard such as a Cathode Ray Tube (CRT), a liquid crystal display (L CD), and the like, a speaker, and the like, a storage section 508 including a hard disk and the like, and a communication section 509 including a network interface card such as a L AN card, a modem, and the like, the communication section 509 performs communication processing via a network such as the internet, a drive 510 is also connected to the I/O interface 505 as necessary, a removable medium 511 such as a magnetic disk, AN optical disk, a magneto-optical disk, a semiconductor memory, and the like is mounted on the drive 510 as necessary, so that a computer program read out therefrom is mounted into the storage section 508 as necessary.
In particular, according to embodiments disclosed herein, the method described in any of the above embodiments may be implemented as a computer software program. For example, embodiments disclosed herein include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing the method described in any of the embodiments above. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 509, and/or installed from the removable medium 511.
As yet another aspect, the present application also provides a computer-readable storage medium, which may be the computer-readable storage medium included in the apparatus of the above-described embodiment; or it may be a separate computer readable storage medium not incorporated into the device. The computer readable storage medium stores one or more programs for use by one or more processors in performing the methods described herein.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules described in the embodiments of the present application may be implemented by software or hardware. The described units or modules may also be provided in a processor, for example, each of the described units may be a software program provided in a computer or a mobile intelligent device, or may be a separately configured hardware device. Wherein the designation of a unit or module does not in some way constitute a limitation of the unit or module itself.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the present application. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.
Claims (10)
1. A method for distributing and recovering shared data readable rights, comprising:
the intelligent contract initialization interface generates a key pair for proxy re-encryption, the public key cpk and the private key csk are abandoned;
generating a re-encrypted key rekeyB by the public key cpk and a first node private key nsk, sending the key rekeyB to a first block chain node to be stored locally, and uplink storing the public key cpk of the intelligent contract;
the intelligent contract encryption interface encrypts the uplink data A through a public key cpk of the intelligent contract to form a ciphertext A1;
the first node accesses the intelligent contract decryption interface and decrypts the ciphertext A1 through a first node private key nsk; encrypting the re-encryption key rekeyA by using the public key cpk to generate a key rekeyA1, and storing the uplink;
the intelligent contract re-encryption interface is used for re-encrypting the ciphertext data by using a user re-encryption key stored by a contract;
the re-encryption key rekeyB of the first party is deleted.
2. The method of claim 1, wherein the proxy re-encryption algorithm is bls12 or bn 256.
3. The method of claim 1, wherein the block chain is EtherFang, Superbook.
4. A method for assigning and recovering a shared data readable privilege as defined in claim 1, wherein the intelligent contract is a solid, or a chaincode.
5. A method for distributing and recovering shared data readable rights, comprising: the first node creates a proxy re-encrypted key pair, public key npk, private key nsk; for decrypting smart contract data;
the at least one first party creates a proxy re-encrypted key pair, public key npk, private key nsk; encrypting the shared plaintext data A into shared ciphertext data A1 by using a public key npk and uploading the shared ciphertext data A1 to a block chain;
at least one second party applies for data sharing to the first party and sends a proxy re-encrypted public key tpk created by the second party to the first party;
the first party generates a re-encrypted key rekeyA for the public key tpk of the second party by using a private key nsk;
the first party sends the re-encryption key rekeyA to the intelligent contract, and the intelligent contract encrypts the re-encryption key rekeyA by using the public key cpk to generate a key rekeyA1 and stores the uplink;
the second direction requests data sharing for the intelligent contract, and the intelligent contract decrypts the key rekeyA1 through the decryption interface to obtain a re-encryption key rekeyA;
the intelligent contract uses the re-encryption key rekeyA to re-encrypt the shared ciphertext data A1 to generate a re-encrypted ciphertext A2;
the intelligent contract sends the re-encrypted ciphertext A2 to the second party, and the second party decrypts the re-encrypted ciphertext A2 by using a private key tsk to obtain shared plaintext data A;
and (4) permission recovery: the first party sends an instruction for deleting the re-encryption key rekeyA to the intelligent contract, and the storage area of the intelligent contract does not store the re-encryption key rekeyA of the first party any more.
6. The method as claimed in claim 5, wherein the re-encryption algorithm of the agent is bls12 or bn 256.
7. The method of claim 5, wherein the block chain is EtherFang, Superbook.
8. A method for assigning and recovering a shared data readable privilege as claimed in claim 7, wherein the intelligent contract is a solid, or a chaincode.
9. An apparatus, characterized in that the apparatus comprises:
one or more processors;
a memory for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method recited in any of claims 1-8.
10. A storage medium storing a computer program, characterized in that the program, when executed by a processor, implements the method according to any one of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010150009.6A CN111404895A (en) | 2020-03-06 | 2020-03-06 | Method, equipment and storage medium for distributing and recovering readable permission of shared data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010150009.6A CN111404895A (en) | 2020-03-06 | 2020-03-06 | Method, equipment and storage medium for distributing and recovering readable permission of shared data |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111404895A true CN111404895A (en) | 2020-07-10 |
Family
ID=71413217
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010150009.6A Pending CN111404895A (en) | 2020-03-06 | 2020-03-06 | Method, equipment and storage medium for distributing and recovering readable permission of shared data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111404895A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112261015A (en) * | 2020-10-12 | 2021-01-22 | 北京沃东天骏信息技术有限公司 | Block chain based information sharing method, platform, system and electronic equipment |
| CN113810421A (en) * | 2021-09-18 | 2021-12-17 | 上海万向区块链股份公司 | Block chain-based PRE Internet of things data sharing method and system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101883100A (en) * | 2010-06-11 | 2010-11-10 | 北京大学 | Digital content distributed authorization method |
| CN104394155A (en) * | 2014-11-27 | 2015-03-04 | 暨南大学 | Multi-user cloud encryption keyboard searching method capable of verifying integrity and completeness |
| CN109039614A (en) * | 2018-09-17 | 2018-12-18 | 杭州弗兰科信息安全科技有限公司 | A kind of proxy re-encryption method based on optimal ate |
| CN109144961A (en) * | 2018-08-22 | 2019-01-04 | 矩阵元技术(深圳)有限公司 | Authority sharing method and device |
| CN109741057A (en) * | 2018-12-27 | 2019-05-10 | 石更箭数据科技(上海)有限公司 | Collecting method and system, platform, storage medium |
| CN110290094A (en) * | 2018-03-19 | 2019-09-27 | 华为技术有限公司 | A kind of control method and device of data access authority |
-
2020
- 2020-03-06 CN CN202010150009.6A patent/CN111404895A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101883100A (en) * | 2010-06-11 | 2010-11-10 | 北京大学 | Digital content distributed authorization method |
| CN104394155A (en) * | 2014-11-27 | 2015-03-04 | 暨南大学 | Multi-user cloud encryption keyboard searching method capable of verifying integrity and completeness |
| CN110290094A (en) * | 2018-03-19 | 2019-09-27 | 华为技术有限公司 | A kind of control method and device of data access authority |
| CN109144961A (en) * | 2018-08-22 | 2019-01-04 | 矩阵元技术(深圳)有限公司 | Authority sharing method and device |
| CN109039614A (en) * | 2018-09-17 | 2018-12-18 | 杭州弗兰科信息安全科技有限公司 | A kind of proxy re-encryption method based on optimal ate |
| CN109741057A (en) * | 2018-12-27 | 2019-05-10 | 石更箭数据科技(上海)有限公司 | Collecting method and system, platform, storage medium |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112261015A (en) * | 2020-10-12 | 2021-01-22 | 北京沃东天骏信息技术有限公司 | Block chain based information sharing method, platform, system and electronic equipment |
| CN113810421A (en) * | 2021-09-18 | 2021-12-17 | 上海万向区块链股份公司 | Block chain-based PRE Internet of things data sharing method and system |
| CN113810421B (en) * | 2021-09-18 | 2023-05-05 | 上海万向区块链股份公司 | PRE (PRE) Internet of things data sharing method and system based on block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10348696B2 (en) | Cloud key escrow system | |
| Zhao et al. | Trusted data sharing over untrusted cloud storage providers | |
| US8625802B2 (en) | Methods, devices, and media for secure key management in a non-secured, distributed, virtualized environment with applications to cloud-computing security and management | |
| US10546141B2 (en) | Network system, and methods of encrypting data, decrypting encrypted data in the same | |
| CN111385301B (en) | Block chain data sharing encryption and decryption method, equipment and storage medium | |
| Samanthula et al. | An efficient and secure data sharing framework using homomorphic encryption in the cloud | |
| CN103179114A (en) | Fine-grained access control method for data in cloud storage | |
| CN112685763B (en) | Data opening method and system based on ciphertext authorized access | |
| WO2017061950A1 (en) | Data security system and method for operation thereof | |
| CN115242555A (en) | Supervisable cross-chain private data sharing method and device | |
| CN104022869A (en) | Fine-grained data access control method based on fragmenting of secret keys | |
| CN102571329A (en) | Password key management | |
| CN105721146B (en) | A kind of big data sharing method towards cloud storage based on SMC | |
| KR20120132708A (en) | Distributed access priviledge management apparatus and method in cloud computing environments | |
| Chidambaram et al. | Enhancing the security of customer data in cloud environments using a novel digital fingerprinting technique | |
| CN103973698A (en) | User access right revoking method in cloud storage environment | |
| KR102385328B1 (en) | Method and System of Digital Rights Management | |
| CN111404895A (en) | Method, equipment and storage medium for distributing and recovering readable permission of shared data | |
| CN111353165A (en) | Block chain data supervision method, system, equipment and storage medium | |
| KR20210058313A (en) | Data access control method and system using attribute-based password for secure and efficient data sharing in cloud environment | |
| CN104796411A (en) | Method for safely transmitting, storing and utilizing data in cloud and mobile terminal | |
| US20230021749A1 (en) | Wrapped Keys with Access Control Predicates | |
| CN113824713B (en) | Key generation method, system and storage medium | |
| CN111541652B (en) | System for improving security of secret information keeping and transmission | |
| US11436351B1 (en) | Homomorphic encryption of secure data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200710 |