CN111464500A - Method, device, equipment and storage medium for sharing protocol data - Google Patents

Method, device, equipment and storage medium for sharing protocol data Download PDF

Info

Publication number
CN111464500A
CN111464500A CN202010155300.2A CN202010155300A CN111464500A CN 111464500 A CN111464500 A CN 111464500A CN 202010155300 A CN202010155300 A CN 202010155300A CN 111464500 A CN111464500 A CN 111464500A
Authority
CN
China
Prior art keywords
protocol data
encryption
information
data
protocol
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010155300.2A
Other languages
Chinese (zh)
Other versions
CN111464500B (en
Inventor
张宝
王梦寒
谢丹力
高建欣
刘恩科
赵达悦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Financial Technology Co Ltd Shanghai
Original Assignee
OneConnect Financial Technology Co Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Financial Technology Co Ltd Shanghai filed Critical OneConnect Financial Technology Co Ltd Shanghai
Priority to CN202010155300.2A priority Critical patent/CN111464500B/en
Publication of CN111464500A publication Critical patent/CN111464500A/en
Priority to PCT/CN2020/105755 priority patent/WO2021174758A1/en
Application granted granted Critical
Publication of CN111464500B publication Critical patent/CN111464500B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The application discloses a method, a device, equipment and a storage medium for sharing protocol data, which belong to the technical field of block chains, wherein the method comprises the following steps: receiving protocol data uploaded by an information uploading terminal, and generating an encryption identifier according to the protocol data; acquiring an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data by using the encryption key to obtain encryption information; determining a branch chain corresponding to the encrypted information according to the enterprise data encryption identifier, and storing the encrypted information into the branch chain, wherein the branch chain is an independent storage space in the distributed account book; and receiving an inquiry request of the inquiry terminal, acquiring a decryption key according to the inquiry request, decrypting the encrypted information by using the decryption key to obtain protocol data, and transmitting the protocol data to the inquiry terminal. The method and the device can realize the sharing of the protocol data, and improve the timeliness and the safety of the protocol data sharing.

Description

Method, device, equipment and storage medium for sharing protocol data
Technical Field
The present application belongs to the field of block chain technology, and in particular, to a method, an apparatus, a device, and a storage medium for sharing protocol data.
Background
In the existing protocol data sharing mode, when the amount of the protocol data to be shared is large, the data to be shared is generally collected in a centralized manner and transmitted within a fixed time or a time period, which results in low timeliness of protocol data sharing. In addition, when the existing protocol data sharing mode is implemented, all terminals for protocol data sharing need to be in one-to-one butt joint, and data interaction between the terminals connected in the mode is very complex, so that the maintenance cost of the protocol data sharing system formed by the connection in the mode is high. In addition, in the conventional protocol data sharing method, when protocol data is shared among terminals, each terminal may view the protocol data, so that the conventional protocol data sharing method is not high in security and the protocol data is easily leaked.
Disclosure of Invention
The invention provides a method, a device, equipment and a storage medium for sharing protocol data, and aims to solve the problems of low timeliness, complex interaction and poor safety of protocol data sharing in the conventional protocol data sharing mode.
In order to solve the above technical problem, an embodiment of the present application provides a method for sharing protocol data, which adopts the following technical solutions:
a method of protocol data sharing, comprising:
receiving protocol data uploaded by an information uploading terminal, and generating an encryption identifier according to the protocol data;
acquiring an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data by using the encryption key to obtain encryption information;
determining a branch chain corresponding to the encrypted information according to the encrypted identifier, and storing the encrypted information into the branch chain, wherein the branch chain is an independent storage space in the distributed account book;
and receiving an inquiry request of the inquiry terminal, acquiring a decryption key according to the inquiry request, decrypting the encrypted information by using the decryption key to obtain protocol data, and transmitting the protocol data to the inquiry terminal.
Further, the receiving the protocol data uploaded by the information uploading terminal and generating the encrypted identifier according to the protocol data specifically includes:
analyzing the protocol data to obtain field information in the protocol data;
detecting the content of all field information, and classifying all field information to obtain enterprise data and protocol object data;
and generating an encryption identifier according to the enterprise data and the protocol object data, wherein the encryption identifier comprises an enterprise data encryption identifier and a protocol object data encryption identifier.
Further, obtaining an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data by using the encryption key to obtain the encryption information specifically includes:
acquiring an enterprise data encryption key of the protocol data according to the enterprise data encryption identifier;
acquiring a protocol object data encryption key of the protocol data according to the protocol object data encryption identifier;
and encrypting the protocol data by using the enterprise data encryption key and the protocol object data encryption key respectively to obtain encryption information, wherein the enterprise data encryption key is used for encrypting the enterprise data, and the protocol object data encryption key is used for encrypting the protocol object data.
Further, determining a branch chain corresponding to the encrypted information according to the enterprise data encryption identifier, and storing the encrypted information into the branch chain specifically includes:
determining a distributed account book branch chain corresponding to the encrypted information according to the enterprise data encryption identifier;
storing the encrypted information into nodes of the distributed account book sub-chain through a peer-to-peer network;
carrying out consensus on the encrypted information through nodes of the distributed account book branch chain;
when the nodes of the distributed account book sub-link agree with the encrypted information within preset time, obtaining an encrypted information set;
and verifying the encrypted information set by using the node of the distributed ledger branch chain, and storing the encrypted information set into the distributed ledger branch chain when the verification is passed.
Further, before receiving an inquiry request from the inquiry terminal, obtaining a decryption key according to the inquiry request, decrypting the encrypted information using the decryption key to obtain protocol data, and transmitting the protocol data to the inquiry terminal, the method further includes:
acquiring a white list of encrypted information, wherein a query terminal for querying protocol data is recorded on the white list;
acquiring the queryable field information of the query terminal according to a preset query terminal authority table;
acquiring a decryption key corresponding to the queryable field information according to the queryable field information of the query terminal;
and distributing the decryption key corresponding to the queryable field information to the corresponding inquiring terminal.
Further, after acquiring an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data according to the encryption key to obtain the encryption information, the method further includes:
acquiring a public key of the distributed account book, and encrypting the encryption secret key by using the public key of the distributed account book;
associating the public key, the encryption secret key and the encryption information of the distributed account book to generate associated information;
and generating a query interface according to the associated information, wherein the query interface is used for querying the protocol data.
Further, receiving an inquiry request of the inquiry terminal, obtaining a decryption key according to the inquiry request, decrypting the encrypted information by using the decryption key to obtain protocol data, and transmitting the protocol data to the inquiry terminal specifically includes:
receiving a query request of a query terminal through a query interface, wherein the query request at least carries a private key of a distributed account book and a target enterprise data identifier, and the target enterprise data identifier is used for querying identifier information of a storage position of encrypted information in the distributed account book;
determining the position of the encrypted information in the distributed account book according to the target enterprise data identifier;
decrypting the public key of the distributed account book by using the private key of the distributed account book to obtain a decryption secret key;
and decrypting the encrypted information by using the decryption key to obtain protocol data, and transmitting the protocol data to the inquiry terminal.
In order to solve the above technical problem, an embodiment of the present application further provides a device for sharing protocol data, which adopts the following technical solutions:
an apparatus for protocol data sharing, comprising:
the receiving module is used for receiving the protocol data uploaded by the information uploading terminal and generating an encryption identifier according to the protocol data;
the encryption module is used for acquiring an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data by using the encryption key to obtain encryption information;
the storage module is used for determining a branch chain corresponding to the encrypted information according to the enterprise data encryption identifier and storing the encrypted information into the branch chain, wherein the branch chain is an independent storage space in the distributed account book;
and the decryption module is used for receiving the query request of the query terminal, acquiring a decryption key according to the query request, decrypting the encrypted information by using the decryption key to obtain protocol data, and transmitting the protocol data to the query terminal.
In order to solve the above technical problem, an embodiment of the present application further provides a computer device, which adopts the following technical solution:
a computer device comprising a memory and a processor, the memory having stored therein computer readable instructions which, when executed by the processor, implement the steps of the above-described method for protocol data sharing.
In order to solve the above technical problem, an embodiment of the present application further provides a non-volatile computer-readable storage medium, which adopts the following technical solutions:
a non-transitory computer readable storage medium, wherein the non-transitory computer readable storage medium stores computer readable instructions, and the computer readable instructions, when executed by a processor, implement the steps of the protocol data sharing method.
Compared with the prior art, the embodiment of the application mainly has the following beneficial effects:
the application discloses a method, a device, equipment and a storage medium for sharing protocol data, wherein the method for sharing protocol data comprises the steps of receiving the protocol data uploaded by an information uploading terminal and generating an encryption identifier according to the protocol data; acquiring an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data by using the encryption key to obtain encryption information; determining a branch chain corresponding to the encrypted information according to the encrypted identifier, and storing the encrypted information into the branch chain, wherein the branch chain is an independent storage space in the distributed account book; and receiving an inquiry request of the inquiry terminal, acquiring a decryption key according to the inquiry request, decrypting the encrypted information by using the decryption key to obtain protocol data, and transmitting the protocol data to the inquiry terminal. The protocol data are encrypted by the encryption key to generate encryption information, the encryption information is stored on the appointed branch chain in the distributed account book according to the encryption identification, the protocol data are shared, the timeliness of protocol data sharing is improved, the structure of the protocol data sharing system is simpler, the protocol data sharing system is more convenient to maintain, meanwhile, the encryption information is stored on the appointed branch chain in the distributed account book, when the encryption information on a certain branch chain is updated, other synchronous updating is not needed, and therefore the system storage space is effectively saved.
Drawings
In order to more clearly illustrate the solution of the present application, the drawings needed for describing the embodiments of the present application will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present application, and that other drawings can be obtained by those skilled in the art without inventive effort.
FIG. 1 is an exemplary system architecture diagram in which the present application may be applied;
FIG. 2 illustrates a flow diagram of one embodiment of a method of protocol data sharing according to the present application;
FIG. 3 is a flow chart of one embodiment of step S201 of FIG. 2;
FIG. 4 is a flow diagram illustrating one embodiment of step S202 of FIG. 2;
FIG. 5 is a flowchart illustrating one embodiment of step S203 of FIG. 2;
FIG. 6 is a flowchart illustrating a specific implementation of setting a white list in the method according to the embodiment of the present application;
fig. 7 is a flowchart of a specific implementation of encrypting an encryption key by using a public key of a distributed ledger in the method according to the embodiment of the present application;
FIG. 8 is a flowchart illustrating one embodiment of step S204 of FIG. 2;
FIG. 9 is a block diagram illustrating one embodiment of an apparatus for protocol data sharing according to the present application;
FIG. 10 is a schematic block diagram of one embodiment of a computer device according to the present application.
Detailed Description
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs; the terminology used in the description of the application herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application; the terms "including" and "having," and any variations thereof, in the description and claims of this application and the description of the above figures are intended to cover non-exclusive inclusions. The terms "first," "second," and the like in the description and claims of this application or in the above-described drawings are used for distinguishing between different objects and not for describing a particular order.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings.
As shown in fig. 1, the system architecture 100 may include terminal devices 101, 102, 103, a network 104, and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may have various communication client applications installed thereon, such as a web browser application, a shopping application, a search application, an instant messaging tool, a mailbox client, social platform software, and the like.
The terminal devices 101, 102, 103 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, e-book readers, MP3 players (Moving Picture experts Group Audio L layer III, mpeg compression standard Audio layer 3), MP4 players (Moving Picture experts Group Audio L layer IV, mpeg compression standard Audio layer 4), laptop and desktop computers, and the like.
The server 105 may be a server providing various services, such as a background server providing support for pages displayed on the terminal devices 101, 102, 103.
It should be noted that, the method for protocol data sharing provided in the embodiments of the present application is generally performed by a server/terminal device, and accordingly, an apparatus for protocol data sharing is generally disposed in the server/terminal device.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
With continuing reference to FIG. 2, FIG. 2 illustrates a flow diagram of one embodiment of a method of protocol data sharing according to the present application. The protocol data sharing method comprises the following steps:
s201, receiving protocol data uploaded by an information uploading terminal, and generating an encryption identifier according to the protocol data;
the protocol data can be data information which needs to be kept interworked and shared among different organizations and organizations. In a specific embodiment of the present application, a protocol data, such as business information between two enterprises having a cooperative relationship, needs to keep the mutual information intercommunication and sharing between the two enterprises having a cooperative relationship, so that the two parties can develop a cooperative business.
Specifically, the server receives the protocol data uploaded by the information uploading terminal. In this way, the two enterprises having a cooperative relationship can share the business information, and after one of the two enterprises completes the business, the formed protocol data can be uploaded through the uploading terminal.
In this embodiment, an electronic device (for example, the server/terminal device shown in fig. 1) on which the protocol data sharing method operates may receive the protocol data uploaded by the information uploading terminal through a wired connection manner or a wireless connection manner. It should be noted that the wireless connection means may include, but is not limited to, a 3G/4G connection, a WiFi connection, a bluetooth connection, a WiMAX connection, a Zigbee connection, a uwb (ultra wideband) connection, and other wireless connection means now known or developed in the future.
S202, acquiring an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data by adopting the encryption key to obtain encryption information;
the encryption refers to hiding plaintext information to make the plaintext information unreadable when the plaintext information lacks special information, a common asymmetric encryption algorithm can be used for encrypting the plaintext information in the encryption processing process, the asymmetric encryption algorithm refers to an algorithm with different keys used in encryption and decryption, the asymmetric encryption can generate an encryption key and a decryption key, the encryption key and the decryption key are a pair of keys for encrypting the plaintext information, and the decryption key is used for decrypting the plaintext information encrypted by the encryption key to realize the encryption and decryption processes of the plaintext information.
Specifically, the server obtains an encryption key of the protocol data corresponding to the encryption identifier according to the encryption identifier obtained in S201, and encrypts the protocol data according to the encryption key to obtain encrypted information.
S203, determining a branch chain corresponding to the encrypted information according to the enterprise data encryption identifier, and storing the encrypted information into the branch chain, wherein the branch chain is an independent storage space in the distributed account book;
the distributed account book is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm, is a chain data structure formed by combining data blocks in a sequential connection mode according to a time sequence, and is guaranteed to be non-falsifiable and non-counterfeitable in a cryptographic mode. The branch chain is a storage space independent of the main chain in the distributed account book, the data stored in each branch chain are independent and do not interfere with each other, the data stored in the nodes in the same branch chain are updated synchronously when the data are updated, and the data stored in the nodes in different branch chains are not updated synchronously when the data are updated.
In a specific embodiment of the present application, there are 1 main chain and 3 branch chains (Channel main chain, Channel1 branch chain, Channel2 branch chain, and Channel3 branch chain, respectively) in a distributed ledger and four encrypted messages (0 rg1, 0rg2, 0rg3, and 0rg4, respectively), where the message 0rg1 is stored on the main chain, the message 0rg4 is stored in three branch chains, the message 0rg2 is stored in the Channel2 branch chain and the Channel3 branch chain, and the message 0rg3 is stored only in the Channel2 branch chain. In the above example, when the information 0rg1 is updated, the encrypted information stored on the main chain and each branch chain needs to be updated at the same time; when the information 0rg4 is updated, the encryption information stored on each branch chain needs to be updated at the same time, but the encryption information stored on the main chain is not affected; when the information 0rg2 is updated, the encryption information stored on the Channel2 branch and the Channel3 branch needs to be updated at the same time, but the encryption information stored on the main chain and the Channel1 branch is not affected; when the information 0rg3 is updated, the encrypted information stored on the Channel2 branch needs to be updated at the same time, but the stored encrypted information on the main chain, the Channel1 branch and the Channel3 branch is not affected. Through storing the encrypted information to the branch chain of the distributed account book, the storage space of the distributed account book is effectively saved, and the calculation amount of the system is also reduced.
Specifically, after the encrypted information is obtained, which specific branch chain of the distributed account book the encrypted information should be stored in is determined according to the encrypted identifier, and after the branch chain of the encrypted information storage is determined, the encrypted information is stored in each node in the branch chain.
S204, receiving the query request of the query terminal, acquiring a decryption key according to the query request, decrypting the encrypted information by using the decryption key to obtain protocol data, and transmitting the protocol data to the query terminal.
Specifically, when the demand of inquiring the protocol data occurs, the server receives an inquiry request of the inquiry terminal, acquires a decryption key according to the inquiry request, decrypts the encrypted information by using the decryption key, and transmits the decrypted protocol data to the inquiry terminal for the inquirer to check if the decryption is successful. If the decryption key can not decrypt the encrypted information, the decryption fails, and a result of failed query is output to the query terminal to prompt the query person of failed query.
In this embodiment, an electronic device (for example, the server/terminal device shown in fig. 1) on which the protocol data sharing method operates may receive an inquiry request of an inquiry terminal through a wired connection manner or a wireless connection manner. It should be noted that the wireless connection means may include, but is not limited to, a 3G/4G connection, a WiFi connection, a bluetooth connection, a WiMAX connection, a Zigbee connection, a uwb (ultra wideband) connection, and other wireless connection means now known or developed in the future.
In the protocol data sharing method, the protocol data uploaded by the information uploading terminal is received, and an encryption identifier is generated according to the protocol data; acquiring an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data according to the encryption key to obtain encryption information; determining a branch chain corresponding to the encrypted information according to the enterprise data encryption identifier, and storing the encrypted information into the branch chain, wherein the branch chain is an independent storage space in the distributed account book; and receiving an inquiry request of the inquiry terminal, acquiring a decryption key according to the inquiry request, decrypting the encrypted information by using the decryption key to obtain protocol data, and transmitting the protocol data to the inquiry terminal. The protocol data are encrypted by the encryption key to generate encryption information, the encryption information is stored on the appointed branch chain in the distributed account book according to the encryption identifier, the protocol data are shared, the timeliness of protocol data sharing is improved, the structure of the protocol data sharing system is simpler, the protocol data sharing system is more convenient to maintain, meanwhile, the encryption information is stored on the appointed branch chain in the distributed account book, when the encryption information on a certain branch chain is updated, other synchronous updating is not needed, the system storage space is effectively saved, encryption operation is performed before the protocol data are stored in the distributed account book, the protocol data are allowed to be inquired after decryption is successful, and the safety of protocol data sharing is improved.
Further, referring to fig. 3, fig. 3 is a flowchart of an embodiment of step S201 in fig. 2, where the step S201 receives protocol data uploaded by the information uploading terminal, and generating an encrypted identifier according to the protocol data specifically includes:
s301, analyzing the protocol data to acquire field information in the protocol data;
each protocol data contains a plurality of field information, the field information records different information contents, and different field information corresponds to different encryption identifications.
Specifically, the protocol data is analyzed, and field information in the protocol data is extracted. The protocol data comprises enterprise data and protocol object data, wherein the enterprise data comprises information such as insurance company names and organization codes; the protocol object data comprises basic information and receipt information of the protocol object; the basic information of the agreement object comprises information such as name, certificate number, academic calendar, marital status, interests and the like of the agreement object; the document information includes information such as protocol number, category, name, amount, term, fee, etc.
In a specific embodiment of the present application, one protocol datum has the following contents recorded thereon:
and (3) enterprise name: XX Corp Ltd
Enterprise organization code: 00000000-0
……
Certificate number (identification card): 4400002000001010000
Name: zhang three
Numbering: 20000000
……
S302, detecting the content of all field information, and classifying all field information to obtain enterprise data and protocol object data;
specifically, the server detects all the field information extracted in S301, and detects the content of all the field information. Detecting the field information in the protocol data to obtain the following results:
enterprise data field information: "name of the corporation: XX corporation "," enterprise organization code: 00000000-0', … …
Protocol object data field information: "card number (identification card): 4400002000001010000 "," name: zhang III "," numbering: 200000000 … …
And S303, generating an encryption identifier according to the enterprise data and the protocol object data, wherein the encryption identifier comprises an enterprise data encryption identifier and a protocol object data encryption identifier.
Specifically, different encryption identifiers are respectively generated according to specific enterprise data and protocol object data, and each enterprise data and each protocol object data correspond to one encryption identifier, wherein the encryption identifiers comprise an enterprise data encryption identifier and a protocol object data encryption identifier, the enterprise data encryption identifier is generated by the enterprise data, and the protocol object data encryption identifier is generated by the protocol object data.
In the above embodiment, the protocol data is analyzed to obtain field information in the protocol data; detecting the content of all field information, and classifying all field information to obtain enterprise data and protocol object data; and generating an encryption identifier according to the enterprise data and the protocol object data, wherein the encryption identifier comprises an enterprise data encryption identifier and a protocol object data encryption identifier. By detecting and classifying the field information in the acquired protocol data, different data information can be obtained, and different encryption marks can be generated.
Further, referring to fig. 4, fig. 4 is a flowchart illustrating a specific implementation manner of step S202 in fig. 2, where step S202 obtains an encryption key of the protocol data according to the encryption identifier, and encrypts the protocol data by using the encryption key to obtain the encryption information specifically includes:
s401, acquiring an enterprise data encryption key of the protocol data according to the enterprise data encryption identifier;
specifically, after the enterprise data encryption identifier is generated according to the enterprise data, the enterprise data encryption key of the protocol data is obtained according to the enterprise data encryption identifier. It should be noted that each enterprise data encryption id corresponds to an encryption key.
S402, acquiring a protocol object data encryption key of the protocol data according to the protocol object data encryption identifier.
Specifically, after the protocol object data encryption identifier is generated according to the protocol object data, the protocol object data encryption key of the protocol data is obtained according to the protocol object data encryption identifier. It should be noted that each protocol object data encryption id corresponds to an encryption key.
And S403, encrypting the protocol data by using the enterprise data encryption key and the protocol object data encryption key respectively to obtain encryption information, wherein the enterprise data encryption key is used for encrypting the enterprise data, and the protocol object data encryption key is used for encrypting the protocol object data.
Specifically, the enterprise data field information in the protocol data is encrypted by using an enterprise data encryption key, the protocol object data field information in the protocol data is encrypted by using a protocol object data encryption key, and the encrypted information is obtained after all the field information is encrypted.
In the above embodiment, the enterprise data encryption key of the protocol data is obtained according to the enterprise data encryption identifier; acquiring a protocol object data encryption key of the protocol data according to the protocol object data encryption identifier; and encrypting the protocol data by using the enterprise data encryption key and the protocol object data encryption key respectively to obtain encryption information, wherein the enterprise data encryption key is used for encrypting the enterprise data, and the protocol object data encryption key is used for encrypting the protocol object data. The enterprise data field information in the protocol data is encrypted through the enterprise data encryption key, and the protocol object data field information in the protocol data is encrypted through the protocol object data encryption key, so that each field information in the protocol data is independently encrypted, and the protocol data sharing safety is improved.
Further, referring to fig. 5, fig. 5 is a flowchart illustrating an embodiment of step S203 in fig. 2, where step S203 determines a branch chain corresponding to the encrypted information according to the enterprise data encryption identifier, and storing the encrypted information in the branch chain specifically includes:
s501, determining a distributed account book branch chain corresponding to the encrypted information according to the enterprise data encryption identifier;
for enterprises in the agreement data sharing system, the system allocates a corresponding distributed account book branch chain in advance, agreement data generated by each enterprise is stored in the assigned distributed account book branch chain, and the agreement data generated by the enterprise is specifically stored in any branch chain of the distributed account book and can be determined through an enterprise data encryption identifier.
Specifically, the distributed account book sub-chain corresponding to the encrypted information is determined according to the enterprise data encryption identifier.
S502, storing the encrypted information into the nodes of the distributed account book branch chain through a peer-to-peer network;
the Peer-to-Peer network, i.e., P2P (Peer-to-Peer), is a Peer-to-Peer computer network, is a distributed application architecture for distributing tasks and workloads among peers, is a networking or network form formed by a Peer-to-Peer computing model in an application layer, and has the characteristics of decentralization, expandability, high cost performance, and the like.
Specifically, the encrypted information is stored in the distributed ledger branch chain in a P2P peer-to-peer network manner, and the node of the distributed ledger branch chain receives the encrypted information and stores the encrypted information in its own memory.
S503, identifying the encrypted information by the nodes of the distributed account book branch chain;
specifically, after the node of the distributed ledger branch chain stores the encryption information in its own memory, it needs to wait for consensus with other nodes of the branch chain, and only after the consensus is completed, the sharing of the encryption information on the distributed ledger is really realized. The consensus is a process of establishing trust and obtaining rights and interests among different nodes.
S504, when the nodes of the distributed account book sub-link agree on the encrypted information within the preset time, an encrypted information set is obtained;
specifically, when the consensus time is reached, all encrypted information stored in the memory of the node in the distributed ledger branch chain is combined into an encrypted information set by the node.
In a specific embodiment of the present application, the distributed account book may also be a block chain, and when the consensus time is up, a node of one branch chain in the block chain combines all encrypted information stored in the memory into an encrypted information set, calculates a hash value of the encrypted information set, and combines the hash value and the encrypted information set into a block. The following information is included in the block: the hash value of the current chunk, the hash value of the previous chunk, a timestamp when consensus was achieved, description information, and a set of encryption information. And finally, when all nodes on the block chain branch chain reach the consistency of the encryption information set within the preset time, the consensus is passed, and the encryption information set passing the consensus is obtained.
And S505, verifying the encrypted information set by using the node of the distributed ledger branch chain, and storing the encrypted information set into the distributed ledger branch chain when the verification is passed.
Specifically, when the distributed account book receives the encrypted information set passing the consensus, the encrypted information set is verified by using the node of the distributed account book branch chain, when the verification passes, the encrypted information set is stored in the distributed account book branch chain, and if the verification fails, verification failure information is output.
In the above embodiment, the distributed ledger branch chain corresponding to the encrypted information is determined according to the enterprise data encryption identifier; diffusing the encrypted information into nodes of the distributed account book sub-chain through a peer-to-peer network; carrying out consensus on the encrypted information through nodes of the distributed account book branch chain; when the nodes of the distributed account book sub-link agree with the encrypted information within preset time, obtaining an encrypted information set; and verifying the encrypted information set by using the node of the distributed ledger branch chain, and storing the encrypted information set into the distributed ledger branch chain when the verification is passed. By storing the encrypted information into the distributed account book branch chain, the sharing of the encrypted information is realized, the non-falsification of the encrypted information is ensured, the protocol data is also ensured not to be falsified, and the security of the protocol data sharing is improved.
Further, referring to fig. 6, fig. 6 shows a flowchart of a specific implementation of setting a white list in the method according to the embodiment of the present application, and before step S204, that is, before receiving an inquiry request of an inquiry terminal, obtaining a decryption key according to the inquiry request, decrypting the encrypted information using the decryption key to obtain protocol data, and transmitting the protocol data to the inquiry terminal, the method further includes:
s601, acquiring a white list of encrypted information, wherein a query terminal for querying protocol data is recorded on the white list;
the organization and the organization in the protocol data sharing system can preset inquiry terminals capable of inquiring the encrypted information, and count all the inquiry terminals capable of inquiring the encrypted information to form a white list of the encrypted information.
Specifically, a white list of the encrypted information is obtained, wherein an inquiry terminal for inquiring the protocol data is recorded on the white list.
S602, acquiring queryable field information of a query terminal according to a preset query terminal authority table;
the inquiry terminal authority list is used for standardizing the inquired field information of each inquiry terminal, and can be preset in the inquiry terminal by an organization and a mechanism in the protocol data sharing system.
In a specific embodiment of the present application, the query terminal permission table may be shown as the following table:
TABLE 1A concrete inquiry terminal authority table
Inquiry terminal Field authority
A Name of an enterprise
B Name, identity card number
C Numbering
In the above specific embodiment, the query terminal a only has the authority to query the field information of the "enterprise name", the query terminal B only has the authority to query the "name" and the "identity number" of the protocol object, and the query terminal C only has the authority to query the field information of the "number" of the protocol data, so that each query terminal can only query the corresponding protocol data within its own authority range, but does not have the query authority of other protocol data outside its own authority range.
Specifically, the server obtains the queryable field information of each query terminal according to a preset query terminal authority table.
S603, acquiring a decryption key corresponding to the queryable field information according to the queryable field information of the query terminal;
specifically, the decryption key corresponding to the queryable field information is obtained according to the queryable field information of the query terminal. Each field information corresponds to a decryption key, the decryption key corresponding to one field information and the encryption key used by the field information belong to a key pair, and the decryption key corresponding to the field information can only decrypt the encryption key used by the field information but cannot decrypt the encryption keys used by other field information.
S604, distributing the decryption key corresponding to the field information capable of being inquired to the corresponding inquiry terminal.
Specifically, the server acquires a corresponding decryption key from the distributed account book according to the queriable field information, and distributes the decryption key to the corresponding query terminal according to the queriable field information authority.
In the above embodiment, by obtaining the white list of the encrypted information, the white list records the query terminal capable of querying the protocol data; acquiring the queryable field information of the query terminal according to a preset query terminal authority table; acquiring a decryption key corresponding to the queryable field information according to the queryable field information of the query terminal; and distributing the decryption key corresponding to the queryable field information to the corresponding inquiring terminal. And the field information in the protocol data is correspondingly distributed to different inquiry terminals according to the inquiry authority, and the different inquiry terminals can only correspondingly inquire the field information within the self inquiry authority range, so that the independent decryption and the independent inquiry of the field information in the protocol data are realized, and the protocol data sharing safety is further improved.
Further, referring to fig. 7, in the method of the embodiment of the application of fig. 7, a flowchart of a specific implementation of encrypting an encryption key by using a public key of a distributed ledger is shown, where the method for protocol data sharing further includes:
s701, acquiring a public key of the distributed account book, and encrypting the encryption secret key by using the public key of the distributed account book;
specifically, a public key of the distributed account book is obtained, and an enterprise data encryption key and a protocol object data encryption key used for encrypting protocol data are encrypted by using the public key of the distributed account book.
S702, associating the public key, the encryption secret key and the encryption information of the distributed account book to generate associated information;
specifically, the public key of the distributed account book, the enterprise data encryption key, the protocol object data encryption key and the encryption information are associated to generate associated information, and the associated information is stored into the branch chain corresponding to the distributed account book according to the enterprise data encryption key.
And S703, generating a query interface according to the associated information, wherein the query interface is used for querying the protocol data.
The interface refers to an application programming interface, and is a predefined function for providing the application and developer with the ability to access a set of routines based on certain software or hardware, without accessing the source code or understanding the details of the internal working mechanism.
Specifically, a query interface of the server is generated according to the associated information, wherein the query interface is used for querying protocol data, and the associated encrypted information can be directly queried by calling the query interface.
In the above embodiment, the public key of the distributed ledger is obtained, and the public key of the distributed ledger is used to encrypt the encryption key; associating the public key, the encryption secret key and the encryption information of the distributed account book to generate associated information; and generating a query interface according to the associated information, wherein the query interface is used for querying the protocol data. The encryption key is further encrypted by using the public key of the distributed account book, so that layered encryption is realized, the safety and the non-falsification of the protocol data are ensured, and the safety of protocol data sharing is improved.
Further, referring to fig. 8, fig. 8 is a flowchart illustrating a specific implementation manner of step S204 in fig. 2, where step S204 receives an inquiry request from the inquiry terminal, obtains a decryption key according to the inquiry request, decrypts the encrypted information using the decryption key to obtain the protocol data, and transmits the protocol data to the inquiry terminal, and specifically includes:
s801, receiving a query request of a query terminal through a query interface, wherein the query request at least carries a private key of a distributed account book and a target enterprise data identifier, and the target enterprise data identifier is used for querying identifier information of a storage position of encrypted information in the distributed account book;
specifically, when a query requirement exists, a query request of a query terminal is received through a query interface of a server, the query request is used for querying protocol data, the query request at least carries a private key of a distributed account book and a target enterprise data identifier, the target enterprise data identifier is used for querying identification information of a storage position of encrypted information in the distributed account book, and the target enterprise data identifier is input on the query terminal by a user.
S802, determining the position of the encrypted information in the distributed account book according to the target enterprise data identifier;
specifically, when a query requirement exists, the server determines a specific position of the encrypted information to be queried, which is stored in the branch chain of the distributed account book, according to the target enterprise data identifier;
s803, decrypting the public key of the distributed account book by using the private key of the distributed account book to obtain a decryption secret key;
specifically, after determining that the encrypted information to be queried is stored in a specific position in the branch chain of the distributed account book, extracting the encrypted information in the branch chain of the distributed account book, and decrypting the public key of the distributed account book by using the private key of the distributed account book to obtain a decryption key.
S804, the encrypted information is decrypted by using the decryption secret key to obtain protocol data, and the protocol data is transmitted to the inquiry terminal.
Specifically, after the encryption key is obtained, the decryption key is used to decrypt the encryption information extracted from the branch chain of the distributed account book, so as to obtain the protocol data, and the protocol data is transmitted to the query terminal.
In the above embodiment, a query request of a query terminal is received through a query interface, where the query request carries at least a private key of a distributed ledger and a target enterprise data identifier, and the query request is used to query protocol data; determining the position of the encrypted information in the distributed account book according to the target enterprise data identifier; decrypting the public key of the distributed account book by using the private key of the distributed account book to obtain a decryption secret key; and decrypting the encrypted information by using the decryption key to obtain protocol data, and transmitting the protocol data to the inquiry terminal. The protocol data is directly inquired through the inquiry interface, the method is convenient, the public key of the distributed account book is decrypted through the private key of the distributed account book, and the encrypted information is decrypted by using the encrypted private key to complete layered decryption, so that the safety and the non-falsification of the protocol data are ensured, and the safety of protocol data sharing is improved.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware associated with computer readable instructions, which can be stored in a computer readable storage medium, and when executed, the processes of the embodiments of the methods described above can be included. The storage medium may be a non-volatile storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a Random Access Memory (RAM).
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
With further reference to fig. 9, fig. 9 is a schematic structural diagram of an embodiment of a device for protocol data sharing according to the present application, and as an implementation of the method shown in fig. 2, the present application provides an embodiment of a device for protocol data sharing, where the embodiment of the device corresponds to the embodiment of the method shown in fig. 2, and the device may be applied to various electronic devices in particular.
As shown in fig. 9, the apparatus for protocol data sharing according to this embodiment includes:
a receiving module 901, configured to receive protocol data uploaded by the information uploading terminal, and generate an encrypted identifier according to the protocol data;
the encryption module 902 is configured to obtain an encryption key of the protocol data according to the encryption identifier, and encrypt the protocol data using the encryption key to obtain encrypted information;
the storage module 903 is configured to determine a branch chain corresponding to the encrypted information according to the enterprise data encryption identifier, and store the encrypted information into the branch chain, where the branch chain is an independent storage space in the distributed account book;
the decryption module 904 is configured to receive the query request of the query terminal, obtain a decryption key according to the query request, decrypt the encrypted information using the decryption key to obtain protocol data, and transmit the protocol data to the query terminal.
Further, the receiving module 901 specifically includes:
the analysis unit is used for analyzing the protocol data to acquire field information in the protocol data;
the classification unit is used for detecting the content of all field information and classifying all field information to obtain enterprise data and protocol object data;
and the encryption identifier generating unit is used for generating an encryption identifier according to the enterprise data and the protocol object data, wherein the encryption identifier comprises an enterprise data encryption identifier and a protocol object data encryption identifier.
Further, the encryption module 902 specifically includes:
the enterprise data encryption key acquiring unit is used for acquiring an enterprise data encryption key of the protocol data according to the enterprise data encryption identifier;
the protocol object data encryption key acquiring unit is used for acquiring a protocol object data encryption key of the protocol data according to the protocol object data encryption identifier;
and the encryption unit is used for encrypting the protocol data by using the enterprise data encryption key and the protocol object data encryption key respectively to obtain encryption information, wherein the enterprise data encryption key is used for encrypting the enterprise data, and the protocol object data encryption key is used for encrypting the protocol object data.
Further, the storage module 903 specifically includes:
the branch chain determining unit is used for determining the distributed account book branch chain corresponding to the encrypted information according to the enterprise data encryption identifier;
the diffusion unit is used for storing the encrypted information into the nodes of the distributed account book branch chain through a peer-to-peer network;
the consensus unit is used for performing consensus on the encrypted information through the nodes of the distributed account book branch chain;
the encrypted information set generating unit is used for obtaining an encrypted information set when the nodes of the distributed account book sub-link agree the encrypted information within the preset time;
and the verification unit is used for verifying the encrypted information set by using the node of the distributed ledger branch chain, and storing the encrypted information set into the distributed ledger branch chain when the verification is passed.
Further, the protocol data sharing device further includes:
the system comprises a white list acquisition module, a protocol data acquisition module and a data transmission module, wherein the white list acquisition module is used for acquiring a white list of encrypted information, and a query terminal for querying protocol data is recorded on the white list;
the query terminal comprises a query terminal permission list acquisition module, a query field information acquisition module and a query processing module, wherein the query terminal permission list acquisition module is used for acquiring the query field information of the query terminal according to the preset query terminal permission list;
the decryption key acquisition module is used for acquiring a decryption key corresponding to the queryable field information according to the queryable field information of the query terminal;
and the distribution module is used for distributing the decryption key corresponding to the queryable field information to the corresponding inquiring terminal.
Further, the protocol data sharing device further includes:
the public key acquisition module is used for acquiring a public key of the distributed account book and encrypting the encryption secret key by using the public key of the distributed account book;
the association module is used for associating the public key, the encryption secret key and the encryption information of the distributed account book to generate association information;
and the query interface generating module is used for generating a query interface according to the associated information, wherein the query interface is used for querying the protocol data.
Further, the decryption module 904 specifically includes:
the system comprises a query request receiving unit, a query terminal and a query interface, wherein the query request receiving unit is used for receiving a query request of the query terminal through the query interface, the query request at least carries a private key of a distributed account book and a target enterprise data identifier, and the target enterprise data identifier is identifier information used for querying a storage position of encrypted information in the distributed account book;
the position query unit is used for determining the position of the encrypted information in the distributed account book according to the target enterprise data identifier;
the first decryption unit is used for decrypting the public key of the distributed account book by using the private key of the distributed account book to obtain a decryption secret key;
and the second decryption unit is used for decrypting the encrypted information by using the decryption key to obtain protocol data and transmitting the protocol data to the inquiry terminal.
The application discloses a method, a device, equipment and a storage medium for protocol data sharing, wherein the device comprises: a receiving module 901, configured to receive protocol data uploaded by the information uploading terminal, and generate an encrypted identifier according to the protocol data; the encryption module 902 is configured to obtain an encryption key of the protocol data according to the encryption identifier, and encrypt the protocol data using the encryption key to obtain encrypted information; the storage module 903 is configured to determine a branch chain corresponding to the encrypted information according to the enterprise data encryption identifier, and store the encrypted information into the branch chain, where the branch chain is an independent storage space in the distributed account book; the decryption module 904 is configured to receive the query request of the query terminal, obtain a decryption key according to the query request, decrypt the encrypted information using the decryption key to obtain protocol data, and transmit the protocol data to the query terminal. The protocol data are encrypted by the encryption key to generate encryption information, the encryption information is stored on the appointed branch chain in the distributed account book according to the encryption identifier, the protocol data are shared, the timeliness of protocol data sharing is improved, the structure of the protocol data sharing system is simpler, the protocol data sharing system is more convenient to maintain, meanwhile, the encryption information is stored on the appointed branch chain in the distributed account book, when the encryption information on a certain branch chain is updated, other synchronous updating is not needed, the system storage space is effectively saved, encryption operation is performed before the protocol data are stored in the distributed account book, the protocol data are allowed to be inquired after decryption is successful, and the safety of protocol data sharing is improved.
In order to solve the technical problem, an embodiment of the present application further provides a computer device. Referring to fig. 10, fig. 10 is a block diagram of a basic structure of a computer device according to the present embodiment.
The computer device 6 comprises a memory 61, a processor 62, a network interface 63 communicatively connected to each other via a system bus. It is noted that only a computer device 6 having components 61-63 is shown, but it is understood that not all of the shown components are required to be implemented, and that more or fewer components may be implemented instead. As will be understood by those skilled in the art, the computer device is a device capable of automatically performing numerical calculation and/or information processing according to instructions set or stored in advance, and the hardware includes, but is not limited to, a microprocessor, an application specific Integrated Circuit (asic), a Programmable Gate Array (FPGA), a Digital Signal Processor (DSP), an embedded device, and the like.
The computer device can be a desktop computer, a notebook, a palm computer, a cloud server and other computing devices. The computer equipment can carry out man-machine interaction with a user through a keyboard, a mouse, a remote controller, a touch panel or voice control equipment and the like.
The memory 61 includes at least one type of readable storage medium including a flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, etc. In some embodiments, the memory 61 may be an internal storage unit of the computer device 6, such as a hard disk or a memory of the computer device 6. In other embodiments, the memory 61 may also be an external storage device of the computer device 6, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a flash Card (FlashCard), and the like, which are provided on the computer device 6. Of course, the memory 61 may also comprise both an internal storage unit of the computer device 6 and an external storage device thereof. In this embodiment, the memory 61 is generally used for storing an operating system installed in the computer device 6 and various types of application software, such as program codes of a protocol data sharing method. Further, the memory 61 may also be used to temporarily store various types of data that have been output or are to be output.
The processor 62 may be a Central Processing Unit (CPU), controller, microcontroller, microprocessor, or other data Processing chip in some embodiments. The processor 62 is typically used to control the overall operation of the computer device 6. In this embodiment, the processor 62 is configured to execute the program code stored in the memory 61 or process data, for example, execute the program code of the protocol data sharing method.
The network interface 63 may comprise a wireless network interface or a wired network interface, and the network interface 63 is typically used for establishing a communication connection between the computer device 6 and other electronic devices.
The present application further provides another embodiment, which is a non-transitory computer-readable storage medium storing a program of a method for protocol data sharing, where the program of the method for protocol data sharing is executable by at least one processor to cause the at least one processor to perform the steps of the method for protocol data sharing as described above.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present application.
It is to be understood that the above-described embodiments are merely illustrative of some, but not restrictive, of the broad invention, and that the appended drawings illustrate preferred embodiments of the invention and do not limit the scope of the invention. This application is capable of embodiments in many different forms and is provided for the purpose of enabling a thorough understanding of the disclosure of the application. Although the present application has been described in detail with reference to the foregoing embodiments, it will be apparent to one skilled in the art that the present application may be practiced without modification or with equivalents of some of the features described in the foregoing embodiments. All equivalent structures made by using the contents of the specification and the drawings of the present application are directly or indirectly applied to other related technical fields and are within the protection scope of the present application.

Claims (10)

1. A method for protocol data sharing, comprising:
receiving protocol data uploaded by an information uploading terminal, and generating an encryption identifier according to the protocol data;
acquiring an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data by using the encryption key to obtain encryption information;
determining a branch chain corresponding to the encrypted information according to the encrypted identifier, and storing the encrypted information into the branch chain, wherein the branch chain is an independent storage space in a distributed account book;
receiving an inquiry request of an inquiry terminal, acquiring a decryption key according to the inquiry request, decrypting the encrypted information by using the decryption key to obtain the protocol data, and transmitting the protocol data to the inquiry terminal.
2. The method for sharing protocol data according to claim 1, wherein the receiving the protocol data uploaded by the information uploading terminal and generating the encrypted identifier according to the protocol data specifically includes:
analyzing the protocol data to acquire field information in the protocol data;
detecting the content of all the field information, and classifying all the field information to obtain enterprise data and protocol object data;
and generating an encryption identifier according to the enterprise data and the protocol object data, wherein the encryption identifier comprises an enterprise data encryption identifier and a protocol object data encryption identifier.
3. The method for protocol data sharing according to claim 2, wherein the obtaining an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data using the encryption key to obtain the encryption information specifically includes:
acquiring an enterprise data encryption key of the protocol data according to the enterprise data encryption identifier;
acquiring a protocol object data encryption key of the protocol data according to the protocol object data encryption identifier;
and encrypting the protocol data by using the enterprise data encryption key and the protocol object data encryption key respectively to obtain encryption information, wherein the enterprise data encryption key is used for encrypting the enterprise data, and the protocol object data encryption key is used for encrypting the protocol object data.
4. The protocol data sharing method according to claim 2, wherein the determining the branch chain corresponding to the encryption information according to the enterprise data encryption identifier and storing the encryption information in the branch chain specifically includes:
determining the distributed account book sub-chain corresponding to the encrypted information according to the enterprise data encryption identifier;
storing the encryption information into nodes of the distributed ledger sublink through a peer-to-peer network;
the encryption information is identified through the nodes of the distributed account book branch chain;
when the nodes of the distributed account book sub-link pass the consensus of the encrypted information within preset time, obtaining an encrypted information set;
and verifying the encrypted information set by using the node of the distributed ledger branch chain, and storing the encrypted information set into the distributed ledger branch chain when the verification is passed.
5. The method for protocol data sharing according to claim 2, wherein before the receiving of the query request from the query terminal, obtaining the decryption key according to the query request, decrypting the encrypted information using the decryption key to obtain the protocol data, and transmitting the protocol data to the query terminal, the method further comprises:
acquiring a white list of the encrypted information, wherein a query terminal for querying the protocol data is recorded on the white list;
acquiring the queryable field information of the query terminal according to a preset query terminal authority table;
acquiring a decryption key corresponding to the queryable field information according to the queryable field information of the query terminal;
and distributing the decryption key corresponding to the queryable field information to the corresponding querying terminal.
6. The method for sharing protocol data according to any one of claims 1 to 5, wherein after the obtaining an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data according to the encryption key to obtain encrypted information, the method further comprises:
acquiring a public key of the distributed account book, and encrypting the encryption secret key by using the public key of the distributed account book;
associating the public key of the distributed account book, the encryption secret key and the encryption information to generate associated information;
and generating a query interface according to the associated information, wherein the query interface is used for querying the protocol data.
7. The method for sharing protocol data according to claim 6, wherein the receiving an inquiry request from an inquiry terminal, obtaining a decryption key according to the inquiry request, decrypting the encrypted information using the decryption key to obtain the protocol data, and transmitting the protocol data to the inquiry terminal specifically includes:
receiving a query request of the query terminal through the query interface, wherein the query request at least carries a private key of the distributed account book and a target enterprise data identifier, and the target enterprise data identifier is used for querying identifier information of a storage position of the encrypted information in the distributed account book;
determining the position of the encrypted information in the distributed account book according to the target enterprise data identifier;
decrypting the public key of the distributed account book by using the private key of the distributed account book to obtain a decryption secret key;
and decrypting the encrypted information by using the decryption key to obtain protocol data, and transmitting the protocol data to the inquiry terminal.
8. An apparatus for protocol data sharing, comprising:
the receiving module is used for receiving the protocol data uploaded by the information uploading terminal and generating an encryption identifier according to the protocol data;
the encryption module is used for acquiring an encryption key of the protocol data according to the encryption identifier, and encrypting the protocol data by using the encryption key to obtain encryption information;
the storage module is used for determining a branch chain corresponding to the encrypted information according to the enterprise data encryption identifier and storing the encrypted information into the branch chain, wherein the branch chain is an independent storage space in a distributed account book;
and the decryption module is used for receiving an inquiry request of the inquiry terminal, acquiring a decryption key according to the inquiry request, decrypting the encrypted information by using the decryption key to obtain the protocol data, and transmitting the protocol data to the inquiry terminal.
9. A computer device comprising a memory having computer readable instructions stored therein and a processor which when executed implements the steps of the method of protocol data sharing of any one of claims 1 to 7.
10. A non-transitory computer readable storage medium having computer readable instructions stored thereon, which when executed by a processor, implement the steps of the method for protocol data sharing according to any one of claims 1 to 7.
CN202010155300.2A 2020-03-06 2020-03-06 Method, device, equipment and storage medium for sharing protocol data Active CN111464500B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010155300.2A CN111464500B (en) 2020-03-06 2020-03-06 Method, device, equipment and storage medium for sharing protocol data
PCT/CN2020/105755 WO2021174758A1 (en) 2020-03-06 2020-07-30 Protocol data sharing method and apparatus, device, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010155300.2A CN111464500B (en) 2020-03-06 2020-03-06 Method, device, equipment and storage medium for sharing protocol data

Publications (2)

Publication Number Publication Date
CN111464500A true CN111464500A (en) 2020-07-28
CN111464500B CN111464500B (en) 2023-03-17

Family

ID=71682697

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010155300.2A Active CN111464500B (en) 2020-03-06 2020-03-06 Method, device, equipment and storage medium for sharing protocol data

Country Status (2)

Country Link
CN (1) CN111464500B (en)
WO (1) WO2021174758A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111901355A (en) * 2020-08-04 2020-11-06 北京天融信网络安全技术有限公司 Authentication method and device
CN112231404A (en) * 2020-10-15 2021-01-15 深圳壹账通智能科技有限公司 Block chain-based data sharing method, computer device and storage medium
CN112261112A (en) * 2020-10-16 2021-01-22 华人运通(上海)云计算科技有限公司 Information sharing method, device and system, electronic equipment and storage medium
CN112910834A (en) * 2020-12-08 2021-06-04 北京众享比特科技有限公司 Data sharing method, device, system, equipment and medium
WO2021174758A1 (en) * 2020-03-06 2021-09-10 深圳壹账通智能科技有限公司 Protocol data sharing method and apparatus, device, and storage medium
CN115242549A (en) * 2022-09-21 2022-10-25 佛山市元亨利贞信息科技有限公司 Data security sharing method, device, equipment and medium based on open protocol

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114531230B (en) * 2021-12-31 2024-01-23 华能信息技术有限公司 Data leakage prevention system and method based on industrial Internet
CN114638697B (en) * 2022-05-18 2022-11-15 浙江数秦科技有限公司 Small loan management system based on block chain
CN114978664A (en) * 2022-05-18 2022-08-30 中银金融科技有限公司 Data sharing method and device and electronic equipment
CN116450593B (en) * 2023-06-16 2023-09-01 杭州知享信息科技有限公司 Multi-department collaborative office data sharing method, system and storage medium

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106991334A (en) * 2016-11-24 2017-07-28 阿里巴巴集团控股有限公司 A kind of method, system and device of data access
CN107180350A (en) * 2017-03-31 2017-09-19 唐晓领 A kind of method of the multi-party shared transaction metadata based on block chain, apparatus and system
WO2018013898A1 (en) * 2016-07-14 2018-01-18 Diebold Nixdorf Incorporated Using a distributed ledger for tracking debt data
CN109388960A (en) * 2018-10-24 2019-02-26 全链通有限公司 Information sharing and multi-party computations model based on block chain
US20190074968A1 (en) * 2017-09-06 2019-03-07 Alibaba Group Holding Limited Method, apparatus and system for data encryption and decryption
CN109472568A (en) * 2018-10-23 2019-03-15 顺丰科技有限公司 A kind of block chain method of commerce, device, management system, equipment and storage medium
CN109583215A (en) * 2018-09-28 2019-04-05 阿里巴巴集团控股有限公司 It is a kind of to handle the method and device of collage-credit data, block chain data-sharing systems
CN110163004A (en) * 2018-02-14 2019-08-23 华为技术有限公司 A kind of method, relevant device and system that block chain generates
CN110378755A (en) * 2019-06-21 2019-10-25 深圳壹账通智能科技有限公司 Electronic invoice generation method, device, computer equipment and storage medium
CN110391906A (en) * 2019-07-25 2019-10-29 深圳壹账通智能科技有限公司 Data processing method, electronic device and readable storage medium storing program for executing based on block chain
US20190356674A1 (en) * 2018-05-17 2019-11-21 International Business Machines Corporation Post-commit validation in a distributed ledger
CN110580414A (en) * 2019-11-08 2019-12-17 支付宝(杭州)信息技术有限公司 private data query method and device based on block chain account
CN110766548A (en) * 2018-07-25 2020-02-07 易见天树科技(北京)有限公司 Block chain based information processing method and device, storage medium and electronic equipment

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108900533B (en) * 2018-08-01 2021-04-20 南京荣链科技有限公司 Shared data privacy protection method, system, terminal and medium
CN110061840B (en) * 2019-03-12 2022-10-28 平安科技(深圳)有限公司 Data encryption method and device, computer equipment and storage medium
CN111464500B (en) * 2020-03-06 2023-03-17 深圳壹账通智能科技有限公司 Method, device, equipment and storage medium for sharing protocol data

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018013898A1 (en) * 2016-07-14 2018-01-18 Diebold Nixdorf Incorporated Using a distributed ledger for tracking debt data
CN106991334A (en) * 2016-11-24 2017-07-28 阿里巴巴集团控股有限公司 A kind of method, system and device of data access
CN107180350A (en) * 2017-03-31 2017-09-19 唐晓领 A kind of method of the multi-party shared transaction metadata based on block chain, apparatus and system
US20190074968A1 (en) * 2017-09-06 2019-03-07 Alibaba Group Holding Limited Method, apparatus and system for data encryption and decryption
CN110163004A (en) * 2018-02-14 2019-08-23 华为技术有限公司 A kind of method, relevant device and system that block chain generates
US20190356674A1 (en) * 2018-05-17 2019-11-21 International Business Machines Corporation Post-commit validation in a distributed ledger
CN110766548A (en) * 2018-07-25 2020-02-07 易见天树科技(北京)有限公司 Block chain based information processing method and device, storage medium and electronic equipment
CN109583215A (en) * 2018-09-28 2019-04-05 阿里巴巴集团控股有限公司 It is a kind of to handle the method and device of collage-credit data, block chain data-sharing systems
CN109472568A (en) * 2018-10-23 2019-03-15 顺丰科技有限公司 A kind of block chain method of commerce, device, management system, equipment and storage medium
CN109388960A (en) * 2018-10-24 2019-02-26 全链通有限公司 Information sharing and multi-party computations model based on block chain
CN110378755A (en) * 2019-06-21 2019-10-25 深圳壹账通智能科技有限公司 Electronic invoice generation method, device, computer equipment and storage medium
CN110391906A (en) * 2019-07-25 2019-10-29 深圳壹账通智能科技有限公司 Data processing method, electronic device and readable storage medium storing program for executing based on block chain
CN110580414A (en) * 2019-11-08 2019-12-17 支付宝(杭州)信息技术有限公司 private data query method and device based on block chain account

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021174758A1 (en) * 2020-03-06 2021-09-10 深圳壹账通智能科技有限公司 Protocol data sharing method and apparatus, device, and storage medium
CN111901355A (en) * 2020-08-04 2020-11-06 北京天融信网络安全技术有限公司 Authentication method and device
CN111901355B (en) * 2020-08-04 2022-09-16 北京天融信网络安全技术有限公司 Authentication method and device
CN112231404A (en) * 2020-10-15 2021-01-15 深圳壹账通智能科技有限公司 Block chain-based data sharing method, computer device and storage medium
CN112261112A (en) * 2020-10-16 2021-01-22 华人运通(上海)云计算科技有限公司 Information sharing method, device and system, electronic equipment and storage medium
CN112261112B (en) * 2020-10-16 2023-04-18 华人运通(上海)云计算科技有限公司 Information sharing method, device and system, electronic equipment and storage medium
CN112910834A (en) * 2020-12-08 2021-06-04 北京众享比特科技有限公司 Data sharing method, device, system, equipment and medium
CN115242549A (en) * 2022-09-21 2022-10-25 佛山市元亨利贞信息科技有限公司 Data security sharing method, device, equipment and medium based on open protocol

Also Published As

Publication number Publication date
CN111464500B (en) 2023-03-17
WO2021174758A1 (en) 2021-09-10

Similar Documents

Publication Publication Date Title
CN111464500B (en) Method, device, equipment and storage medium for sharing protocol data
WO2022252632A1 (en) Data encryption processing method and apparatus, computer device, and storage medium
US9088538B2 (en) Secure network storage
CN111797415A (en) Block chain based data sharing method, electronic device and storage medium
CN112581126A (en) Block chain-based platform data management method and device and storage medium
US20140052989A1 (en) Secure data exchange using messaging service
US9219714B2 (en) ID-based encryption and signature method and terminal
US10230697B2 (en) User terminals, and methods and computer-readable recording mediums storing computer programs for transmitting and receiving messages
US20220094556A1 (en) Method and system for creating and storing digital certificates from online meetings using blockchains
EP3537684A1 (en) Apparatus, method, and program for managing data
CN112532646B (en) Data sharing method, system, device, equipment and storage medium
CN112070516A (en) Product tracing method and device and block chain system
JP5140026B2 (en) Database processing method, database processing program, and encryption apparatus
EP2942899B1 (en) Information processing method, trust server and cloud server
EP3465976A1 (en) Secure messaging
CN113434906A (en) Data query method and device, computer equipment and storage medium
CN111464295B (en) Bank card making method and device
KR20160040399A (en) Personal Information Management System and Personal Information Management Method
CN112529402A (en) Task delegation method, system, device, equipment and storage medium
US20220309178A1 (en) Private searchable database
AlQallaf Blockchain-based digital identity management scheme for field connected IoT devices
CN113535852A (en) File processing method, file access method, device and system based on block chain
CN113328860A (en) Block chain-based user privacy data security providing method
KR101216990B1 (en) A social network service system to protect the privacy of the written by updating keys and the method thereof
JP2020053054A (en) Digital qualification information invalidation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant