CN112487480A - Block chain tracing method and device for protecting data privacy and readable storage medium - Google Patents

Block chain tracing method and device for protecting data privacy and readable storage medium Download PDF

Info

Publication number
CN112487480A
CN112487480A CN202011441561.7A CN202011441561A CN112487480A CN 112487480 A CN112487480 A CN 112487480A CN 202011441561 A CN202011441561 A CN 202011441561A CN 112487480 A CN112487480 A CN 112487480A
Authority
CN
China
Prior art keywords
data
certificate
evidence
query request
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011441561.7A
Other languages
Chinese (zh)
Inventor
刘辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Daokuai Information Technology Co Ltd
Shanghai Dianrong Information Technology Co ltd
Original Assignee
Shanghai Daokuai Information Technology Co Ltd
Shanghai Dianrong Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Daokuai Information Technology Co Ltd, Shanghai Dianrong Information Technology Co ltd filed Critical Shanghai Daokuai Information Technology Co Ltd
Priority to CN202011441561.7A priority Critical patent/CN112487480A/en
Publication of CN112487480A publication Critical patent/CN112487480A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Data Mining & Analysis (AREA)
  • Medical Informatics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

Disclosed herein are a method, apparatus, and computer-readable storage medium for blockchain anti-counterfeiting tracing for protecting data privacy, the method comprising: generating data evidence information related to a traceability code by using a data evidence intelligent contract based on the traceability code of a product and a circulation action aiming at the product, wherein the data evidence information comprises a data evidence ID and data evidence content, and the data evidence ID corresponds to the traceability code; storing the data evidence information in a private account book corresponding to the data evidence intelligent contract; generating evidence deposit catalog information related to the data evidence deposit information by using an evidence deposit catalog intelligent contract based on the source tracing code, the data evidence deposit ID and the identification of the data evidence deposit intelligent contract; and saving the evidence-storing directory information in a global account book. The method disclosed by the invention can realize effective privacy protection of the tracking data of the product in the whole life cycle links in a grading manner.

Description

Block chain tracing method and device for protecting data privacy and readable storage medium
Technical Field
The present disclosure belongs to the field of block chain technology, and in particular, to a block chain anti-counterfeiting tracing method for protecting data privacy, a block chain anti-counterfeiting tracing apparatus for protecting data privacy, and a computer-readable storage medium for block chain anti-counterfeiting tracing for protecting data privacy.
Background
The Block Chain (Block Chain) technology is a technology based on a decentralized peer-to-peer network, and combines a cryptography principle with a recognition mechanism to ensure data consistency and persistence of distributed nodes, so that the purposes of instant information verification, traceability, difficult tampering and incapability of shielding are achieved, and a set of private, efficient and safe shared value system is created.
Blockchains are typically classified into public, federation, and private chains according to access rights. The public chain refers to a blockchain which can be accessed by anyone according to a protocol and participates in consensus; a federation chain refers to a block chain whose consensus process is controlled by a preselected node; private chain refers to a chain of blocks where all rights are in one organization and are arbitrarily controlled by that organization.
The block chain anti-counterfeiting tracing is a comprehensive system solution scheme for realizing tracking record and commodity anti-counterfeiting of production, processing, transportation, circulation, retail and other full life cycle links of commodities such as agricultural products, industrial products and the like by combining various technologies such as a block chain, an anti-counterfeiting label, an internet of things and the like. It is achieved by the wide cooperative participation of downstream parties in the industry chain. Generally, a traceability code (which can be in the form of a two-dimensional code, an RFID code or the like) is used as a unique identification of a commodity, and each participant in the whole process of the commodity binds various information generated in the process with the traceability code of the commodity, and stores the evidence on a block chain. Each circulation link and the consumer can identify the traceability codes through mobile equipment (for example, a mobile phone) or scanning guns and other equipment, so that the traceability information of the commodities is acquired on the block chain according to the traceability codes.
However, in the existing block chain anti-counterfeiting traceability technology, the evidence storage information of each link of product circulation is stored in a block chain, but an effective data privacy protection mechanism is lacked, which means that the traceability information of the product is completely disclosed, thereby possibly bringing about a serious data privacy leakage problem.
Disclosure of Invention
Embodiments of the present disclosure provide a method, an apparatus, and a computer-readable storage medium for blocking chain anti-counterfeiting tracing for protecting data privacy, which can effectively protect the privacy of tracing information while the tracing information of a product is stored in a blocking chain.
To this end, a first aspect of the present disclosure proposes a method for blockchain anti-counterfeiting tracing for protecting data privacy, the method comprising:
generating data evidence information related to a traceability code by using a data evidence intelligent contract based on the traceability code of a product and a circulation action aiming at the product, wherein the data evidence information comprises a data evidence ID and data evidence content, and the data evidence ID corresponds to the traceability code;
storing the data evidence information in a private account book corresponding to the data evidence intelligent contract;
generating evidence deposit catalog information related to the data evidence deposit information by using an evidence deposit catalog intelligent contract based on the source tracing code, the data evidence deposit ID and the identification of the data evidence deposit intelligent contract; and
and storing the evidence storage directory information in a global account book.
In addition, a second aspect of the present disclosure proposes a method for anti-fake tracing of a blockchain for protecting data privacy, the method comprising:
receiving a first query request, wherein the first query request at least comprises a traceability code of a product;
validating the first query request;
under the condition that the verification is passed, returning at least one piece of evidence-storing directory information from the global account book by using an evidence-storing directory intelligent contract, wherein the evidence-storing directory information comprises a data evidence-storing ID corresponding to the tracing code and an identifier of the corresponding data evidence-storing intelligent contract;
receiving at least one second query request, wherein the second query request comprises the data LC ID and an identification of the data LC smart contract;
validating the second query request;
and if the verification is passed, returning data evidence information related to the tracing source code from a private ledger corresponding to the data evidence intelligent contract by using the data evidence intelligent contract, wherein the data evidence information comprises the circulation action content.
Furthermore, a third aspect of the present disclosure proposes an apparatus for blockchain anti-counterfeiting tracing for protecting data privacy, the apparatus comprising:
a processor; and
a memory for storing instructions that, when executed, cause the processor to:
generating data evidence information related to a traceability code by using a data evidence intelligent contract based on the traceability code of a product and a circulation action aiming at the product, wherein the data evidence information comprises a data evidence ID and data evidence content, and the data evidence ID corresponds to the traceability code;
storing the data evidence information in a private account book corresponding to the data evidence intelligent contract;
generating evidence deposit catalog information related to the data evidence deposit information by using an evidence deposit catalog intelligent contract based on the source tracing code, the data evidence deposit ID and the identification of the data evidence deposit intelligent contract; and
and storing the evidence storage directory information in a global account book.
Also, a fourth aspect of the present disclosure proposes an apparatus for blockchain anti-counterfeiting tracing for protecting data privacy, the apparatus comprising:
a processor; and
a memory for storing instructions that, when executed, cause the processor to:
receiving a first query request, wherein the first query request at least comprises a traceability code of a product;
validating the first query request;
under the condition that the verification is passed, returning at least one piece of evidence-storing directory information from the global account book by using an evidence-storing directory intelligent contract, wherein the evidence-storing directory information comprises a data evidence-storing ID corresponding to the tracing code and an identifier of the corresponding data evidence-storing intelligent contract;
receiving at least one second query request, wherein the second query request comprises the data LC ID and an identification of the data LC smart contract;
validating the second query request;
and if the verification is passed, returning data evidence information related to the tracing source code from a private ledger corresponding to the data evidence intelligent contract by using the data evidence intelligent contract, wherein the data evidence information comprises the circulation action content.
Finally, a fifth aspect of the present disclosure proposes a computer-readable storage medium having stored thereon computer-readable program instructions for executing the method for block chain anti-fake tracing for protecting data privacy according to the first and second aspects of the present disclosure.
According to the block chain anti-counterfeiting tracing method, equipment and the corresponding computer readable storage medium for protecting data privacy, a further solution can be provided under the principle that the anti-counterfeiting tracing information of the product is invisible outside the product flowing path, so that two other levels of protection can be further realized: (1) the upstream and downstream flow conversion links in the flow path are completely disclosed; (2) flow through the downstream versus upstream in the path is not disclosed.
Drawings
The features, advantages and other aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description in conjunction with the accompanying drawings, in which several embodiments of the present disclosure are shown by way of illustration and not limitation, wherein:
fig. 1 is a schematic diagram of a network structure of a blockchain according to the present disclosure;
FIG. 2 is a product flow diagram in accordance with the present disclosure;
FIG. 3 is an exemplary flow chart of a first embodiment of a method for blockchain anti-counterfeiting tracing for protecting data privacy in accordance with the present disclosure;
FIG. 4 is a schematic diagram illustrating an application of a first embodiment of a blockchain anti-fake tracing method for protecting data privacy according to the present disclosure;
fig. 5 is an exemplary flowchart of a second embodiment, a third embodiment of a blockchain anti-counterfeiting traceability method for protecting data privacy according to the present disclosure;
fig. 6 is a schematic application diagram of a second embodiment and a third embodiment of a block chain anti-fake tracing method for protecting data privacy according to the present disclosure;
FIG. 7 is a partial flow diagram of a third embodiment of a blockchain anti-counterfeiting traceability method for protecting data privacy in accordance with the present disclosure; and
fig. 8 is a schematic diagram of a blockchain anti-counterfeiting tracing apparatus for protecting data privacy according to the present disclosure.
Detailed Description
Various exemplary embodiments of the present disclosure are described in detail below with reference to the accompanying drawings. The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of methods and systems according to various embodiments of the present disclosure. It should be noted that each block in the flowchart or block diagrams may represent a module, a segment, or a portion of code, which may comprise one or more executable instructions for implementing the logical function specified in the respective embodiment. It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
As used herein, the terms "include," "include," and similar terms are to be construed as open-ended terms, i.e., "including/including but not limited to," meaning that additional content can be included as well. The term "based on" is "based, at least in part, on". The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment," and so on.
Techniques, methods, and apparatus known to those of ordinary skill in the relevant art may not be discussed in detail but are intended to be part of the specification where appropriate. For the connection between the units in the drawings, for convenience of description only, it means that at least the units at both ends of the connection are in communication with each other, and is not intended to limit the inability of communication between the units that are not connected.
Embodiments of the present disclosure are primarily concerned with the following technical issues: how to realize effective privacy protection of traceability information under the condition that the traceability information of a product is stored on a block chain.
In order to solve the technical problem, the disclosed method for anti-fake tracing of the block chain for protecting data privacy comprises the following steps: firstly, based on the source tracing code of the product and the circulation action aiming at the product, generating data evidence information related to the source tracing code by using a data evidence intelligent contract; secondly, storing the data deposit evidence information in a private account book corresponding to the data deposit evidence intelligent contract; thirdly, based on the source tracing code, the data deposit certificate ID and the identification of the data deposit certificate intelligent contract, using the deposit certificate catalog intelligent contract to generate deposit certificate catalog information related to the data deposit certificate information; and finally, storing the evidence storage directory information in a global account book. Therefore, the method and the device realize that other links outside the flowing path of the product cannot acquire any traceability information of the product.
Fig. 1 shows a schematic diagram of a network structure 100 of a blockchain according to the present disclosure. As can be seen from fig. 1, the network structure 100 of the blockchain comprises blockchain link points 111, 112, 113, 114, 115, 116. Data may be synchronized between block chain nodes 111 and 116 via a network, which may be any wired and/or wireless network.
Fig. 2 discloses an exemplary application scenario of the technical solution protected by the present disclosure. In this embodiment, the upstream circulation links of products 1 to 4 are circulation link a, circulation link B, and circulation link C, respectively, then product 1 finally flows to the consumer via the downstream circulation links (circulation link D1, circulation link E1), product 2 finally flows to the consumer via circulation link D1 and circulation link E2, product 3 finally flows to the consumer via circulation link D2 and circulation link E3, and product 4 finally flows to the consumer via circulation link D2 and circulation link E4. Thus, for example, the flow path of product 1 includes flow link a, flow link B, flow link C, flow link D1, and flow link E1, and the flow path of product 3 includes flow link a, flow link B, flow link C, flow link D2, and flow link E3.
For example, for the flow path of the product 1, the final implementation effect of the technical solution protected herein is to selectively implement two levels of protection of traceability information on the premise of ensuring that links (e.g., the circulation link D2, the circulation link E2, the circulation link E3, and the circulation link E4) outside the flow path are not visible: (1) the traceability information of the product 1 is completely disclosed for the upstream and downstream flow-through links in the flow path; (2) the traceability information about the product 1 is not disclosed to the upstream flow link in the downstream flow link in the flow path.
Example 1
As shown in fig. 3 and fig. 4, the method for anti-counterfeiting traceability of a block chain for protecting data privacy disclosed in this embodiment can store the contents of the circulation action of each circulation link in the flow path on the product in the block chain, so as to make the traceability information of the product invisible for the circulation links outside the flow path. The blockchain applied in the present embodiment may employ a federate-chain type blockchain. The method comprises the following specific steps:
step 310: generating (e.g., recording, saving) data evidence information related to the traceability code by using a data evidence intelligent contract based on the traceability code of the product and the circulation action for the product, wherein the data evidence information comprises a data evidence ID and data evidence content, and the data evidence ID corresponds to the traceability code;
the circulation action for the product comprises: one or more of customs declaration, logistics, ex-warehouse and warehousing.
As shown in fig. 4, for the flow path of the product 1 in fig. 2, the circulation link C and the circulation link D1 are circulation links that respectively perform circulation actions on the product 1. For example, the circulation link C generates data evidence information M1 related to the traceability code using the data evidence intelligence contract C1 of the circulation link C based on the traceability code X of the product 1 and the circulation action for the product 1.
Step 320: storing the data evidence storage information in a private account book corresponding to the data evidence storage intelligent contract; the data evidence storage information is stored in the private ledger by adopting a key-value (key-value) format.
A key (key) in the data evidence information is a hash value of the data evidence ID; a value (value) in the data certification information is data certification contents, which are information related to the circulation action.
For example, the data deposit information M1 on the traceability code of the product 1 generated by the data deposit intelligence contract C1 is stored in the private ledger of the circulation link C in a key-value format. Specifically, the data certification information M1 includes: a data certificate ID1 corresponding to the traceability code X and data certificate content (operation of the product 1 at the logistics link C (e.g., one or more of customs clearance, logistics, ex-warehouse, and warehousing)); the key in the data certificate information M1 is the hash value of the data certificate ID1, and the value is the corresponding data certificate content.
Step 330: the credential directory intelligence contract is used to generate (e.g., record, save) credential directory information related to the data credential information based on the traceback code, the data credential ID, and the identification of the data credential intelligence contract.
For example, the circulation link C records and stores the evidence catalog information N1 corresponding to the data evidence information M1 by using the evidence catalog smart contract based on the source code X, the data evidence ID1, and the identification of the data evidence smart contract C1.
Step 340: and storing the evidence storage directory information in a global account book. And storing the evidence storing directory information in a global account book in a key-value pair format.
Keys in the evidence storing directory information comprise hash values of the source tracing codes and hash values of the data evidence storing IDs; the value in the evidence-storing directory information is the directory information encrypted by the tracing code, and the directory information comprises the plaintext of the data evidence ID and the identification of the data evidence-storing intelligent contract.
For example, the circulation link C uses the deposit book smart contract to store the generated deposit book information N1 in the global ledger. Specifically, the deposit receipt directory information N1 is stored in the global ledger of the blockchain in a key-value format. Specifically, the certificate directory information N1 includes: the source tracing code X, the data evidence ID1 and the identification of the data evidence intelligent contract C1; the key in the certificate catalog information N1 is a hash value of the traceable code X and a hash value of the data certificate ID1, and the value is an encryption of the identifier of the data certificate intelligence contract C1 and the plaintext of the data certificate ID 1. In this embodiment, the identity of the data certificate smart contract C1 and the plaintext of the data certificate ID1 are encrypted using a symmetric key generated by the traceable code X.
For another circulation link D1 of product 1, in generating the relevant circulation action, this circulation link D1 generates (e.g., records, saves) and stores the relevant data storage information M2 using the data storage smart contract D1 of the circulation link D1, and then generates (e.g., records, saves) and stores the presence directory information N2 corresponding to this data storage information M2 using the presence directory smart contract.
According to the embodiment, all the traceability information of any product can be stored in the block chain based on the traceability codes, but different circulation links can only decrypt circulation action contents generated related to the product by using the traceability codes of the products flowing through the different circulation links, so that other circulation links which do not participate in the flow path of the product cannot acquire the traceability information of the product.
Example 2
As shown in fig. 5 and fig. 6, the method for anti-counterfeiting traceability of a block chain for protecting data privacy disclosed in this embodiment can realize that traceability information of a product is disclosed to only a circulation link in a flow path on the premise that circulation action content of the product in each circulation link in the flow path is stored in the block chain. The method comprises the following specific steps:
step 510: a first query request is received, wherein the first query request at least comprises a traceability code of a product.
As shown in fig. 6, in view of the method for saving the traceability information of the product implemented in embodiment 1, the consumer associated with the product 1, a plurality of circulation links (e.g., circulation link a, circulation link D1, etc.) can obtain the traceability information of the product 1 based on the traceability code X thereof. Specifically, a consumer, a circulation link a, a circulation link D1, and the like generate a first query request based on the source tracing code X, the consumer sends the first query request to the consumer certificate storage query service interface, the circulation link a sends the first query request to the certificate storage query interface a, and the circulation link D1 sends the first query request to the certificate storage query interface D1.
Step 520: validating the first query request; the method specifically comprises the following steps:
step 521: and signing the first query request by adopting a private key, so that the signed first query request comprises a traceability code and a certificate corresponding to the private key, wherein when the inquirer is a consumer, the private key is the private key of the consumer, and when the inquirer is any circulation link except the consumer, the private key is the private key of the circulation link.
For example, when the querying party is a consumer, the consumer certificate storing and querying service interface signs the first query request by using a consumer private key, so that the signed first query request includes the traceability code X and a certificate corresponding to the consumer private key.
When the inquiring party is the circulation link A, the certificate storing and inquiring interface A signs the first inquiring request by adopting the private key of the circulation link A, so that the signed first inquiring request comprises the traceability code X and the certificate corresponding to the private key of the circulation link A.
Step 522: the signed first query request is verified based on the certificate using the certificate store directory intelligence contract.
For example, where the querying party is a consumer, the consumer credentialing query service interface verifies the signed first query request based on a certificate corresponding to the consumer private key using the credentialing directory intelligence contract. And when the inquiring party is the circulation link A, the evidence storage inquiring interface A uses the evidence storage directory intelligent contract to verify the signed first inquiring request based on the certificate corresponding to the private key of the circulation link A.
Step 523: in the event that the verification passes, a certificate directory intelligence contract is used to determine whether the certificate exists on a first white list, wherein the first white list includes certificates for consumers or circulation segments that are allowed to obtain the certificate directory information.
For example, the first white list is stored in the global ledger of the block chain by a deposit certificate directory intelligent contract, and the first white list is continuously updated along with the adjustment change of the product circulation link.
Step 524: upon determining that the certificate exists in the whitelist, it is determined that the authentication passed.
Step 530: under the condition that the verification is passed, returning at least one piece of evidence-storing directory information from the global account book by using an evidence-storing directory intelligent contract, wherein the evidence-storing directory information comprises a data evidence-storing ID corresponding to the tracing code and an identifier of the corresponding data evidence-storing intelligent contract; the method specifically comprises the following steps:
step 531: and searching at least one piece of evidence storage directory information associated with the tracing code in the global account book by using the evidence storage directory intelligent contract, wherein the identification of the data evidence storage intelligent contract is stored in the evidence storage directory information in an encrypted manner.
For example, when the inquiring party is a consumer, the consumer credentialing inquiry service interface uses the credentialing directory intelligence binding to look up all of the credentialing directory information associated with the tracing-source code X in the global ledger. When the inquiring party is the circulation link A, the evidence storage inquiring service interface A uses the evidence storage directory intelligent synthesis to search all the evidence storage directory information associated with the source tracing code X in the global account book. As described in embodiment 1, the key in each piece of credential directory information is the hash value of the tracing code X and the hash value of one data credential ID corresponding to the tracing code X, and the value is the identifier of the data credential smart contract corresponding to the data credential ID and the encryption of the plaintext of the data credential ID.
Step 532: and decrypting the certificate storing directory information by adopting the source tracing code.
As described in embodiment 1, the identification of the associated data-credited smart contract and the plaintext of the data-credited ID are encrypted in the credited directory information using a symmetric key generated by tracing to source code X. Therefore, in this embodiment, the value in the certificate catalog information is decrypted by using the symmetric key generated by the tracing code X, so as to obtain the identifiers of all the data certificate intelligent contracts corresponding to the tracing code X and the plaintext of the data certificate ID.
Step 533: and returning the data evidence ID corresponding to the tracing code and the identification of the data evidence intelligent contract.
Step 540: at least one second query request is received, wherein the second query request comprises a data credentialing ID and an identification of a data credentialing intelligence contract.
In this embodiment, since the consumer or the related circulation link can obtain all the data evidence IDs associated with the tracing code X and the identification of the data evidence intelligent contract via the first query request, the consumer or the related circulation link sends a plurality of second query requests associated with the tracing code X, where each second query request includes one data evidence ID associated with the tracing code X and the identification of the data evidence intelligent contract corresponding to the data evidence ID. For example, a second query request includes: data credential ID3 associated with the traceback code X, the identity of the data credential intelligence contract C1 corresponding to the data credential ID 3.
Step 550: validating the second query request; the method specifically comprises the following steps:
step 551: and signing the second query request by adopting a private key, so that the signed second query request comprises a data certificate ID and a certificate corresponding to the private key.
For example, when the requestor is a consumer, the consumer certification authority interface signs the second query request with a consumer private key, such that the signed second query request includes the data certification ID3 and a certificate corresponding to the consumer private key.
When the inquiring party is the circulation link A, the certificate storing and inquiring interface A signs the second inquiring request by adopting the private key of the circulation link A, so that the signed second inquiring request comprises the data certificate ID3, the certificate corresponding to the private key of the consumer, the identification of the intelligent contract C1 of the data certificate and the certificate corresponding to the private key of the circulation link A.
Step 552: the second query request is sent to a corresponding data storage certificate intelligent contract which verifies the signed second query request based on the certificate;
for example, where the inquiring party is a consumer, the consumer credentialing query service interface invokes the data credentialing intelligence contract C1, which verifies the signed second query request based on the certificate contained in the second query request. When the inquiring party is the circulation link a, the certificate-deposit inquiring interface a calls the data certificate-deposit intelligent contract C1, which verifies the signed second inquiry request based on the certificate contained in the second inquiry request.
Step 553: in the event that the verification passes, a data-credentialing intelligence contract is used to determine whether the certificate exists on a second white list, wherein the second white list includes certificates for consumers or the circulation segment that are allowed to obtain the contents of the circulation action.
For example, data-credentialing intelligent contracts C1 are used to determine if the certificate exists on a second white list, where the second white list is stored in the private ledger of the circulation link a and is created when circulation link a deploys its data-credentialing intelligent contracts C1 on the blockchain and is continually updated as the adjustment of the product circulation link changes.
Step 554: upon determining that the certificate exists in the second whitelist, determining that the authentication is passed.
Step 560: in the event that the verification passes, data credentialing information related to the traceability code is returned from the private ledger corresponding to the data credentialing intelligent contract using the data credentialing intelligent contract (i.e., the data credentialing information includes the content of the transfer action).
For example, the evidence-conserving inquiry interface a uses the data-conserving intelligent contract C1 to return the contents of the flow action related to the traceability code X from the private ledger of the flow link C.
The block chain anti-counterfeiting tracing method for protecting data privacy disclosed by the embodiment enables only each circulation link in the whole product flowing path and a consumer to obtain all tracing information generated by the product in the whole flowing path.
Example 3
As shown in fig. 5 to 7, the method for anti-counterfeiting traceability of a block chain for protecting data privacy disclosed in this embodiment can realize that traceability information of a product is only disclosed to a downstream circulation link in a flow path on the premise that circulation action content of the product in each circulation link in the flow path is stored in the block chain. The method comprises the following specific steps:
step 510: receiving a first query request, wherein the first query request at least comprises a traceability code of a product; the circulation action content comprises the following steps: one or more of customs declaration information, logistics information, ex-warehouse information and in-warehouse information.
Step 520: validating the first query request; the step of verifying the first query request in a consumer query manner specifically comprises:
step 5211': an authentication code is received. Specifically, the consumer certificate storing and inquiring service interface sends the verification code to the consumer after receiving the first inquiring request, so that the consumer can conveniently input the verification code into the consumer certificate storing and inquiring service interface.
Step 5212': in the event that the verification code is verified, it is determined whether the number of consumer queries exceeds a threshold.
For example, when the most upstream circulation link a of the product 1 shown in fig. 2 pretends that the consumer sends the query request by using the consumer evidence query service interface, the number of queries is limited by a threshold, so that the upstream circulation link can be limited from acquiring the traceability information generated by the downstream circulation link.
Step 5213': and under the condition that the query times of the consumer are not more than the threshold value, signing the first query request by using a private key of the consumer, so that the signed first query request comprises the traceability codes and the certificate corresponding to the private key of the consumer. This step is similar to step 521 in embodiment 2, and is not described herein again.
Step 5214': the signed first query request is verified based on the certificate using the certificate store directory intelligence contract. This step is similar to step 522 in embodiment 2 and will not be described herein.
Step 5215': in the event that the verification passes, a credential directory intelligence contract is used to determine whether the certificate exists on a third white list, wherein the third white list includes certificates for consumers or circulation segments that are allowed to obtain the credential directory information.
In this embodiment, the third white list is stored in the global account book of the block chain similarly to the first white list in embodiment 2, and is continuously updated along with the adjustment and change of the product circulation link.
Step 5216': upon determining that the certificate exists in the third whitelist, determining that the authentication is passed.
Verifying the first query request in a circulation link query manner further comprises:
step 521': and signing the first query request by adopting a private key of any circulation link, so that the signed first query request comprises a traceability code and a certificate corresponding to the private key of the circulation link.
For example, after the circulation link a sends the first query request to the certificate storage query interface a, the certificate storage query interface a signs the first query request by using the private key of the circulation link a, so that the signed first query request includes the traceability code X and the certificate corresponding to the private key of the circulation link a.
Step 522': the signed first query request is verified based on the certificate using the certificate store directory intelligence contract.
For example, the signed first query request is verified using the certificate directory intelligence contract based on a certificate corresponding to the private key of the circulation link a.
Step 523 ": in the event that the verification passes, a certificate directory intelligence contract is used to determine whether the certificate exists on the third whitelist.
Step 524': upon determining that the certificate exists in the third whitelist, determining that the authentication is passed.
Step 530: under the condition that the verification is passed, returning at least one piece of evidence-storing directory information from the global account book by using an evidence-storing directory intelligent contract, wherein the evidence-storing directory information comprises a data evidence-storing ID corresponding to the tracing code and an identifier of the corresponding data evidence-storing intelligent contract; this step is similar to step 530 in embodiment 2, and is not described again here.
Step 540: receiving at least one second query request, wherein the second query request comprises a data deposit certificate ID and an identifier of a data deposit certificate intelligent contract;
step 550: the second query request is validated.
The specific implementation for verifying the second query request by consumer query is similar to step 550 in embodiment 2 and will not be described in detail here. For the query mode using the circulation link, as shown in fig. 7, the verification of the second query request specifically includes:
step 710: and signing the second query request by adopting the private key of the circulation link, so that the signed second query request comprises a data certificate ID and a certificate corresponding to the private key of the circulation link.
For example, the second query request is signed by the private key of the circulation link a, so that a certain signed second query request includes the data deposit certificate ID4 stored in the private ledger flowing through the node D1, the identity of the data deposit certificate smart contract D1, and the certificate corresponding to the private key of the circulation link a.
Step 720: the signed second query request is verified based on the certificate using the data-credentialing smart contract.
The signed second query request is verified, for example, using the data verification intelligence contract D1.
Step 730: and in the case of passing the verification, determining whether the certificate exists in a blacklist by using the data certificate intelligent contract, wherein the blacklist comprises the certificate of the upstream circulation link which is not allowed to acquire the downstream circulation action content related to the tracing source code.
For example, if the certificate corresponding to the private key of the circulation link a is verified to exist in the blacklist by using the data certificate intelligence contract D1, the circulation action content corresponding to the second query request is not allowed to be returned to the circulation link a.
In this embodiment, a blacklist of a local node is deployed in a private account book of each circulation link, so that the blacklist determines all circulation links located at the upstream of the circulation link, and thus, the tracing information of the upstream circulation link by the downstream circulation link in a path can be kept unpublished. The blacklist is created when the circulation link deploys the data validation intelligent contract D1 on the blockchain and is continuously updated along with the adjustment change of the circulation link upstream of the circulation link
Step 740: upon determining that the certificate does not exist in the blacklist, determining that the authentication passed.
Step 560: in the event that the verification passes, data credentialing information related to the traceability code is returned from the private ledger corresponding to the data credentialing intelligent contract using the data credentialing intelligent contract (i.e., the data credentialing information includes the content of the transfer action).
The block chain anti-counterfeiting traceability method for protecting data privacy disclosed by the embodiment enables only a consumer to acquire all traceability information generated by a product in the whole flow path, enables a downstream circulation link in the whole flow path to check the traceability information of an upstream circulation link thereof, and enables the upstream circulation link not to inquire or acquire the traceability information of the downstream circulation link thereof; thereby realizing the most strict data protection of the source tracing information.
Further, alternatively, the above-described method can be implemented by a computer program product, i.e., a computer-readable storage medium. The computer program product may include a computer-readable storage medium having computer-readable program instructions embodied thereon for carrying out various aspects of the present disclosure. The computer readable storage medium may be a tangible device that can hold and store the instructions for use by the instruction execution device. The computer readable storage medium may be, for example, but not limited to, an electronic memory device, a magnetic memory device, an optical memory device, an electromagnetic memory device, a semiconductor memory device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a Static Random Access Memory (SRAM), a portable compact disc read-only memory (CD-ROM), a Digital Versatile Disc (DVD), a memory stick, a floppy disk, a mechanical coding device, such as punch cards or in-groove projection structures having instructions stored thereon, and any suitable combination of the foregoing. Computer-readable storage media as used herein is not to be construed as transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission medium (e.g., optical pulses through a fiber optic cable), or electrical signals transmitted through electrical wires.
Fig. 8 illustrates a block diagram of an apparatus 800 for blockchain anti-counterfeiting tracing for protecting data privacy in accordance with the present disclosure. As can be seen in fig. 8, a device 800 for blockchain anti-counterfeiting tracing for protecting data privacy includes a processor 801 and a memory 802 coupled to the processor 801. Memory 802 stores instructions, among other things. The instructions, when executed by the processor 801, cause the processor 801 to perform the following acts:
generating (e.g., recording, saving) data evidence information related to the traceability code by using a data evidence intelligent contract based on the traceability code of the product and the circulation action for the product, wherein the data evidence information comprises a data evidence ID and data evidence content, and the data evidence ID corresponds to the traceability code;
storing the data evidence storage information in a private account book corresponding to the data evidence storage intelligent contract;
generating (e.g., recording, saving) credential directory information related to the data credential information using the credential directory intelligence contract based on the traceback code, the data credential ID, and the identification of the data credential intelligence contract; and
and storing the evidence storage directory information in a global account book.
In one embodiment according to the present disclosure, the data deposit information is stored in a private ledger in a key-value pair format. The key in the data certificate storing information is the hash value of the data certificate storing ID; the value in the data evidence information is data evidence content, wherein the data evidence content is information related to the circulation action.
In one embodiment consistent with the present disclosure, the credentialing directory information is stored in a key-value pair format in the global ledger. Keys in the evidence storing directory information comprise hash values of the source tracing codes and hash values of the data evidence storing IDs; the value in the evidence-storing directory information is the directory information encrypted by the tracing code, and the directory information comprises the plaintext of the data evidence ID and the identification of the data evidence-storing intelligent contract.
In one embodiment consistent with the present disclosure, the flow action for a product includes: one or more of customs declaration, logistics, ex-warehouse and warehousing.
Fig. 8 illustrates a block diagram of an apparatus 800 for blockchain anti-counterfeiting tracing for protecting data privacy in accordance with the present disclosure. As can be seen in fig. 8, a device 800 for blockchain anti-counterfeiting tracing for protecting data privacy includes a processor 801 and a memory 802 coupled to the processor 801. Memory 802 stores instructions, among other things. The instructions, when executed by the processor 801, cause the processor 801 to perform the following acts:
receiving a first query request, wherein the first query request at least comprises a traceability code of a product;
validating the first query request;
under the condition that the verification is passed, returning at least one piece of evidence-storing directory information from the global account book by using an evidence-storing directory intelligent contract, wherein the evidence-storing directory information comprises a data evidence-storing ID corresponding to the tracing code and an identifier of the corresponding data evidence-storing intelligent contract;
receiving at least one second query request, wherein the second query request comprises a data deposit certificate ID and an identifier of a data deposit certificate intelligent contract;
validating the second query request;
and in the case of passing the verification, returning data evidence information related to the traceability codes from a private ledger corresponding to the data evidence intelligent contract by using the data evidence intelligent contract, wherein the data evidence information comprises the circulation action content.
In one embodiment according to the present disclosure, in the case that all of the circulation links related to the traceback code are allowed to obtain information, verifying the first query request further comprises:
the first query request is signed by adopting a private key, so that the signed first query request comprises a traceability code and a certificate corresponding to the private key, wherein when the inquirer is a consumer, the private key is a private key of the consumer, and when the inquirer is any circulation link except the consumer, the private key is a private key of the circulation link;
verifying the signed first query request based on the certificate by using a certificate-storing directory intelligent contract;
in the event of verification passing, using a certificate directory intelligence contract to determine whether the certificate exists on a first white list, wherein the first white list includes certificates of consumers or circulation links that are allowed to obtain the certificate directory information;
upon determining that the certificate exists in the whitelist, it is determined that the authentication passed.
In one embodiment consistent with the present disclosure, verifying the second query request further comprises:
signing the second query request by using a private key, so that the signed second query request comprises a data certificate ID and a certificate corresponding to the private key;
verifying the signed second query request based on the certificate by using the data certificate storage intelligent contract;
in the case of passing the verification, determining whether the certificate exists in a second white list by using the data certificate intelligent contract, wherein the second white list comprises the certificate of the consumer or the circulation link which is allowed to acquire the circulation action content;
upon determining that the certificate exists in the second whitelist, determining that the authentication is passed.
In one embodiment consistent with the present disclosure, returning from the global ledger at least one vouching directory information associated with the provenance code using a vouching directory intelligence contract further comprises:
searching at least one evidence-storing directory information associated with the source tracing code in the global account book by using the evidence-storing directory intelligent contract, wherein the identification of the data evidence-storing intelligent contract is encrypted and stored in the evidence-storing directory information;
decrypting the certificate storing directory information by adopting a source tracing code;
and returning the data evidence ID corresponding to the tracing code and the identification of the data evidence intelligent contract.
In an embodiment according to the present disclosure, in a case where only the downstream streaming link related to the traceback code is allowed to obtain the content of the streaming action, verifying the first query request in a consumer query manner further includes:
receiving a verification code;
determining whether the number of queries of the consumer exceeds a threshold value in case that the verification code is verified;
under the condition that the query times of the consumer are not more than the threshold value, signing the first query request by using a private key of the consumer, so that the signed first query request comprises a traceability code and a certificate corresponding to the private key of the consumer;
verifying the signed first query request based on the certificate by using a certificate-storing directory intelligent contract;
in the event of a validation pass, using the certificate catalog intelligence contract to determine whether the certificate exists on a third white list, wherein the third white list includes certificates for consumers or circulation links that are allowed to obtain the certificate catalog information;
upon determining that the certificate exists in the third whitelist, determining that verification is passed.
In an embodiment according to the present disclosure, in a case that only a downstream flow link related to the source code is allowed to obtain flow action content, verifying the first query request in a flow link query manner further includes:
signing the first query request by adopting a private key of any circulation link, so that the signed first query request comprises the traceability codes and a certificate corresponding to the private key of the circulation link;
verifying the signed first query request based on the certificate using the certified directory intelligence contract;
in the event that verification passes, determining whether the certificate is present on the third whitelist using the certificate directory intelligence contract;
upon determining that the certificate exists in the third whitelist, determining that verification is passed.
In one embodiment consistent with the present disclosure, verifying the second query request further comprises:
signing the second query request by adopting the private key of the circulation link, so that the signed second query request comprises the data certificate ID and a certificate corresponding to the private key of the circulation link;
verifying the signed second query request based on the certificate using the data-certified smart contract;
if the verification is passed, using the data verification intelligent contract to determine whether the certificate exists in a blacklist, wherein the blacklist comprises a certificate of an upstream circulation link which is not allowed to acquire the downstream circulation action content related to the tracing code;
upon determining that the certificate is not present in the blacklist, determining that authentication is passed.
In one embodiment according to the present disclosure, the circulation action content includes: one or more of customs declaration information, logistics information, ex-warehouse information and in-warehouse information.
In summary, the block chain anti-counterfeiting traceability method, device and corresponding computer-readable storage medium for protecting data privacy provided herein can, on one hand, enable only a circulation link in a whole flow path of a product and a consumer to acquire traceability information of the product, and on the other hand, can further limit that only the consumer can acquire all traceability information of the product, and other circulation links of the product can only acquire traceability information of an upstream circulation link thereof, and limit the upstream circulation link from acquiring traceability information of a downstream circulation link thereof.
The above description is only an alternative embodiment of the present disclosure and is not intended to limit the embodiments of the present disclosure, and various modifications and changes may be made to the embodiments of the present disclosure by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the embodiments of the present disclosure should be included in the scope of protection of the embodiments of the present disclosure.
While embodiments of the present disclosure have been described with reference to several particular embodiments, it should be understood that embodiments of the present disclosure are not limited to the particular embodiments disclosed. The embodiments of the disclosure are intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims. The scope of the following claims is to be accorded the broadest interpretation so as to encompass all such modifications and equivalent structures and functions.

Claims (29)

1. A method of blockchain anti-counterfeiting tracing for protecting data privacy, the method comprising:
generating data evidence information related to a traceability code by using a data evidence intelligent contract based on the traceability code of a product and a circulation action aiming at the product, wherein the data evidence information comprises a data evidence ID and data evidence content, and the data evidence ID corresponds to the traceability code;
storing the data evidence information in a private account book corresponding to the data evidence intelligent contract;
generating evidence deposit catalog information related to the data evidence deposit information by using an evidence deposit catalog intelligent contract based on the source tracing code, the data evidence deposit ID and the identification of the data evidence deposit intelligent contract; and
and storing the evidence storage directory information in a global account book.
2. The method of claim 1, wherein the data deposit information is stored in the private ledger in a key-value pair format.
3. The method of claim 2, wherein the key in the data LC information is a hash of the data LC ID; the value in the data evidence information is the data evidence content, wherein the data evidence content is information related to the circulation action.
4. The method of claim 1, wherein the deposit book information is stored in the global ledger in a key-value pair format.
5. The method of claim 4, wherein the key in the credential directory information comprises a hash of the traceback code and a hash of the data credential ID; and the value in the evidence-storing directory information is the directory information encrypted by the tracing code, and the directory information comprises the plaintext of the data evidence ID and the identifier of the data evidence-storing intelligent contract.
6. The method of claim 1, wherein the flow action for the product comprises: one or more of customs declaration, logistics, ex-warehouse and warehousing.
7. A method of blockchain anti-counterfeiting tracing for protecting data privacy, the method comprising:
receiving a first query request, wherein the first query request at least comprises a traceability code of a product;
validating the first query request;
under the condition that the verification is passed, returning at least one piece of evidence-storing directory information from the global account book by using an evidence-storing directory intelligent contract, wherein the evidence-storing directory information comprises a data evidence-storing ID corresponding to the tracing code and an identifier of the corresponding data evidence-storing intelligent contract;
receiving at least one second query request, wherein the second query request comprises the data LC ID and an identification of the data LC smart contract;
validating the second query request;
and if the verification is passed, returning data evidence information related to the tracing source code from a private ledger corresponding to the data evidence intelligent contract by using the data evidence intelligent contract, wherein the data evidence information comprises the circulation action content.
8. The method of claim 7, wherein validating the first query request with all of the circulation links associated with the traceback code allowed to obtain information further comprises:
signing the first query request by adopting a private key, so that the signed first query request comprises the traceability codes and a certificate corresponding to the private key, wherein when an inquirer is a consumer, the private key is a private key of the consumer, and when the inquirer is any circulation link except the consumer, the private key is a private key of the circulation link;
verifying the signed first query request based on the certificate using the certified directory intelligence contract;
in the event of verification passing, using the certificate inventory intelligence contract to determine whether the certificate exists on a first white list, wherein the first white list includes certificates of consumers or circulation links that are allowed to obtain the certificate inventory information;
upon determining that the certificate exists in the whitelist, determining that authentication is passed.
9. The method of claim 8, wherein validating the second query request further comprises:
signing the second query request by adopting the private key, so that the signed second query request comprises the data deposit certificate ID, the identifier of the data deposit certificate intelligent contract and a certificate corresponding to the private key;
verifying the signed second query request based on the certificate using the data-certified smart contract;
in the event of verification passing, using the data validation smart contract to determine whether the certificate exists in the second whitelist, wherein the second whitelist includes certificates of consumers or circulation links that are allowed to obtain the contents of the circulation action;
upon determining that the certificate exists in the second whitelist, determining that verification is passed.
10. The method of claim 7, wherein returning at least one forensic directory information associated with the prover code from a global ledger using a forensic directory intelligence contract further comprises:
searching at least one piece of evidence-saving directory information associated with the source code in the global account book by using the evidence-saving directory intelligent contract, wherein the identification of the data evidence-saving intelligent contract and the corresponding data evidence-saving ID are stored in the evidence-saving directory information in an encrypted manner;
decrypting the certificate storing directory information by adopting a key generated by the tracing code;
and returning the data deposit certificate ID corresponding to the tracing code and the identification of the data deposit certificate intelligent contract.
11. The method of claim 7, wherein in the case that only the downstream streaming segment associated with the traceback code is allowed to obtain the content of the streaming action, verifying the first query request in a consumer query manner further comprises:
receiving a verification code;
determining whether the number of queries of the consumer exceeds a threshold value in case the verification code is verified;
under the condition that the query times of the consumer are determined not to exceed the threshold value, signing the first query request by using a consumer private key, so that the signed first query request comprises the traceability codes and a certificate corresponding to the consumer private key;
verifying the signed first query request based on the certificate using the certified directory intelligence contract;
in the event of a validation pass, using the certificate catalog intelligence contract to determine whether the certificate exists on a third white list, wherein the third white list includes certificates for consumers or circulation links that are allowed to obtain the certificate catalog information;
upon determining that the certificate exists in the third whitelist, determining that verification is passed.
12. The method of claim 11, wherein, in the case that only a downstream streaming link associated with the traceback code is allowed to obtain streaming action content, validating the first query request in a streaming link query manner further comprises:
signing the first query request by adopting a private key of any circulation link, so that the signed first query request comprises the traceability codes and a certificate corresponding to the private key of the circulation link;
verifying the signed first query request based on the certificate using the certified directory intelligence contract;
in the event that verification passes, determining whether the certificate is present on the third whitelist using the certificate directory intelligence contract;
upon determining that the certificate exists in the third whitelist, determining that verification is passed.
13. The method of claim 12, wherein validating the second query request further comprises:
signing the second query request by adopting the private key of the circulation link, so that the signed second query request comprises the data certificate ID and a certificate corresponding to the private key of the circulation link;
verifying the signed second query request based on the certificate using the data-certified smart contract;
if the verification is passed, using the data verification intelligent contract to determine whether the certificate exists in a blacklist, wherein the blacklist comprises a certificate of an upstream circulation link which is not allowed to acquire the downstream circulation action content related to the tracing code;
upon determining that the certificate is not present in the blacklist, determining that authentication is passed.
14. The method of claim 7, wherein the streaming action content comprises: one or more of customs declaration information, logistics information, ex-warehouse information and in-warehouse information.
15. An apparatus for blockchain anti-counterfeiting tracing for protecting data privacy, the apparatus comprising:
a processor; and
a memory for storing instructions that, when executed, cause the processor to:
generating data evidence information related to a traceability code by using a data evidence intelligent contract based on the traceability code of a product and a circulation action aiming at the product, wherein the data evidence information comprises a data evidence ID and data evidence content, and the data evidence ID corresponds to the traceability code;
storing the data evidence information in a private account book corresponding to the data evidence intelligent contract;
generating evidence deposit catalog information related to the data evidence deposit information by using an evidence deposit catalog intelligent contract based on the source tracing code, the data evidence deposit ID and the identification of the data evidence deposit intelligent contract; and
and storing the evidence storage directory information in a global account book.
16. The device of claim 15, wherein the data deposit information is stored in the private ledger in a key-value pair format.
17. The device of claim 16, wherein the key in the data LC information is a hash of the data LC ID; the value in the data evidence information is the data evidence content, wherein the data evidence content is information related to the circulation action.
18. The device of claim 15, wherein the deposit book information is stored in the global ledger in a key-value pair format.
19. The device of claim 18, wherein the key in the credential directory information comprises a hash of the traceback code and a hash of the data credential ID; and the value in the evidence-storing directory information is the directory information encrypted by the tracing code, and the directory information comprises the plaintext of the data evidence ID and the identifier of the data evidence-storing intelligent contract.
20. The apparatus of claim 15, wherein the flow action for the product comprises: one or more of customs declaration, logistics, ex-warehouse and warehousing.
21. An apparatus for blockchain anti-counterfeiting tracing for protecting data privacy, the apparatus comprising:
a processor; and
a memory for storing instructions that, when executed, cause the processor to:
receiving a first query request, wherein the first query request at least comprises a traceability code of a product;
validating the first query request;
under the condition that the verification is passed, returning at least one piece of evidence-storing directory information from the global account book by using an evidence-storing directory intelligent contract, wherein the evidence-storing directory information comprises a data evidence-storing ID corresponding to the tracing code and an identifier of the corresponding data evidence-storing intelligent contract;
receiving at least one second query request, wherein the second query request comprises the data LC ID and an identification of the data LC smart contract;
validating the second query request;
and if the verification is passed, returning data evidence information related to the tracing source code from a private ledger corresponding to the data evidence intelligent contract by using the data evidence intelligent contract, wherein the data evidence information comprises the circulation action content.
22. The apparatus of claim 21, wherein in the case that all of the circulation links associated with the traceback code are allowed to obtain information, validating the first query request further comprises:
signing the first query request by adopting a private key, so that the signed first query request comprises the traceability codes and a certificate corresponding to the private key, wherein when an inquirer is a consumer, the private key is a private key of the consumer, and when the inquirer is any circulation link except the consumer, the private key is a private key of the circulation link;
verifying the signed first query request based on the certificate using the certified directory intelligence contract;
in the event of verification passing, using the certificate inventory intelligence contract to determine whether the certificate exists on a first white list, wherein the first white list includes certificates of consumers or circulation links that are allowed to obtain the certificate inventory information;
upon determining that the certificate exists in the whitelist, determining that authentication is passed.
23. The device of claim 22, wherein validating the second query request further comprises:
signing the second query request by adopting the private key, so that the signed second query request comprises the data deposit certificate ID, the identifier of the data deposit certificate intelligent contract and a certificate corresponding to the private key;
verifying the signed second query request based on the certificate using the data-certified smart contract;
in the event of verification passing, using the data validation smart contract to determine whether the certificate exists in the second whitelist, wherein the second whitelist includes certificates of consumers or circulation links that are allowed to obtain the contents of the circulation action;
upon determining that the certificate exists in the second whitelist, determining that verification is passed.
24. The device of claim 21, wherein returning at least one forensic directory information associated with the prover code from a global ledger using a forensic directory intelligence contract further comprises:
searching at least one piece of evidence-saving directory information associated with the source code in the global account book by using the evidence-saving directory intelligent contract, wherein the identification of the data evidence-saving intelligent contract and the corresponding data evidence-saving ID are stored in the evidence-saving directory information in an encrypted manner;
decrypting the certificate storing directory information by adopting a key generated by the tracing code;
and returning the data deposit certificate ID corresponding to the tracing code and the identification of the data deposit certificate intelligent contract.
25. The apparatus of claim 21, wherein in the case that only downstream streaming links associated with the traceback code are allowed to obtain streaming action content, validating the first query request with a consumer query further comprises:
receiving a verification code;
determining whether the number of queries of the consumer exceeds a threshold value in case the verification code is verified;
under the condition that the query times of the consumer are determined not to exceed the threshold value, signing the first query request by using a consumer private key, so that the signed first query request comprises the traceability codes and a certificate corresponding to the consumer private key;
verifying the signed first query request based on the certificate using the certified directory intelligence contract;
in the event of a validation pass, using the certificate catalog intelligence contract to determine whether the certificate exists on a third white list, wherein the third white list includes certificates for consumers or circulation links that are allowed to obtain the certificate catalog information;
upon determining that the certificate exists in the third whitelist, determining that verification is passed.
26. The apparatus of claim 25, wherein, in the case that only a downstream streaming link associated with the traceback code is allowed to obtain streaming action content, validating the first query request in a streaming link query manner further comprises:
signing the first query request by adopting a private key of any circulation link, so that the signed first query request comprises the traceability codes and a certificate corresponding to the private key of the circulation link;
verifying the signed first query request based on the certificate using the certified directory intelligence contract;
in the event that verification passes, determining whether the certificate is present on the third whitelist using the certificate directory intelligence contract;
upon determining that the certificate exists in the third whitelist, determining that verification is passed.
27. The device of claim 26, wherein validating the second query request further comprises:
signing the second query request by adopting the private key of the circulation link, so that the signed second query request comprises the data certificate ID and a certificate corresponding to the private key of the circulation link;
verifying the signed second query request based on the certificate using the data-certified smart contract;
if the verification is passed, using the data verification intelligent contract to determine whether the certificate exists in a blacklist, wherein the blacklist comprises a certificate of an upstream circulation link which is not allowed to acquire the downstream circulation action content related to the tracing code;
upon determining that the certificate is not present in the blacklist, determining that authentication is passed.
28. The apparatus of claim 21, wherein the flow action content comprises: one or more of customs declaration information, logistics information, ex-warehouse information and in-warehouse information.
29. A computer readable storage medium having computer readable program instructions stored thereon for performing the method for blockchain anti-counterfeiting traceability for protecting data privacy of any one of claims 1 to 14.
CN202011441561.7A 2020-12-08 2020-12-08 Block chain tracing method and device for protecting data privacy and readable storage medium Pending CN112487480A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011441561.7A CN112487480A (en) 2020-12-08 2020-12-08 Block chain tracing method and device for protecting data privacy and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011441561.7A CN112487480A (en) 2020-12-08 2020-12-08 Block chain tracing method and device for protecting data privacy and readable storage medium

Publications (1)

Publication Number Publication Date
CN112487480A true CN112487480A (en) 2021-03-12

Family

ID=74940117

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011441561.7A Pending CN112487480A (en) 2020-12-08 2020-12-08 Block chain tracing method and device for protecting data privacy and readable storage medium

Country Status (1)

Country Link
CN (1) CN112487480A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114254374A (en) * 2022-03-01 2022-03-29 北京市农林科学院信息技术研究中心 Data tracing method and system

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109086140A (en) * 2018-08-21 2018-12-25 上海点融信息科技有限责任公司 The method, apparatus and storage medium of data processing are carried out in block chain
CN109214197A (en) * 2018-08-14 2019-01-15 上海点融信息科技有限责任公司 The method, apparatus and storage medium of private data are handled based on block chain
CN109325785A (en) * 2018-09-29 2019-02-12 中山大学 A kind of multi-model source tracing method based on alliance's chain
CN110097376A (en) * 2019-04-12 2019-08-06 阿里巴巴集团控股有限公司 Commodity source tracing method, device, equipment and storage medium
CN110246040A (en) * 2019-05-21 2019-09-17 平安普惠企业管理有限公司 Trade management method, electronic equipment and computer storage medium based on alliance's chain
WO2019209605A1 (en) * 2018-04-26 2019-10-31 Microsoft Technology Licensing, Llc Cryptlet proofing services
US20200117690A1 (en) * 2018-10-15 2020-04-16 Bao Tran Smart device
CN111740841A (en) * 2020-05-29 2020-10-02 致信互链(北京)科技有限公司 Method and device for generating and verifying tracing code

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019209605A1 (en) * 2018-04-26 2019-10-31 Microsoft Technology Licensing, Llc Cryptlet proofing services
CN109214197A (en) * 2018-08-14 2019-01-15 上海点融信息科技有限责任公司 The method, apparatus and storage medium of private data are handled based on block chain
CN109086140A (en) * 2018-08-21 2018-12-25 上海点融信息科技有限责任公司 The method, apparatus and storage medium of data processing are carried out in block chain
CN109325785A (en) * 2018-09-29 2019-02-12 中山大学 A kind of multi-model source tracing method based on alliance's chain
US20200117690A1 (en) * 2018-10-15 2020-04-16 Bao Tran Smart device
CN110097376A (en) * 2019-04-12 2019-08-06 阿里巴巴集团控股有限公司 Commodity source tracing method, device, equipment and storage medium
CN110246040A (en) * 2019-05-21 2019-09-17 平安普惠企业管理有限公司 Trade management method, electronic equipment and computer storage medium based on alliance's chain
CN111740841A (en) * 2020-05-29 2020-10-02 致信互链(北京)科技有限公司 Method and device for generating and verifying tracing code

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114254374A (en) * 2022-03-01 2022-03-29 北京市农林科学院信息技术研究中心 Data tracing method and system

Similar Documents

Publication Publication Date Title
KR102153845B1 (en) Verification of the integrity of data stored in the consortium blockchain using public sidechains
CN110046996B (en) Data processing method and device
US10868668B1 (en) Parallel assurance of blockchain signatures
CN110288480B (en) Private transaction method and device for blockchain
KR102222612B1 (en) Smart contract whitelist
CN112287392B (en) Intelligent contract implementation method and system with privacy information protection function
Liang et al. PPRP: Preserving-privacy route planning scheme in VANETs
Milne et al. Cyber-physical trust systems driven by blockchain
KR20210055272A (en) Authentication System and Method based on anonymous protocol in Permissioned Blockchian, RECORDING MEDIUM FOR PERFORMING THE METHOD
CN112967054B (en) Data management method, device and equipment
Ahamed et al. Bps: Blockchain based decentralized secure and versatile light payment system
CN114884674A (en) Block chain-based user data transfer method, device and equipment
Omar et al. Decentralized identifiers and verifiable credentials for smartphone anticounterfeiting and decentralized IMEI database
Huang et al. Secure data sharing over vehicular networks based on multi-sharding blockchain
Tedeschi et al. Blockchain as a service: Securing bartering functionalities in the H2020 symbIoTe framework
CN112487480A (en) Block chain tracing method and device for protecting data privacy and readable storage medium
Akhter et al. Blockchain in vehicular ad hoc networks: Applications, challenges and solutions
Lim et al. A new hash-based RFID mutual authentication protocol providing enhanced user privacy protection
Gandino et al. A security protocol for RFID traceability
CN117009988A (en) Encryption data storage and query method based on blockchain
Uesugi et al. Design and evaluation of a privacy-preserving supply chain system based on public permissionless blockchain
CN116010401A (en) Information hiding trace query method and system based on block chain and careless transmission expansion
Mamun et al. SupAUTH: a new approach to supply chain authentication for the IoT
Vives-Guasch et al. Anonymous and transferable electronic ticketing scheme
Dawoud et al. HEADA: a low cost RFID authentication technique using homomorphic encryption for key generation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20210312

WD01 Invention patent application deemed withdrawn after publication