CN115964733B - Block chain-based data sharing method and device, electronic equipment and storage medium - Google Patents

Block chain-based data sharing method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN115964733B
CN115964733B CN202310251239.5A CN202310251239A CN115964733B CN 115964733 B CN115964733 B CN 115964733B CN 202310251239 A CN202310251239 A CN 202310251239A CN 115964733 B CN115964733 B CN 115964733B
Authority
CN
China
Prior art keywords
data
private key
public
information
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310251239.5A
Other languages
Chinese (zh)
Other versions
CN115964733A (en
Inventor
朱斯语
池程
刘阳
田娟
陈文曲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Academy of Information and Communications Technology CAICT
Original Assignee
China Academy of Information and Communications Technology CAICT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Academy of Information and Communications Technology CAICT filed Critical China Academy of Information and Communications Technology CAICT
Priority to CN202310251239.5A priority Critical patent/CN115964733B/en
Publication of CN115964733A publication Critical patent/CN115964733A/en
Application granted granted Critical
Publication of CN115964733B publication Critical patent/CN115964733B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The embodiment of the disclosure discloses a data sharing method, a device, electronic equipment and a storage medium based on a blockchain, wherein the method comprises the following steps: when the data auditing center receives a data sharing request sent by the client; the data sharing terminal identification has a corresponding relation with the digital identification, and the data auditing center determines an auditing scheme corresponding to the data sharing request; the data auditing center acquires information to be audited from the client according to an auditing scheme, and sends the information to be audited and a data sharing request to the data storage terminal; the data storage terminal respectively verifies the signature generated by the private key in the first public-private key pair and the signature generated by the private key in the second public-private key pair in the information to be audited by using the public key in the first public-private key pair and the public key in the second public-private key pair; and when the signature passes verification, the data storage terminal authorizes the shared data identified by the shared data identifier to the data sharing terminal and the client identified by the data sharing terminal identifier.

Description

Block chain-based data sharing method and device, electronic equipment and storage medium
Technical Field
The present disclosure relates to data sharing technology, blockchain technology, and in particular, to a blockchain-based data sharing method, device, electronic apparatus, and storage medium.
Background
Data sharing is one of the important ways to achieve data flow and data transformation. In the prior art, a data sharing manner is generally that a data owner only grants data to a target client applying the data to realize data sharing. However, in practical applications, the data needs to be used by the target client and other clients at the same time, so that the other clients need to reapply the data to the data owner again, which results in complicated data sharing process.
Disclosure of Invention
The embodiment of the disclosure provides a data sharing method, device, electronic equipment and storage medium based on a blockchain, so as to solve the technical problems.
In one aspect of the disclosed embodiments, a method for a blockchain-based data sharing method is provided, including: responding to a data auditing center receiving a data sharing request sent by a client, wherein the data auditing center is arranged on a block chain, and the data sharing request comprises: the client comprises a shared data identifier, a data sharing terminal identifier and a digital identity identifier of the client, wherein the shared data identifier is used for identifying shared data, the data sharing terminal identifier is used for identifying a data sharing terminal, and the digital identity identifier is used for identifying the client; the data auditing center determines whether the data sharing terminal identifier and the digital identity identifier have a corresponding relationship according to the corresponding relationship between a preset identity identifier and the data sharing terminal identifier; responding to the corresponding relation between the data sharing terminal identification and the digital identity identification, and determining an auditing scheme corresponding to the data sharing request by the data auditing center according to the sharing data identification; the data auditing center acquires information to be audited from the client according to the auditing scheme, and sends the information to be audited and the data sharing request to a data storage terminal, wherein the information to be audited comprises: at least one verifiable credential corresponding to the digital identity, a signature generated using a private key of a first public-private key pair of the client, and a signature generated using a private key of a second public-private key pair of the data auditing center; the data storage terminal verifies the signature generated by the first public-private key pair private key and the signature generated by the second public-private key pair private key in the information to be verified by using the first public-private key pair public key and the second public-private key pair public key respectively; in response to the signature generated with the private key of the first public-private key pair and the signature generated with the private key of the second public-private key pair being verified, the data storage terminal authorizes the shared data to the data sharing terminal and the client.
Optionally, in the method of any one of the foregoing embodiments of the present disclosure, the data auditing center obtains information to be audited from the client according to the auditing scheme, including: the data auditing center sends an auditing data acquisition request to the client, wherein the auditing data acquisition request comprises: credential information of the verifiable credential specified in the auditing scheme; the client acquires the verifiable certificate conforming to the certificate information from the verifiable certificates corresponding to the digital identity according to the certificate information; the client signs the verifiable certificate by using the first public-private key pair private key to obtain initial to-be-checked information, and sends the initial to-be-checked information to the data checking center; and the data auditing center signs the initial information to be audited by using the second public and private key pair private key to obtain the information to be audited.
Optionally, in the method of any one of the above embodiments of the disclosure, further includes: the data auditing center verifies the signature of the initial information to be audited by using the public key in the first public-private key pair; responding to the signature of the initial information to be verified, and verifying the verifiable certificate in the initial information to be verified by the data verification center, so as to determine whether the verifiable certificate in the initial information to be verified accords with the provision of the verifiable certificate in the verification scheme; and responding to the verifiable credentials in the initial information to be checked to meet the regulations of the verifiable credentials in the checking scheme, and signing the initial information to be checked by the data checking center by using the second public and private key pair private key to obtain the information to be checked.
Optionally, in the method of any one of the above embodiments of the disclosure, further includes: the data storage terminal uses a third public-private key pair private key of the data storage terminal to sign the shared data authorized to the data sharing terminal and the client to obtain signed shared data; and the data storage terminal transmits the signature sharing data to the data sharing terminal and the client.
Optionally, in the method of any one of the above embodiments of the disclosure, further includes: the data storage terminal determines whether the digital identity mark exists in a preset mark blacklist or not; and in response to the digital identity identifier not existing in the preset identifier blacklist, the data storage terminal verifies the signature generated by the first public-private key pair private key and the signature generated by the second public-private key pair private key in the information to be checked by using the first public-private key pair public key and the second public-private key pair public key respectively.
In another aspect of the disclosed embodiments, there is provided a blockchain-based data sharing apparatus, including: the first receiving module is used for responding to a data sharing request sent by a data auditing center receiving a client, wherein the data auditing center is arranged on a block chain, and the data sharing request comprises: the client comprises a shared data identifier, a data sharing terminal identifier and a digital identity identifier of the client, wherein the shared data identifier is used for identifying shared data, the data sharing terminal identifier is used for identifying a data sharing terminal, and the digital identity identifier is used for identifying the client; the first auditing module is used for determining whether the data sharing terminal identifier and the digital identity identifier have a corresponding relation according to the corresponding relation between the preset identity identifier and the data sharing terminal identifier by the data auditing center; the first acquisition module is used for responding that the data sharing terminal identification has a corresponding relation with the digital identity identification, and the data auditing center determines an auditing scheme corresponding to the data sharing request according to the sharing data identification; the second obtaining module is configured to obtain, by the data auditing center, information to be audited from the client according to the auditing scheme, and send the information to be audited and the data sharing request to a data storage terminal, where the information to be audited includes: at least one verifiable credential corresponding to the digital identity, a signature generated using a private key of a first public-private key pair of the client, and a signature generated using a private key of a second public-private key pair of the data auditing center; the second checking module is used for verifying the signature generated by the first public-private key centering private key and the signature generated by the second public-private key centering private key in the information to be checked by the data storage terminal by using the first public-private key centering public key and the second public-private key centering public key respectively; and the authorization module is used for responding to the signature generated by the private key in the first public-private key pair and the signature generated by the private key in the second public-private key pair to pass verification, and the data storage terminal authorizes the shared data to the data sharing terminal and the client.
Optionally, in an apparatus of any one of the foregoing embodiments of the present disclosure, the second obtaining module includes: the first sending submodule is used for sending an audit data acquisition request to the client by the data audit center, wherein the audit data acquisition request comprises: credential information of the verifiable credential specified in the auditing scheme; the first acquisition sub-module is used for the client to acquire the verifiable certificate conforming to the certificate information from the verifiable certificates corresponding to the digital identity according to the certificate information; the first signature sub-module is used for signing the verifiable certificate by the client side through the private key in the first public-private key pair to obtain initial information to be checked, and sending the initial information to be checked to the data checking center; and the second signature sub-module is used for signing the initial information to be checked by the data checking center through the private key in the second public-private key pair to obtain the information to be checked.
Optionally, in the apparatus of any one of the foregoing embodiments of the disclosure, the method further includes: the first verification module is used for verifying the signature of the initial information to be verified by the public key in the data verification center by using the first public-private key; the third checking module is used for responding to the signature of the initial information to be checked to pass the verification, and the data checking center checks the verifiable certificates in the initial information to be checked to determine whether the verifiable certificates in the initial information to be checked accord with the regulation of the verifiable certificates in the checking scheme; the first signature module is used for responding to the verifiable certificate in the initial information to be checked to meet the rule of the verifiable certificate in the checking scheme, and the data checking center signs the initial information to be checked by using the second public and private key to obtain the information to be checked.
In one aspect of the disclosed embodiments, there is provided an electronic device including: a memory for storing a computer program; and the processor is used for executing the computer program stored in the memory, and when the computer program is executed, the data sharing method based on the block chain is realized.
In one aspect of the disclosed embodiments, a computer-readable storage medium is provided, on which a computer program is stored, which when executed by a processor, implements the blockchain-based data sharing method described above.
The embodiment of the disclosure provides a data sharing method, a device, an electronic device and a storage medium based on a blockchain, comprising the following steps: the data auditing center audits the data sharing terminal identification and the digital identification of the client, determines whether the data sharing terminal identification and the digital identification have a corresponding relation, acquires to-be-checked information of the client when the data sharing terminal identification and the digital identification have a corresponding relation, and then verifies the to-be-checked information by the data storage terminal, and authorizes the sharing data to the client and the sharing data terminal when the data sharing terminal identification and the digital identification pass the verification. Therefore, the embodiment of the disclosure realizes that the data sharing terminals except the client are authorized to use the shared data at the same time under the condition of ensuring the safety of the shared data, simplifies the data sharing flow and improves the efficiency of the shared data. Meanwhile, as whether the data sharing terminal identification and the digital identity identification have a corresponding relation or not is required to be determined, the controllability of the data sharing terminal is realized, the safety of the shared data is further ensured, and the abuse probability of the shared data is reduced. In addition, in the embodiment of the disclosure, the data storage terminal directly authorizes the shared data to the client and the data sharing terminal for use, so that the data sharing process is simplified, the data sharing efficiency is improved, the risk of leakage or abuse of the shared data possibly caused by a data auditing center is effectively avoided, and the safety of the shared data is further improved.
The technical scheme of the present disclosure is described in further detail below through the accompanying drawings and examples.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description, serve to explain the principles of the disclosure.
The disclosure may be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings in which:
FIG. 1 illustrates a flow chart of one embodiment of a blockchain-based data sharing method of embodiments of the present disclosure;
FIG. 2 shows a flowchart of step S140 of an embodiment of the present disclosure;
FIG. 3 illustrates a flow chart of another embodiment of a blockchain-based data sharing method of embodiments of the present disclosure;
FIG. 4 illustrates a flow chart of yet another embodiment of a blockchain-based data sharing method of embodiments of the present disclosure;
FIG. 5 illustrates a flow chart of yet another embodiment of a blockchain-based data sharing method of embodiments of the present disclosure;
FIG. 6 is a schematic diagram illustrating an architecture of one embodiment of a blockchain-based data sharing device in accordance with embodiments of the present disclosure;
fig. 7 is a schematic structural diagram of an application embodiment of the electronic device of the present disclosure.
Detailed Description
Various exemplary embodiments of the present disclosure will now be described in detail with reference to the accompanying drawings. It should be noted that: the relative arrangement of the components and steps, numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present disclosure unless it is specifically stated otherwise.
It will be appreciated by those of skill in the art that the terms "first," "second," etc. in embodiments of the present disclosure are used merely to distinguish between different steps, devices or modules, etc., and do not represent any particular technical meaning nor necessarily logical order between them.
It should also be understood that in embodiments of the present disclosure, "plurality" may refer to two or more, and "at least one" may refer to one, two or more.
It should also be appreciated that any component, data, or structure referred to in the presently disclosed embodiments may be generally understood as one or more without explicit limitation or the contrary in the context.
In addition, the term "and/or" in this disclosure is merely an association relationship describing an association object, and indicates that three relationships may exist, for example, a and/or B may indicate: a exists alone, A and B exist together, and B exists alone. In addition, the character "/" in the present disclosure generally indicates that the front and rear association objects are an or relationship.
It should also be understood that the description of the various embodiments of the present disclosure emphasizes the differences between the various embodiments, and that the same or similar features may be referred to each other, and for brevity, will not be described in detail.
Meanwhile, it should be understood that the sizes of the respective parts shown in the drawings are not drawn in actual scale for convenience of description.
The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the disclosure, its application, or uses.
Techniques, methods, and apparatus known to one of ordinary skill in the relevant art may not be discussed in detail, but are intended to be part of the specification where appropriate.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further discussion thereof is necessary in subsequent figures.
Embodiments of the present disclosure may be applicable to electronic devices such as terminal devices, computer systems, servers, etc., which may operate with numerous other general purpose or special purpose computing system environments or configurations. Examples of well known terminal devices, computing systems, environments, and/or configurations that may be suitable for use with the terminal device, computer system, server, or other electronic device include, but are not limited to: personal computer systems, server computer systems, thin clients, thick clients, hand-held or laptop devices, microprocessor-based systems, set-top boxes, programmable consumer electronics, network personal computers, small computer systems, mainframe computer systems, and distributed cloud computing technology environments that include any of the foregoing, and the like.
Electronic devices such as terminal devices, computer systems, servers, etc. may be described in the general context of computer system-executable instructions, such as program modules, being executed by a computer system. Generally, program modules may include routines, programs, objects, components, logic, data structures, etc., that perform particular tasks or implement particular abstract data types. The computer system/server may be implemented in a distributed cloud computing environment in which tasks are performed by remote processing devices that are linked through a communications network. In a distributed cloud computing environment, program modules may be located in both local and remote computing system storage media including memory storage devices.
A blockchain (blockchain) is a chained data structure in which data blocks are sequentially connected in time sequence, and cryptographically guarantees that the data is not tamperable and counterfeit.
FIG. 1 is a flow chart of a block chain based data sharing method in an embodiment of the disclosure. The embodiment can be applied to an electronic device, as shown in fig. 1, and the blockchain-based data sharing method of the embodiment includes the following steps:
Step S110, the data auditing center receives the data sharing request sent by the client.
Wherein the data audit center is disposed on a blockchain, and the data sharing request includes: the client comprises a shared data identifier, a data sharing terminal identifier and a digital identity identifier of the client, wherein the shared data identifier is used for identifying shared data, the data sharing terminal identifier is used for identifying the data sharing terminal, and the digital identity identifier is used for identifying the client.
The shared data identifier is used for uniquely identifying one shared data, the data sharing terminal identifier is used for uniquely identifying one data sharing terminal, and the shared data identifier and the data sharing terminal identifier can be custom codes and the like. The digital identity is used to uniquely identify a client, and may be a DID identity (Decentralized Identity, distributed digital identity), etc. The digital identity corresponds to at least one verifiable credential (Verifiable Credentials, VC) that is used to endorse or prove that the client identified by the digital identity corresponding thereto has a certain attribute, identity, qualification, etc., and that can be issued by a third party authority. The digital identity and the verifiable credential corresponding to the digital identity constitute the digital identity of the client, which may have multiple digital identities. The digital identity and the verifiable credential corresponding to the digital identity are stored at the client.
The shared data may be data in any data format, for example, the shared data may be audio data, video data, text data, or the like. The data sharing terminal can be a computer, a server and the like; the client may be a computer, a server, or the like. The data sharing terminal can be connected with the client, and the data sharing terminal and the client can be connected with the data auditing center. The data auditing center is used for auditing the shared data terminal requesting the shared data and determining whether the shared data terminal can apply for the shared data.
The data auditing platform can pre-create a shared data identification list, wherein the shared data identification list comprises a plurality of shared data identifications of shared data, and the client can acquire the shared data identification list from the data auditing center and acquire the shared data identifications of the shared data required by the client from the shared data identification list.
Step S120, the data auditing center determines whether the data sharing terminal identification and the digital identification have a corresponding relation according to the corresponding relation between the preset identification and the data sharing terminal identification.
The data auditing center stores a corresponding relation between a preset identity mark and a data sharing terminal mark, the corresponding relation between the preset identity mark and the data sharing terminal mark comprises a plurality of pairs of mutually corresponding digital identity marks and data sharing terminal marks, and the corresponding relation between the preset identity mark and the data sharing terminal mark can be in a list form.
In one embodiment, the client needs to register with the data auditing center before applying for sharing data. Specifically, the client may first determine a data sharing terminal that needs to share data, and obtain a data sharing terminal identifier of the data sharing terminal and application information of the data sharing terminal required for auditing by the data auditing center, where the application information may include: the identity information of the data sharing terminal, such as business license, etc., the data sharing terminal and the client have relationship proving information, such as proving material of a sub-company of which the user corresponding to the data sharing terminal is the user corresponding to the client, etc., and the client uses the data sharing terminal identification and the application information as the registration information of the data sharing terminal. The client selects the digital identity and the verifiable certificate corresponding to the data identity according to the verification requirement of the data verification center, the digital identity and the verifiable certificate are used as registration information of the client, the registration information of the client and the registration information of the sharing terminal are sent to the data verification center, the data verification center verifies the registration information of the client and the registration information of the sharing terminal, and when verification is passed, the data verification center establishes a corresponding relation between the digital identity and the data sharing terminal, and records the corresponding relation between the digital identity and the data sharing terminal in a corresponding relation between a preset identity and the data sharing terminal.
And step S130, responding to the corresponding relation between the data sharing terminal identification and the digital identification, and determining an auditing scheme corresponding to the data sharing request by the data auditing center according to the sharing data identification.
The auditing scheme may include auditing rules for the data sharing request, for example, the auditing scheme may include credential information for a required client that can verify credentials, and so on. In one embodiment, the data auditing center may create different auditing rules for different data, each auditing rule corresponding to at least one shared data identifier, and the data auditing center determines an auditing scheme corresponding to the shared data identifier in the data sharing request as the auditing scheme of the data sharing request. For example, the audit trail in the audit scheme may include: credential information of the verifiable credential that needs to be audited, the credential information including requirements for the verifiable credential, e.g., the credential information including a credential type, a credential certification authority, etc., for example, the credential information may include: credential type: verifiable credentials that prove the identity of an enterprise, credential certification authorities: business offices, etc.
And step S140, the data auditing center acquires the information to be audited from the client according to the auditing scheme, and transmits the information to be audited and the data sharing request to the data storage terminal.
The information to be checked comprises: at least one verifiable credential corresponding to the digital identity in the data sharing request, a signature generated using the private key of the first public-private key pair of the client, and a signature generated using the private key of the second public-private key pair of the data auditing center.
The public-private key pair of the client may be referred to as a first public-private key pair, and the public-private key pair of the data auditing center may be referred to as a second public-private key pair. The first public-private key pair comprises a public key and a private key; the first public-private key pair public key is used for verifying a signature generated by the private key in the first public-private key pair, and the first public-private key pair private key is used for signing data or information; the client may generate the first public-private key pair using a national cryptographic (SM 2) algorithm, a symmetric encryption algorithm, an asymmetric encryption algorithm, or the like. The second public-private key pair comprises a public key and a private key; the second public-private key pair public key is used for verifying a signature generated by the private key in the second public-private key pair, and the second public-private key pair private key is used for signing data or information; the data auditing center can generate the second public-private key pair by using a national secret SM2 algorithm, a symmetric encryption algorithm, an asymmetric encryption algorithm and the like.
In one embodiment, a plug-in wallet is provided on the client, and the plug-in wallet stores a digital identity of the client and verifiable credentials corresponding to the digital identity. The data auditing center can obtain the verifiable certificate which accords with the regulation of the verifiable certificate in the auditing scheme and corresponds to the digital identity mark in the data sharing request from a plug-in wallet of the client, inform the client of signing the verifiable certificate, the client signs the verifiable certificate by using a first public private key pair private key to obtain a signed verifiable certificate, and then the data auditing center obtains the information to be audited by using a second public private key pair signature verifiable certificate.
And step S150, the data storage terminal respectively verifies the signature generated by the private key in the first public-private key pair and the signature generated by the private key in the second public-private key pair in the information to be audited by using the public key in the first public-private key pair and the public key in the second public-private key pair.
The data storage terminal stores a plurality of shared data and a shared data identifier for identifying the shared data. The data storage terminal can be a server or a computer, and the data storage terminal is connected with the client, the data auditing center and the data sharing terminal.
In one embodiment, when the data storage terminal receives the to-be-checked information and the data sharing request sent by the data checking center, the data storage terminal may acquire the public key in the first public-private key pair from the client, or acquire the public key in the first public-private key pair from the public key storage address published by the client. The data storage terminal can acquire the public key in the second public-private key pair from the data auditing center or acquire the public key in the second public-private key pair from a public key storage address published by the data auditing center. The data storage terminal verifies the signature generated by the private key in the first public-private key pair in the information to be audited by using the public key in the first public-private key pair, verifies the signature generated by the private key in the second public-private key pair in the information to be audited by using the public key in the second public-private key pair, and determines that the information to be audited passes the verification when the signature generated by the private key in the first public-private key pair and the signature generated by the private key in the second public-private key pair pass the verification; and when the signature generated by the private key in the first public-private key pair and/or the signature generated by the private key in the second public-private key pair are/is not verified, determining that the information to be audited is not verified, and sending a data sharing failure message to the data auditing center, the client and the data sharing terminal by the data storage center.
In step S160, the data storage terminal authorizes the shared data identified by the shared data identifier to the data sharing terminal and the client identified by the data sharing terminal identifier in response to the signature generated by the private key in the first public-private key pair and the signature generated by the private key in the second public-private key pair passing verification.
In one embodiment, when the signature generated by the private key in the first public-private key pair and the signature generated by the private key in the second public-private key pair are both verified, the data storage terminal acquires the shared data identified by the shared data identifier in the data sharing request, and performs authorization setting on the shared data so that the shared data can be used only by the client and the data sharing terminal, for example, an open source data visualization analysis tool can be used for performing authorization setting on the shared data so that the shared data can be used only by the client and the data sharing terminal.
In the embodiment of the disclosure, a data auditing center audits a data sharing terminal identifier and a digital identity identifier of a client, determines whether the data sharing terminal identifier and the digital identity identifier have a corresponding relationship, acquires information to be audited of the client when the data sharing terminal identifier and the digital identity identifier have the corresponding relationship, and then verifies the information to be audited by a data storage terminal, and grants shared data to the client and the shared data terminal when the verification is passed. Therefore, the embodiment of the disclosure realizes that the data sharing terminals except the client are authorized to use the shared data at the same time under the condition of ensuring the safety of the shared data, simplifies the data sharing flow and improves the efficiency of the shared data. Meanwhile, as whether the data sharing terminal identification and the digital identity identification have a corresponding relation or not is required to be determined, the controllability of the data sharing terminal is realized, the safety of the shared data is further ensured, and the abuse probability of the shared data is reduced. In addition, in the embodiment of the disclosure, the data storage terminal directly authorizes the shared data to the client and the data sharing terminal for use, so that the data sharing process is simplified, the data sharing efficiency is improved, the risk of leakage or abuse of the shared data possibly caused by a data auditing center is effectively avoided, and the safety of the shared data is further improved.
In an alternative embodiment, as shown in fig. 2, step S140 in the embodiment of the present disclosure further includes the following steps:
and step S141, the data auditing center sends an auditing data acquisition request to the client.
Wherein, the audit data acquisition request includes: the certification information of the verifiable certification specified in the auditing scheme. The credential information includes requirements specified in the auditing scheme for verifiable credentials, e.g., the credential information includes a credential type, a credential certification authority, etc., which may include, for example: credential type: verifiable credentials that prove the identity of an enterprise, credential certification authorities: business offices, etc.
In step S142, the client obtains the verifiable credential conforming to the credential information from the verifiable credential corresponding to the digital identity according to the credential information.
In one embodiment, the client obtains all verifiable credentials corresponding to the digital identity in the data sharing request, and then determines verifiable credentials conforming to the credential information from the all verifiable credentials. Illustratively, when the credential information includes: credential type: when the verifiable credentials of the identity of the enterprise are verified, the client acquires the verifiable credentials corresponding to the digital identity and used for verifying the identity of the enterprise.
And step S143, the client signs the verifiable certificate by using a private key in the first public key pair to obtain initial information to be checked, and sends the initial information to be checked to a data checking center.
The initial information to be audited comprises the verifiable certificate and a signature generated by using the private key in the first public-private key pair.
And step S144, the data auditing center signs the initial information to be audited by using the second public and private key pair private key to obtain the information to be audited.
In one embodiment, after the data auditing center receives the initial information to be audited, the second public-private key is utilized to sign the initial information to be audited to obtain the information to be audited; the information to be checked includes the verifiable credential described above, a signature generated using the private key of the first public-private key pair, and a signature generated using the private key of the second public-private key pair.
In an alternative embodiment, as shown in fig. 3, the method in the embodiment of the present disclosure further includes the steps of:
step S210, the data auditing center verifies the signature of the initial information to be audited by using the public key in the first public-private key pair.
Step S210 to step S230 may be further included before step S144. In one embodiment, the data auditing center receives the initial information to be audited, and the data auditing center can acquire the public key in the first public-private key pair from the client or acquire the public key in the first public-private key pair from the public key storage address published by the client, and then verify the signature of the initial information to be audited by using the public key in the first public-private key pair.
Step S220, in response to the signature of the initial information to be verified passing verification, the data verification center verifies the verifiable certificate in the initial information to be verified, and determines whether the verifiable certificate in the initial information to be verified meets the specification of the verifiable certificate in the verification scheme.
After the signature of the initial information to be verified passes through the public key verification in the first public-private key pair, the data verification center can verify the verifiable certificate in the initial information to be verified through a person or a computer, and whether the verifiable certificate accords with the regulation of the verifiable certificate in the verification scheme is determined. For example, when the verification scheme specifies that the verifiable credential is a verifiable credential that proves the identity of the enterprise, it may be determined whether the verifiable credential in the initial to-be-verified information is a verifiable credential that proves the identity of the enterprise, and when the verifiable credential in the initial to-be-verified information is determined to be a verifiable credential that proves the identity of the enterprise, it is determined that the verifiable credential in the initial to-be-verified information meets the specification of the verifiable credential in the verification scheme.
And step S230, in response to the verifiable certificate in the initial information to be verified meeting the regulation of the verifiable certificate in the verification scheme, the data verification center signs the initial information to be verified by using the second public and private key pair private key to obtain the information to be verified.
When the verifiable certificate in the initial to-be-audited information accords with the regulation of the verifiable certificate in the auditing scheme, the data auditing center executes step S144.
In an alternative embodiment, as shown in fig. 4, the method in the embodiment of the present disclosure further includes the steps of:
and step S310, the data storage terminal signs the shared data authorized to the data sharing terminal and the client by using the third public and private key pair private key of the data storage terminal to obtain signed shared data.
The public-private key pair of the data storage terminal may be referred to as a third public-private key pair. The third public-private key pair comprises a public key and a private key; the third public-private key pair public key is used for verifying the signature generated by the private key in the third public-private key pair, and the third public-private key pair private key is used for signing data or information; the data storage terminal may generate the third public-private key pair using a national secret SM2 algorithm, a symmetric encryption algorithm, an asymmetric encryption algorithm, or the like.
In one embodiment, after the data storage terminal performs authorization setting on the shared data in step S160, the shared data subjected to authorization setting may be signed by using the private key in the third public-private key pair to obtain signed shared data, where the signed shared data may only be used by the authorized data sharing terminal and the client.
In step S320, the data storage terminal transmits the signature sharing data to the data sharing terminal and the client.
In one embodiment, the client and/or the data sharing terminal may obtain the public key in the third public-private key pair from the data storage terminal, or obtain the public key in the third public-private key pair from the public key storage address published by the data storage terminal, and then verify the signature of the signature sharing data by using the public key in the third public-private key pair, and obtain the sharing data after the signature passes the verification.
In an alternative embodiment, as shown in fig. 5, the method in the embodiment of the present disclosure further includes the steps of:
in step S410, the data storage terminal determines whether the digital identity exists in a preset identity blacklist.
Wherein, step S410 and step S420 are further included before step S150. In one embodiment, the data storage terminal stores a preset identification blacklist, where the preset identification blacklist includes at least one forbidden digital identity. After receiving the digital identity, the data storage terminal traverses a preset identity blacklist and determines whether a forbidden digital identity identical to the received digital identity exists in the preset identity blacklist.
And step S420, in response to the digital identity mark not existing in the preset mark blacklist, the data storage terminal verifies the signature generated by the first public-private key pair private key and the signature generated by the second public-private key pair private key in the information to be audited by using the first public-private key pair public key and the second public-private key pair public key respectively.
Wherein, the digital identity is not present in the preset identity blacklist, and the data storage terminal executes step S150.
FIG. 6 illustrates a block diagram of a blockchain-based data sharing device in an embodiment of the present disclosure. As shown in fig. 6, the data sharing apparatus based on a blockchain of this embodiment includes:
the first receiving module 510 is configured to respond to a data sharing request sent by a client received by a data auditing center, where the data auditing center is disposed on a blockchain, and the data sharing request includes: the client comprises a shared data identifier, a data sharing terminal identifier and a digital identity identifier of the client, wherein the shared data identifier is used for identifying shared data, the data sharing terminal identifier is used for identifying a data sharing terminal, and the digital identity identifier is used for identifying the client;
The first auditing module 520 is configured to determine, by the data auditing center according to a correspondence between a preset identity identifier and a data sharing terminal identifier, whether the data sharing terminal identifier and the digital identity identifier have a correspondence;
a first obtaining module 530, configured to determine, according to the shared data identifier, an auditing scheme corresponding to the data sharing request in response to the data sharing terminal identifier having a correspondence with the digital identity;
the second obtaining module 540 is configured to obtain, by the data auditing center, information to be audited from the client according to the auditing scheme, and send the information to be audited and the data sharing request to a data storage terminal, where the information to be audited includes: at least one verifiable credential corresponding to the digital identity, a signature generated using a private key of a first public-private key pair of the client, and a signature generated using a private key of a second public-private key pair of the data auditing center;
a second verification module 550, configured to verify, by using the first public-private key pair public key and the second public-private key pair public key, a signature generated by using the first public-private key pair private key and a signature generated by using the second public-private key pair private key in the information to be verified;
And the authorization module 560 is used for responding to the signature generated by the private key in the first public-private key pair and the signature generated by the private key in the second public-private key pair through verification, and the data storage terminal authorizes the shared data to the data sharing terminal and the client.
In an alternative embodiment, the second obtaining module 540 includes:
the first sending submodule is used for sending an audit data acquisition request to the client by the data audit center, wherein the audit data acquisition request comprises: credential information of the verifiable credential specified in the auditing scheme;
the first acquisition sub-module is used for the client to acquire the verifiable certificate conforming to the certificate information from the verifiable certificates corresponding to the digital identity according to the certificate information;
the first signature sub-module is used for signing the verifiable certificate by the client side through the private key in the first public-private key pair to obtain initial information to be checked, and sending the initial information to be checked to the data checking center;
and the second signature sub-module is used for signing the initial information to be checked by the data checking center through the private key in the second public-private key pair to obtain the information to be checked.
In an alternative embodiment, the apparatus further comprises:
the first verification module is used for verifying the signature of the initial information to be verified by the public key in the data verification center by using the first public-private key;
the third checking module is used for responding to the signature of the initial information to be checked to pass the verification, and the data checking center checks the verifiable certificates in the initial information to be checked to determine whether the verifiable certificates in the initial information to be checked accord with the regulation of the verifiable certificates in the checking scheme;
the first signature module is used for responding to the verifiable certificate in the initial information to be checked to meet the rule of the verifiable certificate in the checking scheme, and the data checking center signs the initial information to be checked by using the second public and private key to obtain the information to be checked.
In an alternative embodiment, the apparatus further comprises:
the second signature module is used for the data storage terminal to carry out signature processing on the shared data authorized to the data sharing terminal and the client by utilizing a third public and private key pair private key of the data storage terminal to obtain signature shared data;
And the sending module is used for sending the signature sharing data to the data sharing terminal and the client by the data storage terminal.
In an alternative embodiment, the apparatus further comprises:
the fourth auditing module is used for determining whether the digital identity mark exists in a preset mark blacklist or not by the data storage terminal;
the authorization module 560 is further configured to, in response to the digital identity identifier not existing in the preset identifier blacklist, verify, by using the first public-private key pair public key and the second public-private key pair public key, a signature generated by using the first public-private key pair private key and a signature generated by using the second public-private key pair private key in the information to be verified, respectively.
In addition, the embodiment of the disclosure also provides an electronic device, which comprises:
a memory for storing a computer program;
and a processor, configured to execute the computer program stored in the memory, and when the computer program is executed, implement the blockchain-based data sharing method according to any of the foregoing embodiments of the disclosure.
Fig. 7 is a schematic structural diagram of an application embodiment of the electronic device of the present disclosure. Next, an electronic device according to an embodiment of the present disclosure is described with reference to fig. 7. The electronic device may be either or both of the first device and the second device, or a stand-alone device independent thereof, which may communicate with the first device and the second device to receive the acquired input signals therefrom.
As shown in fig. 7, the electronic device includes one or more processors and memory.
The processor may be a Central Processing Unit (CPU) or other form of processing unit having data processing and/or instruction execution capabilities, and may control other components in the electronic device to perform the desired functions.
The memory may include one or more computer program products that may include various forms of computer-readable storage media, such as volatile memory and/or non-volatile memory. The volatile memory may include, for example, random Access Memory (RAM) and/or cache memory (cache), and the like. The non-volatile memory may include, for example, read Only Memory (ROM), hard disk, flash memory, and the like. One or more computer program instructions may be stored on the computer readable storage medium that can be executed by a processor to implement the blockchain-based data sharing method and/or other desired functions of the various embodiments of the disclosure described above.
In one example, the electronic device may further include: input devices and output devices, which are interconnected by a bus system and/or other forms of connection mechanisms (not shown).
In addition, the input device may include, for example, a keyboard, a mouse, and the like.
The output device may output various information including the determined distance information, direction information, etc., to the outside. The output devices may include, for example, a display, speakers, a printer, and a communication network and remote output devices connected thereto, etc.
Of course, only some of the components of the electronic device relevant to the present disclosure are shown in fig. 7 for simplicity, components such as buses, input/output interfaces, and the like being omitted. In addition, the electronic device may include any other suitable components depending on the particular application.
In addition to the methods and apparatus described above, embodiments of the present disclosure may also be a computer program product comprising computer program instructions which, when executed by a processor, cause the processor to perform the steps in a blockchain-based data sharing method according to various embodiments of the present disclosure described in the above section of the specification.
The computer program product may write program code for performing the operations of embodiments of the present disclosure in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server.
Furthermore, embodiments of the present disclosure may also be a computer-readable storage medium having stored thereon computer program instructions which, when executed by a processor, cause the processor to perform the steps in a blockchain-based data sharing method according to various embodiments of the present disclosure described in the above section of the present disclosure.
The computer readable storage medium may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium may include, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
Those of ordinary skill in the art will appreciate that: all or part of the steps for implementing the above method embodiments may be implemented by hardware associated with program instructions, where the foregoing program may be stored in a computer readable storage medium, and when executed, the program performs steps including the above method embodiments; and the aforementioned storage medium includes: various media that can store program code, such as ROM, RAM, magnetic or optical disks.
The basic principles of the present disclosure have been described above in connection with specific embodiments, however, it should be noted that the advantages, benefits, effects, etc. mentioned in the present disclosure are merely examples and not limiting, and these advantages, benefits, effects, etc. are not to be considered as necessarily possessed by the various embodiments of the present disclosure. Furthermore, the specific details disclosed herein are for purposes of illustration and understanding only, and are not intended to be limiting, since the disclosure is not necessarily limited to practice with the specific details described.
In this specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different manner from other embodiments, so that the same or similar parts between the embodiments are mutually referred to. For system embodiments, the description is relatively simple as it essentially corresponds to method embodiments, and reference should be made to the description of method embodiments for relevant points.
The block diagrams of the devices, apparatuses, devices, systems referred to in this disclosure are merely illustrative examples and are not intended to require or imply that the connections, arrangements, configurations must be made in the manner shown in the block diagrams. As will be appreciated by one of skill in the art, the devices, apparatuses, devices, systems may be connected, arranged, configured in any manner. Words such as "including," "comprising," "having," and the like are words of openness and mean "including but not limited to," and are used interchangeably therewith. The terms "or" and "as used herein refer to and are used interchangeably with the term" and/or "unless the context clearly indicates otherwise. The term "such as" as used herein refers to, and is used interchangeably with, the phrase "such as, but not limited to.
The methods and apparatus of the present disclosure may be implemented in a number of ways. For example, the methods and apparatus of the present disclosure may be implemented by software, hardware, firmware, or any combination of software, hardware, firmware. The above-described sequence of steps for the method is for illustration only, and the steps of the method of the present disclosure are not limited to the sequence specifically described above unless specifically stated otherwise. Furthermore, in some embodiments, the present disclosure may also be implemented as programs recorded in a recording medium, the programs including machine-readable instructions for implementing the methods according to the present disclosure. Thus, the present disclosure also covers a recording medium storing a program for executing the method according to the present disclosure.
It is also noted that in the apparatus, devices and methods of the present disclosure, components or steps may be disassembled and/or assembled. Such decomposition and/or recombination should be considered equivalent to the present disclosure.
The previous description of the disclosed aspects is provided to enable any person skilled in the art to make or use the present disclosure. Various modifications to these aspects will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other aspects without departing from the scope of the disclosure. Thus, the present disclosure is not intended to be limited to the aspects shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
The foregoing description has been presented for purposes of illustration and description. Furthermore, this description is not intended to limit the embodiments of the disclosure to the form disclosed herein. Although a number of example aspects and embodiments have been discussed above, a person of ordinary skill in the art will recognize certain variations, modifications, alterations, additions, and subcombinations thereof.

Claims (10)

1. A blockchain-based data sharing method, comprising:
responding to a data auditing center receiving a data sharing request sent by a client, wherein the data auditing center is arranged on a block chain, and the data sharing request comprises: the client comprises a shared data identifier, a data sharing terminal identifier and a digital identity identifier of the client, wherein the shared data identifier is used for identifying shared data, the data sharing terminal identifier is used for identifying a data sharing terminal, and the digital identity identifier is used for identifying the client;
the data auditing center determines whether the data sharing terminal identifier and the digital identity identifier have a corresponding relationship according to the corresponding relationship between a preset identity identifier and the data sharing terminal identifier;
responding to the corresponding relation between the data sharing terminal identification and the digital identity identification, and determining an auditing scheme corresponding to the data sharing request by the data auditing center according to the sharing data identification;
The data auditing center acquires information to be audited from the client according to the auditing scheme, and sends the information to be audited and the data sharing request to a data storage terminal, wherein the information to be audited comprises: at least one verifiable credential corresponding to the digital identity, a signature generated using a private key of a first public-private key pair of the client, and a signature generated using a private key of a second public-private key pair of the data auditing center;
the data storage terminal verifies the signature generated by the first public-private key pair private key and the signature generated by the second public-private key pair private key in the information to be verified by using the first public-private key pair public key and the second public-private key pair public key respectively;
in response to the signature generated with the private key of the first public-private key pair and the signature generated with the private key of the second public-private key pair being verified, the data storage terminal authorizes the shared data to the data sharing terminal and the client.
2. The method of claim 1, wherein the data auditing center obtaining information to be audited from the client according to the auditing scheme, comprising:
The data auditing center sends an auditing data acquisition request to the client, wherein the auditing data acquisition request comprises: credential information of the verifiable credential specified in the auditing scheme;
the client acquires a verifiable credential conforming to the credential information from the verifiable credential corresponding to the digital identity according to the credential information;
the client signs the verifiable certificate by using the first public-private key pair private key to obtain initial to-be-checked information, and sends the initial to-be-checked information to the data checking center;
and the data auditing center signs the initial information to be audited by using the second public and private key pair private key to obtain the information to be audited.
3. The method as recited in claim 2, further comprising:
the data auditing center verifies the signature of the initial information to be audited by using the public key in the first public-private key pair;
responding to the signature of the initial information to be verified, and verifying the verifiable certificate in the initial information to be verified by the data verification center, so as to determine whether the verifiable certificate in the initial information to be verified accords with the provision of the verifiable certificate in the verification scheme;
And responding to the verifiable credentials in the initial information to be checked to meet the regulations of the verifiable credentials in the checking scheme, and signing the initial information to be checked by the data checking center by using the second public and private key pair private key to obtain the information to be checked.
4. A method according to any one of claims 1-3, further comprising:
the data storage terminal uses a third public-private key pair private key of the data storage terminal to sign the shared data authorized to the data sharing terminal and the client to obtain signed shared data;
and the data storage terminal transmits the signature sharing data to the data sharing terminal and the client.
5. A method according to any one of claims 1-3, further comprising:
the data storage terminal determines whether the digital identity mark exists in a preset mark blacklist or not;
and in response to the digital identity identifier not existing in the preset identifier blacklist, the data storage terminal verifies the signature generated by the first public-private key pair private key and the signature generated by the second public-private key pair private key in the information to be checked by using the first public-private key pair public key and the second public-private key pair public key respectively.
6. A blockchain-based data sharing apparatus, comprising:
the first receiving module is used for responding to a data sharing request sent by a data auditing center receiving a client, wherein the data auditing center is arranged on a block chain, and the data sharing request comprises: the client comprises a shared data identifier, a data sharing terminal identifier and a digital identity identifier of the client, wherein the shared data identifier is used for identifying shared data, the data sharing terminal identifier is used for identifying a data sharing terminal, and the digital identity identifier is used for identifying the client;
the first auditing module is used for determining whether the data sharing terminal identifier and the digital identity identifier have a corresponding relation according to the corresponding relation between the preset identity identifier and the data sharing terminal identifier by the data auditing center;
the first acquisition module is used for responding that the data sharing terminal identification has a corresponding relation with the digital identity identification, and the data auditing center determines an auditing scheme corresponding to the data sharing request according to the sharing data identification;
the second obtaining module is configured to obtain, by the data auditing center, information to be audited from the client according to the auditing scheme, and send the information to be audited and the data sharing request to a data storage terminal, where the information to be audited includes: at least one verifiable credential corresponding to the digital identity, a signature generated using a private key of a first public-private key pair of the client, and a signature generated using a private key of a second public-private key pair of the data auditing center;
The second checking module is used for verifying the signature generated by the first public-private key centering private key and the signature generated by the second public-private key centering private key in the information to be checked by the data storage terminal by using the first public-private key centering public key and the second public-private key centering public key respectively;
and the authorization module is used for responding to the signature generated by the private key in the first public-private key pair and the signature generated by the private key in the second public-private key pair to pass verification, and the data storage terminal authorizes the shared data to the data sharing terminal and the client.
7. The apparatus of claim 6, wherein the second acquisition module comprises:
the first sending submodule is used for sending an audit data acquisition request to the client by the data audit center, wherein the audit data acquisition request comprises: credential information of the verifiable credential specified in the auditing scheme;
the first acquisition sub-module is used for the client to acquire the verifiable certificate conforming to the certificate information from the verifiable certificates corresponding to the digital identity according to the certificate information;
The first signature sub-module is used for signing the verifiable certificate by the client side through the private key in the first public-private key pair to obtain initial information to be checked, and sending the initial information to be checked to the data checking center;
and the second signature sub-module is used for signing the initial information to be checked by the data checking center through the private key in the second public-private key pair to obtain the information to be checked.
8. The apparatus as recited in claim 7, further comprising:
the first verification module is used for verifying the signature of the initial information to be verified by the public key in the data verification center by using the first public-private key;
the third checking module is used for responding to the signature of the initial information to be checked to pass the verification, and the data checking center checks the verifiable certificates in the initial information to be checked to determine whether the verifiable certificates in the initial information to be checked accord with the regulation of the verifiable certificates in the checking scheme;
the first signature module is used for responding to the verifiable certificate in the initial information to be checked to meet the rule of the verifiable certificate in the checking scheme, and the data checking center signs the initial information to be checked by using the second public and private key to obtain the information to be checked.
9. An electronic device, comprising:
a memory for storing a computer program;
a processor for executing a computer program stored in the memory and which, when executed, implements the blockchain-based data sharing method of any of the preceding claims 1-5.
10. A computer readable storage medium having stored thereon a computer program, which when executed by a processor, implements the blockchain-based data sharing method of any of the preceding claims 1-5.
CN202310251239.5A 2023-03-15 2023-03-15 Block chain-based data sharing method and device, electronic equipment and storage medium Active CN115964733B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310251239.5A CN115964733B (en) 2023-03-15 2023-03-15 Block chain-based data sharing method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310251239.5A CN115964733B (en) 2023-03-15 2023-03-15 Block chain-based data sharing method and device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN115964733A CN115964733A (en) 2023-04-14
CN115964733B true CN115964733B (en) 2023-05-12

Family

ID=85901535

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310251239.5A Active CN115964733B (en) 2023-03-15 2023-03-15 Block chain-based data sharing method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115964733B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110493220A (en) * 2019-08-16 2019-11-22 腾讯科技(深圳)有限公司 A kind of data sharing method based on block chain, equipment and storage medium
CN110602206A (en) * 2019-09-12 2019-12-20 腾讯科技(深圳)有限公司 Data sharing method and device based on block chain and storage medium
CN111800252A (en) * 2020-07-22 2020-10-20 深圳壹账通智能科技有限公司 Information auditing method and device based on block chain and computer equipment
CN112261112A (en) * 2020-10-16 2021-01-22 华人运通(上海)云计算科技有限公司 Information sharing method, device and system, electronic equipment and storage medium
EP3883204A1 (en) * 2020-03-20 2021-09-22 Certsign S.A. System and method for secure generation, exchange and management of a user identity data using a blockchain
CN115459928A (en) * 2022-09-06 2022-12-09 中国建设银行股份有限公司 Data sharing method, device, equipment and medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110493220A (en) * 2019-08-16 2019-11-22 腾讯科技(深圳)有限公司 A kind of data sharing method based on block chain, equipment and storage medium
CN110602206A (en) * 2019-09-12 2019-12-20 腾讯科技(深圳)有限公司 Data sharing method and device based on block chain and storage medium
EP3883204A1 (en) * 2020-03-20 2021-09-22 Certsign S.A. System and method for secure generation, exchange and management of a user identity data using a blockchain
CN111800252A (en) * 2020-07-22 2020-10-20 深圳壹账通智能科技有限公司 Information auditing method and device based on block chain and computer equipment
CN112261112A (en) * 2020-10-16 2021-01-22 华人运通(上海)云计算科技有限公司 Information sharing method, device and system, electronic equipment and storage medium
CN115459928A (en) * 2022-09-06 2022-12-09 中国建设银行股份有限公司 Data sharing method, device, equipment and medium

Also Published As

Publication number Publication date
CN115964733A (en) 2023-04-14

Similar Documents

Publication Publication Date Title
CN110046996B (en) Data processing method and device
CN108551437B (en) Method and apparatus for authenticating information
CN108769010B (en) Method and device for node invited registration
CN115361233B (en) Block chain-based electronic document signing method, device, equipment and medium
CN115460019B (en) Method, apparatus, device and medium for providing digital identity-based target application
CN112165382B (en) Software authorization method and device, authorization server side and terminal equipment
CN110189184B (en) Electronic invoice storage method and device
CN116458117A (en) Secure digital signatures
CN113743921A (en) Digital asset processing method, device, equipment and storage medium
CN112182522A (en) Access control method and device
CN116132071B (en) Identity authentication method and device for identification analysis node based on blockchain
CN115982247B (en) Block chain-based account information query method and device, equipment and medium
CN113704734A (en) Distributed digital identity-based method for realizing certificate verification and related device
CN113328854A (en) Service processing method and system based on block chain
Kim et al. Can we create a cross-domain federated identity for the industrial Internet of Things without Google?
CN112052434A (en) Electronic file verification method and device, electronic equipment and readable storage medium
CN115514578B (en) Block chain based data authorization method and device, electronic equipment and storage medium
CN115964733B (en) Block chain-based data sharing method and device, electronic equipment and storage medium
CN115345760B (en) Multi-party signing method and device based on block chain, electronic equipment and storage medium
CN116405319B (en) Block chain-based carbon financial credential sharing method, device, equipment and medium
CN115664861B (en) Identity information verification method and device based on block chain, equipment and medium
CN116896440B (en) Block chain-based declaration data verification method and device, equipment and medium
CN116055225B (en) Power data access method, device and system based on block chain
CN114448729B (en) Identity authentication method and device for client in industrial internet
CN116090020B (en) Block chain-based information storage method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant