CN116346822A - Data sharing method, device and storage medium - Google Patents
Data sharing method, device and storage medium Download PDFInfo
- Publication number
- CN116346822A CN116346822A CN202310290286.0A CN202310290286A CN116346822A CN 116346822 A CN116346822 A CN 116346822A CN 202310290286 A CN202310290286 A CN 202310290286A CN 116346822 A CN116346822 A CN 116346822A
- Authority
- CN
- China
- Prior art keywords
- data
- shared
- key
- provider
- identifier
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
Abstract
The invention discloses a data sharing method, equipment and a storage medium, wherein the method is applied to a data provider and comprises the following steps: generating a data sharing request and sending the data sharing request to a data provider, so that the data provider determines a data identifier of data to be shared according to the data sharing request, determines an encryption key according to the data identifier, and sends the encryption key and the data identifier to a blockchain system; the method comprises the steps that decrypted data to be shared fed back by a data provider is received, the data to be shared is obtained by the data provider after the encrypted data to be shared is decrypted according to a first key fed back by a blockchain system, the data safety problem and the data safety and credible sharing problem are solved, the data provider only stores an encryption key, the encryption key is decrypted by the blockchain system, the decryption of the data to be shared is achieved, the data safety is effectively improved, and the data is prevented from being illegally used; and the encryption of the data is realized based on the block chain system, so that the data is effectively prevented from being tampered, and the data security is ensured.
Description
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a data sharing method, device, and storage medium.
Background
With research and development of internet technology, the internet has enabled people/machines to conveniently network and share information. The information sharing can realize full utilization of information and save time of repeated information processing, for example, the device A can obtain the data X in a data processing mode, the device B needs to use the data X in the working process, and the device A can share the data X for the device B to use after determining the data X and does not need the device B to process to obtain the data X, so that the time for reprocessing the data X can be saved. However, with the development of internet technology, information security problems such as information intrusion and tampering become more serious, and parties cannot trust each other, so that the difficulty of data sharing is increased. Therefore, how to secure data and realize secure sharing becomes a problem to be solved.
Disclosure of Invention
The invention provides a data sharing method, equipment and a storage medium, which are used for solving the problem of data security and credible sharing.
According to an aspect of the present invention, there is provided a data sharing method applied to a data provider, including:
receiving a data sharing request sent by a data receiver, and determining a data identifier of data to be shared according to the data sharing request;
Determining an encryption key according to the data identifier, and sending the encryption key and the data identifier to a blockchain system so that the blockchain system can decrypt the encryption key based on the data identifier;
receiving a first key fed back by the block chain system, and acquiring encrypted data to be shared;
decrypting the encrypted data to be shared according to the first key, and sending the obtained data to be shared to the data receiver.
According to another aspect of the present invention, there is provided a data sharing method applied to a data receiving party, including:
generating a data sharing request and sending the data sharing request to a data provider, so that the data provider determines a data identifier of data to be shared according to the data sharing request, determines an encryption key according to the data identifier, and sends the encryption key and the data identifier to a blockchain system;
and receiving decrypted data to be shared fed back by the data provider, wherein the data to be shared is obtained by decrypting the encrypted data to be shared by the data provider according to a first key fed back by the blockchain system.
According to another aspect of the present invention, there is provided a data sharing method applied to a blockchain system, including:
Receiving an encryption key and a data identifier sent by a data provider;
determining a first private key according to the data identifier;
and decrypting the encryption key according to the first private key, determining a first key and feeding back to the data provider.
According to another aspect of the present invention, there is provided an electronic apparatus including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein, the liquid crystal display device comprises a liquid crystal display device,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the data sharing method according to any one of the embodiments of the present invention.
According to another aspect of the present invention, there is provided a computer readable storage medium storing computer instructions for causing a processor to execute a data sharing method according to any embodiment of the present invention.
According to the technical scheme, the data identification of the data to be shared is determined according to the data sharing request by receiving the data sharing request sent by the data receiving party; determining an encryption key according to the data identifier, and sending the encryption key and the data identifier to a blockchain system so that the blockchain system can decrypt the encryption key based on the data identifier; receiving a first key fed back by the block chain system, and acquiring encrypted data to be shared; the encrypted data to be shared is decrypted according to the first key, the obtained data to be shared is sent to the data receiving party, the data safety problem and the data safety and credibility sharing problem are solved, when the data is shared, the encryption key of the data to be shared is determined through the data identification, the encryption key and the data identification are sent to the blockchain system, the blockchain system decrypts the encryption key based on the data identification, the first key is determined, the data to be shared is decrypted through the first key, and the decrypted data to be shared is shared to the data receiving party. The data provider only stores the encryption key, the encryption key is decrypted by the blockchain system, then the decryption of the data to be shared can be realized, the data security is effectively improved, the data cannot be leaked even if the data provider is invaded, and the data cannot be illegally used; the data encryption is realized based on the block chain system, and due to the non-tamperability of the block chain, the data can be effectively prevented from being tampered, and the data security is ensured.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the invention or to delineate the scope of the invention. Other features of the present invention will become apparent from the description that follows.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a data sharing method according to a first embodiment of the present invention;
FIG. 2 is a flow chart of a data sharing method according to a second embodiment of the present invention;
FIG. 3 is a flow chart of a data sharing method according to a third embodiment of the present invention;
fig. 4 is a schematic diagram of an architecture for implementing data sharing by an agent according to a third embodiment of the present invention;
FIG. 5 is a flow chart of a data sharing method according to a fourth embodiment of the present invention;
FIG. 6 is a flow chart of a data sharing method according to a fifth embodiment of the present invention;
FIG. 7 is a diagram showing an example of the implementation of data sharing according to the fifth embodiment of the present invention;
fig. 8 is a schematic structural diagram of an electronic device implementing a data sharing method according to an embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
Fig. 1 is a flowchart of a data sharing method according to an embodiment of the present invention, where the method is applicable to a case of securely and reliably sharing data, and the method is applicable to a data provider, and may be performed by a data sharing device, where the data sharing device may be implemented in a form of hardware and/or software, and the data sharing device may be configured in an electronic device. As shown in fig. 1, the method includes:
s101, receiving a data sharing request sent by a data receiver, and determining a data identification of data to be shared according to the data sharing request.
In this embodiment, the data receiving party may be specifically understood as a party that receives data shared by other devices, where the data receiving party may be an electronic device such as a vehicle, a server, a computer, a computing node, or the like; the data provider may be understood as the party providing the data and the data receiver may equally be an electronic device such as a vehicle, a server, a computer, a computing node, etc. In intelligent networking, the data receiver and the data provider can be intelligent agents such as intelligent networking vehicles, intelligent edge computing nodes and the like. The same device can be used as a data provider for providing data to be shared, and can be used as a data receiver for receiving data. A data sharing request is specifically understood as a communication request that requests a data provider to provide data for data sharing, where the data sharing request may carry different types of data, for example, may carry an identifier, a name, a type, etc. of the required data. The data to be shared can be specifically understood as the data provided by the data provider and shared to the data receiver, and the data to be shared can be data, an AI model and the like; the data identification may be understood as identification information uniquely identifying the data to be shared.
Specifically, when the data receiving party requests other devices to share data, a data sharing request is generated, when the data receiving party generates the data sharing request, the data receiving party directly carries a data identifier of the data to be shared or carries information associated with the data identifier of the data to be shared, and the data receiving party sends the generated data sharing request to the data provider. After the data receiving party receives the data sharing request, the data sharing request is analyzed, and the data identification of the data to be shared is determined.
S102, determining an encryption key according to the data identifier, and sending the encryption key and the data identifier to the blockchain system so that the blockchain system can decrypt the encryption key based on the data identifier.
In this embodiment, the encryption key may be understood as a key encrypted by an encryption algorithm; the blockchain system may be a distributed blockchain system.
Specifically, the data to be shared is encrypted in advance, a key used for encryption is encrypted to obtain an encryption key, and the data identifier of the data to be shared and the encryption key are stored in an associated mode. After the data identification is determined, the encryption key corresponding to the data identification is determined according to the association relation between the data identification and the encryption key, the encryption key and the data identification are sent to the blockchain system, and the blockchain system can decrypt the encryption key according to the data identification.
S103, receiving a first key fed back by the block chain system, and acquiring encrypted data to be shared.
In this embodiment, the first key may be specifically understood as a key for encrypting and decrypting the data to be shared. The block chain system decrypts the encryption key to obtain a first key, and feeds the first key back to the data provider. The data provider receives the first key and obtains data to be shared from the corresponding storage space to be shared to the data receiver. The data to be shared can be stored in a file storage system, and the file storage system can be a distributed file storage system for storing data provided by a plurality of data providers; or may be the data provider's own file storage system. The data to be shared obtained in the step is encrypted data to be shared, namely, when the data provider stores the data to be shared in a corresponding storage space, the data is stored after being encrypted, and the data security is ensured.
S104, decrypting the encrypted data to be shared according to the first key, and sending the obtained data to be shared to a data receiver.
The encryption and decryption algorithm can be predetermined in the embodiment, after the first key is determined, the data to be shared can be directly decrypted through the decryption algorithm to obtain decrypted data to be shared, and the decrypted data to be shared is sent to a data receiver to complete data sharing.
The embodiment of the invention provides a data sharing method, which solves the problems of data safety and credibility sharing, and when data sharing is carried out, an encryption key of data to be shared is determined through a data identifier, the encryption key and the data identifier are sent to a blockchain system, the blockchain system decrypts the encryption key based on the data identifier, determines a first key, decrypts the encrypted data to be shared through the first key, and the decrypted data to be shared is shared to a data receiver. The data provider only stores the encryption key, the encryption key is decrypted by the blockchain system, then the decryption of the data to be shared can be realized, the data security is effectively improved, the data cannot be leaked even if the data provider is invaded, and the data cannot be illegally used; the data encryption is realized based on the block chain system, and due to the non-tamperability of the block chain, the data can be effectively prevented from being tampered, and the data security is ensured.
Example two
Fig. 2 is a flowchart of a data sharing method according to a second embodiment of the present invention, where the data sharing method is refined based on the foregoing embodiment. As shown in fig. 2, the method includes:
S201, obtaining data to be shared, and generating a first secret key.
The data to be shared in this step is unencrypted data, and the data to be shared may be stored in a storage space local to the data provider, in a database, or the like. The data provider can immediately encrypt and upload the data to be shared after determining the data to be shared, or can encrypt and upload the data after meeting uploading conditions, wherein the uploading conditions can be time requirements, quantity requirements and the like, for example, the time requirements can be uploading after a period of time, and the quantity requirements can be the data quantity waiting to be uploaded reaches a certain value. If the uploading condition is met, the data is encrypted and uploaded, and then the data can be temporarily stored in a memory space or a database after the data is determined. When uploading data to be shared, the data to be shared is obtained, a first key is randomly generated, and the first key can be generated in a preset algorithm, function and other modes. The first key in the embodiment of the application is not dropped, i.e. is not stored permanently.
S202, encrypting the data to be shared according to the first key, and storing the encrypted data to be shared.
The encryption algorithm is determined in advance, the data to be shared is encrypted according to the encryption algorithm and the first key, the encrypted data to be shared is obtained, and the encrypted data to be shared is stored in a predetermined storage space. In the embodiment of the application, the encrypted data to be shared can be uploaded to a file storage system for storage, and the file storage bear can select a distributed file storage system or be a file storage system of a data provider.
As an alternative to this embodiment, this alternative further optimization includes deleting the first key.
After encrypting the data to be shared, the first key is deleted. The embodiment of the application can delete the first key immediately after encrypting the data to be shared; the first key may be deleted when a deletion condition is satisfied after encryption is completed, and the deletion condition may be a time condition, for example, the first key may be deleted after 10 minutes of completion of encryption, or the first key may be cleared after the data provider automatically clears the memory, or the like.
As an optional embodiment of the present embodiment, the further optimization of the present optional embodiment further includes: generating a first registration request and sending the first registration request to a blockchain system, wherein the first registration request comprises a first identity identifier of a data provider; a first public key fed back by the blockchain system is received.
In this embodiment, the first registration request may be specifically understood as a communication request that the data requester registers with the blockchain before sharing data; the first identity may be understood in particular as identifying information uniquely identifying the data provider.
The data provider first registers on the blockchain system before data sharing, and determines its own first identity, for example, the first identity may be a serial number when leaving a factory, may be a mailbox, etc. The first registration request is generated according to the first identity, the first identity can be directly written into a predefined field to form the first registration request, and the first registration request is sent to the blockchain system. The first registration request in the embodiment of the present application may further include other types of data, and may be set according to actual requirements. The blockchain system feeds back the first public key to the data provider after receiving the first registration request, and the data provider receives the first public key.
In the embodiment of the application, the data provider and the data receiver can register, and only one time of registration is needed, and the registration is performed first when the intelligent network is added, and then the data sharing is performed. After registration, the data to be shared can be provided as a data provider or received as a data receiver.
S203, determining shared data information of the data to be shared and sending the shared data information to a block chain system for storage.
In this embodiment, the shared data information may be specifically understood as information of data to be shared, where the shared data information includes: the method comprises the steps of a first identity identification of a data provider, a data identification of data to be shared, a hash value of the data to be shared and a time stamp. The hash value of the data to be shared can be obtained by carrying out hash calculation on the data to be shared through a hash algorithm; and recording the time of uploading the encrypted data to be shared to the file storage system through the time stamp.
After the encryption key is determined, shared data information of the data to be shared is generated by the encryption key. The information type included in the shared data information can be predefined, corresponding information is sequentially obtained according to the information type and written into corresponding fields to form the shared data information, the shared data information is sent to the blockchain system and is stored by the blockchain system, so that the trusted record of data uploading is realized, and the non-tamper property of the information is ensured.
The first secret key is encrypted, so that the safety of data can be ensured, the reliability of the data is improved, and compared with the process of encrypting the shared data through the public key, the process of encrypting the shared data through the first secret key is faster, and the data processing speed can be effectively improved.
S204, the receiving block chain system stores the shared data information and then generates and feeds back the block chain data identification information.
In this embodiment, the blockchain data identification information may be specifically understood as information that the blockchain system uniquely identifies the piece of information on the blockchain after storing the shared data information.
Specifically, the blockchain system stores the shared data information after receiving the shared data information, and generates blockchain data identification information to uniquely identify the stored shared data information. The blockchain system in the embodiment of the application can also generate a related record after storing the shared data information, write the shared data information into the record, and store the blockchain data identification information in the record.
S205, encrypting the first key according to a predetermined first public key to obtain an encryption key.
After the registration is completed, the data receiver may determine the first public key accordingly. After the first key is generated, the first key is encrypted through the first public key and a predetermined encryption algorithm, and an encryption key is obtained.
S206, forming a data information list according to the encryption key, the data identification of the data to be shared, the hash value of the data to be shared, the blockchain data identification information, the data storage address and the hash algorithm.
In this embodiment, the data information list may be specifically understood as a list storing information of data to be shared, and the data information list may store information of a plurality of data to be shared. After the uploading of the data to be shared is completed, the encryption key corresponding to the data to be shared, the data identification of the data to be shared, the hash value of the data to be shared, the block chain data identification information, the data storage address and the hash algorithm are taken as one piece of information and stored in a data information list. When there are a plurality of pieces of information in the data information list, the sorting may be performed according to a rule of stored time, data identification, or the like. The hash value of the data to be shared can be obtained by carrying out hash operation on the data to be shared through a hash algorithm. The data storage address is the storage address of the encrypted data to be shared in the file storage system.
S207, receiving a data sharing request sent by a data receiver, and verifying whether the data receiver has sharing rights.
And receiving a data sharing request sent by the data receiver, verifying the sharing authority of the data receiver, and determining whether the data receiver has the authority by inquiring the authorized access list. The data receiver may pay through the blockchain or pre-provision whether the data receiver can receive the data to be shared provided by the data provider. The equipment with the sharing authority is determined and stored in an authorized access list, after a data sharing request sent by a data receiver is received, the authorized access list can be directly queried, and if the data receiver exists in the authorized access list, the data receiver is determined to have the sharing authority; otherwise, there is no sharing right.
S208, if the data receiver has the sharing authority, determining the data identification of the data to be shared according to the data sharing request.
And under the condition that the data receiver has the sharing authority, determining the data identification of the data to be shared according to the data sharing request. In the case where the data receiver does not have the sharing authority, the data sharing is not required.
S209, inquiring the data information list according to the data identification, and determining an encryption key.
After determining the data identity, the data information list is queried, and an encryption key matched with the data identity is determined.
S210, the encryption key and the data identifier are sent to the blockchain system, so that the blockchain system decrypts the encryption key based on the data identifier.
S211, receiving a first key fed back by the block chain system, and acquiring encrypted data to be shared.
The method for obtaining the encrypted data to be shared can be that a data information list is queried according to the data identification, a data storage address is determined, and the encrypted data to be shared is obtained from a file storage system according to the data storage address.
S212, decrypting the encrypted data to be shared according to the first key.
S213, carrying out hash operation on the decrypted data to be shared according to a hash algorithm, and determining a hash value to be verified.
In this embodiment, the hash value to be verified may be specifically understood as a hash value with verification requirements, which is a hash value of decrypted data to be shared. And carrying out hash operation on the decrypted data to be shared according to a hash algorithm corresponding to the piece of data to be shared stored in the data information list, wherein the obtained hash value is the hash value to be verified. Different data to be shared can be subjected to hash operation by adopting different hash algorithms. And if the data to be shared is file data, carrying out hash operation on the whole file by a hash algorithm to obtain a hash value to be verified.
And S214, if the hash value of the data to be shared is the same as the hash value to be verified, determining that the data to be shared is not tampered.
And acquiring a hash value of the data to be shared from the data information list, comparing whether the hash value is the same as the hash value to be verified, and if so, determining that the data to be shared is not tampered. According to the method and the device, whether the data are tampered or not is judged by verifying the hash value of the data to be shared, so that the consistency of the data is ensured, and potential damage caused by sending encrypted data to a data receiver after malicious tampering is avoided.
S215, the decrypted data to be shared is sent to a data receiver.
And under the condition that the data to be shared is not tampered, sending the decrypted data to be shared to a data receiver.
If the hash value of the data to be shared is different from the hash value to be verified, the data to be shared can be determined to be tampered, and the sharing of the data to be shared is stopped.
S216, generating a data transmission log, and transmitting the data transmission log to the blockchain system for storage.
In this embodiment, the data transmission log can be understood as a log in which data transmission information is recorded. After the data to be shared is sent, the information of the data to be shared is recorded, a data sending log is generated, and the data sending log is sent to a block chain system for uplink storage.
Wherein the data transmission log includes: the method comprises the steps of a first log identifier, a data sending module identifier, a first action, a data identifier, a first action result, a data receiver, a data provider, a first log creation time and a first remark.
In this embodiment, the first log identifier may be understood as information that uniquely identifies the piece of data transmission log. The data transmission module identifier may be understood as an identifier of a functional module that implements data transmission in a data provider, where the data provider may include different functional modules, implementing different functions, such as a data encryption module, a data decryption download module, a data transmission module, and so on. The first action may be specifically understood as an action performed by the data provider, for example, when the data provider transmits data, the corresponding first action is transmission; the first action result is a result of action execution, e.g., transmission success, transmission failure. The data provider in the data transmission log may be a first identity of the data provider and the data receiver may be an identity of the data receiver. The first log creation time may be understood as the creation time of the data transmission log. The first remark can be understood as a remark of the data transmission log, and the remark can be performed manually to record important information.
The embodiment of the invention provides a data sharing method, which solves the problems of data security and credible sharing, a data provider registers in a blockchain system, the blockchain system generates a first public key for the data provider and sends the first public key to the data provider, the data provider encrypts data to be shared through the first secret key, encrypts the first secret key according to the first public key and only stores the encryption secret key, and deletes the first secret key to avoid secret key leakage. The encryption key is decrypted by the block chain system, so that the decryption of the data to be shared can be realized, the data security is effectively improved, the data cannot be leaked even if the data provider is invaded, and the data cannot be illegally used; the data encryption is realized based on the block chain system, and due to the non-tamperability of the block chain, the data can be effectively prevented from being tampered, and the data security is ensured. The shared data information is sent to the blockchain system for uplink storage, so that the trusted record of data uploading can be realized; the related information of data transmission is recorded through the data transmission log and is transmitted to the block chain system for uplink storage, so that tracing can be realized when an accident occurs, and the safety and the reliability of data sharing are ensured. The data sharing method provided by the embodiment of the application can be flexibly shared in the authorized range without being stolen.
Example III
Fig. 3 is a flowchart of a data sharing method provided in a third embodiment of the present invention, where the method is applicable to a situation of securely and reliably sharing data, and the method is applied to a data receiving party, and may be performed by a data sharing device, where the data sharing device may be implemented in a form of hardware and/or software, and the data sharing device may be configured in an electronic device. As shown in fig. 3, the method includes:
and S301, generating a data sharing request and sending the data sharing request to a data provider, so that the data provider determines a data identifier of data to be shared according to the data sharing request, determines an encryption key according to the data identifier, and sends the encryption key and the data identifier to the blockchain system.
When data is required to be acquired from other equipment, determining the data to be shared, further determining the data identification of the data to be shared, generating a data sharing request according to the data identification of the data to be shared and a predetermined format of the data sharing request, and sending the data sharing request to a data provider. The data identifier of the data to be shared in the embodiment of the application can be directly written into the data sharing request, and the data provider can determine the data identifier of the data to be shared according to the data sharing request, further determine the encryption key according to the data identifier, and send the encryption key and the data identifier to the blockchain system.
S302, receiving data to be shared fed back by a data provider, and decrypting the encrypted data to be shared by the data provider according to a first key fed back by a block chain system.
After receiving the data sharing request, the data provider determines decrypted data to be shared and feeds the decrypted data to the data receiver, and the data receiver receives the data to be shared fed back by the data provider. After the data provider sends the encryption key and the data identifier to the blockchain system, the blockchain system decrypts the encryption key according to the data identifier, determines a first key and feeds back the first key to the data provider, the data provider obtains encrypted data to be shared, decrypts the encrypted data to be shared according to the first key, and obtains the data to be shared and feeds back the data to the data receiver.
The embodiment of the invention provides a data sharing method, which solves the problems of data safety and credible sharing, when data sharing is carried out, a data sharing request is sent to a data provider, the data provider determines a data identifier of data to be shared according to the data sharing request, further determines an encryption key, sends the data identifier and the encryption key to a block chain system, receives a first key fed back by the block chain system, decrypts the encrypted data to be shared through the first key, feeds back the decrypted data to be shared to a data receiver, only stores the encryption key, can realize decryption of the data to be shared after decrypting the encryption key by the block chain system, effectively improves the data safety, and ensures that the data is not illegally used even if the data provider is invaded; the data encryption is realized based on the block chain system, and due to the non-tamperability of the block chain, the data can be effectively prevented from being tampered, and the data security is ensured.
As an optional embodiment of the present embodiment, the further optimization of the present optional embodiment further includes: generating a data receiving log, and sending the data receiving log to a blockchain system for storage;
wherein the data reception log includes: the second log identification, the data receiving module identification, the second action, the data identification, the second action result, the data receiver, the data provider, the second log creation time and the second remark.
In this embodiment, the data receiving log may be specifically understood as a log of related information of recording data reception by the data receiving party; the second log identification may be understood as information uniquely identifying the piece of data reception log. The data receiving module identifier may be understood as an identifier of a functional module that implements data receiving in a data receiving party, where the data receiving party may include different functional modules, and in this embodiment of the present application, the same device may be used as a data provider and may be used as a data receiving party, so for one device, generally, both include each functional module required by the data provider and each functional module required by the data receiving party, which may be understood as that each device includes the same functional module, and when it is used as a data provider, the corresponding functional module works, and when it is used as a data receiving party, the corresponding functional module works. The second action may be specifically understood as an action performed by the data receiver, for example, when the data receiver receives data, the corresponding second action is receiving; the second action result is the result of action execution, e.g., reception success, reception failure. The data receiver in the data reception log may be the identity of the data receiver and the data provider may be the first identity of the data provider. The second log creation time may be understood as the creation time of the data reception log. The second remark may be understood as a remark of the data reception log, and the remark may be performed manually, recording important information.
As an optional embodiment of the present embodiment, the further optimization of the present optional embodiment further includes: generating a second registration request and sending the second registration request to the blockchain system, wherein the second registration request comprises a second identity of the data receiver; a second public key fed back by the blockchain system is received.
In this embodiment, the second registration request may be specifically understood as a communication request for the data receiver to perform identity registration before performing data sharing. The second identity may be understood in particular as identification information uniquely identifying the recipient of the data. The second public key may be understood as the public key of the data receiver, which encrypts the key when it is the data provider.
The data receiver first registers on the blockchain system before data sharing, and determines its own second identity, for example, the second identity may be a serial number when leaving the factory. And generating a second registration request according to the second identity, wherein the second identity can be directly written into a predefined field to form the second registration request, and the second registration request is sent to the blockchain system. The second registration request in the embodiment of the present application may further include other types of data, and may be set according to actual requirements. The blockchain system feeds back the second public key to the data receiver after receiving the second registration request, and the data receiver receives the second public key.
It should be noted that, since the same device only needs to perform registration once, the data receiver and the data provider in the embodiment of the present application can determine whether the data receiver and the data provider are registered first, and if the data receiver and the data provider are not registered, the data receiver and the data provider can perform registration. If a device registers first when joining the intelligent network, it can register as a data provider or as a data receiver.
The data receiver in the embodiment records the relevant information of the data reception through the data reception log, sends the relevant information to the block chain for uplink storage, performs safe and reliable recording on the data reception, and can realize safe and reliable tracing.
Fig. 4 provides an architectural diagram of an agent implementing data sharing, where the agent may act as both a data provider and a data receiver. Taking the data to be shared as an AI model as an example, the agent 41 includes the following modules: the AI model receiving module 411, the AI model sending module 412, the agent management module 413, the AI model encryption uploading module 414, the AI model decryption downloading module 415, run in dependence upon the data information list 416 and the authorized access list 417.
1) AI model receiving module 411: interact with the AI model send modules of other agents, securely acquire their shared AI models from other agents, and log data receipt into the blockchain system 42.
2) AI model send module 412: the AI model is sent securely to other agents and the data send log is logged into the blockchain system 42.
3) Agent management module 413: the management current agent registers/de-registers with the blockchain system 42, and public/private key management.
4) AI model encryption upload module 414: the AI model is uploaded to the file storage system 43 for saving. The AI model may be an AI model generated by the self-training of the agent, or an AI model received from another agent, or a new AI model generated by fusing the self-AI model with the AI model shared by another agent, or the like.
5) AI model decryption download module 415: the method comprises the steps of verifying the authorization of a downloading party, preparing the downloading of an AI model, downloading the AI model and verifying related functions; wherein, the download person authorizes and checks: based on the authorized access list 417, it is verified whether the agent requesting acquisition of the AI model is authorized; AI model download preparation: acquiring a first key for an authorized agent to decrypt the encrypted AI model; AI model download and validation: acquiring an encrypted file of the AI model from the file storage system 43, decrypting the encrypted file based on the first key, and verifying whether the decrypted AI model is tampered or not based on a file Hash value (i.e., a Hash value of data to be shared) of the AI model in the data information list 416; the verification AI model is provided to AI model send module 412 after it has not been tampered with.
Example IV
Fig. 5 is a flowchart of a data sharing method provided in a fourth embodiment of the present invention, where the method is applicable to a situation of securely and reliably sharing data, and the method is applied to a blockchain system, and may be performed by a data sharing device, where the data sharing device may be implemented in a form of hardware and/or software, and the data sharing device may be configured in an electronic device. As shown in fig. 5, the method includes:
s501, receiving an encryption key and a data identifier sent by a data provider.
After receiving the data sharing request sent by the data receiver, the data provider determines the data identifier, determines the encryption key according to the data identifier, and sends the encryption key and the data identifier to the blockchain system. The blockchain system receives the encryption key and the data identification to decrypt the encryption key.
S502, determining a first private key according to the data identification.
In this embodiment, the first private key and the first public key are a pair of keys, the first public key is used for encryption, and the first private key is used for decryption. The blockchain system can directly or indirectly establish the corresponding relation between the data identifier and the first private key in advance, and can determine the first private key corresponding to the data identifier by searching the corresponding relation after receiving the data identifier sent by the data provider.
S503, decrypting the encryption key according to the first private key, determining the first key and feeding back to the data provider.
The encryption key is decrypted through the first private key, and a decryption algorithm can be preset. And obtaining the first key through decryption, and feeding the first key back to the data provider.
The embodiment of the invention provides a data sharing method, which solves the problems of data security and trust sharing, and when data sharing is carried out, a data provider stores an encryption key, and a blockchain system stores a first private key for decryption. The data provider sends the data identification and the encryption key to the blockchain system, the blockchain system determines a first private key based on the data identification, decrypts the encryption key through the first private key to obtain the first key, and feeds the first key back to the data provider so that the data provider decrypts the encrypted data to be shared. The data provider only needs to store the encryption key, the blockchain system stores a first private key used for decryption, and decrypts the encryption key through the first private key, so that the decryption of the data to be shared is realized, the data security is effectively improved, and the encryption key used for encrypting the data to be shared is encrypted, so that the data cannot be revealed even if the data provider is invaded, and the data cannot be illegally used; the data encryption is realized based on the block chain system, and due to the non-tamperability of the block chain, the data can be effectively prevented from being tampered, and the data security is ensured.
Example five
Fig. 6 is a flowchart of a data sharing method according to a fifth embodiment of the present invention, where the fourth embodiment is a refinement of the fifth embodiment. As shown in fig. 6, the method includes:
s601, receiving a first registration request sent by a data provider, wherein the first registration request comprises a first identity identifier of the data provider.
S602, a first public key and a first private key are generated.
After receiving a first registration request sent by a data provider, the blockchain system generates a pair of keys according to a preset algorithm or function, namely a first public key and a first private key, wherein the first public key is used for encryption, and the first private key is used for decryption.
And S603, feeding back the first public key to the data provider, and carrying out association storage on the first private key and the first identity of the data provider.
The blockchain system sends the first public key to the data provider so that the data provider encrypts the first key according to the first public key. The blockchain system associates and stores the first private key with a first identity of the data provider so as to decrypt the encryption key sent by the data provider through the first private key.
S604, receiving shared data information of the data to be shared, which is sent by the data provider.
S605, the shared data information is stored, and the blockchain data identification information is generated and fed back to the data provider.
Wherein the shared data information includes: the method comprises the steps of a first identity identification of a data provider, a data identification of data to be shared, a hash value of the data to be shared and a time stamp.
When the data provider uploads the data to be shared to the file storage system, shared data information is generated and sent to the blockchain system. After receiving the shared data information, the blockchain system stores the shared data information, and generates blockchain data identification information to uniquely identify the piece of shared data information on the blockchain system. The shared data information and the blockchain data identification information may be stored as a record.
S606, receiving the encryption key and the data identification sent by the data provider.
S607, determining a first identity of the data provider according to the data identity.
The blockchain system stores a first identity of the data provider and a data identity of the data to be shared when the data provider transmits the shared data information. Therefore, after receiving the data identification, the shared data information is queried, and the first identity identification corresponding to the data identification is determined.
S608, determining a first private key of the data provider according to the first identity.
The blockchain system stores the first identity identifier and the corresponding first private key of the data provider when the data provider is registered, so that after the first identity identifier is determined, the corresponding relation between the identity identifier and the private key is queried, and the first private key corresponding to the first identity identifier, namely the first private key of the data provider, is determined.
S609, decrypting the encryption key according to the first private key, determining the first key and feeding back to the data provider.
As an optional embodiment of the present embodiment, the further optimization of the present optional embodiment further includes:
a1, receiving a second registration request sent by a data receiver, wherein the second registration request comprises a second identity of the data receiver;
a2, generating a second public key and a second private key;
a3, feeding back the second public key to the data receiver, and carrying out association storage on the second private key and the second identity of the data receiver.
In this embodiment, the data receiver also needs to register before requesting the data provider to provide the data to be shared. The registration principle of the data receiver and the data provider is the same. For the same device, it may be registered as a data receiver or as a data provider. After registration is completed, the data to be shared may be received, or the data to be shared may be provided. After the device is registered as a data receiving party, if the device needs to share the data, the device directly encrypts the data through the second public key.
As an optional embodiment of the present embodiment, the further optimization of the present optional embodiment further includes: receiving a data receiving log provided by a data receiving party and storing the data receiving log;
wherein the data reception log includes: the second log identification, the data receiving module identification, the second action, the data identification, the second action result, the data receiving party, the data sending party, the second log creation time and the second remark.
And the block chain system receives the data receiving log fed back by the data receiving party and performs uplink storage on the data receiving log. When a fault occurs, tracing can be performed.
The embodiment of the invention provides a data sharing method, which solves the problems of data safety and credible sharing, wherein a data provider and a data receiver register in a blockchain system before data sharing, the blockchain system generates a corresponding public key for the data provider and stores a corresponding private key, the blockchain system decrypts the private key after the data provider encrypts the public key, the secret key cannot be revealed, and the safety and reliability of the secret key are ensured. The encryption key is decrypted by the block chain system, so that the decryption of the data to be shared can be realized, the data security is effectively improved, the data cannot be leaked even if the data provider is invaded, and the data cannot be illegally used; the data encryption is realized based on the block chain system, and due to the non-tamperability of the block chain, the data can be effectively prevented from being tampered, and the data security is ensured. The block chain system can realize the trusted record of data uploading by storing shared data information; the block chain system is used for storing the data sending log and the data receiving log, so that the source tracing can be realized when an accident occurs, and the safety and the credibility of data sharing are ensured. The data sharing method provided by the embodiment of the application can be flexibly shared in the authorized range without being stolen.
For example, fig. 7 provides an exemplary diagram for implementing data sharing, which illustrates a process of data sharing, taking two agents as examples, one agent as a data receiving party, one agent as a data providing party, and taking data to be shared as examples of AI model files; in fig. 7, the AI model receiving module 71 of the data receiving party is taken as an example, and the agent management module 72, the AI model encryption uploading module 73, the AI model decryption downloading module 74 and the AI model transmitting module 75 of the data provider are taken as examples; the distributed blockchain 81 is exemplified by a blockchain system.
1. The agent management module 72 sends a first registration request to the distributed blockchain 81 for registration, and the distributed blockchain 81 feeds back the first public key to the agent management module 72.
2. The AI model encryption upload module 73 encrypts the AI model file with the randomly generated first Key and sends the encrypted AI model file to the file storage system 82 for storage.
3. The AI-model-encryption-uploading module 73 generates shared data information of the AI model file, the shared data information including: the method comprises the steps of a first identity identification of a data provider, a data identification FileID of an AI model file, a hash value FileHash of the AI model file and a timestamp FileTimestamp. The distributed blockchain 81 generates and feeds back blockchain data identification information after receiving the shared data information.
The distributed blockchain 81 may carry the data identification of the AI model file when feeding back blockchain data identification information blockchain fileinfo to the AI model encryption upload module 73 so that the AI model encryption upload module 73 determines which AI model file the blockchain data identification information identifies.
4. Encrypting the Key to obtain an encryption Key Key ', and forming a data information list according to the Key', a data identification FileID of data to be shared, a Hash value FileHash of the data to be shared, blockchain data identification information BlockChainFileInfo, a data storage address and a Hash Hash algorithm.
5. The AI model decryption download module 74 performs sharing rights verification on the data recipient by querying the authorized access list.
6. After verification is passed, the data identifier FileID and the encryption Key 'are sent to the distributed blockchain 81, the distributed blockchain 81 queries and determines a first identity identifier through the data identifier FileID, determines a first private Key according to the first identity identifier, decrypts the encryption Key' according to the first private Key, obtains the first Key and feeds back to the AI model decryption download module 74.
In this step, the distributed blockchain 81 may feed back the first identity identifier and the data identifier FileID at the same time when feeding back the first Key.
7. The AI model decryption download module 74 downloads the encrypted AI model file from the file storage system 82 for decryption based on the first Key.
The first Key Key in the step does not fall off, and after the requirement is met, the Key is deleted, so that the data security is ensured.
8. The AI model decryption download module 74 calculates a file hash value (i.e., a hash value to be verified) for the decrypted AI model file, compares the file hash value with the hash values FileHash in the data information list, and determines that the decrypted AI model file has not been tampered with if it is consistent.
9. The AI model transmission module 75 transmits the AI model file to the AI model reception module 71 of the data receiver.
10. AI model send module 75 generates and uploads a data send log to distributed blockchain 81; the distributed blockchain 81 stores the data transmission log, generates a corresponding blockchain log file identifier blockchanloginfo to identify the record, and feeds the blockchanloginfo back to the AI model transmission module 75.
11. The AI model receiving module 71 of the data receiving party receives the AI model file, generates a data receiving log, and stores the data receiving log in the distributed blockchain 81 for uplink storage.
Example six
Fig. 8 shows a schematic diagram of an electronic device 90 that may be used to implement an embodiment of the invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. Electronic equipment may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 8, the electronic device 90 includes at least one processor 91, and a memory communicatively connected to the at least one processor 91, such as a Read Only Memory (ROM) 92, a Random Access Memory (RAM) 93, etc., in which the memory stores a computer program executable by the at least one processor, and the processor 91 may perform various suitable actions and processes according to the computer program stored in the Read Only Memory (ROM) 92 or the computer program loaded from the storage unit 98 into the Random Access Memory (RAM) 93. In the RAM 93, various programs and data required for the operation of the electronic device 90 can also be stored. The processor 91, ROM 92 and RAM 93 are connected to each other by a bus 94. An input/output (I/O) interface 95 is also connected to bus 94.
Various components in electronic device 90 are connected to I/O interface 95, including: an input unit 96 such as a keyboard, a mouse, etc.; an output unit 97 such as various types of displays, speakers, and the like; a storage unit 98 such as a magnetic disk, an optical disk, or the like; and a communication unit 99 such as a network card, modem, wireless communication transceiver, etc. The communication unit 99 allows the electronic device 90 to exchange information/data with other devices via a computer network, such as the internet, and/or various telecommunications networks.
The processor 91 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 91 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, digital Signal Processors (DSPs), and any suitable processor, controller, microcontroller, etc. The processor 91 performs the various methods and processes described above, such as a data sharing method.
In some embodiments, the data sharing method may be implemented as a computer program tangibly embodied on a computer-readable storage medium, such as the storage unit 98. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 90 via the ROM 92 and/or the communication unit 99. When the computer program is loaded into RAM 93 and executed by processor 91, one or more steps of the data sharing method described above may be performed. Alternatively, in other embodiments, the processor 91 may be configured to perform the data sharing method in any other suitable way (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
A computer program for carrying out methods of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be implemented. The computer program may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. The computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) through which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service are overcome.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps described in the present invention may be performed in parallel, sequentially, or in a different order, so long as the desired results of the technical solution of the present invention are achieved, and the present invention is not limited herein.
The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.
Claims (21)
1. A data sharing method, applied to a data provider, comprising:
receiving a data sharing request sent by a data receiver, and determining a data identifier of data to be shared according to the data sharing request;
determining an encryption key according to the data identifier, and sending the encryption key and the data identifier to a blockchain system so that the blockchain system can decrypt the encryption key based on the data identifier;
Receiving a first key fed back by the block chain system, and acquiring encrypted data to be shared;
decrypting the encrypted data to be shared according to the first key, and sending the obtained data to be shared to the data receiver.
2. The method of claim 1, further comprising, prior to receiving the data sharing request sent by the data receiver:
acquiring data to be shared and generating a first secret key;
encrypting the data to be shared according to the first key, and storing the encrypted data to be shared.
3. The method as recited in claim 2, further comprising:
deleting the first key.
4. The method as recited in claim 2, further comprising:
determining shared data information of the data to be shared and sending the shared data information to the block chain system for storage;
receiving the block chain data identification information generated and fed back after the block chain system stores the shared data information;
wherein the shared data information includes: the method comprises the steps of a first identity identification of a data provider, a data identification of data to be shared, a hash value of the data to be shared and a time stamp.
5. The method as recited in claim 4, further comprising:
encrypting the first key according to a predetermined first public key to obtain an encryption key;
forming a data information list according to the encryption key, the data identification of the data to be shared, the hash value of the data to be shared, the block chain data identification information, the data storage address and the hash algorithm;
correspondingly, the determining the encryption key according to the data identifier comprises the following steps:
and inquiring the data information list according to the data identifier, and determining an encryption key.
6. The method as recited in claim 1, further comprising:
generating a first registration request and sending the first registration request to the blockchain system, wherein the first registration request comprises a first identity identifier of a data provider;
a first public key of the blockchain system feedback is received.
7. The method of claim 1, further comprising, prior to said determining a data identification of data to be shared in accordance with said data sharing request:
and verifying whether the data receiver has the sharing authority.
8. The method of claim 5, further comprising, after decrypting the encrypted data to be shared according to the first key:
Carrying out hash operation on the decrypted data to be shared according to the hash algorithm, and determining a hash value to be verified;
and if the hash value of the data to be shared is the same as the hash value to be verified, determining that the data to be shared is not tampered.
9. The method according to any one of claims 1-8, further comprising:
generating a data transmission log, and transmitting the data transmission log to the block chain system for storage;
wherein the data transmission log includes: the method comprises the steps of a first log identifier, a data sending module identifier, a first action, a data identifier, a first action result, a data receiver, a data provider, a first log creation time and a first remark.
10. A data sharing method, applied to a data receiving party, comprising:
generating a data sharing request and sending the data sharing request to a data provider, so that the data provider determines a data identifier of data to be shared according to the data sharing request, determines an encryption key according to the data identifier, and sends the encryption key and the data identifier to a blockchain system;
and receiving decrypted data to be shared fed back by the data provider, wherein the data to be shared is obtained by decrypting the encrypted data to be shared by the data provider according to a first key fed back by the blockchain system.
11. The method as recited in claim 10, further comprising:
generating a data receiving log, and sending the data receiving log to the block chain system for storage;
wherein the data reception log includes: the second log identification, the data receiving module identification, the second action, the data identification, the second action result, the data receiver, the data provider, the second log creation time and the second remark.
12. The method as recited in claim 10, further comprising:
generating a second registration request and sending the second registration request to the blockchain system, wherein the second registration request comprises a second identity of a data receiver;
a second public key fed back by the blockchain system is received.
13. A method for sharing data, applied to a blockchain system, comprising:
receiving an encryption key and a data identifier sent by a data provider;
determining a first private key according to the data identifier;
and decrypting the encryption key according to the first private key, determining a first key and feeding back to the data provider.
14. The method of claim 13, wherein prior to receiving the encryption key and the data identification sent by the data provider, further comprising:
Receiving a first registration request sent by the data provider, wherein the first registration request comprises a first identity identifier of the data provider;
generating a first public key and a first private key;
and feeding back the first public key to the data provider, and carrying out association storage on the first private key and a first identity of the data provider.
15. The method as recited in claim 14, further comprising:
receiving shared data information of data to be shared, which is sent by the data provider;
saving the shared data information, generating and feeding back blockchain data identification information to the data provider;
wherein the shared data information includes: the method comprises the steps of a first identity identification of a data provider, a data identification of data to be shared, a hash value of the data to be shared and a time stamp.
16. The method of claim 15, wherein said determining a first private key from said data identification comprises:
determining a first identity of a data provider according to the data identity;
and determining a first private key of the data provider according to the first identity.
17. The method according to any one of claims 13-16, further comprising:
Receiving a data transmission log provided by the data provider, and storing the data transmission log;
wherein the data transmission log includes: the method comprises the steps of a first log identifier, a data sending module identifier, a first action, a data identifier, a first action result, a data receiver, a data sender, a first log creation time and a first remark.
18. The method as recited in claim 13, further comprising:
receiving a second registration request sent by a data receiver, wherein the second registration request comprises a second identity of the data receiver;
generating a second public key and a second private key;
and feeding back the second public key to the data receiver, and carrying out association storage on the second private key and a second identity of the data receiver.
19. The method as recited in claim 13, further comprising:
receiving a data receiving log provided by the data receiver and storing the data receiving log;
wherein the data reception log includes: the second log identification, the data receiving module identification, the second action, the data identification, the second action result, the data receiving party, the data sending party, the second log creation time and the second remark.
20. An electronic device, the electronic device comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein, the liquid crystal display device comprises a liquid crystal display device,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the data sharing method of any one of claims 1-19.
21. A computer readable storage medium storing computer instructions for causing a processor to perform the data sharing method of any one of claims 1-19.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310290286.0A CN116346822A (en) | 2023-03-23 | 2023-03-23 | Data sharing method, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310290286.0A CN116346822A (en) | 2023-03-23 | 2023-03-23 | Data sharing method, device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116346822A true CN116346822A (en) | 2023-06-27 |
Family
ID=86887272
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310290286.0A Pending CN116346822A (en) | 2023-03-23 | 2023-03-23 | Data sharing method, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116346822A (en) |
-
2023
- 2023-03-23 CN CN202310290286.0A patent/CN116346822A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2021003980A1 (en) | Blacklist sharing method and apparatus, computer device and storage medium | |
| CN112637166B (en) | Data transmission method, device, terminal and storage medium | |
| EP3710974B1 (en) | Method and arrangement for detecting digital content tampering | |
| Trenwith et al. | Digital forensic readiness in the cloud | |
| US20170091463A1 (en) | Secure Audit Logging | |
| US10887085B2 (en) | System and method for controlling usage of cryptographic keys | |
| CN109657492B (en) | Database management method, medium, and electronic device | |
| CN110611657A (en) | File stream processing method, device and system based on block chain | |
| CN113849847B (en) | Method, apparatus and medium for encrypting and decrypting sensitive data | |
| CN114024710A (en) | Data transmission method, device, system and equipment | |
| CN112804133B (en) | Encryption group chat method and system based on blockchain technology | |
| US10305693B2 (en) | Anonymous secure socket layer certificate verification in a trusted group | |
| CN114826733B (en) | File transmission method, device, system, equipment, medium and program product | |
| CN112804217B (en) | Block chain technology-based evidence storing method and device | |
| US20150350375A1 (en) | Information Processing Method, Trusted Server, and Cloud Server | |
| CN112733180A (en) | Data query method and device and electronic equipment | |
| US20220029982A1 (en) | Automatically obtaining a signed digital certificate from a trusted certificate authority | |
| CN112966287A (en) | Method, system, device and computer readable medium for acquiring user data | |
| CN109698839B (en) | Desensitization data comparison method and device based on asymmetric algorithm | |
| CN110602075A (en) | File stream processing method, device and system for encryption access control | |
| CN116346822A (en) | Data sharing method, device and storage medium | |
| CN113595962B (en) | Safety control method and device and safety control equipment | |
| CN112565156B (en) | Information registration method, device and system | |
| US10237306B1 (en) | Communicating service encryption key to interceptor for monitoring encrypted communications | |
| CN113297605B (en) | Copy data management method, apparatus, electronic device, and computer readable medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |