WO2017063465A1 - Procédé, dispositif et système de traitement de données d'innovation et de créativité et dispositif de stockage de certificat - Google Patents

Procédé, dispositif et système de traitement de données d'innovation et de créativité et dispositif de stockage de certificat Download PDF

Info

Publication number
WO2017063465A1
WO2017063465A1 PCT/CN2016/098152 CN2016098152W WO2017063465A1 WO 2017063465 A1 WO2017063465 A1 WO 2017063465A1 CN 2016098152 W CN2016098152 W CN 2016098152W WO 2017063465 A1 WO2017063465 A1 WO 2017063465A1
Authority
WO
WIPO (PCT)
Prior art keywords
certificate
data string
data
time
information
Prior art date
Application number
PCT/CN2016/098152
Other languages
English (en)
Chinese (zh)
Inventor
鹿毅忠
Original Assignee
北京源创云网络科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京源创云网络科技有限公司 filed Critical 北京源创云网络科技有限公司
Publication of WO2017063465A1 publication Critical patent/WO2017063465A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • G06F21/645Protecting data integrity, e.g. using checksums, certificates or signatures using a third party

Definitions

  • the invention relates to the technical field of data information storage and processing, and relates to the field of third-party deposit verification of enterprise creative creative data, in particular to an innovative creative data processing method, device, system and depositing device.
  • Electronic data especially for innovative/creative electronic data, such as technical documents, software code, design materials, audio and video works, etc., the concept of invention and creation is generally recorded in electronic form, and the problem is that if these innovations / Creative electronic data can not be stored legally. Once leaked, as the network spreads quickly and has a wide range, it is difficult to prove its original history and original results.
  • the third-party cloud itself may misuse or misuse the user's electronic data to pose a threat to the user, such as the illegal behavior of the merchant to sell the user information in the database to the sales personnel in other industries.
  • users are inevitably worried about storing their own electronic data, especially the innovative/creative electronic data of invention and creation, in the third-party cloud. Many companies are based on this and do not dare to put the core data and technical secrets of the enterprise.
  • the invention provides an innovative creative data processing method, device, system and depositing device, which provides the original time point of the certificate solidification protection for the enterprise creative creative data, so as to effectively ensure the historical and fruitfulness of the innovative creative data;
  • the certificate process can be based on the data string uniquely corresponding to the enterprise's innovative creative data, ensuring the confidentiality of the company's innovative creative data.
  • the invention provides an innovative creative data processing method, comprising:
  • the enterprise client generates a first data string according to the innovation creative data, where the first data string is data information uniquely corresponding to the innovation creative data;
  • the deposit request comprising: the first data string
  • the deposit receipt includes: the deposit time, a trusted time stamp; and the enterprise client
  • the depositing time is that the depositing device sends the first data string to the trusted time issuing device, so that the trusted time signing device is trusted according to the time when the first data string is received.
  • the trusted timestamp is a unique second data string generated by the depositing device based on the first data string and the deposit time; and the depositing device uses the private key pair Two data strings are obtained after digital signature.
  • the enterprise client before the enterprise client generates the first data string according to the innovative creative data, the enterprise client further includes:
  • the technical document comprising: technical document content information, and multiple attribute information;
  • the attribute information includes one or more of the following items: a project ID, a technical document creator, a version number, a customer ID, a R&D department ID, and location information;
  • the preset depositing conditions include: a preset depositing period, an item completion identifier, or a technical document security level.
  • the data processing of the technical document data packet to obtain the innovative creative data includes:
  • the method further includes:
  • the innovative creative data is stored in a local database of the enterprise client.
  • the method further includes:
  • the certificate of deposit includes: a certificate number and a time of depositing a certificate
  • the method further includes:
  • the method further includes:
  • the first verification request further includes: a verification password
  • the method further includes:
  • the receiving the first verification receipt returned by the depositing device after checking according to the first data comprises:
  • the method further includes:
  • the certificate storage device Sending a third verification request to the certificate storage device, where the third verification request includes: the first data string, a trusted timestamp;
  • the receiving, by the checking device, the second verification receipt returned after the checking according to the first data string and the trusted timestamp includes:
  • the sending the deposit request to the depositing device includes:
  • the first CA authentication information includes: identity verification information of the enterprise client, so that the certificate device is according to the first CA Authentication information, verifying the identity of the enterprise client.
  • the receiving enterprise innovation creative technical document includes:
  • Receiving an enterprise innovation creative technical document with a second CA authentication information includes: sending identity verification information of a sender of the enterprise innovation creative technical document and identity of a department to which the sender belongs Verifying information; such that the enterprise client verifies the identity of the sender of the enterprise innovation creative technical document according to the second CA authentication information.
  • the enterprise client before the enterprise client generates the first data string according to the innovative creative data, the enterprise client further includes:
  • the algorithm generator is configured to generate the first data string uniquely corresponding to the innovation creative data according to a preset algorithm.
  • the invention also provides an innovative creative data processing method, comprising:
  • the certificate storage device receives a certificate request sent by the enterprise client, where the certificate request includes: a first data string; the first data string is unique data information generated by the enterprise client based on the innovation creative data;
  • the certificate time of the string is a trusted time issued by the trusted time signing device based on the time when the first data string is received;
  • the certificate receipt includes: a certificate time of the first data string, or a: a certificate time of the first data string and the trusted timestamp.
  • the method further includes:
  • the certificate of deposit includes: a certificate number and a certificate time;
  • the method further includes:
  • the method further includes:
  • the first verification request further includes: a verification password
  • the description information includes: an item ID, a creator, a version number, a customer ID, a R&D department ID, or location information; and after receiving the description information of the innovation creative data sent by the enterprise client, the method further includes: :
  • the method further includes:
  • the returning the first verification receipt according to the verification result comprises:
  • the method further includes:
  • the verification is performed according to the first data string and the trusted timestamp, and the verification result is obtained, and the second verification receipt is returned according to the verification result.
  • the verification is performed according to the first data string and the trusted timestamp, and the verification result is obtained, and the second verification receipt is returned according to the verification result, including:
  • the returning the deposit receipt to the enterprise client includes:
  • the method further includes:
  • the invention also provides an innovative creative data processing device, comprising:
  • a data string generating module configured to generate, according to the innovative creative data, a first data string, where the first data string is data information uniquely corresponding to the innovative creative data;
  • a sending module configured to send a deposit request to the depositing device, where the deposit request includes: the first data string;
  • a first receiving module configured to receive a certificate receipt returned by the certificate storage device; the certificate receipt includes: a certificate time corresponding to the first data string; or the certificate receipt includes: the certificate Time, trusted timestamp;
  • a storage module configured to associate the deposit time with the innovation creative data when the deposit receipt includes the deposit time; or for, when the deposit receipt includes the deposit time And storing the certificate time, the innovation creative data, and the trusted timestamp in association with the trusted timestamp;
  • the depositing time is that the depositing device sends the first data string to the trusted time issuing device, so that the trusted time signing device is trusted according to the time when the first data string is received.
  • the trusted timestamp is a unique second data string generated by the depositing device based on the first data string and the deposit time; and the depositing device uses the private key pair Two data strings are obtained after digital signature.
  • a second receiving module configured to receive an enterprise creative creative technical document;
  • the technical document includes: technical document content information, and multiple attribute information;
  • a categorization module configured to classify the received technical documents according to the at least one attribute information, to form a classified technical document data package
  • a processing module configured to perform data processing on the technical document data packet to obtain the innovative creative data when the technical document data package satisfies an enterprise preset depositing condition.
  • the attribute information includes one or more of the following items: a project ID, a technical document creator, a version number, a customer ID, a R&D department ID, and location information;
  • the preset depositing conditions include: a preset depositing period, an item completion identifier, or a technical document security level.
  • processing module is specifically configured to perform data processing on the technical document data packet according to a preset data format and/or an encryption algorithm to obtain innovative creative data;
  • the storage module is further configured to store the innovative creative data in a local database of the enterprise client.
  • the sending module is further configured to send a certificate issuing request to the certificate issuing device, where the certificate issuing request includes: identifier information of the certificate receipt receipt;
  • the first receiving module is further configured to receive a certificate of deposit of the innovation creative data returned by the depositing device according to the identification information of the certificate receipt;
  • the certificate of deposit includes: a certificate number, a certificate time ;
  • the sending module is further configured to send a first verification request to the certificate storage device, where the first verification request includes: the certificate number, so that the certificate storage device checks whether the storage device has been stored according to the certificate number. a certificate of deposit corresponding to the certificate number;
  • the first receiving module is further configured to receive the certificate of deposit returned by the depositing device after checking according to the certificate number.
  • the sending module is further configured to send the description information of the innovation creative data to the certificate storage device, so that the certificate storage device associates the description information with the first data string;
  • the first verification request sent by the sending module further includes: verifying a password
  • the first receiving module is further configured to receive the description information of the innovative creative data that is sent back by the verification device after being verified by the verification password.
  • the sending module is further configured to send a second verification request to the certificate storage device, where the second verification request includes: the first data string;
  • the first receiving module is further configured to receive a first verification receipt returned by the depositing device after checking according to the first data.
  • the first receiving module is configured to: when the first data string is not stored in the certificate storage device, receive a response message returned by the certificate storage device that does not find the deposit certificate information; When the first data string has been stored in the depositing device, the response message of the verified certificate information returned by the certificate storage device and/or the certificate time information of the first data string is received.
  • the sending module is further configured to send a third verification request to the certificate storage device, where the third verification request includes: the first data string, a trusted timestamp;
  • the first receiving module is further configured to receive a second verification receipt returned by the verification device after checking according to the first data string and the trusted timestamp.
  • the first receiving module is configured to: when the first data string is not stored in the certificate storage device, receive a response message returned by the certificate storage device that does not find the deposit certificate information; The first data string is stored in the storage device, and the certificate storage device generates a unique third data string based on the first data string and the certificate time of the first data string; Decoding the trusted timestamp to obtain a fourth data string; when the third data string and the fourth data string completely match, receiving a response message and/or a location of the verified certificate information returned by the certificate storage device The time of deposit of the first data string is described.
  • the sending module is specifically configured to send, to the certificate storage device, a certificate request with the first CA authentication information, where the first CA authentication information includes: identity verification information of the enterprise client, so that the certificate is saved
  • the device verifies the identity of the enterprise client according to the first CA authentication information.
  • the second receiving module is specifically configured to receive an enterprise innovation creative technical document with second CA authentication information, where the second CA authentication information includes: sending an identity of a sender of the enterprise innovation creative technical document Verification information and identity verification information of the department to which the sender belongs; so that the enterprise client verifies the identity of the sender of the enterprise innovation creative technical document according to the second CA authentication information.
  • the sending module is further configured to send a registration request to the depositing device
  • the first receiving module is further configured to receive an algorithm generator returned by the certificate storage device, where the algorithm generator is configured to generate the first data string that uniquely corresponds to the innovation creative data according to a preset algorithm.
  • the invention also provides an innovative creative data storage device, comprising:
  • a receiving module configured to receive a certificate request sent by the enterprise client, where the certificate request includes: a first data string; the first data string is unique data information generated by the enterprise client based on the innovation creative data;
  • a comparison module configured to compare whether the first data string is already stored in the certificate database
  • a certificate time obtaining module configured to send the first data string to the trusted time signing device when the comparison module finds that the first data string is not stored in the certificate database, And causing the trusted time issuing device to issue a certificate time of the first data string; the certificate time is a credibility issued by the trusted time signing device based on the time when the first data string is received time;
  • a data string generating module configured to generate a unique second data string based on the first data string and the certificate time of the first data string
  • a signature module configured to digitally sign the second data string by using a private key, to obtain a trusted timestamp corresponding to the first data string
  • a storage module configured to store the first data string, the certificate time of the first data string, and the trusted timestamp
  • a sending module configured to return a deposit receipt to the enterprise client
  • the deposit receipt includes: a time of deposit of the first data string,
  • the receiving module is further configured to receive a certificate request sent by the enterprise client, where the certificate request includes: identifier information of the certificate receipt;
  • the sending module is further configured to: return, according to the identifier information of the certificate receipt, a certificate of the certificate of the creative creative data corresponding to the identifier information to the enterprise client; the certificate of deposit includes: a certificate Number, time of deposit;
  • the receiving module is further configured to receive a first verification request sent by the enterprise client, where the first verification request includes: the certificate number;
  • the depositing device further includes:
  • a checking module configured to check, according to the certificate number, whether a certificate of deposit corresponding to the certificate number has been stored
  • the sending module is further configured to: when the checking module detects that the certificate of deposit corresponding to the certificate number has been stored, send the certificate of deposit.
  • the receiving module is further configured to receive description information of the innovation creative data sent by the enterprise client, and associate the description information with the first data string;
  • the first verification request received by the receiving module further includes: verifying a password
  • the sending module is further configured to check whether the verification password is correct according to the verification password, and if yes, feed back, to the enterprise client, description information corresponding to the certificate.
  • the description information includes: an item ID, a creator, a version number, a customer ID, a research and development department ID, or location information;
  • the depositing device further includes:
  • a categorization module configured to classify the received innovation creative data according to at least one of the description information to form an index document of the innovation creative data; so that the enterprise client describes according to any description
  • the information finds the categorization information of the corresponding innovative creative data.
  • the receiving module is further configured to receive a second verification request sent by the enterprise client, where the second verification request includes: the first data string;
  • the checking module is further configured to check, in the certificate database, whether the first data string has been stored
  • the sending module is further configured to return according to the inspection result obtained after the inspection module checks A verification receipt.
  • the sending module is configured to: when the first data string is not stored in the certificate database, return a response message to the enterprise client that does not find the deposit information; When the first data string has been stored in the database, the response message of the certificate storage information and/or the certificate time information of the first data string is returned to the enterprise client.
  • the receiving module is further configured to receive a third verification request that is sent by the enterprise client, where the third verification request includes: the first data string, a trusted timestamp;
  • the checking module is further configured to: when the first data string is stored in the certificate database, perform verification according to the first data string and the trusted timestamp, and obtain a verification result;
  • the sending module is further configured to return a second verification receipt according to the verification result obtained after the verification module is verified.
  • the verification module includes:
  • a searching submodule configured to search for a deposit time corresponding to the first data string
  • a data string generation submodule configured to generate a unique third data string according to the first data string and the certificate time
  • a decryption submodule configured to decrypt the trusted timestamp to obtain a fourth data string
  • the sending module is further configured to: when the third data string generated by the data string generating submodule completely matches the fourth data string obtained by decrypting the decrypting submodule, to the enterprise client Returning the response message for checking the deposit information and/or the deposit time information of the first data string.
  • the sending module is specifically configured to return a certificate receipt with CA authentication information to the enterprise client, to provide the enterprise client with the identity verification information of the certificate device.
  • the receiving module is further configured to receive a registration request sent by the enterprise client;
  • the sending module is further configured to: return an algorithm generator for generating the first data string, so that the enterprise client generates a unique correspondence with the innovation creative data according to a preset algorithm provided by the algorithm generator The first data string.
  • the invention also provides an innovative creative data processing system, comprising: the innovative creative data processing device provided by the invention; and the innovative creative data storage device provided by the invention.
  • system further includes:
  • a trusted time issuing device configured to receive the first data string sent by the innovative creative data storage device, and issue a time of depositing the first data string based on a time when the first data string is received; The certificate time of the first data string is sent to the innovative creative data storage device.
  • the enterprise client generates a first data string corresponding to the unique creative data based on the innovative creative data, and sends the first data string to the depositing device for storage
  • the certificate returns a certificate receipt containing the time of deposit corresponding to the first data string, or a certificate receipt containing the time of deposit and a trusted time stamp; wherein the time of deposit is a certificate
  • the device sends a first data string to the trusted time signing device, and the trusted time signing device sends the trusted time according to the time when the first data string is received; the trusted time stamp is based on the first data string and the storage device
  • the only corresponding second data string generated by the time is obtained by the certificate device by digitally signing the second data string with the private key to prove the authenticity and credibility of the certificate storage device.
  • the credential time of the credential issuance device issued by the trusted time source for time synchronization is issued, which solidifies the time of depositing the innovative creative data of the enterprise; and the process of depositing the innovative creative data is based on the innovation and creative data of the enterprise.
  • the corresponding unique data string is carried out to effectively guarantee the confidentiality of the original content of the enterprise's innovative creative data.
  • the depositing process is realized by a third party who has no interest in the user, and improves the originality verification of the enterprise's innovative creative data. Credibility.
  • FIG. 1 is a flowchart of an innovative creative data processing method according to an exemplary embodiment
  • FIG. 2 is a flow chart showing an innovative creative data processing method according to another exemplary embodiment
  • FIG. 3 is a flowchart of an innovative creative data processing method according to another exemplary embodiment
  • FIG. 4 is a flow diagram of another innovative creative data processing method according to an exemplary embodiment. Cheng Tumine
  • FIG. 5 is a schematic structural diagram of an innovative creative data processing apparatus according to an exemplary embodiment
  • FIG. 6 is a schematic structural diagram of an innovative creative data processing apparatus according to another exemplary embodiment
  • FIG. 7 is a schematic structural diagram of an innovative creative data depositing device according to an exemplary embodiment
  • FIG. 8 is a schematic structural diagram of an innovative creative data depositing device according to another exemplary embodiment.
  • FIG. 9 is a schematic structural diagram of an innovative creative data processing system according to an exemplary embodiment.
  • FIG. 10 is a schematic structural diagram of an innovative creative data processing system according to another exemplary embodiment.
  • FIG. 1 is a flow chart showing an innovative creative data processing method according to an exemplary embodiment.
  • the innovative creative data processing method provided by the embodiment is applicable to a process in which a company performs a certificate storage process on any innovative creative technical document to ensure the confidentiality and originality of the enterprise's innovative creative technology achievements.
  • the innovative creative data processing method provided by this embodiment can be implemented based on an innovative creative data processing system, which includes an enterprise client with innovative creative data processing functions, an innovative creative data depositing device, and a trusted time issuing device, which is the embodiment of the present invention.
  • the method can be executed by the enterprise client, and includes the following steps:
  • Step A101 The enterprise client generates a first data string according to the innovation creative data.
  • the first data string is data information uniquely corresponding to the innovative creative data.
  • the enterprise client may be an electronic device having a processing unit such as a personal computer, a notebook computer, a smart phone, or a tablet computer.
  • a client application which can be bound to the enterprise management software or embedded in each node of the enterprise management software, so that the innovative creative data generated at each node of the enterprise management software can be automatically generated and corresponding to the innovative creative data.
  • the first data string is sent to the certificate storage device for certificate protection; in addition, the enterprise client can also implement interaction with the certificate storage device through the webpage form.
  • innovative creative data can be electronic data in any format, the content can be plain text, pictures, audio and video, web pages, text messages, emails, etc.
  • the innovative creative data can be stored in the enterprise client, and can be used for enterprise clients from other
  • the data obtained in the device can also be generated in real time by the enterprise client, such as the video or photo being taken, the audio being recorded, and the like.
  • Step A102 Send a deposit request to the depositing device.
  • the certificate request includes: a first data string uniquely corresponding to the innovation creative data.
  • the deposit request may include only the first data string uniquely corresponding to the innovative creative data, or may include both the innovative creative data itself and the first data string generated based on the innovative creative data.
  • the technological innovations they produce in the R&D process do not want to be acquired by third parties, but at the same time they hope that their technological innovations can be verified by original parties and original time by trusted third parties.
  • Adopting a method of depositing only the first data string uniquely corresponding to the innovative creative data; the first data string is generated based on the innovative creative data and uniquely corresponding to the innovative creative data, which makes the third-party depositing device unable to Get the specific content of the innovative creative data, but get the first data string that is fully equivalent to the innovative creative data.
  • the generation of the first data string may be generated by the enterprise client installation algorithm generator provided by the depositing device, or may be generated by the enterprise client setting an algorithm module conforming to international standards.
  • the enterprise client can also send the innovative creative data together with the first data string to the depositing device; or only the innovative creative data is sent to the depositing device, and the innovative creative data is processed by the depositing device to generate the first data. string.
  • the process of generating the first data string may be obtained according to a preset hash algorithm, such as a Message Digest Algorithm (MD5) or a Secure Hash Algorithm (SHA).
  • MD5 Message Digest Algorithm
  • SHA Secure Hash Algorithm
  • the certificate storage device can perform integrity verification on the innovation creative data according to the received first data string, and the completion verification process can The received device is received according to a preset hash algorithm.
  • the innovative creative data is processed to obtain a verification value, and the preset hash algorithm is the same as the preset hash algorithm used by the enterprise client to generate the first data string.
  • the integrity of the innovative creative data is verified by the hash value. If the verification value is the same as the first data string, if the verification is successful, the creative creative data is stored in association with the first data string. If the verification is unsuccessful, a retransmission indication message is sent to the enterprise client to prompt to re-upload the innovative creative data.
  • Step A103 Receive a certificate receipt returned by the depositing device.
  • the certificate receipt includes: a certificate time corresponding to the first data string; or the certificate receipt includes: a certificate time and a trusted time stamp.
  • the credential time is that the depositing device sends the first data string to the trusted time issuing device, and the trusted time signing device sends the trusted time information based on the time when the first data string is received; the trusted time stamp is based on the a data string, a unique corresponding second data string generated by the certificate time; and the certificate device obtains the digital data signature by using the private key.
  • the certificate storage device After receiving the first data string sent by the enterprise client, the certificate storage device compares the first data string with the stored data string in the own certificate database, and if the first data string is not stored, The trusted time signing device sends the first data string to enable the trusted time signing device to issue the first data string.
  • the trusted time is synchronized with the trusted time source.
  • the trusted time source may include: a long-wave signal or a satellite signal issued by the timing center for identifying the trusted time; or a trusted time authority may issue Trust time; or, the trusted time provided by the hardware system that meets the requirements of the relevant standards, such as an atomic clock, can ensure that the time synchronized by the trusted time source is credible and auditable, and the implementation form is not in this embodiment. Limited.
  • the credential time is a trusted time that the trusted time signing device issues based on the time when the first data string is received, and the trusted time may include a digital signature of the trusted time signing device to prove the trusted time.
  • the trusted timestamp returned by the certificate storage device to the enterprise client also includes the digital signature information of the certificate storage device, and the specific implementation is to generate a unique corresponding second by using the first data string and the certificate time information.
  • the data string is obtained by digitally signing the second data string with the private key of the certificate device.
  • the digital signature processing process can be implemented by using RSA, ElGamal, Fiat-Shamir, Guillou-Quisquarter, Schnorr, Ong-Schnorr-Shamir digital signature algorithm, Des/DSA, elliptic curve digital signature algorithm, and finite automaton digital signature algorithm.
  • the enterprise client can verify the digital signature of the second data string by using the public key of the certificate device to prove that the trusted timestamp is credible and ensure the authenticity and security of the trusted timestamp in the transmission process.
  • the data is traceable, auditable, and not tampered with.
  • the user can use the innovative creative data of the deposit as electronic evidence.
  • Step A104 The enterprise client associates the deposit time with the innovation creative data; or stores the deposit time, the innovation creative data, and the trusted time stamp.
  • the enterprise client generates a first data string corresponding to the unique data based on the innovation creative data, and sends the first data string to the depositing device for verification, and obtains the certificate device return.
  • the second data string is obtained by the certificate device using the private key to digitally sign the second data string to prove the authenticity and credibility of the certificate storage device.
  • the credential time of the credential issuance device issued by the trusted time source for time synchronization is issued, which solidifies the time of depositing the innovative creative data of the enterprise; and the process of depositing the innovative creative data is based on the innovation and creative data of the enterprise.
  • the corresponding unique data string is carried out to effectively guarantee the confidentiality of the original content of the enterprise's innovative creative data.
  • the depositing process is realized by a third party who has no interest in the user, and improves the originality verification of the enterprise's innovative creative data. Credibility.
  • step A101 before the enterprise client generates the first data string according to the innovation creative data, may further include:
  • the technical documents include: technical document content information, a variety of attribute information.
  • the enterprise innovation creative technical documentation can be based on the documentation generated by the enterprise standard operating procedure SOP architecture.
  • the application is bound to the enterprise SOP architecture management software or embedded in each node of the enterprise SOP architecture management software, so that the enterprise received at each node
  • the innovative creative technical documents are automatically linked with the third-party depository devices through the application interface, so as to timely and effectively protect and protect the innovative creative technical documents generated by the enterprise at any time.
  • A202 Classify the received technical documents according to at least one attribute information to form a classification. After the technical documentation package.
  • the attribute information includes one or more of the following: a project ID, a technical document creator, a version number, a customer ID, a research and development department ID, and a location information.
  • the technical documents of an enterprise are usually classified by project ID.
  • a project can contain multiple technical documents.
  • the documents in different projects can be packaged according to the project ID; the classified technical document data is obtained. package.
  • the project ID may also include the version number of the version developed in different periods; in addition, it may be classified by the client object served by the enterprise, and may also be classified by different R&D personnel, R&D department, R&D site, etc., specific attributes.
  • the information may be limited according to the actual application scenarios and requirements in the enterprise, which is not limited in this application.
  • the technical document data packet is processed by the data to obtain innovative creative data.
  • the preset depositing conditions include: a preset depositing period, a project completion identifier, or a technical document security level.
  • the certificate storage device performs the operation processing of the deposit certificate. For example, for a technical document with a high level of confidentiality, once the management software of the enterprise client receives the technical document of the level, the depositing program is triggered immediately, and the technical document with high security level is protected in an original manner; or when the project is finished, Package the technical documents in the project and then deposit the certificates.
  • the data processing of the technical document data packet to obtain the innovative creative data may include: performing data processing on the technical document data packet according to the preset data format and/or the encryption algorithm.
  • the enterprise client Before forming the innovative creative data to be deposited, the enterprise client can perform data processing on the data format and/or encryption algorithm of the technical document data packets of different formats, and obtain the normative format or the innovation of the specification after processing the standard encryption algorithm.
  • Creative data Since the enterprise usually hopes to keep the innovative creative data inside the enterprise, only the first data string generated based on the innovative creative data is sent to the third-party certificate device for certificate protection, and the innovative creative data and the first data string are unique. Corresponding relationship, if any changes are made to the innovative creative data, the previously generated first data string will no longer correspond to the changed creative creative data. Therefore, the enterprise needs to complete the creative creative data of the deposit.
  • the method further includes: storing the creative creative data in a local database of the enterprise client.
  • FIG. 3 is a flowchart of an innovative creative data processing method according to another exemplary embodiment. As shown in FIG. 3, on the basis of the foregoing embodiment, further, after receiving the certificate receipt returned by the depositing device, the step A103 may further include:
  • Step A301 Send a certificate request to the depositing device.
  • the certificate request includes: identification information of the certificate receipt.
  • the information contained in the deposit receipt is relatively simple, only as a notification to the enterprise client, when the creative creative data has been verified. If the enterprise client needs an electronic or paper certificate, it also needs to send a certificate request to the card-issuing device to obtain a certificate of deposit.
  • Step A302 Receive a certificate of deposit of the innovative creative data returned by the depositing device according to the identification information of the certificate receipt.
  • the certificate of deposit includes: the certificate number and the time of deposit.
  • the certificate of deposit can also record the first data string, the name of the depositing company and the trusted timestamp to prove what enterprise has completed the electronic data storage at what time.
  • the method may further include:
  • Step A303 Send a first verification request to the depositing device. If the certificate card corresponding to the certificate number in the first verification request is stored in the certificate storage device, step A304 is performed; if the certificate card corresponding to the certificate number in the first verification request is not stored in the certificate storage device, the step is performed. A305.
  • the first verification request includes: a certificate number, so that the certificate storage device checks whether the certificate certificate corresponding to the certificate number has been stored according to the certificate number.
  • Step A304 Receive a certificate of deposit returned after the certificate storage device checks according to the certificate number.
  • Step A305 Receive a response message sent by the certificate storage device that does not query the certificate of the certificate corresponding to the certificate number.
  • the enterprise client may further send description information of the innovation creative data to the certificate storage device, so that the certificate storage device stores the description information in association with the first data string.
  • the enterprise client can also add enterprise information and creative ideas.
  • the creator information, equipment information, upload time, location information, research and development department, project profile, research and development members, and other self-description information about the innovative creative data, etc. are sent to the depository device for the first data string and/or innovation Creative data management.
  • the first verification request is sent to the certificate storage device, and the first verification request may further include: verifying the password; and the method further comprises: receiving the innovative creative data fed back by the verification device after the verification password is passed. Description.
  • the sender of the first verification request can obtain richer deposit information associated with the innovative creative data.
  • the first data string may be generated according to the innovation creative data by the enterprise client.
  • the second verification request is sent to the certificate storage device, where the second verification request includes: a first data string; and a first verification receipt returned by the verification device after checking according to the first data string.
  • the receiving the first verification receipt returned by the verification device according to the first data string may further include: if the first data string is not stored in the certificate storage device, receiving the unchecked certificate information returned by the certificate storage device The response message; if the first data string has been stored in the certificate storage device, receiving the response message of the certificate storage information returned by the certificate storage device and/or the certificate time information of the first data string.
  • the method for verifying the creative creative data of the deposited certificate may further generate a third verification request to the certificate storage device after the first data string is generated according to the innovation creative data in step A101, where
  • the third verification request includes: a first data string, a trusted timestamp; if the first data string is stored in the certificate database, the second verification receipt returned by the receiving certificate device after checking according to the first data string and the trusted timestamp .
  • the receiving, by the verification device, the second verification receipt returned after checking according to the first data string and the trusted timestamp may include: if the certificate storage device is based on the first data string, the time of depositing the first data string Generating a unique third data string; and decrypting the fourth data string based on the trusted time stamp; and the third data string and the fourth data string completely match, receiving the response message of the verified information returned by the certificate device And/or the time of deposit of the first data string.
  • the specific implementation process is: after receiving the verification request, the certificate storage device searches whether the same first data string is stored in the certificate database, and if so, finds the curing time of the first data string, and based on the certificate The time and the first data string together generate a unique corresponding third data string; the certificate storage device decrypts the trusted timestamp by using its own private key according to the received trusted timestamp, if The decryption indicates that the timestamp is sent by the certificate storage device, and after decryption, the fourth data string is obtained. If the third and fourth data strings are consistent, the first data string and the trusted timestamp in the third verification request are indicated. Corresponding. If they are inconsistent, the first data string and the trusted timestamp are not corresponding.
  • the digital certificate certification institution such as the CA credible authentication institution, can apply for its own digital certificate to realize the transmission.
  • the digital signature of the information, for the enterprise client that is authenticated by the entity, the foregoing step of sending the deposit request to the depositing device may include: sending a deposit request with the first CA authentication information to the depositing device, wherein,
  • the CA authentication information includes: authentication information of the enterprise client, so that the certificate storage device verifies the identity of the enterprise client according to the first CA authentication information. Indicates the identity of the enterprise client that sent the certificate request, and guarantees that the certificate request has not been tampered with during transmission.
  • the technical document received by the enterprise client from each technical document creator or technical document sender may also be a technical document to which the CA authentication information is attached.
  • the foregoing step of receiving the enterprise innovation creative technical document may include: receiving an enterprise innovation creative technical document with the second CA authentication information, where the second CA authentication information includes: sending the identity of the sender of the enterprise innovation creative technical document Verification information and authentication information of the department to which the sender belongs; so that the enterprise client verifies the identity of the sender of the enterprise innovation creative technical document according to the second CA authentication information.
  • the individual inventors within the enterprise can be authenticated personally.
  • the department to which the sender belongs belongs to the identity authentication, and the inventor's personal authentication information is bound to the department identity authentication information to form the second CA authentication information, and the CA certificate authority may issue the digital certificate as the electronic certification document of the second CA authentication information.
  • the authentication information must be an authoritative electronic document issued by an authoritative and impartial third-party CA certification authority, that is, a digital certificate as the authentication information.
  • the digital certificate can be a hard certificate (media certificate), and can be stored by hardware security media (such as UKEY).
  • the soft certificate can also be a soft certificate stored in the form of an electronic file.
  • the soft certificate does not need a digital certificate medium. To operate on your computer, just download and import to use.
  • the digital certificate contains the personal identification information of the inventor and the entity authentication information of the department to which the inventor belongs. This provides authentication on the Internet, proving your identity and identifying each other's identity.
  • the enterprise client can install an algorithm generator plugin to utilize the plugin to generate The first data string is based on the innovative creative data, wherein the algorithm generator plug-in can be obtained by the following process: the enterprise client sends a registration request to the depositing device before generating the first data string according to the innovative creative data; receiving the depositing device returns An algorithm generator for generating a first data string uniquely corresponding to the innovation creative data according to a preset algorithm.
  • the preset algorithm may be a preset hash algorithm, such as a Message Digest Algorithm (MD5) or a Secure Hash Algorithm (SHA), to obtain a hash value of the innovative creative data. That is, the first data string.
  • MD5 Message Digest Algorithm
  • SHA Secure Hash Algorithm
  • FIG. 4 is a flow chart of another innovative creative data processing method, according to an exemplary embodiment.
  • the innovative creative data processing method provided in this embodiment may be specifically implemented by using an innovative creative data storage device, and may be implemented in conjunction with a method applied to an enterprise client, and the specific implementation process is described with reference to the foregoing embodiment. I will not repeat them here.
  • Step B101 The depositing device receives the deposit request sent by the enterprise client.
  • the certificate request includes: a first data string; the first data string is unique data information generated by the enterprise client based on the innovation creative data.
  • Step B102 Align whether the first data string is stored in the certificate database.
  • Step B103 If the first data string is not stored in the certificate database, send the first data string to the trusted time signing device, so that the trusted time signing device issues the time of depositing the first data string.
  • the certificate time is a trusted time that the trusted time signing device issues based on the time when the first data string is received.
  • Step B104 Generate a unique corresponding second data string based on the first data string and the certificate time of the first data string.
  • Step B105 Digitally sign the second data string by using a private key to obtain a trusted timestamp corresponding to the first data string.
  • Step B106 Store the first data string, the certificate time of the first data string, and the trusted timestamp.
  • Step B107 Returning a deposit receipt to the enterprise client.
  • the certificate receipt includes: a certificate time of the first data string; or: a certificate time and a trusted time stamp of the first data string.
  • the depositing device receives the enterprise client Sending a deposit request containing the first data string, the first data string is unique data information generated by the enterprise client based on the innovation creative data; if the certificate database does not store the first data string, the certificate is issued to the trusted time
  • the device sends the first data string, so that the trusted time signing device issues a trusted certificate time based on the time when the first data string is received; the certificate storage device generates the certificate time based on the first data string and the first data string.
  • the only corresponding second data string; and the second data string is digitally signed by the private key to obtain a trusted time stamp; to prove the authenticity and credibility of the certificate storage device.
  • the method further includes the following steps:
  • the certificate issuing request includes: identification information of the certificate receipt receipt; and returning the certificate of the creative creative data corresponding to the identification information to the enterprise client according to the identification information of the certificate receipt receipt;
  • the certificate includes: certificate number and time of deposit;
  • the certificate storage device can also provide a variety of ways to verify innovative creative data:
  • the first verification method after returning the certificate of the creative creative data corresponding to the identification information to the enterprise client, receives the first verification request sent by the enterprise client, where the first verification request includes: a certificate number; The certificate of deposit corresponding to the certificate number has been stored; if it is stored, the certificate of the certificate is sent.
  • the method may further include the following steps: receiving description information of the innovative creative data sent by the enterprise client, and storing the description information in association with the first data string; correspondingly, the first verification request may further include: verifying the password; The verification process further includes: verifying whether the password is correct according to the verification password, and if correct, feeding back to the enterprise client the description information corresponding to the certificate.
  • the description information may include: a project ID, a creator, a version number, a customer ID, a R&D department ID, or location information.
  • the foregoing step may further include: At least one descriptive information classifies the received innovative creative data to form an index document of innovative creative data; so that the enterprise client searches according to any description information Correspondence information to the corresponding innovative creative data. Therefore, it is convenient for the third-party depository device to classify and manage the creative and creative data of the enterprise client, so that the enterprise can query the stored data.
  • the second verification method is: receiving a second verification request sent by the enterprise client, where the second verification request includes: a first data string; checking whether the first data string has been stored in the certificate database, and returning the first verification receipt according to the verification result . Further, returning the first verification receipt according to the verification result specifically includes: if the first data string is not stored in the certificate database, returning a response message that the certificate information is not found to the enterprise client; if the certificate database has stored the first The data string returns a response message for checking the deposit information and/or the time of deposit of the first data string to the enterprise client.
  • the third verification mode is to receive a third verification request sent by the enterprise client, where the third verification request includes: a first data string and a trusted timestamp; if the first data string is stored in the certificate database, according to the first data string The trusted timestamp is verified, the verification result is obtained, and the second verification receipt is returned according to the verification result.
  • performing verification according to the first data string and the trusted timestamp, obtaining the verification result, and returning the second verification receipt according to the verification result specifically includes: searching for a certificate time corresponding to the first data string, and according to the first data string And generating a unique corresponding third data string with the deposit time; decrypting the trusted time stamp to obtain the fourth data string; if the third data string and the fourth data string completely match, returning the check information to the enterprise client Response message and/or certificate time information of the first data string.
  • the method further includes the following steps:
  • Returning the deposit receipt to the enterprise client specifically: returning the certificate receipt with the CA authentication information to the enterprise client to provide the enterprise client with the authentication information of the certificate device.
  • the method further includes the following steps:
  • FIG. 5 is a schematic structural diagram of an innovative creative data processing apparatus according to an exemplary embodiment. As shown in FIG. 5, the innovative creative data processing apparatus 51 provided in this embodiment can implement various steps of the innovative creative data processing method applied to the enterprise client, and the specific implementation process is not described herein.
  • the innovative creative data processing device 51 provided in this embodiment specifically includes:
  • the data string generating module 11 is configured to generate a first data string according to the innovation creative data, the first number
  • the string is the only data information corresponding to the innovative creative data
  • the sending module 12 is configured to send a deposit request to the depositing device, where the deposit request includes: a first data string;
  • the first receiving module 13 is configured to receive a certificate receipt returned by the certificate storage device; the certificate receipt includes: a certificate time corresponding to the first data string; or the certificate receipt includes: a certificate time and a trusted time stamp;
  • the storage module 14 is configured to store the deposit time with the creative creative data when the deposit receipt includes the deposit time, or for storing the deposit time when the deposit receipt includes the deposit time and the trusted time stamp , innovative creative data, trusted timestamp associated storage;
  • the credential time is a credential time that the credential device sends the first data string to the trusted time signing device, so that the trusted time signing device sends the trusted data according to the time when the first data string is received;
  • the card device is based on the first data string and the unique corresponding second data string generated by the certificate time; and the certificate device obtains the digital data signature by using the private key.
  • FIG. 6 is a schematic structural diagram of an innovative creative data processing apparatus according to another exemplary embodiment. As shown in FIG. 6, on the basis of the foregoing embodiment, the innovative creative data processing apparatus 51 provided in this embodiment may further include:
  • the second receiving module 15 is configured to receive an enterprise creative creative technical document; the technical document includes: technical document content information, and multiple attribute information;
  • the categorization module 16 is configured to classify the received technical documents according to the at least one attribute information to form a classified technical document data package;
  • the processing module 17 is configured to perform data processing on the technical document data packet to obtain innovative creative data when the technical document data package satisfies the enterprise preset depositing condition.
  • the attribute information includes one or more of the following: a project ID, a technical document creator, a version number, a customer ID, a R&D department ID, and a location information; and the preset depositing conditions include: a preset depositing period, and a project completion identifier. , or technical document security level.
  • processing module 17 is specifically configured to perform data processing on the technical document data packet according to a preset data format and/or an encryption algorithm to obtain innovative creative data;
  • the apparatus also includes a storage module 14 for storing innovative creative data in a local database of the enterprise client.
  • the sending module 12 is further configured to send a certificate issuing request to the certificate issuing device, where the certificate issuing request includes: identifier information of the certificate receipt receipt;
  • the first receiving module 13 is further configured to receive a certificate of deposit of the innovative creative data returned by the depositing device according to the identification information of the certificate receipt;
  • the certificate of deposit includes: a certificate number and a time of depositing the certificate;
  • the sending module 12 is further configured to send a first verification request to the certificate storage device, where the first verification request includes: a certificate number, so that the certificate storage device checks, according to the certificate number, whether the certificate of deposit corresponding to the certificate number has been stored;
  • the first receiving module 13 is further configured to receive a certificate of deposit returned by the certificate storage device after checking according to the certificate number.
  • the sending module 12 is further configured to send the description information of the creative creative data to the depositing device, so that the depositing device stores the description information in association with the first data string;
  • the first verification request sent by the sending module 12 further includes: verifying the password
  • the first receiving module 13 is further configured to receive description information of the innovative creative data fed back by the verification device after the verification password is passed.
  • the sending module 12 is further configured to send a second verification request to the certificate storage device, where the second verification request includes: a first data string;
  • the first receiving module 13 is further configured to receive a first verification receipt returned by the verification device after checking according to the first data.
  • the first receiving module 13 is specifically configured to: when the first data string is not stored in the certificate storage device, receive a response message that is not found by the certificate storage device and does not find the deposit information; when the first storage device has stored the first When the data string is received, the response message of the found evidence information returned by the depositing device and/or the certificate time information of the first data string is received.
  • the sending module 12 is further configured to send a third verification request to the certificate storage device, where the third verification request includes: a first data string, a trusted time stamp;
  • the first receiving module 13 is further configured to receive a second verification receipt returned by the verification device after checking according to the first data string and the trusted timestamp.
  • the first receiving module 13 is specifically configured to: when the first data string is not stored in the certificate storage device, receive a response message that is not found by the certificate storage device and does not find the deposit information; when the first storage device has stored the first a data string, and the certificate storage device generates a unique third data string based on the first data string and the certificate time of the first data string; and decrypts the fourth data string based on the trusted time stamp; when the third data string and the third data string When the four data strings are completely matched, the response message of the stored certificate information returned by the depositing device is received. And/or the time of deposit of the first data string.
  • the sending module 12 is specifically configured to send, to the certificate storage device, a certificate request with the first CA authentication information, where the first CA authentication information includes: identity verification information of the enterprise client, so that the certificate device is based on the first CA Authentication information to verify the identity of the enterprise client.
  • the second receiving module 15 is specifically configured to receive an enterprise innovation creative technical document with the second CA authentication information, where the second CA authentication information includes: sending the identity verification information of the sender of the enterprise innovation creative technical document and the sender The authentication information of the belonging department; in order for the enterprise client to verify the identity of the sender of the enterprise innovation creative technical document according to the second CA authentication information.
  • the sending module 12 is further configured to send a registration request to the depositing device
  • the first receiving module 13 is further configured to receive an algorithm generator returned by the certificate storage device, and the algorithm generator is configured to generate a first data string uniquely corresponding to the innovation creative data according to the preset algorithm.
  • FIG. 7 is a schematic structural diagram of an innovative creative data depositing device according to an exemplary embodiment.
  • the innovative creative data storage device 52 provided in this embodiment can implement various steps of the innovative creative data processing method applied to the certificate storage device, and the specific implementation process is not described herein.
  • the innovative creative data storage device 52 provided in this embodiment specifically includes:
  • the receiving module 21 is configured to receive a certificate request sent by the enterprise client, where the certificate request includes: a first data string; the first data string is unique data information generated by the enterprise client based on the innovation creative data;
  • the comparison module 22 is configured to compare whether the first data string has been stored in the certificate database 50; wherein the certificate database 50 may be an integral part of the innovative creative data storage device 52, or may be independent of the A cloud storage database other than the depositing device 52.
  • the certificate time obtaining module 23 is configured to: when the comparison module 22 compares, find that the first data string is not stored in the certificate database 50, send the first data string to the trusted time signing device 53 to make the trusted data string
  • the time issuance device 53 issues a certificate time of the first data string; the certificate time is a trusted time issued by the trusted time signing device based on the time when the first data string is received;
  • the data string generating module 24 is configured to generate a unique second data string based on the first data string and the certificate time of the first data string;
  • the signing module 25 is configured to digitally sign the second data string by using a private key to obtain the first number According to the trusted timestamp corresponding to the string;
  • the storage module 26 is configured to store the first data string, the certificate time of the first data string, and the trusted time stamp in association with each other;
  • the sending module 27 is configured to return a certificate receipt to the enterprise client.
  • the certificate receipt includes: a certificate time of the first data string, or a: a certificate time and a trusted time stamp of the first data string.
  • the innovative creative data storage device receives the certificate request containing the first data string sent by the enterprise client, and the first data string is the unique data information generated by the enterprise client based on the innovation creative data; If the first data string is not stored in the certificate database, the first data string is sent to the trusted time signing device, so that the trusted time signing device issues a trusted time for depositing the certificate based on the time when the first data string is received; The card device generates a unique second data string based on the first data string and the first data string, and digitally signs the second data string with the private key to obtain a trusted timestamp; The authenticity and credibility of the equipment.
  • the credential time of the credential issuance device issued by the trusted time source for time synchronization is issued, which solidifies the time of depositing the innovative creative data of the enterprise; and the process of depositing the innovative creative data is based on the innovation and creative data of the enterprise.
  • the corresponding unique data string is carried out to effectively guarantee the confidentiality of the original content of the enterprise's innovative creative data.
  • the depositing process is realized by a third party who has no interest in the user, and improves the originality verification of the enterprise's innovative creative data. Credibility.
  • FIG. 8 is a schematic structural diagram of an innovative creative data depositing device according to another exemplary embodiment. As shown in FIG. 8, on the basis of the above embodiment,
  • the receiving module 21 is further configured to receive a certificate request sent by the enterprise client, where the certificate request includes: identifier information of the certificate receipt;
  • the sending module 27 is further configured to return, according to the identification information of the certificate receipt, the certificate of the certificate of the creative creative data corresponding to the identifier information to the enterprise client;
  • the certificate of deposit includes: a certificate number and a time of depositing the certificate;
  • the receiving module 21 is further configured to receive a first verification request sent by the enterprise client, where the first verification request includes: a certificate number;
  • the depositing device 52 further includes:
  • the checking module 28 is configured to check, according to the certificate number, whether the deposit certificate corresponding to the certificate number has been stored certificate;
  • the sending module 27 is further configured to send the certificate of deposit when the checking module 28 checks that the certificate of deposit corresponding to the certificate number has been stored.
  • the receiving module 21 is further configured to receive description information of the innovative creative data sent by the enterprise client, and associate the description information with the first data string;
  • the first verification request received by the receiving module 21 further includes: verifying the password
  • the sending module 27 is further configured to check whether the password is correct according to the verification password, and if yes, feed back to the enterprise client the description information corresponding to the certificate.
  • the description information includes: a project ID, a creator, a version number, a customer ID, a R&D department ID, or location information;
  • the depositing device 52 further includes:
  • the categorization module 29 is configured to classify the received innovative creative data according to the at least one description information to form an index document of the innovative creative data, so that the enterprise client finds the corresponding innovative creative data according to any description information. Classification information.
  • the receiving module 21 is further configured to receive a second verification request sent by the enterprise client, where the second verification request includes: a first data string;
  • the checking module 28 is further configured to check, in the certificate database 50, whether the first data string has been stored;
  • the sending module 27 is configured to return a first verification receipt according to the verification result obtained after the inspection module 28 checks.
  • the sending module 27 is specifically configured to: when the first data string is not stored in the certificate database 50, return a response message that the certificate information is not found to the enterprise client; when the first data string is stored in the certificate database When the enterprise client returns a response message for checking the deposit information and/or the deposit time information of the first data string.
  • the receiving module 21 is further configured to receive a third verification request sent by the enterprise client, where the third verification request includes: a first data string, a trusted timestamp;
  • the checking module 28 is further configured to: when the first data string is stored in the certificate database 50, perform verification according to the first data string and the trusted time stamp, and obtain a verification result;
  • the sending module 27 is further configured to return a second verification receipt according to the verification result obtained after the verification module 28 verifies.
  • the inspection module 28 includes:
  • the finding submodule 281 is configured to search for a deposit time corresponding to the first data string
  • a data string generation sub-module 282 configured to generate a unique third data string according to the first data string and the certificate time;
  • a decryption sub-module 283, configured to decrypt the trusted timestamp to obtain a fourth data string
  • the sending module 27 is further configured to: when the third data string generated by the data string generating sub-module 282 and the fourth data string obtained by the decrypting sub-module 283 are completely matched, return a response message for checking the deposit information to the enterprise client. And/or the time of deposit of the first data string.
  • the sending module 27 is specifically configured to return a certificate receipt with CA authentication information to the enterprise client to provide the enterprise client with the identity verification information of the certificate device.
  • the receiving module 21 is further configured to receive a registration request sent by the enterprise client;
  • the sending module 27 is further configured to return an algorithm generator for generating the first data string, so that the enterprise client generates a first data string uniquely corresponding to the creative creative data according to a preset algorithm provided by the algorithm generator.
  • FIG. 9 is a schematic structural diagram of an innovative creative data processing system according to an exemplary embodiment.
  • the innovative creative data processing system provided by this embodiment includes an innovative creative data processing device 51 provided by any embodiment of the present invention, and an innovative creative data storage device 52 provided by any embodiment of the present invention.
  • FIG. 10 is a schematic structural diagram of an innovative creative data processing system according to another exemplary embodiment. As shown in FIG. 10, the system may further include:
  • the trusted time issuing device 53 is configured to receive the first data string sent by the innovative creative data storage device 52, and issue the first data string based on the time when the first data string is received; and save the first data string The time is sent to the innovative creative data storage device 52.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé, un dispositif et un système de traitement de données d'innovation et de créativité et un dispositif de stockage de certificat. Un client d'entreprise produit une première chaîne de données correspondante et unique en fonction de données d'innovation et de créativité ; et il envoie la première chaîne de données au dispositif de stockage de certificat pour le stockage de certificat ; le dispositif de stockage de certificat renvoie des reçus de retour tels que l'instant de stockage de certificat et une estampille temporelle crédible. L'instant de stockage de certificat est un point temporel crédible délivré par un dispositif d'émission de point temporel crédible, et l'estampille temporelle crédible est obtenue de manière que le dispositif de stockage de certificat effectue, en utilisant une clé privée, une signature numérique sur une deuxième chaîne de données qui est produite en fonction de la première chaîne de données et de l'instant de stockage de certificat, ce qui assure l'authenticité et la crédibilité du dispositif de stockage de certificat. L'instant de stockage de certificat de données d'innovation et de créativité est créé grâce au point temporel crédible émis par le dispositif d'émission de point temporel crédible ; le processus de stockage de certificat est basé sur la première chaîne de données plutôt que sur le contenu des données d'innovation et de créativité, ce qui assure efficacement la confidentialité du contenu des données du client d'entreprise ; simultanément, le processus de stockage de certificat est mis en œuvre par une tierce partie qui n'a pas de relation avantageuse avec un utilisateur, ce qui améliore la crédibilité de l'authentification de créativité originale de données d'innovation et de créativité de l'entreprise.
PCT/CN2016/098152 2015-10-16 2016-09-06 Procédé, dispositif et système de traitement de données d'innovation et de créativité et dispositif de stockage de certificat WO2017063465A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510674090.7 2015-10-16
CN201510674090.7A CN105335667B (zh) 2015-10-16 2015-10-16 创新创意数据处理方法、装置、系统及存证设备

Publications (1)

Publication Number Publication Date
WO2017063465A1 true WO2017063465A1 (fr) 2017-04-20

Family

ID=55286186

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/098152 WO2017063465A1 (fr) 2015-10-16 2016-09-06 Procédé, dispositif et système de traitement de données d'innovation et de créativité et dispositif de stockage de certificat

Country Status (2)

Country Link
CN (1) CN105335667B (fr)
WO (1) WO2017063465A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112801663A (zh) * 2021-02-05 2021-05-14 北京众享比特科技有限公司 区块链存证方法、装置、系统、设备和介质
US11863390B1 (en) * 2022-08-16 2024-01-02 Nvidia Corporation Path attestation for computing resources

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105335667B (zh) * 2015-10-16 2017-03-15 北京源创云网络科技有限公司 创新创意数据处理方法、装置、系统及存证设备
CN106156345B (zh) * 2016-07-21 2019-11-05 北京源创云网络科技有限公司 项目文件存证方法、存证设备及终端设备
CN106548091A (zh) * 2016-10-14 2017-03-29 北京爱接力科技发展有限公司 一种数据存证、验证的方法及装置
CN110378079B (zh) * 2018-04-13 2023-07-04 胡小凡 基于原创作品的信息处理、保护、销售方法及装置
CN110533506A (zh) * 2019-08-19 2019-12-03 广州华旻信息科技有限公司 可视化创新发明方案验证的方法及装置
CN110912802B (zh) * 2019-11-07 2021-08-10 上海百事通信息技术股份有限公司 电子邮件数据处理方法及装置
CN111737365B (zh) * 2020-07-22 2021-08-17 百度在线网络技术(北京)有限公司 存证处理方法、装置、设备和存储介质
CN112364384B (zh) * 2021-01-12 2021-04-23 支付宝(杭州)信息技术有限公司 一种基于可信账本数据库的业务记录授时方法
CN114500321B (zh) * 2022-04-12 2022-08-02 成方金融科技有限公司 报文核验方法、装置及存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102223374A (zh) * 2011-06-22 2011-10-19 熊志海 一种基于电子证据在线保全的第三方认证保全系统及方法
CN102339370A (zh) * 2011-09-14 2012-02-01 福建伊时代信息科技股份有限公司 电子文档的保全方法、保全系统和验证系统
CN103514410A (zh) * 2013-09-30 2014-01-15 上海市数字证书认证中心有限公司 电子合同的可信保全与证据提取系统及方法
CN105335667A (zh) * 2015-10-16 2016-02-17 北京源创云网络科技有限公司 创新创意数据处理方法、装置、系统及存证设备

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101826101A (zh) * 2010-01-25 2010-09-08 王平 搜索引擎装置及其方法
CN102404463B (zh) * 2010-09-13 2014-12-10 中国移动通信集团福建有限公司 用户生成内容ugc回铃音实现方法、系统和装置
CN104134020A (zh) * 2013-05-03 2014-11-05 杨高赟 一种基于网络数据库的智能终端软件防盗版方法及系统
CN104636640A (zh) * 2015-01-23 2015-05-20 杭州节点科技有限公司 一种基于智能移动终端的文件签署方法
CN104992087B (zh) * 2015-06-29 2017-03-15 北京源创云网络科技有限公司 移动终端创新创意数据信息处理方法及移动终端

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102223374A (zh) * 2011-06-22 2011-10-19 熊志海 一种基于电子证据在线保全的第三方认证保全系统及方法
CN102339370A (zh) * 2011-09-14 2012-02-01 福建伊时代信息科技股份有限公司 电子文档的保全方法、保全系统和验证系统
CN103514410A (zh) * 2013-09-30 2014-01-15 上海市数字证书认证中心有限公司 电子合同的可信保全与证据提取系统及方法
CN105335667A (zh) * 2015-10-16 2016-02-17 北京源创云网络科技有限公司 创新创意数据处理方法、装置、系统及存证设备

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112801663A (zh) * 2021-02-05 2021-05-14 北京众享比特科技有限公司 区块链存证方法、装置、系统、设备和介质
CN112801663B (zh) * 2021-02-05 2024-03-19 北京众享比特科技有限公司 区块链存证方法、装置、系统、设备和介质
US11863390B1 (en) * 2022-08-16 2024-01-02 Nvidia Corporation Path attestation for computing resources

Also Published As

Publication number Publication date
CN105335667B (zh) 2017-03-15
CN105335667A (zh) 2016-02-17

Similar Documents

Publication Publication Date Title
WO2017063465A1 (fr) Procédé, dispositif et système de traitement de données d'innovation et de créativité et dispositif de stockage de certificat
JP6941146B2 (ja) データセキュリティサービス
US20210319132A1 (en) Methods and Devices For Managing User Identity Authentication Data
US7925023B2 (en) Method and apparatus for managing cryptographic keys
US20200084045A1 (en) Establishing provenance of digital assets using blockchain system
CA2899027C (fr) Service de securite de donnees
US20100257370A1 (en) Apparatus And Method for Supporting Content Exchange Between Different DRM Domains
JP2004531918A (ja) デジタル署名を得るための方法及びシステム
KR20080104137A (ko) 전자 서명 검증
CN106464496A (zh) 用于创建对用户身份鉴权的证书的方法和系统
US8218763B2 (en) Method for ensuring the validity of recovered electronic documents from remote storage
GB2520056A (en) Digital data retention management
JP2004110197A (ja) センタ・システムにおける情報処理方法及びアクセス権限管理方法
US11301823B2 (en) System and method for electronic deposit and authentication of original electronic information objects
US9647837B2 (en) Securely filtering trust services records
CN106257483B (zh) 电子数据的处理方法、设备及系统
CN102819695A (zh) 基于Jar文件的授权方法及应用服务器
CN112926031A (zh) 一种安全的区块链电子证照使用方法
CN113132109A (zh) 一种基于区块链的电子存证管理方法、装置及电子设备
Panse et al. DigiSecure: Attribute-Based Document Transfer Solution
CN112653773A (zh) 顶级服务器注册信息管理方法、系统、电子设备及介质
CN113240418A (zh) 基于区块链的隐私数据智能访问控制方法和设备
LACKO THE CRYPTOGRAPHIC PROTOCOL FOR MANAGEMENT AND APPROVAL OF DOCUMENT VERSIONS

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16854847

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16854847

Country of ref document: EP

Kind code of ref document: A1