CN108683657B - Data security access method and device, terminal equipment and readable storage medium - Google Patents

Data security access method and device, terminal equipment and readable storage medium Download PDF

Info

Publication number
CN108683657B
CN108683657B CN201810447105.XA CN201810447105A CN108683657B CN 108683657 B CN108683657 B CN 108683657B CN 201810447105 A CN201810447105 A CN 201810447105A CN 108683657 B CN108683657 B CN 108683657B
Authority
CN
China
Prior art keywords
data
matching field
execution environment
matching
trusted execution
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810447105.XA
Other languages
Chinese (zh)
Other versions
CN108683657A (en
Inventor
刘钦根
陈吉
韩建安
桂家海
许可
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Information Technology Co Ltd
Original Assignee
Shijinshi Credit Service Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shijinshi Credit Service Co ltd filed Critical Shijinshi Credit Service Co ltd
Priority to CN201810447105.XA priority Critical patent/CN108683657B/en
Publication of CN108683657A publication Critical patent/CN108683657A/en
Application granted granted Critical
Publication of CN108683657B publication Critical patent/CN108683657B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a method and a device for safely accessing data, terminal equipment and a readable storage medium. When a data request mechanism needs to access data provided by a data providing mechanism, the data request mechanism obtains a complete matching field data set by intersecting a matching field of locally stored first data with a matching field of second data acquired from a responding data providing mechanism, and then transmits the matching field data set to a security directory in a trusted execution environment, so that the trusted execution environment can acquire and store data corresponding to each matching field from a pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the security directory, and the data request mechanism can directly access data corresponding to each matching field stored in the trusted execution environment without adopting a copying mode for data transmission, thereby avoiding the occurrence of data leakage and illegal use.

Description

Data security access method and device, terminal equipment and readable storage medium
Technical Field
The present invention relates to the field of network communication technologies, and in particular, to a method and an apparatus for secure access to data, a terminal device, and a readable storage medium.
Background
With the development of network communication technology, network-based data access becomes more and more convenient. However, while facilitating data access for users, many network problems also occur, such as server attacks, data leakage, and the like, become more and more serious. Therefore, in order to ensure that the core data of each enterprise is not attacked or leaked, each enterprise organization usually sets various firewalls and cannot even connect to the internet. Based on the consideration of security, currently, different enterprise organizations usually desensitize sensitive data when performing data sharing and access operations, and then encrypt, copy, transmit, and use the desensitized data.
However, in the data transmission process, because the offline transmission mode is mostly adopted at present, the situation that the same data file is copied by multiple people is easily caused, so that data leakage is caused, and the data file is illegally used.
In addition, in the data desensitization process, because data desensitization needs a desensitized key, the key is transmitted between the multi-party organizations in the existing data access mode, and thus, the key is difficult to be ensured not to be leaked.
The above is only for the purpose of assisting understanding of the technical aspects of the present invention, and does not represent an admission that the above is prior art.
Disclosure of Invention
The invention mainly aims to provide a method, a device, a terminal device and a readable storage medium for safely accessing data, and aims to solve the technical problems that data leakage is easily caused and illegal use is caused by adopting an offline data transmission mode in the prior art.
In order to achieve the above object, the present invention provides a method for securely accessing data, the method comprising the steps of:
the data request mechanism issues a data request and receives response information containing an identification number of a data providing mechanism, wherein the response information is generated by the data providing mechanism according to the data request;
according to the identification number of the data providing mechanism, sending a matching column of first data to the data providing mechanism, and acquiring a matching column of second data provided by the data providing mechanism;
intersecting the matching column of the first data with the matching column of the second data to generate a matching column data set;
transmitting the matching field data set to a security directory in a trusted execution environment, so that the trusted execution environment can acquire and store data corresponding to each matching field from a pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the security directory;
and accessing data corresponding to each matching field stored in the trusted execution environment.
Preferably, before sending the matching field of the first data to the data providing mechanism according to the identifier of the data providing mechanism, the method further comprises:
desensitizing a matching field of the first data;
correspondingly, the acquiring a matching field of the second data provided by the data providing mechanism specifically includes:
and acquiring a matching field of the second data after desensitization operation provided by the data providing mechanism.
Preferably, the desensitizing operation on the matching field of the first data specifically includes:
negotiating with the data-providing authority to determine a desensitization key;
desensitizing the matching field of the first data according to the desensitizing key;
correspondingly, the acquiring of the matching field of the second data after desensitization provided by the data providing mechanism specifically includes:
and acquiring a matching field of the second data after desensitization operation according to the desensitization key provided by the data providing mechanism.
Preferably, before accessing the data corresponding to each matching field stored in the trusted execution environment, the method further includes:
sending modeling instructions to the trusted execution environment to enable the trusted execution environment to create a data value model for determining the value of each data stored;
correspondingly, the accessing data corresponding to each matching field stored in the trusted execution environment specifically includes:
obtaining the value of each datum determined by the data value modeling;
and determining whether to access the data corresponding to each matching field stored in the trusted execution environment according to the value of each data.
Preferably, before the data request mechanism issues the data request, the method further comprises:
and the data request mechanism completes the data exploration alliance chain, and the data exploration alliance chain is constructed by registering and releasing identification numbers of all the data request mechanisms and all the data providing mechanisms on the basis of the block chain.
Preferably, the data request mechanism completes the data exploration federation chain, and specifically includes:
and the data request mechanism issues the first data to the data exploration alliance chain and completes the data exploration alliance chain.
Preferably, the secure directory in the trusted execution environment is created by the trusted execution environment and encrypted with a secure directory key generated in advance by the trusted execution environment.
In addition, to achieve the above object, the present invention further provides a device for secure access to data, the device comprising:
the issuing module is used for issuing a data request of a data request structure;
the receiving module is used for receiving response information containing an identification number of a data providing mechanism, and the response information is generated by the data providing mechanism according to the data request;
the sending module is used for sending the matching column of the first data to the data providing mechanism according to the identification number of the data providing mechanism;
the acquisition module is used for acquiring a matching column of the second data provided by the data providing mechanism;
the generating module is used for making an intersection between the matching column of the first data and the matching column of the second data to generate a matching column data set;
the transmission module is used for transmitting the matching field data set to a security directory in a trusted execution environment so that the trusted execution environment can acquire and store data corresponding to each matching field from a pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the security directory;
and the access module is used for accessing the data corresponding to each matching field stored in the trusted execution environment.
In addition, to achieve the above object, the present invention also provides a terminal device, including: the system comprises a memory, a processor and a data security access program stored on the memory and capable of running on the processor, wherein the data security access program is configured to realize the steps of the data security access method.
In addition, to achieve the above object, the present invention further provides a readable storage medium, which is a computer readable storage medium, on which a secure access program of data is stored, and when the secure access program of data is executed by a processor, the steps of the secure access method of data are implemented.
When a data request mechanism needs to access data provided by a data providing mechanism, the data request mechanism obtains a complete matching field data set by intersecting a matching field of locally stored first data with a matching field of second data acquired from a responding data providing mechanism, and then transmits the matching field data set to a security directory in a trusted execution environment, so that the trusted execution environment can acquire and store data corresponding to each matching field from a pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the security directory, and data access between two mechanisms is transferred to the trusted execution environment, and because the data request mechanism can directly access the data corresponding to each matching field stored in the trusted execution environment, when each mechanism shares data, the data can be prevented from falling into the hands of users without access authority, and data leakage and illegal use can be avoided.
Drawings
Fig. 1 is a schematic structural diagram of a terminal device in a hardware operating environment according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a first embodiment of a method for secure access to data according to the present invention;
FIG. 3 is a schematic diagram of a federation chain for data exploration in the method for secure access of data of the present invention;
FIG. 4 is a flowchart illustrating a second embodiment of a method for secure access to data according to the present invention;
FIG. 5 is a diagram illustrating a desensitization operation performed in the method for secure access of data according to the present invention;
FIG. 6 is a flowchart illustrating a third embodiment of a method for secure access to data according to the present invention;
FIG. 7 is a schematic diagram illustrating interaction among a data requesting mechanism, a data providing mechanism, and a trusted execution environment in the method for secure access to data according to the present invention;
fig. 8 is a functional block diagram of the security access device for data according to the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1, fig. 1 is a schematic structural diagram of a terminal device in a hardware operating environment according to an embodiment of the present invention.
As shown in fig. 1, the terminal device may include: a processor 1001, such as a Central Processing Unit (CPU), a communication bus 1002, a user interface 1003, a network interface 1004, and a memory 1005. Wherein a communication bus 1002 is used to enable connective communication between these components. The user interface 1003 may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), a Mouse (Mouse), and optionally, the user interface 1003 may also include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a WIreless interface (e.g., a WIreless-FIdelity (WI-FI) interface, a bluetooth interface, etc.). The memory 1005 may be a high-speed RAM memory or a non-volatile memory (e.g., a magnetic disk memory). The memory 1005 may alternatively be a storage device separate from the processor 1001.
Those skilled in the art will appreciate that the configuration shown in fig. 1 does not constitute a limitation of the terminal device and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
Thus, as shown in FIG. 1, a memory 1005, which is a type of computer storage medium, may include an operating system, a network communication module, a user interface module, and a secure access program for data.
In the terminal device shown in fig. 1, the network interface 1004 is mainly used for establishing a communication connection between the terminal device and the trusted execution environment and the terminal device for providing data; the user interface 1003 is mainly used for receiving input instructions of a user; the terminal device calls a secure access program of data stored in the memory 1005 through the processor 1001, and performs the following operations:
the data request mechanism issues a data request and receives response information containing an identification number of a data providing mechanism, wherein the response information is generated by the data providing mechanism according to the data request;
according to the identification number of the data providing mechanism, sending a matching column of first data to the data providing mechanism, and acquiring a matching column of second data provided by the data providing mechanism;
intersecting the matching column of the first data with the matching column of the second data to generate a matching column data set;
transmitting the matching field data set to a security directory in a trusted execution environment, so that the trusted execution environment can acquire and store data corresponding to each matching field from a pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the security directory;
and accessing data corresponding to each matching field stored in the trusted execution environment.
Further, the processor 1001 may call a secure access procedure for data stored in the memory 1005, and also perform the following operations:
desensitizing a matching field of the first data;
correspondingly, the acquiring a matching field of the second data provided by the data providing mechanism specifically includes:
and acquiring a matching field of the second data after desensitization operation provided by the data providing mechanism.
Further, the processor 1001 may call a secure access procedure for data stored in the memory 1005, and also perform the following operations:
negotiating with the data-providing authority to determine a desensitization key;
desensitizing the matching field of the first data according to the desensitizing key;
correspondingly, the acquiring of the matching field of the second data after desensitization provided by the data providing mechanism specifically includes:
and acquiring a matching field of the second data after desensitization operation according to the desensitization key provided by the data providing mechanism.
Further, the processor 1001 may call a secure access procedure for data stored in the memory 1005, and also perform the following operations:
sending modeling instructions to the trusted execution environment to enable the trusted execution environment to create a data value model for determining the value of each data stored;
correspondingly, the accessing data corresponding to each matching field stored in the trusted execution environment specifically includes:
obtaining the value of each datum determined by the data value modeling;
and determining whether to access the data corresponding to each matching field stored in the trusted execution environment according to the value of each data.
Further, the processor 1001 may call a secure access procedure for data stored in the memory 1005, and also perform the following operations:
and the data request mechanism completes the data exploration alliance chain, and the data exploration alliance chain is constructed by registering and releasing identification numbers of all the data request mechanisms and all the data providing mechanisms on the basis of the block chain.
Further, the processor 1001 may call a secure access procedure for data stored in the memory 1005, and also perform the following operations:
and the data request mechanism issues the first data to the data exploration alliance chain and completes the data exploration alliance chain.
Through the above-mentioned scheme, when the data request mechanism needs to access the data provided by the data providing mechanism, the data request mechanism obtains a complete matching field data set by intersecting the matching field of the locally stored first data with the matching field of the second data obtained from the responding data providing mechanism, and then transmits the matching field data set to the secure directory in the trusted execution environment, so that the trusted execution environment can obtain and store the data corresponding to each matching field from the pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the secure directory, thereby transferring the data access between the two mechanisms to the trusted execution environment, because the data request mechanism can directly access the data corresponding to each matching field stored in the trusted execution environment, when each mechanism performs data sharing, the data can be prevented from falling into the hands of users without access authority, and data leakage and illegal use can be avoided.
Based on the hardware structure, the embodiment of the data security access method is provided.
Referring to fig. 2, fig. 2 is a flowchart illustrating a first embodiment of a method for secure access to data according to the present invention.
In a first embodiment, the method for secure access to data comprises the following steps:
s10: the data request mechanism issues a data request and receives response information containing an identification number of the data providing mechanism, wherein the response information is generated by the data providing mechanism according to the data request.
Specifically, the data request issued by the data request authority is specifically issued to a pre-established data exploration alliance chain.
Accordingly, the received response message including the identification number of the data provider is generated by the data provider in the data exploration federation chain.
For example, all data providers capable of providing data in the data exploration alliance chain can actively search data requests related to themselves, for example, a data dictionary contained in the data request is the same as a data dictionary of data provided by themselves, when the data request related to themselves is searched, the data provider can conveniently generate response information added with an identification number of itself, and a matching relation is established between the response information and a data request mechanism.
The data search federation chain is constructed by registering and distributing identification numbers of each data requesting entity and each data providing entity based on a block chain.
In addition, in order to ensure that the data stored in the data exploration alliance chain is complete enough, all enterprises joining the data exploration alliance chain need to regularly release local data of the enterprises to the data exploration alliance so as to complete the data in the data exploration alliance chain.
Since the present embodiment is described in terms of a data request authority, the data exploration federation chain needs to be completed before the data request authority issues a data request, for example, by issuing the first data to the data exploration federation chain.
In addition, when the data exploration alliance chain is completed, whether the data request mechanism or the data providing mechanism exists, the uploaded data needs to have a corresponding data dictionary, namely, data items, data structures, data streams, data storage, processing logic, external entities and the like of the data need to be defined and described, so that subsequent operations such as modeling can be facilitated.
In addition, when the data request mechanism issues the data request, in order to facilitate the data providing mechanism to respond in time, the issued data request may include a data dictionary of the data that needs to be requested, and a data range (the amount of data that needs to be requested, such as data within one month).
It should be noted that the above is only an example, and does not limit the technical scheme of the present invention at all, and in practical application, those skilled in the art can set the scheme as needed.
In addition, in practical application, the data requesting mechanism is the same as or serves as the data providing mechanism, so the implementation manner of the data providing mechanism may refer to the corresponding setting of the data requesting mechanism to the data access manner in this embodiment, which is not described herein again, nor is there any specific limitation.
S20: and sending the matching field of the first data to the data providing mechanism according to the identification number of the data providing mechanism, and acquiring the matching field of the second data provided by the data providing mechanism.
Specifically, in this embodiment, the first data is specifically data locally stored by a data requesting mechanism, and the second data is specifically data locally stored by a data providing mechanism.
In addition, the matching field of the first data and the matching field of the second data specifically refer to the index name stored in each column of each storage table, for example, the first column is the name of a commodity, the second column is the name of an shipment warehouse, the third column is the name of a customer, and the fourth column is the work number of a shipper.
It should be noted that the above is only an example, and does not limit the technical scheme of the present invention at all, and in practical application, those skilled in the art can set the scheme as needed.
S30: and intersecting the matching column of the first data with the matching column of the second data to generate a matching column data set.
Specifically, in this example, the matching field data set is obtained by intersecting the matching field of the first data and the matching field of the second data, so that a complete matching data set can be obtained, and it is ensured that complete data can be accessed in the subsequent data access process.
S40: and transmitting the matching field data set to a security directory in a trusted execution environment, so that the trusted execution environment can acquire and store data corresponding to each matching field from a pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the security directory.
Specifically, the Trusted Execution Environment (TEE) described in this embodiment may be a third-party Trusted authority deployed in the network.
In addition, in order to ensure that the data subsequently stored in the trusted execution environment is sufficiently secure and not used illegally, in particular implementation, the trusted execution environment may create a secure directory and then store the matching field in the matching field data set in the secure directory.
Further, in order to raise the security level, the trusted execution environment may also generate a secure directory key according to an internal key generation program, and then encrypt the secure directory key with the secure directory key, so that a subsequent data request authority that needs to access the data stored therein must have corresponding access rights, or must be a member of the data exploration federation chain.
It should be noted that the above is only a specific implementation, and in a specific application, a person skilled in the art may set the implementation as needed, and the present invention is not limited herein.
S50: and accessing data corresponding to each matching field stored in the trusted execution environment.
It is not difficult to find out through the above description that in the secure access method for data provided in this embodiment, when a data request mechanism needs to access data provided by a data providing mechanism, the data request mechanism obtains a complete matching field data set by intersecting a matching field of locally stored first data with a matching field of second data obtained from a responding data providing mechanism, and then transmits the matching field data set to a secure directory in a trusted execution environment, so that the trusted execution environment can obtain and store data corresponding to each matching field from a pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the secure directory, thereby transferring data access between two mechanisms to the trusted execution environment, because the data request mechanism can directly access data corresponding to each matching field stored in the trusted execution environment, therefore, when each mechanism shares data, the off-line transmission mode is not needed to be adopted for copying, and the data can be prevented from falling into the hands of users without access authority, so that the phenomena of data leakage and illegal use are avoided.
Further, as shown in fig. 4, a second embodiment of the secure access method of data according to the present invention is proposed based on the first embodiment, and in this embodiment, before sending the matching field of the first data to the data providing organization according to the identifier of the data providing organization, a desensitization operation needs to be performed on the matching field of the first data.
For convenience of illustration, step S20 is subdivided into two sub-steps in the present embodiment, which are detailed in fig. 4.
In step S201, a desensitization operation is performed on the matching field of the first data.
In step S202, according to the identification number of the data providing mechanism, the matching field of the first data after desensitization operation is sent to the data providing mechanism, and the matching field of the second data after desensitization operation provided by the data providing mechanism is obtained.
Specifically, in this embodiment, when the data request mechanism performs desensitization operation on the matching field of the first data, the desensitization operation may be specifically implemented in the following manner:
first, a desensitization key is negotiated with the data-providing authority to determine.
Then, according to the desensitization key, desensitization operation is carried out on the matching field of the first data.
It should be understood that, since the subsequently generated matching field data set is obtained by intersecting the matching field of the first data with the matching field of the second data, after the desensitization operation is performed on the matching field of the first data according to the desensitization key, in order to ensure that the desensitization rules of the matching fields in the subsequently generated matching field data set are consistent, the obtained matching field of the second data provided by the data providing mechanism, specifically, the matching field of the second data obtained after the desensitization operation is performed by the data providing mechanism according to the same desensitization key.
In addition, in order to facilitate understanding of the desensitization operation described in this example, the following description is made in detail with reference to fig. 5.
Specifically, HyperLedger in fig. 5 specifically refers to a hyper ledger in the block chain technology.
The DB area is specifically a storage area for storing local data (if desensitization operation is performed for the data requesting authority, this time, stored is the first data and the matching field of the first data, and if desensitization operation is performed for the data providing authority, this time, stored is the second data and the matching field of the second data).
The APP area is an application program which can be operated by a user in the data request mechanism or the data providing mechanism, and correspondingly, the data stored in the DB area is the data generated by the application program in the APP area.
DMZ refers to the abbreviation of isolation zone, i.e., demallitized zone, also known as "demilitarized zone". Which is primarily used to construct a safety zone between an internal network and an external network.
As can be seen from fig. 5, when desensitization operation is required, first, through step "0, whether the signature of the verification program" meets the requirement, if so, step "1 and desensitization operation are executed, and at the same time, step" 2 and verification that the caller is legal are executed, that is, whether the authority that needs to access data is a member in the data exploration federation chain or whether the authority has the authority to access data. Under the condition that the steps are met, the step 3 is executed, a data extraction program is called to extract original data, the extracted original data are subjected to desensitization by a desensitization program, the original data are returned after desensitization, namely, the step 4 is executed and the original data are returned, meanwhile, the desensitization program generates a desensitization file, and the desensitized data are written into the folder, namely, the step 5 is executed and the desensitized data are written.
It should be noted that, the above is only an example, and in practical applications, a person skilled in the art may perform specific setting with reference to fig. 5, which is not described herein again or is not limited.
It is not difficult to find out through the above description that the secure access method for data provided in this embodiment performs desensitization operation on the matching field of the first data before sending the matching field of the first data to the data providing mechanism according to the identification number of the data providing mechanism, and simultaneously obtains the matching field of the second data provided by the data providing mechanism after performing desensitization operation, and then performs intersection on the matching field of the first data after performing desensitization operation and the matching field of the second data according to the desensitization rule, so that data deformation can be performed on some sensitive information through the desensitization rule, reliable protection of sensitive privacy data is realized, and further security of data access is ensured.
In addition, the data request structure determines desensitization keys through negotiation with a data providing mechanism, and because the desensitization keys are determined according to an internal setting program without manual participation in setting, the desensitization keys can be ensured not to be leaked, and the safety of the matched columns after desensitization is carried out according to the desensitization keys is ensured.
Further, as shown in fig. 6, a third embodiment of the method for securely accessing data according to the present invention is proposed based on the first embodiment, in this embodiment, step S00 is added before accessing the data corresponding to each matching field stored in the trusted execution environment.
For ease of understanding, the following detailed description is made with reference to fig. 6:
in step S00: sending modeling instructions to the trusted execution environment to enable the trusted execution environment to create a data value model for determining the value of each data stored.
Accordingly, step S50 is also changed after the data value modeling determines the value of each stored data, and step S50 is subdivided into two sub-steps in this embodiment for convenience of illustration, as shown in fig. 6.
Specifically, in step S501: and obtaining the value of each datum determined by the data value modeling.
In step S502: and determining whether to access the data corresponding to each matching field stored in the trusted execution environment according to the value of each data.
It should be understood that the value of the data mentioned in this embodiment is specifically determined according to the data required by the data requesting mechanism, for example, if a certain data is the data that the data requesting mechanism wants to obtain (which can be determined according to the data request issued by the data requesting mechanism), the value of the data is high, otherwise, the value of the data is considered to be not high. When the value of the data is high, the data request mechanism may determine that the data corresponding to each matching field stored in the trusted execution environment needs to be accessed, otherwise, the data request mechanism does not perform the access.
In addition, in order to simplify the modeling process, in a specific implementation, the data value modeling may be created based on Jupyter Notebook (which is an interactive Notebook and is referred to as IPython Notebook before), and a specific creation manner may be performed by a person skilled in the art according to a development document of Jupyter Notebook, which is not described herein again.
In addition, in practical applications, those skilled in the art may select other modeling languages as needed to create the data value modeling, and the present invention is not limited herein.
It should be noted that the foregoing is only an example, and does not constitute any limitation on the technical solution of the present invention, and in the specific implementation, a person skilled in the art may implement the method based on the working principle of the block chain and by combining the schematic interaction diagram between the data request mechanism, the data providing mechanism, and the trusted execution environment shown in fig. 7, which is not described herein again nor is there any specific limitation.
In addition, it should be noted that the DAPP in fig. 7 specifically refers to a distributed application. A distributed application is similar to the intelligent contract in an ethernet house, i.e. DAPP is an application based on blockchains.
It is obvious from the above description that, in the secure access method for data provided in this embodiment, before accessing data corresponding to each matching field stored in the trusted execution environment, a modeling instruction is sent to the trusted execution environment, so that the trusted execution environment can create a data value model for determining the value of each stored data, and when accessing data corresponding to each matching field stored in the trusted execution environment, it can be determined whether to access data corresponding to each matching field stored in the trusted execution environment according to the value of each data determined by the data value model, and convenience is further provided for both data sharing parties while ensuring the access security of the data.
In addition, the embodiment of the invention also provides a device for safely accessing data. As shown in fig. 8, the apparatus for securing access to data includes: the device comprises a publishing module 8001, a receiving module 8002, a sending module 8003, an obtaining module 8004, a generating module 8005, a transmitting module 8006 and an accessing module 8007.
The issuing module 8001 is configured to issue a data request in a data request structure. The receiving module 8002 is configured to receive response information including an identifier of the data providing mechanism. The sending module 8003 is configured to send the matching field of the first data to the data providing mechanism according to the identification number of the data providing mechanism. An obtaining module 8004 is configured to obtain a matching field of the second data provided by the data providing mechanism. The generating module 8005 is configured to intersect the matching field of the first data and the matching field of the second data, so as to generate a matching field data set. The transmitting module 8006 is configured to transmit the matching field data set to a secure directory in a trusted execution environment, so that the trusted execution environment can acquire and store data corresponding to each matching field from a pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the secure directory. The access module 8007 is configured to access data corresponding to each matching field stored in the trusted execution environment.
It should be noted that, in the present embodiment, the response information is specifically generated by the data providing mechanism according to the data request.
It is obvious from the above description that, in the security access device for data provided in this embodiment, when a data request mechanism needs to access data provided by a data providing mechanism, the data request mechanism obtains a complete matching field data set by intersecting a matching field of first data stored locally and a matching field of second data obtained from a responding data providing mechanism, and then transmits the matching field data set to a security directory in a trusted execution environment, so that the trusted execution environment can obtain and store data corresponding to each matching field from a pre-constructed data exploration federation chain according to the matching field in the matching field data set recorded in the security directory, thereby transferring data access between two mechanisms to the trusted execution environment, because the data request mechanism can directly access data corresponding to each matching field stored in the trusted execution environment, therefore, when each mechanism shares data, the off-line transmission mode is not needed to be adopted for copying, and the data can be prevented from falling into the hands of users without access authority, so that the phenomena of data leakage and illegal use are avoided.
It should be noted that the above-described work flows are only exemplary, and do not limit the scope of the present invention, and in practical applications, a person skilled in the art may select some or all of them to achieve the purpose of the solution of the embodiment according to actual needs, and the present invention is not limited herein.
In addition, the technical details that are not described in detail in this embodiment may refer to the method for secure access of data provided in any embodiment of the present invention, and are not described herein again.
Furthermore, an embodiment of the present invention further provides a readable storage medium, where the readable storage medium is a computer-readable storage medium, and the computer-readable storage medium stores a secure access program for data, where the secure access program for data, when executed by a processor, implements the following operations:
the data request mechanism issues a data request and receives response information containing an identification number of a data providing mechanism, wherein the response information is generated by the data providing mechanism according to the data request;
according to the identification number of the data providing mechanism, sending a matching column of first data to the data providing mechanism, and acquiring a matching column of second data provided by the data providing mechanism;
intersecting the matching column of the first data with the matching column of the second data to generate a matching column data set;
transmitting the matching field data set to a security directory in a trusted execution environment, so that the trusted execution environment can acquire and store data corresponding to each matching field from a pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the security directory;
and accessing data corresponding to each matching field stored in the trusted execution environment.
Further, the secure access program of the data when executed by the processor further implements the following operations:
desensitizing a matching field of the first data;
correspondingly, the acquiring a matching field of the second data provided by the data providing mechanism specifically includes:
and acquiring a matching field of the second data after desensitization operation provided by the data providing mechanism.
Further, the secure access program of the data when executed by the processor further implements the following operations:
negotiating with the data-providing authority to determine a desensitization key;
desensitizing the matching field of the first data according to the desensitizing key;
correspondingly, the acquiring of the matching field of the second data after desensitization provided by the data providing mechanism specifically includes:
and acquiring a matching field of the second data after desensitization operation according to the desensitization key provided by the data providing mechanism.
Further, the secure access program of the data when executed by the processor further implements the following operations:
sending modeling instructions to the trusted execution environment to enable the trusted execution environment to create a data value model for determining the value of each data stored;
correspondingly, the accessing data corresponding to each matching field stored in the trusted execution environment specifically includes:
obtaining the value of each datum determined by the data value modeling;
and determining whether to access the data corresponding to each matching field stored in the trusted execution environment according to the value of each data.
Further, the secure access program of the data when executed by the processor further implements the following operations:
and the data request mechanism completes the data exploration alliance chain, and the data exploration alliance chain is constructed by registering and releasing identification numbers of all the data request mechanisms and all the data providing mechanisms on the basis of the block chain.
Further, the secure access program of the data when executed by the processor further implements the following operations:
and the data request mechanism issues the first data to the data exploration alliance chain and completes the data exploration alliance chain.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) as described above and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (10)

1. A method for secure access to data, the method comprising the steps of:
the data request mechanism issues a data request and receives response information containing an identification number of a data providing mechanism, wherein the response information is generated by the data providing mechanism according to the data request;
according to the identification number of the data providing mechanism, sending a matching column of first data to the data providing mechanism, and acquiring a matching column of second data provided by the data providing mechanism;
intersecting the matching column of the first data with the matching column of the second data to generate a matching column data set;
transmitting the matching field data set to a security directory in a trusted execution environment, so that the trusted execution environment can acquire and store data corresponding to each matching field from a pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the security directory;
accessing data corresponding to each matching field stored in the trusted execution environment;
wherein the first data comprises data stored locally by a data requesting authority and the second data comprises data stored locally by a data providing authority.
2. The method of claim 1, wherein prior to sending the matching field of the first data to the data providing entity based on the identification number of the data providing entity, the method further comprises:
desensitizing a matching field of the first data;
correspondingly, the acquiring a matching field of the second data provided by the data providing mechanism specifically includes:
and acquiring a matching field of the second data after desensitization operation provided by the data providing mechanism.
3. The method of claim 2, wherein desensitizing the matching field of the first data comprises:
negotiating with the data-providing authority to determine a desensitization key;
desensitizing the matching field of the first data according to the desensitizing key;
correspondingly, the acquiring of the matching field of the second data after desensitization provided by the data providing mechanism specifically includes:
and acquiring a matching field of the second data after desensitization operation according to the desensitization key provided by the data providing mechanism.
4. The method of any of claims 1-3, wherein prior to accessing the data corresponding to each matching field stored in the trusted execution environment, the method further comprises:
sending modeling instructions to the trusted execution environment to enable the trusted execution environment to create a data value model for determining the value of each data stored;
correspondingly, the accessing data corresponding to each matching field stored in the trusted execution environment specifically includes:
obtaining the value of each datum determined by the data value modeling;
and determining whether to access the data corresponding to each matching field stored in the trusted execution environment according to the value of each data.
5. The method of any of claims 1 to 3, wherein prior to the data request mechanism issuing a data request, the method further comprises:
and the data request mechanism completes the data exploration alliance chain, and the data exploration alliance chain is constructed by registering and releasing identification numbers of all the data request mechanisms and all the data providing mechanisms on the basis of the block chain.
6. The method of claim 5, wherein the data requesting authority completes the data exploration federation chain, comprising:
and the data request mechanism issues the first data to the data exploration alliance chain and completes the data exploration alliance chain.
7. A method as claimed in any one of claims 1 to 3, wherein a secure directory in the trusted execution environment is created by the trusted execution environment and encrypted using a secure directory key pre-generated by the trusted execution environment.
8. An apparatus for secure access to data, the apparatus comprising:
the issuing module is used for issuing a data request of a data request structure;
the receiving module is used for receiving response information containing an identification number of a data providing mechanism, and the response information is generated by the data providing mechanism according to the data request;
the sending module is used for sending the matching column of the first data to the data providing mechanism according to the identification number of the data providing mechanism;
the acquisition module is used for acquiring a matching column of the second data provided by the data providing mechanism;
the generating module is used for making an intersection between the matching column of the first data and the matching column of the second data to generate a matching column data set;
the transmission module is used for transmitting the matching field data set to a security directory in a trusted execution environment so that the trusted execution environment can acquire and store data corresponding to each matching field from a pre-constructed data exploration alliance chain according to the matching field in the matching field data set recorded in the security directory;
the access module is used for accessing data corresponding to each matching field stored in the trusted execution environment;
wherein the first data comprises data stored locally by a data requesting authority and the second data comprises data stored locally by a data providing authority.
9. A terminal device, characterized in that the terminal device comprises: memory, a processor and a secure access program of data stored on the memory and executable on the processor, the secure access program of data being configured to implement the steps of the method of secure access of data according to any of claims 1 to 7.
10. A readable storage medium, characterized in that the readable storage medium is a computer readable storage medium, on which a secure access program of data is stored, which when executed by a processor implements the steps of the secure access method of data according to any one of claims 1 to 7.
CN201810447105.XA 2018-05-11 2018-05-11 Data security access method and device, terminal equipment and readable storage medium Active CN108683657B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810447105.XA CN108683657B (en) 2018-05-11 2018-05-11 Data security access method and device, terminal equipment and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810447105.XA CN108683657B (en) 2018-05-11 2018-05-11 Data security access method and device, terminal equipment and readable storage medium

Publications (2)

Publication Number Publication Date
CN108683657A CN108683657A (en) 2018-10-19
CN108683657B true CN108683657B (en) 2021-03-02

Family

ID=63805918

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810447105.XA Active CN108683657B (en) 2018-05-11 2018-05-11 Data security access method and device, terminal equipment and readable storage medium

Country Status (1)

Country Link
CN (1) CN108683657B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110008735B (en) * 2019-01-31 2020-05-19 阿里巴巴集团控股有限公司 Method, node and storage medium for realizing contract calling in block chain
CN112214780B (en) * 2020-08-26 2021-06-25 腾讯科技(深圳)有限公司 Data processing method and device, intelligent equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105590066A (en) * 2015-12-02 2016-05-18 中国银联股份有限公司 Big data safe integration method capable of protecting privacy
CN107124268A (en) * 2017-04-01 2017-09-01 中国人民武装警察部队工程大学 A kind of privacy set common factor computational methods for resisting malicious attack
CN107135209A (en) * 2017-04-21 2017-09-05 天津理工大学 A kind of data sharing method based on block chain
CN107315967A (en) * 2017-06-23 2017-11-03 北京小米移动软件有限公司 Data matching method, device and computer-readable recording medium
CN107947940A (en) * 2017-11-29 2018-04-20 树根互联技术有限公司 A kind of method and device of data exchange

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105590066A (en) * 2015-12-02 2016-05-18 中国银联股份有限公司 Big data safe integration method capable of protecting privacy
CN107124268A (en) * 2017-04-01 2017-09-01 中国人民武装警察部队工程大学 A kind of privacy set common factor computational methods for resisting malicious attack
CN107135209A (en) * 2017-04-21 2017-09-05 天津理工大学 A kind of data sharing method based on block chain
CN107315967A (en) * 2017-06-23 2017-11-03 北京小米移动软件有限公司 Data matching method, device and computer-readable recording medium
CN107947940A (en) * 2017-11-29 2018-04-20 树根互联技术有限公司 A kind of method and device of data exchange

Also Published As

Publication number Publication date
CN108683657A (en) 2018-10-19

Similar Documents

Publication Publication Date Title
US9591000B2 (en) Methods, systems, and computer readable media for authorization frameworks for web-based applications
US9591001B2 (en) Remote processing of mobile applications
JP5036140B2 (en) Personal information distribution management system, personal information distribution management method, personal information provision program, and personal information utilization program
US9338148B2 (en) Secure distributed information and password management
CN103051600B (en) document access control method and system
US11593507B2 (en) Searching for encrypted data within a cloud based platform
CN102592069B (en) Apparatus and method for managing digital rights through hooking a kernel native API
WO2018086463A1 (en) User information obtaining system, method and device
JP6169777B2 (en) Data tokenization method and apparatus, and computer-readable medium for data tokenization
US20130061335A1 (en) Method, Apparatus, Computer Readable Media for a Storage Virtualization Middleware System
US10733238B2 (en) Script manager for distributed systems
CN105378768A (en) Proximity and context aware mobile workspaces in enterprise systems
US20200184090A1 (en) Document-Level Attribute-Based Access Control
CN107040520B (en) Cloud computing data sharing system and method
EP3866036B1 (en) Secure data processing in untrusted environments
Lax et al. A Blockchain-based approach for matching desired and real privacy settings of social network users
CN105516059A (en) Resource access control method and device
CN108683657B (en) Data security access method and device, terminal equipment and readable storage medium
JPWO2015025404A1 (en) Information processing apparatus, information processing method, program, and storage medium
WO2015025405A1 (en) Information processing device, information processing method, program and storage medium
US20180013730A1 (en) Blind cloud data leak protection
US20080320102A1 (en) Information retrieval system
JP6434390B2 (en) Document concealment system
JP4674479B2 (en) Security management system, server device, client terminal, and security management method used therefor
CN113704285A (en) Permission-based retrieval method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220922

Address after: Room 1006, Building 16, Yingcai North 3rd Street, Future Science City, Changping District, Beijing 102200

Patentee after: China Mobile Information Technology Co.,Ltd.

Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.)

Patentee before: SHIJINSHI CREDIT SERVICE Co.,Ltd.