CN109558748B - Data processing method and device, electronic equipment and storage medium - Google Patents

Data processing method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN109558748B
CN109558748B CN201811407905.5A CN201811407905A CN109558748B CN 109558748 B CN109558748 B CN 109558748B CN 201811407905 A CN201811407905 A CN 201811407905A CN 109558748 B CN109558748 B CN 109558748B
Authority
CN
China
Prior art keywords
information
user data
sensitive information
desensitization
intelligent contract
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811407905.5A
Other languages
Chinese (zh)
Other versions
CN109558748A (en
Inventor
王寰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Taikang Insurance Group Co Ltd
Original Assignee
Taikang Insurance Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Taikang Insurance Group Co Ltd filed Critical Taikang Insurance Group Co Ltd
Priority to CN201811407905.5A priority Critical patent/CN109558748B/en
Publication of CN109558748A publication Critical patent/CN109558748A/en
Application granted granted Critical
Publication of CN109558748B publication Critical patent/CN109558748B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Abstract

The embodiment of the invention provides a data processing method and device, electronic equipment and a storage medium, and relates to the technical field of block chains. The method comprises the following steps: acquiring user data and judging whether the user data contains sensitive information or not; if the sensitive information is judged to be contained, desensitizing the sensitive information through an intelligent contract deployed on a block chain system to generate desensitized information; storing the desensitization information to the blockchain system, and returning an index value of the desensitization information recorded by the blockchain system; and replacing the sensitive information in the user data by the index value, and storing the replaced user data. The technical scheme of the embodiment of the invention can avoid the sensitive information of the user from being leaked and maliciously tampered, and reduce the safety risk of the user data.

Description

Data processing method and device, electronic equipment and storage medium
Technical Field
The present invention relates to the field of block chain technology, and in particular, to a data processing method, a data processing apparatus, an electronic device, and a computer-readable storage medium.
Background
With the development of internet technology, more and more people perform various consuming, financing and entertainment activities through the network, and how to utilize data of users on the network becomes a focus of attention.
At present, in a technical solution, referring to fig. 1, a plurality of user data acquisition points are set in a business system for data acquisition, and behavior data of a user, such as operation time, operation type, operation result, and other information, is stored through a database according to different business scenarios for use in subsequent analysis modeling. However, in this solution, since the user data often includes some sensitive information or private information, it is difficult to ensure the security of the user data.
Therefore, how to ensure the security of the user data becomes a technical problem to be solved urgently.
It is to be noted that the information disclosed in the above background section is only for enhancement of understanding of the background of the invention and therefore may include information that does not constitute prior art that is already known to a person of ordinary skill in the art.
Disclosure of Invention
Embodiments of the present invention provide a data processing method, a data processing apparatus, an electronic device, and a computer-readable storage medium, so as to overcome, at least to some extent, the problem that security of user data cannot be guaranteed due to limitations and defects of related technologies.
According to a first aspect of the embodiments of the present invention, there is provided a data processing method, including: acquiring user data and judging whether the user data contains sensitive information or not; if the sensitive information is judged to be contained, desensitizing the sensitive information through an intelligent contract deployed on a block chain system to generate desensitized information; storing the desensitization information to the blockchain system, and returning an index value of the desensitization information recorded by the blockchain system; and replacing the sensitive information in the user data by the index value, and storing the replaced user data.
In some exemplary embodiments of the present invention, based on the foregoing scheme, desensitizing the sensitive information by an intelligent contract deployed on a blockchain system includes: calling a first intelligent contract interface deployed on a blockchain system, wherein the first intelligent contract interface is used for desensitizing the sensitive information; desensitizing the sensitive information through the first intelligent contract interface.
In some exemplary embodiments of the present invention, based on the foregoing scheme, the data processing method further includes: when a query request for querying the user data is received, extracting identification information of the user data from the query request; acquiring the user data based on the identification information to obtain an index value of the desensitization information contained in the user data; and inquiring the desensitization information from the block chain system based on the index value, and restoring the desensitization information to obtain the sensitive information.
In some exemplary embodiments of the present invention, based on the foregoing scheme, querying the desensitization information from the blockchain system based on the index value includes: calling a second intelligent contract interface of the blockchain system, wherein the second intelligent contract interface is used for inquiring the desensitization information from the blockchain system; querying the sensitive information from the blockchain system through the second intelligent contract interface based on the index value.
In some exemplary embodiments of the present invention, based on the foregoing scheme, restoring the desensitization information to obtain the sensitive information includes: calling a third intelligent contract interface of the block chain system, wherein the third intelligent contract interface is used for restoring the desensitization information; and restoring the sensitive information from the user data through the third intelligent contract interface.
In some exemplary embodiments of the present invention, storing the replaced user data based on the foregoing scheme includes: and storing the replaced user data into a target database or a target log file.
In some exemplary embodiments of the present invention, based on the foregoing scheme, determining whether the user data includes sensitive information includes: and judging whether the user data contains sensitive information or not according to a sensitive information definition rule.
According to a second aspect of embodiments of the present invention, there is provided a data processing apparatus including: the judging unit is used for acquiring user data and judging whether the user data contains sensitive information; the desensitization processing unit is used for desensitizing the sensitive information through an intelligent contract deployed on a block chain system to generate desensitization information if the sensitive information is judged to be contained; the index generating unit is used for storing the desensitization information into the blockchain system and returning an index value of the desensitization information recorded by the blockchain system; and the storage unit is used for replacing the sensitive information in the user data through the index value and storing the replaced user data.
According to a third aspect of embodiments of the present invention, there is provided an electronic apparatus, including: a processor; and a memory having computer readable instructions stored thereon which, when executed by the processor, implement a data processing method as defined in any one of the above first aspects.
According to a fourth aspect of embodiments of the present invention, there is provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the data processing method as described in any one of the first aspects above.
In the technical solutions provided in some embodiments of the present invention, on one hand, when it is determined that user data includes sensitive information, desensitization processing is performed on the sensitive information through an intelligent contract deployed on a blockchain system, and the desensitization information is stored in the blockchain system, so that security and reliability of the sensitive information of a user can be ensured since data stored in a blockchain cannot be tampered with; on the other hand, sensitive information in the user data is replaced by the index value of the desensitization information recorded in the block chain, and the replaced user data is stored, so that the sensitive information of the user can be further prevented from being leaked and maliciously tampered, and the safety risk of the user data is reduced; on the other hand, the user data can be jointly stored in a mode of combining the traditional storage system and the block chain system, so that the safety of the user data can be further improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention, as claimed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention. It is obvious that the drawings in the following description are only some embodiments of the invention, and that for a person skilled in the art, other drawings can be derived from them without inventive effort. In the drawings:
fig. 1 is a flow chart illustrating a data processing method according to an embodiment;
FIG. 2 illustrates a flow diagram of a data processing method according to some embodiments of the invention;
FIG. 3 illustrates a flow diagram for querying data, in accordance with some embodiments of the invention;
FIG. 4 shows a flow diagram of a data processing method according to further embodiments of the invention;
FIG. 5 illustrates a schematic diagram of an intelligent contract operational flow, according to some embodiments of the invention;
FIG. 6 shows a schematic block diagram of a data processing apparatus according to an exemplary embodiment of the present invention;
FIG. 7 illustrates a schematic structural diagram of a computer system suitable for use with the electronic device to implement an embodiment of the invention.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The same reference numerals denote the same or similar parts in the drawings, and thus, a repetitive description thereof will be omitted.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to provide a thorough understanding of embodiments of the invention. One skilled in the relevant art will recognize, however, that the invention may be practiced without one or more of the specific details, or with other methods, components, devices, steps, and so forth. In other instances, well-known methods, devices, implementations or operations have not been shown or described in detail to avoid obscuring aspects of the invention.
The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. I.e. these functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor means and/or microcontroller means.
The flow charts shown in the drawings are merely illustrative and do not necessarily include all of the contents and operations/steps, nor do they necessarily have to be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
FIG. 2 illustrates a flow diagram of a data processing method according to some embodiments of the inventions. Part or all of the data processing method is applied to the block chain system. The data processing method includes steps S210 to S240, and the data processing method in the exemplary embodiment of fig. 2 will be described in detail below.
Referring to fig. 2, in step S210, user data is acquired, and it is determined whether the user data includes sensitive information.
In an example embodiment, the user data may be user data for various business systems. For example, the user data may be user data of a business system such as an insurance business system, a security business system, a financial business system, or the like.
In an example embodiment, the sensitive information may be defined according to characteristics of a business scenario of the business system, for example, the sensitive information may include a name of the user, an identification number of the user, a mobile phone number, a home address, and the like, but the sensitive information in the example embodiment of the present invention is not limited thereto, and for example, the sensitive information may also be information such as health condition or financial information of the user.
Further, in an example embodiment, whether the user data includes the sensitive information may be determined according to the definition rule of the sensitive information. For example, whether the user data includes the identity card number or the mobile phone number of the user is judged according to the definition rule of the sensitive information, and if the user data includes the identity card number or the mobile phone number of the user, it is judged that the user data includes the sensitive information. In addition, whether the user data contains the sensitive information or not can be judged by combining the definition rule of the sensitive information with the regular expression.
In other example embodiments, whether the user data includes the sensitive information may be determined by an intelligent contract deployed on the blockchain system for identifying the sensitive information, for example, a definition rule and an identification rule of the sensitive information are written to the intelligent contract on the blockchain system, and when the user data is collected, the intelligent contract is triggered to identify whether the user data includes the sensitive information.
In step S220, if it is determined that sensitive information is included, desensitization processing is performed on the sensitive information through an intelligent contract deployed on the blockchain system, so as to generate desensitization information.
In an example embodiment, when it is determined that the user data contains sensitive information, an intelligent contract (smart contract abbreviated as sc) deployed on a blockchain system, for example, an sc _ encode interface, which is an intelligent contract interface for data desensitization, is called to perform desensitization processing on the sensitive information, and desensitization information is generated.
In an example embodiment, a digest encryption algorithm is used in the intelligent contract to desensitize the sensitive information, for example, encryption algorithms such as SHA-256, MD5, SHA-512, and HMAC may be used to desensitize the sensitive information, and digest information of the sensitive information is generated as desensitized information. It should be noted that other encryption algorithms, such as digital signature algorithms such as RSA and DSA, may be used in the smart contract to desensitize sensitive information, and this is also within the scope of the present invention.
In step S230, the desensitization information is stored in the blockchain system, and the index value of the desensitization information recorded by the blockchain system is returned.
In an example embodiment, desensitization information is stored in the blockchain system by calling a predefined storage intelligence contract, namely sc _ save, in the blockchain system, and an index value, namely bc _ index, of the desensitization information recorded in the blockchain system is returned, where the index value may be an index of a block in the blockchain system, which stores the desensitization information, or an address of the block in which the desensitization information is stored.
In step S240, the sensitive information in the user data is replaced by the index value, and the replaced user data is stored.
In an example embodiment, sensitive information in the user data is replaced by an index value of desensitization information recorded on the blockchain system, namely bc _ index, and the replaced user data containing the index value is stored in a target database or a target log file.
According to the data processing method in the example embodiment of fig. 2, on one hand, when it is determined that the user data contains sensitive information, desensitization processing is performed on the sensitive information through an intelligent contract deployed on the blockchain system, and the desensitization information is stored in the blockchain system, so that the security and reliability of the sensitive information of the user can be ensured because the data stored in the blockchain cannot be tampered; on the other hand, sensitive information in the user data is replaced by the index value of the desensitization information recorded in the block chain, and the replaced user data is stored, so that the sensitive information of the user can be further prevented from being leaked and maliciously tampered, and the safety risk of the user data is reduced; on the other hand, the user data can be jointly stored in a mode of combining the traditional storage system and the block chain system, so that the safety of the user data can be further improved.
Further, in some embodiments, when it is determined that the user data contains sensitive information, a first intelligent contract interface, namely, an sc _ encode interface, deployed on the blockchain system is called, the first intelligent contract interface is used for desensitizing the sensitive information, and desensitizing the sensitive information is performed through the first intelligent interface. For example, a first intelligent contract for desensitizing sensitive information may be pre-deployed on the blockchain system, where the first intelligent contract may be a piece of code that performs a cryptographic function, and when it is determined that sensitive information is included in the user data, a first intelligent contract interface of the first intelligent contract is invoked to desensitize the sensitive information.
FIG. 3 illustrates a flow diagram for querying data according to some embodiments of the invention.
Referring to fig. 3, in step S310, when an inquiry request for inquiring the user data is received, the identification information of the user data is extracted from the inquiry request.
In an example embodiment, when user data needs to be obtained, a query request is initiated to a server storing the user data. When the server receives an inquiry request for user data, IDENTIFICATION information of the user data, for example, a user name of the user, i.e., a user ID (IDENTIFICATION), is extracted from the inquiry request.
In step S320, the user data is obtained based on the identification information, and an index value of the desensitization information of the user data is obtained.
In an example embodiment, the corresponding user data is queried from the target database on the server side based on the identification information of the user, and the index value of the corresponding desensitization information is extracted from the queried user data.
In step S330, the desensitization information is queried from the blockchain system based on the index value, and the desensitization information is restored to obtain the sensitive information.
In an example embodiment, the desensitization information is queried from the blockchain system based on the index value of the desensitization information, for example, the desensitization information is queried from a corresponding block in the blockchain system based on the index value of the desensitization information.
In an example embodiment, when inquiring desensitization information, a second intelligent contract interface deployed on the blockchain system is called, and the second intelligent contract interface is used for inquiring corresponding desensitization information from the blockchain system; and inquiring corresponding desensitization information from the blockchain system through the second intelligent contract interface based on the index value of the desensitization information. For example, a second intelligent contract, sc _ fetch, for performing data Query may be pre-deployed on the blockchain system, where the second intelligent contract may be a piece of code or SQL (Structured Query Language) statement that performs a Query function, and when querying desensitization information, a second intelligent contract interface of the second intelligent contract is invoked to Query the corresponding desensitization information from the blockchain system based on an index value of the desensitization information.
Further, in an example embodiment, desensitization information is restored by employing an inverse decryption algorithm corresponding to the desensitization processing to obtain sensitive information corresponding to the desensitization information. Specifically, when desensitization information is restored, a third intelligent contract interface of the blockchain system is called, and the third intelligent contract interface is used for restoring the desensitization information; and restoring the corresponding sensitive information from the user data through the third intelligent contract interface. For example, a third smart contract, sc _ decode, for restoring desensitization information may be pre-deployed on the blockchain system, where the third smart contract may be a piece of code for restoring desensitization information, and corresponds to the first smart contract for desensitization processing, and for example, when the first smart contract encrypts sensitive data using a public key, the third smart contract restores the desensitization information using a private key corresponding to the public key. And when the desensitization information is restored, calling a third intelligent contract interface of the third intelligent contract, and restoring the corresponding sensitive information from the user data based on the decryption operation corresponding to the first intelligent contract.
FIG. 4 shows a flow diagram of a data processing method according to further embodiments of the present invention.
Referring to fig. 4, in step S410, sensitive information is determined according to a service scenario. For example, when the service scene is insurance service, the sensitive information is the user's identification number and telephone number.
In step S420, user data is acquired. For example, in a user registration module of the insurance service system, a user is required to fill in information such as a name, a certificate number, a mobile phone number, a nickname, hobbies and the like, and after the user completes information entry and submits, the insurance service system receives the following user data: [2017-8-2013:55:20] # user-registry: Doregistry { ' name ': jack ', ' identity ': 1234567xxx ', ' mobile ': 1234567890 ', ' nickname ': xxxxxxxxxx ', ' hobby ': cooking ' }.
In step S430, whether the user data includes sensitive information is identified according to the sensitive information definition rule. For example, whether the user data includes the identification number or the mobile phone number is judged according to the sensitive information definition rule, and if the user data includes the identification number or the mobile phone number, the user data is judged to include the sensitive information. Further, in an example embodiment, upon identifying that sensitive information is contained in the user data, a data desensitization procedure of an intelligent contract deployed on the blockchain system is triggered.
In step S440, desensitization processing is performed on the user data according to the smart contracts deployed on the blockchain system.
In an example embodiment, a desensitization module (sc _ encode for short) using predefined intelligent contracts in a blockchain system desensitizes sensitive information in user data. For example, desensitization processing is performed on the parts (hereinafter referred to as data) of ' name ': jack ', ' identity ': 1234567xxx ', ' mobile ': 1234567890 ' in the user data, and desensitization information abstrate _ data corresponding to the desensitization information is returned: the smart contract sc _ encode (data) ═ abstrate _ data.
In step S450, desensitization information is stored onto the blockchain system via a pre-deployed intelligent contract. For example, the desensitization information abstrate _ data is stored in the block chain link point block by a predefined intelligent contract sc _ save, and the index value bc _ index recorded in the block chain is returned.
Then, in an example embodiment, the index value bc _ index of the sensitive information recorded on the block chain replaces the part of the sensitive information in the original user data, and the replaced result is stored in a database or a log file, and the final stored result is as follows: [2017-8-2013:55:20] # user-registry: Doregistry {% bc _ index%, 'nickname': xxxxxxxxxx ',' hobby ': viewing' }.
In step S460, if it is determined that the user data does not include sensitive information, the user data is stored in a conventional manner, for example, directly stored in a database.
In addition, in the example embodiment, when user data containing sensitive information needs to be used, a query abstrate _ data is acquired from the blockchain system through an intelligent contract sc _ fetch deployed in the blockchain system according to an index value bc _ index of the sensitive information, and an original value of the sensitive reduction sensitive information data is acquired through an intelligent contract sc _ decode combined with a private key or an inverse decryption algorithm.
An intelligent contract is a program that can be automatically triggered to execute in a blockchain system if certain conditions are met. It should be noted that the smart contract sc _ encode, the smart contract sc _ save, the smart contract sc _ fetch, and the smart contract sc _ decode are program codes that are pre-deployed on the blockchain system and execute corresponding functions. The intelligent contracts deployed on the blockchain system are difficult to tamper, and are not interfered by blockchain nodes in the execution process. In an exemplary embodiment of the present invention, different code logics are executed in different steps using the intelligent contracts, and the different code logics may be executed by different intelligent contracts or may be executed by a unified intelligent contract, which is not particularly limited by the present invention.
FIG. 5 illustrates a schematic diagram of an intelligent contract operational flow, according to some embodiments of the invention.
Referring to FIG. 5, in step S510, intelligent contracts are compiled on a blockchain development platform, such as the JUICE platform, for example, the intelligent contracts sc _ encode, sc _ save, sc _ fetch, and sc _ decode described above.
In step S520, a corresponding intelligent contract and an interface to the intelligent contract are created in the blockchain development platform.
In step S530, corresponding intelligent contracts are deployed on the blockchain development platform, for example, the intelligent contracts sc _ encode, the intelligent contracts sc _ save, the intelligent contracts sc _ fetch, and the intelligent contracts sc _ decode are deployed on the blockchain system.
In step S540, it is monitored whether an instruction to trigger the corresponding smart contract is received, for example, when an inquiry instruction is received, it is determined that the smart contract sc _ fetch is triggered.
In step S550, the intelligent contract is invoked via the corresponding intelligent contract interface, for example, via the interface of the intelligent contract sc _ fetch.
In step S550, when the execution of the smart contract is completed, the smart contract corresponding to the instruction is removed. For example, after a transaction is completed, the smart contract corresponding to the transaction is removed.
Furthermore, in an example embodiment of the present invention, a data processing apparatus is also provided. Referring to fig. 6, the data processing apparatus may include: a judgment unit 610, a desensitization processing unit 620, an index generation unit 630, and a storage unit 640. Wherein: the determining unit 610 is configured to obtain user data and determine whether the user data includes sensitive information; the desensitization processing unit 620 is configured to perform desensitization processing on the sensitive information through an intelligent contract deployed on the blockchain system if it is determined that the sensitive information is included, and generate desensitization information; the index generating unit 630 is configured to store the desensitization information into the blockchain system, and return an index value of the desensitization information recorded by the blockchain system; the storage unit 640 is configured to replace the sensitive information in the user data by the index value, and store the replaced user data.
In some exemplary embodiments of the present invention, based on the foregoing scheme, the desensitization processing unit 620 includes: the calling unit is used for calling a first intelligent contract interface deployed on a block chain system, and the first intelligent contract interface is used for desensitizing the sensitive information; and the processing unit is used for desensitizing the sensitive information through the first intelligent contract interface.
In some exemplary embodiments of the present invention, based on the foregoing scheme, the data processing apparatus 600 further includes: the extracting unit is used for extracting the identification information of the user data from the query request when the query request for querying the user data is received; an index obtaining unit, configured to obtain the user data based on the identification information, and obtain an index value of the desensitization information included in the user data; and the query restoration unit is used for querying the desensitization information from the block chain system based on the index value and restoring the desensitization information to obtain the sensitive information.
In some exemplary embodiments of the invention, based on the foregoing, the query reduction unit is configured to: calling a second intelligent contract interface of the blockchain system, wherein the second intelligent contract interface is used for inquiring the desensitization information from the blockchain system; querying the sensitive information from the blockchain system through the second intelligent contract interface based on the index value.
In some exemplary embodiments of the invention, based on the foregoing, the query reduction unit is configured to: calling a third intelligent contract interface of the block chain system, wherein the third intelligent contract interface is used for restoring the desensitization information; and restoring the sensitive information from the user data through the third intelligent contract interface.
In some exemplary embodiments of the present invention, based on the foregoing scheme, the storage unit 640 is configured to: and storing the replaced user data into a target database or a target log file.
In some exemplary embodiments of the present invention, based on the foregoing scheme, the determining unit 610 is configured to: and judging whether the user data contains sensitive information or not according to a sensitive information definition rule.
Since each functional module of the data processing apparatus 600 according to the exemplary embodiment of the present invention corresponds to the step of the above-described exemplary embodiment of the data processing method, it is not described herein again.
In an exemplary embodiment of the present invention, there is also provided an electronic device capable of implementing the above method.
Referring now to FIG. 7, shown is a block diagram of a computer system 700 suitable for use with the electronic device implementing an embodiment of the present invention. The computer system 700 of the electronic device shown in fig. 7 is only an example, and should not bring any limitation to the function and the scope of use of the embodiments of the present invention.
As shown in fig. 7, the computer system 700 includes a Central Processing Unit (CPU)701, which can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM 703, various programs and data necessary for system operation are also stored. The CPU701, the ROM 702, and the RAM 703 are connected to each other via a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
The following components are connected to the I/O interface 705: an input portion 706 including a keyboard, a mouse, and the like; an output section 707 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 708 including a hard disk and the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. A drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read out therefrom is mounted into the storage section 708 as necessary.
In particular, according to an embodiment of the present invention, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the invention include a computer program product comprising a computer program embodied on a computer-readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 709, and/or installed from the removable medium 711. The computer program executes the above-described functions defined in the system of the present application when executed by the Central Processing Unit (CPU) 701.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present invention may be implemented by software, or may be implemented by hardware, and the described units may also be disposed in a processor. Wherein the names of the elements do not in some way constitute a limitation on the elements themselves.
As another aspect, the present application also provides a computer-readable medium, which may be contained in the electronic device described in the above embodiments; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to implement the data processing method as described in the above embodiments.
For example, the electronic device may implement the following as shown in fig. 1: step S110, acquiring user data and judging whether the user data contains sensitive information; step S120, if the sensitive information is judged to be contained, desensitization processing is carried out on the sensitive information through an intelligent contract deployed on a block chain system to generate desensitization information; step S130, storing the desensitization information to the blockchain system, and returning an index value of the desensitization information recorded by the blockchain system; step S140, replacing the sensitive information in the user data by the index value, and storing the replaced user data.
It should be noted that although in the above detailed description several modules or units of a device or apparatus for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the invention. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiment of the present invention can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which can be a personal computer, a server, a touch terminal, or a network device, etc.) to execute the method according to the embodiment of the present invention.
Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the invention and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the invention being indicated by the following claims.
It will be understood that the invention is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the invention is limited only by the appended claims.

Claims (9)

1. A data processing method, comprising:
acquiring user data and judging whether the user data contains sensitive information or not;
if the sensitive information is judged to be contained, desensitizing the sensitive information through an intelligent contract deployed on a block chain system to generate desensitized information;
storing the desensitization information to the blockchain system, and returning an index value of the desensitization information recorded by the blockchain system;
replacing the sensitive information in the user data by the index value, and storing the replaced user data;
the desensitization processing of the sensitive information through the intelligent contracts deployed on the blockchain system comprises the following steps:
calling a first intelligent contract interface deployed on a blockchain system, wherein the first intelligent contract interface is used for desensitizing the sensitive information;
desensitizing the sensitive information through the first intelligent contract interface.
2. The data processing method of claim 1, further comprising:
when a query request for querying the user data is received, extracting identification information of the user data from the query request;
acquiring the user data based on the identification information to obtain an index value of the desensitization information contained in the user data;
and inquiring the desensitization information from the block chain system based on the index value, and restoring the desensitization information to obtain the sensitive information.
3. The data processing method of claim 2, wherein the chaining of blocks is performed from the block based on the index value
Inquiring the desensitization information in the system, including:
invoking a second intelligent contract interface of the blockchain system, the second intelligent contract interface to use to transfer the second intelligent contract interface from the blockchain
Inquiring the desensitization information in the system; querying the sensitive information from the blockchain system through the second intelligent contract interface based on the index value.
4. The data processing method of claim 2, wherein restoring the desensitization information to obtain the sensitive information comprises:
calling a third intelligent contract interface of the block chain system, wherein the third intelligent contract interface is used for restoring the desensitization information;
and restoring the sensitive information from the user data through the third intelligent contract interface.
5. The data processing method of claim 1, wherein storing the replaced user data comprises:
and storing the replaced user data into a target database or a target log file.
6. The data processing method according to any one of claims 1 to 5, wherein determining whether the user data contains sensitive information comprises:
and judging whether the user data contains sensitive information or not according to a sensitive information definition rule.
7. A data processing apparatus, comprising:
the judging unit is used for acquiring user data and judging whether the user data contains sensitive information;
the desensitization processing unit is used for desensitizing the sensitive information through an intelligent contract deployed on a block chain system to generate desensitization information if the sensitive information is judged to be contained;
the index generating unit is used for storing the desensitization information into the blockchain system and returning an index value of the desensitization information recorded by the blockchain system;
the storage unit is used for replacing the sensitive information in the user data through the index value and storing the replaced user data;
wherein the desensitization processing unit comprises:
the calling unit is used for calling a first intelligent contract interface deployed on a block chain system, and the first intelligent contract interface is used for desensitizing the sensitive information;
and the processing unit is used for desensitizing the sensitive information through the first intelligent contract interface.
8. An electronic device, comprising:
a processor; and
a memory having stored thereon computer readable instructions which, when executed by the processor, implement a data processing method as claimed in any one of claims 1 to 6.
9. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the data processing method of any one of claims 1 to 6.
CN201811407905.5A 2018-11-23 2018-11-23 Data processing method and device, electronic equipment and storage medium Active CN109558748B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811407905.5A CN109558748B (en) 2018-11-23 2018-11-23 Data processing method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811407905.5A CN109558748B (en) 2018-11-23 2018-11-23 Data processing method and device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN109558748A CN109558748A (en) 2019-04-02
CN109558748B true CN109558748B (en) 2020-11-03

Family

ID=65867280

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811407905.5A Active CN109558748B (en) 2018-11-23 2018-11-23 Data processing method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN109558748B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110110516A (en) * 2019-01-04 2019-08-09 北京车和家信息技术有限公司 Log recording method, apparatus and system
CN110020554A (en) * 2019-04-19 2019-07-16 腾讯科技(深圳)有限公司 Information processing method, device and computer readable storage medium based on block chain
CN110119429A (en) * 2019-04-22 2019-08-13 矩阵元技术(深圳)有限公司 Data processing method, device, computer equipment and storage medium
CN110135175A (en) * 2019-04-26 2019-08-16 平安科技(深圳)有限公司 Information processing, acquisition methods, device, equipment and medium based on block chain
CN111343142A (en) * 2020-01-22 2020-06-26 腾讯科技(深圳)有限公司 Data processing method and device based on block chain network and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106599322A (en) * 2017-01-03 2017-04-26 北京网智天元科技股份有限公司 Data desensitization method and device
CN107103087A (en) * 2017-05-02 2017-08-29 成都中远信电子科技有限公司 Block chain big data analysis of market conditions system
CN107315970A (en) * 2016-04-26 2017-11-03 展讯通信(上海)有限公司 The exchange method and device of a kind of sensitive data
CN108389046A (en) * 2018-02-07 2018-08-10 西安交通大学 Secret protection method of commerce based on block chain technology in a kind of e-commerce

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107315970A (en) * 2016-04-26 2017-11-03 展讯通信(上海)有限公司 The exchange method and device of a kind of sensitive data
CN106599322A (en) * 2017-01-03 2017-04-26 北京网智天元科技股份有限公司 Data desensitization method and device
CN107103087A (en) * 2017-05-02 2017-08-29 成都中远信电子科技有限公司 Block chain big data analysis of market conditions system
CN108389046A (en) * 2018-02-07 2018-08-10 西安交通大学 Secret protection method of commerce based on block chain technology in a kind of e-commerce

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
区块链技术在我们行业发展中的应用;陇小渝 等;《经济研究导刊》;20180410(第10期);第52页 *

Also Published As

Publication number Publication date
CN109558748A (en) 2019-04-02

Similar Documents

Publication Publication Date Title
US10262145B2 (en) Systems and methods for security and risk assessment and testing of applications
US9838839B2 (en) Repackaging media content data with anonymous identifiers
US20190363893A1 (en) Evaluating authenticity of applications based on assessing user device context for increased security
US10761913B2 (en) System and method for real-time asynchronous multitenant gateway security
US10079859B2 (en) Automated and adaptive model-driven security system and method for operating the same
KR101789962B1 (en) Method and system for inferring application states by performing behavioral analysis operations in a mobile device
EP3000068B1 (en) Protecting data
US20200226289A1 (en) Runtime control of automation accuracy using adjustable thresholds
EP2610776B1 (en) Automated behavioural and static analysis using an instrumented sandbox and machine learning classification for mobile security
US9152784B2 (en) Detection and prevention of installation of malicious mobile applications
US9747430B2 (en) Controlling privacy in a face recognition application
KR102179152B1 (en) Client authentication using social relationship data
Khan et al. Cloud log forensics: foundations, state of the art, and future directions
US20150180908A1 (en) System and method for whitelisting applications in a mobile network environment
EP3455745A1 (en) Dynamic management of data with context-based processing
CN103826215B (en) A kind of method and apparatus for carrying out Root authority management on the terminal device
CN103679031B (en) A kind of immune method and apparatus of file virus
JP2018514848A (en) Method and system for identifying malware through differences in cloud-to-client behavior
CN105956474B (en) Android platform software unusual checking system
US20160379136A1 (en) Methods and Systems for Automatic Extraction of Behavioral Features from Mobile Applications
CN104081713B (en) The long-range trust identification of server and client computer in cloud computing environment and geographical location
US10963400B2 (en) Smart contract creation and monitoring for event identification in a blockchain
Crussell et al. Andarwin: Scalable detection of android application clones based on semantics
JP6402144B2 (en) Method and system for finding a guardian based on a two-dimensional code
KR101373986B1 (en) Method and apparatus to vet an executable program using a model

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant