Summary of the invention
This specification proposes that a kind of data based on block chain deposit card method, is applied to terminal device;Wherein, the terminal
Equipment is equipped with safe computing environment, and private key corresponding with the terminal device is stored in the safe computing environment, described
Method includes:
Obtain collected target data;
Calculate the data summarization of the target data;
The data summarization is signed based on private key corresponding with the terminal device in the safe computing environment
Name, and the data summarization after signature is distributed to the block chain, to be based on the private by the node device in block chain
The corresponding public key of key verifies the signature of the data summarization, and after the signature verification passes through, the data are plucked
Data are carried out in block chain deposit card.
Optionally, private key corresponding with the terminal device is based in the safe computing environment to the data summarization
It signs, comprising:
Obtain the identity information of the terminal inputted using user;
Authentication is carried out using user for described based on the identity information got;
If passed through for described using the authentication of user, it is based on and the terminal in the safe computing environment
The corresponding private key of equipment signs to the data summarization.
Optionally, key schedule is stored in the safe computing environment;
The method also includes:
Obtain the identity information of the terminal device inputted when for the first time using the terminal device using user;
Authentication is carried out using user for described based on the identity information got;
If passed through for described using the authentication of user, call the key raw in the safe computing environment
The private key and public key are generated at algorithm;And
The private key of generation is bound with described using the identity information of user, and by binding relationship in the peace
Full computing environment is stored.
Optionally, private key corresponding with the terminal device is based in the safe computing environment to the data summarization
It signs, comprising:
Obtain the identity information of the terminal inputted using user;
Determine the private key whether stored in the safe computing environment with identity information binding;
If so, based on the private key bound with the identity information to the data summarization in the safe computing environment
It signs.
Optionally, be also stored in the safe computing environment private key that the manufacturer based on the terminal device holds into
Equipment authentication information after row signature;
Before being signed based on the private key to the data summarization in the safe computing environment, further includes:
The corresponding public key of the private key that manufacturer based on the terminal device holds, to the signature of the equipment authentication information
It is verified;If the verification passes, it determines that the terminal device is the legal terminal equipment of manufacturer production, further exists
It is signed based on private key corresponding with the terminal device to the data summarization in the safe computing environment.
Optionally, private key corresponding with the terminal device is based in the safe computing environment to the data summarization
It signs, and the target data after signature is distributed to the block chain, comprising:
Based on private key corresponding with the terminal device to the data summarization and described in the safe computing environment
The description information of target data carries out whole signature, and by after signature the data summarization and the description data, be distributed to
The block chain card;Alternatively,
The data summarization is signed based on private key corresponding with the terminal device in the safe computing environment
Name, and the data summarization after the description data of the target data and signature is distributed to the block chain.
Optionally, the description data include: acquisition moment, collecting location and the target of the target data
One or more combination in the relevant object of data.
Optionally, the terminal device includes law-enforcing recorder or automobile data recorder;The target data includes video
The combination of one or more of data, audio data, image data.
This specification also proposes that a kind of data based on block chain deposit card device, is applied to terminal device;Wherein, the end
End equipment is equipped with safe computing environment, and private key corresponding with the terminal device, institute are stored in the safe computing environment
Stating device includes:
Module is obtained, collected target data is obtained;
Computing module calculates the data summarization of the target data;
Card module is deposited, the data are plucked based on private key corresponding with the terminal device in the safe computing environment
It signs, and the data summarization after signature is distributed to the block chain, by the node device base in block chain
The signature of the data summarization is verified in the private key corresponding public key, and after the signature verification passes through, by institute
It states data summarization and carries out data in block chain and deposit card.
Optionally, it is described deposit card module further,
Obtain the identity information of the terminal inputted using user;
Authentication is carried out using user for described based on the identity information got;
If passed through for described using the authentication of user, it is based on and the terminal in the safe computing environment
The corresponding private key of equipment signs to the data summarization.
Optionally, key schedule is stored in the safe computing environment;
The acquisition module further,
Obtain the identity information of the terminal device inputted when for the first time using the terminal device using user;
It is described deposit card module further,
The identity information got based on the acquisition module carries out authentication using user for described;If
Passed through for described using the authentication of user, the key schedule is called to generate institute in the safe computing environment
State private key and public key;And the private key of generation is bound with described using the identity information of user, and will binding
Relationship is stored in the safe computing environment.
Optionally, it is described deposit card module further,
Obtain the identity information of the terminal inputted using user;
Determine the private key whether stored in the safe computing environment with identity information binding;
If so, based on the private key bound with the identity information to the data summarization in the safe computing environment
It signs.
Optionally, be also stored in the safe computing environment private key that the manufacturer based on the terminal device holds into
Equipment authentication information after row signature;
It is described deposit card module further,
Before signing based on the private key to the data summarization in the safe computing environment, it is based on the end
The corresponding public key of the private key that the manufacturer of end equipment holds verifies the signature of the equipment authentication information;If verifying
Pass through, determines that the terminal device is the legal terminal equipment of manufacturer production, further in the safe computing environment
In signed to the data summarization based on private key corresponding with the terminal device.
Optionally, card module is deposited:
Based on private key corresponding with the terminal device to the data summarization and described in the safe computing environment
The description information of target data carries out whole signature, and by after signature the data summarization and the description data, be distributed to
The block chain card;Alternatively,
The data summarization is signed based on private key corresponding with the terminal device in the safe computing environment
Name, and the data summarization after the description data of the target data and signature is distributed to the block chain.
Optionally, the description data include: acquisition moment, collecting location and the target of the target data
One or more combination in the relevant object of data.
Optionally, the terminal device includes law-enforcing recorder or automobile data recorder;The target data includes video
The combination of one or more of data, audio data, image data.
This specification also proposes a kind of electronic equipment, comprising:
Processor;
For storing the memory of machine-executable instruction;
Wherein, card is deposited with the data based on block chain based on block chain by read and execute memory storage
The corresponding machine-executable instruction of control logic, the processor is prompted to:
Obtain collected target data;Wherein, the electronic equipment is equipped with safe computing environment, the safe operation
Private key corresponding with the electronic equipment is stored in environment;
Calculate the data summarization of the target data;
The data summarization is signed based on private key corresponding with the electronic equipment in the safe computing environment
Name, and the data summarization after signature is distributed to the block chain, to be based on the private by the node device in block chain
The corresponding public key of key verifies the signature of the data summarization, and after the signature verification passes through, the data are plucked
Data are carried out in block chain deposit card.
In above technical scheme, on the one hand, be transformed by the hardware environment to terminal device, in terminal device
Safe computing environment is carried, and stores private key corresponding with terminal device in safe computing environment, so that terminal device is being incited somebody to action
Collected data when carrying out depositing card on block chain, can in safe computing environment based on private key to the data for needing to deposit card
It signs, so as to avoid the data for depositing card on block chain from being tampered in communication process, can ensure in block chain
On deposit card data when data safety;
On the other hand, by carrying out data on block chain and deposit the process of card to improve, terminal device no longer need by
The original contents of collected data deposit card on block chain, but the original contents of collected data are being locally stored,
And the data summarization of original contents is deposited into card on block chain, so that terminal device can be used as physical world and the world Lian Shang
Hinge more easily carries out collected data to deposit card on block chain;Moreover, for obtaining the collected data of terminal
Third party for, due to the data summarization of data by that will obtain, plucked with the data for the data for depositing card on block chain
It is matched, so that it may legitimate verification easily be carried out to the data of acquisition;Therefore, so that the collected number of terminal device
Third party is submitted to according to evidence will be can be used as, the availability of the collected data of terminal device can be obviously improved.
Specific embodiment
Since the data stored in block chain have the characteristic that can not be distorted, stores data on block chain and do
Data deposit card, are the current main trends of industry.
However, in practical applications, for some flow datas;For example, law-enforcing recorder or automobile data recorder collect
The data such as video flowing, audio stream;The memory space of the occupancy as needed for its own is larger, then can not usually be directly stored in area
It carries out depositing card on block chain.
But in some scenes, this kind of flow data but there is strong to deposit card demand;For example, depositing the field of card in the administration of justice
Scape may submit to judicial department as evidence for law-enforcing recorder or the collected video flowing of automobile data recorder.
Due to lacking data authentication means, legitimacy of this kind of flow data as evidence, it will usually which there are extensive queries.Cause
This, for this kind of flow data, best processing mode is also stored in progress data office on block chain and deposits card;It is also desirable to
These legitimacies of the data as judicial evidence for depositing card can more easily be verified.
Based on the above demand, this specification propose it is a kind of using terminal device as the hinge of physical world and the world Lian Shang,
Its collected data more easily to be carried out depositing on block chain the technical solution of card.
When realizing, the hardware environment of terminal device can be improved, be built in the hardware environment of terminal device
Safe computing environment, and the storage and maintenance private key corresponding with terminal device in safe computing environment.
For example, can be in law-enforcing recorder or row by taking terminal device is law-enforcing recorder perhaps automobile data recorder as an example
Safety chip is carried in the hardware environment of vehicle recorder, and the peace is utilized come Build Security computing environment based on the safety chip
Full computing environment carrys out the storage and maintenance law-enforcing recorder private key that perhaps automobile data recorder is held towards law-enforcing recorder or row
Vehicle recorder provides the computing environment of safety.
Further, terminal device is available to collect after collecting needs and depositing the data of card on block chain
Data, and the data summarization of collected data is calculated, then based on corresponding with terminal device in safe computing environment
Private key carries out signature processing to calculated data summarization, the data summarization after signature is then distributed to block chain.
Node device in block chain after the data summarization after the signature for receiving terminal device publication, it is available with
The corresponding public key of the private key of the terminal device is then based on the public key and verifies to the signature of the data summarization;If signature
It is verified, which can be stored into block chain to progress data and deposit card.
In above technical scheme, on the one hand, be transformed by the hardware environment to terminal device, in terminal device
Safe computing environment is carried, and stores private key corresponding with terminal device in safe computing environment, so that terminal device is being incited somebody to action
Collected data when carrying out depositing card on block chain, can in safe computing environment based on private key to the data for needing to deposit card
It signs, so as to avoid the data for depositing card on block chain from being tampered in communication process, can ensure in block chain
On deposit card data when data safety;
On the other hand, by carrying out data on block chain and deposit the process of card to improve, terminal device no longer need by
The original contents of collected data deposit card on block chain, but the original contents of collected data are being locally stored,
And the data summarization of original contents is deposited into card on block chain, so that terminal device can be used as physical world and the world Lian Shang
Hinge more easily carries out collected data to deposit card on block chain;Moreover, for obtaining the collected data of terminal
Third party for, due to the data summarization of data by that will obtain, plucked with the data for the data for depositing card on block chain
It is matched, so that it may legitimate verification easily be carried out to the data of acquisition;Therefore, so that the collected number of terminal device
Third party is submitted to according to evidence will be can be used as, the availability of the collected data of terminal device can be obviously improved.
This specification is described below by specific embodiment and in conjunction with specific application scenarios.
Referring to FIG. 1, Fig. 1 is that a kind of data based on block chain that one embodiment of this specification provides deposit card method, answer
For terminal device, wherein the terminal device is equipped with safe computing environment, stores in the safe computing environment and institute
It states the corresponding private key of terminal device and executes following steps:
Step 102, collected target data is obtained;
Step 104, the data summarization of the target data is calculated;
Step 106, the data are plucked based on private key corresponding with the terminal device in the safe computing environment
It signs, and the data summarization after signature is distributed to the block chain, by the node device base in block chain
The signature of the data summarization is verified in the private key corresponding public key, and after the signature verification passes through, by institute
It states data summarization and carries out data in block chain and deposit card.
The block chain described in this specification can specifically include privately owned chain, shared chain and alliance's chain etc., in this theory
Without being particularly limited in bright book.
For example, in one scenario, above-mentioned block chain specifically can be server, domestic silver by Third-party payment platform
Alliance's chain that row server, overseas bank server and several user node equipment are formed as member device.The connection
The operator of alliance's chain can rely on alliance's chain, to dispose based on alliance's chain online it is cross-border transfer accounts, assets transfer etc.
In line service.
Above-mentioned terminal device may include that block chain can be added as node device, and by collected data in area
Carry out depositing any form of terminal device of card on block chain;
For example, in practical applications, above-mentioned terminal device can specifically include law-enforcing recorder or automobile data recorder etc..
Law-enforcing recorder or automobile data recorder can be used as node and block chain are added, and by collected such as video data, audio
The flow datas such as data carry out depositing card on block chain.
Wherein, data are carried out depositing card on block chain, refers to and carries out persistence in block chain for data as evidence
Storage.
Above-mentioned target data, including it is collected by terminal device, it needs to complete in the distributed data base of block chain
Data deposit any type of data of card;
For example, above-mentioned target data specifically can be the acquisition of the terminal devices such as law-enforcing recorder or automobile data recorder
The flow datas such as the video data, audio data, the image data that arrive.
In the present specification, the hardware environment of terminal device can be transformed, in the hardware environment of terminal device
Build Security computing environment, and using the safe computing environment built, carry out storage and maintenance private key corresponding with terminal device, and
Terminaloriented equipment provides the computing environment of safety.
Wherein, in the hardware environment of terminal device Build Security computing environment concrete mode, in the present specification not
It is particularly limited.
It in practical applications, can be by new hardware being introduced in the hardware environment of terminal device come Build Security operation
Environment can also be transformed the software environment of existing hardware in the hardware environment of terminal device and carry out Build Security operation ring
Border;Alternatively, new hardware can also will be introduced in the hardware environment of terminal device, and in the hardware environment of terminal device
The mode that the mode of building that the software environment of existing hardware is transformed is combined, for terminal device Build Security operation
Environment.
For example, in one embodiment, it can be using the solution party based on SE (Secure Element, safety element)
Case is terminal device Build Security computing environment.Under the solution, it can be introduced in the hardware environment of terminal device
SE hardware (can be the hardware being built in the hardware environment of terminal, be also possible to through external at the terminal hard of interface
Part), using SE hardware come the private key of storage and maintenance terminal device, and terminaloriented equipment provides safe computing environment.
It, can be using based on TEE (Trusted Execution in the another embodiment shown
Environment, credible performing environment) solution, be terminal device Build Security computing environment.In this solution
Under, the software environment of hardware (such as master chip) existing in the hardware environment of terminal device can be transformed, it is soft at this
Credible performing environment is built in part environment, using the credible performing environment come the private key of storage and maintenance terminal device, and face
Safe computing environment is provided to terminal device.
In the third embodiment shown, the solution based on SE+TEE can be used, builds peace for terminal device
Full computing environment.Under the solution, it can use the private key that SE hardware carrys out storage and maintenance terminal device, utilize TEE
Carry out terminaloriented equipment and safe computing environment is provided.
It should be noted that it is listed above go out be the embodiment of terminal device Build Security computing environment, into show
Example property.In practical applications, it is clear that can also be terminal device Build Security by other implementation means out listed above
Computing environment is not being enumerated in the present specification.
In the present specification, above-mentioned terminal device can be used as node device and be added to block chain (also referred to as in equipment
Chain), and will private key corresponding with the terminal device, stored and tieed up in the safe computing environment built for the terminal device
Shield.
Wherein, private key corresponding with terminal device, specifically can be the private key held by terminal device, is also possible to terminal
The private key of equipment held using user.
That is, " private key corresponding with terminal device " described in this specification, specifically can be the equipment of terminal device
Manufacturer generates in the equipment production phase for the terminal device, and the private key held by terminal device;It is also possible to by terminal
Equipment is independently what the user generated by terminal device, and held by the individual subscriber when user uses the terminal device
Private key.
In a kind of embodiment shown, the private key and public key that terminal device is held can be existed by equipment manufacturer
The equipment production phase is terminal device generation, and the private key is written to the safe operation of the terminal device in advance by equipment manufacturer
Storage and maintenance is carried out in environment.
In this case, private key and public key that terminal device is held, then with the identity using user of terminal device
It is not associated with.For the different use users of the terminal device, it can share and the write-in end is defaulted by equipment manufacturer
The same private key in the safe computing environment of end equipment.
In a kind of embodiment shown, the private key and public key that terminal device is held can also be by terminal devices certainly
Main is being generated using user for the terminal device, and the safety that the private key be written to the terminal device autonomous by terminal device
Computing environment.
In this case, the private key and public key of the autonomous generation of terminal device can be used with the use of terminal device
The identity at family is associated, and terminal device can be distinguished for different using user based on the different identity informations using user
A pair of of private key and public key are generated, and the private key of generation and each identity information using user are bound respectively, then will be tied up
Determine relationship and carries out storage and maintenance in safe computing environment.
For example, the terminal device can be written in advance in key schedule by the manufacturer of terminal device when realizing
Safe computing environment.Use user in using terminal equipment when terminal device, terminal device can prompt defeated using user
Enter identity information and carries out authentication;
Wherein, authentication side used by the data type and terminal device of the identity information inputted using user
Formula, in the present specification without particularly limiting;For example, can be using the conventional authentication for such as inputting password or password
Mode can also use the authentication mode based on the physiological characteristics such as fingerprint or face.
After terminal device gets the identity information inputted using user, it can determine in safe computing environment whether deposit
The private key with identity information binding is stored up;If in safe computing environment and the private key of the not stored binding with the identity information,
Show this using user for using the new user of the terminal device, terminal device can be based on the identity got at this time for the first time
Information carries out authentication using user to this;If passed through using user identity authentication for this, terminal device can be
It calls above-mentioned key schedule to generate a pair of of private key and public key in above-mentioned safe computing environment, and by the private key of generation and is somebody's turn to do
It is bound using the identity information of user, binding relationship is then subjected to storage and maintenance in above-mentioned safe computing environment.
In the present specification, user can be used terminal device and carry out data acquisition, and will be collected by terminal device
Data carry out depositing card on block chain.
Wherein, in the present specification, terminal device only needs for collected data being locally stored, and will be collected
The data summarization of data carries out depositing card on block chain, it is no longer necessary to by the original contents of collected data in block chain
On carry out depositing card.
It should be noted that if the collected target data of terminal device is the stream such as video data, audio data
Data, this kind of flow data when carrying out depositing card on block chain, terminal device can according to the preset time cycle, stream data into
Row fragment deposits the mode of card;
For example, terminal device can be calculated using every N minutes of video data as a fragment by taking video data as an example
Then the data summarization of the fragment carries out the data summarization of the fragment depositing card in block chain, and strict guarantee is in block chain
On deposit card each fragment data summarization sequence in time, in order to be recalled.
In the present specification, terminal device is being needed by collected target data when carrying out depositing card on block chain, first
The data summarization of the target data can first be calculated;For example, the data summarization specifically can be based on specific hash algorithm
Calculate the hash value of the target data;Then, terminal device can be in safe computing environment, based on storing in safe computing environment
Private key, signature processing is carried out to the data summarization.
In a kind of embodiment shown, in the safe computing environment of above-mentioned terminal device, it can also store and tie up
Shield, the private key that the manufacturer based on the terminal device holds sign after equipment authentication information;For example, equipment certification letter
Breath, can be written safe operation ring after equipment generation phase has equipment manufacturer to carry out signature processing based on the private key held
Border carries out storage and maintenance.
Wherein, above equipment authentication information specifically can be the arbitrary shape for carrying out legitimacy certification to terminal device
The information of formula;For example, above equipment authentication information specifically can be the production number or other forms of such as terminal device
Anti-counterfeiting information.
In this case, terminal device can be in safe computing environment, based on the private stored in safe computing environment
Key, before carrying out signature processing to the data summarization, the available private key held with the life manufacturer of the terminal device is corresponding
Public key, and based on the public key got, the signature of the equipment authentication information is verified;It if the verification passes, can be true
The fixed terminal device is the legal terminal equipment of manufacturer production;At this point, terminal device further executes, in safe operation
In environment, based on the private key stored in the safe computing environment, the treatment process signed to the data summarization.
In this way, the private key that can be stored in based on safe computing environment carries out the summary data of cochain
Before signature processing, introduce the legal verifying of terminal device, terminate in time some illegality equipments (such as fake equipment, or by
Maliciously improved legitimate device) data cochain behavior, the security level of uplink data can be promoted.
In a kind of embodiment shown, if in the safe computing environment of terminal device storage and maintenance private key,
It in the equipment production phase is what terminal device generated for equipment manufacturer, the private key held by terminal device;In this case,
The ID authentication mechanism using user to terminal device can be introduced, prompts to recognize using user's input identity information progress identity
Card;It, can be based on the identity information got to the use after terminal device gets the identity information inputted using user
User carries out authentication;If passed through for this using the authentication of user, terminal device can be in safe computing environment
In, based on the private key of storage and maintenance in the safe computing environment held by the terminal device, which is signed
Name processing.
In a kind of embodiment shown, if in the safe computing environment of terminal device storage and maintenance private key,
Terminal device is independently that user is used to generate, by the private key for using user to hold;At this point, being deposited in advance in safe computing environment
Store up and maintain the binding relationship of the identity information and private key using user.
It in this case, can be with query safe after terminal device gets the identity information inputted using user
The binding relationship safeguarded in computing environment determines the private key whether stored in safe computing environment with identity information binding;
If storing the private key of identity information binding in safe computing environment, terminal device can be in safe computing environment, base
In the private key inquired, signature processing is carried out to the data summarization.
Certainly, if in safe computing environment and the private key of the not stored binding with the identity information, show that this uses user
For the new user for using the terminal device for the first time, terminal device can be used the use based on the identity information got at this time
Family carries out authentication, and after authentication passes through, calls the key schedule stored in safe computing environment, make for this
Private key and public key are generated with user, and using the private key generated, signature processing is carried out to the data summarization;And by generation
Private key and this bound using the identity information of user, then binding relationship is stored and is tieed up in safe computing environment
Shield.
In the present specification, when terminal device is in safe computing environment, based on the private key stored in safe computing environment,
It, can be by the data summarization after signature, in area after carrying out signature processing completion to the data summarization of collected target data
It is issued in block chain;
For example, a block chain transaction (Transaction) can be constructed based on the data summarization after signature, by the transaction
Broadcast diffusion is carried out to other each node devices.
Node device in block chain is after receiving the data summarization after the signature, in available and safe computing environment
The corresponding public key of the private key of storage is then based on the public key got and verifies to the signature of the data summarization;If the number
Pass through according to the signature verification of abstract, which can initiate to handle the common recognition of the data summarization in block chain, and
After data summarization common recognition processing passes through, which is packed into block in block chain and is stored, to complete to be directed to
The data of the data summarization deposit card.
Wherein, it should be noted that common recognition mechanism used by block chain described in this specification, in this specification
In without being particularly limited to, in practical applications, the operator of block chain can flexibly be selected based on actual demand.
In the another embodiment shown, terminal device is enterprising in block chain when by collected target data
Row is when depositing card, can also be enterprising in block chain together by the data summarization of the description data of the target data and the target data
Row deposits card.
In this case, terminal device is in safe computing environment, based on the private key stored in safe computing environment, to this
When the data summarization of target data carries out signature processing, the description information of the data summarization and the target data can be carried out whole
Body signature;It signs as a whole after the description information of data summarization and the target data is packaged;Then,
By the description data of data summarization and above-mentioned target data after signature, it is distributed to block chain progress data and deposits card.
For example, terminal device can construct one based on the description data of the data summarization after signature and above-mentioned target data
The transaction of block chain, carries out broadcast diffusion to other each node devices for the transaction.
Alternatively, in another case, terminal device is in safe computing environment, based on what is stored in safe computing environment
Private key can also sign when carrying out signature processing to the data summarization of the target data only for the data summarization;So
Afterwards, by the description data of above-mentioned target data, and by the data summarization after signature, block chain progress data is distributed to and deposit card.
For example, terminal device can be constructed based on the data summarization after the description data of above-mentioned target data, and signature
One block chain transaction, carries out broadcast diffusion to other each node devices for the transaction.
Wherein, the particular content that the description information of above-mentioned target data is included, in the present specification without especially limiting
It is fixed, in practical applications, arbitrary content relevant to above-mentioned target data can be covered;
In a kind of embodiment shown, due to the acquisition moment of data, collecting location and the relevant object of data, lead to
It is often extremely important attribute of the data as the instrument of evidence;Therefore, in the present specification, the description letter of above-mentioned target data
Breath, can specifically include in acquisition moment, collecting location and the relevant object of above-mentioned target data of above-mentioned target data
One or more combination.
Wherein, in a kind of embodiment shown, the acquisition moment of target data specifically can be terminal device and adopt
It when collecting target data, is interacted with time certification center, when what is got from time certification center passes through the authority of certification
It carves (timestamp).The collecting location of target data, when can be terminal device and collecting target data, real-time calling terminal device
The precise acquisition place that the locating module (such as GPS module) of carrying is got.And object relevant to above-mentioned target data, it can
To be terminal device after collecting target data, the related object being manually entered by the legitimate user of the terminal device.
For example, the video data is retouched by taking the collected evidence obtaining video data with accident incidents of law-enforcing recorder as an example
Information is stated, can specifically include the authority by certification got at the time of collecting the video data from time certification center
Moment, the precise acquisition place that law-enforcing recorder real-time calling locating module is got at the time of collect the video data, with
And information of vehicles relevant to the video data, the driver information etc. inputted by law-executor.
In above technical scheme, on the one hand, be transformed by the hardware environment to terminal device, in terminal device
Safe computing environment is carried, and stores private key corresponding with terminal device in safe computing environment, so that terminal device is being incited somebody to action
Collected data when carrying out depositing card on block chain, can in safe computing environment based on private key to the data for needing to deposit card
It signs, so as to avoid the data for depositing card on block chain from being tampered in communication process, can ensure in block chain
On deposit card data when data safety;
On the other hand, by carrying out data on block chain and deposit the process of card to improve, terminal device no longer need by
The original contents of collected data deposit card on block chain, but the original contents of collected data are being locally stored,
And the data summarization of original contents is deposited into card on block chain, so that terminal device can be used as physical world and the world Lian Shang
Hinge more easily carries out collected data to deposit card on block chain;
Moreover, for the third party for obtaining the collected data of terminal, due to the data of the data by that will obtain
Abstract, is matched with the data summarization for the data for depositing card on block chain, so that it may easily be carried out to the data of acquisition
Legitimate verification;It therefore, can be significant so that the collected data of terminal device, which will can be used as evidence, submits to third party
Promote the availability of the collected data of terminal device.
For example, for terminal devices such as law-enforcing recorder or automobile data recorders, it is only necessary to by collected video data,
The original contents of the flow datas such as audio data are being locally stored, and by the data summarization of the original contents of these flow datas in block
Card is deposited on chain, it is no longer necessary to the original contents of these flow datas will be carried out depositing card on block chain;
Moreover, user is submitting to third using law-enforcing recorder or the collected flow data of automobile data recorder as evidence
When square mechanism (such as judiciary or insurance company), the data that the third-party institution only needs to recalculate the data of acquisition are plucked
It wants, the data summarization of the data is matched with the data summarization for the data for depositing card on block chain, so that it may easily
Legitimate verification is carried out to the data of acquisition, so that in this way, law-enforcing recorder or driving note can be obviously improved
Record high availability of the collected data of instrument as lawful evidence file.
Corresponding with above method embodiment, this specification additionally provides a kind of data based on block chain and deposits card device
Embodiment.The embodiment that the data based on block chain of this specification deposit card device can be using on an electronic device.Wherein, institute
It states electronic equipment and is equipped with safe computing environment, private corresponding with the electronic equipment is stored in the safe computing environment
Key, Installation practice can also be realized by software realization by way of hardware or software and hardware combining.With software reality
It is by the processor of electronic equipment where it by nonvolatile memory as the device on a logical meaning for existing
In corresponding computer program instructions be read into memory operation formed.For hardware view, as shown in Fig. 2, being this theory
A kind of hardware structure diagram of electronic equipment where the data based on block chain of bright book deposit card device, in addition to processing shown in Fig. 2
Except device, memory, network interface and nonvolatile memory, the electronic equipment in embodiment where device is generally according to this
The actual functional capability of electronic equipment can also include other hardware, repeat no more to this.
Fig. 3 is the block diagram that a kind of data based on block chain shown in one exemplary embodiment of this specification deposit card device.
Referring to FIG. 3, the data based on block chain are deposited card device 30 and can be applied and set in aforementioned electronics shown in Fig. 2
In standby, include: obtaining module 301, computing module 302 and deposit card module 303.
Module 301 is obtained, collected target data is obtained;
Computing module 302 calculates the data summarization of the target data;
Card module 303 is deposited, based on private key corresponding with the electronic equipment to the number in the safe computing environment
It signs according to abstract, and the data summarization after signature is distributed to the block chain, to be set by the node in block chain
It is standby that the signature of the data summarization is verified based on the private key corresponding public key, and after the signature verification passes through,
The data summarization is carried out to data in block chain and deposits card.
In the present embodiment, it is described deposit card module 303 further,
Obtain the identity information of the terminal inputted using user;
Authentication is carried out using user for described based on the identity information got;
If passed through for described using the authentication of user, it is based on and the electronics in the safe computing environment
The corresponding private key of equipment signs to the data summarization.
In the present embodiment, key schedule is stored in the safe computing environment;
The acquisition module 301 further,
Obtain the identity information of the electronic equipment inputted when for the first time using the electronic equipment using user;
It is described deposit card module 303 further,
The identity information got based on the acquisition module 301 carries out authentication using user for described;
If passed through for described using the authentication of user, call the key schedule raw in the safe computing environment
At the private key and public key;And the private key of generation is bound with described using the identity information of user, and will
Binding relationship is stored in the safe computing environment.
In the present embodiment, it is described deposit card module 303 further,
Obtain the identity information of the terminal inputted using user;
Determine the private key whether stored in the safe computing environment with identity information binding;
If so, based on the private key bound with the identity information to the data summarization in the safe computing environment
It signs.
In the present embodiment, it is also stored what the manufacturer based on the electronic equipment held in the safe computing environment
Private key signed after equipment authentication information;
It is described deposit card module 303 further,
Before signing based on the private key to the data summarization in the safe computing environment, it is based on the electricity
The corresponding public key of the private key that the manufacturer of sub- equipment holds verifies the signature of the equipment authentication information;If verifying
Pass through, determines that the electronic equipment is the legal electronic equipment of manufacturer production, further in the safe computing environment
In signed to the data summarization based on private key corresponding with the electronic equipment.
In the present embodiment, card module 303 is deposited:
Based on private key corresponding with the electronic equipment to the data summarization and described in the safe computing environment
The description information of target data carries out whole signature, and by after signature the data summarization and the description data, be distributed to
The block chain card;Alternatively,
The data summarization is signed based on private key corresponding with the electronic equipment in the safe computing environment
Name, and the data summarization after the description data of the target data and signature is distributed to the block chain.
In the present embodiment, the description data include: the acquisition moment of the target data, collecting location, Yi Jisuo
State one or more the combination in the relevant object of target data.
In the present embodiment, the electronic equipment includes law-enforcing recorder or automobile data recorder;The target packet
Include the combination of one or more of video data, audio data, image data.
The function of modules and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus
Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality
Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit
The module of explanation may or may not be physically separated, and the component shown as module can be or can also be with
It is not physical module, it can it is in one place, or may be distributed on multiple network modules.It can be according to actual
The purpose for needing to select some or all of the modules therein to realize this specification scheme.Those of ordinary skill in the art are not
In the case where making the creative labor, it can understand and implement.
System, device, module or the module that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by the product with certain function.A kind of typically to realize that equipment is computer, the concrete form of computer can
To be personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play
In device, navigation equipment, E-mail receiver/send equipment, game console, tablet computer, wearable device or these equipment
The combination of any several equipment.
Corresponding with above method embodiment, this specification additionally provides the embodiment of a kind of electronic equipment.The electronics is set
Standby includes: processor and the memory for storing machine-executable instruction;Wherein, in processor and memory usually pass through
Portion's bus is connected with each other.In other possible implementations, the equipment is also possible that external interface, with can be with other
Equipment or component are communicated.
In the present embodiment, the control that card is deposited with the data based on block chain stored by reading and executing the memory
The corresponding machine-executable instruction of logic processed, the processor are prompted to:
Obtain collected target data;Wherein, the electronic equipment is equipped with safe computing environment, the safe operation
Private key corresponding with the electronic equipment is stored in environment;
Calculate the data summarization of the target data;
The data summarization is signed based on private key corresponding with the electronic equipment in the safe computing environment
Name, and the data summarization after signature is distributed to the block chain, to be based on the private by the node device in block chain
The corresponding public key of key verifies the signature of the data summarization, and after the signature verification passes through, the data are plucked
Data are carried out in block chain deposit card.
In the present embodiment, the control that card is deposited with the data based on block chain stored by reading and executing the memory
The corresponding machine-executable instruction of logic processed, the processor are prompted to:
Obtain the identity information of the terminal inputted using user;
Authentication is carried out using user for described based on the identity information got;
If passed through for described using the authentication of user, it is based on and the electronics in the safe computing environment
The corresponding private key of equipment signs to the data summarization.
In the present embodiment, key schedule is stored in the safe computing environment;
It is corresponding by the control logic for depositing card with the data based on block chain for reading and executing the memory storage
Machine-executable instruction, the processor are prompted to:
Obtain the identity information of the electronic equipment inputted when for the first time using the electronic equipment using user;
Authentication is carried out using user for described based on the identity information got;
If passed through for described using the authentication of user, call the key raw in the safe computing environment
The private key and public key are generated at algorithm;And
The private key of generation is bound with described using the identity information of user, and by binding relationship in the peace
Full computing environment is stored.
In the present embodiment, the control that card is deposited with the data based on block chain stored by reading and executing the memory
The corresponding machine-executable instruction of logic processed, the processor are prompted to:
Obtain the identity information of the terminal inputted using user;
Determine the private key whether stored in the safe computing environment with identity information binding;
If so, based on the private key bound with the identity information to the data summarization in the safe computing environment
It signs.
In the present embodiment, it is also stored what the manufacturer based on the electronic equipment held in the safe computing environment
Private key signed after equipment authentication information;
It is corresponding by the control logic for depositing card with the data based on block chain for reading and executing the memory storage
Machine-executable instruction, the processor are prompted to:
The corresponding public key of the private key that manufacturer based on the electronic equipment holds, to the signature of the equipment authentication information
It is verified;If the verification passes, it determines that the electronic equipment is the legal electronic equipment of manufacturer production, further exists
It is signed based on private key corresponding with the electronic equipment to the data summarization in the safe computing environment.
In the present embodiment, the control that card is deposited with the data based on block chain stored by reading and executing the memory
The corresponding machine-executable instruction of logic processed, the processor are prompted to:
Based on private key corresponding with the electronic equipment to the data summarization and described in the safe computing environment
The description information of target data carries out whole signature, and by after signature the data summarization and the description data, be distributed to
The block chain card;Alternatively,
The data summarization is signed based on private key corresponding with the electronic equipment in the safe computing environment
Name, and the data summarization after the description data of the target data and signature is distributed to the block chain.
Those skilled in the art after considering the specification and implementing the invention disclosed here, will readily occur to this specification
Other embodiments.This specification is intended to cover any variations, uses, or adaptations of this specification, these modifications,
Purposes or adaptive change follow the general principle of this specification and undocumented in the art including this specification
Common knowledge or conventional techniques.The description and examples are only to be considered as illustrative, the true scope of this specification and
Spirit is indicated by the following claims.
It should be understood that this specification is not limited to the precise structure that has been described above and shown in the drawings,
And various modifications and changes may be made without departing from the scope thereof.The range of this specification is only limited by the attached claims
System.
The foregoing is merely the preferred embodiments of this specification, all in this explanation not to limit this specification
Within the spirit and principle of book, any modification, equivalent substitution, improvement and etc. done should be included in the model of this specification protection
Within enclosing.