CN109754226B - Data management method, device and storage medium - Google Patents
Data management method, device and storage medium Download PDFInfo
- Publication number
- CN109754226B CN109754226B CN201910003552.0A CN201910003552A CN109754226B CN 109754226 B CN109754226 B CN 109754226B CN 201910003552 A CN201910003552 A CN 201910003552A CN 109754226 B CN109754226 B CN 109754226B
- Authority
- CN
- China
- Prior art keywords
- node
- information
- approval record
- block
- record information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 79
- 238000013523 data management Methods 0.000 title abstract description 24
- 238000012545 processing Methods 0.000 claims abstract description 146
- 238000012795 verification Methods 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 5
- 238000007726 management method Methods 0.000 abstract description 20
- 230000008520 organization Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 9
- 230000004044 response Effects 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a data management method, data management equipment and a storage medium. The method comprises the following steps: a first node receives first processing information sent by a second node; the first processing information is obtained by encrypting the fund approval record information of the second node by the second node; the first node verifies the first processing information to obtain verified fund approval record information; the first node generates a fund approval record information block according to the verified fund approval record information and adds the fund approval record information block into a block chain stored in the first node; the block body of the block comprises the verified fund approval record information. The embodiment of the invention records the fund approval record information into the block of the block chain, has lower management cost of the fund approval record, simple management process and higher data security, and can avoid the behavior of stealing accounts and damaging accounts.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a data management method, device, and storage medium.
Background
In the daily management process of an enterprise, some important matters cannot be examined and approved by an enterprise leader, such as: the transfer of engineering funds, the approval of payment, reimbursement of fees, and the like. With the development of science and technology, higher requirements are put forward on approval process management.
At present, the fund approval record is managed by a management system, an applicant submits the fund approval record after filling in the fund approval record, an administrator approves and modifies the fund approval record and stores the fund approval record and the fund approval record in a central organization database, the central organization database provides backup and other operations, and the fund approval record information is stored in the central organization database. In the management mode, the fund approval record information is stored in the central organization database, and the database is easy to steal or maliciously used, so that the safety of user data cannot be guaranteed.
Disclosure of Invention
The invention provides a data management method, equipment and a storage medium, which are used for improving the safety of capital examination and approval record information.
In a first aspect, the present invention provides a data management method, including:
a first node receives first processing information sent by a second node; the first processing information is obtained by encrypting the fund approval record information of the second node by the second node;
the first node verifies the first processing information to obtain verified fund approval record information;
the first node generates a fund approval record information block according to the verified fund approval record information and adds the fund approval record information block into a block chain stored in the first node; the block body of the block comprises the verified fund approval record information.
In a second aspect, the present invention provides a data management method, including:
the second node carries out encryption processing according to the fund approval record information of the second node to obtain first processing information;
the second node sends first processing information to the first node so that the first node verifies the first processing information and generates a fund approval record information block according to the verified fund approval record information; and the block main body of the fund approval record information block comprises the verified fund approval record information.
In a third aspect, the invention provides a computer-readable storage medium having a computer program stored thereon, wherein the computer program, when executed by a processor, implements the method of any of the first and second aspects.
In a fourth aspect, the present invention provides an electronic device comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of any of the first aspects via execution of the executable instructions.
In a fifth aspect, the present invention provides an electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the method of any of the second aspects via execution of the executable instructions.
According to the data management method, the data management device and the data management storage medium provided by the embodiment of the invention, a first node receives first processing information sent by a second node; the first processing information is obtained by encrypting the fund approval record information of the second node by the second node; the first node verifies the first processing information to obtain verified fund approval record information; the first node generates a fund approval record information block according to the verified fund approval record information and adds the fund approval record information block into a block chain stored in the first node; according to the scheme, the fund approval record information is recorded in the blocks of the block chain, and the fund approval record information is verified when the blocks are generated, so that the true and reliable fund approval records are recorded in the blocks, the safety of user data is improved, a central organization does not need to participate in collection management, the management cost is reduced, and the management process is efficient and transparent.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure.
FIG. 1 is a flow chart illustrating an embodiment of a data management method provided by the present invention;
FIG. 2 is a block chain diagram illustrating a data management method according to an embodiment of the present invention;
FIG. 3 is a flow chart illustrating a data management method according to another embodiment of the present invention;
FIG. 4 is a schematic structural diagram of an embodiment of a data management device provided in the present invention;
FIG. 5 is a schematic structural diagram of another embodiment of a data management device according to the present invention
FIG. 6 is a schematic structural diagram of an embodiment of an electronic device provided in the present invention;
fig. 7 is a schematic structural diagram of another embodiment of the electronic device provided by the present invention.
With the foregoing drawings in mind, certain embodiments of the disclosure have been shown and described in more detail below. These drawings and written description are not intended to limit the scope of the disclosed concepts in any way, but rather to illustrate the concepts of the disclosure to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of devices consistent with certain aspects of the present disclosure, as detailed in the appended claims.
The terms "comprising" and "having," and any variations thereof, in the description and claims of this invention and the drawings described herein are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Firstly, the application scene related to the invention is introduced:
the fund approval record information comprises information such as an applicant, application amount, application item remarks, an approver opinion, approval amount, approval time and the like.
The data management method of the embodiment of the invention is applied to the management of the capital examination and approval record information, the capital examination and approval record information in the related technology is managed by a management system, an applicant submits the record after filling, an administrator examines and approves and modifies the record and stores the record in the central organization database, the central organization database provides backup and other operations, and the capital examination and approval record information is stored in the central organization database.
The data management method of the embodiment of the invention records the fund approval record information into the block of the block chain, has lower management cost of the fund approval record, simple management process and higher data security, and can avoid the behavior of account stealing and account destroying.
The users of the applicant, the approver, the statistic person and the like give corresponding equipment as an independent node, namely, all the parties participating in the fund approval record information management form a block chain network through the peer-to-peer network P2P. In a blockchain network, each individual node, regardless of identity, can communicate with other nodes. And after each approval, the capital approval record information is collected by a node for collecting statistical information (hereinafter referred to as a statistical node) and then is broadcast to the whole network through a block chain network. Under the supervision and verification of all nodes in the whole network, the statistical nodes pack the fund approval record information to generate blocks, and a block chain which cannot be tampered is formed. The user obtains the fund approval record information by recording the fund approval record information on the block chain, and the corresponding fund approval record information can be inquired only after the identity of the user is verified.
Fig. 1 is a flowchart illustrating a data management method according to an embodiment of the present invention. As shown in fig. 1, the method provided by this embodiment includes:
Specifically, the first node is a statistical node, the second node is other nodes (including nodes corresponding to an applicant, an approver and the like) in the block chain network, and the second node encrypts the fund approval record information to obtain first processing information and sends the first processing information to the first node.
The second node encrypts the fund approval record information of the second node, the character information including the first identity identification information of the second node, the first encryption algorithm and the second processing information through the private key of the second node and the public key of the first node to obtain first processing information, namely E (PU)B,E(PRAM + algorithm + fund approval record information + response)), M is character information including first identity information (identity) of the second node, a random number nonce of the first node, and a random number cnonce of the second node; algorithms provides a digital digest algorithm for the first node, such as MD5 or SHA. The first node sends a message to other second nodes in advance, and the message carries the random number of the first node and the digital digest algorithm. Wherein, PRAIs a private key of the second node, PUBIs the public key of the first node.
The second processing information (i.e., response) is information obtained by processing the fund approval record information and the character information by the first encryption algorithm.
The first node and all the second nodes generate respective public and private key pairs by using an RSA algorithm, and digital signature and identity authentication are performed by using the public and private key pairs. The first node and all second nodes publish the respective generated public keys to the blockchain network through a non-password way. And all the nodes in the block chain network can obtain the public keys of other nodes and temporarily store the public keys.
And 102, the first node verifies the first processing information to obtain verified fund approval record information.
Specifically, the first node receives the fund approval record information of all the second nodes within a preset time (for example, 1 day). And the first node verifies the first processing information which is sent by the second node and comprises the fund approval record information.
Step 102 may be specifically implemented by the following method:
the first node decrypts the first processing information sequentially through the private key of the first node and the public key of the second node to obtain the fund approval record information, character information including first identity identification information, a first encryption algorithm and second processing information; the second processing information is the information obtained by processing the fund approval record information and the character information through the first encryption algorithm;
the first node processes the fund approval record information and the character information through the first encryption algorithm to obtain third processing information;
if the third processing information is the same as the second processing information and the first identity identification information is consistent with the second identity identification information of the second node acquired in advance, the first node determines that the fund approval record information is effective fund approval record information;
if the third processing information is different from the second processing information and/or the first identity identification information is not consistent with the second identity identification information of the second node acquired in advance, the first node determines that the fund approval record information is invalid fund approval record information;
and the verified fund approval record information comprises the effective fund approval record and the invalid fund approval record information.
Specifically, the first node decrypts the received first processing information with a private key of the first node and a public key of the second node to obtain the fund approval record information, the character information (i.e., M) including the first identity information, the first encryption algorithm (i.e., algorithm), and the second processing information (i.e., response).
And processing the obtained capital approval record information and the character information by the first encryption algorithm to obtain third processing information, comparing the third processing information with the obtained second processing information, and if the third processing information is consistent with the obtained second processing information and the first identity identification information in the obtained character information is consistent with the second identity identification information of the second node obtained by the first node in advance, passing the identity verification of the second node and enabling the capital approval record information to be effective.
And if the third processing information is different from the second processing information and/or the obtained first identity identification information is inconsistent with the second identity identification information of the second node acquired in advance, the fund approval record information of the second node is invalid fund approval record information.
103, the first node generates a fund approval record information block according to the verified fund approval record information, and adds the fund approval record information block into a block chain stored in the first node; and the block body of the fund approval record information block comprises the verified fund approval record information.
Specifically, the first node generates a fund approval record information block according to the verified fund approval record information, and the block main body comprises the fund approval record information of all the second nodes received within the preset time length, including effective and effective fund approval record information.
Further, the fund approval record information block further comprises a block header, and the block header comprises the hash value of the last block, the hash value of the current block and a time stamp.
Specifically, the block header may record a hash value of the current block, a timestamp, and a hash value of the previous block. The hash value of the current block is generated in a hash mode according to information recorded in the block main body, and the information recorded in the block main body comprises first identity identification information of the first node and other second nodes, public keys of the first node and other second nodes, random numbers generated by the first node, random numbers sent by other second nodes and fund approval record information. The other second nodes refer to the second nodes corresponding to the fund approval record information received by the first node within the preset time length.
Further, before the first node adds the fund approval record information block to the block chain stored in the first node, the method further includes:
the first node broadcasts the fund approval record information block to at least one second node in a block chain network so that the second node verifies the fund approval record information block;
the adding the fund approval record information block into the block chain stored by the first node comprises:
and if the first node receives the indication information that the verification is passed and sent by the second nodes with the number exceeding the preset number in the block chain network, adding the fund approval record information block into the block chain stored in the first node.
Specifically, the first node sends the generated fund approval record information block to all second nodes of the block chain network. And the second node verifies the fund approval record information block according to the information stored in the second node. The verification process comprises the following steps:
and the second node compares the public key, the identity identification information, the random number and the fund approval record information of the node in the block main body of the received fund approval record information block according to the stored information, and if the node is judged to have no error, the second node sends indication information to the first node, wherein the indication information is used for indicating that the fund approval record information block passes the verification.
And if the first node receives the indication information sent by the second nodes with the number exceeding the preset number, adding the fund approval record information block into a block chain stored in the first node.
For example, if more than 50% of the second nodes confirm that the fund approval record information block has no error, all the second nodes accept the fund approval record information block and store the fund approval record information block in the storage space of the node. If the confirmation rate is not up to 50%, the first node regenerates the fund approval record information block until the consensus is achieved.
The first node may count and store all information according to the information recorded in the fund approval record information block on the block chain.
In the embodiment of the invention, under the condition that a central trust system does not exist, the fund approval record information of the user is recorded into the blocks of the block chain. And the latest and reliable fund approval record of the user is recorded on the last block of the block chain. The defect that the fund approval information is possibly used maliciously in the centralized information collecting and information counting process is overcome, and the user data safety is improved. The collection management is not required to be participated by a central organization, the management cost is reduced, and the management process is efficient and transparent.
When inquiring the fund approval record information, the user can carry out identity authentication in a digital signature mode, and inquire the fund approval record recorded on the block chain after the authentication is passed, so that the user can conveniently and quickly inquire corresponding information.
In the method of this embodiment, a first node receives first processing information sent by a second node; the first processing information is obtained by encrypting the fund approval record information of the second node by the second node; the first node verifies the first processing information to obtain verified fund approval record information; the first node generates a fund approval record information block according to the verified fund approval record information and adds the fund approval record information block into a block chain stored in the first node; according to the scheme, the fund approval record information is recorded in the blocks of the block chain, and the fund approval record information is verified when the blocks are generated, so that the true and reliable fund approval records are recorded in the blocks, the safety of user data is improved, a central organization does not need to participate in collection management, the management cost is reduced, and the management process is efficient and transparent.
On the basis of the foregoing embodiment, optionally, the method of this embodiment further includes:
the first node receives first identity identification processing information sent by the second node; the first identity processing information is obtained by encrypting character information including the first identity information, a second encryption algorithm and second identity processing information by the second node through a private key of the second node and a public key of the first node; the first identity processing information is information obtained by processing the character information through the second encryption algorithm;
the first node authenticates the first identity processing information to obtain an authentication result;
if the authentication result is that the authentication is passed, the first node generates an initial block according to the identity identification information and the public key of the first node and the first identity identification information and the public key of the second node, wherein a block main body of the initial block comprises the identity identification information and the public key of the first node and the first identity identification information and the public key of the second node.
Specifically, the second node splices the first identity information identity of the second node, the random number nonce sent by the first node and the random number cnonce generated by the second node into a character string M, that is, M is identity + nonce + cnonce, then uses the selected second encryption algorithm such as digital digest 1 to process the M by using the digital digest algorithm to obtain response1, and finally uses the private key of the second node and the public key of the first node to encrypt the above information to obtain the first identity processing information, that is, E (PUB, E (PRA, M + digest 1+ response1)), so as to ensure that the first identity processing information is sent by the second node, only the first node can receive and decrypt, and ensure the confidentiality of data in the transmission process.
Optionally, the first node authenticates the first identity identifier processing information to obtain an authentication result, which may be specifically implemented as follows:
the first node decrypts the first identity processing information through a private key of the first node and a public key of the second node to obtain the character information including the first identity information, the second encryption algorithm and the second identity processing information;
the first node processes the character information through the second encryption algorithm to obtain third identity processing information;
and if the third identity processing information is the same as the second identity processing information and the first identity information is consistent with the second identity information of the second node acquired in advance, the first node acquires an authentication result that the first identity processing information passes authentication.
Specifically, after receiving the first identity processing information, the first node (only 1 first node in the full blockchain network) decrypts the information using the private key of the first node and the public key of the second node to obtain character information (M) including the first identity processing information, the second encryption algorithm, and the second identity processing information.
And encrypting the M by using a second encryption algorithm, comparing the M with second identity processing information response1, if the M is the same as the second identity processing information response, passing the authentication, and otherwise, not passing the authentication.
The first node collects the first identity identification information of all the second nodes through the above operation steps, and packs the collected public keys of all the second nodes and the corresponding first identity identification information to generate an initial block of the block chain. The block body of the starting block records public keys and identity identification information of all nodes of the block chain network (that is, the public keys and the identity identification information of the first node and the public keys and the first identity identification information of all the second nodes), and the block header records a hash value of the current block (the hash value of the current block is generated by hashing the information recorded in the block body, where the block body of the starting block includes the identity identification information of the first node and all the other second nodes, the public keys of the first node and all the other second nodes, the random number nonce generated by the first node and the random number cnonce sent by the other second nodes), a timestamp, and hash value information of the previous block (the starting block has no previous block, so the hash value of the previous block is 0), as shown in fig. 2.
Further, after generating the starting block, the method further includes:
the first node broadcasts the starting block to at least one second node in a block chain network so that the second node verifies the starting block;
and if the first node receives the indication information that the verification is passed and is sent by more than a preset number of second nodes in the block chain network, storing the starting block as the starting block of the block chain.
Specifically, the first node sends the generated starting block to all the second nodes of the blockchain network. The second node verifies the starting block according to the information stored by the second node. The verification process comprises the following steps:
and the second node compares the received public key, the identity identification information and the random number of the node in the block body of the starting block according to the stored information, and if no error exists, the second node sends indication information to the first node, wherein the indication information is used for indicating that the starting block passes verification.
And if the first node receives the indication information sent by the second nodes with the number exceeding the preset number, the starting block is used as the starting block of the block chain for storage.
For example, if more than 50% of the second nodes confirm that the starting block has no errors, all the second nodes accept the starting block and store the starting block in the storage space of the own node. If 50% of the acknowledgements are not reached, the first node regenerates the starting block until consensus is reached.
In this embodiment, the public key and the identification information of the node are generated into the starting block, and since the public key and the identification information are verified when the starting block is generated, the public key and the identification information recorded in the starting block are both true and reliable, so that the security of user data is improved.
Fig. 3 is a flowchart illustrating a data management method according to another embodiment of the present invention. As shown in fig. 3, the method provided by this embodiment includes:
301, the second node performs encryption processing according to the fund approval record information of the second node to obtain first processing information;
Optionally, the encrypting, by the second node, according to the fund approval record information of the second node, to obtain first processing information includes:
the second node encrypts the fund approval record information of the second node, the character information including the first identity identification information, the first encryption algorithm and the second processing information through the private key of the second node and the public key of the first node to obtain the first processing information; the second processing information is the information obtained by processing the fund approval record information and the character information through the first encryption algorithm;
optionally, the method further includes:
the second node receives the starting block sent by the first node;
the second node determines whether the second identity identification information and the public key of the second node, which are acquired in advance, are matched with the first identity identification information and the public key of the second node included in the starting block;
if the first node is matched with the second node, the second node sends indication information to the first node; the indication information is used for indicating that the starting block is verified to be passed.
Optionally, the method further includes:
the second node receives the fund approval record information block sent by the first node;
the second node determines whether the second identity identification information and the fund approval record information of the second node, which are acquired in advance, are matched with the first identity identification information and the fund approval record information of the second node included in the fund approval record information block;
if the first node is matched with the second node, the second node sends indication information to the first node; the indication information is used for indicating that the fund approval record information block is verified to be passed.
The method of the embodiment is similar to the method of the embodiment shown in fig. 1-2 in the implementation principle and technical effect, and is not described herein again.
Fig. 4 is a structural diagram of an embodiment of a data management device provided in the present invention, and as shown in fig. 4, the data management device of the present embodiment includes:
a receiving module 401, configured to receive first processing information sent by a second node; the first processing information is obtained by encrypting the fund approval record information of the second node by the second node;
a verification module 402, configured to verify the first processing information to obtain verified fund approval record information;
the processing module 403 is configured to generate a fund approval record information block according to the verified fund approval record information, and add the fund approval record information block to the block chain stored in the first node; the block body of the block comprises the verified fund approval record information.
Optionally, the verification module 402 is specifically configured to:
the first node decrypts the first processing information sequentially through the private key of the first node and the public key of the second node to obtain the fund approval record information, character information including first identity identification information, a first encryption algorithm and second processing information; the second processing information is the information obtained by processing the fund approval record information and the character information through the first encryption algorithm;
the first node processes the fund approval record information and the character information through the first encryption algorithm to obtain third processing information;
if the third processing information is the same as the second processing information and the first identity identification information is consistent with the second identity identification information of the second node acquired in advance, the first node determines that the fund approval record information is effective fund approval record information;
if the third processing information is different from the second processing information and/or the first identity identification information is not consistent with the second identity identification information of the second node acquired in advance, the first node determines that the fund approval record information is invalid fund approval record information;
and the verified fund approval record information comprises the effective fund approval record and the invalid fund approval record information.
Optionally, the receiving module 401 is further configured to:
receiving first identity identification processing information sent by the second node; the first identity processing information is obtained by encrypting character information including the first identity information, a second encryption algorithm and second identity processing information by the second node through a private key of the second node and a public key of the first node; the first identity processing information is information obtained by processing the character information through the second encryption algorithm;
a verification module 402, further configured to:
authenticating the first identity identification processing information to obtain an authentication result;
if the authentication result is that the authentication is passed, the processing module 403 is further configured to generate a starting block according to the identity information and the public key of the first node and the first identity information and the public key of the second node, where a block main body of the starting block includes the identity information and the public key of the first node and the first identity information and the public key of the second node.
Optionally, the verification module 402 is specifically configured to:
decrypting the first identity processing information through the private key of the first node and the public key of the second node to obtain the character information including the first identity processing information, the second encryption algorithm and the second identity processing information;
processing the character information by the second encryption algorithm to obtain third identity processing information;
and if the third identity processing information is the same as the second identity processing information and the first identity information is consistent with the second identity information of the second node acquired in advance, acquiring an authentication result that the first identity processing information passes authentication.
Optionally, the processing module 403 is specifically configured to:
broadcasting the starting block to at least one second node in a blockchain network so that the second node verifies the starting block;
and if the first node receives the indication information that the verification is passed and is sent by more than a preset number of second nodes in the block chain network, storing the starting block as the starting block of the block chain.
Optionally, the processing module 403 is specifically configured to:
the first node broadcasts the fund approval record information block to at least one second node in a block chain network so that the second node verifies the fund approval record information block;
and if the first node receives the indication information that the verification is passed and sent by the second nodes with the number exceeding the preset number in the block chain network, adding the fund approval record information block into the block chain stored in the first node.
The apparatus of this embodiment may be configured to implement the technical solution of the method embodiment shown in fig. 1, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 5 is a structural diagram of another embodiment of the data management device provided in the present invention, and as shown in fig. 5, the data management device of the present embodiment includes:
the processing module 501 is configured to perform encryption processing according to the fund approval record information of the second node to obtain first processing information;
a sending module 502, configured to send first processing information to a first node, so that the first node verifies the first processing information, and generates a fund approval record information block according to verified fund approval record information; and the block main body of the fund approval record information block comprises the verified fund approval record information.
Optionally, the processing module 501 is specifically configured to:
the second node encrypts the fund approval record information of the second node, the character information including the first identity identification information, the first encryption algorithm and the second processing information through the private key of the second node and the public key of the first node to obtain the first processing information; the second processing information is the information obtained by processing the fund approval record information and the character information through the first encryption algorithm;
optionally, the method further includes:
a receiving module, configured to receive a starting block sent by the first node;
the processing module 501 is further configured to:
determining whether the second identity identification information and the public key of the second node, which are acquired in advance, are matched with the first identity identification information and the public key of the second node included in the starting block;
if the first node is matched with the second node, the second node sends indication information to the first node; the indication information is used for indicating that the starting block is verified to be passed.
Optionally, the receiving module is further configured to receive a fund approval record information block sent by the first node;
the processing module 501 is further configured to:
determining whether the second identity identification information and the fund approval record information of the second node, which are acquired in advance, are matched with the first identity identification information and the fund approval record information of the second node included in the fund approval record information block;
if the first node is matched with the second node, the second node sends indication information to the first node; the indication information is used for indicating that the fund approval record information block is verified to be passed.
The apparatus of this embodiment may be configured to implement the technical solution of the method embodiment shown in fig. 3, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 6 is a structural diagram of an embodiment of an electronic device provided in the present invention, and as shown in fig. 6, the electronic device includes:
a processor 601, and a memory 602 for storing executable instructions for the processor 601.
Optionally, the method further includes: a communication interface 603 for communicating with other devices.
The processor 601 is configured to execute the corresponding method in the foregoing method embodiment by executing the executable instruction, and the specific implementation process thereof may refer to the foregoing method embodiment, which is not described herein again.
The electronic device corresponds to a device of the first node.
Fig. 7 is a structural diagram of another embodiment of the electronic device provided in the present invention, and as shown in fig. 7, the electronic device includes:
a processor 701, and a memory 702 for storing executable instructions for the processor 701.
Optionally, the method further includes: a communication interface 703 for communicating with other devices.
The processor 701 is configured to execute the corresponding method in the foregoing method embodiment by executing the executable instruction, and the specific implementation process of the method may refer to the foregoing method embodiment, which is not described herein again.
The electronic device corresponds to a device of the second node.
The embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the method in the foregoing method embodiment is implemented.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (11)
1. A method for managing data, comprising:
a first node receives first processing information sent by a second node; the first processing information is obtained by the second node by encrypting the fund approval record information of the second node, the character information comprising the first identity identification information of the second node, a first encryption algorithm and second processing information through a private key of the second node and a public key of the first node, and the second processing information is obtained by the second node by processing the fund approval record information and the character information through the first encryption algorithm;
the first node verifies the first processing information to obtain verified fund approval record information;
the first node generates a fund approval record information block according to the verified fund approval record information and adds the fund approval record information block into a block chain stored in the first node; the block body of the block comprises the verified fund approval record information.
2. The method of claim 1, wherein the first node verifies the first processed information to obtain verified fund approval record information, and the verifying comprises:
the first node decrypts the first processing information sequentially through the private key of the first node and the public key of the second node to obtain the fund approval record information, character information including first identity identification information, a first encryption algorithm and second processing information;
the first node processes the fund approval record information and the character information through the first encryption algorithm to obtain third processing information;
if the third processing information is the same as the second processing information and the first identity identification information is consistent with the second identity identification information of the second node acquired in advance, the first node determines that the fund approval record information is effective fund approval record information;
if the third processing information is different from the second processing information and/or the first identity identification information is not consistent with the second identity identification information of the second node acquired in advance, the first node determines that the fund approval record information is invalid fund approval record information;
and the verified fund approval record information comprises the effective fund approval record and the invalid fund approval record information.
3. The method of claim 1 or 2, further comprising:
the first node receives first identity identification processing information sent by the second node; the first identity processing information is obtained by encrypting character information including the first identity information, a second encryption algorithm and second identity processing information by the second node through a private key of the second node and a public key of the first node; the second identity processing information is information obtained by processing the character information by the second node through the second encryption algorithm;
the first node authenticates the first identity processing information to obtain an authentication result;
if the authentication result is that the authentication is passed, the first node generates an initial block according to the identity identification information and the public key of the first node and the first identity identification information and the public key of the second node, wherein a block main body of the initial block comprises the identity identification information and the public key of the first node and the first identity identification information and the public key of the second node.
4. The method of claim 3, wherein authenticating the first identity handling information by the first node to obtain an authentication result comprises:
the first node decrypts the first identity processing information through a private key of the first node and a public key of the second node to obtain the character information including the first identity information, the second encryption algorithm and the second identity processing information;
the first node processes the character information through the second encryption algorithm to obtain third identity processing information;
and if the third identity processing information is the same as the second identity processing information and the first identity information is consistent with the second identity information of the second node acquired in advance, the first node acquires an authentication result that the first identity processing information passes authentication.
5. The method of claim 3, wherein after the generating the starting block, further comprising:
the first node broadcasts the starting block to at least one second node in a block chain network so that the second node verifies the starting block;
and if the first node receives the indication information that the verification is passed and is sent by more than a preset number of second nodes in the block chain network, storing the starting block as the starting block of the block chain.
6. The method according to claim 1 or 2, wherein before adding the fund approval record information block to the block chain stored in the first node, the method further comprises:
the first node broadcasts the fund approval record information block to at least one second node in a block chain network so that the second node verifies the fund approval record information block;
the adding the fund approval record information block into the block chain stored by the first node comprises:
and if the first node receives the indication information that the verification is passed and sent by the second nodes with the number exceeding the preset number in the block chain network, adding the fund approval record information block into the block chain stored in the first node.
7. A method for managing data, comprising:
the method comprises the steps that a second node encrypts capital examination and approval record information of the second node, character information including first identity identification information, a first encryption algorithm and second processing information through a private key of the second node and a public key of a first node to obtain first processing information, wherein the second processing information is the information of the capital examination and approval record information and the character information processed by the second node through the first encryption algorithm;
the second node sends first processing information to the first node so that the first node verifies the first processing information and generates a fund approval record information block according to the verified fund approval record information; and the block main body of the fund approval record information block comprises the verified fund approval record information.
8. The method of claim 7, further comprising:
the second node receives the starting block sent by the first node;
the second node determines whether the second identity identification information and the public key of the second node, which are acquired in advance, are matched with the first identity identification information and the public key of the second node included in the starting block;
if the first node is matched with the second node, the second node sends indication information to the first node; the indication information is used for indicating that the starting block is verified to be passed.
9. The method of claim 7, further comprising:
the second node receives the fund approval record information block sent by the first node;
the second node determines whether the second identity identification information and the fund approval record information of the second node, which are acquired in advance, are matched with the first identity identification information and the fund approval record information of the second node included in the fund approval record information block;
if the first node is matched with the second node, the second node sends indication information to the first node; the indication information is used for indicating that the fund approval record information block is verified to be passed.
10. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the steps of the method of any of claims 1-6, or 7-9 by executing the executable instructions.
11. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, is adapted to carry out the steps of the method of any one of claims 1 to 6 or 7 to 9.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910003552.0A CN109754226B (en) | 2019-01-03 | 2019-01-03 | Data management method, device and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910003552.0A CN109754226B (en) | 2019-01-03 | 2019-01-03 | Data management method, device and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109754226A CN109754226A (en) | 2019-05-14 |
CN109754226B true CN109754226B (en) | 2021-01-26 |
Family
ID=66405232
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910003552.0A Active CN109754226B (en) | 2019-01-03 | 2019-01-03 | Data management method, device and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109754226B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111541549B (en) * | 2020-05-06 | 2022-01-14 | 深圳天玑数据有限公司 | Block chain based information transfer method, device, equipment and storage medium |
CN113723897A (en) * | 2020-05-26 | 2021-11-30 | 深圳兆日科技股份有限公司 | OA approval method, device, equipment and storage medium based on block chain |
CN111798209A (en) * | 2020-06-30 | 2020-10-20 | 远光软件股份有限公司 | Engineering project management method based on block chain, electronic equipment and storage medium |
CN113704823B (en) * | 2021-08-30 | 2024-03-29 | 新长城科技有限公司 | Reimbursement processing method, reimbursement processing system, storage medium and electronic equipment |
CN113496392A (en) * | 2021-09-06 | 2021-10-12 | 支付宝(杭州)信息技术有限公司 | Block chain-based restricted fund supervision method and system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107005574A (en) * | 2016-12-23 | 2017-08-01 | 深圳前海达闼云端智能科技有限公司 | Block generation method and device and block chain network |
CN108243182A (en) * | 2017-10-26 | 2018-07-03 | 招商银行股份有限公司 | Management authorization method, sub- management end, root management end and the storage medium of block chain |
CN109067801A (en) * | 2018-09-29 | 2018-12-21 | 平安科技(深圳)有限公司 | A kind of identity identifying method, identification authentication system and computer-readable medium |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108881156A (en) * | 2018-05-02 | 2018-11-23 | 深圳圣马歌科技有限公司 | Inventory records method, system and computer program product based on block chain |
-
2019
- 2019-01-03 CN CN201910003552.0A patent/CN109754226B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107005574A (en) * | 2016-12-23 | 2017-08-01 | 深圳前海达闼云端智能科技有限公司 | Block generation method and device and block chain network |
CN108243182A (en) * | 2017-10-26 | 2018-07-03 | 招商银行股份有限公司 | Management authorization method, sub- management end, root management end and the storage medium of block chain |
CN109067801A (en) * | 2018-09-29 | 2018-12-21 | 平安科技(深圳)有限公司 | A kind of identity identifying method, identification authentication system and computer-readable medium |
Also Published As
Publication number | Publication date |
---|---|
CN109754226A (en) | 2019-05-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109754226B (en) | Data management method, device and storage medium | |
US12015695B2 (en) | User terminal, permission information management method, and permission information management program | |
CN111914027B (en) | Block chain transaction keyword searchable encryption method and system | |
CN110519260B (en) | Information processing method and information processing device | |
CN110798315B (en) | Data processing method and device based on block chain and terminal | |
US10848315B2 (en) | Contract agreement method, agreement verification method, contract agreement system, agreement verification device, contract agreement device, contract agreement program and agreement verification program | |
CN111242617B (en) | Method and apparatus for performing transaction correctness verification | |
JP4788212B2 (en) | Digital signature program and digital signature system | |
CN102077213B (en) | Techniques for ensuring authentication and integrity of communications | |
KR20180114182A (en) | Secure personal devices using elliptic curve cryptography for secret sharing | |
CN109981255B (en) | Method and system for updating key pool | |
CN111786812B (en) | Node management method, device, computer equipment and storage medium | |
US11831753B2 (en) | Secure distributed key management system | |
JP2004280284A (en) | Control processor, electronic equipment, and program starting method for electronic equipment, and system module updating method for electronic equipment | |
CN113128999B (en) | Block chain privacy protection method and device | |
CN110597836B (en) | Information inquiry request response method and device based on block chain network | |
EP4092984A1 (en) | Data processing method and apparatus, device and medium | |
CN115203749B (en) | Data transaction method and system based on block chain | |
CN116830523A (en) | threshold key exchange | |
CN110620776B (en) | Data transfer information transmission method and device | |
CN114726536A (en) | Timestamp generation method and device, electronic equipment and storage medium | |
WO2021192992A1 (en) | Entity, gateway device, information processing device, information processing system, and information processing method | |
CN111010283B (en) | Method and apparatus for generating information | |
CN111314059B (en) | Processing method, device and equipment for account authority proxy and readable storage medium | |
JP3791169B2 (en) | Authentication apparatus and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |