CN110046281B - Data adding method, device and equipment - Google Patents

Data adding method, device and equipment Download PDF

Info

Publication number
CN110046281B
CN110046281B CN201910100186.0A CN201910100186A CN110046281B CN 110046281 B CN110046281 B CN 110046281B CN 201910100186 A CN201910100186 A CN 201910100186A CN 110046281 B CN110046281 B CN 110046281B
Authority
CN
China
Prior art keywords
data
block
hash value
data block
data record
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910100186.0A
Other languages
Chinese (zh)
Other versions
CN110046281A (en
Inventor
杨新颖
俞本权
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Advanced New Technologies Co Ltd
Advantageous New Technologies Co Ltd
Original Assignee
Advanced New Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Advanced New Technologies Co Ltd filed Critical Advanced New Technologies Co Ltd
Priority to CN201910100186.0A priority Critical patent/CN110046281B/en
Publication of CN110046281A publication Critical patent/CN110046281A/en
Application granted granted Critical
Publication of CN110046281B publication Critical patent/CN110046281B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • G06F16/9014Indexing; Data structures therefor; Storage structures hash tables
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/903Querying

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computational Linguistics (AREA)
  • Software Systems (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

A data adding method, device and equipment are disclosed. In the scenario where the server centers the data records in a chain of data blocks, each data block contains a hash value of its own data block determined by the hash value of the previous data block and the data record contained by itself, and the provider of the data service cannot easily make changes to the stored data. The user can initiate data uploading in the form of instructions, so that when the server receives the adding instructions every time, hash calculation can be performed on the data records in the instructions, hash values are obtained, and the hash values are returned to the user. When a user needs, the user can inquire the data record of the user at any time by only inputting the hash value and verify whether the data record on the whole data block chain is correct or not, so that the integrity of the user data is ensured, and the user experience is improved.

Description

Data adding method, device and equipment
Technical Field
Embodiments of the present disclosure relate to the field of information technologies, and in particular, to a method, an apparatus, and a device for adding data.
Background
The current database products are generally centralized, data are generated by users, but operations such as adding, deleting, modifying and the like on the data are performed on a server side based on instructions of the users.
In this case, after the user uploads the own data to the server, it is not known whether the server modifies the own data or whether the data stored in the server is damaged, lost, or the like, and the user hopefully wants to have a way to realize the verification of the data. In practical applications, because the data volume generated by the user is large, for example, in some enterprise-level database services, such as audit logs, supply chains, government regulations, consumption records, etc., it is not easy for the enterprise user to want to verify whether the query has errors on his own data.
Based on this, a data addition scheme that facilitates user authentication is needed.
Disclosure of Invention
Aiming at the problems that in the existing data storage, a user cannot know whether data stored by the user is wrong or not and cannot verify, in order to improve user experience in the centralized data storage, the embodiment of the specification provides a data adding method, a device and equipment, wherein the method is applied to a centralized database service provider for storing data through a plurality of data blocks and specifically comprises the following steps:
receiving an adding instruction for adding a data record by a user, wherein the adding instruction comprises the data record to be added;
Determining a hash value of the data record to be added, and returning the hash value to a user;
storing the data record to be added in a local cache so as to write the data record into a new data block when a preset blocking condition is met;
wherein, except the initial data block, each data block contains at least one data record, each data block contains the hash value of the own data block determined by the hash value of the previous data block and the data record contained by the own data block, and the block heights of the data blocks are monotonically increased based on the sequence of the block forming time.
Correspondingly, the embodiment of the present specification further provides a data adding device, which is applied to a centralized database service provider for storing data through a plurality of data blocks, and the device includes:
the receiving module is used for receiving an adding instruction for adding the data record by a user, wherein the adding instruction comprises the data record to be added;
the determining module is used for determining the hash value of the data record to be added;
a return module returns the hash value to the user;
the caching module is used for storing the data record to be added in a local cache so as to write the data record into a new data block when a preset blocking condition is met;
Wherein, except the initial data block, each data block contains at least one data record, each data block contains the hash value of the own data block determined by the hash value of the previous data block and the data record contained by the own data block, and the block heights of the data blocks are monotonically increased based on the sequence of the block forming time.
In the scenario where the server centers the data records in a chain of data blocks, each data block contains a hash value of its own data block determined by the hash value of the previous data block and the data record contained by itself, and the provider of the data service cannot easily make changes to the stored data. The user can initiate data uploading in the form of instructions, so that when the server receives the adding instructions every time, hash calculation can be performed on the data records in the instructions, hash values are obtained, and the hash values are returned to the user. When a user needs, the user can inquire the data record of the user at any time by only inputting the hash value and verify whether the data record on the whole data block chain is correct or not, so that the integrity of the user data is ensured, and the user experience is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the embodiments of the disclosure.
Further, not all of the effects described above need be achieved in any of the embodiments of the present specification.
Drawings
In order to more clearly illustrate the embodiments of the present description or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the embodiments of the present description, and other drawings may be obtained according to these drawings for a person having ordinary skill in the art.
FIG. 1 is a schematic diagram of a system architecture involved in the current technology;
FIG. 2 is a schematic flow chart of a method for adding data according to an embodiment of the present disclosure;
FIG. 3 is a schematic flow chart of an exemplary partial purge provided by embodiments of the present disclosure;
FIG. 4 is a schematic diagram of a process for constructing a suppressed data record according to an embodiment of the present disclosure;
FIG. 5 is a schematic diagram of another system architecture involved in an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of a data adding device according to an embodiment of the present disclosure;
FIG. 7 illustrates a more specific computing device hardware architecture diagram provided by embodiments of the present disclosure;
Fig. 8 is a schematic diagram of a specific generation timing certificate according to an embodiment of the present disclosure.
Detailed Description
In order for those skilled in the art to better understand the technical solutions in the embodiments of the present specification, the technical solutions in the embodiments of the present specification will be described in detail below with reference to the drawings in the embodiments of the present specification, and it is apparent that the described embodiments are only some embodiments of the present specification, not all embodiments. All other embodiments obtained by a person skilled in the art based on the embodiments in the present specification shall fall within the scope of protection.
It should be noted that, in the current server architecture, the database server may be a client personal user directly connected to the server, or some application servers may be connected to the client personal user, and the database server is connected to the application server. As shown in fig. 1, a schematic diagram of a system architecture involved in the current technology of fig. 1.
Thus, in the present description embodiment, when the user is an application server, the database service provider may be the database server shown in fig. 1; and when the user is a client personal user, the database service provider may be a service-end entity formed by the application server and the database server. In either case, however, the storage of the data is done at the database service provider, and the manipulation of the data (including the addition, deletion, etc.) is also performed at the database service provider based on the user's instructions, and both the user's data and the result of the manipulation of the data are stored at the database service provider, and the user's local and other devices cannot store the data. In other words, the database service provider in this specification provides data services in a centralized form.
The following describes in detail the technical solutions provided by the embodiments of the present specification with reference to the accompanying drawings. As shown in fig. 2, fig. 2 is a schematic flow chart of a data adding method according to an embodiment of the present disclosure, where the flow chart specifically includes the following steps:
s201, receiving an adding instruction for adding the data record by a user, wherein the adding instruction comprises the data record to be added.
The data record to be added can be a document, a video, a picture and the like uploaded by the terminal user when the data record is directly oriented to the terminal user, can be a service record obtained after the application server processes the data record based on the request of the terminal user, and can be an operation log generated when the application server executes various addition, deletion and modification checks on the database server.
The following are exemplary record-adding instructions provided by embodiments of the present specification: apend (v, & khash): and adding the data record and returning the hash value of the data record. The "v" is the data record that the user can input or specify the path.
S203, determining the hash value of the data record to be added, and returning the hash value to the user.
S205, storing the data record to be added in a local cache, so that when a preset blocking condition is met, writing the data record into a new data block; wherein, except the initial data block, each data block contains at least one data record, each data block contains the hash value of the own data block determined by the hash value of the previous data block and the data record contained by the own data block, and the block heights of the data blocks are monotonically increased based on the sequence of the block forming time.
Specifically, the scenario according to the embodiment of the present disclosure is applied to a centralized database service provider that stores data through a plurality of data blocks, where the preset blocking condition includes: the number of data records to be stored reaches a number threshold, for example, each time one thousand data records are received, a new data block is generated, and one thousand data records are written into the block; alternatively, the time interval from the last block forming time reaches a time threshold, e.g., every 5 minutes, a new data block is generated and the data records received within the 5 minutes are written into the block. When the blocking condition is satisfied, each data record in the data block to be written is extracted from the cache, and an nth data block containing the hash value of the data block and the data record is generated.
Here, N refers to the sequence number of the data block, in other words, in the embodiment of the present specification, the data blocks are in the form of a block chain, and are arranged in sequence based on the sequence of the block forming time, which has a strong timing characteristic. Wherein the block heights of the data blocks monotonically increase based on the order of the block times. The block height may be a sequence number, and at this time, the block height of the nth data block is N; block heights may also be generated in other ways.
When n=1, that is, the data block at this time is the initial data block. The hash value and block height of the initial data block are given based on a preset manner. For example, the initial data block does not include a data record, the hash value is any given hash value, and the block height blknum=0; for another example, the generation trigger condition of the initial data block is identical to the trigger condition of the other data blocks, but the hash value of the initial data block is determined by hashing all the contents in the initial data block.
When N >1, since the content and hash value of the previous data block have been determined, at this time, the hash value of the current data block (nth data block) may be generated based on the hash value of the previous data block (i.e., nth-1 data block), for example, in a feasible manner, determining the hash value of each data record to be written into the nth block, generating a merck tree according to the arrangement order in the block, splicing the root hash value of the merck tree and the hash value of the previous data block together, and generating the hash value of the current block again by adopting the hash algorithm. For example, the hash value of the whole data record may be obtained by splicing the sequence of the data records in the block, splicing the hash value of the previous data block and the hash value of the whole data record, and performing hash operation on the string obtained by splicing to generate the hash value of the data block.
By the foregoing generation method of the data blocks, each data block is determined by a hash value, and the hash value of the data block is determined by the content and sequence of the data records in the data block and the hash value of the previous data block. The user can initiate verification based on the hash value of the data block at any time, and the modification of any content in the data block (including modification of the content or sequence of the data record in the data block) can cause inconsistency between the hash value of the data block calculated during verification and the hash value generated during data block generation, so that verification failure is caused, and therefore, the tamper-proof effect under centralization is realized.
The data records are stored centrally in a chain of data blocks by generating data blocks comprising a certain number of data records and recording hash values at the time of generation of the data blocks. In this data storage mode, the hash value of each data block depends on the hash value of the previous data block and the content of the data record contained in itself. The user can inquire the data record at any time based on the storage form, and can verify the hash value of the appointed data block or the appointed data record according to the hash value, so that the integrity of the user data is ensured, and the user experience is improved.
Further, in the process of adding data, the server side can also provide the signature of the corresponding service platform, which specifically comprises the following modes: encrypting the data record by adopting a server private key to generate a private key signature of the server on the data record; and returning the private key signature and the hash value of the data record to the user so that the user can decrypt the private key signature by using the corresponding public key for verification. So that the user can confirm that the hash value is acknowledged by the service. Specifically, the user may request the service to provide the signature in an add instruction, which is an instruction for an exemplary return signed add record provided by embodiments of the present description: APPEND (v, & khash, CERT) returns the hash value corresponding to the data record and returns the signature certificate of the server.
After the data record has been stored, some relevant index information may also be re-established, e.g. because the data record is kept in the data block, but no hash value of the data record. Therefore, in order to conveniently find any data record, the hash value of the data record can be established as a key, and the index with the block height of the data block where the data record is located and the offset of the data record in the data block where the data record is located as a value can be stored. Thus, the data record can be conveniently queried. It should be noted that, the creation of the index information may be performed asynchronously with respect to the blocking, and the index information may be sent to the user for backup, so that the user may also conveniently query or verify any data record according to the index.
In the query process, the block height of the data block where the data record is located, the offset of the data record in the data block where the data record is located or the plaintext of the data record can be queried and obtained based on the hash value input by the user, or the block height of the data block corresponding to the hash value of the data block is queried and the query result is returned.
The specific query mode can be realized by a query instruction. The query instruction comprises the hash value to be queried input by the user. The hash value here may be a hash value of a data record or a hash value of a data block, and the database service provider may perform a traversal query from the data block or may perform a query from a pre-established index.
The following examples enumerate several query approaches provided by the embodiments of the present specification:
firstly, inputting hash values of data blocks, and returning all data plaintext in the data blocks; or, the hash value of the data record is input, the plaintext of the data record is returned, specifically, the data record can be realized by using a query command SELEC T (khash, & v), and when the server receives a corresponding query command, the foregoing query logic is executed based on the hash value to return a result.
Secondly, inputting a hash value of the data record, returning a block height of a data block where the data record is located, and specifically, using a query instruction SELECT (khash, & v, FULL) to implement the offset in the data block;
Third, the hash value of the input data chunk returns the chunk height according to the chunk hash. Specifically, the method can be implemented by using a query instruction SELECT (khash, & v, BLK).
Of course, there may be cases where the user inputs a hash value and the server cannot query the corresponding result. For example, when the user inputs a hash value corresponding to a data record and the server cannot query the result, the user may reasonably doubt that the data record corresponding to the hash has been changed, possibly tampered, or possibly lost.
Of course, the server signature certificate may also be included in the returned results in other types of database operations provided by embodiments of the present description, such as in other database operations such as querying, clearing, verifying, and hiding.
In addition to the query, the user may actively initiate verification on a plurality of data blocks already existing in the database, specifically, a user may initiate a verification instruction, where a parameter in the verification instruction specifies which data blocks need to be initiated for verification, for example, a hash value or a block height may specify a data block, and initiate whether to correctly verify a plurality of data blocks before or after the data block; alternatively, a data record is specified by the hash value, and it is verified whether a data record exists in the database. The result of the verification is a metadata of "have" or "none" and "correct" or "incorrect". The following examples provide several ways of validating as provided by embodiments of the present description:
Firstly, inputting a hash value, determining a data block by the hash value, and executing verification on the data block to obtain a verification result, wherein the verification result can be specifically realized by a verification instruction VERIFY ('khash'.
Secondly, inputting a hash value, determining a corresponding data block or determining a data block where a data record corresponding to the hash value is located by the hash value, and verifying the data block from the determined data block forward until an initial data block, specifically, the data block can be realized by a verification instruction VERIFY (' khash ', ' v-1), and in general, the initial block height is "0" or "1", so that-1 therein can also be other values smaller than the initial block height.
Thirdly, inputting a hash value, determining a corresponding data block by the hash value, and verifying the specified number of data blocks from the determined data block onwards, wherein the verification can be realized by a verification instruction VERIFY ('khash', & v, blknum).
Fourth, inputting the block height and the number to be verified, and starting to VERIFY the specified number of data blocks from the data block corresponding to the block height, specifically, the verification instruction VERIFY (blkh, & v, blknum) can be implemented.
The result returned during verification is a "yes" or "no" metadata, as described above, where the server may also add the signature of the server during this process, and the manner in which the signature is generated is described above. Specifically, a parameter "CERT" representing a signature of a service party may be added at the end of any verification instruction, for example: VERIFY ('khash', & v, blknum, CERT) with the server signature in the returned result.
In another embodiment, if the content of the data block further includes a timestamp of the data block or a timestamp of the data record, or the database server side further generates the relevant index in advance, for example, when generating the index of the block height and the block timestamp, or the index of the hash value of the data record and the record timestamp, or the index of the hash value of the data block and the block time, etc., at this time, the server side may further provide a corresponding time query manner, that is, from the data block or the index, the server side queries the corresponding block height or the hash value by the time value, or queries the corresponding time value by the hash value or the block height, and the following exemplary query manners provided by the embodiments of the present specification are listed below as time-based query manners:
first, the block height is input, and the block forming TIME of the data block corresponding to the query block height can be specifically realized by a TIME query instruction TIME (blknum, & v).
Second, a hash value is input, and a timestamp corresponding to the hash value is returned, where the hash value may be a hash value of a data block or a hash value of a data record, and specifically may be implemented by a TIME query instruction TIME ('khash', & v).
Third, the time value is input, and the block height of the last data block before the time value is returned, or the hash value of the last data record before the time value and the block height of the data block where the hash value is located are returned, which may be specifically implemented by a time query instruction LTIME ('time'.
In the embodiment of the present specification, if the user no longer needs the service, the entire clearing of the data may be performed before the service is ended. For example, the user inputs the account ID, the server clears the account, for example, by a clear instruction PURGE (lgid), or the user also inputs a time period, the server files the account first, and after the time period is reached, the server clears the account, for example, by a clear instruction PURGE (day-save).
And, as the data of the user is continuously increased, the storage space is more and more occupied, or some historical data with longer time is not valuable to the user, at this time, the database server side can also perform corresponding partial clearing on the data block based on the requirement of the user. The partial purge may be based on block height or point in time.
For example, the user designates the account ID and the block height, and the server determines that the data blocks before the block height are all data blocks to be cleared based on the block height, and then clears the data blocks determined to be cleared, which may be specifically implemented by a clear instruction PURGE (lgid, d-a, blkbound).
For another example, the user designates the ledger ID and the time point, and the server determines the last generated data block before the time point based on the time point, determines the data blocks generated before the data block as the data blocks to be cleared, and then clears the data blocks determined to be cleared, which may be specifically implemented by a clear instruction PURGE (lgid, d-a, 'timetmp').
Before the partial erasure is performed, since the hash value of the first data block of the erased data block chain is generated based on the hash value of the previous data block, at this time, a dummy initial data block is also required to be generated, and the hash value of the dummy initial data block is equal to the hash value of the last data block determined to be erased, so that an error in the subsequent verification can be avoided. The hash value of the last data block can be obtained by inquiring from a pre-established index, or can be obtained by sequentially calculating from the initial data block, or can be obtained by inquiring from the data block.
The content in the newly generated pseudo initial data block may be empty, or some corresponding remarks may be recorded, for example, the time of generation, etc. However, the content of the dummy initial data block is independent of the hash value of the dummy initial data block. And the server may also sign the dummy initial data block.
In addition, it is common for users to backup partially purged data. Based on this, in the process of the user performing the partial removal, verification can also be inserted for the data confirming that the partial removal is required. As shown in fig. 3, fig. 3 is a schematic flow chart of an exemplary partial purge provided in the embodiments of the present disclosure. In the schematic diagram, a user inputs a time point, specifically, the generation time of the data block nearest before the time point can be queried and obtained, then the block height of the data block corresponding to the generation time is obtained, a pseudo initial data block is generated and signed, and then the partial clearing operation is executed.
In practice, some data (referred to herein as sensitive data) once written in a data block can have deleterious consequences. For example, in the data uploaded by company a, the content in one data record is "leaf XX, sex man, and identification number 123456", and the identification number in the data record relates to revealing the privacy of the user and needs to be hidden.
Since in the scheme provided in the embodiments of the present disclosure, modification or removal of any data record may simultaneously cause verification errors on other data blocks, based on this, the embodiments of the present disclosure also provide a method for concealing sensitive data, specifically, a core technical means is to replace a data record in which information to be concealed is located in a data block with a hash value of the data record. In this way, the disclosure of the sensitive information can be stopped without disturbing the smooth operation of the data block system.
Specifically, the user may directly specify the location of the information to be suppressed, or in practical applications, the user may issue a suppressed information instruction carrying the location information. The location information here includes a block height of the data block, an offset of the data recorded in the block height, an offset of the information to be suppressed in the data recorded, a length of the information to be suppressed, and the like.
For example, an exemplary suppressed information instruction may be DELETE (blkhight, txoff), under which a data record corresponding to a specified block height blkhight and a specified offset txoff is suppressed;
as another example, another exemplary conceal information instruction may be DELETE (blkhight, txoff, offset, length), under which a data record is determined by the block height blkhight and the offset txoff, concealing information determined by the length of the beginning of the offset specified in the data record.
The information obtained after replacement or removal of the suppressed information is not used as a data record anymore and may be referred to as remark information. In the process of hiding information, one feasible way is to determine a hash value of a data record where the information to be hiding is located, splice a preset front marker character to the head of the hash value, splice a preset rear marker character to the tail of the hash value, splice remark information to the tail of the rear marker character, and then determine the data spliced by the front marker character, the transaction hash, the rear marker character and the remark information as the hiding data record. As shown in FIG. 4, FIG. 4 is a schematic diagram of a process for constructing a suppressed data record according to an embodiment of the present disclosure.
It should be noted that the front marking character and the rear marking character may be specified according to actual needs. For example, the front marker character may be "0E" and the rear marker character may be "0F". The effect of the preceding marker character is that when the data record needs to be read at a later time for verification, then the preceding marker character reveals information to the node: "the storage location stores not the plain content of the data record but the hash value of the data record". At this time, the hash value may be directly read for verification. When the corresponding remark information needs to be read, the reading can be started from the rear mark character 0F, and after the sensitive information is hidden, the content in the remark information can be basically the same as the content of the data record before the hidden, or can be completely empty (namely, the content of the whole data record is completely hidden).
Furthermore, it should be noted that the concealment of the history data record is a relatively strict operation. It often symbolizes certain information disclosures that trigger laws or violate morals, and also often concludes after multiparty adjustment or judgment that forced processing of the information is required. Thus, in performing the above-described purge operation, one possible way is to: the purge operation requires a certain signature weight.
For example, for an operation instruction issued by a general user, the background default signature weight is 30, while the signature weight used by a server or other transaction system is 60, the signature weight issued by a national force-executing mechanism such as a court is 120, and the signature weight required for a clearing operation is preset to be 100. The execution weight of one operation may be the sum of the signature weights of the participants, and in general, it may be set that the participants do not exceed 2. In such an embodiment, at least two digital signatures of the authorities (e.g., transaction system side and database server side) associated with the data records are required to be performed. That is, the transaction system side is required to initiate a clearing instruction and sign, and the database server side receives the clearing instruction and signs to clear. The end user initiated clear instruction will not be executed even if the database server side signed the authorization because of insufficient signature weight.
Further, the database server may also provide other database service modes, for example:
during archiving, retrieving a user data ledger, which is realized by a retrieving instruction RECALL (lgid), wherein the ledger refers to a set containing all data blocks;
Returning the block height of the current last data block through an instruction GETHEIGHT (& v);
returns the user ledger ID, is implemented by instruction GETLEDGER (& v), and so on.
In addition, it should be noted that, in the above description, various operation instructions are provided to implement the database service manner provided in the present application. However, the form of the operation instruction is not limited to the form set forth in the embodiment of the present disclosure, and in practice, the form of the operation instruction for data may be various, and only the service manner set forth in the present application may be implemented. And the query instruction provides an external form which is convenient for the user to operate, and the query instruction still depends on the execution mode corresponding to each instruction when the server receives and executes the instruction.
Further, after generating the data blocks, the server may also give a corresponding time stamp for each block. For example, a national time service center interface is introduced, and trusted time stamps are adopted for block discharging when the blocks are discharged. Thus, the time stamp can be relied upon for index creation.
In one embodiment, for any data block, if there is a reception timestamp in the data record in the block, for example, the server gives a reception timestamp when receiving the data record, the data records may be ordered according to the reception timestamp, and an ordering sequence number is allocated to each data record; or the sequence numbers may be allocated directly in the order in which the data records were received and reset after blocking so that the sequence numbers are allocated internally for the next data block.
After the sequence number is determined, the sequence number and the hash value can be spliced according to the hash value of each data record which is determined. Specifically, a substring with a specified length can be added at the head or tail of the hash value to place sequence numbers, a time sequence hash character string of the data record is generated, and then a first index table containing the corresponding relation of the block time stamp of the data block and the time sequence hash character string of the data record is established according to the sequence of the sequence numbers.
As shown in table 1, table 1 is a first index table related to data records provided in the embodiments of the present specification. In table 1, the first 6 bits of the hash value of the data record are inserted with a corresponding sequence number string, where "0x" is used to identify the next sequence number, "0001" is the sequence number, "hash1" is the hash value of the first piece of data in the data block, and the time on the left side is the blocking time of the data block. In this way, the number of valid bits of the timestamp is fully reserved. The 0x can be used for identifying the subsequent part, namely the sequence number, so that the analysis is convenient.
TABLE 1
20xx-01-19 03:14:07.938576 0x0001Hash1
20xx-01-19 03:14:07.938576 0x0002Hash2
20xx-01-19 03:14:07.938576 0x0003Hash3
20xx-01-19 03:14:07.938576 ……
In the index table, each data record has both the block forming time of the written block and the sequence accepted by the service side, so that the query and the tracing of some data records with tandem correlation can be conveniently performed based on the index table.
In another embodiment, in the same way, for any data block, if there is a receiving timestamp in the data record in the block, the data records may be ordered according to the receiving timestamp, and an ordering sequence number is allocated to each data record; or the sequence numbers may be allocated directly in the order in which the data records were received and reset after blocking so that the sequence numbers are allocated internally for the next data block.
At this point, the last specified number of bits in the chunk timestamp may be eliminated for the sequence number of the write data record. In addition, a specified sequence number which is not allocated to the data record can be added into the index, and the index is written in the corresponding relation between the block time stamp and the block height of the data block. For example, a sequence number of a data record typically starts with 1, then a sequence number of "0" may be used to store the block height of a data block. As shown in table 2, table 2 is a second index table for data records provided in the embodiments of the present specification. In table 2, the last three bits of the block time on the left (assuming that the number of data records stored in one block does not exceed 1000) are used to store the sequence numbers of the data records.
TABLE 2
20xx-01-19 03:14:07.938000 Blkheight
20xx-01-19 03:14:07.938001 Hash1
20xx-01-19 03:14:07.938002 Hash2
20xx-01-19 03:14:07.938003 Hash3
20xx-01-19 03:14:07.938004 ……
In this embodiment, although sacrificing several time-significant digits, the hash value of the data record may be read directly, and the block height of the data block may be identified by a specified sequence number (i.e., 000 in Table 2).
The index can be created immediately at the time of outputting the block or asynchronously. The index itself may be used for some searching or statistics operations, for example, counting the number of data records in a certain period of time, avoiding traversal counting from within the data block, which is more convenient.
In addition, when data is stored using a block-chained ledger, one ledger typically includes a plurality of consecutive blocks of data. In practical applications, natural sequence numbers are often used to number data blocks. For example, the block height of the initial data block is 1, and every time one data block is added subsequently, the block height is increased by 1. Based on this, the embodiment of the present disclosure further provides a block height creation manner, specifically, determining a block time of a data block, and then converting the block time into integer data by using a symmetric encryption algorithm, where the integer data is regarded as a block height of the data block, and the earlier the block time, the smaller the integer data.
Specifically, the integer here may be a large integer data, for example, a large integer of 13 bits. Thus, since the large integer is based on time symmetric encryption, when the block time of the data block is required, the block time can be obtained by the same symmetric decryption.
For example, for the chunking time "20xx-01-19 03:14:07.938576", after symmetric encryption, it can be converted to a large integer "1547838847938", which is "1547838847938" because integer data monotonically increases over time. The block height of the data block can be used as the data block at this time to identify the data block. In the present specification, the block heights are monotonically increasing based on the block formation time, so that even if large-sized data is employed, the order among the data blocks is reflected from small to large. For example, if the next chunk time of a data chunk is "20xx-01-19 03:16:07.235125," it can be converted to another larger large integer "1547838848125" using a preset symmetric encryption algorithm.
Based on this, it is also possible to determine the sequence number of each traffic log in the data block as in the foregoing manner, and splice the block height and the sequence number, generate the timing information of the traffic log containing both the block height and the sequence number, and establish the third index table of hash values and the timing information of the traffic log. As shown in table 3, table 3 is a third index table provided in the embodiments of the present specification. In this table, the large integer on the left side is timing information including block heights and sequence numbers, the block heights being obtained based on time-symmetric encryption. In the case of a chunking time accurate to the millisecond level, the third index introduces 3 decimal digits after the chunk height to identify the sequence number (i.e., defining a chunk threshold of 999), so the assumption for throughput is millions, already able to meet any practical transaction scenario. If the throughput is higher, more decimal values need to be introduced after the block height to identify the sequence numbers.
TABLE 3 Table 3
1547838847938000 1547838847938
1547838847938001 Hash1
1547838847938002 Hash2
1547838847938003 Hash3
1547838847938004 ……
In an actual application scenario, the database service provider involved in the embodiments of the present disclosure may also provide corresponding services for the corresponding database. As shown in fig. 5, fig. 5 is a schematic diagram of another system architecture involved in an embodiment of the present description, including a database base service provider and a database enhancement service provider. For example, mySQL, postgreSQL, mongoDB is a database base service provider, and these database systems can provide services for basic add-delete-modify-check operations for common transaction systems. At the same time, they also store corresponding business operation logs for these operations locally, in which the operation records of the database base service provider on the business data are recorded. The system for providing the further service for the database basic service provider is the database enhanced service provider hedger server provided by the embodiment of the present specification.
Based on this, the present description embodiments also provide a way in which further enhanced services may be provided for database-based service providers. Specifically, when the databases MySQL, postgreSQL, mongoDB and the like generate service operation logs, the service operation logs generated by the databases can be sent to the hedger. Because the service operation logs are provided with the generation time stamps, the Ledger system can sort, block and store the service operation logs according to the generation time stamps. Thus, each database can further manage its own system operation log based on the aforementioned operation mode. The database basic service provider does not need to send to the Ledger system immediately when generating the system operation log, and can be an asynchronous sending process.
Each database basic service provider can send a service operation log to the Ledger system in a plaintext manner. The term "plaintext" as used herein refers to the business operations log sent by each database that the Ledger system can understand or partially understand. For example, a certain database and the Ledger system make a communication protocol in advance, so that the Ledger system can acquire the operation type, the operation service object and the like in the service operation log, and the Ledger system can further perform blocking according to the operation type or the operation target object when blocking, so that each database system can perform better management. In this way, if each database needs to perform query or statistics (for example, statistics on how many times data of which service object is subjected to cleaning operation), only an instruction needs to be sent, and a specific statistics or query process can be completed at the end of the hedger system.
Of course, each database basic service provider can also send the service operation log to the hedgegr system in a "ciphertext" manner. The "ciphertext" herein refers to a service operation log sent by each database that cannot be understood by the hedgegr system. In this way, each database can only read or clear the stored business operation log from the hedgegr system, and specific query or statistics needs to be executed locally at the database base service provider after reading the data.
In one implementation scenario, for example, where the data records are fee information regarding the business, the data records need to be reviewed. The method is an indispensable technical means for preventing enterprises and service parties from falsifying time stamps in a combined way to manufacture a new account book, and performing time service authentication of data blocks to authoritative time fairness institutions. The time authority may be, for example, a national time service center or an authoritative time authority licensed by the national time service center. The time service authentication is as follows: a relevant signature of the time equity is obtained, wherein the signature comprises a trusted timestamp issued by the time equity, and the trusted timestamp corresponds to a data block needing authentication.
Specifically, the service side first determines a section of ledger which needs time service authentication from the generated and stored data blocks, wherein at least one data block or a plurality of high-continuous data blocks should be contained. The determining mode can be specified based on user operation, for example, a user initiates a time service instruction, and the instruction comprises a starting block height and a block number which need time service authentication; or the service side can automatically perform the operation based on preset business logic without the specification of a user.
For example, from the finest granularity, each data block may be time-stamped. In this way, the root hash of the merck tree is the block hash value of the data block, and this way can maximally protect the authenticity of the ledger (i.e., each data block). Because of the high frequency of the outgoing blocks of the data blocks, the cost overhead of the method is relatively high for both the time service center and the service side. An alternative way is to set a certain time service preset condition, and initiate a time service request when the certain time service preset condition is met. When the newly generated data blocks are considered as the data blocks to be time-service authenticated, the time-service preset conditions may be: the data blocks to be time-stamped and authenticated reach the number threshold, or the time interval from the last time-stamped and authenticated has reached the time threshold.
The specific time service authentication mode is that the block hashes of the data blocks to be time service authenticated are connected in series according to the order of block heights, and the merck tree corresponding to the plurality of data blocks is generated based on the block hashes of the data blocks, so that the root hash of the merck tree is confirmed. And, the related information of the data block to be time-service authenticated is confirmed, for example, including information of a start block height, an end block height, or the number of data blocks, etc. The root hash of the merck tree and the related information of the data block are then sent to a time fairness mechanism. The time fairness mechanism receives the information, namely, gives a trusted time stamp, carries out digital signature authentication on the trusted time stamp, and generates a time service certificate containing the trusted time stamp and the digital signature, wherein the time service certificate can also contain related information of the data block, and the digital signature is achieved by conventional private key encryption and public key decryption.
Thus, the server may receive a series of trusted time stamps containing time equity signatures, each of which corresponds to a segment of the ledger, and based on the relevant information, may know explicitly which segment of the data block. The server may perform corresponding management and verification based on the trusted time stamp. For example, when a certain account book needs to be checked, the service party can give out a time service certificate of which the corresponding data block contains a trusted time stamp and a signature of a time fairness mechanism, and recalculate the merck root hash according to the related information contained in the time service certificate, so that the data block corresponding to the certificate can be confirmed to be impossible to be forged later, and the service party and the served party can be effectively prevented from jointly manufacturing the account book containing the false time stamp so as to avoid the corresponding audit. As shown in fig. 8, fig. 8 is a schematic diagram of a specific generation timing certificate according to an embodiment of the present disclosure.
Correspondingly, the embodiment of the present disclosure further provides a data adding device, which is applied to a centralized database service provider that stores data through a plurality of data blocks, as shown in fig. 6, and fig. 6 is a schematic structural diagram of the data adding device provided in the embodiment of the present disclosure, including:
The receiving module 601 receives an adding instruction for adding a data record by a user, wherein the adding instruction comprises the data record to be added;
a determining module 603, configured to determine a hash value of the data record to be added;
a return module 605 that returns the hash value to the user;
the caching module 607 stores the data record to be added in a local cache, so that when a preset blocking condition is met, the data record is written into a new data block;
wherein, except the initial data block, each data block contains at least one data record, each data block contains the hash value of the own data block determined by the hash value of the previous data block and the data record contained by the own data block, and the block heights of the data blocks are monotonically increased based on the sequence of the block forming time.
Further, the method further includes a writing module 609, when a preset blocking condition is reached, determining each data record in the data block to be written, and generating an nth data block including the hash value of the data block and the data record, which specifically includes:
when n=1, the hash value and the block height of the initial data block are given based on a preset manner;
when N >1, determining the hash value of the N data block according to the hash value of each data record and the N-1 data block in the data block to be written, and generating the N data block containing the hash value of the N data block and each data record, wherein the block heights of the data blocks monotonically increase based on the sequence of the block forming time.
Further, the preset blocking condition includes: the number of the data records to be stored reaches a number threshold; alternatively, the time interval from the last time of blocking reaches a time threshold.
Further, the device further includes a server signature module 611, which encrypts the data record with a server private key to generate a private key signature of the server on the data record; and returning the private key signature and the hash value of the data record to the user so that the user can decrypt the private key signature by using the corresponding public key for verification.
The embodiments of the present disclosure also provide a computer device, which at least includes a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements a data adding method shown in fig. 2 when executing the program.
FIG. 7 illustrates a more specific hardware architecture diagram of a computing device provided by embodiments of the present description, which may include: a processor 1010, a memory 1020, an input/output interface 1030, a communication interface 1040, and a bus 1050. Wherein processor 1010, memory 1020, input/output interface 1030, and communication interface 1040 implement communication connections therebetween within the device via a bus 1050.
The processor 1010 may be implemented by a general-purpose CPU (Central Processing Unit ), microprocessor, application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits, etc. for executing relevant programs to implement the technical solutions provided in the embodiments of the present disclosure.
The Memory 1020 may be implemented in the form of ROM (Read Only Memory), RAM (Random Access Memory ), static storage device, dynamic storage device, or the like. Memory 1020 may store an operating system and other application programs, and when the embodiments of the present specification are implemented in software or firmware, the associated program code is stored in memory 1020 and executed by processor 1010.
The input/output interface 1030 is used to connect with an input/output module for inputting and outputting information. The input/output module may be configured as a component in a device (not shown) or may be external to the device to provide corresponding functionality. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various types of sensors, etc., and the output devices may include a display, speaker, vibrator, indicator lights, etc.
Communication interface 1040 is used to connect communication modules (not shown) to enable communication interactions of the present device with other devices. The communication module may implement communication through a wired manner (such as USB, network cable, etc.), or may implement communication through a wireless manner (such as mobile network, WIFI, bluetooth, etc.).
Bus 1050 includes a path for transferring information between components of the device (e.g., processor 1010, memory 1020, input/output interface 1030, and communication interface 1040).
It should be noted that although the above-described device only shows processor 1010, memory 1020, input/output interface 1030, communication interface 1040, and bus 1050, in an implementation, the device may include other components necessary to achieve proper operation. Furthermore, it will be understood by those skilled in the art that the above-described apparatus may include only the components necessary to implement the embodiments of the present description, and not all the components shown in the drawings.
The present embodiment also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements a data addition method as shown in fig. 2.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
From the foregoing description of embodiments, it will be apparent to those skilled in the art that the present embodiments may be implemented in software plus a necessary general purpose hardware platform. Based on such understanding, the technical solutions of the embodiments of the present specification may be embodied in essence or what contributes to the prior art in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the embodiments or some parts of the embodiments of the present specification.
The system, method, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. A typical implementation device is a computer, which may be in the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email device, game console, tablet computer, wearable device, or a combination of any of these devices.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for the method embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points. The above-described method embodiments are merely illustrative, in that the modules illustrated as separate components may or may not be physically separate, and the functions of the modules may be implemented in the same piece or pieces of software and/or hardware when implementing the embodiments of the present disclosure. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
The foregoing is merely a specific implementation of the embodiments of this disclosure, and it should be noted that, for a person skilled in the art, several improvements and modifications may be made without departing from the principles of the embodiments of this disclosure, and these improvements and modifications should also be considered as protective scope of the embodiments of this disclosure.

Claims (9)

1. A data addition method applied to a centralized database service provider that stores data through a plurality of data blocks, the method comprising:
receiving an adding instruction for adding a data record by a user, wherein the adding instruction comprises the data record to be added;
determining a hash value of the data record to be added, and returning the hash value to a user;
storing the data record to be added in a local cache so as to write the data record into a new data block when a preset blocking condition is met;
wherein, except the initial data block, each data block contains at least one data record, each data block contains the hash value of the own data block determined by the hash value of the previous data block and the data record contained by the own data block, and the block heights of the data blocks are monotonically increased based on the sequence of the block forming time.
2. The method of claim 1, wherein at the centralized database service provider, the data blocks are pre-generated by:
receiving data records to be stored, and determining hash values of the data records;
when a preset blocking condition is reached, determining each data record in the data block to be written, and generating an Nth data block containing hash values of the data block and the data records, wherein the method specifically comprises the following steps of:
when n=1, the hash value and the block height of the initial data block are given based on a preset manner;
when N >1, determining the hash value of the N data block according to the hash value of each data record and the N-1 data block in the data block to be written, and generating the N data block containing the hash value of the N data block and each data record, wherein the block heights of the data blocks monotonically increase based on the sequence of the block forming time.
3. The method of claim 1, the preset blocking condition comprising:
the number of the data records to be stored reaches a number threshold; or alternatively, the process may be performed,
the time interval from the last time of blocking reaches a time threshold.
4. The method of claim 1, returning the hash value to a user, comprising:
encrypting the data record by adopting a server private key to generate a private key signature of the server on the data record;
And returning the private key signature and the hash value of the data record to the user so that the user can decrypt the private key signature by using the corresponding public key for verification.
5. A data adding apparatus for use in a centralized database service provider that stores data over a plurality of data blocks, the apparatus comprising:
the receiving module is used for receiving an adding instruction for adding the data record by a user, wherein the adding instruction comprises the data record to be added;
the determining module is used for determining the hash value of the data record to be added;
a return module returns the hash value to the user;
the caching module is used for storing the data record to be added in a local cache so as to write the data record into a new data block when a preset blocking condition is met;
wherein, except the initial data block, each data block contains at least one data record, each data block contains the hash value of the own data block determined by the hash value of the previous data block and the data record contained by the own data block, and the block heights of the data blocks are monotonically increased based on the sequence of the block forming time.
6. The apparatus of claim 5, further comprising a writing module that determines each data record in the data block to be written to when a preset chunking condition is reached, generates an nth data block containing a hash value of the data block and the data record, and when n=1, the hash value and the block height of the initial data block are given based on a preset manner; when N >1, determining the hash value of the N data block according to the hash value of each data record and the N-1 data block in the data block to be written, and generating the N data block containing the hash value of the N data block and each data record, wherein the block heights of the data blocks monotonically increase based on the sequence of the block forming time.
7. The apparatus of claim 6, the preset blocking condition comprising:
the number of the data records to be stored reaches a number threshold; or alternatively, the process may be performed,
the time interval from the last time of blocking reaches a time threshold.
8. The apparatus of claim 5, further comprising a server signing module that encrypts the data record with a server private key, generating a server private key signature for the data record;
and the return module returns the private key signature and the hash value of the data record to the user so that the user can decrypt the private key signature by using the corresponding public key for verification.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of claims 1-4 when the program is executed by the processor.
CN201910100186.0A 2019-01-31 2019-01-31 Data adding method, device and equipment Active CN110046281B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910100186.0A CN110046281B (en) 2019-01-31 2019-01-31 Data adding method, device and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910100186.0A CN110046281B (en) 2019-01-31 2019-01-31 Data adding method, device and equipment

Publications (2)

Publication Number Publication Date
CN110046281A CN110046281A (en) 2019-07-23
CN110046281B true CN110046281B (en) 2023-06-06

Family

ID=67274205

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910100186.0A Active CN110046281B (en) 2019-01-31 2019-01-31 Data adding method, device and equipment

Country Status (1)

Country Link
CN (1) CN110046281B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110457898B (en) * 2019-07-29 2020-10-30 创新先进技术有限公司 Operation record storage method, device and equipment based on trusted execution environment
CN112380573B (en) * 2019-07-29 2024-05-14 创新先进技术有限公司 Digital signature method, device and equipment in block chain type account book
US10783054B2 (en) 2019-07-29 2020-09-22 Alibaba Group Holding Limited Method, apparatus, and device for storing operation record based on trusted execution environment
CN112445525A (en) * 2019-09-02 2021-03-05 中科寒武纪科技股份有限公司 Data processing method, related device and computer readable medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103368817A (en) * 2012-03-31 2013-10-23 国际商业机器公司 Method and device for sending and receiving e-mail
CN103530201A (en) * 2013-07-17 2014-01-22 华中科技大学 Safety data repetition removing method and system applicable to backup system
CN109067540A (en) * 2018-06-27 2018-12-21 北京磁云数字科技有限公司 Pond assets information circulation method, apparatus and equipment are dealt with based on block chain

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103368817A (en) * 2012-03-31 2013-10-23 国际商业机器公司 Method and device for sending and receiving e-mail
CN103530201A (en) * 2013-07-17 2014-01-22 华中科技大学 Safety data repetition removing method and system applicable to backup system
CN109067540A (en) * 2018-06-27 2018-12-21 北京磁云数字科技有限公司 Pond assets information circulation method, apparatus and equipment are dealt with based on block chain

Also Published As

Publication number Publication date
CN110046281A (en) 2019-07-23

Similar Documents

Publication Publication Date Title
CN109902086B (en) Index creation method, device and equipment
CN109951290B (en) Time service authentication method, device and equipment for chain type account book
CN109902071B (en) Service log storage method, system, device and equipment
CN110059084B (en) Data storage method, device and equipment
CN110008203B (en) Data clearing method, device and equipment
CN110019278B (en) Data verification method, device and equipment
CN110046281B (en) Data adding method, device and equipment
CN110008249B (en) Time-based data query method, device and equipment
CN110061843B (en) Block height creating method, device and equipment in chain type account book
CN110188096B (en) Index creating method, device and equipment for data record
CN110163006B (en) Signature verification method, system, device and equipment in block chain type account book
CN112699081B (en) File self-certification method and device based on blockchain
CN111602166B (en) Method and apparatus for providing traversable key-value data storage on a blockchain
CN113726751B (en) Weight management method, device and equipment in block chain type account book
US20210336798A1 (en) Signature verification for a blockchain ledger
CN110474775B (en) User creating method, device and equipment in block chain type account book
CN110266494B (en) Time service authentication method, device and equipment in block chain type account book
CN110190963B (en) Monitoring method, device and equipment for time service certificate generation request
CN110008210B (en) Index creation method, device and equipment
CN111046069B (en) Aggregation calculation method, device and equipment in block chain type account book
CN110347678B (en) Financial data storage method, system, device and equipment
CN110727679A (en) Cooperative tracking method, system, device and equipment for court case
CN110020547A (en) A kind of data hiding method, device and equipment
CN110019373A (en) A kind of data query method, device and equipment based on cryptographic Hash
CN110688664B (en) Authority management method, device and equipment in block chain type account book

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20201016

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant after: Advanced innovation technology Co.,Ltd.

Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands

Applicant before: Alibaba Group Holding Ltd.

Effective date of registration: 20201016

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant after: Innovative advanced technology Co.,Ltd.

Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant before: Advanced innovation technology Co.,Ltd.

GR01 Patent grant
GR01 Patent grant