CN110070300A - Data audit and acquisition methods, device, system, equipment and medium - Google Patents
Data audit and acquisition methods, device, system, equipment and medium Download PDFInfo
- Publication number
- CN110070300A CN110070300A CN201910357680.5A CN201910357680A CN110070300A CN 110070300 A CN110070300 A CN 110070300A CN 201910357680 A CN201910357680 A CN 201910357680A CN 110070300 A CN110070300 A CN 110070300A
- Authority
- CN
- China
- Prior art keywords
- data
- processing result
- private key
- computing device
- result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0639—Performance analysis of employees; Performance analysis of enterprise or organisation operations
Abstract
The embodiment of the invention discloses a kind of audit of data and acquisition methods, device, system, equipment and media.Wherein, method includes: the data analysis request for receiving data user and initiating;According to data analysis request, the data in data center are analyzed and processed based on one or more, to generate processing result;To the one or more data centers for analyzing required data are provided, the audit request of processing result is initiated;When auditing result of the data center to processing result meets setting and pass through condition, the processing result of unlock is fed back into data user.Data aggregate analysis processing may be implemented, and ensure the credibility and safety of Data Analysis Services process, take into account the convenience of multiparty data audit.
Description
Technical field
The present embodiments relate to data processing technique more particularly to a kind of data checking method, device, systems, equipment
And medium.
Background technique
In big data era, various initial data, secondary treatment data are all the intangible assets for having economic value.All kinds of enterprises
Between industry user, oneself some data can either be provided, it is also desirable to which other enterprise customers share some data, therefore number occur
According to center.The data of oneself are provided to data center by various users, for other users payment or free trial.
In data center, data are all centralized processings.Sharing can not only be facilitated, additionally it is possible to carry out based on more parts of data
Conjoint Analysis processing, this greatly improves the ability and efficiency of data processing, also provides the side of richer data processing
Formula.
But there is also certain defects for the processing mode of data center: all data to be handled must quilt
Data center is stored, data center could be handled based on respective algorithms, output processing result.However, in big data
Generation, data are all the wealth of enterprise's preciousness, and enterprise is not desired to that the data center not controlled by itself data can not be put into, has gone
At data analysis and process.However, there is the demand that data are carried out to Conjoint Analysis between enterprise again.The prior art needs to provide
It is a kind of to solve above-mentioned contradictory data processing scheme.
Summary of the invention
The embodiment of the present invention provides a kind of audit of data and acquisition methods, device, system, equipment and medium, to realize number
It is handled according to Conjoint Analysis, and ensures the credibility and safety of Data Analysis Services process, and take into account multiparty data audit
Convenience.
In a first aspect, the embodiment of the invention provides a kind of data checking methods of decentralization, by trust computing device
It executing, the trust computing device is based on hardware realization trusted computation environment, this method comprises:
Receive the data analysis request that data user initiates;
According to the data analysis request, the data in data center are analyzed and processed based on one or more, to produce
Raw processing result;
To the one or more data centers for analyzing required data are provided, the audit request of the processing result is initiated;
When auditing result of the data center to the processing result meets setting and pass through condition, by the processing result of unlock
Feed back to the data user.
Second aspect, the embodiment of the invention also provides a kind of data capture methods of decentralization, by data user
It executes, this method comprises:
Data analysis request is initiated to trust computing device, wherein the data analysis request counts based on one or more
According to the data of central store, analyzed by the trust computing device, to generate processing result;
When auditing result of the data center to the processing result meets setting and pass through condition, filled from the trust computing
Set the processing result for obtaining unlock.
The third aspect, the embodiment of the invention also provides a kind of data checking methods of decentralization, this method comprises:
Trust computing device receives the data analysis request that data user initiates, wherein the trust computing device base
In hardware realization trusted computation environment;
The trust computing device according to the data analysis request, based on one or more the data in data center into
Row analysis processing, to generate processing result;
The trust computing device analyzes one or more data centers of required data to providing, and initiates the processing knot
The audit of fruit is requested;
The data center audits the processing result, and by auditing result feed back to the data user or
The trust computing device;
The trust computing device when data center meets setting to the auditing result of the processing result and passes through condition,
The processing result of unlock is fed back into the data user.
Fourth aspect, the embodiment of the invention provides a kind of data of decentralization to audit device, is configured at trust computing
In device, the trust computing device is based on hardware realization trusted computation environment, which includes:
Analysis request receiving module, the data analysis request that user initiates for receiving data;
Data read module, for according to the data analysis request, data in data center based on one or more
It is analyzed and processed, to generate processing result;
Audit request initiation module, for provide analyze needed for data one or more data centers, described in initiation
The audit of processing result is requested;
Processing result feedback module passes through item for meeting setting in auditing result of the data center to the processing result
When part, the processing result of unlock is fed back into the data user.
5th aspect, the embodiment of the invention provides a kind of data acquisition facilities of decentralization, are configured at data use
Fang Zhong, the device include:
Analysis request initiation module, for initiating data analysis request to trust computing device, wherein the data analysis
The request data that data center stores based on one or more, are analyzed by the trust computing device, to generate processing knot
Fruit;
Processing result obtains module, passes through item for meeting setting in auditing result of the data center to the processing result
When part, the processing result of unlock is obtained from the trust computing device.
6th aspect, the embodiment of the invention also provides a kind of trust computing devices, comprising:
One or more processors;
One or more memories, for storing one or more programs, wherein the processor and the memory base
It is realized in reliable computing technology;
When one or more of programs are executed by one or more of processors, so that one or more of processing
Device realizes the data checking method of decentralization described in first aspect.
7th aspect, the embodiment of the invention also provides a kind of equipment, comprising:
One or more processors;
Memory, for storing one or more programs;
When one or more of programs are executed by one or more of processors, so that one or more of processing
Device realizes the data capture method of decentralization described in second aspect.
Eighth aspect, the embodiment of the invention also provides a kind of data auditing system of decentralization, which includes:
Multiple data centers, the privately owned memory space of each data center is for storing data;
One or more trust computing devices, the trust computing device is using trust computing dress described in the 5th aspect
It sets.
9th aspect, the embodiment of the invention also provides a kind of computer readable storage mediums, are stored thereon with computer
Program realizes the data checking method of decentralization described in first aspect, or realizes the when the program is executed by processor
The data capture method of decentralization described in two aspects, or realize the data audit side of decentralization described in the third aspect
Method.
The data of decentralization provided in an embodiment of the present invention are audited and acquisition methods, device, system, equipment and medium,
By the data analysis request initiated according to the data user that receives, based on one or more the data in data center into
Row analysis processing, and then generate processing result;Since a large amount of primary data information (pdi) etc. may be carried in processing result,
In order to guarantee the data safety of data center, after generating processing result, one or more of data needed for being analyzed to offer
A data center initiates the audit request of processing result, and meets setting in auditing result of the data center to processing result and lead to
When crossing condition, the processing result of unlock is just fed back into data user.This programme can by utilizing trust computing device
Guarantee that the data in each data center will not be stored in the insincere memory space of other data centers;It can also be achieved data simultaneously
Conjoint Analysis processing, and ensure the credibility and safety of Data Analysis Services process.In addition, being fed back to data user
Before processing result, increase the review process of processing result, the data safety of data center can be further ensured, and use and set
Surely by condition, the convenience of multiparty data audit can be taken into account.
Detailed description of the invention
Fig. 1 is a kind of data processing system architecture diagram for decentralization that the embodiment of the present invention is applicable in;
Fig. 2 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention one;
Fig. 3 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention two;
Fig. 4 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention three;
Fig. 5 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention four;
Fig. 6 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention five;
Fig. 7 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention six;
Fig. 8 is a kind of flow chart of the data capture method of the decentralization provided in the embodiment of the present invention seven;
Fig. 9 is a kind of flow chart of the data capture method of the decentralization provided in the embodiment of the present invention eight;
Figure 10 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention nine;
Figure 11 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention ten;
Figure 12 is a kind of structural schematic diagram of the data audit device of the decentralization provided in the embodiment of the present invention 11;
Figure 13 is a kind of structural schematic diagram of the data acquisition facility of the decentralization provided in the embodiment of the present invention 12;
Figure 14 is a kind of structural schematic diagram of the trust computing device provided in the embodiment of the present invention 13;
Figure 15 is a kind of structural schematic diagram of the equipment provided in the embodiment of the present invention 14;
Figure 16 is a kind of data processing system structural schematic diagram of the decentralization provided in the embodiment of the present invention 15.
Specific embodiment
The present invention is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouched
The specific embodiment stated is used only for explaining the present invention rather than limiting the invention.It also should be noted that in order to just
Only the parts related to the present invention are shown in description, attached drawing rather than entire infrastructure.
Before introducing various embodiments of the present invention, first system architecture involved in the embodiment of the present invention is illustrated.Such as
Shown in Fig. 1, the data processing system framework 100 of the decentralization of the present embodiment may include: multiple data centers 110, one
Or multiple trust computing devices 120.
Wherein, each data center 110 belongs to the main body of a publication data, such as some enterprise, corresponding, data
Center can be the calculating equipment or cluster device that the enterprise dominant is possessed, and the data for being issued the enterprise dominant are deposited
Storage is controlled in privately owned memory space, and by the management of the enterprise dominant, and then can guarantee data in controlled range.Further
, data center 110 is believable for owned enterprise's main body, but is incredible for other main bodys.
Trust computing be calculate and communication system etc. in be widely used based on credible under hardware security module support
Platform is calculated, to improve the safety of system entirety;Trust computing device 120 can be the equipment configured with credible device, such as band
The calculating equipment of the processor (being suitable for Internet environment) of SGX (Software Guard Extensions), or have
The mobile terminal etc. of TEE (Trusted Execution Environment).The features such as big based on Data Analysis Data amount, this
In embodiment, trust computing device 120 is preferably the calculating equipment configured with credible device.Further, trust computing device
120 can be based on a kind of trusted computation environment of hardware realization, realize specifically by hardware technology and guarantee memory space and calculating
The believable environment of process, trusted computation environment can protect operate in code therein and data etc. will not be by any external software
It distorts and steals.
Illustratively, trust computing device 120 can be one, and the data that can read all data centers 110 are gone forward side by side
Row Conjoint Analysis processing;It can also be multiple, it can be based on existing parallel processing manner collaboration processing data, to improve data
Analyze the efficiency etc. of processing.In the present embodiment, using trust computing device, it can guarantee that the data in each data center will not deposit
Enter in the insincere memory space of other data centers;Simultaneously in the present embodiment, one or more trusted computation environments are equivalent to
Virtual combination Modeling Platform based on multiple data centers is, it can be achieved that data aggregate analysis is handled, and is ensured at data analysis
The credibility and safety of reason process.In addition, trust computing device can be the calculating independently of data center in the present embodiment
Equipment can also be the local space being integrated in inside data center, guarantee credibility by hardware technology.
Optionally, the data processing system framework of the decentralization of the present embodiment can also include block chain network 130, use
In recording the data fingerprint and relevant information of each link, for example, can be used for recording the data fingerprint of the issued data of data center
With relevant data specifying-information, it is convenient for data center and the inquiry of trust computing device and verifying etc..In addition, also based on block chain
It is capable of the entire process of monitoring data Conjoint Analysis processing, and then guarantees the orderly progress of entire process for using.
Optionally, the data processing system framework of the decentralization of the present embodiment can also include that (Fig. 1 is not by data user
It shows).Wherein, data user refers to the main body for needing to be analyzed and processed using data, such as some enterprise etc..It is exemplary
, data user can be the enterprise of some data center, and corresponding data center can be the data for constituting decentralization
One in processing system framework, and then data user can be participated in the system based on the data center belonging to it, be realized
Data analyzes demand;In addition, data user may not be the affiliated main body of data center, it can not be composition and go to center
Any one of the data processing system framework of change data center, data user can be advised based on the participation of the default
Then, it participates in the system, accesses, and then realize that data analyzes demand.
It is asked specifically, data user when needing to carry out data analysis, can initiate data analysis to trust computing device
It asks, trust computing device can be according to the data analysis request of data user, based on trust computing device to from one or more
The data that a data center obtains are analyzed, to generate processing result.
Since processing result may carry a large amount of primary data information (pdi)s, data center is unwilling to be fully disclosed, therefore,
Data center in order to data safety, it is desirable that audit to processing result, only audit pass through, just permission data make
Processing result is seen with side.If before data user will obtain processing result, needing to rely on the audit at multiparty data center, then
The audit for needing to obtain all multiparty data centers passes through, and can just obtain data result.And in the system of decentralization, arbitrarily
Data center is all reluctant to check for this demand, in this scenario, data processing system framework of the present embodiment in decentralization
Basic mountain, provide a kind of participative audit scheme of decentralization, data aggregate analysis processing may be implemented, and ensureing
In the case where the credibility of Data Analysis Services process and safety, the convenience of multiparty data audit can be taken into account.
Embodiment one
Fig. 2 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention one, this implementation
Example is applicable to the situation for being handled data, being audited etc., is particularly suitable for the data processing system frame based on decentralization
Data are analyzed in interaction between one or more trust computing devices, multiple data centers, data user in structure etc.
Processing and to the scene that processing result is audited, to solve the existing contradictory data processing method based on data center.
The technical solution of the embodiment of the present invention is executed by trust computing device, wherein it is credible that trust computing device is based on hardware realization
Calculate environment.This method can audit device by the data of decentralization to execute, which can be configured at trust computing device
Calculating equipment in, realized in a manner of hardware and/or software.Referring to fig. 2, this method can specifically include:
S210 receives the data analysis request that data user initiates.
In the present embodiment, data analysis request can be data user when with data analysis requirements, to credible meter
Calculate the request that device is initiated.It is specifically as follows data user when with data analysis requirements, passes through the data belonging to it
Center, based on the communication mechanism of setting to request transmitted by trust computing device;There can also be number for data user
When according to analysis demand, the request initiated by block chain network to trust computing device, for requesting block chain network should
Data analysis request is stored in block chain, and the data analysis request is sent to trust computing device;It can also be data
For user when with data analysis requirements, the communication mechanism based on setting is directly to request transmitted by trust computing device
Deng.
In the present embodiment, it is empty that the data that each data center can issue its affiliated main body are stored in local privately owned storage
Between in, while can based on the data fingerprint method of determination of setting, determine publication data data fingerprint;Then can according to really
The storage location of fixed data fingerprint and relevant data specifying-information such as data, storage time, Data Identification, publisher's mark
Knowledge and outline information introduction etc. generate data publication transactions requests, and are sent to block chain network, to request block chain network
By data fingerprint and relevant data specifying-information associated storage.Wherein, Data Identification is one and plays the role of unique identification
Identifier, if data in the privately owned memory space of data center are stored based on key-value pair, Data Identification be can be
Key mark;Publisher's mark can be the uniqueness identifier for proving data publisher's identity, such as can be publisher
ID, corresponding if publisher is enterprise, publisher's mark can be enterprise ID etc.;Outline information introduction is for briefly introducing number
According to purposes (that is data can be used for that does), the field that can be applied etc..
Data user can be inquired from block chain when with data analysis requirements by interacting with block chain network
The data specifying-information of each data center publication, to know that each data center can provide depositing for which data and data
Storage space is set, and then can be according to the actual analysis demand etc. of itself, data needed for determining analysis;Meanwhile data user can
By being interacted with trust computing device, to know parser that trust computing device is capable of providing;It then can be according to itself
Actual analysis demand, analyze the parser that required data and trust computing device are capable of providing, determine analysis mould
Type;And the data analysis request including analysis model is generated, and initiate to trust computing device.And then trust computing device can connect
The data analysis request that data user initiates is received, includes analysis model in data analysis request optionally.
S220, according to data analysis request, the data in data center are analyzed and processed based on one or more, to produce
Raw processing result.
Specifically, trust computing device receive data user initiation data analysis request after, can basis
At least a data and its storage location etc. specified by analysis model in data analysis request, from one where storage location
Or data are read in multiple data centers, then the data of reading are analyzed and processed, to generate processing result.
Illustratively, according to data analysis request, the data in data center are analyzed and processed based on one or more,
May include: to generate processing result
A, according to data analysis request, from one or more data centers, at least a data needed for analysis are read
It takes to the trusted storage space of trust computing device;
In the present embodiment, the trusted storage space of trust computing device refers to that trust computing device is preset, can use
In storage from storage medium required for the data that each data center reads, can be any large capacity can be by each data
The storage equipment that center is trusted such as can be memory storage space, caching etc..There is the access rate etc. being exceedingly fast due to caching
Characteristic, therefore convenient for quickly analyzing data, the trusted storage space of trust computing device is preferably slow in the present embodiment
It deposits.
It should be noted that if some trust computing device is located at the calculating equipment or cluster device of a data center
In, since the data that the trust computing device is read may be other data centers, leaking data in order to prevent, usually
Trust computing device is not allowed the data in caching to be written in the privately owned memory space such as disk of the data center where it.But
It is that under some special screnes, such as security classification requires lower data, can be written into.
In the present embodiment, the division of data can be carried out according to data center, for example, can will read from data center
Data are known as a data;For a data user, may need simultaneously data center provide different type/
The data of purposes further can carry out the division of data according to two dimensions of data center and data type/purposes, for example,
Same type/purposes the data read from a data center can be known as to a data.
Specifically, trust computing device receive data user initiation data analysis request after, can basis
At least a data and its storage location etc. specified by analysis model in data analysis request, from one where storage location
Or it is read data in multiple data centers in trusted storage space.
It illustratively,, will be at least a needed for analysis from one or more data centers according to data analysis request
The trusted storage space of reading data to trust computing device may include that, according to data analysis request, determination can provide analysis
One or more data centers of required data, and it is sent to it data read request, which is used for one or more data
Data are transferred to the trusted storage space of trust computing device by center from privately owned memory space.
B, the data of reading are carried out based on the parser run in trust computing device according to data analysis request
Analysis processing, to generate processing result, is stored in trusted storage space.
In the present embodiment, parser refers in system architecture creation or in operational process, by the most of participation
Negotiate to approve under the approval of number/all data centers such as line, the data analysis algorithm that determining trust computing device can be supported;
Convenient for subsequent use, the analysis code for the parser that approved by most of/all data centers participated in can be written can
Believe computing device.Illustratively, in the present embodiment, the data processing method of decentralization can also include: to receive by multiple
The parser of data center's confirmation, is saved in the trusted storage space of trust computing device.It is specifically as follows, multiple data
Center is held consultation common recognition, and parser is sent to trust computing device, and then trust computing by one of data center
Device can directly receive the parser of data center transmission confirmed by multiple data centers, and be saved in credible meter
In the trusted storage space for calculating device, later, each data center for participating in negotiating determination can be to write-in trust computing device
The analysis code of parser is checked, and then reduces the probability etc. that parser is tampered.
Further, in order to guarantee that the fair and just of processing can not be distorted and be analyzed to parser, in decentralization
In the case that data processing system framework includes block chain network, data center can be by the analysis by the confirmation of multiple data centers
Algorithm is added on chain in store transaction request, and store transaction request on the chain is sent to block chain network, to request area
The parser is written in block chain block chain network.Illustratively, the parser by the confirmation of multiple data centers is received,
Be saved in the trusted storage space of trust computing device may include: that multiple data center's confirmations are obtained from block chain network
Parser, be saved in the trusted storage space of trust computing device.It is specifically as follows, trust computing device can be from area
The parser of multiple data center's confirmations is obtained in block chain network, and acquired parser is saved to trust computing and is filled
In the trusted storage space set.
Specifically, trust computing device can according to the parser specified by analysis model in data analysis request, from
The parser is called in the trusted storage space of trust computing device;Then using the data of reading as the ginseng of the parser
Number, runs the parser based on trusted computation environment constructed by trust computing device, to generate processing result, and will be at this
Reason result is stored in trusted storage space.
S230 initiates the audit request of processing result to the one or more data centers for analyzing required data are provided.
In the present embodiment, audit request refers to that trust computing device is analyzed and processed to the data of reading, at generation
After managing result, the audit request including processing result of generation;It, can also be first to processing in order to guarantee the safety of processing result
As a result it is encrypted, what is then generated includes the audit request of the processing result of encryption.Audit request is mentioned for requesting
Processing result is audited for one or more data centers of data needed for analyzing, and in the case where audit passes through, instead
Present auditing result, wherein auditing result can be license signature information of data center etc..Wherein, license signature information can be with
It is a kind of for showing the signing messages of identity, such as can be the data private key of data center.
Specifically, since a large amount of primary data information (pdi) etc. may be carried in processing result, in order to guarantee data
The data safety at center, trust computing device are analyzed and processed to the data of reading, can foundation after generating processing result
Processing result generates audit request, and one or more based on the preset communication mechanism directly data to needed for providing analysis
A data center sends the audit request of the processing result.
In addition, in the case where the data processing system framework of decentralization includes block chain network, trust computing device
According to processing result generate audit request after, can also by being interacted with block chain network, and then by block chain network to
One or more data centers of data needed for analyzing are provided, audit request of the processing result etc. is sent.
S240, when auditing result of the data center to processing result meets setting and pass through condition, by the processing knot of unlock
Fruit feeds back to data user.
In the present embodiment, setting can be the default setting in system creation by condition, or run in system
In journey (when such as trust computing device receives data analysis request, or to before data user's feedback processing result etc.) in real time
Negotiate via all data centers of participation as negotiated setting under line, processing result is fed back to full needed for data user
The condition of foot.Illustratively, the auditing result of processing result meet setting can be with by condition are as follows: audit the first quantity passed through
Reach the setting ratio or setting range value of the second quantity, wherein the first quantity is in the data passed through to processing result audit
The quantity of the heart, the second quantity are to provide the quantity at the total data center for analyzing required data.
In addition, setting is storable in the trusted storage space of trust computing device by condition, specially multiple data
Center is held consultation common recognition, and will be set by one of data center and be sent to trust computing device, Jin Erke by condition
Believe computing device will set by condition, there are trusted storage spaces;It can also be stored in block chain network, it is specially multiple
Data center holds consultation common recognition, and is asked according to setting by store transaction on condition generation chain by one of data center
It asks, and is transmitted to block chain network, to request the node in block chain network to store setting as transactions requests by condition
In block chain, and then trust computing device can obtain setting from block chain network and pass through condition.
The feelings that specifically, receiving the data center of audit request, processing result can be audited, and passed through in audit
Under condition, auditing result such as its license signature information are fed back;And then trust computing device can be according to the license signature information of feedback
Quantity (quantity for the data center that namely processing result audit is passed through), and the total data for analyzing required data is provided
The quantity at center, judges whether data center meets setting by condition to the auditing result of processing result, if so, will unlock
Processing result feed back to data user, the data processed result of unencryption is such as fed back into data user, or will adopt
Data user is fed back to the processing result of authentic device own key such as private key or public key encryption, so that data user solves
It is close to obtain processing result etc..
Illustratively, when auditing result of the data center to processing result meets setting and pass through condition, by the place of unlock
Reason result, which feeds back to data user, may is that the auditing result for receiving the processing result of data center's feedback, in processing result
Auditing result meet setting when passing through condition, the processing result of unencryption is fed back into data user.In order to guarantee to handle
As a result safety may further will be fed back to using the processing result of authentic device own key such as private key or public key encryption
Data user, so that data user decryption is to obtain processing result etc..
It should be noted that setting employed in the present embodiment determines data center to processing result by unlimited in condition
Audit sequence, can avoid occurring carrying out audit according to sequence having the excessively high phenomenon of charging;And setting should not by condition
Ask provide analyze needed for the total data centers of data pass through, so that it may unlock processing result, that is to say, that data center can be with
Decide whether to audit processing result according to own actual situation, takes into account the convenience of multiparty data audit.
Technical solution provided in an embodiment of the present invention is asked by the data analysis initiated according to the data user received
It asks, the data in data center are analyzed and processed based on one or more, and then generate processing result;Due in processing result
A large amount of primary data information (pdi) etc., therefore the data safety in order to guarantee data center may be carried, processing result is being generated
Later, the audit request of processing result to the one or more data centers for analyzing required data are provided, can be initiated, and in data
When center passes through condition to the auditing result satisfaction setting of processing result, the processing result of unlock is just fed back into data and is used
Side.This programme can guarantee that the data in each data center will not be stored in other data centers by utilizing trust computing device
Insincere memory space in;Can also be achieved data aggregate analysis processing simultaneously, and ensure Data Analysis Services process can
Letter property and safety.It, can be into addition, increase the review process of processing result to before data user's feedback processing result
One step ensure that the data safety of data center, and can take into account the convenience of multiparty data audit by condition using setting.
Embodiment two
Fig. 3 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention two, this implementation
Example is initiated in the basic mountain of above-described embodiment, one or more data centers of data needed for further opposite offer is analyzed
The audit request of processing result is explained.Referring to Fig. 3, this method be can specifically include:
S310 receives the data analysis request that data user initiates.
S320, according to data analysis request, the data in data center are analyzed and processed based on one or more, to produce
Raw processing result.
S330 is obtained asymmetrical credible private key and trusted public keys, and is encrypted using trusted public keys to processing result,
To obtain encryption result.
In the present embodiment, asymmetrical credible private key and trusted public keys, i.e., the asymmetric key pair of credible computing device can
Be it is pre-generated fixed constant, can also be and generate in real time according to demand.In order to guarantee the safety of data, the present embodiment
What the asymmetric key pair of middle trust computing device preferably generated in real time according to demand, it specifically may is that trust computing device
Be analyzed and processed to the data of reading, after generating processing result, using key schedule, such as based on random number and
Elliptic curve generates asymmetrical key pair, i.e., credible private key and trusted public keys;And terminate it in this analysis process flow
Afterwards, this generated asymmetrical key pair failure is controlled.
It, can be with after generating processing result specifically, trust computing device is analyzed and processed to the data of reading
Asymmetrical key pair, i.e., credible private key and trusted public keys are generated using key schedule;And using trusted public keys to processing
As a result it is encrypted, and then obtains encryption result.
Credible private key is respectively adopted and provides the data public affairs for the one or more data centers for analyzing required data by S340
Key is encrypted, and by encrypted credible private key and encryption as a result, carrying in the audit request of processing result, is sent to
Corresponding data center.
In the present embodiment, there are corresponding data private key and data public key in each data center, dedicated for carrying out to data
Encryption and decryption, optionally, the data private key and data public key of each data center are also to generate in real time according to demand, specifically can be with
It is to be generated using key schedule, or can be after the data read request for receiving the transmission of trust computing device
When data center monitors that trust computing device reads data out of its privately owned memory space, generated using key schedule
, and data public key is transferred to trust computing device.
Specifically, trust computing device, which can be respectively adopted, provides the one or more data centers for analyzing required data
Data public key encrypts credible private key, and the credible private key of encryption and encryption result are then added to audit request
In, and corresponding data center is transmitted directly to based on preset communication mechanism, so that data center uses its own
The credible private key of data private key pair encryption is decrypted, and credible private key is obtained, and is carried out later using credible private key pair encryption processing result
Decryption, to obtain processing result and be audited to processing result and feed back auditing result such as data private key.
S350, when auditing result of the data center to processing result meets setting and pass through condition, by the processing knot of unlock
Fruit feeds back to data user.
Technical solution provided in an embodiment of the present invention provides a kind of credible private key using trust computing device, credible
Public key and the data public key of data center generate and initiate the scheme of audit request, it is ensured that processing result is in transmission process
In safety;A kind of new approaches are provided for safe transmission processing result.
Embodiment three
Fig. 4 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention three, this implementation
Example is on the basic mountain of above-described embodiment, in the case where the data processing system framework of decentralization includes block chain network, again
Further opposite to provide the one or more data centers for analyzing required data, the audit request for initiating processing result explains
Explanation.Referring to fig. 4, this method can specifically include:
S410 receives the data analysis request that data user initiates.
S420, according to data analysis request, the data in data center are analyzed and processed based on one or more, to produce
Raw processing result.
S430 is obtained asymmetrical credible private key and trusted public keys, and is encrypted using trusted public keys to processing result,
To obtain encryption result.
Credible private key is respectively adopted and provides the data public affairs for the one or more data centers for analyzing required data by S440
Key is encrypted.
S450, by encrypted credible private key and encryption as a result, carrying in the audit request of processing result, concurrently
Audit transactions requests are played to block chain network, to request block chain node to notify that corresponding data center is audited.
In the present embodiment, audit transactions requests refer to trust computing device according to including encrypted credible private key and encryption
The audit of processing result requests to generate, and the request initiated to block chain network.Optionally, auditing can wrap in transactions requests
Audit request is included, can also include data center's mark etc. of data needed for analysis is provided;Wherein, refer to can for data center's mark
With the identifier for a certain data center of unique identification, such as ID.Further, the audit transactions requests are for requesting block
Node such as current block in chain network generate node and obtain data center's mark from audit transactions requests, and according in data
Audit request is sent to corresponding data center and audited by heart mark.
Specifically, trust computing device can ask the audit including encrypted credible private key and encryption result
The data center's mark etc. for seeking and providing data needed for analyzing is added in the specific fields of audit transactions requests template, into
And generate audit transactions requests;Can also be will include encrypted credible private key and encryption result audit request, with
And provide and analyze the parameter that data center's mark of required data etc. generates intelligent contract as affairs, the intelligence contract is run,
And then generate audit transactions requests.
After generating audit transactions requests, it can be directly transferred to block chain network, to request block chain network
In node notify that corresponding data center is audited;The data interaction platform provided by block chain node is provided
(such as client end interface, webpage or the interactive interface of fixation) interacts, and sends audit transactions requests to block chain network, with
Node in request block chain network notifies that corresponding data center is audited.
S460, when auditing result of the data center to processing result meets setting and pass through condition, by the processing knot of unlock
Fruit feeds back to data user.
Optionally, auditing result can be fed back to block chain network, Jin Erke by the back end for receiving audit request
Letter computing device can obtain each back end to the auditing result of processing result from block chain network, then can be according to each data
Auditing result of the node to processing result, it is determined whether meet setting and passes through condition, in the case where meeting setting by condition,
The processing result of unlock is fed back into data user.
Optionally, auditing result can also be fed directly to trust computing dress by the back end for receiving audit request
It sets, and then trust computing device can directly acquire each back end to the auditing result of processing result.
Illustratively, receive audit request back end can also by the direct feedback data user of auditing result,
Trust computing device etc. is transmitted to by data user.
Technical solution provided in an embodiment of the present invention provides a kind of credible private key using trust computing device, credible
Public key and the data public key of data center generate the scheme of audit request, it is ensured that peace of the processing result in transmission process
Quan Xing;A kind of new approaches are provided for safe transmission processing result;Meanwhile introduce block chain network, by block chain network to
There is provided data center's transmission audit request of data needed for analyzing, it is ensured that the orderly progress of whole flow process.
Example IV
Fig. 5 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention four, this implementation
Example further passes through item to the auditing result satisfaction setting of processing result in data center on the basic mountain of above-described embodiment
When part, the processing result of unlock is fed back into data user and is explained.Referring to Fig. 5, this method be can specifically include:
S510 receives the data analysis request that data user initiates.
S520, according to data analysis request, the data in data center are analyzed and processed based on one or more, to produce
Raw processing result.
S530 is obtained asymmetrical credible private key and trusted public keys, and is encrypted using trusted public keys to processing result,
To obtain encryption result.
Credible private key is respectively adopted and provides the data public affairs for the one or more data centers for analyzing required data by S540
Key is encrypted, and by encrypted credible private key and encryption as a result, carrying in the audit request of processing result, is sent to
Corresponding data center.
Wherein, there are corresponding data private key and data public key in each data center.
S550, by encryption as a result, the data public key of the data center passed through using audit carries out secondary encryption, with
To secondary encryption result.
In the present embodiment, the audit request of processing result is used to indicate data center when audit passes through, by the number of oneself
It is sent to data user according to private key, for data user, when the auditing result of processing result meets setting and passes through condition,
Secondary encryption result is unlocked using data private key and credible private key.Wherein, the number of auditing result data center
It is indicated according to private key;Auditing the data center passed through is the data center to data user's feedback data private key.
Specifically, the data center of the audit request of processing result is received, using credible private key pair encryption processing knot
Fruit is decrypted after reading process result, can audit to processing result, and in the case where audit passes through, by oneself
Data private key is sent to data user as auditing result;Later, data user can be by oneself received data private key
Situation is fed directly to trust computing device, or oneself received data private key situation is added in transactions requests and is sent
It is stored to block chain network, and then trust computing device can obtain data user from block chain and receive data private key feelings
Condition.Wherein, data private key situation may include data center's mark etc. of data private key number and feedback data private key.
Trust computing device is when determining that data user reception data private key situation satisfaction setting passes through condition, Ke Yiyi
According to data private key situation, the data public key for the data center that audit passes through is obtained from trusted storage space, and logical using audit
The data public key for the data center crossed carries out secondary encryption to encryption result, to obtain secondary encryption result.
In addition, the convenience of data center's audit, data user can also in real time receive oneself in order to further increase
Data private key intelligence aids to provide analyze needed for data total data center, or be notified to offer analyze needed for data
Total data center in also non-feedback data private key data center;And then the data center of data private key situation is received,
It may be selected to audit processing result, and the case where audit passes through according to normal auditing flow, feed back the private of its data
Key;It also may be selected inreal according to data private key situation (such as data private key data is enough, reaches exempt to examine threshold value etc. in other words)
Processing result auditing flow is carried out, default audit passes through, and directly feeds back its data private key.
Secondary encryption result and credible private key are fed back to data user by S560.
Specifically, trust computing device is after obtaining secondary encryption result, it can be by secondary encryption result
Data user is fed back to credible private key, so that data user is according to credible private key, received data private key to secondary
Encryption result is decrypted, to obtain processing result.
It should be noted that data user is only added using credible private key and trust computing device in the present embodiment
The data private key of all data centers used by close, is decrypted secondary encryption result, can just unlock processing result.
If any data private key is wrong, processing result cannot be unlocked.This programme, using the public key of multiple data centers to encrypted result
Secondary encryption is carried out, ensure that the safety of processing result;The audit sequence of multiple data centers is unlimited simultaneously, and needs not be provided point
The total data center of data needed for analysing passes through, so that it may unlock processing result, take into account the convenience of multiparty data audit.
Technical solution provided in an embodiment of the present invention, in the credible private key using trust computing device, trusted public keys, and
The data public key of data center generates and after data center's initiation audit request of the data to needed for providing analysis, can use
Audit the data public key of data center that passes through and secondary encryption carried out to encryption result, and by secondary encryption result and
Credible private key feeds back to data user, so that data user adds according to credible private key, received data private key to secondary
Close processing result is decrypted, to obtain processing result.This programme increases place by being encrypted twice to processing result
The security level for managing result, reduces the risk that processing result is leaked.
Embodiment five
Fig. 6 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention five, this implementation
Example is on the basic mountain of above-described embodiment, in the case where the data processing system framework of decentralization includes block chain network, into
The optimization of one step.Referring to Fig. 6, this method be can specifically include:
S610 receives the data analysis request that data user initiates.
S620, according to data analysis request, the data in data center are analyzed and processed based on one or more, to produce
Raw processing result, is stored in trusted storage space.
S630 is obtained asymmetrical credible private key and trusted public keys, and is encrypted using trusted public keys to processing result,
To obtain encryption result.
Credible private key is respectively adopted and provides the data public affairs for the one or more data centers for analyzing required data by S640
Key is encrypted, and by encrypted credible private key and encryption as a result, carrying in the audit request of processing result, is sent to
Corresponding data center.
Wherein, there are corresponding data private key and data public key in each data center.
S650 obtains the reception state of the data private key of data user feedback.
In the present embodiment, reception state, that is, data user of data private key receives data private key situation, may include number
According to the data center of private key number and feedback data private key mark etc..
Specifically, data user can be in real time to the reception state of trust computing device feedback data private key;Further,
In order to reduce the Times of Feedback of data user, it is private according to the data received by itself that data user can be spaced certain time length
Key situation feeds back the reception state of a data private key to trust computing device, until Times of Feedback reaches setting Times of Feedback
Upper limit value until;It can also be that the time for being sent to data center in determining audit request reaches default with current time difference
Feedback duration, then the reception according to the data private key situation received by itself, to trust computing device feedback data private key
State.In the present embodiment, it is preferred to use a kind of last scheme carries out the feedback of the reception state of data private key.
Optionally, the reception state of data private key directly can be fed back to trust computing device, Jin Erke by data user
Letter computing device can obtain the reception state of the data private key of data user feedback.In addition, in the data processing of decentralization
In the case that system architecture includes block chain network, data user can also feed back by block chain network to trust computing device
The reception state of data private key.
Illustratively, the reception state for obtaining the data private key of data user feedback may include: from block chain network
The reception state of the middle data private key for reading data user, wherein the reception state in block chain network is data user
What report when receiving data private key or data center reported when to data user's feedback data private key.
Specifically, the reception state of received data private key can be reported to block chain network, such as data by data user
The reception state of received data private key can be added in transactions requests by user, block chain network is transmitted to, so that block
Chain network is stored in the reception state of data private key as Transaction Information in block chain, and then trust computing device can be from block
The reception state of the data private key of data user is read in chain network.
It is also possible that multiple data centers of data user's feedback data private key, to data user's feedback coefficient
When according to private key, can hold consultation common recognition, and the reception state of data private key is reported to block link network by one of data center
The reception state of data private key is such as added in transactions requests by network, is transmitted to block chain network, so that block chain network will count
It is stored in block chain according to the reception state of private key as Transaction Information, and then trust computing device can be read from block chain network
The reception state fetched according to the data private key of user.
Optionally, trust computing device can also be by monitoring data center to the behaviour of data user's feedback data private key
Make, alternatively, monitoring data user receives the operation of data private key, determines the reception state of data private key.
S660, if determining that the auditing result of processing result is full according to data private key by the reception state of data user
When foot setting passes through condition, it is determined that the data center of feedback data private key is the data center that audit passes through.
Specifically, trust computing device after getting the reception state of data private key of data user, can determine whether to count
According to private key by the data private key number in the reception state of data user, if meet setting by condition, in the feelings of satisfaction
Under condition, that is to say, that when the auditing result satisfaction setting of processing result passes through condition, determine the data center of feedback data private key
To audit the data center passed through.
S670, by encryption as a result, the data public key of the data center passed through using audit carries out secondary encryption, with
To secondary encryption result.
Secondary encryption result and credible private key are fed back to data user by S680;
Wherein, the audit request of processing result is used to indicate data center when audit passes through, by the data private key of oneself
It is sent to data user, for data user, when the auditing result of processing result meets setting and passes through condition, using number
Secondary encryption result is unlocked according to private key and credible private key.
Technical solution provided in an embodiment of the present invention, in the credible private key using trust computing device, trusted public keys, and
The data public key of data center generates and after data center's initiation audit request of the data to needed for providing analysis, if according to number
According to the reception state of the data private key of user's feedback, when determining that the auditing result satisfaction setting of processing result passes through condition, really
The data center for determining feedback data private key is to audit the data center passed through;It then can be using the data center that audit passes through
Data public key carries out secondary encryption to encryption result, and secondary encryption result and credible private key are fed back to data makes
With side, so that data user is decrypted secondary encryption result according to credible private key, received data private key, with
Obtain processing result.This programme increases the security level of processing result, reduces by being encrypted twice to processing result
The risk that processing result is leaked.
Embodiment six
Fig. 7 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention six, this implementation
Example is on the basic mountain of above-described embodiment, in the case where the data processing system framework of decentralization includes block chain network, into
The optimization of one step provides a kind of scheme set in real time based on block chain network through condition.Referring to Fig. 7, this method is specific
May include:
S710 receives the data analysis request that data user initiates.
S720, according to data analysis request, the data in data center are analyzed and processed based on one or more, to produce
Raw processing result, is stored in trusted storage space.
S730 initiates setting and is asked by the negotiation of condition to the one or more data centers for analyzing required data are provided
It asks, to determine that setting passes through condition.
In the present embodiment, due to different processing condition datas, the whole of data needed for different offers is analyzed can be corresponded to
Therefore the quantity of data center can set according to different processing condition data real-time updates and pass through condition;Alternatively, can be with
It is data processing of every progress, determines that the setting for the processing condition data passes through condition etc. in real time.
Setting can be trust computing device by the negotiation request of condition and detect a certain trigger mechanism, such as generate
It is automatically generated after processing result, or automatically generated after receiving data analysis request etc., analysis is provided for requesting
One or more data centers of required data, which hold consultation, determines that setting passes through condition.
Specifically, trust computing device can produce setting and pass through condition to before data user's feedback processing result
Negotiation request, and be sent to provide analyze needed for data one or more data centers, to request one or more data
Center determines that setting passes through condition.In addition, in the case where the data processing system framework of decentralization includes block chain network,
Trust computing device can also send to one or more data centers of the data to needed for providing analysis by block chain network and set
Surely it is requested by the negotiation of condition.
Illustratively, to the one or more data centers for analyzing required data are provided, the association that setting passes through condition is initiated
It consults and request and asks, may include: by condition to determine to set
A, the negotiation transactions requests that setting passes through condition are initiated from block chain network, to request block chain node to offer point
One or more data centers of data needed for analysing initiate setting and are requested by the negotiation of condition, and determine that setting passes through condition;
In the present embodiment, negotiates transactions requests and refer to that trust computing device please seek survival according to setting by the negotiation of condition
At, and the request initiated to block chain network.Optionally, negotiate to may include negotiating request in transactions requests, can also wrap
It includes to provide and analyzes data center's mark of required data etc..Further, the negotiation transactions requests are for requesting block chain network
In node such as current block generate node from negotiate transactions requests in obtain data center mark, and according to data center identify
It will negotiate request and be sent to corresponding data center, and be determined with the negotiation of request data center and set the condition of passing through and feed back.
Specifically, trust computing device can will be negotiated to request and provide the data center's mark for analyzing required data
Etc. be added to negotiate transactions requests template specific fields in, and then generate negotiate transactions requests;Can also be will negotiate request,
And provide and analyze the parameter that data center's mark of required data etc. generates intelligent contract as affairs, run intelligence conjunction
About, and then negotiation transactions requests are generated.
After generating negotiation transactions requests, it can be directly transferred to block chain network, to request block chain network
In node notify corresponding data center, negotiate to determine setting by condition and feeding back with request data center;It can also be
It is handed over by the data interaction platform (such as client end interface, webpage or the interactive interface of fixation) that block chain node provides with it
Mutually, it is sent to block chain network and negotiates transactions requests, to request the node in block chain network to notify corresponding data center, with
Negotiate to determine that setting passes through condition and feeds back in request data center.
B, the setting that processing result is obtained from block chain network passes through condition.
Specifically, receiving the data center for negotiating request, after negotiating to determine setting by condition, can hold consultation
Common recognition generates store transaction on chain by condition according to setting by one of data center and requests, and is transmitted to block link network
Network is stored in block chain by condition as transactions requests using requesting the node in block chain network that will set, and then credible
Computing device can obtain setting from block chain network and pass through condition.
S740 initiates the audit request of processing result to the one or more data centers for analyzing required data are provided.
S750, when auditing result of the data center to processing result meets setting and pass through condition, by the processing knot of unlock
Fruit feeds back to data user.
It should be noted that S730 determines that setting, can be to data user's feedback processing result by the process of condition
It carries out, can also be carried out when S710 before, the sequencing of above-mentioned process is a kind of example, is not to limit.
Technical solution provided in an embodiment of the present invention introduces block chain by the data processing system framework in decentralization
Network, trust computing device can be by block chain network to before data user's feedback processing result, or is receiving
When data analysis request, to the one or more data centers for analyzing required data are provided, the association that setting passes through condition is initiated
Consult and request and ask so that receive negotiate request data center can negotiated in real time determine that setting by condition, and is fed back.This programme,
By providing a kind of real-time determining scheme set through condition by block chain network, the flexible of data audit is increased
Degree.
Embodiment seven
Fig. 8 is a kind of flow chart of the data capture method of the decentralization provided in the embodiment of the present invention seven, this implementation
Example the case where being applicable to data acquisition, be particularly suitable for trust computing device using above-mentioned any embodiment to data into
Under row analysis processing and the scene audited to processing result, data user obtains the related datas such as processing result
Situation.The technical solution of the embodiment of the present invention can be executed by data user.This method can be by the data acquisition of decentralization
Device executes, which can be realized in a manner of hardware and/or software.Referring to Fig. 8, this method be can specifically include:
S810 initiates data analysis request to trust computing device, wherein data analysis request counts based on one or more
It according to the data of central store, is analyzed by trust computing device, to generate processing result.
In the present embodiment, data analysis request can be data user when with data analysis requirements, to credible meter
Calculate the request that device is initiated.It is specifically as follows data user when with data analysis requirements, passes through the data belonging to it
Center, based on the communication mechanism of setting to request transmitted by trust computing device;There can also be number for data user
When according to analysis demand, the request initiated by block chain network to trust computing device, for requesting block chain network should
Data analysis request is stored in block chain, and the data analysis request is sent to trust computing device;It can also be data
For user when with data analysis requirements, the communication mechanism based on setting is directly to request transmitted by trust computing device
Deng.
Specifically, data user is when with data analysis requirements, it can be by being interacted with block chain network, from block chain
The data specifying-information of the middle each data center's publication of inquiry, to know that each data center can provide which data, and number
According to storage location etc., and then can be according to the actual analysis demand etc. of itself, data needed for determining analysis;Meanwhile data make
With can be by being interacted with trust computing device, to know parser that trust computing device is capable of providing;It then can root
According to the actual analysis demand of itself, the parser that required data and trust computing device are capable of providing is analyzed, is determined
Analysis model;And the data analysis request including analysis model is generated, and initiate to trust computing device.And then trust computing dress
The data analysis request that receivable data user initiates is set, and according to specified by analysis model in data analysis request at least
A data and its storage location etc. read data to trusted storage from one or more data centers where storage location
In space, then the data of reading are carried out based on the parser run in trust computing device according to data analysis request
Analysis processing, to generate processing result, is stored in trusted storage space.
S820, when auditing result of the data center to processing result meets setting and pass through condition, from trust computing device
Obtain the processing result of unlock.
In the present embodiment, setting can be the default setting in system creation by condition, or run in system
In journey (when such as trust computing device receives data analysis request, or to before data user's feedback processing result etc.) in real time
Negotiate via all data centers of participation as negotiated setting under line, processing result is fed back to full needed for data user
The condition of foot.Illustratively, the auditing result of processing result, which meets to set, passes through condition are as follows: audits the first quantity passed through and reaches
The setting ratio or setting range value of second quantity, wherein the first quantity is the data center passed through to processing result audit
Quantity, the second quantity are to provide the quantity at the total data center for analyzing required data.
In the present embodiment, auditing result refers to that data center audits to processing result, and the feelings passed through in audit
Under condition, the information fed back to data user or trust computing device such as can be the license signature information of data center,
In, license signature information can be a kind of for showing the signing messages of identity, such as can be the data private key of data center.
Specifically, since a large amount of primary data information (pdi) etc. may be carried in processing result, in order to guarantee data
The data safety at center, trust computing device are analyzed and processed to the data of reading, can foundation after generating processing result
Processing result generates audit request, and one or more based on the preset communication mechanism directly data to needed for providing analysis
A data center sends the audit request of the processing result.The data center for receiving audit request, can carry out processing result
Audit, and in the case where audit passes through, auditing result is fed back, and then trust computing device can be according to the auditing result of feedback
Quantity (quantity for the data center that namely processing result audit is passed through), and the total data for analyzing required data is provided
The quantity at center, judges whether data center meets setting by condition to the auditing result of processing result, if so, will unlock
Processing result feed back to data user.And then data user can meet in auditing result of the data center to processing result
When setting passes through condition, the processing result of unlock is obtained from trust computing device.
Technical solution provided in an embodiment of the present invention, data user, can be to credible meters when with data analysis requirements
It calculates device and initiates data analysis request, so that the data analysis that trust computing device is initiated according to the data user received is asked
It asks, at least a data needed for analysis can be read from one or more data centers, and according to the data analysis request pair
The data read from one or more data centers are analyzed and processed, and generate processing result, and in data center to processing
As a result when auditing result satisfaction setting passes through condition, the processing result of unlock is just fed back into data user, and then data
User can obtain from trust computing device and solve when auditing result of the data center to processing result meets setting and pass through condition
The processing result of lock.This programme can guarantee that the data in each data center will not be stored in it by utilizing trust computing device
In the insincere memory space of his data center;It can also be achieved data aggregate analysis processing simultaneously, and ensure at data analysis
The credibility and safety of reason process.In addition, increasing the audit of processing result to before data user's feedback processing result
Process can further ensure the data safety of data center, and can take into account multiparty data audit by condition using setting
Convenience.
Embodiment eight
Fig. 9 is a kind of flow chart of the data capture method of the decentralization provided in the embodiment of the present invention eight, this implementation
Example on the basis of the above embodiments, further passes through condition to the auditing result satisfaction setting of processing result in data center
When, the processing result for obtaining unlock from trust computing device is explained.Referring to Fig. 9, this method be can specifically include:
S910 initiates data analysis request to trust computing device, wherein data analysis request counts based on one or more
It according to the data of central store, is analyzed by trust computing device, to generate processing result.
S920 indicates that the data that audit passes through are private from the one or more data centers acquisition for analyzing required data is provided
Key.
In the present embodiment, there are corresponding data private key and data public key in each data center, dedicated for carrying out to data
Encryption and decryption, optionally, the data private key and data public key of each data center are also to generate in real time according to demand, specifically can be with
It is to be generated using key schedule, or can be after the data read request for receiving the transmission of trust computing device
When data center monitors that trust computing device reads data out of its privately owned memory space, generated using key schedule
, and data public key is transferred to trust computing device.Wherein, auditing result is indicated with the data private key of data center.
Specifically, trust computing device, which can be respectively adopted, provides the one or more data centers for analyzing required data
Data public key encrypts credible private key, and the credible private key of encryption and encryption result are then added to audit request
In, and corresponding data center is transmitted directly to based on preset communication mechanism, so that data center uses its own
The credible private key of data private key pair encryption is decrypted, and credible private key is obtained, and is carried out later using credible private key pair encryption processing result
Decryption is fed back to obtain processing result and audit to processing result, and in the case where audit passes through to data user
Auditing result such as data private key.And then data user can obtain from the one or more data centers for analyzing required data are provided
Indicate the data private key that audit passes through.
Illustratively, one or more data centers of the data needed for providing analysis obtain the data for indicating that audit passes through
It can also include: the reception state for the data private key that reception data center is provided while private key, feed back to trust computing dress
It sets.In the present embodiment, it may include data private key that reception state, that is, data user of data private key, which receives data private key situation,
The data center of number and feedback data private key mark etc..
Specifically, data user obtains in one or more data centers of the data needed for providing analysis indicates audit
By data private key while, can also be according to the data private key situation received by itself, directly to trust computing device
The reception state of feedback data private key, or by block chain network to the reception shape of trust computing device feedback data private key
State.
Illustratively, the reception state that will receive the data private key that data center provides feeds back to trust computing device tool
Body can be with are as follows: the reception state that will receive the data private key that data center provides is reported to block chain network, for trust computing
Device is inquired.
Specifically, the reception state of received data private key can be reported to block chain network, such as data by data user
The reception state of received data private key can be added in transactions requests by user, block chain network is transmitted to, so that block
Chain network is stored in the reception state of data private key as Transaction Information in block chain, and then trust computing device can be from block
The reception state of the data private key of data user is read in chain network.
S930 obtains secondary encryption result and credible private key from trust computing device, wherein secondary encryption knot
Fruit is the trusted public keys using trust computing device, and the data public key of data center that passes through of audit carries out secondary encryption and obtains
?.
In the present embodiment, auditing the data center passed through is the data center to data user's feedback data private key.
Specifically, trust computing device after getting the reception state of data private key of data user, can determine whether to count
According to private key by the data private key number in the reception state of data user, if meet setting by condition, in the feelings of satisfaction
Under condition, that is to say, that when the auditing result satisfaction setting of processing result passes through condition, determine the data center of feedback data private key
To audit the data center passed through.The data public key of the data center then passed through using audit, to using trust computing device
The encryption result that is encrypted of trusted public keys carry out secondary encryption, it is credible to obtain secondary encryption as a result, later
Secondary encryption result and credible private key can be fed back to data user by computing device.And then data user can be from can
Believe that computing device obtains secondary encryption result and credible private key.
S940, when the data private key of acquisition reaches setting and passes through condition, using credible private key and data private key to secondary
Encryption result is unlocked, to obtain processing result.
Specifically, data user gets secondary encryption result and credible private key from trust computing device, then really
Surely the data private key obtained reaches setting by condition, can use credible private key and received data private key pair later
Secondary encryption result is decrypted, to obtain processing result.
Technical solution provided in an embodiment of the present invention, data user can obtain letter private key from trust computing device,
And the data public key of the data center passed through via trust computing device using audit, to what is encrypted using credible private key
Encryption is as a result, carry out the secondary encryption that secondary encryption obtains as a result, and setting determining that the data private key obtained reaches
When passing through condition surely, secondary encryption result is decrypted according to credible private key, received data private key, to obtain place
Manage result.This programme increases the security level of processing result, reduces processing by being encrypted twice to processing result
As a result the risk being leaked.
Embodiment nine
Figure 10 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention nine, this implementation
Example on the basis of the above embodiments, provides a kind of one or more trust computing device, multiple data centers, data use
The preferred embodiment that interaction handles data, audits between side etc..Referring to Figure 10, this method be can specifically include:
S1010, trust computing device receive the data analysis request that data user initiates, wherein trust computing device
Based on hardware realization trusted computation environment.
S1020, trust computing device is according to data analysis request, and the data in data center carry out based on one or more
Analysis processing, to generate processing result.
Illustratively, trust computing device is according to data analysis request, based on one or more the data in data center
It is analyzed and processed, may include: to generate processing result
Trust computing device is according to data analysis request, from one or more data centers, analysis is required at least
A reading data is to the trusted storage space of trust computing device;
Trust computing device is according to data analysis request, based on the parser run in trust computing device, to reading
Data be analyzed and processed, to generate processing result, be stored in trusted storage space.
S1030, trust computing device analyze one or more data centers of required data to providing, and initiate processing result
Audit request.
S1040, data center audit processing result, and auditing result is fed back to data user or credible meter
Calculate device.
S1050, trust computing device, will when auditing result of the data center to processing result meets setting and pass through condition
The processing result of unlock feeds back to data user.
Technical solution provided in an embodiment of the present invention, trust computing device passes through initiates according to the data user received
Data analysis request, the data in data center are analyzed and processed based on one or more, so generate processing result;By
A large amount of primary data information (pdi) etc., therefore the data safety in order to guarantee data center may be carried in processing result,
After generating processing result, trust computing device can to provide analyze needed for data one or more data centers, at initiation
Manage the audit request of result;The data center for receiving audit request audits processing result, and auditing result is fed back
To data user or trust computing device, trust computing device meets setting in auditing result of the data center to processing result
When passing through condition, the processing result of unlock is just fed back into data user.This programme, by utilizing trust computing device, energy
Enough guarantee that the data in each data center will not be stored in the insincere memory space of other data centers;It can also be achieved number simultaneously
It is handled according to Conjoint Analysis, and ensures the credibility and safety of Data Analysis Services process.In addition, trust computing device to
Before data user's feedback processing result, increases data center to the review process of processing result, number can be further ensured
The convenience of multiparty data audit can be taken into account by condition according to the data safety at center, and using setting.
Embodiment ten
Figure 11 is a kind of flow chart of the data checking method of the decentralization provided in the embodiment of the present invention ten, this implementation
Example is on the basis of the above embodiments, further to optimize.Referring to Figure 11, this method be can specifically include:
S1101, trust computing device receive the data analysis request that data user initiates, wherein trust computing device
Based on hardware realization trusted computation environment.
S1102, trust computing device is according to data analysis request, and the data in data center carry out based on one or more
Analysis processing, to generate processing result.
S1103, trust computing device obtain asymmetrical credible private key and trusted public keys, and using trusted public keys to processing
As a result it is encrypted, to obtain encryption result.
The one or more data for providing and analyzing required data are respectively adopted in credible private key by S1104, trust computing device
The data public key at center is encrypted, by encrypted credible private key and encryption as a result, carrying the audit in processing result
In request, it is sent to corresponding data center.
Wherein, there are corresponding data private key and data public key in each data center.
S1105, data center use the credible private key after the data private key pair encryption of oneself to be decrypted, and using credible
Private key pair encryption processing result is decrypted, and audits to the processing result after decryption, and when audit passes through, will be in data
The data private key of the heart feeds back to data user.
S1106, trust computing device obtain the reception state of the data private key of data user feedback, and according to reception shape
State determines the data center that audit passes through.
S1107, trust computing device is by encryption as a result, the data public key of the data center passed through using audit is carried out
Secondary encryption, to obtain secondary encryption result.
Secondary encryption result and credible private key are fed back to data user by S1108, trust computing device.
S1109, data user is unlocked secondary encryption result using credible private key and data private key, to obtain
Take processing result.
Technical solution provided in an embodiment of the present invention can be guaranteed in each data center by utilizing trust computing device
Data will not be stored in the insincere memory space of other data centers;It can also be achieved data aggregate analysis processing simultaneously, and
And ensure the credibility and safety of Data Analysis Services process.In addition, increasing to before data user's feedback processing result
Add the review process of processing result, and provides a kind of credible private key, trusted public keys and data using trust computing device
The data public key at center generates the scheme of audit request, it is ensured that safety of the processing result in transmission process passes for safety
Defeated processing result provides a kind of new approaches.The data public key of the data center passed through simultaneously using audit is to encryption result
Carry out secondary encryption, and secondary encryption result and credible private key fed back into data user so that data user according to
Secondary encryption result is decrypted according to credible private key, received data private key, to obtain processing result, by place
Reason result is encrypted twice, is increased the security level of processing result, is reduced the risk that processing result is leaked.And it adopts
With setting by condition, the convenience of multiparty data audit can be taken into account.
Embodiment 11
Figure 12 is that a kind of data for decentralization that the embodiment of the present invention 11 provides audit the structural schematic diagram of device, should
Device is configured in the calculating equipment of trust computing device, and decentralization provided by the embodiment of the present invention one to six can be performed
Data checking method, have the corresponding functional module of execution method and beneficial effect.Wherein, trust computing device is based on hardware
Realize trusted computation environment, as shown in figure 12, which can specifically include:
Analysis request receiving module 1210, the data analysis request that user initiates for receiving data;
Data read module 1220, for according to data analysis request, data in data center based on one or more
It is analyzed and processed, to generate processing result;
Audit request initiation module 1230, for initiating to the one or more data centers for analyzing required data are provided
The audit of processing result is requested;
Processing result feedback module 1240 passes through item for meeting setting in auditing result of the data center to processing result
When part, the processing result of unlock is fed back into data user.
Technical solution provided in an embodiment of the present invention is asked by the data analysis initiated according to the data user received
It asks, the data in data center are analyzed and processed based on one or more, and then generate processing result;Due in processing result
A large amount of primary data information (pdi) etc., therefore the data safety in order to guarantee data center may be carried, processing result is being generated
Later, the audit request of processing result to the one or more data centers for analyzing required data are provided, can be initiated, and in data
When center passes through condition to the auditing result satisfaction setting of processing result, the processing result of unlock is just fed back into data and is used
Side.This programme can guarantee that the data in each data center will not be stored in other data centers by utilizing trust computing device
Insincere memory space in;Can also be achieved data aggregate analysis processing simultaneously, and ensure Data Analysis Services process can
Letter property and safety.It, can be into addition, increase the review process of processing result to before data user's feedback processing result
One step ensure that the data safety of data center, and can take into account the convenience of multiparty data audit by condition using setting.
Illustratively, data read module 1220 specifically can be used for:
According to data analysis request, from one or more data centers, by least a reading data needed for analysis
To the trusted storage space of trust computing device;
The data of reading are divided based on the parser run in trust computing device according to data analysis request
Analysis processing, to generate processing result, is stored in trusted storage space.
Audit request initiation module 1230 can specifically include:
Encryption result determination unit for obtaining asymmetrical credible private key and trusted public keys, and uses credible public affairs
Key encrypts processing result, to obtain encryption result;
Request transmitting unit is audited, for the one or more for providing and analyzing required data to be respectively adopted by credible private key
The data public key of data center is encrypted, by encrypted credible private key and encryption as a result, carrying in processing result
In audit request, it is sent to corresponding data center, wherein there are corresponding data private key and data public key in each data center.
Illustratively, processing result feedback module 1240 specifically can be used for:
By encryption as a result, the data public key of the data center passed through using audit carries out secondary encryption, to obtain two
Secondary encryption result;
Secondary encryption result and credible private key are fed back into data user;
Wherein, the audit request of processing result is used to indicate data center when audit passes through, by the data private key of oneself
It is sent to data user, so that the data user adopts when the auditing result of processing result meets setting and passes through condition
Secondary encryption result is unlocked with data private key and credible private key.
Illustratively, above-mentioned apparatus can also include:
Reception state obtains module, for by encryption as a result, the data public key of data center passed through using audit
Secondary encryption is carried out, before obtaining secondary encryption result, obtains the reception shape of the data private key of data user feedback
State;
Data center's determining module is audited, if for, by the reception state of data user, determining according to data private key
When the auditing result satisfaction setting of processing result passes through condition, it is determined that data center's audit of feedback data private key passes through
Data center.
Illustratively, reception state obtains module and specifically can be used for:
The reception state of the data private key of data user is read from block chain network, wherein in block chain network
Reception state is that data user reports when receiving data private key or data center is to data user's feedback data
It is reported when private key.
Illustratively, audit request transmitting unit specifically can be also used for:
By credible private key, it is respectively adopted and the data public key progress for the one or more data centers for analyzing required data is provided
Encryption;
By encrypted credible private key and encryption as a result, carrying in the audit request of processing result, and initiate to examine
Core transactions requests are to block chain network, to request block chain node to notify that corresponding data center is audited.
Illustratively, the auditing result of processing result, which meets to set, passes through condition are as follows: audits the first quantity passed through and reaches
The setting ratio or setting range value of second quantity, wherein the first quantity is the data center passed through to processing result audit
Quantity, the second quantity are to provide the quantity at the total data center for analyzing required data.
Illustratively, above-mentioned apparatus can also include:
Negotiate request initiation module, for when receiving data analysis request or before feedback processing result, to offer
One or more data centers of data needed for analyzing initiate setting and are requested by the negotiation of condition, to determine that setting passes through item
Part.
Illustratively, negotiating request initiation module specifically can be used for:
The negotiation transactions requests that setting passes through condition are initiated from block chain network, to request block chain node to offer analysis
One or more data centers of required data initiate setting and are requested by the negotiation of condition, and determine that setting passes through condition;
The setting that processing result is obtained from block chain network passes through condition.
Embodiment 12
Figure 13 is a kind of structural schematic diagram of the data acquisition facility for decentralization that the embodiment of the present invention 12 provides, should
Device is configured in data user, and the data recipient of decentralization provided by the embodiment of the present invention seven to eight can be performed
Method has the corresponding functional module of execution method and beneficial effect.As shown in figure 13, which can specifically include:
Analysis request initiation module 1310, for initiating data analysis request to trust computing device, wherein data analysis
The request data that data center stores based on one or more, are analyzed by trust computing device, to generate processing result;
Processing result obtains module 1320, passes through item for meeting setting in auditing result of the data center to processing result
When part, the processing result of unlock is obtained from trust computing device.
Technical solution provided in an embodiment of the present invention, data user, can be to credible meters when with data analysis requirements
It calculates device and initiates data analysis request, so that the data analysis that trust computing device is initiated according to the data user received is asked
It asks, at least a data needed for analysis can be read from one or more data centers, and according to the data analysis request pair
The data read from one or more data centers are analyzed and processed, and generate processing result, and in data center to processing
As a result when auditing result satisfaction setting passes through condition, the processing result of unlock is just fed back into data user, and then data
User can obtain from trust computing device and solve when auditing result of the data center to processing result meets setting and pass through condition
The processing result of lock.This programme can guarantee that the data in each data center will not be stored in it by utilizing trust computing device
In the insincere memory space of his data center;It can also be achieved data aggregate analysis processing simultaneously, and ensure at data analysis
The credibility and safety of reason process.In addition, increasing the audit of processing result to before data user's feedback processing result
Process can further ensure the data safety of data center, and can take into account multiparty data audit by condition using setting
Convenience.
Illustratively, processing result obtains module 1320 and specifically can be used for:
The data private key for indicating that audit passes through is obtained from the one or more data centers for analyzing required data are provided;
Secondary encryption result and credible private key are obtained from trust computing device, wherein secondary encryption result is
Using the trusted public keys of trust computing device, and audit the secondary encryption acquisition of data public key progress of the data center passed through
's;
When the data private key of acquisition reaches setting and passes through condition, using credible private key and data private key to secondary encryption at
Reason result is unlocked, to obtain processing result.
Illustratively, above-mentioned apparatus can also include:
Reception state feedback module, one or more data centers for the data needed for providing analysis, which obtain, to be indicated to examine
While the data private key that core passes through, the reception state for the data private key that data center provides will be received, feed back to trust computing
Device.
Illustratively, reception state feedback module specifically can be used for:
The reception state for the data private key that data center provides will be received, block chain network is reported to, for trust computing
Device is inquired.
Illustratively, the auditing result of processing result, which meets to set, passes through condition are as follows: audits the first quantity passed through and reaches
The setting ratio or setting range value of second quantity, wherein the first quantity is the data center passed through to processing result audit
Quantity, the second quantity are to provide the quantity at the total data center for analyzing required data.
Embodiment 13
Figure 14 is a kind of structural schematic diagram for trust computing device that the embodiment of the present invention 13 provides.Figure 14 shows suitable
In the block diagram for the exemplary trusted computing device 1312 for being used to realize embodiment of the present invention.The trust computing device that Figure 14 is shown
1412 be only an example, should not function to the embodiment of the present invention and use scope bring any restrictions.Optionally, credible
Computing device typical case can be calculating equipment.
As shown in figure 14, trust computing device 1412 is showed in the form of universal computing device.Trust computing device 1412
Component can include but is not limited to: one or more processor or processing unit 1416, one or more memories
1428, connect the bus 1418 of different system components (including memory 1428 and processing unit 1416).Wherein, one or more
A processor or processing unit 1416 and memory 1428 are realized based on reliable computing technology;Memory 1428 can be used as credible
Memory space, memory 1428 preferably cache.
Bus 1418 indicates one of a few class bus structures or a variety of, including memory bus or memory control
Device, peripheral bus, graphics acceleration port, processor or total using the local of any bus structures in a variety of bus structures
Line.For example, these architectures include but is not limited to industry standard architecture (ISA) bus, microchannel architecture
(MAC) bus, enhanced isa bus, Video Electronics Standards Association (VESA) local bus and peripheral component interconnection (PCI) are total
Line.
Trust computing device 1412 typically comprises a variety of computer system readable media.These media can be any energy
Enough usable mediums accessed by trust computing device 1412, including volatile and non-volatile media, it is movably and not removable
Dynamic medium.
Memory 1428 may include the computer system readable media of form of volatile memory, such as arbitrary access is deposited
Reservoir (RAM) 1430 and/or cache memory 1432.Trust computing device 1412 may further include other removable
Dynamic/immovable, volatile/non-volatile computer system storage medium.Only as an example, storage system 1434 can be used
In reading and writing immovable, non-volatile magnetic media (Figure 14 do not show, commonly referred to as " hard disk drive ").Although in Figure 14 not
It shows, the disc driver for reading and writing to removable non-volatile magnetic disk (such as " floppy disk ") can be provided, and to removable
The CD drive of dynamic anonvolatile optical disk (such as CD-ROM, DVD-ROM or other optical mediums) read-write.In these situations
Under, each driver can be connected by one or more data media interfaces with bus 1418.Can memory 1428 can be with
Including at least one program product, which has one group of (for example, at least one) program module, these program module quilts
It configures to execute the function of various embodiments of the present invention.
Program/utility 1440 with one group of (at least one) program module 1442 can store and for example store
In device 1428, such program module 1442 includes but is not limited to operating system, one or more application program, other programs
It may include the realization of network environment in module and program data, each of these examples or certain combination.Program mould
Block 1442 usually executes function and/or method in embodiment described in the invention.
Trust computing device 1412 can also be with one or more external equipments 1414 (such as keyboard, sensing equipment, display
Device 1424 etc.) communication, the equipment interacted with the trust computing device 1412 communication can be also enabled a user to one or more,
And/or with enable the trust computing device 1412 and one or more of the other any equipment (example for being communicated of calculating equipment
Such as network interface card, modem etc.) communication.This communication can be carried out by input/output (I/O) interface 1422.Also, it can
Believe that computing device 1312 can also be by network adapter 1420 and one or more network (such as local area network (LAN), wide area
Net (WAN) and/or public network, such as internet) communication.As shown, network adapter 1420 passes through bus 1418 and can
Believe other modules communication of computing device 1412.It should be understood that although not shown in the drawings, trust computing device 1412 can be combined
Using other hardware and/or software module, including but not limited to: microcode, device driver, redundant processing unit, external magnetic
Dish driving array, RAID system, tape drive and data backup storage system etc..
Processing unit 1416 by the program that is stored in memory 1428 of operation, thereby executing various function application and
Data processing, such as realize the data checking method of decentralization provided by the embodiment of the present invention.
Embodiment 14
Figure 15 is a kind of structural schematic diagram for equipment that the embodiment of the present invention 14 provides.Figure 15, which is shown, to be suitable for being used in fact
The block diagram of the example devices 1512 of existing embodiment of the present invention.The equipment 1512 that Figure 15 is shown is only an example, is not answered
Any restrictions are brought to the function and use scope of the embodiment of the present invention.1512 typical case of equipment can be carrying data user function
The calculating equipment of energy.
As shown in figure 15, equipment 1512 is showed in the form of universal computing device.If 1512 component may include but not
Be limited to: one or more processor or processing unit 1516, memory 1528 connect (including the storage of different system components
Device 1528 and processing unit 1516) bus 1518.
Bus 1518 indicates one of a few class bus structures or a variety of, including memory bus or memory control
Device, peripheral bus, graphics acceleration port, processor or total using the local of any bus structures in a variety of bus structures
Line.For example, these architectures include but is not limited to industry standard architecture (ISA) bus, microchannel architecture
(MAC) bus, enhanced isa bus, Video Electronics Standards Association (VESA) local bus and peripheral component interconnection (PCI) are total
Line.
Equipment 1512 typically comprises a variety of computer system readable media.These media can be it is any can be by equipment
The usable medium of 1512 access, including volatile and non-volatile media, moveable and immovable medium.
Memory 1528 may include the computer system readable media of form of volatile memory, such as arbitrary access is deposited
Reservoir (RAM) 1530 and/or cache memory 1532.Equipment 1512 may further include other removable/not removable
Dynamic, volatile/non-volatile computer system storage medium.Only as an example, storage system 1534 can be used for reading and writing not
Movably, non-volatile magnetic media (Figure 15 do not show, commonly referred to as " hard disk drive ").It, can although being not shown in Figure 15
To provide the disc driver for reading and writing to removable non-volatile magnetic disk (such as " floppy disk "), and it is non-volatile to moving
Property CD (such as CD-ROM, DVD-ROM or other optical mediums) read and write CD drive.In these cases, each drive
Dynamic device can be connected by one or more data media interfaces with bus 1518.Memory 1528 may include at least one
Program product, the program product have one group of (for example, at least one) program module, these program modules are configured to perform this
Invent the function of each embodiment.
Program/utility 1540 with one group of (at least one) program module 1542 can store and for example store
In device 1528, such program module 1542 includes but is not limited to operating system, one or more application program, other programs
It may include the realization of network environment in module and program data, each of these examples or certain combination.Program mould
Block 1542 usually executes function and/or method in embodiment described in the invention.
Equipment 1512 can also be with one or more external equipments 1514 (such as keyboard, sensing equipment, display 1524
Deng) communication, can also be enabled a user to one or more equipment interact with the equipment 1512 communicate, and/or with make this
Any equipment (such as network interface card, modem etc.) that equipment 1512 can be communicated with one or more of the other calculating equipment
Communication.This communication can be carried out by input/output (I/O) interface 1522.Also, equipment 1512 can also be suitable by network
Orchestration 1520 and one or more network (such as local area network (LAN), wide area network (WAN) and/or public network, such as because of spy
Net) communication.As shown, network adapter 1520 is communicated by bus 1518 with other modules of equipment 1512.It should be understood that
Although not shown in the drawings, other hardware and/or software module can be used with bonding apparatus 1512, including but not limited to: microcode,
Device driver, redundant processing unit, external disk drive array, RAID system, tape drive and data backup storage
System etc..
Processing unit 1516 by the program that is stored in memory 1528 of operation, thereby executing various function application and
Data processing, such as realize the data capture method of decentralization provided by the embodiment of the present invention.
Embodiment 15
Figure 16 is a kind of data auditing system structural schematic diagram of the decentralization provided in the embodiment of the present invention 15.It should
System 1600 can realize the data checking method of the decentralization of any embodiment of that present invention, specifically, the system 1600 can be with
It include: multiple data centers 1610, and one or more trust computing devices 1620.Wherein, each data center 1610
Privately owned memory space is for storing data;Trust computing device 1620 is using trust computing device described in embodiment 13.
Illustratively, data center 1610 is deployed in individual physical devices;
Trust computing device 1620 is deployed in the physical equipment of any one or more data centers 1610 or credible meter
Device 1620 is calculated to be deployed in other physical equipments independently of data center 1610.
Specifically, trust computing device 1620, can be used for receiving the data analysis request of data user initiation,
In, trust computing device is based on hardware realization trusted computation environment;According to data analysis request, based on one or more in data
Data in the heart are analyzed and processed, to generate processing result;It is backward provide analyze needed for data one or more data
The audit request of processing result is initiated at center;
Data center 1610 can be used for auditing processing result, and auditing result is fed back to data user
Or trust computing device;
Trust computing device 1620 can be also used for meeting to set in auditing result of the data center to processing result passing through
When condition, the processing result of unlock is fed back into data user.
As a kind of preferred embodiment of the invention, trust computing device 1620 be can be also used for:
Asymmetrical credible private key and trusted public keys are obtained, and the processing result is encrypted using trusted public keys,
To obtain encryption result;
Credible private key is respectively adopted and provides the one or more data centers for analyzing required data by trust computing device
Data public key is encrypted, by encrypted credible private key with the encryption as a result, carrying is asked in the audit of processing result
In asking, it is sent to corresponding data center, wherein there are corresponding data private key and data public key in each data center.
Data center 1610 can be also used for:
It is decrypted using the credible private key after oneself data private key pair encryption, and is handled using credible private key pair encryption
As a result it is decrypted, the processing result after decryption is audited, and when audit passes through, the data private key of data center is anti-
Data of feeding user.
Further, trust computing device 1620 can be also used for:
The reception state of the data private key of data user feedback is obtained, and the number that audit passes through is determined according to reception state
According to center;
Trust computing device is by encryption as a result, the data public key of the data center passed through using audit carries out secondary add
It is close, to obtain secondary encryption result;
Secondary encryption result and credible private key are fed back to data user by trust computing device;
Data user is unlocked secondary encryption result using credible private key and data private key, to obtain processing
As a result.
Technical solution provided in an embodiment of the present invention can be guaranteed in each data center by utilizing trust computing device
Data will not be stored in the insincere memory space of other data centers;It can also be achieved data aggregate analysis processing simultaneously, and
And ensure the credibility and safety of Data Analysis Services process.In addition, increasing to before data user's feedback processing result
Add the review process of processing result, and provides a kind of credible private key, trusted public keys and data using trust computing device
The data public key at center generates the scheme of audit request, it is ensured that safety of the processing result in transmission process passes for safety
Defeated processing result provides a kind of new approaches.The data public key of the data center passed through simultaneously using audit is to encryption result
Carry out secondary encryption, and secondary encryption result and credible private key fed back into data user so that data user according to
Secondary encryption result is decrypted according to credible private key, received data private key, to obtain processing result, by place
Reason result is encrypted twice, is increased the security level of processing result, is reduced the risk that processing result is leaked.And it adopts
With setting by condition, the convenience of multiparty data audit can be taken into account.
Embodiment 16
The embodiment of the present invention 16 additionally provides a kind of computer readable storage medium, is stored thereon with computer program,
The program can realize data audit and the/acquisition methods of decentralization described in above-mentioned any embodiment when being executed by processor.
The computer readable storage medium can be configured on data user, can also be configured on trust computing device.
The computer storage medium of the embodiment of the present invention, can be using any of one or more computer-readable media
Combination.Computer-readable medium can be computer-readable signal media or computer readable storage medium.It is computer-readable
Storage medium for example may be-but not limited to-the system of electricity, magnetic, optical, electromagnetic, infrared ray or semiconductor, device or
Device, or any above combination.The more specific example (non exhaustive list) of computer readable storage medium includes: tool
There are electrical connection, the portable computer diskette, hard disk, random access memory (RAM), read-only memory of one or more conducting wires
(ROM), erasable programmable read only memory (EPROM or flash memory), optical fiber, portable compact disc read-only memory (CD-
ROM), light storage device, magnetic memory device or above-mentioned any appropriate combination.In this document, computer-readable storage
Medium can be any tangible medium for including or store program, which can be commanded execution system, device or device
Using or it is in connection.
Computer-readable signal media may include in a base band or as carrier wave a part propagate data-signal,
Wherein carry computer-readable program code.The data-signal of this propagation can take various forms, including but unlimited
In electromagnetic signal, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be that computer can
Any computer-readable medium other than storage medium is read, which can send, propagates or transmit and be used for
By the use of instruction execution system, device or device or program in connection.
The program code for including on computer-readable medium can transmit with any suitable medium, including --- but it is unlimited
In wireless, electric wire, optical cable, RF etc. or above-mentioned any appropriate combination.
The computer for executing operation of the present invention can be write with one or more programming languages or combinations thereof
Program code, described program design language include object oriented program language-such as Java, Smalltalk, C++,
Further include conventional procedural programming language-such as " C " language or similar programming language.Program code can be with
It fully executes, partly execute on the user computer on the user computer, being executed as an independent software package, portion
Divide and partially executes or executed on a remote computer or server completely on the remote computer on the user computer.?
Be related in the situation of remote computer, remote computer can pass through the network of any kind --- including local area network (LAN) or
Wide area network (WAN)-be connected to subscriber computer, or, it may be connected to outer computer (such as mentioned using Internet service
It is connected for quotient by internet).
Note that the above is only a better embodiment of the present invention and the applied technical principle.It will be appreciated by those skilled in the art that
The invention is not limited to the specific embodiments described herein, be able to carry out for a person skilled in the art it is various it is apparent variation,
It readjusts and substitutes without departing from protection scope of the present invention.Therefore, although being carried out by above embodiments to the present invention
It is described in further detail, but the present invention is not limited to the above embodiments only, without departing from the inventive concept, also
It may include more other equivalent embodiments, and the scope of the invention is determined by the scope of the appended claims.
Claims (25)
1. a kind of data checking method of decentralization, which is characterized in that executed by trust computing device, the trust computing dress
It sets based on hardware realization trusted computation environment, which comprises
Receive the data analysis request that data user initiates;
According to the data analysis request, the data in data center are analyzed and processed based on one or more, to generate place
Manage result;
To the one or more data centers for analyzing required data are provided, the audit request of the processing result is initiated;
When auditing result of the data center to the processing result meets setting and pass through condition, the processing result of unlock is fed back
To the data user.
2. the method according to claim 1, wherein according to the data analysis request, based on one or more
Data in data center are analyzed and processed, to generate processing result, comprising:
According to the data analysis request, from one or more data centers, by least a reading data needed for analysis
To the trusted storage space of the trust computing device;
According to the data analysis request, based on the parser run in the trust computing device, to the data of reading into
Row analysis processing, to generate processing result, is stored in the trusted storage space.
3. the method according to claim 1, wherein to providing in the one or more data for analyzing required data
The heart initiates the audit request of the processing result, comprising:
Asymmetrical credible private key and trusted public keys are obtained, and the processing result is encrypted using the trusted public keys,
To obtain encryption result;
By the credible private key, it is respectively adopted and the data public key progress for the one or more data centers for analyzing required data is provided
Encryption is sent by encrypted credible private key and the encryption as a result, carrying in the audit request of the processing result
To corresponding data center, wherein there are corresponding data private key and data public key in each data center.
4. according to the method described in claim 3, it is characterized in that, full in auditing result of the data center to the processing result
When foot setting passes through condition, the processing result of unlock is fed back into the data user, comprising:
By the encryption as a result, the data public key of the data center passed through using audit carries out secondary encryption, to obtain two
Secondary encryption result;
The secondary encryption result and the credible private key are fed back into the data user;
Wherein, the audit request of the processing result is used to indicate the data center when audit passes through, by the data of oneself
Private key is sent to the data user, for the data user, meets setting in the auditing result of the processing result
When passing through condition, secondary encryption result is unlocked using the data private key and the credible private key.
5. according to the method described in claim 4, it is characterized in that, by the encryption as a result, the number passed through using audit
Secondary encryption is carried out according to the data public key at center, before obtaining secondary encryption result, further includes:
Obtain the reception state of the data private key of the data user feedback;
If determining the auditing result of the processing result by the reception state of the data user according to the data private key
When satisfaction setting passes through condition, it is determined that the data center of feedback data private key is the data center that audit passes through.
6. according to the method described in claim 5, it is characterized in that, obtaining connecing for the data private key of the data user feedback
Receipts state, comprising:
The reception state of the data private key of the data user is read from block chain network, wherein the block chain network
On the reception state data user reported when receiving data private key or the data center is to the number
It is reported when according to user's feedback data private key.
7. according to the method described in claim 3, it is characterized in that, the credible private key is respectively adopted needed for offer analysis
The data public key of one or more data centers of data is encrypted, by encrypted credible private key and the encryption knot
Fruit carries in the audit request of the processing result, is sent to corresponding data center, comprising:
By the credible private key, it is respectively adopted and the data public key progress for the one or more data centers for analyzing required data is provided
Encryption;
By encrypted credible private key and the encryption as a result, carrying in the audit request of the processing result, concurrently
Audit transactions requests are played to block chain network, to request block chain node to notify that corresponding data center is audited.
8. -7 any method according to claim 1, which is characterized in that the auditing result of the processing result meets setting
Pass through condition are as follows: audit setting ratio or setting range value that the first quantity passed through reaches the second quantity, wherein the first quantity
Quantity for the data center passed through to processing result audit, the second quantity are to provide the total data for analyzing required data
The quantity at center.
9. the method according to claim 1, wherein when receiving the data analysis request or described in feedback
Before processing result, further includes:
To the one or more data centers for analyzing required data are provided, initiates the setting and requested by the negotiation of condition, with
Determine that the setting passes through condition.
10. according to the method described in claim 9, it is characterized in that, to the one or more data for analyzing required data are provided
Center is initiated the setting and is requested by the negotiation of condition, passes through condition with the determination setting, comprising:
The negotiation transactions requests that the setting passes through condition are initiated from block chain network, to request block chain node to offer analysis
One or more data centers of required data initiate the setting and are requested by the negotiation of condition, and determine that the setting is logical
Cross condition;
The setting that the processing result is obtained from the block chain network passes through condition.
11. a kind of data capture method of decentralization, which is characterized in that by data, user is executed, which comprises
Data analysis request is initiated to trust computing device, wherein the data analysis request is based on one or more in data
The data for feeling storage are analyzed by the trust computing device, to generate processing result;
When auditing result of the data center to the processing result meets setting and pass through condition, obtained from the trust computing device
Take the processing result of unlock.
12. according to the method for claim 11, which is characterized in that in data center to the auditing result of the processing result
When satisfaction setting passes through condition, the processing result of unlock is obtained from the trust computing device, comprising:
The data private key for indicating that audit passes through is obtained from the one or more data centers for analyzing required data are provided;
Secondary encryption result and credible private key are obtained from the trust computing device, wherein the secondary encryption knot
Fruit is the trusted public keys using the trust computing device, and the data public key of data center that passes through of audit carry out it is secondary plus
Close acquisition;
When the data private key of acquisition reaches setting and passes through condition, using the credible private key and data private key to described secondary plus
Close processing result is unlocked, to obtain processing result.
13. according to the method for claim 12, which is characterized in that one or more data of the data needed for providing analysis
Center obtains while indicating the data private key that audit passes through, further includes:
The reception state for the data private key that data center provides will be received, feeds back to the trust computing device.
14. according to the method for claim 13, which is characterized in that the reception for the data private key that data center provides will be received
State feeds back to the trust computing device, comprising:
The reception state for the data private key that data center provides will be received, block chain network is reported to, for the trust computing
Device is inquired.
15. according to the method for claim 11, which is characterized in that the auditing result of the processing result meets setting and passes through
Condition are as follows: audit setting ratio or setting range value that the first quantity passed through reaches the second quantity, wherein the first quantity is pair
The quantity for the data center that the processing result audit passes through, the second quantity are to provide the total data center for analyzing required data
Quantity.
16. a kind of data checking method of decentralization characterized by comprising
Trust computing device receives the data analysis request that data user initiates, wherein the trust computing device is based on hard
Part realizes trusted computation environment;
The trust computing device is according to the data analysis request, and the data in data center are divided based on one or more
Analysis processing, to generate processing result;
The trust computing device analyzes one or more data centers of required data to providing, and initiates the processing result
Audit request;
The data center audits the processing result, and auditing result is fed back to the data user or described
Trust computing device;
The trust computing device will be solved when auditing result of the data center to the processing result meets setting and pass through condition
The processing result of lock feeds back to the data user.
17. according to the method for claim 16, it is characterised in that:
The trust computing device analyzes one or more data centers of required data to providing, and initiates the processing result
Audit request, comprising:
The trust computing device obtains asymmetrical credible private key and trusted public keys, and using the trusted public keys to the place
Reason result is encrypted, to obtain encryption result;
The credible private key is respectively adopted and is provided in the one or more data for analyzing required data by the trust computing device
The data public key of the heart is encrypted, by encrypted credible private key and the encryption as a result, carrying in the processing result
Audit request in, be sent to corresponding data center, wherein each data center has corresponding data private key and data public
Key;
The data center audits the processing result, and auditing result is fed back to the data user, comprising:
The data center is decrypted the encrypted credible private key using the data private key of oneself, and can described in use
The encryption result is decrypted in letter private key, audits to the processing result after decryption, and when audit passes through, will
The data private key of the data center feeds back to the data user;
The trust computing device will be solved when auditing result of the data center to the processing result meets setting and pass through condition
The processing result of lock feeds back to the data user, comprising:
The trust computing device obtains the reception state of the data private key of the data user feedback, and according to the reception
State determines the data center that audit passes through;
The trust computing device is by the encryption as a result, the data public key of the data center passed through using audit carries out two
Secondary encryption, to obtain secondary encryption result;
The secondary encryption result and the credible private key are fed back to the data user by the trust computing device;
The data user is unlocked the secondary encryption result using the credible private key and data private key, with
Obtain processing result.
18. according to the method for claim 17, it is characterised in that: the auditing result of the processing result meets setting and passes through
Condition are as follows: audit setting ratio or setting range value that the first quantity passed through reaches the second quantity, wherein the first quantity is pair
The quantity for the data center that the processing result audit passes through, the second quantity are to provide the total data center for analyzing required data
Quantity.
19. a kind of data of decentralization audit device, which is characterized in that be configured in trust computing device, the credible meter
It calculates device and is based on hardware realization trusted computation environment, described device includes:
Analysis request receiving module, the data analysis request that user initiates for receiving data;
Data read module, for being divided from the data in one or more data centers according to the data analysis request
Analysis processing, to generate processing result;
Audit request initiation module, for initiating the processing to the one or more data centers for analyzing required data are provided
As a result audit request;
Processing result feedback module passes through condition for meeting setting in auditing result of the data center to the processing result
When, the processing result of unlock is fed back into the data user.
20. a kind of data acquisition facility of decentralization, which is characterized in that be configured in data user, described device includes:
Analysis request initiation module, for initiating data analysis request to trust computing device, wherein the data analysis request
The data of data center's storage based on one or more, are analyzed by the trust computing device, to generate processing result;
Processing result obtains module, passes through condition for meeting setting in auditing result of the data center to the processing result
When, the processing result of unlock is obtained from the trust computing device.
21. a kind of trust computing device characterized by comprising
One or more processors;
One or more memories, for storing one or more programs, wherein the processor and the memory are based on can
Believe that computing technique is realized;
When one or more of programs are executed by one or more of processors, so that one or more of processors are real
The now data checking method of the decentralization as described in any in claim 1-10.
22. a kind of equipment characterized by comprising
One or more processors;
Memory, for storing one or more programs;
When one or more of programs are executed by one or more of processors, so that one or more of processors are real
The now data capture method of the decentralization as described in any one of claim 11-15.
23. a kind of data auditing system of decentralization characterized by comprising
Multiple data centers, the privately owned memory space of each data center is for storing data;
One or more trust computing devices, the trust computing device is using trust computing device described in claim 21.
24. system according to claim 23, which is characterized in that
The data center section is deployed in individual physical devices;
The trust computing device is deployed in the physical equipment of any one or more data centers or the credible meter
Device is calculated to be deployed in other physical equipments independently of the data center section.
25. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the program is by processor
The data checking method of the decentralization as described in any in claim 1-10 is realized when execution, or realizes claim
The data capture method of decentralization described in any one of 11-15, or realize as described in any in claim 16-18
The data checking method of decentralization.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910357680.5A CN110070300B (en) | 2019-04-29 | 2019-04-29 | Data auditing and acquiring method, device, system, equipment and medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910357680.5A CN110070300B (en) | 2019-04-29 | 2019-04-29 | Data auditing and acquiring method, device, system, equipment and medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110070300A true CN110070300A (en) | 2019-07-30 |
CN110070300B CN110070300B (en) | 2022-08-05 |
Family
ID=67369617
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910357680.5A Active CN110070300B (en) | 2019-04-29 | 2019-04-29 | Data auditing and acquiring method, device, system, equipment and medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110070300B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110874487A (en) * | 2019-11-15 | 2020-03-10 | 北京百度网讯科技有限公司 | Data processing method and device, electronic equipment and storage medium |
CN111461884A (en) * | 2020-03-31 | 2020-07-28 | 杭州溪塔科技有限公司 | Trusted computing service sharing method, device and system based on block chain |
WO2022256993A1 (en) * | 2021-06-07 | 2022-12-15 | Huawei Technologies Co.,Ltd. | Systems and methods for supporting network-based computing services |
WO2023029414A1 (en) * | 2021-08-30 | 2023-03-09 | 华为云计算技术有限公司 | Data analysis method and apparatus |
Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1482760A2 (en) * | 2003-01-21 | 2004-12-01 | TeliaSonera Finland Oyj | A method and a system for transferring an electronic service in a communication network to a terminal |
CN102624740A (en) * | 2012-03-30 | 2012-08-01 | 奇智软件(北京)有限公司 | Data interaction method, client and server |
CN106682520A (en) * | 2016-11-17 | 2017-05-17 | 精硕科技(北京)股份有限公司 | Data exchange method and system |
CN107222482A (en) * | 2017-06-01 | 2017-09-29 | 黑龙江卓亚科技有限公司 | A kind of data management system and method based on compound block chain network |
CN107835182A (en) * | 2017-11-16 | 2018-03-23 | 重庆忠昇数据处理服务有限公司 | Electronic Prescription System and processing method based on block chain |
CN108364223A (en) * | 2017-12-29 | 2018-08-03 | 阿里巴巴集团控股有限公司 | A kind of method and device of Data Audit |
CN108737416A (en) * | 2018-05-16 | 2018-11-02 | 北京握奇智能科技有限公司 | Trusted application management method and trusted application management server |
CN108763929A (en) * | 2018-05-16 | 2018-11-06 | 有时数联科技(北京)有限公司 | A kind of method and system for data and application to be carried out with parallel security audit |
CN109146635A (en) * | 2018-08-24 | 2019-01-04 | 华东师范大学 | The exchange of geographical big data and transaction system and method based on block chain |
CN109284974A (en) * | 2018-08-30 | 2019-01-29 | 西交利物浦大学 | A kind of checking method based on block chain, device, audit equipment and storage medium |
CN109525573A (en) * | 2018-11-08 | 2019-03-26 | 安徽太阳石科技有限公司 | Data safety sharing method and its system based on block chain |
CN109634619A (en) * | 2018-11-23 | 2019-04-16 | 试金石信用服务有限公司 | Credible performing environment implementation method and device, terminal device, readable storage medium storing program for executing |
CN109660358A (en) * | 2019-01-08 | 2019-04-19 | 余炀 | A kind of data circulation method based on block chain and secure execution environments |
-
2019
- 2019-04-29 CN CN201910357680.5A patent/CN110070300B/en active Active
Patent Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1482760A2 (en) * | 2003-01-21 | 2004-12-01 | TeliaSonera Finland Oyj | A method and a system for transferring an electronic service in a communication network to a terminal |
CN102624740A (en) * | 2012-03-30 | 2012-08-01 | 奇智软件(北京)有限公司 | Data interaction method, client and server |
CN106682520A (en) * | 2016-11-17 | 2017-05-17 | 精硕科技(北京)股份有限公司 | Data exchange method and system |
CN107222482A (en) * | 2017-06-01 | 2017-09-29 | 黑龙江卓亚科技有限公司 | A kind of data management system and method based on compound block chain network |
CN107835182A (en) * | 2017-11-16 | 2018-03-23 | 重庆忠昇数据处理服务有限公司 | Electronic Prescription System and processing method based on block chain |
CN108364223A (en) * | 2017-12-29 | 2018-08-03 | 阿里巴巴集团控股有限公司 | A kind of method and device of Data Audit |
CN108737416A (en) * | 2018-05-16 | 2018-11-02 | 北京握奇智能科技有限公司 | Trusted application management method and trusted application management server |
CN108763929A (en) * | 2018-05-16 | 2018-11-06 | 有时数联科技(北京)有限公司 | A kind of method and system for data and application to be carried out with parallel security audit |
CN109146635A (en) * | 2018-08-24 | 2019-01-04 | 华东师范大学 | The exchange of geographical big data and transaction system and method based on block chain |
CN109284974A (en) * | 2018-08-30 | 2019-01-29 | 西交利物浦大学 | A kind of checking method based on block chain, device, audit equipment and storage medium |
CN109525573A (en) * | 2018-11-08 | 2019-03-26 | 安徽太阳石科技有限公司 | Data safety sharing method and its system based on block chain |
CN109634619A (en) * | 2018-11-23 | 2019-04-16 | 试金石信用服务有限公司 | Credible performing environment implementation method and device, terminal device, readable storage medium storing program for executing |
CN109660358A (en) * | 2019-01-08 | 2019-04-19 | 余炀 | A kind of data circulation method based on block chain and secure execution environments |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110874487A (en) * | 2019-11-15 | 2020-03-10 | 北京百度网讯科技有限公司 | Data processing method and device, electronic equipment and storage medium |
CN110874487B (en) * | 2019-11-15 | 2022-09-02 | 北京百度网讯科技有限公司 | Data processing method and device, electronic equipment and storage medium |
CN111461884A (en) * | 2020-03-31 | 2020-07-28 | 杭州溪塔科技有限公司 | Trusted computing service sharing method, device and system based on block chain |
WO2022256993A1 (en) * | 2021-06-07 | 2022-12-15 | Huawei Technologies Co.,Ltd. | Systems and methods for supporting network-based computing services |
WO2023029414A1 (en) * | 2021-08-30 | 2023-03-09 | 华为云计算技术有限公司 | Data analysis method and apparatus |
Also Published As
Publication number | Publication date |
---|---|
CN110070300B (en) | 2022-08-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110070300A (en) | Data audit and acquisition methods, device, system, equipment and medium | |
CN109635585B (en) | Method, proxy node and medium for querying transaction information in blockchain network | |
CN111770073B (en) | Block chain technology-based fog network unloading decision and resource allocation method | |
EP3828800A1 (en) | Method for recording data block in block chain network, accounting node, and medium | |
CN110083610A (en) | Data processing method, device, system, trust computing device, equipment and medium | |
CN110851496B (en) | Method, apparatus, accounting node and medium for querying transaction information in blockchain network | |
CN109255255A (en) | Data processing method, device, equipment and storage medium based on block chain | |
KR20220119574A (en) | User device and electronic device for sharing data based on block chain and homomorphic encryption technology and methods thereof | |
CN109937420B (en) | De-identified distributed bridging network platform | |
US20170277909A1 (en) | Cryptographically provable zero-knowledge content distribution network | |
CN108062671A (en) | Data trade method, block chain node server and data submit terminal | |
CN109002487A (en) | A kind of post-processing approach based on copyright registration information, device, equipment and medium | |
US20170178263A1 (en) | Multimedia content player with digital rights management while maintaining privacy of users | |
US20180019873A1 (en) | System and method of cryptographically provable zero knowledge social networking | |
CN109543441A (en) | Database authorization method, device, computer equipment and storage medium | |
CN103401894B (en) | A kind of Streaming Media DRM cloud service system and implementation method of B/S framework | |
WO2022062399A1 (en) | Blockchain network-based diagnosis method and apparatus, and blockchain network system | |
CN110096542A (en) | Data verification processing method, device, system and the medium of decentralization | |
CN109002349A (en) | Application program exchange method, implementation method, device, equipment and medium | |
CN109815659A (en) | Safety certifying method, device, electronic equipment and storage medium based on WEB project | |
CN115473638A (en) | Quantum key encryption and decryption methods and systems | |
CN111049806A (en) | Joint authority control method and device, electronic equipment and storage medium | |
CN109985390B (en) | Virtual asset management method and system | |
CN113612766A (en) | Data management device, method, computer equipment and storage medium | |
CN108200450A (en) | A kind of determining method, apparatus, electronic equipment and medium for paying close attention to legitimacy |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |