CN110213268A - A kind of data processing method, data processing equipment and computer system - Google Patents
A kind of data processing method, data processing equipment and computer system Download PDFInfo
- Publication number
- CN110213268A CN110213268A CN201910472247.6A CN201910472247A CN110213268A CN 110213268 A CN110213268 A CN 110213268A CN 201910472247 A CN201910472247 A CN 201910472247A CN 110213268 A CN110213268 A CN 110213268A
- Authority
- CN
- China
- Prior art keywords
- key
- node
- private data
- data
- target private
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Abstract
The present disclosure discloses a kind of data processing method, data processing equipment and computer systems, applied to block chain network, the block chain network includes multiple nodes, and the data processing method includes: to obtain target private data, and first key corresponding with target private data is arranged;First key is distributed to destination node, destination node is the node for meeting access target private data, and the quantity of destination node is less than or equal to the node in block chain network.The disclosure realizes the only accessible target private data of destination node, improves the secret protection of block chain data by the way that first key corresponding with target private data is distributed to destination node.
Description
Technical field
This disclosure relates to electronic technology field more particularly to a kind of data processing method, data processing equipment and computer
System.
Background technique
Block chain technology, target are to realize the distributed reliable memory of data.When block chain implements, data are in net
It is stored on multinode using increment type in network, and true by secure hash function (Secure Hash Algorithm, SHA)
It has protected can not distorting for chain data, one that data store on each node is realized by common recognition algorithm and the network transmission protocol
Cause property.
Block chain can be generally divided into publicly-owned chain and license chain, wherein license chain again can according to data maintenance side whether be
Single individual is divided into alliance's chain and privately owned chain.
Data on publicly-owned chain disclose it is shared, and inside license chain, although data are shared, the information wherein protected
Often according to business demand, maintain secrecy to certain participants openings to other participants.
In secret protection field, GDPR (the General Data Protection proposed with European Union 2018
Regulation, " general data conservation regulation ") demand, also proposed to the owning side of data must provide wanting for secret protection
It asks.
Therefore, the secret protection for how effectively realizing block chain is a urgent problem to be solved.
Summary of the invention
In view of this, the disclosure provides the following technical solutions:
A kind of data processing method is applied to block chain network, and the block chain network includes multiple nodes, the method
Include:
Obtain target private data;
First key corresponding with the target private data is set;
The first key is distributed to destination node, the destination node is to meet to access the target private data
Node, the quantity of the destination node are less than or equal to the node in the block chain network.
Preferably, the method, further includes:
The corresponding target private data is encrypted based on the first key, obtains encryption data;
The encryption data is sent to the block chain network, described will be added by each node in the block chain network
Ciphertext data is stored in block chain.
Preferably, setting first key corresponding with the target private data includes:
Second key is set;
Secondary encryption is carried out to second key, obtains the first key corresponding with the target private data.
Preferably, the second key of the setting, comprising:
Based on cipher key combinations, second key corresponding with the target private data is set.
Preferably, described that secondary encryption is carried out to second key, obtain institute corresponding with the target private data
State first key, comprising:
Secondary encryption is carried out using asymmetric encryption mode to second key, is obtained and the target private data pair
The first key answered;
Or
Secondary encryption is carried out using symmetric cryptography mode to second key, is obtained corresponding with the target private data
The first key;
Or
Secondary encryption is carried out using broadcast encryption scheme to second key, is obtained corresponding with the target private data
The first key.
Preferably, the method, further includes:
The destination node reads the first key;
The encryption data in the block chain network is read based on the first key;
The encryption data is decrypted based on the first key, obtains the target private data.
A kind of data processing equipment is applied to block chain network, and the block chain network includes multiple nodes, described device
Include:
Module is obtained, for obtaining target private data;
Setup module, for first key corresponding with the target private data to be arranged;
Distribution module, for the first key to be distributed to destination node, the destination node is to meet described in access
The node of target private data, the quantity of the destination node are less than or equal to the node in the block chain network.
Preferably, the device, further includes:
Encrypting module is added for being encrypted based on the first key to the corresponding target private data
Ciphertext data;
It is stored in module, for the encryption data to be sent to the block chain network, by the block chain network
The encryption data is stored in block chain by each node.
Preferably, the setup module is when executing setting first key corresponding with the target private data, specifically
For:
Second key is set;
Secondary encryption is carried out to second key, obtains the first key corresponding with the target private data.
Preferably, the setup module is specifically used for when executing the second key of setting:
Based on cipher key combinations, second key corresponding with the target private data is set.
Preferably, the setup module is being executed to the secondary encryption of second key progress, is obtained hidden with the target
When the corresponding first key of private data, it is specifically used for:
Secondary encryption is carried out using asymmetric encryption mode to second key, is obtained and the target private data pair
The first key answered;
Or
Secondary encryption is carried out using symmetric cryptography mode to second key, is obtained corresponding with the target private data
The first key;
Or
Secondary encryption is carried out using broadcast encryption scheme to second key, is obtained corresponding with the target private data
The first key.
Preferably, described device further include:
First read module reads the first key for the destination node;
Second read module, for reading the encryption data in the block chain network based on the first key;
Deciphering module obtains the target private data for decrypting the encryption data based on the first key.
A kind of computer system is applied to block chain network, and the block chain network includes multiple nodes, the computer
System include: memory, processor and storage on a memory and the computer program that can run on a processor, the processing
Device execute described program when for realizing:
Obtain target private data;
First key corresponding with the target private data is set;
The first key is distributed to destination node, the destination node is to meet to access the target private data
Node, the quantity of the destination node are less than or equal to the node in the block chain network.
Preferably, the processor is also used to:
The corresponding target private data is encrypted based on the first key, obtains encryption data;
The encryption data is sent to the block chain network, described will be added by each node in the block chain network
Ciphertext data is stored in block chain.
Preferably, the processor is specific to use when executing setting first key corresponding with the target private data
In:
Second key is set;
Secondary encryption is carried out to second key, obtains the first key corresponding with the target private data.
Preferably, the processor is specifically used for when executing the second key of setting:
Based on cipher key combinations, second key corresponding with the target private data is set.
Preferably, the processor is being executed to the secondary encryption of second key progress, is obtained and the target privacy
When the corresponding first key of data, it is specifically used for:
Secondary encryption is carried out using asymmetric encryption mode to second key, is obtained and the target private data pair
The first key answered;
Or
Secondary encryption is carried out using symmetric cryptography mode to second key, is obtained corresponding with the target private data
The first key;
Or
Secondary encryption is carried out using broadcast encryption scheme to second key, is obtained corresponding with the target private data
The first key.
The processor, is also used to:
The destination node reads the first key;
The encryption data in the block chain network is read based on the first key;
The encryption data is decrypted based on the first key, obtains the target private data.
It can be seen from the above technical proposal that a kind of data processing method disclosed in the disclosure, is applied to block chain network,
Wherein, block chain network includes multiple nodes, first acquisition target private data, is then arranged corresponding with target private data
First key is distributed to destination node by first key, wherein and destination node is the node for meeting access target private data,
And the quantity of destination node is less than or equal to the node in block chain network.The disclosure is by will corresponding with target private data the
One key is distributed to destination node, realizes the only accessible target private data of destination node, improves block chain number
According to secret protection.
Detailed description of the invention
In order to illustrate more clearly of the embodiment of the present disclosure or technical solution in the prior art, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Disclosed embodiment for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is a kind of method flow diagram of data processing method embodiment 1 disclosed in the disclosure;
Fig. 2 is a kind of method flow diagram of data processing method embodiment 2 disclosed in the disclosure;
Fig. 3 is a kind of method flow diagram of data processing method embodiment 3 disclosed in the disclosure;
Fig. 4 is a kind of method flow diagram of data processing method embodiment 4 disclosed in the disclosure;
Fig. 5 is a kind of structural schematic diagram of data processing equipment embodiment 1 disclosed in the disclosure;
Fig. 6 is a kind of structural schematic diagram of data processing equipment embodiment 2 disclosed in the disclosure;
Fig. 7 is a kind of structural schematic diagram of data processing equipment embodiment 3 disclosed in the disclosure;
Fig. 8 is a kind of structural schematic diagram of data processing equipment embodiment 4 disclosed in the disclosure;
Fig. 9 is a kind of structural schematic diagram of computer system embodiment 1 disclosed in the disclosure.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present disclosure, the technical solution in the embodiment of the present disclosure is carried out clear, complete
Site preparation description, it is clear that described embodiment is only disclosure a part of the embodiment, instead of all the embodiments.It is based on
Embodiment in the disclosure, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment belongs to the range of disclosure protection.Below in conjunction with the attached drawing in the embodiment of the present disclosure, in the embodiment of the present disclosure
Technical solution be clearly and completely described, it is clear that described embodiment is only disclosure a part of the embodiment, and
The embodiment being not all of.Based on the embodiment in the disclosure, those of ordinary skill in the art are not making creative work
Under the premise of every other embodiment obtained, belong to the disclosure protection range.
As shown in Figure 1, for a kind of method flow diagram of data processing method embodiment 1 disclosed in the disclosure, wherein described
Method is applied to block chain network, and the block chain network includes multiple nodes, and the method may include following steps:
S101, target private data is obtained;
When needing to enhance the secret protection of block chain network data, target private data is obtained first, wherein described
Target private data is the data for needing to carry out secret protection defined according to different actual demands.For example, can be number of deals
The data such as price data, conclusion of the business quantity in.
S102, setting first key corresponding with target private data;
After getting target private data, first key corresponding with target private data is further set.For example, setting
The first key for setting target private data A is a, and the first key of setting target private data B is b.
S103, first key is distributed to destination node, destination node is the node for meeting access target private data, mesh
The quantity of node is marked less than or equal to the node in block chain network.
After first key corresponding with target private data is set, the first key of setting is distributed to destination node,
Wherein, destination node is to meet the node for being able to access that target private data, that is, destination node has access target private data
Permission.The quantity of destination node is less than or equal to the node in block chain network, that is, destination node can be in block chain network
Part of nodes, or be all nodes in block chain network.For example, having node A, node B, node C in block chain network
With node D, when target private data is price data, destination node can be node A and node B, and node A and node B are obtained
Obtain the corresponding first key of target private data;When target private data be conclusion of the business quantity when, destination node can for node A,
Node B and node C, node A, node B and node C obtain the corresponding first key of target private data.
In conclusion a kind of data processing method disclosed in above-described embodiment, first acquisition target private data, then set
First key corresponding with target private data is set, first key is distributed to destination node, wherein destination node is to meet to visit
Ask the node of target private data, and the quantity of destination node is less than or equal to the node in block chain network.The disclosure pass through by
First key corresponding with target private data is distributed to destination node, and realizing only destination node, just accessible target is hidden
Private data improve the secret protection of block chain data.
As shown in Fig. 2, for a kind of method flow diagram of data processing method embodiment 2 disclosed in the disclosure, wherein described
Method is applied to block chain network, and the block chain network includes multiple nodes, and the method may include following steps:
S201, target private data is obtained;
When needing to enhance the secret protection of block chain network data, target private data is obtained first, wherein described
Target private data is the data for needing to carry out secret protection defined according to different actual demands.For example, can be number of deals
The data such as price data, conclusion of the business quantity in.
S202, the second key of setting;
After getting target private data, first key corresponding with target private data is further set.It is being arranged
When first key corresponding with target private data, second key can be set first.
Specifically, the second key can be the combination being made of different keys when the second key is arranged.For example, the
Two keys can be to be made of key 1 and the combination of key 2.
S203, secondary encryption is carried out to the second key, obtains first key corresponding with target private data;
After obtaining the second key, secondary encryption further is carried out to the second key, is obtained after encryption and target privacy number
According to corresponding first key.
Specifically, when obtaining first key to the secondary encryption of the second key progress, it can be to the second key using non-right
Claim cipher mode to carry out secondary encryption, obtains first key corresponding with target private data;Second key can also be used
Symmetric cryptography mode carries out secondary encryption, obtains first key corresponding with target private data;Second key can also be adopted
Secondary encryption is carried out with broadcast encryption scheme (e.g., multi-party computations mode), is obtained corresponding with target private data described
First key.
S204, first key is distributed to destination node, destination node is the node for meeting access target private data, mesh
The quantity of node is marked less than or equal to the node in block chain network.
After first key corresponding with target private data is set, the first key of setting is distributed to destination node,
Wherein, destination node is to meet the node for being able to access that target private data, that is, destination node has access target private data
Permission.The quantity of destination node is less than or equal to the node in block chain network, that is, destination node can be in block chain network
Part of nodes, or be all nodes in block chain network.For example, having node A, node B, node C in block chain network
With node D, when target private data is price data, destination node can be node A and node B, and node A and node B are obtained
Obtain the corresponding first key of target private data;When target private data be conclusion of the business quantity when, destination node can for node A,
Node B and node C, node A, node B and node C obtain the corresponding first key of target private data.
In conclusion a kind of data processing method disclosed in above-described embodiment, first acquisition target private data, then set
The second key is set, secondary encryption is carried out to the second key, first key corresponding with target private data is obtained, by first key
It is distributed to destination node, wherein destination node is the node for meeting access target private data, and the quantity of destination node is less than
Equal to the node in block chain network.The disclosure obtains first key by the way of secondary encryption, further improves block
The secret protection of chain data realizes then by the way that first key corresponding with target private data is distributed to destination node
The only accessible target private data of destination node, improves the secret protection of block chain data.
As shown in figure 3, for a kind of method flow diagram of data processing method embodiment 3 disclosed in the disclosure, wherein described
Method is applied to block chain network, and the block chain network includes multiple nodes, and the method may include following steps:
S301, target private data is obtained;
When needing to enhance the secret protection of block chain network data, target private data is obtained first, wherein described
Target private data is the data for needing to carry out secret protection defined according to different actual demands.For example, can be number of deals
The data such as price data, conclusion of the business quantity in.
S302, setting first key corresponding with target private data;
After getting target private data, first key corresponding with target private data is further set.For example, setting
The first key for setting target private data A is a, and the first key of setting target private data B is b.
S303, first key is distributed to destination node, destination node is the node for meeting access target private data, mesh
The quantity of node is marked less than or equal to the node in block chain network;
After first key corresponding with target private data is set, the first key of setting is distributed to destination node,
Wherein, destination node is to meet the node for being able to access that target private data, that is, destination node has access target private data
Permission.The quantity of destination node is less than or equal to the node in block chain network, that is, destination node can be in block chain network
Part of nodes, or be all nodes in block chain network.For example, having node A, node B, node C in block chain network
With node D, when target private data is price data, destination node can be node A and node B, and node A and node B are obtained
Obtain the corresponding first key of target private data;When target private data be conclusion of the business quantity when, destination node can for node A,
Node B and node C, node A, node B and node C obtain the corresponding first key of target private data.
S304, corresponding target private data is encrypted based on first key, obtains encryption data;
After first key corresponding with target private data is arranged, further by first key to target private data
It is encrypted, obtains encryption data.For example, being encrypted by first key a to target private data A.
S305, encryption data is sent to block chain network, is stored in encryption data by each node in block chain network
Block chain.
Then the encryption data obtained after encryption is sent to block chain network, it will by each node in block chain network
Encryption data is stored in block chain.For example, having node A, node B, node C and node D in block chain network, then pass through node A, section
Encryption data is stored in block chain by point B, node C and node D.
In conclusion a kind of data processing method disclosed in above-described embodiment, first acquisition target private data, then set
First key corresponding with target private data is set, first key is distributed to destination node, wherein destination node is to meet to visit
Ask the node of target private data, and the quantity of destination node is less than or equal to the node in block chain network, and close based on first
Key encrypts corresponding target private data, obtains encryption data, encryption data is sent to block chain network, by block
Encryption data is stored in block chain by each node in chain network.The disclosure passes through will first key corresponding with target private data
It is distributed to destination node, the only accessible target private data of destination node ability is realized, improves the hidden of block chain data
Private protection.Further target private data is encrypted by first key, further improves the privacy of block chain data
Protection.
As shown in figure 4, for a kind of method flow diagram of data processing method embodiment 4 disclosed in the disclosure, wherein described
Method is applied to block chain network, and the block chain network includes multiple nodes, and the method may include following steps:
S401, target private data is obtained;
When needing to enhance the secret protection of block chain network data, target private data is obtained first, wherein described
Target private data is the data for needing to carry out secret protection defined according to different actual demands.For example, can be number of deals
The data such as price data, conclusion of the business quantity in.
S402, setting first key corresponding with target private data;
After getting target private data, first key corresponding with target private data is further set.For example, setting
The first key for setting target private data A is a, and the first key of setting target private data B is b.
S403, first key is distributed to destination node, destination node is the node for meeting access target private data, mesh
The quantity of node is marked less than or equal to the node in block chain network;
After first key corresponding with target private data is set, the first key of setting is distributed to destination node,
Wherein, destination node is to meet the node for being able to access that target private data, that is, destination node has access target private data
Permission.The quantity of destination node is less than or equal to the node in block chain network, that is, destination node can be in block chain network
Part of nodes, or be all nodes in block chain network.For example, having node A, node B, node C in block chain network
With node D, when target private data is price data, destination node can be node A and node B, and node A and node B are obtained
Obtain the corresponding first key of target private data;When target private data be conclusion of the business quantity when, destination node can for node A,
Node B and node C, node A, node B and node C obtain the corresponding first key of target private data.
S404, corresponding target private data is encrypted based on first key, obtains encryption data;
After first key corresponding with target private data is arranged, further by first key to target private data
It is encrypted, obtains encryption data.For example, being encrypted by first key a to target private data A.
S405, encryption data is sent to block chain network, is stored in encryption data by each node in block chain network
Block chain;
Then the encryption data obtained after encryption is sent to block chain network, it will by each node in block chain network
Encryption data is stored in block chain.For example, having node A, node B, node C and node D in block chain network, then pass through node A, section
Encryption data is stored in block chain by point B, node C and node D.
S406, destination node read first key;
When the node in block chain network needs to obtain target private data, node can go to read first key first,
Since first key has been distributed only to destination node, so only having destination node that can read and mesh when reading first key
Mark the corresponding first key of private data.For example, have node A, node B, node C and node D in block chain network, when first close
When key is distributed only to node A and node B, node C and node D can not read first key.
S407, the encryption data in block chain network is read based on first key;
After destination node reads first key, further read in block chain network by first key corresponding
Encryption data.
S408, encryption data is decrypted based on first key, obtains target private data.
Then the encryption data read is decrypted according to first key, obtains corresponding target private data.
It should be noted that being decrypted when first key is the key obtained by secondary encryption according to first key
When encryption data, it is necessary first to carry out secondary decryption to the second key, then add further according to the key pair obtained after secondary decryption
Ciphertext data is decrypted, and finally obtains target private data.
In conclusion above-described embodiment is by being distributed to destination node for first key corresponding with target private data,
The only accessible target private data of destination node ability is realized, the secret protection of block chain data is improved.Further lead to
It crosses first key to encrypt target private data, further improves the secret protection of block chain data.It is further able to
First key is read by destination node, encryption data is decrypted to obtain target privacy number by the first key read
According to target private data can just be read by realizing only destination node, and the privacy for further improving block chain data is protected
Shield.
As shown in figure 5, for a kind of structural schematic diagram of data processing equipment embodiment 1 disclosed in the disclosure, wherein described
Device is applied to block chain network, and the block chain network includes multiple nodes, and side's device may include:
Module 501 is obtained, for obtaining target private data;
When needing to enhance the secret protection of block chain network data, target private data is obtained first, wherein described
Target private data is the data for needing to carry out secret protection defined according to different actual demands.For example, can be number of deals
The data such as price data, conclusion of the business quantity in.
Setup module 502, for first key corresponding with target private data to be arranged;
After getting target private data, first key corresponding with target private data is further set.For example, setting
The first key for setting target private data A is a, and the first key of setting target private data B is b.
Distribution module 503, for first key to be distributed to destination node, destination node is to meet access target privacy number
According to node, the quantity of destination node is less than or equal to the node in block chain network.
After first key corresponding with target private data is set, the first key of setting is distributed to destination node,
Wherein, destination node is to meet the node for being able to access that target private data, that is, destination node has access target private data
Permission.The quantity of destination node is less than or equal to the node in block chain network, that is, destination node can be in block chain network
Part of nodes, or be all nodes in block chain network.For example, having node A, node B, node C in block chain network
With node D, when target private data is price data, destination node can be node A and node B, and node A and node B are obtained
Obtain the corresponding first key of target private data;When target private data be conclusion of the business quantity when, destination node can for node A,
Node B and node C, node A, node B and node C obtain the corresponding first key of target private data.
In conclusion a kind of data processing method disclosed in above-described embodiment, first acquisition target private data, then set
First key corresponding with target private data is set, first key is distributed to destination node, wherein destination node is to meet to visit
Ask the node of target private data, and the quantity of destination node is less than or equal to the node in block chain network.The disclosure pass through by
First key corresponding with target private data is distributed to destination node, and realizing only destination node, just accessible target is hidden
Private data improve the secret protection of block chain data.
As shown in fig. 6, for a kind of structural schematic diagram of data processing equipment embodiment 2 disclosed in the disclosure, wherein described
Device is applied to block chain network, and the block chain network includes multiple nodes, and side's device may include:
Module 601 is obtained, for obtaining target private data;
When needing to enhance the secret protection of block chain network data, target private data is obtained first, wherein described
Target private data is the data for needing to carry out secret protection defined according to different actual demands.For example, can be number of deals
The data such as price data, conclusion of the business quantity in.
Setup module 602, for the second key to be arranged;
After getting target private data, first key corresponding with target private data is further set.It is being arranged
When first key corresponding with target private data, second key can be set first.
Specifically, the second key can be the combination being made of different keys when the second key is arranged.For example, the
Two keys can be to be made of key 1 and the combination of key 2.
Setup module 602 is also used to carry out secondary encryption to the second key, obtains corresponding with target private data first
Key;
After obtaining the second key, secondary encryption further is carried out to the second key, is obtained after encryption and target privacy number
According to corresponding first key.
Specifically, when obtaining first key to the secondary encryption of the second key progress, it can be to the second key using non-right
Claim cipher mode to carry out secondary encryption, obtains first key corresponding with target private data;Second key can also be used
Symmetric cryptography mode carries out secondary encryption, obtains first key corresponding with target private data;Second key can also be adopted
Secondary encryption is carried out with broadcast encryption scheme (e.g., multi-party computations mode), is obtained corresponding with target private data described
First key.
Distribution module 603, for first key to be distributed to destination node, destination node is to meet access target privacy number
According to node, the quantity of destination node is less than or equal to the node in block chain network.
After first key corresponding with target private data is set, the first key of setting is distributed to destination node,
Wherein, destination node is to meet the node for being able to access that target private data, that is, destination node has access target private data
Permission.The quantity of destination node is less than or equal to the node in block chain network, that is, destination node can be in block chain network
Part of nodes, or be all nodes in block chain network.For example, having node A, node B, node C in block chain network
With node D, when target private data is price data, destination node can be node A and node B, and node A and node B are obtained
Obtain the corresponding first key of target private data;When target private data be conclusion of the business quantity when, destination node can for node A,
Node B and node C, node A, node B and node C obtain the corresponding first key of target private data.
In conclusion a kind of data processing method disclosed in above-described embodiment, first acquisition target private data, then set
The second key is set, secondary encryption is carried out to the second key, first key corresponding with target private data is obtained, by first key
It is distributed to destination node, wherein destination node is the node for meeting access target private data, and the quantity of destination node is less than
Equal to the node in block chain network.The disclosure obtains first key by the way of secondary encryption, further improves block
The secret protection of chain data realizes then by the way that first key corresponding with target private data is distributed to destination node
The only accessible target private data of destination node, improves the secret protection of block chain data.
As shown in fig. 7, for a kind of structural schematic diagram of data processing equipment embodiment 3 disclosed in the disclosure, wherein described
Device is applied to block chain network, and the block chain network includes multiple nodes, and side's device may include:
Module 701 is obtained, for obtaining target private data;
When needing to enhance the secret protection of block chain network data, target private data is obtained first, wherein described
Target private data is the data for needing to carry out secret protection defined according to different actual demands.For example, can be number of deals
The data such as price data, conclusion of the business quantity in.
Setup module 702, for first key corresponding with target private data to be arranged;
After getting target private data, first key corresponding with target private data is further set.For example, setting
The first key for setting target private data A is a, and the first key of setting target private data B is b.
Distribution module 703, for first key to be distributed to destination node, destination node is to meet access target privacy number
According to node, the quantity of destination node is less than or equal to the node in block chain network;
After first key corresponding with target private data is set, the first key of setting is distributed to destination node,
Wherein, destination node is to meet the node for being able to access that target private data, that is, destination node has access target private data
Permission.The quantity of destination node is less than or equal to the node in block chain network, that is, destination node can be in block chain network
Part of nodes, or be all nodes in block chain network.For example, having node A, node B, node C in block chain network
With node D, when target private data is price data, destination node can be node A and node B, and node A and node B are obtained
Obtain the corresponding first key of target private data;When target private data be conclusion of the business quantity when, destination node can for node A,
Node B and node C, node A, node B and node C obtain the corresponding first key of target private data.
Encrypting module 704 obtains encryption number for encrypting based on first key to corresponding target private data
According to;
After first key corresponding with target private data is arranged, further by first key to target private data
It is encrypted, obtains encryption data.For example, being encrypted by first key a to target private data A.
It is stored in module 705, for encryption data to be sent to block chain network, will be added by each node in block chain network
Ciphertext data is stored in block chain.
Then the encryption data obtained after encryption is sent to block chain network, it will by each node in block chain network
Encryption data is stored in block chain.For example, having node A, node B, node C and node D in block chain network, then pass through node A, section
Encryption data is stored in block chain by point B, node C and node D.
In conclusion a kind of data processing method disclosed in above-described embodiment, first acquisition target private data, then set
First key corresponding with target private data is set, first key is distributed to destination node, wherein destination node is to meet to visit
Ask the node of target private data, and the quantity of destination node is less than or equal to the node in block chain network, and close based on first
Key encrypts corresponding target private data, obtains encryption data, encryption data is sent to block chain network, by block
Encryption data is stored in block chain by each node in chain network.The disclosure passes through will first key corresponding with target private data
It is distributed to destination node, the only accessible target private data of destination node ability is realized, improves the hidden of block chain data
Private protection.Further target private data is encrypted by first key, further improves the privacy of block chain data
Protection.
As shown in figure 8, for a kind of structural schematic diagram of data processing equipment embodiment 4 disclosed in the disclosure, wherein described
Device is applied to block chain network, and the block chain network includes multiple nodes, and side's device may include:
Module 801 is obtained, for obtaining target private data;
When needing to enhance the secret protection of block chain network data, target private data is obtained first, wherein described
Target private data is the data for needing to carry out secret protection defined according to different actual demands.For example, can be number of deals
The data such as price data, conclusion of the business quantity in.
Setup module 802, for first key corresponding with target private data to be arranged;
After getting target private data, first key corresponding with target private data is further set.For example, setting
The first key for setting target private data A is a, and the first key of setting target private data B is b.
Distribution module 803, for first key to be distributed to destination node, destination node is to meet access target privacy number
According to node, the quantity of destination node is less than or equal to the node in block chain network;
After first key corresponding with target private data is set, the first key of setting is distributed to destination node,
Wherein, destination node is to meet the node for being able to access that target private data, that is, destination node has access target private data
Permission.The quantity of destination node is less than or equal to the node in block chain network, that is, destination node can be in block chain network
Part of nodes, or be all nodes in block chain network.For example, having node A, node B, node C in block chain network
With node D, when target private data is price data, destination node can be node A and node B, and node A and node B are obtained
Obtain the corresponding first key of target private data;When target private data be conclusion of the business quantity when, destination node can for node A,
Node B and node C, node A, node B and node C obtain the corresponding first key of target private data.
Encrypting module 804 obtains encryption number for encrypting based on first key to corresponding target private data
According to;
After first key corresponding with target private data is arranged, further by first key to target private data
It is encrypted, obtains encryption data.For example, being encrypted by first key a to target private data A.
It is stored in module 805, for encryption data to be sent to block chain network, will be added by each node in block chain network
Ciphertext data is stored in block chain;
Then the encryption data obtained after encryption is sent to block chain network, it will by each node in block chain network
Encryption data is stored in block chain.For example, having node A, node B, node C and node D in block chain network, then pass through node A, section
Encryption data is stored in block chain by point B, node C and node D.
First read module 806 reads first key for destination node;
When the node in block chain network needs to obtain target private data, node can go to read first key first,
Since first key has been distributed only to destination node, so only having destination node that can read and mesh when reading first key
Mark the corresponding first key of private data.For example, have node A, node B, node C and node D in block chain network, when first close
When key is distributed only to node A and node B, node C and node D can not read first key.
Second read module 807, for reading the encryption data in block chain network based on first key;
After destination node reads first key, further read in block chain network by first key corresponding
Encryption data.
Deciphering module 808 obtains target private data for decrypting encryption data based on first key.
Then the encryption data read is decrypted according to first key, obtains corresponding target private data.
It should be noted that being decrypted when first key is the key obtained by secondary encryption according to first key
When encryption data, it is necessary first to carry out secondary decryption to the second key, then add further according to the key pair obtained after secondary decryption
Ciphertext data is decrypted, and finally obtains target private data.
In conclusion above-described embodiment is by being distributed to destination node for first key corresponding with target private data,
The only accessible target private data of destination node ability is realized, the secret protection of block chain data is improved.Further lead to
It crosses first key to encrypt target private data, further improves the secret protection of block chain data.It is further able to
First key is read by destination node, encryption data is decrypted to obtain target privacy number by the first key read
According to target private data can just be read by realizing only destination node, and the privacy for further improving block chain data is protected
Shield.
As shown in figure 9, for a kind of structural schematic diagram of computer system embodiment 1 disclosed in the disclosure, wherein the system
System is applied to block chain network, and the block chain network includes multiple nodes, and the computer system includes: memory 901, place
It manages device 902 and is stored in the computer program that can be run on memory 901 and on processor 902, processor 902 executes program
When for realizing:
Obtain target private data;
First key corresponding with target private data is set;
First key is distributed to destination node, destination node is the node for meeting access target private data, target section
The quantity of point is less than or equal to the node in block chain network.
When needing to enhance the secret protection of block chain network data, target private data is obtained first, wherein described
Target private data is the data for needing to carry out secret protection defined according to different actual demands.For example, can be number of deals
The data such as price data, conclusion of the business quantity in.
After getting target private data, first key corresponding with target private data is further set.For example, setting
The first key for setting target private data A is a, and the first key of setting target private data B is b.
After first key corresponding with target private data is set, the first key of setting is distributed to destination node,
Wherein, destination node is to meet the node for being able to access that target private data, that is, destination node has access target private data
Permission.The quantity of destination node is less than or equal to the node in block chain network, that is, destination node can be in block chain network
Part of nodes, or be all nodes in block chain network.For example, having node A, node B, node C in block chain network
With node D, when target private data is price data, destination node can be node A and node B, and node A and node B are obtained
Obtain the corresponding first key of target private data;When target private data be conclusion of the business quantity when, destination node can for node A,
Node B and node C, node A, node B and node C obtain the corresponding first key of target private data.
In conclusion a kind of data processing method disclosed in above-described embodiment, first acquisition target private data, then set
First key corresponding with target private data is set, first key is distributed to destination node, wherein destination node is to meet to visit
Ask the node of target private data, and the quantity of destination node is less than or equal to the node in block chain network.The disclosure pass through by
First key corresponding with target private data is distributed to destination node, and realizing only destination node, just accessible target is hidden
Private data improve the secret protection of block chain data.
It should be noted that all the embodiments in this specification are described in a progressive manner, each embodiment weight
Point explanation is the difference from other embodiments, and the same or similar parts between the embodiments can be referred to each other.
For device or system class embodiment, since it is basically similar to the method embodiment, so be described relatively simple, it is related
Place illustrates referring to the part of embodiment of the method.
It should also be noted that, herein, relational terms such as first and second and the like are used merely to one
Entity or operation are distinguished with another entity or operation, without necessarily requiring or implying between these entities or operation
There are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant are intended to contain
Lid non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those
Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment
Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that
There is also other identical elements in process, method, article or equipment including the element.
The step of method described in conjunction with the examples disclosed in this document or algorithm, can directly be held with hardware, processor
The combination of capable software module or the two is implemented.Software module can be placed in random access memory (RAM), memory, read-only deposit
Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology
In any other form of storage medium well known in field.
The foregoing description of the disclosed embodiments makes professional and technical personnel in the field can be realized or use the disclosure.
Various modifications to these embodiments will be readily apparent to those skilled in the art, as defined herein
General Principle can be realized in other embodiments without departing from the spirit or the scope of the present disclosure.Therefore, the disclosure
It is not intended to be limited to the embodiments shown herein, and is to fit to and the principles and novel features disclosed herein phase one
The widest scope of cause.
Claims (10)
1. a kind of data processing method is applied to block chain network, the block chain network includes multiple nodes, the method packet
It includes:
Obtain target private data;
First key corresponding with the target private data is set;
The first key is distributed to destination node, the destination node is to meet the section for accessing the target private data
Point, the quantity of the destination node are less than or equal to the node in the block chain network.
2. according to the method described in claim 1, further include:
The corresponding target private data is encrypted based on the first key, obtains encryption data;
The encryption data is sent to the block chain network, by each node in the block chain network by the encryption number
According to deposit block chain.
3. according to the method described in claim 1, setting first key corresponding with the target private data includes:
Second key is set;
Secondary encryption is carried out to second key, obtains the first key corresponding with the target private data.
4. according to the method described in claim 3, the second key of the setting, comprising:
Based on cipher key combinations, second key corresponding with the target private data is set.
5. being obtained hidden with the target according to the method described in claim 3, described carry out secondary encryption to second key
The corresponding first key of private data, comprising:
Secondary encryption is carried out using asymmetric encryption mode to second key, is obtained corresponding with the target private data
The first key;
Or
Secondary encryption is carried out using symmetric cryptography mode to second key, obtains institute corresponding with the target private data
State first key;
Or
Secondary encryption is carried out using broadcast encryption scheme to second key, obtains institute corresponding with the target private data
State first key.
6. according to the method described in claim 2, further include:
The destination node reads the first key;
The encryption data in the block chain network is read based on the first key;
The encryption data is decrypted based on the first key, obtains the target private data.
7. a kind of data processing equipment is applied to block chain network, the block chain network includes multiple nodes, described device packet
It includes:
Module is obtained, for obtaining target private data;
Setup module, for first key corresponding with the target private data to be arranged;
Distribution module, for the first key to be distributed to destination node, the destination node is to meet to access the target
The node of private data, the quantity of the destination node are less than or equal to the node in the block chain network.
8. device according to claim 7, further includes:
Encrypting module obtains encryption number for encrypting based on the first key to the corresponding target private data
According to;
It is stored in module, for the encryption data to be sent to the block chain network, by each section in the block chain network
The encryption data is stored in block chain by point.
9. device according to claim 8, further includes:
First read module reads the first key for the destination node;
Second read module, for reading the encryption data in the block chain network based on the first key;
Deciphering module obtains the target private data for decrypting the encryption data based on the first key.
10. a kind of computer system is applied to block chain network, the block chain network includes multiple nodes, the computer
System include: memory, processor and storage on a memory and the computer program that can run on a processor, the processing
Device execute described program when for realizing:
Obtain target private data;
First key corresponding with the target private data is set;
The first key is distributed to destination node, the destination node is to meet the section for accessing the target private data
Point, the quantity of the destination node are less than or equal to the node in the block chain network.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910472247.6A CN110213268A (en) | 2019-05-31 | 2019-05-31 | A kind of data processing method, data processing equipment and computer system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910472247.6A CN110213268A (en) | 2019-05-31 | 2019-05-31 | A kind of data processing method, data processing equipment and computer system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110213268A true CN110213268A (en) | 2019-09-06 |
Family
ID=67790190
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910472247.6A Pending CN110213268A (en) | 2019-05-31 | 2019-05-31 | A kind of data processing method, data processing equipment and computer system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110213268A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112989400A (en) * | 2019-12-13 | 2021-06-18 | 北京百度网讯科技有限公司 | Privacy transaction processing method and device, electronic equipment and medium |
CN114666064A (en) * | 2022-03-25 | 2022-06-24 | 广东启链科技有限公司 | Block chain-based digital asset management method, device, storage medium and equipment |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107273759A (en) * | 2017-05-08 | 2017-10-20 | 上海点融信息科技有限责任公司 | Method, equipment and computer-readable recording medium for protecting block chain data |
KR20190012969A (en) * | 2017-07-31 | 2019-02-11 | 서강대학교산학협력단 | Data access management system based on blockchain and method thereof |
-
2019
- 2019-05-31 CN CN201910472247.6A patent/CN110213268A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107273759A (en) * | 2017-05-08 | 2017-10-20 | 上海点融信息科技有限责任公司 | Method, equipment and computer-readable recording medium for protecting block chain data |
KR20190012969A (en) * | 2017-07-31 | 2019-02-11 | 서강대학교산학협력단 | Data access management system based on blockchain and method thereof |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112989400A (en) * | 2019-12-13 | 2021-06-18 | 北京百度网讯科技有限公司 | Privacy transaction processing method and device, electronic equipment and medium |
CN114666064A (en) * | 2022-03-25 | 2022-06-24 | 广东启链科技有限公司 | Block chain-based digital asset management method, device, storage medium and equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109033855B (en) | Data transmission method and device based on block chain and storage medium | |
CN110033258B (en) | Service data encryption method and device based on block chain | |
CN111797415A (en) | Block chain based data sharing method, electronic device and storage medium | |
Zhu et al. | Towards temporal access control in cloud computing | |
Wan et al. | HASBE: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing | |
Zhao et al. | Realizing fine-grained and flexible access control to outsourced data with attribute-based cryptosystems | |
CN103502994B (en) | Method for handling privacy data | |
CN109120639A (en) | A kind of data cloud storage encryption method and system based on block chain | |
Di Vimercati et al. | Encryption-based policy enforcement for cloud storage | |
Guo et al. | TABE-DAC: Efficient traceable attribute-based encryption scheme with dynamic access control based on blockchain | |
Louk et al. | Homomorphic encryption in mobile multi cloud computing | |
CN103248476B (en) | The management method of data encryption key, system and terminal | |
CN104063334A (en) | Encryption method and system based on data attributions | |
CN109729041A (en) | A kind of publication of encrypted content and acquisition methods and device | |
KR101615137B1 (en) | Data access method based on attributed | |
US20200228334A1 (en) | Method and system for data ownership confirmation based on encryption | |
CN110213268A (en) | A kind of data processing method, data processing equipment and computer system | |
Liu et al. | A blockchain-based secure cloud files sharing scheme with fine-grained access control | |
CN111444268A (en) | Data encryption method based on block chain | |
CN102542645A (en) | Entrance guard authentication method and system | |
CN110019463A (en) | A kind of data store query method and system shared in many ways | |
Borrell et al. | Securing the itinerary of mobile agents through a non-repudiation protocol | |
Palit et al. | AUGChain: blockchain-based mobile user authentication scheme in global mobility network | |
CN111010386B (en) | Privacy protection and data supervision control method based on shared account book | |
Badra et al. | Privacy-preserving and efficient aggregation for smart grid based on blockchain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190906 |