CN110765488B - Data storage and reading method and electronic equipment - Google Patents

Data storage and reading method and electronic equipment Download PDF

Info

Publication number
CN110765488B
CN110765488B CN201911029706.XA CN201911029706A CN110765488B CN 110765488 B CN110765488 B CN 110765488B CN 201911029706 A CN201911029706 A CN 201911029706A CN 110765488 B CN110765488 B CN 110765488B
Authority
CN
China
Prior art keywords
key
target data
data
encrypted
block
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911029706.XA
Other languages
Chinese (zh)
Other versions
CN110765488A (en
Inventor
陈飞飞
王云浩
过晓冰
杨四雄
李永鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lenovo Beijing Ltd
Original Assignee
Lenovo Beijing Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lenovo Beijing Ltd filed Critical Lenovo Beijing Ltd
Priority to CN201911029706.XA priority Critical patent/CN110765488B/en
Publication of CN110765488A publication Critical patent/CN110765488A/en
Application granted granted Critical
Publication of CN110765488B publication Critical patent/CN110765488B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor

Abstract

The application discloses a data storage and reading method and electronic equipment, wherein in the method, a secret key is generated after first target data to be stored in a block chain is obtained; storing a first key portion of the key to a state database, the state database having a set access right; sensitive data in the first target data are encrypted by using a secret key, and the encrypted first target data are stored in the block chain. After the query instruction is obtained, reading the encrypted second target data from the block chain based on the identification number of the second target data to be queried, which is carried by the query instruction; if the source node of the query instruction has the access right of the state database, acquiring a first key part related to the second target data from the state database; and decrypting the sensitive data in the encrypted second target data by using the key determined by the first key part to obtain decrypted second target data. The scheme of the application can improve the safety of sensitive data in the block chain.

Description

Data storage and reading method and electronic equipment
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a data storage and reading method and an electronic device.
Background
In the production, circulation and transmission processes of articles or information, key data of the articles or the information need to be acquired or stored, and the acquired data is stored according to a certain format, so that the tracing of the articles or the information can be realized by inquiring the key data stored in each link of storage.
Since the block chaining technology can make data have traceability and tamper resistance, the block chaining technology is widely applied to the traceability field. However, due to the characteristics of the consistency of distributed account book nodes in the blockchain technology and the complete transparency of each node in the blockchain, risks are brought to some private data involved in tracing, and therefore the security of some private data cannot be guaranteed. For example, in a traceability application, some information may only be expected to be known to individual participants in the circulation of items or information, but should be kept secret from other participants, for example, employee personal sensitive information in a corporate asset needs to be kept secret from other network participants outside the corporation in the blockchain. Therefore, in a data tracing application, how to improve the security of private data in a blockchain is a technical problem to be solved by those skilled in the art.
Disclosure of Invention
The application aims to provide a data storage and reading method and an electronic device, so that the safety of sensitive data in a block chain is improved.
In order to achieve the purpose, the application provides the following technical scheme:
a method of data storage, comprising:
obtaining first target data to be stored in a block chain, wherein the first target data comprises sensitive data;
generating a key, the key comprising at least a first key portion;
storing a first key portion of the key into a state database of the blockchain, the state database having set access rights;
encrypting sensitive data in the first target data by using the secret key to obtain encrypted first target data;
storing the encrypted first target data into a block of the block chain.
Preferably, the key further comprises: a second key portion;
the storing the encrypted first target data into a block of the block chain includes:
storing the encrypted first target data and the second key portion into a block of the block chain.
Preferably, the generating the key includes:
obtaining a key seed;
generating a random number;
and combining the key seed and the random number into a key, wherein the key seed is a first key part of the key, and the random number is a second key part of the key.
Preferably, the obtaining the key seed includes:
generating a key seed;
or, determining a block to be stored with the first target data in the block chain, and obtaining a key seed corresponding to the block.
Preferably, before the storing the first key portion of the key in the state database of the blockchain, the method further includes:
determining the block to which the first target data is to be stored;
the storing a first key portion of the key to a state database of the blockchain includes:
and correspondingly storing a first key part of the key and the information of the block into a state database of the block chain.
In another aspect, the present application further provides a data reading method, including:
acquiring a query instruction, wherein the query instruction carries an identification number of second target data to be queried and identity identification information corresponding to a source node of the query instruction;
reading encrypted second target data from a blockchain based on the identification number of the second target data, wherein sensitive data in the encrypted second target data are encrypted;
under the condition that the source node is determined to have the access right of a state database in the block chain based on the identity identification information, acquiring a first key part related to the second target data from the state database;
determining a key based on the first key portion;
decrypting sensitive data in the encrypted second target data by using the secret key to obtain decrypted second target data;
and outputting the decrypted second target data to the source node.
Preferably, before the determining a key based on the first key portion, the method further includes:
obtaining a second key portion associated with the second target data from a blockchain;
said determining a key based on said first key portion, comprising:
combining the first key portion and the second key portion into a key.
Preferably, the obtaining the first key part associated with the second target data from the status database includes:
determining a block number and/or a transaction number corresponding to the encrypted second target data, wherein the block number is an identification number of a block used for storing the second target data in the block chain;
and acquiring a first key part associated with the second target data from the state database according to the block number and/or the transaction number.
Preferably, the reading the encrypted second target data from the blockchain based on the identification number of the second target data includes:
reading at least one encrypted tracing data corresponding to the second target data from at least one block of a block chain based on the identification number of the second target data, wherein sensitive data in the encrypted tracing data is encrypted;
the obtaining a first key portion associated with the second target data from the status database includes:
obtaining a first key part associated with the encrypted tracing data from the state database;
the decrypting sensitive data in the encrypted second target data by using the key to obtain the decrypted second target data includes:
decrypting sensitive data in the encrypted tracing data by using the key to obtain decrypted tracing data;
the sending the decrypted second target data to the source node includes:
and outputting second target data formed by the decrypted tracing data to the source node.
Preferably, the method further comprises the following steps:
and under the condition that the source node is determined not to have the access right of the state database based on the identity identification information, outputting the encrypted second target data to the source node, so that the source node acquires data except the sensitive data in the second target data.
In another aspect, the present application further provides an electronic device, including:
the data interface is used for obtaining first target data to be stored in a block chain, and the first target data comprises sensitive data;
a processor for generating a key, the key comprising at least a first key portion; storing a first key portion of the key into a state database of the blockchain, the state database having set access rights; encrypting sensitive data in the first target data by using the secret key to obtain encrypted first target data; storing the encrypted first target data into a block of the block chain.
In another aspect, the present application further provides another electronic device, including:
the processor is used for obtaining a query instruction, and the query instruction carries an identification number of second target data to be queried and identity identification information corresponding to a source node of the query instruction; reading encrypted second target data from a blockchain based on the identification number of the second target data, wherein sensitive data in the encrypted second target data are encrypted; under the condition that the source node is determined to have the access right of a state database in the block chain based on the identity identification information, acquiring a first key part related to the second target data from the state database; determining a key based on the first key portion; decrypting sensitive data in the encrypted second target data by using the secret key to obtain decrypted second target data;
and the data interface is used for outputting the decrypted second target data to the source node.
According to the scheme, under the condition that the target data to be stored contains sensitive data, the generated key is used for encrypting the sensitive data in the target data, then the encrypted target data is stored in the block chain, meanwhile, the first key part in the key for encrypting the sensitive data is stored in the state database of the block chain, and due to the fact that the state database has the set access right, only a user with the viewing right for the sensitive data can acquire the first key part from the database and generate the key, therefore, only a node corresponding to the user with the corresponding right can decrypt the sensitive data of the target data stored in the block chain, the risk of sensitive data leakage is reduced, and the safety of the sensitive data related to privacy and the like is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a schematic diagram of a composition architecture of a scenario to which the solution of the present application is applicable;
FIG. 2 is a schematic flow chart diagram illustrating an embodiment of a data storage method according to the present application;
FIG. 3 is a schematic flow chart diagram illustrating a data storage method according to another embodiment of the present application;
FIG. 4 is a schematic flow chart diagram illustrating a data storage method according to another embodiment of the present application;
FIG. 5 is a flowchart illustrating an embodiment of a data reading method according to the present application;
FIG. 6 is a flow chart illustrating a data reading method according to another embodiment of the present application;
FIG. 7 is a flow chart illustrating a data reading method according to another embodiment of the present application;
fig. 8 is a schematic structural diagram of an electronic device according to the present application.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings described above, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It should be understood that the data so used may be interchanged under appropriate circumstances such that embodiments of the application described herein may be practiced otherwise than as specifically illustrated.
Detailed Description
The scheme of the embodiment of the application is suitable for storing and reading data in the block chain, so that the safety of some sensitive data stored in the block chain is improved, and the sensitive data can be obtained by a user of a node with a viewing right as far as possible. Sensitive data may be data related to privacy, data that is desired to be disclosed only to users of a portion of nodes in the blockchain, or the like.
Fig. 1 is a schematic diagram illustrating a composition architecture of a scenario to which the present application is applied.
As can be seen from fig. 1, at least: a blockchain (also referred to as a blockchain network) 100, the blockchain 100 may be formed by a plurality of nodes 101, each of which may be an electronic device such as a server or a terminal.
Wherein, each node 101 in the blockchain 100 is connected with each other through a network.
Each node 101 may store data into the blockchain and may store data uploaded into the blockchain by other nodes in the blockchain.
Optionally, the scenario may further include a terminal device 102 capable of accessing the blockchain, where the terminal device does not belong to a node in the blockchain, but the terminal device may access the node in the blockchain network through the network to read data in the blockchain.
For example, taking a traceability scenario as an example, a blockchain may include multiple nodes of different users holding an item at different stages of its circulation.
Taking agricultural product traceability as an example, agricultural products may go through a plurality of links from production to final sale to consumers, such as agricultural product planting, agricultural product transportation, agricultural product sale, and the like, and therefore, the blockchain network may include nodes of agricultural product growers (agricultural product planting enterprises or agricultural product planting farmers), nodes of agricultural product transporters, and nodes of agricultural product sellers.
After the agricultural product grower produces the agricultural product, the agricultural product grower may store information on the production place, the producer, the grade, etc. of the agricultural product into the blockchain. Correspondingly, after the agricultural product planting party is transported by the agricultural product transporting party, the agricultural product planting party or the agricultural product transporting party can record the information that the agricultural products are transferred from the agricultural product planting party to the agricultural product transporting party in the block chain. And the agricultural product transport party can record the information of the agricultural product transport route, responsible party and the like in the block chain. And finally, after the agricultural product transport party transfers the agricultural products to the agricultural product seller, the agricultural product seller can record the information of the agricultural product transfer, the information of the agricultural product seller, the grade of the agricultural product and the like in the block chain. On the basis, each node in the block chain can inquire the related information of the agricultural products in each stage from planting to selling, and the tracing of the related data of the agricultural products is realized.
Meanwhile, in order to enable a consumer to inquire the traceability data of the agricultural product required to be purchased, the traceability data can also be inquired by accessing the blockchain through the terminal.
The data tracing scenario is taken as an example, but the scheme of the embodiment of the present application is also applicable to other scenarios requiring data storage and reading based on a block chain.
It can be understood that since data in the blockchain can be viewed not only by each node in the blockchain, but also by other terminal devices, some sensitive data related to personal privacy and the like may be leaked. For example, still taking the agricultural product traceability scenario as an example, some of the traceability data of the agricultural product may be private data related to a grower of the agricultural product, such as a seed purchase price of the agricultural product, personal information of a legal person of the grower of the agricultural product, and the private data may be viewed by at least each node in the blockchain once being stored in the blockchain, and actually, the grower may only want to view the agricultural product transporter and not want the agricultural product seller to view the private data.
In order to reduce the risk of leakage of sensitive data and improve the safety of the sensitive data in a block chain, the application provides a data storage method and a data reading method.
In conjunction with the above description of the blockchain, the data storage method of the present application is first described below with reference to a flowchart.
As shown in fig. 2, which shows a schematic flow diagram of an embodiment of a data storage method according to the present application, the method of this embodiment may be applied to a block chain, for example, the method of this embodiment may be executed by any node in the block chain, and this embodiment may include:
s201, first target data to be stored in the block chain is obtained.
For the sake of distinction, data to be stored into the blockchain is referred to as first target data.
Wherein the first target data comprises sensitive data. For example, part or all of the first target data is sensitive data.
S202, a key is generated, the key comprising at least a first key portion.
The key is a parameter for converting data into ciphertext or converting the ciphertext into data.
Wherein, the key can be a set key; the key may be generated according to the requirement, such as a key generated according to a set rule, or a randomly generated key.
In this embodiment, in order to avoid the key being leaked, the key in this application includes a first key portion for setting the access right, so as to store the first key portion in the state database of the block chain subsequently.
Wherein the first key portion may be part or all of the key. Optionally, the first key part is a part of the key, the key includes a first key part and a second key part, and the first key part and the second key part have different contents.
For example, the second key portion of the key is a set string, so that the key can be recovered only by obtaining the first key portion.
Optionally, in order to further reduce the risk of the key being cracked, the second key portion of the key may be dynamically generated. For example, a random number may be generated and used as the second part of the key, which may ensure that a transaction-key, i.e., the key used to encrypt data, is different each time data is stored to the blockchain.
Further, in practical applications, after determining a block in a block chain to which the first target data is to be stored, detecting whether the block has a second key portion corresponding to a key, and if so, directly obtaining the second key portion of the key corresponding to the block, for example, when data is first stored in the block, a random number may be generated, and the random number is used as the second key portion corresponding to the block. Correspondingly, if the data is not stored in the block to which the first target data is to be stored, and the second key portion corresponding to the block does not exist, a random number can be generated as the second key portion corresponding to the block.
Of course, the same applies to the present embodiment as to the manner in which the second key portion is obtained by other means.
S203, store the first key portion of the key in the state database of the block chain.
Unlike each block in the block chain, the state database in the block chain is only used for storing the current state information of the data in the block chain, and does not record the state change information of the data history. If the state of the data changes, the state of the data in the state database is updated, and the state of the data before updating is not reserved.
For example, taking a data tracing scenario as an example, after data of an article or information changes in a generating, circulating, and transmitting process of the article or information, the changed data of the article may be recorded in a block of a block chain, and meanwhile, data before the article or information may also exist in the block of the block chain. But the state database only records the state information corresponding to the current article or information. For example, when an agricultural product is transferred from an agricultural product planting party to an agricultural product transporting party, information of the agricultural product planting party of the agricultural product and some state data of the agricultural product in the case that the agricultural product is in the agricultural product planting party are recorded in a block of the block chain; after the agricultural products are transferred from the agricultural product planting party to the agricultural product transportation party, the blocks of the block chain not only maintain the recorded data related to the agricultural product planting party, but also record the information that the agricultural products are transferred from the agricultural product planting party to the agricultural product transportation party and the related information of the agricultural product transportation party in the corresponding information of the agricultural product planting party. The state database only records the current transfer of the agricultural product to the agricultural product transporter and some information of the agricultural product transporter.
Wherein the state database has a set access right. It is understood that access rights can be set in the state database in the blockchain, such as setting access rights to all data of the state database; alternatively, the access rights to the data or data tables in the state database may be different for different data or different data tables.
For example, in a possible implementation manner, a database splitting manner may be adopted, that is, the database tables that can be viewed from the state database by different nodes are different, and each node views the database table having access right in the state database of the node, so that the node can only access the database table that can be viewed by the node from the state database. For example, if node a is set in the state database to have access right to database table a and not to database table B, then the directory (or data query index, etc.) of the state database maintained by node a only has the path corresponding to the database table a, but does not have the directory corresponding to the database table B.
Accordingly, after storing the first key portion of the key in the state database, only nodes having access to the first key portion may obtain the first key portion from the state database, and thus may recover the key.
S204, the sensitive data in the first target data are encrypted by using the key, and the encrypted first target data are obtained.
The first target data of the encrypted sensitive data is called the encrypted first target data, and it can be seen that data portions of the first target data except the sensitive data are not encrypted, so that nodes in the blockchain can still query data portions of the first target data which do not belong to the sensitive data.
There are various ways of encrypting the sensitive data in the first target data by using the key, which is not limited in this application.
The step S203 and the step S204 may be interchanged or performed simultaneously, which is not limited.
S205, storing the encrypted first target data into the block of the block chain.
Storing the encrypted first target data into a block of the blockchain is similar to the process of storing data into a block in the blockchain. If so, after determining the block in the block chain in which the first target data is to be stored, storing the encrypted first target data in the block.
It is to be understood that, in the case that the key for encryption includes the first key portion and the second key portion, the encrypted first target data and the second key portion may also be stored in the block of the blockchain in order to recover the key. For example, the encrypted first target data and the second key part are stored into the block of the block chain correspondingly. For example, the first target data and the second key portion are stored in the same block; alternatively, the first target data and the second key portion are stored as a whole in a block of the blockchain.
Therefore, under the condition that the target data to be stored contains sensitive data, the generated key is used for encrypting the sensitive data in the target data, then the encrypted target data is stored in the block chain, meanwhile, the first key part in the key for encrypting the sensitive data is stored in the state database of the block chain, and as the state database has set access authority, only a user who has viewing authority for the sensitive data can acquire the first key part from the database and generate the key, so that only a node corresponding to the user with corresponding authority can decrypt the sensitive data of the target data stored in the block chain, the risk of sensitive data leakage is reduced, and the security of the sensitive data related to privacy and the like is improved.
To facilitate understanding of the key generation process, the following description is made in conjunction with an embodiment, and as shown in fig. 3, it shows a schematic flow chart of another embodiment of the data storage method of the present application, where the method of this embodiment may include:
s301, first target data to be stored in the block chain is obtained.
Wherein the first target data comprises sensitive data.
S302, a key seed is obtained as a first key portion of the key.
In one possible approach, the key seed may be generated after confirming that the first target data to be stored exists. Such as a randomly generated key seed or a key seed generated according to a set generation rule.
In yet another possible approach, a key seed currently used in the blockchain by the node that is to store the first target data may be obtained. For example, each node in the blockchain has a key seed that may be fixed or dynamically changing, but is fixed at a time. In this case, the key seed currently used by the node may be obtained before the node stores data into the blockchain.
Optionally, the block to be stored with the first target data in the block chain may be determined first, and a key seed corresponding to the block may be obtained. Each block in the block chain can uniquely correspond to one key seed. For example, the key seed corresponding to each block may be preset. For another example, when a node needs to store data into a block, detecting whether a key seed corresponding to the block exists, and if so, directly acquiring the key seed corresponding to the block; and if the key seed corresponding to the block does not exist, storing the key seed into the block.
S303, a random number is generated.
Wherein the random number is a second key portion of a key used to encrypt sensitive data in the first target data.
The random number generation can be beneficial to ensuring that the random numbers generated by storing data into the block chain at each time are different, so that the keys used for encrypting the data at each time are different, and the security of the keys is further beneficial to being improved.
S304, the key seed and the random array are combined into a key.
For example, the key seed and the random number are combined in a string order, and the combined string is used as the key. Of course, there may be other ways to generate the key as long as the key is guaranteed to be composed of two parts, namely, the key seed and the random number.
S305, the sensitive data in the first target data is encrypted by using the key, and the encrypted first target data is obtained.
S306, the encrypted first target data and the random number are stored in the block of the block chain.
The steps S306 and S307 can refer to the related description of the previous embodiment.
S307, storing the key seed of the key in the state database of the block chain.
The step S307 may be executed after the steps S305 to S306, or may be executed before the steps S305 to S306, as long as the step S is executed after the key seed is determined.
In this embodiment, the key used for encrypting the data is composed of a key seed and a random number, so that the random number generated by storing the data in the block chain every time is different, and the key used for encrypting every time is different, thereby further improving the security of the key and reducing the risk of the key being cracked.
It will be appreciated that after storing the first key portion of the key in the state database, there are many possibilities if the first key portion corresponding to the encrypted first target data needs to be queried subsequently.
For example, in one possible scenario, the corresponding first key portion may be queried from the state database based on the identification information of the first target data. For example, when the first key portion is stored in the state database, the first key portion may be stored in association with the identification information of the first target data, so as to query the first key portion corresponding to the identification information of the first target data.
For another example, when the data is stored in the blockchain, a transaction number of the data stored this time may be generated, and if the transaction number may uniquely identify the data stored this time, the transaction number of the first target data may be confirmed after the encrypted first target data is stored. And stores the transaction number in association with the first key portion to a state database.
For another example, in a case that the first key portion corresponding to each block is fixed, after the block for the first target data (encrypted first target data) is determined, the first key portion of the key may be stored in the state database of the block chain in correspondence with information (such as a block number or other identification information) of the block. On the basis, after the first target data is subsequently read, the first key part corresponding to the information of the block can be inquired from the state database according to the block where the first target data is located, so that the first key part can be inquired more quickly and efficiently.
For ease of understanding, a unique first key portion corresponding to each tile is illustrated. For example, referring to fig. 4, which shows a schematic flow chart of another embodiment of the data storage method of the present application, the method of the present embodiment may include:
s401, first target data to be stored in a block chain are obtained.
The first target data comprises sensitive data.
S402, determining the block to be stored with the first target data in the block chain.
For example, according to the situation that each block in the block chain stores data, the block in which the first target data is to be stored can be obtained, so as to obtain the block number of the block or other identification information of the block. The block number is an identifier for uniquely identifying the block.
S403, obtain the key seed corresponding to the block.
If the key seed corresponding to the block already exists, for example, the seed of the block is preset, or when other nodes store data to the block, the key seed is generated for the block already, the key seed of the block can be directly obtained.
And if the key seed corresponding to the block does not exist, generating the key seed for the block. For example, the key seed is generated randomly or according to a set rule.
S404, a random number is generated.
S405, the key seed and the random number are combined into a key.
In this embodiment, the key is exemplified by a key seed as a first key portion and a random array as a second key portion, and when the key includes only the first key portion such as the key seed, step S404 needs to be executed, and the key may be generated based on the first key portion such as the key seed directly.
S406, the sensitive data in the first target data are encrypted by using the key, and the encrypted first target data are obtained.
S407, storing the first target data and the random number into the block of the block chain.
S408, correspondingly storing the key seed and the information of the block into the state database of the block chain.
If so, storing the key seed and the block number of the block correspondingly in a state database of the block chain.
It will be appreciated that since each block corresponds uniquely to one key seed (or other first key portion), repeated storage may not be necessary if the key seed corresponding to that block is already stored in the state database.
Specifically, it may be firstly queried whether the state database stores the key seed corresponding to the block, and if not, the key seed and the information of the block are correspondingly stored in the state database.
Of course, if the block corresponds to the preset key seed and the node updates the key seed corresponding to the block, even if the key seed corresponding to the block is stored in the status database, the key seed stored in the status database is the historical key seed, so that the key seed corresponding to the block in the status database is more currently the key seed generated for the block.
Therefore, on the basis of the embodiment, the corresponding key seeds can be directly inquired from the state database subsequently and directly according to the block for storing the first target data, so that the key can be recovered more quickly.
It is understood that fig. 4 is an example of a case where the status database stores the first key portion, but if the first key portion needs to be located by the identification information, the transaction number, or the combination of the transaction number and the block number of the first target data, only the identification information, the transaction number, or the transaction number and the block number of the first target data need to be stored in the status database in an associated manner.
The data storage method of the present application is described below with reference to the description of a data reading method of the present application. The data reading method of the application is a method for reading data from a block chain on the basis of the previous data storage method.
As shown in fig. 5, which shows a schematic flow chart of an embodiment of a data reading method according to the present application, the embodiment is applied to a block chain, and the embodiment may include:
s501, obtaining a query instruction.
The query instruction carries an identification number of the second target data to be queried and identity identification information corresponding to a source node of the query instruction.
The query instruction is used for requesting to read the second target data from the blockchain. The second target data is data already stored in the blockchain, and data that needs to be read in order to distinguish the second target data from data previously stored in the blockchain is called the second target data.
For example, the second target data is data previously stored into the blockchain by one or more storage operations. For example, taking a data tracing scenario as an example, since a plurality of links are required to be involved in a circulation process of an article and the like, each link involves storing data into a block chain, and when the data is traced, the data of the plurality of links in the circulation process of the article may need to be read at one time.
S502, based on the identification number of the second target data, the encrypted second target data is read from the block chain.
Wherein the sensitive data in the encrypted second target data is encrypted.
The identification number of the second target data is used for indicating and identifying a specific data range contained in the second target data to be queried. Accordingly, all data belonging to the second target data can be searched from the block chain according to the identification number.
For example, still taking the data tracing scenario as an example, if tracing data of a certain agricultural product is queried, the number of the agricultural product may be used as the identification number of the second target data, so that multiple pieces of data corresponding to the number of the agricultural product may be queried from each blockchain of the blockchain according to the number of the agricultural product.
It is to be understood that, in the case that the second target data includes multiple copies of data, the multiple copies of data may be data stored into the block chain at different times, in which case, the multiple copies of data may be stored in different blocks of the block chain, and therefore, the multiple copies of data need to be read from the respective blocks of the block chain where the multiple copies of data are located. At least one of the plurality of data sets is encrypted data, and sensitive data included in the encrypted data is encrypted.
S503, in a case that it is determined that the source node has an access right to the state database in the block chain based on the identity information, obtaining the first key part associated with the second target data from the state database.
The identity information corresponding to the source node can represent the identity of the source node, and correspondingly, the access authority of the source node to the state database can be determined according to the identity information of the source node.
It can be understood that, in the case that the state database is provided with an access right, only the node having access to the state database may access the state database, so that the first key part associated with the second target data may be acquired.
Optionally, the state database is in a form of database splitting and table splitting, that is, under the condition that different access rights are set for different data or database tables, whether the source node has a right to access the first key portion associated with the second target data may be detected according to the identity information, and if so, the first key portion may be read; if not, the authority of obtaining the first key part is not provided, and of course, corresponding prompt information can be output to the source node.
As can be seen from the foregoing description of the data storage method, the manner of obtaining the first key portion associated with the second target data from the status database in the present application may be various:
for example, in one possible case, the first key portion corresponding to the identification number may be queried according to the identification number of the second target data. In particular, in the case where the second target data includes multiple copies of data, and at least one of the multiple copies of data is encrypted data, since different copies of encrypted data may not be stored in the block chain at the same time, the keys corresponding to the different copies of encrypted data are different. In this case, the first key portion associated with the encrypted piece of data may be queried for identification information of the encrypted piece of data.
In yet another possible case, when storing the first key portion associated with the second target data, if the block number and/or the transaction number corresponding to the first key portion and the second target data are stored in the status database, the first key portion associated with the second target data may be obtained from the status database according to the block number and/or the transaction number. Wherein the block number is used to uniquely identify a block. The transaction number may characterize a data storage operation in a block or a data storage operation in a chain of blocks.
For example, when the second target data is read from the blockchain according to the identification number of the second target data, the block number and/or transaction number corresponding to the second target data can be determined. Or, according to the identification number of the second target data, the block number corresponding to the block where the second target data is located and the transaction number corresponding to the second target data can be directly queried.
Similar to the previous possible scenario, if the second target data includes multiple copies of data, and the multiple copies of data include at least one encrypted piece of data, for each encrypted piece of data, the first key portion associated with the encrypted piece of data may be queried from the status database according to the block number and/or transaction number corresponding to the encrypted piece of data.
S504, a key is determined based on the first key portion.
For example, the first key portion is determined as a key, or the first key portion is converted into a key according to a key generation rule. Specifically, determining the key based on the first key portion is similar to the previous process of generating the key, and is not described herein again.
And S505, decrypting the sensitive data in the encrypted second target data by using the secret key to obtain the decrypted second target data.
If the process of decrypting the encrypted sensitive data in the encrypted second target data by using the key is the reverse process of the encryption process of the sensitive data in the second target data, the sensitive data in the second target data can be directly decrypted according to the reverse process of the encryption of the sensitive data, so that the second target data of which the sensitive data is not encrypted is obtained.
It will be appreciated that when the second target data comprises at least one copy of encrypted data, for each copy of encrypted data, a first key portion associated with the copy of encrypted data may be used to generate a key that matches the copy of encrypted data, and then the key may be used to decrypt sensitive data in the copy of encrypted data.
S506, the decrypted second target data is output to the source node.
It will be appreciated that data processing at any node in the blockchain may be involved in reading data from the blockchain, for example, a source node may be involved in sending a query to each node in the blockchain to obtain decrypted second target data, in which case the node in the blockchain may send the second target data to the source node after obtaining the second target data. As another example, it may be that the source node obtains the query instruction based on the user operation, and needs to perform reading of the second target data from the blockchain, in which case this step may be understood as that the source node directly outputs the decrypted second target data.
It can be seen that, after the blockchain receives the query instruction requesting to read the second target data, it is detected whether the source node of the query instruction has the right to obtain the first key portion associated with the second target data from the state database of the blockchain, and only when the source node has the right to query the first key portion from the state database, the source node reads the first key portion and generates a key using the first key portion, and decrypts sensitive data in the second target data of the blockchain based on the key. Therefore, by setting the authority of the state database, the node which has the function of inquiring corresponding sensitive data can check the sensitive data, thereby avoiding the risk of leakage of the sensitive data and improving the safety of the sensitive data in the block chain.
It can be understood that, in order to enable each node in the blockchain to query as a part of the second target data that does not belong to the sensitive data, in the case that it is determined based on the identification information that the source node does not have the access right of the state database, the encrypted second target data may be output to the source node, so that the source node obtains data, except for the sensitive data, in the second target data.
It will be appreciated that, as can be seen from the foregoing data storage method, the key used in the present application to encrypt the sensitive data may also include a first key portion and a second key portion, in which case, the second key portion associated with the second target data may also be obtained from the blockchain before the key is determined based on the first key portion. For example, the second key portion associated with the second target data is read at the same time the second target data is read. Accordingly, the first key portion and the second key portion may be grouped into a key.
This is explained in detail below with reference to fig. 6. As shown in fig. 6, which shows a schematic flow chart of another embodiment of the data reading method of the present application, the method of this embodiment may include:
s601, obtaining a query instruction.
The query instruction carries an identification number of the second target data to be queried and identity identification information corresponding to a source node of the query instruction.
S602, reading the encrypted second target data from the blockchain based on the identification number of the second target data.
Wherein the sensitive data in the encrypted second target data is encrypted.
The steps S601 and S602 can refer to the related description of the previous embodiment, and are not described herein again.
S603, determining the block number and/or the transaction number corresponding to the encrypted second target data.
The block number is an identification number of a block in the block chain for storing the second target data.
For example, when the encrypted second target data is read from the blockchain, the block number corresponding to the block in which the second target data is located may be obtained, and the transaction number for storing the second target data may also be obtained. Of course, the manner of obtaining the block number and the transaction number by other means is also applicable to the present embodiment.
S604, when it is determined that the source node has the access right to the state database in the block chain based on the identity information, obtaining the first key portion associated with the second target data from the state database according to the block number and/or the transaction number.
The present embodiment takes the example of obtaining the first key portion based on the block number and/or transaction number, but the same applies to the present embodiment for the other cases mentioned earlier.
S605, according to the block number and/or the transaction number, a second key portion associated with the second target data is queried from the block chain.
For example, the second key portion may be a random number or the like as mentioned in the previous embodiments.
Wherein the chunk and/or transaction number may uniquely represent the second key portion associated with the second target data, and therefore the second key portion may be located from the chain of chunks.
Of course, in practical applications, if the second target data is stored in association with the second key portion, the second key portion associated with the second target data may also be read while the second target data is read from the blockchain.
S606, the first key portion and the second key portion are combined into a key.
S607, the key is used to decrypt the sensitive data in the encrypted second target data, so as to obtain the decrypted second target data.
S608, the decrypted second destination data is output to the source node.
The steps S606 to S608 can refer to the related description of the previous embodiment, and are not described herein again.
It is to be understood that, when the present application is applied to a tracing scenario, the encrypted second target data may refer to one or more encrypted tracing data, in which case, the sensitive data in each tracing data needs to be decrypted separately.
As shown in fig. 7, which shows a schematic flow chart of another embodiment of the data reading method of the present application, the method of this embodiment may include:
s701, obtaining a query instruction.
The query instruction carries an identification number of the second target data to be queried and identity identification information corresponding to a source node of the query instruction.
S702, based on the identification number of the second target data, reading at least one encrypted tracing data corresponding to the second target data and a second key portion associated with each encrypted tracing data from at least one block of the block chain.
Wherein the sensitive data in the encrypted tracing data is encrypted.
For example, still taking agricultural product traceability as an example, if the second target data to be queried is the traceability data of a certain agricultural product, the second target data may include traceability data of an agricultural product grower of the agricultural product, traceability data related to the agricultural product transporter, traceability data related to an agricultural product seller, and the like.
If the several tracing data include sensitive data, the sensitive data in each tracing data may be encrypted in the previous data storage method, and accordingly, the second target data includes multiple encrypted tracing data. If only one or part of the tracing data in the tracing data comprises the sensitive data, only the tracing data containing the sensitive data is related to the encrypted tracing data.
In this embodiment, it is exemplified that the key corresponding to each encrypted tracing data includes a first key portion and a second key portion, and the second key portion associated with the encrypted tracing data is obtained while the encrypted data is read from the blockchain. It is understood that, for each encrypted tracing data, the manner of obtaining the second key part associated with the encrypted tracing data mentioned in the foregoing embodiments is also applicable to this embodiment. In addition, the same applies to the present embodiment for the case where the key includes only the first key portion, in which case the operation of obtaining the second key portion need not be performed.
And S703, determining a block number and/or a transaction number corresponding to the encrypted tracing data for each encrypted tracing data.
S704, when it is determined that the source node has the access right of the state database in the block chain based on the identity information, obtain the first key portion associated with the encrypted tracing data from the state database according to the block number and/or the transaction number corresponding to the encrypted tracing data.
The present embodiment takes the example of obtaining the first key portion based on the block number and/or transaction number, but the same applies to the present embodiment for the other cases mentioned earlier.
S705, the first key portion and the second key portion are combined into a key corresponding to the encrypted tracing data.
Since the first key part and the second key part corresponding to each tracing data may be different, the key generated for each tracing data may also be different.
S706, the sensitive data in the encrypted tracing data is decrypted by using the key, and the decrypted tracing data is obtained.
After the key corresponding to the tracing data is obtained, the encrypted sensitive data in the tracing data can be decrypted by using the key. In this way, all encrypted tracing data in the second target data can be decrypted in this way.
And S707, sending the second target data formed by the decrypted tracing data to the source node.
As can be seen, in the data tracing scenario, each piece of tracing data may be stored in the blockchain in batches, so that for each data tracing, the sensitive data in the tracing data can be encrypted under the condition that the sensitive data exists in the tracing data, and thus, only the node having the first key part associated with the tracing data in the query state database can obtain the first key part and can decrypt the sensitive data in the tracing data subsequently, which is beneficial to ensuring the security of the sensitive data in each piece of tracing data.
In yet another aspect, the present application provides an electronic device that may be a node in a blockchain.
As shown in fig. 8, which shows a schematic view of a composition structure of an electronic device according to the present application, the electronic device of the present embodiment at least includes: a data interface 801 and a processor 802.
The data interface 801 is configured to obtain first target data to be stored in a block chain, where the first target data includes sensitive data;
a processor 802 for generating a key, the key comprising at least a first key portion; storing a first key portion of the key into a state database of the blockchain, the state database having set access rights; encrypting sensitive data in the first target data by using the secret key to obtain encrypted first target data; storing the encrypted first target data into a block of the block chain.
Optionally, the electronic device may further include a memory 803 for storing a program required for the processor to perform the operation. Of course, the electronic device may further include: a display unit, an input unit, and the like, without limitation.
In one possible implementation, the processor-generated key further includes: a second key portion;
the processor is specifically configured to, when storing the encrypted first target data in a block of the block chain, store the encrypted first target data and the second key part in a block of the block chain.
Optionally, the processor is specifically configured to obtain a key seed when generating the key; generating a random number; and combining the key seed and the random number into a key, wherein the key seed is a first key part of the key, and the random number is a second key part of the key.
Optionally, the processing is specifically configured to generate the key seed when obtaining the key seed; or, determining a block to be stored with the first target data in the block chain, and obtaining a key seed corresponding to the block.
In yet another possible implementation, the processor is further configured to determine the block to which the first target data is to be stored before the storing of the first key portion of the key in the state database of the block chain;
when the processor stores the first key portion of the key in the state database of the block chain, the processor is specifically configured to store the first key portion of the key and the information of the block in the state database of the block chain in a corresponding manner.
In yet another aspect, the present application provides another electronic device, which includes at least a processor and a data interface, and the constituent interfaces of the electronic device can also be referred to as shown in fig. 8.
In this embodiment, the processor of the electronic device is configured to obtain a query instruction, where the query instruction carries an identification number of second target data to be queried and identity identification information corresponding to a source node of the query instruction; reading encrypted second target data from a blockchain based on the identification number of the second target data, wherein sensitive data in the encrypted second target data are encrypted; under the condition that the source node is determined to have the access right of a state database in the block chain based on the identity identification information, acquiring a first key part related to the second target data from the state database; determining a key based on the first key portion; decrypting sensitive data in the encrypted second target data by using the secret key to obtain decrypted second target data;
the data interface is configured to output the decrypted second target data to the source node.
Optionally, the electronic device may also include a memory for storing programs needed for the processor to perform the operations. Of course, the electronic apparatus may further include an input unit and a display unit, and the like.
Optionally, the processor is further configured to, when it is determined based on the identification information that the source node does not have the access right of the state database, output the encrypted second target data to the source node, so that the source node obtains data, except the sensitive data, in the second target data.
In a possible implementation, the processor is further configured to obtain a second key portion associated with the second target data from the blockchain before the determining a key based on the first key portion;
the processor is specifically configured to combine the first key portion and the second key portion into a key when determining the key based on the first key portion.
In another possible implementation manner, when the processor obtains the first key portion associated with the second target data from the state database, the processor is specifically configured to:
determining a block number and/or a transaction number corresponding to the encrypted second target data, wherein the block number is an identification number of a block used for storing the second target data in the block chain;
and acquiring a first key part associated with the second target data from the state database according to the block number and/or the transaction number.
In another possible implementation manner, when reading the encrypted second target data from the blockchain based on the identification number of the second target data, the processor is specifically configured to: reading at least one encrypted tracing data corresponding to the second target data from at least one block of a block chain based on the identification number of the second target data, wherein sensitive data in the encrypted tracing data is encrypted;
the processor is used for acquiring the first key part associated with the encrypted tracing data from the state database when acquiring the first key part associated with the second target data from the state database;
correspondingly, when the processor decrypts the sensitive data in the encrypted second target data by using the key to obtain the decrypted second target data, the processor is specifically configured to:
decrypting sensitive data in the encrypted tracing data by using the key to obtain decrypted tracing data;
when sending the decrypted second target data to the source node, the data interface specifically outputs the second target data composed of each decrypted source tracing data to the source node.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A method of data storage, comprising:
obtaining first target data to be stored in a block chain, wherein the first target data comprises sensitive data;
generating a key, the key comprising at least a first key portion;
storing a first key portion of the key into a state database of the blockchain, the state database having set access rights;
encrypting sensitive data in the first target data by using the secret key to obtain encrypted first target data;
storing the encrypted first target data into a block of the block chain;
the key further comprises: a second key portion;
the storing the encrypted first target data into a block of the block chain includes:
storing the encrypted first target data and the second key portion into a block of the block chain.
2. The method of claim 1, the generating a key, comprising:
obtaining a key seed;
generating a random number;
and combining the key seed and the random number into a key, wherein the key seed is a first key part of the key, and the random number is a second key part of the key.
3. The method of claim 2, the obtaining a key seed, comprising:
generating a key seed;
or, determining a block to be stored with the first target data in the block chain, and obtaining a key seed corresponding to the block.
4. The method of claim 1, further comprising, prior to the storing the first key portion of the key in a state database of the blockchain:
determining the block to which the first target data is to be stored;
the storing a first key portion of the key to a state database of the blockchain includes:
and correspondingly storing a first key part of the key and the information of the block into a state database of the block chain.
5. A data reading method comprising:
acquiring a query instruction, wherein the query instruction carries an identification number of second target data to be queried and identity identification information corresponding to a source node of the query instruction;
reading encrypted second target data from a blockchain based on the identification number of the second target data, wherein sensitive data in the encrypted second target data are encrypted;
under the condition that the source node is determined to have the access right of a state database in the block chain based on the identity identification information, acquiring a first key part related to the second target data from the state database;
determining a key based on the first key portion;
decrypting sensitive data in the encrypted second target data by using the secret key to obtain decrypted second target data;
outputting the decrypted second target data to the source node;
prior to said determining a key based on said first key portion, further comprising:
obtaining a second key portion associated with the second target data from a blockchain;
said determining a key based on said first key portion, comprising:
combining the first key portion and the second key portion into a key.
6. The method of claim 5, the retrieving the first key portion associated with the second target data from the status database, comprising:
determining a block number and/or a transaction number corresponding to the encrypted second target data, wherein the block number is an identification number of a block used for storing the second target data in the block chain;
and acquiring a first key part associated with the second target data from the state database according to the block number and/or the transaction number.
7. The method of claim 5, wherein reading the encrypted second target data from the blockchain based on the identification number of the second target data comprises:
reading at least one encrypted tracing data corresponding to the second target data from at least one block of a block chain based on the identification number of the second target data, wherein sensitive data in the encrypted tracing data is encrypted;
the obtaining a first key portion associated with the second target data from the status database includes:
obtaining a first key part associated with the encrypted tracing data from the state database;
the decrypting sensitive data in the encrypted second target data by using the key to obtain the decrypted second target data includes:
decrypting sensitive data in the encrypted tracing data by using the key to obtain decrypted tracing data;
the sending the decrypted second target data to the source node includes:
and outputting second target data formed by the decrypted tracing data to the source node.
8. The method of claim 5, further comprising:
and under the condition that the source node is determined not to have the access right of the state database based on the identity identification information, outputting the encrypted second target data to the source node, so that the source node acquires data except the sensitive data in the second target data.
9. An electronic device, comprising:
the data interface is used for obtaining first target data to be stored in a block chain, and the first target data comprises sensitive data;
a processor for generating a key, the key comprising at least a first key portion; storing a first key portion of the key into a state database of the blockchain, the state database having set access rights; encrypting sensitive data in the first target data by using the secret key to obtain encrypted first target data; storing the encrypted first target data into a block of the block chain;
the key further comprises: a second key portion;
the storing the encrypted first target data into a block of the block chain includes:
storing the encrypted first target data and the second key portion into a block of the block chain.
10. An electronic device, comprising:
the processor is used for obtaining a query instruction, and the query instruction carries an identification number of second target data to be queried and identity identification information corresponding to a source node of the query instruction; reading encrypted second target data from a blockchain based on the identification number of the second target data, wherein sensitive data in the encrypted second target data are encrypted; under the condition that the source node is determined to have the access right of a state database in the block chain based on the identity identification information, acquiring a first key part related to the second target data from the state database; determining a key based on the first key portion; decrypting sensitive data in the encrypted second target data by using the secret key to obtain decrypted second target data;
a data interface for outputting the decrypted second target data to the source node; prior to said determining a key based on said first key portion, further comprising:
obtaining a second key portion associated with the second target data from a blockchain;
said determining a key based on said first key portion, comprising:
combining the first key portion and the second key portion into a key.
CN201911029706.XA 2019-10-28 2019-10-28 Data storage and reading method and electronic equipment Active CN110765488B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911029706.XA CN110765488B (en) 2019-10-28 2019-10-28 Data storage and reading method and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911029706.XA CN110765488B (en) 2019-10-28 2019-10-28 Data storage and reading method and electronic equipment

Publications (2)

Publication Number Publication Date
CN110765488A CN110765488A (en) 2020-02-07
CN110765488B true CN110765488B (en) 2021-11-16

Family

ID=69334035

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911029706.XA Active CN110765488B (en) 2019-10-28 2019-10-28 Data storage and reading method and electronic equipment

Country Status (1)

Country Link
CN (1) CN110765488B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112835912B (en) * 2021-04-20 2021-08-03 卓尔智联(武汉)研究院有限公司 Data storage method and device based on block chain and storage medium
CN114629684A (en) * 2022-02-16 2022-06-14 深圳番多拉信息科技有限公司 Permission token processing method, system, device and storage medium based on block chain
CN114666064A (en) * 2022-03-25 2022-06-24 广东启链科技有限公司 Block chain-based digital asset management method, device, storage medium and equipment

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10686612B2 (en) * 2015-07-30 2020-06-16 Hewlett Packard Enterprise Development Lp Cryptographic data
US11658810B2 (en) * 2016-03-23 2023-05-23 Telefonaktiebolaget Lm Ericsson (Publ) Cyber-physical context-dependent cryptography
CN106991334B (en) * 2016-11-24 2021-03-02 创新先进技术有限公司 Data access method, system and device
CN107862215B (en) * 2017-09-29 2020-10-16 创新先进技术有限公司 Data storage method, data query method and device
CN111865586B (en) * 2017-11-23 2023-01-10 创新先进技术有限公司 Method and device for encrypting product information
CN108848063B (en) * 2018-05-24 2021-05-07 苏州朗润创新知识产权运营有限公司 Block chain-based data processing method, system and computer-readable storage medium
CN108964905A (en) * 2018-07-18 2018-12-07 胡祥义 A kind of safe and efficient block chain implementation method
CN111614464B (en) * 2019-01-31 2023-09-29 创新先进技术有限公司 Method for safely updating secret key in blockchain, node and storage medium

Also Published As

Publication number Publication date
CN110765488A (en) 2020-02-07

Similar Documents

Publication Publication Date Title
CN110765488B (en) Data storage and reading method and electronic equipment
CN106127075B (en) Encryption method can search for based on secret protection under a kind of cloud storage environment
US9641338B2 (en) Method and apparatus for providing a universal deterministically reproducible cryptographic key-pair representation for all SKUs, shipping cartons, and items
CN109784931B (en) Query method of data query platform based on blockchain
US20180232731A1 (en) Supply chain recording method with traceable function by implementing blockchain technique
US8745370B2 (en) Secure sharing of data along supply chains
CN108960863A (en) A kind of food block chain retroactive method, device and electronic equipment
CN107431622A (en) The blocking tracking in supply chain occurs
CN110457930A (en) The attribute base encryption method and system of the hiding traceable revocation malicious user of strategy
CN110502922B (en) Article circulation link tracing method and device based on block chain and electronic equipment
JP5669101B2 (en) Information processing apparatus and information processing system
CN111538786B (en) Block chain data desensitization and tracing storage method and device
CA2845342C (en) Configurable key-based data shuffling and encryption
CN109905351B (en) Method, device, server and computer readable storage medium for storing data
CN110851865B (en) Resource data processing method, device, system and storage medium
US20210365594A1 (en) Cryptographic Data Storage
US10284534B1 (en) Storage system with controller key wrapping of data encryption key in metadata of stored data item
CN112070516A (en) Product tracing method and device and block chain system
US10594473B2 (en) Terminal device, database server, and calculation system
CN114491637A (en) Data query method and device, computer equipment and storage medium
JP5969716B1 (en) Data management system, data management program, communication terminal, and data management server
CN117371010A (en) Data trace query method, electronic device and readable storage medium
KR20200055411A (en) Contract apparatus and method of blockchain using location information
CN115643090A (en) Longitudinal federal analysis method, device, equipment and medium based on privacy retrieval
JP7269194B2 (en) Information sharing management method and information sharing management device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant