CN110851843A - Data management method and device based on block chain - Google Patents
Data management method and device based on block chain Download PDFInfo
- Publication number
- CN110851843A CN110851843A CN201910949871.0A CN201910949871A CN110851843A CN 110851843 A CN110851843 A CN 110851843A CN 201910949871 A CN201910949871 A CN 201910949871A CN 110851843 A CN110851843 A CN 110851843A
- Authority
- CN
- China
- Prior art keywords
- data
- target data
- identification information
- block chain
- index
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 62
- 238000013523 data management Methods 0.000 title claims abstract description 39
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 34
- 238000004364 calculation method Methods 0.000 claims description 6
- 238000007726 management method Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 description 7
- 238000004590 computer program Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000000126 substance Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The embodiment of the specification discloses a data management method and device based on a block chain, the data management method and device based on the block chain are applied to terminal equipment, and the method at least comprises the following steps: determining target data to be stored in a block chain and identification information of the target data; calculating a first abstract value of the target data according to a preset abstract algorithm; encrypting the target data by using a first key to form ciphertext data; and storing the ciphertext data, the first abstract value and the identification information in a block chain in an associated manner. Through the technical scheme of the embodiment of the specification, the data can be more effectively prevented from being stolen and tampered by an intruder, so that the data security is improved.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a method and an apparatus for block chain-based data management.
Background
The blockchain verifies and stores data by using a chain data structure, generates and updates data by using a distributed node consensus algorithm, and ensures the safety of data transmission and access among various distributed nodes by using a cryptographic mode. The blockchain technology is a decentralized distributed database technology in nature, and data is stored in each accounting node of the blockchain network in a public and transparent mode, so that the data stored to the blockchain has the characteristic of being not tampered.
For an ordinary user, the data of the user is stored in each accounting node of the blockchain network in a public and transparent manner, and the risk that the data of the user is maliciously stolen by an intruder is increased. Moreover, the terminal device daily used by the user can usually access the blockchain network, but may not join the blockchain network as a node of the blockchain network; in this way, an intruder may tamper with the data for a specific business purpose during the process of the terminal device obtaining the data from the blockchain.
Therefore, how to more effectively avoid the data being stolen and tampered by the intruder, so as to improve the security of the data becomes an urgent problem to be solved.
Disclosure of Invention
The embodiment of the specification provides a block chain-based data management method and device, which can more effectively avoid data stealing and tampering by an intruder, thereby improving data security.
In a first aspect, a data management method based on a block chain is provided, where the method is applied to a terminal device, and the method includes:
determining target data to be stored in a block chain and identification information of the target data;
calculating a first abstract value of the target data according to a preset abstract algorithm;
encrypting the target data by using a first key to form ciphertext data;
and storing the ciphertext data, the first abstract value and the identification information in a block chain in an associated manner.
In one possible embodiment of the method according to the invention,
after the storing the ciphertext data, the first digest value, and the identification information in association with a blockchain, the method further comprises: and adding the identification information as an index item to a data index table.
In one possible embodiment of the method according to the invention,
the identification information includes: the file name corresponding to the target data and a first time corresponding to the target data when the target data is determined.
In one possible embodiment of the method according to the invention,
the adding the identification information as an index entry to a data index table includes:
detecting whether a first index entry exists in each index entry contained in the data index table, wherein the first index entry contains the file name;
and if the first index item exists, updating the second time contained in the first index item to the first time.
In one possible embodiment of the method according to the invention,
the associating and storing the ciphertext data, the first digest value, and the identification information to a blockchain includes:
writing the ciphertext data, the first digest value, and the identification information into a data field of a transaction, and issuing the transaction to a blockchain network through a node of the blockchain network, such that the transaction is packed into a block, which is added to the blockchain.
In a second aspect, a method for block chain-based data management is provided, where the method is applied to a terminal device, and the method includes:
determining identification information of target data to be acquired;
acquiring ciphertext data and a first abstract value which are associated with the identification information from a block chain;
decrypting the ciphertext data by using a second key to obtain the target data, wherein the second key is the same as or corresponds to a first key used when encrypting the target data to form the ciphertext data;
calculating a second abstract value of the target data according to a preset abstract algorithm;
in a case where the first digest value and the second digest value are the same, it is determined that the target data has not been tampered, and the target data is provided.
In one possible embodiment of the method according to the invention,
before the determining the identification information of the target data to be acquired, the method further includes: providing a data index table to a user, wherein the data index table comprises at least one index entry;
the determining the identification information of the target data to be acquired includes: and responding to the trigger of a user on a second index item in the at least one index item, and determining the second index item as the identification information of the target data to be acquired.
In a third aspect, an apparatus for block chain-based data management is provided, where the apparatus is applied to a terminal device, and the apparatus includes:
an information determination unit configured to determine target data to be stored to a blockchain and identification information of the target data;
the abstract calculation unit is configured to calculate a first abstract value of the target data according to a preset abstract algorithm;
an encryption processing unit configured to encrypt the target data with a first key to form ciphertext data;
and the storage processing unit is configured to store the ciphertext data, the first digest value and the identification information in a block chain in an associated manner.
In one possible embodiment of the method according to the invention,
the device further comprises: and the index management unit is configured to add the identification information as an index item to a data index table.
In a fourth aspect, an apparatus for block chain-based data management is provided, where the apparatus is applied to a terminal device, and the apparatus includes:
an information determination unit configured to determine identification information of target data to be acquired;
the data acquisition unit is configured to acquire ciphertext data and a first abstract value which are associated with the identification information from a block chain;
a decryption processing unit configured to decrypt the ciphertext data using a second key to obtain the target data, wherein the second key is the same as or corresponds to a first key used when encrypting the target data to form the ciphertext data;
the abstract calculation unit is configured to calculate a second abstract value of the target data according to a preset abstract algorithm;
a data providing unit configured to determine that the target data has not been tampered and provide the target data in a case where the first digest value and the second digest value are the same.
In a fifth aspect, a computer-readable storage medium is provided, on which a computer program is stored, which, when executed in a computing device, implements the method according to any of the first and second aspects.
A sixth aspect provides a terminal device, comprising a memory and a processor, wherein the memory stores executable code, and the processor executes the executable code to implement the method according to any one of the first and second aspects.
By the data management method and the data management device provided in the embodiments of the present specification, on one hand, the block chain does not directly store the target data, and even if an intruder can obtain the ciphertext data of the target data from the block chain, the target data cannot be stolen because the key required for decrypting the ciphertext data cannot be known; on the other hand, the ciphertext data, the first digest value and the identification information are stored in the block chain in an associated manner, so that the terminal device can acquire the ciphertext data and the first digest value associated with the terminal device from the block chain based on the identification information, and the first digest value can be used for verifying the integrity of the target data corresponding to the ciphertext data, thereby being beneficial to reducing the possibility of tampering the target data by an intruder. In summary, the technical solutions provided in the embodiments of the present disclosure can more effectively prevent data from being stolen and tampered by an intruder, thereby improving the security of data.
Drawings
FIG. 1 is a system framework diagram of an embodiment of the present description;
fig. 2 is a flowchart of a data management method based on a block chain provided in an embodiment of the present specification;
fig. 3 is a flowchart of another block chain-based data management method provided in an embodiment of the present specification;
fig. 4 is a flowchart of another block chain-based data management method provided in an embodiment of the present specification;
fig. 5 is a schematic structural diagram of a data management apparatus based on a block chain provided in an embodiment of the present specification;
fig. 6 is a schematic structural diagram of another block chain-based data management apparatus provided in an embodiment of the present specification;
fig. 7 is a schematic structural diagram of another block chain-based data management apparatus provided in an embodiment of this specification.
Detailed Description
FIG. 1 illustrates a system framework diagram of an embodiment of the present description. As shown in fig. 1, a blockchain network (alternatively referred to as a blockchain system) 10 may include a plurality of blockchain nodes 101; each blockchain node 101 of the blockchain network 10 has the capability to broadcast transactions containing data to the entire blockchain network 10; blockchain node 101, as an accounting node, may package the transactions it receives into blocks and add them to the blockchain, enabling storage of data into the blockchain.
In each of the blockchain nodes 101 included in the blockchain network 10, each node stores the same transaction, that is, each node of the blockchain network 10 stores the same data; and, of the two adjacent blocks included in the block chain stored by the node, the following packed block is associated with the preceding packed block. In this way, the data stored into the blockchain is made to have a non-tamperable characteristic.
The terminal device 20 used by the user may join the blockchain network 10 as one blockchain node 101, and may be connected to one or more blockchain nodes 101 of the blockchain network 10. When the terminal device 20 is connected to one of the blockchain nodes 101 of the blockchain network 10, the terminal device 20 may send a transaction containing data to the blockchain node 101 connected thereto, issue the transaction containing data to the blockchain network 10 through the node 101, and finally cause the transaction containing data to be stored into the blockchain.
Accordingly, the terminal device 20 can also acquire data contained in each transaction stored in the block chain through the block link point 101 connected thereto.
It is understood that each blockchain node 101 may be one or more computing devices with certain data storage capabilities and certain computing capabilities, such as a server.
It is understood that the terminal device 20 used by the user includes, but is not limited to, various forms of electronic devices such as a notebook computer, a tablet computer, a smart phone, and the like, which are capable of communicating with the computing device as the blockchain node 101.
It will be appreciated that for the blockchain network 10, each blockchain node 101 itself and its connected terminal device 20 can query for data stored in the blockchain, and that the blockchain nodes 101 may be hosted by different hosting parties (enterprises, organizations, or individuals). If an intruder successfully intrudes a certain terminal device 20 or a certain blockchain node 101, the data openly and transparently stored in each node of the blockchain network 10 can be directly stolen; moreover, in the case that the terminal device 20 does not join the blockchain network 10 as the blockchain node 101, data may also be stolen or tampered by an intruder during the transmission process between the terminal device 20 and the blockchain node 101 connected thereto, and the security of the data is low.
In view of this, at least one embodiment of the present disclosure provides a block chain-based data management method and apparatus, so as to more effectively prevent data from being stolen and tampered by an intruder, thereby improving data security.
The following describes the technical solution of the embodiment of the present specification in detail with reference to the above system framework.
Fig. 2 is a flowchart of a data management method based on a block chain provided in an embodiment of the present specification. The method is executed by the terminal device 20, and as shown in fig. 2, the method may include at least the following steps 21 to 27: step 21, determining target data to be stored in a block chain and identification information of the target data; step 23, calculating a first abstract value of the target data according to a preset abstract algorithm; step 25, encrypting the target data by using a first key to form ciphertext data; and 27, storing the ciphertext data, the first digest value and the identification information in a block chain in an associated manner.
First, in step 21, target data to be stored to a blockchain and identification information of the target data are determined.
In the embodiment of the present specification, the target data includes, but is not limited to, files in various formats such as audio, video, documents, and the like.
In this embodiment of the present specification, the identification information of the target data should be able to be used to uniquely identify the target data, so that after the relevant information of the target data is stored in the blockchain in a subsequent process, the relevant information of the target data can be queried in the blockchain through the identification information of the target data.
For a file that is not allowed to be edited by a user or is not generally edited by a user, the file name of the file can generally be used to uniquely identify the file. Thus, in one possible implementation, the identification information of the target data may include a file name of the target data.
However, when a file is edited by a user, the file names of the file before and after the editing may be the same and the contents of the file may not be completely the same, and it is difficult to uniquely identify the file before and after the editing using only the file name of the file, whether in the terminal device or in the blockchain. For example, for a text file with a file name of "XXX", a user may edit the file during the time period from T1 to T2, such as adding, modifying or deleting corresponding text content in the text file; if the file is determined to be the target data that needs to be stored at a time T0 before the time T1 and again at a time Ti after the time T2, the file name of the file cannot be used to uniquely identify the two target data containing different text contents in the terminal device or the blockchain.
Therefore, in another possible implementation, the identification information of the target data may further include a corresponding first time when the target data is determined. For example, a file with a file name "XXX" is determined to be target data to be stored at time T0, i.e., a combination of the file name "XXX" and the first time T0 can be used as identification information of the target data.
Next, in step 23, a first digest value of the target data is calculated according to a preset digest algorithm.
It is to be understood that the predetermined summarization algorithm includes, but is not limited to, the MD5 algorithm, the SHA-1 algorithm, and various forms of variations thereof.
It will be appreciated that the first digest value may be used to verify the integrity of the target data.
Next, at step 25, the target data is encrypted with a first key to form ciphertext data.
The encryption algorithm used for encrypting the target data may be a symmetric encryption algorithm in various forms or an asymmetric encryption algorithm in various forms, and the encryption algorithm used for encrypting the target data is not limited in this specification embodiment.
For the first key used for encrypting the target data, if the encryption algorithm used for encrypting the target data is a symmetric encryption algorithm, the first key may be a random number randomly generated for the target data. For the first key used for encrypting the target data, if the encryption algorithm used for encrypting the target data is an asymmetric encryption algorithm, the first key may be one of two random numbers randomly generated for the target data; the other of the two random numbers is used as a second key corresponding to the first key, and can be used for decrypting ciphertext data corresponding to the target data in a subsequent process to obtain the target data. Therefore, any two target data needing to be stored and processed may be encrypted by using different first keys to form respective corresponding ciphertext data, so as to prevent an intruder from continuously stealing or tampering other target data by using a large amount of second keys after knowing the first key for encrypting certain target data or the second key required for decrypting certain target data.
Next, in step 27, the ciphertext data, the first digest value, and the identification information are stored in association with a blockchain.
Specifically, the terminal device may write the ciphertext data, the first digest value, and the identification information into a data field of a transaction, and send the transaction to one blockchain node 101 connected thereto in the blockchain network, so that the transaction is issued to the entire blockchain network 10 through the blockchain node 101 connected thereto, so that each blockchain node 101 serving as an accounting node in the blockchain network 10 packs the transaction into one block, and adds the block to the blockchain.
The ciphertext data corresponding to the target data, the first digest value thereof and the identification information are stored in the block chain in an associated manner, so that a user can conveniently acquire the ciphertext data and the first digest value corresponding to the target data from the block chain through the identification information of the target data.
Accordingly, in order to enable the user to obtain the ciphertext data and the first digest value corresponding to the target data from the blockchain through the identification information of the target data, as shown in fig. 3, in a possible implementation, the method may further include the following step 29: and adding the identification information as an index item to a data index table.
In a more specific example, the identification information of the target data may be added to the data index table as a new index entry. Taking as an example that the identification information of the target data includes a file name of the target data, and optionally includes a first time corresponding to determining the target data, please refer to the data index table shown in table 1 below:
TABLE 1
| File name | Time of day |
| XXX | Ti |
| ZZZ | NULL |
| XXX | Tj |
As shown in Table 1 above, for a file named "XXX", the file is at a first time TiIs determined as target data for the first time, and the data content contained in the file is probably at TiAfter the time is edited by the user within a certain time period, the file name "XXX" and the time "T" of the file can be obtainedi"combine into an index entry and add to the data index table newly; for a file named "ZZZ", the file is at a first time TnIs first determined to be target data, but the data content contained in the file does not allow the user to edit or the user will not normally be at time TnAnd then editing the file, namely adding the file name 'ZZZ' of the file as an index item corresponding to the data to a data index table. Suppose that the user is at time TiThen, the data content included in the file having the file name "XXX" is edited at time TjWhen the file is determined as the target data again, the file name "XXX" and the time "T" of the file may be setj"combine into an index entry and add to the data index table.
Therefore, for the user side, the user can conveniently obtain the target data with the same file name and different data contents through the data index table, namely, the user can conveniently obtain the files of various versions through the data index table.
In another more specific example, it may further be detected whether a first index entry including a file name of the target data exists in each index entry included in the data index table, and if the first index entry exists, the second time included in the first index entry is updated to the first time corresponding to the determination of the target data. Taking as an example that the identification information of the target data includes a file name of the target data, and optionally includes a first time corresponding to determining the target data, please refer to the data index table shown in table 2 below:
TABLE 2
| File name | Time of day |
| XXX | Tj |
| ZZZ | NULL |
As shown in Table 2 above, for a file named "XXX", the file is at a first time TiIs determined as target data for the first time, and the data content contained in the file is probably at TiAfter the time is edited by the user within a certain time period, the file name "XXX" and the time "T" of the file can be obtainedi"combine into an index entry and add to the data index table newly; for a file named "ZZZ", the file is at a first time TnIs first determined to be target data, but the data content contained in the file does not allow the user to edit or the user will not normally be at time TnAnd then editing the file, namely adding the file name 'ZZZ' of the file as an index item corresponding to the data to a data index table. Suppose that the user is at time TiThen for the file with the file name "XXXThe contained data content is edited at time TjDetermining the file as target data again; at this time, there is a first index entry containing file name "XXX" already in the data index table, and T can be usedjDirectly replacing the time T contained in the first index entryi”。
Therefore, for the user side, even if the user frequently edits a certain file and determines the file as target data to be stored at different moments, only one index item related to the file is stored in the data index table, and the user can query the file edited most recently through the data index table, so that the data index table is more concise and the user experience is better.
In the foregoing method embodiments, the process of storing data based on a block chain is described with emphasis, and in correspondence to the foregoing process of storing data, another block chain-based data management method is provided in this embodiment of the present application, where the method is executed by a terminal device 20, and as shown in fig. 4, the method may include at least the following steps 41 to 49: step 41, determining identification information of target data to be acquired; step 43, obtaining the ciphertext data and the first digest value associated with the identification information from the block chain; step 45, decrypting the ciphertext data by using a second key to obtain the target data, wherein the second key is the same as or corresponding to a first key used when encrypting the target data to form the ciphertext data; step 47, calculating a second abstract value of the target data according to a preset abstract algorithm; and 49, determining that the target data is not tampered and providing the target data under the condition that the first digest value and the second digest value are the same.
First, in step 41, identification information of target data to be acquired is determined.
In one possible embodiment, the terminal device may provide a data index table to the user, the data index table containing at least one index entry. For the specific contents of the data index table and the data index entry, reference is made to the foregoing embodiments, and details thereof are not repeated here.
Correspondingly, for step 41, when the terminal device receives a trigger of the user on a second index item of the at least one index item, it may be determined that the second index triggered by the user is the identification information of the target data to be acquired.
Next, at step 43, ciphertext data and a first digest value associated with the identification information are obtained from the blockchain.
Specifically, the terminal device 20 may directly or indirectly query each transaction recorded on the block chain through the block chain node connected thereto, so as to directly or indirectly obtain the ciphertext data and the first digest value associated with the identification information from the block chain through the block chain node 101 connected thereto.
Next, at step 45, the ciphertext data is decrypted using the second key to obtain the target data.
Wherein the second key is the same as or corresponds to the first key used in encrypting the target data to form the ciphertext data. Specifically, if the encryption algorithm used when the terminal device 20 encrypts the target data with the first key to form the ciphertext data is a symmetric encryption algorithm, the second key is the same as the first key; the second key corresponds to the first key if the encryption algorithm used when the terminal device 20 encrypts the target data with the first key to form ciphertext data is an asymmetric encryption algorithm.
Next, in step 47, a second digest value of the target data is calculated according to a preset digest algorithm.
It should be noted that the digest algorithm used for calculating the second digest value of the target data should be identical to the digest algorithm used for calculating the first digest value of the target data.
Here, if the ciphertext data and the first digest value are transmitted from the blockchain network to the terminal device, the intruder decrypts the ciphertext data by using the second key which is acquired by the intruder and used for decrypting the ciphertext data, recalculates the first digest value of the tampered target data after tampering the decrypted target data, and re-encrypts the tampered target data by using the acquired first key to form new ciphertext data; then, the second digest value calculated by the terminal device is not the same as the first digest value recalculated by the intruder, because the intruder cannot know the preset digest algorithm actually used by the terminal device for calculating the target data. That is, if the second digest value calculated by the terminal device is different from the first digest value, it indicates that the target data is successfully tampered by the intruder.
Accordingly, in step 49, in the case where the first digest value and the second digest value are the same, it is determined that the target data has not been tampered with, and the target data is provided. That is, in the case where it is confirmed that the target data has not been tampered with, the accurate, untampered target data is provided to the user so that the user can refer to the target data or edit the target data.
In a possible implementation manner, since the ciphertext data and the first digest value of the target data stored in the blockchain are not tampered, if the second digest value calculated by the terminal device is different from the first digest value, that means, the target data is tampered by an intruder during the transmission from the blockchain network to the terminal device, at this time, the terminal device may prompt the user that the target data has been tampered by the intruder, so that the user triggers the terminal device to retrieve the ciphertext data and the first digest value of the target data stored in the blockchain.
In this way, the terminal device 20 can determine whether the target data is tampered by the intruder, and even if the intruder maliciously tampers with the target data to achieve a specific business purpose, the target data is discovered by the terminal device and the business purpose cannot be achieved, so that the possibility that the intruder tampers with the target data in the process of transmitting the ciphertext data and the first digest value from the blockchain network 10 to the terminal device 20 is reduced.
Corresponding to one or more of the foregoing method embodiments, in this embodiment, there is also provided a block chain based data management apparatus 50, where the data management apparatus 50 may be deployed on the terminal device 20, so that the terminal device 20 implements the block chain based data management method described in one or more of the foregoing embodiments. As shown in fig. 5, the block chain based data management apparatus 50 may include, in terms of software level:
an information determining unit 51 configured to determine target data to be stored to a blockchain and identification information of the target data;
a digest calculation unit 53 configured to calculate a first digest value of the target data according to a preset digest algorithm;
an encryption processing unit 55 configured to encrypt the target data with a first key to form ciphertext data;
a storage processing unit 57 configured to store the ciphertext data, the first digest value, and the identification information in association with a blockchain.
In one possible implementation, as shown in fig. 6, the block chain based data management apparatus 50 may further include: an index management unit 59 configured to add the identification information as an index entry to a data index table.
Corresponding to one or more of the foregoing method embodiments, in this embodiment, another block chain based data management apparatus 70 is further provided, and the data management apparatus 70 may be deployed on the terminal device 20, so that the terminal device 20 implements the block chain based data management method described in one or more of the foregoing embodiments. As shown in fig. 7, the block chain based data management apparatus 70 may include, in terms of software level:
an information determination unit 71 configured to determine identification information of target data to be acquired;
a data obtaining unit 73 configured to obtain ciphertext data and a first digest value associated with the identification information from a block chain;
a decryption processing unit 75 configured to decrypt the ciphertext data with a second key to obtain the target data, wherein the second key is the same as or corresponds to a first key used when encrypting the target data to form the ciphertext data;
a digest calculation unit 77 configured to calculate a second digest value of the target data according to a preset digest algorithm;
a data providing unit 79 configured to determine that the target data has not been tampered with and provide the target data in a case where the first digest value and the second digest value are the same.
In a possible implementation, the data management apparatus 70 may further include: an index management unit; wherein the content of the first and second substances,
the index management unit is configured to provide a data index table to a user, wherein the data index table comprises at least one index item;
the information determining unit 71 is configured to determine, in response to a trigger of a user on a second index item of the at least one index item, that the second index item is identification information of target data to be acquired.
It should be noted that the above block chain based data management apparatus 50 and the block chain based data management apparatus 70 may be integrated into the same data management apparatus and disposed in the terminal device 20.
Those skilled in the art will recognize that in one or more of the examples described above, the functions described in this specification can be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, a computer program corresponding to these functions may be stored in a computer-readable medium or transmitted as one or more instructions/codes on the computer-readable medium, so that when the computer program corresponding to these functions is executed by a computer, the method described in any one of the embodiments of the present invention is implemented by the computer.
Specifically, a computer-readable storage medium is further provided in an embodiment of the present specification, and has a computer program stored thereon, and when the computer program is executed in a computing device, the computing device implements the block chain based data management method provided in any one of the embodiments of the present specification.
The embodiment of the present specification further provides a terminal device, which includes a memory and a processor, where the memory stores executable codes, and when the processor executes the executable codes, the method for managing data based on a block chain provided in any one embodiment of the present specification is implemented.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts in the embodiments are referred to each other, and each embodiment will be described with emphasis on the differences from the other embodiments. In particular, the apparatus/device/system embodiments are substantially similar to the method embodiments, so that the description is simple, and reference may be made to some descriptions of the method embodiments for relevant points.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The above-mentioned embodiments, objects, technical solutions and advantages of the present invention are further described in detail, it should be understood that the above-mentioned embodiments are only exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made on the basis of the technical solutions of the present invention should be included in the scope of the present invention.
Claims (10)
1. A data management method based on a block chain is applied to terminal equipment and is characterized in that the method comprises the following steps:
determining target data to be stored in a block chain and identification information of the target data;
calculating a first abstract value of the target data according to a preset abstract algorithm;
encrypting the target data by using a first key to form ciphertext data;
and storing the ciphertext data, the first abstract value and the identification information in a block chain in an associated manner.
2. The method of claim 1,
after the storing the ciphertext data, the first digest value, and the identification information in association with a blockchain, the method further comprises: and adding the identification information as an index item to a data index table.
3. The method of claim 2,
the identification information includes: the file name corresponding to the target data and a first time corresponding to the target data when the target data is determined.
4. The method of claim 3,
the adding the identification information as an index entry to a data index table includes:
detecting whether a first index entry exists in each index entry contained in the data index table, wherein the first index entry contains the file name;
and if the first index item exists, updating the second time contained in the first index item to the first time.
5. The method according to any one of claims 1 to 4,
the associating and storing the ciphertext data, the first digest value, and the identification information to a blockchain includes:
writing the ciphertext data, the first digest value, and the identification information into a data field of a transaction, and issuing the transaction to a blockchain network through a node of the blockchain network, such that the transaction is packed into a block, which is added to the blockchain.
6. A data management method based on a block chain is applied to terminal equipment and is characterized by comprising the following steps:
determining identification information of target data to be acquired;
acquiring ciphertext data and a first abstract value which are associated with the identification information from a block chain;
decrypting the ciphertext data by using a second key to obtain the target data, wherein the second key is the same as or corresponds to a first key used when encrypting the target data to form the ciphertext data;
calculating a second abstract value of the target data according to a preset abstract algorithm;
in a case where the first digest value and the second digest value are the same, it is determined that the target data has not been tampered, and the target data is provided.
7. The method of claim 6,
before the determining the identification information of the target data to be acquired, the method further includes: providing a data index table to a user, wherein the data index table comprises at least one index entry;
the determining the identification information of the target data to be acquired includes: and responding to the trigger of a user on a second index item in the at least one index item, and determining the second index item as the identification information of the target data to be acquired.
8. A block chain-based data management device is applied to a terminal device, and is characterized by comprising:
an information determination unit configured to determine target data to be stored to a blockchain and identification information of the target data;
the abstract calculation unit is configured to calculate a first abstract value of the target data according to a preset abstract algorithm;
an encryption processing unit configured to encrypt the target data with a first key to form ciphertext data;
and the storage processing unit is configured to store the ciphertext data, the first digest value and the identification information in a block chain in an associated manner.
9. The apparatus of claim 8,
the device further comprises: and the index management unit is configured to add the identification information as an index item to a data index table.
10. A block chain-based data management device is applied to a terminal device, and is characterized by comprising:
an information determination unit configured to determine identification information of target data to be acquired;
the data acquisition unit is configured to acquire ciphertext data and a first abstract value which are associated with the identification information from a block chain;
a decryption processing unit configured to decrypt the ciphertext data using a second key to obtain the target data, wherein the second key is the same as or corresponds to a first key used when encrypting the target data to form the ciphertext data;
the abstract calculation unit is configured to calculate a second abstract value of the target data according to a preset abstract algorithm;
a data providing unit configured to determine that the target data has not been tampered and provide the target data in a case where the first digest value and the second digest value are the same.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910949871.0A CN110851843A (en) | 2019-10-08 | 2019-10-08 | Data management method and device based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910949871.0A CN110851843A (en) | 2019-10-08 | 2019-10-08 | Data management method and device based on block chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110851843A true CN110851843A (en) | 2020-02-28 |
Family
ID=69597320
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910949871.0A Pending CN110851843A (en) | 2019-10-08 | 2019-10-08 | Data management method and device based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110851843A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111429643A (en) * | 2020-03-18 | 2020-07-17 | 南京巨公科技有限公司 | Method and device for shaking numbers and storage medium |
| CN111565185A (en) * | 2020-04-29 | 2020-08-21 | 陈议尊 | Information abstract supply and demand transaction method and system based on time division multiplexing |
| CN112000730A (en) * | 2020-07-10 | 2020-11-27 | 邦邦汽车销售服务(北京)有限公司 | Tracing information writing and tracing information verification method and system based on block chain |
| CN112491878A (en) * | 2020-11-26 | 2021-03-12 | 杭州安恒信息技术股份有限公司 | Method, device and system for detecting MITM attack |
| CN112966022A (en) * | 2021-03-10 | 2021-06-15 | 安徽航天信息科技有限公司 | Information query method, device and system for data transaction platform |
| CN114124356A (en) * | 2021-11-24 | 2022-03-01 | 中国银行股份有限公司 | Ciphertext generation method, server, medium and device applied to block chain |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108881262A (en) * | 2018-07-02 | 2018-11-23 | 北京市天元网络技术股份有限公司 | Restoring files methods, devices and systems based on block chain |
| CN109522681A (en) * | 2018-09-19 | 2019-03-26 | 北京非对称区块链科技有限公司 | Digital content really weighs method, apparatus and storage medium |
| CN110060162A (en) * | 2019-03-29 | 2019-07-26 | 阿里巴巴集团控股有限公司 | Data grant, querying method and device based on block chain |
-
2019
- 2019-10-08 CN CN201910949871.0A patent/CN110851843A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108881262A (en) * | 2018-07-02 | 2018-11-23 | 北京市天元网络技术股份有限公司 | Restoring files methods, devices and systems based on block chain |
| CN109522681A (en) * | 2018-09-19 | 2019-03-26 | 北京非对称区块链科技有限公司 | Digital content really weighs method, apparatus and storage medium |
| CN110060162A (en) * | 2019-03-29 | 2019-07-26 | 阿里巴巴集团控股有限公司 | Data grant, querying method and device based on block chain |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111429643A (en) * | 2020-03-18 | 2020-07-17 | 南京巨公科技有限公司 | Method and device for shaking numbers and storage medium |
| CN111565185A (en) * | 2020-04-29 | 2020-08-21 | 陈议尊 | Information abstract supply and demand transaction method and system based on time division multiplexing |
| CN111565185B (en) * | 2020-04-29 | 2023-05-12 | 陈议尊 | Information abstract supply and demand transaction method and system based on time division multiplexing |
| CN112000730A (en) * | 2020-07-10 | 2020-11-27 | 邦邦汽车销售服务(北京)有限公司 | Tracing information writing and tracing information verification method and system based on block chain |
| CN112491878A (en) * | 2020-11-26 | 2021-03-12 | 杭州安恒信息技术股份有限公司 | Method, device and system for detecting MITM attack |
| CN112966022A (en) * | 2021-03-10 | 2021-06-15 | 安徽航天信息科技有限公司 | Information query method, device and system for data transaction platform |
| CN112966022B (en) * | 2021-03-10 | 2024-04-05 | 安徽航天信息科技有限公司 | Information query method, device and system of data transaction platform |
| CN114124356A (en) * | 2021-11-24 | 2022-03-01 | 中国银行股份有限公司 | Ciphertext generation method, server, medium and device applied to block chain |
| CN114124356B (en) * | 2021-11-24 | 2024-01-26 | 中国银行股份有限公司 | Ciphertext generation method, server, medium and device applied to blockchain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110851843A (en) | Data management method and device based on block chain | |
| US10600050B1 (en) | Secure custody of a ledger token and/or a quantity of cryptocurrency of a distributed ledger network through binding to a possession token | |
| CN108076057B (en) | Data security system and method based on block chain | |
| US5343527A (en) | Hybrid encryption method and system for protecting reusable software components | |
| US8527769B2 (en) | Secure messaging with read-undeniability and deletion-verifiability | |
| US11223482B2 (en) | Secure data exchange | |
| US8769675B2 (en) | Clock roll forward detection | |
| US20120317414A1 (en) | Method and system for securing documents on a remote shared storage resource | |
| US8369521B2 (en) | Smart card based encryption key and password generation and management | |
| US20090158037A1 (en) | System and method for protecting an electronic file | |
| US20090296926A1 (en) | Key management using derived keys | |
| CN104995621A (en) | Server device, private search program, recording medium, and private search system | |
| CN109660352B (en) | Block chain-based distribution relation recording method and device and terminal equipment | |
| US11720689B2 (en) | Data registration method, data decryption method, data structure, computer, and program | |
| CN109754226B (en) | Data management method, device and storage medium | |
| CN111294203B (en) | Information transmission method | |
| CN107040520B (en) | Cloud computing data sharing system and method | |
| US8972732B2 (en) | Offline data access using trusted hardware | |
| US9641328B1 (en) | Generation of public-private key pairs | |
| US20080010468A1 (en) | Method and technique for enforcing transience and propagation constraints on data transmitted by one entity to another entity by means of data division and retention | |
| CN110490741B (en) | Device and method for managing data validity and controllability in block chain | |
| CN111324901A (en) | Method for creating and decrypting enterprise security encrypted file | |
| CN114826736A (en) | Information sharing method, device, equipment and storage medium | |
| US20170200020A1 (en) | Data management system, program recording medium, communication terminal, and data management server | |
| CN114499875A (en) | Service data processing method and device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |