CN110866272A - Method for preventing data leakage in data sharing based on block chain - Google Patents
Method for preventing data leakage in data sharing based on block chain Download PDFInfo
- Publication number
- CN110866272A CN110866272A CN201911088333.3A CN201911088333A CN110866272A CN 110866272 A CN110866272 A CN 110866272A CN 201911088333 A CN201911088333 A CN 201911088333A CN 110866272 A CN110866272 A CN 110866272A
- Authority
- CN
- China
- Prior art keywords
- data
- block chain
- submodel
- user
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2458—Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/103—Workflow collaboration or project management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
- G06Q20/123—Shopping for digital content
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/03—Credit; Loans; Processing thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Human Resources & Organizations (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Software Systems (AREA)
- Marketing (AREA)
- Economics (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- Entrepreneurship & Innovation (AREA)
- Bioethics (AREA)
- Operations Research (AREA)
- Tourism & Hospitality (AREA)
- Quality & Reliability (AREA)
- Signal Processing (AREA)
- Medical Informatics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Technology Law (AREA)
- Development Economics (AREA)
- Fuzzy Systems (AREA)
- Mathematical Physics (AREA)
- Probability & Statistics with Applications (AREA)
- Computational Linguistics (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a method for preventing data leakage in data sharing based on a block chain. The invention solves the problem that the data provider worrys about data leakage to cause data sharing difficulty among multiple parties, and finally completes the data sharing of multiple parties meeting the query condition of a data user under the condition of not leaking irrelevant data.
Description
Technical Field
The invention relates to the field of block chains and data sharing, in particular to a method for preventing data leakage in data sharing based on block chains.
Background
The blockchain is a decentralized database essentially and is mainly used for solving the trust and safety problems of transactions, the accounting of the transactions is completed by a plurality of nodes distributed in different places, each node records a complete account, and each node can participate in monitoring the legality of the transactions. No node can record ledger data separately, thereby avoiding the possibility of accounting. By adopting the asymmetric encryption and authorization technology, the transaction stored on the blockchain is public, but the account identity information is encrypted and can be accessed only by the authorization of a data owner, so that the data security and privacy are ensured. And the consensus mechanism completes the verification and confirmation of the transaction in a short time through voting by the special nodes. The goal of the consensus mechanism is to keep all honest nodes consistent. The block chain provides different consensus algorithms, is suitable for different application scenes, and balances efficiency and safety.
The data sharing is to make more people fully use the existing data resources, utilize the data of different regions, different departments and different systems, and flow and share the data among the regions, the departments and the systems. The traditional data sharing mode is limited in regions, departments and systems, and is difficult to share among different regions, different departments and different systems, meanwhile, data sharing among regions, departments and systems is afraid of data leakage problems and is afraid of sharing, but the utilization value of the data is wasted due to the fact that the data are not shared, information intercommunication among regions, departments and systems is not facilitated, and the traditional data sharing mode is challenged.
Disclosure of Invention
The invention aims to provide a method for preventing data leakage in data sharing based on a block chain, aiming at the defects of the traditional data sharing mode. The invention solves the problem of data leakage worried by a data provider, and better utilizes data of multiple parties to play the utilization value of the data.
The purpose of the invention is realized by the following technical scheme: a method for preventing data leakage in data sharing based on a block chain comprises the following steps:
(1) the data provider issues data source information to the block chain; the data source information comprises a database type, a data field and a data operation method; the data operation method is a database query method and is used for querying data fields meeting query conditions;
(2) a data user acquires the use right of the data on the block chain in a mode of purchasing or requesting authorization to obtain a certificate generated by the block chain; obtaining a plurality of corresponding credentials if data of a plurality of parties in a data provider is used;
(3) the data user compiles a sub-model and a total model according to the data source information released to the block chain in the step (1); the submodel is a method for calling the data operation in the step (1), and data fields required by query condition query are input; the general model is used for driving a data provider to operate the submodel and returning a data field obtained by the submodel query to the data user;
(4) the data user sends the submodel compiled in the step (3) and the certificate acquired in the step (2) to a corresponding data provider, and the data provider verifies the validity of the certificate and verifies the submodel; the validity of the certificate is to inquire whether the certificate exists on a block chain, if the certificate exists, the certificate is valid, otherwise, the certificate is invalid and does not need to be audited, and a data user is informed that the audit fails; the auditing submodel passes the auditing if the executing submodel does not reveal other data to the data user, otherwise, the auditing does not pass, and the data user modifies the submodel and then sends the submodel to the data provider for auditing again;
(5) the data provider runs the general model after the verification certificate is valid and the sub model passes the verification;
(6) and after the overall model obtains the required data fields, recording the identity information of the data user, the identity information of the data provider and the database types and the data fields related in the data sharing to the block chain.
Further, the query condition is set according to the data field required to be obtained by the data user.
Further, the sub model is an executable script code.
Further, the submodel runs on a data provider, and data source information is prevented from being directly acquired by a data user.
Further, in the step (4), the other data is data in the data field that does not meet the query condition of the submodel input in the step (3).
The invention has the following beneficial effects: the invention provides a method for preventing data leakage in data sharing based on a block chain, which is characterized in that a data user writes a sub-model to operate at a data provider, the sub-model is audited by the data provider, the sub-model can operate after the audit is passed, the result is sent to the data user, and meanwhile, the whole process is recorded on the block chain; the invention solves the problem that the data provider worrys about data leakage to cause data sharing difficulty among multiple parties, and finally completes the data sharing of multiple parties meeting the query condition of a data user under the condition of not leaking irrelevant data.
Drawings
Fig. 1 is a diagram of an example of a method of preventing data leakage in block chain-based data sharing.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings and preferred embodiments, and the objects and effects of the present invention will become more apparent, and the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The invention discloses a method for preventing data leakage in data sharing based on a block chain, which comprises the following steps:
(1) the data provider issues data source information to the block chain; the data source information comprises a database type, a data field and a data operation method; the data operation method is a database query method and is used for querying data fields meeting query conditions; the query condition is set according to the data field required to be obtained by the data user.
(2) A data user acquires the use right of the data on the block chain in a mode of purchasing or requesting authorization to obtain a certificate generated by the block chain; obtaining a plurality of corresponding credentials if data of a plurality of parties in a data provider is used;
(3) the data user compiles a sub-model and a total model according to the data source information released to the block chain in the step (1); the submodel is a method for calling the data operation in the step (1), and data fields required by query condition query are input; the general model is used for driving a data provider to operate the submodel and returning a data field obtained by the submodel query to the data user; the submodel is an executable script code and runs on a data provider to prevent data source information from being directly acquired by a data user.
(4) The data user sends the submodel compiled in the step (3) and the certificate acquired in the step (2) to a corresponding data provider, and the data provider verifies the validity of the certificate and verifies the submodel; the validity of the certificate is to inquire whether the certificate exists on a block chain, if the certificate exists, the certificate is valid, otherwise, the certificate is invalid and does not need to be audited, and a data user is informed that the audit fails; the auditing submodel passes the auditing if the executing submodel does not reveal other data to the data user, otherwise, the auditing does not pass, and the data user modifies the submodel and then sends the submodel to the data provider for auditing again; and the other data are data which do not meet the query condition of the submodel input in the step (3) in the data field.
(5) The data provider runs the general model after the verification certificate is valid and the sub model passes the verification;
(6) and after the overall model obtains the required data fields, recording the identity information of the data user, the identity information of the data provider and the database types and the data fields related in the data sharing to the block chain.
Examples
As shown in fig. 1, an example of a method for preventing data leakage in block chain-based data sharing is a scenario in which a user makes a loan through a bank a, and specifically includes the following steps:
the method comprises the following steps: the bank B and the bank C issue user data source information to the block chain; the data source information comprises a database type, a data field and a data operation method; the data operation method is a database query method, and can query fields meeting query conditions; the data field comprises a user identity card number, a user loan condition and a user credit condition; the query condition is a user identity card number;
step two: after obtaining the authorization of the user, the bank A obtains the use right of the user loan and credit conditions, namely the voucher generated by the block chain, on the block chain in a manner of requesting authorization; if the data of multiple parties is used, a plurality of certificates are obtained, so that two certificates respectively corresponding to a bank B and a bank C need to be obtained;
step three: the bank A compiles a sub model and a total model according to data source information on the block chain; the sub-model obtains the user loan and credit conditions by using the data operation method in the data source information; the general model is a submodel for driving a bank B and a bank C to operate, and the inquired user loan and credit conditions are returned to the bank A; the general model collects the returned user loan and credit conditions to obtain whether the user has the condition that the loan is not clear and the credit conditions of a bank B and a bank C, and the bank A can determine whether to loan the user according to the result;
step four: the bank A sends the sub-model compiled in the step three and the certificate obtained in the step two to a bank B and a bank C, and the bank B and the bank C verify the validity of the certificate and verify the sub-model; the validity of the certificate is that if the certificate exists, the certificate is valid, otherwise, the certificate is invalid; the auditing sub-model is that if the sub-model is executed and the data of other users cannot be revealed, the auditing is passed, otherwise, the auditing is not passed, and the bank A modifies the sub-model and then sends the sub-model to the bank B and the bank C for auditing again;
step five: the bank B and the bank C verify that the certificates are valid and after the certificates pass the verification, the bank A runs the general model;
step six: after the total model is summarized, user data source information related to the bank A, the bank B, the bank C and data sharing is recorded on a block chain, so that the work of subsequent audit is facilitated; and the user data source information related in the data sharing is user loan and credit conditions, corresponding user identity card numbers and database types, which are obtained by sub-model inquiry.
The embodiment solves the problem of data leakage worried by the bank B and the bank C, and completes multi-party data sharing, summarization and calculation meeting the query condition of the bank A under the condition of not leaking irrelevant data; the data user can conveniently calculate the multi-party model, and the whole process can be recorded on the block chain.
It will be understood by those skilled in the art that the foregoing is only a preferred embodiment of the present invention, and is not intended to limit the invention, and although the invention has been described in detail with reference to the foregoing examples, it will be apparent to those skilled in the art that various changes in the form and details of the embodiments may be made and equivalents may be substituted for elements thereof. All modifications, equivalents and the like which come within the spirit and principle of the invention are intended to be included within the scope of the invention.
Claims (5)
1. A method for preventing data leakage in data sharing based on a block chain is characterized by comprising the following steps:
(1) the data provider issues data source information to the block chain; the data source information comprises a database type, a data field, a data operation method and the like; the data operation method is a database query method and is used for querying the data fields meeting the query conditions.
(2) A data user acquires the use right of the data on the block chain in a mode of purchasing or requesting authorization to obtain a certificate generated by the block chain; if data of multiple parties in a data provider is used, multiple corresponding credentials are obtained.
(3) The data user compiles a sub-model and a total model according to the data source information released to the block chain in the step (1); the submodel is a method for calling the data operation in the step (1), and data fields required by query condition query are input; the general model is used for driving the data provider to run the submodel and returning the data fields obtained by the submodel query to the data user.
(4) The data user sends the submodel compiled in the step (3) and the certificate acquired in the step (2) to a corresponding data provider, and the data provider verifies the validity of the certificate and verifies the submodel; the validity of the certificate is to inquire whether the certificate exists on a block chain, if the certificate exists, the certificate is valid, otherwise, the certificate is invalid and does not need to be audited, and a data user is informed that the audit fails; and the auditing submodel passes if the executing submodel does not reveal other data to the data user, otherwise, the auditing does not pass, and the data user modifies the submodel and then sends the submodel to the data provider for auditing.
(5) And after the data provider verifies that the certificate is valid and the sub-model passes the verification, the data user runs the general model.
(6) And after the overall model obtains the required data fields, recording the identity information of a data user, the identity information of a data provider, the database types and the data fields involved in data sharing on the block chain.
2. The method for preventing data leakage in data sharing based on block chain as claimed in claim 1, wherein the query condition is set according to the data field that the data user needs to obtain.
3. The method for preventing data leakage in block chain based data sharing of claim 1, wherein the sub model is an executable script code.
4. The method for preventing data leakage in data sharing based on block chains as claimed in claim 1, wherein the submodel runs at a data provider and prevents data source information from being directly acquired by a data consumer.
5. The method for preventing data leakage in block chain based data sharing as claimed in claim 1, wherein in the step (4), the other data is data in a data field which does not meet the query condition of the sub model input in the step (3).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911088333.3A CN110866272B (en) | 2019-11-08 | 2019-11-08 | Method for preventing data leakage in data sharing based on block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911088333.3A CN110866272B (en) | 2019-11-08 | 2019-11-08 | Method for preventing data leakage in data sharing based on block chain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110866272A true CN110866272A (en) | 2020-03-06 |
CN110866272B CN110866272B (en) | 2021-09-03 |
Family
ID=69654775
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911088333.3A Active CN110866272B (en) | 2019-11-08 | 2019-11-08 | Method for preventing data leakage in data sharing based on block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110866272B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112149080A (en) * | 2020-11-24 | 2020-12-29 | 国网江苏省电力有限公司苏州供电分公司 | Authorization information verification system and method |
CN112559456A (en) * | 2020-12-28 | 2021-03-26 | 杭州趣链科技有限公司 | Data sharing method with privacy protection auditing and deleting functions |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107180350A (en) * | 2017-03-31 | 2017-09-19 | 唐晓领 | A kind of method of the multi-party shared transaction metadata based on block chain, apparatus and system |
CN107257340A (en) * | 2017-06-19 | 2017-10-17 | 阿里巴巴集团控股有限公司 | A kind of authentication method, authentication data processing method and equipment based on block chain |
US20180374062A1 (en) * | 2017-06-22 | 2018-12-27 | Jpmorgan Chase Bank, N.A. | System and method for implementing an interbank information network |
CN109447643A (en) * | 2018-10-31 | 2019-03-08 | 中国银联股份有限公司 | A kind of data-sharing systems and data sharing method based on block chain |
CN110012015A (en) * | 2019-04-09 | 2019-07-12 | 中国科学院沈阳计算技术研究所有限公司 | A kind of internet of things data sharing method and system based on block chain |
-
2019
- 2019-11-08 CN CN201911088333.3A patent/CN110866272B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107180350A (en) * | 2017-03-31 | 2017-09-19 | 唐晓领 | A kind of method of the multi-party shared transaction metadata based on block chain, apparatus and system |
CN107257340A (en) * | 2017-06-19 | 2017-10-17 | 阿里巴巴集团控股有限公司 | A kind of authentication method, authentication data processing method and equipment based on block chain |
US20180374062A1 (en) * | 2017-06-22 | 2018-12-27 | Jpmorgan Chase Bank, N.A. | System and method for implementing an interbank information network |
CN109447643A (en) * | 2018-10-31 | 2019-03-08 | 中国银联股份有限公司 | A kind of data-sharing systems and data sharing method based on block chain |
CN110012015A (en) * | 2019-04-09 | 2019-07-12 | 中国科学院沈阳计算技术研究所有限公司 | A kind of internet of things data sharing method and system based on block chain |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112149080A (en) * | 2020-11-24 | 2020-12-29 | 国网江苏省电力有限公司苏州供电分公司 | Authorization information verification system and method |
CN112559456A (en) * | 2020-12-28 | 2021-03-26 | 杭州趣链科技有限公司 | Data sharing method with privacy protection auditing and deleting functions |
CN112559456B (en) * | 2020-12-28 | 2022-07-05 | 杭州趣链科技有限公司 | Data sharing method with privacy protection auditing and deleting functions |
Also Published As
Publication number | Publication date |
---|---|
CN110866272B (en) | 2021-09-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11057353B2 (en) | Systems, methods, and devices for implementing a smart contract on a distributed ledger technology platform | |
US11568437B2 (en) | Systems, methods, and apparatuses for implementing commerce rewards across tenants for commerce cloud customers utilizing blockchain | |
US11288280B2 (en) | Systems, methods, and apparatuses for implementing consumer data validation, matching, and merging across tenants with optional verification prompts utilizing blockchain | |
JP7320493B2 (en) | Execution of smart contracts with distributed cooperation | |
CN110135186B (en) | Medical data transaction and sharing method based on block chain technology | |
CN106600405B (en) | Block chain-based data rights and interests protection method | |
US10915552B2 (en) | Delegating credentials with a blockchain member service | |
CN110288480B (en) | Private transaction method and device for blockchain | |
CN108616539A (en) | A kind of method and system that block chain transaction record accesses | |
CN109450638A (en) | Electronic component data management system and method based on block chain | |
Zhu et al. | Hybrid blockchain design for privacy preserving crowdsourcing platform | |
CN110275891A (en) | Artificial intelligence software market | |
KR20220093198A (en) | Execution of transactions using dedicated and open blockchains | |
CN113779617B (en) | State channel-based federal learning task credible supervision and scheduling method and device | |
JP2023527811A (en) | Method, apparatus, and computer readable medium for authentication and authorization of networked data transactions | |
CN114548989B (en) | Rights management system based on NFR | |
CN110866272B (en) | Method for preventing data leakage in data sharing based on block chain | |
US20240005316A1 (en) | Method, apparatus, and computer-readable medium for authentication and authorization of networked data transactions | |
CN111327618B (en) | Precise access control method, device and system based on block chain | |
CN112232828A (en) | Power grid data transaction method and system | |
CN111585946B (en) | Cryptographic master profile control and transaction arbitration | |
Wen et al. | Application of blockchain technology in data management: advantages and solutions | |
Noh et al. | PyRos: A State Channel‐Based Access Control System for a Public Blockchain Network | |
KR102450412B1 (en) | SLA-Based Sharing Economy Service with Smart Contract for Resource Integrity in the Internet of Things | |
Lisi et al. | Automated responsible disclosure of security vulnerabilities |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |