CN111163093A - Method and device for acquiring external data from external data source in block chain of alliance - Google Patents

Method and device for acquiring external data from external data source in block chain of alliance Download PDF

Info

Publication number
CN111163093A
CN111163093A CN201911400331.3A CN201911400331A CN111163093A CN 111163093 A CN111163093 A CN 111163093A CN 201911400331 A CN201911400331 A CN 201911400331A CN 111163093 A CN111163093 A CN 111163093A
Authority
CN
China
Prior art keywords
external data
data source
contract
calling
block chain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911400331.3A
Other languages
Chinese (zh)
Inventor
邱炜伟
匡立中
尹可挺
李伟
乔沛杨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Qulian Technology Co Ltd
Original Assignee
Hangzhou Qulian Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Qulian Technology Co Ltd filed Critical Hangzhou Qulian Technology Co Ltd
Priority to CN201911400331.3A priority Critical patent/CN111163093A/en
Publication of CN111163093A publication Critical patent/CN111163093A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Power Engineering (AREA)
  • Health & Medical Sciences (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a method and a device for acquiring external data from an external data source in an alliance block chain, wherein the method comprises the following steps: receiving a calling contract and sending a calling request which needs to be used to an external data source; judging whether the calling contract has the authority to acquire external data according to a security policy, if not, returning to fail, otherwise, completing establishing security connection with an external data source in a trusted computing environment, and acquiring the external data of the external data source; and returning the acquired external data to the calling contract. The method has the advantage of providing external data for the block chain environment safely, reliably and conveniently.

Description

Method and device for acquiring external data from external data source in block chain of alliance
Technical Field
The embodiment of the invention relates to the field of prediction machines of union block chains, in particular to a method and a device for acquiring external data from an external data source in the union block chain.
Background
The blockchain technology is a novel decentralized protocol, digital currency transactions or other data can be safely stored, information cannot be forged and falsified, transaction confirmation on the blockchain is completed by all nodes on the blockchain together, consistency of the transaction confirmation is guaranteed by a consensus algorithm, a public account book is maintained on the blockchain, and any node of the public account book on a storage block is visible, so that the digital currency transactions or other data cannot be forged and falsified.
The trusted computing environment is a security environment provided by a trusted computing platform based on the support of a hardware security module, and is realized by means of similar technologies such as SGX or TrustZone, and the like, and can provide functions such as memory shielding, sealed storage, remote authentication, endorsement of secret keys, security IO and the like to the outside, so that codes running in the trusted computing environment and stored data are ensured not to be leaked and tampered.
The prediction machine is a trusted data interaction service outside a block chain field and provides a function of actively acquiring real world data on a chain.
The conventional block chain of the alliance, such as Hyperleger Fabric, generally lacks a method for acquiring external data of the block chain, is difficult to acquire data under the chain directly on the chain, and can only complete the use of the data under the chain by calling a contract method to inject the external data into an intelligent contract, thereby restricting the further application of the block chain. In addition, the trust problem faced by the intelligent contract when using the predictive machine service is also a big problem in the implementation of the predictive machine, which is characterized in that the intelligent contract has difficulty in determining that the acquired data is from the data source specified by the intelligent contract. The existing block chain or the mode of endorsement by a third party achieves the aim through the authoritative signature of the third party, and has the defect of centralization of the third party; or a distributed method is adopted and a reputation system and other means are combined to eliminate the centralized authority of the third party, so that the method is not suitable for the situation of the block chain of the alliance.
Disclosure of Invention
In view of this, the embodiment of the present invention provides a method for acquiring external data from an external data source in an alliance block chain, which solves the problem that the external data cannot be safely and trustfully acquired in a block chain intelligent contract.
The technical scheme adopted by the embodiment of the invention is as follows:
in a first aspect, an embodiment of the present invention provides a method for acquiring external data from an external data source in an alliance block chain, where the method is applied to a block connection node, and includes:
receiving a calling contract and sending a calling request which needs to be used to an external data source;
judging whether the calling contract has the authority to acquire external data according to a security policy, if not, returning to fail, otherwise, completing establishing security connection with an external data source in a trusted computing environment, and acquiring the external data of the external data source;
and returning the acquired external data to the calling contract.
Further, the call request is implemented by a contract extension syntax or a predictive engine contract dedicated to obtaining external data.
Further, the call request includes an external network address and related parameters.
Further, in the process of establishing the secure connection, the identity of the external data source needs to be confirmed, and an encryption key and an integrity check key in transmission need to be determined.
Further, the request is completed in a secure channel after the secure connection is established.
In a second aspect, an embodiment of the present invention further provides an apparatus for acquiring external data from an external data source in an alliance blockchain, where the apparatus is applied to a blockchain node, and the apparatus includes:
the receiving module is used for receiving a calling contract and sending a calling request which needs to be used to an external data source;
the obtaining module is used for judging whether the calling contract has the authority to obtain the external data according to the security strategy, if not, the calling contract returns failure, otherwise, the calling contract completes the security connection with the external data source in the trusted computing environment, and the external data of the external data source is obtained;
and the return module is used for returning the acquired external data to the calling contract.
In a third aspect, an embodiment of the present invention provides an apparatus, which includes one or more processors and one or more memories, where at least one program code is stored in the one or more memories, and the program code is loaded and executed by the one or more processors to implement the method for obtaining external data from an external data source in an federated blockchain as described in the first aspect.
In a fourth aspect, an embodiment of the present invention provides a storage medium, where the storage medium includes a stored program, where the program executes the method for acquiring external data from an external data source in an alliance block chain according to the first aspect.
The embodiment of the invention has the following beneficial effects: the contract is called and the call request is directly sent in the contract, so that the contract is convenient to use. The trusted computing environment and the secure channel are used for requesting external data, so that the data is guaranteed to be safe and trusted and cannot be leaked or tampered in the requesting process. The method is directly applied to the blockchain node, the prediction machine runs in a blockchain node process or a closed security system, so that the process of requesting the contract returned to is also secure, and the security and the credibility of the whole process are realized.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention and not to limit the invention. In the drawings:
fig. 1 is a flowchart of a method for obtaining external data from an external data source in an alliance block chain according to an embodiment of the present invention;
fig. 2 is a block diagram of an apparatus for acquiring external data from an external data source in an alliance block chain according to an embodiment of the present invention;
FIG. 3 is a diagram of component relationships described in a method of obtaining external data from an external data source in an federated blockchain;
FIG. 4 is a flow diagram of the acquisition of external data between three component parts, where the dashed lines represent secure channels.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings and preferred embodiments, and the objects and effects of the present invention will become more apparent, and the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Fig. 1 is a flowchart of a method for acquiring external data from an external data source in an alliance block chain according to an embodiment of the present invention, where the method is applied to a block connection node, and includes:
s100, receiving a calling contract and sending a calling request which needs to be used to an external data source;
specifically, the calling contract is written by using a language such as solid, JAVA or Go, and the specification of the calling content, such as a URL providing external data and an identity credential such as a password, a token, a certificate, a signature and the like required by the URL, is completed by calling a function interface provided by a prolonger or a provided keyword. For example, if a caller needs to obtain stock index data provided by an external third party organization through a predicting machine, the caller needs to provide a URL and an API Key of the data, and then the predicting machine uses the information to obtain corresponding data.
Further, the call request is implemented by a contract extension syntax or a predictive engine contract dedicated to obtaining external data.
Further, the call request includes an external network address and related parameters.
This example is an example of how a user (user) acquires historical data on a stock index.
Firstly, a user calls a blockchain interface, deploys a calling contract to be called to provide a prediction machine service, writes the calling contract and is related to business logic required by the user, and sends a calling request for obtaining historical data of a stock index in a cross-contract calling mode.
S200, judging whether the calling contract has the authority to acquire external data according to a security strategy, if not, returning to failure, otherwise, completing the establishment of security connection with an external data source in a trusted computing environment, and acquiring the external data of the external data source;
specifically, a plurality of intelligent contracts serving different purposes and from different sources exist on the block chain at the same time, only a special contract can call the service provided by the prediction machine according to the service requirement, and after the external contract provides the call parameter, the prediction machine judges whether the authority is met. For example, only contracts that are deployed with the authority of an administrator associated with the need to acquire stock index services will have that authority, or only contracts for a particular address will have that authority.
Further, the trusted computing environment may provide a cryptographic based proof to secure the source of the data and, ultimately, return the data to the user's invocation contract. Namely, in the process of establishing the secure connection, the identity of the external data source needs to be confirmed, and an encryption key and an integrity check key in transmission need to be determined. Further, the request is completed in a secure channel after the secure connection is established.
And S300, returning the acquired external data to the calling contract.
Specifically, the stock index information can complete data delivery inside the node, i.e., inside a local process of the block chain or inside a closed system, so that potential safety hazards such as network attacks do not exist in the step. After the contract is called to obtain the stock index data, the user can completely and automatically judge whether the encrypted storage is needed or not, and the closed-loop protection of the data security is never completed.
Fig. 2 is a schematic structural diagram of an apparatus for acquiring external data from an external data source in an alliance block chain provided in this embodiment, where a bottom layer of the apparatus is based on a block chain network, and the apparatus may execute any method for acquiring external data from an external data source in an alliance block chain provided in any embodiment of the present invention, and has corresponding functional modules and beneficial effects for executing the method. The device is applied to the block chain node and comprises the following components:
a receiving module 100, configured to receive a call contract and send a call request that needs to be used to an external data source;
the obtaining module 200 is configured to determine whether the calling contract has an authority to obtain external data according to a security policy, and if not, return to failure, otherwise, complete secure connection with an external data source in a trusted computing environment, and obtain external data of the external data source;
and a returning module 300, configured to return the acquired external data to the invoking contract.
Fig. 3 is a component relationship diagram described in a method for acquiring external data from an external data source in an alliance blockchain, and relates to three component parts, namely a calling contract deployed by a user of a blockchain predictive service, a built-in contract for providing the predictive service and the external data source.
FIG. 4 is a flow diagram of the acquisition of external data between three component parts, where the dashed lines represent secure channels.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments. In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments. In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, an embodiment of the present invention further provides an apparatus, where the apparatus includes one or more processors and one or more memories, where at least one program code is stored in the one or more memories, and the program code is loaded and executed by the one or more processors to implement the method for obtaining external data from an external data source in an federated blockchain according to the foregoing embodiment.
An embodiment of the present invention provides a storage medium including a stored program, where the program executes the method for acquiring external data from an external data source in an alliance block chain according to the first aspect.
Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
It will be understood by those skilled in the art that the foregoing is only a preferred embodiment of the present invention, and is not intended to limit the invention, and although the invention has been described in detail with reference to the foregoing examples, it will be apparent to those skilled in the art that various changes in the form and details of the embodiments may be made and equivalents may be substituted for elements thereof. All modifications, equivalents and the like which come within the spirit and principle of the invention are intended to be included within the scope of the invention.

Claims (8)

1. A method for obtaining external data from an external data source in an alliance block chain is characterized in that the method is applied to block connection nodes and comprises the following steps:
receiving a calling contract and sending a calling request which needs to be used to an external data source;
judging whether the calling contract has the authority to acquire external data according to a security policy, if not, returning to fail, otherwise, completing establishing security connection with an external data source in a trusted computing environment, and acquiring the external data of the external data source;
and returning the acquired external data to the calling contract.
2. The method of claim 1, wherein the call request is implemented by a contract extension syntax or a predictive engine contract dedicated to external data acquisition.
3. The method as claimed in claim 1, wherein the invocation request includes an external network address and related parameters.
4. The method according to claim 1, wherein the identity of the external data source is confirmed and an encryption key and an integrity check key in transmission are determined during the process of establishing the secure connection.
5. The method of claim 1, wherein the request is completed in a secure channel after the secure connection is established.
6. An apparatus for obtaining external data from an external data source in an alliance blockchain, wherein the apparatus is applied to a blockchain node, and comprises:
the receiving module is used for receiving a calling contract and sending a calling request which needs to be used to an external data source;
the obtaining module is used for judging whether the calling contract has the authority to obtain the external data according to the security strategy, if not, the calling contract returns failure, otherwise, the calling contract completes the security connection with the external data source in the trusted computing environment, and the external data of the external data source is obtained;
and the return module is used for returning the acquired external data to the calling contract.
7. An apparatus comprising one or more processors and one or more memories having stored therein at least one program code, the program code loaded into and executed by the one or more processors to implement a method for obtaining external data from an external data source in an federated blockchain as defined in any of claims 1-5.
8. A storage medium comprising a stored program, wherein the program performs a method of acquiring external data from an external data source in an federated block chain as set forth in any of claims 1 to 5.
CN201911400331.3A 2019-12-30 2019-12-30 Method and device for acquiring external data from external data source in block chain of alliance Pending CN111163093A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911400331.3A CN111163093A (en) 2019-12-30 2019-12-30 Method and device for acquiring external data from external data source in block chain of alliance

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911400331.3A CN111163093A (en) 2019-12-30 2019-12-30 Method and device for acquiring external data from external data source in block chain of alliance

Publications (1)

Publication Number Publication Date
CN111163093A true CN111163093A (en) 2020-05-15

Family

ID=70559483

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911400331.3A Pending CN111163093A (en) 2019-12-30 2019-12-30 Method and device for acquiring external data from external data source in block chain of alliance

Country Status (1)

Country Link
CN (1) CN111163093A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112084234A (en) * 2020-09-03 2020-12-15 中国银联股份有限公司 Data acquisition method, apparatus, device and medium
CN113034281A (en) * 2021-03-16 2021-06-25 中国工商银行股份有限公司 Service data processing method based on block chain, related system and node
WO2022121851A1 (en) * 2020-12-09 2022-06-16 中兴通讯股份有限公司 Blockchain data request processing method and apparatus, server, and storage medium
CN115118461A (en) * 2022-06-07 2022-09-27 讯飞智元信息科技有限公司 Data processing method and device, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170353309A1 (en) * 2016-06-06 2017-12-07 Microsoft Technology Licensing, Llc Cryptographic applications for a blockchain system
CN108256864A (en) * 2018-02-13 2018-07-06 中链科技有限公司 Between a kind of block chain across the foundation of chain alliance and communication means, system
CN109547488A (en) * 2018-12-29 2019-03-29 杭州趣链科技有限公司 A kind of trust data calculating and exchange system based on alliance's block chain
CN109670335A (en) * 2018-12-20 2019-04-23 众安信息技术服务有限公司 For in the method and device interacted between data outside block chain and chain
CN110392888A (en) * 2017-01-16 2019-10-29 E·马伊姆 For executing the method and system of intelligent contract in security context
CN110520884A (en) * 2018-12-13 2019-11-29 阿里巴巴集团控股有限公司 Intelligent bond service outside chain based on credible performing environment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170353309A1 (en) * 2016-06-06 2017-12-07 Microsoft Technology Licensing, Llc Cryptographic applications for a blockchain system
CN110392888A (en) * 2017-01-16 2019-10-29 E·马伊姆 For executing the method and system of intelligent contract in security context
CN108256864A (en) * 2018-02-13 2018-07-06 中链科技有限公司 Between a kind of block chain across the foundation of chain alliance and communication means, system
CN110520884A (en) * 2018-12-13 2019-11-29 阿里巴巴集团控股有限公司 Intelligent bond service outside chain based on credible performing environment
CN109670335A (en) * 2018-12-20 2019-04-23 众安信息技术服务有限公司 For in the method and device interacted between data outside block chain and chain
CN109547488A (en) * 2018-12-29 2019-03-29 杭州趣链科技有限公司 A kind of trust data calculating and exchange system based on alliance's block chain

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112084234A (en) * 2020-09-03 2020-12-15 中国银联股份有限公司 Data acquisition method, apparatus, device and medium
CN112084234B (en) * 2020-09-03 2024-05-17 中国银联股份有限公司 Data acquisition method, device, equipment and medium
WO2022121851A1 (en) * 2020-12-09 2022-06-16 中兴通讯股份有限公司 Blockchain data request processing method and apparatus, server, and storage medium
CN113034281A (en) * 2021-03-16 2021-06-25 中国工商银行股份有限公司 Service data processing method based on block chain, related system and node
CN115118461A (en) * 2022-06-07 2022-09-27 讯飞智元信息科技有限公司 Data processing method and device, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
CN111898153B (en) Method and device for calling contract
CN111429254B (en) Business data processing method and device and readable storage medium
CN106973036B (en) Block chain privacy protection method based on asymmetric encryption
CN111163093A (en) Method and device for acquiring external data from external data source in block chain of alliance
CN112422532B (en) Service communication method, system and device and electronic equipment
EP2765750B1 (en) Controlling application access to mobile device functions
CN109347625B (en) Password operation method, work key creation method, password service platform and equipment
CN111654367A (en) Password operation method, work key creation method, password service platform and equipment
CN101043335A (en) Information security control system
CN110489996A (en) A kind of database data method for managing security and system
CN112632164A (en) Universal cross-chain programming interface method for realizing trusted authority access
CN112187466B (en) Identity management method, device, equipment and storage medium
CN111355592A (en) Ethernet intelligent contract electronic signature system and method based on block chain
CN111597583B (en) Data sharing and exchanging method based on block chain
CN111770112A (en) Information sharing method, device and equipment
US11646897B2 (en) Method and apparatus for utilizing off-platform-resolved data as an input to code execution on a decentralized platform
CN115510492A (en) Electronic medical record management system and method based on intelligent contracts
CN109802927B (en) Security service providing method and device
CN116383852A (en) Block chain-based two-way referral information encryption and sharing method, system and equipment
CN113901507B (en) Multi-party resource processing method and privacy computing system
CN115270159A (en) Intelligent contract calling method, device and equipment for block chain and storage medium
CN114329395A (en) Supply chain financial privacy protection method and system based on block chain
Majumder et al. Trust relationship establishment among multiple cloud service provider
US20070009101A1 (en) Method for allocating secured resources in a security module
CN106534047A (en) Information transmitting method and apparatus based on Trust application

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200515

RJ01 Rejection of invention patent application after publication