CN111163093A - Method and device for acquiring external data from external data source in block chain of alliance - Google Patents
Method and device for acquiring external data from external data source in block chain of alliance Download PDFInfo
- Publication number
- CN111163093A CN111163093A CN201911400331.3A CN201911400331A CN111163093A CN 111163093 A CN111163093 A CN 111163093A CN 201911400331 A CN201911400331 A CN 201911400331A CN 111163093 A CN111163093 A CN 111163093A
- Authority
- CN
- China
- Prior art keywords
- external data
- data source
- contract
- calling
- block chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Accounting & Taxation (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Power Engineering (AREA)
- Health & Medical Sciences (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a method and a device for acquiring external data from an external data source in an alliance block chain, wherein the method comprises the following steps: receiving a calling contract and sending a calling request which needs to be used to an external data source; judging whether the calling contract has the authority to acquire external data according to a security policy, if not, returning to fail, otherwise, completing establishing security connection with an external data source in a trusted computing environment, and acquiring the external data of the external data source; and returning the acquired external data to the calling contract. The method has the advantage of providing external data for the block chain environment safely, reliably and conveniently.
Description
Technical Field
The embodiment of the invention relates to the field of prediction machines of union block chains, in particular to a method and a device for acquiring external data from an external data source in the union block chain.
Background
The blockchain technology is a novel decentralized protocol, digital currency transactions or other data can be safely stored, information cannot be forged and falsified, transaction confirmation on the blockchain is completed by all nodes on the blockchain together, consistency of the transaction confirmation is guaranteed by a consensus algorithm, a public account book is maintained on the blockchain, and any node of the public account book on a storage block is visible, so that the digital currency transactions or other data cannot be forged and falsified.
The trusted computing environment is a security environment provided by a trusted computing platform based on the support of a hardware security module, and is realized by means of similar technologies such as SGX or TrustZone, and the like, and can provide functions such as memory shielding, sealed storage, remote authentication, endorsement of secret keys, security IO and the like to the outside, so that codes running in the trusted computing environment and stored data are ensured not to be leaked and tampered.
The prediction machine is a trusted data interaction service outside a block chain field and provides a function of actively acquiring real world data on a chain.
The conventional block chain of the alliance, such as Hyperleger Fabric, generally lacks a method for acquiring external data of the block chain, is difficult to acquire data under the chain directly on the chain, and can only complete the use of the data under the chain by calling a contract method to inject the external data into an intelligent contract, thereby restricting the further application of the block chain. In addition, the trust problem faced by the intelligent contract when using the predictive machine service is also a big problem in the implementation of the predictive machine, which is characterized in that the intelligent contract has difficulty in determining that the acquired data is from the data source specified by the intelligent contract. The existing block chain or the mode of endorsement by a third party achieves the aim through the authoritative signature of the third party, and has the defect of centralization of the third party; or a distributed method is adopted and a reputation system and other means are combined to eliminate the centralized authority of the third party, so that the method is not suitable for the situation of the block chain of the alliance.
Disclosure of Invention
In view of this, the embodiment of the present invention provides a method for acquiring external data from an external data source in an alliance block chain, which solves the problem that the external data cannot be safely and trustfully acquired in a block chain intelligent contract.
The technical scheme adopted by the embodiment of the invention is as follows:
in a first aspect, an embodiment of the present invention provides a method for acquiring external data from an external data source in an alliance block chain, where the method is applied to a block connection node, and includes:
receiving a calling contract and sending a calling request which needs to be used to an external data source;
judging whether the calling contract has the authority to acquire external data according to a security policy, if not, returning to fail, otherwise, completing establishing security connection with an external data source in a trusted computing environment, and acquiring the external data of the external data source;
and returning the acquired external data to the calling contract.
Further, the call request is implemented by a contract extension syntax or a predictive engine contract dedicated to obtaining external data.
Further, the call request includes an external network address and related parameters.
Further, in the process of establishing the secure connection, the identity of the external data source needs to be confirmed, and an encryption key and an integrity check key in transmission need to be determined.
Further, the request is completed in a secure channel after the secure connection is established.
In a second aspect, an embodiment of the present invention further provides an apparatus for acquiring external data from an external data source in an alliance blockchain, where the apparatus is applied to a blockchain node, and the apparatus includes:
the receiving module is used for receiving a calling contract and sending a calling request which needs to be used to an external data source;
the obtaining module is used for judging whether the calling contract has the authority to obtain the external data according to the security strategy, if not, the calling contract returns failure, otherwise, the calling contract completes the security connection with the external data source in the trusted computing environment, and the external data of the external data source is obtained;
and the return module is used for returning the acquired external data to the calling contract.
In a third aspect, an embodiment of the present invention provides an apparatus, which includes one or more processors and one or more memories, where at least one program code is stored in the one or more memories, and the program code is loaded and executed by the one or more processors to implement the method for obtaining external data from an external data source in an federated blockchain as described in the first aspect.
In a fourth aspect, an embodiment of the present invention provides a storage medium, where the storage medium includes a stored program, where the program executes the method for acquiring external data from an external data source in an alliance block chain according to the first aspect.
The embodiment of the invention has the following beneficial effects: the contract is called and the call request is directly sent in the contract, so that the contract is convenient to use. The trusted computing environment and the secure channel are used for requesting external data, so that the data is guaranteed to be safe and trusted and cannot be leaked or tampered in the requesting process. The method is directly applied to the blockchain node, the prediction machine runs in a blockchain node process or a closed security system, so that the process of requesting the contract returned to is also secure, and the security and the credibility of the whole process are realized.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention and not to limit the invention. In the drawings:
fig. 1 is a flowchart of a method for obtaining external data from an external data source in an alliance block chain according to an embodiment of the present invention;
fig. 2 is a block diagram of an apparatus for acquiring external data from an external data source in an alliance block chain according to an embodiment of the present invention;
FIG. 3 is a diagram of component relationships described in a method of obtaining external data from an external data source in an federated blockchain;
FIG. 4 is a flow diagram of the acquisition of external data between three component parts, where the dashed lines represent secure channels.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings and preferred embodiments, and the objects and effects of the present invention will become more apparent, and the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Fig. 1 is a flowchart of a method for acquiring external data from an external data source in an alliance block chain according to an embodiment of the present invention, where the method is applied to a block connection node, and includes:
s100, receiving a calling contract and sending a calling request which needs to be used to an external data source;
specifically, the calling contract is written by using a language such as solid, JAVA or Go, and the specification of the calling content, such as a URL providing external data and an identity credential such as a password, a token, a certificate, a signature and the like required by the URL, is completed by calling a function interface provided by a prolonger or a provided keyword. For example, if a caller needs to obtain stock index data provided by an external third party organization through a predicting machine, the caller needs to provide a URL and an API Key of the data, and then the predicting machine uses the information to obtain corresponding data.
Further, the call request is implemented by a contract extension syntax or a predictive engine contract dedicated to obtaining external data.
Further, the call request includes an external network address and related parameters.
This example is an example of how a user (user) acquires historical data on a stock index.
Firstly, a user calls a blockchain interface, deploys a calling contract to be called to provide a prediction machine service, writes the calling contract and is related to business logic required by the user, and sends a calling request for obtaining historical data of a stock index in a cross-contract calling mode.
S200, judging whether the calling contract has the authority to acquire external data according to a security strategy, if not, returning to failure, otherwise, completing the establishment of security connection with an external data source in a trusted computing environment, and acquiring the external data of the external data source;
specifically, a plurality of intelligent contracts serving different purposes and from different sources exist on the block chain at the same time, only a special contract can call the service provided by the prediction machine according to the service requirement, and after the external contract provides the call parameter, the prediction machine judges whether the authority is met. For example, only contracts that are deployed with the authority of an administrator associated with the need to acquire stock index services will have that authority, or only contracts for a particular address will have that authority.
Further, the trusted computing environment may provide a cryptographic based proof to secure the source of the data and, ultimately, return the data to the user's invocation contract. Namely, in the process of establishing the secure connection, the identity of the external data source needs to be confirmed, and an encryption key and an integrity check key in transmission need to be determined. Further, the request is completed in a secure channel after the secure connection is established.
And S300, returning the acquired external data to the calling contract.
Specifically, the stock index information can complete data delivery inside the node, i.e., inside a local process of the block chain or inside a closed system, so that potential safety hazards such as network attacks do not exist in the step. After the contract is called to obtain the stock index data, the user can completely and automatically judge whether the encrypted storage is needed or not, and the closed-loop protection of the data security is never completed.
Fig. 2 is a schematic structural diagram of an apparatus for acquiring external data from an external data source in an alliance block chain provided in this embodiment, where a bottom layer of the apparatus is based on a block chain network, and the apparatus may execute any method for acquiring external data from an external data source in an alliance block chain provided in any embodiment of the present invention, and has corresponding functional modules and beneficial effects for executing the method. The device is applied to the block chain node and comprises the following components:
a receiving module 100, configured to receive a call contract and send a call request that needs to be used to an external data source;
the obtaining module 200 is configured to determine whether the calling contract has an authority to obtain external data according to a security policy, and if not, return to failure, otherwise, complete secure connection with an external data source in a trusted computing environment, and obtain external data of the external data source;
and a returning module 300, configured to return the acquired external data to the invoking contract.
Fig. 3 is a component relationship diagram described in a method for acquiring external data from an external data source in an alliance blockchain, and relates to three component parts, namely a calling contract deployed by a user of a blockchain predictive service, a built-in contract for providing the predictive service and the external data source.
FIG. 4 is a flow diagram of the acquisition of external data between three component parts, where the dashed lines represent secure channels.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments. In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments. In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, an embodiment of the present invention further provides an apparatus, where the apparatus includes one or more processors and one or more memories, where at least one program code is stored in the one or more memories, and the program code is loaded and executed by the one or more processors to implement the method for obtaining external data from an external data source in an federated blockchain according to the foregoing embodiment.
An embodiment of the present invention provides a storage medium including a stored program, where the program executes the method for acquiring external data from an external data source in an alliance block chain according to the first aspect.
Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
It will be understood by those skilled in the art that the foregoing is only a preferred embodiment of the present invention, and is not intended to limit the invention, and although the invention has been described in detail with reference to the foregoing examples, it will be apparent to those skilled in the art that various changes in the form and details of the embodiments may be made and equivalents may be substituted for elements thereof. All modifications, equivalents and the like which come within the spirit and principle of the invention are intended to be included within the scope of the invention.
Claims (8)
1. A method for obtaining external data from an external data source in an alliance block chain is characterized in that the method is applied to block connection nodes and comprises the following steps:
receiving a calling contract and sending a calling request which needs to be used to an external data source;
judging whether the calling contract has the authority to acquire external data according to a security policy, if not, returning to fail, otherwise, completing establishing security connection with an external data source in a trusted computing environment, and acquiring the external data of the external data source;
and returning the acquired external data to the calling contract.
2. The method of claim 1, wherein the call request is implemented by a contract extension syntax or a predictive engine contract dedicated to external data acquisition.
3. The method as claimed in claim 1, wherein the invocation request includes an external network address and related parameters.
4. The method according to claim 1, wherein the identity of the external data source is confirmed and an encryption key and an integrity check key in transmission are determined during the process of establishing the secure connection.
5. The method of claim 1, wherein the request is completed in a secure channel after the secure connection is established.
6. An apparatus for obtaining external data from an external data source in an alliance blockchain, wherein the apparatus is applied to a blockchain node, and comprises:
the receiving module is used for receiving a calling contract and sending a calling request which needs to be used to an external data source;
the obtaining module is used for judging whether the calling contract has the authority to obtain the external data according to the security strategy, if not, the calling contract returns failure, otherwise, the calling contract completes the security connection with the external data source in the trusted computing environment, and the external data of the external data source is obtained;
and the return module is used for returning the acquired external data to the calling contract.
7. An apparatus comprising one or more processors and one or more memories having stored therein at least one program code, the program code loaded into and executed by the one or more processors to implement a method for obtaining external data from an external data source in an federated blockchain as defined in any of claims 1-5.
8. A storage medium comprising a stored program, wherein the program performs a method of acquiring external data from an external data source in an federated block chain as set forth in any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911400331.3A CN111163093A (en) | 2019-12-30 | 2019-12-30 | Method and device for acquiring external data from external data source in block chain of alliance |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911400331.3A CN111163093A (en) | 2019-12-30 | 2019-12-30 | Method and device for acquiring external data from external data source in block chain of alliance |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111163093A true CN111163093A (en) | 2020-05-15 |
Family
ID=70559483
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911400331.3A Pending CN111163093A (en) | 2019-12-30 | 2019-12-30 | Method and device for acquiring external data from external data source in block chain of alliance |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111163093A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112084234A (en) * | 2020-09-03 | 2020-12-15 | 中国银联股份有限公司 | Data acquisition method, apparatus, device and medium |
| CN113034281A (en) * | 2021-03-16 | 2021-06-25 | 中国工商银行股份有限公司 | Service data processing method based on block chain, related system and node |
| WO2022121851A1 (en) * | 2020-12-09 | 2022-06-16 | 中兴通讯股份有限公司 | Blockchain data request processing method and apparatus, server, and storage medium |
| CN115118461A (en) * | 2022-06-07 | 2022-09-27 | 讯飞智元信息科技有限公司 | Data processing method and device, electronic equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170353309A1 (en) * | 2016-06-06 | 2017-12-07 | Microsoft Technology Licensing, Llc | Cryptographic applications for a blockchain system |
| CN108256864A (en) * | 2018-02-13 | 2018-07-06 | 中链科技有限公司 | Between a kind of block chain across the foundation of chain alliance and communication means, system |
| CN109547488A (en) * | 2018-12-29 | 2019-03-29 | 杭州趣链科技有限公司 | A kind of trust data calculating and exchange system based on alliance's block chain |
| CN109670335A (en) * | 2018-12-20 | 2019-04-23 | 众安信息技术服务有限公司 | For in the method and device interacted between data outside block chain and chain |
| CN110392888A (en) * | 2017-01-16 | 2019-10-29 | E·马伊姆 | For executing the method and system of intelligent contract in security context |
| CN110520884A (en) * | 2018-12-13 | 2019-11-29 | 阿里巴巴集团控股有限公司 | Intelligent bond service outside chain based on credible performing environment |
-
2019
- 2019-12-30 CN CN201911400331.3A patent/CN111163093A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170353309A1 (en) * | 2016-06-06 | 2017-12-07 | Microsoft Technology Licensing, Llc | Cryptographic applications for a blockchain system |
| CN110392888A (en) * | 2017-01-16 | 2019-10-29 | E·马伊姆 | For executing the method and system of intelligent contract in security context |
| CN108256864A (en) * | 2018-02-13 | 2018-07-06 | 中链科技有限公司 | Between a kind of block chain across the foundation of chain alliance and communication means, system |
| CN110520884A (en) * | 2018-12-13 | 2019-11-29 | 阿里巴巴集团控股有限公司 | Intelligent bond service outside chain based on credible performing environment |
| CN109670335A (en) * | 2018-12-20 | 2019-04-23 | 众安信息技术服务有限公司 | For in the method and device interacted between data outside block chain and chain |
| CN109547488A (en) * | 2018-12-29 | 2019-03-29 | 杭州趣链科技有限公司 | A kind of trust data calculating and exchange system based on alliance's block chain |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112084234A (en) * | 2020-09-03 | 2020-12-15 | 中国银联股份有限公司 | Data acquisition method, apparatus, device and medium |
| CN112084234B (en) * | 2020-09-03 | 2024-05-17 | 中国银联股份有限公司 | Data acquisition method, device, equipment and medium |
| WO2022121851A1 (en) * | 2020-12-09 | 2022-06-16 | 中兴通讯股份有限公司 | Blockchain data request processing method and apparatus, server, and storage medium |
| CN113034281A (en) * | 2021-03-16 | 2021-06-25 | 中国工商银行股份有限公司 | Service data processing method based on block chain, related system and node |
| CN115118461A (en) * | 2022-06-07 | 2022-09-27 | 讯飞智元信息科技有限公司 | Data processing method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111898153B (en) | Method and device for calling contract | |
| CN111429254B (en) | Business data processing method and device and readable storage medium | |
| CN106973036B (en) | Block chain privacy protection method based on asymmetric encryption | |
| CN111163093A (en) | Method and device for acquiring external data from external data source in block chain of alliance | |
| CN112422532B (en) | Service communication method, system and device and electronic equipment | |
| EP2765750B1 (en) | Controlling application access to mobile device functions | |
| US11025415B2 (en) | Cryptographic operation method, method for creating working key, cryptographic service platform, and cryptographic service device | |
| CN111654367A (en) | Password operation method, work key creation method, password service platform and equipment | |
| CN101043335A (en) | Information security control system | |
| CN112187466B (en) | Identity management method, device, equipment and storage medium | |
| CN110489996A (en) | A kind of database data method for managing security and system | |
| CN112632164A (en) | Universal cross-chain programming interface method for realizing trusted authority access | |
| CN111355592A (en) | Ethernet intelligent contract electronic signature system and method based on block chain | |
| US11646897B2 (en) | Method and apparatus for utilizing off-platform-resolved data as an input to code execution on a decentralized platform | |
| CN111597583B (en) | Data sharing and exchanging method based on block chain | |
| CN111770112A (en) | Information sharing method, device and equipment | |
| CN115510492A (en) | Electronic medical record management system and method based on intelligent contracts | |
| CN109802927B (en) | Security service providing method and device | |
| CN115270159A (en) | Intelligent contract calling method, device and equipment for block chain and storage medium | |
| CN114329395A (en) | Supply chain financial privacy protection method and system based on block chain | |
| Majumder et al. | Trust relationship establishment among multiple cloud service provider | |
| US20070009101A1 (en) | Method for allocating secured resources in a security module | |
| CN106534047A (en) | Information transmitting method and apparatus based on Trust application | |
| CN111245600A (en) | Authentication method and system based on block chain technology | |
| CN113946864B (en) | Confidential information acquisition method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200515 |
|
| RJ01 | Rejection of invention patent application after publication |