CN111475859A - Data sharing and database asynchronous verifiable query method, system and equipment based on block chain technology - Google Patents
Data sharing and database asynchronous verifiable query method, system and equipment based on block chain technology Download PDFInfo
- Publication number
- CN111475859A CN111475859A CN202010270285.6A CN202010270285A CN111475859A CN 111475859 A CN111475859 A CN 111475859A CN 202010270285 A CN202010270285 A CN 202010270285A CN 111475859 A CN111475859 A CN 111475859A
- Authority
- CN
- China
- Prior art keywords
- data
- query
- user
- certificate
- block chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
- G06F21/335—User authentication using certificates for accessing specific resources, e.g. using Kerberos tickets
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Abstract
The invention relates to a data sharing and database asynchronous verifiable query method, a system and equipment based on a block chain technology. The data security verification method aims to guarantee certain query request response speed and provide data security verification service between a data sharing center and a data requester which are not trusted with each other.
Description
Technical Field
The invention belongs to the technical field of information sharing, and particularly relates to a data sharing and database asynchronous verifiable query method, system and equipment based on a block chain technology.
Background
With the improvement of scientific and domestic requirements, no matter in the fields of scientific research, business and basic service construction, the demand for information sharing is increasing day by day, for example, scientific research personnel share data information, and the Internet of things shares commodity circulation information and the like on multiple platforms. The data sharing platform needs to integrate and store information scattered in each user and provide data query service in time.
However, since the data providers have a lot of sources, and anyone can forge and upload the data of others, the trust level of the data requester on the data security may be reduced, and it is urgently needed to make the data sources traceable and the data query results verifiable.
Disclosure of Invention
In order to at least solve the above problems in the prior art, the present invention provides a method, system and device for data sharing and database asynchronous verifiable query based on a block chain technology.
The technical scheme provided by the invention is as follows:
in one aspect, a method for sharing based on a block chain technique includes:
abstracting the shared data based on a first preset algorithm to obtain abstract information;
encrypting each piece of data in the shared data by using a private key to obtain a signature;
sending the abstract information to a block chain for storing a certificate, and receiving a transaction address of the shared data certificate returned by the block chain, wherein the transaction address carries a transaction serial number;
and sending the data set, the signature and the transaction serial number to a data sharing center so that the data sharing center maintains a data set address, a certificate storing address and a dictionary of user signatures.
Optionally, the method further comprises:
acquiring a public key and a private key based on a second preset algorithm;
generating a certificate application file based on the public key and the identity information to obtain an identity certificate;
and sending a data sharing request based on the identity certificate.
In another aspect, an asynchronous verifiable query method for a database based on a blockchain technique, which is applied to share shared data by any one of the above-mentioned sharing methods, includes:
receiving a query and verification request, wherein the query and verification request carries identity information of a query user;
and based on the security requirement of the query user on the query data, performing query verification according to a corresponding query method.
Optionally, the performing query verification according to a corresponding query method based on the security requirement of the query user on the query data includes:
if the security requirement of the query user on the query data is a first trust level, sending a query result corresponding to the query request;
if the security requirement of the inquiry user on the data is a second trust degree, triggering a data sharing center to execute inquiry result verification;
and if the security requirement of the inquiring user on the data is a third trust level, sending a signature of a data publisher matched with the inquiring and verifying request, receiving signature information provided by the inquiring user based on the publisher, and verifying the inquiring result.
Optionally, the performing query verification according to a corresponding query method includes:
and inquiring and verifying the inquiry data step by step according to the corresponding inquiry method.
Optionally, the first trust level is trusted, the second trust level is semi-trusted, and the third trust level is untrusted.
Optionally, in the semi-trusted time, the method for verifying the query result includes:
according to the data related to the query result, determining a data set source of the related data, and acquiring a data set address list;
acquiring original data of the data set, and calculating the data set abstract based on the first preset algorithm;
searching a data set address and a certificate storing address dictionary to obtain a certificate storing address of the data set;
acquiring the transaction content of the certificate-storing address, and comparing whether the certificate-storing address is consistent with the current calculation result;
if the query result is consistent with the query result, sending the safe and error-free information of the query result;
and if the data are inconsistent, sending data exception information.
In yet another aspect, a block chain technology-based database asynchronous verifiable query system includes: the system comprises a data sharing center, a central database, data sharing users, data query users and block chain nodes;
the data sharing center is used for receiving a query and verification request, and the query and verification request carries identity information of a query user; based on the security requirement of the query user on query data, performing query verification according to a corresponding query method;
the central database is used for storing data;
the data sharing user is used for abstracting the shared data based on a first preset algorithm to obtain abstract information; encrypting each piece of data in the shared data by using a private key to obtain a signature; sending the abstract information to a block chain for storing a certificate, and receiving a transaction address of the shared data certificate returned by the block chain, wherein the transaction address carries a transaction serial number; sending the data set, the signature and the transaction serial number to a data sharing center so that the data sharing center maintains a dictionary of data set addresses, certificate storage addresses and user signatures;
the data query user is used for sending a data query verification request;
and the block chain node is used for processing the abstract deposit certificate transaction.
In yet another aspect, a sharing device includes: the system comprises a first processor and a first memory connected with the first processor;
the first memory is used for storing a computer program for at least any one of the above-mentioned sharing methods based on the blockchain technique;
the first processor is configured to invoke and execute the computer program in the first memory.
In yet another aspect, a block chain technology-based database asynchronous verifiable query device includes: the second processor and a second memory connected with the second processor;
the second memory is used for storing a computer program at least for executing the asynchronous verifiable query method of the database based on the block chain technology;
the second processor is configured to invoke and execute the computer program in the second memory. .
The invention has the beneficial effects that:
according to the data sharing and database asynchronous verifiable query method, system and equipment based on the block chain technology, a user abstracts shared data after sharing the data, and uses the block chain technology to store abstract information, a central database immediately returns a query result in a current database after the user requests for query, the true and integrity check results of the current database are gradually presented to the user according to the storage certificate in the block chain along with the increase of the time for the user to keep an online state, and an abnormal alarm is given out when the data is abnormal. The data security verification method aims to guarantee certain query request response speed and provide data security verification service between a data sharing center and a data requester which are not trusted with each other. The data sharing center can effectively manage and identify the user identity by issuing a digital certificate for the user; the user signs the shared data to ensure that the data has traceability and cannot be forged; the user encrypts the shared data and stores the certificate by using the block chain technology, so that all other users can verify the authenticity of the data, and the block chain technology ensures that the certificate cannot be tampered; the data and the deposit certificate are respectively stored on the chain and under the chain, so that the data query efficiency can be improved; asynchronous query and verification can enable a user to execute an analysis and calculation task and verify data once after obtaining a query result, and error data is recalled in a service layer if the data is in error.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flow chart of a data sharing method based on a block chain technique according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of an asynchronous verifiable query method for a database based on a block chain technique according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a block chain technology-based database asynchronous verifiable query system according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a sharing device based on a block chain technique according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a database asynchronous verifiable query device based on a block chain technique according to an embodiment of the present invention;
FIG. 6 is a network architecture diagram providing an embodiment of the present invention;
FIG. 7 is a diagram illustrating an interaction relationship between nodes according to an embodiment of the present invention;
FIG. 8 is a flow chart of a verifiable query in accordance with an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be described in detail below. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the examples given herein without any inventive step, are within the scope of the present invention.
In order to solve at least the technical problems proposed in the present invention, the present invention provides an embodiment. For example, scientific research institutions have collaborated with commercial institutions to establish data sharing centers. Researchers in upstream scientific research institutions use the data sharing center to store research data, such as gene information, including gene description information, related diseases and the like; downstream company employees use scientific research information shared by the scientific research personnel to conduct downstream business research.
The embodiment of the invention firstly provides a data sharing method based on a block chain technology.
Fig. 1 is a schematic flow chart of a data sharing method based on a block chain technique according to an embodiment of the present invention, and referring to fig. 1, the method according to the embodiment of the present invention may include the following steps:
s11, abstracting the shared data based on a first preset algorithm to obtain abstract information;
s12, encrypting each piece of data in the shared data by using a private key to obtain a signature;
s13, sending the summary information to the block chain for storing the certificate, and receiving the transaction address of the current shared data certificate returned by the block chain, wherein the transaction address carries a transaction serial number;
and S14, sending the data set, the signature and the transaction serial number to a data sharing center so that the data sharing center maintains a dictionary of data set addresses, certificate storage addresses and user signatures.
For example, the first predetermined algorithm may be a Hash algorithm, and it should be noted that the first predetermined algorithm is only an example and is not limited thereto. To be provided withThe Hash algorithm is taken as an example to be described below. For example, user A is interested in a data set that he wants to share
Calculating a digital abstract of each piece of information by using a Hash algorithm to obtain
Common Hash algorithms include MD5 and SHA series algorithms; the user A encrypts each piece of data in the data set by using a private key to obtain a signature
User A abstracts the data
Sending to the block chain for storing the certificate, and returning the transaction ID of the current data set for storing the certificate by the block chain
: user A will collect the data
Signature
And transaction serial number
Sending the data to a data sharing platform, wherein the data sharing platform can be a data sharing center; the data sharing platform maintains a data set ID and a dictionary of credentialing IDs and user signatures.
Optionally, in order to ensure the security of the data, when the user shares the data, the identity of the user may be authenticated, and the embodiment of the present invention may include: acquiring a public key and a private key based on a second preset algorithm; generating a certificate application file based on the public key and the identity information to obtain an identity certificate; based on the identity certificate, a data sharing request is sent.
For example, information may be secured by way of a digital certificate. A digital certificate is a string of numbers that can indicate the identity of a user of a network and is issued by a digital certificate authority to the user to provide a way to verify the identity of the user in the network, encrypt and decrypt information and data transmitted in the network.
For example, a data sharing center may be used as a digital certificate center to manage and distribute digital certificates for users in compliance with the PKI system. PKI is a general framework established on the basis of public and private keys to realize secure and reliable message transmission and identity confirmation, and does not represent a specific cryptography technology and process. In general, PKI comprises at least the following core components: ca (verification authority): responsible for the issuance and revocation of certificates, receiving requests from the RA; RA (registration authority): and verifying the user identity, checking the data validity, taking charge of registration, and sending the data to the CA if the verification is passed.
The specific authentication method may include: a user generates a public key and a private key pair by using an asymmetric encryption algorithm, wherein the representative algorithm of the asymmetric encryption algorithm comprises RSA, elliptic curve (ECC), SM2 and the like; providing a public key, identity and some basic information of organization by a user, generating a certificate application file, and registering application information through RA; the CA verifies the identity and authentication information provided by the user, signs a public key provided by the user, completes the manufacture of the certificate and issues the certificate to the user; through the steps, the data sharing center can safely and legally manage the famous users so as to prevent a certain entity from forging and abusing the public key.
Based on a general inventive concept, the embodiment of the present invention further provides a database asynchronous verifiable query method based on the block chain technology.
Fig. 2 is a schematic flow chart of a block chain technology-based database asynchronous verifiable query method according to an embodiment of the present invention, and referring to fig. 2, the block chain technology-based database asynchronous verifiable query method according to an embodiment of the present invention may include the following steps:
s21, sharing the shared data according to the sharing method;
s22, receiving a query and verification request, wherein the query and verification request carries identity information of a query user;
and S23, based on the safety requirement of the query user on the query data, performing query verification according to the corresponding query method.
Specifically, according to the sharing method described in the above embodiment, receiving shared data and updating the certificate are implemented. When a user needs to query data, a query and verification request is sent to the data center database, and it should be noted that the query and verification request referred to herein may be only a query request or only a verification request, which is not limited herein. In the embodiment, the query and the verification are performed step by step, so that the data query response speed is improved, and personalized verification support is provided according to different security requirements of users on data. And the execution rule submits a query statement for the user, and the data sharing center returns a query result. Note that this query result may come from data shared by different organizations, different users.
Optionally, based on the security requirement of the query user on the query data, performing query verification according to a corresponding query method may include: if the security requirement of the query user on the query data is a first trust level, sending a query result corresponding to the query request; if the security requirement of the inquiry user on the data is a second trust degree, triggering the data sharing center to execute inquiry result verification; and if the security requirement of the inquiry user on the data is a third trust level, sending a data issuer signature matched with the inquiry verification request, receiving an inquiry password provided by the inquiry user based on the issuer signature, and verifying the inquiry result.
The first trust level is trust, the second trust level is semi-trust, and the third trust level is distrust.
Optionally, in semi-trusted time, the method for verifying the query result includes: according to the data related to the query result, determining a data set source of the related data, and acquiring a data set address list; acquiring original data of a data set, and calculating a data set abstract based on a first preset algorithm; searching the data set address and the certificate storing address dictionary to obtain the certificate storing address of the data set; acquiring transaction content of a evidence-storing address, and comparing whether the evidence is consistent with a current calculation result; if the query result is consistent with the query result, sending the safe and error-free information of the query result; and if the data are inconsistent, sending data exception information.
For example, data queries are classified into trusted, semi-trusted, and untrusted cases. Under the trust condition, the user directly uses the query result returned by the data sharing center without verifying the data; the semi-trust is a user trust data sharing center, and the data sharing center executes the verification of the query result; without trust, the user may wish to perform the query result verification itself.
The user can question the query result in two cases: the challenge data provider identity and whether the challenge data was tampered with.
Aiming at the problem that the challenge data is tampered, if the challenge data is in a semi-trust condition, the data sharing center firstly returns a data query result, then gradually returns a verification result according to the data set batch, and the data set verification steps are as follows: according to the data related to the user query result, locating the data set source of the user query result, and generating a data set ID list; positioning the original data of the data set, and executing a Hash algorithm to calculate a data set abstract; searching the ID of the data set and the certificate storage ID dictionary to obtain the certificate storage ID of the data set; requesting the block chain to return the transaction content of the ID, comparing whether the certificate is consistent with the current calculation result or not, and if so, informing the user that the query data is safe and correct; and if the data are inconsistent, informing the user that the data are abnormal.
If the data is in an untrusted condition, the data sharing center provides the signature of the related data publisher for the user, and the user performs verification on the data by using the public key of the publisher.
According to the asynchronous verifiable query method for the database based on the block chain technology, provided by the embodiment of the invention, after a user shares data, the user abstracts the shared data, and uses the block chain technology to store and verify abstract information, the central database immediately returns a query result in the current database after the user requests for query, as the time for keeping the online state of the user increases, the true and integrity verification results of the current database are gradually presented to the user according to the storage and verification in the block chain, and an abnormal alarm is given out when the data is abnormal. The data security verification method aims to guarantee certain query request response speed and provide data security verification service between a data sharing center and a data requester which are not trusted with each other. The data sharing center can effectively manage and identify the user identity by issuing a digital certificate for the user; the user signs the shared data to ensure that the data has traceability and cannot be forged; the user encrypts the shared data and stores the certificate by using the block chain technology, so that all other users can verify the authenticity of the data, and the block chain technology ensures that the certificate cannot be tampered; the data and the deposit certificate are respectively stored on the chain and under the chain, so that the data query efficiency can be improved; asynchronous query and verification can enable a user to execute an analysis and calculation task and verify data once after obtaining a query result, and error data is recalled in a service layer if the data is in error.
The hash algorithm can convert an input with any length into an output with a fixed length, namely, a message with any length can be compressed to a certain fixed length to obtain a digest of the message. It can be applied to authentication, digital signature, and computation of message digests.
Based on a general inventive concept, the embodiment of the present invention further provides a database asynchronous verifiable query system based on the block chain technology.
Fig. 3 is a schematic structural diagram of a database asynchronous verifiable query system based on a blockchain technique according to an embodiment of the present invention, please refer to fig. 3, which illustrates the database asynchronous verifiable query system based on a blockchain technique according to an embodiment of the present invention, including: a data sharing center 31, a central database 32, a data sharing user 33, a data query user 34 and a block link point 35;
the data sharing center 31 is configured to receive a query and verification request, where the query and verification request carries identity information of a querying user; based on the security requirement of the query user on the query data, performing query verification according to a corresponding query method;
a central database 32 for storing data;
the data sharing user 33 is configured to abstract the shared data based on a first preset algorithm to obtain abstract information; encrypting each piece of data in the shared data by using a private key to obtain a signature; sending the abstract information to a block chain for storing a certificate, and receiving a transaction address of the current shared data certificate returned by the block chain, wherein the transaction address carries a transaction serial number; sending the data set, the signature and the transaction serial number to a data sharing center so that the data sharing center maintains a data set address, a certificate storing address and a dictionary of user signatures;
a data query user 34 for sending a data query validation request;
and the block chain node 35 is used for processing the abstract deposit certificate transaction.
Each part of the functions of the system of this embodiment are explained in the above embodiments, please refer to the above embodiments, which are not described herein.
Based on a general inventive concept, an embodiment of the present invention further provides a sharing device.
Fig. 4 is a schematic structural diagram of a sharing device based on a block chain technique according to an embodiment of the present invention, and referring to fig. 4, the device according to the embodiment of the present invention includes: a first processor 41, and a first memory 42 connected to the first processor.
The first memory 42 is used for storing a computer program, which is used at least in the sharing method based on the blockchain technique described in any of the above embodiments;
the first processor 41 is used to invoke and execute computer programs in memory.
Based on a general inventive concept, an embodiment of the present invention further provides an asynchronous verifiable query device for a database based on a block chain technology.
Fig. 5 is a schematic structural diagram of an asynchronous verifiable query device for a database based on a block chain technique according to an embodiment of the present invention, referring to fig. 5, an asynchronous verifiable query device according to an embodiment of the present invention includes: a second processor 51 and a second memory 52 connected to the second processor.
The second memory 52 is used for storing a computer program, which is used at least in the asynchronous verifiable query method of the database based on the blockchain technique described in any of the above embodiments;
the second processor 51 is arranged to call and execute computer programs in the memory.
In order to fully explain the scheme of the invention, the invention also provides a specific embodiment:
FIG. 6 is a network architecture diagram providing an embodiment of the present invention; FIG. 7 is a diagram illustrating an interaction relationship between nodes according to an embodiment of the present invention; FIG. 8 is a flow chart of a verifiable query in accordance with an embodiment of the present invention.
Referring to fig. 6, a network architecture of the present invention is shown. The nodes mainly involved in the network of the present invention and their roles are shown in table 1:
TABLE 1 node Classification
| Node type | Characteristics of |
| Data sharing center | Managing user identities, maintaining a central database, providing query validation services |
| Central database | Storing data and user information, providing inquiry function |
| Data sharing users | Upload data, sign data, digest, send deposit transaction |
| Data query user | Requesting query data, requesting authentication |
| Block chain node | Processing summary deposit certificate transactions |
The data sharing center is a core structure in the network, and the data shared by the users is stored in a central database of the data sharing center. According to the principle that a data publisher is responsible for data, any data publisher needs to register a digital certificate at a data sharing center, and a registered public key and private key pair is used in subsequent data sharing. The data sharing center is mainly responsible for storing and scheduling the data set, responding to a query request of a user, and regularly scanning the database to check whether the identity of a publisher of the data set is reasonable and whether the content of the data set is tampered. Since the data set has digital summary evidence on the block chain, the data sharing center needs to ensure that the data sharing center is only a { Dataset: TXID } dictionary without error.
The data sharing user not only serves as the identity of the data sharing center user, but also needs to serve as one of the nodes of the block chain, does not need to become a full node, and serves as a light node. The full node is a node for locally storing all block data in the block chain, and has the right of competing to become a miner packaging transaction and output blocks. The light node only saves all block headers and can issue transactions but cannot pack transactions and go out of blocks.
The data inquiry user does not need to carry out identity authentication to the data sharing center, and if the data inquiry user wants to check the inquiry result by himself, the data inquiry user needs to join the block chain network and obtain the transaction details through the transaction ID.
The nodes of the block chain are not mutually trusted, and can be used by a user of a data sharing center or external personnel to maintain the operation of the block chain network by earning the block chain incentive.
Referring to FIG. 7, the information interaction between nodes is shown. The method comprises four steps of user identity authentication, data sharing and storage, data inquiry and data verification. The function of the four steps is described as follows:
step S1: user identity authentication, which mainly aims to ensure the traceable source of data and the unified management of user identity, and prevent a certain entity from forging identity and abusing a public key;
step S2: data sharing and storing, namely storing the data abstract by using a block chain to ensure that people can verify the authenticity of the data;
step S3: querying data;
step S4: and (6) data verification.
The specific implementation manner of step S1 may be:
the data sharing center builds a private CA, the data sharer A and the data requester are all brand-new users of the data sharing center, a key pair is generated by using an RSA algorithm, and the OpenSS L tool is used for CA building and certificate application.
The data sharing center prepares files required by creating a private CA, and mainly comprises the steps of generating a database file of a certificate index and downloading an index code of the generated certificate;
the data sharing center self-signed certificate mainly comprises the steps of generating a private key and generating a self-signed certificate;
the user A generates a private key, generates a certificate request file by using the private key, and sends the certificate request to the RA of the data sharing center;
the data sharing center signs the certificate and issues the certificate to the user A.
Through the above steps, the user a is a legitimate user registered in the data sharing center. Now that user A wants to share a data set
It is necessary to go through step S2.
The specific implementation manner of step S2 is:
user A for data set desired to be shared
Calculating a digital abstract of each piece of information by using a Hash algorithm to obtain
The user A encrypts each piece of data in the data set by using a private key to obtain a signature
User A signs data
Sending to the block chain for storing the certificate, and returning the transaction ID of the current data set for storing the certificate by the block chain
User A will collect the data
Transaction sequence number
Sending the data to a data sharing center;
the data sharing center maintains a { Dataset: TXID } dictionary.
The specific implementation manner of step S3 is:
the invention is asynchronous verifiable inquiry, namely inquiry and verification are carried out step by step, so that the data inquiry response speed is improved, and personalized verification support is provided according to different safety requirements of users on data.
A user submits a query statement;
and the data sharing center returns the query result.
Referring to fig. 8, an embodiment of step S4:
after the data sharing center returns the query result, the user can choose to receive the query result, entrust the data sharing center to verify the data, and can choose to verify the data by himself, and the data sharing center executes the data set verification steps as follows:
according to the data related to the user query result, locating the data set source of the user query result, and generating a data set ID list;
positioning the original data of the data set, and executing a Hash algorithm to calculate a data set abstract;
searching a data set ID and a certificate storage ID dictionary to obtain TXID of the data set;
the request block chain returns the transaction content of the TXID, compares whether the verification is consistent with the current calculation result or not, and informs a user that the data query is safe and correct if the verification is consistent with the current calculation result; if the data are inconsistent, informing the user that the data are abnormal;
if the user checks the data by himself, the TXID needs to be requested from the data sharing center.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
It is understood that the same or similar parts in the above embodiments may be mutually referred to, and the same or similar parts in other embodiments may be referred to for the content which is not described in detail in some embodiments.
It should be noted that the terms "first," "second," and the like in the description of the present invention are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. Further, in the description of the present invention, the meaning of "a plurality" means at least two unless otherwise specified.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made to the above embodiments by those of ordinary skill in the art within the scope of the present invention.
Claims (10)
1. A data sharing method based on block chain technology is characterized by comprising the following steps:
abstracting the shared data based on a first preset algorithm to obtain abstract information;
encrypting each piece of data in the shared data by using a private key to obtain a signature;
sending the abstract information to a block chain for storing a certificate, and receiving a transaction address of the shared data certificate returned by the block chain, wherein the transaction address carries a transaction serial number;
and sending the data set, the signature and the transaction serial number to a data sharing center so that the data sharing center maintains a data set address, a certificate storing address and a dictionary of user signatures.
2. The method of claim 1, further comprising:
acquiring a public key and a private key based on a second preset algorithm;
generating a certificate application file based on the public key and the identity information to obtain an identity certificate;
and sending a data sharing request based on the identity certificate.
3. A asynchronous verifiable query method for database based on block chain technology, wherein the sharing method of any one of claims 1-2 is applied to share shared data, comprising:
receiving a query and verification request, wherein the query and verification request carries identity information of a query user;
and based on the security requirement of the query user on the query data, performing query verification according to a corresponding query method.
4. The method according to claim 3, wherein the performing query verification according to the corresponding query method based on the security requirement of the query user on the query data comprises:
if the security requirement of the query user on the query data is a first trust level, sending a query result corresponding to the query request;
if the security requirement of the inquiry user on the data is a second trust degree, triggering a data sharing center to execute inquiry result verification;
and if the security requirement of the inquiring user on the data is a third trust level, sending a signature of a data publisher matched with the inquiring and verifying request, receiving signature information provided by the inquiring user based on the publisher, and verifying the inquiring result.
5. The method of claim 3, wherein the performing query validation according to the corresponding query method comprises:
and inquiring and verifying the inquiry data step by step according to the corresponding inquiry method.
6. The method of claim 4, wherein the first degree of trust is trusted, the second degree of trust is semi-trusted, and the third degree of trust is untrusted.
7. The method of claim 6, wherein the method for verifying the query result in the semi-trusted time comprises:
according to the data related to the query result, locating a data set source of the related data, and acquiring a data set address list;
acquiring original data of the data set, and calculating the data set abstract based on the first preset algorithm;
searching a data set address and a certificate storing address dictionary to obtain a certificate storing address of the data set;
acquiring the transaction content of the certificate-storing address, and comparing whether the certificate-storing address is consistent with the current calculation result;
if the query result is consistent with the query result, sending the safe and error-free information of the query result;
and if the data are inconsistent, sending data exception information.
8. A asynchronous verifiable query system for database based on block chain technology, comprising: the system comprises a data sharing center, a central database, data sharing users, data query users and block chain nodes;
the data sharing center is used for receiving a query and verification request, and the query and verification request carries identity information of a query user; based on the security requirement of the query user on query data, performing query verification according to a corresponding query method;
the central database is used for storing data;
the data sharing user is used for abstracting the shared data based on a first preset algorithm to obtain abstract information; encrypting each piece of data in the shared data by using a private key to obtain a signature; sending the abstract information to a block chain for storing a certificate, and receiving a transaction address of the shared data certificate returned by the block chain, wherein the transaction address carries a transaction serial number; sending the data set, the signature and the transaction serial number to a data sharing center so that the data sharing center maintains a dictionary of data set addresses, certificate storage addresses and user signatures;
the data query user is used for sending a data query verification request;
and the block chain node is used for processing the abstract deposit certificate transaction.
9. A sharing device, comprising: the system comprises a first processor and a first memory connected with the first processor;
the first memory is used for storing a computer program, and the computer program is at least used for executing the data sharing method based on the block chain technology in any one of claims 1-2;
the first processor is configured to invoke and execute the computer program in the first memory.
10. A asynchronous verifiable query device for database based on block chain technology, comprising: the second processor and a second memory connected with the second processor;
the second memory is used for storing a computer program, and the computer program is at least used for executing the asynchronous verifiable query method of the database based on the block chain technology of any claim 3-7;
the second processor is configured to invoke and execute the computer program in the second memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010270285.6A CN111475859B (en) | 2020-04-08 | 2020-04-08 | Data sharing and database asynchronous verifiable query method, system and equipment based on block chain technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010270285.6A CN111475859B (en) | 2020-04-08 | 2020-04-08 | Data sharing and database asynchronous verifiable query method, system and equipment based on block chain technology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111475859A true CN111475859A (en) | 2020-07-31 |
| CN111475859B CN111475859B (en) | 2021-01-01 |
Family
ID=71750120
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010270285.6A Active CN111475859B (en) | 2020-04-08 | 2020-04-08 | Data sharing and database asynchronous verifiable query method, system and equipment based on block chain technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111475859B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112084527A (en) * | 2020-08-18 | 2020-12-15 | 中国银联股份有限公司 | Data storage and acquisition method, device, equipment and medium |
| CN112133392A (en) * | 2020-09-22 | 2020-12-25 | 合肥易康达医疗卫生信息科技有限公司 | Electronic medical record sharing method based on block chain |
| CN112783973A (en) * | 2020-12-31 | 2021-05-11 | 中国人民银行数字货币研究所 | Method for determining data integrity, related device and data integrity protection system |
| CN113656365A (en) * | 2021-07-28 | 2021-11-16 | 熵链科技(福建)有限公司 | Data sharing method and system based on block chain |
| CN113806778A (en) * | 2021-09-23 | 2021-12-17 | 深圳市电子商务安全证书管理有限公司 | Data management method, system and storage medium based on big data platform |
| CN114500588A (en) * | 2021-12-15 | 2022-05-13 | 杭州宇链科技有限公司 | Method and system for verifying cloud data by Internet of things terminal based on block chain |
| CN115037744A (en) * | 2022-05-10 | 2022-09-09 | 北京溪塔科技有限公司 | Block chain certificate circulation method and device, storage medium and management platform |
| CN115277690A (en) * | 2022-05-12 | 2022-11-01 | 安徽超清科技股份有限公司 | Industrial data supervisory systems based on block chain |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107819777A (en) * | 2017-11-17 | 2018-03-20 | 北京亿生生网络科技有限公司 | A kind of data based on block chain technology deposit card method and system |
| CN108881160A (en) * | 2018-05-07 | 2018-11-23 | 北京信任度科技有限公司 | Medical treatment & health data managing method and system based on block chain intelligence contract |
| CN109600366A (en) * | 2018-12-06 | 2019-04-09 | 中链科技有限公司 | The method and device of protection user data privacy based on block chain |
| CN109660356A (en) * | 2018-12-18 | 2019-04-19 | 深圳前海微众银行股份有限公司 | Data cochain method, apparatus, equipment and computer readable storage medium |
| CN110223068A (en) * | 2019-06-14 | 2019-09-10 | 重庆邮电大学 | A kind of electronic evidence based on block chain intelligence contract deposits card method |
-
2020
- 2020-04-08 CN CN202010270285.6A patent/CN111475859B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107819777A (en) * | 2017-11-17 | 2018-03-20 | 北京亿生生网络科技有限公司 | A kind of data based on block chain technology deposit card method and system |
| CN108881160A (en) * | 2018-05-07 | 2018-11-23 | 北京信任度科技有限公司 | Medical treatment & health data managing method and system based on block chain intelligence contract |
| CN109600366A (en) * | 2018-12-06 | 2019-04-09 | 中链科技有限公司 | The method and device of protection user data privacy based on block chain |
| CN109660356A (en) * | 2018-12-18 | 2019-04-19 | 深圳前海微众银行股份有限公司 | Data cochain method, apparatus, equipment and computer readable storage medium |
| CN110223068A (en) * | 2019-06-14 | 2019-09-10 | 重庆邮电大学 | A kind of electronic evidence based on block chain intelligence contract deposits card method |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112084527A (en) * | 2020-08-18 | 2020-12-15 | 中国银联股份有限公司 | Data storage and acquisition method, device, equipment and medium |
| CN112133392A (en) * | 2020-09-22 | 2020-12-25 | 合肥易康达医疗卫生信息科技有限公司 | Electronic medical record sharing method based on block chain |
| CN112783973A (en) * | 2020-12-31 | 2021-05-11 | 中国人民银行数字货币研究所 | Method for determining data integrity, related device and data integrity protection system |
| CN113656365A (en) * | 2021-07-28 | 2021-11-16 | 熵链科技(福建)有限公司 | Data sharing method and system based on block chain |
| CN113806778A (en) * | 2021-09-23 | 2021-12-17 | 深圳市电子商务安全证书管理有限公司 | Data management method, system and storage medium based on big data platform |
| CN113806778B (en) * | 2021-09-23 | 2022-08-02 | 深圳市电子商务安全证书管理有限公司 | Data management method, system and storage medium based on big data platform |
| CN114500588A (en) * | 2021-12-15 | 2022-05-13 | 杭州宇链科技有限公司 | Method and system for verifying cloud data by Internet of things terminal based on block chain |
| CN114500588B (en) * | 2021-12-15 | 2023-09-19 | 杭州宇链科技有限公司 | Method and system for verifying cloud data by using IOT (Internet of things) terminal based on blockchain |
| CN115037744A (en) * | 2022-05-10 | 2022-09-09 | 北京溪塔科技有限公司 | Block chain certificate circulation method and device, storage medium and management platform |
| CN115037744B (en) * | 2022-05-10 | 2023-12-08 | 北京溪塔科技有限公司 | Method and device for circulation of blockchain certificates, storage medium and management platform |
| CN115277690A (en) * | 2022-05-12 | 2022-11-01 | 安徽超清科技股份有限公司 | Industrial data supervisory systems based on block chain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111475859B (en) | 2021-01-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111475859B (en) | Data sharing and database asynchronous verifiable query method, system and equipment based on block chain technology | |
| US11323457B2 (en) | Network topology | |
| US10491390B2 (en) | Proof chaining and decomposition | |
| US10944548B2 (en) | Method for registration of data in a blockchain database and a method for verifying data | |
| US10715531B2 (en) | Network topology | |
| Hirtan et al. | Blockchain-based approach for e-health data access management with privacy protection | |
| CN114915421A (en) | Method, electronic device, and storage medium for handling digital money | |
| Han et al. | A survey on blockchain-based integrity auditing for cloud data | |
| KR20060123470A (en) | Signature-efficient real time credentials for ocsp and distributed ocsp | |
| KR20220044306A (en) | Partially-aligned blockchain | |
| CN110543545A (en) | file management method and device based on block chain and storage medium | |
| Liu et al. | Blockchain-cloud transparent data marketing: Consortium management and fairness | |
| Li et al. | Decentralized public key infrastructures atop blockchain | |
| US11856107B2 (en) | Methods and systems for exchanging confidential information via a blockchain | |
| Abadi et al. | Anylog: a grand unification of the internet of things | |
| Babu et al. | Secure and transparent pharmaceutical supply chain using permissioned blockchain network | |
| EP4097915A1 (en) | Attestation service for use with a blockchain network | |
| Das et al. | A secure blockchain-enabled vehicle identity management framework for intelligent transportation systems | |
| Babu et al. | MediBlocks: secure exchanging of electronic health records (EHRs) using trust-based blockchain network with privacy concerns | |
| CN116508291A (en) | Merck proving entity | |
| JP2022548264A (en) | cryptographically linked identities | |
| CN113302610A (en) | Trusted platform based on block chain | |
| Mishra et al. | Blockchain assisted privacy-preserving public auditable model for cloud environment with efficient user revocation | |
| CN113302612B (en) | Computer implementation method, system and device for cross-chain and cross-network data transmission | |
| Mohammadzadeh et al. | Invoice factoring registration based on a public blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |