CN111538740A - Information disclosure method and device - Google Patents

Information disclosure method and device Download PDF

Info

Publication number
CN111538740A
CN111538740A CN202010580115.8A CN202010580115A CN111538740A CN 111538740 A CN111538740 A CN 111538740A CN 202010580115 A CN202010580115 A CN 202010580115A CN 111538740 A CN111538740 A CN 111538740A
Authority
CN
China
Prior art keywords
user equipment
user
identifier
encrypted
equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010580115.8A
Other languages
Chinese (zh)
Inventor
胡朝新
张俊麒
苏小康
张开翔
范瑞彬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
WeBank Co Ltd
Original Assignee
WeBank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by WeBank Co Ltd filed Critical WeBank Co Ltd
Priority to CN202010580115.8A priority Critical patent/CN111538740A/en
Publication of CN111538740A publication Critical patent/CN111538740A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • G06F16/2379Updates performed during online database operations; commit processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/08Insurance

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Development Economics (AREA)
  • Technology Law (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Data Mining & Analysis (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses an information disclosure method and device, wherein the method comprises the following steps: the first user equipment generates contact information of the second user equipment at least according to the received second encryption identifier broadcasted by the second user equipment based on the client application of the mechanism server; the first user equipment updates a local contact information database of the client application based on the contact information of the second user equipment; and the first user equipment generates a state identification code of the first user equipment at least according to the local contact information database based on the client application. When the method is applied to financial technology (Fintech), the privacy disclosure risk of the user can be effectively reduced.

Description

Information disclosure method and device
Technical Field
The invention relates to the field of computer software in the field of financial technology (Fintech), in particular to an information disclosure method and device.
Background
With the development of computer technology, more and more technologies are applied in the financial field, and the traditional financial industry is gradually changing to financial technology (Fintech), but due to the requirements of the financial industry on safety and real-time performance, higher requirements are also put forward on the technologies. The financial users are connected and contacted with the users, and some states of the users are changed along with the contact between the users. For example, in the context of infectious diseases, the safety status of the users and the contact situation between the users are closely related. Each financial institution has come out of the way of tracking the user's status.
The current mainstream tracking method is status identification code. Specifically, the active real-name authentication declaration of the user is used as a basis, the user needs to actively authorize through a service party (such as a certain financial institution) and register information, the relevant information of the user state is filled, and the service party performs background judgment and sends the state identification code. In the process, the server side takes the identity card as a uniform identifier, obtains the motion trail through the data of the telecom operator, and generates the state identification code according to the real-time data of the server side and the data actively declared by the user. Obviously, in the above manner, the user needs to declare a large amount of personal information to the service side, the service side may use the collected personal information as other use, and the user has a risk of privacy disclosure, which is a problem to be solved urgently.
Disclosure of Invention
The invention provides an information disclosure method and device, and solves the problem that in the prior art, a user has a risk of privacy disclosure.
In a first aspect, the present invention provides an information disclosure method, including: the first user equipment generates contact information of the second user equipment at least according to the received second encryption identifier broadcasted by the second user equipment based on the client application of the mechanism server; the second encrypted identifier is obtained by encrypting the device identifier of the second user equipment by the mechanism server; the first user equipment updates a local contact information database of the client application based on the contact information of the second user equipment; the local contact information database records contact information of the first user equipment and each second user equipment; the second user equipment is any one of the second user equipment; and the first user equipment generates a state identification code of the first user equipment at least according to the local contact information database based on the client application.
In the above method, the contact information recorded in the local contact information database may be generated at least according to the second encrypted identifier of the second user equipment, and the local contact information database may be updated only by the first user equipment according to the identifier of the anonymous second user equipment, and the client application based on the mechanism server, so that the contact information may be collected on the basis that personal information does not need to be exposed, and the status identifier of the first user equipment may be generated.
Optionally, the first user equipment generates a public key of the first user equipment and a private key of the first user equipment; the first user equipment sends the equipment identification of the first user equipment and the public key of the first user equipment to the institution server; the first user equipment acquires a first encryption identifier from the mechanism server; the first encrypted identifier is obtained by encrypting the device identifier of the first user equipment by the mechanism server according to the public key of the first user equipment; the first user equipment broadcasts the first encryption identification.
In the method, the first user equipment does not directly broadcast the equipment identifier of the first user equipment, but generates a public key of the first user equipment and a private key of the first user equipment, and then sends the equipment identifier of the first user equipment and the public key of the first user equipment to the mechanism server to obtain the first encrypted identifier encrypted by the mechanism server, and broadcasts the first encrypted identifier, so that the equipment identifier of the first user equipment is replaced by the encrypted identifier, and the equipment receiving the first encrypted identifier knows that the first user equipment exists by broadcasting the anonymous encrypted identifier.
Optionally, before the client application based on the mechanism server generates the contact information of the second user equipment at least according to the received second encrypted identifier broadcast by the second user equipment; further comprising: the first user equipment acquires the signal intensity of the second encryption identifier broadcast by the second user equipment; the first user equipment determines that the signal strength is greater than or equal to a preset strength threshold.
In the method, before generating the contact information of the second user equipment, the first user equipment acquires the signal strength of the second user equipment broadcasting the second encrypted identifier, and determines that the signal strength is greater than or equal to a preset strength threshold value, so as to determine whether to generate the contact information of the second user equipment by setting the preset strength threshold value.
Optionally, the first user equipment acquires an alert notification from the mechanism server; the warning notification indicates a third encrypted identifier of the equipment of the first type of user and/or a fourth encrypted identifier of the equipment of the second type of user; the first user equipment generates a state identification code of the first user equipment at least according to the local contact information database based on the client application; the method comprises the following steps: and the first user equipment generates a state identification code of the first user equipment according to the local contact information database and the encrypted identification indicated by the warning notification on the basis of the client application.
In the above manner, when the first user equipment obtains the warning notification from the mechanism server, since the warning notification indicates the third encrypted identifier and/or the fourth encrypted identifier, the status identifier of the first user equipment may be generated according to the local contact information database and the encrypted identifier indicated by the warning notification, so that the status identifier of the first user equipment is generated in time according to the warning notification.
Optionally, the first user equipment deletes the contact information outside a preset time range in the local contact information database; the preset time length range is determined according to the preset time length set by the mechanism server.
In the above manner, whether the user who is in contact with the first user equipment is a patient or not, the contact information recorded in the local contact information database is invalid within the preset time, and when the preset time is out of the preset time, the contact information recorded in the local contact information database is invalid, so that the preset time range is determined according to the preset time set by the mechanism server, the contact information out of the preset time range in the local contact information database is further deleted, the invalid contact information can be deleted in time, and the storage space is saved.
Optionally, the first user equipment is the second encrypted identifier received through a near field communication mode.
In the above manner, compared with mobile communication, the effective encryption identifier is obtained in a low communication overhead manner.
In a second aspect, the present invention provides an information disclosure method, including: the mechanism server acquires equipment identifications from each user equipment; for each user equipment in the user equipments, the mechanism server encrypts the equipment identifier of the user equipment to obtain the encrypted identifier of the user equipment; the mechanism server sends the encrypted identification of the user equipment to the user equipment; the encrypted identification of each user equipment is used for generating the state identification code of each user equipment through broadcasting and/or receiving of each user equipment.
In the above manner, the mechanism server encrypts the device identifier of each user device, obtains the encrypted identifier of each user device, and distributes the encrypted identifier to each user device, so that each user device can generate the status identifier of each user device by broadcasting and/or receiving the anonymous encrypted identifier without revealing other information.
Optionally, the mechanism server obtains state evaluation information corresponding to an encrypted identifier of the user equipment; the mechanism server obtains a signature of the state evaluation information according to a preset signature algorithm according to each data item in the state evaluation information and confusion information of the data item; and the mechanism server generates a state evaluation certificate corresponding to the encrypted identifier of the user equipment according to the signature of the state evaluation information and the state evaluation information.
In the above manner, after obtaining the state evaluation information corresponding to the encrypted identifier of the user equipment, the organization server obtains the signature of the state evaluation information according to each data item and the obfuscation information and according to a preset signature algorithm, so as to authenticate the state evaluation information, and further generates a state evaluation credential according to the state evaluation information and the signature, so as to authenticate the state evaluation information corresponding to the encrypted identifier of the user equipment under the condition that the user is anonymous.
Optionally, the mechanism server is a node on the blockchain; further comprising: the agency server generates encryption information of each data item according to each data item in the state evaluation information allowed to be disclosed in the preset disclosure strategy and the confusion information of each data item; the mechanism server generates a selective disclosure state evaluation certificate corresponding to the encryption identification of the user equipment according to the encryption information of each data item; the chassis server chains up the selective disclosure state evaluation credential through nodes on the blockchain.
In the above manner, when the mechanism server is a node on the blockchain, after the mechanism server generates the selective disclosure state evaluation credential corresponding to the encrypted identifier of the ue, the selective disclosure state evaluation credential is linked up, so that the selective disclosure state evaluation credential is published to the blockchain, and the nodes of the whole blockchain can share the selective disclosure state evaluation credential.
Optionally, if the mechanism server determines that the local user equipment is equipment of a first type of user and/or equipment of a second type of user according to the state evaluation information corresponding to the encrypted identifier of the local user equipment, the mechanism server broadcasts the encrypted identifier of the local user equipment to some or all of the user equipment; and/or if the mechanism server determines that the external user equipment is the equipment of the first type user and/or the equipment of the second type user according to the selective disclosure state evaluation certificate corresponding to the encryption identifier of the external user equipment, the mechanism server broadcasts the encryption identifier of the external user equipment to part or all of the user equipment.
In the above manner, after the mechanism server determines that the local user equipment is the equipment of the first type user and/or the equipment of the second type user, or determines that the external user equipment is the equipment of the first type user and/or the equipment of the second type user, the encryption identifier of the corresponding equipment is broadcast to part or all of the user equipment, so as to publish the state in time.
Optionally, for any authorized user equipment in each authorized user equipment in the user equipments, the mechanism server records an encrypted identifier of a user equipment broadcast received by the authorized user equipment; the mechanism server broadcasts the encrypted identification of the local user equipment to part or all of the user equipment; the method comprises the following steps: the agency server broadcasts the encrypted identification of the local user equipment to: authorized user equipment in each authorized user equipment, wherein the encrypted identification of the local user equipment is recorded, and each unauthorized user equipment in each user equipment; the mechanism server broadcasts the encrypted identification of the external user equipment to part or all of the user equipment; the method comprises the following steps: the agency server broadcasts the encrypted identification of the external user equipment to: authorized user equipment and unauthorized user equipment, wherein the encrypted identifier of the external user equipment is recorded in the authorized user equipment.
In the above manner, when the encrypted identifier of the local ue or the encrypted identifier of the external ue needs to be broadcast to the authorized ues that record the encrypted identifier of the local ue, the encrypted identifier is broadcast more specifically, and is sent to each unauthorized ue, so that the tracking efficiency of the state is improved.
In a third aspect, the present invention provides an information disclosing apparatus comprising: the processing module is used for generating contact information of the second user equipment at least according to the received second encryption identifier broadcasted by the second user equipment based on the client application of the mechanism server; the second encrypted identifier is obtained by encrypting the device identifier of the second user equipment by the mechanism server; updating a local contact information database of the client application based on the contact information of the second user device; the local contact information database records contact information of the first user equipment and each second user equipment; the second user equipment is any one of the second user equipment; and the generating module is used for generating the state identification code of the first user equipment at least according to the local contact information database based on the client application.
Optionally, the processing module is further configured to: generating a public key of the first user equipment and a private key of the first user equipment; sending the device identification of the first user equipment and the public key of the first user equipment to the institution server; acquiring a first encrypted identifier from the mechanism server; the first encrypted identifier is obtained by encrypting the device identifier of the first user equipment by the mechanism server according to the public key of the first user equipment; broadcasting the first encrypted identification.
Optionally, the processing module is further configured to: acquiring the signal intensity of the second encrypted identifier broadcast by the second user equipment; determining that the signal strength is greater than or equal to a preset strength threshold.
Optionally, the processing module is further configured to: acquiring an alert notification from the facility server; the warning notification indicates a third encrypted identifier of the equipment of the first type of user and/or a fourth encrypted identifier of the equipment of the second type of user; the generation module is specifically configured to: and generating the state identification code of the first user equipment according to the local contact information database and the encrypted identification indicated by the warning notification based on the client application.
Optionally, the processing module is further configured to: deleting the contact information outside a preset time range in the local contact information database; the preset time length range is determined according to the preset time length set by the mechanism server.
Optionally, the device is the second encrypted identifier received through the near field communication mode.
The advantageous effects of the optional apparatuses in the third aspect and the third aspect may refer to the advantageous effects of the optional methods in the first aspect and the first aspect, and are not described herein again.
In a fourth aspect, the present invention provides an information disclosing apparatus comprising: an obtaining module, configured to obtain device identifiers from user devices; for each user equipment in the user equipment, encrypting the equipment identifier of the user equipment to obtain the encrypted identifier of the user equipment; the transmission module is used for sending the encrypted identifier of the user equipment to the user equipment; the encrypted identification of each user equipment is used for generating the state identification code of each user equipment through broadcasting and/or receiving of each user equipment.
Optionally, the obtaining module is further configured to: acquiring state evaluation information corresponding to an encryption identifier of user equipment; the processing module is further configured to: according to each data item in the state evaluation information and confusion information of the data item, obtaining a signature of the state evaluation information according to a preset signature algorithm; and generating a state evaluation certificate corresponding to the encrypted identifier of the user equipment according to the signature of the state evaluation information and the state evaluation information.
Optionally, the apparatus is a node on a block chain; the processing module is further configured to: generating encryption information of each data item according to each data item in the state evaluation information allowed to be disclosed in the preset disclosure strategy and the confusion information of each data item; generating a selective disclosure state evaluation certificate corresponding to the encryption identification of the user equipment according to the encryption information of each data item; chaining the selective disclosure state evaluation credentials by a node on the blockchain.
Optionally, the processing module is further configured to: if the local user equipment is determined to be equipment of a first type of user and/or equipment of a second type of user according to the state evaluation information corresponding to the encrypted identifier of the local user equipment, broadcasting the encrypted identifier of the local user equipment to part or all of the user equipment; and/or if the external user equipment is determined to be equipment of a first type of user and/or equipment of a second type of user according to the selective disclosure state evaluation certificate corresponding to the encryption identifier of the external user equipment, broadcasting the encryption identifier of the external user equipment to part or all of the user equipment.
Optionally, for any authorized user equipment in each authorized user equipment in the user equipments, the apparatus records an encrypted identifier of a user equipment broadcast received by the authorized user equipment; the processing module is specifically configured to: broadcasting the encrypted identification of the local user equipment to: authorized user equipment in each authorized user equipment, wherein the encrypted identification of the local user equipment is recorded, and each unauthorized user equipment in each user equipment; broadcasting the encrypted identification of the external user equipment to: authorized user equipment and unauthorized user equipment, wherein the encrypted identifier of the external user equipment is recorded in the authorized user equipment.
The advantageous effects of the optional apparatuses in the fourth aspect and the fourth aspect may refer to the advantageous effects of the optional methods in the second aspect and the second aspect, and are not described herein again.
In a fifth aspect, the present invention provides a computer apparatus comprising a program or instructions which, when executed, is operable to perform the first or second aspects and various alternative methods described above.
In a sixth aspect, the present invention provides a storage medium comprising a program or instructions which, when executed, is operable to carry out the first or second aspect and various alternative methods described above.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings that are required to be used in the description of the embodiments will be briefly described below.
Fig. 1 is a schematic diagram illustrating an architecture to which an information disclosure method according to an embodiment of the present disclosure is applicable;
fig. 2 is a schematic diagram illustrating an organization registration process in an information disclosure method according to an embodiment of the present application;
FIG. 3 is a flowchart illustrating steps of an information disclosure method according to an embodiment of the present disclosure;
fig. 4 is a schematic structural diagram of an information disclosure apparatus according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an information disclosure apparatus according to an embodiment of the present application.
Detailed Description
In order to better understand the technical solutions, the technical solutions will be described in detail below with reference to the drawings and the specific embodiments of the specification, and it should be understood that the specific features in the embodiments and examples of the present application are detailed descriptions of the technical solutions of the present application, but not limitations of the technical solutions of the present application, and the technical features in the embodiments and examples of the present application may be combined with each other without conflict.
The definitions of the terms appearing in the present application are listed first below.
Certificate: a portable data structure that can verify authenticity, whether it is tampered with, whether it is expired, whether it is revoked, includes metadata (including a certificate Identification (ID), creation time, validity expiration, issuer, version number, etc.), data content, and a signature value generated by the issuer using its own private key. The "state evaluation information" is stored herein using a credential format.
In the process of tracking the state of a business (such as loan business, deposit business and the like of a bank) by a financial institution (a banking institution, an insurance institution or a security institution), the state of a person (such as the monitoring state of the person in the infectious disease scene) is usually identified by a state identification code. In the current mode, a user needs to report a large amount of personal information to a service party, the service party may use the collected personal information as other purposes, and the user has a risk of privacy disclosure, which is a problem to be solved urgently. To this end, the present application provides an information disclosure method. Fig. 1 is a schematic diagram of an architecture to which an information disclosure method provided by the present application is applicable. The body included in the architecture diagram shown in fig. 1 is as follows:
the user equipment: the handheld device of the user can be a Bluetooth device and the like. The user equipment can obtain an encrypted identifier bound with the user equipment by applying for registration to the mechanism server, and the encrypted identifier can be used as a basis for contact between people.
A mechanism server: an institution server of an institution (e.g., a hospital) may be used to register and maintain encrypted identities of managed user devices, and may also share and disclose status evaluation information corresponding to the encrypted identities of managed user devices to other institutions. It should be noted that an organization may divide the server into two types of organization servers according to the encrypted identifier of the user equipment and the state evaluation information disclosed to other organizations, or may integrate the two functions into the organization server of the organization. In addition, the enterprise servers of different enterprises may share state evaluation information through a blockchain, such as the enterprise servers of different enterprises forming a federation chain.
It should be noted that, an information disclosure method provided in the present application is described in detail below through specific stages. The method comprises 4 stages of user equipment registration, user equipment use, state evaluation information disclosure and epidemic situation notification. Each stage is described in detail below.
User equipment registration phase:
this stage can be subdivided into an organization registration and an encrypted identification registration of the user equipment.
The process of enterprise registration is shown in fig. 2, and taking the block chain (e.g. federation chain) formed by enterprise servers of different enterprises as an example, each enterprise registers on the federation chain. Asymmetric encryption algorithms can be defined among the organizations to generate own public and private key pairs of the organizations; each organization securely stores its own private key and chains up its public key. In addition, an organization needs to develop a client application, so that the user equipment can generate the state identification code and the like according to the specification of the client application. For example, the client application may be a mobile phone application, or may be an integrated chip board of bluetooth. The mechanism may pre-configure the native backend servers that the client application can access.
Taking the first user equipment as an example, the encrypted identifier registration process of the user equipment may be as follows:
the first user equipment generates a public key of the first user equipment and a private key of the first user equipment; the first user equipment sends the equipment identification of the first user equipment and the public key of the first user equipment to the institution server; the first user equipment acquires a first encryption identifier from the mechanism server.
The first encrypted identifier is specifically obtained by encrypting, by the mechanism server, the device identifier of the first user device according to the public key of the first user device.
Specifically, the encrypted identifier registration procedure of the user equipment may be:
step (1-1): the user equipment downloads the client application, starts a communication module (such as Bluetooth) and performs user equipment self-check.
Step (1-2): the user equipment generates a group of public and private key pairs, namely a public key of the user equipment and a private key of the user equipment, according to a certain asymmetric encryption algorithm agreed in advance by the client application in the local of the user equipment.
Step (1-3): and the user equipment accesses the mechanism server through the client application, and the equipment identification of the user equipment and the public key of the user equipment are obtained.
In the step (1-3), for example, the access mode of the user equipment accessing the mechanism server through the client application may be an HTTP/S mode through a public network, and the equipment identifier of the user equipment may be a hardware address of the user equipment, a hardware address of a bluetooth chip of the user equipment, or the like.
Step (1-4): and the mechanism server encrypts the equipment identifier of the user equipment according to the public key of the user equipment to obtain the encrypted identifier of the user.
Specifically, the mechanism server generates an unique identification ID (encrypted identification) of the user equipment by using a Hash (bluetooth hardware address + public key address), wherein the Hash represents a Hash function, and the + represents the concatenation of the bluetooth hardware address and the public key address, and the result of the concatenation of the bluetooth hardware address and the public key address is used as an input parameter of the Hash function, and the ID is returned to the user, and the encrypted identification can be written into the block chain.
Step (1-5): the user equipment stores the encrypted identification of the user equipment through the client application, and simultaneously automatically registers the push channel with the mechanism server to return successful registration.
It should be noted that the client application and the mechanism server may subsequently use the push channel for data interaction.
The first user equipment may broadcast the first encrypted identification after acquiring the first encrypted identification from the facility server. The specific form of broadcasting the first encrypted identification by the first user equipment may be implemented by broadcasting first identification information, which includes the first encrypted identification. For example, after the first user equipment starts a communication module (such as a bluetooth module), the encrypted identifier of the first user equipment is broadcasted according to a preset period through the client application.
User equipment use stage:
the specific flow of steps at this stage is shown in fig. 3. Specifically, the method comprises the following steps:
step 301: and the first user equipment generates contact information of the second user equipment at least according to the received second encryption identifier broadcasted by the second user equipment based on the client application of the mechanism server.
Step 302: the first user device updates a local contact information database of the client application based on contact information of the second user device.
Step 303: and the first user equipment generates a state identification code of the first user equipment at least according to the local contact information database based on the client application.
In steps 301 to 303, the second encrypted identifier is that the local contact information database obtained by encrypting the device identifier of the second user equipment by the mechanism server records contact information between the first user equipment and each second user equipment; the second user equipment is any one of the second user equipments. It should be noted that the status identifier of the first user equipment may have various forms, for example, the status identifier of the first user equipment is in the form of a two-dimensional code. The local contact information database may be generated as follows:
after receiving the identification information of any second user equipment through the client application, the first user equipment indicates that the user equipment which also broadcasts the encrypted identification is around the first user equipment, and the first user equipment is generated at least according to the second encrypted identification of the second user equipment based on the client application.
The first user equipment and the second user equipment in steps 301 to 303 may be bluetooth devices. Bluetooth devices are typical devices for near field communication and are well suited for recording contact information from person to person. Besides, the terminal device can also send a WiFi signal and the like for broadcasting. Therefore, in an optional embodiment, the first user equipment is the second encrypted identifier received via a short-range communication mode (e.g. via bluetooth communication). In particular, when the method is applied to the field of infectious diseases, since infectious diseases are generally transmitted by close contact, the reception of the second encrypted identifier via the distance communication mode can be matched with the contact mode of infectious diseases.
It should be noted that, for example, when each user equipment broadcasts or receives the encrypted identifier of the user equipment, the encrypted identifier of the first user equipment may be received by other user equipment through broadcasting, and the first user equipment may also receive the encrypted identifier of other user equipment.
For the agency server, the state identification code cannot be generated directly, and the user equipment can only generate the state identification code indirectly through the following method:
the mechanism server acquires equipment identifications from each user equipment; for each user equipment in the user equipments, the mechanism server encrypts the equipment identifier of the user equipment to obtain the encrypted identifier of the user equipment; and the mechanism server sends the encrypted identifier of the user equipment to the user equipment.
The encrypted identification of each user equipment is used for generating the state identification code of each user equipment through broadcasting and/or receiving of each user equipment.
In an alternative embodiment, before step 301, the following steps may be performed:
the first user equipment acquires the signal intensity of the second encryption identifier broadcast by the second user equipment; the first user equipment determines that the signal strength is greater than or equal to a preset strength threshold.
Specifically, the first user equipment receives a broadcast message of the second user equipment.
The broadcast message of the second user equipment comprises: a timestamp of a broadcast message of the second user equipment; a signal strength of a broadcast message of the second user equipment; the second encrypted identification.
Based on the broadcast message, step 302 may be specifically performed according to the following embodiments:
and the first user equipment generates contact information of the second user equipment according to the timestamp of the broadcast message of the second user equipment, the signal strength of the broadcast message of the second user equipment and the second encryption identifier on the basis of the client application.
It should be noted that, before the foregoing embodiment, a determination condition may be added, and the foregoing embodiment is executed after the signal strength of the broadcast message of the second ue is determined to be greater than or equal to a preset strength threshold. The specific value of the preset intensity threshold can be updated by the mechanism server.
More specifically, the client application records the received encrypted identification of the device, the signal strength of the broadcast message of the second user equipment, and the timestamp of the broadcast message of the second user equipment to store in a local contact information database. An example format is shown in table 1:
Figure BDA0002552054200000131
table 1 storage format of broadcast message of the second user equipment
In an alternative embodiment, before step 303, the following steps may be performed:
the first user equipment acquires an alarm notice from the mechanism server; the warning notification indicates a third encrypted identifier of the equipment of the first type of user and/or a fourth encrypted identifier of the equipment of the second type of user; then step 303 may specifically be:
and the first user equipment generates a state identification code of the first user equipment according to the local contact information database and the encrypted identification indicated by the warning notification on the basis of the client application.
For example, in an infectious disease scenario, the first type of user is a diagnosed patient, the second type of user is a suspected patient, and if the local contact information database contains the device encryption identifier of the first type of user and/or the device encryption identifier of the second type of user, the state of the state identifier of the first user device indicates that the epidemic situation risk level is high.
For another example, if the local contact information database does not contain the device encryption identifier of the first type of user and/or the device encryption identifier of the second type of user, the state of the state identifier of the first user device indicates that the epidemic situation danger level is low.
Further, the local contact information database may also be maintained in the following manner, in particular:
and the first user equipment deletes the contact information outside a preset time range in the local contact information database.
The preset time length range is determined according to the preset time length set by the mechanism server. In an infectious disease scene, the mechanism server may set a preset duration according to the medical latency, specifically, the mechanism server sets the preset duration to 14 days, and then the first user equipment deletes the contact information 14 days before the current time.
State evaluation information disclosure phase:
for the agency server, the status identification code cannot be generated directly, and only the status identification code can be generated indirectly by the user equipment in the following manner:
the mechanism server acquires equipment identifications from each user equipment; for each user equipment in the user equipments, the mechanism server encrypts the equipment identifier of the user equipment to obtain the encrypted identifier of the user equipment; and the mechanism server sends the encrypted identifier of the user equipment to the user equipment.
The encrypted identification of each user equipment is used for generating the state identification code of each user equipment through broadcasting and/or receiving of each user equipment.
An alternative embodiment is:
the mechanism server acquires state evaluation information corresponding to an encrypted identifier of the user equipment; the mechanism server obtains a signature of the state evaluation information according to a preset signature algorithm according to each data item in the state evaluation information and confusion information of the data item; and the mechanism server generates a state evaluation certificate corresponding to the encrypted identifier of the user equipment according to the signature of the state evaluation information and the state evaluation information.
It should be noted that the state evaluation information corresponding to the encrypted identifier of the user equipment may be reported by the patient through the user equipment of the patient, or may be read by the mechanism server from an authorized state evaluation information database. For example, the facility server is a hospital, which has its own status assessment information database that can be read directly from it. In order to protect the privacy of the patient, the state evaluation information is used to obtain the state evaluation voucher through the confusion information of each data item.
It should be noted that the state evaluation information corresponding to the encrypted identifier of the ue may be included in various types of report messages.
For example, the institution receives the reported information of the first type user, and the generated state evaluation voucher is a diagnosis confirmation voucher, and the voucher content comprises the state evaluation information and the patient ID. The credential format is shown in table 2:
Figure BDA0002552054200000151
Figure BDA0002552054200000161
TABLE 2 voucher content
The data content salt value is confusion information of each data item in the state evaluation information, and can be randomly generated by the organization server, and the format can be consistent with the data content item. The signature value may specifically be calculated as follows:
firstly, serializing the state evaluation voucher according to a dictionary sequence, wherein keys of all data items in data contents are kept unchanged, and values corresponding to the keys of all the data items can be Hash (original data value + salt value), the Hash represents a Hash function, the Hash represents splicing of the original data value and the salt value, and the result after splicing of the original data value and the salt value is used as a parameter of the Hash function. In this way, it is ensured that the signature value is not changed by revealing less of certain data items at a later time of disclosure. The institution server uses a private key signature agreed with other institutions in advance. The private key may be a private key that satisfies the following condition: the signature algorithm consistent with the public and private key pair algorithm when the agency server registers is transmitted to the private key which is generated before the agency server and corresponds to the public key uploaded to the chain. In summary, the signature value in the state evaluation credential may be expressed as follows:
signature value Sign (serialization (credential < data content: (key- > key, value- > Hash))); sign denotes encryption with a private key.
Further, when the institution server is to disclose the state evaluation voucher to other institutions, only part of the data item contents in the state evaluation information may be selectively disclosed. When the mechanism server is a node on a blockchain; one embodiment is as follows:
the agency server generates encryption information of each data item according to each data item in the state evaluation information allowed to be disclosed in the preset disclosure strategy and the confusion information of each data item; the mechanism server generates a selective disclosure state evaluation certificate corresponding to the encryption identification of the user equipment according to the encryption information of each data item; the chassis server chains up the selective disclosure state evaluation credential through nodes on the blockchain.
The institution selectively exposes confirmation evidence to a minimum, revealing only the patient ID content, and status assessment information need not be revealed. The specific selective disclosure algorithm is as follows: the content of each data item is Hash (original data value + salt value), and the processing mode is consistent with that in the algorithm of the signature. The selectively revealed credentials are then streamed to all on-chain participating institutions, either on block chains or off-chain. An example of a selectively disclosed credential for a state evaluation credential is as follows:
Figure BDA0002552054200000171
TABLE 3 credential paradigm for selectively exposed state evaluation credentials
An epidemic situation informing stage:
it should be noted that, after receiving a new report message or receiving a selective disclosure state evaluation credential forwarded by a server of another organization, the mechanism server may push an alert notification to the managed user equipment.
After the agency server receives the selective disclosure state evaluation certificate forwarded by the server of other agency, the selective disclosure state evaluation certificate can be verified in the following way:
verifying that the selective disclosure state evaluation credential has not expired and that the creation date, expiration date are legitimate; verifying that the data content of the selective disclosure state evaluation credential is not missing; and inquiring a public key corresponding to the mechanism server through the block chain, calling signature verification operation of a signature algorithm, and delaying passing of the selective disclosure state evaluation certificate.
After authentication, the facility server may notify the managed user device by:
if the mechanism server determines that the local user equipment is equipment of a first type of user and/or equipment of a second type of user according to the state evaluation information corresponding to the encrypted identifier of the local user equipment, the mechanism server broadcasts the encrypted identifier of the local user equipment to part or all of the user equipment; and/or if the mechanism server determines that the external user equipment is the equipment of the first type user and/or the equipment of the second type user according to the selective disclosure state evaluation certificate corresponding to the encryption identifier of the external user equipment, the mechanism server broadcasts the encryption identifier of the external user equipment to part or all of the user equipment.
For example, in an infectious disease application scenario, if the verification is legal and the selective disclosure state evaluation credential is a confirmed credential or a suspected infection credential, the agency server may record an encrypted identifier of the user equipment corresponding to the confirmed credential or the suspected infection credential. The organization may periodically push all new IDs of the first type of user to all device IDs registered by the organization.
Further, if the user authorizes the contact information, aiming at any authorized user equipment in each user equipment, the mechanism server records the encrypted identification of the user equipment broadcast received by the authorized user equipment; an optional implementation manner of the mechanism server broadcasting the encrypted identifier of the local user equipment to some or all of the user equipments may be:
the agency server broadcasts the encrypted identification of the local user equipment to: the authorized user equipment records the encrypted identification of the local user equipment in each authorized user equipment, and each unauthorized user equipment in each user equipment.
An optional implementation manner of the mechanism server broadcasting the encrypted identifier of the external user equipment to some or all of the user equipments may be:
the agency server broadcasts the encrypted identification of the external user equipment to: authorized user equipment and unauthorized user equipment, wherein the encrypted identifier of the external user equipment is recorded in the authorized user equipment.
Specifically, if the user authorizes the contact information, the mechanism server can write the information into the state evaluation credential through the client application and send the information to other authorizations, and then only pushes the alarm notification to the user equipment which has contact with the encrypted identifier of the user equipment of the state evaluation credential when pushing the alarm notification, so that target equipment pushed by the mechanism server can be reduced.
When the user equipment receives contact push from a mechanism server through client application, a local contact information database of the user equipment is checked, and if the encrypted identification of a diagnosed user appears in the local contact information database of the user equipment, prompt information pops up and can be used for prompting the user to detect or isolate; if not, it is directly ignored.
As shown in fig. 4, the present invention provides an information disclosure apparatus, including: a processing module 401, configured to generate, based on a client application of the mechanism server, contact information of the second user equipment at least according to a received second encrypted identifier broadcast by the second user equipment; the second encrypted identifier is obtained by encrypting the device identifier of the second user equipment by the mechanism server; updating a local contact information database of the client application based on the contact information of the second user device; the local contact information database records contact information of the first user equipment and each second user equipment; the second user equipment is any one of the second user equipment; a generating module 402, configured to generate, based on the client application, a status identifier of the first user equipment at least according to the local contact information database.
Optionally, the processing module 401 is further configured to: generating a public key of the first user equipment and a private key of the first user equipment; sending the device identification of the first user equipment and the public key of the first user equipment to the institution server; acquiring a first encrypted identifier from the mechanism server; the first encrypted identifier is obtained by encrypting the device identifier of the first user equipment by the mechanism server according to the public key of the first user equipment; broadcasting the first encrypted identification.
Optionally, the processing module 401 is further configured to: acquiring the signal intensity of the second encrypted identifier broadcast by the second user equipment; determining that the signal strength is greater than or equal to a preset strength threshold.
Optionally, the processing module 401 is further configured to: acquiring an alert notification from the facility server; the warning notification indicates a third encrypted identifier of the equipment of the first type of user and/or a fourth encrypted identifier of the equipment of the second type of user; the generating module 402 is specifically configured to: and generating the state identification code of the first user equipment according to the local contact information database and the encrypted identification indicated by the warning notification based on the client application.
Optionally, the processing module 401 is further configured to: deleting the contact information outside a preset time range in the local contact information database; the preset time length range is determined according to the preset time length set by the mechanism server.
Optionally, the device is the second encrypted identifier received through the near field communication mode.
As shown in fig. 5, the present invention provides an information disclosure apparatus, including: an obtaining module 501, configured to obtain device identifiers from user devices; for each user equipment in the user equipment, encrypting the equipment identifier of the user equipment to obtain the encrypted identifier of the user equipment; a transmission module 502, configured to send the encrypted identifier of the user equipment to the user equipment; the encrypted identification of each user equipment is used for generating the state identification code of each user equipment through broadcasting and/or receiving of each user equipment.
Optionally, the obtaining module 501 is further configured to: acquiring state evaluation information corresponding to an encryption identifier of user equipment; the processing module is further configured to: according to each data item in the state evaluation information and confusion information of the data item, obtaining a signature of the state evaluation information according to a preset signature algorithm; and generating a state evaluation certificate corresponding to the encrypted identifier of the user equipment according to the signature of the state evaluation information and the state evaluation information.
Optionally, the apparatus is a node on a block chain; the processing module is further configured to: generating encryption information of each data item according to each data item in the state evaluation information allowed to be disclosed in the preset disclosure strategy and the confusion information of each data item; generating a selective disclosure state evaluation certificate corresponding to the encryption identification of the user equipment according to the encryption information of each data item; chaining the selective disclosure state evaluation credentials by a node on the blockchain.
Optionally, the processing module is further configured to: if the local user equipment is determined to be equipment of a first type of user and/or equipment of a second type of user according to the state evaluation information corresponding to the encrypted identifier of the local user equipment, broadcasting the encrypted identifier of the local user equipment to part or all of the user equipment; and/or if the external user equipment is determined to be equipment of a first type of user and/or equipment of a second type of user according to the selective disclosure state evaluation certificate corresponding to the encryption identifier of the external user equipment, broadcasting the encryption identifier of the external user equipment to part or all of the user equipment.
Optionally, for any authorized user equipment in each authorized user equipment in the user equipments, the apparatus records an encrypted identifier of a user equipment broadcast received by the authorized user equipment; the processing module is specifically configured to: broadcasting the encrypted identification of the local user equipment to: authorized user equipment in each authorized user equipment, wherein the encrypted identification of the local user equipment is recorded, and each unauthorized user equipment in each user equipment; broadcasting the encrypted identification of the external user equipment to: authorized user equipment and unauthorized user equipment, wherein the encrypted identifier of the external user equipment is recorded in the authorized user equipment.
Embodiments of the present application provide a computer device, which includes a program or instructions, and when the program or instructions are executed, the program or instructions are used to execute an information disclosure method and any optional method provided by embodiments of the present application.
The embodiment of the application provides a storage medium which comprises a program or an instruction, and when the program or the instruction is executed, the program or the instruction is used for executing an information disclosure method and any optional method provided by the embodiment of the application.
Finally, it should be noted that: as will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.

Claims (13)

1. An information disclosure method, comprising:
the first user equipment generates contact information of the second user equipment at least according to the received second encryption identifier broadcasted by the second user equipment based on the client application of the mechanism server; the second encrypted identifier is obtained by encrypting the device identifier of the second user equipment by the mechanism server;
the first user equipment updates a local contact information database of the client application based on the contact information of the second user equipment; the local contact information database records contact information of the first user equipment and each second user equipment; the second user equipment is any one of the second user equipment;
and the first user equipment generates a state identification code of the first user equipment at least according to the local contact information database based on the client application.
2. The method of claim 1, further comprising:
the first user equipment generates a public key of the first user equipment and a private key of the first user equipment;
the first user equipment sends the equipment identification of the first user equipment and the public key of the first user equipment to the institution server;
the first user equipment acquires a first encryption identifier from the mechanism server; the first encrypted identifier is obtained by encrypting the device identifier of the first user equipment by the mechanism server according to the public key of the first user equipment;
the first user equipment broadcasts the first encryption identification.
3. The method of claim 1, wherein the agency server-based client application precedes generating contact information for a second user device based at least on a received second encrypted identification broadcast by the second user device; further comprising:
the first user equipment acquires the signal intensity of the second encryption identifier broadcast by the second user equipment;
the first user equipment determines that the signal strength is greater than or equal to a preset strength threshold.
4. The method of claim 1, further comprising:
the first user equipment acquires an alarm notice from the mechanism server; the warning notification indicates a third encrypted identifier of the equipment of the first type of user and/or a fourth encrypted identifier of the equipment of the second type of user;
the first user equipment generates a state identification code of the first user equipment at least according to the local contact information database based on the client application; the method comprises the following steps:
and the first user equipment generates a state identification code of the first user equipment according to the local contact information database and the encrypted identification indicated by the warning notification on the basis of the client application.
5. The method of any of claims 1 to 4, further comprising:
the first user equipment deletes the contact information outside a preset time length range in the local contact information database; the preset time length range is determined according to the preset time length set by the mechanism server.
6. The method of any of claims 1 to 4, wherein the first user device is the second encrypted identification received via a near field communication mode.
7. An information disclosure method, comprising:
the mechanism server acquires equipment identifications from each user equipment;
for each user equipment in the user equipments, the mechanism server encrypts the equipment identifier of the user equipment to obtain the encrypted identifier of the user equipment;
the mechanism server sends the encrypted identification of the user equipment to the user equipment; the encrypted identification of each user equipment is used for generating the state identification code of each user equipment through broadcasting and/or receiving of each user equipment.
8. The method of claim 7, further comprising:
the mechanism server acquires state evaluation information corresponding to an encrypted identifier of the user equipment;
the mechanism server obtains a signature of the state evaluation information according to a preset signature algorithm according to each data item in the state evaluation information and confusion information of the data item;
and the mechanism server generates a state evaluation certificate corresponding to the encrypted identifier of the user equipment according to the signature of the state evaluation information and the state evaluation information.
9. The method of claim 7, wherein the chassis server is a node on a blockchain; further comprising:
the agency server generates encryption information of each data item according to each data item in the state evaluation information allowed to be disclosed in the preset disclosure strategy and the confusion information of each data item;
the mechanism server generates a selective disclosure state evaluation certificate corresponding to the encryption identification of the user equipment according to the encryption information of each data item;
the chassis server chains up the selective disclosure state evaluation credential through nodes on the blockchain.
10. The method of claim 8 or 9, further comprising:
if the mechanism server determines that the local user equipment is equipment of a first type of user and/or equipment of a second type of user according to the state evaluation information corresponding to the encrypted identifier of the local user equipment, the mechanism server broadcasts the encrypted identifier of the local user equipment to part or all of the user equipment; and/or
If the mechanism server determines that the external user equipment is equipment of a first type of user and/or equipment of a second type of user according to the selective disclosure state evaluation certificate corresponding to the encryption identifier of the external user equipment, the mechanism server broadcasts the encryption identifier of the external user equipment to part or all of the user equipment.
11. The method of claim 10, wherein for any one of the authorized user devices, the agency server records an encrypted identification of the user device broadcast received by the authorized user device;
the mechanism server broadcasts the encrypted identification of the local user equipment to part or all of the user equipment; the method comprises the following steps:
the agency server broadcasts the encrypted identification of the local user equipment to: authorized user equipment in each authorized user equipment, wherein the encrypted identification of the local user equipment is recorded, and each unauthorized user equipment in each user equipment;
the mechanism server broadcasts the encrypted identification of the external user equipment to part or all of the user equipment; the method comprises the following steps:
the agency server broadcasts the encrypted identification of the external user equipment to: authorized user equipment and unauthorized user equipment, wherein the encrypted identifier of the external user equipment is recorded in the authorized user equipment.
12. A computer device comprising a program or instructions which, when executed, performs the method of any of claims 1 to 6 or 7 to 11.
13. A storage medium comprising a program or instructions which, when executed, perform the method of any one of claims 1 to 6 or 7 to 11.
CN202010580115.8A 2020-06-23 2020-06-23 Information disclosure method and device Pending CN111538740A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010580115.8A CN111538740A (en) 2020-06-23 2020-06-23 Information disclosure method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010580115.8A CN111538740A (en) 2020-06-23 2020-06-23 Information disclosure method and device

Publications (1)

Publication Number Publication Date
CN111538740A true CN111538740A (en) 2020-08-14

Family

ID=71979776

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010580115.8A Pending CN111538740A (en) 2020-06-23 2020-06-23 Information disclosure method and device

Country Status (1)

Country Link
CN (1) CN111538740A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113793440A (en) * 2021-10-29 2021-12-14 昆山丰澜智能科技有限公司 Ultra-low energy consumption Bluetooth signal receiving and transmitting method and epidemic prevention control system and method thereof
CN114422113A (en) * 2020-10-12 2022-04-29 华为技术有限公司 Method and electronic device for obtaining proximity
CN115052293A (en) * 2022-04-06 2022-09-13 北京京东乾石科技有限公司 Method, device, medium, and electronic device for determining tight contact

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114422113A (en) * 2020-10-12 2022-04-29 华为技术有限公司 Method and electronic device for obtaining proximity
CN114422113B (en) * 2020-10-12 2024-04-12 华为技术有限公司 Method for obtaining proximity and electronic equipment
CN113793440A (en) * 2021-10-29 2021-12-14 昆山丰澜智能科技有限公司 Ultra-low energy consumption Bluetooth signal receiving and transmitting method and epidemic prevention control system and method thereof
CN115052293A (en) * 2022-04-06 2022-09-13 北京京东乾石科技有限公司 Method, device, medium, and electronic device for determining tight contact

Similar Documents

Publication Publication Date Title
US11032086B2 (en) Certificate authority master key tracking on distributed ledger
US20200328901A1 (en) Methods and apparatus for providing blockchain participant identity binding
US10284379B1 (en) Public key infrastructure based on the public certificates ledger
US12052246B2 (en) Personal identity system
CN108737430B (en) Encryption communication method and system for block chain node
US11159307B2 (en) Ad-hoc trusted groups on a blockchain
CN108647964B (en) Block chain data processing method and device and computer readable storage medium
KR101019006B1 (en) Certify and split system and method for replacing cryptographic keys
Mukta et al. Blockchain-based verifiable credential sharing with selective disclosure
US20190333031A1 (en) System, method, and computer program product for validating blockchain or distributed ledger transactions in a service requiring payment
KR101169100B1 (en) Method and system for asymmetric key security
JP2020528695A (en) Blockchain authentication via hard / soft token verification
EP2529506B1 (en) Access control
CN112787818B (en) User authentication system and method based on anonymous protocol, and recording medium
CN109492424B (en) Data asset management method, data asset management device, and computer-readable medium
CN111538740A (en) Information disclosure method and device
JP2019083447A (en) Data transmission/reception system and data transmission/reception method
CN110599342A (en) Block chain-based identity information authorization method and device
WO2022206453A1 (en) Method and apparatus for providing cross-chain private data
Rongyu et al. A PK-SIM card based end-to-end security framework for SMS
US7739500B2 (en) Method and system for consistent recognition of ongoing digital relationships
CN112634040B (en) Data processing method and device
Shehu et al. Spidverify: A secure and privacy-preserving decentralised identity verification framework
Straub et al. Security for ubiquitous computing
Alsalami Kleptography and Steganography in Blockchains

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination