CN111726318A - Sensitive data transaction method and system based on block chain - Google Patents
Sensitive data transaction method and system based on block chain Download PDFInfo
- Publication number
- CN111726318A CN111726318A CN201910203965.3A CN201910203965A CN111726318A CN 111726318 A CN111726318 A CN 111726318A CN 201910203965 A CN201910203965 A CN 201910203965A CN 111726318 A CN111726318 A CN 111726318A
- Authority
- CN
- China
- Prior art keywords
- request
- sensitive data
- node
- address
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 44
- 238000012546 transfer Methods 0.000 claims abstract description 37
- 230000007246 mechanism Effects 0.000 claims abstract description 21
- 230000000977 initiatory effect Effects 0.000 claims abstract description 16
- 230000001960 triggered effect Effects 0.000 claims abstract description 13
- 230000006855 networking Effects 0.000 claims abstract description 4
- 238000012545 processing Methods 0.000 claims description 27
- 238000004806 packaging method and process Methods 0.000 claims description 9
- 239000000284 extract Substances 0.000 claims description 6
- 238000010276 construction Methods 0.000 claims description 3
- 230000032258 transport Effects 0.000 claims 3
- 230000008569 process Effects 0.000 abstract description 12
- 238000005516 engineering process Methods 0.000 abstract description 4
- 230000009286 beneficial effect Effects 0.000 description 4
- 230000008520 organization Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Technology Law (AREA)
- General Physics & Mathematics (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a sensitive data transaction method and system based on a block chain, relates to the technical field of the block chain, and can meet the requirements of safe, reliable, transparent, convenient and efficient sensitive data transaction process by applying the block chain technology to a data transaction scene. The method comprises the following steps: the member mechanism builds respective nodes, and the distributed cache used for storing sensitive data and the account book used for recording transfer points are built in one or more nodes, so that the nodes form block chains respectively with the distributed cache and the account book in a networking mode; initiating a sensitive data request to a distributed cache through a data transaction module of a request node, paying points to a target node through a transfer module of the request node when an intelligent contract is triggered, and issuing the sensitive data request through the distributed cache by a data transaction module of the target node after accounting through an account book so that the data transaction module of the request node can acquire and analyze sensitive data; the system comprises the method provided by the scheme.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a sensitive data transaction method and system based on a block chain.
Background
In today's information society, data plays an increasingly important role. Data sharing and trading has become a hotspot in current technologies and businesses. Moreover, since the data has a large difference compared with the conventional goods, for example, it is easy to lose, copy, require confidentiality, etc. Thus, there are higher demands on the processing power of the transaction, traceability of the transaction process, integrity of the transaction data and reliability.
However, in the conventional data transaction manner, the transaction is generally completed by relying on a transaction center of a third party, the processing capacity of the transaction center affects the efficiency of the transaction, and the failure of the transaction center affects all related parties of the transaction; moreover, tracking of the conventional transaction process relies heavily on conventional centralized trust authorities, such as banks, stock exchanges, third-party authorities, etc., and the verification of the transaction can only be completed through these centralized trust authorities.
On a traditional transaction platform, the integrity of transaction data is difficult to maintain, due to the non-transparency of traditional transactions, the history of transactions is difficult to trace, and transaction process files can be tampered, so that for sensitive data, the safety and the non-tampering property of traditional data transactions cannot be guaranteed, and if data is forged or tampered, the benefits of transaction buyers cannot be guaranteed.
Disclosure of Invention
The invention aims to provide a sensitive data transaction method and system based on a block chain, which can meet the requirements of safe, reliable, transparent, convenient and efficient sensitive data transaction process by applying the block chain technology to a data transaction scene.
In order to achieve the above object, an aspect of the present invention provides a block chain-based sensitive data transaction method, including:
the method comprises the steps that member mechanisms build respective nodes, and a distributed cache used for storing sensitive data and an account book used for recording transfer points are built in one or more nodes, so that the nodes form block chains respectively with the distributed cache and the account book in a networking mode;
running an intelligent contract in each node, wherein the intelligent contract comprises a transfer module for processing transfer transaction and a data transaction module for processing data exchange;
and initiating a sensitive data request to the distributed cache through a data transaction module of a request node, paying points to a target node by a transfer module of the request node when an intelligent contract is triggered, and issuing the sensitive data request through the distributed cache by the data transaction module of the target node after the account book accounts, so that the data transaction module of the request node can acquire and analyze the sensitive data.
Optionally, the data transaction module includes a request unit, an encryption/decryption unit, a publishing unit, a subscribing unit and a storage unit;
the request unit is used for initiating a sensitive data acquisition request, wherein the sensitive data request comprises a packed target integral address, encrypted sensitive data and a public key associated with the request integral address;
the encryption and decryption unit is used for encrypting the sensitive data by using the corresponding public key and decrypting the sensitive data by using the corresponding private key;
the issuing unit is called by the request node and is used for packaging and uploading the target integral address, the encrypted sensitive data and a public key associated with the request integral address to the distributed cache;
the subscription unit is called by a target node and is used for extracting a target integral address in a sensitive data request, encrypting sensitive data and a public key associated with the request integral address;
the storage unit is used for storing a public key and a private key which are associated with each integral address.
Preferably, the method of initiating a sensitive data request to the distributed cache via the data transaction module of the requesting node and paying credit to the target node by its transfer module when the smart contract is triggered comprises:
issuing the sensitive data request to the distributed cache by calling an issuing unit through a request unit request of any request node;
extracting a target point address in the sensitive data request, and judging whether the target point address belongs to the request node;
if so, directly calling a private key associated with the target point address from the storage unit to decrypt the encrypted sensitive data to obtain plaintext sensitive data;
and if not, triggering the intelligent contract to execute the operation of paying the point to the target point address through a transfer module of the request node, and keeping the account by the account book.
Preferably, the method for issuing the sensitive data request through the distributed cache by the data transaction module of the target node after the accounting book is booked comprises the following steps:
after the accounting of the account book is finished, a subscription unit of a target node reads the sensitive data request from the distributed cache and extracts a target point address, encrypted sensitive data and a public key associated with the request point address;
and judging whether the target integral address belongs to the target node, if not, not processing, if so, directly calling a private key associated with the target integral address from a storage unit to decrypt the encrypted sensitive data to obtain plaintext sensitive data, then encrypting the plaintext sensitive data by using the extracted public key associated with the request integral address, and finally packaging the request integral address and the re-encrypted sensitive data together and uploading the packaged request integral address and the re-encrypted sensitive data to the distributed cache.
Preferably, the method of enabling the data transaction module of the requesting node to acquire and parse the sensitive data comprises:
subscribing the fed back sensitive data from the distributed cache through a subscription unit of a request node, and extracting a request integral address and the re-encrypted sensitive data in the sensitive data;
and judging whether the request integral address belongs to the request node, if not, not processing, and if so, directly calling a private key associated with the request integral address from a storage unit to decrypt the re-encrypted sensitive data to obtain plaintext sensitive data.
Compared with the prior art, the sensitive data transaction method based on the block chain has the following beneficial effects:
in the sensitive data transaction method based on the block chain, one or more nodes are selected from member institutions to establish a distributed cache and an account book, the time consumption of the data transaction process can be shortened by adopting the design scheme of the distributed cache, the performance of data exchange is improved, the whole data transaction can be more convenient and efficient, specifically, when any member institution requests to acquire sensitive data, only corresponding points need to be paid to a target node (a data holding institution), an intelligent contract can be automatically triggered to execute data transaction operation, the point transfer and the data transaction process can be synchronously carried out, the problem of a trust mechanism of the traditional data transaction mode is solved, sensitive data is packaged by a one-time pad technology, the safety of the data transaction process can be effectively ensured, in addition, due to the characteristic that the block chain is decentralized, the block chain-based sensitive data transaction method provided by the invention does not need a centralized operation institution, the cost of operation is significantly reduced.
Another aspect of the present invention provides a block chain-based sensitive data transaction system, which is applied to the block chain-based sensitive data transaction method according to the above technical solution, and the system includes:
the block chain construction part is used for constructing respective nodes by member mechanisms, and constructing a distributed cache for storing sensitive data and an account book for recording transfer points in one or more nodes so that the nodes form a block chain with the distributed cache and the account book network respectively;
the intelligent contract setting part is used for operating an intelligent contract in each node, and the intelligent contract comprises a transfer module for processing transfer transaction and a data transaction module for processing data exchange;
and the data transaction part is used for initiating a sensitive data request to the distributed cache through the data transaction module of the request node, paying the credit to the target node through the transfer module of the request node when the intelligent contract is triggered, and issuing the sensitive data request through the distributed cache through the data transaction module of the target node after the credit is booked by the book so that the data transaction module of the request node can acquire and analyze the sensitive data.
Optionally, the data transaction module includes a request unit, an encryption/decryption unit, a publishing unit, a subscribing unit and a storage unit;
the request unit is used for initiating a sensitive data acquisition request, wherein the sensitive data request comprises a packed target integral address, encrypted sensitive data and a public key associated with the request integral address;
the encryption and decryption unit is used for encrypting the sensitive data by using the corresponding public key and decrypting the sensitive data by using the corresponding private key;
the issuing unit is called by the request node and is used for packaging and uploading the target integral address, the encrypted sensitive data and a public key associated with the request integral address to the distributed cache;
the subscription unit is called by a target node and is used for extracting a target integral address in a sensitive data request, encrypting sensitive data and a public key associated with the request integral address;
the storage unit is used for storing a public key and a private key which are associated with each integral address.
Preferably, the data transaction part includes:
the first execution module is used for issuing the sensitive data request to the distributed cache by calling an issuing unit through a request unit request of any request node;
the first judgment module is used for extracting a target integral address in the sensitive data request and judging whether the target integral address belongs to the request node;
if so, directly calling a private key associated with the target point address from the storage unit to decrypt the encrypted sensitive data to obtain plaintext sensitive data;
and if not, triggering the intelligent contract to execute the operation of paying the point to the target point address through a transfer module of the request node, and keeping the account by the account book.
Preferably, the data transaction unit further comprises:
the second execution module is used for reading the sensitive data request from the distributed cache by the subscription unit of the target node after the accounting of the account book is finished, and extracting a target point address, encrypted sensitive data and a public key associated with the request point address;
and the second judgment module is used for judging whether the target integral address belongs to the target node or not, if not, processing is not carried out, if yes, a private key associated with the target integral address is directly called from the storage unit to decrypt the encrypted sensitive data to obtain plaintext sensitive data, the plaintext sensitive data is encrypted by using the extracted public key associated with the request integral address, and finally, the request integral address and the re-encrypted sensitive data are packaged together and uploaded to the distributed cache.
Further, the data transaction unit further includes:
a third execution module, configured to subscribe the fed-back sensitive data from the distributed cache via a subscription unit of the requesting node, and extract a request point address and re-encrypted sensitive data therein;
and the third judging module is used for judging whether the request integral address belongs to the request node or not, if not, processing is not carried out, and if yes, the private key associated with the request integral address is directly called from the storage unit to decrypt the re-encrypted sensitive data to obtain plaintext sensitive data.
Compared with the prior art, the beneficial effects of the sensitive data transaction system based on the block chain provided by the invention are the same as the beneficial effects of the sensitive data transaction method based on the block chain provided by the technical scheme, and the detailed description is omitted here.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention and not to limit the invention. In the drawings:
fig. 1 is a schematic flowchart of a block chain-based sensitive data transaction method according to an embodiment of the present invention;
fig. 2 is a block diagram of a sensitive data transaction system based on a blockchain according to a second embodiment of the present invention.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail below. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
Referring to fig. 1, the present embodiment provides a block chain-based sensitive data transaction method, including:
the member mechanism builds respective nodes, and the distributed cache used for storing sensitive data and the account book used for recording transfer points are built in one or more nodes, so that the nodes form block chains respectively with the distributed cache and the account book in a networking mode; running an intelligent contract in each node, wherein the intelligent contract comprises a transfer module for processing transfer transaction and a data transaction module for processing data exchange; the sensitive data request is sent to the distributed cache through the data transaction module of the request node, the transfer module pays points to the target node when the intelligent contract is triggered, and the sensitive data request is issued through the distributed cache by the data transaction module of the target node after the account book is booked, so that the data transaction module of the request node can acquire and analyze the sensitive data.
In the sensitive data transaction method based on the block chain provided by this embodiment, one or more nodes are selected from member institutions to construct a distributed cache and an account book, and by adopting the design scheme of the distributed cache, the time consumption of the data transaction process can be shortened, the performance of data exchange is improved, and the whole data transaction can be more convenient and efficient And the operation cost is obviously reduced.
Specifically, the data transaction module in the above embodiment includes a request unit, an encryption/decryption unit, a publishing unit, a subscribing unit, and a storage unit;
the request unit is used for initiating a sensitive data acquisition request, wherein the sensitive data request comprises a packed target integral address, encrypted sensitive data and a public key associated with the request integral address; the encryption and decryption unit is used for encrypting the sensitive data by using the corresponding public key and decrypting the sensitive data by using the corresponding private key; the issuing unit is called by the request node and is used for packaging and uploading the target integral address, the encrypted sensitive data and a public key associated with the request integral address to the distributed cache; the subscription unit is called by a target node and is used for extracting a target integral address in a sensitive data request, encrypting sensitive data and a public key associated with the request integral address; the storage unit is used for storing a public key and a private key which are associated with each integral address.
Preferably, the method in the above embodiment, in which the request node initiates a sensitive data request to the distributed cache via the data transaction module of the requesting node, and the transfer module pays the credit to the target node when the smart contract is triggered, includes:
initiating a request through a request unit of any request node, and issuing a sensitive data request to a distributed cache by calling an issuing unit; extracting a target integral address in the sensitive data request, and judging whether the target integral address belongs to a request node; if so, directly calling a private key associated with the target point address from the storage unit to decrypt and encrypt the sensitive data to obtain plaintext sensitive data; and if not, triggering the intelligent contract to execute the operation of paying the point to the target point address through the transfer module of the request node, and keeping the account by the account book.
In the above embodiment, the method for issuing the sensitive data request by the data transaction module of the target node through the distributed cache after the accounting of the ledger includes:
after accounting of the account book is completed, a subscription unit of the target node reads a sensitive data request from the distributed cache, and extracts a target point address, encrypted sensitive data and a public key associated with the request point address; and judging whether the target integral address belongs to a target node, if not, not processing, if so, directly calling a private key associated with the target integral address from the storage unit to decrypt and encrypt the sensitive data to obtain plaintext sensitive data, then encrypting the plaintext sensitive data by using the extracted public key associated with the request integral address, and finally packaging and uploading the request integral address and the re-encrypted sensitive data together to a distributed cache.
In the above embodiment, the method for enabling the data transaction module of the requesting node to acquire and analyze the sensitive data includes:
subscribing the fed back sensitive data from the distributed cache through a subscription unit of the request node, and extracting a request integral address and the re-encrypted sensitive data in the sensitive data; and judging whether the request integral address belongs to the request node, if not, not processing, and if so, directly calling a private key associated with the request integral address from the storage unit to decrypt and encrypt the sensitive data to obtain plaintext sensitive data.
For ease of understanding, the above specific implementation is now exemplified:
as shown in fig. 2, the blockchain is composed of N nodes, each node runs an intelligent contract, the intelligent contract of each node performs data transaction with the distributed cache, for example, a requesting node a requests a target node B for sensitive data, (Aa, Ap, As) respectively represent a credit address of the requesting node a, a public key associated with the credit address of the requesting node a, and a private key associated with the credit address of the requesting node a, (Ba, Bp, Bs) respectively represent the credit address of the target node B, a public key associated with the credit address of the target node B, and a private key associated with the credit address of the target node B, key represents the sensitive data in the target node, key represents encrypted sensitive data generated by encrypting the sensitive data using Ap,
the Bpkey represents the re-encrypted sensitive data generated by encrypting the plaintext sensitive data by using Bp; assuming that Aa belongs to the node of organization 1, the request unit of organization 1 queries the key of Ba in organization 2 by Aa, and the specific operation process is as follows: firstly, a request unit of a mechanism 1 issues a sensitive data acquisition request containing (Ba, Bpkey and Ap) to a distributed cache, in order to identify whether the sensitive data is held by the mechanism 1, Ba in the sensitive data request needs to be identified, when the Ba is judged to belong to the mechanism 1, an intelligent contract does not need to be triggered, then the Bs are directly called from a storage unit of the mechanism 1 to decrypt the Bpkey, when the Ba is judged not to belong to the mechanism 1, the intelligent contract is triggered to execute an integral transfer operation, a certain integral is paid from Aa through accounting book accounting, a corresponding Ba receives a certain integral, meanwhile, a subscription unit of the mechanism 2 subscribes the sensitive data request from the distributed cache, judges whether the Ba belongs to the node address of the mechanism 2, when the Ba is judged not to belong to the mechanism 2, processing is not carried out, and when the Ba is judged to belong to the mechanism 2, b is called from a storage unit of the mechanism 2 to decrypt the Bpkey to obtain a key, then Apkey is generated by encrypting the key by using the extracted Ap, and finally, (Aa) and Apkey are packaged and issued to a distributed cache, after the mechanism 2 feeds back a query request, a subscription unit of the mechanism 1 can subscribe (Aa) and Apkey from the distributed cache, and As Aa belongs to an address in the node mechanism 1, plaintext sensitive data can be obtained by only calling As from the storage unit to decrypt the Apkey.
Optionally, in order to achieve anonymity of the member institution, a plurality of credit addresses can be arranged in each node, so that the requesting node can randomly select any one of the credit addresses for use in the data transaction process, which greatly reduces the probability that the requesting institution is identified in the data query process.
Example two
Referring to fig. 1 and fig. 2, the present embodiment provides a block chain-based sensitive data transaction system, including:
the block chain construction part is used for constructing respective nodes by member mechanisms, and constructing a distributed cache for storing sensitive data and an account book for recording transfer points in one or more nodes so that the nodes form a block chain with the distributed cache and the account book network respectively;
the intelligent contract setting part is used for operating an intelligent contract in each node, and the intelligent contract comprises a transfer module for processing transfer transaction and a data transaction module for processing data exchange;
and the data transaction part is used for initiating a sensitive data request to the distributed cache through the data transaction module of the request node, paying the credit to the target node through the transfer module of the request node when the intelligent contract is triggered, and issuing the sensitive data request through the distributed cache through the data transaction module of the target node after the credit is booked by the book so that the data transaction module of the request node can acquire and analyze the sensitive data.
Specifically, the data transaction module comprises a request unit, an encryption and decryption unit, a publishing unit, a subscribing unit and a storage unit;
the request unit is used for initiating a sensitive data acquisition request, wherein the sensitive data request comprises a packed target integral address, encrypted sensitive data and a public key associated with the request integral address;
the encryption and decryption unit is used for encrypting the sensitive data by using the corresponding public key and decrypting the sensitive data by using the corresponding private key;
the issuing unit is called by the request node and is used for packaging and uploading the target integral address, the encrypted sensitive data and a public key associated with the request integral address to the distributed cache;
the subscription unit is called by a target node and is used for extracting a target integral address in a sensitive data request, encrypting sensitive data and a public key associated with the request integral address;
the storage unit is used for storing a public key and a private key which are associated with each integral address.
Preferably, the data transaction part includes:
the first execution module is used for issuing the sensitive data request to the distributed cache by calling the issuing unit through a request unit request of any request node;
the first judgment module is used for extracting a target integral address in the sensitive data request and judging whether the target integral address belongs to the request node;
when the judgment result is yes, directly calling a private key associated with the target integral address from the storage unit to decrypt the encrypted sensitive data to obtain plaintext sensitive data;
and if not, triggering the intelligent contract to execute the operation of paying the point to the target point address through a transfer module of the request node, and keeping the account by the account book.
Preferably, the data transaction unit further comprises:
the second execution module is used for reading the sensitive data request from the distributed cache by the subscription unit of the target node after the accounting of the account book is finished, and extracting a target point address, encrypted sensitive data and a public key associated with the request point address;
and the second judgment module is used for judging whether the target integral address belongs to the target node or not, if not, processing is not carried out, if yes, a private key associated with the target integral address is directly called from the storage unit to decrypt the encrypted sensitive data to obtain plaintext sensitive data, the extracted public key associated with the request integral address is used for encrypting the plaintext sensitive data, and finally, the request integral address and the re-encrypted sensitive data are packaged together and uploaded to the distributed cache.
Preferably, the data transaction unit further comprises:
a third execution module, configured to subscribe the fed-back sensitive data from the distributed cache via a subscription unit of the requesting node, and extract a request point address and re-encrypted sensitive data therein;
and the third judging module is used for judging whether the request integral address belongs to the request node or not, if not, processing is not carried out, and if yes, the private key associated with the request integral address is directly called from the storage unit to decrypt the re-encrypted sensitive data to obtain plaintext sensitive data.
Compared with the prior art, the beneficial effects of the block chain-based sensitive data transaction system provided by the embodiment of the invention are the same as those of the block chain-based sensitive data transaction method provided by the first embodiment, and are not repeated herein.
It will be understood by those skilled in the art that all or part of the steps in the method for implementing the invention may be implemented by hardware instructions related to a program, the program may be stored in a computer-readable storage medium, and when executed, the program includes the steps of the method of the embodiment, and the storage medium may be: ROM/RAM, magnetic disks, optical disks, memory cards, and the like.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (10)
1. A sensitive data transaction method based on a block chain is characterized by comprising the following steps:
the method comprises the steps that member mechanisms build respective nodes, and a distributed cache used for storing sensitive data and an account book used for recording transfer points are built in one or more nodes, so that the nodes form block chains respectively with the distributed cache and the account book in a networking mode;
running an intelligent contract in each node, wherein the intelligent contract comprises a transfer module for processing transfer transaction and a data transaction module for processing data exchange;
and initiating a sensitive data request to the distributed cache through a data transaction module of a request node, paying points to a target node by a transfer module of the request node when an intelligent contract is triggered, and issuing the sensitive data request through the distributed cache by the data transaction module of the target node after the account book accounts, so that the data transaction module of the request node can acquire and analyze the sensitive data.
2. The method of claim 1, wherein the data transaction module comprises a request unit, an encryption and decryption unit, a publishing unit, a subscribing unit and a storage unit;
the request unit is used for initiating a sensitive data acquisition request, wherein the sensitive data request comprises a packed target integral address, encrypted sensitive data and a public key associated with the request integral address;
the encryption and decryption unit is used for encrypting the sensitive data by using the corresponding public key and decrypting the sensitive data by using the corresponding private key;
the issuing unit is called by the request node and is used for packaging and uploading the target integral address, the encrypted sensitive data and a public key associated with the request integral address to the distributed cache;
the subscription unit is called by a target node and is used for extracting a target integral address in a sensitive data request, encrypting sensitive data and a public key associated with the request integral address;
the storage unit is used for storing a public key and a private key which are associated with each integral address.
3. The method of claim 2, wherein initiating a request for sensitive data to the distributed cache via a data transaction module of a requesting node and paying credits to a target node by a transfer module thereof when a smart contract is triggered comprises:
initiating a request through a request unit of any request node, and issuing the sensitive data request to the distributed cache by calling an issuing unit;
extracting a target point address in the sensitive data request, and judging whether the target point address belongs to the request node;
if so, directly calling a private key associated with the target point address from the storage unit to decrypt the encrypted sensitive data to obtain plaintext sensitive data;
and if not, triggering the intelligent contract to execute the operation of paying the point to the target point address through a transfer module of the request node, and keeping the account by the account book.
4. The method of claim 3, wherein the step of issuing the sensitive data request through the distributed cache by a data transaction module of a target node after accounting by the ledger comprises:
after the accounting of the account book is finished, a subscription unit of a target node reads the sensitive data request from the distributed cache and extracts a target point address, encrypted sensitive data and a public key associated with the request point address;
and judging whether the target integral address belongs to the target node, if not, not processing, if so, directly calling a private key associated with the target integral address from a storage unit to decrypt the encrypted sensitive data to obtain plaintext sensitive data, then encrypting the plaintext sensitive data by using the extracted public key associated with the request integral address, and finally packaging the request integral address and the re-encrypted sensitive data together and uploading the packaged request integral address and the re-encrypted sensitive data to the distributed cache.
5. The method of claim 3, wherein enabling a data transaction module of a requesting node to obtain and parse the sensitive data comprises:
subscribing the fed back sensitive data from the distributed cache through a subscription unit of a request node, and extracting a request integral address and the re-encrypted sensitive data in the sensitive data;
and judging whether the request integral address belongs to the request node, if not, not processing, and if so, directly calling a private key associated with the request integral address from a storage unit to decrypt the re-encrypted sensitive data to obtain plaintext sensitive data.
6. A blockchain-based sensitive data transaction system, comprising:
the block chain construction part is used for constructing respective nodes by member mechanisms, and constructing a distributed cache for storing sensitive data and an account book for recording transfer points in one or more nodes so that the nodes form a block chain with the distributed cache and the account book network respectively;
the intelligent contract setting part is used for operating an intelligent contract in each node, and the intelligent contract comprises a transfer module for processing transfer transaction and a data transaction module for processing data exchange;
and the data transaction part is used for initiating a sensitive data request to the distributed cache through the data transaction module of the request node, paying the credit to the target node through the transfer module of the request node when the intelligent contract is triggered, and issuing the sensitive data request through the distributed cache through the data transaction module of the target node after the credit is booked by the book so that the data transaction module of the request node can acquire and analyze the sensitive data.
7. The system of claim 6, wherein the data transaction module comprises a request unit, an encryption and decryption unit, a publishing unit, a subscribing unit and a storage unit;
the request unit is used for initiating a sensitive data acquisition request, wherein the sensitive data request comprises a packed target integral address, encrypted sensitive data and a public key associated with the request integral address;
the encryption and decryption unit is used for encrypting the sensitive data by using the corresponding public key and decrypting the sensitive data by using the corresponding private key;
the issuing unit is called by the request node and is used for packaging and uploading the target integral address, the encrypted sensitive data and a public key associated with the request integral address to the distributed cache;
the subscription unit is called by a target node and is used for extracting a target integral address in a sensitive data request, encrypting sensitive data and a public key associated with the request integral address;
the storage unit is used for storing a public key and a private key which are associated with each integral address.
8. The system of claim 7, wherein the data trafficking section comprises:
the first execution module is used for issuing the sensitive data request to the distributed cache by calling an issuing unit through a request unit request of any request node;
the first judgment module is used for extracting a target integral address in the sensitive data request and judging whether the target integral address belongs to the request node;
if so, directly calling a private key associated with the target point address from the storage unit to decrypt the encrypted sensitive data to obtain plaintext sensitive data;
and if not, triggering the intelligent contract to execute the operation of paying the point to the target point address through a transfer module of the request node, and keeping the account by the account book.
9. The system of claim 8, wherein the data trafficking unit further comprises:
the second execution module is used for reading the sensitive data request from the distributed cache by the subscription unit of the target node after the accounting of the account book is finished, and extracting a target point address, encrypted sensitive data and a public key associated with the request point address;
and the second judgment module is used for judging whether the target integral address belongs to the target node or not, if not, processing is not carried out, if yes, a private key associated with the target integral address is directly called from the storage unit to decrypt the encrypted sensitive data to obtain plaintext sensitive data, the plaintext sensitive data is encrypted by using the extracted public key associated with the request integral address, and finally, the request integral address and the re-encrypted sensitive data are packaged together and uploaded to the distributed cache.
10. The system of claim 9, wherein the data trafficking unit further comprises:
a third execution module, configured to subscribe the fed-back sensitive data from the distributed cache via a subscription unit of the requesting node, and extract a request point address and re-encrypted sensitive data therein;
and the third judging module is used for judging whether the request integral address belongs to the request node or not, if not, processing is not carried out, and if yes, the private key associated with the request integral address is directly called from the storage unit to decrypt the re-encrypted sensitive data to obtain plaintext sensitive data.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910203965.3A CN111726318A (en) | 2019-03-18 | 2019-03-18 | Sensitive data transaction method and system based on block chain |
| CA3175716A CA3175716A1 (en) | 2019-03-18 | 2019-09-30 | Sensitive data transaction method and system based on blockchain |
| PCT/CN2019/109353 WO2020186727A1 (en) | 2019-03-18 | 2019-09-30 | Sensitive data transaction method and system based on blockchain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910203965.3A CN111726318A (en) | 2019-03-18 | 2019-03-18 | Sensitive data transaction method and system based on block chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111726318A true CN111726318A (en) | 2020-09-29 |
Family
ID=72519562
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910203965.3A Pending CN111726318A (en) | 2019-03-18 | 2019-03-18 | Sensitive data transaction method and system based on block chain |
Country Status (3)
| Country | Link |
|---|---|
| CN (1) | CN111726318A (en) |
| CA (1) | CA3175716A1 (en) |
| WO (1) | WO2020186727A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115099820A (en) * | 2022-07-01 | 2022-09-23 | 山东大学 | Sensitive data transaction system and method based on block chain |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113506100B (en) * | 2021-06-25 | 2023-08-08 | 网易(杭州)网络有限公司 | Alliance chain data processing method, device, computer equipment and storage medium |
| CN113724083A (en) * | 2021-09-02 | 2021-11-30 | 上海万向区块链股份公司 | Data transaction method and system based on intelligent contract |
| CN113886880B (en) * | 2021-10-09 | 2024-09-20 | 京东科技信息技术有限公司 | Method, system, equipment and storage medium for protecting data |
| CN114697077A (en) * | 2022-02-24 | 2022-07-01 | 国网江西省电力有限公司供电服务管理中心 | Electric energy data transmission method and device, storage medium and computer equipment |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104158827A (en) * | 2014-09-04 | 2014-11-19 | 中电长城网际系统应用有限公司 | Cryptograph data sharing method and device, inquiring server and data uploading client terminal |
| US9667600B2 (en) * | 2015-04-06 | 2017-05-30 | At&T Intellectual Property I, L.P. | Decentralized and distributed secure home subscriber server device |
| CN108259169A (en) * | 2018-01-09 | 2018-07-06 | 北京大学深圳研究生院 | A kind of file security sharing method and system based on block chain cloud storage |
| CN108681898A (en) * | 2018-05-15 | 2018-10-19 | 广东工业大学 | A kind of data trade method and system based on block chain |
| CN109120639A (en) * | 2018-09-26 | 2019-01-01 | 众安信息技术服务有限公司 | A kind of data cloud storage encryption method and system based on block chain |
| US10187203B2 (en) * | 2016-08-30 | 2019-01-22 | Workday, Inc. | Secure storage encryption system |
| CN109462588A (en) * | 2018-11-13 | 2019-03-12 | 上海物融智能科技有限公司 | A kind of decentralization data trade method and system based on block chain |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA3014392C (en) * | 2016-02-12 | 2024-04-16 | Royal Bank Of Canada | Methods and systems for digital reward processing |
| CN107994991B (en) * | 2017-10-31 | 2021-06-11 | 深圳市轱辘车联数据技术有限公司 | Data processing method, data processing server and storage medium |
| CN108650270B (en) * | 2018-05-16 | 2020-10-23 | 苏宁易购集团股份有限公司 | Data sharing method and system based on alliance chain and incentive mechanism |
| CN109432782A (en) * | 2018-10-25 | 2019-03-08 | 平安科技(深圳)有限公司 | Game monitoring and managing method and relevant apparatus |
-
2019
- 2019-03-18 CN CN201910203965.3A patent/CN111726318A/en active Pending
- 2019-09-30 WO PCT/CN2019/109353 patent/WO2020186727A1/en active Application Filing
- 2019-09-30 CA CA3175716A patent/CA3175716A1/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104158827A (en) * | 2014-09-04 | 2014-11-19 | 中电长城网际系统应用有限公司 | Cryptograph data sharing method and device, inquiring server and data uploading client terminal |
| US9667600B2 (en) * | 2015-04-06 | 2017-05-30 | At&T Intellectual Property I, L.P. | Decentralized and distributed secure home subscriber server device |
| US10187203B2 (en) * | 2016-08-30 | 2019-01-22 | Workday, Inc. | Secure storage encryption system |
| CN108259169A (en) * | 2018-01-09 | 2018-07-06 | 北京大学深圳研究生院 | A kind of file security sharing method and system based on block chain cloud storage |
| CN108681898A (en) * | 2018-05-15 | 2018-10-19 | 广东工业大学 | A kind of data trade method and system based on block chain |
| CN109120639A (en) * | 2018-09-26 | 2019-01-01 | 众安信息技术服务有限公司 | A kind of data cloud storage encryption method and system based on block chain |
| CN109462588A (en) * | 2018-11-13 | 2019-03-12 | 上海物融智能科技有限公司 | A kind of decentralization data trade method and system based on block chain |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115099820A (en) * | 2022-07-01 | 2022-09-23 | 山东大学 | Sensitive data transaction system and method based on block chain |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2020186727A1 (en) | 2020-09-24 |
| CA3175716A1 (en) | 2020-09-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20210160068A1 (en) | Data sharing method, apparatus, and system, and electronic device | |
| TWI701572B (en) | Data access method, system and device | |
| CN111726318A (en) | Sensitive data transaction method and system based on block chain | |
| JP7351591B2 (en) | Multi-authorization system that uses M out of N keys to restore customer wallets | |
| US11321783B2 (en) | Method and device for data processing based on blockchain | |
| EP3961455B1 (en) | Data verification methods, apparatuses, and devices | |
| TWI779231B (en) | Blockchain-based certificate storage method and device | |
| CN107846278B (en) | Intelligent contract processing method and device | |
| US11726968B2 (en) | Methods, apparatuses, and devices for transferring data assets based on blockchain | |
| US11270029B2 (en) | Data check methods, apparatuses, and devices | |
| TW202029106A (en) | A blockchain-based evidence storage method and device | |
| Hwang et al. | InfiniteChain: A multi-chain architecture with distributed auditing of sidechains for public blockchains | |
| CN109785132A (en) | A kind of anti-fake source tracing method, device and storage medium based on block chain | |
| US20210342849A1 (en) | Information sharing methods, apparatuses, and devices | |
| CN112749969B (en) | Data processing method and device, computer equipment and storage medium | |
| US20200175588A1 (en) | Blockchain-based payment | |
| CN111552991A (en) | Block chain transaction method and device | |
| CA3175939A1 (en) | Blacklist data sharing method and system based on blockchain | |
| CN112149077B (en) | Supply chain billing method, system and computer equipment based on block chain technology | |
| Yu et al. | Blockchain technology for the 5g-enabled internet of things systems: Principle, applications and challenges | |
| CN115456613A (en) | Digital collection transaction method and equipment | |
| CN110910109A (en) | Electronic resource transfer method and device based on block chain | |
| CN109785120A (en) | A kind of personal credit system based on block chain technology | |
| CA3179201A1 (en) | Systems and methods for use in segregating data blocks to distributed storage | |
| CN117034358A (en) | Service certificate processing method and device and computer equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210728 Address after: Room 834, Yingying building, No.99, Tuanjie Road, yanchuangyuan, Jiangbei new district, Nanjing, Jiangsu Province Applicant after: Nanjing Xingyun Digital Technology Co.,Ltd. Address before: 210000 No. 1 Suning Avenue, Xuanwu District, Nanjing City, Jiangsu Province Applicant before: SUNING.COM Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200929 |
|
| RJ01 | Rejection of invention patent application after publication |