CN112149184A - Block chain external storage system and method based on time-limited access - Google Patents
Block chain external storage system and method based on time-limited access Download PDFInfo
- Publication number
- CN112149184A CN112149184A CN202011332711.0A CN202011332711A CN112149184A CN 112149184 A CN112149184 A CN 112149184A CN 202011332711 A CN202011332711 A CN 202011332711A CN 112149184 A CN112149184 A CN 112149184A
- Authority
- CN
- China
- Prior art keywords
- data
- key
- storage area
- authorized
- parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2137—Time limited access, e.g. to a computer or data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The application discloses a block chain external storage system and a method based on time-limited access, which comprises a plurality of nodes in a block chain basic network, an external chain storage area, a data providing end and a data acquiring end, wherein the data providing end and the data acquiring end are respectively connected with the nodes and the external chain storage area; the out-of-chain storage area comprises a basic storage area and an authorized access area; the node is further configured with a key generator; according to the method and the device, the time limit parameter is added to the authorization key, the appointed authorization access area is set, the data provider can set the effective time limit of the authorization key according to the actual situation, the data acquisition end acquires the authorization data under the controllable condition, the data safety is guaranteed to be controllable, the storage key is only owned by the data provider, the third party is prevented from being tampered randomly, and the data privacy and the data safety are guaranteed.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a block chain out-of-chain storage system and method based on time-limited access.
Background
The block chain technology is a novel distributed, decentralized trust and traceable network technology. The traditional blockchain technology directly links transaction data for storage, and the storage efficiency is low in this way, for example, links files with large data volume such as videos and pictures, etc. will cause waste of blockchain storage resources.
In order to solve the above problems, a scheme based on block chain external storage is proposed in the prior art, and when a data storage instruction triggered by a data provider is detected, a storage key is used to encrypt data to be stored, and the encrypted data to be stored is uploaded to an external storage network, so as to obtain an external storage identifier of the data to be stored; encrypting the storage key based on the account information of the data provider to generate a query key; and generating a data storage transaction request based on the out-of-link storage identifier, the account information of the data provider and the query key, and transmitting the data storage transaction request to the blockchain network, so that the blockchain nodes handle the data storage transaction request and uplink stores the data in the data storage transaction request.
However, in practical applications, the existing off-link storage technology still has some problems, for example, once a certain user is authorized by a data provider and gets a storage key, the key is valid for a long time, the data can be accessed at any time in the future, and the user may reveal or maliciously disclose the storage key, so that the privacy of the data is revealed, and the security of the stored data is low.
Disclosure of Invention
The application provides a block chain external storage system and method based on time-limited access, which aim to solve the problem that data privacy is easily revealed because no time-limited mechanism exists in authorized access in the prior art.
In a first aspect, the present application provides a block chain external storage system based on time-limited access, including a plurality of nodes in a block chain basic network, an external storage area, and a data providing end and a data obtaining end respectively connected to the nodes and the external storage area; the out-of-chain storage area comprises a basic storage area and an authorized access area; the node is further configured with a key generator;
the data provider is configured to: storing the data to be authorized to the basic storage area, and storing the address information of the data to be authorized in the basic storage area and the hash abstract of the data to be authorized through node uplink; generating a key generation instruction according to a request sent by a data acquisition end; the key generation instruction comprises a defined duration;
the key generator is configured to: according to the key generation instruction, sending the first key parameter to a data providing end and sending the second key parameter to a data acquisition end;
the data provider is further configured to: decrypting the data to be authorized stored in the basic storage area according to the first key parameter to obtain a data plaintext; encrypting the data plaintext by using a first key parameter, data acquisition end information and a limited duration to obtain an encrypted ciphertext and storing the encrypted ciphertext in the authorized access area;
the data acquisition end is configured to: decrypting the encrypted ciphertext according to the second key parameter to obtain a data plaintext of the data to be authorized;
the off-chain storage area is configured to: and when the limited duration is reached, deleting the encrypted ciphertext in the authorized access area.
In some embodiments, the data provider is further configured to: generating a symmetric key locally, encrypting the data to be authorized by the symmetric key to obtain encrypted data, and storing the encrypted data in a basic storage area; and receiving address information stored by the encrypted data fed back by the basic storage area.
In some embodiments, the data provider is further configured to:
verifying the request sent by the data acquisition end, and if the request passes the verification, sending a key generation instruction to a key generator; and if the verification is not passed, sending refusal request information to the data acquisition terminal.
In some embodiments, the first key parameter comprises a public parameter; the common parameter is generated by a key generator using a key generation algorithm.
In some embodiments, the second key parameter comprises a public parameter and an access private key of the data acquisition end; the access private key is generated by a key generator according to a master key and a key generation instruction by adopting a key generation algorithm.
In some embodiments, the data acquisition end is further configured to:
and verifying the authenticity of the data plaintext according to the hash digest which is stored in the block chain and corresponds to the data plaintext.
In a second aspect, the present application further provides a method for sharing data outside a blockchain based on time-limited access, where the method corresponds to the system in the first aspect, and the method includes:
the data providing end acquires a shared data request sent by the data acquiring end; the shared data request comprises data information stored in a basic storage area of an out-of-chain storage area by a data providing end and identity information of a data acquiring end;
the data providing end verifies the shared data request;
if the verification is successful, the data providing end generates a key generation instruction according to the shared data request and sends the key generation instruction to the key generator; if the verification is not successful, the data providing end sends refusing request information to the data obtaining end;
the data providing end decrypts the shared data stored in the basic storage area according to the first key parameter sent by the key generator to obtain a data plaintext; the first key parameter comprises a public parameter and a master key; the shared data is obtained by locally generating a symmetric key by a data providing end and encrypting the data to be authorized by the symmetric key;
the data providing end uses the first key parameter, the data acquisition end information and the limited duration to encrypt the data plaintext to obtain an encrypted ciphertext and stores the encrypted ciphertext in an authorized access area of the out-of-link storage area;
the data acquisition end decrypts the encrypted ciphertext according to the second key parameter sent by the key generator to obtain a data plaintext of the data to be authorized; the second key parameter comprises a public parameter and an access private key of the data acquisition end; the access private key is generated by a key generator according to a master key and a key generation instruction by adopting a key generation algorithm.
In some embodiments, the method further comprises:
and the data acquisition end verifies the authenticity of the data plaintext according to the hash abstract which is stored in the block chain and corresponds to the data plaintext.
In some embodiments, the method further comprises:
and when the time length of the encrypted ciphertext in the authorized access area reaches the limited time length, deleting the encrypted ciphertext by the out-of-chain storage area.
The application provides a block chain external storage system based on time-limited access, which comprises a plurality of nodes in a block chain foundation network, an external storage area, a data providing end and a data acquiring end, wherein the data providing end and the data acquiring end are respectively connected with the nodes and the external storage area; the out-of-chain storage area comprises a basic storage area and an authorized access area; the node is further configured with a key generator; according to the method and the device, the time limit parameter is added to the authorization key, the appointed authorization access area is set, the data provider can set the effective time limit of the authorization key according to the actual situation, the data acquisition end acquires the authorization data under the controllable condition, the data safety is guaranteed to be controllable, the storage key is only owned by the data provider, the third party is prevented from being tampered randomly, and the data privacy and the data safety are guaranteed.
Drawings
In order to more clearly explain the technical solution of the present application, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious to those skilled in the art that other drawings can be obtained according to the drawings without any creative effort.
Fig. 1 is a block chain out-of-chain storage system structure diagram based on time-limited access provided in the present application;
FIG. 2 is a schematic diagram of the operation of the system provided herein;
fig. 3 is a flowchart of a block out-of-chain storage method based on time-limited access according to the present application.
Detailed Description
Referring to fig. 1, a block chain out-of-chain storage system based on time-limited access is provided in the present application;
as can be seen from fig. 1, the system of the present application includes:
an off-chain storage area 1, wherein the off-chain storage area 1 comprises a base storage area 11 and an authorized access area 12; in the present embodiment, the basic storage area 11 is used to provide data storage outside the blockchain network, where storage generally refers to permanent storage, that is, unless a user or an off-chain storage area has a delete instruction to delete the data, the stored data will not be changed; the authorized access area 12 is used for data storage for providing temporary authorized access, when an authorized access operation is about to occur, data is stored in the space by a client providing data, and the client authorized to access logs in the authorized access area within a specified time length to complete some operations. It should be noted that, in order to ensure data security, in this embodiment, the data stored in both the base storage area 11 and the authorized access area 12 is encrypted data in the form of ciphertext.
The system also comprises a plurality of nodes 2 in the block chain basic network, each node 2 can be connected with a client for executing operation by a user, and according to different requirements of the clients, the clients are divided into a data providing end 3 (a client for providing authorized access data) and a data acquiring end 4 (a client for applying for authorized access data) in the embodiment; for the same client, it may be the data provider 3 or the data acquirer 4, depending on its role in operation. The data providing end 3 and the data obtaining end 4 can obtain data by chaining the data or from the chain through the node where the data providing end 3 can connect the base storage area 11 and the authorized access area 12 respectively for storing the data; for the data acquisition terminal 4, it may be connected to the authorized access area 12 for acquiring data authorized to be accessed.
In the present embodiment, each node 2 location is further configured with a key generator 21, and the key generator (KeyGen) is commonly maintained and supervised by each node of the blockchain, and the operations performed by the key generator are automatically performed by the smart contract, and the access records are uplink-stored; the key generator is configured with an initialization algorithm Setup and a key generation algorithm KeyGen.
The working principle of the system provided by the present application can be illustrated by the flow chart shown in fig. 2:
as a data provider, before it performs authorized access, it needs to ensure that at least a data file is stored in the out-of-chain storage area, so it can be configured to perform the following steps:
in order to store the Data to be authorized in the basic storage area, a Data owner a of the Data providing end can extract an abstract of own Data (marked as Data _ a) through hash operation, then locally generate a symmetric key K, Encrypt the Data to be authorized (Data required to be stored in advance) through the symmetric key K to obtain encrypted Data and mark the encrypted Data as Encrypt (Data _ a, K), and store the encrypted Data in the basic storage area; at this time, the base storage area may feed back the address URL of the encrypted data in the base storage area to the data providing end for the subsequent uplink operation.
After the Data _ A to be authorized is stored in the basic storage area, the Data providing end needs to store the address information URL of the Data to be authorized in the basic storage area and the hash abstract of the Data to be authorized through node chaining; the storage related information of the data to be authorized can be traced and cannot be tampered, and the uplink data can also be used for verifying the authenticity of the authorized data.
Other users in the blockchain network need to send a Request for accessing Data to the Data provider if they want to access Data _ a, specifically, the user can send a Request through the Data acquirer, where the Request at least needs to include information of the user sending the Request, information of Data that wants to acquire authorization, information of the destination user, and so on, and for example, the Request can be written as (a, Data _ a, Request _ for _ Data);
after receiving the request sent by the data acquisition end, the data providing end can firstly verify the request, on one hand, verify the identity of the user, on the other hand, judge whether the requirement of authorized access is met or not, or whether the data contained in the request is stored or not; for the verification of the request, a certain threshold condition may be set for comparison to obtain a result, or a user of the data providing end may input a verification result, such as approval or disapproval of the authorization; if the request passes the verification, the subsequent steps can be executed, and a key generation instruction is sent to the key generator; if the authentication is not passed, the data providing terminal refuses the authorization, and then refusing request information can be sent to the data acquisition terminal.
After the verification is passed, the data providing terminal can generate a key generation instruction according to the request; the key generation instruction is parameter information of a limited Time length added on the basis of the previous request, namely the sent information is a quadruple (KeyGen, B, Time, request _ for _ SK _ B); KeyGen is the target of the request, B is the request authorizer, Time is the limited duration and represents the validity period of authorization, and SK _ B is the private key of the request generation B.
After receiving the key generation instruction, the key generator generates key parameters according to information in the key generation instruction, where a first key parameter is to be sent to the data providing end first, and in this embodiment, the first key parameter includes a public parameter; the common parameter is generated by a key generator using a key generation algorithm. For example, after receiving the quadruplet information (KeyGen, B, Time, request _ for _ SK _ B) of the user a, the key generator generates a public parameter PK that is externally disclosed and a master key MSK that is known only by KeyGen through a system parameter initialization algorithm Setup (λ), where λ is a security parameter and is related to the size of a plaintext space and a ciphertext space generated by the encryption system.
After the first key parameter is sent to the data providing end, the second key parameter is sent to the data acquiring end; in this embodiment, the second key parameter includes a public parameter and an access private key of the data obtaining end; the access private key is generated by a key generator according to a master key and a key generation instruction by adopting a key generation algorithm. For example, the key generator generates an access private key SK _ B of the user B using a key generation algorithm KeyGen (MSK, PK, B, Time), and then sends the public parameter PK and the access private key SK _ B of B to the user B.
Then, after receiving the first key parameter, the Data providing end decrypts the Data (Data _ a, K) to be authorized stored in the basic storage area according to the storage key K in the first key parameter, so as to obtain the plaintext of the Data _ a; encrypting the Data plaintext Data _ A by using a first key parameter PK, Data acquisition end information B and a limited duration Time to obtain an encrypted ciphertext M and storing the encrypted ciphertext M in the authorized access area;
similarly, after the Data acquisition end receives the second key parameter, the Data acquisition authorization area can be logged in to execute the Data acquisition operation, specifically, the encrypted ciphertext can be decrypted according to the second key parameter, and Data _ a is obtained through a decryption algorithm Decrypt (PK, M, SK _ B), namely the Data plaintext of the Data to be authorized is obtained;
in this embodiment, the authority of the user B to log in the authorized access area is not permanent, but is controlled by a limited Time, and when the limited Time is reached, the user B cannot be authorized to access, so the out-of-chain storage area is configured to: and when the limited time length is reached, deleting the encrypted ciphertext M in the authorized access area.
Further, in some embodiments, since the user a stores the address information URL of the Data to be authorized in the base storage area and the hash digest of the Data to be authorized in the node uplink in the foregoing step during storage, after obtaining the Data plaintext, the user B may verify the authenticity and validity of the Data _ a Data through the hash digest stored in the block chain.
According to the technical scheme, the block chain external storage system based on the time-limited access comprises a plurality of nodes in a block chain basic network, an external chain storage area, a data providing end and a data acquiring end, wherein the data providing end and the data acquiring end are respectively connected with the nodes and the external chain storage area; the out-of-chain storage area comprises a basic storage area and an authorized access area; the node is further configured with a key generator; according to the method and the device, the time limit parameter is added to the authorization key, the appointed authorization access area is set, the data provider can set the effective time limit of the authorization key according to the actual situation, the data acquisition end acquires the authorization data under the controllable condition, the data safety is guaranteed to be controllable, the storage key is only owned by the data provider, the third party is prevented from being tampered randomly, and the data privacy and the data safety are guaranteed.
Corresponding to the above system, the present application further provides a block chain external storage method based on time-limited access, which is shown in fig. 3 and is a flowchart of the block chain external storage method based on time-limited access provided by the present application;
as can be seen from fig. 3, the method of the present application includes:
s100: the data providing end acquires a shared data request sent by the data acquiring end; the shared data request comprises data information stored in a basic storage area of an out-of-chain storage area by a data providing end and identity information of a data acquiring end;
s200: the data providing end verifies the shared data request;
s310: if the verification is successful, the data providing end generates a key generation instruction according to the shared data request and sends the key generation instruction to the key generator; s320: if the verification is not successful, the data providing end sends refusing request information to the data obtaining end;
s400: the data providing end decrypts the shared data stored in the basic storage area according to the first key parameter sent by the key generator to obtain a data plaintext; the first key parameter comprises a public parameter and a master key; the shared data is obtained by locally generating a symmetric key by a data providing end and encrypting the data to be authorized by the symmetric key;
s500: the data providing end uses the first key parameter, the data acquisition end information and the limited duration to encrypt the data plaintext to obtain an encrypted ciphertext and stores the encrypted ciphertext in an authorized access area of the out-of-link storage area;
s600: the data acquisition end decrypts the encrypted ciphertext according to the second key parameter sent by the key generator to obtain a data plaintext of the data to be authorized; the second key parameter comprises a public parameter and an access private key of the data acquisition end; the access private key is generated by a key generator according to a master key and a key generation instruction by adopting a key generation algorithm.
Further, the method further comprises:
s700: and the data acquisition end verifies the authenticity of the data plaintext according to the hash abstract which is stored in the block chain and corresponds to the data plaintext.
Further, the method further comprises:
s800: and when the time length of the encrypted ciphertext in the authorized access area reaches the limited time length, deleting the encrypted ciphertext by the out-of-chain storage area.
The functions and effects of the method steps in this embodiment can be referred to the description in the system embodiment, and are not described herein again.
Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the invention and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the invention being indicated by the following claims.
Claims (9)
1. A block chain external storage system based on time-limited access comprises a plurality of nodes in a block chain basic network, an external chain storage area, a data providing end and a data acquiring end, wherein the data providing end and the data acquiring end are respectively connected with the nodes and the external chain storage area; wherein the out-of-chain storage area comprises a base storage area and an authorized access area; the node is further configured with a key generator;
the data provider is configured to: storing the data to be authorized to the basic storage area, and storing the address information of the data to be authorized in the basic storage area and the hash abstract of the data to be authorized through node uplink; generating a key generation instruction according to a request sent by a data acquisition end; the key generation instruction comprises a defined duration;
the key generator is configured to: according to the key generation instruction, sending the first key parameter to a data providing end and sending the second key parameter to a data acquisition end;
the data provider is further configured to: decrypting the data to be authorized stored in the basic storage area according to the first key parameter to obtain a data plaintext; encrypting the data plaintext by using a first key parameter, data acquisition end information and a limited duration to obtain an encrypted ciphertext and storing the encrypted ciphertext in the authorized access area;
the data acquisition end is configured to: decrypting the encrypted ciphertext according to the second key parameter to obtain a data plaintext of the data to be authorized;
the off-chain storage area is configured to: and when the limited duration is reached, deleting the encrypted ciphertext in the authorized access area.
2. The system of claim 1,
the data provider is further configured to: generating a symmetric key locally, encrypting the data to be authorized by the symmetric key to obtain encrypted data, and storing the encrypted data in a basic storage area; and receiving address information stored by the encrypted data fed back by the basic storage area.
3. The system of claim 1, wherein the data provider is further configured to:
verifying the request sent by the data acquisition end, and if the request passes the verification, sending a key generation instruction to a key generator; and if the verification is not passed, sending refusal request information to the data acquisition terminal.
4. The system of claim 1, wherein the first key parameter comprises a public parameter; the common parameter is generated by a key generator using a key generation algorithm.
5. The system of claim 4, wherein the second key parameter comprises a public parameter and an access private key of the data acquisition end; the access private key is generated by a key generator according to a master key and a key generation instruction by adopting a key generation algorithm.
6. The system of claim 1, wherein the data acquisition end is further configured to:
and verifying the authenticity of the data plaintext according to the hash digest which is stored in the block chain and corresponds to the data plaintext.
7. A method for sharing data outside a blockchain based on time-limited access, the method comprising:
the data providing end acquires a shared data request sent by the data acquiring end; the shared data request comprises data information stored in a basic storage area of an out-of-chain storage area by a data providing end and identity information of a data acquiring end;
the data providing end verifies the shared data request;
if the verification is successful, the data providing end generates a key generation instruction according to the shared data request and sends the key generation instruction to the key generator; if the verification is not successful, the data providing end sends refusing request information to the data obtaining end;
the data providing end decrypts the shared data stored in the basic storage area according to the first key parameter sent by the key generator to obtain a data plaintext; the first key parameter comprises a public parameter and a master key; the shared data is obtained by locally generating a symmetric key by a data providing end and encrypting the data to be authorized by the symmetric key;
the data providing end uses the first key parameter, the data acquisition end information and the limited duration to encrypt the data plaintext to obtain an encrypted ciphertext and stores the encrypted ciphertext in an authorized access area of the out-of-link storage area;
the data acquisition end decrypts the encrypted ciphertext according to the second key parameter sent by the key generator to obtain a data plaintext of the data to be authorized; the second key parameter comprises a public parameter and an access private key of the data acquisition end; the access private key is generated by a key generator according to a master key and a key generation instruction by adopting a key generation algorithm.
8. The method of claim 7, further comprising:
and the data acquisition end verifies the authenticity of the data plaintext according to the hash abstract which is stored in the block chain and corresponds to the data plaintext.
9. The method of claim 7, further comprising:
and when the time length of the encrypted ciphertext in the authorized access area reaches the limited time length, deleting the encrypted ciphertext by the out-of-chain storage area.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011332711.0A CN112149184A (en) | 2020-11-25 | 2020-11-25 | Block chain external storage system and method based on time-limited access |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011332711.0A CN112149184A (en) | 2020-11-25 | 2020-11-25 | Block chain external storage system and method based on time-limited access |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112149184A true CN112149184A (en) | 2020-12-29 |
Family
ID=73887367
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011332711.0A Pending CN112149184A (en) | 2020-11-25 | 2020-11-25 | Block chain external storage system and method based on time-limited access |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112149184A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112651037A (en) * | 2020-12-31 | 2021-04-13 | 深圳前海微众银行股份有限公司 | Off-chain data access method and system of block chain system |
CN113407627A (en) * | 2021-06-17 | 2021-09-17 | 安徽师范大学 | Intelligent medical network system based on block chain and medical data sharing method |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108683626A (en) * | 2018-03-15 | 2018-10-19 | 众安信息技术服务有限公司 | A kind of data access control method and device |
US10310760B1 (en) * | 2018-05-21 | 2019-06-04 | Pure Storage, Inc. | Layering communication fabric protocols |
CN110457875A (en) * | 2019-07-31 | 2019-11-15 | 阿里巴巴集团控股有限公司 | Data grant method and device based on block chain |
-
2020
- 2020-11-25 CN CN202011332711.0A patent/CN112149184A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108683626A (en) * | 2018-03-15 | 2018-10-19 | 众安信息技术服务有限公司 | A kind of data access control method and device |
US10310760B1 (en) * | 2018-05-21 | 2019-06-04 | Pure Storage, Inc. | Layering communication fabric protocols |
CN110457875A (en) * | 2019-07-31 | 2019-11-15 | 阿里巴巴集团控股有限公司 | Data grant method and device based on block chain |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112651037A (en) * | 2020-12-31 | 2021-04-13 | 深圳前海微众银行股份有限公司 | Off-chain data access method and system of block chain system |
WO2022142790A1 (en) * | 2020-12-31 | 2022-07-07 | 深圳前海微众银行股份有限公司 | Out-of-chain data access method and system of block chain system |
CN112651037B (en) * | 2020-12-31 | 2024-01-16 | 深圳前海微众银行股份有限公司 | Out-of-chain data access method and system for block chain system |
CN113407627A (en) * | 2021-06-17 | 2021-09-17 | 安徽师范大学 | Intelligent medical network system based on block chain and medical data sharing method |
CN113407627B (en) * | 2021-06-17 | 2024-03-01 | 安徽师范大学 | Block chain-based intelligent medical network system and medical data sharing method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110855671B (en) | Trusted computing method and system | |
CN111935080B (en) | Data sharing method and device of block chain, computer equipment and storage medium | |
CN108768988B (en) | Block chain access control method, block chain access control equipment and computer readable storage medium | |
CN109120639B (en) | Data cloud storage encryption method and system based on block chain | |
CN108632292B (en) | Data sharing method and system based on alliance chain | |
US7688975B2 (en) | Method and apparatus for dynamic generation of symmetric encryption keys and exchange of dynamic symmetric key infrastructure | |
CN113067699B (en) | Data sharing method and device based on quantum key and computer equipment | |
CN108880995B (en) | Block chain-based unfamiliar social network user information and message pushing encryption method | |
CN103248479A (en) | Cloud storage safety system, data protection method and data sharing method | |
CN104917759A (en) | Third-party-based safety file storage and sharing system and method | |
CN113420319A (en) | Data privacy protection method and system based on block chain and permission contract | |
CN110995418A (en) | Cloud storage authentication method and system, edge computing server and user router | |
CN112532580B (en) | Data transmission method and system based on block chain and proxy re-encryption | |
KR20210058313A (en) | Data access control method and system using attribute-based password for secure and efficient data sharing in cloud environment | |
CN112149184A (en) | Block chain external storage system and method based on time-limited access | |
CN114679340A (en) | File sharing method, system, device and readable storage medium | |
US10764260B2 (en) | Distributed processing of a product on the basis of centrally encrypted stored data | |
CN114154181A (en) | Privacy calculation method based on distributed storage | |
CN114389804B (en) | Intelligent terminal control method and device, electronic equipment and storage medium | |
CN114157488B (en) | Key acquisition method, device, electronic equipment and storage medium | |
CN110086627B (en) | Quantum communication service station key negotiation method and system based on asymmetric key pool pair and time stamp | |
RU2386220C2 (en) | Method and device for authentication and confidentiality | |
JP2000112860A (en) | Method for safe information transmitting/sharing service | |
CN113656365B (en) | Block chain-based data sharing method and system | |
CN116827653B (en) | Data encryption and authorization management method based on Hyperledger Fabric alliance chain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201229 |
|
RJ01 | Rejection of invention patent application after publication |