CN112528338A - Data storage and authority management method and system based on intelligent contract - Google Patents
Data storage and authority management method and system based on intelligent contract Download PDFInfo
- Publication number
- CN112528338A CN112528338A CN202011539793.6A CN202011539793A CN112528338A CN 112528338 A CN112528338 A CN 112528338A CN 202011539793 A CN202011539793 A CN 202011539793A CN 112528338 A CN112528338 A CN 112528338A
- Authority
- CN
- China
- Prior art keywords
- user
- category label
- intelligent contract
- public
- authority
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 43
- 238000013500 data storage Methods 0.000 title claims abstract description 20
- 238000000034 method Methods 0.000 claims description 12
- 230000008859 change Effects 0.000 claims description 9
- 230000001960 triggered effect Effects 0.000 claims description 6
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a data storage and authority management method and a system based on an intelligent contract, which comprises the following steps: step M1: storing different types of notice information facing different user objects on a block chain, and classifying the different types of notice information stored on the block chain; step M2: classifying users with different authorities, and giving a user file viewing category label and a public and private key pair of the user; step M3: based on the user file viewing category label, the public key of the user is utilized to encrypt the announcement information corresponding to the user file viewing category label, and the private key of the user individual is utilized to decrypt the ciphertext to view the corresponding plaintext data; step M4: when the user authority is changed, updating a user file viewing category label and a user public and private key pair by using an intelligent contract; step M5: and the corresponding notice information is encrypted and decrypted by utilizing the updated user file to check the category label and the public and private key of the user.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a data storage and authority management method and system based on an intelligent contract.
Background
In the prior art, an intelligent contract is generally used for checking correctness and compliance, and the intelligent contract judges whether information uploaded by a user meets requirements according to a preset auditing rule, so that in the prior art (a patent with application number 201910632121.0 discloses a role access control system based on a block chain intelligent contract), the intelligent contract plays a role in judgment, but the judgment result still needs secondary auditing by an administrator, and meanwhile, the authority management of encrypted data is lacked.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a data storage and authority management method and system based on an intelligent contract.
The invention provides a data storage and authority management method based on an intelligent contract, which comprises the following steps:
step M1: storing the announcement information on the block chain, and classifying different types of announcement information which is stored on the block chain and faces different user objects;
step M2: classifying users with different authorities, and giving a user file viewing category label and a public and private key pair of the user;
step M3: based on the user file viewing category label, the public key of the user is utilized to encrypt the announcement information corresponding to the user file viewing category label, and the private key of the user individual is utilized to decrypt the ciphertext to view the corresponding plaintext data;
step M4: when the user authority is changed, updating a user file viewing category label and a user public and private key pair by using an intelligent contract;
step M5: and the corresponding notice information is encrypted and decrypted by utilizing the updated user file to check the category label and the public and private key of the user.
Preferably, the step M3 includes: and storing the encrypted ciphertext in the server.
Preferably, the intelligent contract comprises a classification management layer and an allocation layer; when the user authority changes, the user file viewing category label and the user public key in the intelligent contract classification management layer are triggered to change; and triggering the super administrator to encrypt the announcement information of the corresponding authority by using the changed user public key.
Preferably, the method further comprises the following steps: when the user authority changes, the intelligent contract classification management layer checks the category label according to the user file and informs the server to issue the encrypted data corresponding to the user.
Preferably, the announcement information, the user file viewing category label key and the user public key are stored on the blockchain node.
The invention provides a data storage and authority management system based on intelligent contracts, which comprises:
module M1: storing the announcement information on the block chain, and classifying different types of announcement information which is stored on the block chain and faces different user objects;
module M2: classifying users with different authorities, and giving a user file viewing category label and a public and private key pair of the user;
module M3: based on the user file viewing category label, the public key of the user is utilized to encrypt the announcement information corresponding to the user file viewing category label, and the private key of the user individual is utilized to decrypt the ciphertext to view the corresponding plaintext data;
module M4: when the user authority is changed, updating a user file viewing category label and a user public and private key pair by using an intelligent contract;
module M5: and the corresponding notice information is encrypted and decrypted by utilizing the updated user file to check the category label and the public and private key of the user.
Preferably, said module M3 comprises: and storing the encrypted ciphertext in the server.
Preferably, the intelligent contract comprises a classification management layer and an allocation layer; when the user authority changes, the user file viewing category label and the user public key in the intelligent contract classification management layer are triggered to change; and triggering the super administrator to encrypt the announcement information of the corresponding authority by using the changed user public key.
Preferably, the method further comprises the following steps: when the user authority changes, the intelligent contract classification management layer checks the category label according to the user file and informs the server to issue the encrypted data corresponding to the user.
Preferably, the announcement information, the user file viewing category label key and the user public key are stored on the blockchain node.
Compared with the prior art, the invention has the following beneficial effects:
1. according to the invention, the plaintext data is encrypted through the user group classification label and the user public key, so that the problems of plaintext data encryption and classification storage are solved, and meanwhile, each authority user can only check the encrypted file under the authority, so that the purpose of data privacy protection is realized;
2. the invention solves the problem of inquiring authority of the encrypted bulletin when the authority of the user changes by designing a double-layer structure of classified management and authority distribution in the intelligent contract, can automatically change the data authority accessible to the user when the authority of the user changes, endows the user with corresponding authority of decrypting files, and improves the authority control efficiency.
Drawings
Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments with reference to the following drawings:
FIG. 1 is a flow chart of a method for intelligent contract-based data storage and rights management.
Detailed Description
The present invention will be described in detail with reference to specific examples. The following examples will assist those skilled in the art in further understanding the invention, but are not intended to limit the invention in any way. It should be noted that it would be obvious to those skilled in the art that various changes and modifications can be made without departing from the spirit of the invention. All falling within the scope of the present invention.
Example 1
In the process of equity trading, different kinds of bulletin information such as temporary bulletins and periodic bulletins facing different objects exist, different bulletin types need to be classified while the information is stored in a chain, sensitive bulletin information needs to be encrypted, and bulletin decryption authority needs to be changed along with the change of user authority.
The invention provides a data storage and authority management method based on an intelligent contract, which comprises the following steps:
step M1: storing the announcement information on the block chain, and classifying different types of announcement information which is stored on the block chain and faces different user objects;
step M2: classifying users with different authorities, and giving a user file viewing category label and a public and private key pair of the user;
step M3: based on the user file viewing category label, the public key of the user is utilized to encrypt the announcement information corresponding to the user file viewing category label, and the private key of the user individual is utilized to decrypt the ciphertext to view the corresponding plaintext data;
step M4: when the user authority is changed, updating a user file viewing category label and a user public and private key pair by using an intelligent contract;
step M5: and the corresponding notice information is encrypted and decrypted by utilizing the updated user file to check the category label and the public and private key of the user.
Specifically, the step M3 includes: and storing the encrypted ciphertext in the server.
Specifically, the intelligent contract comprises a classification management layer and a distribution layer; when the user authority changes, the user file viewing category label and the user public key in the intelligent contract classification management layer are triggered to change; and triggering the super administrator to encrypt the announcement information of the corresponding authority by using the changed user public key.
Specifically, the method further comprises the following steps: when the user authority changes, the intelligent contract classification management layer checks the category label according to the user file and informs the server to issue the encrypted data corresponding to the user.
Specifically, the announcement information, the user file viewing category label key, and the user public key are stored on the blockchain node.
The invention provides a data storage and authority management system based on intelligent contracts, which comprises:
module M1: storing the announcement information on the block chain, and classifying different types of announcement information which is stored on the block chain and faces different user objects;
module M2: classifying users with different authorities, and giving a user file viewing category label and a public and private key pair of the user;
module M3: based on the user file viewing category label, the public key of the user is utilized to encrypt the announcement information corresponding to the user file viewing category label, and the private key of the user individual is utilized to decrypt the ciphertext to view the corresponding plaintext data;
module M4: when the user authority is changed, updating a user file viewing category label and a user public and private key pair by using an intelligent contract;
module M5: and the corresponding notice information is encrypted and decrypted by utilizing the updated user file to check the category label and the public and private key of the user.
Specifically, the module M3 includes: and storing the encrypted ciphertext in the server.
Specifically, the intelligent contract comprises a classification management layer and a distribution layer; when the user authority changes, the user file viewing category label and the user public key in the intelligent contract classification management layer are triggered to change; and triggering the super administrator to encrypt the announcement information of the corresponding authority by using the changed user public key.
Specifically, the method further comprises the following steps: when the user authority changes, the intelligent contract classification management layer checks the category label according to the user file and informs the server to issue the encrypted data corresponding to the user.
Specifically, the announcement information, the user file viewing category label key, and the user public key are stored on the blockchain node.
Example 2
Example 2 is a modification of example 1
Step 1: classifying users with different authorities, giving file viewing type label keys, and simultaneously respectively having individual public and private key pairs (Pubkey/Prikekey)
Step 2:
a tag for obtaining plaintext data, comprising: plain text data hash, user group Classification tag keyA/B (for classifying file permissions) and user public key Pubkey (for classifying users)
2b, encrypting the plaintext data by using the public key Pubkey of the user to obtain a ciphertext and storing the ciphertext in the server, wherein the user can decrypt the ciphertext by using the private key Prikey and check the corresponding plaintext data
And step 3: designing a classification management layer and a distribution layer in the intelligent contract, and when the user authority changes:
triggering the change of key and Pubkey in the plaintext data label in the intelligent contract classification management layer
Triggering the super administrator to encrypt the plaintext data of the corresponding authority by using the changed Pubkey
3c, informing a server to issue encrypted data corresponding to the user according to the user viewable grouping authority in the classification management layer in the intelligent contract
And 4, step 4:
corresponding to the step 3a, the plaintext data labels classified by the intelligent contracts are stored in the block chain nodes
Corresponding to the step 3b, obtaining the encrypted ciphertext, storing the encrypted ciphertext on the server, and using a private key (key) to decrypt and view by the user
The user uses a private key (key) for decryption viewing.
Those skilled in the art will appreciate that, in addition to implementing the systems, apparatus, and various modules thereof provided by the present invention in purely computer readable program code, the same procedures can be implemented entirely by logically programming method steps such that the systems, apparatus, and various modules thereof are provided in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Therefore, the system, the device and the modules thereof provided by the present invention can be considered as a hardware component, and the modules included in the system, the device and the modules thereof for implementing various programs can also be considered as structures in the hardware component; modules for performing various functions may also be considered to be both software programs for performing the methods and structures within hardware components.
The foregoing description of specific embodiments of the present invention has been presented. It is to be understood that the present invention is not limited to the specific embodiments described above, and that various changes or modifications may be made by one skilled in the art within the scope of the appended claims without departing from the spirit of the invention. The embodiments and features of the embodiments of the present application may be combined with each other arbitrarily without conflict.
Claims (10)
1. A data storage and authority management method based on intelligent contracts is characterized by comprising the following steps:
step M1: storing the announcement information on the block chain, and classifying different types of announcement information which is stored on the block chain and faces different user objects;
step M2: classifying users with different authorities, and giving a user file viewing category label and a public and private key pair of the user;
step M3: based on the user file viewing category label, the public key of the user is utilized to encrypt the announcement information corresponding to the user file viewing category label, and the private key of the user individual is utilized to decrypt the ciphertext to view the corresponding plaintext data;
step M4: when the user authority is changed, updating a user file viewing category label and a user public and private key pair by using an intelligent contract;
step M5: and the corresponding notice information is encrypted and decrypted by utilizing the updated user file to check the category label and the public and private key of the user.
2. A method for intelligent contract-based data storage and rights management according to claim 1, wherein said step M3 comprises: and storing the encrypted ciphertext in the server.
3. A method for intelligent contract-based data storage and rights management according to claim 1, wherein the intelligent contract comprises a classification management layer and a distribution layer; when the user authority changes, the user file viewing category label and the user public key in the intelligent contract classification management layer are triggered to change; and triggering the super administrator to encrypt the announcement information of the corresponding authority by using the changed user public key.
4. A method for intelligent contract-based data storage and rights management according to claim 1, further comprising: when the user authority changes, the intelligent contract classification management layer checks the category label according to the user file and informs the server to issue the encrypted data corresponding to the user.
5. The intelligent contract-based data storage and rights management method of claim 1, wherein the announcement information, the user file view category label key, and the user public key are stored on a blockchain node.
6. A smart contract-based data storage and rights management system, comprising:
module M1: storing the announcement information on the block chain, and classifying different types of announcement information which is stored on the block chain and faces different user objects;
module M2: classifying users with different authorities, and giving a user file viewing category label and a public and private key pair of the user;
module M3: based on the user file viewing category label, the public key of the user is utilized to encrypt the announcement information corresponding to the user file viewing category label, and the private key of the user individual is utilized to decrypt the ciphertext to view the corresponding plaintext data;
module M4: when the user authority is changed, updating a user file viewing category label and a user public and private key pair by using an intelligent contract;
module M5: and the corresponding notice information is encrypted and decrypted by utilizing the updated user file to check the category label and the public and private key of the user.
7. A smart contract-based data storage and rights management system according to claim 6, wherein said module M3 includes: and storing the encrypted ciphertext in the server.
8. A smart contract-based data storage and rights management system as claimed in claim 6, wherein the smart contract includes a classification management layer and a distribution layer; when the user authority changes, the user file viewing category label and the user public key in the intelligent contract classification management layer are triggered to change; and triggering the super administrator to encrypt the announcement information of the corresponding authority by using the changed user public key.
9. A smart contract-based data storage and rights management system as defined in claim 6, further comprising: when the user authority changes, the intelligent contract classification management layer checks the category label according to the user file and informs the server to issue the encrypted data corresponding to the user.
10. The smart contract-based data storage and rights management system of claim 6, wherein the announcement information, user file view category label key, and user public key are stored on blockchain nodes.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011539793.6A CN112528338A (en) | 2020-12-23 | 2020-12-23 | Data storage and authority management method and system based on intelligent contract |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011539793.6A CN112528338A (en) | 2020-12-23 | 2020-12-23 | Data storage and authority management method and system based on intelligent contract |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112528338A true CN112528338A (en) | 2021-03-19 |
Family
ID=74975965
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011539793.6A Pending CN112528338A (en) | 2020-12-23 | 2020-12-23 | Data storage and authority management method and system based on intelligent contract |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112528338A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023077445A1 (en) * | 2021-11-05 | 2023-05-11 | 富途网络科技(深圳)有限公司 | Method and apparatus for processing data in equity incentive system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050071636A1 (en) * | 2003-09-29 | 2005-03-31 | Samsung Electronics Co., Ltd. | Home network device, home network system and method for automating take ownership process |
| CN103051638A (en) * | 2013-01-09 | 2013-04-17 | 中国科学院深圳先进技术研究院 | Multimedia data encryption method and multimedia data encryption distributing system |
| CN110033258A (en) * | 2018-11-12 | 2019-07-19 | 阿里巴巴集团控股有限公司 | Business datum encryption method and device based on block chain |
| CN110046521A (en) * | 2019-04-24 | 2019-07-23 | 成都派沃特科技股份有限公司 | Decentralization method for secret protection |
-
2020
- 2020-12-23 CN CN202011539793.6A patent/CN112528338A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050071636A1 (en) * | 2003-09-29 | 2005-03-31 | Samsung Electronics Co., Ltd. | Home network device, home network system and method for automating take ownership process |
| CN103051638A (en) * | 2013-01-09 | 2013-04-17 | 中国科学院深圳先进技术研究院 | Multimedia data encryption method and multimedia data encryption distributing system |
| CN110033258A (en) * | 2018-11-12 | 2019-07-19 | 阿里巴巴集团控股有限公司 | Business datum encryption method and device based on block chain |
| CN110046521A (en) * | 2019-04-24 | 2019-07-23 | 成都派沃特科技股份有限公司 | Decentralization method for secret protection |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023077445A1 (en) * | 2021-11-05 | 2023-05-11 | 富途网络科技(深圳)有限公司 | Method and apparatus for processing data in equity incentive system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2018046008A1 (en) | Storage design method of blockchain encrypted radio frequency chip | |
| CN101587479B (en) | Database management system kernel oriented data encryption/decryption system and method thereof | |
| US7171557B2 (en) | System for optimized key management with file groups | |
| US20060236104A1 (en) | Method and apparatus for encrypting and decrypting data in a database table | |
| CN102945356B (en) | The access control method of search engine under cloud environment and system | |
| JP2007510209A (en) | How to ensure the integrity of a data record set | |
| Kumbhare et al. | Designing a secure storage repository for sharing scientific datasets using public clouds | |
| EP2819057B1 (en) | Data processing system, method of initializing a data processing system, and computer program product | |
| CN112422287B (en) | Multi-level role authority control method and device based on cryptography | |
| CN110490741B (en) | Device and method for managing data validity and controllability in block chain | |
| CN104636444A (en) | Database encryption and decryption method and device | |
| CN102402733A (en) | Diversified electronic accounting file management system and method | |
| CN103279715A (en) | Database data encryption and decryption method and device | |
| CN112822178A (en) | Business cooperative data sharing and privacy protection method based on block chain | |
| CN109284426B (en) | Multi-data document classification system based on permission level | |
| CN113326533B (en) | Electronic license service system and method based on blockchain and distributed file storage | |
| CN105825371A (en) | Method and device for processing service | |
| CN112967054B (en) | Data management method, device and equipment | |
| CN110889121A (en) | Method, server and storage medium for preventing data leakage | |
| CN112528338A (en) | Data storage and authority management method and system based on intelligent contract | |
| CN109544765A (en) | A kind of electric power lock management method and system | |
| CN114398623A (en) | Method for determining security policy | |
| CN111539014B (en) | Ethical file archiving method based on block chain | |
| US10929313B2 (en) | Method for securely and efficiently accessing connection data | |
| CN117009988A (en) | Encryption data storage and query method based on blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210319 |