CN112632574A - Multi-mechanism data processing method and device based on alliance chain and related equipment - Google Patents

Multi-mechanism data processing method and device based on alliance chain and related equipment Download PDF

Info

Publication number
CN112632574A
CN112632574A CN202011521525.1A CN202011521525A CN112632574A CN 112632574 A CN112632574 A CN 112632574A CN 202011521525 A CN202011521525 A CN 202011521525A CN 112632574 A CN112632574 A CN 112632574A
Authority
CN
China
Prior art keywords
node
ciphertext
user
sequence code
acquiring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011521525.1A
Other languages
Chinese (zh)
Inventor
陈贝
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Smart Technology Co Ltd
OneConnect Financial Technology Co Ltd Shanghai
Original Assignee
OneConnect Financial Technology Co Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Financial Technology Co Ltd Shanghai filed Critical OneConnect Financial Technology Co Ltd Shanghai
Priority to CN202011521525.1A priority Critical patent/CN112632574A/en
Publication of CN112632574A publication Critical patent/CN112632574A/en
Priority to PCT/CN2021/125594 priority patent/WO2022134812A1/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Mathematical Physics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a multi-mechanism data processing method based on an alliance chain, which is applied to the technical field of block chains and is used for solving the technical problem that mechanisms authorized by a user are allowed to inquire sensitive data on the chain while the privacy of the user is protected in the prior art. The method provided by the invention comprises the following steps: acquiring a sequence code input by a user; judging whether the local end node equipment meets the condition of acquiring the ciphertext by using an intelligent contract preset by the alliance chain; if the local end node equipment meets the condition of acquiring the ciphertext, acquiring the ciphertext from the alliance chain, encrypting the historical data according to the sequence code and an original secret key generated by a preset encryption algorithm to obtain the ciphertext, and encrypting the historical data through a first legal node to obtain the ciphertext; acquiring the preset encryption algorithm from the intelligent contract; encrypting the sequence code input by the user through the encryption algorithm to obtain the original secret key; and decrypting the ciphertext through the original secret key to obtain the historical data of the user.

Description

Multi-mechanism data processing method and device based on alliance chain and related equipment
Technical Field
The present invention relates to the field of block chain technologies, and in particular, to a method and an apparatus for processing multi-mechanism data based on an alliance chain, a computer device, and a storage medium.
Background
There are currently some blockchain based systems that serve users through a pair of multiple modes, such as a bank's credit system, so called one-to-many modes, i.e., single organization to multiple customers. In a practical scenario such as financial loan, a client often has more capital requirements due to business expansion, consumption upgrade and the like, when the client wants to seek for refinancing, the client often wants to change his bank to carry out loan due to objective reasons such as the fact that the condition of in-line refinancing is not met or the interest rate of the client is lower, and other banks need to spend repeated resources to carry out the same background investigation and wind control screening on the client. With the advent of the blockchain concept, blockchain-based multi-institution loan services have emerged.
The block chain is divided into a public chain, an alliance chain and a private chain, wherein the alliance chain can realize information opening in a certain range, each writing is recorded in a case, high information security is guaranteed through an encryption algorithm, and the block chain-based multi-mechanism loan system is suitable for enterprises.
In the current big data era, the attention of users to personal privacy is higher and higher, personal information and transaction data on a blockchain belong to highly sensitive information, and are not authorized by clients and can not be viewed and used absolutely, the prior alliance chain technology lacks a relevant solution for authorizing and authenticating privacy data on the basis of authenticating the transaction data, and a method for inquiring the sensitive data on the chain by an organization which protects the privacy of the users and allows the authorization of the users is urgently needed.
Disclosure of Invention
The embodiment of the invention provides a multi-mechanism data processing method and device based on a alliance chain, computer equipment and a storage medium, and aims to solve the problem that mechanisms authorized by a user are allowed to inquire sensitive data on the chain while user privacy is protected in the prior art.
A multi-mechanism data processing method based on a alliance chain is applied to node equipment on the alliance chain, and the method comprises the following steps:
acquiring a sequence code input by a user, wherein the sequence code is obtained by encrypting and transforming historical data input by the user through a first legal node on a alliance chain;
judging whether the local end node equipment meets the condition of acquiring the ciphertext by using an intelligent contract preset by the alliance chain;
if the local end node equipment meets the condition of acquiring the ciphertext, acquiring the ciphertext from the alliance chain, encrypting the historical data according to the sequence code and an original secret key generated by a preset encryption algorithm to obtain the ciphertext, and encrypting the historical data through the first legal node to obtain the ciphertext;
acquiring the preset encryption algorithm from the intelligent contract;
encrypting the sequence code input by the user through the encryption algorithm to obtain the original secret key;
and decrypting the ciphertext through the original secret key to obtain the historical data of the user.
A federation chain-based multi-enterprise data processing apparatus comprising:
the system comprises a sequence code acquisition module, a sequence code acquisition module and a data processing module, wherein the sequence code acquisition module is used for acquiring a sequence code input by a user, and the sequence code is obtained by encrypting and transforming historical data input by the user through a first legal node on a alliance chain;
the judging module is used for judging whether the local end node equipment meets the condition of acquiring the ciphertext by using an intelligent contract preset by the alliance chain;
the ciphertext obtaining module is used for obtaining the ciphertext from the alliance chain if the local node equipment meets the condition of obtaining the ciphertext, the ciphertext is obtained by encrypting the historical data according to the sequence code and an original secret key generated by a preset encryption algorithm, and the ciphertext is obtained by encrypting the historical data through the first legal node;
the encryption algorithm obtaining module is used for obtaining the preset encryption algorithm from the intelligent contract;
the encryption module is used for encrypting the sequence code input by the user through the encryption algorithm to obtain the original secret key;
and the decryption module is used for decrypting the ciphertext through the original secret key to obtain the historical data of the user.
A computer device comprising a memory, a processor and a computer program stored in said memory and executable on said processor, said processor implementing the steps of the above-mentioned federation chain-based multi-chassis data processing method when executing said computer program.
A computer-readable storage medium, storing a computer program which, when executed by a processor, implements the steps of the above-described federation chain-based multi-enterprise data processing method.
The invention provides a multi-mechanism data processing method, a device, computer equipment and a storage medium based on a alliance chain, which are characterized in that a sequence code is obtained by encrypting and transforming historical data input by a user through a first legal node on the alliance chain, the sequence code is provided for the user, when the user processes a transaction on local end node equipment, the sequence code is input to the local end node equipment, namely, the sequence code is used for authorizing a corresponding transaction processed by the local end node equipment, the local end node equipment judges whether the local end node equipment meets the condition of acquiring a ciphertext by using an intelligent contract preset by the alliance chain after receiving the sequence code, if so, the ciphertext is acquired from the alliance chain, then the sequence code is encrypted by a preset encryption algorithm acquired from the intelligent contract to obtain an original secret key, and as the ciphertext is obtained by encrypting the historical data through the first legal node, the historical data is obtained according to the sequence code and the original secret key generated by the preset encryption algorithm, so that the original secret key obtained by encrypting the sequence code input by the user through the encryption algorithm is the same as the original secret key of the historical data encrypted by the first legal node, and the original secret key obtained by the local node equipment can decrypt the ciphertext to obtain the historical data. By the scheme provided by the invention, if the client serial number is leaked carelessly, the client serial number is acquired by an organization outside the alliance chain, a CA certificate which is issued by the organization without a central node cannot pass node legal verification of an intelligent contract, and the historical data of a user is safe; if the mechanism node equipment is judged to have the authority of acquiring the ciphertext through the intelligent contract but cannot provide the sequence code, the mechanism can acquire the ciphertext but cannot decrypt the ciphertext, and the historical data of the user is safe.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive labor.
FIG. 1 is a schematic diagram of an application environment of a federation chain-based multi-enterprise data processing method according to an embodiment of the present invention;
FIG. 2 is a flowchart of a federation chain-based multi-enterprise data processing method in an embodiment of the present invention;
FIG. 3 is a further flowchart of step S102 of FIG. 2 according to an embodiment of the present invention;
FIG. 4 is a block diagram of a multi-enterprise data processing apparatus based on a federation chain according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of a computer device according to an embodiment of the invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a schematic diagram of an application environment of a multi-mechanism data processing method based on a federation chain in an embodiment of the present invention, which can be applied to the application environment of fig. 1, wherein a blockchain is composed of a plurality of nodes capable of communicating with each other, each node can be regarded as a block storage, each block storage is used for storing data, all data is contained between each data node, the block storage data has a complete history record and can be rapidly restored and expanded, a regional chain is divided into a public chain, a private chain and a federation chain, the public chain is open for any node, everyone can participate in the blockchain calculation, and anyone can download and obtain complete blockchain data, the private chain is some blockchains and does not want anyone to participate in the system, the block chain backup system is not disclosed externally, and is suitable for internal data management and audit or open test of a specific organization, the authority of each node is completely equivalent in a alliance chain, people can realize trusted exchange of data without complete mutual trust, each node of the alliance chain is generally organized by a corresponding entity organization, the node can be added into and quit the network after authorization, in the process of using the whole block chain backup system, a hash function, a public key of a sender and a private key of the sender are required to be signed by using digital, the digital signature designs a hash function, the public key of the sender and a private key of the sender, the block chain has a complete distributed storage characteristic, and the basic data is actually stored in a larger network data while a data structure in a 'hash algorithm' form is used for storing basic data.
Fig. 2 is a flowchart of a multi-enterprise data processing method based on federation chain in an embodiment of the present invention, and in an embodiment, as shown in fig. 2, a multi-enterprise data processing method based on federation chain is provided, which is described by taking the method applied to a node device on the federation chain in fig. 1 as an example, and includes the following steps S101 to S106.
S101, acquiring a sequence code input by a user, wherein the sequence code is obtained by encrypting and transforming historical data input by the user through a first legal node on a alliance chain.
The first legal node is a node on the alliance chain, and the first legal node is different from the node equipment. In a use scenario, for example, a user finds two banks in turn for loan, the devices for processing loan requests of the two banks are deployed in the same alliance chain, the device for processing loan requests of the bank found in turn can be understood as a first legal node in the scheme, the device for processing loan requests of the second bank found in turn can be understood as a node device in the scheme, and if the user finds the nth bank for processing loan requests in turn, the device for processing loan requests of the nth bank can be understood as a node device in the scheme.
Further, the history data includes information such as the user's name, identification number, and/or loan information.
Further, the step of obtaining the serial code by encrypting and transforming the historical data input by the user by the first legal node comprises:
performing salting rainbow table attack prevention processing on the historical data to obtain encrypted data;
generating a serial code of the encrypted data through a Hash algorithm;
and sending the sequence code of the encrypted data to a user.
The Rainbow table (Rainbow Tables) is a large set of hash values which are pre-calculated according to various possible letter combinations, various passwords can be quickly cracked by the Rainbow table, and the original data is subjected to salt addition encryption through algorithms such as MD5 and the like, so that the encrypted original data can be prevented from being attacked and cracked by the Rainbow table.
And S102, judging whether the local end node equipment meets the condition of acquiring the ciphertext by using an intelligent contract preset by the alliance chain.
One usage scenario according to the present embodiment is for example: the method comprises the steps that a user Zusanli successively finds two banks for loan, devices for processing loan requests of the two banks are legal nodes in the same alliance chain, Zusanli firstly finds a first bank for processing a loan request and obtains a serial code sent by the first bank to Zusanli, and when Zusanli finds a loan of a second bank, if a trigger node preset in an intelligent contract is approval, when a loan process of Zusanli goes to an approval process node, the device of a local end node is judged to be the legal node of the alliance chain.
Fig. 3 is a further flowchart of step S102 in fig. 2 according to an embodiment of the present invention, and as shown in fig. 3, the step S102 further includes the following steps S301 to S302.
S301, acquiring a CA (verification authority) certificate of the local end node equipment;
s302, whether the local end node equipment is registered with the central node of the alliance chain is judged according to the CA certificate of the local end node equipment, and if yes, the local end node equipment is judged to be a legal node of the alliance chain.
The CA is a certificate issuing authority, which is an authority responsible for issuing certificates, authenticating certificates, and managing issued certificates. The principle of the CA certificate is that user information and a signature of the CA are added after a user public key. The public key is part of a key pair and the other part is the private key. The public key is disclosed to the public, who can use it. The private key is known only to itself. Information encrypted by a public key can only be decrypted by the private key corresponding thereto. To ensure that only one person can read his/her own message, the sender encrypts the message with the public key of the recipient; the recipient can decrypt the message with its own private key. Similarly, in order to verify the identity of the sender, the sender needs to sign the message by using the own private key; the recipient can verify the signature using the sender's public key to confirm the identity of the sender.
Further, the step S102 further includes the following steps S303 to S305.
S303, acquiring a service process node triggered by the user.
And S304, acquiring a preset trigger node from the intelligent contract.
In one embodiment, the triggering node, such as a node where the user triggers a loan approval.
S305, when the business process node is the same as the trigger node, judging that the local end node equipment meets the condition of acquiring the ciphertext.
In this embodiment, the condition that the intelligent contract made in advance by the federation chain agrees to obtain the ciphertext includes that the local node device is a legal node registered in the federation chain, and on the other hand, a service flow node triggered by the user is also required to be a trigger node agreed in the intelligent contract.
In one embodiment, the intelligent contract obtains preset trigger nodes, such as nodes for submitting loan applications by users.
S103, if the local end node equipment meets the condition of acquiring the ciphertext, acquiring the ciphertext from the alliance chain, encrypting the historical data by the ciphertext according to the sequence code and an original secret key generated by a preset encryption algorithm, and encrypting the historical data by the first legal node to obtain the ciphertext.
In one embodiment, the preset Encryption algorithm includes, but is not limited to, AES (advanced Encryption standard) advanced Encryption standard algorithm, RSA algorithm, or a combination of AES advanced Encryption standard algorithm and RSA algorithm.
In one embodiment, the preset encryption algorithm includes an AES advanced encryption standard algorithm, and the step S103 further includes:
and encrypting the sequence code input by the user through an AES advanced encryption standard algorithm to obtain the original secret key.
In other embodiments, the preset encryption algorithm includes an RSA algorithm, and the step S103 further includes:
and encrypting the serial code input by the user through an RSA algorithm to obtain the original secret key.
In other embodiments, the sequence code input by the user may also be encrypted by using the AES advanced encryption standard algorithm in combination with the RSA algorithm to obtain the original key.
It should be understood that, in this step, the original key generated by the first legal node according to the sequence code and the preset encryption algorithm is only stored in the first legal node, the original key obtained by the first legal node may be understood as a private key, the first legal node only needs to send the sequence code used for generating the original key to the user, the preset algorithm for generating the sequence code by using the original key is stored in the federation chain, and the home node device may perform the following steps to obtain the preset algorithm from the federation chain only when the condition for obtaining the ciphertext is met.
And S104, acquiring the preset encryption algorithm from the intelligent contract.
In one embodiment, the obtained preset encryption algorithm is the same as the encryption algorithm preset in step S103.
S105, the sequence code input by the user is encrypted through the encryption algorithm to obtain the original secret key.
Further, the step S105 specifically includes:
and encrypting the sequence code input by the user through an AES advanced encryption standard algorithm to obtain the original secret key.
In other embodiments, the step S105 further includes:
and encrypting the sequence code input by the user through an RSA algorithm to obtain the original secret key.
In other embodiments, the sequence code input by the user may also be encrypted by using the AES advanced encryption standard algorithm in combination with the RSA algorithm to obtain the original key.
S106, decrypting the ciphertext through the original secret key to obtain the historical data of the user.
It can be understood that the process of providing the sequence code to the local node device by the user is a condition that the historical data can be obtained through the ciphertext. The home node device may obtain the ciphertext and the preset algorithm that obtains the original key through the sequence code, and the AES advanced encryption standard may be one of them, specifically, which algorithm needs to be obtained from the chain after being authorized. The precondition of the preset algorithm for obtaining the ciphertext and obtaining the original secret key through the sequence code is as follows: the legal (CA certificate) of the local node equipment and the business process on the local node equipment are trigger processes agreed in the contract, such as the loan process triggered by the user.
The key of the scheme is also the circulation of the sequence code, the sequence code belongs to an intermediate product of historical data and an original secret key, the original data is encrypted (can be encrypted by MD 5) to obtain the sequence code, the sequence code is encrypted in a preset mode, the specific encryption mode can be an AES algorithm or other encryption algorithms, the specific algorithm is obtained from a chain only by node equipment passing authentication, the obtained original secret key encrypts the historical data to obtain a ciphertext, the original secret key is only known by a first legal node during generation, the original secret key can be understood as a private key with a conventional meaning, the ciphertext is stored in a block chain after the ciphertext is obtained, the preset algorithm for generating the original secret key (private key) by the sequence code is also required to be obtained from a contract by the local node equipment when the sequence code is obtained, the original secret key (private key) can be obtained, the authentication purpose of the scheme comprises a method for obtaining an original secret key through a sequence code besides obtaining a ciphertext.
One usage scenario according to the present embodiment is for example:
the method comprises the steps that a user applies for loan from bank _1 for the first time, after bank investigation and approval pass, after salt is added to prevent rainbow table attack based on basic information (such as name, identity card, loan information and the like) of a client, a sequence code C1 special for the client is generated through a hash algorithm, and the sequence code C1 is provided for the client to be stored;
the bank _1 encrypts the sequence code C1 according to an encryption method agreed by the alliance to generate C2 as an AES algorithm encryption key, encrypts personal information and loan information of a user to generate a ciphertext M1, and records the M1 into the alliance chain based on an alliance chain consensus mechanism to complete uplink;
the user applies for loan from bank _2 again, signs the authorization and provides the serial code C1, and bank _2 creates an order record; the bank _2 judges whether the customer has a history order in each bank of the alliance chain according to whether the customer provides the sequence code, the process of obtaining the sequence code C1 is the process of authorizing the loan data of the customer, and the bank _2 generates C2' through the sequence code C1 according to a unique secret key generation method agreed in advance;
the bank _2 initiates a request for inquiring client loan information M1, the execution of an intelligent contract is triggered, the writing logic of the intelligent contract comprises authority verification on a bank _2 node, whether the node is a legal node of a federation chain is determined by verifying a CA certificate of the bank _2, whether the bank _2 creates an order of a user and the order state is transmitted to a survey approval node, so that the client is proved to have a real loan requirement on the bank _2, and if the order meeting the condition exists, the authority verification is passed, and the inquiry request is successfully initiated.
The AES algorithm is a symmetric encryption algorithm, C2 'obtained by the same sequence code C1 through the convention algorithm transformation is consistent with an encryption key C2, so that M1 can be successfully decrypted by using C2', information of M1 is extracted and required wind control data is acquired by bank _2, and then whether the loan condition is met or not is automatically judged according to the wind control rule.
According to the scheme, if the client serial code C1 is leaked carelessly, the client serial code C1 is acquired by an organization outside a alliance chain, a CA certificate which is not issued by a central node of the organization cannot pass node legal verification of an intelligent contract, and information is safe; if the client serial code C1 is acquired by an organization in the alliance chain, the client does not apply for loan to the organization, the organization cannot create an order and transfer the order to a survey state, the authority cannot pass the authority verification of an intelligent contract, and the information is safe; if the client applies for loan from the institution in the alliance but cannot provide the serial code, the institution can pass the verification of the intelligent contract but cannot decrypt the ciphertext information, and the information is also safe.
According to the scheme, the authorization and authentication of the client data in a multi-mechanism loan scene in a block chain are concerned, the authorization problem of obtaining privacy sensitive information of a user is solved by using an authorization book and a sequence code, a solution of the data query and authentication problem on the chain is provided by using an intelligent contract check and a secret key, and the mechanism can obtain the client sensitive data only when the user has a loan requirement and the authorization content is clear. On the other hand, the AES algorithm is the most popular symmetric encryption algorithm at present, the key of the AES in the scheme is not directly transmitted, but the encryption party and the decryption party respectively process the character strings in the same sequence code, the risk that the key is intercepted and stolen in the transmission process is reduced, and the data security is further ensured. The privacy information of the client is concerned and guaranteed, the company can be helped to improve the enterprise image, the participation intention of the client on the alliance chain loan is improved, and the win-win situation is realized.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
In an embodiment, a multi-mechanism data processing apparatus based on a federation chain is provided, and the multi-mechanism data processing apparatus based on the federation chain corresponds to the multi-mechanism data processing method based on the federation chain in the above embodiment one to one. As shown in fig. 4, the alliance-chain-based multi-mechanism data processing apparatus 100 includes a serial code obtaining module 11, a judging module 12, a ciphertext obtaining module 13, an encryption algorithm obtaining module 14, an encryption module 15, and a decryption module 16. The functional modules are explained in detail as follows:
the sequence code acquisition module 11 is configured to acquire a sequence code input by a user, where the sequence code is obtained by encrypting and transforming historical data input by the user through a first legal node in a federation chain;
the judging module 12 is configured to judge whether the local node device meets a condition for obtaining the ciphertext according to an intelligent contract predefined by the federation chain;
a ciphertext obtaining module 13, configured to obtain a ciphertext from the federation chain if the home node device meets a condition for obtaining the ciphertext, where the ciphertext is obtained by encrypting the historical data according to the sequence code and an original key generated by a preset encryption algorithm, and the historical data is encrypted by the first legal node to obtain the ciphertext;
an encryption algorithm obtaining module 14, configured to obtain the preset encryption algorithm from the smart contract;
the encryption module 15 is configured to encrypt the sequence code input by the user through the encryption algorithm to obtain the original key;
and the decryption module 16 is configured to decrypt the ciphertext with the original key to obtain the historical data of the user.
Wherein the historical data includes the user's name, identification number, and/or loan information.
In one embodiment, the determining module specifically includes:
a certificate acquisition unit, configured to acquire a CA certificate of the home node device;
a first judging unit, configured to judge, according to the CA certificate of the home node device, whether the home node device has registered with the central node of the alliance chain, and if so, judge that the home node device is a legal node of the alliance chain;
a service flow node obtaining unit, configured to obtain a service flow node triggered by a user;
a trigger node obtaining unit, configured to obtain a preset trigger node from the intelligent contract;
and the second judging unit is used for judging that the local end node equipment meets the condition of acquiring the ciphertext when the business process node is the same as the trigger node.
Further, the preset encryption algorithm includes an AES advanced encryption standard algorithm, and the encryption module 15 is specifically configured to encrypt the sequence code input by the user through the AES advanced encryption standard algorithm to obtain the original key.
In other embodiments, the preset encryption algorithm includes an RSA algorithm, and the encryption module 15 is specifically configured to encrypt the serial code input by the user through the RSA algorithm to obtain the original key.
Wherein the meaning of "first" and "second" in the above modules/units is only to distinguish different modules/units, and is not used to define which module/unit has higher priority or other defining meaning. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or modules is not necessarily limited to those steps or modules explicitly listed, but may include other steps or modules not explicitly listed or inherent to such process, method, article, or apparatus, and such that a division of modules presented in this application is merely a logical division and may be implemented in a practical application in a further manner.
For specific limitations of the multi-enterprise data processing apparatus based on the federation chain, reference may be made to the above limitations of the multi-enterprise data processing method based on the federation chain, and details are not described here. The various modules in the above-described federation chain-based multi-enterprise data processing apparatus may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a terminal, and its internal structure diagram may be as shown in fig. 5. The computer device includes a processor, a memory, a network interface, a display screen, and an input device connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the computer device is used for communicating with other node devices in the alliance chain through network connection. The computer program is executed by a processor to implement a federation chain-based multi-chassis data processing method.
In one embodiment, a computer device is provided, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and the processor executes the computer program to implement the steps of the federation chain-based multi-chassis data processing method in the above-described embodiment, such as the steps 101 to 106 shown in fig. 2 and other extensions of the method and related steps. Alternatively, the processor, when executing the computer program, implements the functions of each module/unit of the multi-authority data processing apparatus based on the federation chain in the above-described embodiment, such as the functions of the modules 11 to 16 shown in fig. 4. To avoid repetition, further description is omitted here.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, etc. The general purpose processor may be a microprocessor or the processor may be any conventional processor or the like which is the control center for the computer device and which connects the various parts of the overall computer device using various interfaces and lines.
The memory may be used to store the computer programs and/or modules, and the processor may implement various functions of the computer device by running or executing the computer programs and/or modules stored in the memory and invoking data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, video data, etc.) created according to the use of the cellular phone, etc.
The memory may be integrated in the processor or may be provided separately from the processor.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored, which when executed by a processor implements the steps of the federation chain-based multi-enterprise data processing method of the embodiments described above, such as the extensions of steps 101 to 106 and other extensions and related steps of the method shown in FIG. 2. Alternatively, the computer program, when executed by the processor, implements the functions of the modules/units of the federation chain-based multi-chassis data processing apparatus in the embodiments described above, such as the functions of modules 11 to 16 shown in fig. 4. To avoid repetition, further description is omitted here.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
In the method, the apparatus, the computer device, and the storage medium for processing multi-mechanism data based on a federation chain according to this embodiment, a sequence code is obtained by encrypting and transforming historical data input by a user through a first legal node in the federation chain, and is provided to the user, when the user processes a transaction on a home-end node device, the sequence code is input to the home-end node device, that is, the sequence code indicates that the corresponding transaction processed by the home-end node device is authorized, the home-end node device determines whether the home-end node device meets a condition for obtaining a ciphertext according to an intelligent contract formulated by the federation chain after receiving the sequence code, if so, the ciphertext is obtained from the federation chain, and then the sequence code is encrypted through a preset encryption algorithm obtained from the intelligent contract to obtain an original secret key, because the ciphertext is obtained by encrypting the historical data through the first legal node, the historical data is obtained according to the sequence code and the original secret key generated by the preset encryption algorithm, so that the original secret key obtained by encrypting the sequence code input by the user through the encryption algorithm is the same as the original secret key of the historical data encrypted by the first legal node, and the original secret key obtained by the local node equipment can decrypt the ciphertext to obtain the historical data. By the scheme provided by the invention, if the client serial number is leaked carelessly, the client serial number is acquired by an organization outside the alliance chain, a CA certificate which is issued by the organization without a central node cannot pass node legal verification of an intelligent contract, and the historical data of a user is safe; if the mechanism node equipment is judged to have the authority of acquiring the ciphertext through the intelligent contract but cannot provide the sequence code, the mechanism can acquire the ciphertext but cannot decrypt the ciphertext, and the historical data of the user is safe.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present invention, and are intended to be included within the scope of the present invention.

Claims (10)

1. A multi-mechanism data processing method based on a alliance chain is applied to node equipment on the alliance chain, and the method comprises the following steps:
acquiring a sequence code input by a user, wherein the sequence code is obtained by encrypting and transforming historical data input by the user through a first legal node on a alliance chain;
judging whether the local end node equipment meets the condition of acquiring the ciphertext by using an intelligent contract preset by the alliance chain;
if the local end node equipment meets the condition of acquiring the ciphertext, acquiring the ciphertext from the alliance chain, encrypting the historical data according to the sequence code and an original secret key generated by a preset encryption algorithm to obtain the ciphertext, and encrypting the historical data through the first legal node to obtain the ciphertext;
acquiring the preset encryption algorithm from the intelligent contract;
encrypting the sequence code input by the user through the encryption algorithm to obtain the original secret key;
and decrypting the ciphertext through the original secret key to obtain the historical data of the user.
2. The multi-mechanism data processing method based on alliance chain as claimed in claim 1, wherein the step of using the intelligent contract pre-formulated by the alliance chain to judge whether the home node device meets the condition of obtaining the ciphertext comprises:
acquiring a CA certificate of the local end node equipment;
and judging whether the local end node equipment is registered with a central node of the alliance chain or not according to the CA certificate of the local end node equipment, and if so, judging that the local end node equipment is a legal node of the alliance chain.
3. The multi-mechanism data processing method based on alliance chain as claimed in claim 2, wherein after the step of determining that the home node device is a legitimate node of the alliance chain, further comprising:
acquiring a service process node triggered by a user;
acquiring a preset trigger node from the intelligent contract;
and when the business process node is the same as the trigger node, judging that the local end node equipment meets the condition of acquiring the ciphertext.
4. A multi-enterprise data processing method based on alliance chain as claimed in claim 1 wherein, the preset encryption algorithm includes AES advanced encryption standard algorithm, and the step of encrypting the sequence code inputted by user by the encryption algorithm to obtain the original key includes:
and encrypting the sequence code input by the user through an AES advanced encryption standard algorithm to obtain the original secret key.
5. A multi-authority data processing method according to claim 1, wherein the preset encryption algorithm includes an RSA algorithm, and the step of encrypting the serial code input by the user through the encryption algorithm to obtain the original key includes:
and encrypting the sequence code input by the user through an RSA algorithm to obtain the original secret key.
6. A federation chain-based multi-institution data processing method as claimed in any one of claims 1 to 5, wherein the history data comprises a user's name, identification number and/or loan information.
7. A federation chain-based multi-enterprise data processing apparatus, comprising:
the system comprises a sequence code acquisition module, a sequence code acquisition module and a sequence code conversion module, wherein the sequence code acquisition module is used for acquiring a sequence code input by a user, and the sequence code is obtained by encrypting and converting historical data input by the user through a first legal node on a alliance chain;
the judging module is used for judging whether the local end node equipment meets the condition of acquiring the ciphertext by using an intelligent contract preset by the alliance chain;
the ciphertext obtaining module is used for obtaining the ciphertext from the alliance chain if the local node equipment meets the condition of obtaining the ciphertext, the ciphertext is obtained by encrypting the historical data according to the sequence code and an original secret key generated by a preset encryption algorithm, and the ciphertext is obtained by encrypting the historical data through the first legal node;
the encryption algorithm obtaining module is used for obtaining the preset encryption algorithm from the intelligent contract;
the encryption module is used for encrypting the sequence code input by the user through the encryption algorithm to obtain the original secret key;
and the decryption module is used for decrypting the ciphertext through the original secret key to obtain the historical data of the user.
8. A multi-authority data processing apparatus over a federation chain as claimed in claim 7, wherein the determining module specifically comprises:
a certificate acquisition unit, configured to acquire a CA certificate of the home node device;
a first judging unit, configured to judge, according to a CA certificate of the home node device, whether the home node device has registered with a central node of the federation chain, and if so, judge that the home node device is a legal node of the federation chain;
a service flow node obtaining unit, configured to obtain a service flow node triggered by a user;
a trigger node obtaining unit, configured to obtain a preset trigger node from the intelligent contract;
and the second judging unit is used for judging that the local end node equipment meets the condition of acquiring the ciphertext when the business process node is the same as the trigger node.
9. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the federation chain-based multi-chassis data processing method of any one of claims 1 to 6 when executing the computer program.
10. A computer-readable storage medium, storing a computer program, wherein the computer program, when executed by a processor, implements the steps of the federation chain-based multi-enterprise data processing method of any one of claims 1 to 6.
CN202011521525.1A 2020-12-21 2020-12-21 Multi-mechanism data processing method and device based on alliance chain and related equipment Pending CN112632574A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202011521525.1A CN112632574A (en) 2020-12-21 2020-12-21 Multi-mechanism data processing method and device based on alliance chain and related equipment
PCT/CN2021/125594 WO2022134812A1 (en) 2020-12-21 2021-10-22 Consortium blockchain-based multi-institution data processing method, apparatus, and related device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011521525.1A CN112632574A (en) 2020-12-21 2020-12-21 Multi-mechanism data processing method and device based on alliance chain and related equipment

Publications (1)

Publication Number Publication Date
CN112632574A true CN112632574A (en) 2021-04-09

Family

ID=75320374

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011521525.1A Pending CN112632574A (en) 2020-12-21 2020-12-21 Multi-mechanism data processing method and device based on alliance chain and related equipment

Country Status (2)

Country Link
CN (1) CN112632574A (en)
WO (1) WO2022134812A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113746829A (en) * 2021-08-31 2021-12-03 平安银行股份有限公司 Multi-source data association method, device, equipment and storage medium
WO2022134812A1 (en) * 2020-12-21 2022-06-30 深圳壹账通智能科技有限公司 Consortium blockchain-based multi-institution data processing method, apparatus, and related device
CN114820175A (en) * 2022-06-27 2022-07-29 浙江数秦科技有限公司 Loan purpose supervision method based on block chain

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115840683B (en) * 2023-02-24 2023-05-16 浪潮电子信息产业股份有限公司 Heterogeneous alliance chain monitoring method, system, device, equipment and storage medium

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109933995B (en) * 2019-01-31 2023-04-07 广州中国科学院软件应用技术研究所 User sensitive data protection and system based on cloud service and block chain
CN111371790B (en) * 2020-03-05 2022-06-17 中国工商银行股份有限公司 Data encryption sending method based on alliance chain, related method, device and system
WO2020169126A2 (en) * 2020-06-08 2020-08-27 Alipay Labs (singapore) Pte. Ltd. Managing user authorizations for blockchain-based custom clearance services
CN112073479A (en) * 2020-08-26 2020-12-11 重庆邮电大学 Method and system for controlling de-centering data access based on block chain
CN112632574A (en) * 2020-12-21 2021-04-09 深圳壹账通智能科技有限公司 Multi-mechanism data processing method and device based on alliance chain and related equipment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022134812A1 (en) * 2020-12-21 2022-06-30 深圳壹账通智能科技有限公司 Consortium blockchain-based multi-institution data processing method, apparatus, and related device
CN113746829A (en) * 2021-08-31 2021-12-03 平安银行股份有限公司 Multi-source data association method, device, equipment and storage medium
CN114820175A (en) * 2022-06-27 2022-07-29 浙江数秦科技有限公司 Loan purpose supervision method based on block chain

Also Published As

Publication number Publication date
WO2022134812A1 (en) 2022-06-30

Similar Documents

Publication Publication Date Title
US10671733B2 (en) Policy enforcement via peer devices using a blockchain
CN108768988B (en) Block chain access control method, block chain access control equipment and computer readable storage medium
WO2020062668A1 (en) Identity authentication method, identity authentication device, and computer readable medium
US7526649B2 (en) Session key exchange
CN110995757B (en) Encryption device, encryption system, and data encryption method
CN112632574A (en) Multi-mechanism data processing method and device based on alliance chain and related equipment
US7266705B2 (en) Secure transmission of data within a distributed computer system
CN111368340A (en) Block chain-based evidence-based security verification method and device and hardware equipment
US11363033B2 (en) Time-dependent blockchain-based self-verification user authentication method
CN112822255B (en) Block chain-based mail processing method, mail sending end, receiving end and equipment
CN112766962A (en) Method for receiving and sending certificate, transaction system, storage medium and electronic device
CN110942382A (en) Electronic contract generating method and device, computer equipment and storage medium
EP2414983A1 (en) Secure data system
JPH10336172A (en) Managing method of public key for electronic authentication
US20240064009A1 (en) Distributed anonymized compliant encryption management system
EP1790116B1 (en) Method and system for managing authentication and payment for use of broadcast material
CN110086627B (en) Quantum communication service station key negotiation method and system based on asymmetric key pool pair and time stamp
CN112673591B (en) System and method for providing authorized third parties with secure key escrow access to a secret public ledger
CN110138547B (en) Quantum communication service station key negotiation method and system based on asymmetric key pool pair and serial number
CN114238915A (en) Digital certificate adding method and device, computer equipment and storage medium
CN110113152B (en) Quantum communication service station key negotiation method and system based on asymmetric key pool pair and digital signature
KR20210049421A (en) Method for processing request based on user authentication using blockchain key and system applying same
TW202101267A (en) Account data processing method and account data processing system ensuring that there is encryption protection when account data is returned to an electronic payment dealer
US20240129139A1 (en) User authentication using two independent security elements
CN113902431A (en) Block chain transaction method and device, storage medium and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40049333

Country of ref document: HK

SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination