CN112685789A - Method and device for processing engineering cost data and alliance chain system - Google Patents

Method and device for processing engineering cost data and alliance chain system Download PDF

Info

Publication number
CN112685789A
CN112685789A CN202110271262.1A CN202110271262A CN112685789A CN 112685789 A CN112685789 A CN 112685789A CN 202110271262 A CN202110271262 A CN 202110271262A CN 112685789 A CN112685789 A CN 112685789A
Authority
CN
China
Prior art keywords
organization
data
key
node
cost data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110271262.1A
Other languages
Chinese (zh)
Inventor
吴良顺
邓承
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuo Erzhi Lian Wuhan Research Institute Co Ltd
Original Assignee
Zhuo Erzhi Lian Wuhan Research Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhuo Erzhi Lian Wuhan Research Institute Co Ltd filed Critical Zhuo Erzhi Lian Wuhan Research Institute Co Ltd
Priority to CN202110271262.1A priority Critical patent/CN112685789A/en
Publication of CN112685789A publication Critical patent/CN112685789A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention provides a method, a device and an alliance chain system for processing project cost data, wherein the method comprises the following steps: generating a data key and encrypting the data key according to the public key of the second organization; sending the encrypted data key to a second anchor node of a second organization through a first anchor node of the first organization, wherein the second anchor node is used for sending the encrypted data key or a data key obtained by decryption according to a private key to a second client node in the second organization; and encrypting the construction cost data according to the data key, and storing the encrypted construction cost data into a block chain corresponding to the target channel. The technical scheme provided by the embodiment of the invention is based on the block chain to store and verify the construction cost data, and the data is traceable and is not easy to be tampered; based on the mixed encryption mode of public key, private key, data key, can guarantee that only the second organization that has the authority reads engineering cost data, can avoid data leakage, and the security is high.

Description

Method and device for processing engineering cost data and alliance chain system
Technical Field
The invention relates to the technical field of data processing, in particular to a method and a device for processing engineering cost data and an alliance chain system.
Background
The management of the engineering cost data relates to a multi-party main body, including entrusting parties, engineering contractors, consumable suppliers, equipment renting parties, workers and the like, and has the defects of large data volume, complex sources and data isomerization. How to store and trace data, how to protect privacy of data (particularly quotation data) providers, and how to more effectively manage data of each role are practical problems to be solved urgently.
At present, a management scheme of engineering cost data generally adopts a relational database, a NoSQL database and the like, and the traditional relational database and the NoSQL database cannot keep traces of data modification and effectively trace the source; and a reliable centralized system is needed for management, so that the trust crisis and the data security risk are easy to exist. Although the data desensitization scheme can improve the security, the desensitization scheme needs to be customized due to personalized differences in the structures and privacy protection requirements of various types of data, a large amount of manpower and material resources are consumed, and the management effect and the efficiency are poor.
Disclosure of Invention
In order to solve the existing technical problem, embodiments of the present invention provide a method, an apparatus, and an alliance chain system for processing engineering cost data.
In a first aspect, an embodiment of the present invention provides a method for processing engineering cost data, which is performed by a first client node in a first organization of a federation chain system, the method including:
generating a data key, and encrypting the data key according to a public key of a second organization, wherein the second organization is an organization which is different from the first organization in the alliance chain system and has authority to read the project cost data in the first client node, and a target channel is established between the first organization and the second organization;
sending the encrypted data key to a second anchor node of the second organization through a first anchor node of the first organization, wherein the second anchor node is used for sending the encrypted data key or the data key obtained by decryption according to a private key to a second client node in the second organization;
and encrypting the construction cost data according to the data key, sending the encrypted construction cost data to a sequencing node for sequencing, and storing the sequenced and encrypted construction cost data into a block chain corresponding to the target channel.
In a second aspect, an embodiment of the present invention further provides an apparatus for processing engineering cost data, the apparatus being located at a first client node in a first organization of a federation chain system, the apparatus comprising:
the key encryption module is used for generating a data key and encrypting the data key according to a public key of a second organization, the second organization is an organization which is different from the first organization in the alliance chain system and has a right to read the project cost data in the first client node, and a target channel is established between the first organization and the second organization;
a key sending module, configured to send the encrypted data key to a second anchor node of the second organization through a first anchor node of the first organization, where the second anchor node is configured to send the encrypted data key or the data key obtained by decryption according to a private key to a second client node in the second organization;
and the data chaining module is used for encrypting the construction cost data according to the data key and sending the encrypted construction cost data to the sequencing node for sequencing so as to store the sequenced and encrypted construction cost data into the block chain corresponding to the target channel.
In a third aspect, an embodiment of the present invention provides a federation chain system for processing project cost data, including a ranking node and a plurality of organizations, each organization including a respective at least one client node and at least one anchor node; wherein a target channel is established between a first organization and a second organization in the plurality of organizations, and the second organization has authority to read the project cost data of a first client node in the first organization;
the first client node in the first organization is used for generating a data key and encrypting the data key according to a public key of a second organization;
the first client node sends the encrypted data key to a first anchor node in the first organization, and the first anchor node forwards the encrypted data key to a second anchor node of the second organization;
the second anchor node is used for sending the encrypted data key or the data key obtained by decryption according to a private key to a second client node in the second organization;
and the first client node is also used for encrypting the construction cost data according to the data key, sending the encrypted construction cost data to the sequencing node for sequencing, and storing the sequenced and encrypted construction cost data into the block chain corresponding to the target channel.
According to the method, the device, the electronic equipment and the computer readable storage medium for processing the engineering cost data, provided by the embodiment of the invention, each node is managed by taking an organization as a unit, and the client nodes in each organization have the same identity, so that the establishment of channels among a plurality of organizations by taking the organization as a unit is facilitated, a plurality of client nodes can conveniently realize data uplink based on the channels at the same time, and the number of the channels in a alliance chain system can be reduced; reading a public key of a second organization broadcast asymmetric encryption mode of data in a target channel, and after encrypting a data key based on the public key, a first client node uploading the data sends the data key to a second client node through an anchor node of the target channel, so that the second client node can obtain an original data key after decrypting through a private key; the first client node uploads the construction cost data encrypted based on the data key to the block chain, so that the second client node decrypts the encrypted construction cost data through the data key, and thus the original construction cost data is obtained, and other nodes in the target channel which do not have the data key cannot read normally. The scheme is based on block chain storage and certification engineering cost data, and the data is traceable and is not easy to tamper; based on the mixed encryption mode of public key, private key, data key, can guarantee that only the second organization that has the authority reads engineering cost data, can avoid data leakage, and the security is high. The channels are established based on the data types, different block chains are generated to record data, the engineering cost data can be shared in a small range in a targeted mode, and the safety can be improved to a certain degree.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments or the background art of the present invention, the drawings required to be used in the embodiments or the background art of the present invention will be described below.
FIG. 1 is a block diagram of a federation chain system for processing project cost data provided by an embodiment of the present invention;
FIG. 2 is a detailed structural diagram of a federation chain system for processing project cost data according to an embodiment of the present invention;
FIG. 3 illustrates a workflow diagram for a federation chain system for processing project cost data as provided by an embodiment of the present invention;
FIG. 4 illustrates a flow chart of a method of processing project cost data provided by an embodiment of the present invention;
FIG. 5 is a schematic diagram of an apparatus for processing construction cost data according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an electronic device for executing a method for processing engineering cost data according to an embodiment of the present invention.
Detailed Description
In the description of the embodiments of the present invention, it should be apparent to those skilled in the art that the embodiments of the present invention can be embodied as methods, apparatuses, electronic devices, and computer-readable storage media. Thus, embodiments of the invention may be embodied in the form of: entirely hardware, entirely software (including firmware, resident software, micro-code, etc.), a combination of hardware and software. Furthermore, in some embodiments, embodiments of the invention may also be embodied in the form of a computer program product in one or more computer-readable storage media having computer program code embodied in the medium.
The computer-readable storage media described above may take any combination of one or more computer-readable storage media. The computer-readable storage medium includes: an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples of the computer-readable storage medium include: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only Memory (ROM), an erasable programmable read-only Memory (EPROM), a Flash Memory, an optical fiber, a compact disc read-only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any combination thereof. In embodiments of the invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, device, or apparatus.
The computer program code embodied on the computer readable storage medium may be transmitted using any appropriate medium, including: wireless, wire, fiber optic cable, Radio Frequency (RF), or any suitable combination thereof.
Computer program code for carrying out operations for embodiments of the present invention may be written in assembly instructions, Instruction Set Architecture (ISA) instructions, machine related instructions, microcode, firmware instructions, state setting data, integrated circuit configuration data, or in one or more programming languages, including an object oriented programming language, such as: java, Smalltalk, C + +, and also include conventional procedural programming languages, such as: c or a similar programming language. The computer program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be over any of a variety of networks, including: a Local Area Network (LAN) or a Wide Area Network (WAN), which may be connected to the user's computer, may be connected to an external computer.
The method, the device and the electronic equipment are described through the flow chart and/or the block diagram.
It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-readable program instructions. These computer-readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
These computer-readable program instructions may also be stored in a computer-readable storage medium that can direct a computer or other programmable data processing apparatus to function in a particular manner. Thus, the instructions stored in the computer-readable storage medium produce an article of manufacture including instruction means which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
The embodiments of the present invention will be described below with reference to the drawings.
The embodiment of the invention provides an alliance chain system for processing project cost data, which is used for managing the project cost data. Referring to fig. 1, the federation chain system includes: ordering node 1 and a plurality of organizations. Wherein each organization comprises a respective at least one client node and at least one anchor node; a target passage is established between a first tissue 10 and a second tissue 20 of the plurality of tissues; fig. 1 illustrates the federation chain system as including a first organization 10, a second organization 20, and an additional organization. Wherein the client nodes and anchor nodes in the first organization 10 are first client nodes 11 and first anchor nodes 12, respectively, and the client nodes and anchor nodes in the second organization 20 are second client nodes 21 and second anchor nodes 22, respectively. Furthermore, the second organization 20 has the right to read the project cost data of the first client node 11 in the first organization 10, i.e. if an organization does not have the right to read the project cost data of the first client node 11, the organization cannot act as the second organization 20, but the organization may join as a first organization 10 in the target channel.
In particular, the first client node 11 in the first organization 10 is arranged to generate a data key and to encrypt the data key in accordance with the public key of the second organization 20. The first client node 11 sends the encrypted data key to the first anchor node 12 in the first organization 10 and the first anchor node 12 forwards the encrypted data key to the second anchor node 22 of the second organization 20. The second anchor node 22 is adapted to send the encrypted data key or the data key decrypted from the private key to the second client node 21 in the second organization 20.
The first client node 11 is further configured to encrypt the engineering cost data according to the data key, and send the encrypted engineering cost data to the sorting node 1 for sorting, so as to store the sorted and encrypted engineering cost data in the block chain corresponding to the target channel.
In the embodiment of the present invention, the alliance chain system for processing the engineering cost data may specifically be a Fabric alliance chain, and the alliance chain system takes an organization as a unit, and can establish a Channel (Channel) between at least two organizations, where the Channel is used to implement isolation and confidentiality of data; specifically, each channel has an independent blockchain (ledger) therein, and other entities outside the channel cannot access information in the channel, thereby realizing privacy of data. Meanwhile, one or more redundant Anchor nodes (Anchor Peer) are arranged in each organization, the Anchor nodes are communication bridges between different organizations in the same channel, and in one channel, the Anchor nodes can be discovered and communicated by any other node of the channel, so that the nodes belonging to different organizations are allowed to discover other nodes in the channel. As shown in fig. 1, a target channel is provided between a first organization 10 and a second organization 20, the engineering cost data in the first client node 11 can be linked and then stored in the block chain of the target channel, and the second client node 12 can read the engineering cost data in the block chain, but other organizations not in the target channel can not read the block chain of the target channel.
Specifically, when setting the target channel, the first client node 11 may execute the target channel, or may execute the target channel by other nodes capable of establishing a channel in the federation chain system, and the execution subject is not limited in this embodiment. In this embodiment, the channels are set based on the data type of the construction cost data, so that each channel corresponds to a unique data type, that is, the construction cost data in one channel has the same data type, and the data of one data type can be divided into a plurality of channels. The data category is divided according to the identity of a client node providing project cost data, such as project cost data provided by a plate brick supplier for plate bricks and project cost data provided by a crane leasing party for crane leasing; or, the data of the vendor class is used as one large class, the data of the leaser class is used as another large class, and the specific classification manner of the data is not limited in this embodiment. At the same time, the organization having the authority to read the project cost data is the second organization 20, which also needs to be added to the target channel.
Further alternatively, the target pathway may correspond to a plurality of first organizations 10, the project cost data of each first organization 10 belonging to the same data type. For example, when there are client nodes with tile suppliers within multiple organizations, these nodes may all be considered a first organization 10. In this embodiment, since there may be more than two (e.g., three, four, etc.) organizations in a channel, it may be caused that not all organizations in the channel have permission to read the engineering cost data of a certain first organization, and in this embodiment, the engineering cost data of the first organization is prevented from being leaked through a hybrid encryption manner.
In particular, in the embodiment of the present invention, the client nodes in each organization in the federation chain system have the same identity, so as to ensure that the permissions of the client nodes in the same organization are the same or similar as much as possible. Wherein, the identity refers to the role identity related to the project cost data, such as project consignor, project contractor, equipment renter, etc. In this embodiment, the first organization is an organization that can provide the engineering cost data, and the second organization is an organization that has the right to read the corresponding engineering cost data, and at this time, a channel, that is, a target channel, can be established between the first organization and the second organization. For example, the engineering contractor needs to rent the equipment of the equipment renter, at the moment, the equipment renter needs to offer the engineering contractor with the equipment renter, the equipment renter is a first organization providing the engineering cost data, the engineering contractor is a second organization having the right to read the engineering cost data, and a passage can be established between the equipment renter and the engineering contractor; meanwhile, because there may be a plurality of equipment renters, the plurality of equipment renters may all be used as a first organization to establish a passage with the engineering contractor, or each equipment renter may establish an independent passage with the engineering contractor, which is not limited in this embodiment.
In this embodiment, after the target channel is established between the first organization 10 and the second organization 20, the second organization 20 broadcasts the public key K1, and nodes (e.g., the second client node 21, the second anchor node 22, etc.) in the second organization 20 store the private key K2 corresponding to the public key K1. The first client node 11 of the first organization 10 generates a data Key in advance, and encrypts the data Key based on the public Key K1 to obtain an encrypted data Key K1(Key), where K1 () represents that encryption processing is performed based on the public Key K1. Since nodes in the same target channel can communicate with each other through the anchor nodes of each organization, the first client node 11 can send the encrypted data Key K1(Key) to the second client node 21, specifically, to the second client node 21 sequentially through the first anchor node 12 and the second anchor node 22. Since the node in the second organization stores the private Key K2, the second anchor node 22 or the second client node 21 can decrypt the Key K1(Key) to obtain the data Key therein, i.e., K2[ K1(Key) ] = Key, where K2[ ] indicates that decryption processing is performed based on the private Key K2. In this embodiment, the second anchor node 22 may decrypt the encrypted data Key K1(Key) based on the private Key K2 to obtain the data Key, and then send the data Key to the second client node 21; alternatively, the second anchor node 22 sends the encrypted data Key K1(Key) to the second client node 21, and the second client node 21 performs decryption processing to obtain the data Key.
The first client node 11 stores the construction cost data D, and when the construction cost data D needs to be linked up, the first client node 11 encrypts the construction cost data D through the data Key, so as to generate encrypted construction cost data Key (D), wherein Key () represents that the encryption is performed based on the data Key, and is a symmetric encryption mode, that is, the data Key can be used for decrypting the encrypted construction cost data D. The first client node 11 then performs a link up operation on the encrypted project cost data key (d) to store key (d) in the block chain of the target channel. After other organizations (such as a second organization) in the target channel acquire the encrypted construction cost data Key (D), other organizations need to decrypt the encrypted construction cost data Key (D) based on the data Key Key; in the target channel, only the first organization and the second organization with the reading authority have the data Key, so that the original construction cost data D can be prevented from being read by other organizations in the target channel, and the privacy of the construction cost data D can be ensured.
Specifically, the second client node 21 is configured to receive the data key sent by the second anchor node 22, or the second client node 21 is configured to decrypt the data key according to the private key. After the first client node 11 links the encrypted construction cost data, the second client node 21 is further configured to obtain the encrypted construction cost data in the block chain, and perform decryption processing according to the data key to obtain the original construction cost data. In this embodiment, the second client node 21 may obtain the data in the block chain by querying the chain code, so as to obtain the encrypted engineering cost data Key (D), and then perform decryption processing with the data Key, so as to obtain the original engineering cost data D, i.e. Key [ Key (D) ] = D, where Key [ ] represents decryption processing based on the data Key.
In addition, in the embodiment of the present invention, the first client node 11 executes the uplink operation on the encrypted engineering cost data key (d), and needs to send the encrypted engineering cost data key (d) to the sequencing node (Orderer Peer), sequence the encrypted engineering cost data key (d) by the sequencing node 1, and then send the ordered engineering cost data key (d) to the accounting node of the target channel, and record the block chain containing the encrypted engineering cost data key (d) by the accounting node. The number of the sequencing nodes 1 is also multiple, and each organization corresponds to at least one sequencing node 1 respectively, namely, each organization has at least one sequencing node 1; in addition, a market supervision bureau and the like can be arranged as a sequencing node to participate in chain consensus. The accounting node may be a client node, an anchor node, or the like in each organization, or may be other nodes. In addition, in this embodiment, each node of the organization is divided according to functions, and if a certain node has multiple functions, it may be a plurality of nodes in this embodiment at the same time; if a node a stores the construction cost data and the node a is also an anchor point for communication with other organizations, the node a is both a client node and an anchor node.
The alliance chain system for processing the project cost data manages all nodes by taking an organization as a unit, and the client nodes in each organization have the same identity, so that the establishment of channels among a plurality of organizations by taking the organization as a unit is facilitated, the data chaining of the plurality of client nodes is facilitated to be realized simultaneously based on the channels, and the number of the channels in the alliance chain system can be reduced; reading a public key of a second organization broadcast asymmetric encryption mode of data in a target channel, and after encrypting a data key based on the public key, a first client node uploading the data sends the data key to a second client node through an anchor node of the target channel, so that the second client node can obtain an original data key after decrypting through a private key; the first client node uploads the construction cost data encrypted based on the data key to the block chain, so that the second client node decrypts the encrypted construction cost data through the data key, and thus the original construction cost data is obtained, and other nodes in the target channel which do not have the data key cannot read normally. The alliance chain system is based on block chain storage certification engineering cost data, and the data is traceable and is not easy to be tampered; based on the mixed encryption mode of public key, private key, data key, can guarantee that only the second organization that has the authority reads engineering cost data, can avoid data leakage, and the security is high. The channels are established based on the data types, different block chains are generated to record data, the engineering cost data can be shared in a small range in a targeted mode, and the safety can be improved to a certain degree.
The structure and workflow of the federation chain system are described in detail below by one embodiment. In this embodiment, the federation chain system includes a plurality of organizations divided by client node identities, and the client nodes in each organization have the same identity. As shown in fig. 2, the federation chain system includes five organizations, an engineering project principal organization (org principal), an engineering contractor organization (org conductor), a consumable supplier organization (org supply), a device renter organization (org lease), and a worker organization (org source), each organization having at least one sort node, five sort nodes being shown in fig. 2. At least one client node and anchor node are included in each organization, e.g., the consumable supplier organization includes three client nodes, cement supplier A, cement supplier B, cement supplier C.
In addition, each organization also comprises an authentication node (CA Peer) and an endorsement node (Endoser Peer), wherein the authentication node is used for authenticating other nodes in the organization; the endorsement node is used for endorsement of the project cost data, and after endorsement, the client node executes chaining operation on the project cost data; for convenience of description, each organization in fig. 2 is additionally provided with a billing node (commit Peer).
The embodiment of the present invention is illustrated by the requirement of linking the construction cost data of the cement supplier A, B, C. Specifically, a cement supplier channel, namely a target channel, is established first; meanwhile, all nodes organized by the engineering contractor are also added into the target channel, at this time, the cement supplier A, B, C can be used as a first client node, and the anchor node in the consumable supplier organization is a first anchor node; the client node and the anchor node within the engineering contractor organization are a second client node and a second anchor node, respectively. One skilled in the art will appreciate that there may be other cement suppliers to create other organizations, such as a third organization, which may also be added to the target pathway. Referring to fig. 3, the process of uploading the local construction cost data by the cement supplier a is specifically as follows:
step 301: the second anchor node broadcasts the public key so that the cement supplier a can acquire the public key.
Step 302: the cement supplier a generates a data key and encrypts the data key according to the obtained public key.
Step 303: the cement supplier a sends the encrypted data key to the first anchor node.
Step 304: and the first anchor node sends the encrypted data key to the second anchor node.
Step 305: and the second anchor node decrypts the encrypted data key according to the private key to obtain the data key therein, and broadcasts the data key in the organization of the engineering contractor, so that all nodes (including the client node) in the organization can obtain the data key.
Step 306: and the cement supplier A encrypts the project cost data according to the data key.
Step 307: and the cement supplier A sends the encrypted construction cost data to the sequencing node.
In the embodiment of the invention, the project cost data can include related data such as brands, specifications, prices and the like, and can be particularly quoted price data and the like. The consumable supplier organization is provided with a master node (Leader Peer) which is responsible for communicating with the sequencing node, and the engineering cost data to be uploaded in the cement supplier A is endorsed by the endorsement node and then is sent to the sequencing node by the master node.
Step 308: and the sequencing node sequences the encrypted construction cost data, stores the encrypted construction cost data into the block chain, and finishes data chaining.
In this embodiment, the client node of the engineering contractor organization may also record the blockchain as an accounting node.
Step 309: and the client node of the engineering contractor organization acquires the encrypted engineering cost data in the block chain, and performs decryption processing based on the data key provided by the cement supplier A, so as to obtain the engineering quotation data of the cement supplier A.
In the embodiment of the invention, other client nodes (namely, a cement supplier B and a cement supplier C) in the consumable supplier organization, cement suppliers of other organizations in a target passage and the like can upload local construction cost data in the mode, so that the client nodes of the engineering contractor organization can acquire the construction cost data of all the cement suppliers, such as quotation data and the like, and the engineering contractor can select a proper supplier by comparing the construction cost data of different cement suppliers; and because the data secret key of each cement supplier is independent, the engineering cost information of other cement suppliers is unknown among the cement suppliers, and the leakage of the engineering cost data can be avoided.
The embodiment of the invention also provides a method for processing the project cost data, and fig. 4 shows a flow chart of the method for processing the project cost data provided by the embodiment of the invention. As shown in fig. 4, the method includes:
step 401: generating a data key, and encrypting the data key according to a public key of a second organization, wherein the second organization is an organization which is different from the first organization in the alliance chain system and has authority to read the project cost data in the first client node, and a target channel is established between the first organization and the second organization;
step 402: sending the encrypted data key to a second anchor node of the second organization through a first anchor node of the first organization, wherein the second anchor node is used for sending the encrypted data key or the data key obtained by decryption according to a private key to a second client node in the second organization;
step 403: and encrypting the construction cost data according to the data key, sending the encrypted construction cost data to a sequencing node for sequencing, and storing the sequenced and encrypted construction cost data into a block chain corresponding to the target channel.
Optionally, the method further comprises: setting a target channel according to the data type of the engineering cost data of the first client node, wherein the target channel corresponds to a unique data type; adding an organization having authority to read the project cost data as a second organization to the target channel.
The method for processing the project cost data is realized based on the alliance chain system, the alliance chain system manages each node by taking an organization as a unit, and the client nodes in each organization have the same identity, so that the establishment of channels among a plurality of organizations by taking the organization as a unit is facilitated, the data uplink of the plurality of client nodes is facilitated to be realized simultaneously based on the channels, and the number of the channels in the alliance chain system can be reduced; reading a public key of a second organization broadcast asymmetric encryption mode of data in a target channel, and after encrypting a data key based on the public key, a first client node uploading the data sends the data key to a second client node through an anchor node of the target channel, so that the second client node can obtain an original data key after decrypting through a private key; the first client node uploads the construction cost data encrypted based on the data key to the block chain, so that the second client node decrypts the encrypted construction cost data through the data key, and thus the original construction cost data is obtained, and other nodes in the target channel which do not have the data key cannot read normally. The method is based on block chain deposit certification engineering cost data, and the data is traceable and is not easy to be tampered; based on the mixed encryption mode of public key, private key, data key, can guarantee that only the second organization that has the authority reads engineering cost data, can avoid data leakage, and the security is high. The channels are established based on the data types, different block chains are generated to record data, the engineering cost data can be shared in a small range in a targeted mode, and the safety can be improved to a certain degree.
The method for processing the engineering cost data provided by the embodiment of the invention can also be realized by a corresponding device, and the device for processing the engineering cost data provided by the embodiment of the invention is described in detail below.
Fig. 5 is a schematic structural diagram of an apparatus for processing construction cost data according to an embodiment of the present invention. The apparatus is located at a first client node in a first organization of a federation chain system, as shown in FIG. 5, the apparatus for processing project cost data comprising:
a key encryption module 51, configured to generate a data key and encrypt the data key according to a public key of a second organization, where the second organization is an organization that is different from the first organization in the federation chain system and has a right to read the engineering cost data in the first client node, and a target channel is established between the first organization and the second organization;
a key sending module 52, configured to send the encrypted data key to a second anchor node of the second organization through a first anchor node of the first organization, where the second anchor node is configured to send the encrypted data key or the data key obtained by decrypting according to a private key to a second client node in the second organization;
and the data cochain module 53 is used for encrypting the construction cost data according to the data key, sending the encrypted construction cost data to the sequencing node for sequencing, and storing the sequenced and encrypted construction cost data into the block chain corresponding to the target channel.
On the basis of the above embodiment, the apparatus further includes: a channel module; the channel module is used for:
setting a target channel according to the data type of the engineering cost data of the first client node, wherein the target channel corresponds to a unique data type;
adding an organization having authority to read the project cost data as a second organization to the target channel.
In addition, an embodiment of the present invention further provides an electronic device, which includes a bus, a transceiver, a memory, a processor, and a computer program stored in the memory and capable of running on the processor, where the transceiver, the memory, and the processor are connected via the bus, and when the computer program is executed by the processor, the processes of the method for processing engineering cost data according to the embodiment are implemented, and the same technical effects can be achieved, and are not described herein again to avoid repetition.
Specifically, referring to fig. 6, an embodiment of the present invention further provides an electronic device, which includes a bus 1110, a processor 1120, a transceiver 1130, a bus interface 1140, a memory 1150, and a user interface 1160.
In an embodiment of the present invention, the electronic device further includes: a computer program stored on the memory 1150 and executable on the processor 1120, the computer program when executed by the processor 1120 performs the processes of the method embodiments of processing engineering cost data described above.
A transceiver 1130 for receiving and transmitting data under the control of the processor 1120.
In embodiments of the invention in which a bus architecture (represented by bus 1110) is used, bus 1110 may include any number of interconnected buses and bridges, with bus 1110 connecting various circuits including one or more processors, represented by processor 1120, and memory, represented by memory 1150.
Bus 1110 represents one or more of any of several types of bus structures, including a memory bus, and memory controller, a peripheral bus, an Accelerated Graphics Port (AGP), a processor, or a local bus using any of a variety of bus architectures. By way of example, and not limitation, such architectures include: an Industry Standard Architecture (ISA) bus, a Micro Channel Architecture (MCA) bus, an Enhanced ISA (EISA) bus, a Video Electronics Standards Association (VESA), a Peripheral Component Interconnect (PCI) bus.
Processor 1120 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method embodiments may be performed by integrated logic circuits in hardware or instructions in software in a processor. The processor described above includes: general purpose processors, Central Processing Units (CPUs), Network Processors (NPs), Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs), Complex Programmable Logic Devices (CPLDs), Programmable Logic Arrays (PLAs), Micro Control Units (MCUs) or other Programmable Logic devices, discrete gates, transistor Logic devices, discrete hardware components. The various methods, steps and logic blocks disclosed in embodiments of the present invention may be implemented or performed. For example, the processor may be a single core processor or a multi-core processor, which may be integrated on a single chip or located on multiple different chips.
Processor 1120 may be a microprocessor or any conventional processor. The steps of the method disclosed in connection with the embodiments of the present invention may be directly performed by a hardware decoding processor, or may be performed by a combination of hardware and software modules in the decoding processor. The software modules may be located in a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Read-Only Memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), a register, and other readable storage media known in the art. The readable storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.
The bus 1110 may also connect various other circuits such as peripherals, voltage regulators, or power management circuits to provide an interface between the bus 1110 and the transceiver 1130, as is well known in the art. Therefore, the embodiments of the present invention will not be further described.
The transceiver 1130 may be one element or may be multiple elements, such as multiple receivers and transmitters, providing a means for communicating with various other apparatus over a transmission medium. For example: the transceiver 1130 receives external data from other devices, and the transceiver 1130 transmits data processed by the processor 1120 to other devices. Depending on the nature of the computer system, a user interface 1160 may also be provided, such as: touch screen, physical keyboard, display, mouse, speaker, microphone, trackball, joystick, stylus.
It is to be appreciated that in embodiments of the invention, the memory 1150 may further include memory located remotely with respect to the processor 1120, which may be coupled to a server via a network. One or more portions of the above-described networks may be an ad hoc network (ad hoc network), an intranet (intranet), an extranet (extranet), a Virtual Private Network (VPN), a Local Area Network (LAN), a Wireless Local Area Network (WLAN), a Wide Area Network (WAN), a Wireless Wide Area Network (WWAN), a Metropolitan Area Network (MAN), the Internet (Internet), a Public Switched Telephone Network (PSTN), a plain old telephone service network (POTS), a cellular telephone network, a wireless fidelity (Wi-Fi) network, and combinations of two or more of the above. For example, the cellular telephone network and the wireless network may be a global system for Mobile Communications (GSM) system, a Code Division Multiple Access (CDMA) system, a Worldwide Interoperability for Microwave Access (WiMAX) system, a General Packet Radio Service (GPRS) system, a Wideband Code Division Multiple Access (WCDMA) system, a Long Term Evolution (LTE) system, an LTE Frequency Division Duplex (FDD) system, an LTE Time Division Duplex (TDD) system, a long term evolution-advanced (LTE-a) system, a Universal Mobile Telecommunications (UMTS) system, an enhanced Mobile Broadband (eMBB) system, a mass Machine Type Communication (mtc) system, an Ultra Reliable Low Latency Communication (urrllc) system, or the like.
It is to be understood that the memory 1150 in embodiments of the present invention can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. Wherein the nonvolatile memory includes: Read-Only Memory (ROM), Programmable ROM (PROM), Erasable PROM (EPROM), Electrically Erasable PROM (EEPROM), or Flash Memory.
The volatile memory includes: random Access Memory (RAM), which acts as an external cache. By way of example, and not limitation, many forms of RAM are available, such as: static random access memory (Static RAM, SRAM), Dynamic random access memory (Dynamic RAM, DRAM), Synchronous Dynamic random access memory (Synchronous DRAM, SDRAM), Double Data Rate Synchronous Dynamic random access memory (Double Data Rate SDRAM, DDRSDRAM), Enhanced Synchronous DRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), and Direct memory bus RAM (DRRAM). The memory 1150 of the electronic device described in the embodiments of the invention includes, but is not limited to, the above and any other suitable types of memory.
In an embodiment of the present invention, memory 1150 stores the following elements of operating system 1151 and application programs 1152: an executable module, a data structure, or a subset thereof, or an expanded set thereof.
Specifically, the operating system 1151 includes various system programs such as: a framework layer, a core library layer, a driver layer, etc. for implementing various basic services and processing hardware-based tasks. Applications 1152 include various applications such as: media Player (Media Player), Browser (Browser), for implementing various application services. A program implementing a method of an embodiment of the invention may be included in application program 1152. The application programs 1152 include: applets, objects, components, logic, data structures, and other computer system executable instructions that perform particular tasks or implement particular abstract data types.
In addition, an embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements each process of the above-mentioned method for processing engineering cost data, and can achieve the same technical effect, and in order to avoid repetition, details are not repeated here.
The computer-readable storage medium includes: permanent and non-permanent, removable and non-removable media may be tangible devices that retain and store instructions for use by an instruction execution apparatus. The computer-readable storage medium includes: electronic memory devices, magnetic memory devices, optical memory devices, electromagnetic memory devices, semiconductor memory devices, and any suitable combination of the foregoing. The computer-readable storage medium includes: phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), non-volatile random access memory (NVRAM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic tape cartridge storage, magnetic tape disk storage or other magnetic storage devices, memory sticks, mechanically encoded devices (e.g., punched cards or raised structures in a groove having instructions recorded thereon), or any other non-transmission medium useful for storing information that may be accessed by a computing device. As defined in embodiments of the present invention, the computer-readable storage medium does not include transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission medium (e.g., optical pulses traveling through a fiber optic cable), or electrical signals transmitted through a wire.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus, electronic device and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions in actual implementation, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electrical, mechanical or other form of connection.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one position, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to solve the problem to be solved by the embodiment of the invention.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the embodiments of the present invention may be substantially or partially contributed by the prior art, or all or part of the technical solutions may be embodied in a software product stored in a storage medium and including instructions for causing a computer device (including a personal computer, a server, a data center, or other network devices) to execute all or part of the steps of the methods of the embodiments of the present invention. And the storage medium includes various media that can store the program code as listed in the foregoing.
The above description is only a specific implementation of the embodiments of the present invention, but the scope of the embodiments of the present invention is not limited thereto, and any person skilled in the art can easily conceive of changes or substitutions within the technical scope of the embodiments of the present invention, and all such changes or substitutions should be covered by the scope of the embodiments of the present invention. Therefore, the protection scope of the embodiments of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. A method of processing engineering cost data, performed by a first client node in a first organization of a federation chain system, the method comprising:
generating a data key, and encrypting the data key according to a public key of a second organization, wherein the second organization is an organization which is different from the first organization in the alliance chain system and has authority to read the project cost data in the first client node, and a target channel is established between the first organization and the second organization;
sending the encrypted data key to a second anchor node of the second organization through a first anchor node of the first organization, wherein the second anchor node is used for sending the encrypted data key or the data key obtained by decryption according to a private key to a second client node in the second organization;
and encrypting the construction cost data according to the data key, sending the encrypted construction cost data to a sequencing node for sequencing, and storing the sequenced and encrypted construction cost data into a block chain corresponding to the target channel.
2. The method of claim 1, further comprising:
setting a target channel according to the data type of the engineering cost data of the first client node, wherein the target channel corresponds to a unique data type;
adding an organization having authority to read the project cost data as a second organization to the target channel.
3. An apparatus for processing engineering cost data, a first client node located in a first organization of a federation chain system, the apparatus comprising:
the key encryption module is used for generating a data key and encrypting the data key according to a public key of a second organization, the second organization is an organization which is different from the first organization in the alliance chain system and has a right to read the project cost data in the first client node, and a target channel is established between the first organization and the second organization;
a key sending module, configured to send the encrypted data key to a second anchor node of the second organization through a first anchor node of the first organization, where the second anchor node is configured to send the encrypted data key or the data key obtained by decryption according to a private key to a second client node in the second organization;
and the data chaining module is used for encrypting the construction cost data according to the data key and sending the encrypted construction cost data to the sequencing node for sequencing so as to store the sequenced and encrypted construction cost data into the block chain corresponding to the target channel.
4. The apparatus of claim 3, further comprising: a channel module; the channel module is used for:
setting a target channel according to the data type of the engineering cost data of the first client node, wherein the target channel corresponds to a unique data type;
adding an organization having authority to read the project cost data as a second organization to the target channel.
5. A federation chain system for processing project cost data, comprising a sequencing node and a plurality of organizations, each organization comprising a respective at least one client node and at least one anchor node; wherein a target channel is established between a first organization and a second organization in the plurality of organizations, and the second organization has authority to read the project cost data of a first client node in the first organization;
the first client node in the first organization is used for generating a data key and encrypting the data key according to a public key of a second organization;
the first client node sends the encrypted data key to a first anchor node in the first organization, and the first anchor node forwards the encrypted data key to a second anchor node of the second organization;
the second anchor node is used for sending the encrypted data key or the data key obtained by decryption according to a private key to a second client node in the second organization;
and the first client node is also used for encrypting the construction cost data according to the data key, sending the encrypted construction cost data to the sequencing node for sequencing, and storing the sequenced and encrypted construction cost data into the block chain corresponding to the target channel.
6. A federation chain system as in claim 5,
the second client node is used for receiving the data key sent by the second anchor node, or the second client node is used for obtaining the data key by decryption according to a private key;
and the second client node is also used for acquiring the encrypted construction cost data in the block chain and carrying out decryption processing according to the data key to obtain the original construction cost data.
7. The federation chain system of claim 5, wherein the federation chain system is further configured to:
setting a target channel according to the data type of the engineering cost data of the first client node, wherein the target channel corresponds to a unique data type;
adding an organization having authority to read the project cost data as a second organization to the target channel.
8. The federation chain system of claim 5, wherein the number of the sequencing nodes is plural, and each of the organizations corresponds to at least one sequencing node.
9. A federation chain system as claimed in claim 5, wherein the target channel corresponds to a plurality of the first organisations, the project cost data of each of the first organisations being of the same data type.
10. A federation chain system as claimed in any one of claims 5 to 9, wherein the organisation further comprises: an authentication node and an endorsement node;
the authentication node is used for authenticating other nodes in the organization;
and the endorsement node is used for endorsement of the project cost data, and after endorsement, the first client node executes chaining operation on the project cost data.
CN202110271262.1A 2021-03-12 2021-03-12 Method and device for processing engineering cost data and alliance chain system Pending CN112685789A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110271262.1A CN112685789A (en) 2021-03-12 2021-03-12 Method and device for processing engineering cost data and alliance chain system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110271262.1A CN112685789A (en) 2021-03-12 2021-03-12 Method and device for processing engineering cost data and alliance chain system

Publications (1)

Publication Number Publication Date
CN112685789A true CN112685789A (en) 2021-04-20

Family

ID=75455471

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110271262.1A Pending CN112685789A (en) 2021-03-12 2021-03-12 Method and device for processing engineering cost data and alliance chain system

Country Status (1)

Country Link
CN (1) CN112685789A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113657972A (en) * 2021-08-31 2021-11-16 卓尔智联(武汉)研究院有限公司 Article transaction method based on block chain, computer device and storage medium
CN114338242A (en) * 2022-03-10 2022-04-12 广东省科技基础条件平台中心 Cross-domain single sign-on access method and system based on block chain technology
CN115967583A (en) * 2023-03-16 2023-04-14 安羚科技(杭州)有限公司 Key management system and method based on alliance chain

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109995715A (en) * 2017-12-29 2019-07-09 百度在线网络技术(北京)有限公司 Private data encipher-decipher method, device, equipment and the storage medium of block chain
CN110033258A (en) * 2018-11-12 2019-07-19 阿里巴巴集团控股有限公司 Business datum encryption method and device based on block chain
CN110266817A (en) * 2019-07-15 2019-09-20 武汉天喻信息产业股份有限公司 Across channel data sharing model, sharing method and device based on block chain
CN111008385A (en) * 2019-11-21 2020-04-14 山东爱城市网信息技术有限公司 Method, device and medium for constructing privacy transaction in block chain super account book
CN111030806A (en) * 2019-11-21 2020-04-17 山东爱城市网信息技术有限公司 Method, device and medium for creating virtual channel based on block chain super account book
US20200342455A1 (en) * 2019-04-24 2020-10-29 Cerner Innovation, Inc. Providing a financial/clinical data interchange
CN112132682A (en) * 2020-08-10 2020-12-25 国网浙江省电力有限公司嘉兴供电公司 Electric power transaction method, device and system based on block chain technology

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109995715A (en) * 2017-12-29 2019-07-09 百度在线网络技术(北京)有限公司 Private data encipher-decipher method, device, equipment and the storage medium of block chain
CN110033258A (en) * 2018-11-12 2019-07-19 阿里巴巴集团控股有限公司 Business datum encryption method and device based on block chain
US20200342455A1 (en) * 2019-04-24 2020-10-29 Cerner Innovation, Inc. Providing a financial/clinical data interchange
CN110266817A (en) * 2019-07-15 2019-09-20 武汉天喻信息产业股份有限公司 Across channel data sharing model, sharing method and device based on block chain
CN111008385A (en) * 2019-11-21 2020-04-14 山东爱城市网信息技术有限公司 Method, device and medium for constructing privacy transaction in block chain super account book
CN111030806A (en) * 2019-11-21 2020-04-17 山东爱城市网信息技术有限公司 Method, device and medium for creating virtual channel based on block chain super account book
CN112132682A (en) * 2020-08-10 2020-12-25 国网浙江省电力有限公司嘉兴供电公司 Electric power transaction method, device and system based on block chain technology

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
邱云翔等: "基于CP_ABE算法的区块链数据访问控制方案", 《网络与信息安全学报》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113657972A (en) * 2021-08-31 2021-11-16 卓尔智联(武汉)研究院有限公司 Article transaction method based on block chain, computer device and storage medium
CN114338242A (en) * 2022-03-10 2022-04-12 广东省科技基础条件平台中心 Cross-domain single sign-on access method and system based on block chain technology
CN115967583A (en) * 2023-03-16 2023-04-14 安羚科技(杭州)有限公司 Key management system and method based on alliance chain

Similar Documents

Publication Publication Date Title
CN110290094B (en) Method and device for controlling data access authority
CN112685789A (en) Method and device for processing engineering cost data and alliance chain system
CN111797415A (en) Block chain based data sharing method, electronic device and storage medium
CN103973736A (en) Data sharing method and device
CN112581126A (en) Block chain-based platform data management method and device and storage medium
JP7149445B2 (en) Encrypted data sharing management for blockchain
US11290262B2 (en) Method and devices for communicating securely between devices
CN111292041A (en) Electronic contract generating method, device, equipment and storage medium
CN111193703B (en) Communication apparatus and communication method used in distributed network
CN111723384B (en) Data processing method, system and equipment
KR102368525B1 (en) System and Method for Managing Digital document using Blockchain and IPFS
CN110311787A (en) Authorization management method, system, equipment and computer readable storage medium
US20230006825A1 (en) Secure orbit communication
CN110032874A (en) A kind of date storage method, device and equipment
CN115296838A (en) Data sharing method, system and storage medium based on block chain
WO2021027526A1 (en) Data storage method, device, computer apparatus, and storage medium
WO2021168614A1 (en) Data encryption processing method, data decryption processing method, apparatus, and electronic device
CN117034287A (en) Multiparty joint modeling safety enhancement method based on privacy computing interconnection and interworking technology
CN115828300A (en) Block chain-based government affair information processing method and system with privacy protection function
CN111010283A (en) Method and apparatus for generating information
KR102512871B1 (en) Centralized private key management method for multiple user devices related to a single public key
CN114036232A (en) Block chain data processing method, device, storage medium, node and system
CN115250176A (en) Carbon emission data processing method and device
KR102496436B1 (en) Method of storing plurality of data pieces in storage in blockchain network and method of receiving plurality of data pieces
CN112818410A (en) Method and device for sharing building information model and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210420

RJ01 Rejection of invention patent application after publication