CN112989380A - Resource exchange processing method, device, equipment and storage medium - Google Patents

Resource exchange processing method, device, equipment and storage medium Download PDF

Info

Publication number
CN112989380A
CN112989380A CN202110290804.XA CN202110290804A CN112989380A CN 112989380 A CN112989380 A CN 112989380A CN 202110290804 A CN202110290804 A CN 202110290804A CN 112989380 A CN112989380 A CN 112989380A
Authority
CN
China
Prior art keywords
resource
certificate
authorization
initiator
identifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110290804.XA
Other languages
Chinese (zh)
Inventor
曾纪策
范涛
陈天健
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
WeBank Co Ltd
Original Assignee
WeBank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by WeBank Co Ltd filed Critical WeBank Co Ltd
Priority to CN202110290804.XA priority Critical patent/CN112989380A/en
Publication of CN112989380A publication Critical patent/CN112989380A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a resource exchange processing method, a device, equipment and a storage medium, wherein the method comprises the following steps: receiving a request message for indicating that a resource initiator applies for using the resource provided by a resource provider, and sending the request message to the resource provider; if the resource authorization information is received, generating a target resource authorization voucher identifier according to the resource authorization information; storing the target resource authorization voucher identification in a public block chain network, informing a resource initiator of successful authorization and sending voucher content corresponding to the target resource authorization voucher identification to the resource initiator; and verifying the received certificate content to be verified according to the target resource authorization certificate identification and the corresponding certificate content, and if the verification is successful, allowing the resource initiator to use the resource provided by the resource provider. The invention can support each participant participating in the federal learning to perform the credible resource exchange, can reduce the cooperative coordination cost and simultaneously improve the processing efficiency.

Description

Resource exchange processing method, device, equipment and storage medium
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a method, an apparatus, a device, and a storage medium for resource exchange processing.
Background
Federal learning is a machine learning task performed by combining a plurality of participants, wherein one or some participants hope to exchange some non-core data resources, such as logs, indexes and the like, with each other in cooperation, so that the cooperation coordination cost is reduced, and the cooperation efficiency is improved.
However, in the current federal learning, all the participants perform modeling together to realize the processes of encrypted sample alignment, encrypted model training and effect excitation, and in order to ensure the resource safety of all the participants, the participants participating in the federal learning are not supported to perform credible resource exchange, so that the cooperative coordination cost cannot be reduced, and the processing efficiency is improved.
Disclosure of Invention
The invention mainly aims to provide a resource exchange processing method, a resource exchange processing device, equipment and a storage medium, and aims to solve the problems that each participant who participates in federal learning is not supported to perform trusted resource exchange in the existing federal learning, so that the cooperative coordination cost cannot be reduced, and the processing efficiency cannot be improved.
In order to achieve the above object, the present invention provides a resource exchange processing method, including:
receiving a request message for indicating that a resource initiator applies for using a resource provided by a resource provider, and sending the request message to the resource provider;
if receiving the resource authorization information sent by the resource provider, generating a target resource authorization voucher identifier according to the resource authorization information;
storing the target resource authorization voucher identification in a public block chain network, notifying the resource initiator of successful authorization and sending voucher content corresponding to the target resource authorization voucher identification to the resource initiator;
and verifying the received certificate content to be verified sent by the resource initiator according to the target resource authorization certificate identification and the certificate content corresponding to the target resource authorization certificate identification, and if the verification is successful, allowing the resource initiator to use the resource provided by the resource provider.
In a possible implementation manner, the generating a target resource authorization credential identifier according to the resource authorization information includes:
if the request message is sent by the resource initiator through at least one third party, generating voucher contents corresponding to the third parties according to the resource authorization information, and storing the voucher contents;
generating a voucher identification corresponding to each third party and a first nested voucher identification corresponding to the at least one third party according to the voucher content corresponding to each third party, and storing the voucher identification corresponding to each third party into a public block chain network;
and generating a target resource authorization voucher identifier according to the first nested voucher identifier and the resource authorization information corresponding to the resource initiator.
In a possible implementation manner, the generating the credential identifier corresponding to each third party and the first nested credential identifier corresponding to the at least one third party includes:
traversing the at least one third party according to the voucher content and the reverse order of the request message sent by the at least one third party, and executing the following steps for each traversed third party:
generating a certificate identifier corresponding to the current third party according to the certificate content corresponding to the current third party, and storing the certificate identifier corresponding to the current third party into the public block chain network;
generating a nesting certificate identifier corresponding to the current third party by using the certificate identifier corresponding to the current third party and the certificate identifier corresponding to the last third party;
and the nested certificate mark corresponding to the third party with the last reverse order is the first nested certificate mark.
In one possible implementation, the storing the target resource authorization credential identifier in a public block chain network includes:
writing the target resource authorization certificate identification into a resource provider blockchain node in a public blockchain network, and synchronously storing the target resource authorization certificate identification to other nodes of the public blockchain network;
and after the public blockchain network confirms that the synchronization is successful, receiving a message which is sent by the resource provider blockchain node and used for indicating the success of authorization, and sending the message which is used for indicating the success of authorization to the resource provider.
In a possible implementation manner, the verifying the received certificate identifier to be verified sent by the resource initiator according to the target resource authorization certificate identifier and the certificate content corresponding to the target resource authorization certificate identifier includes:
acquiring the target resource authorization certificate identification from the public block chain network;
and verifying the certificate identification to be verified according to the stored certificate content corresponding to the target resource authorization certificate identification and the target resource authorization certificate identification.
In a possible implementation manner, the target resource authorization credential identifier includes a resource identifier field, an authorization site field, and an effective date field, and credential content corresponding to the target resource authorization credential identifier includes identity information of the resource initiator;
the verifying the content of the certificate to be verified according to the stored certificate content corresponding to the target resource authorization certificate identifier and the target resource authorization certificate identifier comprises:
according to the identity information of the resource initiator in the certificate content corresponding to the target resource authorization certificate identification, verifying the identity information in the certificate content to be verified;
if the identity is consistent with the identity of the target resource authorization certificate, the identity verification is determined to be successful, the content of the certificate to be verified is subjected to Hash calculation to generate a certificate identifier to be verified, and the certificate identifier to be verified is verified according to the target resource authorization certificate identifier;
and if the verification is successful, verifying the content represented by each field in the certificate mark to be verified.
In a possible implementation manner, the checking the content represented by each field in the to-be-checked certificate identifier includes:
matching the content represented by each field in the target resource authorization voucher identification with the content represented by each field in the voucher identification to be checked;
and if the matching is successful, determining that the resource authority corresponding to the resource initiator is successfully checked, so as to allow the resource initiator to use the resource provided by the resource provider.
The invention also provides a resource exchange processing device, which comprises:
the system comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving a request message for indicating that a resource initiator applies for using a resource provided by a resource provider and sending the request message to the resource provider;
the first processing module is used for generating a target resource authorization voucher identifier according to the resource authorization information when receiving the resource authorization information sent by the resource provider;
the second processing module is used for storing the target resource authorization voucher identification in a public block chain network, notifying the resource initiator of successful authorization and sending voucher content corresponding to the target resource authorization voucher identification to the resource initiator;
and the third processing module is used for verifying the received content of the certificate to be verified sent by the resource initiator according to the target resource authorization certificate identifier and the certificate content corresponding to the target resource authorization certificate identifier, and if the verification is successful, allowing the resource initiator to use the resource provided by the resource provider.
The present invention also provides a resource exchange processing device, including: a memory, a processor and a resource exchange handler stored on the memory and executable on the processor, the resource exchange handler when executed by the processor implementing the steps of the resource exchange processing method according to any of the preceding claims.
The present invention also provides a computer readable storage medium having stored thereon a resource exchange processing program which, when executed by a processor, implements the steps of the resource exchange processing method as set forth in any one of the preceding claims.
The invention also provides a computer program product comprising a computer program which, when executed by a processor, carries out the steps of the resource exchange processing method as claimed in any one of the preceding claims.
In the invention, firstly, a request message for indicating that a resource initiator applies for using the resource provided by a resource provider is received, and the request message is sent to the resource provider; if receiving the resource authorization information sent by the resource provider, generating a target resource authorization voucher identifier according to the resource authorization information; then storing the target resource authorization voucher identification in a public block link network, ensuring the storage permanence, authenticable, non-tamper-proof property and traceability of the target resource authorization voucher identification based on the characteristics of a block link, notifying the resource initiator of successful authorization and sending voucher content (namely target resource authorization voucher content) corresponding to the target resource authorization voucher identification to the resource initiator; and verifying the received content of the certificate to be verified sent by the resource initiator according to the identification of the target resource authorization certificate and the content of the target resource authorization certificate, and if the verification is successful, allowing the resource initiator to use the resource provided by the resource provider. The resource authorization voucher identification is recorded in the blockchain based on the storage permanence, the non-tampering property and the traceability of the blockchain, when a resource initiator applies for using or exchanging resources provided by a resource provider, the identity of the resource authorization voucher identification can be verified, after the verification is successful, the resource initiator is allowed to use the resources provided by the resource provider, and each participant (such as the resource initiator and the resource provider) participating in federal learning is supported to perform trusted resource exchange, so that the cooperation coordination cost can be reduced, and meanwhile, the processing efficiency is improved.
Drawings
Fig. 1 is a schematic view of a scenario of a resource exchange processing method according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a resource exchange processing method according to an embodiment of the present invention;
FIG. 3 is a diagram illustrating trusted exchange of multi-party resources according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of another resource exchange processing method according to an embodiment of the present invention;
fig. 5 is a flowchart illustrating a resource exchange processing method according to another embodiment of the present invention;
fig. 6 is a schematic structural diagram of a resource exchange processing apparatus according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a resource exchange processing device according to an embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
In many fields, technologies such as machine learning and model training based on big data are continuously developed. By mining large data, a lot of valuable information can be obtained. With the development of technology, the source of raw data is more and more extensive, and even cross-domain union can be achieved.
In some business scenarios, multiple business platforms collect respective business data. The service data is valuable and is usually kept as the privacy information of the service platform. Each service platform does not want to share the original form of service data with other service platforms. In some needs, however, multiple business platforms desire to perform collaborative computing without exposing business data of the parties to improve business processing capabilities. Based on the above, the federal machine learning and other modes are carried out.
Federal Machine Learning (also called federal Learning), which can combine all parties to perform data use and collaborative modeling on the premise that data is not out of the local, is gradually a common method in privacy protection calculation.
At present, in the existing federal learning, all participants jointly model, so that the processes of encrypted sample alignment, encrypted model training and effect excitation are realized, and in order to ensure the resource safety of all the participants, the participants participating in the federal learning are not supported to carry out the credible resource exchange, so that the cooperative coordination cost cannot be reduced, and the processing efficiency is improved.
In order to solve the problem, the technical idea of the present invention is to design that if it is desired to implement trusted exchange of resources based on federal learning, a resource initiator first needs to send a request message for applying for use or resource exchange to a resource provider, and the resource provider generates a resource authorization credential identifier and records the identifier on a block chain, and based on the storage permanence, non-tamper-property and traceability of the block chain, the resource initiator is allowed to use or exchange resources provided by the resource provider by virtue of the credential identifier, so that multiple participants of interactive data perform trusted exchange, and thus, trusted exchange of data resources by each participant is enabled under privacy protection.
Some embodiments of the invention are described in detail below with reference to the accompanying drawings. The features of the embodiments and examples described below may be combined with each other without conflict between the embodiments.
Fig. 1 is a schematic view of a scenario of a resource exchange processing method according to an embodiment of the present invention. The execution subject in the method of this embodiment may be a resource exchange processing device, such as a federally learned blockchain system (i.e., a FATE Chain system), and the FATE Chain system may be a terminal device or a server and has a resource exchange processing function.
In practical application, each participant participating in federal learning, such as a resource initiator and a resource provider, where the resource initiator may also be a resource provider, and likewise, the resource provider may also be a resource initiator. Taking the resource initiator applying for using the resource provided by the resource provider as an example, in the process of resource exchange processing, when the resource initiator wants to use or exchange the resource provided by the resource provider, a request message for indicating that the resource initiator applies for using the resource provided by the resource provider may be sent to the resource provider, where the request message may include a resource authorization request, and when the resource provider receives the request message, the resource authorization information (such as data set authorization information: authorization site, data set identifier, and the like) carried in the request message may be sent to the FATE Chain system, and the FATE Chain system generates and stores the resource authorization credential content based on the resource authorization information, and generates and records the resource authorization credential identifier in the block Chain, so that the resource authorization credential identifier has storage permanence, Non-tamper-proof property, traceability and authentication. When the FATE Chain system finishes authorization, the information of successful authorization is sent to a resource provider, when a resource initiator wants to use resources provided by the resource provider, a certificate identifier is firstly obtained through the FATE Chain system, then a resource use application is sent to the resource provider based on the obtained certificate identifier, at the moment, the FATE Chain system needs to verify the certificate identifier sent by the resource initiator based on the certificate identifier stored on a block Chain, and if the verification is passed, the resource initiator is allowed to use or exchange the resources provided by the resource provider.
The resource authorization voucher mark is recorded in the blockchain, so that the authorization voucher mark can not be tampered and authenticated, and the resource exchange is transmitted through a blockchain network security channel, and the multiple encryption mode is provided to ensure that the resource is not stolen.
Fig. 2 is a flowchart illustrating a resource exchange processing method according to an embodiment of the present invention. The method in this embodiment may be implemented by software, hardware, or a combination of software and hardware. As shown in fig. 2, the method may include:
s201, receiving a request message for indicating that a resource initiator applies for using the resource provided by a resource provider, and sending the request message to the resource provider.
Specifically, the resource participant may directly send a request message to the resource provider, that is, only the resource initiator and the resource provider perform trusted resource exchange; the resource participant may also send a request message to the resource provider through at least one third party, that is, the resource initiator does not directly obtain the resource from the resource provider, but obtains the resource from the resource provider through at least one third party, and then the resource initiator obtains the resource from the resource provider from the third party, see the schematic diagram of the multi-participant resource trusted exchange shown in fig. 3, which is exemplary, one resource initiator, one resource provider, and three third parties (third party a, third party B, and third party C).
The FATE Chain system can directly receive a request message which is sent by a resource initiator and used for indicating that the resource initiator applies for using a resource provided by a resource provider, and sends the request message to the resource provider; a request message sent by a third party may also be received and sent to the resource provider. The content of the request message sent in different manners may be different, that is, the resource authorization information carried by the request message may be different. The resource authorization information may include an authorized site, a resource identification, and the like.
S202, if receiving the resource authorization information sent by the resource provider, generating a target resource authorization voucher identifier according to the resource authorization information.
Specifically, the resource provider sends resource authorization information to the FATE Chain system based on the request message, and when the FATE Chain system receives the resource authorization information (such as an authorization site, a resource identifier, and the like), generates corresponding credential content according to the authorization site, the resource identifier, and the like, and performs hash calculation on the credential content to generate a credential identifier, that is, a target resource authorization credential identifier, where the credential identifier may be a credential fingerprint or a credential iris, and is not limited specifically here.
S203, storing the target resource authorization certificate identification in a public block chain network, notifying the resource initiator that authorization is successful, and sending the target resource authorization certificate identification to the resource initiator.
Specifically, in order to ensure the storage permanence, non-tamper-proof property, traceability and authentification of the certificate identifier, the FATE Chain system may store the target resource authorization certificate identifier in a public block Chain network, that is, on a block Chain, and send a successful authorization message and the certificate content corresponding to the target resource authorization certificate identifier, that is, the target resource authorization certificate content, to the resource initiator through the resource provider, where the resource initiator may perform modeling configuration according to the certificate content obtained by the resource initiator during the process of obtaining resources by the resource provider, generate the certificate content to be verified, wait to be verified by the FATE Chain system, and allow the resource initiator to use the resources provided by the resource provider only if the verification is successful.
S204, verifying the received certificate content to be verified sent by the resource initiator according to the target resource authorization certificate identification and the certificate content corresponding to the target resource authorization certificate identification, and allowing the resource initiator to use the resource provided by the resource provider if the verification is successful.
For the safety of information exchange, the FATE Chain system checks the content of the certificate to be checked based on the certificate identifier stored in the block Chain, wherein the checking can include identity checking, certificate identifier checking, certificate content checking and the like, and only if the checking is successful, the authorization and authentication of the resource initiator are determined to be successful, and the resource initiator is allowed to use the resource provided by the resource provider. The checking process, namely the resource exchange behavior is recorded in the block chain, so that the behavior record is guaranteed to be not falsifiable, traceable and auditable, the resource exchange is transmitted through a block chain network security channel, and the resource is guaranteed not to be stolen in a multiple encryption mode.
In the resource exchange processing method provided by this embodiment, first, a request message for indicating that a resource initiator applies for using a resource provided by a resource provider is received, and the request message is sent to the resource provider; if receiving the resource authorization information sent by the resource provider, generating a target resource authorization voucher identifier according to the resource authorization information; then storing the target resource authorization voucher identification in a public block link network, ensuring the storage permanence, certifiability, non-tamper property and traceability of the target resource authorization voucher identification based on the characteristics of a block link, informing the resource initiator that the authorization is successful and sending the voucher content corresponding to the target resource authorization voucher identification to the resource initiator; and verifying the received certificate content to be verified sent by the resource initiator according to the target resource authorization certificate identification and the certificate content corresponding to the target resource authorization certificate identification, and if the verification is successful, allowing the resource initiator to use the resource provided by the resource provider. The resource authorization certificate fingerprint is recorded in the block chain based on the storage permanence, the non-tampering property and the traceability of the block chain, when a resource initiator applies for using or exchanging resources provided by a resource provider, the identity of the resource authorization certificate fingerprint can be verified, after the verification is successful, the resource initiator is allowed to use the resources provided by the resource provider, and each participant (such as the resource initiator, the resource provider and the like) participating in federal learning is supported to perform trusted resource exchange, so that the cooperation coordination cost can be reduced, and the processing efficiency is improved.
Optionally, in this embodiment, on the basis of the foregoing embodiment, S202 is described in detail. Generating a target resource authorization voucher identifier according to the resource authorization information, which can be realized by the following steps:
a1, if the request message is sent by the resource initiator through at least one third party, generating voucher contents corresponding to each third party according to the resource authorization information, and storing the voucher contents;
step a2, generating a voucher identification corresponding to each third party and a first nested voucher identification corresponding to the at least one third party according to the voucher content corresponding to each third party, and storing the voucher identification corresponding to each third party in a public block chain network.
Generating the credential identifier corresponding to each third party and the first nested credential identifier corresponding to the at least one third party may be implemented by the following steps:
traversing the at least one third party according to the voucher content and the reverse order of the request message sent by the at least one third party, and executing the following steps for each traversed third party:
b1, generating a certificate identifier corresponding to the current third party according to the certificate content corresponding to the current third party, and storing the certificate identifier corresponding to the current third party into the public block chain network;
b2, generating a nesting certificate identifier corresponding to the current third party by using the certificate identifier corresponding to the current third party and the certificate identifier corresponding to the last third party;
and the nested certificate mark corresponding to the third party with the last reverse order is the first nested certificate mark.
Step a3, generating a target resource authorization voucher mark according to the first nested voucher mark and the resource authorization information corresponding to the resource initiator.
If the request message is sent by the resource initiator through at least one third party, as shown in fig. 3, taking three third parties as an example, first, the resource provider obtains the request message sent by the third party a, obtains identity information of the third party a through the data system and obtains resource authorization information corresponding to the third party a (including an authorization site a and a resource identifier a, which resources can be authorized to the third party a, and the like), and desensitizes the request message, and then, the resource provider sends the resource authorization information corresponding to the third party a to the FATE Chain system to generate a credential a, where the credential a may be a credential a fingerprint obtained through hash calculation, and the FATE Chain system writes the credential a fingerprint onto the block Chain network and sends the credential a to the third party a through the resource provider. Here, the credential may be used to represent a credential identifier, and the following embodiments are not described again. The credential identifier may be a credential fingerprint or a credential iris, and the credential fingerprint is used as an example below.
When a third party A receives a request message sent by a third party B, identity information of the third party B is obtained, resource authorization information corresponding to the third party B is obtained (including an authorization site B and resource identification B which are to be authorized to the third party B and the like), then the third party A sends the resource authorization information corresponding to the third party B to an FATE Chain system to generate a certificate B, wherein the certificate B can be a certificate B fingerprint obtained through Hash calculation, the FATE Chain system writes the certificate B fingerprint into a block Chain network and generates a nested certificate B by combining the certificate A, and the third party A sends the nested certificate B to the third party B.
When a third party B receives a request message sent by a third party C, identity information of the third party C is obtained, resource authorization information corresponding to the third party C is obtained (including authorization site C and resource identification C which resources can be authorized to the third party B and the like), the third party B sends the resource authorization information corresponding to the third party C to a FATE Chain system to generate a certificate C, the certificate C can be a certificate C fingerprint obtained through Hash calculation, the FATE Chain system writes the certificate C fingerprint into a block Chain network and generates a nested certificate C by combining with the nested certificate B, and the third party B sends the nested certificate C to the third party C. Taking three third parties as an example, the nested certificate C is the first nested certificate.
By analogy, when a third party C receives a request message sent by a resource initiator, the third party C obtains identity information of the resource initiator and obtains resource authorization information corresponding to the resource initiator (including an authorization site 1, which resources the resource identifier 1 is to authorize to the resource initiator, and the like), the third party C sends the resource authorization information corresponding to the resource initiator to a FATE Chain system to generate a credential 1, where the credential 1 may be a credential 1 fingerprint obtained through hash calculation, and the FATE Chain system writes the credential 1 fingerprint into a block Chain network and generates a nested credential 1 (i.e., a target resource authorization credential identifier) in combination with the nested credential C. When a resource initiator applies for resource exchange, a target resource authorization voucher identification is obtained from a block chain network through a safety channel of the block chain network, the voucher content sent by the resource initiator is verified, if the verification is successful, the resource initiator is allowed to use the resource provided by the resource provider, the resource exchange behavior is stored in the block chain network, and the behavior record is guaranteed to be not falsified, traceable and auditable.
In addition, if there is no third party, when the resource initiator directly applies for resource exchange to the resource provider, the process of generating the credential identifier may refer to the process of the resource provider obtaining the credential identifier corresponding to the request message sent by the third party a, and the generated credential identifier is directly the target resource credential identifier, instead of the nested credential identifier, which is not described herein again.
Optionally, after generating the target resource authorization credential identifier, in order to ensure that the authorization credential identifier is not falsifiable and is certifiable, the target resource authorization credential identifier may be stored in the public block chain network, and the following steps may be performed:
step c1, writing the target resource authorization certificate identification into a resource provider blockchain node in a public blockchain network, and synchronously storing the target resource authorization certificate identification into other nodes of the public blockchain network;
and c2, after the public blockchain network confirms that the synchronization is successful, receiving the message which is sent by the resource provider blockchain node and used for indicating the success of the authorization, and sending the message which is used for indicating the success of the authorization to the resource provider.
The FATE Chain system may include a resource initiator blockchain system (i.e., FATE Chain (a)) and a resource provider blockchain system (i.e., FATE Chain (B)).
Specifically, referring to fig. 4, fig. 4 is a schematic flowchart of another resource exchange processing method according to an embodiment of the present invention. The process of authorizing resources (including the process of credential identity storage) is:
taking an authorized data set as an example (for example, a resource refers to a data set), a resource provider sends data set authorization information to the FATE Chain (a) through an upper management system (such as a data system, that is, the FATE Studio (a)), and the FATE Chain (a) sends the data set authorization information to the resource provider according to the obtained data set authorization information: the method comprises the steps that a certificate content is generated by an authorization site, a data set identifier and the like, hash calculation is carried out on the certificate content to generate a certificate identifier (namely a target resource authorization certificate identifier), the certificate hash (namely the certificate hash) is written into a Block Chain Node (namely a Block Chain Node (A)) of a resource provider, the Block Chain Node (A) synchronizes the certificate hash to other nodes in a public Block Chain network, namely the certificate hash is recorded on a Block Chain.
After the information is recorded in the public blockchain network, the public blockchain network sends the information which is successfully synchronized to the blockchain node of the resource provider, then the blockchain node of the resource provider sends the information which is successfully authorized to the FATE Chain (A), and the FATE Chain (A) sends the information which is successfully authorized to the FATE Studio (A) to complete the authorization.
Optionally, how to check the credential may be implemented by the following steps:
and d1, obtaining the target resource authorization certificate identification from the public block chain network.
And d2, verifying the certificate mark to be verified according to the stored certificate content corresponding to the target resource authorization certificate mark and the target resource authorization certificate mark.
After the resource provider sends the target resource authorization voucher content to the resource initiator, when the resource initiator applies for resource exchange, in order to ensure trusted exchange of data and avoid the resource initiator from applying for wrong resources or resources other than authorization, the voucher content (i.e. voucher content to be verified) sent by the resource initiator needs to be verified, i.e. the resource authority of the voucher content is verified, and if verification is successful, the resource initiator is allowed to use the resources provided by the resource provider.
Optionally, the target resource authorization credential identifier includes a resource identifier field, an authorization site field, and an effective date field, where credential content corresponding to the target resource authorization credential identifier includes identity information of the resource initiator; how to verify the content of the voucher to be verified based on the above information, namely the target resource authorization voucher identification and the voucher content, can be realized by the following steps:
step e1, according to the identity information of the resource initiator in the voucher content corresponding to the target resource authorization voucher identification, verifying the identity information in the voucher content to be verified;
step e2, if the identity is consistent, the identity verification is determined to be successful, the content of the certificate to be verified is subjected to hash calculation to generate a certificate identifier to be verified, and the certificate identifier to be verified is verified according to the target resource authorization certificate identifier;
and e3, if the verification is successful, verifying the content represented by each field in the certificate identification to be verified.
The content represented by each field in the certificate identifier to be checked is checked, and the method can be realized through the following steps:
step f1, matching the content represented by each field in the target resource authorization voucher mark with the content represented by each field in the voucher mark to be checked;
step f2, if the matching is successful, determining that the resource authority corresponding to the resource initiator is successfully checked, so as to allow the resource initiator to use the resource provided by the resource provider.
Specifically, referring to fig. 5, fig. 5 is a schematic flowchart of another resource exchange processing method according to an embodiment of the present invention. The process of checking the resource authority comprises the following steps of (identity checking, certificate identification hash checking and certificate identification content checking):
taking the identification of the target resource authorization credential as a dataset credential (e.g., where the resource refers to a dataset), the resource initiator obtains the dataset credential (i.e., the dataset credential content) from the initiator blockchain system (i.e., the FATE Chain (B)) through a resource initiator modeling system (i.e., the FATE Flow (B)) in the modeling system, the FATE Chain (B) returns the dataset credential to the FATE Flow (B), and then performs modeling for federal learning through the modeling system, the modeling information may include the modeling credential (i.e., the modeling credential content), where the modeling credential may include configuration information, scheduling commands, datasets, etc., the modeling system sends the modeling information to a resource provider modeling system (i.e., the FATE Flow (A)) in the modeling system through the FATE Chain (B), the FATE Flow (A) sends the modeling information to the FATE Chain (A), the modeling information is checked by FATE Chain (A) based on the block Chain.
Specifically, the FATE Chain (A) sends a message for checking the identity to a data provider block Chain node, the identity of the resource initiator is checked through identity information, such as an identity ID, of the resource initiator corresponding to a target resource authorization credential identifier recorded on the data provider block Chain node, and if the identity ID in the modeling credential is consistent with the identity ID of the resource initiator in the target resource authorization credential identifier, it is indicated that the resource right is granted to the resource initiator, that is, the identity passes, and the message that the identity passes is returned to the FATE Chain (A); the FATE Chain (A) continuously checks the certificate hash (namely the certificate identification), namely, the certificate hash recorded on the node of the block Chain is compared with the certificate hash corresponding to the modeling certificate, for example, the field types in the certificate hash are compared, namely, whether the information such as a resource identification field, an authorization site field, an effective date field and the like is contained is checked, and if the information is consistent, the certificate hash check is passed; and after the identity and the certificate hash pass, the FATE Chain (A) sends the verified message to the FATE Flow (A), the FATE Flow (A) matches and checks the modeling configuration according to the content of the modeling certificate, namely, compares the content of the certificate stored in the FATE Chain system with the content of the modeling certificate, and if the identity and the certificate hash pass, the matching and checking are determined to be successful, namely, the resource authority is checked to be successful. The message that the matching check is successful can be sent to the FATE Flow (B) through the FATE Chain (B), the check of the resource authority is completed, and then the authority required by the resource initiator can be executed, for example, modeling is completed in a matching manner.
Therefore, in the invention, when the resource initiator applies for using the resource or applies for resource exchange, the resource provider generates the resource authorization voucher content, generates the voucher identification based on the voucher content, and records the resource authorization voucher identification in the blockchain, thereby ensuring that the authorization voucher identification cannot be tampered and authenticated; in the process of resource exchange, the resource exchange behavior is recorded in a block chain, so that the behavior record is guaranteed to be not falsifiable, traceable and auditable; and the resource exchange is transmitted through a block chain network security channel, and a multiple encryption mode is provided to ensure that the resource is not stolen. Therefore, the resource authorization voucher identification is recorded in the blockchain based on the storage permanence, the non-tampering property and the traceability of the blockchain, when a resource initiator applies for using or exchanging resources provided by a resource provider, the identity of the resource authorization voucher identification can be verified according to the target resource authorization voucher identification and voucher content corresponding to the target resource authorization voucher identification, the resource initiator is allowed to use the resources provided by the resource provider after verification is successful, and each participant (such as the resource initiator, the resource provider and the like) participating in federal learning is supported to perform trusted exchange of the resources, so that the cooperative coordination cost can be reduced, and the processing efficiency is improved.
Fig. 6 is a schematic structural diagram of a resource exchange processing apparatus according to an embodiment of the present invention. As shown in fig. 6, the apparatus may include:
a receiving module 601, configured to receive a request message used for indicating that a resource initiator applies for using a resource provided by a resource provider, and send the request message to the resource provider;
a first processing module 602, configured to generate a target resource authorization credential identifier according to the resource authorization information when receiving the resource authorization information sent by the resource provider;
a second processing module 603, configured to store the target resource authorization credential identifier in a public block chain network, notify the resource initiator that authorization is successful, and send credential content corresponding to the target resource authorization credential identifier to the resource initiator;
a third processing module 604, configured to verify the received content of the credential to be verified sent by the resource initiator according to the target resource authorization credential identifier and the credential content corresponding to the target resource authorization credential identifier, and if the verification is successful, allow the resource initiator to use the resource provided by the resource provider.
The resource exchange processing apparatus provided in this embodiment is configured with a receiving module 601, a first processing module 602, a second processing module 603, and a third processing module 604, and is configured to receive a request message for indicating that a resource initiator applies for using a resource provided by a resource provider, and send the request message to the resource provider; if receiving the resource authorization information sent by the resource provider, generating a target resource authorization voucher identifier according to the resource authorization information; then storing the target resource authorization voucher identification in a public block link network, ensuring the storage permanence, authenticable, non-tamper-proof property and traceability of the target resource authorization voucher identification based on the characteristics of a block link, notifying the resource initiator of successful authorization and sending voucher content (namely target resource authorization voucher content) corresponding to the target resource authorization voucher identification to the resource initiator; and verifying the received content of the certificate to be verified sent by the resource initiator according to the identification of the target resource authorization certificate and the content of the target resource authorization certificate, and if the verification is successful, allowing the resource initiator to use the resource provided by the resource provider. The resource authorization voucher identification is recorded in the blockchain based on the storage permanence, the non-tampering property and the traceability of the blockchain, when a resource initiator applies for using or exchanging resources provided by a resource provider, the identity of the resource authorization voucher identification can be verified, after the verification is successful, the resource initiator is allowed to use the resources provided by the resource provider, and each participant (such as the resource initiator and the resource provider) participating in federal learning is supported to perform trusted resource exchange, so that the cooperation coordination cost can be reduced, and meanwhile, the processing efficiency is improved.
The resource exchange processing apparatus provided in this embodiment may be configured to execute the technical solution provided in any of the foregoing method embodiments, and the implementation principle and the technical effect of the apparatus are similar, which are not described herein again.
In a possible implementation manner, the first processing module includes a first processing unit, a second processing unit, and a third processing unit; a first processing unit, configured to generate credential content corresponding to each third party according to the resource authorization information and store the credential content if the request message is sent by the resource initiator through at least one third party; the second processing unit is used for generating a certificate identifier corresponding to each third party and a first nested certificate identifier corresponding to the at least one third party according to the certificate content corresponding to each third party, and storing the certificate identifier corresponding to each third party into a public block chain network; and the third processing unit is used for generating a target resource authorization certificate identifier according to the first nested certificate identifier and the resource authorization information corresponding to the resource initiator.
In a possible implementation manner, the second processing unit is specifically configured to:
traversing the at least one third party according to the voucher content and the reverse order of the request message sent by the at least one third party, and executing the following steps for each traversed third party:
generating a certificate identifier corresponding to the current third party according to the certificate content corresponding to the current third party, and storing the certificate identifier corresponding to the current third party into the public block chain network;
generating a nesting certificate identifier corresponding to the current third party by using the certificate identifier corresponding to the current third party and the certificate identifier corresponding to the last third party;
and the nested certificate mark corresponding to the third party with the last reverse order is the first nested certificate mark.
In a possible implementation manner, the second processing module is further specifically configured to:
writing the target resource authorization certificate identification into a resource provider blockchain node in a public blockchain network, and synchronously storing the target resource authorization certificate identification to other nodes of the public blockchain network;
and after the public blockchain network confirms that the synchronization is successful, receiving a message which is sent by the resource provider blockchain node and used for indicating the success of authorization, and sending the message which is used for indicating the success of authorization to the resource provider.
In a possible implementation manner, the third processing module includes a fourth processing unit and a fifth processing unit; a fourth processing unit, configured to obtain the target resource authorization credential identifier from the public block chain network; and the fifth processing unit is used for verifying the certificate identification to be verified according to the stored certificate content corresponding to the target resource authorization certificate identification and the target resource authorization certificate identification.
In a possible implementation manner, the target resource authorization credential identifier includes a resource identifier field, an authorization site field, and an effective date field, and credential content corresponding to the target resource authorization credential identifier includes identity information of the resource initiator; the fifth processing unit is specifically configured to:
according to the identity information of the resource initiator in the certificate content corresponding to the target resource authorization certificate identification, verifying the identity information in the certificate content to be verified;
if the identity is consistent with the identity of the target resource authorization certificate, the identity verification is determined to be successful, the content of the certificate to be verified is subjected to Hash calculation to generate a certificate identifier to be verified, and the certificate identifier to be verified is verified according to the target resource authorization certificate identifier;
and if the verification is successful, verifying the content represented by each field in the certificate mark to be verified.
In a possible implementation manner, the fifth processing unit is specifically configured to:
matching the content represented by each field in the target resource authorization voucher identification with the content represented by each field in the voucher identification to be checked;
and if the matching is successful, determining that the resource authority corresponding to the resource initiator is successfully checked, so as to allow the resource initiator to use the resource provided by the resource provider.
The resource exchange processing apparatus provided in any of the foregoing embodiments is configured to execute the technical solution of any of the foregoing method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 7 is a schematic structural diagram of a resource exchange processing device according to an embodiment of the present invention. As shown in fig. 7, the apparatus may include: a memory 701, a processor 702, and a resource exchange handler stored on the memory 701 and operable on the processor 702, which when executed by the processor 702 implements the steps of the resource exchange handling method according to any of the foregoing embodiments.
Alternatively, the memory 701 may be separate or integrated with the processor 702.
For the implementation principle and the technical effect of the device provided by this embodiment, reference may be made to the foregoing embodiments, and details are not described here.
An embodiment of the present invention further provides a computer-readable storage medium, where a resource exchange processing program is stored on the computer-readable storage medium, and when being executed by a processor, the resource exchange processing program implements the steps of the resource exchange processing method according to any of the foregoing embodiments.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described device embodiments are merely illustrative, and for example, the division of the modules is only one logical division, and other divisions may be realized in practice, for example, a plurality of modules may be combined or integrated into another system, or some features may be omitted, or not executed.
The integrated module implemented in the form of a software functional module may be stored in a computer-readable storage medium. The software functional module is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) or a processor to execute some steps of the methods according to the embodiments of the present invention.
It should be understood that the Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the present invention may be embodied directly in a hardware processor, or in a combination of the hardware and software modules within the processor.
The memory may comprise a high-speed RAM memory, and may further comprise a non-volatile storage NVM, such as at least one disk memory, and may also be a usb disk, a removable hard disk, a read-only memory, a magnetic or optical disk, etc.
The storage medium may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.
An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an Application Specific Integrated Circuits (ASIC). Of course, the processor and the storage medium may reside as discrete components in an electronic device or host device.
The invention also provides a computer program product comprising a computer program which, when executed by a processor, performs the method provided in any of the embodiments of the invention.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
Through the above description of the embodiments, those skilled in the art will clearly understand that the method of the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but in many cases, the former is a better implementation manner. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (such as a mobile phone, a computer, a server, an air conditioner, or a network device) to execute the method according to the embodiments of the present invention.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (11)

1. A method for processing resource exchange, the method comprising:
receiving a request message for indicating that a resource initiator applies for using a resource provided by a resource provider, and sending the request message to the resource provider;
if receiving the resource authorization information sent by the resource provider, generating a target resource authorization voucher identifier according to the resource authorization information;
storing the target resource authorization voucher identification in a public block chain network, notifying the resource initiator of successful authorization and sending voucher content corresponding to the target resource authorization voucher identification to the resource initiator;
and verifying the received certificate content to be verified sent by the resource initiator according to the target resource authorization certificate identification and the certificate content corresponding to the target resource authorization certificate identification, and if the verification is successful, allowing the resource initiator to use the resource provided by the resource provider.
2. The method of claim 1, wherein generating a target resource authorization credential identifier according to the resource authorization information comprises:
if the request message is sent by the resource initiator through at least one third party, generating voucher contents corresponding to the third parties according to the resource authorization information, and storing the voucher contents;
generating a voucher identification corresponding to each third party and a first nested voucher identification corresponding to the at least one third party according to the voucher content corresponding to each third party, and storing the voucher identification corresponding to each third party into a public block chain network;
and generating a target resource authorization voucher identifier according to the first nested voucher identifier and the resource authorization information corresponding to the resource initiator.
3. The method of claim 2, wherein generating the credential identifier corresponding to each of the third parties and the first nested credential identifier corresponding to the at least one third party comprises:
traversing the at least one third party according to the voucher content and the reverse order of the request message sent by the at least one third party, and executing the following steps for each traversed third party:
generating a certificate identifier corresponding to the current third party according to the certificate content corresponding to the current third party, and storing the certificate identifier corresponding to the current third party into the public block chain network;
generating a nesting certificate identifier corresponding to the current third party by using the certificate identifier corresponding to the current third party and the certificate identifier corresponding to the last third party;
and the nested certificate mark corresponding to the third party with the last reverse order is the first nested certificate mark.
4. The method according to any of claims 1-3, wherein storing the target resource authorization credential identity in a public block chain network comprises:
writing the target resource authorization certificate identification into a resource provider blockchain node in a public blockchain network, and synchronously storing the target resource authorization certificate identification to other nodes of the public blockchain network;
and after the public blockchain network confirms that the synchronization is successful, receiving a message which is sent by the resource provider blockchain node and used for indicating the success of authorization, and sending the message which is used for indicating the success of authorization to the resource provider.
5. The method according to any one of claims 1 to 3, wherein the verifying the received certificate identifier to be verified sent by the resource initiator according to the target resource authorization certificate identifier and the certificate content corresponding to the target resource authorization certificate identifier comprises:
acquiring the target resource authorization certificate identification from the public block chain network;
and verifying the certificate identification to be verified according to the stored certificate content corresponding to the target resource authorization certificate identification and the target resource authorization certificate identification.
6. The method of claim 5, wherein the target resource authorization credential identifier comprises a resource identifier field, an authorization site field, and a valid date field, and wherein the credential content corresponding to the target resource authorization credential identifier comprises identity information of the resource initiator;
the verifying the content of the certificate to be verified according to the stored certificate content corresponding to the target resource authorization certificate identifier and the target resource authorization certificate identifier comprises:
according to the identity information of the resource initiator in the certificate content corresponding to the target resource authorization certificate identification, verifying the identity information in the certificate content to be verified;
if the identity is consistent with the identity of the target resource authorization certificate, the identity verification is determined to be successful, the content of the certificate to be verified is subjected to Hash calculation to generate a certificate identifier to be verified, and the certificate identifier to be verified is verified according to the target resource authorization certificate identifier;
and if the verification is successful, verifying the content represented by each field in the certificate mark to be verified.
7. The method according to claim 6, wherein the checking the content of each field representation in the certificate identification to be checked comprises:
matching the content represented by each field in the target resource authorization voucher identification with the content represented by each field in the voucher identification to be checked;
and if the matching is successful, determining that the resource authority corresponding to the resource initiator is successfully checked, so as to allow the resource initiator to use the resource provided by the resource provider.
8. A resource exchange processing apparatus, characterized in that the apparatus comprises:
the system comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving a request message for indicating that a resource initiator applies for using a resource provided by a resource provider and sending the request message to the resource provider;
the first processing module is used for generating a target resource authorization voucher identifier according to the resource authorization information when receiving the resource authorization information sent by the resource provider;
the second processing module is used for storing the target resource authorization voucher identification in a public block chain network, notifying the resource initiator of successful authorization and sending voucher content corresponding to the target resource authorization voucher identification to the resource initiator;
and the third processing module is used for verifying the received content of the certificate to be verified sent by the resource initiator according to the target resource authorization certificate identifier and the certificate content corresponding to the target resource authorization certificate identifier, and if the verification is successful, allowing the resource initiator to use the resource provided by the resource provider.
9. A resource exchange processing device, characterized in that the resource exchange processing device comprises: memory, a processor and a resource exchange handler stored on the memory and executable on the processor, which when executed by the processor implements the steps of the resource exchange processing method of any of claims 1 to 7.
10. A computer-readable storage medium, having stored thereon a resource exchange handler that, when executed by a processor, implements the steps of the resource exchange processing method of any one of claims 1 to 7.
11. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, realizes the steps of the resource exchange processing method of any one of claims 1 to 7.
CN202110290804.XA 2021-03-18 2021-03-18 Resource exchange processing method, device, equipment and storage medium Pending CN112989380A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110290804.XA CN112989380A (en) 2021-03-18 2021-03-18 Resource exchange processing method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110290804.XA CN112989380A (en) 2021-03-18 2021-03-18 Resource exchange processing method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN112989380A true CN112989380A (en) 2021-06-18

Family

ID=76333136

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110290804.XA Pending CN112989380A (en) 2021-03-18 2021-03-18 Resource exchange processing method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112989380A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113779613A (en) * 2021-11-05 2021-12-10 深圳致星科技有限公司 Data management method and device for secure data network for federal learning
CN114979278A (en) * 2022-05-24 2022-08-30 深圳点宽网络科技有限公司 Calculation power scheduling method, device and system based on block chain and electronic equipment
CN115664678A (en) * 2022-10-27 2023-01-31 成都质数斯达克科技有限公司 Block chain based trusted data verification method, device, equipment and storage medium
CN115694842A (en) * 2022-11-09 2023-02-03 中煤科工集团信息技术有限公司 Mutual trust and data exchange method and device for industrial internet equipment and storage medium

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102576399A (en) * 2009-10-20 2012-07-11 微软公司 Resource access based on multiple credentials
US20140289839A1 (en) * 2011-12-14 2014-09-25 Huawei Technologies Co., Ltd. Resource control method and apparatus
US9424419B1 (en) * 2014-10-27 2016-08-23 Amazon Technologies, Inc. Automatic rotation and storage of security credentials
WO2017045152A1 (en) * 2015-09-16 2017-03-23 深圳市银信网银科技有限公司 Data exchange processing method, apparatus, and system
CN109033774A (en) * 2018-08-31 2018-12-18 阿里巴巴集团控股有限公司 Acquisition, the method, apparatus of feedback user resource and electronic equipment
US20190020661A1 (en) * 2015-12-23 2019-01-17 Sony Corporation Client apparatus, server apparatus and access control system for authorized access
CN109450910A (en) * 2018-11-26 2019-03-08 远光软件股份有限公司 Data sharing method, data sharing network and electronic equipment based on block chain
CN110692214A (en) * 2017-06-02 2020-01-14 维萨国际服务协会 Method and system for ownership verification using blockchains
CN111212125A (en) * 2019-12-27 2020-05-29 成都商通数治科技有限公司 Data exchange method and system based on block chain
CN111598436A (en) * 2020-05-14 2020-08-28 云账户技术(天津)有限公司 Voucher management system, method and medium
US20200351657A1 (en) * 2019-05-02 2020-11-05 Ares Technologies, Inc. Systems and methods for cryptographic authorization of wireless communications
CN112463843A (en) * 2020-11-27 2021-03-09 国家电网有限公司大数据中心 Power grid data sharing method and system based on block chain and data resource catalog
CN112508578A (en) * 2021-02-04 2021-03-16 支付宝(杭州)信息技术有限公司 Resource transfer request verification and sending method and device based on block chain

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102576399A (en) * 2009-10-20 2012-07-11 微软公司 Resource access based on multiple credentials
US20140289839A1 (en) * 2011-12-14 2014-09-25 Huawei Technologies Co., Ltd. Resource control method and apparatus
US9424419B1 (en) * 2014-10-27 2016-08-23 Amazon Technologies, Inc. Automatic rotation and storage of security credentials
WO2017045152A1 (en) * 2015-09-16 2017-03-23 深圳市银信网银科技有限公司 Data exchange processing method, apparatus, and system
US20190020661A1 (en) * 2015-12-23 2019-01-17 Sony Corporation Client apparatus, server apparatus and access control system for authorized access
CN110692214A (en) * 2017-06-02 2020-01-14 维萨国际服务协会 Method and system for ownership verification using blockchains
CN109033774A (en) * 2018-08-31 2018-12-18 阿里巴巴集团控股有限公司 Acquisition, the method, apparatus of feedback user resource and electronic equipment
CN109450910A (en) * 2018-11-26 2019-03-08 远光软件股份有限公司 Data sharing method, data sharing network and electronic equipment based on block chain
US20200351657A1 (en) * 2019-05-02 2020-11-05 Ares Technologies, Inc. Systems and methods for cryptographic authorization of wireless communications
CN111212125A (en) * 2019-12-27 2020-05-29 成都商通数治科技有限公司 Data exchange method and system based on block chain
CN111598436A (en) * 2020-05-14 2020-08-28 云账户技术(天津)有限公司 Voucher management system, method and medium
CN112463843A (en) * 2020-11-27 2021-03-09 国家电网有限公司大数据中心 Power grid data sharing method and system based on block chain and data resource catalog
CN112508578A (en) * 2021-02-04 2021-03-16 支付宝(杭州)信息技术有限公司 Resource transfer request verification and sending method and device based on block chain

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
JIANXI LIN: "Spectrum Resource Trading and Radio Management Data Sharing Based on Blockchain", 《 2020 IEEE 3RD INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS AND COMPUTER AIDED EDUCATION (ICISCAE)》, 30 November 2020 (2020-11-30), pages 83 - 87 *
文必龙 等,: "基于区块链的企业数据共享模式研究", 《计算机技术与发展》, vol. 31, no. 1, 31 January 2021 (2021-01-31), pages 175 - 181 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113779613A (en) * 2021-11-05 2021-12-10 深圳致星科技有限公司 Data management method and device for secure data network for federal learning
CN114979278A (en) * 2022-05-24 2022-08-30 深圳点宽网络科技有限公司 Calculation power scheduling method, device and system based on block chain and electronic equipment
CN115664678A (en) * 2022-10-27 2023-01-31 成都质数斯达克科技有限公司 Block chain based trusted data verification method, device, equipment and storage medium
CN115694842A (en) * 2022-11-09 2023-02-03 中煤科工集团信息技术有限公司 Mutual trust and data exchange method and device for industrial internet equipment and storage medium
CN115694842B (en) * 2022-11-09 2024-02-20 中煤科工集团信息技术有限公司 Industrial Internet equipment mutual trust and data exchange method, device and storage medium

Similar Documents

Publication Publication Date Title
CN108898389B (en) Content verification method and device based on block chain and electronic equipment
US10637665B1 (en) Blockchain-based digital identity management (DIM) system
CN108111314B (en) Method and equipment for generating and verifying digital certificate
WO2020088108A1 (en) Blockchain-based data attestation method and apparatus, and electronic device
US20210279736A1 (en) Blockchain secure transaction method and device based on biomarker authentication
CN112989380A (en) Resource exchange processing method, device, equipment and storage medium
US10929545B2 (en) System for providing access to data stored in a distributed trust computing network
JP2020517034A (en) System and method for concluding and delivering electronic documents
US20230034169A1 (en) Non-fungible token authentication
CN109241726B (en) User authority control method and device
WO2019153461A1 (en) Identity information changing method and apparatus, terminal device, and storage medium
CN112800404B (en) Cross-link access control method and device
CN111881483B (en) Resource account binding method, device, equipment and medium based on blockchain
CN111159308B (en) Transaction record sharing method and device based on block chain network and electronic equipment
CN110674531B (en) Residential information management method, device, server and medium based on block chain
WO2021190197A1 (en) Method and apparatus for authenticating biometric payment device, computer device and storage medium
CN111274549A (en) Block chain-based method, device and medium for storing copyright of planar design works
CN112862589A (en) Identity verification method, device and system in financial scene
CN114003959A (en) Decentralized identity information processing method, device and system
CN109388923B (en) Program execution method and device
US20240127237A1 (en) Managing customer information and transaction records on a distributed ledger
CN113779637B (en) Attribute data processing method, attribute data processing device, attribute data processing equipment and attribute data processing medium
EP3937037A1 (en) A system and method for digital identity authentication based on biometric data
CN112036884B (en) Signature method and related equipment
CN115130147A (en) Copyright declaration method and copyright declaration device based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination