CN113126996A - Code auditing method, device and system - Google Patents
Code auditing method, device and system Download PDFInfo
- Publication number
- CN113126996A CN113126996A CN201911414568.7A CN201911414568A CN113126996A CN 113126996 A CN113126996 A CN 113126996A CN 201911414568 A CN201911414568 A CN 201911414568A CN 113126996 A CN113126996 A CN 113126996A
- Authority
- CN
- China
- Prior art keywords
- data
- auditing
- code
- source code
- result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
- G06F8/43—Checking; Contextual analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a code auditing method, a device and a system, which are applied to the data transaction process and used for auditing the source code of the computational logic of a target data set of a data user, wherein the code auditing method comprises the steps of receiving the source code of the data user; sending source codes or auditing results of the source codes to a data provider, wherein the auditing results of the source codes are obtained by auditing the source codes according to code auditing rules; receiving a verification result from a data provider, wherein the verification result is obtained by verifying the verification result of the source code; and computing logic for determining whether to execute the source code based on the verification result. The code auditing method can ensure effective control and reasonable authorization of data use rights.
Description
Technical Field
The present application relates to the field of data applications, and in particular, to a method, an apparatus, and a system for code auditing.
Background
In the existing data transaction process, transaction data are directly provided to a data demanding party. For safety, some sensitive data are encrypted for transmission in order to prevent information from leaking in the transmission process, but finally, a demand party obtains data in a clear text. This means that, regardless of the agreement between the supplier and the demander of the data, the end demander can get the data in complete plain text, i.e. get ownership of the data.
Since the existing data transaction method can substantially cause the diffusion of ownership of data, clear data is leaked to a demand side, the right of a data supplier is damaged, and the transaction intention of the data supplier is adversely affected. Thus, a usage right transaction of a data set, rather than an ownership of the data set, may be completed between a data supplier and a demander. The demand party can use the data set to perform multi-party safe calculation based on the transaction platform and obtain the calculation result, but the data set is in an encrypted state in the calculation process, and other subjects except the data supplier do not obtain the target data set of the plaintext.
Since the use right transaction of the data set is completed between the data supplier and the demander, the use right of the data set is further required to be regulated.
Disclosure of Invention
The application provides a code auditing method, device and system, which can realize effective control and reasonable authorization of data use rights.
In order to solve the above technical problem, the present application provides a code auditing method, which is applied to auditing a source code of a computational logic of a target data set of a data consumer in a data transaction process, and the method includes: receiving the source code of the data consumer; sending the source code or the auditing result of the source code to a data provider, wherein the auditing result of the source code is obtained by auditing the source code according to a code auditing rule; receiving a verification result from the data provider, wherein the verification result is obtained by verifying the verification result of the source code; computing logic to determine whether to execute the source code based on the validation result.
Optionally, before receiving the verification result from the data provider, the method further includes: receiving a computation request of the data consumer containing the source code; sending an authorization request to the data provider in response to the computing request; the step of determining whether to execute the computational logic of the source code based on the validation result comprises: executing the computational logic of the source code when the verification result includes an authorization token.
Optionally, the step after receiving the verification result from the data provider includes: and sending the verification result to the data user.
Optionally, before receiving the verification result from the data provider, the method further includes: receiving an authorization request of the data user; sending the authorization request to the data provider in response to the authorization request; the receiving the verification result from the data provider further comprises: and sending the verification result to the data user.
Optionally, the verification result includes an authorization token, and the step of determining whether to execute the computing logic of the source code based on the verification result includes: receiving the authorization token of the data consumer and a computation request including the source code; and executing the computing logic of the source code under the condition that the authorization token is verified to be legal.
Optionally, the calculation request includes first description information of the source code, the authorization request includes the first description information, and the authorization token is obtained by verifying consistency of non-repudiation information of the audit result and verifying consistency of the first description information and second description information of the audit result; wherein the first description information includes: target data set information and computational logic; the second description information includes: and auditing target data set information obtained by the source code and calculating logic description information.
Optionally, before the step of sending the audit result of the source code to the data provider, the method includes: sending the source code to a code auditor; and receiving an auditing result from the code auditor.
Optionally, before the step of sending the audit result of the source code to the data provider, the method includes: and auditing the source code and obtaining an auditing result.
Optionally, before the step of receiving the source code of the data consumer, the method includes: receiving a data release request of the data provider; and sending a code policy request to the data provider, wherein the code policy request is used for indicating the data provider to return a code auditing policy and a code auditing rule.
Optionally, the step after receiving the source code of the data consumer includes: sending the source code to a code manager; the computing logic to determine whether to execute the source code based on the validation result further comprises: and acquiring the source code from the code manager.
Optionally, the method further comprises: and performing log storage on at least part of the operation of the code auditing method.
In order to solve the above technical problem, the present application provides a code auditing method, which is applied to auditing a source code of a computational logic of a target data set of a data consumer in a data transaction process, and the method includes: receiving a source code sent by a data transaction platform or an auditing result of the source code, wherein the auditing result of the source code is obtained by auditing the source code according to a code auditing rule; obtaining an auditing result of the source code by using the source code, and verifying the auditing result of the source code to obtain a verification result, or directly verifying the auditing result of the source code to obtain a verification result; and sending the verification result to the data transaction platform to be used as a basis for judging whether the data transaction platform executes the calculation logic of the source code.
Optionally, before sending the verification result to the data transaction platform, the method further includes: receiving an authorization request sent by the data transaction platform, wherein the authorization request comprises first description information of the source code, and the first description information is from a data user; the verifying the audit result of the source code to obtain a verification result comprises: verifying whether the first description information is consistent with second description information in the auditing result, and if so, generating an authorization token as the verifying result; wherein the first description information includes: target data set information and computational logic; the second description information includes: and auditing target data set information obtained by the source code and calculating logic description information.
Optionally, the obtaining an audit result of the source code by using the source code includes: sending the source code to a code auditor; and receiving the auditing result from the code auditor.
Optionally, the obtaining an audit result of the source code by using the source code includes: and auditing the source code to obtain the auditing result.
Optionally, the method further comprises: and performing log storage on at least part of the operation of the code auditing method.
In order to solve the above technical problem, the present application provides a code auditing method, which is applied to auditing a source code of a computational logic of a target data set of a data consumer in a data transaction process, and the method includes: the data usage direction sends the source code to a data transaction platform; auditing the source code according to a code auditing rule to obtain an auditing result of the source code; the data provider verifies the verification result of the source code to obtain a verification result; the data provider sends the verification result to the data transaction platform; the data trafficking platform determines whether to execute the computational logic of the source code based on the verification result.
Optionally, before the data provider verifies the audit result of the source code to obtain a verification result, the data provider further includes: the data consumer sends a calculation request containing the source code to the data transaction platform; responding to the calculation request, the data transaction platform sends an authorization request to the data provider; the step of the data transaction platform determining whether to execute the computational logic of the source code based on the verification result comprises: when the verification result includes an authorization token, the data transaction platform executes the computational logic of the source code.
Optionally, the step after the data provider sends the verification result to the data transaction platform includes: and the data transaction platform sends the verification result to the data user.
Optionally, before the data provider verifies the audit result of the source code to obtain a verification result, the data provider further includes: the data using party sends an authorization request to the data transaction platform; responding to the authorization request, and sending the authorization request to the data provider by the data transaction platform; after the data provider sends the verification result to the data transaction platform, the method further comprises: and the data transaction platform sends the verification result to the data provider.
Optionally, the verification result includes an authorization token, and the computing logic for determining whether to execute the source code based on the verification result further includes: the data consumer sends the authorization token and a calculation request containing the source code to the data transaction platform; and when the data transaction platform verifies that the authorization token is legal, executing the computational logic of the source code.
Optionally, the calculation request includes first description information of the source code, the authorization request includes the first description information, and the authorization token is obtained by verifying consistency of non-repudiation information of the audit result and verifying consistency of the first description information and second description information of the audit result, where the first description information includes: target data set information and computational logic; the second description information includes: and auditing target data set information obtained by the source code and calculating logic description information.
Optionally, the step of obtaining the audit result of the source code by auditing the source code according to the code audit rule further includes: and the data transaction platform audits the source code to obtain an audit result of the source code.
Optionally, the step of obtaining the audit result of the source code by auditing the source code according to the code audit rule further includes: the data transaction platform sends the source code to a code auditor; the code auditor audits the source code to obtain an audit result of the source code; and the code auditing party sends the auditing result of the source code to the data transaction platform.
Optionally, the step of obtaining the audit result of the source code by auditing the source code according to the code audit rule further includes: and the data provider audits the source code to obtain an audit result of the source code.
Optionally, the step of obtaining the audit result of the source code by auditing the source code according to the code audit rule further includes: the data provider sends the source code to a code auditor; the code auditor audits the source code to obtain an audit result of the source code; and the code auditor sends the audit result of the source code to the data provider.
Optionally, after the step of sending the source code to the data transaction platform by the data consumer, the method includes: the data transaction platform sends the source code to a code manager; the data provider verifies the source code or the verification result of the source code, and further includes, before obtaining the verification result: the data transaction platform obtains the source code from the code manager.
Optionally, the method further comprises: and performing log storage on at least part of the operation of the code auditing method.
In order to solve the technical problem, the application provides a code auditing system, which comprises a data user, a code auditing party, a data provider and a data transaction platform; the data consumer is used for storing and managing the authorization token of the data provider; the code auditor is used for auditing the source code, returning the description information and storing and managing code auditing rules; the data provider is used for verifying an authorization request, verifying the consistency of the description information, issuing the authorization token for the data user and verifying the authorization token; the data transaction platform is used for auditing the source code and verifying the authorization token.
Optionally, the code auditor is independent of the data transaction platform and the data provider, and includes a code auditing module, an auditing rule management module and a log security auditing module; the data provider comprises an authentication authorization module and a log security audit module; the data transaction platform comprises a code auditing strategy module, an authentication authorization module and a log security auditing module; the code auditing module is used for auditing the source code and returning the description information, and the auditing rule management module is used for storing and managing the code auditing rule.
Optionally, the data provider includes an authentication authorization module and a log security audit module; the code auditor is used as a code auditing module and integrated in the data transaction platform, and the data transaction platform further comprises an auditing rule management module, a code auditing strategy module, an authentication authorization module and a log security auditing module; the code auditing module is used for auditing the source code and returning the description information, and the auditing rule management module is used for storing and managing the code auditing rule.
Optionally, the data transaction platform includes a code auditing policy module, an authentication authorization module and a log security auditing module; the code auditor is integrated in the data provider as a code auditing module, and the data provider further comprises an auditing rule management module, an authentication authorization module and a log security auditing module; the code auditing module is used for auditing the source code and returning the description information, and the auditing rule management module is used for storing and managing the code auditing rule.
Optionally, the data consumer includes an authorization information storage module and a log security audit module, the authorization information storage module is configured to store and manage an authorization token of the data provider, and the log security audit module is configured to record and store a certificate so as to support supervision and audit.
Optionally, the system further comprises a code manager for storing and managing the source code of the data consumer; the code management party comprises a source code storage module and a log security audit module, and the source code storage module is used for storing and managing the source code of the data using party.
In order to solve the above technical problem, the present application provides a code auditing apparatus, where the code auditing apparatus includes a memory and a processor, the memory is connected to the processor, and a computer program is stored in the memory, and when executed by the processor, the computer program implements the method described above.
To solve the above technical problem, the present application provides a computer-readable storage medium, in which a computer program is stored, and the computer program implements the above method when executed.
The application discloses a code auditing method, a device and a system, wherein the code auditing method comprises the steps of receiving a source code of a data user; sending source codes or auditing results of the source codes to a data provider, wherein the auditing results of the source codes are obtained by auditing the source codes according to code auditing rules; receiving a verification result from a data provider, wherein the verification result is obtained by verifying the verification result of the source code; and computing logic for determining whether to execute the source code based on the verification result. The code auditing method can ensure effective control and reasonable authorization of data use rights.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a schematic flow chart diagram of a first embodiment of a code auditing method of the present application;
FIG. 2 is a diagram of a second embodiment of the code auditing method of the present application;
FIG. 3 is a flow chart illustrating the strategy configuration step of FIG. 2 according to the present application;
FIG. 4 is a first flowchart of a second embodiment of a code auditing method of the present application;
FIG. 5 is a second flow diagram of a second embodiment of the code auditing method of the present application;
FIG. 6 is a schematic diagram of a third embodiment of the code auditing method of the present application;
FIG. 7 is a first flowchart of a third embodiment of a code auditing method of the present application;
FIG. 8 is a second flow diagram of a third embodiment of a code auditing method of the present application;
FIG. 9 is a third flowchart of a third embodiment of a code auditing method of the present application;
FIG. 10 is a schematic flow chart diagram illustrating a fourth embodiment of the code auditing method of the present application;
FIG. 11 is a schematic flow chart diagram illustrating a fifth embodiment of the code auditing method of the present application;
FIG. 12 is a schematic flow chart diagram illustrating a sixth embodiment of a code auditing method according to the present application;
FIG. 13 is a schematic flow chart diagram of a seventh embodiment of the code auditing method of the present application;
FIG. 14 is a schematic flow chart diagram illustrating an eighth embodiment of the code auditing method of the present application;
FIG. 15 is a block diagram illustrating an embodiment of a code review system of the present application;
FIG. 16 is a schematic structural diagram of another embodiment of the code auditing system of the present application;
FIG. 17 is a schematic structural diagram of another embodiment of the code auditing system of the present application;
FIG. 18 is a schematic structural diagram of an embodiment of a code auditing apparatus according to the present application;
FIG. 19 is a schematic structural diagram of an embodiment of a computer-readable storage medium of the present application.
Detailed Description
In order to make those skilled in the art better understand the technical solution of the present application, the method and system for code auditing provided by the present invention are described in further detail below with reference to the accompanying drawings and detailed description.
Each participating entity of the code auditing method in the present application, for example, a data transaction platform, a data user, a data provider, a code auditor, a code manager, a computing node, etc., may be an independent device (for example, a mobile phone, a computer, a server, etc.), an independent program running on the device, a process or a thread of a certain program running on the device, etc., and is not limited herein. Different participating agents may operate on the same device or may operate independently. The code auditor and the code manager may be the same participating principal.
The code auditing method can be applied to the data transaction process: the data transaction platform is responsible for interacting with a data user and a data provider, and providing opportunities and ways for data transaction for both parties. The data provider, i.e. the seller in the data transaction, may also be referred to as the data provider. The data consumer, i.e. the buyer in the data transaction, may also be referred to as the data demander.
The data provider may upload information of the data set for sale to the data trading platform. The data transaction platform provides a data set information acquisition interface for the data provider, and the data provider can upload data set information by using the interface.
The data user can browse and select the data set to purchase the use right on the data transaction platform. And after the target data set is selected, the data user sends a transaction request to the transaction platform, and the data user performs right-of-use transaction with the data provider under the assistance of the transaction platform. The data consumer may use the target data set to perform calculations after the transaction is completed.
How the data user performs computation on the target data set, or how the target data set is used, is now in the source code submitted by the data user, i.e., the computation logic of the target data set by the data user is embodied in the source code. In order to ensure the reasonability and effectiveness of the data transaction, the data provider can audit the source code provided by the data user so as to ensure that the use of the data set does not exceed the range of transaction limit. The code auditing method can be applied to the execution when the data user submits the calculation task after the data provider and the data user complete the transaction; and/or before the data transaction is carried out between the data provider and the data transaction party, the data provider verifies the code and then determines whether to approve the data transaction.
Referring to fig. 1, fig. 1 is a schematic flowchart illustrating a first embodiment of a code auditing method according to the present application. The embodiment is applied to the data transaction process, and the source code of the computational logic of the target data set of the data user is audited. It should be noted that, if the result is substantially the same, the flow sequence shown in fig. 1 is not limited in this embodiment.
The embodiment comprises the following steps:
s11: the data usage direction sends a source code to the data transaction platform.
The data consumer sends a task request containing source code to the data transaction platform, and the task request can comprise an authorization request and a calculation request. The task request may include first descriptive information, where the first descriptive information may be target data set information, computational logic, or an acquisition of computational logic. Computational logic refers to how the target data set is used for computation, e.g., querying, statistics, training models, etc.
The first description information comes from a data consumer, and the data consumer is a provider of the source code.
S12: and auditing the source code according to the code auditing rule to obtain an auditing result of the source code.
The data transaction platform receives the source code and responds to a task request of the source code, and the data transaction platform can send the source code to a code manager for storage and backup; the data trafficking platform may send a source code and a task request to the data provider.
The source code is audited according to the code auditing rule to obtain the auditing result of the source code, and in the application, the data transaction platform, the data provider or the code auditor can audit the source code. The code auditing rule can be determined by a data provider and comprises data use purposes, related data, data usage, commitment information and the like, wherein the commitment information refers to the related information that the data cannot be retained in an unauthorized environment during use.
In this embodiment, the data provider obtains the source code, and obtains an audit result of the source code by using the source code. Specifically, the data provider may complete the audit work on the source code to obtain the audit result of the source code, or the data provider may send the source code to the code auditor, and the code auditor returns the audit result of the source code to the data provider after completing the audit work on the source code.
In other embodiments, the data transaction platform may complete the audit work on the source code to obtain the audit result of the source code, and directly send the audit result of the source code to the data provider, or the data transaction platform sends the source code to the code auditor, and after the code auditor completes the audit work on the source code, returns the audit result of the source code to the data transaction platform, and the data transaction platform sends the audit result of the source code to the data provider.
The audit result of the source code can comprise second description information and non-repudiation information of the audit result of the source code; the second description information may include target data set information and computational logic description information obtained by reviewing the source code, and the like; the non-repudiation information may include a hash value, a data signature, or commitment information.
S13: and the data provider verifies the verification result of the source code to obtain a verification result.
And the data provider obtains the auditing result of the source code. Further, the data provider verifies the verification result of the source code to obtain a verification result.
It should be noted that the work of auditing the source code at least includes verifying whether the execution logic of the code is consistent with the data usage purpose of the audit rule, whether the data read by the audit code is consistent with the data of the audit rule, whether the data usage amount of the audit code is within the range of the audit rule, whether the audit data is safely used, whether the code is safely audited, and the like.
The verifying the audit result of the source code may include verifying consistency of non-repudiation information of the audit result of the source code, and verifying consistency of first description information of the authorization request and second description information of the audit result. And when the data provider verifies the consistency of the non-repudiation information of the auditing result of the source code and verifies the consistency of the first description information of the authorizing request and the second description information of the auditing result, generating an authorizing token, namely the verifying result comprises the authorizing token. The authorization token comprises information such as a calculation task range, a use purpose, an owner, a valid period, a signature and the like.
S14: and the data provider sends the verification result to the data transaction platform.
And the data provider sends a verification result to the data transaction platform, and when the verification result comprises the authorization token, the data provider sends the authorization token to the data transaction platform.
S15: the data trafficking platform determines whether to execute the computational logic of the source code based on the verification result.
The data trafficking platform determines whether to execute the computational logic of the source code based on the verification result. Specifically, when the data transaction platform receives the authorization token and verifies that the authorization token is legitimate, the computational logic of the source code is executed. At this time, the data transaction platform issues related data to an MPC (Multi-Party computing) computing network, where the related data may include a source code and an authorization token; the data provider sends the calculation data to the MPC calculation network, and the calculation data can comprise information of a target data set, calculation logic or an acquisition mode of the calculation logic; the MPC computation network completes computation according to the source code, the authorization token and the computation data and returns the computation result to the data user.
The embodiment discloses a code auditing method which can be applied to a data transaction process, wherein a data using direction sends a source code to a data transaction platform, the data transaction platform sends the source code to a data provider, the source code is audited according to a code auditing rule to obtain an auditing result of the source code, and the data provider verifies the auditing result of the source code to obtain a verification result. The data trafficking platform determines whether to enforce computational logic of the source code based on the verification result. In this embodiment, two confirmations need to be performed on the source code sent by the data user: the source code is checked and the checking result of the source code is verified, and the calculation is executed when the verification is passed, so that the data using party can complete the calculation by obtaining the use right of the data, the privacy of the data is protected by the data provider, the data safety of the data provider in the data transaction process is effectively improved, and the popularization and implementation of the data transaction are promoted; and effective control and reasonable authorization of the data use right are also ensured.
Specifically, the code auditing method in this embodiment may be divided into two types: referring to fig. 2, fig. 2 is a schematic diagram of a second embodiment of a code auditing method according to the present application. The code auditing method of the embodiment comprises a code auditing synchronization mode, wherein the code auditing synchronization mode comprises a data access stage, a calculation execution stage and a calculation completion stage, and the code auditing related work is not completed in an authentication and authorization stage. The policy configuration work is completed in the data access stage, the code auditing and authorization token checking work is completed in the task calculation stage, and the log evidence storage work is completed in the calculation completion stage, which is specifically shown in fig. 3, where fig. 3 is a schematic flow diagram of the policy configuration step in fig. 2 of the present application.
And a data access stage: when a data provider 13 makes a data release request, the data provider and the data transaction platform 11 complete the determination work of a code auditing strategy, and the data provider and the code auditor 14 complete the allocation work of a code auditing rule, and the method specifically comprises the following steps:
s01: the data provider 13 transmits a data distribution request to the data trading platform 11.
S02: the data trafficking platform 11 sends a code audit policy request to the data provider 13.
S03: the data provider 13 determines a code auditing strategy and sends the code auditing strategy to the data transaction platform 11; the data provider 13 provides the code auditor 14 with the code auditor rules.
In this embodiment, the code audit policy request at least includes information such as a code audit subject, a code audit frequency, a policy validity period, and the like. The code auditing subject refers to that the code entrusts the data transaction platform 11/the code auditing party 14 to complete auditing work, or the data provider 13 completes the code auditing work by itself; the code auditing frequency refers to one-time auditing frequency or one-time auditing frequency of the code; the policy validity period refers to a code audit policy validity period for the data, e.g., one week valid, one month valid, or one year valid.
Referring to fig. 4-5, fig. 4 is a first flowchart of a second embodiment of the code auditing method of the present application, and fig. 5 is a second flowchart of the second embodiment of the code auditing method of the present application. It should be noted that, if the result is substantially the same, the flow sequence shown in fig. 4 is not limited in this embodiment. The same parts of this embodiment as those of the above embodiment will not be described herein again. The embodiment comprises the following steps:
s21: the data consumer sends a computation request containing the source code to the data trading platform.
The data consumer 12 sends a computation request containing the source code, i.e. a computation request of the target data set, to the data trafficking platform 11.
S211: the data transaction platform provides the source code for the code manager, and the data transaction platform sends the calculation description to the data provider.
In the present embodiment, as shown in fig. 5, the data transaction platform 11 sends a calculation description to the data provider 13 in response to the calculation request, where the calculation description includes a source code and an authorization request, and the authorization request includes first description information.
S22: and auditing the source code according to the code auditing rule to obtain an auditing result of the source code.
The auditing of the source code can be completed by the code auditor 14, that is, the data provider 13 receives the source code and sends the source code to the code auditor 14, and the code auditor 14 completes the auditing work of the source code according to the code auditing rule and returns the auditing result of the source code to the data provider.
S23: and the data provider verifies the verification result of the source code to obtain a verification result.
S24: and the data provider sends the verification result to the data transaction platform.
The data provider 13 sends the verification result to the data transaction platform 11, and the data transaction platform 11 returns the verification result to the data consumer 12.
S25: when the verification result includes the authorization token, the data transaction platform executes the computational logic of the source code.
When the verification result includes the authorization token, the data transaction platform 11 and the data provider 13 may provide the data required in the computation logic to participate in completing the computation task when verifying that the authorization token is legitimate.
S26: and the data transaction platform returns a verification result to the data user.
In the code auditing and synchronizing scheme of the embodiment, code auditing, authorization, verification and other work are synchronously completed in a task computing stage. Specifically, the data consumer 13 is responsible for submitting the computation request and the source code of the data and receiving the results of the computation task. The code manager 15 is responsible for storing and managing the source code provided by the data consumer, and provides the source code to participate in completing the calculation task in the calculation process. The data provider 13 is responsible for verifying the consistency of the authorization request and the code description information provided by the code auditor, generating the authorization token, verifying the validity of the authorization token, and providing data required in the calculation task to participate in completing the calculation task. The data transaction platform 11 is responsible for verifying the validity of the authorization token and simultaneously is responsible for the circulation work of all data and requests.
It should be noted that, after the data using party 12 receives the authorization token, the subsequent calculation request data is changed into the calculation request and the authorization token, and after the validity and compliance of the authorization token are verified by the data transaction platform 11, the calculation data and the source code may be directly submitted to a calculation network such as an MPC to complete the calculation process.
Referring to fig. 6-9, fig. 6 is a schematic diagram of a third embodiment of a code auditing method of the present application, fig. 7 is a schematic diagram of a first process of the third embodiment of the code auditing method of the present application, fig. 8 is a schematic diagram of a second process of the third embodiment of the code auditing method of the present application, and fig. 9 is a schematic diagram of a third process of the third embodiment of the code auditing method of the present application.
The code auditing method of the embodiment is a code auditing asynchronous mode, and the code auditing asynchronous mode includes a data access stage, an authentication and authorization stage, a task calculation stage and a calculation completion stage, where the data access stage completes policy configuration work, the authentication and authorization stage completes code auditing work, the calculation execution stage completes authorization token verification work, and the calculation completion stage completes log storage work, as shown in fig. 6. It should be noted that, if the result is substantially the same, the flow sequence shown in fig. 7 is not limited in this embodiment. The embodiment comprises the following steps:
s31: the data consumer sends a source code and an authorization request to the data transaction platform.
As shown in fig. 7 and 8, steps S31 to S35 are code auditing steps, and the code auditing process is integrated in the authentication and authorization phase. Data consumer 12 sends a source code and authorization request to data trafficking platform 11. The authorization request includes first descriptive information.
S32: and auditing the source code according to the code auditing rule to obtain an auditing result of the source code.
In this embodiment, as shown in fig. 8, the data transaction platform 11 responds to the authorization request, and sends the source code to the code auditor 14 to complete the auditing operation, and obtain the auditing result of the source code.
S321: the data transaction platform provides the source code for the code manager, and the data transaction platform sends the calculation description to the data provider.
The data transaction platform 11 sends a calculation description to the data provider 13, wherein the calculation description includes an authorization request and an audit result of the source code.
S33: and the data provider verifies the verification result of the source code to obtain a verification result.
S34: and the data provider sends the verification result to the data transaction platform.
S35: and the data transaction platform sends the verification result to the data user.
S36: the data consumer sends an authorization token and a calculation request containing a source code to the data transaction platform.
After the code audit process is completed, the data consumer 12 obtains an authorization token. The data using party 12 continues to send the authorization token and the task request to the data transaction platform 11, the data transaction platform 11 obtains the source code from the code managing party 15 and verifies the validity of the authorization token, when the authorization token is verified to be valid, the data transaction platform 11 determines the task and returns the task to the data using party 12, and the data using party 12 submits the calculation request to the data transaction platform 11.
To complete the token checking step. The authorization token verification process is integrated in the task calculation stage, as shown in fig. 9, and steps S36 to S37 are steps of token verification.
S37: and when the data transaction platform verifies that the authorization token is legal, executing the computational logic of the source code.
The data transaction platform 11 receives the authorization token and verifies the validity of the authorization token, and when the data transaction platform 11 verifies that the authorization token is valid, the computational logic of the source code is executed.
In the asynchronous scheme for code auditing, the code auditing method is divided into two processes of code auditing and token checking, wherein the code auditing process is combined in an authentication and authorization stage, and the token checking is combined in a task computing stage. Different from the code auditing and synchronizing scheme, the data user does not send the calculation request and the authorization request at one time, but sends the calculation request and the authorization token after sending the authorization request to obtain the authorization token.
Specifically, in the code auditing process, the data user 12 is responsible for submitting a data use authorization request and a source code, and receiving an authorization token provided by the data provider 13; the code auditor 14 completes auditing work of the source code according to the code auditing rule and provides second description information and non-repudiation information of the source code, wherein the source code auditing work at least comprises the contents that the code execution logic is consistent with the data use purpose of the auditing rule, the data read by the code is consistent with the data of the auditing rule, the data read by the code is in the range of the auditing rule, the data is safely used, the code is safely audited and the like; the code manager 15 is responsible for storing and managing the source code provided by the data consumer 12; the data provider 13 is responsible for verifying the consistency of the first description information of the authorization request and the second description information of the source code auditing result, and generating an authorization token; the data transaction platform 11 is mainly responsible for completing the circulation work of all data and requests.
In the process of token verification, the data user 12 is responsible for submitting a calculation request and a task request of data and receiving a result of a calculation task; the code manager 15 is responsible for storing the source code provided by the data user 12, and provides the source code to participate in completing the calculation task in the calculation process; the data provider 13 is responsible for verifying the validity of the authorization token and providing data required in the calculation task to participate in completing the calculation task; the data transaction platform 11 is responsible for verifying the validity of the authorization token and simultaneously is responsible for the circulation work of all data and requests.
In addition, in at least part of the steps of the process, log security audit can be further included to complete the recording and evidence storage of the log in the code auditing process, and meanwhile, the functions of post supervision and audit and the like are supported.
Referring to fig. 10, fig. 10 is a schematic flowchart illustrating a fourth embodiment of the code auditing method of the present application. The execution subject in this embodiment is a data transaction platform. The same parts in this embodiment as those in the above embodiments are not described herein again.
S41: source code provided by a data consumer is received.
S42: and sending the source code or the auditing result of the source code to the data provider, wherein the auditing result of the source code is obtained by auditing the source code according to the code auditing rule.
The data transaction platform 11 may transmit the source code to the data provider 13, or the data transaction platform 11 may transmit the audit result of the source code to the data provider 13. Specifically, the data transaction platform 11 may perform auditing on the source code to obtain an auditing result of the source code, or the data transaction platform 11 may send the source code to the code auditor 14, and then receive an auditing result of the source code returned by the code auditor 14, that is, the code auditor completes code auditing work.
In addition, the data trafficking platform 11 may also send source code to the code manager 15 for saving, and may obtain the source code from the code manager 15 when the execution of the computational logic is required.
S43: and receiving a verification result from the data provider, wherein the verification result is obtained by verifying the verification result of the source code.
The computing request comprises first description information of the source code, the authorization request comprises the first description information, and the authorization token is obtained by verifying the consistency of non-repudiatable information of the auditing result and verifying the consistency of the first description information and second description information of the auditing result; wherein, the first description information may include: target data set information and computational logic; the second description information may include: and checking the target data set information obtained by the source code and calculating the logic description information.
S44: and computing logic for determining whether to execute the source code based on the verification result.
When the verification result includes the authorization token, the computational logic of the source code is executed.
Referring to fig. 11, fig. 11 is a schematic flowchart illustrating a fifth embodiment of a code auditing method according to the present application. The execution subject in this embodiment is a data transaction platform, the code auditing method in this embodiment is a code auditing synchronization mode, and the same parts as those in the above embodiments in this embodiment are not described herein again.
S51: a computation request including source code provided by a data consumer is received.
S52: and responding to the calculation request, and sending an authorization request and the source code or the auditing result of the source code to the data provider, wherein the auditing result of the source code is obtained by auditing the source code according to the code auditing rule.
S53: and receiving a verification result from the data provider, wherein the verification result is obtained by verifying the verification result of the source code.
The data trafficking platform 11 may also send the verification result to the data consumer.
S54: when the verification result includes the authorization token, the computational logic of the source code is executed.
In this embodiment, the data transaction platform 11 adopts a code audit synchronization mode, and completes two steps of code audit and token verification in the task calculation stage.
Referring to fig. 12, fig. 12 is a flowchart illustrating a sixth embodiment of a code auditing method according to the present application. The execution subject in this embodiment is a data transaction platform, the code auditing method in this embodiment is a code auditing asynchronous mode, and the same parts as those in the above embodiments in this embodiment are not described herein again.
S61: a source code and an authorization request provided by a data consumer are received.
S62: and responding to the authorization request, and sending the authorization request and the source code or the auditing result of the source code to the data provider.
S63: and receiving a verification result from the data provider, wherein the verification result is obtained by verifying the verification result of the source code.
S64: and sending the verification result to the data user.
S65: an authorization token provided by a data consumer and a computation request including a source code are received.
S66: and executing the computing logic of the source code under the condition that the authorization token is verified to be legal.
In this embodiment, the data transaction platform 11 adopts a code auditing asynchronous mode, and the data transaction platform 11 receives two requests provided by the data user 12. The data transaction platform 11 completes code auditing in an authentication and authorization stage and completes token verification in a task calculation stage.
In addition, the data transaction platform 11 may also log and verify at least part of the operations of the code auditing method.
Referring to fig. 13, fig. 13 is a flowchart illustrating a seventh embodiment of a code auditing method according to the present application. The execution subject in this embodiment is a data provider, and the same parts as those in the above embodiment are not described herein again.
S71: and receiving the source code sent by the data transaction platform.
S72: and verifying the source code auditing result to obtain a verification result after the source code is used for obtaining the source code auditing result, wherein the source code auditing result is obtained by auditing the source code according to the code auditing rule.
The data provider 13 may also receive an authorization request sent by the data transaction platform 11, where the authorization request includes first description information of the source code, the first description information is from the data consumer 12, and the first description information may include target data set information and computation logic, and the data consumer 12 is a provider of the source code.
The data provider 13 verifies whether the first description information is consistent with the second description information in the auditing result, and if so, an authorization token is generated as a verification result; and the second description information comprises target data set information obtained by the audit source code and calculation logic description information.
S73: and sending a verification result to the data transaction platform to be used as a basis for judging whether the data transaction platform executes the computing logic of the source code.
In this embodiment, the data provider 13 obtains the source code sent by the data transaction platform 11, and the data provider 13 may perform an audit on the source code to obtain an audit result of the source code; alternatively, the data provider may send the source code to the code reviewer 14, and obtain the review result of the source code returned by the code reviewer 14. The data provider 13 verifies the source code audit result.
Referring to fig. 14, fig. 14 is a flowchart illustrating an eighth embodiment of a code auditing method according to the present application. The execution subject in this embodiment is a data provider, and the same parts as those in the above embodiment are not described herein again.
S81: and receiving an auditing result of the source code sent by the data transaction platform, wherein the auditing result of the source code is obtained by auditing the source code according to a code auditing rule.
S82: and verifying the verification result of the source code to obtain a verification result.
S83: and sending a verification result to the data transaction platform to be used as a basis for judging whether the data transaction platform executes the computing logic of the source code.
In this embodiment, the data provider 13 executes a code auditing method, and the data provider 13 receives an auditing result of a source code sent by the data transaction platform 11 and directly verifies the auditing result of the source code.
In addition, the data provider 13 may log and verify at least part of the operations of the code auditing method.
Based on the code auditing method, the application also provides a code auditing system. Referring to FIG. 15, FIG. 15 is a block diagram illustrating an embodiment of a code review system of the present application. The system may include a data consumer 12, a code auditor 14, a data provider 13, and a data trading platform 11. In this embodiment, the code auditor 14 is independent of the data transaction platform 11 and the data provider 13, and the data transaction platform 11 is connected with the data consumer 12, the code auditor 14 and the data provider 13 respectively.
The data consumer 12 is used to store and manage authorization tokens for the data provider 13; the code auditor 14 is used for auditing the source code, returning the description information and storing and managing code auditing rules; the data provider 13 is used for verifying the authorization request, verifying the consistency of the description information, issuing an authorization token for the data user 12 and verifying the authorization token; the data transaction platform 11 is used to audit the source code and verify the authorization token.
Specifically, the code auditor 14 includes a code auditing module, and an auditing rule management module; the code auditing module of the code auditor 14 is used for auditing the source code and returning the description information, and the auditing rule management module is used for storing and managing the code auditing rules.
The data provider 13 includes an authentication authorization module; the authentication and authorization module of the data provider 13 is mainly responsible for verifying the consistency of the authorization request and the description information provided by the code auditor 14.
The data transaction platform 11 comprises a code auditing strategy module and an authentication authorization module; the code auditing strategy module of the data transaction platform 11 is responsible for completing functions of negotiating a code auditing strategy with the data provider 13 and the like, and the authentication authorization module is responsible for verifying an authorization token and the like.
The data consumer 12 includes an authorization information storage module; the authorization information storage module of the data consumer 12 is used to store and manage the authorization token of the data provider 13.
The code auditing system also includes a code manager 15, the code manager 15 is used for storing and managing the source code provided by the data user 12; the code manager 15 includes a source code storage module for storing and managing the source code provided by the data consumer 12.
In addition, there is a log security audit module among all the participants in the system. The log security audit module is used for recording and storing the certificate so as to support supervision and examination, namely, the log security audit module can be used for recording and storing the certificate of the log in the code examination process and simultaneously supporting functions of post supervision and examination and the like.
Referring to fig. 16, fig. 16 is a schematic structural diagram of another embodiment of the code auditing system of the present application. In this embodiment, the code auditor 14 is integrated inside the data transaction platform 11 as a code auditing module, that is, the code auditor 14 is merged with the data transaction platform 11. The data transaction platform 11 is connected to a data consumer 12 and a data provider 13. The same parts of this embodiment as those of the above embodiment will not be described herein again.
The data provider 13 comprises an authentication authorization module and a log security audit module; the data transaction platform 11 further comprises a code auditing module, an auditing rule management module, a code auditing strategy module, an authentication authorization module and a log security auditing module; the data consumer 12 includes an authorization information storage module and a log security audit module.
Referring to fig. 17, fig. 17 is a schematic structural diagram of another embodiment of a code auditing system according to the present application. In the present embodiment, the code auditor 14 is integrated inside the data provider 13 as a code auditing module, i.e. the code auditor 14 is merged with the data provider 13. The data transaction platform 11 is connected to a data consumer 12 and a data provider 13. The same parts of this embodiment as those of the above embodiment will not be described herein again.
The data transaction platform 11 comprises a code auditing strategy module, an authentication authorization module and a log security auditing module; the data provider 13 further comprises a code auditing module, an auditing rule management module, an authentication authorization module and a log security auditing module; the data consumer 12 includes an authorization information storage module and a log security audit module.
Based on the code auditing method, the application also provides a code auditing system. Referring to fig. 18, fig. 18 is a schematic structural diagram of an embodiment of a code auditing apparatus according to the present application. The code auditing device 200 comprises a memory 21 and a processor 22, wherein the memory 21 is connected with the processor 22, and a computer program is stored in the memory 21 and realizes the method when the computer program is executed by the processor 22.
In the present embodiment, the processor 22 may also be referred to as a Central Processing Unit (CPU). The processor 22 may be an integrated circuit chip having signal processing capabilities. The processor 22 may also be a general purpose processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
Based on the code auditing method, the application also provides a computer readable storage medium. Referring to fig. 19, fig. 19 is a schematic structural diagram of an embodiment of a computer-readable storage medium according to the present application. The computer-readable storage medium 300 has stored therein a computer program 31, the computer program 31 realizing the above-described method when executed.
Further, the computer-readable storage medium 300 may be various media that can store program codes, such as a usb disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic tape, or an optical disk.
It is to be understood that the specific embodiments described herein are merely illustrative of the application and are not limiting of the application. In addition, for convenience of description, only a part of structures related to the present application, not all of the structures, are shown in the drawings. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms "first", "second", etc. in this application are used to distinguish between different objects and not to describe a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
The above description is only for the purpose of illustrating embodiments of the present application and is not intended to limit the scope of the present application, and all modifications of equivalent structures and equivalent processes, which are made by the contents of the specification and the drawings of the present application or are directly or indirectly applied to other related technical fields, are also included in the scope of the present application.
Claims (10)
1. A code auditing method is applied to auditing source codes of computational logic of a target data set of a data user in a data transaction process, and comprises the following steps:
receiving the source code of the data consumer;
sending the source code or the auditing result of the source code to a data provider, wherein the auditing result of the source code is obtained by auditing the source code according to a code auditing rule;
receiving a verification result from the data provider, wherein the verification result is obtained by verifying the verification result of the source code;
computing logic to determine whether to execute the source code based on the validation result.
2. A code auditing method according to claim 1, wherein said receiving a verification result from the data provider further comprises:
receiving a computation request of the data consumer containing the source code;
sending an authorization request to the data provider in response to the computing request;
the step of determining whether to execute the computational logic of the source code based on the validation result comprises:
executing the computational logic of the source code when the verification result includes an authorization token.
3. A code auditing method according to claim 1, wherein said receiving a verification result from the data provider further comprises:
receiving an authorization request of the data user;
sending the authorization request to the data provider in response to the authorization request;
the receiving the verification result from the data provider further comprises:
sending the verification result to the data user;
when the verification result includes an authorization token, the step of determining whether to execute the computational logic of the source code based on the verification result includes:
receiving the authorization token of the data consumer and a computation request including the source code;
and executing the computing logic of the source code under the condition that the authorization token is verified to be legal.
4. The code auditing method according to claim 2 or 3, characterized in that the computation request includes first description information of the source code, the authorization request includes the first description information, and the authorization token is obtained by verifying the consistency of non-repudiation information of the auditing result and verifying the consistency of the first description information and second description information of the auditing result; wherein the first description information includes: target data set information and computational logic; the second description information includes: and auditing target data set information obtained by the source code and calculating logic description information.
5. A code auditing method according to claim 1, wherein the step of receiving the source code of a data consumer is preceded by the method comprising:
receiving a data release request of the data provider;
and sending a code policy request to the data provider, wherein the code policy request is used for indicating the data provider to return a code auditing policy and a code auditing rule.
6. A code auditing method is applied to auditing source codes of computational logic of a target data set of a data user in a data transaction process, and comprises the following steps:
receiving a source code sent by a data transaction platform or an auditing result of the source code, wherein the auditing result of the source code is obtained by auditing the source code according to a code auditing rule;
obtaining an auditing result of the source code by using the source code, and verifying the auditing result of the source code to obtain a verification result, or directly verifying the auditing result of the source code to obtain a verification result;
and sending the verification result to the data transaction platform to be used as a basis for judging whether the data transaction platform executes the calculation logic of the source code.
7. A code auditing method is applied to auditing source codes of computational logic of a target data set of a data user in a data transaction process, and comprises the following steps:
the data usage direction sends the source code to a data transaction platform;
auditing the source code according to a code auditing rule to obtain an auditing result of the source code;
the data provider verifies the verification result of the source code to obtain a verification result;
the data provider sends the verification result to the data transaction platform;
the data trafficking platform determines whether to execute the computational logic of the source code based on the verification result.
8. A code auditing system is characterized by comprising a data user, a code auditor, a data provider and a data transaction platform;
the data consumer is used for storing and managing the authorization token of the data provider; the code auditor is used for auditing the source code, returning the description information and storing and managing code auditing rules; the data provider is used for verifying an authorization request, verifying the consistency of the description information, issuing the authorization token for the data user and verifying the authorization token; the data transaction platform is used for auditing the source code and verifying the authorization token.
9. Code auditing device, characterized in that it comprises a memory and a processor, the memory being connected to the processor, the memory having stored therein a computer program which, when executed by the processor, implements the method of any of the preceding claims 1-6.
10. A computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, which computer program, when executed, implements the method of any of the preceding claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911414568.7A CN113126996B (en) | 2019-12-31 | 2019-12-31 | Code auditing method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911414568.7A CN113126996B (en) | 2019-12-31 | 2019-12-31 | Code auditing method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113126996A true CN113126996A (en) | 2021-07-16 |
| CN113126996B CN113126996B (en) | 2023-10-20 |
Family
ID=76770587
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911414568.7A Active CN113126996B (en) | 2019-12-31 | 2019-12-31 | Code auditing method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113126996B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114285616A (en) * | 2021-12-16 | 2022-04-05 | 上海商汤科技开发有限公司 | Data transmission method and device, electronic equipment and storage medium |
| WO2023079388A1 (en) * | 2021-11-04 | 2023-05-11 | International Business Machines Corporation | Data swap prevention in distributed computing environments |
| WO2023231361A1 (en) * | 2022-05-30 | 2023-12-07 | 华为云计算技术有限公司 | Data transaction method, and apparatus |
Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5809145A (en) * | 1996-06-28 | 1998-09-15 | Paradata Systems Inc. | System for distributing digital information |
| US20060236114A1 (en) * | 2005-04-05 | 2006-10-19 | Ntt Docomo, Inc. | Application program verification system, application program verification method and computer program |
| US20080222042A1 (en) * | 2004-12-03 | 2008-09-11 | Stephen James Moore | Prescription Generation Validation And Tracking |
| CN101551836A (en) * | 2008-04-03 | 2009-10-07 | 西门子(中国)有限公司 | Code audit method and device |
| CN101771993A (en) * | 2008-12-31 | 2010-07-07 | 中国移动通信集团公司 | System and method thereof for realizing polymerization application based on mobile network |
| US20140089197A1 (en) * | 2007-07-12 | 2014-03-27 | Bill Me Later, Inc. | Computer-implemented method, system and apparatus for the dynamic verification of a consumer engaged in a transaction with a merchant and authorization of the transaction |
| US20150310209A1 (en) * | 2014-04-25 | 2015-10-29 | Alibaba Group Holding Limited | Executing third-party application |
| US20160018996A1 (en) * | 2013-03-27 | 2016-01-21 | Irdeto B.V. | Storing and accessing data |
| CN106296362A (en) * | 2016-08-15 | 2017-01-04 | 鼎天智(北京)大数据科技有限公司 | A kind of big data transaction of servitude System and method for |
| CN107679087A (en) * | 2017-09-04 | 2018-02-09 | 浙江聚邦科技有限公司 | A kind of growth information gathering mobile terminal microfluidic platform towards medium-sized and small enterprises |
| CN108665332A (en) * | 2017-03-31 | 2018-10-16 | 横琴国际知识产权交易中心有限公司 | A kind of intellectual property electric business plateform system and its commodity restocking verification method |
| CN108921510A (en) * | 2018-06-27 | 2018-11-30 | 中国建设银行股份有限公司 | Banking remote auto checking method and system |
| CN109313762A (en) * | 2016-03-08 | 2019-02-05 | 加拿大皇家银行 | For characterizing the system for securely generating and handling, the method and apparatus of the data set of stored value payment |
| CN109685511A (en) * | 2018-05-30 | 2019-04-26 | 上海分壳信息技术股份有限公司 | Data transaction of servitude method based on block chain |
| CN110134605A (en) * | 2019-05-16 | 2019-08-16 | 北京达佳互联信息技术有限公司 | Method, apparatus, computer equipment and the storage medium of Validation Code |
| CN110598418A (en) * | 2019-09-10 | 2019-12-20 | 深圳开源互联网安全技术有限公司 | Method and system for dynamically detecting vertical override based on IAST test tool |
-
2019
- 2019-12-31 CN CN201911414568.7A patent/CN113126996B/en active Active
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5809145A (en) * | 1996-06-28 | 1998-09-15 | Paradata Systems Inc. | System for distributing digital information |
| US20080222042A1 (en) * | 2004-12-03 | 2008-09-11 | Stephen James Moore | Prescription Generation Validation And Tracking |
| US20060236114A1 (en) * | 2005-04-05 | 2006-10-19 | Ntt Docomo, Inc. | Application program verification system, application program verification method and computer program |
| US20140089197A1 (en) * | 2007-07-12 | 2014-03-27 | Bill Me Later, Inc. | Computer-implemented method, system and apparatus for the dynamic verification of a consumer engaged in a transaction with a merchant and authorization of the transaction |
| CN101551836A (en) * | 2008-04-03 | 2009-10-07 | 西门子(中国)有限公司 | Code audit method and device |
| CN101771993A (en) * | 2008-12-31 | 2010-07-07 | 中国移动通信集团公司 | System and method thereof for realizing polymerization application based on mobile network |
| US20160018996A1 (en) * | 2013-03-27 | 2016-01-21 | Irdeto B.V. | Storing and accessing data |
| US20150310209A1 (en) * | 2014-04-25 | 2015-10-29 | Alibaba Group Holding Limited | Executing third-party application |
| CN109313762A (en) * | 2016-03-08 | 2019-02-05 | 加拿大皇家银行 | For characterizing the system for securely generating and handling, the method and apparatus of the data set of stored value payment |
| CN106296362A (en) * | 2016-08-15 | 2017-01-04 | 鼎天智(北京)大数据科技有限公司 | A kind of big data transaction of servitude System and method for |
| CN108665332A (en) * | 2017-03-31 | 2018-10-16 | 横琴国际知识产权交易中心有限公司 | A kind of intellectual property electric business plateform system and its commodity restocking verification method |
| CN107679087A (en) * | 2017-09-04 | 2018-02-09 | 浙江聚邦科技有限公司 | A kind of growth information gathering mobile terminal microfluidic platform towards medium-sized and small enterprises |
| CN109685511A (en) * | 2018-05-30 | 2019-04-26 | 上海分壳信息技术股份有限公司 | Data transaction of servitude method based on block chain |
| CN108921510A (en) * | 2018-06-27 | 2018-11-30 | 中国建设银行股份有限公司 | Banking remote auto checking method and system |
| CN110134605A (en) * | 2019-05-16 | 2019-08-16 | 北京达佳互联信息技术有限公司 | Method, apparatus, computer equipment and the storage medium of Validation Code |
| CN110598418A (en) * | 2019-09-10 | 2019-12-20 | 深圳开源互联网安全技术有限公司 | Method and system for dynamically detecting vertical override based on IAST test tool |
Non-Patent Citations (3)
| Title |
|---|
| SUIPY: "数据交换(售卖)探索", pages 1 - 5, Retrieved from the Internet <URL:https://blog.csdn.net/suipy/article/details/45873023/> * |
| 何;余霆;罗通行;: "大量历史数据在生化项目自动审核测试验证中的应用", 中国数字医学, no. 02 * |
| 向灵孜;: "源代码审计综述", 保密科学技术, no. 12 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2023079388A1 (en) * | 2021-11-04 | 2023-05-11 | International Business Machines Corporation | Data swap prevention in distributed computing environments |
| CN114285616A (en) * | 2021-12-16 | 2022-04-05 | 上海商汤科技开发有限公司 | Data transmission method and device, electronic equipment and storage medium |
| WO2023231361A1 (en) * | 2022-05-30 | 2023-12-07 | 华为云计算技术有限公司 | Data transaction method, and apparatus |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113126996B (en) | 2023-10-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108898389B (en) | Content verification method and device based on block chain and electronic equipment | |
| CN108492180B (en) | Asset management method and device and electronic equipment | |
| US20200184557A1 (en) | Resource transfer and capital transfer method and apparatus | |
| CN108335207B (en) | Asset management method and device and electronic equipment | |
| CN108335206B (en) | Asset management method and device and electronic equipment | |
| JP6940182B2 (en) | Blockchain management device, blockchain management method and program | |
| KR101987692B1 (en) | Registry and Automation Management Methods for Smart Contracts in Blockchain Enforcement | |
| KR101929482B1 (en) | Method for sharing business information based on mutual confirmation blockchain | |
| CN113312653A (en) | Open platform authentication and authorization method, device and storage medium | |
| CN113126996A (en) | Code auditing method, device and system | |
| WO2020015414A1 (en) | Method and apparatus for issuing reward to work publisher based on blockchain | |
| US20220036351A1 (en) | Method and apparatus for resource exchange | |
| CN111597269A (en) | Block chain-based contract implementation method, device and equipment | |
| CN115131034A (en) | Block chain-based rights and interests digital collection verification method and equipment | |
| KR100968941B1 (en) | Finance trade system using a otp | |
| CN110599176B (en) | Block chain-based data processing method and device, storage medium and node equipment | |
| WO2021253299A1 (en) | Data processing method, storage medium, electronic device and data transaction system | |
| CN114945931A (en) | Method and apparatus for mitigating bill financing fraud | |
| US20230114697A1 (en) | Zero-knowledge proof-based virtual cards | |
| CN114900334B (en) | NFT authority control method, system, computer readable storage medium and terminal equipment | |
| US20230283466A1 (en) | Content protection system | |
| CN109325858A (en) | The method of commerce and device of resource flow, computer equipment and computer-readable medium | |
| US11816649B2 (en) | Method and system for protecting intellectual property rights on digital content using smart propertization | |
| KR102450412B1 (en) | SLA-Based Sharing Economy Service with Smart Contract for Resource Integrity in the Internet of Things | |
| CN112819643B (en) | New contract underwriting method and system for insurance product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |