CN113254979A - Credible examination system for protecting business privacy and computer storage medium - Google Patents
Credible examination system for protecting business privacy and computer storage medium Download PDFInfo
- Publication number
- CN113254979A CN113254979A CN202110713949.6A CN202110713949A CN113254979A CN 113254979 A CN113254979 A CN 113254979A CN 202110713949 A CN202110713949 A CN 202110713949A CN 113254979 A CN113254979 A CN 113254979A
- Authority
- CN
- China
- Prior art keywords
- key
- enterprise
- business
- examination
- result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/903—Querying
- G06F16/90335—Query processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
Abstract
The invention provides a credible auditing system for protecting business privacy and a computer storage medium, which comprise an audited access module, an auditing reading module, an auditing result query module, a business processing module and an auditing result pairing module, wherein an audited enterprise calls the audited access module to input a business to be audited into the system, the business processing module performs enterprise-business separation on the input business and sends separated pure business information to an auditing queue, the auditing reading module acquires the pure business information from the auditing queue to perform credibility auditing, the auditing result pairing module pairs the credibility result of the pure business with the affiliated enterprise and records the credibility result into a block chain, and the auditing result query module queries the credibility result of the corresponding enterprise through the block chain. In the system, the examiner and the examined enterprise are not visible with each other, thereby protecting the privacy of the enterprise and preventing the fraud phenomenon.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a credible examination system for protecting service privacy.
Background
Credibility examination is that a government or a civil institution examines the credibility of an enterprise and opens examination results to the public, so that the public can conveniently and better know about the company, but business confidentiality is involved in the examination process, how to better protect the privacy of the enterprise in the examination process and how to avoid the occurrence of future fraud in the examination process are problems to be solved by an examination system.
Now, many credible auditing systems have been developed, and through a large amount of search and reference, the existing auditing systems are found to be the systems disclosed in the publication numbers KR101484882B1, KR101058592B1 and KR101613621B1, including: acquiring an executable file of an application to be checked, and extracting and calculating data in the executable file to obtain a summary to be checked; acquiring a trusted abstract in an executable file, wherein the trusted abstract is generated for an application to be checked and obtained by extracting and calculating data in the executable file when the trusted abstract is determined to be a trusted application; and judging whether the abstract to be checked is consistent with the trusted abstract or not, and if so, determining that the application to be checked passes the check. However, in the auditing system, the auditors can acquire the privacy information of the audited units, hidden danger of privacy disclosure exists, and meanwhile, the audited units and the auditors can achieve back-end transaction, so that the phenomenon of auditing and cheating occurs.
Disclosure of Invention
The invention aims to provide a credible examination system for protecting business privacy against the existing defects,
in order to overcome the defects of the prior art, the invention adopts the following technical scheme:
a credible examination system for protecting business privacy comprises an examined access module, an examination reading module, an examination result query module, a business processing module and an examination result pairing module, wherein an examined enterprise calls the examined access module to input a business to be examined into the system, the business processing module performs enterprise-business separation on the input business and sends separated pure business information to an examination queue, the examination reading module acquires the pure business information from the examination queue to perform credibility examination, the examination result pairing module pairs the credibility result of the pure business with the affiliated enterprise and records the credibility result into a block chain, and the examination result query module queries the credibility result of the corresponding enterprise through the block chain;
further, the service processing module comprises a abstracting unit and a key generator, wherein the abstracting unit extracts an enterprise abstract and a pure service abstract from enterprise service information, the key generator generates a pair of a first key and a second key, the first key is added into the enterprise abstract, and the second key is added into the pure service abstract;
further, the first key is randomly generated and denoted as a, a hash operation h (a) is performed on the first key a to obtain data B, and the key generator calculates a matching number C so as to satisfy:
H(A+B+C)=D+C;
d + C is a second key E, D is the first few bits of data of the second key, and C is the last few bits of data of the second key;
further, a second key in the pure service abstract and an inspection result are packaged and sent to the inspection result pairing module, and the inspection result pairing module finds out corresponding enterprise information from the enterprise abstract according to the second key;
further, the examination result pairing module comprises a key pairing device, the key pairing device obtains a matching number C from the second key, performs hash operation on the first key A obtained from the enterprise abstract to obtain data B, compares the hash operation result of A, B, C with the second key, and if the results are consistent, the pairing is successful, and if the results are inconsistent, performs pairing verification on the first key of the next enterprise abstract;
further, the service processing module stores the service digest into the review queue according to a function P (), where the expression of the function P () is:
n is the number of the stored service summaries in the review queue, N is the number of the service summaries which can be stored in the review queue, w (i) represents the space sequence number of the ith service stored in the review queue, and the calculation result of P () represents the position sequence of the service which needs to be stored in the rest space sequence number;
further, the examination reading module reads the service summary from the examination queue according to a function Q (), where the expression of the function Q () is:
the calculation result of Q () represents the position sequence of the service to be read in the stored sequence number of the air;
furthermore, the censoring process data of the censoring personnel are packaged into a data packet and sent to a process block chain, the process block chain and the block chain for storing the censoring result are two different block chains, the result block chain is open to the public, and the process block chain is only open to partial high-level authorities;
a computer-readable storage medium, wherein the computer-readable storage medium includes a trusted audit system program for protecting business privacy, and wherein the trusted audit system program for protecting business privacy when executed by a processor implements a trusted audit system step for protecting business privacy.
The beneficial effects obtained by the invention are as follows:
the system peels off the checked enterprise and the business information thereof, the examiner can only examine the pure business information and can not acquire the corresponding enterprise information, privacy disclosure is avoided, the enterprise can only acquire the examination result and can not acquire the information of the examiner, and fraud is avoided.
Drawings
The invention will be further understood from the following description in conjunction with the accompanying drawings. The components in the figures are not necessarily to scale, emphasis instead being placed upon illustrating the principles of the embodiments. Like reference numerals designate corresponding parts throughout the different views.
Fig. 1 is a schematic view of an overall structural framework.
Fig. 2 is a schematic diagram of a service processing module framework.
Fig. 3 is a schematic diagram of the key generator operation flow.
Fig. 4 is a schematic diagram of a key partner work flow.
Fig. 5 is a schematic view of service deposit reading.
Detailed Description
In order to make the objects and advantages of the present invention more apparent, the present invention will be further described in detail with reference to the following embodiments; it should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. Other systems, methods, and/or features of the present embodiments will become apparent to those skilled in the art upon review of the following detailed description. It is intended that all such additional systems, methods, features and advantages be included within this description, be within the scope of the invention, and be protected by the accompanying claims. Additional features of the disclosed embodiments are described in, and will be apparent from, the detailed description that follows.
The same or similar reference numerals in the drawings of the embodiments of the present invention correspond to the same or similar components; in the description of the present invention, it should be understood that if there is an orientation or positional relationship indicated by terms such as "upper", "lower", "left", "right", etc., based on the orientation or positional relationship shown in the drawings, it is only for convenience of description and simplification of description, but it is not indicated or implied that the device or component referred to must have a specific orientation, be constructed and operated in a specific orientation, and therefore, the terms describing the positional relationship in the drawings are only used for illustrative purposes and are not to be construed as limitations of the present patent, and specific meanings of the terms may be understood by those skilled in the art according to specific situations.
The first embodiment.
With reference to fig. 1-5, the present embodiment provides a trusted auditing system for protecting business privacy, which includes an audited access module, an auditing read module, an auditing result query module, a business processing module, and an auditing result pairing module, where an audited enterprise calls the audited access module to input a to-be-audited business to the system, the business processing module performs enterprise-business separation on the input business, and sends separated pure business information to an auditing queue, the auditing read module obtains the pure business information from the auditing queue to perform credibility auditing, the auditing result pairing module pairs the credibility result of the pure business with the enterprise to which the pure business belongs and records the credibility result into a block chain, and the auditing result query module queries the credibility result of the corresponding enterprise through the block chain;
with continued reference to fig. 2, the service processing module includes a abstracting unit and a key generator, where the abstracting unit extracts an enterprise digest and a pure service digest from enterprise service information, and the key generator generates a pair of a first key and a second key, where the first key is added to the enterprise digest, and the second key is added to the pure service digest;
continuing with fig. 3, the first key is randomly generated and denoted as a, the first key a is subjected to hash operation h (a) to obtain data B, and the key generator calculates a matching number C so as to satisfy:
H(A+B+C)=D+C;
d + C is a second key E, D is the first few bits of data of the second key, and C is the last few bits of data of the second key;
the second key in the pure service abstract and the examination result are packaged and sent to the examination result pairing module, and the examination result pairing module finds out corresponding enterprise information from the enterprise abstract according to the second key;
continuing to refer to fig. 4, the examination result pairing module includes a key pairing device, the key pairing device obtains a matching number C from the second key, performs hash operation on the first key a obtained from the enterprise digest to obtain data B, compares the hash operation result of A, B, C with the second key, if the result is consistent, the pairing is successful, and if the result is inconsistent, performs pairing verification on the first key of the next enterprise digest;
with continuing reference to fig. 5, the service processing module places the service digest into the review queue according to a function P (), where the expression of function P () is:
n is the number of the stored service summaries in the review queue, N is the number of the service summaries which can be stored in the review queue, w (i) represents the space sequence number of the ith service stored in the review queue, and the calculation result of P () represents the position sequence of the service which needs to be stored in the rest space sequence number;
the examination reading module reads the service abstract from the examination queue according to a function Q (), wherein the expression of the function Q () is as follows:
the calculation result of Q () represents the position sequence of the service to be read in the stored sequence number of the air;
the method comprises the following steps that examination process data of examiners are packaged into data packets and sent to a process block chain, the process block chain and a block chain for storing examination results are two different block chains, the result block chain is open to the public, and the process block chain is only open to partial high-level authorities;
a computer-readable storage medium, wherein the computer-readable storage medium includes a trusted audit system program for protecting business privacy, and wherein the trusted audit system program for protecting business privacy when executed by a processor implements a trusted audit system step for protecting business privacy.
Example two.
With continuing to combine with the accompanying drawings, the embodiment provides a trusted auditing system for protecting business privacy, which is shown in fig. 1 and includes an audited access module, an auditing reading module, an auditing result query module, a business processing module and an auditing result pairing module, wherein an audited enterprise calls the audited access module to input a business to be audited into the system, the business processing module performs enterprise-business separation on the input business and sends separated pure business information to an auditing queue, the auditing reading module acquires the pure business information from the auditing queue to perform credibility auditing, the auditing result pairing module pairs the credibility result of the pure business with the enterprise to which the pure business belongs and records the credibility result into a block chain, and the auditing result query module queries the credibility result of the corresponding enterprise through the block chain;
with continued reference to fig. 2, the service processing module includes a abstracting unit and a key generator, where the abstracting unit extracts an enterprise digest and a pure service digest from enterprise service information, and the key generator generates a pair of a first key and a second key, where the first key is added to the enterprise digest, and the second key is added to the pure service digest;
continuing with fig. 3, the first key is randomly generated and denoted as a, the first key a is subjected to hash operation h (a) to obtain data B, and the key generator calculates a matching number C so as to satisfy:
H(A+B+C)=D+C;
d + C is a second key E, D is the first few bits of data of the second key, and C is the last few bits of data of the second key;
the second key in the pure service abstract and the examination result are packaged and sent to the examination result pairing module, and the examination result pairing module finds out corresponding enterprise information from the enterprise abstract according to the second key;
continuing to refer to fig. 4, the examination result pairing module includes a key pairing device, the key pairing device obtains a matching number C from the second key, performs hash operation on the first key a obtained from the enterprise digest to obtain data B, compares the hash operation result of A, B, C with the second key, if the result is consistent, the pairing is successful, and if the result is inconsistent, performs pairing verification on the first key of the next enterprise digest;
with continuing reference to fig. 5, the service processing module places the service digest into the review queue according to a function P (), where the expression of function P () is:
n is the number of the stored service summaries in the review queue, N is the number of the service summaries which can be stored in the review queue, w (i) represents the space sequence number of the ith service stored in the review queue, and the calculation result of P () represents the position sequence of the service which needs to be stored in the rest space sequence number;
the examination reading module reads the service abstract from the examination queue according to a function Q (), wherein the expression of the function Q () is as follows:
the calculation result of Q () represents the position sequence of the service to be read in the stored sequence number of the air;
the method comprises the following steps that examination process data of examiners are packaged into data packets and sent to a process block chain, the process block chain and a block chain for storing examination results are two different block chains, the result block chain is open to the public, and the process block chain is only open to partial high-level authorities;
a computer-readable storage medium, wherein the computer-readable storage medium includes a trusted audit system program for protecting business privacy, and when the trusted audit system program for protecting business privacy is executed by a processor, a trusted audit system step for protecting business privacy is implemented;
based on the credible examination system for protecting the business privacy, the credible examination system comprises an examined access module, an examination reading module, an examination result query module, a business processing module and an examination result pairing module, wherein an examined enterprise calls the examined access module to input a business to be examined into the system, the business processing module performs enterprise-business separation on the input business and sends separated pure business information to an examination queue, the examination reading module acquires the pure business information from the examination queue to perform credibility examination, the examination result pairing module pairs the credibility result of the spring business with the affiliated enterprise and records the credibility result into a block chain, and the examination result query module queries the credibility result of the corresponding enterprise through the block chain;
the access module to be audited comprises an enterprise access API, a temporary storage unit and an enterprise verification unit, wherein an audited enterprise finishes butt joint with the system by calling the enterprise access API, enterprise information is submitted first after the butt joint is finished, the enterprise verification unit verifies the enterprise information and submits a service after the verification is successful, and the enterprise information and the service information are stored in the temporary storage unit;
the business processing module comprises a key generator, the key generator can generate a pair of keys, the keys comprise a first key and a second key of different data, the calculation of the key generator is unidirectional calculation, namely the first key cannot be reversely deduced through the second key, the business processing module calls an enterprise business message from the temporary storage unit, the business processing module comprises a abstracting unit, the abstracting unit isolates and abstracts an enterprise abstract and a pure business abstract from the enterprise business message, the first key is added into the enterprise abstract, the second key is added into the pure business abstract, the pure business abstract message is sent to a review queue, and the enterprise abstract is stored in an enterprise list;
an examiner randomly obtains a pure service abstract from the examination queue by calling the examination reading module, the examination reading module comprises an abstract restoring unit, the abstract restoring unit restores the rest parts of the pure service units except the second secret key into pure service information, the examiner carries out credibility examination on the pure service information and obtains an examination result, the examination result and the second secret key are packaged into a data packet together, and the data packet is sent to the examination result pairing module;
the examination result pairing module comprises a key pairing device, the key pairing device can obtain a unique correct pairing result after calculating a pair of first key and second key generated by the key generator, if the first key and/or the second key are slightly changed, the calculation result of the key pairing device has a huge gap with the correct pairing result, the examination result pairing module sequentially obtains the first key data in the enterprise abstract from the enterprise list and performs pairing calculation by using the key pairing device until the correct pairing result appears, the corresponding examination result and enterprise information are packaged and sent to a block chain to create a new block, and the block also comprises examination time information of the examination;
it should be noted that the review result pairing is unidirectional, that is, only the second key in the review result can be used to search the first key of the corresponding enterprise, and the first key of the enterprise is not used to search the second key in the review result;
the inspection result query module can obtain all inspection results and corresponding inspection time of the enterprise by querying corresponding enterprise information in the block chain, and is open to the public.
Example three.
With continuing to combine with the accompanying drawings, the embodiment provides a trusted auditing system for protecting business privacy, which is shown in fig. 1 and includes an audited access module, an auditing reading module, an auditing result query module, a business processing module and an auditing result pairing module, wherein an audited enterprise calls the audited access module to input a business to be audited into the system, the business processing module performs enterprise-business separation on the input business and sends separated pure business information to an auditing queue, the auditing reading module acquires the pure business information from the auditing queue to perform credibility auditing, the auditing result pairing module pairs the credibility result of the pure business with the enterprise to which the pure business belongs and records the credibility result into a block chain, and the auditing result query module queries the credibility result of the corresponding enterprise through the block chain;
with continued reference to fig. 2, the service processing module includes a abstracting unit and a key generator, where the abstracting unit extracts an enterprise digest and a pure service digest from enterprise service information, and the key generator generates a pair of a first key and a second key, where the first key is added to the enterprise digest, and the second key is added to the pure service digest;
continuing with fig. 3, the first key is randomly generated and denoted as a, the first key a is subjected to hash operation h (a) to obtain data B, and the key generator calculates a matching number C so as to satisfy:
H(A+B+C)=D+C;
d + C is a second key E, D is the first few bits of data of the second key, and C is the last few bits of data of the second key;
the second key in the pure service abstract and the examination result are packaged and sent to the examination result pairing module, and the examination result pairing module finds out corresponding enterprise information from the enterprise abstract according to the second key;
continuing to refer to fig. 4, the examination result pairing module includes a key pairing device, the key pairing device obtains a matching number C from the second key, performs hash operation on the first key a obtained from the enterprise digest to obtain data B, compares the hash operation result of A, B, C with the second key, if the result is consistent, the pairing is successful, and if the result is inconsistent, performs pairing verification on the first key of the next enterprise digest;
with continuing reference to fig. 5, the service processing module places the service digest into the review queue according to a function P (), where the expression of function P () is:
n is the number of the stored service summaries in the review queue, N is the number of the service summaries which can be stored in the review queue, w (i) represents the space sequence number of the ith service stored in the review queue, and the calculation result of P () represents the position sequence of the service which needs to be stored in the rest space sequence number;
the examination reading module reads the service abstract from the examination queue according to a function Q (), wherein the expression of the function Q () is as follows:
the calculation result of Q () represents the position sequence of the service to be read in the stored sequence number of the air;
the method comprises the following steps that examination process data of examiners are packaged into data packets and sent to a process block chain, the process block chain and a block chain for storing examination results are two different block chains, the result block chain is open to the public, and the process block chain is only open to partial high-level authorities;
a computer-readable storage medium, wherein the computer-readable storage medium includes a trusted audit system program for protecting business privacy, and when the trusted audit system program for protecting business privacy is executed by a processor, a trusted audit system step for protecting business privacy is implemented;
based on the credible examination system for protecting the business privacy, the credible examination system comprises an examined access module, an examination reading module, an examination result query module, a business processing module and an examination result pairing module, wherein an examined enterprise calls the examined access module to input a business to be examined into the system, the business processing module performs enterprise-business separation on the input business and sends separated pure business information to an examination queue, the examination reading module acquires the pure business information from the examination queue to perform credibility examination, the examination result pairing module pairs the credibility result of the spring business with the affiliated enterprise and records the credibility result into a block chain, and the examination result query module queries the credibility result of the corresponding enterprise through the block chain;
the access module to be audited comprises an enterprise access API, a temporary storage unit and an enterprise verification unit, wherein an audited enterprise finishes butt joint with the system by calling the enterprise access API, enterprise information is submitted first after the butt joint is finished, the enterprise verification unit verifies the enterprise information and submits a service after the verification is successful, and the enterprise information and the service information are stored in the temporary storage unit;
the business processing module comprises a key generator, the key generator can generate a pair of keys, the keys comprise a first key and a second key of different data, the calculation of the key generator is unidirectional calculation, namely the first key cannot be reversely deduced through the second key, the business processing module calls an enterprise business message from the temporary storage unit, the business processing module comprises a abstracting unit, the abstracting unit isolates and abstracts an enterprise abstract and a pure business abstract from the enterprise business message, the first key is added into the enterprise abstract, the second key is added into the pure business abstract, the pure business abstract message is sent to a review queue, and the enterprise abstract is stored in an enterprise list;
an examiner randomly obtains a pure service abstract from the examination queue by calling the examination reading module, the examination reading module comprises an abstract restoring unit, the abstract restoring unit restores the rest parts of the pure service units except the second secret key into pure service information, the examiner carries out credibility examination on the pure service information and obtains an examination result, the examination result and the second secret key are packaged into a data packet together, and the data packet is sent to the examination result pairing module;
the examination result pairing module comprises a key pairing device, the key pairing device can obtain a unique correct pairing result after calculating a pair of first key and second key generated by the key generator, if the first key and/or the second key are slightly changed, the calculation result of the key pairing device has a huge gap with the correct pairing result, the examination result pairing module sequentially obtains the first key data in the enterprise abstract from the enterprise list and performs pairing calculation by using the key pairing device until the correct pairing result appears, the corresponding examination result and enterprise information are packaged and sent to a block chain to create a new block, and the block also comprises examination time information of the examination;
it should be noted that the review result pairing is unidirectional, that is, only the second key in the review result can be used to search the first key of the corresponding enterprise, and the first key of the enterprise is not used to search the second key in the review result;
the inspection result query module can obtain all inspection results and corresponding inspection time of the enterprise by querying corresponding enterprise information in the block chain, and is open to the public;
the enterprise access APIs can be called by a plurality of enterprises at the same time, when the enterprise verification unit successfully verifies one enterprise, a storage area is applied in the temporary storage unit, the address of the storage area is sent to the corresponding enterprise through the enterprise access API, the corresponding enterprise directly fills business information into the applied storage area, the phenomenon of business confusion when the enterprise access APIs are called by a plurality of enterprises at the same time is prevented, and when the business processing module calls the enterprise business information from the temporary storage unit, the temporary storage unit performs memory logout on the corresponding storage area, so that other enterprises can use the memory continuously;
the first key generated by the key generator is stored in a key record table to prevent the generation of a repeated first key, the first key is marked as A, the key generator performs hash operation H (A) on the first key A to obtain data B, and then a matching number C is calculated by an enumeration method, wherein the matching number C satisfies the following equation:
H(A+B+C)=D+C;
the data D is the first few bits of data of the hash result, the data C is the last few bits of data of the hash result, the sum of the bits of the data D and the data C is the bit of the hash result, and D + C forms a second key E;
the digit of the matching number C can be set, and the higher the digit is, the higher the safety degree is;
the key pairing device obtains a second key E in an examination result, meanwhile, the last bits of the second key are intercepted according to the number of the matching number to obtain a matching number C, the key pairing device obtains a first key A from an enterprise list, hash operation is carried out on the first key A to obtain data B, hash operation is carried out on A + B + C, if the result is consistent with the second key E, pairing is successful, and if the result is not consistent with the second key E, the next first key is obtained for verification;
the key pairing device has the same calculation principle as the key generator, except that the key generator consumes a large amount of calculation workload for calculating the matching number C, and the key pairing device carries out verification calculation on different first keys, so that the calculation workload is small;
the key generator can work independently, a plurality of pairs of keys are generated in advance by using idle computing capacity, the number of the system pair keys is provided with an interval, when the number of the keys is larger than the interval, the key generator stops generating the keys, and when the number of the keys is smaller than the interval, the key generator starts generating the keys, so that an enterprise can provide enough keys when inputting services;
the extraction unit replaces private parts appearing in enterprise information by aliases, for example, enterprise E or company F replaces specific enterprises or companies, the extraction unit converts business information after alias replacement into ciphertext, then compresses the converted ciphertext into a business abstract, and the extraction unit directly compresses original information of an enterprise to be examined into the enterprise abstract;
the service processing module further comprises a virtual service digest creating unit, the virtual service digest creating unit can create a virtual service digest with true or false reliability by using historical service records, when only one service to be examined exists in the examination queue, the virtual creating unit will create a plurality of virtual service digests including true and false, the virtual service and the service to be examined in the examination queue have service correlation, the virtual service digest includes a virtual key, the virtual key is obtained from a virtual key library, the virtual key library is provided with a plurality of virtual keys and ensures that a second key generated by the key generator is not repeated with the virtual key, if the second key generated by the key generator appears in the virtual key library, the virtual key is deleted in the virtual key library and a new virtual key is created again, the examination result pairing module performs virtual identification on the key of the examination result data packet, and if the key is the virtual key in the virtual key database, the examination result is directly deleted without performing subsequent pairing operation;
the examination reading module can read at least three pure service abstracts at one time from the examination queue, if only one real pure service abstract exists in the examination queue, the read pure service abstracts comprise a virtual service abstract with true credibility, a virtual service abstract with false credibility and a real pure service abstract, examination results of a plurality of services and corresponding keys are packaged and sent to the examination result pairing module after examination of all the read services by an examiner, and the number of the read services is consistent with the number of the services in an examination result data packet.
Example four.
With continuing to combine with the accompanying drawings, the embodiment provides a trusted auditing system for protecting business privacy, which is shown in fig. 1 and includes an audited access module, an auditing reading module, an auditing result query module, a business processing module and an auditing result pairing module, wherein an audited enterprise calls the audited access module to input a business to be audited into the system, the business processing module performs enterprise-business separation on the input business and sends separated pure business information to an auditing queue, the auditing reading module acquires the pure business information from the auditing queue to perform credibility auditing, the auditing result pairing module pairs the credibility result of the pure business with the enterprise to which the pure business belongs and records the credibility result into a block chain, and the auditing result query module queries the credibility result of the corresponding enterprise through the block chain;
with continued reference to fig. 2, the service processing module includes a abstracting unit and a key generator, where the abstracting unit extracts an enterprise digest and a pure service digest from enterprise service information, and the key generator generates a pair of a first key and a second key, where the first key is added to the enterprise digest, and the second key is added to the pure service digest;
continuing with fig. 3, the first key is randomly generated and denoted as a, the first key a is subjected to hash operation h (a) to obtain data B, and the key generator calculates a matching number C so as to satisfy:
H(A+B+C)=D+C;
d + C is a second key E, D is the first few bits of data of the second key, and C is the last few bits of data of the second key;
the second key in the pure service abstract and the examination result are packaged and sent to the examination result pairing module, and the examination result pairing module finds out corresponding enterprise information from the enterprise abstract according to the second key;
continuing to refer to fig. 4, the examination result pairing module includes a key pairing device, the key pairing device obtains a matching number C from the second key, performs hash operation on the first key a obtained from the enterprise digest to obtain data B, compares the hash operation result of A, B, C with the second key, if the result is consistent, the pairing is successful, and if the result is inconsistent, performs pairing verification on the first key of the next enterprise digest;
with continuing reference to fig. 5, the service processing module places the service digest into the review queue according to a function P (), where the expression of function P () is:
n is the number of the stored service summaries in the review queue, N is the number of the service summaries which can be stored in the review queue, w (i) represents the space sequence number of the ith service stored in the review queue, and the calculation result of P () represents the position sequence of the service which needs to be stored in the rest space sequence number;
the examination reading module reads the service abstract from the examination queue according to a function Q (), wherein the expression of the function Q () is as follows:
the calculation result of Q () represents the position sequence of the service to be read in the stored sequence number of the air;
the method comprises the following steps that examination process data of examiners are packaged into data packets and sent to a process block chain, the process block chain and a block chain for storing examination results are two different block chains, the result block chain is open to the public, and the process block chain is only open to partial high-level authorities;
a computer-readable storage medium, wherein the computer-readable storage medium includes a trusted audit system program for protecting business privacy, and when the trusted audit system program for protecting business privacy is executed by a processor, a trusted audit system step for protecting business privacy is implemented;
based on the credible examination system for protecting the business privacy, the credible examination system comprises an examined access module, an examination reading module, an examination result query module, a business processing module and an examination result pairing module, wherein an examined enterprise calls the examined access module to input a business to be examined into the system, the business processing module performs enterprise-business separation on the input business and sends separated pure business information to an examination queue, the examination reading module acquires the pure business information from the examination queue to perform credibility examination, the examination result pairing module pairs the credibility result of the spring business with the affiliated enterprise and records the credibility result into a block chain, and the examination result query module queries the credibility result of the corresponding enterprise through the block chain;
the access module to be audited comprises an enterprise access API, a temporary storage unit and an enterprise verification unit, wherein an audited enterprise finishes butt joint with the system by calling the enterprise access API, enterprise information is submitted first after the butt joint is finished, the enterprise verification unit verifies the enterprise information and submits a service after the verification is successful, and the enterprise information and the service information are stored in the temporary storage unit;
the business processing module comprises a key generator, the key generator can generate a pair of keys, the keys comprise a first key and a second key of different data, the calculation of the key generator is unidirectional calculation, namely the first key cannot be reversely deduced through the second key, the business processing module calls an enterprise business message from the temporary storage unit, the business processing module comprises a abstracting unit, the abstracting unit isolates and abstracts an enterprise abstract and a pure business abstract from the enterprise business message, the first key is added into the enterprise abstract, the second key is added into the pure business abstract, the pure business abstract message is sent to a review queue, and the enterprise abstract is stored in an enterprise list;
an examiner randomly obtains a pure service abstract from the examination queue by calling the examination reading module, the examination reading module comprises an abstract restoring unit, the abstract restoring unit restores the rest parts of the pure service units except the second secret key into pure service information, the examiner carries out credibility examination on the pure service information and obtains an examination result, the examination result and the second secret key are packaged into a data packet together, and the data packet is sent to the examination result pairing module;
the examination result pairing module comprises a key pairing device, the key pairing device can obtain a unique correct pairing result after calculating a pair of first key and second key generated by the key generator, if the first key and/or the second key are slightly changed, the calculation result of the key pairing device has a huge gap with the correct pairing result, the examination result pairing module sequentially obtains the first key data in the enterprise abstract from the enterprise list and performs pairing calculation by using the key pairing device until the correct pairing result appears, the corresponding examination result and enterprise information are packaged and sent to a block chain to create a new block, and the block also comprises examination time information of the examination;
it should be noted that the review result pairing is unidirectional, that is, only the second key in the review result can be used to search the first key of the corresponding enterprise, and the first key of the enterprise is not used to search the second key in the review result;
the inspection result query module can obtain all inspection results and corresponding inspection time of the enterprise by querying corresponding enterprise information in the block chain, and is open to the public;
the enterprise access APIs can be called by a plurality of enterprises at the same time, when the enterprise verification unit successfully verifies one enterprise, a storage area is applied in the temporary storage unit, the address of the storage area is sent to the corresponding enterprise through the enterprise access API, the corresponding enterprise directly fills business information into the applied storage area, the phenomenon of business confusion when the enterprise access APIs are called by a plurality of enterprises at the same time is prevented, and when the business processing module calls the enterprise business information from the temporary storage unit, the temporary storage unit performs memory logout on the corresponding storage area, so that other enterprises can use the memory continuously;
the first key generated by the key generator is stored in a key record table to prevent the generation of a repeated first key, the first key is marked as A, the key generator performs hash operation H (A) on the first key A to obtain data B, and then a matching number C is calculated by an enumeration method, wherein the matching number C satisfies the following equation:
H(A+B+C)=D+C;
the data D is the first few bits of data of the hash result, the data C is the last few bits of data of the hash result, the sum of the bits of the data D and the data C is the bit of the hash result, and D + C forms a second key E;
the digit of the matching number C can be set, and the higher the digit is, the higher the safety degree is;
the key pairing device obtains a second key E in an examination result, meanwhile, the last bits of the second key are intercepted according to the number of the matching number to obtain a matching number C, the key pairing device obtains a first key A from an enterprise list, hash operation is carried out on the first key A to obtain data B, hash operation is carried out on A + B + C, if the result is consistent with the second key E, pairing is successful, and if the result is not consistent with the second key E, the next first key is obtained for verification;
the key pairing device has the same calculation principle as the key generator, except that the key generator consumes a large amount of calculation workload for calculating the matching number C, and the key pairing device carries out verification calculation on different first keys, so that the calculation workload is small;
the key generator can work independently, a plurality of pairs of keys are generated in advance by using idle computing capacity, the number of the system pair keys is provided with an interval, when the number of the keys is larger than the interval, the key generator stops generating the keys, and when the number of the keys is smaller than the interval, the key generator starts generating the keys, so that an enterprise can provide enough keys when inputting services;
the extraction unit replaces private parts appearing in enterprise information by aliases, for example, enterprise E or company F replaces specific enterprises or companies, the extraction unit converts business information after alias replacement into ciphertext, then compresses the converted ciphertext into a business abstract, and the extraction unit directly compresses original information of an enterprise to be examined into the enterprise abstract;
the service processing module further comprises a virtual service digest creating unit, the virtual service digest creating unit can create a virtual service digest with true or false reliability by using historical service records, when only one service to be examined exists in the examination queue, the virtual creating unit will create a plurality of virtual service digests including true and false, the virtual service and the service to be examined in the examination queue have service correlation, the virtual service digest includes a virtual key, the virtual key is obtained from a virtual key library, the virtual key library is provided with a plurality of virtual keys and ensures that a second key generated by the key generator is not repeated with the virtual key, if the second key generated by the key generator appears in the virtual key library, the virtual key is deleted in the virtual key library and a new virtual key is created again, the examination result pairing module performs virtual identification on the key of the examination result data packet, and if the key is the virtual key in the virtual key database, the examination result is directly deleted without performing subsequent pairing operation;
the examination reading module reads not less than three pure service abstracts at one time from the examination queue, if only one real pure service abstract exists in the examination queue, the read pure service abstracts comprise a virtual service abstract with true credibility, a virtual service abstract with false credibility and a real pure service abstract, examination results of a plurality of services and corresponding keys are packaged and sent to the examination result pairing module after examination of all the read services is completed by an examiner, and the number of the read services is consistent with the number of the services in an examination result data packet;
when the audit opinions of the auditors on the pure service information need to be answered by corresponding enterprise personnel, the system can create an exchange unit, the audit opinions of the auditors are sent to the exchange unit, a second secret key is arranged in the exchange unit, a corresponding enterprise and an enterprise access API called by the enterprise are found by using the second secret key and a secret key matching device, the audit opinions are forwarded to the corresponding enterprise through the enterprise access API, the enterprise sends service supplementary materials to the exchange unit, an audit reading module obtains the service supplementary materials from the exchange unit, the auditors and the enterprise are unknown to the other party in the whole exchange process, and the condition of privacy disclosure in the audit process is prevented;
after auditing by auditors is finished, packaging all auditing opinions and information in an exchange unit generated in an auditing process into an auditing process data packet, signing the auditing process data packet by the auditors, sending the signed auditing process data packet to a block chain to create a new block, wherein an auditing result and an auditing process are in two different block chains, automatically destroying the exchange unit after the information in the exchange unit is packaged, and finding out specific auditors through the block chain in the auditing process when enterprises have disagreements on the auditing result and relate to the auditors, wherein the checking permission level of the block chain in the auditing process is very high, and the permission can be called for checking only when legal disputes are related;
the number of the service abstracts which can be stored in the review queue is N, the service processing module stores the service abstracts into the review queue according to a function P (), the review reading module reads the service abstracts from the review queue according to a function Q (), and the expression of the function P () is as follows:
wherein n is the number of the stored service abstracts in the examination queue, w (i) represents the space sequence number of the ith service stored in the examination queue, and the calculation result of P () represents the position sequence of the service to be stored in the rest space sequence number;
for example, if the space number of the first stored service in the audit queue is 5, the space number of the second stored service is 3, and the space number of the third stored service is 8, w (1) =5, w (2) =3, and w (3) =8, if N is 10, P () is 4, and the stored space number is 6;
the expression of the function Q () is:
the calculation result of Q () represents the position sequence of the service to be read in the stored sequence number of the air;
by the method, randomness and no correlation between service storage and service reading can be ensured, and the privacy of the service is protected.
Although the invention has been described above with reference to various embodiments, it should be understood that many changes and modifications may be made without departing from the scope of the invention. That is, the methods, systems, and devices discussed above are examples. Various configurations may omit, substitute, or add various procedures or components as appropriate. For example, in alternative configurations, the methods may be performed in an order different than that described, and/or various components may be added, omitted, and/or combined. Moreover, features described with respect to certain configurations may be combined in various other configurations, as different aspects and elements of the configurations may be combined in a similar manner. Further, elements therein may be updated as technology evolves, i.e., many elements are examples and do not limit the scope of the disclosure or claims.
Specific details are given in the description to provide a thorough understanding of the exemplary configurations including implementations. However, configurations may be practiced without these specific details, for example, well-known circuits, processes, algorithms, structures, and techniques have been shown without unnecessary detail in order to avoid obscuring the configurations. This description provides example configurations only, and does not limit the scope, applicability, or configuration of the claims. Rather, the foregoing description of the configurations will provide those skilled in the art with an enabling description for implementing the described techniques. Various changes may be made in the function and arrangement of elements without departing from the spirit or scope of the disclosure.
In conclusion, it is intended that the foregoing detailed description be regarded as illustrative rather than limiting, and that it be understood that these examples are illustrative only and are not intended to limit the scope of the invention. After reading the description of the invention, the skilled person can make various changes or modifications to the invention, and these equivalent changes and modifications also fall into the scope of the invention defined by the claims.
Claims (4)
1. A credible examination system for protecting business privacy comprises an examined access module, an examination reading module, an examination result query module, a business processing module and an examination result pairing module, wherein an examined enterprise calls the examined access module to input a business to be examined into the system, the business processing module performs enterprise-business separation on the input business and sends separated pure business information to an examination queue, the examination reading module acquires the pure business information from the examination queue to perform credibility examination, the examination result pairing module pairs credibility results of the pure business with the affiliated enterprise and records the credibility results into a block chain, and the examination result query module queries credibility results of corresponding enterprises through the block chain;
the business processing module is characterized by comprising a abstracting unit and a key generator, wherein the abstracting unit extracts an enterprise abstract and a pure business abstract from enterprise business information, the key generator generates a pair of a first key and a second key, the first key is added into the enterprise abstract, and the second key is added into the pure business abstract; the first key is randomly generated and marked as A, Hash operation H (A) is carried out on the first key A to obtain data B, and the key generator calculates a matching number C so that the matching number C meets the following requirements:
H(A+B+C)=D+C;
d + C is a second key E, D is the first few bits of data of the second key, and C is the last few bits of data of the second key;
the second key in the pure service abstract and the examination result are packaged and sent to the examination result pairing module, and the examination result pairing module finds out corresponding enterprise information from the enterprise abstract according to the second key;
the examination result pairing module comprises a key pairing device, the key pairing device obtains a matching number C from the second key, performs hash operation on a first key A obtained from the enterprise abstract to obtain data B, compares the hash operation result of A, B, C with the second key, and if the result is consistent, the pairing is successful, and if the result is inconsistent, the pairing verification is performed on the first key of the next enterprise abstract;
wherein, the service processing module stores the service abstract into the examination queue according to a function P (), and the expression of the function P () is:
wherein N is the number of the stored service summaries in the review queue, N is the number of the service summaries which can be stored in the review queue, w (i) represents the space sequence number of the i-th service stored in the review queue, and the calculation result of P () represents the position sequence of the service which needs to be stored in the rest space sequence number.
2. The trusted auditing system for protecting service privacy according to claim 1, where said auditing and reading module reads the service digest from the auditing queue according to a function Q (), where the expression of function Q () is:
wherein, the calculation result of Q () represents the position sequence of the service to be read in the stored inter-bit sequence number.
3. The credible examination system for protecting business privacy as claimed in claim 2, wherein examination process data of examiners are packed into data packets and sent to a process block chain, the process block chain and the block chain for storing examination results are two different block chains, the result block chain is open to the public, and the process block chain is only open to part of high-level authorities.
4. A computer-readable storage medium, characterized in that the computer-readable storage medium includes a trusted audit system program for protecting business privacy, and when the trusted audit system program for protecting business privacy is executed by a processor, the steps of a trusted audit system for protecting business privacy according to any one of claims 1 to 3 are implemented.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110713949.6A CN113254979B (en) | 2021-06-26 | 2021-06-26 | Credible examination system for protecting business privacy and computer storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110713949.6A CN113254979B (en) | 2021-06-26 | 2021-06-26 | Credible examination system for protecting business privacy and computer storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113254979A true CN113254979A (en) | 2021-08-13 |
| CN113254979B CN113254979B (en) | 2021-09-24 |
Family
ID=77189747
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110713949.6A Active CN113254979B (en) | 2021-06-26 | 2021-06-26 | Credible examination system for protecting business privacy and computer storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113254979B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117272355A (en) * | 2023-11-22 | 2023-12-22 | 杭州绿云软件股份有限公司 | Personal information management system and method |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1474310A (en) * | 2002-08-05 | 2004-02-11 | 梁志伟 | Message characteristic extracting method for information completeness correction |
| US20060059026A1 (en) * | 2004-08-24 | 2006-03-16 | Oracle International Corporation | Compliance workbench |
| CN103634283A (en) * | 2012-08-24 | 2014-03-12 | 腾讯科技(深圳)有限公司 | Feedback method of audit result and cloud server |
| CN106453268A (en) * | 2016-09-21 | 2017-02-22 | 四川大学 | Method for realizing express privacy protection in the logistics process |
| CN108573737A (en) * | 2017-12-25 | 2018-09-25 | 北京金山云网络技术有限公司 | A kind of storage method of electronic health record, device, equipment and storage medium |
| CN109492981A (en) * | 2018-09-14 | 2019-03-19 | 龙马智芯(珠海横琴)科技有限公司 | The checking method and device of information |
| CN110489945A (en) * | 2019-07-26 | 2019-11-22 | 山东科技大学 | A kind of biographic information protection and retroactive method of divulging a secret |
| JP2019212083A (en) * | 2018-06-06 | 2019-12-12 | Zホールディングス株式会社 | Information providing apparatus, information providing method, and program |
| CN111783144A (en) * | 2020-08-20 | 2020-10-16 | 支付宝(杭州)信息技术有限公司 | Data processing method and device based on block chain |
| CN112149112A (en) * | 2020-09-22 | 2020-12-29 | 京东方科技集团股份有限公司 | Enterprise information security management method based on authority separation |
| CN112613889A (en) * | 2020-12-25 | 2021-04-06 | 上海万向区块链股份公司 | Privacy protection method and system for enterprise DID identity system |
-
2021
- 2021-06-26 CN CN202110713949.6A patent/CN113254979B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1474310A (en) * | 2002-08-05 | 2004-02-11 | 梁志伟 | Message characteristic extracting method for information completeness correction |
| US20060059026A1 (en) * | 2004-08-24 | 2006-03-16 | Oracle International Corporation | Compliance workbench |
| CN103634283A (en) * | 2012-08-24 | 2014-03-12 | 腾讯科技(深圳)有限公司 | Feedback method of audit result and cloud server |
| CN106453268A (en) * | 2016-09-21 | 2017-02-22 | 四川大学 | Method for realizing express privacy protection in the logistics process |
| CN108573737A (en) * | 2017-12-25 | 2018-09-25 | 北京金山云网络技术有限公司 | A kind of storage method of electronic health record, device, equipment and storage medium |
| JP2019212083A (en) * | 2018-06-06 | 2019-12-12 | Zホールディングス株式会社 | Information providing apparatus, information providing method, and program |
| CN109492981A (en) * | 2018-09-14 | 2019-03-19 | 龙马智芯(珠海横琴)科技有限公司 | The checking method and device of information |
| CN110489945A (en) * | 2019-07-26 | 2019-11-22 | 山东科技大学 | A kind of biographic information protection and retroactive method of divulging a secret |
| CN111783144A (en) * | 2020-08-20 | 2020-10-16 | 支付宝(杭州)信息技术有限公司 | Data processing method and device based on block chain |
| CN112149112A (en) * | 2020-09-22 | 2020-12-29 | 京东方科技集团股份有限公司 | Enterprise information security management method based on authority separation |
| CN112613889A (en) * | 2020-12-25 | 2021-04-06 | 上海万向区块链股份公司 | Privacy protection method and system for enterprise DID identity system |
Non-Patent Citations (1)
| Title |
|---|
| 范煜: "《云环境下的数据审计技术研究》", 《中国优秀硕士学位论文全文数据库(信息科技辑)》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117272355A (en) * | 2023-11-22 | 2023-12-22 | 杭州绿云软件股份有限公司 | Personal information management system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113254979B (en) | 2021-09-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| RU2351978C2 (en) | Method for provision of data records set integrity | |
| CN108921696B (en) | Intelligent contract calling and contract transaction verification method based on block chain | |
| CN110263584B (en) | Block chain-based data integrity auditing method and system | |
| Yuchuan et al. | Enable data dynamics for algebraic signatures based remote data possession checking in the cloud storage | |
| Hacigümüş et al. | Ensuring the integrity of encrypted databases in the database-as-a-service model | |
| CN113139204B (en) | Medical data privacy protection method using zero-knowledge proof and shuffling algorithm | |
| Li et al. | A blockchain-based credible and secure education experience data management scheme supporting for searchable encryption | |
| Lee et al. | Sims: Self sovereign identity management system with preserving privacy in blockchain | |
| CN113254979B (en) | Credible examination system for protecting business privacy and computer storage medium | |
| Li et al. | Towards efficient verifiable boolean search over encrypted cloud data | |
| Fal’ | Standardization in information technology security | |
| He et al. | Enabling decentralized and dynamic data integrity verification for secure cloud storage via T-Merkle hash tree based blockchain | |
| JP4512697B2 (en) | Digital forensic maintenance equipment | |
| Ouyang et al. | Blockchain-Assisted Verifiable and Secure Remote Sensing Image Retrieval in Cloud Environment | |
| US11658824B2 (en) | Plagiarism detection from encrypted documents | |
| CN111539728B (en) | Method for realizing anonymization identity verification based on computer software | |
| Dewangan et al. | Enhanced Privacy and Security of Voters' Identity in an Interplanetary File System-Based E-Voting Process | |
| CN113536353A (en) | Private data processing method | |
| Geng et al. | Securing Relational Database Storage with Attribute Association Aware Shuffling | |
| CN111475690A (en) | Character string matching method and device, data detection method and server | |
| CN101227281A (en) | Dynamic anti stealing information and identification authenticating method | |
| He et al. | Multi-party privacy-preserving record linkage method based on trusted execution environment | |
| Bhavyasree et al. | Public Auditing To Provide Privacy Preservation Of Cloud Data Using Ring Signatures | |
| Rekha et al. | A holistic blockchain based IC traceability technique | |
| CN117499159B (en) | Block chain-based data transaction method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |