CN113438236B - Data full link tracing monitoring method - Google Patents
Data full link tracing monitoring method Download PDFInfo
- Publication number
- CN113438236B CN113438236B CN202110705183.7A CN202110705183A CN113438236B CN 113438236 B CN113438236 B CN 113438236B CN 202110705183 A CN202110705183 A CN 202110705183A CN 113438236 B CN113438236 B CN 113438236B
- Authority
- CN
- China
- Prior art keywords
- data
- trusted
- record
- pointer
- credible
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
A data full link tracing monitoring method belongs to the field of data processing. It includes: the data source end uploads a data file encryption record, a credible authentication encryption record, a secret key encryption record, and a related data file pointer, a credible pointer and credible data to a record block chain; the method comprises the steps that a data black box uploads a data acquisition record and a credible authentication record, a data operation end uploads the data operation record, and a block chain building block is recorded, wherein the content of the block comprises a data file encryption record, a credible authentication encryption record, a secret key encryption record, a data acquisition record, a credible authentication record, a data operation record, and a related data file pointer, a credible pointer and credible data. Through operation record uploading, the purposes of operation backtracking and data monitoring can be achieved, and therefore the safety of data operation is improved.
Description
Technical Field
The invention relates to the technical field of data processing, in particular to a data full link tracing monitoring method.
Background
The digital audit requires realization of audit full coverage, full audit and cross-domain audit, large data integration and aggregation are required to be performed on professional data such as company personal data, financial data, marketing data, engineering data, material data and the like, audit intermediate data have the characteristics of mass (stock data 430TB, incremental data 340 GB), diversity (structured data, semi-structured data, unstructured data), reality (data integrity and accuracy are guaranteed), a plurality of service information systems are involved, along with expansion of audit coverage, the data capacity of an audit intermediate table is larger and larger, the difficulty in safety management of mass data is high, responsibility is high, and it is urgently needed to apply advanced technical means to guarantee data safety. For this reason, it is necessary to encrypt the financial data and record the data acquisition behavior and the operation behavior so as to monitor the data.
Disclosure of Invention
The invention aims to provide a data full link tracing monitoring method to improve the safety of data operation.
The technical scheme of the invention is as follows:
a data full link tracing monitoring method comprises the following steps: the data source end uploads a data file encryption record, a credible authentication encryption record, a secret key encryption record, and a related data file pointer, a credible pointer and credible data to a record block chain; the data black box uploads a data acquisition record and a credible authentication record to a recording block chain, the data operation end uploads a data operation record to the recording block chain, the recording block chain establishes a block, and the block content comprises a data file encryption record, a credible authentication encryption record, a secret key encryption record, a data acquisition record, a credible authentication record, a data operation record, and a related data file pointer, a credible pointer and credible data.
Preferably, the data source end uploads the data file pointer and the encrypted data file to the data console.
Further, the data black box acquires the encrypted data file from the data middlebox according to the data file pointer and generates a data acquisition record.
Preferably, the data source end uploads the trusted pointer and the trusted data to the trusted authentication center in a correlated manner, and the trusted authentication center is used for operating the trusted pointer random generator.
Preferably, the trusted authentication center further stores a master key MK and a public parameter PK, the data source generates a symmetric key K, and obtains the public parameter PK from the trusted authentication center, and generates a key EK based on the symmetric key K, the public parameter PK and the access structure tree T, the data blackbox sends the access attribute set a to the trusted authentication center, the trusted authentication center generates a private key SK based on the master key MK, the public parameter PK and the access attribute set a, and sends the private key SK to the data blackbox, and the data blackbox uses the private key SK to decrypt the key EK, so as to obtain the symmetric key K.
Still further preferably, the data black box acquires an encrypted data file from a data staging platform according to a data file pointer, acquires a trusted pointer and trusted data from a recording block chain according to the data file pointer, and uses the symmetric key K to decrypt the encrypted data file to generate second data; and encrypting the second data based on the trusted pointer, generating and sending trusted verification data to a trusted authentication center, comparing the trusted data with the trusted verification data by the trusted authentication center, returning a comparison result, outputting the comparison result by the data black box and generating a trusted authentication record, wherein the comparison result is first information if the trusted data is equal to the trusted verification data, and the comparison result is second information if the trusted data is not equal to the trusted verification data. The first information expresses the trustworthy meaning of the second data and the second information expresses the suspect meaning of the second data.
Preferably, the data source end obtains a symmetric key K, symmetrically encrypts the first data, and generates content encrypted data and a data file encrypted record; encrypting the first data based on the trusted pointer to generate trusted data and a trusted authentication encryption record; and encrypting the symmetric key K based on the public parameter PK and the attribute of the access structure tree T to generate an encryption key EK and an encryption record of the key EK, wherein the encryption key EK corresponds to at least one private key SK, and the first data uniquely corresponds to the data file pointer.
Preferably, the data source obtains a trusted pointer, where the trusted pointer is a first-level root of trust RT 1 Combining the first data and the primary root of trust RT 1 Calculating a digest value H of first combined data for the first combined data using a digest processing method 2 Let the second level trusted root RT 2 =H 2 The secondary root of trust RT 2 Is the trusted data.
The invention has the beneficial effects that:
1. through uploading the operation records, the purposes of operation backtracking and data monitoring can be realized, and therefore the safety of data operation is improved.
2. The data file pointer is matched with the data file, so that the data file can be stored in a centralized manner, such as in a data center, and the data security is improved.
3. The trusted pointer randomly generated by the trusted authentication center can enable data to form unique data, so that trusted authentication is realized conveniently, and the security of the data is improved.
4. The symmetric key K is encrypted to form the key EK, so that the symmetric key K is convenient to spread under the condition of improving the security, and the data security is improved.
5. The decryption and the credible authentication of the encrypted data file improve the safety of the data under the condition of avoiding data leakage.
Detailed Description
The following examples are presented to illustrate the present invention and to assist those skilled in the art in understanding and practicing the present invention. Unless otherwise indicated, the following embodiments and technical terms therein should not be understood to depart from the background of the technical knowledge in the technical field.
In the present invention, the association of data means that two or more data are associated. A pointer refers to a set of data that uniquely points to another set of data, which is similar to a data ID, i.e., a data ID uniquely points to the data to which it corresponds.
Invention 1
A data encryption method comprises a data encryption step, a data credible encryption step and a decryption secret key encryption step.
In the Data encryption step, a pair of symmetric keys K is randomly generated using the national cryptographic algorithm SM4, the first Data is symmetrically encrypted, and the content encrypted Data ED, ED = Encrypt (Data, K) is generated.
In the Data credible encryption step, the first Data is encrypted based on the credible pointer to generate credible encrypted Data. Wherein, the trusted pointer is a random number. Specifically, a primary root of trust RT is obtained 1 Combining the first data and the primary root of trust RT 1 Calculating the abstract value H of the first combined data by using an abstract processing method for the first combined data 2 Let the second level root of trust RT 2 =H 2 The trusted encryption data comprises the associated primary root of trust RT 1 And the secondary root of trust RT 2 . Wherein, the first level trusted root RT 1 To be credibleA pointer. In addition, another method may be adopted. Specifically, the abstract processing method is used for calculating the abstract value H of the first data 1 (ii) a Obtaining a first level root of trust RT 1 Combining said digest value H 1 And the primary root of trust RT 1 Calculating the abstract value H of the first combined data by using the abstract processing method for the first combined data 2 Let the second level root of trust RT 2 =H 2 The trusted encryption data comprises the associated primary root of trust RT 1 And the secondary root of trust RT 2 . Among them, the first level trusted root RT 1 Is a trusted pointer.
And a secret key decryption step, namely establishing a master secret key MK, a public parameter PK, an access structure tree T and an access attribute set A, encrypting a symmetric secret key K based on the public parameter PK and the access structure tree T attribute, and generating an access secret key EK, wherein EK = Encrypt (K, PK, T). The access secret key EK corresponds to at least one access secret key SK, the access secret key SK is generated based on the master secret key MK, the public parameter PK and the access attribute set a, SK = (MK, PK, a). The access structure tree T is used to define access rights of data, specifically, types that can be questioned, cannot be accessed, and the like.
In use, the content encryption data ED and the first data pointer may be stored in association within the data center. First level root of trust RT 1 May be generated by a trusted authority, the master key MK, the public parameter PK, and the associated primary root of trust RT 1 And secondary root of trust RT 2 May be stored in the trusted authentication center, and the private key SK may also be generated by the trusted authentication center. Encryption behavior of data encryption steps, trusted encryption behavior of data trusted encryption steps and associated first data pointer and primary root of trust RT involved in using a data encryption method 1 And an encryption behavior such as a decryption key encryption step can construct a block and place the block in the recording block linkage. Wherein the first data pointer uniquely corresponds to the first data.
Invention 2
A method of decrypting data comprising the steps of:
and acquiring an access secret key EK, and decrypting the access secret key EK by using the access secret key SK to obtain a symmetric key K. The access secret key EK is obtained by encrypting a symmetric key K based on a public parameter PK and an access structure tree T attribute, and the access secret key SK is generated based on a master key MK, the public parameter PK and an access attribute set A.
And acquiring content encrypted data, and decrypting the content encrypted data by using the symmetric key K to obtain second data.
And acquiring a trusted pointer and trusted encryption data according to the first data pointer, encrypting the second data based on the trusted pointer to generate trusted verification data, comparing the trusted encryption data with the trusted verification data, wherein if the trusted encryption data is equal to the trusted verification data, the second data is equal to the first data, and if the trusted encryption data is not equal to the trusted verification data, the second data is different from the first data. Specifically, the trusted pointer is a first-level root of trust RT 1 The generation method of the credible verification data comprises the following steps: processing the combined second data and the primary root of trust RT using a digest processing method 1 Obtaining a second grade proof root RT 2 ', second level proof root RT 2 ' is trusted authentication data. In addition, the generation method of the trusted verification data may further be: calculating a summary value H 'of the second data by using a summary processing method' 1 Combining the digest value H' 1 And the primary root of trust RT 1 Calculating a digest value H 'of the second combined data using the digest processing method for the second combined data' 2 Let the second level verify the root RT 2 ′=H′ 2 The secondary verification root RT 2 ' is trusted authentication data.
The first data pointer uniquely corresponds to the first data, and the content encryption data is obtained by encrypting the first data by using a symmetric key K.
In this embodiment, the content encryption data and the first data pointer are stored in association in the data center, the first data pointer and the trusted pointer are stored in association in a block of a record block chaining contract, the trusted pointer and the trusted encryption data are stored in association in the trusted authentication center, and the trusted encryption data and the trusted verification data are compared in the trusted authentication center, in which the comparison method is: and sending the credible verification data and the credible pointer to a credible authentication center in an associated manner, comparing the credible encryption data and the credible verification data by the credible authentication center based on the credible pointer, returning a comparison result, returning first information if the credible encryption data is equal to the credible verification data, and returning second information if the credible encryption data is not equal to the credible verification data. The first information expresses that the second data is authentic, and the second information expresses that the second data is in doubt.
In this embodiment, the digest processing method is a Hash algorithm.
In addition, the trusted encryption data and the trusted verification data may be compared locally, and at this time, the first data pointer, the trusted encryption data, and the trusted pointer are stored in association in the block of the record block chaining contract.
And during data operation, if the second data is equal to the first data, performing data operation by using the second data. If the second data is different from the first data, the first data is reapplied.
Invention 3 data monitoring assembly
A method of data monitoring, comprising:
the data source end uploads the data file encryption record, the credible authentication encryption record, the secret key encryption record, and the associated data file pointer, credible pointer and credible data to the record block chain;
the data black box uploads the data acquisition record and the credible authentication record to a record block chain;
the data operation end uploads a data operation record to the recording block chain;
and recording a block chain establishing block, wherein the content of the block comprises a data file encryption record, a credible authentication encryption record, a key encryption record, a data acquisition record, a credible authentication record, a data operation record, and an associated data file pointer, a credible pointer and credible data.
In this embodiment, the data source end uploads the data file pointer and the encrypted data file to the data middlebox. And the data black box acquires the encrypted data file from the data middling station according to the data file pointer and generates a data acquisition record.
In this embodiment, the data source further associates and uploads the trusted pointer and the trusted data to the trusted authentication center, where the trusted authentication center is configured to operate the trusted pointer random generator, and the pointer random generator is configured to generate the random trusted pointer. And the association uploading refers to uploading the data to a target position after associating.
In this embodiment, the trusted authentication center further stores a master key MK and a public parameter PK, the data source end generates a symmetric key K, and obtains the public parameter PK from the trusted authentication center, and generates a key EK based on the symmetric key K, the public parameter PK and the access structure tree T, where EK = Encrypt (K, PK, T). The data black box sends the access attribute set A to the trusted authentication center, and the trusted authentication center generates a private key SK, SK = (MK, PK, A) based on a master key MK, public parameters PK and the access attribute set A. The trusted authentication center sends the private key SK to the data black box, and the data black box uses the private key SK to decrypt the secret key EK to obtain the symmetric secret key K. The data black box acquires an encrypted data file from the data staging according to the data file pointer, acquires a trusted pointer and trusted data from the recording block chain according to the data file pointer, and uses the symmetric secret key K to decrypt the encrypted data file to generate second data; and encrypting second data based on the trusted pointer, generating and sending trusted verification data to a trusted authentication center, comparing the trusted data with the trusted verification data by the trusted authentication center, returning a comparison result, outputting the comparison result by the data black box and generating a trusted authentication record, wherein the comparison result is first information if the trusted data is equal to the trusted verification data, and the comparison result is second information if the trusted data is not equal to the trusted verification data. The first information expresses the trustworthy meaning of the second data and the second information expresses the suspect meaning of the second data.
In the embodiment, a data source end obtains a symmetric key K, symmetrically encrypts first data, and generates content encrypted data and a data file encrypted record; encrypting the first data based on the trusted pointer to generate trusted data and a trusted authentication encryption record; and encrypting the symmetric key K based on the public parameter PK and the attribute of the access structure tree T to generate an access key EK and a key encryption record, wherein the access key EK corresponds to at least one access key SK, and the first data uniquely corresponds to the data file pointer.
In this embodiment, the data source end obtains a trusted pointer, where the trusted pointer is a first-level root of trust RT 1 Combining the first data with the primary root of trust RT 1 Calculating the abstract value H of the first combined data by using an abstract processing method for the first combined data 2 Let the second level trusted root RT 2 =H 2 The secondary root of trust RT 2 Is trusted data.
The data operation record is the record generated by the data operation end in the process of operating the second data.
The present invention is described in detail with reference to the examples. It should be understood that in practice the description of all possible embodiments is not exhaustive and that the inventive concepts are described herein as far as possible by way of illustration. Without departing from the inventive concept of the present invention and without any creative work, a person skilled in the art should, in all of the embodiments, make optional combinations of technical features and experimental changes of specific parameters, or make a routine replacement of the disclosed technical means by using the prior art in the technical field to form specific embodiments, which belong to the content implicitly disclosed by the present invention.
Claims (8)
1. A data full link tracing monitoring method is characterized by comprising the following steps:
the data source end uploads the data file encryption record, the credible authentication encryption record, the secret key encryption record, and the associated data file pointer, credible pointer and credible data to the record block chain;
the data black box uploads a data acquisition record and a credible authentication record to a recording block chain;
the data operation end uploads a data operation record to the recording block chain;
recording a block chain establishing block, wherein the block content comprises a data file encryption record, a credible authentication encryption record, a secret key encryption record, a data acquisition record, a credible authentication record, a data operation record, and an associated data file pointer, a credible pointer and credible data; the trusted pointer is a first-level trusted root RT 1 Combining the first data with the primary root of trust RT 1 Calculating a digest value H of first combined data for the first combined data using a digest processing method 2 Let the second level root of trust RT 2 =H 2 The secondary root of trust RT 2 Is the trusted data.
2. The method for full link trace-back monitoring of data of claim 1, wherein the data source side uploads a data file pointer and an encrypted data file to a data middlebox.
3. The method for full link trace-back monitoring of data according to claim 2, wherein the data black box obtains an encrypted data file from the data middlebox according to a data file pointer and generates a data obtaining record.
4. The method for full link retroactive monitoring of data of claim 1, wherein the data source end association uploads a trusted pointer and trusted data to a trusted certificate authority, the trusted certificate authority being configured to run a trusted pointer random generator.
5. The method for full-link data tracing monitoring according to claim 4, wherein the trusted authentication center further stores a master key MK and a public parameter PK, the data source generates a symmetric key K, acquires the public parameter PK from the trusted authentication center, generates a key EK based on the symmetric key K, the public parameter PK and the access structure tree T, the data black box sends the access attribute set a to the trusted authentication center, the trusted authentication center generates a private key SK based on the master key MK, the public parameter PK and the access attribute set a, sends the private key SK to the data black box, and the data black box uses the private key SK to unscramble the key EK to obtain the symmetric key K.
6. The full-link data tracing monitoring method according to claim 5, wherein the data black box obtains an encrypted data file from a data relay according to a data file pointer, obtains a trusted pointer and trusted data from a recording block chain according to the data file pointer, and uses the symmetric key K to decrypt the encrypted data file and generate second data; encrypting the second data based on the trusted pointer, generating and sending trusted verification data to a trusted authentication center, comparing the trusted data with the trusted verification data by the trusted authentication center, returning a comparison result, outputting the comparison result by the data black box and generating a trusted authentication record, wherein if the trusted data is equal to the trusted verification data, the comparison result is first information, and if the trusted data is not equal to the trusted verification data, the comparison result is second information; the first information expresses the trustworthy meaning of the second data and the second information expresses the suspect meaning of the second data.
7. The data full-link tracing monitoring method according to claim 1, characterized in that the data source end obtains a symmetric key K, symmetrically encrypts the first data, and generates content encrypted data and a data file encrypted record; encrypting the first data based on the trusted pointer to generate trusted data and a trusted authentication encryption record; and encrypting the symmetric key K based on the public parameter PK and the attribute of the access structure tree T to generate an encryption key EK and an encryption record of the key EK, wherein the encryption key EK corresponds to at least one private key SK, and the first data uniquely corresponds to the data file pointer.
8. The full-link trace-back monitoring method of data of claim 7, wherein the data source obtains a trusted pointer.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110705183.7A CN113438236B (en) | 2021-06-24 | 2021-06-24 | Data full link tracing monitoring method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110705183.7A CN113438236B (en) | 2021-06-24 | 2021-06-24 | Data full link tracing monitoring method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113438236A CN113438236A (en) | 2021-09-24 |
CN113438236B true CN113438236B (en) | 2022-11-18 |
Family
ID=77755323
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110705183.7A Active CN113438236B (en) | 2021-06-24 | 2021-06-24 | Data full link tracing monitoring method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113438236B (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107977789A (en) * | 2017-12-05 | 2018-05-01 | 国网河南省电力公司南阳供电公司 | Based on the audit work method under big data information |
CN109040045A (en) * | 2018-07-25 | 2018-12-18 | 广东工业大学 | A kind of cloud storage access control method based on the encryption of ciphertext policy ABE base |
CN109768987A (en) * | 2019-02-26 | 2019-05-17 | 重庆邮电大学 | A kind of storage of data file security privacy and sharing method based on block chain |
CN109831305A (en) * | 2019-01-11 | 2019-05-31 | 如般量子科技有限公司 | Anti- quantum calculation label decryption method and system based on unsymmetrical key pond |
US10673617B1 (en) * | 2018-04-24 | 2020-06-02 | George Antoniou | Methods, system and point-to-point encryption device microchip for AES-sea 512-bit key using identity access management utilizing blockchain ecosystem to improve cybersecurity |
CN111526200A (en) * | 2020-04-27 | 2020-08-11 | 远光软件股份有限公司 | Data storage access method and system based on block chain and cloud platform |
CN112765650A (en) * | 2021-01-05 | 2021-05-07 | 西安电子科技大学 | Attribute-based searchable encryption block chain medical data sharing method |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105141574B (en) * | 2015-06-12 | 2018-02-23 | 深圳大学 | A kind of cloud storage ciphertext access control system and method based on form attributes |
US10965527B2 (en) * | 2019-03-08 | 2021-03-30 | Ciena Corporation | Registering collaborative configuration changes of a network element in a blockchain ledger |
CN111327620B (en) * | 2020-02-27 | 2021-04-27 | 福州大学 | Data security traceability and access control system under cloud computing framework |
-
2021
- 2021-06-24 CN CN202110705183.7A patent/CN113438236B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107977789A (en) * | 2017-12-05 | 2018-05-01 | 国网河南省电力公司南阳供电公司 | Based on the audit work method under big data information |
US10673617B1 (en) * | 2018-04-24 | 2020-06-02 | George Antoniou | Methods, system and point-to-point encryption device microchip for AES-sea 512-bit key using identity access management utilizing blockchain ecosystem to improve cybersecurity |
CN109040045A (en) * | 2018-07-25 | 2018-12-18 | 广东工业大学 | A kind of cloud storage access control method based on the encryption of ciphertext policy ABE base |
CN109831305A (en) * | 2019-01-11 | 2019-05-31 | 如般量子科技有限公司 | Anti- quantum calculation label decryption method and system based on unsymmetrical key pond |
CN109768987A (en) * | 2019-02-26 | 2019-05-17 | 重庆邮电大学 | A kind of storage of data file security privacy and sharing method based on block chain |
CN111526200A (en) * | 2020-04-27 | 2020-08-11 | 远光软件股份有限公司 | Data storage access method and system based on block chain and cloud platform |
CN112765650A (en) * | 2021-01-05 | 2021-05-07 | 西安电子科技大学 | Attribute-based searchable encryption block chain medical data sharing method |
Non-Patent Citations (2)
Title |
---|
基于区块链网络的医疗记录安全储存访问方案;徐健等;《计算机应用》;20190121(第05期);全文 * |
基于属性基加密的区块链数据共享模型;张晓东,等;《计算机研究与应用》;20210413;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN113438236A (en) | 2021-09-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110430161B (en) | Unsupervised data anonymous sharing method and system based on block chain | |
CN112150147A (en) | Data security storage system based on block chain | |
CN102075544A (en) | Encryption system, encryption method and decryption method for local area network shared file | |
CN108833440B (en) | Block chain-based network security audit system and network security audit method | |
CN104580250A (en) | System and method for authenticating credible identities on basis of safety chips | |
CN112702318A (en) | Communication encryption method, decryption method, client and server | |
CN109150923A (en) | Transmitted data on network security processing based on Hybrid Encryption | |
CN113420319A (en) | Data privacy protection method and system based on block chain and permission contract | |
CN106790261A (en) | Distributed file system and the method for certification communication between its interior joint | |
CN112954039B (en) | Block chain evidence-storing method | |
CN104410493A (en) | Data security storage and reading method based on distributed system infrastructure | |
CN113204757A (en) | Information interaction method, device and system | |
US20240143727A1 (en) | Device authentication method and system, iot device and authentication server | |
CN108132977A (en) | Ciphertext database querying method and system based on vertical division | |
CN112368974A (en) | Method for securing data exchange in a distributed infrastructure | |
CN112583772B (en) | Data acquisition and storage platform | |
WO2024139926A1 (en) | Grading processing, encryption, and verification method for rail transit data, and system | |
CN113438236B (en) | Data full link tracing monitoring method | |
CN117574447A (en) | Data storage evidence and traceability system based on blockchain technology | |
CN110516451B (en) | Block chain-based derived ciphertext piece secret level change and decryption reminding notification method | |
CN113326529A (en) | Decentralized architecture unifying method based on trusted computing | |
CN111222118B (en) | Certification information generation and query method based on alliance chain | |
CN113434862B (en) | Data black box type credible calculation method | |
CN111464549A (en) | Computer network information security event processing method | |
CN108768958B (en) | Verification method for data integrity and source based on no leakage of verified information by third party |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |