CN113609528A - Data authorization circulation method and system based on digital pass - Google Patents
Data authorization circulation method and system based on digital pass Download PDFInfo
- Publication number
- CN113609528A CN113609528A CN202110796028.0A CN202110796028A CN113609528A CN 113609528 A CN113609528 A CN 113609528A CN 202110796028 A CN202110796028 A CN 202110796028A CN 113609528 A CN113609528 A CN 113609528A
- Authority
- CN
- China
- Prior art keywords
- data
- management center
- authorization
- digital certificate
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 45
- 238000000034 method Methods 0.000 title claims abstract description 16
- 230000004888 barrier function Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention relates to the technical field of big data sharing, and discloses a data circulation method and a system based on user authorization, wherein the data authorization circulation system adopted by the method comprises the following steps: the system comprises a user side, a data demand side terminal, an authorization management center, a digital certificate management center and a data supply side terminal, wherein the user side is connected with the data demand side terminal through a data cable, and a data interface of the data demand side terminal is connected with the authorization management center, the digital certificate management center and the data supply side terminal through the data cable respectively. The invention solves the problem of how to ensure the safe, legal and accurate user authorization in the data circulation process, and improves the safety and the compliance of the data circulation.
Description
Technical Field
The invention relates to the technical field of big data sharing, in particular to a data circulation method and system based on user authorization.
Background
Currently, the main modes of data circulation can be divided into: point-to-point flow mode, star configuration flow mode. The point-to-point circulation mode is a data circulation system consisting of two nodes of a data supplier and a data demander, and the data supplier opens a data resource library to the demander according to the requirements and the convention rules of the demander to complete the transfer of circulation objects.
The star-structured circulation mode is a mode that one party is used as a data resource collector to collect and arrange data resources of all other data resource owners, and all the data resources are processed again and finally provided to all data resource demand parties.
In the above two modes, although data circulation can be realized, the following problems are encountered:
1. data abuse: without authorization of the user (data owner), the use of user data severely violates personal privacy. 2. Data barrier: data providers are often reluctant to provide data due to the fear of violating laws and regulations, which creates a data barrier. 3. The authorization mode is not accurate: at present, when part of data demand parties need to acquire user data, relevant protocols are displayed on the system of the data demand parties, and the user is requested to click an agreement button to obtain user authorization. The method does not verify the real identity of the user, and the possibility of clicking authorization by other agents exists.
Therefore, a more effective and effective data distribution scheme is needed to improve the safety and compliance of data distribution.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention provides a data authorization circulation method and a data authorization circulation system based on a digital pass.
In order to achieve the purpose, the invention adopts the following technical scheme:
a digital pass-based data authorization circulation system, comprising: the system comprises a user side, a data demand side terminal, an authorization management center, a digital certificate management center and a data supply side terminal, wherein the user side is connected with the data demand side terminal through a data cable, and a data interface of the data demand side terminal is connected with the authorization management center, the digital certificate management center and the data supply side terminal through the data cable respectively.
A data authorization circulation method based on digital pass comprises the following steps:
1) a user logs in a data demander system and selects business items to be handled;
2) the data demand party needs the third-party data to complete the transaction of business items and requests the user to authorize and agree to obtain the third-party data;
3) and the user performs real-name authentication and authorization agreement.
4) The data demand side requests the digital certificate management center to send the digital certificate of the user; the digital certificate management center issues a user digital certificate;
5) the data demander packages the digital pass, and the specific pass content is as follows:
data requestor name: the data demander names uniformly apply the acceptance platform;
service information: the name of the government affair service item, the handling of the motor vehicle driving license and the item coding;
the usage data: corresponding to the data content of the data provider, and the household registration information of the public security bureau;
the affair handling main body: personal identification number/enterprise unified credit code-encryption;
a manager: the enterprise is responsible for transacting the sponsor-ID card number of the business, encrypt;
handwritten signature/signature: and (3) handwriting signature pictures: a hash value containing service information;
time information: a digital pass generation time, a timestamp;
service flow number: a service flow number;
digital certificate ID: a digital certificate ID of the transacting principal;
signature: a signature generated using the digital certificate;
6) the data demand side sends a data calling request, and the request comprises a digital pass;
7) the authorization management center requests the digital certificate management center to verify the signature;
8) the authorization management center stores the digital pass;
9) the authorization management center forwards the data call request;
10) the data supplier generates receipt information, and sends the receipt information to the data demander through the authorization management center.
The invention has the following advantages due to the adoption of the technical scheme:
a data authorization circulation method and a system based on a digital pass solve the problem of how to ensure the safe, legal and accurate user authorization in the data circulation process by technical means in the data circulation process. The invention can be used for carrying out effective personal circulation authorization and safety protection on data circulation between governments and enterprises at present. The invention also comprises the design of the digital pass in the data circulation system, the use flow and the content of the digital pass. And the safety and the compliance of data circulation can be improved.
Drawings
FIG. 1 is a first flow chart of the data authorization flow of a digital pass;
Detailed Description
As shown in fig. 1, a data authorization circulation system based on digital pass includes: the system comprises a user side, a data demand side terminal, an authorization management center, a digital certificate management center and a data supply side terminal, wherein the user side is connected with the data demand side terminal through a data cable, and a data interface of the data demand side terminal is connected with the authorization management center, the digital certificate management center and the data supply side terminal through the data cable respectively.
A data authorization circulation method based on digital pass comprises the following steps:
1. and the user logs in the data demander system and selects the business items to be handled.
2. The data demander needs the third party data to complete the transaction of business items and requests the user to authorize and agree to acquire the third party data.
The specific application case is as follows: if the data demander is a real estate center, the business items may be real estate mortgage registration, real estate preview registration, and the like. If the data demander is a bank, the business transaction may be a personal consumption loan, etc.
3. And the user performs real-name authentication and authorization agreement.
4. The data demand side requests the digital certificate management center to send the digital certificate of the user. Digital certificate management center issues user digital certificate
5. The data demander packages the digital pass, and the specific pass content is shown in the following table.
6. And the data demand party sends a data calling request, wherein the request comprises the digital pass.
7. The authorization management center requests the digital certificate management center to verify the signature.
8. The authorization management center stores the digital pass.
9. Authorization management center forwarding data call request
10. The data supplier generates receipt information, and sends the receipt information to the data demander through the authorization management center.
Claims (2)
1. A data authorization circulation system based on digital pass is characterized in that: the method comprises the following steps: the system comprises a user side, a data demand side terminal, an authorization management center, a digital certificate management center and a data supply side terminal, wherein the user side is connected with the data demand side terminal through a data cable, and a data interface of the data demand side terminal is connected with the authorization management center, the digital certificate management center and the data supply side terminal through the data cable respectively.
2. A data authorization circulation method based on digital pass comprises the following steps:
the method is characterized in that:
1) a user logs in a data demander system and selects business items to be handled;
2) the data demand party needs the third-party data to complete the transaction of business items and requests the user to authorize and agree to obtain the third-party data;
3) the user carries out real-name authentication and authorization agreement;
4) the data demand side requests the digital certificate management center to send the digital certificate of the user; the digital certificate management center issues a user digital certificate;
5) the data demander packages the digital pass, and the specific pass content is as follows:
data requestor name: the data demander names uniformly apply the acceptance platform;
service information: the name of the government affair service item, the handling of the motor vehicle driving license and the item coding;
the usage data: corresponding to the data content of the data provider, and the household registration information of the public security bureau;
the affair handling main body: the personal identification number/enterprise unified credit code is encrypted;
a manager: the enterprise is responsible for transacting the business manager, the identity card number and encryption;
handwritten signature/signature: the handwritten signature picture comprises a hash value of the service information;
time information: a digital pass generation time, a timestamp;
service flow number: a service flow number;
digital certificate ID: a digital certificate ID of the transacting principal;
signature: a signature generated using the digital certificate;
6) the data demand side sends a data calling request, and the request comprises a digital pass;
7) the authorization management center requests the digital certificate management center to verify the signature;
8) the authorization management center stores the digital pass;
9) the authorization management center forwards the data call request;
10) the data supplier generates receipt information, and sends the receipt information to the data demander through the authorization management center.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110796028.0A CN113609528A (en) | 2021-07-14 | 2021-07-14 | Data authorization circulation method and system based on digital pass |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110796028.0A CN113609528A (en) | 2021-07-14 | 2021-07-14 | Data authorization circulation method and system based on digital pass |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113609528A true CN113609528A (en) | 2021-11-05 |
Family
ID=78337585
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110796028.0A Pending CN113609528A (en) | 2021-07-14 | 2021-07-14 | Data authorization circulation method and system based on digital pass |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113609528A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116720160A (en) * | 2023-08-02 | 2023-09-08 | 北京国际大数据交易有限公司 | Data authorization method, device and system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019047745A1 (en) * | 2017-09-06 | 2019-03-14 | 阿里巴巴集团控股有限公司 | Data sharing method, terminal apparatus and storage medium |
CN109714169A (en) * | 2018-12-20 | 2019-05-03 | 合肥晶奇智慧医疗科技有限公司 | It is a kind of based on the credible distribution platform of data strictly authorized and its circulation method |
CN111612443A (en) * | 2020-04-30 | 2020-09-01 | 沈阳数云科技有限公司 | Accumulation fund service handling method, system, equipment and readable storage medium |
CN112861089A (en) * | 2021-03-17 | 2021-05-28 | 北京数字医信科技有限公司 | Method, resource server, resource user side, device and medium for authorization authentication |
-
2021
- 2021-07-14 CN CN202110796028.0A patent/CN113609528A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019047745A1 (en) * | 2017-09-06 | 2019-03-14 | 阿里巴巴集团控股有限公司 | Data sharing method, terminal apparatus and storage medium |
CN109714169A (en) * | 2018-12-20 | 2019-05-03 | 合肥晶奇智慧医疗科技有限公司 | It is a kind of based on the credible distribution platform of data strictly authorized and its circulation method |
CN111612443A (en) * | 2020-04-30 | 2020-09-01 | 沈阳数云科技有限公司 | Accumulation fund service handling method, system, equipment and readable storage medium |
CN112861089A (en) * | 2021-03-17 | 2021-05-28 | 北京数字医信科技有限公司 | Method, resource server, resource user side, device and medium for authorization authentication |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116720160A (en) * | 2023-08-02 | 2023-09-08 | 北京国际大数据交易有限公司 | Data authorization method, device and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11973750B2 (en) | Federated identity management with decentralized computing platforms | |
CN108881290B (en) | Block chain based digital certificate use method, system and storage medium | |
WO2020108046A1 (en) | Cross-block chain interaction method and system, computer device, and storage medium | |
WO2023030450A1 (en) | Data sharing method and electronic device | |
CN107317678B (en) | A kind of electronics confirmation request processing method Internet-based and system | |
CN105407079A (en) | Novel terminal safety soft secret key management method | |
WO2023005838A1 (en) | Data sharing method and electronic device | |
CN109150800A (en) | Login access method, system and storage medium | |
CN112613006A (en) | Power data sharing method and device, electronic equipment and storage medium | |
CN109347865A (en) | A kind of user data authentication based on block chain technology deposits the method and system of card | |
WO2018210097A1 (en) | Method and device for execution transaction mode by classification | |
FI118832B (en) | Method and apparatus for providing service in a computer network | |
CN113609528A (en) | Data authorization circulation method and system based on digital pass | |
CN1510899A (en) | Mobile communication platform based on dynamic random mobile telephone pin identifying system | |
CN112541828B (en) | System, method, device, processor and storage medium for realizing open securities management and open securities API access control | |
Barlow et al. | Trust negotiation in electronic markets | |
CN111538973A (en) | Personal authorization access control system based on state cryptographic algorithm | |
CN111339036A (en) | Block chain-based electronic license full life cycle management method and device | |
CN113626880B (en) | Mobile interactive electronic signature method | |
CN115952484A (en) | Data circulation method, device and system based on trusted execution environment | |
CN114444130A (en) | Electronic certificate mutual trust and mutual authentication platform based on block chain | |
CN105933305A (en) | Master-slave password management method for information system | |
CN106534047A (en) | Information transmitting method and apparatus based on Trust application | |
CN104123636A (en) | Processing object processing method, system and equipment | |
US20230342789A1 (en) | Internet Data Usage Control System |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |