CN114064800A - User asset view calculation method, system, computer device and storage medium - Google Patents

User asset view calculation method, system, computer device and storage medium Download PDF

Info

Publication number
CN114064800A
CN114064800A CN202111230871.9A CN202111230871A CN114064800A CN 114064800 A CN114064800 A CN 114064800A CN 202111230871 A CN202111230871 A CN 202111230871A CN 114064800 A CN114064800 A CN 114064800A
Authority
CN
China
Prior art keywords
asset
calculation
user
node
authorization
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111230871.9A
Other languages
Chinese (zh)
Inventor
黄小芮
马文婷
郭林海
张琛
万化
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Pudong Development Bank Co Ltd
Original Assignee
Shanghai Pudong Development Bank Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Pudong Development Bank Co Ltd filed Critical Shanghai Pudong Development Bank Co Ltd
Priority to CN202111230871.9A priority Critical patent/CN114064800A/en
Publication of CN114064800A publication Critical patent/CN114064800A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4843Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
    • G06F9/4881Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention relates to the technical field of information security, and discloses a user asset view calculation method, a system, computer equipment and a storage medium, wherein the method comprises the steps of initiating an asset calculation task of a user, and carrying out uplink chain storage on the asset calculation task; receiving a calculation scheduling task sent by a platform, and performing authenticity verification on a node authorization data set participating in calculation; initiating multi-party safety calculation to the residual nodes participating in the asset calculation task, acquiring a uniform asset calculation ciphertext result, and chaining and storing the uniform asset calculation ciphertext result; determining the asset class of the user according to the unified asset calculation ciphertext result, and chaining the asset class into chain certificates; and forming a unified asset view calculation result according to the asset level of the user. The user asset view computing method combines multi-party security computing and a alliance chain, obtains asset data of users in different organizations in a secret computing mode, forms a uniform asset view, and ensures data use compliance, user privacy security and asset data credibility.

Description

User asset view calculation method, system, computer device and storage medium
Technical Field
The invention relates to the technical field of information security, in particular to a user asset view computing method, a user asset view computing system, computer equipment and a storage medium.
Background
In a traditional customer-centric scenario, financial institutions and other institutions related to customer assets can only provide financial and derivative services conforming to the assets of the customer by analyzing the asset distribution of the customer in the institution. With the financial development trend of platform and scenario, a service mode with a user as a center needs to be constructed, and then asset data of the user in different institutions such as banks, securities, insurance, trust, fund and the like needs to be obtained, so as to form a uniform asset view and provide financial and derivative services matched with the uniform asset view. How to ensure the data use compliance among a plurality of mechanisms and prevent the data embezzlement abuse becomes a problem to be solved urgently.
Disclosure of Invention
Based on this, it is necessary to provide a user asset view calculation method, system, computer device, and storage medium for the problem of how to ensure data use compliance among multiple organizations and prevent data theft abuse.
A user asset view calculation method is applied to any one node in a alliance chain formed by a plurality of nodes, and comprises the steps that authorization information of a user and hash values of authorization data sets are stored in the alliance chain, the authorization data sets comprise the hash values of node authorization data sets of all the nodes, and the node authorization data sets comprise data sets of plaintext information of the user authorization data acquired by a single node; initiating an asset calculation task of a user, and carrying out uplink chain storage on the asset calculation task; receiving a calculation scheduling task sent by a platform, and performing authenticity verification on a node authorization data set participating in calculation; when the authenticity check passes, initiating multi-party safety calculation to the remaining nodes participating in the asset calculation task, acquiring a unified asset calculation ciphertext result, and uploading the unified asset calculation ciphertext result to a chain for storage; the multi-party security calculation comprises the secret state calculation of joint weighted summation of asset data ciphertexts according to asset weights formed by pre-consensus of all nodes, and the calculation result is returned in the form of the ciphertexts; determining the asset class of the user according to the unified asset calculation ciphertext result, and chaining the asset class into chain certificates; and forming a unified asset view calculation result according to the asset level of the user.
According to the user asset view computing method, the characteristics of common knowledge, difficult tampering and traceability of information on the alliance chain are utilized, and the alliance chain is established among multiple data holding organizations. Each node transmits the authorization information of the user and the hash value of the authorization data set to the alliance chain for storage, so as to ensure that the authorization data of the user is credible and verifiable. The mechanism sends the asset calculation task for the user to the platform and carries out uplink storage on the asset calculation task. The platform can verify the authorization condition of the user through the alliance chain, ensure the data use compliance, prevent the data theft and abuse and realize the traceability and efficient and orderly operation of the whole business process. And after the platform confirms the authorization condition, the platform sends a calculation scheduling task to each node participating in the multi-party safe calculation, and after the nodes receive the calculation scheduling task sent by the platform, the authenticity of the node authorization data set participating in the calculation is verified. When the node authorization data set participating in the calculation passes the authenticity check, multi-party safe calculation can be initiated to the remaining nodes participating in the asset calculation task, a uniform asset calculation ciphertext result is obtained, and the uniform asset calculation ciphertext result is linked to the certificate. And determining the asset class of the user according to the unified asset calculation ciphertext result, uploading chain evidence to the asset class, and forming a unified asset view calculation result according to the asset class of the user. The above-mentioned business user asset view computing method introduces the user service data of the user at other terminals in a secret computing mode by combining multi-party secure computing and a alliance chain, and forms a comprehensive and secure user asset view computing system. The method and the device can ensure that the user service data is used in compliance, protect the data privacy of the user at other terminals, ensure the real credibility of the data acquired by the terminals and realize the efficient and orderly operation of the service process.
In one embodiment, the checking the authenticity of the node authorization data set participating in the computation includes determining whether a hash value of the node authorization data set participating in the computation is the same as a hash value of the node authorization data set certified on the federation chain.
In one embodiment, the asset computation task is ended when the authenticity check fails.
In one embodiment, the determining the asset class of the user according to the unified asset calculation ciphertext result comprises performing pairwise comparison on the unified asset calculation ciphertext result and an asset judgment interval for multiple times based on multi-party security calculation to determine the asset class of the user; and the asset judgment interval is formed by the joint consensus of all the nodes in advance.
A user asset view computing method comprises the steps of receiving an asset computing task initiated by a node; acquiring user authorization information on a alliance chain, and verifying the authorization condition of the user under each node based on the user authorization information; the alliance chain is composed of a plurality of nodes, authorization information of a user and hash values of an authorization data set are stored in the alliance chain, the authorization data set comprises the hash values of the node authorization data set of each node, and the node authorization data set comprises a data set of plaintext information of the user authorization data acquired by a single node; and when the authorization verification of the user under each node passes, sending a calculation scheduling task to each node.
In one embodiment, the asset calculation task is terminated when the user fails the authorization check under each node.
A user asset view computing system comprises a plurality of nodes, wherein the nodes form a alliance chain, authorization information of a user and hash values of an authorization data set are stored in the alliance chain, the authorization data set comprises the hash values of node authorization data sets of all the nodes, and the node authorization data set comprises a data set of plaintext information of the user authorization data acquired by a single node; the node is used for initiating an asset calculation task of a user, performing uplink storage on the asset calculation task, receiving a calculation scheduling task sent by a platform, performing authenticity check on a node authorization data set participating in calculation, and initiating multi-party safety calculation to the remaining nodes participating in the asset calculation task when the authenticity check passes, acquiring a unified asset calculation ciphertext result, and performing uplink storage on the unified asset calculation ciphertext result; the multi-party security calculation comprises secret state calculation of joint weighted summation of asset data ciphertexts according to asset weights formed by pre-consensus of all nodes, and a calculation result is returned in the form of the ciphertexts, and the secret state calculation is also used for determining the asset level of a user according to the unified asset calculation ciphertexts, and storing certificates on the asset level, and is also used for forming a unified asset view calculation result according to the asset level of the user; and the platform is used for receiving the asset computing tasks initiated by the nodes, acquiring user authorization information on a alliance chain, verifying the authorization condition of the user under each node based on the user authorization information, and sending computing scheduling tasks to each node when the authorization verification of the user under each node passes.
A computer device comprising a memory storing a computer program and a processor implementing the steps of a user asset view calculation method as described in any one of the above embodiments when the processor executes the computer program.
A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the user asset view calculation method according to any of the preceding embodiments.
A computer program product comprising a computer program, wherein the computer program, when executed by a processor, performs the steps of the user asset view calculation method as described in any of the above embodiments.
Drawings
In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the specification, and other drawings can be obtained by those skilled in the art without inventive labor.
FIG. 1 is a schematic flow chart diagram illustrating a method for computing a user asset view according to an embodiment of the present disclosure;
FIG. 2 is a schematic flow chart diagram illustrating a method for computing a user asset view according to another embodiment of the present disclosure;
fig. 3 is a block diagram of a service data interaction system according to another embodiment of the present disclosure;
FIG. 4 is a block diagram of a user asset view computing system according to one embodiment of the present disclosure;
FIG. 5 is a block diagram of a user asset view computing device or system according to an embodiment of the present disclosure.
Detailed Description
To facilitate an understanding of the invention, the invention will now be described more fully with reference to the accompanying drawings. Preferred embodiments of the present invention are shown in the drawings. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete.
It will be understood that when an element is referred to as being "secured to" another element, it can be directly on the other element or intervening elements may also be present. When an element is referred to as being "connected" to another element, it can be directly connected to the other element or intervening elements may also be present. As used herein, the terms "vertical," "horizontal," "left," "right," "upper," "lower," "front," "rear," "circumferential," and the like are based on the orientation or positional relationship shown in the drawings for ease of description and simplicity of description, and do not indicate or imply that the referenced device or element must have a particular orientation, be constructed and operated in a particular orientation, and are therefore not to be considered limiting of the present invention.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
With the development of multi-party secure computing technology, multi-party secure computing is beginning to be introduced in the traditional financial scenario. The multi-party security calculation can ensure that the data holding mechanism completes interactive calculation among data under the condition of not revealing plaintext data, and the 'available and invisible' of the data is realized. Data security and data interaction are addressed during the unified asset view building process. However, the true reliability of asset data in data interactions is difficult to determine due to the fact that plaintext data is not visible between each other, and both parties may provide spurious or undesirable asset data when performing specific calculations. Secondly, because data is invisible, the whole data interaction process is opaque, whether the data authorization relationship is true cannot be traced back, various information of data interaction can only be stored in a system or a local place, particularly when a plurality of participating mechanisms exist in a task, whether the construction process of the unified asset view is orderly carried out is difficult to confirm, the process is difficult to be accurately traced back and duplicated, and the effectiveness and the high efficiency of the process are required to be improved. How to establish a uniform asset view of a user among a plurality of organizations, ensure data use compliance, user privacy safety, asset data credibility and ordered business flow become a problem.
The user asset view calculation method is applied to any one node in a federation chain formed by a plurality of nodes, wherein authorization information of a user and a hash value of an authorization data set are stored in the federation chain formed by the plurality of nodes. Each node can use the asset data of the user only after obtaining the data authorization of the user.
The authorized data set comprises hash values of the node authorized data sets of all the nodes, namely, the node authorized data sets of all the nodes are subjected to hash processing by adopting a hash algorithm, and the node authorized data sets of all the nodes correspond to one hash value. The hash algorithm can generate a fixed length of data from a given arbitrary size of data as its mapping. If the data is damaged at all during the storage or transmission process, the hash value corresponding to the changed data will be changed. Thus, the hash value can be used to ensure that the data used in the calculation has not been tampered with.
The authorization data set is the combination of hash values corresponding to the node authorization data sets of all the nodes. And performing hash processing on the authorization data set by adopting a hash algorithm again to obtain a hash value of the authorization data set, and storing the hash value of the authorization data set in the alliance chain. Meanwhile, the node authorization data set also comprises a data set of plaintext information of the user authorization data acquired from each node, namely asset data which can be used by each node authorized by the user.
Fig. 1 is a schematic flow chart of a method for calculating a user asset view according to an embodiment of the present disclosure, where in an embodiment, the method for calculating a user asset view includes the following steps S100 to S500.
Step S100: and initiating an asset calculation task of a user, and performing uplink evidence storage on the asset calculation task.
In some embodiments of the present disclosure, an application scenario of the user asset view calculation method of the present disclosure is a financial services industry. A financial institution is regarded as a node, a user asset view computing system is deployed in a local private domain of the financial institution, a reliable alliance chain is established between terminals of multi-party institutions through a block chain technology, and a platform can be used for verification management of the multi-party institutions. And each node, each platform and each alliance chain can freely interact with each other. When the system constructs a service mode taking a user as a center, the asset data of the user in different organizations such as banks, securities, insurance, trust, fund and the like needs to be obtained. The financial institutions can form a unified asset view through the interaction of the asset data, and provide financial and derivative services matched with the unified asset view to the users according to the unified asset view.
When the first node initiates an asset computing task for the user, the asset computing task sent by the first node can be transmitted to the platform, and meanwhile, the asset computing task is also uploaded to a alliance chain for chain evidence storage. Any one financial institution can interact with the alliance chain for multiple times in the asset view calculation process, the key information related in each process of the multi-party security calculation is transmitted to the alliance chain, and chain evidence storage and acquisition of the related information of the unified asset view are performed. Before the asset data calculation, the enterprises can acquire user authorization information from the alliance chain through the platform to perform comparison and verification, so that the asset data calculation is performed under the condition that the user is authorized.
For example, when organization A needs to unify asset computations for user X under the three organizations of organization A, B, C, organization A may send asset computation tasks for user X to the platform. Meanwhile, the asset calculation task can be transmitted to the alliance chain for uplink evidence storage. Upon receiving the computing task request, the platform may verify the authorization of user X under authority A, B, C by obtaining user authorization information on the federation chain.
Step S200: and receiving a calculation scheduling task sent by the platform, and performing authenticity verification on the node authorization data set participating in calculation.
When the platform judges that the user completes authorization in each node, the platform judges that the asset computing task can be continuously executed. And the platform sends a calculation scheduling task to each node. After receiving the calculation scheduling task, the node can perform authenticity check on the node authorization data set of the parameter calculation so as to ensure that the data participating in the multi-party safety calculation are real and safe data.
For example, when the platform determination unit A, B, C has all obtained the authorization information of the user X, the platform will send the calculation scheduling task to the unit A, B, C, and after the three nodes of the unit A, B, C receive the calculation scheduling task sent by the server, the authenticity check is performed on the authorization data sets of the nodes participating in the calculation.
Step S300: when the authenticity check passes, multi-party safety calculation is initiated to the remaining nodes participating in the asset calculation task, a unified asset calculation ciphertext result is obtained, and chain storage is carried out on the unified asset calculation ciphertext result; and the multi-party security calculation comprises the secret state calculation of joint weighted summation of the asset data ciphertext according to the asset weight formed by the prior consensus of each node, and the calculation result is returned in the form of the ciphertext.
In one embodiment, any one of the nodes constructing the federation chain may initially set and chain-store the inter-multiparty security computing protocol, and the remaining nodes may obtain the stored initial value of the inter-multiparty security computing protocol through the federation chain and achieve consensus.
In one embodiment, the multi-party security computing protocol comprises computing methods for user asset data such as asset weight, asset judgment interval and asset level. Each node can use the alliance chain to achieve consensus on the asset weight, asset judgment interval, asset class and other calculation methods in the calculation task, and performs alliance chain certification and acquisition on various information in the interaction processes of data user authorization, task initiation, data verification, data calculation process, data calculation result and the like, so that the data is ensured to be credible and verifiable, and the traceability and efficient orderly performance of the whole service process is realized.
When the authorized data sets of the nodes participating in the calculation in each node pass the authenticity check, any one node can initiate multi-party security calculation to the other nodes participating in the asset calculation task. Each node can utilize multi-party secure computation to realize a confidential computation task of 'available and invisible' for all user service data of a user. The original data participating in the user asset calculation can be encrypted into secret fragments by utilizing a multi-party secure calculation protocol, and the secret fragments are subjected to interactive calculation among multiple nodes through the multi-party secure calculation protocol, so that a calculation result is obtained.
For example, mechanism a initiates an introspection query to mechanism B, C. After the result is queried by the mechanism B, C, the user service data which is locally queried to participate in the user asset calculation is processed in a secret state, and is returned in a secret state fragmentation mode for calculation. And performing combined weighting and secret state calculation on the asset data ciphertext according to the commonly-known asset weight formed by the three parties in advance, so as to obtain a uniform asset calculation ciphertext result. The unified asset computation ciphertext results may be returned to mechanism A, B, C separately in the form of ciphertext. Meanwhile, the unified asset calculation ciphertext result can be transmitted to the alliance chain for uplink certificate storage.
The multi-party safety calculation protocol can carry out interactive calculation among multiple nodes to obtain calculation results, and interactive information in the calculation process is encrypted information and cannot be decrypted to obtain plaintext information, so that the plaintext of all user service data is ensured not to be exported, and the user service data of other terminals are interacted only in a ciphertext mode. The confidential trail query function of multi-party secure calculation can realize confidential trail query on user business data of users in other terminals, namely mechanism B, C cannot know that mechanism A queries user X, but mechanism A can acquire the asset data ciphertext fragment of user X at mechanism B, C. The method and the device prevent other terminals from obtaining the query information of the terminal executing the query operation, and protect the privacy security of users and the information security of the terminals. By carrying out chain storage and certification and acquisition on various information in the interactive process, the credibility and the verifiability of the data can be ensured, and the traceability and efficient orderly proceeding of the whole service process are realized.
Step S400: and determining the asset class of the user according to the unified asset calculation ciphertext result, and chaining the asset class into chain certificates.
Step S500: and forming a unified asset view calculation result according to the asset level of the user.
And each node stores the received uniform asset calculation ciphertext result in the form of the ciphertext in the local organization. The nodes can compare the unified asset calculation ciphertext result with an asset judgment interval formed by the nodes in advance through mutual identification for a plurality of times based on multi-party safety calculation to determine the asset level of the user and link the asset level with the certificate. The organization may obtain a unified asset view calculation for the user based on the user's asset class. By means of the calculation result of the unified asset view of the user, the structure can more comprehensively know the total amount and the distribution condition of the assets of the user.
According to the user asset view calculation method, the related data involved in the business calculation process of each step are sent to the alliance chain for chain evidence storage, so that the credibility and verifiability of the data of each part in the business calculation process can be ensured, and the traceability and efficient and orderly operation of the whole business process can be realized. And sending a calculation task request to the platform in a specific calculation link of the service data, so that the platform compares and verifies the authorization condition of the authorization information of each platform through the user stored in the alliance chain, and the multi-party security calculation is ensured to be carried out under the authorized condition. The data privacy in the user business data calculation process is protected by utilizing the multi-party security calculation, and the detailed information of the inquired user is prevented from being acquired by other mechanisms through the confidential inquiry in the multi-party security calculation. The user asset view calculation method combines the characteristics of common identification, difficult tampering and traceability of information on the alliance chain, establishes the alliance chain among multiple data holding organizations, carries out alliance chain certification and acquisition on various information in the data interaction process, ensures the credibility and the verifiability of the data, and realizes the traceability and efficient and orderly operation of the whole service process.
By combining multi-party secure computing and a alliance chain, user service data of a target user in other organizations are introduced in a secret computing mode, and a rich and comprehensive service data computing system is formed. The user business data can be used in compliance, the asset data privacy of the user in other mechanisms is protected, the real credibility of the asset data is ensured, the efficient and orderly operation of the business process is realized, the mechanism can be favorably enhanced to know the user asset overall view, a high-quality high-net-value client group is created, and more accurate and more matched financial service is provided for the user.
In one embodiment, the federation chain may certify key information items in the user asset view computation flow. The key information in the user asset view calculation process comprises user authorization information, hash value information of an authorization data set, safety calculation information among multiple parties forming consensus on asset weight/asset judgment interval/asset level, encryption information, all task information in the calculation process comprises initiation information, verification information, calculation results (user weighted assets, asset level) and the like.
And the alliance chain is used for uploading authorization information of the user in each organization for storage, and when the service data is used, the server can verify the authorization condition of the user through the alliance chain, so that the data use compliance is ensured, and the data embezzlement and abuse are prevented. And performing uplink storage for business data and other related information involved in the data interaction and calculation process. The data holding mechanism encrypts and stores the data information through the characteristic that the alliance chain is difficult to tamper, so that the credibility and the verification of the data are ensured, and the traceability and the efficient and orderly operation of the whole business process are realized.
In one embodiment, performing the authenticity check on the node authorization data set participating in the computation includes determining whether the hash value of the node authorization data set participating in the computation is the same as the hash value of the node authorization data set certified on the federation chain.
And each node performs hash processing on the locally stored node authorization data set by using a hash algorithm to obtain a hash value corresponding to the locally stored node authorization data set. Before any node performs multi-party security calculation, the hash value corresponding to the locally stored node authorization data set and the hash value of the node authorization data set pre-stored in the alliance chain can be compared and verified, and whether the hash value corresponding to the locally stored node authorization data set is the same as the hash value of the node authorization data set pre-stored in the alliance chain is judged, so that authenticity check is completed.
According to the characteristics of the hash algorithm, if the data is damaged at all in the storage or transmission process, the hash value corresponding to the changed data is changed, so that when the node judges that the hash value corresponding to the locally stored node authorization data set is the same as the hash value of the node authorization data set stored in advance in the alliance chain, the locally stored data is ensured not to be tampered, authenticity verification can be completed on user asset data participating in calculation before a multi-party security calculation task starts, the probability of malicious tampering of the data is reduced, the phenomenon that an organization uses inconsistent false data to participate in calculation is prevented, and the reliability of the data is enhanced.
In one embodiment, each node continues to perform multi-party security computation only after the authenticity check is successful, and the asset computation task is ended when the authenticity check fails.
In one embodiment, determining the asset class of the user according to the unified asset calculation ciphertext result comprises comparing the unified asset calculation ciphertext result with the asset judgment interval two by two for multiple times based on multi-party security calculation to determine the asset class of the user. The asset judgment interval is formed by the mutual recognition of all the nodes in advance. The nodes can compare the unified asset calculation ciphertext result with an asset judgment interval formed by the nodes in advance through mutual identification for a plurality of times based on multi-party safety calculation to determine the asset level of the user, and link the link certificate to the determined asset level of the user. The calculation initiator cannot acquire specific asset results of multi-party safety calculation, and can only determine the asset level of the user by comparing with the asset judgment interval for many times.
For example, when the institution a initiates the multiparty security calculation and the calculation result is that the asset weighted by the user X is 350 ten thousand, the asset value falls within the asset interval [300 ten thousand, 500 ten thousand ] formed by the institution A, B, C in advance, and the asset level corresponding to the interval is V3. Then, after comparing the received uniform asset calculation ciphertext result with the asset judgment interval formed by the nodes in advance, the mechanism a can only know that the asset level of the user X is V3, and the mechanism a cannot know that the total asset amount of the user X is 350 ten thousand.
Fig. 2 is a schematic method flow diagram of a user asset view calculation method according to another embodiment of the present disclosure, in which in one embodiment, the user asset view calculation method includes the following steps S10 to S30.
Step S10: an asset computing task initiated by a node is received.
When any node initiates an asset computing task, the platform receives the asset computing task initiated by the node.
Step S20: acquiring user authorization information on a alliance chain, and verifying the authorization condition of a user under each node based on the user authorization information; the alliance chain is composed of a plurality of nodes, authorization information of a user and hash values of authorization data sets are stored in the alliance chain, the authorization data sets comprise the hash values of the node authorization data sets of all the nodes, and the node authorization data sets comprise data sets of plaintext information of the user authorization data acquired by a single node.
The platform acquires user authorization information corresponding to the user stored in the alliance chain to verify the authorization condition of the target user at each node.
Step S30: and when the authorization check of the user under each node is passed, sending a calculation scheduling task to each node.
When the user authorization information acquired by the platform includes the user authorization information of the user at all the nodes, it can be judged that the user completes authorization at all the nodes, and then the platform can judge that the asset computing task initiated by the node can be continuously executed. After the user authorization condition is verified, the platform sends a calculation scheduling task to each node.
The authorization information of the user to each node is stored by using the alliance chain, so that the platform can verify the authorization condition of the user in each node by using the information stored on the alliance chain, the data use compliance is ensured, and the data embezzlement and misuse are prevented. The platform can also schedule the computing tasks according to the checking condition, and schedule the computing nodes in the corresponding mechanisms to execute the multi-party safe computing tasks. The multi-party security calculation can realize the secret calculation task of data 'available and invisible', and ensure that the user does not leave the database in the asset data plaintext of each mechanism and interacts with the asset data of other mechanisms only in the form of a ciphertext. The users in other nodes are inquired through the introspection inquiry, so that the other nodes are prevented from acquiring the information of the node initiating the calculation task, and the privacy security of the users and the business secret security of the node initiating the calculation task are protected.
In one embodiment, the asset computation task is terminated when the user fails the authorization check under each node. When the user authorization information stored in the alliance chain only comprises the user authorization information of the user in part of the nodes or does not comprise the user authorization information of any node, the platform judges that the authorization check fails and terminates the asset computing task of the node. That is, when the user does not complete authorization for any one or more of the nodes among all the nodes participating in the computation, the platform may determine that the computation task is not satisfactory, end the computation task, and send computation task termination information to the node initiating the asset computation task.
Fig. 3 is a schematic flow chart of a business data interaction method according to another embodiment of the present disclosure, and in order to better illustrate a business process that uses the above-mentioned user asset view computing method to interact in a user asset view computing system, in this application, an application scenario is data interaction in the financial services industry, and an organization a needs to illustrate a unified asset computing of a user X under an organization A, B, C as an example, but the invention is not to be construed as limiting the scope of the invention.
A user asset view computing system is locally deployed at the organization A, B, C, a reliable alliance chain is established among multiple organizations through a block chain technology, a platform is used for carrying out unified management on the multiple organizations, and the platform, each organization and the alliance chain can freely interact. The authority A, B, C obtains user authorization information for its property data and performs federation chain crediting on the hash value of the authorization data set. The federation chain may certify other critical information in the multi-party secure computing process. The key information in the user asset view calculation process comprises user authorization information, hash value information of an authorization data set, safety calculation information among multiple parties forming consensus on asset weight/asset judgment interval/asset level, encryption information, all task information in the calculation process comprises initiation information, verification information, calculation results (user weighted assets, asset level) and the like. In subsequent operations, both the authority A, B, C and the platform may retrieve any stored credential information from the federation chain.
After the building of the alliance chain and the information storage are completed, any one of the organizations A, B, C may initially set the asset weight, the asset judgment interval and the asset class, and the three organizations achieve consensus on the initial values through the alliance chain.
Mechanism a sends the asset calculation task for user X under mechanism A, B, C to the platform while making the asset calculation task chain deposit. The platform may verify the authorization of user X at authority A, B, C by obtaining user authorization information on the federation chain. If user X does not authorize asset data for any one or more of the facilities A, B, C, the computing task for this time will be terminated by the platform. If both platform verification mechanisms A, B, C have obtained the authorization for user X, then the platform sends the compute dispatch task to mechanism A, B, C. After receiving the calculation scheduling task, the authority A, B, C compares the hash value of the data set participating in the calculation locally with the hash value of the data set stored in the federation chain, respectively, to implement the authenticity check on the data.
After completing the authenticity check based on the hash value of the data set, authority a may initiate a multi-party security computation to authority B, C. The confidential query can be realized by the multi-party secure computing mechanism a, that is, the mechanism B, C cannot know that the query object of the mechanism a is the user X, but the mechanism a can acquire the asset data ciphertext fragment of the user X at the mechanism B, C. And (4) performing combined weighting and secret state calculation on the asset data according to the asset weight formed by three-party prior consensus, and obtaining a uniform asset calculation ciphertext result returned in a ciphertext form by the mechanism A. And the organization A locally stores the unified asset calculation ciphertext result and links the calculation result into a chain storage certificate. The organization A can also carry out pairwise comparison on the calculation result and the asset judgment interval for many times based on multi-party safety calculation so as to form the asset class of the user X, and chain link and evidence storage are carried out on the asset class. After the mechanism A acquires the asset class of the user X, a unified asset view calculation result of the user X can be formed according to the asset class.
Based on the user asset view calculation method, each organization can send the user authorization information of the data involved in the unified asset view calculation to the alliance chain for chain evidence storage. In the specific calculation link of the asset data, user authorization information can be acquired from the alliance chain to be compared and checked, so that the calculation is carried out under the authorized condition. The data privacy in the user asset calculation process is protected by utilizing the multi-party security calculation, and the detailed information of the inquired user can be prevented from being acquired by other mechanisms through the track inquiry in the multi-party security calculation. Through the calculation of the asset interval and the fuzzification of the result, the mechanism can be prevented from reckoning the specific asset data of the user in other mechanisms. The system combines the characteristics of common identification, difficult tampering and traceability of information on the alliance chain, establishes the alliance chain among multiple data holding organizations, performs common identification on information such as asset weight, asset judgment interval and asset grade in a calculation task, performs alliance chain link certification and acquisition on various information in interactive processes such as data user authorization, task initiation, data verification, data calculation process, data calculation result and the like, can ensure data credibility and traceability and realize efficient and orderly execution of the whole service process.
It should be understood that although the various steps in the flowcharts of fig. 1-3 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 1-3 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed in turn or alternately with other steps or at least some of the other steps or stages.
Based on the description of the embodiment of the user asset view computing method, the disclosure also provides a user asset view computing system. The system may include systems (including distributed systems), software (applications), modules, components, servers, clients, etc. that use the methods described in embodiments of the present specification in conjunction with any necessary hardware-implemented devices. Based on the same innovative concept, embodiments of the present disclosure provide systems in one or more embodiments as described in the following embodiments. Because the implementation scheme for solving the problem of the system is similar to that of the method, the implementation of the system in the embodiment of the present disclosure may refer to the implementation of the foregoing method, and repeated details are not repeated. As used hereinafter, the term "unit" or "module" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
FIG. 4 is a block diagram of a user asset view computing system of another embodiment of the present disclosure, in one embodiment, the user asset view computing system includes a platform and a plurality of nodes.
And the plurality of nodes form a alliance chain, and authorization information of the user and the hash value of the authorization data set are stored on the alliance chain. The authorization data set comprises hash values of node authorization data sets of all the nodes, and the node authorization data set comprises data sets of plaintext information of user authorization data acquired by a single node.
The node is used for initiating an asset calculation task of a user, carrying out uplink storage on the asset calculation task, receiving a calculation scheduling task sent by a platform, carrying out authenticity check on a node authorization data set participating in calculation, and initiating multi-party safety calculation to the rest nodes participating in the asset calculation task when the authenticity check passes, acquiring a unified asset calculation ciphertext result, and performing uplink storage on the unified asset calculation ciphertext result. And the multi-party security calculation comprises the secret state calculation of joint weighted summation of the asset data ciphertext according to the asset weight formed by the prior consensus of each node, and the calculation result is returned in the form of the ciphertext. And the node is also used for determining the asset level of the user according to the uniform asset calculation ciphertext result, and linking the asset level into a chain certificate, and is also used for forming a uniform asset view calculation result according to the asset level of the user.
And the platform is used for receiving the asset computing tasks initiated by the nodes, acquiring user authorization information on the alliance chain, checking the authorization condition of the user under each node based on the user authorization information, and sending computing scheduling tasks to each node when the authorization check of the user under each node is passed.
With regard to the system in the above embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.
It is to be understood that the various embodiments of the methods, systems, etc., described above are described in a progressive manner, and like/similar elements may be referred to one another, with each embodiment focusing on differences from the other embodiments. Reference may be made to the description of other method embodiments for relevant points.
FIG. 5 is a block diagram of a user asset view computing device or system according to an embodiment of the present disclosure. Referring to FIG. 5, a user asset view computing device or system S00 includes a processing component S20 that further includes one or more processors and memory resources, represented by memory S22, for storing instructions, such as applications, executable by the processing component S20. The application program stored in the memory S22 may include one or more modules each corresponding to a set of instructions. Further, the processing component S20 is configured to execute instructions to perform the above-described method.
The user asset view computing device or system S00 may further include: the power component S24 is configured to perform power management of the user asset view computing device or system S00, the wired or wireless network interface S26 is configured to connect the user asset view computing device or system S00 to a network, and the input output (I/O) interface S28. The user asset view computing device or system S00 may be operable based on an operating system stored in memory S22, such as Windows Server, Mac OS X, Unix, Linux, FreeBSD, or the like.
In an exemplary embodiment, a computer-readable storage medium is also provided that includes instructions, such as the memory S22 that includes instructions executable by the processor of the user asset view computing device or system S00 to perform the above-described method. The storage medium may be a computer-readable storage medium, which may be, for example, a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
In an exemplary embodiment, a computer program product is also provided that includes instructions executable by a processor of the user asset view computing device or system S00 to perform the above-described method.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the hardware + program class embodiment, since it is substantially similar to the method embodiment, the description is simple, and the relevant points can be referred to the partial description of the method embodiment.
It should be noted that, the descriptions of the apparatus, the electronic device, the server, and the like according to the method embodiments may also include other embodiments, and specific implementations may refer to the descriptions of the related method embodiments. Meanwhile, the new embodiment formed by the mutual combination of the features of the methods, the devices, the equipment and the server embodiments still belongs to the implementation range covered by the present disclosure, and the details are not repeated herein.
In the description herein, references to the description of "some embodiments," "other embodiments," "desired embodiments," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, a schematic description of the above terminology may not necessarily refer to the same embodiment or example.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (10)

1. A user asset view computing method is applied to any one node in a alliance chain formed by a plurality of nodes, and is characterized by comprising the following steps:
the alliance chain stores authorization information of users and hash values of an authorization data set, the authorization data set comprises the hash values of node authorization data sets of all nodes, and the node authorization data set comprises a data set of plaintext information of the user authorization data acquired by a single node;
initiating an asset calculation task of a user, and carrying out uplink chain storage on the asset calculation task;
receiving a calculation scheduling task sent by a platform, and performing authenticity verification on a node authorization data set participating in calculation;
when the authenticity check passes, initiating multi-party safety calculation to the remaining nodes participating in the asset calculation task, acquiring a unified asset calculation ciphertext result, and uploading the unified asset calculation ciphertext result to a chain for storage; the multi-party security calculation comprises the secret state calculation of joint weighted summation of asset data ciphertexts according to asset weights formed by pre-consensus of all nodes, and the calculation result is returned in the form of the ciphertexts;
determining the asset class of the user according to the unified asset calculation ciphertext result, and chaining the asset class into chain certificates;
and forming a unified asset view calculation result according to the asset level of the user.
2. The user asset view computation method according to claim 1, wherein said checking authenticity of the set of node authorization data participating in the computation comprises:
and judging whether the hash value of the node authorization data set participating in the calculation is the same as the hash value of the node authorization data set stored on the alliance chain.
3. The user asset view computation method according to claim 1 or 2, characterized in that said asset computation task is ended when said authenticity check fails.
4. The method of claim 1, wherein the determining the asset class of the user according to the unified asset computation ciphertext result comprises:
based on multi-party safety calculation, the unified asset calculation ciphertext result and the asset judgment interval are compared pairwise for multiple times, and the asset level of the user is determined; and the asset judgment interval is formed by the joint consensus of all the nodes in advance.
5. A method for computing a user asset view, comprising:
receiving an asset computing task initiated by a node;
acquiring user authorization information on a alliance chain, and verifying the authorization condition of the user under each node based on the user authorization information; the alliance chain is composed of a plurality of nodes, authorization information of a user and hash values of an authorization data set are stored in the alliance chain, the authorization data set comprises the hash values of the node authorization data set of each node, and the node authorization data set comprises a data set of plaintext information of the user authorization data acquired by a single node;
and when the authorization verification of the user under each node passes, sending a calculation scheduling task to each node.
6. The user asset view computation method according to claim 5, wherein the asset computation task is ended when the authorization check of the user under each node fails.
7. A user asset view computing system, comprising:
the node authorization data set comprises hash values of node authorization data sets of all nodes, and the node authorization data set comprises a data set of plaintext information of user authorization data acquired by a single node;
the node is used for initiating an asset calculation task of a user, performing uplink storage on the asset calculation task, receiving a calculation scheduling task sent by a platform, performing authenticity check on a node authorization data set participating in calculation, and initiating multi-party safety calculation to the remaining nodes participating in the asset calculation task when the authenticity check passes, acquiring a unified asset calculation ciphertext result, and performing uplink storage on the unified asset calculation ciphertext result; the multi-party security calculation comprises secret state calculation of joint weighted summation of asset data ciphertexts according to asset weights formed by pre-consensus of all nodes, and a calculation result is returned in the form of the ciphertexts, the nodes are further used for determining the asset level of a user according to the unified asset calculation ciphertexts, and chaining certificates on the asset level, and are further used for forming a unified asset view calculation result according to the asset level of the user;
and the platform is used for receiving the asset computing tasks initiated by the nodes, acquiring user authorization information on a alliance chain, verifying the authorization condition of the user under each node based on the user authorization information, and sending computing scheduling tasks to each node when the authorization verification of the user under each node passes.
8. A computer device comprising a memory and a processor, the memory storing a computer program, wherein the processor when executing the computer program implements the steps of the user asset view calculation method of any of claims 1-6.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the user asset view calculation method according to any one of claims 1 to 6.
10. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, realizes the steps of the user asset view calculation method according to any of the claims 1-6.
CN202111230871.9A 2021-10-22 2021-10-22 User asset view calculation method, system, computer device and storage medium Pending CN114064800A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111230871.9A CN114064800A (en) 2021-10-22 2021-10-22 User asset view calculation method, system, computer device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111230871.9A CN114064800A (en) 2021-10-22 2021-10-22 User asset view calculation method, system, computer device and storage medium

Publications (1)

Publication Number Publication Date
CN114064800A true CN114064800A (en) 2022-02-18

Family

ID=80235155

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111230871.9A Pending CN114064800A (en) 2021-10-22 2021-10-22 User asset view calculation method, system, computer device and storage medium

Country Status (1)

Country Link
CN (1) CN114064800A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114219052A (en) * 2022-02-23 2022-03-22 富算科技(上海)有限公司 Graph data fusion method and device, electronic equipment and storage medium
CN117521150A (en) * 2024-01-04 2024-02-06 极术(杭州)科技有限公司 Data collaborative processing method based on multiparty security calculation

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114219052A (en) * 2022-02-23 2022-03-22 富算科技(上海)有限公司 Graph data fusion method and device, electronic equipment and storage medium
CN117521150A (en) * 2024-01-04 2024-02-06 极术(杭州)科技有限公司 Data collaborative processing method based on multiparty security calculation
CN117521150B (en) * 2024-01-04 2024-04-09 极术(杭州)科技有限公司 Data collaborative processing method based on multiparty security calculation

Similar Documents

Publication Publication Date Title
US10762479B2 (en) Method and system for processing blockchain-based real-time transaction
US20230231711A1 (en) Blockchain-implemented method and system
US10484376B1 (en) Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment
KR101903620B1 (en) Method for authorizing peer in blockchain based distributed network, and server using the same
CN111444273B (en) Data authorization method and device based on block chain
CN112000744B (en) Signature method and related equipment
US10504109B2 (en) Method for the mutual authentication of entities having previously initiated an online transaction
CN112383611B (en) File evidence storing method and system based on block chain and server
CN114064800A (en) User asset view calculation method, system, computer device and storage medium
JP2007529935A (en) Anonymous authentication method
CN112291062B (en) Voting method and device based on block chain
CN111460457A (en) Real estate property registration supervision method, device, electronic equipment and storage medium
CN115499379B (en) Information interaction method, device, equipment and medium based on block chain
CN112231769A (en) Block chain-based numerical verification method and device, computer equipment and medium
CN111355591A (en) Block chain account safety management method based on real-name authentication technology
CN112712452A (en) Approval information processing method and device based on block chain
CN116074023A (en) Authentication method and communication device
CN115277010A (en) Identity authentication method, system, computer device and storage medium
CN113205342A (en) User identity authentication method and device based on multi-terminal payment
CN111262825B (en) Apparatus and method for processing user public key in communication system including plurality of nodes
CN111741008A (en) Two-way anonymous authentication system and method based on mimicry defense principle
Hou et al. Blockchain-based efficient verifiable outsourced attribute-based encryption in cloud
JP6967211B1 (en) Fully decentralized blockchain system and computer program for trading crypto assets that prevents illegal transactions while also allowing anonymous users to participate
CN114666064A (en) Block chain-based digital asset management method, device, storage medium and equipment
Meng et al. Privacy-Preserving Task Allocation and Decentralized Dispute Protocol in Mobile Crowdsourcing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination