CN114282252A - Information interaction method and system based on block chain and computer equipment - Google Patents
Information interaction method and system based on block chain and computer equipment Download PDFInfo
- Publication number
- CN114282252A CN114282252A CN202111635300.3A CN202111635300A CN114282252A CN 114282252 A CN114282252 A CN 114282252A CN 202111635300 A CN202111635300 A CN 202111635300A CN 114282252 A CN114282252 A CN 114282252A
- Authority
- CN
- China
- Prior art keywords
- information
- user object
- access request
- service platform
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The application relates to an information interaction method, system and computer equipment based on a block chain. The method comprises the following steps: acquiring an information access request of an access request user object aiming at a target user object in a block chain service platform based on a management chain corresponding to the block chain service platform; responding to the information access request, calling an information management module on a management chain, and verifying whether a re-encryption key corresponding to the access request user object is stored in the management chain; if yes, obtaining an information ciphertext of the target user object from the information management module; through a re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key to generate an information re-encryption ciphertext encrypted by the public key of the access request user object; and calling the information management module to return an information re-encryption ciphertext to the access request user object so as to indicate that the information re-encryption ciphertext is decrypted based on the private key of the access request user object to obtain plaintext information of the target user object. The method can improve the safety.
Description
Technical Field
The present application relates to the field of blockchain technologies, and in particular, to a method, a system, and a computer device for information interaction based on blockchains.
Background
With the development of the block chain technology field, an information interaction technology based on the block chain appears. In the traditional information interaction technology, the block chain service platform stores the user information of each organization in a centralized manner for unified scheduling, and any user in the block chain service platform can easily obtain the user information of each organization.
Obviously, the traditional method cannot guarantee the safety of information interaction in the block chain service platform. Therefore, it is desirable to provide an information interaction method capable of improving security.
Disclosure of Invention
In view of the foregoing, there is a need to provide a blockchain-based information interaction method, system and computer device capable of improving security.
In a first aspect, the present application provides an information interaction method based on a block chain. The method comprises the following steps:
acquiring an information access request of an access request user object aiming at a target user object in a block chain service platform based on a management chain corresponding to the block chain service platform; the management chain is a federation chain; the members of the alliance chain are at least part of user objects in the block chain service platform;
responding to an information access request, calling an information management module on the management chain, and verifying whether a re-encryption key corresponding to the access request user object is stored in the management chain; the re-encryption key is used for converting the information ciphertext of the target user object into a ciphertext encrypted by the public key of the access request user object;
if yes, obtaining an information ciphertext of the target user object from the information management module;
through a re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key to generate an information re-encryption ciphertext encrypted by the public key of the access request user object;
and calling the information management module to return the information re-encryption ciphertext to the access request user object so as to indicate that the information re-encryption ciphertext is decrypted based on the private key of the access request user object, and obtain plaintext information of the target user object.
In one embodiment, the access request user object is a user object in the block chain service platform; the method further comprises the following steps:
the access request user object in the block chain service platform sends an information access request aiming at a target user object to the block chain service platform through an access request end;
the obtaining of the information access request of the access request user object for the target user object in the blockchain service platform based on the management chain corresponding to the blockchain service platform comprises:
and receiving an information access request aiming at the target user object forwarded by the block chain service platform based on a management chain.
In one embodiment, the invoking the information management module to return the information re-encrypted ciphertext to the access requesting user object to instruct decryption of the information re-encrypted ciphertext based on a private key of the access requesting user object to obtain plaintext information of the target user object includes:
calling the information management module to return the information re-encryption ciphertext to the block chain service platform;
decrypting an information re-encryption ciphertext based on a private key of the access request user object through the block chain service platform to obtain plaintext information of the target user object;
and returning the plaintext information to the access request terminal corresponding to the access request user object through the block chain service platform.
In one embodiment, the block chain service platform includes a chain interaction unit, an encryption/decryption unit, and an event notification unit; the calling the information management module to return the information re-encryption ciphertext to the block chain service platform comprises:
calling the information management module to return the information re-encryption ciphertext to the chain interaction unit in the block chain service platform;
the decrypting, by the blockchain service platform, the information re-encrypted ciphertext based on the private key of the access request user object to obtain the plaintext information of the target user object includes:
forwarding the information re-encrypted ciphertext to the encryption and decryption unit based on the chain interaction unit, so that the encryption and decryption unit decrypts the information re-encrypted ciphertext by using a private key of the access request user object to obtain plaintext information of the target user object;
the returning the plaintext information to the access request terminal corresponding to the access request user object through the blockchain service platform includes:
and returning the plaintext information to the access request terminal corresponding to the access request user object through an event notification unit.
In one embodiment, the access request user object is an external user object; the external user object is a user object in an external block chain service platform outside the block chain service platform; the obtaining of the information access request of the access request user object for the target user object in the blockchain service platform based on the management chain corresponding to the blockchain service platform comprises:
receiving an information access request sent by the external block chain service platform based on an external interface of a management chain; the information access request is obtained by the external block chain service platform based on the information access operation of an external user object for a target user object;
the calling the information management module to return the information re-encryption ciphertext to the access request user object comprises:
and calling the information management module, sending the information re-encryption ciphertext to an external block chain service platform based on the external interface, and returning the information re-encryption ciphertext to the external user object through the external block chain service platform.
In one embodiment, the method further comprises:
receiving an information ciphertext of the target user object sent by the block chain service platform; the information ciphertext is obtained by encrypting the information of the target user object based on the public key of the target user object by the block chain service platform;
and storing the information ciphertext into the information management module on the management chain.
In one embodiment, the method further comprises:
if the re-encryption key corresponding to the access request user object is not stored in the management chain, calling an information management module to trigger the target user object to authorize the access request user object, and enabling the block chain service platform to generate the re-encryption key after the authorization is passed;
and receiving the re-encryption key sent by the block chain service platform, storing the re-encryption key into the re-encryption module, executing the re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key, and generating an information re-encryption ciphertext encrypted by the public key of the access request user object.
In a second aspect, the application further provides an information interaction system based on the block chain. The system comprises: providing equipment of a running environment and an access request end where an access request user object is located for a management chain;
the access request terminal is used for initiating an information access request aiming at a target user object in the block chain service platform;
the device is used for acquiring an information access request of an access request user object aiming at a target user object in a block chain service platform based on a management chain corresponding to the block chain service platform; the management chain is a federation chain; the members of the alliance chain are at least part of user objects in the block chain service platform; responding to an information access request, calling an information management module on the management chain, and verifying whether a re-encryption key corresponding to the access request user object is stored in the management chain; the re-encryption key is used for converting the information ciphertext of the target user object into a ciphertext encrypted by the public key of the access request user object; if yes, obtaining an information ciphertext of the target user object from the information management module; through a re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key to generate an information re-encryption ciphertext encrypted by the public key of the access request user object; and calling the information management module to return the information re-encryption ciphertext to the access request user object so as to indicate that the information re-encryption ciphertext is decrypted based on the private key of the access request user object, and obtain plaintext information of the target user object.
In a third aspect, the present application also provides a computer device. The computer device comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the following steps of the method in the embodiments of the application when executing the computer program.
In a fourth aspect, the present application further provides a computer-readable storage medium. The computer readable storage medium has stored thereon a computer program which, when executed by a processor, performs the steps of the method according to embodiments of the present application.
In a fifth aspect, the present application further provides a computer program product. The computer program product comprises a computer program which, when executed by a processor, performs the steps of the method according to embodiments of the present application.
According to the information interaction method, the system, the computer equipment, the storage medium and the computer program product based on the block chain, the information access request of the access request user object aiming at the target user object in the block chain service platform is obtained based on the management chain corresponding to the block chain service platform; the management chain is a federation chain; the members of the alliance chain are at least part of user objects in the block chain service platform; responding to the information access request, calling an information management module on a management chain, and verifying whether a re-encryption key corresponding to the access request user object is stored in the management chain; a re-encryption key for converting the information ciphertext of the target user object into a ciphertext encrypted by the public key of the access-requesting user object; if yes, obtaining an information ciphertext of the target user object from the information management module; through a re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key to generate an information re-encryption ciphertext encrypted by the public key of the access request user object; and calling the information management module to return an information re-encryption ciphertext to the access request user object so as to indicate that the information re-encryption ciphertext is decrypted based on the private key of the access request user object to obtain plaintext information of the target user object. Based on the information of the user objects in the management chain distributed storage area block chain service platform, only the access request user object with the corresponding re-encryption key on the management chain can access the information re-encryption ciphertext, and only the private key based on the access request user object can decrypt the information re-encryption ciphertext, so that the safety of information interaction is avoided.
Drawings
FIG. 1 is a diagram of an application environment of a blockchain-based information interaction method in one embodiment;
FIG. 2 is a flowchart illustrating a block chain-based information interaction method according to an embodiment;
FIG. 3 is a schematic flow diagram illustrating re-encryption in one embodiment;
FIG. 4 is a flow diagram illustrating information interaction within a blockchain service platform according to an embodiment;
FIG. 5 is a flowchart illustrating interaction of information across a blockchain service platform in an embodiment;
FIG. 6 is a flow diagram illustrating information chaining of a user object in a blockchain services platform according to an embodiment;
FIG. 7 is a schematic diagram illustrating a block chain-based information interaction method according to an embodiment;
FIG. 8 is a block diagram of a blockchain-based information interaction system in one embodiment;
FIG. 9 is a block diagram of an information interaction system based on block chains in another embodiment;
FIG. 10 is a diagram showing an internal structure of a computer device in one embodiment;
fig. 11 is an internal configuration diagram of a computer device in another embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The information interaction method based on the block chain provided by the embodiment of the application can be applied to the application environment shown in fig. 1. Where the access request terminal 102 communicates with the device 104 over a network. The access request user object may initiate an information access request for a target user object in the blockchain service platform through the access request terminal 102. The device 104 may obtain, based on a management chain corresponding to the blockchain service platform, an information access request of an access request user object for a target user object in the blockchain service platform; responding to the information access request, calling an information management module on a management chain, and verifying whether a re-encryption key corresponding to the access request user object is stored in the management chain; if yes, obtaining an information ciphertext of the target user object from the information management module; through a re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key to generate an information re-encryption ciphertext encrypted by the public key of the access request user object; and calling the information management module to return an information re-encryption ciphertext to the access request user object so as to indicate that the information re-encryption ciphertext is decrypted based on the private key of the access request user object to obtain plaintext information of the target user object.
The access request terminal 102 may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, internet of things devices, and portable wearable devices, and the internet of things devices may be smart speakers, smart televisions, smart air conditioners, smart car-mounted devices, and the like. The portable wearable device can be a smart watch, a smart bracelet, a head-mounted device, and the like. The device 104 may be implemented as a stand-alone server or as a server cluster comprised of multiple servers.
In an embodiment, as shown in fig. 2, an information interaction method based on a block chain is provided, which is described by taking the method as an example applied to the device in fig. 1, and it can be understood that the method can be implemented by interaction between the device and an access request end, and includes the following steps:
s202, acquiring an information access request of an access request user object aiming at a target user object in a block chain service platform based on a management chain corresponding to the block chain service platform; and responding to the information access request, calling an information management module on the management chain, and verifying whether a re-encryption key corresponding to the access request user object is stored in the management chain.
Wherein the management chain is a federation chain; the members of the federation chain are at least part of user objects in a blockchain service platform. A federation chain is a form of a block chain. A federation chain refers to a block chain that is composed of multiple enterprises or organizations and is commonly controlled, and an individual or organization wants to access a certain federation chain and must be authorized. A federation chain is between a public chain and a private chain, with its members being made up of multiple enterprises or organizations. The access request user object is a user object accessing information of a target user object in the blockchain service platform. The target user object is a user object corresponding to information accessed by the access request user object. The information access request is a request for accessing information of a target user object. And the re-encryption key is used for converting the information ciphertext of the target user object into the ciphertext encrypted by the public key of the access request user object. The block chain service platform is a platform for responding to the service requirement of the user object and providing a solution. It will be appreciated that the blockchain service platform and corresponding management chain are supported by the same blockchain service platform. The Blockchain Service platform, namely, a "Blockchain as a Service" (BaaS) platform, is a Blockchain open platform that embeds a Blockchain frame into a cloud computing platform, provides a convenient and high-performance Blockchain ecological environment and ecological supporting Service for developers by using deployment and management advantages of cloud Service infrastructure, and supports business expansion and operation support of the developers. The information management module is a program module with the function of managing and controlling information interaction of a management chain.
Specifically, the access request user object may initiate an information access request for a target user object in the block chain service platform through the access request terminal, and the device may obtain the information access request based on a management chain corresponding to the block chain service platform. The device can respond to the information access request, call an information management module on the management chain, and verify whether the re-encryption key corresponding to the access request user object is stored in the management chain.
In one embodiment, the information management module may be, but is not limited to, an intelligent contract module on a management chain. Obtaining the information access request may be a triggering event for triggering the invocation of the information management module to validate the re-encrypted key on the management chain. The intelligent contract module mainly comprises three parts of contract generation, contract execution and contract change. It is understood that the function of the information management module can be implemented by the information management intelligent contract, but is not limited thereto, and can also be implemented by other forms of blockchain programs.
The intelligent contract is also called an intelligent contract and is a program which is event-driven, has a state, obtains multiple-party approval, runs on a block chain and can automatically process assets according to preset conditions, and the intelligent contract has the greatest advantage of utilizing a program algorithm to substitute for human arbitration and contract execution. In brief, an intelligent contract is a contract that records terms in a computer language instead of a legal language. The smart contract may be automatically executed by a computing system. In short, smart contracts are digitized versions of traditional contracts. The information management module is an intelligent contract on the management chain and is used for managing and controlling the information of the user object in the block chain service business platform.
In one embodiment, the device may provide a runtime environment for a blockchain services business platform. It is understood that a management chain is a federation chain formed by at least some of the user objects in the blockchain services platform as nodes. The management chain is a alliance chain for managing information interaction of the block chain service platform, and the management chain is essentially an alliance chain belonging to the block chain service platform.
In one embodiment, the management chain may be independent of the blockchain services business platform. It can be understood that at least part of users in the block chain service platform can be used as nodes to build a management chain outside the block chain service platform.
In one embodiment, the information access request carries a public key of the user object of the access request. The information management module can verify whether the re-encryption key corresponding to the public key is stored in the management chain.
S204, if yes, obtaining an information ciphertext of the target user object from the information management module; and through a re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key to generate the information re-encryption ciphertext encrypted by the public key of the access request user object.
The information ciphertext is the information of the target user object encrypted by the public key of the target user object. The re-encryption module is an intelligent contract for generating re-encrypted ciphertext. The information re-encryption ciphertext is the information of the target user object after the information ciphertext is re-encrypted by the re-encryption key. It is understood that the information re-encryption ciphertext and the information ciphertext are both information of the target user object. The re-encryption key is a ciphertext transformation key. It will be appreciated that information encrypted with the target user object public key may be converted to information encrypted with the access requesting user object public key by re-encrypting the information cipher text with the re-encryption key. The re-encryption module is a program module having a function of re-encrypting information.
Specifically, if the access request user object is the target user object, the device may obtain an information ciphertext of the target user object from the information management module, and trigger the re-encryption module in the management chain to re-encrypt the information ciphertext by using the re-encryption key, so as to generate an information re-encryption ciphertext encrypted by the public key of the access request user object.
In one embodiment, the re-encryption module may be, but is not limited to, an intelligent contract module on a management chain. It is to be understood that the function of the re-encryption module may be implemented by a re-encryption smart contract, but is not limited thereto, and may also be implemented by other forms of blockchain programs. The authentication is passed, that is, the re-encryption key corresponding to the access request user object stored in the management chain is a trigger event of the re-encryption module. It can be understood that after being triggered, the device may invoke the re-encryption module to execute obtaining of the information ciphertext of the target user object, so as to re-encrypt the information ciphertext by using the re-encryption key, generate the information re-encryption ciphertext, and return the information re-encryption ciphertext to the information management module.
S206, the information management module is called to return an information re-encryption ciphertext to the access request user object so as to indicate that the information re-encryption ciphertext is decrypted based on the private key of the access request user object, and plaintext information of the target user object is obtained.
The plaintext information refers to unencrypted information. It will be appreciated that ciphertext and re-encrypted ciphertext are encrypted text and plaintext is unencrypted text. Ciphertext is text encrypted with plaintext and re-encrypted ciphertext is text encrypted with ciphertext.
Specifically, the device may invoke the information management module to return an information re-encryption ciphertext to the access-requesting user object to indicate that the ciphertext is re-encrypted based on the private key decryption information of the access-requesting user object to obtain plaintext information of the target user object. It can be understood that obtaining the information re-encryption ciphertext generated by the re-encryption module is a trigger event of the information management module. After being triggered, the device may invoke the information management module to perform returning of the information re-encryption ciphertext to the access-requesting user object.
In one embodiment, the re-encryption module and the information management module can be called each other. For example, the information management module may call the re-encryption module to re-encrypt the information ciphertext. For another example, the re-encryption module may call the information management module to return the information re-encryption ciphertext to the access-requesting user object.
In one embodiment, the device may invoke the information management module to return the information re-encryption ciphertext to the access request side.
In one embodiment, the device may invoke the information management module to return the information re-encryption ciphertext to the blockchain service platform where the access-requesting user object is located.
In one embodiment, the access request user object may be a user object in a blockchain service platform, a user object in an external blockchain service platform, or a user object in a self-built cluster of a non-blockchain service platform. It is understood that the blockchain service platforms other than the blockchain service platform corresponding to the management chain are external blockchain service platforms. The external block chain service platform and the block chain service platform corresponding to the management chain may be homogeneous or heterogeneous. The user object may not be a user object in any blockchain service platform, and may be a user object in a cluster of a plurality of user objects.
In one embodiment, the flow diagram of re-encryption in fig. 3 is shown. The information management module in the management chain can store the information ciphertext of the target user object. The information ciphertext is obtained by encrypting the information through the public key of the target user object. If the access request user object wants to access the information of the target user object in the management chain, the re-encryption key needs to be obtained by calculation by using the public key of the access request user object and the private key of the target user object. The management chain can obtain the re-encryption key, and re-encrypt the information ciphertext of the target user object by using the re-encryption key to obtain a re-encrypted ciphertext. The information management module may return the re-encrypted ciphertext to the access-requesting user object. After the encrypted ciphertext is decrypted by using the private key of the access request user object, the access request user object can obtain the plaintext information of the target user object.
The Re-Encryption (Proxy Re-Encryption) is a novel public key Encryption system with a cryptograph security conversion function. In the Proxy re-encryption system, a semi-trusted agent (Proxy) plays a role of ciphertext transformation, and can transform a ciphertext encrypted by a public key of a delegator into a ciphertext encrypted by a public key of a delegator for the same plaintext, and then the delegator can decrypt the transformed ciphertext by using a private key of the delegator. In the ciphertext transformation process, the agent must have a ciphertext transformation key (re-encryption key) authorized by the delegator for the delegator, and the agent cannot obtain any information about the plaintext.
The information interaction method based on the block chain obtains the information access request of the access request user object aiming at the target user object in the block chain service platform based on the management chain corresponding to the block chain service platform; the management chain is a federation chain; the members of the alliance chain are at least part of user objects in the block chain service platform; responding to the information access request, calling an information management module on a management chain, and verifying whether a re-encryption key corresponding to the access request user object is stored in the management chain; a re-encryption key for converting the information ciphertext of the target user object into a ciphertext encrypted by the public key of the access-requesting user object; if yes, obtaining an information ciphertext of the target user object from the information management module; through a re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key to generate an information re-encryption ciphertext encrypted by the public key of the access request user object; and calling the information management module to return an information re-encryption ciphertext to the access request user object so as to indicate that the information re-encryption ciphertext is decrypted based on the private key of the access request user object to obtain plaintext information of the target user object. Based on the information of the user objects in the management chain distributed storage area block chain service platform, only the access request user object with the corresponding re-encryption key on the management chain can access the information re-encryption ciphertext, and only the private key based on the access request user object can decrypt the information re-encryption ciphertext, so that the safety of information interaction is avoided.
In one embodiment, the access request user object is a user object in a blockchain service platform; the method further comprises the following steps: an access request user object in the block chain service platform sends an information access request aiming at a target user object to the block chain service platform through an access request end; based on a management chain corresponding to the blockchain service platform, acquiring an information access request of an access request user object for a target user object in the blockchain service platform comprises the following steps: and receiving an information access request aiming at a target user object forwarded by the block chain service platform based on the management chain.
Specifically, an access request user object in the blockchain service platform logs in the blockchain service platform through an access request terminal, and sends an information access request aiming at a target user object to the blockchain service platform. It can be understood that the access request terminal is a terminal where the access request user is located. The blockchain service business platform can send an information access request to the management chain. The device may receive, through the management chain, an information access request for a target user object forwarded by the blockchain service platform.
In this embodiment, the user object in the blockchain service platform may initiate an information access request to the management chain through the blockchain service platform to access information of the target user object, and the information of the target user object may no longer be directly obtained from the blockchain service platform, but the information is obtained through the management chain to manage and control information access of the user object in the blockchain service platform, so that security of information interaction is improved.
In one embodiment, the calling information management module returns an information re-encryption ciphertext to the access requesting user object to indicate that the information re-encryption ciphertext is decrypted based on a private key of the access requesting user object, and obtaining plaintext information of the target user object includes: calling an information management module to return the information re-encryption ciphertext to the block chain service platform; decrypting the information re-encryption ciphertext based on the private key of the access request user object through the block chain service platform to obtain plaintext information of the target user object; and returning plaintext information to an access request end corresponding to the access request user object through the block chain service platform.
Specifically, the device may call the information management module to return the information re-encryption ciphertext to the blockchain service platform. After the block chain service platform obtains the information re-encryption ciphertext, the information re-encryption ciphertext can be decrypted by using a private key of the access request user object to obtain plaintext information of the target user object. The block chain service platform can return plaintext information to the access request end, and the access request user object can check the plaintext information at the access request end.
In one embodiment, the access request user object may carry a private key to initiate an information access request on the blockchain service platform. It can be understood that the access request user object can log in the blockchain service platform with the private key.
In this embodiment, after obtaining the information re-encryption ciphertext returned by the information management module, the block chain service platform decrypts the information re-encryption ciphertext, and directly returns plaintext information to the access request user object, so that convenience is ensured, and meanwhile, security is ensured through management and control information interaction of the management chain.
In one embodiment, the blockchain service platform comprises a chain interaction unit, an encryption and decryption unit and an event notification unit; the step of calling the information management module to return the information re-encrypted ciphertext to the block chain service platform comprises the following steps: calling an information management module to return the information re-encryption ciphertext to a chain interaction unit in the block chain service platform; decrypting the information re-encryption ciphertext based on the private key of the access request user object through the block chain service platform to obtain the plaintext information of the target user object, wherein the plaintext information comprises: forwarding the information re-encryption ciphertext to an encryption and decryption unit based on a chain interaction unit, so that the encryption and decryption unit decrypts the information re-encryption ciphertext by using a private key of the access request user object to obtain plaintext information of the target user object; returning plaintext information to an access request end corresponding to an access request user object through a block chain service platform comprises the following steps: and returning plaintext information to an access request end corresponding to the access request user object through the event notification unit.
The chain interaction unit is a unit used by the block chain service platform for interacting with the management chain. It is understood that the communication between the blockchain service business platform and the management chain is realized through a chain interaction unit. The encryption and decryption unit is a unit for encrypting and decrypting the information of the target user object by the block chain service platform. The event notification unit is a unit used by the blockchain service platform to notify the corresponding event of the user object in the platform.
Specifically, the device may call the information management module to return the information re-encryption ciphertext to the chain interaction unit in the block chain service platform. The block chain service platform can forward the information re-encrypted ciphertext to the encryption and decryption unit through the chain interaction unit, so that the encryption and decryption unit decrypts the information re-encrypted ciphertext by using a private key of the access request user object to obtain plaintext information of the target user object. The block chain service platform can return plaintext information to the access request end corresponding to the access request user object through the event notification unit.
In one embodiment, the blockchain services business platform may provide a front end page that may be used to interact with the terminal. It can be understood that the front end page is essentially a service interface of the block chain service platform docking terminal.
In one embodiment, fig. 4 is a flowchart illustrating information interaction in a blockchain service platform. The access request user object can access the front page of the block chain service platform through the access request terminal. The block chain service platform can obtain an information access request initiated by an access request user object through an access request end through a platform interaction unit through a service interface corresponding to a front-end page. The block chain service platform can forward the information access request to the information management module through the chain interaction unit. It can be understood that the information access request carries a public key of the access request user object, and the information management module can verify whether the re-encryption module stores a re-encryption key corresponding to the public key. If so, the re-encryption module can re-encrypt the information ciphertext of the target user object by using the re-encryption key to generate the information re-encrypted ciphertext. The information management module can return the information re-encryption ciphertext to the block chain service platform through the chain interaction unit. It can be understood that the chain interaction unit may monitor the management chain and obtain the information re-encryption ciphertext from the information management module. The block chain service platform can decrypt the information re-encrypted ciphertext through the encryption and decryption unit to obtain plaintext information, and the plaintext information is displayed at the access request end through the event notification unit.
And if the access request user object re-encryption module does not store the re-encryption key corresponding to the public key, the target user object in the trigger block chain service platform authorizes the access request user object through the authorization terminal. It can be understood that the authorized terminal can send the private key to the blockchain service platform to generate the re-encryption key through the encryption and decryption unit. The block chain service platform can send the re-encryption key to the information management module through the chain interaction unit, and the information management module can store the re-encryption key in the re-encryption module.
The platform interaction unit is a unit for realizing interaction between the block chain service platform and the front-end page. It can be understood that the user object accesses the front-end page provided by the blockchain service platform through the terminal, the platform interaction unit responds to the transaction request initiated by the user object on the front-end page through the terminal based on the service interface corresponding to the front-end page, and forwards the transaction request to the corresponding service unit. It is understood that a business unit is a unit in a blockchain services business platform for processing transaction requests. The chain interaction unit, the platform interaction unit and the like are all service units.
In this embodiment, the block chain service platform may receive the re-encrypted ciphertext of the target user object returned by the information management module through the chain interaction unit, decrypt the re-encrypted ciphertext through the encryption and decryption unit to obtain plaintext information, and return the plaintext information to the access request user object through the event notification unit, so that the access request user object does not need to decrypt the re-encrypted ciphertext alone, and convenience and security of accessing the information of the target user object of the platform by the user object of the platform are ensured.
In one embodiment, the access request user object is an external user object; the external user object is a user object in an external block chain service platform outside the block chain service platform; based on a management chain corresponding to the blockchain service platform, acquiring an information access request of an access request user object for a target user object in the blockchain service platform comprises the following steps: acquiring an information access request of an access request user object aiming at a target user object based on an external interface of a management chain; the step of calling the information management module to return the information re-encryption ciphertext to the access request user object comprises the following steps: and calling the information management module, and returning the information re-encryption ciphertext to the access request user object based on the external interface.
The external interface is an interface for interaction between an external user object and the management chain. It can be understood that the external user object authorized by the interface in advance can call the external interface to perform information interaction with the management chain through the access request terminal.
Specifically, the access request user may invoke an external interface of the management chain through the access request terminal, and initiate an information access request to the management chain. The device can obtain the information access request of the access request user object aiming at the target user object through the external interface of the management chain. The device can call the information management module and return the information re-encryption ciphertext to the access request user object through the external interface.
In one embodiment, fig. 5 is a schematic flowchart of information interaction of a service platform of a cross-blockchain service. The access request object can call the management chain external interface through the access request terminal to initiate an information access request to the information of the target user object by the management chain. The information management module can acquire the information access request through an external interface. It can be understood that the information access request carries a public key of the access request user object, and the information management module can verify whether the re-encryption module stores a re-encryption key corresponding to the public key. If so, the re-encryption module can re-encrypt the information ciphertext of the target user object by using the re-encryption key to generate the information re-encrypted ciphertext. The information management module can return the information re-encryption ciphertext to the access request terminal through the external interface. It can be understood that the access request user object can log in the external blockchain service platform, so as to send the information access request to the management chain through the external blockchain service platform and obtain the information re-encryption ciphertext.
And if the access request user object re-encryption module does not store the re-encryption key corresponding to the public key, the target user object in the trigger block chain service platform authorizes the access request user object through the authorization terminal. It can be understood that the blockchain service platform may obtain the private key of the target user object through the platform interaction unit, so as to generate the re-encryption key through the encryption and decryption unit. The block chain service platform can send the re-encryption key to the information management module through the chain interaction unit, and the information management module can store the re-encryption key in the re-encryption module.
In one embodiment, the access request user object is an external user object; the external user object is a user object in an external block chain service platform outside the block chain service platform; based on a management chain corresponding to the blockchain service platform, acquiring an information access request of an access request user object for a target user object in the blockchain service platform comprises the following steps: receiving an information access request sent by an external block chain service platform based on an external interface of a management chain; the information access request is obtained by an external blockchain service platform based on information access operation of an external user object for a target user object; the step of calling the information management module to return the information re-encryption ciphertext to the access request user object comprises the following steps: and calling the information management module, sending the information re-encryption ciphertext to the external block chain service platform based on the external interface, and returning the information re-encryption ciphertext to the external user object through the external block chain service platform.
Specifically, the external user object may log in the external blockchain service platform through the access request terminal, and perform an access operation on information of the target user object in a front-end page provided by the external blockchain service platform. The access request terminal can detect the information access operation of the external user object aiming at the target user object and send an information access request to the external block chain service platform. The external block chain service platform can call an external interface of the management chain and send the information access request to the management chain. The device may receive the access request and trigger the re-encryption module to generate an information re-encryption ciphertext. The device can call the information management module, and send the information re-encryption ciphertext to the external block chain service platform through the external interface, so that the information re-encryption ciphertext is returned to the external user object through the external block chain service platform.
In one embodiment, the external blockchain service platform may re-encrypt the ciphertext using the private key decryption information of the external user object to obtain plaintext information, and send the plaintext information to the access request end where the external user object is located. It can be understood that the external blockchain service platform can obtain the private key of the external user object. For example, the external user object may carry a private key to log in the external blockchain service platform, and the private key of the external user object may be stored in the external blockchain service platform in advance, or the private key of the external user may be carried in the information access request. A
In one embodiment, the external blockchain service platform may detect an information access operation of an external user object on a front-end page through an access request terminal, directly invoke an external interface of a management chain, and initiate an information access request to the management chain for information of a target user object.
In this embodiment, the external block chain service platform may perform information interaction with the management chain corresponding to the local block chain service platform, that is, the external block chain service platform may perform information interaction with the local block chain service platform through the management chain, so as to solve the problem that a plurality of different block chain service platforms cannot communicate with each other. It can be understood that, because information interaction cannot be performed among organizations in different blockchain service platforms, a federation chain cannot be established among the organizations in different blockchain service platforms, which greatly limits the development of the federation chain.
In one embodiment, the method further comprises: receiving an information ciphertext of a target user object sent by a block chain service platform; the information ciphertext is obtained by encrypting the information of the target user object based on the public key of the target user object by the block chain service platform; and storing the information ciphertext into an information management module on the management chain.
Specifically, the block chain service platform may encrypt the information of the target user object by using the public key of the target user object through the encryption and decryption unit to obtain an information ciphertext. The block chain service platform can send an information ciphertext to the management chain through the chain interaction unit, and the device can receive the information ciphertext of the target user object sent by the block chain service platform. The device may store the information ciphertext to an information management module on a management chain.
In one embodiment, fig. 6 is a flowchart illustrating information chaining of a user object in a blockchain services platform. A user object in the block chain service platform can access a front-end page provided by the block chain service platform through an authorization terminal, the authorization terminal can apply for an identity certificate to an information management unit through a service interface corresponding to the front-end page, and the block chain service platform can encrypt certificate information through an encryption and decryption unit to obtain an information ciphertext. The block chain service platform can send the information cipher text to the information management module on the management chain through the chain interaction unit.
In this embodiment, the blockchain service platform may send the information ciphertext of the target user object to the management chain for storage, and the information ciphertext stored in the management chain may be accessed by the user object in the blockchain service platform and an external user object, so that the security of information interaction is improved.
In one embodiment, the method further comprises: if the re-encryption key corresponding to the access request user object is not stored in the management chain, calling an information management module to trigger a target user object to authorize the access request user object, and enabling the block chain service platform to generate the re-encryption key after the authorization is passed; and receiving a re-encryption key sent by the block chain service platform, storing the re-encryption key into a re-encryption module, re-encrypting the information ciphertext through the re-encryption module on the management chain based on the re-encryption key, and generating the information re-encryption ciphertext encrypted by the public key of the access request user object.
Specifically, if the re-encryption key corresponding to the access request user object is not stored in the management chain, the device may invoke the information management module to perform information interaction with the chain interaction unit, and trigger an event notification unit in the block chain service platform to notify the target user object of the information access authorization event. The target user object can log in the block chain service platform through the authorization terminal, and the information access authorization event is checked to authorize the access request user object. After authorization, the blockchain service platform may obtain the private key of the target user object, and invoke the encryption and decryption unit to generate the re-encryption key by using the private key of the target user object and the public key of the access request user object. The blockchain service platform may send the re-encryption key to the management chain through the chain interaction unit. The device may invoke an information management module on the management chain to receive the re-encryption key and trigger the information management module to store the re-encryption key in the re-encryption module. The device may perform re-encrypting the information ciphertext based on the re-encryption key via a re-encryption module on the management chain to generate an information re-encryption ciphertext encrypted by the public key of the access-requesting user object.
In one embodiment, the access request user object may initiate an authority application transaction for information of the target user object through the access request terminal, and trigger the target user object in the blockchain service platform to authorize the access request user object. It will be appreciated that the external user object may initiate a rights application transaction through an external interface of the management chain. The user object in the block chain service platform can log in the block chain service platform through the access request terminal so as to initiate the permission application transaction through the block chain service platform.
In this embodiment, for an access request user object that does not store a corresponding re-encryption key in a management chain, the device may communicate with the blockchain service platform to obtain authorization of a target user object to the access request user object, that is, a re-encryption key, so that an information re-encryption ciphertext can be returned to the access request user object after the authorization, thereby ensuring the security of information interaction.
In one embodiment, the block chain based information interaction method as shown in fig. 7 is a schematic diagram. The external user object and the user object in the service platform of the local block chain service can apply for a public key and a private key from the key generation center in advance. The external user object and the user object in the block chain service platform are used as access request user objects to access information of target user objects on the management chain in different modes respectively. It can be understood that if the access request user object is an external user object, the mode of the management link external interface is called through the access request end; and if the access request user object is the user object in the block chain service platform, accessing the block chain service platform through the access request terminal. The communication between the management chain and the block chain service platform is realized by the interaction between the information management module and the chain interaction unit.
Wherein, there are information management module and heavy encryption module on the management chain. The re-encryption module is used for storing the re-encryption key and re-encrypting the information ciphertext for the target in the information management module. It can be understood that the re-encryption module may return the generated information re-encryption ciphertext to the information management module. The information management module can access the information ciphertext of the target user object and verify whether the re-encryption key corresponding to the access request object is stored in the management chain. If the re-encryption key corresponding to the access request object is not stored in the management chain, the information management module can initiate the permission application transaction. And the right application transaction is used for triggering the target user object to authorize the access request user object. It can be understood that the management chain stores the information ciphertext of the target user object through the information management module, and the information management module defines the format and the specification of the uplink of the information ciphertext of the target user object by the block chain service platform. If the blockchain service platform needs to store the information ciphertext into the management chain, the format and the specification in the information management module must be complied with. For example, the information cipher of the uplink must include organization information, node information, identity information, etc. under the object name of the target user. It can be understood that the information management module can manage and control the access of the access request user object to the information of the target user object, and the information management module further defines a specification of which information ciphertext can be subjected to information interaction.
The block chain service platform comprises a chain interaction unit, an event notification unit, an information management unit, an encryption and decryption unit and a platform interaction unit. The chain interaction unit has the access right of the management chain, can monitor the transaction information of each block in the management chain, and distributes the acquired transaction information to the corresponding service unit in the block chain service platform for processing. It can be understood that the chain interaction unit can monitor the right application transaction initiated by the information management module and distribute the right application transaction to the event notification unit. The chain interaction unit can store the information generated by the transaction to the management chain. For example, information related to the object of the requesting user is accessed.
The event notification unit may notify the service event that needs to be processed by the user object in the blockchain service platform to the user object through the service interface. It can be understood that the terminal where the user object is located may receive the service event through the service interface and display the service event in the front-end page provided by the block chain service platform. For example, a business event may be an event that requires the target user object to authorize access to the requesting user object.
The information management unit may manage and control related information of each user object in the blockchain service platform. For example, the organization of each user object in the platform, and the identity of each user object. Each user object in the block chain service platform can apply, update, revoke and the like for the identity certificate to the information management unit. It is understood that an identity certificate is essentially identity information of a user object.
The encryption and decryption unit can encrypt the information of the user object in the information management unit by using the public key of the user object in the block chain service platform to generate an information ciphertext. It will be appreciated that the user object may optionally encrypt information via the encryption/decryption unit. The terminal where the user object of the platform is located can interact with the block chain service platform through the platform interaction unit.
It should be understood that, although the steps in the flowcharts related to the embodiments as described above are sequentially displayed as indicated by arrows, the steps are not necessarily performed sequentially as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least a part of the steps in the flowcharts related to the embodiments described above may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the execution order of the steps or stages is not necessarily sequential, but may be rotated or alternated with other steps or at least a part of the steps or stages in other steps.
Based on the same inventive concept, the embodiment of the present application further provides an information interaction system based on the block chain, which is used for implementing the above-mentioned information interaction method based on the block chain. The implementation scheme for solving the problem provided by the apparatus is similar to the implementation scheme described in the above method, so that specific limitations in one or more embodiments of the information interaction system based on the block chain provided below may refer to the limitations on the information interaction method based on the block chain in the foregoing, and details are not described here again.
In one embodiment, as shown in fig. 8, there is provided a blockchain-based information interaction system 800, including: a device 802 for providing a run-time environment for the management chain and an access request end 804 where an access request user object is located, wherein:
an access request terminal 804, configured to initiate an information access request for a target user object in a block chain service platform;
the device 802 is configured to obtain an information access request of an access request user object for a target user object in a blockchain service platform based on a management chain corresponding to the blockchain service platform; the management chain is a federation chain; the members of the alliance chain are at least part of user objects in the block chain service platform; responding to the information access request, calling an information management module on a management chain, and verifying whether a re-encryption key corresponding to the access request user object is stored in the management chain; a re-encryption key for converting the information ciphertext of the target user object into a ciphertext encrypted by the public key of the access-requesting user object; if yes, obtaining an information ciphertext of the target user object from the information management module; through a re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key to generate an information re-encryption ciphertext encrypted by the public key of the access request user object; and calling the information management module to return an information re-encryption ciphertext to the access request user object so as to indicate that the information re-encryption ciphertext is decrypted based on the private key of the access request user object to obtain plaintext information of the target user object.
In one embodiment, the access request user object is a user object in a blockchain service platform; the access request terminal 804 is further configured to send an information access request for a target user object to the blockchain service platform; the device 802 is further configured to receive, based on the management chain, an information access request for a target user object forwarded by the blockchain service platform.
In an embodiment, the device 802 is further configured to invoke the information management module to return the information re-encryption ciphertext to the blockchain service platform; the device 802 is further configured to decrypt, by using the blockchain service platform, the information re-encrypted ciphertext based on the private key of the access request user object to obtain plaintext information of the target user object; returning plaintext information to the access request user object through the block chain service platform; the access request terminal 804 is further configured to receive plaintext information.
In one embodiment, as shown in fig. 9, the system further comprises a blockchain services business platform 806. The block chain service platform comprises a chain interaction unit, an encryption and decryption unit and an event notification unit; the device 802 is further configured to invoke the information management module to return the information re-encrypted ciphertext to a chain interaction unit in the block chain service platform; the block chain service platform 806 is configured to forward the information re-encrypted ciphertext to the encryption and decryption unit based on the chain interaction unit, so that the encryption and decryption unit decrypts the information re-encrypted ciphertext by using a private key of the access request user object to obtain plaintext information of the target user object; returning plaintext information to the access request user object through an event notification unit; the access request terminal 804 is further configured to receive plaintext information.
In one embodiment, the access request user object is an external user object; the external user object is a user object in an external block chain service platform outside the block chain service platform; the device 802 is further configured to obtain an information access request of the access request user object for the target user object based on an external interface of the management chain; the device 802 is further configured to invoke an information management module to return an information re-encrypted ciphertext return to the access request user object based on the external interface.
In one embodiment, the access request user object is an external user object; the external user object is a user object in an external block chain service platform outside the block chain service platform; the device 802 is further configured to receive, based on an external interface of a management chain, an information access request sent by the external blockchain service platform; the information access request is obtained by the external block chain service platform based on the information access operation of an external user object for a target user object; the device 802 is further configured to invoke the information management module, send the information re-encryption ciphertext to an external blockchain service platform based on the external interface, and return the information re-encryption ciphertext to the external user object through the external blockchain service platform.
In an embodiment, the device 802 is further configured to receive an information ciphertext of the target user object sent by the blockchain service platform; the information ciphertext is obtained by encrypting the information of the target user object based on the public key of the target user object by the block chain service platform; and storing the information ciphertext into an information management module on the management chain.
In an embodiment, the device 802 is further configured to, if the re-encryption key corresponding to the access request user object is not stored in the management chain, invoke the information management module to trigger the target user object to authorize the access request user object, and enable the blockchain service platform to generate the re-encryption key after the authorization is passed; the device 802 is further configured to receive a re-encryption key sent by the blockchain service platform, store the re-encryption key in a re-encryption module, and perform re-encryption on an information ciphertext through the re-encryption module on the management chain based on the re-encryption key to generate an information re-encryption ciphertext encrypted by the public key of the access request user object.
Each device in the above information interaction system based on the blockchain may be wholly or partially implemented by software, hardware and a combination thereof. The above devices may be embedded in hardware or independent from a processor in the computer device, or may be stored in a memory in the computer device in software, so that the processor can call and execute operations corresponding to the above devices.
In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as shown in fig. 10. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer equipment is used for storing information interaction related data. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a blockchain-based information interaction method.
In one embodiment, a computer device is provided, which may be a terminal, and its internal structure diagram may be as shown in fig. 11. The computer device includes a processor, a memory, a communication interface, a display screen, and an input device connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The communication interface of the computer device is used for carrying out wired or wireless communication with an external terminal, and the wireless communication can be realized through WIFI, a mobile cellular network, NFC (near field communication) or other technologies. The computer program is executed by a processor to implement a blockchain-based information interaction method. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.
Those skilled in the art will appreciate that the configurations shown in fig. 10 and 11 are merely block diagrams of portions of configurations related to aspects of the present application, and do not constitute limitations on the computing devices to which aspects of the present application may be applied, as a particular computing device may include more or fewer components than shown, or combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, comprising a memory and a processor, the memory having stored therein a computer program, the processor implementing the steps of the above-described method embodiments when executing the computer program.
In an embodiment, a computer-readable storage medium is provided, on which a computer program is stored, which computer program, when being executed by a processor, carries out the steps of the above-mentioned method embodiments.
In an embodiment, a computer program product is provided, comprising a computer program which, when being executed by a processor, carries out the steps of the above-mentioned method embodiments.
It should be noted that, the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, presented data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high-density embedded nonvolatile Memory, resistive Random Access Memory (ReRAM), Magnetic Random Access Memory (MRAM), Ferroelectric Random Access Memory (FRAM), Phase Change Memory (PCM), graphene Memory, and the like. Volatile Memory can include Random Access Memory (RAM), external cache Memory, and the like. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others. The databases referred to in various embodiments provided herein may include at least one of relational and non-relational databases. The non-relational database may include, but is not limited to, a block chain based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic devices, quantum computing based data processing logic devices, etc., without limitation.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present application. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present application shall be subject to the appended claims.
Claims (10)
1. An information interaction method based on a block chain is characterized by comprising the following steps:
acquiring an information access request of an access request user object aiming at a target user object in a block chain service platform based on a management chain corresponding to the block chain service platform; the management chain is a federation chain; the members of the alliance chain are at least part of user objects in the block chain service platform;
responding to an information access request, calling an information management module on the management chain, and verifying whether a re-encryption key corresponding to the access request user object is stored in the management chain; the re-encryption key is used for converting the information ciphertext of the target user object into a ciphertext encrypted by the public key of the access request user object;
if yes, obtaining an information ciphertext of the target user object from the information management module;
through a re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key to generate an information re-encryption ciphertext encrypted by the public key of the access request user object;
and calling the information management module to return the information re-encryption ciphertext to the access request user object so as to indicate that the information re-encryption ciphertext is decrypted based on the private key of the access request user object, and obtain plaintext information of the target user object.
2. The method of claim 1, wherein the access request user object is a user object in the blockchain service platform; the method further comprises the following steps:
the access request user object in the block chain service platform sends an information access request aiming at a target user object to the block chain service platform through an access request end;
the obtaining of the information access request of the access request user object for the target user object in the blockchain service platform based on the management chain corresponding to the blockchain service platform comprises:
and receiving an information access request aiming at the target user object forwarded by the block chain service platform based on a management chain.
3. The method of claim 2, wherein invoking the information management module to return the information re-encrypted ciphertext to the access requesting user object to instruct decryption of the information re-encrypted ciphertext based on a private key of the access requesting user object to obtain plaintext information for the target user object comprises:
calling the information management module to return the information re-encryption ciphertext to the block chain service platform;
decrypting an information re-encryption ciphertext based on a private key of the access request user object through the block chain service platform to obtain plaintext information of the target user object;
and returning the plaintext information to the access request terminal corresponding to the access request user object through the block chain service platform.
4. The method according to claim 3, wherein the blockchain service platform comprises a chain interaction unit, an encryption/decryption unit and an event notification unit; the calling the information management module to return the information re-encryption ciphertext to the block chain service platform comprises:
calling the information management module to return the information re-encryption ciphertext to the chain interaction unit in the block chain service platform;
the decrypting, by the blockchain service platform, the information re-encrypted ciphertext based on the private key of the access request user object to obtain the plaintext information of the target user object includes:
forwarding the information re-encrypted ciphertext to the encryption and decryption unit based on the chain interaction unit, so that the encryption and decryption unit decrypts the information re-encrypted ciphertext by using a private key of the access request user object to obtain plaintext information of the target user object;
the returning the plaintext information to the access request terminal corresponding to the access request user object through the blockchain service platform includes:
and returning the plaintext information to the access request terminal corresponding to the access request user object through an event notification unit.
5. The method of claim 1, wherein the access request user object is an external user object; the external user object is a user object in an external block chain service platform outside the block chain service platform; the obtaining of the information access request of the access request user object for the target user object in the blockchain service platform based on the management chain corresponding to the blockchain service platform comprises:
receiving an information access request sent by the external block chain service platform based on an external interface of a management chain; the information access request is obtained by the external block chain service platform based on the information access operation of an external user object for a target user object;
the calling the information management module to return the information re-encryption ciphertext to the access request user object comprises:
and calling the information management module, sending the information re-encryption ciphertext to an external block chain service platform based on the external interface, and returning the information re-encryption ciphertext to the external user object through the external block chain service platform.
6. The method of claim 1, further comprising:
receiving an information ciphertext of the target user object sent by the block chain service platform; the information ciphertext is obtained by encrypting the information of the target user object based on the public key of the target user object by the block chain service platform;
and storing the information ciphertext into the information management module on the management chain.
7. The method of any one of claims 1 to 6, further comprising:
if the re-encryption key corresponding to the access request user object is not stored in the management chain, calling an information management module to trigger the target user object to authorize the access request user object, and enabling the block chain service platform to generate the re-encryption key after the authorization is passed;
and receiving the re-encryption key sent by the block chain service platform, storing the re-encryption key into the re-encryption module, executing the re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key, and generating an information re-encryption ciphertext encrypted by the public key of the access request user object.
8. An information interaction system based on a block chain, the system comprising: providing equipment of a running environment and an access request end where an access request user object is located for a management chain;
the access request terminal is used for initiating an information access request aiming at a target user object in the block chain service platform;
the device is used for acquiring an information access request of an access request user object aiming at a target user object in a block chain service platform based on a management chain corresponding to the block chain service platform; the management chain is a federation chain; the members of the alliance chain are at least part of user objects in the block chain service platform; responding to an information access request, calling an information management module on the management chain, and verifying whether a re-encryption key corresponding to the access request user object is stored in the management chain; the re-encryption key is used for converting the information ciphertext of the target user object into a ciphertext encrypted by the public key of the access request user object; if yes, obtaining an information ciphertext of the target user object from the information management module; through a re-encryption module on the management chain, re-encrypting the information ciphertext based on the re-encryption key to generate an information re-encryption ciphertext encrypted by the public key of the access request user object; and calling the information management module to return the information re-encryption ciphertext to the access request user object so as to indicate that the information re-encryption ciphertext is decrypted based on the private key of the access request user object, and obtain plaintext information of the target user object.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the method of any of claims 1 to 7.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111635300.3A CN114282252A (en) | 2021-12-29 | 2021-12-29 | Information interaction method and system based on block chain and computer equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111635300.3A CN114282252A (en) | 2021-12-29 | 2021-12-29 | Information interaction method and system based on block chain and computer equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114282252A true CN114282252A (en) | 2022-04-05 |
Family
ID=80877766
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111635300.3A Pending CN114282252A (en) | 2021-12-29 | 2021-12-29 | Information interaction method and system based on block chain and computer equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114282252A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116340984A (en) * | 2023-05-29 | 2023-06-27 | 四川云合数创信息技术有限公司 | User information management method and system based on intelligent community |
-
2021
- 2021-12-29 CN CN202111635300.3A patent/CN114282252A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116340984A (en) * | 2023-05-29 | 2023-06-27 | 四川云合数创信息技术有限公司 | User information management method and system based on intelligent community |
| CN116340984B (en) * | 2023-05-29 | 2023-08-15 | 四川云合数创信息技术有限公司 | User information management method and system based on intelligent community |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109144961B (en) | Authorization file sharing method and device | |
| US10735202B2 (en) | Anonymous consent and data sharing on a blockchain | |
| JP7119142B2 (en) | Digital ID verification method and device, electronic device, non-transitory computer-readable storage medium and program | |
| US10348696B2 (en) | Cloud key escrow system | |
| US10063372B1 (en) | Generating pre-encrypted keys | |
| WO2019214211A1 (en) | Block chain-based user data authorization method and apparatus, and medium and computing device | |
| US9424439B2 (en) | Secure data synchronization | |
| US9503433B2 (en) | Method and apparatus for cloud-assisted cryptography | |
| JP6013468B2 (en) | Data manager and curation system | |
| US11290446B2 (en) | Access to data stored in a cloud | |
| CN112699399B (en) | Encryption database system, method and device for realizing encryption database system | |
| JP2015532054A5 (en) | Method for providing secure app ecosystem with key and data exchange according to corporate information management policy, non-transitory computer readable medium, and mobile computing device | |
| CN105027107A (en) | Secure virtual machine migration | |
| JP6404481B2 (en) | Method and apparatus for managing heterogeneous data storage in cloud computing | |
| CN114500069A (en) | Method and system for storing and sharing electronic contract | |
| Thilakanathan et al. | Secure multiparty data sharing in the cloud using hardware-based TPM devices | |
| CN114282252A (en) | Information interaction method and system based on block chain and computer equipment | |
| US10462113B1 (en) | Systems and methods for securing push authentications | |
| CN116049802A (en) | Application single sign-on method, system, computer equipment and storage medium | |
| US20200177383A1 (en) | Centralized system for a hardware security module for access to encryption keys | |
| US20130219510A1 (en) | Drm/cas service device and method using security context | |
| CN117157623A (en) | System and method for protecting secrets when used in conjunction with containerized applications | |
| Katre et al. | Trusted third party for data security in cloud environment | |
| CN117240608B (en) | Login authorization method, login authorization device, computer equipment and storage medium | |
| Sung et al. | A distributed mobile cloud computing model for secure big data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |