CN114547648A - Data hiding trace query method and system - Google Patents

Data hiding trace query method and system Download PDF

Info

Publication number
CN114547648A
CN114547648A CN202210150314.4A CN202210150314A CN114547648A CN 114547648 A CN114547648 A CN 114547648A CN 202210150314 A CN202210150314 A CN 202210150314A CN 114547648 A CN114547648 A CN 114547648A
Authority
CN
China
Prior art keywords
data
authorization
authorization information
hash value
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210150314.4A
Other languages
Chinese (zh)
Inventor
李洁
杨燚
王大森
韩韬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN202210150314.4A priority Critical patent/CN114547648A/en
Publication of CN114547648A publication Critical patent/CN114547648A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The invention provides a data hiding trace query method and a system, wherein the method comprises the following steps: a data calling party initiates a first data request carrying a hash value of a target user identifier to an authorization center; the authorization center confirms the right of the first data request, intercepts part of hash values of the target user identification hash value after the right confirmation is passed, and initiates a second data request carrying the part of hash values to the data source side; the data source side matches the data set according to the partial hash value, each element of the data set comprising: the user identification hash value matched with the part of hash values and the corresponding user data content encrypt each element in the data set by using a key generated according to the user identification hash value to obtain an encrypted data set, and the encrypted data set is sent to an authorization center; the authorization center decrypts each element in the encrypted dataset using a key generated from the target user identification hash value. By the method, the information hiding of the data requester can be ensured in the data interaction process.

Description

Data hiding trace query method and system
Technical Field
The invention belongs to the field of data, and particularly relates to a data hiding trace query method and a data hiding trace query system.
Background
This section is intended to provide a background or context to the embodiments of the invention that are recited in the claims. The description herein is not admitted to be prior art by inclusion in this section.
On the premise of meeting the requirements of data privacy protection, safety control and supervision, the method realizes the safe fusion of data and intelligence, enables the safe occurrence of data values and the compliance application of data intelligence, and becomes an important subject for the development of big data and artificial intelligence.
When data query and interaction are carried out between enterprises, how to carry out privacy protection and avoid data caching in the whole query process is to ensure that a source party cannot know the query target of a query party, but can smoothly return a query result to the query party, and the enterprises can determine user authorization, so that the enterprise is an industry pain point and a difficult problem which need to be mainly solved.
Disclosure of Invention
In view of the above problems in the prior art, a method and system for querying a data covert trace are provided, by which the above problems can be solved.
The present invention provides the following.
In a first aspect, a data hiding trace query method is provided, and includes: the data calling party initiates a first data request to the authorization center, wherein the first data request carries a hash value of the target user identifier; the authorization center confirms the right of the first data request of the data caller, intercepts part of hash value of the target user identification hash value after the right is confirmed, and initiates a second data request carrying the part of hash value to the data source; the data source side matches the data set according to the partial hash value, each element of the data set comprising: the user identification hash value matched with the part of hash values and the corresponding user data content encrypt each element in the data set by using a key generated according to the user identification hash value to obtain an encrypted data set, and the encrypted data set is sent to an authorization center; the authorization center decrypts each element in the encrypted dataset using a key generated from the target user identification hash value.
In an embodiment, prior to determining the right, the method further comprises: the data source side obtains first authorization information of a user, signs the abstract of the first authorization information by using a user private key, and sends the first authorization information carrying the signature to an authorization center; the authorization center uses the user public key to perform signature verification on the first authorization information carrying the signature, and stores the first authorization information passing the verification; the first authorization information is used for indicating the user authorization data source party to store the user data content in the set authorization range.
In an embodiment, prior to determining the right, the method further comprises: the data calling party acquires second authorization information of the user, signs the abstract of the second authorization information by using a private key of the user, and sends the second authorization information carrying the signature to the authorization center; the authorization center uses the user public key to carry out signature verification on the second authorization information carrying the signature, and stores the second authorization information which passes the verification; the second authorization information is used for indicating the user to authorize the data caller to use the user data within the set data use range.
In an embodiment, the method for authorizing the first data request of the data caller by the authorization center further includes: and the authorization center matches second authorization information in the authorization information base according to the target user identification hash value, the data requester identification and the data source identification carried by the first data request.
In one embodiment, the authorization center intercepts a partial hash value of the target user identification hash value, and further includes: the first 128 bits of the target user identification hash value are truncated.
In an embodiment, decrypting each element in the encrypted data set further comprises: the authorization center generates an abstract of the target user identification hash value by using a hash algorithm, encrypts the target user identification hash value by using a symmetric cryptographic algorithm by using the abstract as a secret key to obtain a matching value, and matches the matching value with the data in the encrypted data set; if the matching value is matched in the encrypted data set, the authorization center returns the decrypted target user data to the data caller; if no matching value is matched in the encrypted data set, the data source side does not contain the target user data.
In one embodiment, the method further comprises: and after the query is finished, encrypting the query record by using the public key of the data query party and the public key of the data provider.
In a second aspect, a data hiding trace query system is provided, which includes: the data calling party, the data source party and the authorization center, wherein the data calling party is configured to: initiating a first data request to an authorization center, wherein the first data request carries a target user identification hash value; the authorization center is configured for: the method comprises the steps of determining the right of a first data request of a data calling party, intercepting a part of hash values of a target user identification hash value, and initiating a second data request carrying the part of hash values to a data source party; the data source side is configured for: matching the data set according to the partial hash values, each element of the data set comprising: the user identification hash value matched with the part of hash values and the corresponding user data content encrypt each element in the data set by using a key generated according to the user identification hash value to obtain an encrypted data set, and the encrypted data set is sent to an authorization center; the authorization center is configured to further: each element in the encrypted dataset is decrypted using a key generated from the target user identification hash value.
In an embodiment, the data source side is configured to further: before the right is confirmed, first authorization information of a user is obtained, a user private key is used for signing the abstract of the first authorization information, and the first authorization information carrying the signature is sent to an authorization center; the first authorization information is used for indicating a user authorization data source party to store user data content in a set authorization range; the authorization center is configured to further: and carrying out signature verification on the first authorization information carrying the signature by using the user public key, and storing the first authorization information passing the verification.
In an embodiment, the data caller is configured to further: before the right is confirmed, second authorization information of the user is obtained, a user private key is used for signing the abstract of the second authorization information, and the second authorization information carrying the signature is sent to an authorization center; the second authorization information is used for indicating the user to authorize the data caller to use the user data in the set data use range; the authorization center is configured to further: and carrying out signature verification on the second authorization information carrying the signature by using the user public key, and storing the second authorization information passing the verification.
In an embodiment, the determining the right of the first data request of the data caller further comprises: and the authorization center matches second authorization information in the authorization information base according to the target user identification hash value, the data requester identification and the data source identification carried by the first data request.
In one embodiment, the authorization center intercepts a partial hash value of the target user identification hash value, and further includes: the first 128 bits of the target user identification hash value are truncated.
In an embodiment, the authorization center is configured to further: generating an abstract of a target user identification hash value by using a hash algorithm, encrypting the target user identification hash value by using a symmetric cipher algorithm by using the abstract as a secret key to obtain a matching value, and matching the matching value with data in an encrypted data set; if the matching value is matched in the encrypted data set, the authorization center returns target data to the data caller; if no matching value is matched in the encrypted data set, the data source side does not contain the target data.
In an embodiment, the authorization center is configured to further: and after the query is finished, encrypting the query record by using the public key of the data query party and the public key of the data provider.
One of the advantages of the above embodiment is that the information of the data requesting party can be ensured to be confidential during the data interaction process, and the request information is prevented from being leaked to the data serving party.
Other advantages of the present invention will be explained in more detail in conjunction with the following description and the accompanying drawings.
It should be understood that the above description is only an overview of the technical solutions of the present invention, so as to clearly understand the technical means of the present invention, and thus can be implemented according to the content of the description. In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail below.
Drawings
The advantages and benefits herein, as well as other advantages and benefits, will be apparent to one of ordinary skill in the art upon reading the following detailed description of the exemplary embodiments. The drawings are only for purposes of illustrating exemplary embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like elements throughout. In the drawings:
FIG. 1 is a flow diagram illustrating a method for data track query according to an embodiment of the invention;
FIG. 2 is a flowchart illustrating a method for data track query according to an embodiment of the invention;
FIG. 3 is a block diagram of a data track query system according to an embodiment of the invention.
In the drawings, the same or corresponding reference numerals indicate the same or corresponding parts.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
In the description of the embodiments of the present application, it is to be understood that terms such as "including" or "having" are intended to indicate the presence of the features, numbers, steps, actions, components, parts, or combinations thereof disclosed in the specification, and are not intended to preclude the presence or addition of one or more other features, numbers, steps, actions, components, parts, or combinations thereof.
Unless otherwise stated, "/" indicates an OR meaning, e.g., A/B may indicate A or B; "and/or" herein is merely an association describing an associated object, and means that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone.
The terms "first", "second", etc. are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first," "second," etc. may explicitly or implicitly include one or more of that feature. In the description of the embodiments of the present application, "a plurality" means two or more unless otherwise specified.
All code in this application is exemplary and variations will occur to those skilled in the art based upon the programming language used, the specific needs and personal habits without departing from the spirit of the application.
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict. The present invention will be described in detail below with reference to the embodiments with reference to the attached drawings.
FIG. 1 is a flow chart of a data track query method according to an embodiment of the present application, in which an execution subject may be one or more electronic devices from a device perspective; from the program perspective, the execution main body may accordingly be a program loaded on these electronic devices.
S102: the data calling party initiates a first data request to an authorization center
And the first data request carries a target user identification hash value. It is to be understood that the first data request is a request for a data caller to invoke authorized user data of a target user. In order to avoid disclosure of user privacy information in the data query, the first data request may include a hash value of the target user identifier, for example, a hash value of 256 bits generated by the target user identifier information is used for the data query.
S104, the authorization center determines the right of the first data request of the data calling party, intercepts partial hash values of the target user identification hash values after authorization is passed, and initiates a second data request carrying the partial hash values to the data source party;
for example, the first 128 bits of the target user identification hash value having a length of 256 bits are truncated as the partial hash value, so that the target user can be confused.
In one embodiment, before the right is confirmed, a data source side acquires first authorization information of a user, wherein the first authorization information is used for indicating that the data source side is authorized by the user to store user data content in a set authorization range, the data source side signs a summary of the first authorization information by using a user private key, and the first authorization information carrying the signature is sent to an authorization center; the authorization center uses the user public key to carry out signature verification on the first authorization information carrying the signature, and stores the first authorization information passing the verification. Therefore, the first authorization information can be prevented from being tampered by the digital signature technology, and the authenticity of the user for authorizing the data source party is guaranteed.
In one embodiment, before the right is confirmed, the data caller acquires second authorization information of the user; the second authorization information is used for indicating a user authorization data caller to use the user data in a set data use range, signing the abstract of the second authorization information by using a user private key, and sending the second authorization information carrying the signature to an authorization center; and then, the authorization center uses the user public key to carry out signature verification on the second authorization information carrying the signature, and stores the second authorization information which passes the verification. Therefore, the second authorization information can be prevented from being tampered by the digital signature technology, and the authenticity of the authorization of the user to the data calling party is ensured.
In an embodiment, the method for authorizing the first data request of the data caller by the authorization center further includes: and the authorization center matches second authorization information in the authorization information base according to the target user identification hash value, the data requester identification and the data source identification carried by the first data request. It can be understood that the above-mentioned authorization step is to confirm whether the second authorization information authorizing the data caller to call the target user data exists at the authorization center.
S106: the data source side matches the data set according to the part of the hash values, encrypts each element in the data set by using a key generated according to the user identification hash value to obtain an encrypted data set, and sends the encrypted data set to the authorization center;
each element of the data set includes: and the user identification hash value matched with the partial hash value and the corresponding user data content.
It will be appreciated that for the partial hash value, there may be multiple data that can be matched on the data source side, so that the target user data can be obfuscated in the data set.
Based on a symmetric encryption algorithm, the key generated according to the user identification hash value is used for encrypting the elements in the data set, so that a data calling party or an authorization center can be prevented from obtaining decrypted data of a non-target user.
S108: the authorization center decrypts each element in the encrypted dataset using a key generated from the target user identification hash value.
In an embodiment, the authorization center may generate an abstract of the target user identifier hash value by using a hash algorithm, encrypt the target user identifier hash value by using a symmetric cryptographic algorithm with the abstract as a key to obtain a matching value, and match the matching value with the encrypted user identifier hash value in the encrypted data set; if the matching value is matched in the encrypted data set, the authorization center returns the decrypted target user data to the data caller; if no matching value is matched in the encrypted data set, the data source side does not contain the target user data.
It will be appreciated that based on a symmetric encryption algorithm, decryption of an encrypted element in the encrypted data set can only be achieved if the authorization center holds the same key as the encrypted element. Therefore, the authorization center decrypts each element in the encrypted data set according to the key generated by the hash value of the target user identifier, and can match the elements to obtain the elements corresponding to the target user data.
Through the embodiment, the data caller identification and the user identification are processed in an encryption mode to be 'unidentifiable' and 'irrecoverable' when transmitted to the data source side by the authorization center, so that the information of the user and the data caller is ensured not to be acquired by the data source side on the premise that the authorization is verified, and the requirement of 'unidentifiable' for personal information processing in laws and regulations is ensured by technical means.
Fig. 2 is a flowchart illustrating a data hiding query method according to another exemplary embodiment of the present invention, and this embodiment further describes in detail various processes based on the embodiment illustrated in fig. 1.
As shown in fig. 2, the method provided by this embodiment may include the following steps:
s201: and the data source party P acquires the first authorization information M of the user U and digitally signs the first authorization information.
The first authorization information may include, for example, a user identifier, a user authorization time, an authorization time limit, authorization data content, a usage range of authorization data, and the like, and is used to instruct the user U to authorize the data source P to store and analyze its user data within the above-mentioned set range.
The data source side P digitally signing the first authorization information comprises: the data source party P carries out hash operation on the first authorization information M to obtain a summary H, and uses a user private key KprvThe message digest H is signed to obtain a carried signature S ═ Sig (K)prvAnd M) first authorization information M. So that the first authorization information M is not tampered during the transmission process.
S202: and the authorization center T acquires the first authorization information M which is sent by the data source party P and carries the signature S, and performs digital signature verification.
Specifically, the authorization center T uses the user public key K after obtaining the first authorization information M carrying the signature SpubThe signature S is decrypted to obtain a decrypted digest H ═ D (K)pubS). And then carrying out hash operation on the original text of the first authorization information M to obtain an information abstract H ', comparing the information abstract H ' with the information abstract H ' obtained by decryption, if H ' -H ', then proving that the first authorization information M carrying the digital signature S is sent by the data source party P and signed by the authorizing party, and receiving the first authorization information MThe authorization information M is not tampered, and the authorization center T stores the first authorization information which passes the verification.
Thus, through the above S201 and S202, the authorization information of the data source side is verified to be stored in the authorization center.
S203: and the data caller S acquires the second authorization information N of the user and digitally signs the second authorization information N.
The second authorization information N may include: user U identification, data source P identification, data caller S identification, and data use range (time range, data content range, etc.). The second authorization information N is used to indicate that the data caller S has the right to query the data of the user U. More specifically, the second authorization information N is used to indicate that the data caller S has the right to query the data stored by the user U on the data source P within the data usage range.
Digitally signing the second authorization information includes: and the data caller S performs hash operation on the second authorization information N to obtain an abstract, and signs the information abstract H by using a user private key to obtain the second authorization information N with the signature. So that the first authorization information N is not tampered during the transmission process.
S204: and the authorization center T acquires the second authorization information N which is sent by the data caller S and carries the signature, and verifies the digital signature.
Specifically, after obtaining the second authorization information N carrying the signature, the authorization center T decrypts the signature using the user public key to obtain the decrypted digest. And then carrying out hash operation on the original text of the second authorization information N to obtain an abstract, and comparing the abstract with the abstract obtained by decryption, if the second authorization information N is the same as the abstract obtained by decryption, the fact that the second authorization information N carrying the signature is sent by the data source party P and signed by the authorization party U can be proved, and the received second authorization information N is not tampered. The authorization center T stores the second authorization information which passes the verification.
Thus, the authorization information of the authentication data caller S is stored in the authorization center through the above S203 and S204.
After completing the above S201-S204, the user authorization of the two links (the user U authorizes the data source side P to store its user data in the data range, and the user U authorizes the data caller S to use its user data in the data use range) is completed.
S205: and the data caller S initiates a first data request to the authorization center T, wherein the first data request at least carries the hash value of the target user identification.
The data request is used for requesting the data caller S to call the user data of the user U. Optionally, since a user may store different data contents in multiple data source parties, the data request may further carry a data source identifier, a data caller S identifier, a data content identifier, and the like, and the data request is used to instruct the data caller S to request to call a specified data content in the user data stored by the user U on the data source P.
To obtain the hash value of the target user identifier, the data caller S may calculate the hash value id of the user identifier according to a hash algorithmencryptThe data length of the hash value is, for example, 256 bits.
S206: the authorization center T authenticates the first data request of the data caller S.
In an embodiment, the authorization center T matches the second authorization information in the authorization information base according to the hash value of the target user identifier, the identifier of the data requester and the identifier of the data source carried in the first data request. If the authorization information base contains the authorization information required by the first data request, the authorization can be confirmed.
S207: and the authorization center T intercepts part of the hash value of the target user identification hash value and sends a second data request carrying the part of the hash value to the data source party P.
Specifically, the authorization center T intercepts a target user identification hash value idencryptFor example, the first 128 bits of the 256-bit hash value are truncated and denoted as idencrypt', and passed to the data source party P via the second data request for obfuscation of the transaction contents.
S208: and the data source side P acquires a data set according to the partial hash value matching, wherein each element of the data set comprises: the user identification hash value matched with the part of hash values and the corresponding user data content encrypt each element in the data set by using a key generated according to the user identification hash value to obtain an encrypted data set;
it can be understood that the data stored by the data source P includes (user ID, user data content), and the data source P may encrypt the user ID by using a hash algorithm to obtain a user ID hash value, and obtain a partial hash value at the same position and the partial hash value IDencrypt' matching, resulting in a data set, which may include a plurality of user data elements. For each user identifier alpha in the data set Z, generating a summary H of the user identifier alpha by using a hash algorithmαBy HαAs a key, the elements in the data set are encrypted using a symmetric cryptographic algorithm to obtain an encrypted data set ZencryptAnd returns it to the rights issuer T. It can be understood that, if the data source side P stores the required target user data, the target user data may be confused in the data set Z, and at this time, the data source side P cannot know the data actually called by the data caller S, so that the privacy is higher.
S209: the data source P sends the encrypted data set to the rights issuer T.
S210: the authorization center T decrypts each element in the encrypted dataset using a key generated from the target user identification hash value.
In particular, the rights issuer T may generate the target user identification hash value id using a hash algorithmencryptSummary of (1)idIs prepared from HidAs a key and using a symmetric cryptographic algorithm to pair hash values idencryptEncryption is carried out to obtain idHWill idHAnd ZencryptThe data in (1) are matched. Wherein if in the set ZencryptIs matched to idHThe authorization center T can decrypt the target user data as well and return the result to the data caller S. On the contrary, if in the set ZencryptIs not matched to idHIt means that the data source P does not contain the target user data.
S211: and the authorization center T sends the decrypted target user data to the data caller S.
In one embodiment, when the query is completed, the query record may be encrypted using the data querier public key and the data provider public key. The private storage of the transaction data is ensured, and the original transaction information can be obtained only through secret keys of two parties of the transaction under the conditions of account checking and the like of the two parties of the transaction.
In the description of the present specification, reference to the description of the terms "some possible implementations," "some embodiments," "examples," "specific examples," or "some examples," or the like, means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.
Furthermore, the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present invention, "a plurality" means at least two, e.g., two, three, etc., unless specifically limited otherwise.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.
With regard to the method flow diagrams of embodiments of the present application, certain operations are described as different steps performed in a certain order. Such flow diagrams are illustrative and not restrictive. Certain steps described herein may be grouped together and performed in a single operation, may be divided into multiple sub-steps, and may be performed in an order different than that shown herein. The various steps shown in the flowcharts may be implemented in any way by any circuit structure and/or tangible mechanism (e.g., by software running on a computer device, hardware (e.g., logical functions implemented by a processor or chip), etc., and/or any combination thereof).
Based on the same technical concept, the embodiment of the invention also provides a data hiding query system, which is used for executing the method provided by any one of the above embodiments. Fig. 3 is a schematic structural diagram of a data hiding query system according to an embodiment of the present invention.
As shown in fig. 3, the apparatus 300 includes: a data caller 301, a data source 302, and a rights issuer 303.
The data caller 301 is configured to: initiating a first data request to an authorization center 303, wherein the first data request carries a target user identification hash value;
the rights issuer 303 is configured for: the first data request of the data caller 301 is authorized, part of hash value of the target user identification hash value is intercepted, and a second data request carrying the part of hash value is initiated to the data source 302; the data source 302 is configured for: matching the data set according to the partial hash values, each element of the data set comprising: the user identification hash value matched with the partial hash value and the corresponding user data content encrypt each element in the data set by using a key generated according to the user identification hash value to obtain an encrypted data set, and send the encrypted data set to the authorization center 303; the rights issuer 303 is configured to also: each element in the encrypted dataset is decrypted using a key generated from the target user identification hash value.
In an embodiment, the data source 302 is configured to further: before the right is confirmed, first authorization information of a user is obtained, a user private key is used for signing the abstract of the first authorization information, and the first authorization information carrying the signature is sent to an authorization center 303; the first authorization information is used for instructing the user to authorize the data source 302 to store the user data content in a set authorization range; the rights issuer 303 is configured to also: and carrying out signature verification on the first authorization information carrying the signature by using the user public key, and storing the first authorization information passing the verification.
In an embodiment, the data caller 301 is configured to further: before the right is confirmed, second authorization information of the user is obtained, a user private key is used for signing the abstract of the second authorization information, and the second authorization information carrying the signature is sent to the authorization center 303; the second authorization information is used for indicating the user to authorize the data caller 301 to use the user data within the set data use range; the rights issuer 303 is configured to further: and carrying out signature verification on the second authorization information carrying the signature by using the user public key, and storing the second authorization information passing the verification.
In an embodiment, the determining the right of the first data request of the data caller 301 further includes: the authorization center 303 matches the second authorization information in the authorization information base according to the hash value of the target user identifier carried in the first data request, the identifier of the data requester and the identifier of the data source 302.
In one embodiment, the authorization center 303 intercepts a partial hash value of the target user identification hash value, and further includes: the first 128 bits of the target user identification hash value are truncated.
In an embodiment, the rights issuer 303 is configured to further: generating an abstract of a target user identification hash value by using a hash algorithm, encrypting the target user identification hash value by using a symmetric cryptographic algorithm by using the abstract as a key to obtain a matching value, and matching the matching value with data in an encrypted data set; if the matching value is matched in the encrypted data set, the authorization center 303 returns the target data to the data caller 301; if no matching value is matched in the encrypted data set, the data source 302 does not contain the target data.
In an embodiment, the rights issuer 303 is configured to further: and after the query is finished, encrypting the query record by using the public key of the data query party and the public key of the data provider.
It should be noted that the system in the embodiment of the present application may implement each process of the foregoing embodiment of the method, and achieve the same effect and function, which is not described herein again.
According to some embodiments of the present application, there is provided a non-transitory computer storage medium of the above method having stored thereon computer-executable instructions configured to, when executed by a processor, perform: the method of the above embodiment.
The embodiments in the present application are described in a progressive manner, and the same and similar parts among the embodiments can be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus, device, and computer-readable storage medium embodiments, the description is simplified because they are substantially similar to the method embodiments, and reference may be made to some descriptions of the method embodiments for their relevance.
The apparatus, the device, and the computer-readable storage medium provided in the embodiment of the present application correspond to the method one to one, and therefore, the apparatus, the device, and the computer-readable storage medium also have advantageous technical effects similar to those of the corresponding method.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. Moreover, while the operations of the method of the invention are depicted in the drawings in a particular order, this does not require or imply that the operations must be performed in this particular order, or that all of the illustrated operations must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.
While the spirit and principles of the invention have been described with reference to several particular embodiments, it is to be understood that the invention is not limited to the disclosed embodiments, nor is the division of aspects, which is for convenience only as the features in such aspects may not be combined to benefit. The invention is intended to cover various modifications and equivalent arrangements included within the spirit and scope of the appended claims.

Claims (14)

1. A data hiding trace query method is characterized by comprising the following steps:
a data calling party initiates a first data request to an authorization center, wherein the first data request carries a hash value of a target user identifier;
the authorization center confirms the right of the first data request of the data caller, intercepts part of hash values of the target user identification hash values after the right confirmation is passed, and initiates a second data request carrying the part of hash values to a data source;
the data source side matches a data set according to the partial hash value, each element of the data set including: the user identification hash value matched with the part of hash values and corresponding user data content encrypt each element in the data set by using a key generated according to the user identification hash value to obtain an encrypted data set, and send the encrypted data set to the authorization center;
and the authorization center decrypts each element in the encrypted data set by using a key generated according to the target user identification hash value.
2. The method of claim 1, wherein prior to the determining, the method further comprises:
the data source side acquires first authorization information of a user, signs the abstract of the first authorization information by using a user private key, and sends the first authorization information with the signature to the authorization center;
the authorization center uses a user public key to carry out signature verification on the first authorization information carrying the signature, and stores the first authorization information which passes the verification; the first authorization information is used for indicating that the user authorizes the data source party to store user data content in a set authorization range.
3. The method of claim 1, wherein prior to the determining, the method further comprises:
the data calling party acquires second authorization information of the user, signs the abstract of the second authorization information by using a user private key, and sends the second authorization information carrying the signature to the authorization center;
the authorization center uses a user public key to carry out signature verification on second authorization information carrying a signature, and stores the second authorization information which passes the verification; the second authorization information is used for indicating that the user authorizes the data caller to use the user data within a set data use range.
4. The method of claim 3, wherein the rights issuer validates the first data request of the data caller, further comprising:
and the authorization center matches the second authorization information in the authorization information base according to the hash value of the target user identifier carried by the first data request, the identifier of the data requester and the identifier of the data source.
5. The method of claim 1, wherein the rights issuer intercepts a partial hash of the target user identification hash, further comprising:
the first 128 bits of the target user identification hash value are truncated.
6. The method of claim 1, wherein decrypting each element in the encrypted data set further comprises:
the authorization center generates an abstract of the target user identification hash value by using a hash algorithm, encrypts the target user identification hash value by using a symmetric cipher algorithm by using the abstract as a secret key to obtain a matching value, and matches the matching value with the data in the encrypted data set; wherein the content of the first and second substances,
if the matching value is matched in the encrypted data set, the authorization center returns the decrypted target user data to the data caller;
if the matching value is not matched in the encrypted data set, the data source side does not contain the target user data.
7. The method of claim 1, further comprising:
and after the query is finished, encrypting the query record by using the public key of the data query party and the public key of the data provider.
8. A data track query system, comprising: a data caller, a data source and an authorization center, wherein,
the data caller is configured to: initiating a first data request to an authorization center, wherein the first data request carries a target user identification hash value;
the rights issuer is configured for: the first data request of the data calling party is authenticated, a part of hash values of the target user identification hash values are intercepted, and a second data request carrying the part of hash values is initiated to a data source party;
the data source side is configured for: matching a data set according to the partial hash value, each element of the data set comprising: the user identification hash value matched with the part of hash values and corresponding user data content encrypt each element in the data set by using a key generated according to the user identification hash value to obtain an encrypted data set, and send the encrypted data set to the authorization center;
the rights issuer is configured to further: decrypting each element in the encrypted dataset using a key generated from the target user identification hash value.
9. The system of claim 8,
the data source side is configured to further: before the right is confirmed, first authorization information of a user is obtained, a user private key is used for signing the abstract of the first authorization information, and the first authorization information carrying the signature is sent to the authorization center; the first authorization information is used for indicating that the user authorizes the data source party to store user data content in a set authorization range;
the authorization center is configured to further: and carrying out signature verification on the first authorization information carrying the signature by using a user public key, and storing the first authorization information passing the verification.
10. The system of claim 8,
the data caller is configured to further: before the right is confirmed, second authorization information of the user is obtained, a user private key is used for signing the abstract of the second authorization information, and the second authorization information carrying the signature is sent to the authorization center; the second authorization information is used for indicating that the user authorizes the data caller to use the user data within a set data use range;
the rights issuer is configured to further: and carrying out signature verification on the second authorization information carrying the signature by using the user public key, and storing the second authorization information passing the verification.
11. The system of claim 10, wherein the validating the first data request of the data caller further comprises:
and the authorization center matches the second authorization information in the authorization information base according to the hash value of the target user identifier carried by the first data request, the identifier of the data requester and the identifier of the data source.
12. The system of claim 8, wherein the authority intercepts a partial hash value of the target subscriber identity hash value, and further comprising: the first 128 bits of the target user identification hash value are truncated.
13. The system of claim 8, wherein the authorization center is configured to further:
generating an abstract of the target user identification hash value by using a hash algorithm, encrypting the target user identification hash value by using a symmetric cryptographic algorithm by using the abstract as a secret key to obtain a matching value, and matching the matching value with the data in the encrypted data set; wherein the content of the first and second substances,
if the matching value is matched in the encrypted data set, the authorization center returns target data to the data caller;
if the matching value is not matched in the encrypted data set, the data source side does not contain the target data.
14. The system of claim 8, wherein the authorization center is configured to further:
and after the query is finished, encrypting the query record by using the public key of the data query party and the public key of the data provider.
CN202210150314.4A 2022-02-18 2022-02-18 Data hiding trace query method and system Pending CN114547648A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210150314.4A CN114547648A (en) 2022-02-18 2022-02-18 Data hiding trace query method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210150314.4A CN114547648A (en) 2022-02-18 2022-02-18 Data hiding trace query method and system

Publications (1)

Publication Number Publication Date
CN114547648A true CN114547648A (en) 2022-05-27

Family

ID=81675961

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210150314.4A Pending CN114547648A (en) 2022-02-18 2022-02-18 Data hiding trace query method and system

Country Status (1)

Country Link
CN (1) CN114547648A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115292378A (en) * 2022-08-16 2022-11-04 北京冲量在线科技有限公司 Secret query system based on trusted execution environment and accidental transmission
CN115795547A (en) * 2022-12-09 2023-03-14 京信数据科技有限公司 Method, device, terminal and computer storage medium for querying data

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115292378A (en) * 2022-08-16 2022-11-04 北京冲量在线科技有限公司 Secret query system based on trusted execution environment and accidental transmission
CN115292378B (en) * 2022-08-16 2023-12-05 北京冲量在线科技有限公司 Trusted execution environment and careless transmission-based hidden query system and method thereof
CN115795547A (en) * 2022-12-09 2023-03-14 京信数据科技有限公司 Method, device, terminal and computer storage medium for querying data

Similar Documents

Publication Publication Date Title
CN107743133B (en) Mobile terminal and access control method and system based on trusted security environment
CN110855671B (en) Trusted computing method and system
CN111181720B (en) Service processing method and device based on trusted execution environment
KR101010040B1 (en) File encryption/decryption method, device, program, and computer-readable recording medium containing the program
CN102077213B (en) Techniques for ensuring authentication and integrity of communications
CN103246850A (en) Method and device for processing file
EP4195583A1 (en) Data encryption method and apparatus, data decryption method and apparatus, terminal, and storage medium
CN114584307B (en) Trusted key management method and device, electronic equipment and storage medium
US20220014367A1 (en) Decentralized computing systems and methods for performing actions using stored private data
CN114547648A (en) Data hiding trace query method and system
US20220284133A1 (en) Executing entity-specific cryptographic code in a cryptographic coprocessor
CN115242553A (en) Data exchange method and system supporting secure multi-party computation
CN100437422C (en) System and method for enciphering and protecting software using right
CN111031352B (en) Audio and video encryption method, security processing method, device and storage medium
US20230021749A1 (en) Wrapped Keys with Access Control Predicates
CN111079157A (en) Secret fragmentation trusteeship platform based on block chain, equipment and medium
CN113810178B (en) Key management method, device, system and storage medium
CN114329390A (en) Financial institution database access password protection method and system
CN110830252B (en) Data encryption method, device, equipment and storage medium
KR20200045820A (en) Apparatus and method for encryption and decryption
WO2022133923A1 (en) License authentication method and apparatus, electronic device, system, and storage medium
CN115996126B (en) Information interaction method, application device, auxiliary platform and electronic device
US11468178B1 (en) Embedded obfuscated channel cryptography
JP6830635B1 (en) Data management method
US20230024967A1 (en) Transaction security techniques

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination