CN114826772A - Data integrity verification system - Google Patents

Abstract

The application provides a data integrity verification system, relates to the technical field of communication, and can verify data integrity in a data stream transfer process. The system comprises: the system comprises a data sending end, a data receiving end and a DIVS AS; a data transmitting end configured to: sending target data to a data receiving end; the target data includes: the data to be verified, the first digital signature and the first identifier are obtained; a data receiving end configured to: receiving target data and sending a first identifier to a DIVS AS; a DIVS AS configured to: receiving a first identifier, and inquiring data integrity verification information associated with the first identifier; a data receiving end configured to: and receiving data integrity verification information, verifying the first digital signature according to a first public key in the data integrity verification information, and determining the data integrity of the data to be verified according to the verification result of the first digital signature. The embodiment of the application is used in the data integrity verification process.

Description

Data integrity verification system

Technical Field

The present application relates to the field of communications technologies, and in particular, to a data integrity verification system.

Background

In the related art, after a data sending end collects data, the data is often required to be sent to a specific terminal, and the specific terminal forwards or circulates the data to a data receiving end. But the data receiving end cannot verify the data integrity of the received data after receiving the data. And then the data receiving end cannot determine whether the received data is the original data sent by the data sending end, and whether the specific terminal falsifies the data in the forwarding process. Therefore, how to verify the data integrity of the received data becomes a problem to be solved urgently at present.

Disclosure of Invention

The application provides a data integrity verification system, which verifies the data integrity of data after a data receiving end receives the data.

In order to achieve the purpose, the technical scheme is as follows:

in a first aspect, the present disclosure provides a data integrity verification system, the system comprising: the system comprises a data sending end, a data integrity verification server DIVS AS and a data receiving end.

Wherein the data transmitting end is configured to: sending target data to a data receiving end; the target data includes: the data to be verified, the first digital signature and the first identifier are obtained; the first digital signature is a digital signature determined by signing the data to be verified according to the first private key; the first identification is a storage identification of data integrity verification information of the data sending end in a DIVS AS; the first private key is a private key in a first key pair generated by the data sending end.

A data receiving end configured to: and receiving target data and sending the first identifier to the DIVS AS.

A DIVS AS configured to: receiving a first identifier, and inquiring data integrity verification information associated with the first identifier; the data integrity verification information comprises a first public key; the first public key is a public key in a first key pair generated by the data sending end.

A data receiving end configured to: and receiving data integrity verification information, verifying the first digital signature according to a first public key in the data integrity verification information, and determining the data integrity of the data to be verified according to a verification result of the first digital signature.

The scheme at least has the following beneficial effects: in the embodiment of the disclosure, after the data is acquired by the data transmitting end, the data is digitally signed by using the first private key, and then the digital signature and the data to be verified are uniformly transmitted to the data receiving end. After the data receiving end receives the data, the data integrity verification information of the data sending end is obtained from the DIVS AS, the first digital signature is verified by using the first public key in the data integrity verification information, if the verification is successful, the signature is performed according to the first private key according to the first digital signature, and the first private key is a secret key inside the data sending end and cannot be stolen by the outside. Therefore, under the condition that the first digital signature is successfully verified, the first digital signature is the digital signature obtained by the data sending end after signing the data to be verified, and therefore the data to be verified is the original data sent by the data sending end. Based on this, the data receiving end can determine whether the received data is the original data sent by the data sending end according to the method, so that the data integrity of the data to be verified is effectively verified.

With reference to the first aspect, in a possible implementation manner, the data sending end is further configured to: sending first data to a DIVS AS; the first data includes: the first public key is a signature algorithm set supported by the data sending end and first terminal information of the data sending end; a DIVS AS further configured to: acquiring the subscription information of a data sending end according to the first terminal information; the subscription information includes: the signing validity information of the data sending end; determining data integrity verification information according to the first data and the subscription information; the data integrity verification information is stored in the blockchain.

Based on this, before performing data integrity verification, the data sending end may store data integrity verification information in the block chain by interacting with the DIVS AS. Thus, when the data receiving end requests the data integrity verification information, the data receiving end can acquire the data integrity verification information from the block chain, so as to avoid tampering the data integrity verification information.

With reference to the first aspect, in a possible implementation manner, the system further includes: a capability open platform NEF and a user data management network element UDM; a DIVS AS specifically configured to: sending a signing information acquisition request to a capability open platform NEF; the subscription information acquisition request comprises first terminal information; a NEF configured to: requesting to acquire the subscription information of the data transmitting end from the UDM, and returning the subscription information of the data transmitting end to the DIVS AS after acquiring the subscription information of the data transmitting end; DIVS AS, further configured to: receiving subscription information from the NEF; the subscription information is the subscription information of the data sending end, which is returned by the NEF and acquired in the user data management network element UDM according to the first terminal information.

Based on this, the DIVS AS acquires the subscription information of the data sending end from the operator network before storing the data integrity verification information in the blockchain, compares whether the terminal information of the data sending end is consistent with the terminal information in the subscription information, and stores the data integrity verification information in the blockchain in case of consistency. And the data stored in the block chain by the DIVS AS is ensured to be the data integrity verification information of the data transmitting end.

With reference to the first aspect, in a possible implementation manner, the data sending end is specifically configured to: generating a first key pair; the first key pair comprises a first public key and a first private key; signing the first public key and the first terminal information by adopting a first private key and a first signature algorithm, and determining a second digital signature; and generating first data according to the first public key, the first terminal information, the signature algorithm set supported by the data sending end and the second digital signature.

Based on the method, the data sending end generates a first public key and a first private key, stores the first private key and sends the first public key to the DIVS AS. In this way, the data to be verified can be encrypted using the first private key and decrypted using the first public key. In addition, the data sending end adopts the first private key and the first signature algorithm to sign the metadata to generate a second digital signature, so that the DIVS AS can verify the second digital signature according to the first public key and the first signature algorithm to ensure the accuracy of the received first data.

With reference to the first aspect, in a possible implementation manner, the DIVS AS is specifically configured to: verifying the second digital signature according to the first public key and a first signature algorithm; under the condition that the second digital signature passes verification, acquiring first terminal information in the first data; and generating a subscription information acquisition request according to the first terminal information.

Based on this, the DIVS AS can determine whether the first data is the original data sent to the DIVS AS by verifying the second digital signature, so that the accuracy of the received first data is ensured.

With reference to the first aspect, in a possible implementation manner, the DIVS AS is specifically configured to: generating a first data set to be signed according to the first data and the signing data; signing the first data set to be signed according to a second private key and a second signature algorithm, and determining a third digital signature; the second private key belongs to a second key pair generated by the DIVS AS; and determining data integrity verification information according to the first data set to be signed, the certificate corresponding to the second private key and the third digital signature.

Based on this, the DIVS AS signs the data integrity verification information again, so that the data receiving end can check the sign according to the signature information of the block chain after receiving the data integrity verification information, and the data integrity verification information is ensured to be the information from the DIVS AS.

With reference to the first aspect, in a possible implementation manner, the DIVS AS is further configured to: sending the first transaction identification to the data sending end; wherein the first transaction identifier is used for characterizing the storage information of the data integrity verification information in the blockchain.

Based on this, the DIVS AS can enable the data sending end to generate the first identifier according to the transaction identifier by sending the transaction identifier to the data sending end, and further enable the data receiving end to obtain the data integrity verification information from the DIVS AS according to the first identifier.

With reference to the first aspect, in a possible implementation manner, the DIVS AS is further configured to: sending the first address information to the data sending end; the first address information is address information of a DIVS AS storing data integrity verification information corresponding to the first transaction identifier.

Based on this, the DIVS AS can send the DIVS AS entry address to the data sending end, and the data sending end enables the data receiving end to determine the DIVS AS capable of storing the data integrity verification information according to the DIVS AS entry address by adding the DIVS AS entry address in the target data.

With reference to the first aspect, in a possible implementation manner, the UDM is further configured to: under the condition that the subscription information of the data sending end is updated, sending a subscription information updating message to the NEF; the subscription information update message includes: second terminal information of the data sending end and the updated subscription information of the data sending end; NEF, further configured to: forwarding a subscription information update message to a DIVS AS; a DIVS AS further configured to: inquiring latest target data integrity verification information including second terminal information in the block chain; updating the latest target data integrity verification information according to the updated subscription information; and storing the updated latest target data integrity verification information in the block chain.

Based on this, after the subscription information of the data sending end is changed, the UDM can timely notify the DIVS AS to update the subscription information. And the DIVS AS can update the data integrity verification information according to the updated subscription information, so that the real-time performance of the data integrity verification information is ensured.

With reference to the first aspect, in a possible implementation manner, the DIVS AS is further specifically configured to: executing a first operation on each piece of target data integrity verification information, and determining each piece of updated target data integrity verification information; the first operation includes: generating a second data set to be verified according to the first data and the updated subscription information; signing the second data set to be signed according to the second private key and a second signature algorithm, and determining a fourth data signature; and determining the updated target data integrity verification information according to the second data set to be signed, the certificate corresponding to the second private key and the fourth digital signature.

Based on this, the DIVS AS stores the updated subscription information of the data sending end in the block chain, so that the data receiving end can verify the data integrity of the data to be verified according to the updated subscription information.

With reference to the first aspect, in a possible implementation manner, the DIVS AS is further configured to:

sending the second transaction identification to the data sending end; wherein the second transaction identifier is used for characterizing the storage information of the updated target data integrity verification information in the blockchain.

Based on this, the DIVS AS can enable the data sending end to generate the first identifier according to the updated transaction identifier by sending the updated transaction identifier to the data sending end, so that the data receiving end obtains the updated data integrity verification information according to the first identifier.

With reference to the first aspect, in a possible implementation manner, the DIVS AS is further configured to: sending the second address information to the data sending end; the second address information is the address information DIVS AS of the DIVS AS for storing the updated target data integrity verification information, and based on the address information DIVS AS, the DIVS AS sends the updated DIVS AS entry address to the data sending end, and the data sending end can add the updated DIVS AS entry address in the target data; and then the data receiving end can acquire the updated data integrity verification information from the DIVS according to the updated DIVS AS entry address.

With reference to the first aspect, in a possible implementation manner, the data sending end is further configured to: receiving the latest transaction identifier in the first transaction identifier and the second transaction identifier from the DIVS AS; the first transaction identification is generated according to the storage information of the data integrity verification information in the block chain; the second transaction identification is generated according to the storage information of the updated data integrity verification information in the block chain; the first identifier is generated based on at least one of the first transaction identifier and the second transaction identifier.

Based on this, the data sending end may generate the first identifier according to the first transaction identifier and the second transaction identifier.

With reference to the first aspect, in a possible implementation manner, the target data further includes a verification access address; the verification access address is used for representing the address of a DIVS (do not verify service) AS for storing data integrity verification information of a data transmitting end; a data sender further configured to: receiving at least one of first address information and second address information from a DIVS AS; the first address information is address information of a DIVS AS storing data integrity verification information corresponding to the first transaction identifier; the second address information is the address information of DIVS AS for storing the updated data integrity verification information corresponding to the second transaction identifier; a verification access address is generated based on at least one of the first address information and the second address information.

Based on this, the data sending end can generate the verification access address according to the first address information and the second address information.

With reference to the first aspect, in a possible implementation manner, the target data further includes a timestamp of the first digital signature; the data integrity verification information further includes: the subscription validity period of the data sending end; a data receiving end further configured to: determining whether the timestamp of the first digital signature is within the signing validity period of the data sending end; and if so, determining that the data integrity verification of the data to be verified is successful.

Based on this, the data receiving end may specifically determine whether the terminal is in the signing effective time period when acquiring data according to whether the timestamp of the first digital signature is within the signing effective period, and determine that the integrity verification of the data acquired by the data transmitting end within the signing effective period is successful, and the integrity verification of the data acquired outside the signing effective period is failed.

With reference to the first aspect, in a possible implementation manner, the data receiving end is further configured to: verifying the third digital signature according to the certificate corresponding to the second private key and a second signature algorithm; and under the condition that the third digital signature is verified successfully, acquiring a first public key in the first data set to be signed.

Based on this, the data sending end can determine whether the obtained data is the data sent by the DIVS AS to the data sending end by verifying the third digital signature.

With reference to the first aspect, in a possible implementation manner, the device information includes: the embedded universal integrated circuit card identifies at least one of eUICC ID and international mobile equipment identity IMEI; an account opening platform, specifically configured to: acquiring an eSIM profile and an applet of a data transmitting end, and determining an Integrated Circuit Card Identification (ICCID) of the eSIM; binding at least one of eUICC ID, IMEI and ICCID; determining the signing validity information of the data sending end according to the signing validity period of the data sending end; and determining the subscription information of the data sending end according to the second terminal information and the subscription validity information.

Based on this, the account opening platform may determine the second terminal information and the subscription information of the data sending end according to the device information and the subscription information of the data sending end.

With reference to the first aspect, in a possible implementation manner, the first terminal information includes at least one of an eUICC ID/ICCID, an IMEI, and an MSISDN of the data sending end; (ii) a The second terminal information includes at least one of eUICC ID/ICCID, IMEI, and MSISDNICCID.

Based on this, the account opening platform binds the eUICC ID, the IMEI and the ICCID as the terminal information of the data sending end, and the uniqueness and consistency of the terminal information of the data sending end are ensured.

In the present application, the names of the above-mentioned communication means do not limit the devices or functional modules themselves, which may appear by other names in actual implementations. Insofar as the functions of the respective devices or functional blocks are similar to those of the present invention, they are within the scope of the claims of the present invention and their equivalents.

Drawings

Fig. 1 is a system architecture diagram of a 5G capability open architecture provided in the present application;

fig. 2 is a schematic structural diagram of a blockchain according to the present application;

fig. 3 is a system architecture diagram of a data integrity verification system provided herein;

FIG. 4 is a system architecture diagram of yet another data integrity verification system provided herein;

FIG. 5 is a system architecture diagram of a data integrity verification system in a vertical industry scenario as provided herein;

fig. 6 is a schematic flowchart of a data sending end signing a contract in an operator network according to the present disclosure;

fig. 7 is a schematic flow chart of data integrity verification information uplink according to the present disclosure;

fig. 8 is a schematic flow chart of updating data integrity verification information according to the present disclosure;

fig. 9 is a schematic flow chart of data integrity verification provided by the present disclosure;

fig. 10 is a schematic structural diagram of an electronic device provided in the present disclosure.

Detailed Description

The data integrity verification system provided by the embodiment of the present application is described in detail below with reference to the accompanying drawings.

The term "and/or" herein is merely an association describing an associated object, meaning that three relationships may exist, e.g., a and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone.

The terms "first" and "second" and the like in the description and drawings of the present application are used for distinguishing different objects or for distinguishing different processes for the same object, and are not used for describing a specific order of the objects.

Furthermore, the terms "including" and "having," and any variations thereof, as referred to in the description of the present application, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements but may alternatively include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

It should be noted that in the embodiments of the present application, words such as "exemplary" or "for example" are used to indicate examples, illustrations or explanations. Any embodiment or design described herein as "exemplary" or "e.g.," is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, use of the word "exemplary" or "such as" is intended to present concepts related in a concrete fashion.

Hereinafter, for the sake of understanding, the terms referred to in the embodiments of the present application will be explained first.

1. Machine type terminal

Machine type terminals are generally used for collecting generated data and are widely applied in the vertical industry. The application of machine type terminals has effectively facilitated the digital transformation of vertical industries such as agriculture, logistics, transportation, medical, environmental, supply chain finance, smart cities, etc.

With the development of 5G networks, machine type terminals are more and more widely applied, mass machine type terminals acquire data and then send the data to a service provider terminal, and the service provider terminal collects, summarizes and analyzes the acquired data. In addition, the service provider terminal can also forward the data collected by the machine type terminal to the upstream data consumer terminal. The data consumer terminal may obtain valuable data within the industry by analyzing the data. For example, in the agricultural industry, a data consumption terminal may determine environmental data (such as temperature and wind speed) for agricultural insurance based on data collected by a machine type terminal. In the used vehicle industry, the data consumption terminal may determine driving behavior data for used transaction vehicles based on data collected by the machine type terminal. In the traffic industry, data consuming terminals may determine traffic data for AI algorithm training based on data collected by machine type terminals.

The current machine type terminal directly reports the collected data to the service provider terminal after collecting the data, and the data can not be directly provided to the data consumption terminal. The data consumption terminal can only obtain the collected data from the service provider terminal, but cannot directly obtain the data from the machine type terminal. However, after the data consumption terminal receives the collected data, it cannot be determined whether the data provided by the service provider terminal is tampered, and it is difficult to verify whether the received collected data is the original data collected by the machine type terminal.

In many industries, such as agricultural insurance and distributed artificial intelligence applications, the requirement on data integrity (data authenticity) is very high, and if data consumption terminals in these industries perform data analysis and decision based on tampered data, unnecessary economic loss and security attack may be caused. Therefore, for the data consumption terminal, how to verify the integrity of the acquired data, and ensure that the acquired data is the original data acquired by the source end and the data is not tampered, becomes a problem to be solved urgently at present.

In the present disclosure, the machine type terminal may be a data sender for performing a function related to the data sender. The data consumption terminal is a data receiving terminal and is used for executing functions related to the data receiving terminal.

2. Data integrity

In the embodiment of the present disclosure, the data integrity is mainly used for the data receiving end (e.g., the data consuming terminal described above) to verify whether the received data is the original data sent by the data sending end (e.g., the machine type terminal described above). The data is prevented from being tampered in the intermediate forwarding process. As can be seen from the above description in the machine type terminal, there is a need for a current data consuming terminal to verify the data integrity of data provided by a service provider terminal.

In the related art, the integrity of data can be verified by using a symmetric key + one-way Hash function or an asymmetric key Hash manner. However, these solutions have at least the following problems.

The data integrity verification method adopting the symmetric key and the one-way Hash function can only verify the data integrity of the data in the point-to-point transmission process, but cannot verify whether the data is the original data provided by the source end. This may result in the service provider terminal tampering with the data before sending the data to the data consumer terminal, which cannot verify whether the data has been tampered with.

In the process of data integrity verification by using asymmetric key hash, the data integrity is verified by using a private key signature + public key signature verification (for example, ITU-T X.509, IETF RFC 4880). But in this way it is also not possible to verify whether the data is the original data provided by the source. For example, after the data is collected at the machine type terminal, the collected data is forwarded by the service provider terminal to the data consuming terminal. The data consumption terminal can only perform subsequent processing with the received data as raw data, or restrict the service provider to provide the raw data by way of declaration and contract. However, these methods cannot avoid the original data provided by the service provider terminal, and it is difficult to ensure the data integrity.

3. Embedded subscriber identity module (eSIM) and Trusted Execution Environment (TEE) technologies.

The eSIM and TEE can store confidential data and perform trusted operations at the machine type terminal, for example, generate a public-private key pair in the eSIM of the machine type terminal, or issue public key endorsement information to the eSIM in an OTA manner.

In the machine type terminal, when the machine type terminal needs to transmit data, the machine type terminal may call a predetermined interface through the OS to sign the collected data using a private key stored in the TEE or the eSIM, and then transmit the signed data to the service provider terminal.

4. 5G open capability architecture

Fig. 1 is a system architecture diagram of a 5G capability open architecture provided in an embodiment of the present application. In the 5G capability open architecture shown in fig. 1, the architecture includes: an Application Server (AS), a Network Element Function (NEF), a unified data management Function (UDM), a Policy Control Function (PCF), an access and mobility management Function (AMF), a Session Management Function (SMF), a Network Repository Function (NRF), a Network Entity Function (Network Entity Function).

The AS is an application server of an operator or a third-party application server and is used for providing network service capability of the operator or service capability of third-party application. The AS accesses the API interface of the NEF of the operator 5G network through the Nnef, and communicates with the NEF through the API interface.

The NEF is a capability opening network element of the operator, and is configured to open the network capability of the operator to a third-party service, open data (e.g., location information) in the core network to the AS, or transmit a service requirement (e.g., QoS policy) of the AS to a network element in the 5G core network.

The NEF is connected with the UDM through a Nudm interface, connected with the PCF through an Npcf interface, connected with the AMF through Namf, connected with the SMF through Nsmf, connected with the NRF through Nnrf and connected with the Network Entity through a 3GPP interface.

It should be noted that, in the embodiment of the present disclosure, a long-term data integrity verification service may be provided for data collected by a machine type terminal through an AS function of an operator.

5. Block chain

Blockchains are a data storage technique that is commonly maintained by multiple parties, stores data in a blockchain structure, and uses cryptography to secure transmission and access. The effects of data consistent storage, incapability of tampering and incapability of repudiation can be realized through the block chain technology.

The blockchain usually comprises a plurality of blockchain nodes, the plurality of nodes respectively store accounts in the blockchain, and the P2P technology is used for synchronizing the accounts, so that the consistency of the stored accounts of each node is ensured. When the data in the account book needs to be updated, the plurality of nodes adopt a consensus mechanism to confirm the record written in the account book. Therefore, the data written into the block chain account book can be guaranteed to be written under the condition that the plurality of nodes confirm together, the data which is not confirmed by the plurality of nodes together cannot be written, and the data written into the block chain account book cannot be tampered and is traceable.

The blockchains are divided according to the types of allowed access users into: public, federation, and private chains. Wherein the public chain allows any terminal to access and use the accounting book for accounting. The federation chain only allows access and accounting using the ledger for terminals of a particular individual or terminals of a particular enterprise. Private chains only allow enterprise internal nodes to maintain and use blockchains.

Fig. 2 is a schematic structural diagram of a block chain according to an embodiment of the present disclosure. As shown in fig. 2, the blockchain includes a plurality of blockchain nodes Peer, and the blockchain nodes are connected to each other. The blockchain node is provided with an intelligent contract (only the blockchain node 3 is shown as an example in the figure, and other nodes are similar to the blockchain node 3).

Each block link point includes a block chain Ledger (Legger), and the block chain Ledger is used for storing data, for example, storing data in a hash form.

It should be noted that in the embodiments of the present disclosure, the data integrity verification information may be stored by a block chain technique. Such as public key information MSISDN, ICCID, device sequence information, hash algorithm, timestamp, etc., and provides the data integrity verification server for the terminal through the open capability of the 5G network. Therefore, the data integrity verification of the whole data life cycle is ensured when the vertical industry collects data through the machine type terminal, the trust cost generated in the data stream conversion and reapplication process is reduced, and the digital conversion and data application of the vertical industry are promoted.

The technical terms related to the embodiments of the present application are described above in detail.

As can be seen from the above description of the machine type terminal and the data integrity verification, in the current data transmission process (especially, in the process of forwarding data by a third party), the data receiving end has a need to verify the data integrity of the received data.

For example, in an application scenario of a vertical industry, the machine type terminal sends collected data to the service provider terminal, and the service provider terminal forwards the data to the data consumption terminal. In this scenario, it is difficult for the data consuming terminal to verify whether the service provider terminal has tampered with the data collected by the machine type terminal. Resulting in the data consuming terminal being unable to determine the data integrity of the received data.

In order to solve the problems in the related art, an embodiment of the present application provides a data integrity verification system, where data integrity verification information of a data sending end is stored in a data integrity verification server DIVS AS, after a data receiving end receives data to be verified and a first digital signature of the data to be verified, the data integrity verification information of the data sending end is obtained from the DIVS AS, the first digital signature is verified according to the data integrity verification information, and in a case that the first digital signature is valid, the data is represented AS original data acquired by a data acquisition terminal, so that successful data integrity verification of the data is represented.

Fig. 3 is a system architecture diagram of a data integrity verification system provided by an embodiment of the present application; as shown in fig. 3, the data integrity verification system includes: a data transmitting end 301, a data integrity verification server (DIVS AS)302, and a data receiving end 303.

Wherein the data transmitting end 301 is configured to: sending the target data to the data receiving end 303; the target data includes: the data to be verified, the first digital signature and the first identifier are obtained; the first digital signature is a digital signature determined by signing the data to be verified according to the first private key; the first identifier is a storage identifier of data integrity verification information of the data transmitting terminal 301 in the DIVS AS 302; the first private key is a private key of the first key pair generated by the data sending end 301.

A data receiving end 303 configured to: receives the target data and sends a first identification to DIVS AS 302.

DIVS AS302 configured to: receiving a first identifier, and inquiring data integrity verification information associated with the first identifier; the data integrity verification information comprises a first public key; the first public key is a public key in a first key pair generated by the data sender 301.

A data receiving end 303 configured to: and receiving data integrity verification information, verifying the first digital signature according to a first public key in the data integrity verification information, and determining the data integrity of the data to be verified according to a verification result of the first digital signature.

Optionally, the data transmitting end 301 may be the above-mentioned machine type terminal. The data receiving end 303 may be the data consuming terminal described above.

The scheme at least has the following beneficial effects: in the embodiment of the present disclosure, after the data is collected, the data sending end 301 performs digital signature on the data by using the first private key, and then sends the digital signature and the data to be verified to the data receiving end 303 in a unified manner. After receiving the data, the data receiving end 303 obtains the data integrity verification information of the data sending end 301 from the DIVS AS302, verifies the first digital signature by using the first public key in the data integrity verification information, and if the verification is successful, it indicates that the signature is performed according to the first private key according to the first digital signature, and the first private key is a secret key inside the data sending end 301, and cannot be stolen by the outside. Therefore, when the first digital signature is successfully verified, it is described that the first digital signature is a digital signature obtained by the data sending end 301 signing the data to be verified, and thus the data to be verified is the original data sent by the data sending end 301. Based on this, the data receiving end 303 can determine whether the received data is the original data sent by the data sending end 301 according to the method, so that the data integrity of the data to be verified is effectively verified.

With reference to fig. 3, as shown in fig. 4, in a possible implementation manner, the data integrity verification system provided in the embodiment of the present application further includes: a capability openplatform NEF304 and a user data management network element UDM 305.

Wherein the data transmitting end 301 is further configured to: sending the first data to DIVS AS 302; the first data includes: a first public key, a signature algorithm set supported by the data sending end and first terminal information of the data sending end 301; DIVS AS302, further configured to: acquiring the subscription information of the data sending end 301 according to the first terminal information; the subscription information includes: the subscription validity information of the data sending end 301; determining data integrity verification information according to the first data and the subscription information; the data integrity verification information is stored in the blockchain.

Based on this, data sender 301 may store data integrity verification information in the blockchain by interacting with DIVS AS302 prior to performing data integrity verification. In this way, when the data receiving end 303 requests the data integrity verification information, the data receiving end 303 may obtain the data integrity verification information from the blockchain, so as to prevent the data integrity verification information from being tampered.

In one possible implementation, the system further includes: a capability open platform NEF and a user data management network element UDM; DIVS AS302, specifically configured to: sending a signing information acquisition request to a capability open platform NEF; the subscription information acquisition request comprises first terminal information; a NEF configured to: requesting to acquire the subscription information of the data transmitting end 301 from the UDM, and returning the subscription information of the data transmitting end 301 to the DIVS AS302 after acquiring the subscription information of the data transmitting end 301; DIVS AS302, further configured to: receiving subscription information from the NEF; the subscription information is the subscription information of the data sending end 301, which is returned by the NEF and acquired in the user data management network element UDM according to the first terminal information.

Based on this, the DIVS AS302, before storing the data integrity verification information in the blockchain, acquires the subscription information of the data sending end 301 from the operator network, compares whether the terminal information of the data sending end 301 is consistent with the terminal information in the subscription information, and stores the data integrity verification information in the blockchain if the terminal information is consistent with the terminal information in the subscription information. Data stored in the block chain by DIVS AS302 is guaranteed to be data integrity verification information of data sender 301.

In one possible implementation, the data transmitting end 301 is specifically configured to: generating a first key pair; the first key pair comprises a first public key and a first private key; signing the first public key and the first terminal information by adopting a first private key and a first signature algorithm, and determining a second digital signature; and generating first data according to the first public key, the first terminal information, the signature algorithm set supported by the data sending end and the second digital signature.

Based on this, data sender 301 generates a first public key and a first private key, and data sender 301 stores the first private key and sends the first public key to DIVS AS 302. In this way, the data to be verified can be encrypted using the first private key and decrypted using the first public key. In addition, the data sending end 301 signs the metadata by using the first private key and the first signature algorithm to generate the second digital signature, so that the DIVS AS302 can verify the second digital signature according to the first public key and the first signature algorithm to ensure the accuracy of the received first data.

In one possible implementation, DIVS AS302 is specifically configured to: verifying the second digital signature according to the first public key and a first signature algorithm; under the condition that the second digital signature passes verification, acquiring first terminal information in the first data; and generating a subscription information acquisition request according to the first terminal information.

Based on this, the DIVS AS302 may determine whether the first data is the original data sent by the data sender 301 to the DIVS AS302 by verifying the second digital signature, so AS to ensure the accuracy of the received first data.

In one possible implementation, DIVS AS302 is specifically configured to: generating a first data set to be signed according to the first data and the signing data; signing the first data set to be signed according to a second private key and a second signature algorithm, and determining a third digital signature; the second private key belongs to a second key pair generated by DIVS AS 302; and determining data integrity verification information according to the first data set to be signed, the certificate corresponding to the second private key and the third digital signature.

Based on this, the DIVS AS302 signs the data integrity verification information again, so that the data receiving end 303 checks the signature according to the signature information of the block chain after receiving the data integrity verification information, and ensures that the data integrity verification information is the information from the DIVS AS 302.

In one possible implementation, DIVS AS302 is further configured to: sending the first transaction identifier to the data sender 301; wherein the first transaction identifier is used for characterizing the storage information of the data integrity verification information in the blockchain.

Based on this, the DIVS AS302 may enable the data sending end 301 to generate the first identifier according to the transaction identifier by sending the transaction identifier to the data sending end 301, and further enable the data receiving end 303 to obtain the data integrity verification information from the DIVS AS302 according to the first identifier.

In one possible implementation, DIVS AS302 is further configured to:

sending the first address information to the data sending end 301; the first address information is address information of DIVS AS302 storing data integrity verification information corresponding to the first transaction identifier.

Based on this, the DIVS AS302 may send the DIVS AS302 entry address to the data sending end 301, and the data sending end 301 adds the DIVS AS302 entry address to the target data, so that the data receiving end 303 determines the DIVS AS302 capable of storing the data integrity verification information according to the DIVS AS302 entry address.

In one possible implementation, the UDM is further configured to: under the condition that the subscription information of the data sending end 301 is updated, sending a subscription information updating message to the NEF; the subscription information update message includes: second terminal information of the data sending end 301, and updated subscription information of the data sending end 301; NEF, further configured to: forwarding the subscription information update message to DIVS AS 302; DIVS AS302, further configured to: inquiring latest target data integrity verification information including second terminal information in the block chain; updating the latest target data integrity verification information according to the updated subscription information; and storing the updated latest target data integrity verification information in the block chain.

Based on this, after the subscription information at the data transmitting side 301 is changed, the UDM can notify the DIVS AS302 of the update of the subscription information in time. And DIVS AS302 can update the data integrity verification information according to the updated subscription information, and ensure the real-time performance of the data integrity verification information.

In one possible implementation, DIVS AS302 is further specifically configured to: executing a first operation on each piece of target data integrity verification information, and determining each piece of updated target data integrity verification information; the first operation includes: generating a second data set to be verified according to the first data and the updated subscription information; signing the second data set to be signed according to the second private key and a second signature algorithm, and determining a fourth data signature; and determining the updated target data integrity verification information according to the second data set to be signed, the certificate corresponding to the second private key and the fourth digital signature.

Based on this, the DIVS AS302 stores the updated subscription information of the data sending end 301 in the block chain, so that the data receiving end 303 can verify the data integrity of the data to be verified according to the updated subscription information.

In one possible implementation, DIVS AS302 is further configured to: sending the second transaction identifier to the data sender 301; based on the storage information of the updated target data integrity verification information in the block chain, the DIVS AS302 may enable the data sending end 301 to generate the first identifier according to the updated transaction identifier by sending the updated transaction identifier to the data sending end 301, so that the data receiving end 303 obtains the updated data integrity verification information according to the first identifier.

In one possible implementation, DIVS AS302 is further configured to: sending the second address information to the data sending end 301; wherein the second address information is address information of the DIVS AS302 storing the updated target data integrity verification information. It will be appreciated that the DIVS AS may send the transaction identification and URL to the data sender after generating the transaction identification and URL, respectively. The DIVS AS may also merge according to the transaction identifier and the URL, and send the transaction identifier and the URL to the data sending end through the same message, which is not limited in this disclosure. Under the condition that the same message sends the transaction identifier and the URL to the data sending end, if the transaction identifier is updated by the DIVS AS (for example, the transaction identifier is also updated correspondingly by the DIVS AS after the uplink data corresponding to the transaction identifier is updated), but the URL is not updated, the DIVS may update only the transaction identifier in the information, or may update the transaction identifier and the URL at the same time. The disclosure is not limited thereto

Based on this, by sending the updated DIVS AS302 entry address to the data sender 301, the data sender 301 may add the updated DIVS AS302 entry address to the target data; and further, the data receiving end 303 may obtain updated data integrity verification information from the DIVS AS302 according to the updated DIVS AS302 entry address.

In one possible implementation, the data sender 301 is further configured to: receiving at least one of a first transaction identification and a second transaction identification from DIVS AS 302; the first transaction identification is generated according to the storage information of the data integrity verification information in the block chain; the second transaction identification is generated according to the storage information of the updated data integrity verification information in the block chain; and generating the first identifier according to the latest transaction identifier in the first transaction identifier and the second transaction identifier.

Based on this, the data transmitting end 301 may generate the first identifier according to the first transaction identifier and the second transaction identifier.

In one possible implementation, the target data further includes a verification access address; the verification access address is used for representing the address of the DIVS AS302 for storing the data integrity verification information of the data transmitting terminal 301; the data transmitting end 301 is further configured to: receiving at least one of first address information and second address information from DIVS AS 302; the first address information is address information of the DIVS AS302 storing data integrity verification information corresponding to the first transaction identifier; the second address information is address information of the DIVS AS302 storing updated data integrity verification information corresponding to the second transaction identifier; a verification access address is generated based on at least one of the first address information and the second address information.

Based on this, the data transmitting end 301 may generate the authentication access address based on the first address information and the second address information.

In one possible implementation, the target data further includes a timestamp of the first digital signature; the data integrity verification information further includes: the contract validity period of the data sending end 301; a data receiving end 303 further configured to: determining whether the timestamp of the first digital signature is within the subscription validity period of the data sender 301; and if so, determining that the data integrity verification of the data to be verified is successful.

Based on this, the data receiving end 303 may specifically determine whether the terminal is in the signing effective time period when acquiring data according to whether the timestamp of the first digital signature is within the signing effective period, and determine that the integrity verification of the data acquired by the data transmitting end 301 within the signing effective period is successful, and the integrity verification of the data acquired outside the signing effective period is failed.

In one possible implementation, the data receiving end 303 is further configured to: verifying the third digital signature according to the certificate corresponding to the second private key and a second signature algorithm; and under the condition that the third digital signature is verified successfully, acquiring a first public key in the first data set to be signed.

Based on this, data sender 301 may determine whether the obtained data is the data sent by DIVS AS302 to data sender 301 by verifying the third digital signature.

In a possible implementation manner, the first terminal information includes at least one of an embedded universal integrated circuit card identifier (eUICC ID)/an integrated circuit card identification code (ICCID), an International Mobile Equipment identification code (IMEI), and a Mobile subscriber number (MSISDN) of the data sending end 301; the second terminal information includes at least one of eUICC ID/ICCID, IMEI, and MSISDN.

Based on this, the account opening platform binds the eUICC ID/ICCID, the IMEI, and the MSISDN as the terminal information of the data sending end 301, thereby ensuring the uniqueness and consistency of the terminal information of the data sending end 301.

The devices included in the data integrity verification system according to the embodiments of the present disclosure, the functions of the devices, and the interactions between the devices are described in detail above.

In a possible implementation manner, with reference to fig. 5, a system architecture diagram of a data integrity verification system provided in an embodiment of the present application in a vertical industry scenario is shown.

As shown in fig. 5, the data integrity verification system includes a machine type terminal 501, a data integrity verification server 502, a data consumption terminal 503, a capability openness function network element 504, a user data storage network element 505, and another data integrity verification service network element 506.

The machine type terminal 501 has an APP installed therein for implementing different application functions. The machine type terminal has an operating system OS built therein. The machine type terminal has an eSIM installed therein, which enables the machine type terminal to transmit data through an operator network (e.g., a 5G network). An applet for generating a key pair (e.g., the first public key and the first private key) may also be installed in the machine type terminal eSIM. The first private key is always stored in the applet, leakage of the first private key is avoided, and the first public key can be sent to other terminals, so that the other terminals can decrypt data encrypted by the first private key according to the first public key. Optionally, a 5G communication module may be further integrated in the machine type terminal, so that the machine type terminal has a 5G communication capability.

The data integrity verification server 502 is configured to store data integrity verification information of the data sending end, and provide data integrity verification information for the data receiving end. Alternatively, the data integrity verification server may be a third party entity deployed in the operator network. The data integrity verification server 502 may specifically include a signaling processing module 5021, an access control module 5022, a data management module 5023, and a blockchain ledger 5024.

The data consumption terminal 503 is a third party terminal for collecting, using, and circulating the data collected by the machine type terminal. For example, it may be a terminal of an individual or a terminal in an enterprise.

The capability openness function network element 504 may illustratively be a capability openness function network element in a 5G core network, such as NEF, for enabling communication between a third party application (e.g., a data integrity verification server) and an operator core network.

The user data storage network element 505 is configured to store data of the user terminal, for example, in the embodiment of the present disclosure, the user data storage network element 505 is configured to store subscription information of the machine type terminal.

The other data integrity verification service network elements 506 are data integrity verification servers deployed in different core networks of the same operator, or data integrity verification servers of other operators; and the block chain account book function of the data integrity verification server forms a block chain network.

A system architecture diagram of a data integrity verification system in a vertical industry scenario is described above in detail.

The following describes a process of performing sub-data integrity verification according to the present application with reference to the above data integrity verification system:

in the embodiment of the present disclosure, the data integrity verification process may specifically include the following procedures:

the method comprises the steps of a first process, a process that a data sending end signs a contract in an operator network; a second process, namely a process of data integrity verification information chaining; a third flow is a flow for updating the data integrity verification information; and a fourth process of verifying the data integrity. The above-described flow is described below:

and the first flow is a flow in which the data sending end signs a contract in the operator network.

As shown in fig. 6, the process of the data sender signing up in the operator network includes the following S601-S604.

S601, the data sending end user sends the device signing information to the account opening platform.

The device subscription information includes at least one of: common Name, location (country, region), home organization Name, mailbox address.

And S602, opening an account for the data sending end by the account opening platform.

The method specifically comprises the following steps: and the data sending end opens an account in the account opening platform, and registers the eUICC ID, the IMEI, the equipment serial number SN, the equipment attribution entity name, the deployment position, the contact mailbox and other information of the data sending end.

And the account opening platform triggers the eSIM management platform to generate an eSIM profile and a secure applet. And in the process of generating the eSIM profile by the eSIM management platform, distributing the ICCID for the data sending end.

And the account opening platform binds the ICCID with the IMEI and the eUICC ID.

It should be noted that the information required in the above process includes at least one of the following: common Name, location (country, region), home organization Name, mailbox address.

And S603, the data sending end accesses to an operator network, and acquires and installs the eSIM profile and the secure applet.

In a specific implementation manner, after a data sending end accesses an operator network, the data sending end requests an eSIM management platform to download an eSIM profile and a secure applet. After the downloading is completed, the data sending end installs the eSIM profile and the secure applet in the eUICC.

In this way, the data transmitting end can use the network service through the eSIM, generate a key pair through the applet, and encrypt the data needing to be encrypted.

And S604, the account opening platform sends subscription information to the UDM. Correspondingly, the UDM receives and stores the subscription information of the data sending end.

In this way, after the UDM stores the subscription information of the data sending end, the subscription information in the machine type may be sent to the DIVS AS, so that the DIVS AS verifies the data sending end according to the subscription information.

The above describes the process of signing a contract in the operator network by the data sending end, and based on the process, by binding the ICCID with the IMEI and the eUICC ID, the unique identification of the data sending end can be completed through the above information. After that, the DIVS AS and the data receiving end may authenticate the data transmitting end based on the above information.

And a second process of data integrity verification information uplink.

As shown in fig. 7, the process of uplink data integrity verification information can be implemented through the following steps S701-S711.

S701, the data sending end generates a first key pair.

In one possible implementation manner, the data sending end invokes a secure applet in the eUICC to generate a first key pair (based on ECC or RSA). The first key pair includes a first public key and a first private key.

It should be noted that the first private key is always stored in the secure applet and cannot be obtained by the data sending end or other devices, so that it is avoided that other devices send data and a signature to the data receiving end according to the first private key after stealing the first private key.

S702, the data sending end obtains the metadata and generates the data to be uplink according to the metadata.

The metadata includes at least one of: the first public key, IEMI, ICCID, eUICC ID, equipment serial number SN, MSISDN.

In a possible implementation manner, the data sending end application program obtains the first public key generated by the secure applet through an ADPU instruction. The data sending end obtains first terminal information of the data sending end from an operating system interface and a communication module interface, and the first terminal information comprises at least one of the following information: IEMI, ICCID, eUICC ID, equipment serial number SN, MSISDN.

Wherein, waiting to uplink data includes: the system comprises metadata, a first signature algorithm for signing the metadata, and a first digital signature obtained after signing the metadata.

In one possible implementation, the data sender application sends metadata to the secure applet. And the secure applet digitally signs the metadata according to a first private key in the public-private key pair and a first signature algorithm to obtain a first digital signature.

And the data sending end generates the data to be uplink according to the metadata, the first signature algorithm and the first digital signature.

S703, the data sending end sends the data to be uplink to the DIVS AS.

S704, the DIVS AS verifies the data to be uplink according to the first public key and the first digital signature.

Optionally, the DIVS AS decrypts the first digital signature according to the first public key to obtain decrypted data. And the DIVS AS determines whether the decrypted data is consistent with the metadata or the hash of the metadata, and if so, determines that the verification is successful.

S705, the DIVS AS sends the subscription request information to the NEF.

The subscription request information is used for requesting to acquire subscription information of a data sending end.

Optionally, the DIVS AS accesses the NEF through the query interface (RP-EDI). And the access message carries the MSISDN, the ICCID and the IMEI and requests to acquire the subscription information of the data sending end corresponding to the MSISDN, the ICCID and the IMEI.

S706, the NEF acquires the subscription information of the sending end from the UDM.

Optionally, the NEF forwards the MSISDN, the ICCID, and the IMEI to the UDM, and requests to acquire the subscription information of the data sending end corresponding to the MSISDN, the ICCID, and the IMEI. And the UDM inquires the subscription information with the MSISDN, the ICCID and the IMEI information through the MSISDN, the ICCID and the IMEI, and returns the inquired subscription information to the NEF.

And S707, the NEF sends the subscription information of the data sending end to the DIVS AS.

Optionally, the NEF forwards the subscription information sent by the UDM to the DIVS AS.

And S708, generating a first data set to be signed by the DIVS AS.

Specifically, the DIVS AS takes the metadata, the subscription information, and the public key and the first signature algorithm information AS the first data set to be signed.

Optionally, the DIVS AS may directly use the metadata, the subscription information, the public key, and the first signature algorithm information AS the first data set to be signed, or use the metadata, the subscription information, the public key, and the hash value of the first signature algorithm information AS the first data set to be signed. This is not limited in this application.

And S709, generating data integrity verification information according to the first to-be-signed data set by the DIVS AS, and uploading the data integrity verification information to the block chain account book.

Specifically, the DIVS AS signs the first data set to be signed according to a second private key of the block chain account book and a second digital signature algorithm, and generates a second digital signature. And the DIVS AS uploads the first data set to be signed, the second digital signature and the CA certificate of the second private key AS data integrity verification information to the block chain account book.

Note that the blockchain ledger includes a transaction identification (transfer ID) of the data integrity verification information. After the data integrity verification information is uploaded into the block chain account book, the DIVS AS sets the value of the previous transaction identifier of the data integrity verification information to be null, and sets the record state to be available.

And S710, generating a transaction identifier of the verification information of the data complete line by the DIVS AS.

And S711, the DIVS AS sends the transaction identifier to the data sending end.

Optionally, the DIVS AS further generates a URL of the DIVS AS entry, and synchronously sends the URL and the transaction identifier to the data sending end. It will be appreciated that the DIVS AS may send the transaction identification and URL to the data sender after generating the transaction identification and URL, respectively. The DIVS AS may also merge according to the transaction identifier and the URL, and send the transaction identifier and the URL to the data sending end through the same message, which is not limited in this disclosure. Under the condition that the same message sends the transaction identifier and the URL to the data sending end, if the transaction identifier is updated by the DIVS AS but the URL is not updated, the DIVS AS only updates the transaction identifier in the message, and also updates the transaction identifier and the URL at the same time. This disclosure is also not limited thereto.

It is noted that the data sender may store the transaction identity and the URL in a secure applet in the eUICC after receiving the transaction identity and the URL.

It should be noted that, in the second process, the certificate corresponding to the second private key provided by the DIVS AS may be a CA certificate generated by a member of the blockchain system managing based on the public-private key pair, or may be a CA certificate generated by an authoritative CA structure, or may be a self-signed CA certificate, which is not limited in this application.

Alternatively, the second digital signature algorithm and the first digital signature algorithm may be the same digital signature algorithm.

Optionally, the block chain account book includes a block chain client, and the client is configured to perform data reading and writing of the block chain account book and execution of the intelligent contract.

And a third process of updating the data integrity verification information.

As shown in fig. 8, the flow of updating the data integrity verification information is a subscription logout flow as an example, and the flow of updating the data integrity verification information is described. The subscription deregistration procedure can be implemented by the following S801-S808.

S801, triggering eSIM signing logout by the UDM.

Specifically, the user subscription data is sent to the data stored in the UDM. Once the user service is logged off, a signing log-off process is triggered, and meanwhile, a UDM event notification is triggered to the NEF.

S802, the UDM sends an eSIM sign-up deregistration message to the NEF.

Wherein the eSIM subscription deregistration message includes at least one of: ICCID, MSISDN and binding IMEI, eSIM signing logout time.

S803, NEF sends eSIM sign-up deregistration message to the DIVS AS.

Specifically, NEF triggers a subscription notification event, sending an eSIM subscription deregistration message to the DIVS AS.

And S804, determining a corresponding transaction identifier by the DIVS AS according to the eSIM signing logout message.

Specifically, after receiving the eSIM subscription deregistration message, the DIVS AS acquires the ICCID, MSISDN, and IMEI in the eSIM subscription deregistration message. The DIVS AS determines all transaction identities associated with ICCID, MSISDN and IMEI.

And S805, updating the first data set to be signed corresponding to the transaction identifier by the DIVS AS to obtain a second data set to be signed.

Specifically, the DIVS AS updates eSIM sign-up and sign-off time in the first to-be-signed data set corresponding to each transaction identifier, and takes the updated first to-be-signed data set AS a second to-be-signed data set.

And the DIVS AS signs the second data set to be signed according to the second private key and the second signature algorithm to obtain a fourth digital signature.

And S806, the DIVS AS uploads the second data set to be signed, the fourth digital signature and the CA certificate of the second private key AS updated data integrity verification information to the block chain account book.

And S807, the DIVS AS generates the transaction identifier of the updated data integrity verification information.

And S808, the DIVS AS sends the updated transaction identifier of the data integrity verification information to the data sending end.

For specific implementation of S807 and S808, reference may be made to S710 and S711 described above, which are not described herein again.

The above description explains the procedure of subscription information update.

And a fourth process of verifying the data integrity.

As shown in fig. 9, the flow of data integrity verification may be specifically realized through the following S901 to S907.

S901, the data sending end obtains data to be verified.

Optionally, after the data sending end collects the data, the collected data is used as the data to be verified

And S902, the data sending end generates target data according to the data to be verified.

The method specifically comprises the following steps: the data sending end adopts a first private key and a first signature algorithm to carry out digital signature to be verified, and a first digital signature is obtained.

And the data sending end calls the ADPU instruction, sends the data to the secure applet, and signs the data to be verified by using a first private key and a first signature algorithm to obtain a first digital signature and a timestamp of the first digital signature.

And S903, the data sending end sends target data to the data receiving end.

Specifically, the data sending end generates target data according to the data to be verified, the first digital signature, the timestamp of the first digital signature and the first identifier.

And the data sending end sends the target data to the data receiving end.

It should be noted that the data sending end may send the target data to the data receiving end directly, or send the target data to the data receiving end after forwarding the target data through other devices, which is not limited in the present application.

S904, the data receiving end sends a data integrity verification information request message to the DIVS AS.

The request data includes a first identification.

S905, the DIVS AS inquires data integrity verification information related to the first identification.

Specifically, upon receipt of the request message by the DIVS AS, the first identity is determined. And the DIVS AS inquires data integrity verification information related to the first identifier in the block chain account book.

Optionally, the DIVS AS first queries the query block chain ledger and the first identification data integrity verification information, and determines metadata in the data integrity verification information. And then the DIVS AS determines the updated data integrity verification information based on the IEMI, the MSISDN and the ICCID in the metadata.

The DIVS AS sends the data integrity verification information and the updated data integrity verification information to the data receiving end together

S906, the DIVS AS sends data integrity verification information to the data receiving end.

S907, the data receiving end verifies the data integrity of the data to be verified according to the data integrity verification information.

Specifically, after receiving the data integrity verification information, the DIVS AS verifies the third digital signature or the fourth digital signature according to the CA integer of the first private key and the second public key in the data integrity verification information. And after the verification is successful, acquiring a first public key in the data integrity verification information, and verifying the first digital signature according to the first public key and a first signature algorithm. After the first digital signature verification passes, whether the time stamp of the first digital signature is within the signing validity period of the data sending end is determined. And if so, determining that the data integrity verification of the data to be verified is successful.

The data integrity verification system, the functions of each device in the data integrity verification system, and the interaction between the devices according to the embodiments of the present application are described in detail above.

The embodiment of the application provides an electronic device, which is used for executing a method required to be executed by any device in the data integrity determination system. The electronic device may be a data sending end, a data receiving end, a DIVS AS, NEF, or UDM, and the like, which is not limited in the present application. The electronic device may be an electronic device referred to in this application, or a module in an electronic device; or a chip in the electronic device, or other devices for executing the network quality determination method, which is not limited in this application.

Fig. 10 is a schematic structural diagram of an electronic device according to an embodiment of the present application. As shown in fig. 10, the electronic device 100 includes at least one processor 101, a communication line 102, and at least one communication interface 104, and may further include a memory 103. The processor 101, the memory 103 and the communication interface 104 may be connected via a communication line 102.

The processor 101 may be a Central Processing Unit (CPU), an Application Specific Integrated Circuit (ASIC), or one or more integrated circuits configured to implement embodiments of the present application, such as: one or more Digital Signal Processors (DSPs), or one or more Field Programmable Gate Arrays (FPGAs).

The communication link 102 may include a path for communicating information between the aforementioned components.

The communication interface 104 is used for communicating with other devices or a communication network, and may use any transceiver or the like, such as ethernet, Radio Access Network (RAN), Wireless Local Area Network (WLAN), and the like.

The memory 103 may be, but is not limited to, a read-only memory (ROM) or other type of static storage device that may store static information and instructions, a Random Access Memory (RAM) or other type of dynamic storage device that may store information and instructions, an electrically erasable programmable read-only memory (EEPROM), a compact disc read-only memory (CD-ROM) or other optical disk storage, optical disk storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to include or store desired program code in the form of instructions or data structures and that can be accessed by a computer.

In a possible design, the memory 103 may exist separately from the processor 101, that is, the memory 103 may be a memory external to the processor 101, in which case, the memory 103 may be connected to the processor 101 through the communication line 102, and is used for storing execution instructions or application program codes, and is controlled by the processor 101 to execute, so as to implement the network quality determination method provided in the following embodiments of the present application. In yet another possible design, the memory 103 may also be integrated with the processor 101, that is, the memory 103 may be an internal memory of the processor 101, for example, the memory 103 is a cache memory, and may be used for temporarily storing some data and instruction information.

As one implementation, the processor 101 may include one or more CPUs, such as CPU0 and CPU1 of FIG. 10. As another implementation, the electronic device 100 may comprise multiple processors, such as the processor 101 and the processor 107 of FIG. 10. As yet another implementable manner, the electronic device 100 may also include an output device 105 and an input device 106.

Embodiments of the present application provide a computer program product containing instructions, which when run on a computer, cause the computer to perform the method performed by each device in the above-described system embodiments.

The embodiment of the present application further provides a computer-readable storage medium, in which instructions are stored, and when the instructions are executed on a computer, the computer is caused to execute the method executed by each device in the above system embodiment.

The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a Read-Only Memory (ROM), an Erasable Programmable Read-Only Memory (EPROM), a register, a hard disk, an optical fiber, a portable Compact Disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, any suitable combination of the above, or any other form of computer readable storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an Application Specific Integrated Circuit (ASIC). In embodiments of the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.

In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus, and method may be implemented in other ways. For example, the above-described device embodiments are merely illustrative, and for example, the division of the units is only one logical functional division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.

The above is only an embodiment of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions within the technical scope of the present disclosure should be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (17)

1. A data integrity verification system, comprising: a data sending end, a data receiving end and a data integrity verification server DIVS AS;

the data transmitting end is configured to: sending target data to the data receiving end; the target data includes: the data to be verified, the first digital signature and the first identifier are obtained; the first digital signature is a digital signature determined by signing the data to be verified according to a first private key; the first identifier is a storage identifier of data integrity verification information of the data sending end in the DIVS AS; the first private key is a private key in a first key pair generated by the data sending end;

the data receiving end is configured to: receiving the target data and sending the first identifier to the DIVS AS;

the DIVS AS configured to: receiving the first identifier, and inquiring data integrity verification information associated with the first identifier; the data integrity verification information comprises a first public key; the first public key is a public key in a first key pair generated by the data sending end;

the data receiving end is configured to: and receiving the data integrity verification information, verifying the first digital signature according to a first public key in the data integrity verification information, and determining the data integrity of the data to be verified according to a verification result of the first digital signature.

2. The system of claim 1, wherein the data sender is further configured to: sending first data to the DIVS AS; the first data includes: the first public key, the signature algorithm set supported by the data sending end and the first terminal information of the data sending end;

the DIVS AS further configured to: acquiring the subscription information of the data sending end according to the first terminal information; the subscription information includes: the signing validity information of the data sending end; determining the data integrity verification information according to the first data and the subscription information; storing the data integrity verification information in a blockchain.

3. The system of claim 2, further comprising: a capability open platform NEF and a user data management network element UDM;

the DIVS AS is specifically configured to: sending a signing information acquisition request to a capability open platform NEF; the subscription information acquisition request comprises the first terminal information;

the NEF configured to: requesting to the UDM to acquire the subscription information of the data transmitting end, and returning the subscription information of the data transmitting end to the DIVS AS after acquiring the subscription information of the data transmitting end;

the DIVS AS, further configured to: receiving subscription information from the NEF; and the subscription information is the subscription information of the data sending end, which is returned by the NEF and acquired in a user data management network element UDM according to the first terminal information.

4. The system of claim 3, wherein the data sender is specifically configured to:

generating a first key pair; the first key pair comprises the first public key and the first private key;

signing the first public key and the first terminal information by adopting the first private key and a first signature algorithm, and determining a second digital signature;

and generating the first data according to the first public key, the first terminal information, a signature algorithm set supported by a data sending end and a second digital signature.

5. The system of claim 4, wherein the DIVS AS is specifically configured to:

verifying the second digital signature according to the first public key and the first signature algorithm;

under the condition that the second digital signature passes verification, acquiring first terminal information in the first data;

and generating the subscription information acquisition request according to the first terminal information.

6. The system of claim 5, wherein the DIVS AS is specifically configured to:

generating a first data set to be signed according to the first data and the signing data;

signing the first data set to be signed according to a second private key and a second signature algorithm, and determining a third digital signature; the second private key belongs to a second key pair generated by the DIVS AS;

and determining the data integrity verification information according to the first data set to be signed, the certificate corresponding to the second private key and the third digital signature.

7. The system of claim 6, wherein the DIVS AS is further configured to:

sending the first transaction identification to the data sending end; wherein the first transaction identifier is used for characterizing the storage information of the data integrity verification information in the blockchain.

8. The system of claim 7, wherein the DIVS AS is further configured to:

the DIVS AS sends the first address information to the data sending end; the first address information is address information of a DIVS AS storing data integrity verification information corresponding to the first transaction identifier.

9. The system of claim 8, wherein the UDM is further configured to: under the condition that the subscription information of the data sending end is updated, sending a subscription information updating message to the NEF; the subscription information update message includes: second terminal information of the data sending end and the updated subscription information of the data sending end;

the NEF, further configured to: forwarding the subscription information update message to the DIVS AS;

the DIVS AS further configured to: inquiring latest target data integrity verification information including the second terminal information in the block chain; updating the latest target data integrity verification information according to the updated subscription information; storing the updated latest target data integrity verification information in the block chain.

10. The system of claim 9,

the DIVS AS is further specifically configured to: executing a first operation on each piece of target data integrity verification information, and determining each piece of updated target data integrity verification information;

the first operation includes: generating a second data set to be verified according to the first data and the updated subscription information;

signing the second data set to be signed according to the second private key and the second signature algorithm, and determining a fourth data signature;

and determining updated target data integrity verification information according to the second data set to be signed, the certificate corresponding to the second private key and the fourth digital signature.

11. The system of claim 10, wherein the DIVS AS is further configured to:

sending the second transaction identification to the data sending end; wherein the second transaction identifier is used for characterizing the storage information of the updated target data integrity verification information in the blockchain.

12. The system of claim 11, wherein the DIVS AS is further configured to:

sending the second address information to the data sending end; wherein the second address information is address information of the DIVS AS storing the updated target data integrity verification information.

13. The system of claim 12, wherein the data sender is further configured to: receiving at least one of a first transaction identification and a second transaction identification from the DIVS AS; the first transaction identifier is a transaction identifier generated according to the storage information of the data integrity verification information in the block chain; the second transaction identifier is generated according to the storage information of the updated data integrity verification information in the block chain;

and generating the first identifier according to the latest transaction identifier in the first transaction identifier and the second transaction identifier.

14. The system of claim 13, wherein the target data further comprises a validation access address; the verification access address is used for representing the address of a DIVS (do not use virtual switch) AS for storing data integrity verification information of the data transmitting end; the data transmitting end is further configured to: receiving at least one of first address information and second address information from the DIVS AS; the first address information is address information of a DIVS AS storing data integrity verification information corresponding to the first transaction identifier; the second address information is address information of a DIVS AS storing updated data integrity verification information corresponding to the second transaction identifier;

generating the verification access address according to at least one of the first address information and the second address information.

15. The system of any one of claims 1-14, wherein the target data further comprises a timestamp of the first digital signature; the data integrity verification information further includes: the subscription validity period of the data sending end; the data receiving end is further configured to: determining whether the timestamp of the first digital signature is within the signing validity period of the data sending end;

and if so, determining that the data integrity verification of the data to be verified is successful.

16. The system of claim 15, wherein the data receiving end is further configured to:

verifying the third digital signature according to the certificate corresponding to the second private key and the second signature algorithm;

and under the condition that the third digital signature is verified successfully, acquiring a first public key in the first data set to be signed.

17. The system according to any of claims 1-14, wherein said first terminal information comprises at least one of embedded universal integrated circuit card identification euicid/ic card identification ICCID, international mobile equipment identity IMEI and mobile subscriber number MSISDN of said data sender;

the second terminal information includes at least one of the eUICCID/ICCID, IMEI, and MSISDN.

Images