CN114826772B - Data integrity verification system - Google Patents

Abstract

The application provides a data integrity verification system, relates to the technical field of communication, and can verify data integrity in a data circulation process. The system comprises: a data transmitting end, a data receiving end and a DIVS AS; a data transmitting terminal configured to: sending target data to a data receiving end; the target data includes: the method comprises the steps of verifying data to be verified, a first digital signature and a first identifier; a data receiving end configured to: receiving target data and sending a first identifier to a DIVS AS; a DIVS AS configured to: receiving a first identifier, and inquiring data integrity verification information associated with the first identifier; a data receiving end configured to: and receiving data integrity verification information, verifying the first digital signature according to a first public key in the data integrity verification information, and determining the data integrity of the data to be verified according to the verification result of the first digital signature. The embodiment of the application is used in the data integrity verification process.

Description

Data integrity verification system

Technical Field

The present application relates to the field of communications technologies, and in particular, to a data integrity verification system.

Background

In the related art, after a data transmitting end collects data, the data needs to be transmitted to a specific terminal, and the specific terminal forwards or streams the data to a data receiving end. But the data integrity of the received data cannot be verified after the data is received by the data receiving end. Further, the data receiving end cannot determine whether the received data is the original data sent by the data sending end, and whether the data is tampered by the specific terminal in the forwarding process. Therefore, how to verify the data integrity of the received data by the data receiving end is a current urgent problem to be solved.

Disclosure of Invention

The application provides a data integrity verification system, which verifies the data integrity of data after a data receiving end receives the data.

In order to achieve the above purpose, the present application adopts the following technical scheme:

in a first aspect, the present disclosure provides a data integrity verification system, the system comprising: the system comprises a data sending end, a data integrity verification server DIVS AS and a data receiving end.

Wherein, the data sending end is configured to: sending target data to a data receiving end; the target data includes: the method comprises the steps of verifying data to be verified, a first digital signature and a first identifier; the first digital signature is a digital signature which is determined by signing the data to be verified according to the first private key; the first identifier is a storage identifier of the data integrity verification information of the data transmitting end in the DIVS AS; the first private key is a private key in a first key pair generated by the data transmitting end.

A data receiving end configured to: and receiving the target data and sending the first identification to the DIVS AS.

A DIVS AS configured to: receiving a first identifier, and inquiring data integrity verification information associated with the first identifier; the data integrity verification information includes a first public key; the first public key is a public key in a first key pair generated by a data transmitting end.

A data receiving end configured to: and receiving data integrity verification information, verifying the first digital signature according to a first public key in the data integrity verification information, and determining the data integrity of the data to be verified according to the verification result of the first digital signature.

The scheme at least brings the following beneficial effects: in the embodiment of the disclosure, after the data is acquired by the data transmitting end, the data is digitally signed by adopting the first private key, and then the digital signature and the data to be verified are uniformly transmitted to the data receiving end. After the data receiving end receives the data, acquiring data integrity verification information of the data transmitting end from the DIVS AS, and verifying the first digital signature by using a first public key in the data integrity verification information, wherein if the verification is successful, the first digital signature is a signature performed according to a first private key, and the first private key is a key inside the data transmitting end and cannot be stolen by the outside. Therefore, under the condition that the first digital signature verification is successful, the digital signature obtained after the first digital signature is signed by the data sending end to be verified is described, so that the data to be verified is the original data sent by the data sending end. Based on the method, the data receiving end can determine whether the received data is the original data sent by the data sending end according to the method, so that the data integrity of the data to be verified is effectively verified.

With reference to the first aspect, in a possible implementation manner, the data sending end is further configured to: transmitting the first data to the DIVS AS; the first data includes: a first public key, a signature algorithm set supported by a data transmitting end and first terminal information of the data transmitting end; the DIVS AS is further configured to: acquiring subscription information of a data transmitting end according to the first terminal information; the subscription information includes: subscription validity information of the data transmitting end; determining data integrity verification information according to the first data and the subscription information; data integrity verification information is stored in the blockchain.

Based on this, the data sender may store data integrity verification information in the blockchain by interacting with the DIVS AS before performing the data integrity verification. Therefore, when the data receiving end requests the data integrity verification information, the data receiving end can acquire the data integrity verification information from the blockchain so as to avoid the data integrity verification information from being tampered.

With reference to the first aspect, in one possible implementation manner, the system further includes: a capability open platform NEF and a user data management network element UDM; the DIVS AS is specifically configured to: sending a subscription information acquisition request to a capability open platform NEF; the subscription information acquisition request comprises first terminal information; NEF, configured to: requesting to acquire the subscription information of the data transmitting end from the UDM, and returning the subscription information of the data transmitting end to the DIVS AS after acquiring the subscription information of the data transmitting end; DIVS AS, further configured to: receiving subscription information from the NEF; the subscription information is the subscription information of the data transmitting end, which is returned by the NEF and is acquired in the user data management network element UDM according to the first terminal information.

Based on the above, before storing the data integrity verification information in the blockchain, the DIVS AS acquires the subscription information of the data transmitting end from the operator network, compares whether the terminal information of the data transmitting end is consistent with the terminal information in the subscription information, and stores the data integrity verification information in the blockchain under the condition of consistency. The data stored in the block chain by the DIVS AS is ensured to be the data integrity verification information of the data transmitting end.

With reference to the first aspect, in one possible implementation manner, the data sending end is specifically configured to: generating a first key pair; the first key pair includes a first public key and a first private key; signing the first public key and the first terminal information by adopting a first private key and a first signature algorithm, and determining a second digital signature; and generating first data according to the first public key, the first terminal information, a signature algorithm set supported by the data transmitting end and the second digital signature.

Based on the first public key and the first private key are generated by the data sending end, the first private key is stored by the data sending end, and the first public key is sent to the DIVS AS. In this way, the data to be verified may be encrypted using the first private key, which is decrypted. In addition, the data transmitting end signs the metadata by adopting the first private key and the first signature algorithm to generate a second digital signature, so that the DIVS AS can verify the second digital signature according to the first public key and the first signature algorithm, and the accuracy of the received first data is ensured.

With reference to the first aspect, in one possible implementation manner, the DIVS AS is specifically configured to: verifying the second digital signature according to the first public key and the first signature algorithm; under the condition that the second digital signature passes verification, acquiring first terminal information in the first data; and generating a subscription information acquisition request according to the first terminal information.

Based on the method, the DIVS AS can determine whether the first data is the original data sent to the DIVS AS by the data sending end by verifying the second digital signature, so that the accuracy of the received first data is ensured.

With reference to the first aspect, in one possible implementation manner, the DIVS AS is specifically configured to: generating a first data set to be signed according to the first data and the subscription data; signing the first data set to be signed according to the second private key and the second signing algorithm, and determining a third digital signature; the second private key belongs to a second key pair generated by the DIVS AS; and determining the data integrity verification information according to the first data set to be signed, the certificate corresponding to the second private key and the third digital signature.

Based on the signature, the DIVS AS signs the data integrity verification information again, so that after the data integrity verification information is received by the data receiving end, the signature is checked according to the signature information of the blockchain, and the data integrity verification information is ensured to be information from the DIVS AS.

With reference to the first aspect, in one possible implementation manner, the DIVS AS is further configured to: transmitting the first transaction identification to the data transmitting end; wherein the first transaction identifier is used to characterize stored information of the data integrity verification information in the blockchain.

Based on the first identification, the DIVS AS can enable the data transmitting end to generate the first identification according to the transaction identification by transmitting the transaction identification to the data transmitting end, and further enable the data receiving end to acquire the data integrity verification information from the DIVS AS according to the first identification.

With reference to the first aspect, in one possible implementation manner, the DIVS AS is further configured to: the first address information is sent to the data sending end; the first address information is address information of a DIVS AS storing data integrity verification information corresponding to the first transaction identifier.

Based on the above, the DIVS AS can send the DIVS AS entry address to the data sending end, and the data sending end adds the DIVS AS entry address to the target data, so that the data receiving end determines the DIVS AS capable of storing the data integrity verification information according to the DIVS AS entry address.

With reference to the first aspect, in one possible implementation manner, the UDM is further configured to: under the condition of subscription information updating of a data sending end, a subscription information updating message is sent to the NEF; the subscription information update message includes: second terminal information of the data transmitting end and subscription information updated by the data transmitting end; NEF, further configured to: forwarding the subscription information update message to the DIVS AS; the DIVS AS is further configured to: inquiring latest target data integrity verification information comprising second terminal information in a blockchain; updating the latest target data integrity verification information according to the updated subscription information; and storing the updated latest target data integrity verification information in the blockchain.

Based on this, after the subscription information of the data transmitting end is changed, the UDM can timely notify the DIVS AS to update the subscription information. And the DIVS AS can update the data integrity verification information according to the updated subscription information, so that the real-time performance of the data integrity verification information is ensured.

With reference to the first aspect, in a possible implementation manner, the DIVS AS is specifically further configured to: executing a first operation on each piece of target data integrity verification information, and determining each piece of updated target data integrity verification information; the first operation includes: generating a second data set to be verified according to the first data and the updated subscription information; signing the second data set to be signed according to the second private key and a second signing algorithm, and determining a fourth data signature; and determining updated target data integrity verification information according to the second data set to be signed, the certificate corresponding to the second private key and the fourth digital signature.

Based on the above, the DIVS AS stores the subscription information updated by the data transmitting end in the blockchain, so that the data receiving end can verify the data integrity of the data to be verified according to the updated subscription information.

With reference to the first aspect, in one possible implementation manner, the DIVS AS is further configured to:

Transmitting the second transaction identifier to the data transmitting end; wherein the second transaction identifier is used to characterize the stored information of the updated target data integrity verification information in the blockchain.

Based on the above, the DIVS AS may enable the data transmitting end to generate the first identifier according to the updated transaction identifier by transmitting the updated transaction identifier to the data transmitting end, so that the data receiving end obtains updated data integrity verification information according to the first identifier.

With reference to the first aspect, in one possible implementation manner, the DIVS AS is further configured to: transmitting the second address information to the data transmitting terminal; the second address information is address information DIVS AS of DIVS AS storing the updated target data integrity verification information, based on the address information DIVS AS, the DIVS AS sends the updated DIVS AS entry address to the data sending end, and the data sending end can add the updated DIVS AS entry address to the target data; and the data receiving end can acquire updated data integrity verification information from the DIVS AS according to the updated DIVS AS entry address.

With reference to the first aspect, in a possible implementation manner, the data sending end is further configured to: receiving the latest transaction identifier from the first transaction identifier and the second transaction identifier of the DIVS AS; the first transaction identifier is a transaction identifier generated according to the storage information of the data integrity verification information in the blockchain; the second transaction identifier is a transaction identifier generated according to the storage information of the updated data integrity verification information in the blockchain; the first identifier is generated based on at least one of the first transaction identifier and the second transaction identifier.

Based on this, the data transmitting end may generate the first identifier according to the first transaction identifier and the second transaction identifier.

With reference to the first aspect, in a possible implementation manner, the target data further includes an authentication access address; the verification access address is used for representing the address of the DIVS AS storing the data integrity verification information of the data transmitting end; the data transmitting end is further configured to: receiving at least one of first address information and second address information from a DIVS AS; the first address information is address information of DIVS AS storing data integrity verification information corresponding to the first transaction identifier; the second address information is DIVS AS address information storing updated data integrity verification information corresponding to the second transaction identifier; a verification access address is generated based on at least one of the first address information and the second address information.

Based on this, the data transmitting end can generate the verification access address according to the first address information and the second address information.

With reference to the first aspect, in a possible implementation manner, the target data further includes a timestamp of the first digital signature; the data integrity verification information further includes: subscription validity period of data transmitting end; the data receiving end is further configured to: determining whether the timestamp of the first digital signature is in the signing validity period of the data sending end; if yes, the data integrity verification of the data to be verified is successful.

Based on the above, the data receiving end can specifically judge whether the terminal is in the signing validity period or not when collecting the data according to whether the time stamp of the first digital signature is in the signing validity period, and determine that the data integrity verification of the data collected by the data sending end in the signing validity period is successful, and the data integrity verification of the data collected outside the signing validity period is failed.

With reference to the first aspect, in one possible implementation manner, the data receiving end is further configured to: verifying the third digital signature according to the certificate corresponding to the second private key and the second signature algorithm; and under the condition that the third digital signature verification is successful, acquiring a first public key in the first data set to be signed.

Based on this, the data transmitting end can determine whether the acquired data is data transmitted to the data transmitting end by the DIVS AS by verifying the third digital signature.

With reference to the first aspect, in one possible implementation manner, the device information includes: at least one of the eUICC ID and the international mobile equipment identity IMEI of the embedded universal integrated circuit card; the account opening platform is specifically configured to: acquiring an eSIM profile and an applet of a data transmitting end, and determining an integrated circuit card identification code ICCID of the eSIM; binding at least one of the eUICC ID, IMEI, and ICCID; determining signing validity information of the data sending end according to signing validity period of the data sending end; and determining subscription information of the data transmitting end according to the second terminal information and the subscription validity information.

Based on the above, the account opening platform can determine the second terminal information and the subscription information of the data sending end according to the device information and the subscription information of the data sending end.

With reference to the first aspect, in a possible implementation manner, the first terminal information includes at least one of an euiccid/ICCID, an IMEI, and an MSISDN of the data transmitting end; the method comprises the steps of carrying out a first treatment on the surface of the The second terminal information includes at least one of euiccid/ICCID, IMEI, and MSISDNICCID.

Based on the above, the account opening platform binds the eUICC ID, the IMEI and the ICCID as the terminal information of the data transmitting end, so that the uniqueness and the consistency of the terminal information of the data transmitting end are ensured.

In the present application, the names of the above-mentioned communication apparatuses do not constitute limitations on the devices or function modules themselves, and in actual implementations, these devices or function modules may appear under other names. Insofar as the function of each device or function module is similar to that of the present invention, it falls within the scope of the claims of the present invention and the equivalents thereof.

Drawings

Fig. 1 is a system architecture diagram of a 5G capability open architecture provided in the present application;

FIG. 2 is a block chain architecture diagram provided herein;

FIG. 3 is a system architecture diagram of a data integrity verification system provided herein;

FIG. 4 is a system architecture diagram of yet another data integrity verification system provided herein;

FIG. 5 is a system architecture diagram of a data integrity verification system in a vertical industry scenario provided herein;

fig. 6 is a schematic flow chart of signing a contract in an operator network by a data sending end provided by the present disclosure;

fig. 7 is a schematic flow chart of a data integrity verification information uplink provided in the present disclosure;

FIG. 8 is a schematic flow chart of a data integrity verification information update provided in the present disclosure;

FIG. 9 is a flow chart of a data integrity verification provided by the present disclosure;

fig. 10 is a schematic structural diagram of an electronic device provided in the present disclosure.

Detailed Description

The data integrity verification system provided in the embodiments of the present application is described in detail below with reference to the accompanying drawings.

The term "and/or" is herein merely an association relationship describing an associated object, meaning that there may be three relationships, e.g., a and/or B, may represent: a exists alone, A and B exist together, and B exists alone.

The terms "first" and "second" and the like in the description and in the drawings are used for distinguishing between different objects or for distinguishing between different processes of the same object and not for describing a particular sequential order of objects.

Furthermore, references to the terms "comprising" and "having" and any variations thereof in the description of the present application are intended to cover a non-exclusive inclusion. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed but may optionally include other steps or elements not listed or inherent to such process, method, article, or apparatus.

It should be noted that, in the embodiments of the present application, words such as "exemplary" or "such as" are used to mean serving as an example, instance, or illustration. Any embodiment or design described herein as "exemplary" or "for example" should not be construed as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary" or "such as" is intended to present related concepts in a concrete fashion.

In the following, for ease of understanding, terms related to the embodiments of the present application will be explained first.

1. Machine type terminal

Machine type terminals are commonly used to collect generated data and are widely used in the vertical industry. The use of machine-type terminals has effectively facilitated the digital transformation of vertical industries such as agriculture, logistics, transportation, medical, environmental, supply chain finance, smart city, etc.

With the development of 5G networks, machine type terminals are increasingly used, and after a mass of machine type terminals collect data, the data are sent to service provider terminals, and the service provider terminals collect, aggregate and analyze the collected data. In addition, the service provider terminal may forward data collected by the machine type terminal to an upstream data consumer terminal. The data consumer terminal may obtain valuable data within the industry by analyzing the data. For example, in the agricultural industry, the data consumption terminal may determine environmental data (e.g., temperature and wind speed) for agricultural insurance based on data collected by the machine type terminal. In the second-hand vehicle industry, the data consumption terminal may determine driving behavior data for the second-hand transaction vehicle based on data collected by the machine type terminal. In the traffic industry, data consuming terminals may determine traffic data for AI algorithm training based on data collected by machine type terminals.

The current machine type terminal directly reports the collected data to the service provider terminal after collecting the data, and the data is not directly provided to the data consumption terminal. The data consuming terminal can only acquire the acquired data from the service provider terminal, but cannot acquire the data directly from the machine type terminal. However, after the data consumption terminal receives the collected data, it cannot be determined whether the data provided by the service provider terminal is tampered, and it is difficult to verify whether the received collected data is the original data collected by the machine type terminal.

In many industries, such as agricultural insurance and distributed artificial intelligence applications, the requirements for data integrity (data authenticity) are very high, and if data consuming terminals in these industries perform data analysis and decision making based on tampered data, unnecessary economic losses may be caused, and security attacks are suffered. Therefore, for the data consumption terminal, how to perform data integrity verification on the acquired data, so as to ensure that the acquired data is original data acquired by the source terminal and the data is not tampered, and the problem to be solved is currently urgent.

In the present disclosure, a machine type terminal may be a data transmitting end for performing functions related to the data transmitting end. The data consumption terminal is a data receiving terminal and is used for executing functions related to the data receiving terminal.

2. Data integrity

In the embodiments of the present disclosure, the data integrity is mainly used for verifying, by a data receiving end (for example, the above-described data consuming terminal), whether the received data is the original data sent by the data sending end (for example, the above-described machine type terminal). Preventing data from being tampered in the middle forwarding process. Based on the above description in machine type terminals, there is a need for a current data consuming terminal to verify the data integrity of the data provided by the service provider terminal.

In the related art, the data integrity may be verified by using a symmetric key+one-way Hash function or an asymmetric key Hash manner. However, these schemes have at least the following problems.

The data integrity verification mode of the symmetric key and the unidirectional Hash function can only verify the data integrity of the data in the point-to-point transmission process, but cannot verify whether the data is the original data provided by the source end. This may result in the service provider terminal tampering with the data before sending the data to the data consuming terminal, which cannot verify whether the data has been tampered with.

In the process of adopting the data integrity verification mode of the asymmetric key hash, the data integrity is verified by adopting the mode of private key signature and public key signature verification (for example, ITU-T X.509, IETF RFC 4880). But in this way it is also not possible to verify whether the data is the original data provided by the source. For example, after the machine type terminal collects data, the collected data is forwarded by the service provider terminal to the data consuming terminal. The data consumption terminal can only take the received data as the original data for subsequent processing, or restrict the service provider to provide the original data in a declaration and contract mode. However, these methods cannot avoid that the service provider terminal provides the original data, and it is difficult to ensure the data integrity.

3. Embedded subscriber identity module (Embedded subscriber identity module, eSIM) and trusted execution environment (trusted execution environment, TEE) techniques.

The eSIM and TEE may store confidential data and perform trusted operations at the machine-type terminal, such as generating a public-private key pair in the eSIM of the machine-type terminal or issuing public key endorsement information to the eSIM by way of OTA.

In the machine type terminal, when the machine type terminal needs to transmit data, the machine type terminal may call a predetermined interface through the OS to sign the collected data using a private key stored in the TEE or eSIM, and then transmit the signed data to the service provider terminal.

4. 5G open capability architecture

As shown in fig. 1, a system architecture diagram of a 5G capability open architecture according to an embodiment of the present application is provided. In the 5G capability open architecture shown in fig. 1, it includes: application servers (application server, AS), network element functions (Network element function, NEF), unified data management functions (unified data management, UDM), policy control functions (Policy Control Function, PCF), access and mobility management functions (access and mobility management function, AMF), session management functions (session management function, SMF), network warehouse functions (Network repository function, NRF), network Entity.

The AS is an application server of an operator or a third party application server, and is used for providing network service capability of the operator or service capability of a third party application. The AS accesses an API interface of the NEF of the operator 5G network through the Nnef, and communicates with the NEF through the API interface.

The NEF is a capability open network element of an operator, configured to open network capabilities of the operator to a third party service, open data (such AS location information) in a core network to an AS, or transmit service requirements (such AS QoS policies) of the AS to a network element in a 5G core network.

The NEF is connected with the UDM through a Nudm interface, the PCF through a Npcf interface, the AMF through Namf, the SMF through Nsmf, the NRF through Nnrf, and the Network Entity through 3GPP interface.

It should be noted that in the embodiments of the present disclosure, a long-term data integrity verification service may be provided for data collected by a machine type terminal through an AS function of an operator.

5. Block chain

Blockchains are a data storage technology commonly maintained by multiple parties, storing data in a blockchain structure, and securing transmission and access using cryptography. The block chain technology can achieve the effects of consistent storage, incapability of tampering and incapability of repudiation of data.

The blockchain generally comprises a plurality of blockchain nodes, the nodes respectively store the account books in the blockchain, and the P2P technology is used for synchronizing the account books, so that the consistency of the stored account books of each node is ensured. When the data in the account book needs to be updated, a plurality of nodes adopt a consensus mechanism to confirm the record written into the account book. Therefore, the data written into the ledger can be ensured to be written under the condition that a plurality of nodes jointly confirm, and the data which is not confirmed by the plurality of nodes jointly cannot be written, so that the data written into the blockchain ledger cannot be tampered and the data is traceable.

Blockchains are divided into, according to the type of access users allowed: blockchains of three types, public, federated and private. Wherein the public chain allows any terminal to access and use ledger accounting. The federation chain allows access to and billing using only specific individual terminals or specific enterprise terminals. The private chain allows only the enterprise internal nodes to maintain and use the blockchain.

Fig. 2 is a schematic block chain structure according to an embodiment of the disclosure. As shown in FIG. 2, the blockchain includes a plurality of blockchain link points Peer, with each blockchain node being interconnected. The blockchain node is provided with an intelligent contract (only the blockchain node 3 is taken as an example in the figure, and other nodes are similar to the blockchain node 3).

Each blockchain node includes a blockchain Ledger (Ledger) therein for storing data, for example, in the form of a hash.

It should be noted that in embodiments of the present disclosure, the data integrity verification information may be stored via blockchain techniques. Such as public key information MSISDN, ICCID, device sequence information, hash algorithm, time stamps, etc., and provides a data integrity verification server for the terminal through the open capabilities of the 5G network. Therefore, the data integrity verification of the whole data life cycle when the vertical industry collects data through the machine type terminal is ensured, the trust cost generated in the data circulation and reapplication process is reduced, and the digital transformation and the data application of the vertical industry are promoted.

The technical terms related to the embodiments of the present application are described in detail above.

As can be seen from the above description of machine type terminals and data integrity verification, in the current data transmission process (especially in the process of forwarding data by a third party), there is a need for verifying the data integrity of the received data at the data receiving end.

For example, in a vertical industry application scenario, a machine type terminal sends collected data to a service provider terminal, which forwards the data to a data consuming terminal. In this scenario, it is difficult for the data consuming terminal to verify whether the service provider terminal tampers with the data collected by the machine type terminal. Resulting in the inability of the data consuming terminal to determine the data integrity of the received data.

In order to solve the problems in the related art, the embodiment of the application provides a data integrity verification system, wherein data integrity verification information of a data transmitting end is stored in a data integrity verification server DIVS AS, after a data receiving end receives data to be verified and a first digital signature of the data to be verified, the data integrity verification information of the data transmitting end is obtained from the DIVS AS, the first digital signature is verified according to the data integrity verification information, and under the condition that the first digital signature is valid, the data is original data acquired by a data acquisition terminal, and further the data integrity verification of the data is successful.

FIG. 3 is a system architecture diagram of a data integrity verification system provided in an embodiment of the present application; as shown in fig. 3, the data integrity verification system includes: a data sender 301, a data integrity verification server (data integrity verification service application server, DIVS AS) 302, and a data receiver 303.

Wherein, the data transmitting end 301 is configured to: transmitting the target data to the data receiving end 303; the target data includes: the method comprises the steps of verifying data to be verified, a first digital signature and a first identifier; the first digital signature is a digital signature which is determined by signing the data to be verified according to the first private key; the first identifier is a storage identifier of the data integrity verification information of the data sending end 301 in the DIVS AS 302; the first private key is a private key in a first key pair generated by the data sender 301.

A data receiving end 303 configured to: receive the target data and send a first identification to DIVS AS 302.

DIVS AS302 configured to: receiving a first identifier, and inquiring data integrity verification information associated with the first identifier; the data integrity verification information includes a first public key; the first public key is the public key in the first key pair generated by the data sender 301.

A data receiving end 303 configured to: and receiving data integrity verification information, verifying the first digital signature according to a first public key in the data integrity verification information, and determining the data integrity of the data to be verified according to the verification result of the first digital signature.

Alternatively, the data transmitting terminal 301 may be a machine type terminal as described above. The data receiving terminal 303 may be the data consuming terminal described above.

The scheme at least brings the following beneficial effects: in the embodiment of the present disclosure, after the data is collected by the data transmitting end 301, the data is digitally signed by using the first private key, and then the digital signature and the data to be verified are uniformly transmitted to the data receiving end 303. After the data receiving end 303 receives the data, the data integrity verification information of the data sending end 301 is obtained from the DIVS AS302, the first public key in the data integrity verification information is used for verifying the first digital signature, if the verification is successful, the first digital signature is the signature performed according to the first private key, and the first private key is the key inside the data sending end 301 and cannot be stolen from outside. Therefore, in the case that the verification of the first digital signature is successful, the digital signature obtained after the first digital signature is signed by the data sending terminal 301 is described, so that the data to be verified is the original data sent by the data sending terminal 301. Based on this, the data receiving end 303 can determine whether the received data is the original data transmitted by the data transmitting end 301 according to the method, thereby effectively verifying the data integrity of the data to be verified.

With reference to fig. 3, as shown in fig. 4, in one possible implementation manner, the data integrity verification system provided in the embodiment of the application further includes: a capability open platform NEF304 and a user data management network element UDM305.

Wherein, the data transmitting end 301 is further configured to: transmitting the first data to DIVS AS 302; the first data includes: a first public key, a signature algorithm set supported by the data transmitting end and first terminal information of the data transmitting end 301; the DIVS AS302 is further configured to: acquiring subscription information of the data transmitting end 301 according to the first terminal information; the subscription information includes: subscription validity information of the data transmitting terminal 301; determining data integrity verification information according to the first data and the subscription information; data integrity verification information is stored in the blockchain.

Based on this, the data sender 301 can store data integrity verification information in the blockchain by interacting with the DIVS AS302 before performing data integrity verification. Thus, when the data receiving end 303 requests the data integrity verification information, the data receiving end 303 can obtain the data integrity verification information from the blockchain so as to avoid the data integrity verification information from being tampered.

In one possible implementation, the system further includes: a capability open platform NEF and a user data management network element UDM; the DIVS AS302 is specifically configured to: sending a subscription information acquisition request to a capability open platform NEF; the subscription information acquisition request comprises first terminal information; NEF, configured to: requesting to acquire the subscription information of the data transmitting terminal 301 from the UDM, and returning the subscription information of the data transmitting terminal 301 to the DIVS AS302 after acquiring the subscription information of the data transmitting terminal 301; DIVS AS302, further configured to: receiving subscription information from the NEF; the subscription information is the subscription information of the data sending end 301, which is returned by the NEF and is acquired in the user data management network element UDM according to the first terminal information.

Based on this, the DIVS AS302 acquires the subscription information of the data transmitting end 301 from the operator network before storing the data integrity verification information in the blockchain, and compares whether the terminal information of the data transmitting end 301 and the terminal information in the subscription information are consistent, and stores the data integrity verification information in the blockchain in case of consistency. The data stored in the blockchain by the DIVS AS302 is guaranteed to be the data integrity verification information of the data sender 301.

In one possible implementation, the data transmitting end 301 is specifically configured to: generating a first key pair; the first key pair includes a first public key and a first private key; signing the first public key and the first terminal information by adopting a first private key and a first signature algorithm, and determining a second digital signature; and generating first data according to the first public key, the first terminal information, a signature algorithm set supported by the data transmitting end and the second digital signature.

Based on this, the data transmitting terminal 301 generates a first public key and a first private key, and the data transmitting terminal 301 stores the first private key and transmits the first public key to the DIVS AS302. In this way, the data to be verified may be encrypted using the first private key, which is decrypted. In addition, the data transmitting end 301 signs the metadata by adopting the first private key and the first signature algorithm to generate a second digital signature, so that the DIVS AS302 can verify the second digital signature according to the first public key and the first signature algorithm, and the accuracy of the received first data is ensured.

In one possible implementation, the DIVS AS302 is specifically configured to: verifying the second digital signature according to the first public key and the first signature algorithm; under the condition that the second digital signature passes verification, acquiring first terminal information in the first data; and generating a subscription information acquisition request according to the first terminal information.

Based on this, the DIVS AS302 can determine whether the first data is the original data sent by the data sending terminal 301 to the DIVS AS302 by verifying the second digital signature, thereby ensuring the accuracy of the received first data.

In one possible implementation, the DIVS AS302 is specifically configured to: generating a first data set to be signed according to the first data and the subscription data; signing the first data set to be signed according to the second private key and the second signing algorithm, and determining a third digital signature; the second private key belongs to a second key pair generated by DIVS AS 302; and determining the data integrity verification information according to the first data set to be signed, the certificate corresponding to the second private key and the third digital signature.

Based on this, the DIVS AS302 signs the data integrity verification information again, so that after the data receiving end 303 receives the data integrity verification information, it performs signature verification according to the signature information of the blockchain, and ensures that the data integrity verification information is information from the DIVS AS 302.

In one possible implementation, the DIVS AS302 is further configured to: transmitting the first transaction identifier to the data transmitting end 301; wherein the first transaction identifier is used to characterize stored information of the data integrity verification information in the blockchain.

Based on this, the DIVS AS302 may enable the data transmitting end 301 to generate the first identifier according to the transaction identifier by transmitting the transaction identifier to the data transmitting end 301, so that the data receiving end 303 may obtain the data integrity verification information from the DIVS AS302 according to the first identifier.

In one possible implementation, the DIVS AS302 is further configured to:

transmitting the first address information to the data transmitting terminal 301; the first address information is address information of the DIVS AS302 storing data integrity verification information corresponding to the first transaction identifier.

Based on this, the DIVS AS302 may send the DIVS AS302 entry address to the data transmitting end 301, and the data transmitting end 301 adds the DIVS AS302 entry address to the target data, so that the data receiving end 303 determines the DIVS AS302 capable of storing the data integrity verification information according to the DIVS AS302 entry address.

In one possible implementation, the UDM is further configured to: in the case of subscription information update at the data transmitting end 301, a subscription information update message is transmitted to the NEF; the subscription information update message includes: second terminal information of the data transmitting terminal 301, and subscription information updated by the data transmitting terminal 301; NEF, further configured to: forwarding the subscription information update message to DIVS AS 302; the DIVS AS302 is further configured to: inquiring latest target data integrity verification information comprising second terminal information in a blockchain; updating the latest target data integrity verification information according to the updated subscription information; and storing the updated latest target data integrity verification information in the blockchain.

Based on this, after the subscription information of the data transmitting terminal 301 is changed, the UDM can timely notify the DIVS AS302 to update the subscription information. And the DIVS AS302 can update the data integrity verification information according to the updated subscription information, so AS to ensure the real-time performance of the data integrity verification information.

In one possible implementation, the DIVS AS302 is specifically further configured to: executing a first operation on each piece of target data integrity verification information, and determining each piece of updated target data integrity verification information; the first operation includes: generating a second data set to be verified according to the first data and the updated subscription information; signing the second data set to be signed according to the second private key and a second signing algorithm, and determining a fourth data signature; and determining updated target data integrity verification information according to the second data set to be signed, the certificate corresponding to the second private key and the fourth digital signature.

Based on this, the DIVS AS302 stores the subscription information updated by the data transmitting end 301 in the blockchain, so that the data receiving end 303 can verify the data integrity of the data to be verified according to the updated subscription information.

In one possible implementation, the DIVS AS302 is further configured to: transmitting the second transaction identifier to the data transmitting end 301; wherein the second transaction identifier is used for characterizing that the updated storage information of the target data integrity verification information in the blockchain is based on the second transaction identifier, and the DIVS AS302 may enable the data transmitting end 301 to generate a first identifier according to the updated transaction identifier by sending the updated transaction identifier to the data transmitting end 301, so that the data receiving end 303 obtains the updated data integrity verification information according to the first identifier.

In one possible implementation, the DIVS AS302 is further configured to: transmitting the second address information to the data transmitting terminal 301; wherein the second address information is address information of the DIVS AS302 storing the updated target data integrity verification information. It will be appreciated that the DIVS AS may send the transaction identity and URL to the data sender after generating the transaction identity and URL, respectively. The DIVS AS may also combine the transaction identifier and the URL, and send the transaction identifier and the URL to the data sender through the same message, which is not limited in this disclosure. Under the condition that the same message sends the transaction identifier and the URL to the data sending end, if the DIVS AS updates the transaction identifier (for example, the DIVS AS correspondingly updates the transaction identifier after updating the uplink data corresponding to the transaction identifier) but does not update the URL, the DIVS can only update the transaction identifier in the information, or can update the transaction identifier and the URL simultaneously. The present disclosure is not limited in this regard

Based on this, the DIVS AS302 may add the updated DIVS AS302 entry address to the target data by sending the updated DIVS AS302 entry address to the data sender 301; and further, the data receiving end 303 may obtain updated data integrity verification information from the DIVS AS302 according to the updated entrance address of the DIVS AS 302.

In one possible implementation, the data transmitting end 301 is further configured to: receiving at least one of a first transaction identification and a second transaction identification from DIVS AS 302; the first transaction identifier is a transaction identifier generated according to the storage information of the data integrity verification information in the blockchain; the second transaction identifier is a transaction identifier generated according to the storage information of the updated data integrity verification information in the blockchain; and generating the first identifier according to the latest transaction identifier in the first transaction identifier and the second transaction identifier.

Based on this, the data transmitting end 301 may generate the first identifier according to the first transaction identifier and the second transaction identifier.

In one possible implementation, the target data further includes a verification access address; the verification access address is used to characterize the address of the DIVS AS302 storing the data integrity verification information of the data sender 301; the data transmitting end 301 is further configured to: receiving at least one of the first address information and the second address information from the DIVS AS 302; the first address information is address information of the DIVS AS302 storing data integrity verification information corresponding to the first transaction identifier; the second address information is address information of the DIVS AS302 storing updated data integrity verification information corresponding to the second transaction identifier; a verification access address is generated based on at least one of the first address information and the second address information.

Based on this, the data transmitting terminal 301 can generate the authentication access address from the first address information and the second address information.

In one possible implementation, the target data further includes a timestamp of the first digital signature; the data integrity verification information further includes: a subscription validity period of the data transmitting terminal 301; the data receiving end 303 is further configured to: determining whether the timestamp of the first digital signature is within the subscription validity period of the data sending end 301; if yes, the data integrity verification of the data to be verified is successful.

Based on this, the data receiving end 303 may specifically determine whether the terminal is in the subscription validity period when collecting data according to whether the timestamp of the first digital signature is in the subscription validity period, and determine that the data integrity verification that the data transmitting end 301 collects in the subscription validity period is successful, and the data integrity verification that the data transmitting end 301 collects outside the subscription validity period is failed.

In one possible implementation, the data receiving end 303 is further configured to: verifying the third digital signature according to the certificate corresponding to the second private key and the second signature algorithm; and under the condition that the third digital signature verification is successful, acquiring a first public key in the first data set to be signed.

Based on this, the data transmitting end 301 can determine whether the acquired data is data transmitted to the data transmitting end 301 by the DIVS AS302 by verifying the third digital signature.

In one possible implementation, the first terminal information includes at least one of an embedded universal integrated circuit card identity (embedded universal integrated circuit card Identity, euiccid)/integrated circuit card identity (Integrate circuit card identity, ICCID), an international mobile equipment identity (International Mobile Equipment Identity, IMEI), and a mobile subscriber number (Mobile Station international ISDN number, MSISDN) of the data sender 301; the second terminal information includes at least one of an euiccid/ICCID, an IMEI, and an MSISDN.

Based on the above, the account opening platform binds the euiccid/ICCID, IMEI and MSISDN as terminal information of the data transmitting end 301, so that the uniqueness and consistency of the terminal information of the data transmitting end 301 are ensured.

In the above, the details of the devices included in the data integrity verification system according to the embodiments of the present disclosure, and the functions of the respective devices, the interactions between the respective devices are described.

In one possible implementation manner, in conjunction with fig. 5, a system architecture diagram of a data integrity verification system is provided in an industry vertical scenario.

As shown in fig. 5, the data integrity verification system includes a machine type terminal 501, a data integrity verification server 502, a data consumption terminal 503, a capability open function network element 504, a user data storage network element 505, and other data integrity verification service network elements 506.

The machine type terminal 501 is internally provided with an APP for realizing different application functions. The machine type terminal has an operating system OS built therein. The machine-type terminal has an eSIM installed therein, which may enable the machine-type terminal to transmit data over an operator network (e.g., a 5G network). An applet may also be installed in the machine type terminal eSIM, which applet is used to generate a key pair (e.g., the first public key and the first private key described above). The first private key is always stored in the applet, so that the first private key is prevented from being revealed, and the first public key can be sent to other terminals, so that the other terminals decrypt the data encrypted by the first private key according to the first public key. Optionally, the machine type terminal may further integrate a 5G communication module, so that the machine type terminal has 5G communication capability.

The data integrity verification server 502 is configured to store data integrity verification information of a data transmitting end and provide the data integrity verification information for a data receiving end. Alternatively, the data integrity verification server may be a third party entity deployed in an operator network. The data integrity verification server 502 may specifically include a signaling processing module 5021, an access control module 5022, a data management module 5023, and a blockchain ledger 5024.

The data consuming terminal 503 is a third party terminal for collecting, using, and streaming data collected by the machine type terminal. For example, it may be a personal terminal or a terminal in an enterprise.

The capability open function network element 504 may be illustratively a capability open function network element in a 5G core network, such as a NEF, for enabling communication between third party applications (e.g., a data integrity verification server) and an operator core network.

The user data storage network element 505 is configured to store data of a user terminal, for example, in the embodiment of the present disclosure, the user data storage network element 505 is configured to store subscription information of a machine type terminal.

The other data integrity verification service network element 506 is a data integrity verification server deployed in different core networks of the same operator, or a data integrity verification server of other operators; the blockchain ledger function of the data integrity verification server forms a blockchain network.

In the above, a system architecture diagram of a data integrity verification system in a vertical industry scenario is described in detail.

The following describes the process of performing data integrity verification in the present application in conjunction with the data integrity verification system described above:

In the embodiment of the present disclosure, the data integrity verification process may specifically include the following procedures:

a first flow, a flow that a data transmitting end signs in an operator network; a second flow, a data integrity verification information uplink flow; a third flow, a data integrity verification information updating flow; and fourthly, verifying the data integrity. The following describes the above-described flow respectively:

the first flow is a flow that the data transmitting end signs in the operator network.

As shown in fig. 6, the process of signing up the data transmitting end in the operator network includes the following S601-S604.

S601, a data transmitting end user transmits equipment subscription information to an account opening platform.

The device subscription information includes at least one of: common Name, location (country, region), home organization Name, mailbox address.

S602, the account opening platform opens accounts for the data transmitting end.

The method specifically comprises the following steps: the data transmitting terminal opens an account in the account opening platform, and registers information such as the eUICC ID, IMEI, equipment serial number SN, equipment attribution entity name, deployment position, contact mailbox and the like of the data transmitting terminal.

The account opening platform triggers the eSIM management platform to generate eSIM profile and a secure applet. And in the process of generating the eSIM profile, the eSIM management platform distributes ICCID for the data transmitting terminal.

The account opening platform binds ICCID with IMEI and eUICC ID.

It should be noted that the information required in the above process includes at least one of the following: common Name, location (country, region), home organization Name, mailbox address.

S603, the data transmitting terminal accesses the network of the operator to acquire and install the eSIM profile and the security applet.

In a specific implementation, after the data transmitting end accesses the operator network, the data transmitting end requests to the eSIM management platform to download the eSIM profile and the secure applet. After the downloading is completed, the data transmitting end installs the eSIM profile and the secure applet in the eUICC.

Thus, the data transmitting end can encrypt the data needing to be encrypted by using the network service through the eSIM and generating a key pair through the applet.

S604, the account opening platform sends subscription information to the UDM. Correspondingly, the UDM receives and stores subscription information of the data transmitting end.

In this way, after the subscription information of the data sending end is stored in the UDM, the subscription information in the machine type may be sent to the DIVS AS, so that the DIVS AS verifies the data sending end according to the subscription information.

The above describes the process of signing the data transmitting end in the operator network, and based on the process, the unique identification of the data transmitting end can be completed through the above information by binding the ICCID with the IMEI and the euiccid. After this, the DIVS AS and the data receiver may authenticate the data sender based on the above information.

And a second flow, a data integrity verification information uplink flow.

As shown in fig. 7, the flow of data integrity verification information uplink may be implemented by the following S701-S711.

S701, the data transmitting end generates a first key pair.

In one possible implementation, the data sender invokes a secure applet in the eUICC, generating a first key pair (ECC or RSA based). The first key pair includes a first public key and a first private key.

It should be noted that the first private key will always be stored in the secure applet and not be available to the data transmitting end or other devices, so that other devices can be prevented from transmitting data and signature to the data receiving end according to the first private key after stealing the first private key.

S702, the data transmitting end acquires metadata and generates data to be uplink according to the metadata.

The metadata includes at least one of: the first public key, IEMI, ICCID, euiccid, device serial number SN, MSISDN.

In one possible implementation, the data sending application obtains the first public key generated by the secure applet via an ADPU instruction. The data transmitting end obtains first terminal information of the data transmitting end from an operating system interface and a communication module interface, and the first terminal information comprises at least one of the following components: IEMI, ICCID, euiccid, device serial number SN, MSISDN.

Wherein, the data to be uplink comprises: metadata, a first signature algorithm for signing the metadata, and a first digital signature obtained after signing the metadata.

In one possible implementation, the data-transmitting end application transmits metadata to the secure applet. The secure applet digitally signs the metadata according to a first private key of the public-private key pair and a first signature algorithm to obtain a first digital signature.

And the data transmitting end generates data to be uplink according to the metadata, the first signature algorithm and the first digital signature.

S703, the data transmitting end transmits the data to be uplink to the DIVS AS.

S704, the DIVS AS verifies the data to be uplink according to the first public key and the first digital signature.

Optionally, the DIVS AS decrypts the first digital signature according to the first public key to obtain decrypted data. The DIVS AS determines whether the decrypted data is consistent with the metadata or the hash of the metadata, and if so, determines that the verification is successful.

S705, the DIVS AS sends subscription request information to the NEF.

The subscription request information is used for requesting to acquire subscription information of the data sending end.

Optionally, the DIVS AS accesses NEF via a query interface (RP-EDI). The access message carries MSISDN, ICCID and IMEI, and requests to acquire subscription information of the data transmitting end corresponding to the MSISDN, ICCID and IMEI.

S706, the NEF obtains the subscription information of the sender from the UDM.

Optionally, the NEF forwards the MSISDN, the ICCID, and the IMEI to the UDM, and requests to obtain subscription information of the data transmitting end corresponding to the MSISDN, the ICCID, and the IMEI. The UDM queries subscription information having MSISDN, ICCID, and IMEI information by MSISDN, ICCID, and IMEI, and returns the queried subscription information to the NEF.

S707, the NEF sends subscription information of the data sending end to the DIVS AS.

Optionally, the NEF forwards the subscription information sent by the UDM to the DIVS AS.

S708, DIVS AS generates a first data set to be signed.

Specifically, the DIVS AS takes the metadata, subscription information, and public key, and first signing algorithm information AS a first set of data to be signed.

Alternatively, the DIVS AS may directly use the metadata, the subscription information, the public key, and the first signing algorithm information AS the first data set to be signed, or may use hash values of the metadata, the subscription information, the public key, and the first signing algorithm information AS the first data set to be signed. The present application is not limited in this regard.

S709, the DIVS AS generates data integrity verification information according to the first data set to be signed, and uploads the data integrity verification information to the blockchain ledger.

Specifically, the DIVS AS signs the first set of data to be signed according to the second private key of the blockchain ledger and a second digital signature algorithm, generating a second digital signature. The DIVS AS uploads the first set of data to be signed, the second digital signature, and the CA certificate of the second private key AS data integrity verification information into the blockchain ledger.

It should be noted that the blockchain ledger includes transaction identification (transaction ID) of the data integrity verification information. After uploading the data integrity verification information into the blockchain ledger, the DIVS AS sets the value of the previous transaction identification of the data integrity verification information to null and sets the record status to available.

S710, the DIVS AS generates a transaction identifier of the data complete line verification information.

S711, the DIVS AS sends the transaction identification to the data sending end.

Optionally, the DIVS AS further generates a URL of the DIVS AS portal, and synchronously sends the URL and the transaction identifier to the data sending end. It will be appreciated that the DIVS AS may send the transaction identity and URL to the data sender after generating the transaction identity and URL, respectively. The DIVS AS may also combine the transaction identifier and the URL, and send the transaction identifier and the URL to the data sender through the same message, which is not limited in this disclosure. Under the condition that the same message sends the transaction identifier and the URL to the data sending end, if the DIVS AS updates the transaction identifier but does not update the URL, the DIVS can only update the transaction identifier in the information, and can also update the transaction identifier and the URL at the same time. The present disclosure is not limited in this regard.

It should be noted that the data sender, after receiving the transaction identification and URL, can store the transaction identification and URL in a secure applet in the eUICC.

It should be noted that, in the second process, the certificate corresponding to the second private key provided by the DIVS AS may be a CA certificate generated by the blockchain system member management based on the public-private key pair, or may be a CA certificate generated by an authoritative CA structure, or may be a self-signed CA certificate, which is not limited in this application.

Alternatively, the second digital signature algorithm and the first digital signature algorithm may be the same digital signature algorithm.

Optionally, the blockchain ledger includes a blockchain client, and the client is used for executing the data reading and writing of the blockchain ledger and the execution of the intelligent contract.

And thirdly, updating the data integrity verification information.

As shown in fig. 8, the flow of updating the data integrity verification information is exemplified by the sign-up logout flow, and the flow of updating the data integrity verification information is described. The subscription logout procedure may be implemented by the following S801-S808.

S801, triggering eSIM signing cancellation by UDM.

Specifically, the data stored in the UDM is sent to the end user subscription data. And once the user service is logged off, triggering a signing logout flow and triggering a UDM event notification to the NEF.

S802, the UDM sends eSIM signing cancellation information to the NEF.

Wherein the eSIM subscription cancellation message includes at least one of: ICCID, MSISDN, and binding IMEI and eSIM subscription cancellation time.

S803, the NEF sends an eSIM sign-up cancellation message to the DIVS AS.

Specifically, the NEF triggers a subscription notification event, sending eSIM subscription cancellation messages to the DIVS AS.

S804, the DIVS AS determines the corresponding transaction identification according to the eSIM signing cancellation message.

Specifically, after receiving the eSIM subscription cancellation message, the DIVS AS obtains the ICCID, MSISDN, and IMEI in the eSIM subscription cancellation message. The DIVS AS determines all transaction identities associated with the ICCID, MSISDN and IMEI.

S805, the DIVS AS updates the first data set to be signed corresponding to the transaction identifier to obtain a second data set to be signed.

Specifically, the DIVS AS updates eSIM sign-off time in a first to-be-signed data set corresponding to each transaction identifier, and takes the updated first to-be-signed data set AS a second to-be-signed data set.

And the DIVS AS signs the second data set to be signed according to the second private key and a second signature algorithm to obtain a fourth digital signature.

S806, the DIVS AS uploads the second data set to be signed, the fourth digital signature, and the CA certificate of the second private key AS updated data integrity verification information to the blockchain ledger.

S807, the DIVS AS generates a transaction identifier of the updated data integrity verification information.

S808, the DIVS AS sends the transaction identification of the updated data integrity verification information to the data sending terminal.

For specific implementation of S807 and S808, reference may be made to S710 and S711, which are not described herein.

The above description has been given of the process of updating the subscription information.

And fourthly, verifying the data integrity.

As shown in fig. 9, the flow of data integrity verification may be implemented specifically by the following S901-S907.

And S901, the data transmitting terminal acquires the data to be verified.

Optionally, after the data transmitting end collects data, the collected data is used as data to be verified

S902, the data transmitting end generates target data according to the data to be verified.

The method specifically comprises the following steps: the data transmitting end adopts a first private key and a first signature algorithm to verify the digital signature to obtain a first digital signature.

The data transmitting end calls an ADPU instruction, transmits the data to the secure applet, signs the data to be verified by using a first private key and a first signature algorithm, and obtains a first digital signature and a timestamp of the first digital signature.

S903, the data transmitting terminal transmits the target data to the data receiving terminal.

Specifically, the data transmitting end generates target data according to the data to be verified, the first digital signature, the timestamp of the first digital signature and the first identifier.

The data transmitting end transmits target data to the data receiving end.

It should be noted that, the data transmitting end may directly transmit the target data to the data receiving end, or may transmit the target data to the data receiving end after forwarding the target data by other devices, which is not limited in this application.

S904, the data receiving end sends a data integrity verification information request message to the DIVS AS.

The request data includes a first identification.

S905, the DIVS AS queries the data integrity verification information associated with the first identifier.

Specifically, the DIVS AS determines the first identity after receiving the request message. The DIVS AS queries the blockchain ledger for data integrity verification information associated with the first identity.

Optionally, the DIVS AS first queries the query blockchain ledger for the first identification data integrity verification information and determines metadata in the data integrity verification information. The DIVS AS then determines updated data integrity verification information based on IEMI, MSISDN, ICCID in the metadata.

The DIVS AS sends the data integrity verification information and the updated data integrity verification information to the data receiving end together

S906, the DIVS AS sends data integrity verification information to the data receiving end.

S907, the data receiving end verifies the data integrity of the data to be verified according to the data integrity verification information.

Specifically, the DIVS AS verifies the third digital signature or the fourth digital signature from the CA integers of the second public key and the first private key in the data integrity verification information after receiving the data integrity verification information. After verification is successful, a first public key in the data integrity verification information is obtained, and the first digital signature is verified according to the first public key and a first signature algorithm. After the first digital signature passes verification, determining whether a time stamp of the first digital signature is within a subscription validity period of the data transmitting end. If yes, the data integrity verification of the data to be verified is successful.

The data integrity verification system and the functions of each device in the data integrity verification system according to the embodiments of the present application are described in detail above.

The embodiment of the application provides an electronic device for executing a method required to be executed by any device in the data integrity determination system. The electronic device may be a data transmitting end, a data receiving end, a DIVS AS, a NEF, a UDM, or the like, which is not limited in this application. The electronic device may be an electronic device referred to in the present application, or a module in an electronic device; or a chip in the electronic device, or other apparatus for performing the network quality determining method, which is not limited in this application.

Fig. 10 is a schematic structural diagram of an electronic device according to an embodiment of the present application. As shown in fig. 10, the electronic device 100 comprises at least one processor 101, a communication line 102, and at least one communication interface 104, and may further comprise a memory 103. The processor 101, the memory 103, and the communication interface 104 may be connected through a communication line 102.

The processor 101 may be a central processing unit (central processing unit, CPU), an application specific integrated circuit (application specific integrated circuit, ASIC), or one or more integrated circuits configured to implement embodiments of the present application, such as: one or more digital signal processors (digital signal processor, DSP), or one or more field programmable gate arrays (field programmable gate array, FPGA).

Communication line 102 may include a pathway for communicating information between the aforementioned components.

The communication interface 104, for communicating with other devices or communication networks, may use any transceiver-like device, such as ethernet, radio access network (radio access network, RAN), wireless local area network (wireless local area networks, WLAN), etc.

The memory 103 may be, but is not limited to, a read-only memory (ROM) or other type of static storage device that can store static information and instructions, a random access memory (random access memory, RAM) or other type of dynamic storage device that can store information and instructions, or an electrically erasable programmable read-only memory (electrically erasable programmable read-only memory, EEPROM), a compact disc read-only memory (compact disc read-only memory) or other optical disc storage, optical disc storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to include or store desired program code in the form of instructions or data structures and that can be accessed by a computer.

In a possible design, the memory 103 may exist independent of the processor 101, i.e. the memory 103 may be a memory external to the processor 101, where the memory 103 may be connected to the processor 101 through a communication line 102 for storing execution instructions or application program codes, and the execution is controlled by the processor 101 to implement a network quality determining method provided in the embodiments described below. In yet another possible design, the memory 103 may be integrated with the processor 101, i.e., the memory 103 may be an internal memory of the processor 101, e.g., the memory 103 may be a cache, and may be used to temporarily store some data and instruction information, etc.

As one implementation, processor 101 may include one or more CPUs, such as CPU0 and CPU1 in fig. 10. As another implementation, the electronic device 100 may include multiple processors, such as the processor 101 and the processor 107 in fig. 10. As yet another implementation, the electronic device 100 may also include an output device 105 and an input device 106.

Embodiments of the present application provide a computer program product comprising instructions which, when run on a computer, cause the computer to perform the methods performed by the respective devices in the system embodiments described above.

The embodiments of the present application also provide a computer readable storage medium, where instructions are stored, which when executed on a computer, cause the computer to perform a method performed by each device in the system embodiments described above.

The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access Memory (Random Access Memory, RAM), a Read-Only Memory (ROM), an erasable programmable Read-Only Memory (Erasable Programmable Read Only Memory, EPROM), a register, a hard disk, an optical fiber, a portable compact disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing, or any other form of computer readable storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an application specific integrated circuit (Application Specific Integrated Circuit, ASIC). In the context of the present application, a computer-readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.

In the several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interface, indirect coupling or communication connection of devices or units, electrical, mechanical, or other form.

The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.

The foregoing is merely a specific embodiment of the present application, but the protection scope of the present application is not limited thereto, and any changes or substitutions within the technical scope of the present disclosure should be covered in the protection scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (16)

1. A data integrity verification system, comprising: a data transmitting end, a data receiving end and a data integrity verification server DIVS AS;

the data transmitting terminal is configured to: sending target data to the data receiving end; the target data includes: the method comprises the steps of verifying data to be verified, a first digital signature and a first identifier; the first digital signature is a digital signature which is obtained by carrying out signature determination on the data to be verified according to a first private key; the first identifier is a storage identifier of the data integrity verification information of the data sending end in the DIVS AS; the first private key is a private key in a first key pair generated by the data transmitting end;

the data receiving end is configured to: receiving the target data and sending the first identification to the DIVS AS;

the DIVS AS configured to: receiving the first identifier, and inquiring data integrity verification information associated with the first identifier; the data integrity verification information includes a first public key; the first public key is a public key in a first key pair generated by the data transmitting end;

The data receiving end is configured to: receiving the data integrity verification information, verifying the first digital signature according to a first public key in the data integrity verification information, and determining the data integrity of the data to be verified according to a verification result of the first digital signature;

the DIVS AS is specifically configured to: sending a subscription information acquisition request to the NEF; the subscription information acquisition request comprises first terminal information of the data transmitting end;

the NEF is configured to: requesting to acquire the subscription information of the data transmitting end from the UDM, and returning the subscription information of the data transmitting end to the DIVS AS after acquiring the subscription information of the data transmitting end;

the DIVS AS is further configured to: receiving subscription information from the NEF; the subscription information is the subscription information of the data transmitting end, which is returned by the NEF and is acquired in a user data management network element (UDM) according to the first terminal information.

2. The system of claim 1, wherein the data transmitting end is further configured to: transmitting first data to the DIVS AS; the first data includes: the first public key, the signature algorithm set supported by the data sending end and the first terminal information;

The DIVS AS is further configured to: acquiring subscription information of the data transmitting end according to the first terminal information; the subscription information includes: subscription validity information of the data transmitting end; determining the data integrity verification information according to the first data and the subscription information; the data integrity verification information is stored in a blockchain.

3. The system according to claim 2, wherein the data transmitting end is specifically configured to:

generating a first key pair; the first key pair includes the first public key and the first private key;

signing the first public key and the first terminal information by adopting the first private key and a first signature algorithm, and determining a second digital signature;

and generating the first data according to the first public key, the first terminal information, a signature algorithm set supported by a data transmitting end and a second digital signature.

4. The system of claim 3, wherein the DIVS AS is specifically configured to:

verifying the second digital signature according to the first public key and the first signature algorithm;

acquiring first terminal information in the first data under the condition that the second digital signature passes verification;

And generating the subscription information acquisition request according to the first terminal information.

5. The system of claim 4, wherein the DIVS AS is specifically configured to:

generating a first data set to be signed according to the first data and the subscription information;

signing the first data set to be signed according to a second private key and a second signing algorithm, and determining a third digital signature; the second private key belongs to a second key pair generated by the DIVS AS;

and determining the data integrity verification information according to the first data set to be signed, the certificate corresponding to the second private key and the third digital signature.

6. The system of claim 5, wherein the DIVS AS is further configured to:

transmitting a first transaction identifier to the data transmitting end; wherein the first transaction identifier is used to characterize stored information of the data integrity verification information in the blockchain.

7. The system of claim 6, wherein the DIVS AS is further configured to:

the DIVS AS sends first address information to the data sending end; the first address information is address information of a DIVS AS storing data integrity verification information corresponding to the first transaction identifier.

8. The system of claim 7, wherein the UDM is further configured to: under the condition that the subscription information of the data sending end is updated, sending a subscription information updating message to the NEF; the subscription information update message includes: the second terminal information of the data transmitting end and the updated subscription information of the data transmitting end;

the NEF is further configured to: forwarding the subscription information update message to the DIVS AS;

the DIVS AS is further configured to: inquiring latest target data integrity verification information comprising the second terminal information in the blockchain; updating the latest target data integrity verification information according to the updated subscription information; and storing the updated latest target data integrity verification information in the blockchain.

9. The system of claim 8, wherein the system further comprises a controller configured to control the controller,

the DIVS AS is specifically further configured to: executing a first operation on each piece of target data integrity verification information, and determining updated each piece of target data integrity verification information;

the first operation includes: generating a second data set to be signed according to the first data and the updated subscription information;

Signing the second data set to be signed according to the second private key and the second signature algorithm, and determining a fourth digital signature;

and determining updated target data integrity verification information according to the second data set to be signed, the certificate corresponding to the second private key and the fourth digital signature.

10. The system of claim 9, wherein the DIVS AS is further configured to:

transmitting a second transaction identifier to the data transmitting end; wherein the second transaction identifier is used to characterize the stored information of the updated target data integrity verification information in the blockchain.

11. The system of claim 10, wherein the DIVS AS is further configured to:

sending second address information to the data sending end; the second address information is address information of DIVS AS storing the updated target data integrity verification information.

12. The system of claim 11, wherein the data transmitting end is further configured to: receiving at least one of a first transaction identification and a second transaction identification from the DIVS AS; the first transaction identifier is a transaction identifier generated according to the stored information of the data integrity verification information in the blockchain; the second transaction identifier is a transaction identifier generated according to the storage information of the updated data integrity verification information in the blockchain;

And generating the first identifier according to the latest transaction identifier in the first transaction identifier and the second transaction identifier.

13. The system of claim 12, wherein the target data further comprises a verification access address; the verification access address is used for representing the address of a DIVS AS storing the data integrity verification information of the data transmitting end; the data transmitting end is further configured to: receiving at least one of first address information and second address information from the DIVS AS; the first address information is DIVS AS address information storing data integrity verification information corresponding to the first transaction identifier; the second address information is address information of DIVS AS storing updated data integrity verification information corresponding to the second transaction identifier;

the authentication access address is generated according to at least one of the first address information and the second address information.

14. The system of any of claims 1-13, wherein the target data further comprises a timestamp of the first digital signature; the data integrity verification information further includes: the signing validity period of the data sending end; the data receiving end is further configured to: determining whether the timestamp of the first digital signature is within the signing validity period of the data sending end;

If yes, determining that the data integrity verification of the data to be verified is successful.

15. The system of claim 5 or 9, wherein the data receiving end is further configured to:

verifying the third digital signature according to the certificate corresponding to the second private key and the second signature algorithm;

and under the condition that the third digital signature verification is successful, acquiring a first public key in the first data set to be signed.

16. The system of claim 8, wherein the first terminal information comprises at least one of an embedded universal integrated circuit card identification euiccid/integrated circuit card identification ICCID, an international mobile equipment identification IMEI, and a mobile subscriber number MSISDN of the data transmitting end;

the second terminal information includes at least one of the euiccid/ICCID, IMEI, and MSISDN.