CN114880399A - Data sharing system based on account book database network and account book database - Google Patents
Data sharing system based on account book database network and account book database Download PDFInfo
- Publication number
- CN114880399A CN114880399A CN202210501759.2A CN202210501759A CN114880399A CN 114880399 A CN114880399 A CN 114880399A CN 202210501759 A CN202210501759 A CN 202210501759A CN 114880399 A CN114880399 A CN 114880399A
- Authority
- CN
- China
- Prior art keywords
- data
- signature corresponding
- data request
- request
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
A data sharing system based on an account book database network and an account book database are provided. In the system, a first device is used for sending a data request and a signature corresponding to the data request to an account book database network so as to request first data from a second device; the account book database network is used for storing the data request and the signature corresponding to the data request in the trusted storage device and sending the data request and the signature corresponding to the data request to the second device; the second device is used for sending the first data and the corresponding signature to the account book database network under the condition that the signature corresponding to the data request passes verification; the ledger database network is further used for storing the abstract of the first data and the signature corresponding to the first data in the trusted storage device, and sending the first data and the signature corresponding to the first data to the first device.
Description
Technical Field
The embodiment of the specification belongs to the technical field of data processing, and particularly relates to a data sharing system based on an account book database network and an account book database.
Background
The rapid development of informatization leads to an information island problem. Each main body possesses a large amount of data, but the main bodies cannot share the data because of difficult achievement of sufficient trust, so that the data owned by the main bodies cannot be aggregated together to generate greater value. The existing scheme for solving the information island problem aims to solve the connectivity problem of data and still cannot solve the trust problem in a data sharing scene.
Disclosure of Invention
The invention aims to provide a data sharing system based on an account book database network and an account book database.
The first aspect of the specification provides a data sharing system based on an account book database network. The system comprises a first device, a second device, an account book database network and a trusted storage device.
The first device is configured to send a data request and a signature corresponding to the data request to the ledger database network, where the data request is used to request first data from the second device, and the signature corresponding to the data request includes a signature generated by the first device for the data request.
The ledger database network is used for storing the data request and the signature corresponding to the data request in the trusted storage device, and sending the data request and the signature corresponding to the data request to the second device;
the second device is configured to send the first data and the signature corresponding to the first data to the ledger database network when it is determined that the signature corresponding to the data request passes verification.
The ledger database network is further configured to store the first data and a signature corresponding to the first data in the trusted storage device, and send the first data and the signature corresponding to the first data to the first device.
A second aspect of the present specification provides a data sharing method performed by an ledger database in an ledger database network. The method comprises the following steps:
receiving a data request and a signature corresponding to the data request, wherein the data request and the signature corresponding to the data request are sent by a first device, the data request is used for requesting first data from a second device, and the signature corresponding to the data request comprises the signature generated by the first device and used for the data request;
storing the data request and the signature corresponding to the data request in a trusted storage device, and sending the data request and the signature corresponding to the data request to the second device, or sending the data request and the signature corresponding to the data request to the second device via another ledger database;
receiving the first data and the signature corresponding to the first data, wherein the first data and the signature corresponding to the first data are sent by the second device according to the data request and the signature corresponding to the data request;
storing the first data and the signature corresponding to the first data in the trusted storage device, and sending the first data and the signature corresponding to the first data to the first device.
A third aspect of the present specification provides an account book database, including:
a receiving module, configured to receive a data request and a signature corresponding to the data request, where the data request and the signature corresponding to the data request are sent by a first device, the data request is used to request a second device for first data, and the signature corresponding to the data request includes a signature generated by the first device for the data request;
a sending module, configured to store the data request and a signature corresponding to the data request in a trusted storage device, and send the data request and the signature corresponding to the data request to the second device, or send the data request and the signature corresponding to the data request to the second device via another ledger database;
the receiving module is further configured to receive the first data and a signature corresponding to the first data, where the first data and the signature corresponding to the first data are sent by the second device according to the data request and the signature corresponding to the data request;
the sending module is further configured to store the first data and the signature corresponding to the first data in the trusted storage device, and send the first data and the signature corresponding to the first data to the first device.
A fourth aspect of the present specification provides a computer-readable storage medium having stored thereon a computer program which, when executed in a computer, causes the computer to perform the method of the second aspect.
A fifth aspect of the present specification provides a computing device comprising a memory having stored therein executable code and a processor that, when executing the executable code, implements the method of the second aspect.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present disclosure, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments described in the present disclosure, and it is obvious for a person skilled in the art to obtain other drawings based on these drawings without inventive labor.
Fig. 1 is a schematic structural diagram of a data sharing system based on an ledger database network provided in an embodiment of the present specification;
fig. 2 is an interaction diagram of a data sharing system based on an ledger database network for implementing data sharing provided in an embodiment of the present specification;
fig. 3 is an interaction diagram of another ledger database network-based data sharing system for implementing data sharing provided in an embodiment of the present specification;
fig. 4 is a schematic structural diagram of an account book database provided in an embodiment of this specification.
Detailed Description
In order to make those skilled in the art better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only a part of the embodiments of the present specification, and not all of the embodiments. All other embodiments obtained by a person skilled in the art based on the embodiments in the present specification without any inventive step should fall within the scope of protection of the present specification.
Participants in data sharing may generally include data providers, data requestors, and network parties. In some small-scale and small-scale data sharing scenarios, such as data sharing among various departments within an enterprise, various parties are considered to be safe and trusted. Therefore, in the implementation of the scheme in such a scenario, only the implementation process of data from the provider to the requester is emphasized, and the consideration of the security and trust level of each participant is not involved. In some large-scale and wide-range data sharing scenarios, such as data sharing between different enterprises, the trust problem of each party becomes an important solution for the security of data.
For example, in one embodiment, the trust issue in a data sharing scenario may be addressed by appending summary information to the data. Specifically, in a sharing scenario of data downloading, a data provider may add summary information to data, and send the data itself and a data summary to a data requester through a network. After receiving the data and the data abstract, the data requesting party verifies whether the received data is lost or not through the data abstract. The scheme can solve the security of a data layer, but certain defects exist in storage. For example, because the operations of the parties in the data sharing scenario are not preserved in the solution, the solution cannot resolve disputes between the data providers and/or data requestors regarding the operations of the parties in the data sharing scenario, such as whether the data requestors sent data requests and/or whether the data providers provided data.
As another example, in one embodiment, trust issues in data sharing scenarios may be addressed through blockchain techniques. Specifically, the data provider may store data in the blockchain, the data requester may obtain data of the data provider from the blockchain, and the nodes in the blockchain may further store operations of the respective participants, such as an operation of the data requester sending a data request and an operation of the data provider providing data. The block chain has the characteristics of data non-tampering and transaction storage, so that the safety problem of a data layer can be solved, and disputes of all participants in a data sharing scene can be solved. However, in this scheme, data from the data provider may be transmitted to each node in the blockchain, that is, each node stores one copy of the data, which may cause a large waste of storage overhead.
Based on the above analysis, in a data sharing scenario, how to solve the security of data and the disputes of each participant to each other in the scenario is a problem to be solved in the art.
Therefore, the embodiment of the specification provides a data sharing system and method based on an account book database network, so as to solve the mutual trust problem in a data sharing scenario. Before describing embodiments of the present specification in detail, a brief description of some terms appearing in the embodiments of the present specification is provided below.
The ledger database is a centralized and credible storage system, which uses a credible storage device as a trust root and writes all data or part of data into the credible storage device periodically or as required, thereby ensuring that the data in the ledger database cannot be tampered and the operation cannot be repudiated. In a particular implementation, the ledger database typically writes summary information of all or part of the data to the trusted storage device.
The ledger database network is a decentralized network consisting of a plurality of ledger databases. Ledger databases in a ledger database network may be referred to as nodes or network nodes. Each node in the ledger database network may provide storage services and communication services for users, whereby the ledger database network may provide trusted data sharing services to each user.
A trusted timestamp is an electronic certificate issued by a timestamp service center to an electronic document. The trusted timestamp can prove the accurate time generated by the electronic file, and can be used for preventing the electronic file from being tampered and being repudiated afterwards. The trusted timestamp may specifically include a digest of the electronic file, time information of receiving the electronic file, and a digital signature of the electronic file by the timestamp service center.
A data sharing system based on an account book database network provided in the embodiments of the present specification is specifically described below.
Fig. 1 is a schematic structural diagram of a data sharing system based on an ledger database network according to an embodiment of the present specification.
Referring to fig. 1, the data sharing system 100 includes a plurality of devices and an ledger database network. The plurality of devices may include a plurality of terminal devices (e.g., first device 111 and second device 112), a third device 113, and a trusted storage device 114. The third device 113 is configured to provide trusted timestamp service to each terminal device, and the trusted storage device 114 is configured to provide evidence storage service for the ledger database network.
The ledger database network can provide communication service for the terminal devices to realize data sharing among the terminal devices, can also store user data of each terminal device, and can store and verify data of each terminal device in a data sharing scene through the trusted storage device 114 to support verification and tracing in the future. For example, when first device 111 sends a data request to device 112 via the ledger database network, or second device 112 can send data to first device 111 via the ledger database network, the ledger database network can store a summary of the data request and/or data between first device 111 and second device 112 in trusted storage 114.
In particular, a plurality of nodes (e.g., nodes 121-124) may be included in the ledger database network. Each of the plurality of nodes may be connected to one or more terminal devices, and may also be connected to other nodes of the plurality of nodes, so as to implement the aforementioned function of the ledger database network. For example, node 121 may be connected to first device 111, node 123 may be connected to second device 112, and node 121 is connected to node 122, node 123, and node 124. Thus, nodes 121 and 123 may store user data of first device 111 and user data of second device 112, transmit data requests or data between devices 111 and 112, and attest to data requests or data between first device 111 and second device 112 in trusted storage device 114, respectively. Each node in the ledger database network may be implemented as a device with computing and processing capabilities, a server or a cluster of devices, etc.
The third device 113 may specifically provide a trusted timestamp for each terminal device when data sharing is performed between the terminal devices. For example, when the first device 111 sends a data request or data to the second device 112 via the node 121, a data request or a digest of the data may be sent to the third device 113. Accordingly, the third device 113 generates a trusted timestamp from the received data request or the digest of the data and the reception time and returns the trusted timestamp to the first device 111. The third device 113 may equally be implemented with computing power, appliances, servers or clusters of devices, etc.
The trusted storage device 114 may also provide a credentialing service to the terminal device. For example, when first device 111 sends a data request to node 121, node 121 may store the data request in trusted storage 114. For another example, when second device 112 receives a data request from first device 111, the received data request may be stored in trusted storage device 114. The trusted storage device 114 may likewise be implemented as an appliance having storage capabilities, a server or a cluster of devices, or the like.
It is understood that the number of terminal devices and the number of nodes in the ledger database network shown in fig. 1 are only one example of a data sharing system of the embodiments of the present specification. In a specific application, the terminal devices and the nodes in the data sharing system are not limited to the structures and the numbers shown in the embodiments of the present specification.
The following describes in detail the process of requesting terminal device 112 to share data by terminal device 111 in this illustrative embodiment with reference to fig. 2.
As shown in fig. 2, the process in which the terminal device 111 requests the terminal device 112 to share data may include steps S201 to S229 as follows.
In step S201, the first device 111 requests the third device 113 for a corresponding trusted timestamp of the data request.
When the first device 111 needs to request the first data in the second device 112, a data request is generated, and a trusted timestamp corresponding to the data request is requested from the third device 113. Specifically, after generating the data request, the first device 111 calculates a hash value of the data request, and sends a timestamp request to the third device 113, where the timestamp request includes the hash value of the data request.
After receiving the timestamp request from the first device 111, the third device 113 uses the private key to sign the hash value of the data request in the timestamp request and the time information of the received timestamp request, so as to obtain a signature of the data request. Then, the third device 113 generates a trusted timestamp corresponding to the data request according to the hash value of the data request, the time information of the received timestamp request, and the signature of the data request, and sends the trusted timestamp corresponding to the data request to the first device 111.
In step S203, the first device 111 sends the data request and a signature corresponding to the data request to the node 121.
The signature corresponding to the data request may include a signature generated by the first device 111 and/or a signature generated by the third device 113 for the data request.
Specifically, after receiving the trusted timestamp corresponding to the data request, the first device 111 parses the trusted timestamp corresponding to the data request, and obtains a signature generated by the third device 113 for the data request. Moreover, the user of the first device 111 may sign the data request using its own private key in the first device 111, and obtain the signature generated by the first device 111 for the data request. The first device 111 then sends the data request, the signature generated by the first device 111 for the data request, and the signature generated by the third device 113 for the data request to the node 121.
In step S205, node 121 stores the data request and the signature corresponding to the data request in trusted storage 114.
In other embodiments, the node 121 may directly send the data request and the signature thereof to the node 123 after receiving the data request and the signature thereof, and the node 123 verifies the data request and the signature corresponding thereto. Accordingly, after receiving the data request and its corresponding signature, node 123 stores the data request and its corresponding signature in trusted storage device 114.
In step S207, the node 121 sends the data request and the signature corresponding to the data request to the second device 112 via the node 123.
After the data request and the signature corresponding thereto are certified, node 121 sends the data request and the signature corresponding thereto to node 123. After receiving the data request and the signature corresponding thereto, the node 123 sends the data request and the signature corresponding thereto to the second device 112. In other embodiments, node 123 may also store the data request and its corresponding signature in trusted storage 114 before sending the data request and its corresponding signature.
In step S209, the second device 112 verifies the signature corresponding to the data request, and stores the data request and the signature corresponding to the data request in the trusted storage device 114 after the signature corresponding to the data request is verified.
The second device 112 may verify in the second device 112 the signature generated by the first device 111 on the data request using the public key of the user of the first device 111.
After the signature generated by the first device 111 for the data request is verified, the second device 112 may verify the signature generated by the third device 113 for the data request. Specifically, the second device 112 may parse the data request to obtain time information therein, and use a public key provided by the third device 113 to parse a signature generated by the third device 113 for the data request, so as to obtain time information from which the third device 113 receives the data request. The second device 112 then compares the two time information to determine whether the signature verification for the data request generated by the third device 113 passed. For example, the signature generated by the third device 113 verifies the data request before the time information obtained from the signature generated by the third device 113 for the data request.
In step S211, the second device 112 requests the trusted timestamp corresponding to the first data from the third device 113.
After the signature corresponding to the data request passes verification, the second device 112 determines the first data and requests the third device 113 for a trusted timestamp corresponding to the first data. Specifically, the second device 112 may determine the first data according to the data identifier parsed from the data request, calculate a hash value of the first data, thereby obtaining a digest of the first data, and then send a timestamp request to the third device 113, where the timestamp request includes the digest of the first data.
After receiving the timestamp request from the second device 112, the third device 113 signs the digest of the first data and the time information of the received timestamp request using the private key, and obtains a signature of the first data. Then, the third device 113 generates a trusted timestamp corresponding to the first data according to the digest of the first data, the time information of the received timestamp request, and the signature for the first data, and sends the trusted timestamp corresponding to the first data to the second device 112.
In step S213, the second device 112 sends the first data and the signature corresponding to the first data to the node 123 according to the trusted timestamp corresponding to the first data.
The signature corresponding to the first data may include a signature generated by the second device 112 and/or a signature generated by the third device 113 for the first data.
Specifically, after receiving the trusted timestamp corresponding to the first data, the second device 112 parses the timestamp corresponding to the first data, and obtains a signature generated by the third device 113 for the first data. The user of the second device 112 may then sign the first data in the second device 112 using the private key and then send the first data, the signature generated by the second device 112 on the first data and the signature generated by the third device 113 on the first data to the node 123.
In step S215, the node 123 stores the digest of the first data and the signature corresponding to the first data in the trusted storage device 114.
The node 123 receives the first data and the signature corresponding thereto, calculates a hash value of the first data to determine a digest of the first data, and stores the digest of the first data and the signature corresponding to the first data in the trusted storage device 114.
In other embodiments, after receiving the first data and the signature corresponding to the first data, the node 123 may also directly send the first data and the signature corresponding to the first data to the node 121, and the node 121 verifies the first data and the signature corresponding to the first data. Accordingly, after receiving the first data and its corresponding signature, node 121 stores the first data and its corresponding signature in trusted storage device 114.
In step S217, the node 123 sends the first data and its corresponding signature to the first device 111 via the node 121.
After the first data and the signature corresponding thereto are certified, the node 123 sends the first data and the signature corresponding thereto to the node 121. After receiving the first data and the signature corresponding to the first data, the node 121 sends the first data and the signature corresponding to the first data to the first device 111. In other embodiments, node 121 may also store the first data and its corresponding signature in trusted storage 114 before sending the first data and its corresponding signature.
In step S219, the first device 111 verifies the signature corresponding to the first data, and after the signature corresponding to the first data passes verification, the first data and its corresponding signature are stored in the trusted storage device 114.
The first data 111 may be verified in the second device 111 using the public key of the user of the second device 112 for a signature generated by the second device 112 for the first data.
After the signature generated by the second device 112 on the first data is verified, the first device 111 may verify the signature generated by the third device 113 on the first data. Specifically, the first data 111 may obtain time information from the first data, and parse a signature of the first data generated from the third device 113 using a public key provided by the third device 113, to obtain time information from which the third device 113 receives a digest of the first data. The first device 111 then compares the two time information to determine whether the signature verification of the first data generated by the third device 113 passed. For example, when the time information obtained from the first data is prior to the time information obtained from the signature generated by the third device 113 for the first data, the signature generated by the third device 113 for the first data is verified.
In step S221, the first device 111 requests the third device 113 for a trusted timestamp corresponding to the data receipt.
When the signature verification of the first data by the first device 111 passes, a data receipt is generated, and a trusted timestamp corresponding to the data receipt is requested from the third device 113. Specifically, after generating the data receipt, the first device 111 calculates a hash value of the data receipt, and sends a timestamp to the third device 113 to which area, where the timestamp request includes the hash value of the data receipt.
After receiving the timestamp request from the first device 111, the third device 113 uses the private key to sign the hash value of the data receipt in the timestamp request and the time information of the receipt of the timestamp request, and obtains a signature of the data receipt. Then, the third device 113 generates a trusted timestamp corresponding to the data receipt according to the hash value of the data receipt, the time information of the received timestamp request, and the signature of the data receipt, and sends the trusted timestamp corresponding to the data receipt to the first device 111.
In step S223, first device 111 sends the data receipt and the signature corresponding to the data receipt to node 121.
Likewise, the signature corresponding to the data receipt may include a signature generated by first device 111 and/or a signature generated by third device 113 for the data receipt.
Specifically, after receiving the trusted timestamp corresponding to the data receipt, the first device 111 parses the trusted timestamp corresponding to the data receipt to obtain a signature generated by the third device 113 for the data receipt. Moreover, the user of the first device 111 may sign the data receipt in the first device 111 using its own private key, and obtain the signature generated by the first device 111 for the data receipt. First device 111 then sends the data receipt, the signature generated for the data receipt by first device 111, and the signature generated for the data receipt by third device 113 to node 121.
In step S225, node 121 stores the data receipt and the signature corresponding to the data receipt in trusted storage device 114.
Similarly, in other embodiments, the node 121 may send the data receipt and the signature thereof to the node 123 directly after receiving the data receipt and the signature thereof, and the node 123 verifies the data receipt and the signature thereof. Accordingly, node 123, upon receiving the data receipt and its corresponding signature, stores the data receipt and the signature corresponding to the data receipt in trusted storage device 114.
In step S227, node 121 sends the data receipt and the signature corresponding to the data receipt to second device 112 via node 123.
After validating the data receipt and its corresponding signature, node 121 sends the data receipt and its corresponding signature to node 123. After receiving the data receipt and the signature corresponding thereto, the node 123 sends the data receipt and the signature corresponding thereto to the second device 112.
In other embodiments, node 123 may also store the data receipt and its corresponding signature in trusted storage 114 before sending the data receipt and its corresponding signature.
In step S229, the second device 112 verifies the signature corresponding to the data receipt, and after the signature corresponding to the data receipt is verified, the data receipt and the signature corresponding to the data receipt are stored in the trusted storage device 114.
Second device 112 may verify in second device 112 the signature generated by first device 111 on the data receipt using the public key of the user of first device 111.
After the signature generated by first device 111 on the data receipt verifies, second device 112 may verify the signature generated by third device 113 on the data receipt. Specifically, the second device 112 may parse the data receipt to obtain the time information therein, and use a public key provided by the third device 113 to parse a signature generated by the third device 113 on the data receipt, so as to obtain the time information from which the data receipt is received by the third device 113. The second device 112 then compares the two time information to determine whether the signature verification of the data receipt generated by the third device 113 passed. For example, the signature generated by the third device 113 verifies the data receipt when the time information obtained from the data receipt precedes the time information obtained from the signature generated by the third device 113 for the data receipt.
In one embodiment, as shown in fig. 3, when both first device 111 and second device 112 are served by the same node (node 121) in the ledger database network, node 121 may directly forward a data request, data, or data receipt of one device to the other device without forwarding through other nodes in the network. For example, the node 121 directly sends the data request and the signature thereof to the second device 112 after storing the data request and the signature thereof of the first device 111.
In the above scheme, the data in the sharing scenario is stored in the device (such as the second device 112) of the user, and is not stored in any node in the ledger database network, so that the problem of high data storage overhead in the prior art can be solved. In the above scheme, the ledger database network stores the data request, the digest of the first data, the data receipt, and the signatures corresponding to the data request, the digest of the first data, and the data receipt, which are generated in the data sharing process, through the trusted storage device, thereby solving the trust problem in the data sharing process. Under the scheme, when any party or other third party makes an objection to the operation in the data sharing, the information stored before can be read from the trusted storage device, and the proof can be completed. The signature of the scheme comprises the signature of a trusted timestamp provider, so that the time generated by the data request, the first data and the data receipt can be proved, the data request, the first data and the data receipt are prevented from being tampered and repudiated afterwards, and the trust problem in data sharing can be solved.
Based on the data sharing method embodiment shown in fig. 2, an embodiment of the present specification further provides an account book database to execute the steps executed by the account book database in fig. 2.
Fig. 4 is a schematic structural diagram of an account book database provided in an embodiment of the present specification.
As shown in fig. 4, the account database 400 includes: a receiving module 401 and a transmitting module 403.
The receiving module 401 is configured to receive a data request and a signature corresponding to the data request, where the data request and the signature corresponding to the data request are sent by a first device, and the data request is used to request a second device for first data.
The sending module 403 is configured to store the data request and the signature corresponding to the data request in a trusted storage device, and send the data request and the signature corresponding to the data request to the second device, or send the data request and the signature corresponding to the data request to the second device via another ledger database.
The receiving module 401 receives the first data and the signature corresponding to the first data, where the first data and the signature corresponding to the first data are sent by the second device according to the data request and the signature corresponding to the data request;
the sending module 403 is further configured to store the digest of the first data and the signature corresponding to the first data in the trusted storage device, and send the first data and the signature corresponding to the first data to the first device.
In this embodiment, the receiving module 401 is further configured to receive a data receipt and a signature corresponding to the data receipt, where the data receipt and the signature corresponding to the data receipt are sent by the first device according to the signature corresponding to the first data.
In this embodiment, the sending module 403 is further configured to store the data receipt and the signature corresponding to the data receipt in the trusted storage device, and send the data receipt and the signature corresponding to the data receipt to the second device, or send the data receipt and the signature corresponding to the data receipt to the second device via another ledger database.
It should be understood that, each module in the ledger database 400 may be preset in the ledger database, or may be loaded in the ledger database by downloading or the like. The corresponding module in the account book database can be matched with other equipment to realize the functions of the module.
The above description is only illustrative of the above-described ledger database embodiment, wherein the modules described as separate components may or may not be physically separate, may be located in one place, or may be distributed over multiple units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the embodiments in the present specification. Can be understood and implemented by those skilled in the art without inventive effort.
Embodiments of the present description further provide a computer-readable storage medium, where the storage medium stores a computer program, and the computer program may be used to execute the method steps in the embodiment shown in fig. 2.
The embodiment of the present specification further provides a computing device, which includes a memory and a processor, where the memory stores executable codes, and the processor executes the executable codes to implement the method steps in the embodiment shown in fig. 2. It should be understood that the computing device may be any of terminal device 111, terminal device 112, node 121, and node 123 referred to in the embodiment illustrated in fig. 2 above.
In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an Integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Hardware Description Language), traffic, pl (core universal Programming Language), HDCal (jhdware Description Language), lang, Lola, HDL, laspam, hardward Description Language (vhr Description Language), vhal (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller as pure computer readable program code, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a server system. Of course, this application does not exclude that with future developments in computer technology, the computer implementing the functionality of the above described embodiments may be, for example, a personal computer, a laptop computer, a vehicle-mounted human-computer interaction device, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device or a combination of any of these devices.
Although one or more embodiments of the present description provide method operational steps as described in the embodiments or flowcharts, more or fewer operational steps may be included based on conventional or non-inventive approaches. The order of steps recited in the embodiments is merely one manner of performing the steps in a multitude of orders and does not represent the only order of execution. When an actual apparatus or end product executes, it may execute sequentially or in parallel (e.g., parallel processors or multi-threaded environments, or even distributed data processing environments) according to the method shown in the embodiment or the figures. The terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, the presence of additional identical or equivalent elements in a process, method, article, or apparatus that comprises the recited elements is not excluded. For example, if the terms first, second, etc. are used to denote names, they do not denote any particular order.
For convenience of description, the above devices are described as being divided into various modules by functions, and are described separately. Of course, when implementing one or more of the present description, the functions of each module may be implemented in one or more software and/or hardware, or a module implementing the same function may be implemented by a combination of multiple sub-modules or sub-units, etc. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage, graphene storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
As will be appreciated by one skilled in the art, one or more embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, one or more embodiments of the present description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, one or more embodiments of the present description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
One or more embodiments of the present description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. One or more embodiments of the present specification can also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment. In the description of the specification, reference to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the specification. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.
The above description is merely exemplary of one or more embodiments of the present disclosure and is not intended to limit the scope of one or more embodiments of the present disclosure. Various modifications and alterations to one or more embodiments described herein will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement or the like made within the spirit and principle of the present specification should be included in the scope of the claims.
Claims (12)
1. A data sharing system comprises a first device, a second device, an account book database network and a trusted storage device;
the first device is configured to send a data request and a signature corresponding to the data request to the ledger database network, where the data request is used to request first data from the second device, and the signature corresponding to the data request includes a signature generated by the first device for the data request;
the ledger database network is used for storing the data request and the signature corresponding to the data request in the trusted storage device and sending the data request and the signature corresponding to the data request to the second device;
the second device is used for sending the first data and the signature corresponding to the first data to the ledger database network under the condition that the signature corresponding to the data request is determined to pass verification;
the ledger database network is further configured to store the digest of the first data and the signature corresponding to the first data in the trusted storage device, and send the first data and the signature corresponding to the first data to the first device.
2. The system of claim 1, the second device further configured to store the data request and the signature corresponding to the data request in the trusted storage device if it is determined that the signature corresponding to the data request is verified;
the first device is further used for storing the first data and the signature corresponding to the first data in the trusted storage device under the condition that the signature corresponding to the first data is determined to be verified.
3. The system of claim 1, the first device further to send a data receipt and a signature corresponding to the data receipt to the ledger database network if it is determined that the signature corresponding to the first data verifies;
the ledger database network is further configured to store the data receipt and the signature corresponding to the data receipt in the trusted storage device, and send the data receipt and the signature corresponding to the data receipt to the second device;
the second device is further configured to store the data receipt and the signature corresponding to the data receipt in the trusted storage device if it is determined that the signature corresponding to the data receipt verifies.
4. The system according to any one of claims 1 to 3, further comprising a third device, where the third device is configured to provide a trusted timestamp, and the signature corresponding to the data request further includes a signature generated by the third device for the data request, and the signature generated by the third device for the data request includes time information provided by the third device.
5. A data sharing method performed by an ledger database in a ledger database network, the method comprising:
receiving a data request and a signature corresponding to the data request, wherein the data request and the signature corresponding to the data request are sent by a first device, the data request is used for requesting first data from a second device, and the signature corresponding to the data request comprises the signature generated by the first device and used for the data request;
storing the data request and a signature corresponding to the data request in a trusted storage device, and sending the data request and the signature corresponding to the data request to the second device, or sending the data request and the signature corresponding to the data request to the second device via another ledger database;
receiving the first data and the signature corresponding to the first data, wherein the first data and the signature corresponding to the first data are sent by the second device according to the data request and the signature corresponding to the data request;
and storing the digest of the first data and the signature corresponding to the first data in the trusted storage device, and sending the first data and the signature corresponding to the first data to the first device.
6. The method of claim 5, further comprising:
receiving a data receipt and a signature corresponding to the data receipt, wherein the data receipt and the signature corresponding to the data receipt are sent by the first device according to the signature corresponding to the first data;
storing the data receipt and the signature corresponding to the data receipt in the trusted storage device, and sending the data receipt and the signature corresponding to the data receipt to the second device, or sending the data receipt and the signature corresponding to the data receipt to the second device via another ledger database.
7. The method according to claim 5 or 6, wherein the data request includes first time information provided by a third device, the signature corresponding to the data request further includes a signature generated by the third device for the data request, and the third device is configured to provide a trusted timestamp.
8. An ledger database comprising:
a receiving module, configured to receive a data request and a signature corresponding to the data request, where the data request and the signature corresponding to the data request are sent by a first device, the data request is used to request a second device for first data, and the signature corresponding to the data request includes a signature generated by the first device for the data request;
a sending module, configured to store the data request and a signature corresponding to the data request in a trusted storage device, and send the data request and the signature corresponding to the data request to the second device, or send the data request and the signature corresponding to the data request to the second device via another ledger database;
the receiving module is further configured to receive the first data and a signature corresponding to the first data, where the first data and the signature corresponding to the first data are sent by the second device according to the data request and the signature corresponding to the data request;
the sending module is further configured to store the digest of the first data and the signature corresponding to the first data in the trusted storage device, and send the first data and the signature corresponding to the first data to the first device.
9. The ledger database of claim 8, the receiving module further to receive a data receipt and a signature corresponding to the data receipt, the data receipt and the signature corresponding to the data receipt sent by the first device according to the signature corresponding to the first data;
the sending module is further configured to store the data receipt and the signature corresponding to the data receipt in the trusted storage device, and send the data receipt and the signature corresponding to the data receipt to the second device, or send the data receipt and the signature corresponding to the data receipt to the second device via another ledger database.
10. The ledger database of claim 8 or 9, the data request including first time information provided by a third device, the signature corresponding to the data request further including a signature generated by the third device for the data request.
11. A computer-readable storage medium, on which a computer program is stored which, when executed in a computer, causes the computer to carry out the method of any one of claims 5-7.
12. A computing device comprising a memory having executable code stored therein and a processor that, when executing the executable code, implements the method of any of claims 5-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210501759.2A CN114880399A (en) | 2022-04-28 | 2022-04-28 | Data sharing system based on account book database network and account book database |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210501759.2A CN114880399A (en) | 2022-04-28 | 2022-04-28 | Data sharing system based on account book database network and account book database |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114880399A true CN114880399A (en) | 2022-08-09 |
Family
ID=82673326
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210501759.2A Pending CN114880399A (en) | 2022-04-28 | 2022-04-28 | Data sharing system based on account book database network and account book database |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114880399A (en) |
-
2022
- 2022-04-28 CN CN202210501759.2A patent/CN114880399A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107273410B (en) | Block chain based distributed storage | |
| CN112215601B (en) | Service processing method, device and equipment based on block chain | |
| CN111724150B (en) | Service request processing method and device | |
| CN111008841B (en) | Service processing system, service processing method, device and equipment | |
| US11917088B2 (en) | Integrating device identity into a permissioning framework of a blockchain | |
| US20220027319A1 (en) | Data deduplication in blockchain platforms | |
| CN111767144A (en) | Transaction routing determination method, device, equipment and system for transaction data | |
| US11804950B2 (en) | Parallel processing of blockchain procedures | |
| CN116305298B (en) | Method and device for managing computing power resources, storage medium and electronic equipment | |
| CN111899008A (en) | Resource transfer method, device, equipment and system | |
| CN114971827A (en) | Account checking method and device based on block chain, electronic equipment and storage medium | |
| CN114281893A (en) | Processing method, device and equipment for block chain transaction | |
| CN112291321B (en) | Service processing method, device and system | |
| CN111737368B (en) | Data processing method, device, equipment and medium | |
| CN111324645B (en) | Block chain data processing method and device | |
| CN113761496B (en) | Identity verification method and device based on blockchain and electronic equipment | |
| CN114880399A (en) | Data sharing system based on account book database network and account book database | |
| CN116997895A (en) | Reducing transaction aborts in an execution ordering validation blockchain model | |
| US11146386B2 (en) | Method and system for authentication seal deployment in networked immutable transactions | |
| CN109683942B (en) | Script management method, script management device, script management medium and electronic equipment | |
| CN113283891A (en) | Information processing method and device and electronic equipment | |
| CN112650715A (en) | Method, device and related product for storing data in block chain system | |
| CN110995447A (en) | Data storage method, device, equipment and medium | |
| US11954007B2 (en) | Tracking usage of common libraries by means of digitally signed digests thereof | |
| US20230153457A1 (en) | Privacy data management in distributed computing systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |