CN115296811A - Data sharing and utilizing method, device and medium based on block chain - Google Patents
Data sharing and utilizing method, device and medium based on block chain Download PDFInfo
- Publication number
- CN115296811A CN115296811A CN202210676162.1A CN202210676162A CN115296811A CN 115296811 A CN115296811 A CN 115296811A CN 202210676162 A CN202210676162 A CN 202210676162A CN 115296811 A CN115296811 A CN 115296811A
- Authority
- CN
- China
- Prior art keywords
- data
- intelligent contract
- block chain
- party
- computing node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 63
- 238000013500 data storage Methods 0.000 claims abstract description 72
- 238000001514 detection method Methods 0.000 claims abstract description 65
- 238000004364 calculation method Methods 0.000 claims abstract description 59
- 230000008569 process Effects 0.000 claims abstract description 30
- 230000000977 initiatory effect Effects 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 5
- 230000005540 biological transmission Effects 0.000 claims description 3
- 238000007726 management method Methods 0.000 claims description 3
- 230000008901 benefit Effects 0.000 abstract description 4
- 230000001360 synchronised effect Effects 0.000 abstract description 3
- 238000005516 engineering process Methods 0.000 description 5
- 238000007405 data analysis Methods 0.000 description 4
- 238000007689 inspection Methods 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 4
- 238000013480 data collection Methods 0.000 description 3
- 238000013475 authorization Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 210000001520 comb Anatomy 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 238000010219 correlation analysis Methods 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000000586 desensitisation Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 238000012821 model calculation Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a data sharing and utilizing method and a system based on a block chain, wherein the method comprises the following steps: the block chain platform receives a data dictionary issued by a data storage party; after receiving an intelligent contract containing a data operation program submitted by a data demand party, the block chain platform carries out security detection on the received intelligent contract and deploys the received intelligent contract on each computing node after the security detection is passed; after triggering of executing the intelligent contract initiated by the data demand party is received, a block chain platform informs a computing node where the data storage party is located to execute the intelligent contract, and triggers a prediction machine to execute under the condition of safety of the intelligent contract, so that a terminal process of a data source is started to execute the data operation program, block chain consensus is formed according to a calculation result, the block chain consensus is synchronized to the computing node where the data demand party is located, and data use is completed. The method has the advantages of simplicity, capability of avoiding privacy disclosure, high safety and reliability and the like.
Description
Technical Field
The invention relates to the technical field of big data sharing, in particular to a data sharing and utilizing method, device and medium based on a block chain.
Background
Data sharing means that users using different computers and different software in different places can read data of others and perform various operations, operations and analyses. Data can be scattered in all places of the society, and needs to be called and used when needed through an intelligent contract program which is subjected to security detection, has an open code source and is in a trusted execution environment, and the data can be used according to certain rules and the like. In consideration of privacy or security problems, such as biological security problems caused by biological data, enterprise security problems caused by malicious parties acquiring industrial data, and the like, the data storage party may not wish to share or even share the data, and thus cannot play a role of big data. Therefore, if the shared utilization of data from different sources is performed in advance, a problem to be solved is present.
A block chain is a chain database constructed and maintained together among computing nodes in a distributed peer-to-peer network, with multiple data blocks linked back and forth. Currently, the block chain technology has merged a plurality of leading-edge technologies such as a distributed network technology, a consensus algorithm, an intelligent contract technology, a cryptographic algorithm and the like, and the block chain technology has non-tamper property, uniqueness of value, openness, privacy and the like. The blockchain technique is therefore the best solution to address multi-party participation and the need to establish a trust mechanism.
However, in the data sharing method based on the blockchain in the prior art, data collection is usually adopted and then data is linked up, each computing node has a copy of the data after the data is linked up, which is equivalent to that the data after desensitization is directly disclosed to all blockchain computing nodes, which may cause data privacy and security problems, especially for multiple-time and multi-source data, privacy may be leaked in the data sharing process.
For example, the chinese patent application CN201810616957.7 discloses a method and a system for sharing big data security based on a block chain, which is characterized in that a data demand party broadcasts an intelligent contract containing reward information to a data provider through an open source user interface; and after the data provider judges the reward, the data provider runs the data collection codes sent by the data demander, judges that the privacy is not exposed according to the calculation result and submits the codes for providing data to the intelligent contract, and miners execute the compiling process of the intelligent contract in the background, wherein the successful compiling indicates that the contract is established and the miners or the data provider obtains the reward. According to the scheme, data is desensitized and then is directly linked up, a block chain system is a distributed network, and a copy of data is provided for each computing node after the data is linked up, so that a data collection party can finally obtain very private details through a big data analysis means, and the privacy disclosure problem is caused.
Chinese patent application CN113271366A discloses a data sharing system based on block chains and security computation, in the scheme, a user node obtains a selected model and applied data resources through an application-approval mode to perform multi-party security computation to realize the requirements of users, data sharing utilizes circulation between a model owning node and a data owning node and sends results to the user node, and data circulation on the computing model node avoids the situation that the computing model is not a malicious node, so that the data can not be really controlled and safe.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: aiming at the technical problems in the prior art, the invention provides a block chain-based data sharing and utilizing method, a block chain-based data sharing and utilizing device and a block chain-based data sharing and utilizing medium, which are simple in implementation method, capable of avoiding privacy disclosure and high in safety and reliability, and can realize that shared data can be invisible and cannot be out of a domain.
In order to solve the technical problems, the technical scheme provided by the invention is as follows:
a data sharing and utilizing method based on a block chain comprises the following steps:
the block chain platform receives a data dictionary issued by a data storage party, wherein the data dictionary contains information of data owned by the data storage party;
after receiving an intelligent contract containing a data operation program submitted by a data demand party, a block chain platform carries out security detection on the received intelligent contract and deploys the received intelligent contract on each computing node after the security detection is passed, wherein the data operation program is used for carrying out required operation on data owned by a data storage party according to the data dictionary;
and after triggering of executing the intelligent contract initiated by the data demand party is received, notifying a target computing node where the data storage party is located to execute the intelligent contract through the block chain platform, triggering a prediction machine to execute under the condition of safety of the intelligent contract so as to start a terminal process of a data source to execute the data operation program, forming block chain consensus according to a calculation result, synchronizing to the computing node where the data demand party is located, and completing data use.
Further, the steps of performing security detection on the received intelligent contract and deploying the received intelligent contract on each computing node after the security detection is passed include:
after receiving the intelligent contract containing the data operation program, the computing node forwards the intelligent contract to a security detection node to carry out security detection on the contract;
after the safety detection is passed, the safety detection node deploys the received intelligent contract into a block chain platform;
synchronizing the deployed intelligent contracts to each computing node;
and the computing node submitting the intelligent contract sends an intelligent contract deployment success notice.
Further, the step of triggering the prediction machine to execute under the condition of intelligent contract security comprises the following steps:
the target computing node inquires whether the received intelligent contract is subjected to security detection or not on a chain;
if the received intelligent contract is not subjected to security detection, stopping executing the current intelligent contract;
and if the received intelligent contract passes the security detection, triggering and executing the prediction machine.
Further, the starting the terminal process of the data source to execute the data operation program includes:
the prediction machine program starts a data gateway and transmits a data operation program to a terminal process of a data source through the data gateway;
and receiving the original data returned by the query of the terminal process of the data source to the data source database, receiving the calculation result of the data operation program executed by the terminal process of the data source on the returned original data, and sending the received calculation result through the data gateway.
Further, the sending out the received calculation result through the data gateway includes: and controlling the transmission of the original data according to whether the original data acquisition permission exists, wherein if the original data acquisition permission does not exist, the data gateway only authorizes the sending of the calculation result, and if the original data acquisition permission exists, the calculation result and the original data are sent together.
Further, the forming of the block chain consensus according to the calculation result and synchronizing to the calculation node where the data demand party is located includes:
taking the obtained calculation result as a final calculation result of the intelligent contract through the uplink of the target calculation node to form block chain consensus;
synchronizing the obtained calculation result to a target calculation node initiating an intelligent contract through the block chain consensus;
and sending a notice of completing the data use to the target computing node initiating the intelligent contract.
Further, the information of the data owned by the data storage side includes: data attribute name, data type, data storage length, whether the data is possible to be empty or not, and data attribute description.
Further, the method also comprises a data dictionary classification management step, and specifically comprises the following steps:
receiving a data dictionary sent by a data storage party, and verifying a digital signature of the data storage party;
examining the information of the data dictionary, and determining a data storage party and a data type corresponding to the examined digital dictionary;
and generating a directory list for the verified data dictionary and issuing the directory list to be provided for the data demander to inquire.
An apparatus for sharing and utilizing data based on block chains, comprising:
the block chain platform is used for receiving a data dictionary issued by a data storage party and an intelligent contract which is submitted by a data demand party and contains a data operation program, wherein the data dictionary contains information of data owned by the data storage party, and the data operation program is used for performing required operation on the data owned by the data storage party according to the data dictionary;
the safety detection node is used for carrying out safety detection on the received intelligent contract after the block chain platform receives the intelligent contract containing the data operation program submitted by the data demand party, and deploying the received intelligent contract on each computing node after the safety detection is passed;
and the intelligent contract execution module is used for notifying a target computing node where the data storage party is located to execute the intelligent contract through the block chain platform after receiving the trigger of executing the intelligent contract initiated by the data demand party, triggering a prediction machine to execute under the condition of intelligent contract safety so as to start a terminal process of the data source to execute the data operation program, forming block chain consensus according to the calculation result, synchronizing to the computing node where the data demand party is located, and finishing data use.
A computer-readable storage medium storing a computer program which, when executed, implements the method as described above.
Compared with the prior art, the invention has the advantages that:
1. the invention is based on a block chain system structure, adopts a distributed data cross-domain utilization mode, realizes data sharing through the publishing of a data dictionary, the safety detection and deployment of an intelligent contract containing a data operation program, the execution of the intelligent contract and the execution of a data use program, a data storage party does not need to send data, a data use party only can see the data dictionary but cannot see actual data, meanwhile, the data use party can use original data to analyze to obtain a calculation result, and data operation is carried out in a controllable domain of the data storage party.
2. Compared with direct chaining of data, the method and the system for blocking the leakage of the data in the block chain store the data dictionary on the block chain are beneficial to protecting the privacy and the safety of the original data and avoiding the leakage of the data, and are also beneficial to acquiring all the computing nodes and safety detection nodes accessing the block chain, and the data gateway can intercept the leakage of the data conveniently.
3. According to the invention, the security detection node is adopted to carry out security detection on the intelligent contract, and the security detection can be used for deploying the intelligent contract at the rear, so that the possibility of artificial malice can be eliminated, and the security and reliability of data sharing are further improved.
4. The invention further prevents the outflow of the original data by adding the data security gateway at the data storage side, reserves the authorized original data for outward release according to the user requirements needing the original data, and can avoid the leakage of large-scale data under the condition of no authorization.
Drawings
Fig. 1 is a schematic flow chart of an implementation of the data sharing and utilizing method based on a block chain according to the embodiment.
FIG. 2 is a schematic diagram illustrating the deployment of intelligent contracts in a specific application embodiment of the present invention.
Fig. 3 is a schematic diagram of the present invention for realizing data sharing utilization in a specific application embodiment.
Detailed Description
The invention is further described below with reference to the drawings and specific preferred embodiments of the description, without thereby limiting the scope of protection of the invention.
As shown in fig. 1, the steps of the data sharing and utilizing method based on block chains in this embodiment include:
s01, receiving a data dictionary issued by a data storage party by a block chain platform, wherein the data dictionary comprises information of data owned by the data storage party;
s02, after receiving an intelligent contract which is submitted by a data demand party and contains a data operation program, a block chain platform carries out security detection on the received intelligent contract and deploys the received intelligent contract on each computing node after the security detection is passed, wherein the data operation program is used for carrying out required operation on data owned by a data storage party according to a data dictionary;
and S03, after receiving triggering of executing the intelligent contract initiated by the data demand party, notifying a target computing node where the data storage party is located to execute the intelligent contract through the block chain platform, triggering a prediction machine to execute under the condition of safety of the intelligent contract so as to start a terminal process of a data source to execute a data operation program, forming block chain consensus according to a calculation result, synchronizing to the computing node where the data demand party is located, and completing data use.
The embodiment is based on a block chain system structure, and data sharing is realized by adopting a distributed data cross-domain utilization mode and sequentially passing through three parts of a data dictionary publishing process, safety detection and deployment of an intelligent contract containing a data operation program, intelligent contract execution and data use program execution. Meanwhile, a trust basis of data circulation in the data element field is constructed based on a block chain architecture, a method for carrying out security detection on an intelligent contract is adopted, and the trust problem of a data storage party on a data utilization calculation program (data operation program) of a data demand party can be solved, wherein the trust comprises the following steps: protection of private data, protection of original data (to avoid malicious leakage of data with a computer program, inadvertent vulnerability leakage or destruction of data, etc.
In this embodiment, the data storage side actively issues a data dictionary to the blockchain platform, where the data dictionary is a header or a data column name of a data record owned by the data storage side, an attribute of the data record, and the like. In a specific application embodiment, the information of the data owned by the data storage party may specifically include: the data attribute name, the data type, the data storage length, whether the data is possible to be empty, the data attribute description and the like are used, so that a data demander can know the introduction of the structure, the type and the data attribute condition of the data owned by the data storage party, and the data demander/data consumer can develop a data analysis/data model program under the condition of not knowing the original data. The specific content and format of the data dictionary can be configured according to actual requirements.
It should be noted that the data storage party is a target to store data, and is not necessarily a data ownership party, for example, a large amount of hospital physical examination data or health medical data is stored in a medical institution, and such data is only used for research in the medical institution.
This embodiment compares in direct cochain with data through storage data dictionary on the block chain, can do benefit to the privacy security that protects the original data, avoids data to reveal, also can do benefit to calculation node, the safety inspection node acquisition of all access block chains, can also be convenient for the data gateway to intercept revealing of data.
In this embodiment, the steps of performing security detection on the received intelligent contract in step S02 and deploying the received intelligent contract on each computing node after the security detection is passed include:
s201, after receiving an intelligent contract containing a data operation program, the computing node forwards the intelligent contract to a safety detection node to carry out safety detection on the contract;
s202, after the safety detection is passed, deploying the received intelligent contract into a block chain platform by the safety detection node;
s203, synchronizing the deployed intelligent contracts to each computing node;
and S204, the computing node submitting the intelligent contract sends an intelligent contract deployment success notification.
In this embodiment, a block chain database system is commonly maintained for multiple computing nodes, as shown in fig. 2, where one type of functional nodes used for a security detection function is included, that is, security detection nodes, and an intelligent contract program is deployed through the security detection nodes. The method comprises the steps that a data demand party or a data user develops an intelligent contract program in advance according to a data dictionary, a remote data (data owned by a data storage party) compiling program is operated, namely the data operation program, the data operation program is packaged in the developed intelligent contract to form an intelligent contract containing the data operation program, the intelligent contract is submitted to a block chain platform through a terminal, after receiving the intelligent contract program (the intelligent contract with the data operation program) from a computing node in the block chain platform, the intelligent contract is forwarded to a safety detection node to carry out safety detection on the contract, after the safety detection is passed, the safety detection node deploys the intelligent contract to the block chain platform, the deployed intelligent contract is synchronized to each computing node, finally, a deployment success notice is sent through the terminal by the computing node submitting the intelligent contract (namely the computing node where the data demand party is located), and deployment of the intelligent contract is completed.
In this embodiment, the step S03 of triggering the predicting machine to execute under the condition of the security of the intelligent contract includes:
s301, the target computing node inquires whether the received intelligent contract is subjected to security detection or not on the chain;
s302, if the received intelligent contract is not subjected to security detection, stopping executing the current intelligent contract;
and S303, if the received intelligent contract passes the security detection, triggering and executing the prediction machine.
The prediction machine is a program body connected with the intelligent contract, can play a role in linking up and down of the intelligent contract chain, and solves the limitation that the intelligent contract is difficult to directly communicate with data under the chain. The operation of this embodiment to data is carried out at data storage side through triggering intelligent contract, can effectively protect former data not break away from former storage domain, and then prevents to collect the side combination multisource data and realize privacy snooping, carries out safety inspection through adopting the safety inspection node to intelligent contract simultaneously, and safety inspection can dispose intelligent contract through the rear, can get rid of the possibility of artificial evil, further improves the fail safe nature of data sharing.
In this embodiment, the step S03 of starting the terminal process execution data operation program of the data source includes:
s311, starting a data gateway by a preloader program, and transmitting a data operation program to a terminal process of a data source through the data gateway;
s312, receiving the original data returned by the query of the terminal process of the data source to the data source database, receiving the calculation result of the data operation program executed by the terminal process of the data source to the returned original data, and sending the received calculation result through the data gateway.
According to the method and the device, on the basis of adopting the safety detection node to perform safety detection on the intelligent contract, the data security gateway is added on the data storage party, the raw data is prevented from flowing outwards through the data security gateway, and meanwhile, authorized raw data are reserved for the user requirements needing the raw data to be issued outwards, so that large-scale data can be prevented from being leaked under the unauthorized condition, the data sharing safety and reliability are ensured to the maximum extent, and the possibility of artificial repugnance is eliminated.
In this embodiment, sending out the received calculation result through the data gateway in step S312 includes: and controlling the transmission of the original data according to whether the original data acquisition permission exists, wherein if the original data acquisition permission does not exist, the data gateway only authorizes the sending of the calculation result, and if the original data acquisition permission exists, the calculation result and the original data are sent together. Through the mode, the reserved channel can be authorized to be transmitted out for the data, if the data storage side agrees to transmit the data out, the data using side can obtain the data, or the data is used as the input data to be comprehensively analyzed with the related data of other storage sides, otherwise, only the calculation result is transmitted out.
In this embodiment, the step S03 of forming a block chain consensus according to the calculation result and synchronizing the block chain consensus to the calculation node where the data demand side is located includes:
s321, taking the obtained calculation result as a final calculation result of the intelligent contract through a destination calculation node uplink to form block chain consensus;
s322, synchronizing the obtained calculation result to a target calculation node initiating an intelligent contract through block chain consensus;
and S323, sending a notice of completing data use to the target computing node initiating the intelligent contract.
The embodiment starts the execution of the prediction machine under the chain by triggering the intelligent contract after the security detection on the chain, the prediction machine acquires the authorized data through the data gateway for calculation, and finally returns the calculation result to the user node, the intelligent contract execution of the data and the operation of sharing and utilizing the original data are both limited on a data storage party, and the security of the original data can be protected to the greatest extent.
In step S01, the present embodiment further includes a data dictionary classification management step, which specifically includes:
s101, receiving a data dictionary sent by a data storage party, and verifying a digital signature of the data storage party;
s102, examining information of the data dictionary, and determining a data storage party and a data type corresponding to the examined digital dictionary;
and S103, generating a directory list for the verified data dictionary and issuing the directory list to be provided for the data demander to inquire.
The directory list specifically includes information such as a data storage party, a data type, a data attribute name, a data storage length, whether data is empty or not, and data attribute description corresponding to the data dictionary, and may be specifically configured according to actual requirements.
In the data sharing process, a data user can only see the data dictionary but cannot see actual data, and can use the original data to analyze to obtain a calculation result (such as statistics, correlation analysis, complex model calculation and the like), so that the data is invisible, a data storage party does not need to send data, data operation is carried out in a controllable domain of the data storage party, the privacy safety of the data can be effectively ensured, and the data of the data storage party is protected from being leaked. In the data sharing process, the data transmitted to the data storage side is only used for comparing and analyzing the data with the data of the data storage side, so that the data generally exists in the memory and the data security of the data storage side is not affected.
In a specific application embodiment, a data dictionary is classified and managed by adopting a data sharing utilization center, so that a user can conveniently inquire and filter required data, and the detailed flow is as follows:
(1) The data storage party combs the data to generate data dictionary information such as data types, data storage lengths and the like, and attaches own digital signatures to send the data dictionaries to the data sharing utilization center;
(2) The data sharing utilizes the center to verify the digital signature of the data storage party, then to examine the relevant information of the data dictionary, and to determine the data storage party and the data type of the examined digital dictionary;
(3) And the data sharing utilization center generates a directory list for the verified data dictionary and issues the directory list for the data demander to inquire.
In a specific application embodiment, as shown in fig. 3, the detailed process of the invention for implementing data sharing and utilization based on a block chain by using the above method includes:
step 1: after the intelligent contract is deployed to the block chain, a terminal of a data demand side initiates triggering of executing the intelligent contract;
and 2, step: the computing node informs the computing node where the data storage party is located to execute the intelligent contract through the block chain platform, namely, the target computing node executes the intelligent contract;
and step 3: the target computing node inquires whether the intelligent contract is subjected to security detection or not on the chain, and if the intelligent contract is not subjected to security detection, the execution of the intelligent contract is stopped;
and 4, step 4: under the condition of intelligent contract security, the prediction machine triggers and executes;
and 5: the prediction machine program starts a data gateway and transmits a data use code (an intelligent contract with a data operation program) to a terminal process of a data source T through the data gateway;
step 6: the terminal process of the data source T executes the data use code and inquires data from a data source T database;
and 7: obtaining returned original data, analyzing the original data by a data using program, and obtaining a calculation result;
and step 8: returning the calculation result to the data gateway, and judging whether the calculation result is original data or not by the data gateway;
and step 9: if the original data acquisition authority does not exist, the data gateway intercepts the passing of unauthorized data and only gives out a calculation result sent by authorization;
step 10: the calculation result is used as the final calculation result of the intelligent contract through the uplink of the target calculation node to form block chain consensus;
step 11: and after the calculation result of the intelligent contract is synchronized to the calculation node initiating the intelligent contract through the block chain consensus, the calculation result is notified to the submitting terminal, and the data use process is finished.
The invention ensures that the data can not be out of the domain by using a three-layer protection mechanism:
(A) Trusted system of blockchain: the block chain is maintained by multiple parties, and the intelligent contract program is open to multiple parties and can check and examine various vulnerabilities;
(B) Performing special security detection service based on the security detection node, detecting whether a code for pulling original data is hidden or not, and providing credible authentication professional service for a data storage party;
(C) And adopting a data security gateway to prevent unauthorized original data from being published to the outside.
By using the three-layer protection mechanism and through a block chain credible foundation system, the consistency consensus and the credibility foundation of each party of the data conference on the whole technical framework can be ensured, and the block chain intelligent contract opens the source for all the parties to ensure that the program is detected and audited by multiple parties; by introducing the special nodes for intelligent contract security detection and detecting the intelligent contract, the data use security of a data storage party can be further improved, the link-down intercommunication of a target computing node chain can be realized by combining a preplan mechanism for deploying the successful intelligent contract, and the reliable data analysis result is ensured by performing the data analysis and calculation process on the data storage party, so that the data is truly invisible and cannot be out of the domain; by setting the data security gateway, the unauthorized data leakage process can be blocked.
The data sharing and utilizing device based on the block chain in the embodiment comprises:
the block chain platform is used for receiving a data dictionary issued by a data storage party and an intelligent contract which is submitted by a data demand party and contains a data operation program, wherein the data dictionary contains information of data owned by the data storage party, and the data operation program is used for performing required operation on the data owned by the data storage party according to the data dictionary;
the safety detection node is used for carrying out safety detection on the received intelligent contract after the block chain platform receives the intelligent contract containing the data operation program submitted by the data demand party, and deploying the received intelligent contract on each computing node after the safety detection is passed;
and the intelligent contract execution module is used for notifying a target computing node where the data storage party is located to execute the intelligent contract through the block chain platform after receiving the trigger of executing the intelligent contract initiated by the data demand party, triggering a prediction machine to execute under the condition of intelligent contract safety so as to start a terminal process of the data source to execute the data operation program, forming block chain consensus according to the calculation result, synchronizing to the computing node where the data demand party is located, and finishing data use.
The block chain-based data sharing and utilizing apparatus in this embodiment corresponds to the block chain-based data sharing and utilizing method described above, and is not described in detail here.
The present embodiment also includes a computer-readable storage medium storing a computer program that, when executed, implements the method described above.
The method can be used for realizing data sharing in the scene of insufficient willingness of large data storage parties to share data in various industrial fields, ensures that the original data can be used without visibility and the data can not be used and utilized outside the field, and avoids the problem of data ownership right confirmation, thereby being convenient for mining the use value of the data.
The foregoing is considered as illustrative of the preferred embodiments of the invention and is not to be construed as limiting the invention in any way. Although the present invention has been described with reference to the preferred embodiments, it is not intended to be limited thereto. Therefore, any simple modification, equivalent change and modification made to the above embodiments according to the technical spirit of the present invention should fall within the protection scope of the technical scheme of the present invention, unless the technical spirit of the present invention departs from the content of the technical scheme of the present invention.
Claims (10)
1. A data sharing and utilizing method based on a block chain is characterized by comprising the following steps:
the block chain platform receives a data dictionary issued by a data storage party, wherein the data dictionary contains information of data owned by the data storage party;
after receiving an intelligent contract containing a data operation program submitted by a data demand party, a block chain platform carries out security detection on the received intelligent contract and deploys the received intelligent contract on each computing node after the security detection is passed, wherein the data operation program is used for carrying out required operation on data owned by a data storage party according to the data dictionary;
and after triggering of executing the intelligent contract initiated by the data demand party is received, notifying a target computing node where the data storage party is located to execute the intelligent contract through the block chain platform, triggering a prediction machine to execute under the condition of safety of the intelligent contract so as to start a terminal process of a data source to execute the data operation program, forming block chain consensus according to a calculation result, synchronizing to the computing node where the data demand party is located, and completing data use.
2. The method for sharing and utilizing data based on block chains according to claim 1, wherein the steps of performing security check on the received intelligent contracts and deploying the received intelligent contracts to each computing node after the security check is passed comprise:
after receiving the intelligent contract containing the data operation program, the computing node forwards the intelligent contract to a security detection node to carry out security detection on the contract;
after the safety detection is passed, the safety detection node deploys the received intelligent contract into a block chain platform;
synchronizing the deployed intelligent contracts to each computing node;
and the computing node submitting the intelligent contract sends an intelligent contract deployment success notice.
3. The method for sharing and utilizing data based on block chains according to claim 1, wherein the step of triggering the prediction machine to execute under the condition of intelligent contract security comprises the following steps:
the target computing node inquires whether the received intelligent contract is subjected to security detection or not on the chain;
if the received intelligent contract is not subjected to security detection, terminating the execution of the current intelligent contract;
and if the received intelligent contract passes the security detection, triggering and executing the prediction machine.
4. The method according to claim 1, wherein the starting the terminal process of the data source to execute the data operation program includes:
the prediction machine program starts a data gateway and transmits a data operation program to a terminal process of a data source through the data gateway;
and receiving the original data returned by the query of the terminal process of the data source to the data source database, receiving the calculation result of the data operation program executed by the terminal process of the data source to the returned original data, and sending the received calculation result through the data gateway.
5. The method according to claim 4, wherein the sending out the received calculation result through a data gateway comprises: and controlling the transmission of the original data according to whether the original data acquisition authority exists, wherein if the original data acquisition authority does not exist, the data gateway only authorizes the sending of the calculation result, and if the original data acquisition authority exists, the calculation result and the original data are sent together.
6. The method according to claim 1, wherein the forming block chain consensus and synchronizing to the computing node where the data demand side is located according to the computation result comprises:
taking the obtained calculation result as a final calculation result of the intelligent contract through the uplink of the target calculation node to form block chain consensus;
synchronizing the obtained calculation result to a target calculation node initiating an intelligent contract through the block chain consensus;
and sending a notice of completing the data use to the target computing node initiating the intelligent contract.
7. The method according to any one of claims 1 to 6, wherein the information on the data owned by the data storage side includes: data attribute name, data type, data storage length, whether the data is possible to be empty, and data attribute description.
8. The method for sharing and utilizing data based on a block chain according to any one of claims 1 to 6, further comprising a data dictionary classification management step, specifically comprising:
receiving a data dictionary sent by a data storage party, and verifying a digital signature of the data storage party;
examining the information of the data dictionary, and determining a data storage party and a data type corresponding to the examined digital dictionary;
and generating a directory list for the verified data dictionary and issuing the directory list to be provided for the data demander for query.
9. An apparatus for sharing and utilizing data based on block chains, comprising:
the block chain platform is used for receiving a data dictionary issued by a data storage party and an intelligent contract which is submitted by a data demand party and contains a data operation program, wherein the data dictionary contains information of data owned by the data storage party, and the data operation program is used for performing required operation on the data owned by the data storage party according to the data dictionary;
the safety detection node is used for carrying out safety detection on the received intelligent contract after the block chain platform receives the intelligent contract containing the data operation program submitted by the data demand party, and deploying the received intelligent contract on each computing node after the safety detection is passed;
and the intelligent contract execution module is used for notifying a target computing node where the data storage party is located to execute the intelligent contract through the block chain platform after receiving the trigger of executing the intelligent contract initiated by the data demand party, triggering a prediction machine to execute under the condition of intelligent contract safety so as to start a terminal process of the data source to execute the data operation program, forming block chain consensus according to the calculation result, synchronizing to the computing node where the data demand party is located, and finishing data use.
10. A computer-readable storage medium storing a computer program, characterized in that the computer program, when executed, implements the method according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210676162.1A CN115296811B (en) | 2022-06-15 | 2022-06-15 | Block chain-based data sharing utilization method, device and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210676162.1A CN115296811B (en) | 2022-06-15 | 2022-06-15 | Block chain-based data sharing utilization method, device and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115296811A true CN115296811A (en) | 2022-11-04 |
| CN115296811B CN115296811B (en) | 2023-10-31 |
Family
ID=83819946
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210676162.1A Active CN115296811B (en) | 2022-06-15 | 2022-06-15 | Block chain-based data sharing utilization method, device and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115296811B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117997654A (en) * | 2024-04-03 | 2024-05-07 | 湖南天河国云科技有限公司 | Data processing method, device and computer equipment in edge computing architecture |
| CN117997654B (en) * | 2024-04-03 | 2024-06-07 | 湖南天河国云科技有限公司 | Data processing method, device and computer equipment in edge computing architecture |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111581292A (en) * | 2020-05-18 | 2020-08-25 | 中国工业互联网研究院 | Industrial Internet data asset right confirming and trading method and platform |
| CN111698322A (en) * | 2020-06-11 | 2020-09-22 | 福州数据技术研究院有限公司 | Medical data safety sharing method based on block chain and federal learning |
| CN114357508A (en) * | 2021-12-27 | 2022-04-15 | 东北大学秦皇岛分校 | Internet of things data sharing system and method based on prediction machine and block chain |
| US20220150057A1 (en) * | 2020-11-11 | 2022-05-12 | Beijing University Of Posts And Telecommunications | Data Sharing Method, System, Electronic Device and Storage Medium thereof |
| CN114598554A (en) * | 2022-05-09 | 2022-06-07 | 山东省计算中心(国家超级计算济南中心) | Method and system for protecting user privacy data in application program |
-
2022
- 2022-06-15 CN CN202210676162.1A patent/CN115296811B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111581292A (en) * | 2020-05-18 | 2020-08-25 | 中国工业互联网研究院 | Industrial Internet data asset right confirming and trading method and platform |
| CN111698322A (en) * | 2020-06-11 | 2020-09-22 | 福州数据技术研究院有限公司 | Medical data safety sharing method based on block chain and federal learning |
| US20220150057A1 (en) * | 2020-11-11 | 2022-05-12 | Beijing University Of Posts And Telecommunications | Data Sharing Method, System, Electronic Device and Storage Medium thereof |
| CN114357508A (en) * | 2021-12-27 | 2022-04-15 | 东北大学秦皇岛分校 | Internet of things data sharing system and method based on prediction machine and block chain |
| CN114598554A (en) * | 2022-05-09 | 2022-06-07 | 山东省计算中心(国家超级计算济南中心) | Method and system for protecting user privacy data in application program |
Non-Patent Citations (1)
| Title |
|---|
| 董祥千;郭兵;沈艳;段旭良;申云成;张洪;: "一种高效安全的去中心化数据共享模型", 计算机学报, no. 05 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117997654A (en) * | 2024-04-03 | 2024-05-07 | 湖南天河国云科技有限公司 | Data processing method, device and computer equipment in edge computing architecture |
| CN117997654B (en) * | 2024-04-03 | 2024-06-07 | 湖南天河国云科技有限公司 | Data processing method, device and computer equipment in edge computing architecture |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115296811B (en) | 2023-10-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10795985B2 (en) | Applications of secured memory areas and secure environments in policy-based access control systems for mobile computing devices | |
| RU2018129947A (en) | COMPUTER SECURITY SYSTEM BASED ON ARTIFICIAL INTELLIGENCE | |
| Meng et al. | SDN-based security enforcement framework for data sharing systems of smart healthcare | |
| Lutta et al. | The complexity of internet of things forensics: A state-of-the-art review | |
| US20200184467A1 (en) | System and method for providing a secure transaction network | |
| US20210081935A1 (en) | System and method for providing privacy-preserving proofs of membership | |
| CN106657010A (en) | Data access method, device and system | |
| Makura et al. | Proactive forensics: Keystroke logging from the cloud as potential digital evidence for forensic readiness purposes | |
| Nieto et al. | Digital witness and privacy in IoT: Anonymous witnessing approach | |
| White et al. | Network reconnaissance and vulnerability excavation of secure DDS systems | |
| Islam et al. | A comprehensive data security and forensic investigation framework for cloud-iot ecosystem | |
| CN109120626A (en) | Security threat processing method, system, safety perception server and storage medium | |
| Liguori | Exploring Lawful Hacking as a Possible Answer to the'Going Dark'Debate | |
| Miloslavskaya et al. | IoTBlockSIEM for information security incident management in the internet of things ecosystem | |
| CN112037870B (en) | Double-server light-weight searchable encryption method and system supporting data partitioning | |
| Miloslavskaya et al. | New SIEM system for the internet of things | |
| Tobin et al. | Simulating SQL-injection cyber-attacks using GNS3 | |
| CN115296811A (en) | Data sharing and utilizing method, device and medium based on block chain | |
| Rahim et al. | Holistic feistel authenticated learning-based authorization for protecting the internet of things from cyber attacks | |
| JP2023021040A (en) | Method and system for securely transmitting file via remote browser | |
| Beydoun et al. | Generic modelling of security awareness in agent based systems | |
| Brotsis et al. | Blockchain meets Internet of Things (IoT) forensics: A unified framework for IoT ecosystems | |
| Barika et al. | Agent IDS based on misuse approach | |
| Jeong et al. | Access control protocol based on privacy property of patient in m-healthcare emergency | |
| Aziz et al. | A static analysis of cryptographic processes: The denotational approach |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |