CN115695421A - Data sharing method and device based on block chain, storage medium and processor - Google Patents
Data sharing method and device based on block chain, storage medium and processor Download PDFInfo
- Publication number
- CN115695421A CN115695421A CN202110874889.6A CN202110874889A CN115695421A CN 115695421 A CN115695421 A CN 115695421A CN 202110874889 A CN202110874889 A CN 202110874889A CN 115695421 A CN115695421 A CN 115695421A
- Authority
- CN
- China
- Prior art keywords
- data
- shared
- requester
- sharing
- enterprise
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The embodiment of the application provides a data sharing method and device based on a block chain, a processor and a storage medium. The method comprises the following steps: acquiring a data request of a requester for sharing source data, wherein the data request carries user information of the requester; determining the service authority of a requester according to the user information; searching standby shared data corresponding to the service authority through a data sharing directory; requesting an intelligent contract of a block chain to acquire standby shared data; acquiring ciphertext data of shared data to be used from an account book of a block chain under the condition that the authority of the requester is checked by the intelligent contract; carrying out secondary encryption on the ciphertext data, and storing the ciphertext data subjected to secondary encryption into a block chain; and sending the secondarily encrypted ciphertext data to a requester, and decrypting the secondarily encrypted ciphertext data by calling a decryption module by the requester to obtain corresponding shared source data.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a data sharing method and apparatus based on a block chain, a storage medium, and a processor.
Background
With the development of the existing network information technology, particularly the increasing development of new technologies such as a block chain, cloud computing, big data, the internet of things, artificial intelligence and the like, the supply chain also changes with the earth. In the whole supply chain, the sharing of information should be an important factor for ensuring the stable and orderly development of the whole product supply chain. However, due to the special properties of the products, some supply chains have high requirements for data privacy and confidentiality, which results in unsmooth information communication between enterprises in the supply chain and independent control of the respective data. In addition, enterprises and management departments in the supply chain are reluctant to disclose data which are already mastered by the enterprises and management departments from the aspects of privacy and information security, so that an information island is formed, and the information asymmetry of the enterprises in the supply chain is aggravated.
Meanwhile, the supply chain is a union formed by a plurality of enterprises which are independent from each other and different in interest, the supply chain is dynamic and unstable, the respective and targets participating in the enterprises may have differences, the self abilities and the management qualities of all members are different, the difficulty of data sharing is increased due to the factors, the efficiency is reduced, particularly, part of the members may participate in a plurality of other supply chains, more problems and risks in trust, loyalty and confidentiality are brought, and the effect of controlling the privacy of users cannot be achieved. Although the development of information technology, especially the development of related technologies such as cloud computing and big data, is changing day by day, for supply chain enterprises in some industries, infrastructure configuration is not perfect enough, and corresponding technologies are lacked to guarantee the security of information of the enterprises in the chain. In addition, the prior art is lack of a corresponding supervision mode and a corresponding management method, and the privacy of a user is uncontrollable, so that the trust problem of an enterprise on a chain still exists.
Disclosure of Invention
The embodiment of the application aims to provide a data sharing method and device based on a block chain, a storage medium and a processor.
In order to achieve the above object, a first aspect of the present application provides a data sharing method based on a block chain, including:
acquiring a data request of a requester for sharing source data, wherein the data request carries user information of the requester;
determining the service authority of a requester according to the user information;
searching standby shared data corresponding to the service authority through a data sharing directory;
requesting to acquire standby shared data from an intelligent contract of a block chain;
acquiring ciphertext data of shared data to be used from an account book of a block chain under the condition that the authority of the requester is checked by the intelligent contract;
carrying out secondary encryption on the ciphertext data, and storing the ciphertext data subjected to secondary encryption into a block chain;
and sending the ciphertext data subjected to secondary encryption to a requester, and decrypting the ciphertext data subjected to secondary encryption by calling a decryption module by the requester so as to obtain corresponding shared source data.
Optionally, the method further comprises: before a data request of a requester for the shared source data is obtained, grouping enterprises in a block chain system according to the working business of the enterprises; acquiring enterprise information of an enterprise, and inputting the enterprise information into a block chain node; determining the operation authority of the enterprise according to the enterprise information; acquiring shared source data issued by an enterprise; classifying the shared source data to generate a corresponding data sharing catalog; and calling an encryption module, and encrypting the shared source data by using the public key to generate ciphertext data corresponding to the shared source data.
Optionally, invoking an encryption module, encrypting the shared source data with a public key includes: acquiring system parameters and plaintext data of shared source data; acquiring a public key of an enterprise publishing the shared source data; and generating corresponding ciphertext data according to the system parameters, the plaintext data and the public key of the enterprise issuing the shared source data through an encryption algorithm.
Optionally, classifying the shared source data, and generating the corresponding data sharing directory includes: classifying the shared source data through a block chain intelligent contract; and performing decryption processing on the shared source data to generate a corresponding decrypted data sharing directory, wherein the decryption processing comprises any one of substitution, truncation, numerical transformation, encryption, occlusion, generalization, null insertion and deletion.
Optionally, performing secondary encryption on the ciphertext data, and storing the ciphertext data after the secondary encryption into the block chain includes: determining a private key of an authorizer and a public key of a requester, wherein the authorizer is an enterprise issuing shared data to be used; and performing secret key conversion on the private key of the authorized party and the public key of the requesting party to perform secondary encryption on the ciphertext data so as to generate corresponding ciphertext data.
Optionally, the method further comprises: and under the condition that the authority check of the intelligent contract on the requester fails, returning a notice of refusing the request to the requester.
A second aspect of the present application provides a data sharing apparatus based on a block chain, including:
the shared data source management module is used for acquiring a data request of a requester for shared source data, wherein the data request carries user information of the requester; determining the service authority of a requester according to the user information;
the sharing strategy management module is used for searching the standby sharing data corresponding to the service authority through the data sharing directory; requesting an intelligent contract of a block chain to acquire standby shared data; acquiring ciphertext data of shared data to be used from an account book of a block chain under the condition that the authority of the requester is checked by the intelligent contract; carrying out secondary encryption on the ciphertext data, and storing the ciphertext data subjected to secondary encryption into a block chain; and sending the secondarily encrypted ciphertext data to a requester, and decrypting the secondarily encrypted ciphertext data by calling a decryption module by the requester to obtain corresponding shared source data.
A third aspect of the present application provides a machine-readable storage medium having stored thereon instructions that, when executed by a processor, cause the processor to be configured to perform the above-mentioned block chain-based data sharing method.
A fourth aspect of the present application provides a processor configured to execute the above block chain-based data sharing method.
According to the data sharing method based on the block chain, supply chain data are processed into a decrypted data catalogue and source data stored by using an agent re-encryption mechanism through an intelligent contract, a proper supply chain data catalogue is sent to enterprises in different links, the encrypted source data are obtained through an agent re-encryption technology after authorization is obtained, a safe and reliable data collaborative sharing network environment with controllable user privacy is provided for the whole supply chain, and the supply chain data sharing and collaborative requirements of industries with high data security requirements are met to the maximum extent. In the data sharing and cooperating process, the data visible in the transmission process and the intermediate platform are both the decrypted data and the encrypted ciphertext data, and no specific plaintext service data is presented, so that the user privacy in the supply chain data cooperating and sharing process can be ensured to be safe and controllable.
Additional features and advantages of embodiments of the present application will be described in detail in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the disclosure and are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description serve to explain the embodiments of the disclosure, but are not intended to limit the embodiments of the disclosure. In the drawings:
fig. 1 schematically shows a flowchart of a block chain-based data sharing method according to an embodiment of the present application;
FIG. 2 schematically illustrates a flow diagram of proxy re-encryption data sharing according to an embodiment of the present application;
fig. 3 schematically shows a block diagram of a block chain-based data sharing apparatus according to an embodiment of the present application;
FIG. 4 is a block diagram schematically illustrating a block chain based data sharing system according to an embodiment of the present application;
fig. 5 schematically shows an internal structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
The following detailed description of embodiments of the present application will be made with reference to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the embodiments of the application, are given by way of illustration and explanation only, not limitation.
Fig. 1 schematically shows a flowchart of a block chain-based data sharing method according to an embodiment of the present application. As shown in fig. 1, in an embodiment of the present application, a method for sharing data based on a blockchain is provided, including the following steps:
And step 102, determining the service authority of the requester according to the user information.
And 103, searching standby shared data corresponding to the service authority through the data sharing directory.
And 104, requesting to acquire the standby shared data from the intelligent contract of the block chain.
And 105, acquiring the ciphertext data of the shared data to be used from the account book of the block chain under the condition that the authority check of the intelligent contract on the requester is passed.
And 106, carrying out secondary encryption on the ciphertext data, and storing the ciphertext data subjected to secondary encryption into the block chain.
And step 107, sending the secondarily encrypted ciphertext data to a requester, and decrypting the secondarily encrypted ciphertext data by calling a decryption module by the requester to obtain corresponding shared source data.
In the block link point, a plurality of sharing source data are stored, and a user can request to acquire the sharing source data to share the data. Wherein, the shared source data can be uploaded by enterprises. In one embodiment, before obtaining a data request for shared source data from a requester, the enterprises may be grouped in a blockchain system according to their work business, such as raw material manufacturing enterprises, machining enterprises, logistics transportation enterprises, finished product assembly enterprises, and so on. Further, enterprise information, namely enterprise information, can be acquired, and then the enterprise information is recorded into the blockchain node for storage. The operation authority of the enterprises can be determined according to the enterprise information, so that the operation authority of each enterprise on the data can be determined. For example, enterprise a has upload rights for shared data, and enterprise B has view rights for all shared source data in a certain type. The enterprises can upload the shared source data by themselves, so further, the specific authority of each enterprise for each shared source data can be set. For example, enterprise a has only viewing permission and no modification permission for shared source data X1; enterprise B has neither viewing nor modifying rights, etc. for the shared source data X1. After the shared source data issued by the enterprise is obtained, the shared source data can be classified, and a corresponding data sharing directory is generated. Then, an encryption module may be invoked to encrypt the shared source data with the public key to generate ciphertext data corresponding to each shared source data.
In one embodiment, classifying the shared source data and generating the corresponding data sharing directory includes: classifying the shared source data through a block chain intelligent contract; and performing decryption processing on the shared source data to generate a corresponding decrypted data sharing directory, wherein the decryption processing comprises any one of substitution, truncation, numerical transformation, encryption, occlusion, generalization, null insertion and deletion.
And creating classification for the shared source data through a block chain intelligent contract, and performing decryption processing on the classified shared source data to generate a corresponding decrypted data sharing directory. The decryption processing comprises any one of substitution, truncation, numerical value transformation, encryption, shielding, generalization, null insertion and deletion, so that the encrypted data before the shared source data is cleared to obtain the public data, and the subsequent encryption operation on the shared source data is facilitated.
In one embodiment, invoking the encryption module to encrypt the shared source data with the public key comprises: acquiring system parameters and plaintext data of shared source data; acquiring a public key of an enterprise publishing the shared source data; and generating corresponding ciphertext data according to the system parameters, the plaintext data and the public key of the enterprise issuing the shared source data through an encryption algorithm.
When uploading the shared source data, each enterprise has its own enterprise account, i.e. user account. For an individual user, the system parameters may refer to parameters such as a user name, an identification card, and an age corresponding to the user account. For an enterprise, the system parameters may refer to an enterprise name, an enterprise organization code, a year of establishment of the enterprise, and the like corresponding to a user account of the enterprise, and a public and private key pair of the enterprise is generated according to the information. Plaintext data refers to the content of the shared source data itself, i.e., public data that has not been encrypted. If the shared source data A is a word document, the content contained in the word document is as follows: this is a public source of code. (the document includes these source codes), the plaintext data of the shared source data refers to the content specifically contained in the word, including the text content: this is a public source code and the specific source code contained in the document. After the shared source data is encrypted by the public key of the enterprise through the proxy re-encryption mechanism, corresponding ciphertext data can be generated, and then the encrypted shared source data can be stored in the block chain network.
Further, in one embodiment, the re-encryption process may employ a double elliptic curve encryption scheme. For example, a key generation algorithm of KeyGen (par) may be used, and after system parameters of an account are input, the algorithm may output (pk, sk) corresponding to the account as a public-private key pair of the account. The encryption algorithm may then use Enc (par, M, pk) → C (0). Inputting system parameters par of an account, plaintext data M of shared source data and a public key pk of the account corresponding to the shared source data, and outputting to encrypt the shared source data through the public key pk to generate corresponding ciphertext data C (0), wherein 0 represents that the ciphertext data C is not re-encrypted, and C (0) is also called as an original ciphertext.
The block chain platform can determine the service authority of the requester through user information carried in the data request, and can search the standby shared data corresponding to the service authority of the requester through the decrypted data sharing directory. That is, after determining the service authority of the requester, the blockchain may search for the to-be-used shared data corresponding to the requester through a pre-generated directory. It should be noted that this process combines intelligent contracts and authorization models for blockchains, and only authorized data requesters can see the supply chain's data sharing directory, while other unauthorized data requesters cannot see the supply chain's data sharing directory. The acquisition of specific to-be-used shared data may then be requested from the intelligent contracts for the blockchain. And the intelligent appointment performs secondary audit confirmation on the authority of the requester. And under the condition that the authority check of the intelligent contract on the requester fails, returning a notice of refusing the request to the requester, wherein the requester cannot acquire specific to-be-used shared data.
And under the condition that the authority check of the intelligent contract on the requester is passed, acquiring ciphertext data of the to-be-used shared data from the account book of the block chain. The ciphertext data of the to-be-used shared data can be encrypted for the second time, and the ciphertext data after the second encryption is stored to the block chain.
Further, in one embodiment, twice encrypting the ciphertext data, and storing the twice encrypted ciphertext data to the block chain comprises: determining a private key of an authorizer and a public key of a requester, wherein the authorizer is an enterprise issuing to-be-used shared data; and performing secret key conversion on the private key of the authorized party and the public key of the requesting party to perform secondary encryption on the ciphertext data so as to generate corresponding ciphertext data.
The authorization party can upload the user sharing the source data, and when the requesting party requests to acquire the sharing source data a, the account corresponding to the enterprise uploading the sharing source data a is the authorization party. Thus, the private key of the authorizer to share data to be used and the public key of the requestor requesting the shared data to be used can be obtained. And then, performing secret key conversion on the private key of the authorized party and the public key of the requesting party to secondarily encrypt the ciphertext data information of the shared data to be used, so as to generate corresponding secondarily encrypted ciphertext data. Specifically, the system parameter par, the private key ski of the authorizer, and the public key pkj of the supplicant may be input through a conversion key generation algorithm ReKeyGen (par, ski, pkj), through which the corresponding conversion key rki → j may be output, thereby implementing one-way amount re-encryption from the authorizer to the supplicant.
Specifically, the secondary re-encryption process is to use a re-encryption algorithm to perform secondary encryption on ReEnc (par, rki → j, ci (n) → Cj (n + 1). Input system parameters par, so as to realize a conversion key rki → j from a user pki to a user pkj, and a ciphertext Ci (n) from the user pki, wherein n represents the number of times that the ciphertext Ci (n) is re-encrypted, the algorithm outputs the ciphertext Cj (n + 1) from the user pkj, the ciphertext Cj (n + 1) has been re-encrypted n +1 times or represents that the ciphertext (n) is illegal.then, the secondarily encrypted ciphertext data can be sent to a requesting party, the requesting party can decrypt the acquired secondarily encrypted ciphertext data by calling a decryption module, so as to acquire corresponding shared source data, the decryption algorithm can be Dec2 (par, 35 zzft, cj (Ci + 1), the algorithm can output ciphertext data by calling a decryption module, so as to decrypt the ciphertext data, if the ciphertext Ci (n + 1) is a corresponding public key, the ciphertext data output by a public key, so as to satisfy a public key, the public key, so as to satisfy the following formula 3934, the following formula:
Dec(par,ski,Enc(par,M,pki))=M
Dec(par,skj,ReEnc(par,ReKeyGen(par,ski,pkj),Ci(n)))=M
the above equation means that the plaintext data obtained by direct decryption should be identical to the plaintext data obtained by decryption by the proxy encryption algorithm. The requester shows that the data sharing operation is completed when the decrypted data is acquired.
In one embodiment, as shown in FIG. 2, a flow diagram of proxy re-encryption data sharing is provided. The sharing party can upload the sharing source data, the sharing party can call the public key corresponding to the sharing party to encrypt the sharing source data to generate ciphertext data corresponding to the sharing source data, and the ciphertext data are sent to the intelligent contract. The block chain intelligent contract can carry out decryption processing on the shared source data, generate a corresponding decrypted data sharing catalogue, store the data sharing catalogue into an account book of the block chain, and upload the ciphertext data to the block chain. Further, the requestor may initiate a data request for the shared source data, i.e., request to obtain the shared data. The intelligent contract can determine the service authority of the requester according to the user information of the requester, search the to-be-used shared data corresponding to the service authority through the data sharing directory, and check the authority of the requester. And under the condition that the check is passed, the intelligent contract can read ciphertext data of the shared data to be used from the block chain account book, and call the proxy re-encryption key to perform secondary encryption on the ciphertext data, wherein the ciphertext data after secondary encryption can be stored in the block chain as well. The intelligent contract can send the ciphertext data after the secondary encryption to the requester, and the requester can call the decryption module to decrypt the ciphertext data after the secondary encryption, so that the corresponding shared source data can be obtained.
In one embodiment, the method further comprises: the method comprises the steps of establishment, modification, auditing, security IP configuration of the organization and the like, encryption configuration of shared source data, permission configuration, cochain storage of configuration results and the like. The supply chain mechanism may access the blockchain for supply chain data coordination by registering on the blockchain. When the supply chain information is shared, the processing of the data source comprises the data shared on the chain generated by the service and the credible data source outside the chain, a uniform cooperation mode is provided for the data cooperation service, and the transaction record is supported. For the supply chain information uplink and the transaction record in the shared query, the data source tracing and the data use tracing can be more conveniently carried out.
According to the data sharing method based on the block chain, supply chain data are processed into a decrypted data catalogue and source data stored by using an agent re-encryption mechanism through an intelligent contract, a proper supply chain data catalogue is sent to enterprises in different links, the encrypted source data are obtained through an agent re-encryption technology after authorization is obtained, a safe and reliable data collaborative sharing network environment with controllable user privacy is provided for the whole supply chain, and the supply chain data sharing and collaborative requirements of industries with high data security requirements are met to the maximum extent. In the data sharing coordination process, the data visible in the transmission process and the intermediate platform are both decrypted data and encrypted ciphertext data, and no specific plaintext service data is presented, so that the user privacy in the supply chain data coordination sharing process can be ensured to be safe and controllable.
In one embodiment, as shown in fig. 3, there is provided a data sharing apparatus based on a block chain, including:
the shared data source management module 301 is configured to obtain a data request of a requester for shared source data, where the data request carries user information of the requester; determining the service authority of a requester according to the user information;
the sharing policy management module 302 is configured to search, through the data sharing directory, for standby sharing data corresponding to the service permission; requesting an intelligent contract of a block chain to acquire standby shared data; acquiring ciphertext data of shared data to be used from an account book of a block chain under the condition that the authority of the requester is checked by the intelligent contract; carrying out secondary encryption on the ciphertext data, and storing the ciphertext data subjected to secondary encryption into a block chain; and sending the ciphertext data subjected to secondary encryption to a requester, and decrypting the ciphertext data subjected to secondary encryption by calling a decryption module by the requester so as to obtain corresponding shared source data.
In an embodiment, as shown in fig. 3, the above data sharing apparatus based on a blockchain further includes:
the mechanism management module 303 is configured to group the enterprises according to the work services of the enterprises in the blockchain system before acquiring the data request of the requester for the shared source data; acquiring enterprise information of an enterprise, and inputting the enterprise information into a block chain node; determining the operation authority of the enterprise according to the enterprise information;
the shared directory management module 304 is configured to obtain shared source data published by an enterprise; classifying the shared source data to generate a corresponding data sharing catalog;
the shared data source management module 301 is further configured to invoke an encryption module, and encrypt the shared source data with the public key to generate ciphertext data corresponding to the shared source data.
In one embodiment, the shared data source management module 301 is further configured to obtain system parameters and plaintext data of the shared source data; acquiring a public key of an enterprise which issues the shared source data; and generating corresponding ciphertext data according to the system parameters, the plaintext data and the public key of the enterprise issuing the shared source data through an encryption algorithm.
In one embodiment, the shared catalog management module 304 is further configured to classify the shared source data by a blockchain intelligence contract; and performing decryption processing on the shared source data to generate a corresponding decrypted data sharing directory, wherein the decryption processing comprises any one of substitution, truncation, numerical transformation, encryption, occlusion, generalization, null insertion and deletion.
In one embodiment, the sharing policy management module 302 is configured to determine a private key of an authorizer and a public key of the requestor, the authorizer being an enterprise that publishes the to-be-shared data; and performing secret key conversion on the private key of the authorized party and the public key of the requesting party to perform secondary encryption on the ciphertext data so as to generate corresponding ciphertext data.
In one embodiment, shared policy management module 302 is further configured to return a notification of a denial of the request to the requestor if the smart contract fails to verify the authority of the requestor.
In one embodiment, the shared data source management module 301 is further configured to provide a unified collaboration mode for the data collaboration service and support transaction recording for processing sources of data, including data shared on a chain generated by the service and a trusted data source outside the chain, when the supply chain information is shared.
In one embodiment, the entity management module 303 is further configured to manage the supply chain data cooperating with the entity, including creation, modification, and audit of the entity, security IP configuration of the entity, encryption configuration, authority configuration, and uplink storage of configuration results. The supply chain mechanism accesses the block chain for supply chain data coordination by registering on the block chain.
In one embodiment, the apparatus comprises (not shown):
and the transaction management module is used for providing data source tracing and data use tracing for the supply chain information uplink and the transaction records when the shared query is carried out.
And the business supervision module is used for supervising and managing the supply chain based on the block chain intelligent contract.
Information uplink: data uplink access for blockchain underlay platforms that conform to supply chain information coordination specifications.
And (3) information query: and the data sharing inlet is used for enabling the block chain bottom platform to conform to the supply chain information collaboration specification.
The data sharing device based on the block chain comprises a processor and a memory, wherein the shared data source management module, the shared strategy management module and the like are stored in the memory as program units, and the processor executes the program modules stored in the memory to realize corresponding functions.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be set to be one or more, and the above data sharing method based on the block chain is realized by adjusting the kernel parameters.
The memory may include volatile memory in a computer readable medium, random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.
In one embodiment, as shown in fig. 4, there is provided a block chain based data sharing system, including: the system comprises an information inquiry function, an information uplink function, a service supervision function, a transaction management function, a shared policy management function, a shared directory management function, a shared data source management function, an organization management function and the like. Specifically, the information query function includes a query condition check intelligent contract, an information query transaction intelligent contract, and the like, and the content specifically included in the other functions is as shown in the drawing, and is not described herein again.
An embodiment of the present application provides a storage medium, on which a program is stored, and when the program is executed by a processor, the method for sharing data based on a block chain is implemented.
The embodiment of the application provides a processor, wherein the processor is used for running a program, and the program runs to execute the data sharing method based on the block chain.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 5. The computer apparatus includes a processor a01, a network interface a02, a memory (not shown in the figure), and a database (not shown in the figure) connected through a system bus. Wherein the processor a01 of the computer device is adapted to provide computing and control capabilities. The memory of the computer apparatus includes an internal memory a03 and a nonvolatile storage medium a04. The nonvolatile storage medium a04 stores an operating system B01, a computer program B02, and a database (not shown). The internal memory a03 provides an environment for running the operating system B01 and the computer program B02 in the nonvolatile storage medium a04. The database of the computer device is used for storing the shared source data uploaded by the enterprise and the like. The network interface a02 of the computer apparatus is used for communicating with an external terminal through a network connection. The computer program B02 is executed by the processor a01 to implement a blockchain based data sharing method.
Those skilled in the art will appreciate that the architecture shown in fig. 5 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
The embodiment of the application provides equipment, which comprises a processor, a memory and a program stored on the memory and capable of running on the processor, wherein the processor executes the program to realize the steps of the data sharing method based on the block chain.
The present application further provides a computer program product adapted to perform a program for initializing the following method steps of the blockchain based data sharing method when executed on a data processing device.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). The memory is an example of a computer-readable medium.
Computer-readable media, including both permanent and non-permanent, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another identical element in a process, method, article, or apparatus that comprises the element.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art to which the present application pertains. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. A method for sharing data based on block chains is characterized by comprising the following steps:
acquiring a data request of a requester for the shared source data, wherein the data request carries user information of the requester;
determining the service authority of the requester according to the user information;
searching standby shared data corresponding to the service authority through a data sharing directory;
requesting an intelligent contract of the block chain to acquire the standby shared data;
acquiring ciphertext data of the to-be-used shared data from the account book of the block chain under the condition that the permission check of the intelligent contract on the requester is passed;
carrying out secondary encryption on the ciphertext data, and storing the ciphertext data subjected to secondary encryption into the block chain;
and sending the secondarily encrypted ciphertext data to the requester, and decrypting the secondarily encrypted ciphertext data by calling a decryption module by the requester so as to obtain corresponding shared source data.
2. The method for sharing data based on block chains according to claim 1, further comprising:
before the data request of the acquisition requester for the shared source data, grouping the enterprises in a blockchain system according to the working business of the enterprises;
acquiring enterprise information of the enterprise, and inputting the enterprise information into a block chain node;
determining the operation authority of the enterprise according to the enterprise information;
acquiring shared source data issued by the enterprise;
classifying the sharing source data to generate a corresponding data sharing catalog;
and calling an encryption module, and encrypting the shared source data by using a public key to generate ciphertext data corresponding to the shared source data.
3. The blockchain-based data sharing method according to claim 2, wherein the calling encryption module encrypts the shared source data by using a public key, including:
acquiring system parameters and plaintext data of the shared source data;
acquiring a public key of an enterprise which issues the shared source data;
and generating corresponding ciphertext data according to the system parameters, the plaintext data and the public key of the enterprise issuing the shared source data through an encryption algorithm.
4. The method according to claim 2, wherein the classifying the sharing source data and generating the corresponding data sharing directory comprises:
classifying the shared source data through a blockchain intelligent contract;
and performing decryption processing on the shared source data to generate a corresponding decrypted data sharing directory, wherein the decryption processing comprises any one of substitution, truncation, numerical transformation, encryption, occlusion, generalization, null insertion and deletion.
5. The method according to claim 1, wherein the secondarily encrypting the ciphertext data and storing the secondarily encrypted ciphertext data in the blockchain comprises:
determining a private key of an authorizer and a public key of the requestor, wherein the authorizer is an enterprise issuing the to-be-used shared data;
and performing secret key conversion on the private key of the authorized party and the public key of the requesting party to perform secondary encryption on the ciphertext data so as to generate corresponding ciphertext data.
6. The method for sharing data based on block chains according to claim 1, further comprising:
and returning a notice of refusing the request to the requester in the case that the authority check of the intelligent contract on the requester fails.
7. An apparatus for sharing data based on a blockchain, comprising:
the shared data source management module is used for acquiring a data request of a requester for the shared source data, wherein the data request carries user information of the requester; determining the service authority of the requester according to the user information;
the sharing strategy management module is used for searching the standby sharing data corresponding to the service authority through a data sharing directory; requesting an intelligent contract of the block chain to acquire the standby shared data; acquiring ciphertext data of the to-be-used shared data from the account book of the block chain under the condition that the permission check of the intelligent contract on the requester is passed; carrying out secondary encryption on the ciphertext data, and storing the ciphertext data subjected to secondary encryption into the block chain; and sending the secondarily encrypted ciphertext data to the requester, and decrypting the secondarily encrypted ciphertext data by calling a decryption module by the requester so as to obtain corresponding shared source data.
8. The apparatus for sharing data according to claim 7, further comprising:
the mechanism management module is used for grouping the enterprises according to the working services of the enterprises in the blockchain system before the data request of the acquisition requester for the shared source data; acquiring enterprise information of the enterprise, and inputting the enterprise information into a block chain node; determining the operation authority of the enterprise according to the enterprise information;
the shared directory management module is used for acquiring shared source data issued by the enterprise; classifying the sharing source data to generate a corresponding data sharing catalog;
the shared data source management module is further used for calling an encryption module, and encrypting the shared source data by using a public key to generate ciphertext data corresponding to the shared source data.
9. A machine-readable storage medium having instructions stored thereon, which when executed by a processor causes the processor to be configured to perform the blockchain based data sharing method according to any one of claims 1 to 6.
10. A processor configured to perform the method of data sharing based on blockchains according to any one of claims 1 to 6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110874889.6A CN115695421A (en) | 2021-07-30 | 2021-07-30 | Data sharing method and device based on block chain, storage medium and processor |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110874889.6A CN115695421A (en) | 2021-07-30 | 2021-07-30 | Data sharing method and device based on block chain, storage medium and processor |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115695421A true CN115695421A (en) | 2023-02-03 |
Family
ID=85059733
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110874889.6A Pending CN115695421A (en) | 2021-07-30 | 2021-07-30 | Data sharing method and device based on block chain, storage medium and processor |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115695421A (en) |
-
2021
- 2021-07-30 CN CN202110874889.6A patent/CN115695421A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Thwin et al. | Blockchain‐based access control model to preserve privacy for personal health record systems | |
US11019040B2 (en) | Cloud key escrow system | |
CN109144961B (en) | Authorization file sharing method and device | |
US11726968B2 (en) | Methods, apparatuses, and devices for transferring data assets based on blockchain | |
US10275603B2 (en) | Containerless data for trustworthy computing and data services | |
US9866375B2 (en) | Multi-level key management | |
RU2531569C2 (en) | Secure and private backup storage and processing for trusted computing and data services | |
US10348693B2 (en) | Trustworthy extensible markup language for trustworthy computing and data services | |
US8745370B2 (en) | Secure sharing of data along supply chains | |
JP7149445B2 (en) | Encrypted data sharing management for blockchain | |
CN111008855B (en) | Retrospective data access control method based on improved proxy re-encryption | |
Zichichi et al. | Data governance through a multi-dlt architecture in view of the gdpr | |
CN113486082B (en) | Outsourcing data access control system based on block chain | |
CN113742370B (en) | Data query method and statistical information ciphertext generation method of full-encryption database | |
CN115695421A (en) | Data sharing method and device based on block chain, storage medium and processor | |
Han et al. | DSSPs: a data sharing security protection scheme based on consortium blockchain and ciphertext-policy attribute-based encryption | |
Sivanantham et al. | Reliable Data Storage and Sharing using Block chain Technology and Two Fish Encryption | |
Gutte et al. | Privacy Assurance with Content Based Access Protocol to Secure Cloud Storage | |
Manikyam et al. | Present State of the Art on Secure Data Deduplication in Cloud | |
Thwin et al. | Research Article Blockchain-Based Access Control Model to Preserve Privacy for Personal Health Record Systems | |
Kulkarni et al. | Privacy preserving health record system in cloud computing using attribute based encryption | |
Sindhu et al. | Centralized Data Accessibility with Back End Protection in Cloud | |
Saravanakumar et al. | SECURITY BASED AUDITING IN CLOUD PANEL | |
Sridevi et al. | INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY A SURVEY ON CRYPTOGRAPHIC CLOUD STORAGE TECHNIQUES |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |