CN116055057A - Information sharing method and device, storage medium and electronic equipment - Google Patents
Information sharing method and device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN116055057A CN116055057A CN202310034637.1A CN202310034637A CN116055057A CN 116055057 A CN116055057 A CN 116055057A CN 202310034637 A CN202310034637 A CN 202310034637A CN 116055057 A CN116055057 A CN 116055057A
- Authority
- CN
- China
- Prior art keywords
- airport
- information
- authorized
- passenger
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides an information sharing method and device, a storage medium and electronic equipment, comprising the following steps: determining each airport to be selected based on the information sharing request sent by the passenger; determining authorized airports selected by passengers from all the airports to be selected; encrypting boarding authentication information of the passenger by using a public key of an authorized airport to obtain encrypted data, and adding the generated digital signature into the encrypted data to obtain shared data; uploading the shared data to a blockchain, triggering an authorized airport to carry out signature verification on the shared data, and storing boarding authentication information in the shared data and updating an authorized tourist list when the shared data passes the signature verification. The boarding authentication information of the passengers is uploaded to the blockchain after being signed, encrypted and the like, and the authorized airports are triggered to acquire the boarding authentication information of the passengers from the blockchain, so that information sharing is completed, the passengers can directly use OneID service at each authorized airport, and the use experience of the passengers is improved.
Description
Technical Field
The present invention relates to the field of information processing technologies, and in particular, to an information sharing method and apparatus, a storage medium, and an electronic device.
Background
OneID is a concept proposed by the International Air Transport Association (IATA) and aims to apply identity management and biological recognition technologies to avoid the dependence of passengers on identity documents in a travel link, so that the travel experience of the passengers is optimized. The core idea of OneID is to enable passengers to share digital identities and other required files with airlines, airports and other institutions before traveling, so that repeated identity document checking processes in traveling are eliminated, and queuing time consumed in the links of check-in, boarding, customs entrance and the like is reduced.
The ideal state of the OneID service is that the traveler starts from entering the origin airport until leaving the destination airport, during which time the authenticated digital identity can be used through all necessary procedures and enjoy the corresponding service. The current airports cannot share the authentication information required by the passengers when using the OneID service, so that the passengers can use the OneID service only after registering and inputting the information required by authentication every time the passengers arrive at a new airport, and the experience of the passengers is poor.
Disclosure of Invention
In view of the above, the present invention provides an information sharing method and apparatus, a storage medium and an electronic device, which can share information of passengers between airports, and ensure that the passengers can directly use the OneID service after arriving at the airport, thereby providing better quality service for the passengers.
In order to achieve the above object, the embodiment of the present invention provides the following technical solutions:
an information sharing method, comprising:
receiving an information sharing request sent by a passenger, and determining each airport to be selected based on the information sharing request;
determining authorized airports selected by the passenger from the selected airports;
collecting boarding authentication information of the passenger, and encrypting the boarding authentication information by using a public key of the authorized airport to obtain encrypted data;
generating a digital signature of the boarding authentication information, and adding the digital signature into the encrypted data to obtain shared data;
uploading the shared data to a preset blockchain and sending a consensus request to the authorized airport;
triggering the authorized airport to acquire the shared data from the blockchain based on the consensus request, carrying out signature verification on the shared data, and storing boarding authentication information in the shared data and updating an authorized tourist list when the shared data passes the signature verification.
The method, optionally, determines each airport to be selected based on the information sharing request, including:
Analyzing a preset airport data sharing protocol to obtain subscription information in the airport data sharing protocol;
determining each airport participating in signing the airport data sharing agreement based on the subscription information;
and determining each participating airport as a candidate airport.
The method, optionally, the generating the digital signature of the boarding authentication information includes:
and determining a private key of an airport where the passenger is located, and carrying out signature processing on the boarding authentication information by using the private key to obtain a digital signature.
The above method, optionally, the saving and updating the boarding authentication information in the shared data to an authorized tourist list includes:
the authorized airport obtains encrypted data in the shared data, and calls a private key of the authorized airport to decrypt the encrypted data to obtain boarding authentication information;
and storing the boarding authentication information, and updating the information of the passenger into the authorized tourist list.
The method above, optionally, further comprises, after determining authorized airports selected by the passenger in each of the candidate airports:
acquiring a history authorization list of the passenger;
Judging whether an authorized airport exists or not based on each authorized airport and the historical authorized list;
when it is determined that there is a cancel authorized airport, an information deletion request is sent to the cancel authorized airport, so that the cancel authorized airport deletes the information of the traveler based on the information deletion request.
An information sharing apparatus comprising:
the receiving unit is used for receiving information sharing requests sent by passengers and determining various airports to be selected based on the information sharing requests;
a determining unit configured to determine authorized airports selected by the passenger among the respective airports to be selected;
the collecting unit is used for collecting boarding authentication information of the passenger, encrypting the boarding authentication information by using a public key of the authorized airport, and obtaining encrypted data;
the generation unit is used for generating a digital signature of the boarding authentication information and adding the digital signature into the encrypted data to obtain shared data;
the sending unit is used for uploading the shared data to a preset block chain and sending a consensus request to the authorized airport;
the triggering unit is used for triggering the authorized airport to acquire the shared data from the blockchain based on the consensus request, carrying out signature verification on the shared data, and storing boarding authentication information in the shared data and updating an authorized tourist list when the shared data passes the signature verification.
The above apparatus, optionally, the receiving unit includes:
the first acquisition subunit is used for analyzing a preset airport data sharing protocol and acquiring subscription information in the airport data sharing protocol;
a first determining subunit, configured to determine, based on the subscription information, each airport participating in the airport data sharing protocol;
and the second determining subunit is used for determining each participating airport as an airport to be selected.
The above apparatus, optionally, the generating unit includes:
and the third determining subunit is used for determining a private key of the airport where the passenger is located, and carrying out signature processing on the boarding authentication information by using the private key to obtain a digital signature.
The above device, optionally, the trigger unit includes:
the calling subunit is used for acquiring the encrypted data in the shared data by the authorized airport, and calling a private key of the calling subunit to decrypt the encrypted data so as to obtain the boarding authentication information;
and the storage subunit is used for storing the boarding authentication information and updating the information of the passenger into the authorized tourist list.
The above device, optionally, further comprises:
A second obtaining subunit, configured to obtain a history authorization list of the passenger;
a judging subunit, configured to judge whether an authorized airport exists or not based on each authorized airport and the historical authorized list;
and the deleting subunit is used for sending an information deleting request to the unauthorized airport when determining that the unauthorized airport exists, so that the unauthorized airport deletes the information of the passenger based on the information deleting request.
A storage medium comprising stored instructions, wherein the instructions, when executed, control a device on which the storage medium resides to perform an information sharing method as described above.
An electronic device comprising a memory, and one or more instructions, wherein the one or more instructions are stored in the memory and configured to perform an information sharing method as described above by one or more processors.
Compared with the background art, the invention has the following advantages:
in the information sharing method and device, the storage medium and the electronic equipment provided by the invention, an information sharing request sent by a passenger is received, and each airport to be selected is determined based on the information sharing request; determining authorized airports selected by passengers from all the airports to be selected; collecting boarding authentication information of a passenger, and encrypting the boarding authentication information by using a public key of an authorized airport to obtain encrypted data; generating a digital signature of boarding authentication information, and adding the digital signature into the encrypted data to obtain shared data; uploading the shared data to a preset blockchain, and sending a consensus request to an authorized airport; triggering an authorized airport to acquire shared data from a blockchain based on a consensus request, carrying out signature verification on the shared data, and when the shared data passes the signature verification, storing boarding authentication information in the shared data and updating an authorized tourist list. The boarding authentication information of the passengers is uploaded to the blockchain after the operations such as signing, encryption and the like are carried out, and a consensus request is sent to the corresponding authorized airport, so that the authorized airport obtains the boarding authentication information of the passengers from the blockchain, information sharing is completed, the passengers can directly use OneID service at each authorized airport, high-quality service is provided for the passengers, the using experience of the passengers is improved, the safety transmission of the information is ensured in the whole information sharing process, and the information is prevented from being tampered.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
Fig. 1 is a method flowchart of an information sharing method according to an embodiment of the present invention;
FIG. 2 is a flowchart of a method for determining each airport candidate based on an information sharing request according to an embodiment of the present invention;
fig. 3 is a flowchart of a method for saving boarding authentication information in shared data and updating an authorized guest list according to an embodiment of the present invention;
FIG. 4 is a flowchart of a method for canceling information sharing according to an embodiment of the present invention;
FIG. 5 is a diagram illustrating a scenario of information sharing according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an information sharing device according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
In this application, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The invention is operational with numerous general purpose or special purpose computing device environments or configurations. For example: personal computers, server computers, hand-held or portable devices, tablet devices, multiprocessor devices, distributed computing environments that include any of the above devices or devices, and the like. The invention can be applied to a system of an airport, and an execution subject can be a processor of the system.
Referring to fig. 1, a method flowchart of an information sharing method provided in an embodiment of the present invention is specifically described below:
s101, receiving information sharing requests sent by passengers, and determining each airport to be selected based on the information sharing requests.
The system of the airport where the passenger is currently located receives the information sharing request sent by the passenger, preferably, the passenger can use the mobile terminal to connect with the system of the airport, then send the information sharing request to the system, and also can send the information sharing request to the system through the APP of the airport.
Further, the traveler may be a traveler with the OneID service of a registered airport, a traveler with a new registered OneID service, or a traveler with a period of registered OneID service.
The information sharing request is used for triggering the processing system to provide information sharing service for passengers, so that the passengers select airports for information sharing, and then information required for boarding is shared among the airports, so that OneID service can be used among the airports, and the identity authentication process of the passengers from entering an origin airport to leaving a destination airport is realized by using the OneID service.
Referring to fig. 2, a flowchart of a method for determining each airport candidate based on an information sharing request according to an embodiment of the present invention is specifically described below:
s201, analyzing a preset airport data sharing protocol to acquire subscription information in the airport data sharing protocol.
The airport data sharing protocol is a pre-stored protocol, the protocol is stored after the airport signs with other airports sharing data, and further, the airports signed with the protocol all store the protocol.
For example, if it is determined that information sharing can be performed between the airport a, the airport B and the airport C, the airport a, the airport B and the airport C sign a data sharing protocol, where the signed data sharing protocol includes airport information of the airport a, the airport B and the airport C, and contents of the protocol to be adhered to, specific data that can be shared, and the like.
Analyzing the airport data sharing protocol to obtain subscription information in the airport data sharing protocol.
S202, determining each airport participating in an airport data sharing agreement based on subscription information.
The subscription information includes information of each airport participating in signing the airport data sharing protocol, such as airport name, representative person of the subscription airport, and airport identifier.
Each airport in the subscription information is determined to be a participating airport, where a participating airport may be understood as an airport that signs up for the airport data sharing agreement.
S203, determining each participating airport as a candidate airport.
It should be noted that, the airport to be selected may select an airport for data sharing for the passenger, that is, the airport is authorized to acquire personal information of the passenger, so that the passenger may support various services of identity verification at the airport using the OneID service of the airport.
S102, determining authorized airports selected by the passengers from all the candidate airports.
Further, generating a to-be-selected airport list based on each to-be-selected airport, wherein the to-be-selected airport list comprises information such as airport names, airport identification numbers and the like of each to-be-selected airport; the list of airports to be selected is presented to the passenger so that the passenger can select an airport based on his own needs, preferably the passenger can select an airport according to the travel route at this time. Acquiring airport selection information input by a passenger, wherein the airport selection information comprises at least one selection identifier; for each selection identity, the airport to which the same airport identity as the selection identity belongs is determined as an authorized airport.
Optionally, after determining each authorized airport, the system of the airport generates an authorization protocol based on each authorized airport, the authorization protocol including, but not limited to, information of each authorized airport, such as name, identification, etc. of the airport, content of information of the passenger granting the use of the passenger to each authorized airport, and rules and notes to be complied with by the passenger and each authorized airport. Preferably, the passenger needs to sign up for the authorization agreement with the respective authorized airport.
The number of authorized airports is at least one, and the process of sharing information for each authorized airport is the same.
S103, collecting boarding authentication information of the passenger, and encrypting the boarding authentication information by using a public key of an authorized airport to obtain encrypted data.
The boarding authentication information comprises but is not limited to biological identification information, basic information, authorization information and the like of the passenger, further, the biological identification information can be collected by using a biological identification system, the biological identification information comprises but is not limited to face pictures, irises, fingerprints, voice information and the like of the passenger, and preferably, the face pictures can be pictures collected at the time in order to improve the accuracy of subsequent authentication.
Basic information includes, but is not limited to, the name, sex, date of birth, flight information for travel itineraries, etc. of the passenger.
Authorization information includes, but is not limited to, the authorization protocol described above, information for each authorized airport, such as airport name, airport identification, etc. for each authorized airport.
It should be noted that, each authorized airport has a public-private key pair, and the public key may be issued by broadcasting or other means. The public key of each authorized airport is different, and the public key of each authorized airport is used for encrypting boarding authentication information to obtain encrypted data corresponding to the authorized airport.
S104, generating a digital signature of the boarding authentication information, and adding the digital signature into the encrypted data to obtain the shared data.
Determining a private key of an airport where the passenger is located, and carrying out signature processing on boarding authentication information by using the private key to obtain a digital signature; preferably, the airport where the passenger is located is the airport of the current system.
Preferably, the private key of the airport where the passenger is located is used for signing the abstract information of the boarding authentication information, so that a digital signature is obtained; the private key can be used for carrying out signature processing on all contents of boarding authentication information so as to obtain a digital signature; the method of generating the digital signature is not limited to the exemplary method of the present invention, and other methods of generating the digital signature may be used.
After the digital signature is generated, the digital signature and the encrypted data may be based on as shared data.
S105, uploading the shared data to a preset blockchain, and sending a consensus request to an authorized airport.
The shared data is uploaded to the blockchain, so that the shared data can be prevented from being tampered by lawbreakers, the shared data is encrypted, the condition that the shared data is called can be avoided, the safety of data sharing between airports is improved, and the reliability of the data in sharing is guaranteed.
The authorized airport in the present invention may or may not include the airport in which the passenger is currently located.
The consensus request is used to trigger an authorized airport to obtain information shared by passengers. Preferably, the consensus request includes an identification code of the shared data uploaded to the blockchain.
And S106, triggering the authorized airport to acquire the shared data from the blockchain based on the consensus request, carrying out signature verification on the shared data, and storing boarding authentication information in the shared data and updating an authorized tourist list when the shared data passes the signature verification.
It should be noted that, each authorized airport needs to perform the step S106.
The authorized airport acquires shared data in the blockchain according to the identification code in the consensus request, and the shared data can be accurately acquired by using the identification code, so that erroneous data are prevented from being acquired.
The authorized airport determines the system for uploading the shared data, and uses the public key of the airport to which the system belongs to carry out signature authentication on the shared data, thereby verifying the identity of the system for uploading the shared data, effectively avoiding illegal molecules impersonating the system for uploading the data, and improving the security of the data sharing environment.
When the shared data passes the signature verification, proving that the system uploading the shared data is a trusted system, wherein the shared data is safe data; when the shared data does not pass the signature verification, the system for uploading the shared data is a masquerading system, the shared data is risk data, and the shared data is not required to be operated at the moment, so that an alarm can be given out, risk investigation personnel can process the shared data, and the safety of data sharing is ensured.
Referring to fig. 3, a flowchart of a method for saving boarding authentication information in shared data and updating an authorized visitor list according to an embodiment of the present invention is specifically described as follows:
s301, acquiring encrypted data in the shared data by the authorized airport, and calling a private key of the authorized airport to decrypt the encrypted data to obtain boarding authentication information.
S302, the boarding authentication information is stored, and the information of the passengers is updated to an authorized tourist list.
The information of the traveler using the information of the traveler in the authorized airport, such as the name, the identification number, the sex, etc., is stored in the authorized tourist list. Illustratively, assuming that there are passenger 1, passenger 2, passenger 3, and airport A, passenger 1 and passenger 2 use their own information at authorized airport A, the information for passenger 1 and the information for passenger 2 are included in the authorized visitor list for airport A.
When the boarding authentication information is stored, the basic data and the authorization information which are responsible for storing passengers are stored in a structured way; unstructured storage is responsible for preserving biometric information of the passenger, such as face pictures.
Preferably, the information sharing is completed after the boarding authentication information is stored and the authorized tourist list is updated by the authorized airport; therefore, after arriving at the authorized airport, the passenger can use the OneID service of the authorized airport to realize various services needing identity authentication in the airport without registering or uploading information; the method and the system realize the business of each identity authentication in the airport by using OneID service in the process of entering the originating airport to leaving the destination airport, so that the passengers do not need to turn over certificates such as identity cards and the like when checking the identity in the airport, shorten the time of checking the identity in the processes of checking the passengers and storing the baggage, provide better service for the passengers and improve the experience of the passengers on the airport.
In the method provided by the embodiment of the invention, an information sharing request sent by a passenger is received, and each airport to be selected is determined based on the information sharing request; determining authorized airports selected by passengers from all the airports to be selected; collecting boarding authentication information of a passenger, and encrypting the boarding authentication information by using a public key of an authorized airport to obtain encrypted data; generating a digital signature of boarding authentication information, and adding the digital signature into the encrypted data to obtain shared data; uploading the shared data to a preset blockchain, and sending a consensus request to an authorized airport; triggering an authorized airport to acquire shared data from a blockchain based on a consensus request, carrying out signature verification on the shared data, and when the shared data passes the signature verification, storing boarding authentication information in the shared data and updating an authorized tourist list. The invention encrypts boarding authentication information to be shared to obtain encrypted data, adds a digital signature into the encrypted data to obtain shared data, uploads the shared data to a blockchain, triggers an authorized airport selected by a passenger to acquire the shared data from the blockchain, and stores the shared data when the shared data passes verification, thereby completing sharing of information; by sharing the data of the passengers among the airports, the passengers can use the OneID service of the airports without registering and inputting information required by authentication when arriving at a new airport, so that the cross-airport OneID service is realized, and more excellent service is provided for the passengers.
Preferably, in the process of information sharing, a sharing request sent by a passenger can be received in batch, and then information of the passenger is shared in batch for an airport, for example, the passenger 1 and the passenger 2 select the airport B as an authorized airport, and the boarding authentication information of the passenger 1 and the boarding authentication information of the passenger 2 can be encrypted by using a public key of the airport B to obtain encrypted data, and after the encrypted data is uploaded to a blockchain, a consensus request corresponding to the encrypted data is sent to the airport B, wherein the encrypted data comprises the boarding authentication information of the passenger 1 and the boarding authentication information of the passenger 2. Preferably, public keys of the airport B are used for encrypting boarding authentication information of the passenger 1 and the passenger 2 respectively, encrypted data 1 corresponding to the passenger 1 and encrypted data 2 corresponding to the passenger 2 are obtained, the encrypted data are uploaded to a blockchain, and then a consensus request corresponding to the encrypted data 1 and a consensus request corresponding to the encrypted data 2 are sent to the airport B.
Referring to fig. 4, a flowchart of a method for canceling information sharing according to an embodiment of the present invention is specifically described below:
s401, acquiring a historical authorization list of the passenger.
The history authorization list is an airport authorization list generated when the passenger requests information sharing last time, and when the history authorization list is not empty, the history authorization list comprises at least one history authorization airport, and it is required to be noted that when the passenger requests information sharing for the first time, the history authorization list is empty.
S402, judging whether an authorized airport exists or not based on each authorized airport and a historical authorized list; when it is determined that there is an airport for which the authorization is canceled, S403 is performed; when it is determined that there is no airport for which the authorization is canceled, S404 is performed.
For each historical authorized airport of the historical authorized list, judging whether the historical authorized airport exists in the various authorized airports, if so, determining that the historical authorized airport is not an authorized canceling airport, and if not, determining that the historical authorized airport is the authorized canceling airport.
S403, sending an information deleting request to the unauthorized airport, so that the unauthorized airport deletes the information of the passenger based on the information deleting request.
S404, ending.
It should be noted that, the unauthorized airport deletes the information about the passenger in the local area based on the information deletion request, so far, the information about the passenger does not exist in the airport, and the passenger cannot use the OneID service in the airport.
Preferably, the unauthorized airport may also be selected by the passenger, for example, airport a initially uses information for the passenger's last authorization, but when this time information sharing is performed, the passenger sets airport a as the unauthorized airport.
By deleting the information of the passengers in the unauthorized airport, the information leakage of the passengers can be avoided, and the personal information safety of the passengers is ensured.
Referring to fig. 5, an exemplary diagram of a scenario of information sharing according to an embodiment of the present invention is specifically described below.
The system A of the airport where the passenger is located, the system B of the authorized airport where the passenger is selected and other systems are included in the figure, and further, the other systems include a biological identification information acquisition system, a passenger data supply system and an OneID service providing system; when a passenger sends an information sharing request to a system A, the system A calls a biological identification information acquisition system to acquire biological identification information of the passenger, calls a passenger data supply system to acquire basic information of the passenger, and determines the generated identification information and the basic information as boarding authentication information of the passenger; the passenger confirms each authorized airport through an authorized information management system in the system A, encrypts and signs boarding authentication information to obtain encrypted data, uploads the encrypted data to a blockchain, and sends formula requests to each authorized airport; preferably, if airport A is an authorized airport selected by the passenger, system A may save boarding authentication information.
After receiving the consensus request, the system B of the authorized airport acquires the encrypted data from the blockchain based on the consensus request, performs operations such as signature authentication and decryption on the encrypted data to obtain boarding authentication information, and stores the boarding authentication information. Thus, airport A and airport B share information of passengers, and passengers can enjoy OneID service provided by the OneID service providing system at airport A and airport B.
Preferably, when the airport system of the invention stores boarding authentication information, the storage mode comprises structured storage, unstructured storage and cache. The structured storage is responsible for storing passenger data and authorization information; unstructured storage is responsible for storing picture information; the cache is responsible for loading data in the database into the memory in advance, so that the access speed is improved.
Further, when the boarding authentication information is stored in the system, if the information of the passenger is not stored in the local storage, the information of the passenger is updated to the local storage; if the registered traveler modifies the authorization information and the local airport is still in the authorization list, the traveler authorization information is updated. Preferably, if the passenger cancels the authorization of the airport, the airport with the unauthorized passenger needs to delete the corresponding passenger information from the local storage; preferably, the data in the local store is used to provide OneID services at the local site.
The invention also provides a specific example of a scene for illustration, assuming three passengers: passenger 1, passenger 2, and passenger 3, all three passengers travel from origin A airport and take Z flights to destination B airport. Airport a and airport B have achieved a data sharing agreement. Passenger 1 has not performed face registration; passenger 2 and 3 have registered face information at airport A, passenger 2 has authorized airport A to use their own biometric information, and passenger 3 has simultaneously authorized airport A and airport B to use their own biometric information.
And step 1, data acquisition.
The data acquisition is performed by the system of the airport where the passenger is located, namely by the system of airport A, and the data acquisition process is specifically as follows:
and 1.1, acquiring passenger data. Basic passenger information of passengers 1, 2 and 3 is acquired through a passenger data supply system.
And 1.2, acquiring biological identification information. And acquiring face pictures of the passengers 1, 2 and 3 through a biological identification information acquisition system.
And 2, managing the authorization information.
The authorization information management, namely, obtaining the authorization information provided by the passenger, wherein the authorization information provided by the passenger can be information of an authorized airport and information of an unauthorized airport, and the management of the authorization information is executed by a system of the airport where the passenger is located, namely, by a system of an airport A, and the specific steps are as follows:
And 2.1, checking an airport data sharing protocol.
Airport A checks the existing data sharing protocol between airports and determines that passenger biometric information can be shared with airport B.
And 2.2, updating the authorization information of the passenger.
Passenger 1 carries on the face registration operation, A airport feeds back to passenger 1 and authorizes the airport tabulation, can authorize the airport tabulation to include A airport and B airport, passenger 1 authorizes A airport and B airport to use the biological identification information of oneself at the same time; passenger 2 adds authorization to use the biological identification information to B airport through check-in system; passenger 3 is unauthenticated by handset APP to B airport to use his biometric information.
To this end, information is obtained that passenger 1, passenger 2, and passenger 3 have selected authorized airports and unauthorized airports.
And 3, checking the passenger authorization information and adding a digital signature.
Passenger 1, passenger 2 has authorized the B airport to use the biological identification information, passenger 3 has cancelled the B airport to use the biological identification information's authorization, therefore use B public key of airport to encrypt three passengers' basic information, face picture, authorization information. Airport A uses specific hash function to generate abstract of passenger basic information, face picture and authorization information, and uses private key of airport A to encrypt abstract to generate digital signature.
And 4, uploading the data to the block chain.
The airport A uploads the encrypted information with the digital signature to the blockchain and initiates a consensus request to airport B.
And 5, storing data.
The information of the newly registered traveler 1 is updated to the local storage. Passenger 2, 3 has modified authorization and airport a is still in the authorization list, then passenger 2, 3's authorization information in the local store is updated. The passengers 1, 2 and 3 can enjoy OneID service in the links of check-in, baggage check-in, boarding, intelligent navigation display and the like of the airport A.
And 6, verifying the shared data and processing the shared data.
After receiving the consensus request, the airport B decrypts basic passenger information, face pictures and authorization information of the passengers 1, 2 and 3 by using the private key of the airport B; and analyzing the digital signature by using the public key of the airport A to obtain the abstract generated by the airport A, and processing the basic information, the face picture and the authorization information of the passenger by using the hash function which is the same as that of the airport A to generate the abstract. Through checking, the abstracts generated by the airport A and the airport B are consistent, the uploading person who shares the information is the airport A, the information is not tampered, the airport B and the airport A agree, the data receiving is completed, and the system of the airport B executes the content of the step 7.
And 7, storing data.
And B, updating the information of the two passengers to the local storage when the information of the passenger 1 and the passenger 2 does not exist in the local storage of the airport. Passenger 3 is de-authorized by B airport to use his biometric information, and thus B airport deletes passenger 3 information from local storage.
It should be noted that, after passenger 1 and passenger 2 arrive at airport B, they still can enjoy the OneID service; passenger 3 cancels authorization of B airport to use his biometric information and thus cannot enjoy the OneID service after B airport.
The invention uses the asymmetric encryption technology of the blockchain and the characteristic that the information cannot be forged or tampered to transmit the sensitive information such as the passenger biological identification and the authorization information. Meanwhile, the management flow of passenger biological identification information authorization is optimized, the passenger can dynamically modify the authorization range, and passenger biological identification and authorization information can be shared in real time between airports according to the change of passenger authorization information. After the technical scheme is implemented, a completely trusted data transmission environment can be provided for airports, the problem that data between airports cannot be mutually trusted is effectively solved, and meanwhile, the aim of enabling passengers to carry out cross-airport biological identification information authorization is achieved, so that the passengers can enjoy OneID services of a plurality of airports through one-time registration.
Furthermore, the invention also allows the passenger to change the authorization condition of the biological identification information in real time, judges which airports need to update the change information in real time according to the authorization list, encrypts the information through the corresponding private key and transmits the information. Therefore, the information of the passenger change can be synchronized to all nodes needing to participate in the data change in real time, so that the problem of time delay does not exist in the information synchronization.
Corresponding to the method shown in fig. 1, the invention also provides an information sharing device, which is used for supporting the specific implementation of the method shown in fig. 1, and can be applied to a processing system of an airport.
Referring to fig. 6, a schematic structural diagram of an information sharing device according to an embodiment of the present invention is described below:
a receiving unit 501, configured to receive an information sharing request sent by a passenger, and determine each airport to be selected based on the information sharing request;
a determining unit 502, configured to determine authorized airports selected by the passenger among the candidate airports;
the collecting unit 503 is configured to collect boarding authentication information of the traveler, and encrypt the boarding authentication information by using a public key of the authorized airport to obtain encrypted data;
A generating unit 504, configured to generate a digital signature of the boarding authentication information, and add the digital signature to the encrypted data, so as to obtain shared data;
a sending unit 505, configured to upload the shared data to a preset blockchain, and send a consensus request to the authorized airport;
and the triggering unit 506 is configured to trigger the authorized airport to acquire the shared data from the blockchain based on the consensus request, perform signature verification on the shared data, and store boarding authentication information in the shared data and update an authorized tourist list when the shared data passes the signature verification.
In another apparatus provided in an embodiment of the present invention, a receiving unit 501 of the apparatus includes:
the first acquisition subunit is used for analyzing a preset airport data sharing protocol and acquiring subscription information in the airport data sharing protocol;
a first determining subunit, configured to determine, based on the subscription information, each airport participating in the airport data sharing protocol;
and the second determining subunit is used for determining each participating airport as an airport to be selected.
In another apparatus provided in an embodiment of the present invention, a generating unit 504 of the apparatus includes:
And the third determining subunit is used for determining a private key of the airport where the passenger is located, and carrying out signature processing on the boarding authentication information by using the private key to obtain a digital signature.
In another embodiment of the present invention, a trigger unit 506 of the device includes:
the calling subunit is used for acquiring the encrypted data in the shared data by the authorized airport, and calling a private key of the calling subunit to decrypt the encrypted data so as to obtain the boarding authentication information;
and the storage subunit is used for storing the boarding authentication information and updating the information of the passenger into the authorized tourist list.
In another apparatus provided by the embodiment of the present invention, the apparatus further includes:
a second obtaining subunit, configured to obtain a history authorization list of the passenger;
a judging subunit, configured to judge whether an authorized airport exists or not based on each authorized airport and the historical authorized list;
and the deleting subunit is used for sending an information deleting request to the unauthorized airport when determining that the unauthorized airport exists, so that the unauthorized airport deletes the information of the passenger based on the information deleting request.
The embodiment of the invention also provides a storage medium, which comprises stored instructions, wherein the equipment where the storage medium is located is controlled to execute the information sharing method when the instructions run.
The embodiment of the invention also provides an electronic device, the structure of which is shown in fig. 7, specifically including a memory 601, and one or more instructions 602, where the one or more instructions 602 are stored in the memory 601, and configured to be executed by the one or more processors 603 to perform the above information sharing method.
The specific implementation process and derivative manner of the above embodiments are all within the protection scope of the present invention.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for a system or system embodiment, since it is substantially similar to a method embodiment, the description is relatively simple, with reference to the description of the method embodiment being made in part. The systems and system embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of functionality in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. An information sharing method, comprising:
receiving an information sharing request sent by a passenger, and determining each airport to be selected based on the information sharing request;
determining authorized airports selected by the passenger from the selected airports;
collecting boarding authentication information of the passenger, and encrypting the boarding authentication information by using a public key of the authorized airport to obtain encrypted data;
generating a digital signature of the boarding authentication information, and adding the digital signature into the encrypted data to obtain shared data;
uploading the shared data to a preset blockchain and sending a consensus request to the authorized airport;
triggering the authorized airport to acquire the shared data from the blockchain based on the consensus request, carrying out signature verification on the shared data, and storing boarding authentication information in the shared data and updating an authorized tourist list when the shared data passes the signature verification.
2. The method of claim 1, wherein the determining each candidate airport based on the information sharing request comprises:
analyzing a preset airport data sharing protocol to obtain subscription information in the airport data sharing protocol;
Determining each airport participating in signing the airport data sharing agreement based on the subscription information;
and determining each participating airport as a candidate airport.
3. The method of claim 1, wherein the generating the digital signature of the boarding authentication information comprises:
and determining a private key of an airport where the passenger is located, and carrying out signature processing on the boarding authentication information by using the private key to obtain a digital signature.
4. The method of claim 1, wherein the saving and updating boarding authentication information in the shared data includes:
the authorized airport obtains encrypted data in the shared data, and calls a private key of the authorized airport to decrypt the encrypted data to obtain boarding authentication information;
and storing the boarding authentication information, and updating the information of the passenger into the authorized tourist list.
5. The method of claim 1, further comprising, after determining authorized airports selected by the passenger among the respective candidate airports:
acquiring a history authorization list of the passenger;
judging whether an authorized airport exists or not based on each authorized airport and the historical authorized list;
When it is determined that there is a cancel authorized airport, an information deletion request is sent to the cancel authorized airport, so that the cancel authorized airport deletes the information of the traveler based on the information deletion request.
6. An information sharing apparatus, comprising:
the receiving unit is used for receiving information sharing requests sent by passengers and determining various airports to be selected based on the information sharing requests;
a determining unit configured to determine authorized airports selected by the passenger among the respective airports to be selected;
the collecting unit is used for collecting boarding authentication information of the passenger, encrypting the boarding authentication information by using a public key of the authorized airport, and obtaining encrypted data;
the generation unit is used for generating a digital signature of the boarding authentication information and adding the digital signature into the encrypted data to obtain shared data;
the sending unit is used for uploading the shared data to a preset block chain and sending a consensus request to the authorized airport;
the triggering unit is used for triggering the authorized airport to acquire the shared data from the blockchain based on the consensus request, carrying out signature verification on the shared data, and storing boarding authentication information in the shared data and updating an authorized tourist list when the shared data passes the signature verification.
7. The apparatus of claim 6, wherein the receiving unit comprises:
the first acquisition subunit is used for analyzing a preset airport data sharing protocol and acquiring subscription information in the airport data sharing protocol;
a first determining subunit, configured to determine, based on the subscription information, each airport participating in the airport data sharing protocol;
and the second determining subunit is used for determining each participating airport as an airport to be selected.
8. The apparatus of claim 6, wherein the generating unit comprises:
and the third determining subunit is used for determining a private key of the airport where the passenger is located, and carrying out signature processing on the boarding authentication information by using the private key to obtain a digital signature.
9. A storage medium comprising stored instructions, wherein the instructions, when executed, control a device in which the storage medium is located to perform the information sharing method of any one of claims 1-5.
10. An electronic device comprising a memory and one or more instructions, wherein the one or more instructions are stored in the memory and configured to perform the information sharing method of any of claims 1-5 by one or more processors.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310034637.1A CN116055057A (en) | 2023-01-10 | 2023-01-10 | Information sharing method and device, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310034637.1A CN116055057A (en) | 2023-01-10 | 2023-01-10 | Information sharing method and device, storage medium and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116055057A true CN116055057A (en) | 2023-05-02 |
Family
ID=86119702
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310034637.1A Pending CN116055057A (en) | 2023-01-10 | 2023-01-10 | Information sharing method and device, storage medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116055057A (en) |
-
2023
- 2023-01-10 CN CN202310034637.1A patent/CN116055057A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA3115515C (en) | Method to establish distributed ledger networks with multiple access levels for an incident | |
| US20210243028A1 (en) | System and method for providing personal information using one time private key based on blockchain of proof of use | |
| EP3460693B1 (en) | Methods and apparatus for implementing identity and asset sharing management | |
| US20200134760A1 (en) | Method for Weighted Voting in a Public Safety Distributed Ledger | |
| US9954687B2 (en) | Establishing a wireless connection to a wireless access point | |
| US11487860B2 (en) | Biometric authentication method, system, and computer program | |
| US11950101B2 (en) | Checkpoint identity verification using mobile identification credential | |
| US20220035950A1 (en) | Privacy-preserving mobility as a service supported by blockchain | |
| JP7317137B2 (en) | Method and Distributed Ledger System for Supporting Identity Verification Management of Travelers in Airports | |
| US11423133B2 (en) | Managing travel documents | |
| CN112804354A (en) | Method and device for data transmission across chains, computer equipment and storage medium | |
| CN111460330A (en) | Data processing method, device, equipment and storage medium | |
| US20220350918A1 (en) | Secure data broker for sensitive data | |
| JP2003233590A (en) | Mobile follow-up service providing method, system and program | |
| CN112446050B (en) | Business data processing method and device applied to block chain system | |
| US20230377700A1 (en) | Method and distributed ledger system for supporting sharing of digital health data of travelers in a travel environment | |
| WO2019163040A1 (en) | Access management system and program thereof | |
| US11763309B2 (en) | System and method for maintaining a fraud risk profile in a fraud risk engine | |
| CN115460017B (en) | Block chain-based digital identity authority verification system | |
| CN116055057A (en) | Information sharing method and device, storage medium and electronic equipment | |
| US20200184430A1 (en) | Electronic ticket management system, electronic ticket management method and electronic ticket management program | |
| JP7451713B2 (en) | Ways to help travelers share their travel history within the airport | |
| Bandi et al. | An Implementation and Evaluation of Blockchain-based Digital Health Passports | |
| US20240154940A1 (en) | Communication network nodes, methods for providing communication network nodes, terminal device, method for operating a terminal device, methods for communication networks | |
| US20230186291A1 (en) | Apparatus and methods for non-fungible tokens as universal digital identification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |