CN116108505A - Educational resource sharing safety house method based on alliance chain - Google Patents

Abstract

The invention discloses a method for sharing educational resources based on alliance chains, which comprises the steps of firstly, adding a resource participant and a trusted third party into a blockchain network to register for application on a resource sharing alliance chain platform, obtaining an identity certificate through CA authentication, obtaining shared data of resource output users through a differential protection method, transferring to statistical analysis, encrypting the acquired data of different resources by an uplink component, calling an intelligent contract of the alliance chain to realize the uplink of the alliance chain data, storing the encrypted data and metadata into a cloud resource pool and the alliance chain respectively, finally, sending an intelligent contract matching request to the alliance chain by an educational resource request, sending a data analysis result to a resource request user, and storing records on all the alliance chains by the trusted third party defined by contracts to finish the construction of the educational resource sharing secure house. The method solves the problems of safety, traceability and tamper prevention of the user and the resource privacy of teachers and students in the existing educational resource sharing, and protects the private information.

Description

Educational resource sharing safety house method based on alliance chain

Technical Field

The invention belongs to the technical field of educational resource open sharing safety under a big data frame, and particularly relates to an educational resource sharing safety house method based on a alliance chain.

Background

The blockchain technology is most researched and gathered in the financial field at present, but the education field has stronger uniqueness and complexity compared with the former, the application of the blockchain technology in the education field faces a plurality of challenges such as fuzzy property rights of educational data, limited data storage space, personal privacy protection risks of teachers and students caused by potential safety hazards of the blockchain technology, and the like, how to fully exert the management of the educational data through means and realize the open sharing technology of private blockchains under a big data frame, thereby realizing the high-throughput sharing of educational big data of multi-level intelligent contracts, controlling blood-margin venation and global data link tracing, constructing a safe data sharing center, and being full of research significance and practical value.

The prior blockchain-based data sharing model has many functions well, but has some defects that the prior blockchain-based data sharing model cannot better solve the problem of access control related to sensitive data stored in a cloud environment, such as better single-scene function and weaker universal applicability.

Therefore, aiming at actively gathering educational resources in each level region, it is necessary to research a blockchain-based data sharing model, promote the whole and optimization of the level educational resources, promote educational cooperation, realize educational integration, complement advantages, improve educational quality, promote educational informatization as soon as possible, build intelligent campus, and realize educational intellectualization by building global educational resources and sharing platforms.

Disclosure of Invention

In order to solve the technical problems, the invention provides an educational resource sharing safety house method based on a alliance chain, which can accurately connect an educational resource data provider, a data source requester, a big data algorithm third party and the like by embedding a differential protection technology and homomorphic encryption suitable for multiple scenes of the educational resource on the basis of the alliance chain, and construct an access flow of a specific platform to a cloud resource pool.

The invention adopts the technical scheme that: an educational resource sharing safety house method based on a alliance chain comprises the following specific steps:

s1, a resource participant and a trusted third party defined by a contract join a blockchain network to carry out a alliance chain platform registration application, and after successful registration, the trusted third party joins a resource sharing alliance chain to acquire an identity certificate through CA authentication;

s2, acquiring data shared by the resource output users through a differential protection method allowing the resource output users to carry out privacy treatment on personal data, and transferring to statistical analysis;

s3, encrypting the result information obtained by carrying out statistical analysis on the acquired data of the different resources in the step S2 through a uplink component, calling an alliance chain intelligent contract to realize the uplink of alliance chain data, and storing the encrypted data into a cloud resource pool and storing the metadata into an alliance chain after the data uplink component processes key data information such as the encrypted data, the metadata and the like by adopting a signature and encryption technology;

s4, the educational resource request initiates a request to the alliance chain, intelligent contract matching is carried out, and whether the request condition is met is judged;

and S5, sending the data analysis result in the step S4 to a resource request user, and storing records on all alliance chains by a trusted third party defined by the contract to complete the construction of the educational resource sharing safety house.

Further, in the step S1, the federation chain registration process and the certificate information are specifically as follows:

the resource participant and the trusted third party call the CA service to register through the browser, the identity certificate information obtained by authentication comprises the identity information of the participant, the distributed public key information, the CA information and the digital signature of the CA, the identity authority is verified through the certificate, and an intelligent contract identity limiting transaction is created and used as a request control basis of subsequent data.

Further, in the step S2, the differential protection method for allowing the resource output user to privacy-process the personal data is specifically as follows:

before the data is put into a third-party algorithm for processing, a differential technology added with Laplace noise is adopted for disturbance processing, and a random algorithm M (D) is as follows:

M(D)＝f(D)+Y

Y＝Lap(Δf/ε)

wherein Y represents random noise and satisfies Y-Lap (0, Δf/ε), Δf represents sensitivity, ε represents privacy budget, and the two are obtained from the result after statistical analysis in step S2; d represents a privacy dataset; f (D) is denoted as a query function, defined by the request processing system.

Further, in the step S3, the encryption processing method for the data of the owner of the different resources specifically includes the following steps:

when encrypting the information of the resource belongings, adopting SM3 and SM1 algorithms meeting the national password standard to carry out random replacement encryption, and taking the account number registered by the resource belongings in the platform as a key attribute ID.

Further, in the step S3, the metadata includes storage location information that educational resources allow for uplink sharing.

Further, in the step S4, the intelligent contract matching process specifically includes the following steps:

and acquiring an intelligent contract identity transaction bound when the resource participant and the trusted third party register, calling an intelligent contract related function to perform identity matching and access restriction on the user, judging whether a request condition is met or not, if the request condition is not met, the data of the resource pool cannot be shared, and if the request condition is met successfully, transferring to a data analysis module, and inputting the privacy data to an RSA multiplication homomorphic encryption algorithm.

Further, in the step S5, the request processing and the trusted third party definition of the resource requester user are specifically as follows:

the trusted third party defined by the contract is supported by a main platform and local government which are cooperatively shared by all educational resources, and the resource request makes a request to a node closest to a alliance chain and submits sharing request transaction to acquire metadata; if the matching in the step S4 is successful, metadata is obtained, and request data is obtained from the cloud resource pool according to the metadata; the system brings the government departments or other institutions which are cooperated into the members of the trusted party according to the service requirement, records and stores the data circulation information on the alliance chain, and plays a role of credit endorsement.

The invention has the beneficial effects that: the method comprises the steps that firstly, a resource participant and a trusted third party join in a blockchain network to register and apply on a resource sharing alliance chain platform, an identity certificate is obtained through CA authentication, then data shared by a resource output user is obtained through a differential protection method, statistical analysis is carried out, the collected data of different resource owners are encrypted through an uplink component, an alliance chain intelligent contract is called to realize alliance chain data uplink, the encrypted data and metadata are respectively stored into a cloud resource pool and an alliance chain, finally, an educational resource request initiates an intelligent contract matching request to the alliance chain, a data analysis result is sent to a resource request user, and the trusted third party defined by the contract stores records on all the alliance chains, so that the establishment of an educational resource sharing safety house is completed. According to the method, the blockchain technology is introduced to gather the cooperative resource information into the shareable cloud resource pool, so that the problem of data sharing between the resource cooperative platform and the cloud resource pool is solved, the access flow of the platform to the cloud resource pool is constructed, the data circulation requirements among the cloud resource pool, the cooperative platform and teacher and students are controlled through a safety house, the problems of safety and high efficiency, traceability of data sources, effective suppression of data, fake learning of learning information and the like are presented, an effective data differential protection method and homomorphic encryption are adopted to build parts in the safety house, privacy information is further protected from being leaked, the risk of personal sensitive information loss is reduced, and the problems of safety, traceability and tamper prevention of the teacher and students and the resource privacy in the existing educational resource sharing are solved.

Drawings

FIG. 1 is a flow chart of a method for sharing educational resources with a secure enclave based on a federation chain of the present invention.

FIG. 2 is a schematic diagram of an educational resource sharing security house based on a alliance chain in an embodiment of the present invention.

FIG. 3 is a diagram of an example of a federated-chain-based educational resource sharing security house in an embodiment of the present invention.

Detailed Description

The invention is further described below with reference to the drawings and examples.

The federated chain employed by the method of the present invention runs the blockchain among known participants, providing an effective means of technology to ensure interactions between entities that are not fully trusted with respect to each other. The alliance chain has the key capability of supporting cross-department data interaction sharing, and is more in line with the management of educational resources in the environment compared with the prior blockchain and private chain. In addition, the cloud resource pool constructed by the invention is different from the existing centralized service, the data is not centrally managed by a specific organization but maintained by multiple parties, the transmission and access safety are ensured by adopting multiple cryptographic technologies, and the method support can be provided for scenes such as effective certificate management, educational resource acquisition, anti-counterfeiting and anti-plagiarism and the like.

In embodiment 1, as shown in fig. 1, a flowchart of a method for sharing educational resources and safety houses based on alliance chains according to the present invention specifically comprises the following steps:

s1, a resource participant and a trusted third party defined by a contract join a blockchain network to carry out a alliance chain platform registration application, and after successful registration, the trusted third party joins a resource sharing alliance chain to acquire an identity certificate through CA authentication;

s2, acquiring data shared by the resource output users through a differential protection method allowing the resource output users to carry out privacy treatment on personal data, and transferring to statistical analysis;

s3, encrypting the result information obtained by carrying out statistical analysis on the acquired data of the different resources in the step S2 through a uplink component, calling an alliance chain intelligent contract to realize the uplink of alliance chain data, and storing the encrypted data into a cloud resource pool and storing the metadata into an alliance chain after the data uplink component processes key data information such as the encrypted data, the metadata and the like by adopting a signature and encryption technology;

s4, the educational resource request initiates a request to the alliance chain, intelligent contract matching is carried out, and whether the request condition is met is judged;

and S5, sending the data analysis result in the step S4 to a resource request user, and storing records on all alliance chains by a trusted third party defined by the contract to complete the construction of the educational resource sharing safety house.

In this embodiment, in the step S1, the federation chain registration process and the certificate information are specifically as follows:

the resource participant and the trusted third party call the CA service to register through the browser, and the identity certificate information obtained by authentication comprises the identity information of the participant, the distributed public key information, the CA information and the digital signature of the CA, and the identity authority is verified through the certificate and is used as a request control basis of the subsequent data.

In this embodiment, in the step S2, the differential protection method for allowing the resource output user to perform privacy processing on the personal data is specifically as follows:

the personal data set for privacy protection is selected by a resource sharer to be protected, the condition that the data is required to be subjected to disturbance processing by adopting a differential technology added with Laplacian noise before being put into a third-party algorithm for processing is reflected, and a random algorithm M (D) is as follows:

M(D)＝f(D)+Y

Y＝Lap(Δf/ε)

wherein Y represents random noise and satisfies Y-Lap (0, Δf/ε), Δf represents sensitivity, ε represents privacy budget, which are obtained from the results of statistical analysis in step S2, if it is hoped that privacy is more difficult to find, the privacy budget can be set smaller, so that noise is larger; d represents a privacy dataset; f (D) is denoted as a query function, defined by the request processing system.

In this embodiment, in the step S3, the encryption processing method for the data of the owner of the different resources specifically includes the following steps:

when encrypting the information of the resource belongings, adopting SM3 and SM1 algorithms meeting the national password standard to carry out random replacement encryption, and taking the account number registered by the resource belongings in the platform as a key attribute ID.

In this embodiment, in the step S3, the metadata includes storage location information that educational resources allow for uplink sharing.

In this embodiment, in the step S4, the intelligent contract matching process specifically includes the following steps:

and acquiring an intelligent contract identity transaction bound when the resource participant and the trusted third party register, calling an intelligent contract related function to perform identity matching and access restriction on the user, judging whether a request condition is met or not, if the request condition is not met, the data of the resource pool cannot be shared, and if the request condition is met successfully, transferring to a data analysis module, and inputting the privacy data to an RSA multiplication homomorphic encryption algorithm.

In this embodiment, in step S4, if the request condition is successfully satisfied, the data analysis module is shifted to, and the RSA homomorphic encryption algorithm is specifically as follows:

the RSA mechanism is as follows:

the two largest prime numbers q and p are selected as randomly as possible, and the product calculation n is performed to perform Euler function of the product result n

Select and->

Mutually exclusive e; finally, e obtained from the above is +.>

Calculating an integer d; a public key (n, e) and a private key (n, d) are obtained.

Encryption process: c=m ^e mod n。

Wherein e represents a ratio greater than 1

A number which is small and the greatest common divisor between the two is 1; d represents the number of information contained in the private key; m represents plaintext and C represents ciphertext.

Decryption: m=c ^d mod n。

In this embodiment, in the step S5, the request processing and the trusted third party definition of the resource requester user are specifically as follows:

the trusted third party defined by the contract is supported by a main platform and local government which are cooperatively shared by all educational resources, and the resource request makes a request to a node closest to the node in the alliance chain and submits a sharing request transaction to acquire metadata; if the matching is successful in the step S4, metadata can be obtained, and request data is obtained from the cloud resource pool according to the metadata;

as shown in fig. 2, in the architecture diagram of the alliance chain-based educational resource sharing security house in this embodiment, roles related to the security house of the present invention are: a resource sharing party, a resource request acquisition party, a third party algorithm processing and the like. The system can incorporate the government departments or other institutions which are cooperated into the members of the trusted party according to the service requirement, record and store the data circulation information on the alliance chain, and play a role in credit endorsement.

As shown in fig. 3, the method of the present invention further provides example 2, and the specific steps of the method of the present invention are as follows:

the following roles exist:

an access requester (user D whose a network has a role W) is accessed by an access resource party (data L of B user) and an access requester (user U whose G network has a role X);

resource requesting party (user D, user U) resource party (B user, data L).

(1) The user D, U calls certificate service (CA) through the browser, registers and acquires identity certificate;

(2) The user B calls a certificate service (CA) through a browser, registers and acquires an identity certificate;

(3) The block chain creates a channel for the user D, the user U and the user B respectively, the two channels are respectively positioned in the networks of the user D, the user U and the user B, and the two networks only carry out data transmission through a gateway with a firewall;

(4) And B, selecting personal public data resources which need privacy treatment, performing differential protection after confirmation, and recording an encryption result in a cloud storage.

(5) The system carries out abstract calculation on the data resource, generates 256-bit information abstract h and records the information abstract h into metadata;

(6) The user D, U uses the private key certificate issued by CA to sign the abstract of the data resource, and uploads the signature result to the alliance chain;

(7) The user B checks the request information sent by the resource requesting party, calls the contract only to control the authority, performs signature authentication on the request after confirmation, and uploads the result to the alliance chain;

(8) The identity authentication is successful, homomorphic encryption is carried out on the data subjected to the selected privacy treatment, an analysis result is obtained, and the analysis result is sent to a resource requester D, U;

(10) The trusted third party defined by the intelligent contract records the data log;

(11) The transaction is completed.

In summary, the method of the invention gathers the cooperative resource information into the sharable cloud resource pool by introducing the blockchain technology, solves the problem of data sharing of the resource cooperative platform and the cloud resource pool, constructs the access flow of the platform to the cloud resource pool, controls the data circulation requirements among the cloud resource pool, the cooperative platform and teacher and student users through the safety house, presents the problems of safety and high efficiency, can trace back the data sources, effectively restrain the data, and the imitation of the learning information, and the like, adopts the effective data differential protection method and homomorphic encryption to build parts in the safety house, further protects the privacy information from being leaked, reduces the risk of personal sensitive information loss, and solves the problems of safety, traceability and tamper prevention of the teacher and student users and the resource privacy in the existing educational resource sharing.

Those of ordinary skill in the art will appreciate that the foregoing embodiments are provided to aid the reader in understanding the principles of the present invention, and that the scope of the invention is not limited to such specific statements and embodiments. Various modifications and variations of the present invention will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the scope of the claims of the present invention.

Claims (7)

1. An educational resource sharing safety house method based on a alliance chain comprises the following specific steps:

s1, a resource participant and a trusted third party defined by a contract join a blockchain network to carry out a alliance chain platform registration application, and after successful registration, the trusted third party joins a resource sharing alliance chain to acquire an identity certificate through CA authentication;

s2, acquiring data shared by the resource output users through a differential protection method allowing the resource output users to carry out privacy treatment on personal data, and transferring to statistical analysis;

s3, encrypting the result information obtained by carrying out statistical analysis on the acquired data of the different resources in the step S2 through a uplink component, calling an alliance chain intelligent contract to realize the uplink of alliance chain data, and storing the encrypted data into a cloud resource pool and storing the metadata into an alliance chain after the data uplink component processes key data information such as the encrypted data, the metadata and the like by adopting a signature and encryption technology;

s4, the educational resource request initiates a request to the alliance chain, intelligent contract matching is carried out, and whether the request condition is met is judged;

and S5, sending the data analysis result in the step S4 to a resource request user, and storing records on all alliance chains by a trusted third party defined by the contract to complete the construction of the educational resource sharing safety house.

2. The method for sharing educational resources with safe house based on alliance chain according to claim 1, wherein in step S1, the flow of alliance chain registration and certificate information are specifically as follows:

the resource participant and the trusted third party call the CA service to register through the browser, the identity certificate information obtained by authentication comprises the identity information of the participant, the distributed public key information, the CA information and the digital signature of the CA, the identity authority is verified through the certificate, and an intelligent contract identity limiting transaction is created and used as a request control basis of subsequent data.

3. The method for sharing educational resources with safety house based on alliance chain according to claim 1, wherein in step S2, the differential protection method for allowing the user of resource output to privacy the personal data is specifically as follows:

before the data is put into a third-party algorithm for processing, a differential technology added with Laplace noise is adopted for disturbance processing, and a random algorithm M (D) is as follows:

M(D)＝f(D)+Y

Y＝Lap(Δf/ε)

wherein Y represents random noise and satisfies Y-Lap (0, Δf/ε), Δf represents sensitivity, ε represents privacy budget, and the two are obtained from the result after statistical analysis in step S2; d represents a privacy dataset; f (D) is denoted as a query function, defined by the request processing system.

4. The method for sharing educational resources with safety house based on alliance chain according to claim 1, wherein in step S3, the encryption processing method for the data of the owners of different resources is specifically as follows:

when encrypting the information of the resource belongings, adopting SM3 and SM1 algorithms meeting the national password standard to carry out random replacement encryption, and taking the account number registered by the resource belongings in the platform as a key attribute ID.

5. The method for sharing educational resources with safe house based on alliance chain according to claim 1, wherein in step S3, the metadata contains information of storage location where educational resources are allowed to be shared in uplink.

6. The method for sharing educational resources with safe house based on alliance chain according to claim 1, wherein in step S4, the intelligent contract matching process is specifically as follows:

and acquiring an intelligent contract identity transaction bound when the resource participant and the trusted third party register, calling an intelligent contract related function to perform identity matching and access restriction on the user, judging whether a request condition is met or not, if the request condition is not met, the data of the resource pool cannot be shared, and if the request condition is met successfully, transferring to a data analysis module, and inputting the privacy data to an RSA multiplication homomorphic encryption algorithm.

7. The method for sharing educational resources with safe house based on alliance chain according to claim 1, wherein in step S5, the request processing and trusted third party definition of the resource requester user is specifically as follows:

the trusted third party defined by the contract is supported by a main platform and local government which are cooperatively shared by all educational resources, and the resource request makes a request to a node closest to a alliance chain and submits sharing request transaction to acquire metadata; if the matching in the step S4 is successful, metadata is obtained, and request data is obtained from the cloud resource pool according to the metadata; the system brings the government departments or other institutions which are cooperated into the members of the trusted party according to the service requirement, records and stores the data circulation information on the alliance chain, and plays a role of credit endorsement.

Images