CN117251859A - System and method for sharing geographic information data based on blockchain - Google Patents

System and method for sharing geographic information data based on blockchain Download PDF

Info

Publication number
CN117251859A
CN117251859A CN202310244130.9A CN202310244130A CN117251859A CN 117251859 A CN117251859 A CN 117251859A CN 202310244130 A CN202310244130 A CN 202310244130A CN 117251859 A CN117251859 A CN 117251859A
Authority
CN
China
Prior art keywords
data
identity
geographic information
user
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310244130.9A
Other languages
Chinese (zh)
Inventor
李松
刘文芬
黄月华
王晶
韦永壮
李灵琛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guilin University of Electronic Technology
Original Assignee
Guilin University of Electronic Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guilin University of Electronic Technology filed Critical Guilin University of Electronic Technology
Priority to CN202310244130.9A priority Critical patent/CN117251859A/en
Publication of CN117251859A publication Critical patent/CN117251859A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/29Geographical information databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Automation & Control Theory (AREA)
  • Medical Informatics (AREA)
  • Remote Sensing (AREA)
  • Data Mining & Analysis (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a geographic information data sharing method and system based on a blockchain, which relate to the technical field of geographic information data sharing, wherein identity information and related materials are uploaded by a user or a mechanism to generate an identity number, then an identity data attribute set is generated, the user or the mechanism uploads geographic information data after authentication, extracts abstract data from the geographic information data and encrypts the abstract data into ciphertext, stores the ciphertext into an IPFS after encryption is finished, obtains ciphertext storage information and encrypts the ciphertext storage information, stores the abstract data, a digital signature and the encrypted ciphertext storage information into a blockchain network, sends corresponding data to the user or the mechanism according to a data request of the user or the mechanism, and produces a data access record.

Description

System and method for sharing geographic information data based on blockchain
Technical Field
The invention relates to the technical field of geographic information data sharing, in particular to a block chain-based geographic information data sharing method and system.
Background
Geographic information data is an important strategic resource of the country, directly relates to national main rights, safety and interests, is widely applied to various industries along with the rapid development of information technology, plays a great promotion role in the economic development of society, and becomes an indispensable important economic guarantee;
the geographical information data sources are wide and huge in quantity, but most users or institutions directly store the collected data in a cloud server in a centralized manner or directly package the collected data to a third party for maintenance, the data are easy to suffer from the threat of centralized attack, malicious tampering and single point failure, strict safety control is difficult to implement, and the source is difficult to find when the data are leaked;
the occurrence of the blockchain provides a new solution to the problems, and particularly the advantages of the decentralization, traceability and tamper resistance of the blockchain can ensure that the blockchain does not need to realize the storage and sharing of data in a trusted environment, so that the blockchain-based geographic information data sharing method and system are provided.
Disclosure of Invention
The system comprises a management and control center, wherein the management and control center is in communication connection with an identity registration module, a geographic information encryption module, a shared data management module and a data access control module;
it should be noted that, the management and control center is also connected with an interstellar file system IPFS in a communication manner, where the IPFS is a decentralised storage network based on a blockchain technology, and is used to store data from each module in the system;
the identity registration module is used for registering and authenticating the identity of a user or an organization and generating a corresponding identity data attribute set;
the data encryption module is used for extracting abstract data from geographic information data and encrypting and storing the abstract data;
the shared data management module is used for performing blockchain storage on the summary data, the digital signature and the encrypted ciphertext storage address from the data encryption module;
the data access control module is used for auditing the data access request and generating a data access record.
Further, the process of generating the set of identity data attributes includes:
the user or the organization sends an identity registration request to the identity registration module, and uploads the identity information and related materials, the identity registration module verifies the identity information and the related materials, and if the verification result is wrong, the identity registration request is refused;
if the verification result is correct, automatically generating a series of sixteen-bit unique identity numbers;
the identity registration module establishes an identity data attribute set according to the identity number, the identity information uploaded by the user or the organization and related materials, and generates an attribute private key and a conversion key by adopting a key generation algorithm according to the identity data attribute set, wherein the conversion key is sent to the data encryption module, and the attribute private key is sent to the user or the organization.
Further, the process of extracting the summary data from the geographic information data includes:
the data encryption module scans the length value of the geographic information data;
if the length value of the geographic information data is even, splitting the geographic information data into a plurality of data to be abstracted with equal length values;
if the length value of the geographic information data is odd, firstly temporarily removing the last data byte, then splitting to obtain a plurality of data to be abstracted with equal length values, and adding the last data byte to the last bit of the last data to be abstracted;
after the splitting is completed, the data encryption module simultaneously takes summary data from a plurality of pieces of data to be summarized through a hash algorithm until the summary data of all pieces of data to be summarized are obtained, all pieces of summary data are integrated to obtain summary data corresponding to geographic information data, and unique digital signatures are set on the summary data and then the summary data are sent to the data sharing module.
Further, the process of encrypting the geographic information data includes:
the data encryption module divides geographic information data into a plurality of data fragments with different length values, simultaneously automatically generates a plurality of keys, and adopts an SM4 key expansion algorithm to carry out multi-round expansion on the keys;
encrypting a data segment by using an encryption round key obtained by each round of expansion, and obtaining a plurality of encrypted data segments after executing multiple rounds of expansion;
and integrating all the encryption fragments to obtain geographical information ciphertext data, sending the geographical information ciphertext data to the IPFS, integrating all the encryption round keys after encryption is completed, generating an encryption record, and sending the encryption record to the IPFS, wherein the encryption record comprises the encryption fragments corresponding to each encryption round key.
Further, the process of storing the digest data, the digital signature and the encrypted ciphertext storage address by the shared data storage module includes:
the shared data management module is provided with a blockchain network, wherein the blockchain network consists of a alliance chain and a private chain, the alliance chain consists of private chains of a plurality of users or institutions, and each private chain is provided with a unique private chain identifier;
merging the summary data, the digital signature and the encrypted ciphertext storage address into data information, extracting keywords, storing the data information in a private chain according to the keywords, and storing the private chain identification and the keywords of the data information in a alliance chain.
Further, the process of the data access control module auditing the data access request includes:
the user or the organization sends a data access request and an attribute private key of the user or the organization to a data access control module, the data access control module inquires an identity data attribute set of the corresponding user or the organization from the IPFS according to the attribute private key, and judges whether the data access request passes or not based on the data access authority of the user in the identity data attribute set and the data content requested in the data access request;
if the request does not pass, a prompt of 'application failed' is sent to the user or the organization;
and if the request passes, extracting keywords from the requested data content, and searching corresponding private chain identifiers from the alliance chain by the data access control module according to the keywords and searching corresponding data information according to the private chain identifiers and the keywords.
Further, the process of verifying whether the geographic information is tampered with by the user or the organization comprises the following steps:
the user or the organization adopts a hash algorithm to extract abstract data from the decrypted geographic information data, and compares the extracted abstract data with abstract data in the data information;
if the comparison results are consistent, judging that the decrypted geographic information data is not tampered, and sending a confirmation acceptance prompt by the data access control module;
if the comparison results are inconsistent, judging that the decrypted geographic information data is tampered, sending a data error prompt to the data access control module by the user or the mechanism, and acquiring the encrypted geographic information data from the IPFS again by the data access control module according to the prompt, decrypting and then sending the encrypted geographic information data to the user or the mechanism.
Further, the block chain-based geographic information data sharing method is characterized by comprising the following steps of:
step one, a user or an organization sends an identity registration request, identity information and related materials to an identity registration module, and the identity registration module generates a corresponding identity number and an identity key according to an auditing result, so that an identity data attribute set is generated based on the identity number, the identity key, the identity information of the user or the organization and the related materials;
firstly, obtaining corresponding abstract data and setting a digital signature for geographic information data uploaded by a user or a mechanism by adopting a hash algorithm, then encrypting to obtain corresponding ciphertext, sending the corresponding ciphertext to an IPFS (Internet protocol File), obtaining ciphertext storage information, and then encrypting storage position information by adopting a CP-ABE encryption scheme;
step three, setting a alliance chain and a private chain, forming a regional chain network, and storing data information formed by summary data, a digital signature and ciphertext storage information in the private chain in a keyword form, wherein the alliance chain stores keywords of private chain identification and data information;
step four, the data access control module examines the data access request according to the data access request of the user or the organization and the identity data attribute set thereof, if the data access request passes the examination, the data access control module sends corresponding data to the user or the organization, and if the data access request does not pass the examination, the data access request is refused;
and fifthly, after the user or the organization confirms that the data is received, the data access control module automatically generates a data access record.
Compared with the prior art, the invention has the beneficial effects that:
the geographic information data is split into a plurality of pieces of data with equal length values and the summary data is equal, so that the data encryption module can process a plurality of pieces of data to be summary simultaneously, and the efficiency of obtaining the summary data through a hash algorithm is improved to a certain extent;
the geographical information data is encrypted into a ciphertext form and is stored in the IPFS, and after the ciphertext storage address is encrypted, the ciphertext storage address, summary data and a digital signature of the geographical information data are stored in a private chain of a user or an organization on the basis of a keyword, and meanwhile, a plurality of private chains form a alliance chain to form a blockchain network.
Drawings
Fig. 1 is a schematic diagram of the present invention.
Detailed Description
As shown in FIG. 1, the blockchain-based geographic information data sharing system comprises a management and control center, wherein the management and control center is in communication connection with an identity registration module, a geographic information encryption module, a shared data management module and a data access control module.
It should be noted that, the management and control center is also connected with an interstellar file system IPFS in a communication manner, where the IPFS is a decentralised storage network based on a blockchain technology, and is used to store data from each module in the system;
the identity registration module is used for registering and authenticating the identity of a user or an organization and generating a corresponding identity data attribute set, and specifically comprises the following steps:
the user or the organization sends an identity registration request to the identity registration module, and uploads the identity information and related materials, the identity registration module verifies the identity information and related materials after receiving the request, if the verification result is incorrect, the identity registration request is refuted, if the verification result is correct, a string of sixteen unique identity numbers UId is automatically generated, a corresponding identity key is generated according to the identity numbers UId and sent to the user or the organization, and the user or the organization can carry out authentication login through the identity numbers UId and the identity keys;
further, the identity registration module establishes an identity data attribute set S according to the identity number UId, the identity information uploaded by the user or the organization and related materials, the identity set comprises the name of the user or the organization, the identity number UId and the data access authority, the identity data attribute set S is uploaded to the IPFS after being established, and based on the identity key of the user and the identity data attribute set S, an attribute private key SK and a conversion key TK are generated by adopting a key generation algorithm, wherein the conversion key TK is sent to the data encryption module, and the attribute private key SK is sent to the user or the organization.
The data encryption module is used for extracting abstract data from geographic information data and encrypting and storing the abstract data, and specifically comprises the following steps:
after the user or the organization passes the authentication of the identity registration module, the user or the organization can send the geographic information data to the data encryption module, the data encryption module obtains the abstract data of the geographic information data through a hash algorithm and sets a unique digital signature for the abstract data, and the specific steps comprise:
the data encryption module scans the length value of the geographic information data;
if the length value of the geographic information data is even, splitting the geographic information data into a plurality of data to be summarized with equal length values, such as data X to be summarized 1 Data X to be summarized 2 … … data X to be summarized n
If the length value of the geographic information data is odd, the last data byte is temporarily removed, and then a plurality of data to be abstracted with equal length values, such as data X to be abstracted, are obtained 1 Data X to be summarized 2 … … data X to be summarized n And adds the last data byte to the data X to be summarized n Wherein n is a positive integer greater than 1;
after the splitting is completed, the data encryption module simultaneously takes summary data from a plurality of pieces of data to be summarized through a hash algorithm until the summary data of all pieces of data to be summarized are obtained, all pieces of summary data are integrated to obtain summary data corresponding to geographic information data, and unique digital signatures are set on the summary data and then sent to the data sharing module;
the geographic information data is split into a plurality of pieces of data with equal length values and the summary data is equal, so that the data encryption module can process a plurality of pieces of data to be summary simultaneously, and the efficiency of obtaining the summary data through a hash algorithm is improved to a certain extent;
further, the data encryption module divides the geographic information data into N data fragments with different length values, simultaneously automatically generates a plurality of secret keys, adopts an SM4 secret key expansion algorithm to carry out N rounds of expansion on the secret keys, carries out encryption processing on one data fragment by using an encryption round secret key obtained by each round of expansion, obtains N encrypted data fragments after the N rounds of expansion are executed, integrates the N encrypted fragments to obtain geographic information ciphertext data, sends the geographic information ciphertext data to an IPFS, integrates all encryption round secret keys after encryption is completed, generates encryption records and sends the encryption records to the IPFS, wherein the encryption records comprise encryption fragments corresponding to each encryption round secret key;
further, after the IPFS receives the ciphertext data of the geographic information from the data encryption module, the data encryption module stores the ciphertext data and sends the ciphertext storage address to the data encryption module, and the data encryption module encrypts the ciphertext storage address based on the CP-ABE encryption scheme, where the encryption process includes:
the data encryption module generates a corresponding access strategy according to the ciphertext storage address, embeds the access strategy address in the middle of the ciphertext storage address, encrypts the embedded ciphertext storage address by adopting a randomized encryption algorithm based on a conversion key TK from the identity registration module, and sends the encrypted ciphertext storage address to the shared data management module after encryption is completed.
The shared data management module is used for performing blockchain storage on summary data, digital signature and encrypted ciphertext storage addresses from the data encryption module, and specifically comprises the following steps:
the shared data management module adopts a blockchain network for storage, the blockchain network consists of a alliance chain and a private chain, wherein the alliance chain consists of private chains of a plurality of users or institutions, and each private chain is provided with a unique private chain identifier;
and after receiving the summary data, the digital signature and the encrypted ciphertext storage address from the data encryption module, the shared data management module combines the summary data, the digital signature and the encrypted ciphertext storage address into data information, extracts keywords, stores the data information in a private chain according to the keywords, and stores the private chain identification and the keywords of the data information in a alliance chain.
The data access control module is used for auditing the data access request and generating a data access record, and specifically comprises the following steps:
the user or the organization sends a data access request and an attribute private key SK to a data access control module, after the data access control module receives the data access request and the attribute private key SK, the identity data attribute set S of the corresponding user or the organization is inquired from the IPFS according to the attribute private key SK, and whether the data access request passes or not is judged based on the data access authority of the user in the identity data attribute set S and the data content requested in the data access request;
if the request does not pass, a prompt of 'application failed' is sent to the user or the organization;
if the request passes, extracting keywords from the requested data content, and searching corresponding private chain identifiers from the alliance chain by the data access control module according to the keywords and searching corresponding data information according to the private chain identifiers and the keywords;
further, decrypting the encrypted ciphertext storage address in the data information by adopting a deterministic decryption algorithm to obtain the ciphertext storage address and an access policy, obtaining encrypted geographic information data from the IPFS according to the ciphertext storage address and the access policy, obtaining a corresponding encryption record and an encryption round key from the IPFS by a data access module, decrypting the encrypted geographic information data by using the encryption round key according to the encryption process in the encryption record, and transmitting the decrypted geographic information data and the corresponding information data to a user or a mechanism after decryption is completed;
after receiving the decrypted geographic information data and the corresponding information data, a user or a mechanism needs to judge whether the decrypted geographic information data is tampered or not, extracts abstract data from the decrypted geographic information data by adopting a hash algorithm, and compares the extracted abstract data with abstract data in data information;
if the comparison results are consistent, judging that the decrypted geographic information data is not tampered, and sending a confirmation acceptance prompt by the data access control module;
if the comparison results are inconsistent, judging that the decrypted geographic information data is tampered, and sending a data error prompt to a data access control module by a user or a mechanism, wherein the data access control module acquires the encrypted geographic information data from the IPFS again according to the prompt, decrypts the geographic information data and sends the encrypted geographic information data to the user or the mechanism;
further, after receiving the prompt of 'confirmation receiving' of the user or the organization, the data access sharing module automatically generates a data access record based on the identity data attribute set S of the user or the organization and uploads the data access record to the IPFS, wherein the data access record comprises the identity number UId, the name of the data requester, the keyword of the request data and the attribute private key SK, so that the supervision, the audit and the right confirmation of the data request are realized.
The invention also discloses a data sharing method based on the block chain geographic information, which comprises the following steps:
step one, a user or an organization sends an identity registration request, identity information and related materials to an identity registration module, and the identity registration module generates a corresponding identity number UId and an identity key according to an auditing result, so that an identity data attribute set is generated based on the identity number UId and the identity key, the identity information of the user or the organization and the related materials;
firstly, obtaining corresponding abstract data and setting a digital signature for geographic information data uploaded by a user or a mechanism by adopting a hash algorithm, then encrypting to obtain corresponding ciphertext, sending the corresponding ciphertext to an IPFS (Internet protocol File), obtaining ciphertext storage information, and then encrypting storage position information by adopting a CP-ABE encryption scheme;
step three, setting a alliance chain and a private chain, forming a regional chain network, forming summary data, a digital signature and ciphertext storage information into data information, and storing the data information in the private chain in a keyword form, wherein the alliance chain stores keywords of the private chain identification and the data information;
the data access control module examines the data access request according to the data access request of the user or the organization and the identity data attribute set thereof, if the data access request passes the examination, the data access control module sends the corresponding request data to the user or the organization, and if the data access request does not pass the examination, the data access request is refused;
and fifthly, after the user or the organization confirms that the data is received, the data access control module automatically generates a data access record.
The above embodiments are only for illustrating the technical method of the present invention and not for limiting the same, and it should be understood by those skilled in the art that the technical method of the present invention may be modified or substituted without departing from the spirit and scope of the technical method of the present invention.

Claims (8)

1. The system for sharing the geographic information data based on the blockchain comprises a management and control center, and is characterized in that the management and control center is in communication connection with an identity registration module, a geographic information encryption module, a shared data management module and a data access control module;
it should be noted that, the management and control center is also connected with an interstellar file system IPFS in a communication manner, where the IPFS is a decentralised storage network based on a blockchain technology, and is used to store data from each module in the system;
the identity registration module is used for registering and authenticating the identity of a user or an organization and generating a corresponding identity data attribute set;
the data encryption module is used for extracting abstract data from geographic information data and encrypting and storing the abstract data;
the shared data management module is used for performing blockchain storage on the summary data, the digital signature and the encrypted ciphertext storage address from the data encryption module;
the data access control module is used for auditing the data access request and generating a data access record.
2. The blockchain-based geographic information data sharing system of claim 1, wherein the process of generating the set of identity data attributes comprises:
the user or the organization sends an identity registration request to the identity registration module, and uploads the identity information and related materials, the identity registration module verifies the identity information and the related materials, and if the verification result is wrong, the identity registration request is refused;
if the verification result is correct, automatically generating a series of sixteen-bit unique identity numbers;
the identity registration module establishes an identity data attribute set according to the identity number, the identity information uploaded by the user or the organization and related materials, and generates an attribute private key and a conversion key by adopting a key generation algorithm according to the identity data attribute set, wherein the conversion key is sent to the data encryption module, and the attribute private key is sent to the user or the organization.
3. The blockchain-based geographic information data sharing system of claim 2, wherein the process of extracting summary data from the geographic information data comprises:
the data encryption module scans the length value of the geographic information data;
if the length value of the geographic information data is even, splitting the geographic information data into a plurality of data to be abstracted with equal length values;
if the length value of the geographic information data is odd, firstly temporarily removing the last data byte, then splitting to obtain a plurality of data to be abstracted with equal length values, and adding the last data byte to the last bit of the last data to be abstracted;
after the splitting is completed, the data encryption module simultaneously takes summary data from a plurality of pieces of data to be summarized through a hash algorithm until the summary data of all pieces of data to be summarized are obtained, all pieces of summary data are integrated to obtain summary data corresponding to geographic information data, and unique digital signatures are set on the summary data and then the summary data are sent to the data sharing module.
4. A blockchain-based geographic information data sharing system as in claim 3 wherein the process of encrypting the geographic information data comprises:
the data encryption module divides geographic information data into a plurality of data fragments with different length values, simultaneously automatically generates a plurality of keys, and adopts an SM4 key expansion algorithm to carry out multi-round expansion on the keys;
encrypting a data segment by using an encryption round key obtained by each round of expansion, and obtaining a plurality of encrypted data segments after executing multiple rounds of expansion;
and integrating all the encryption fragments to obtain geographical information ciphertext data, sending the geographical information ciphertext data to the IPFS, integrating all the encryption round keys after encryption is completed, generating an encryption record, and sending the encryption record to the IPFS, wherein the encryption record comprises the encryption fragments corresponding to each encryption round key.
5. The blockchain-based geographic information data sharing system of claim 4, wherein the process of storing digest data, digital signatures, and encrypted ciphertext storage addresses by the shared data storage module comprises:
the shared data management module is provided with a blockchain network, wherein the blockchain network consists of a alliance chain and a private chain, the alliance chain consists of private chains of a plurality of users or institutions, and each private chain is provided with a unique private chain identifier;
merging the summary data, the digital signature and the encrypted ciphertext storage address into data information, extracting keywords, storing the data information in a private chain according to the keywords, and storing the private chain identification and the keywords of the data information in a alliance chain.
6. The blockchain-based geographic information data sharing system of claim 5, wherein the process of the data access control module auditing the data access request comprises:
the user or the organization sends a data access request and an attribute private key of the user or the organization to a data access control module, the data access control module inquires an identity data attribute set of the corresponding user or the organization from the IPFS according to the attribute private key, and judges whether the data access request passes or not based on the data access authority of the user in the identity data attribute set and the data content requested in the data access request;
if the request does not pass, a prompt of 'application failed' is sent to the user or the organization;
and if the request passes, extracting keywords from the requested data content, and searching corresponding private chain identifiers from the alliance chain by the data access control module according to the keywords and searching corresponding data information according to the private chain identifiers and the keywords.
7. The blockchain-based geographic information data sharing system of claim 6, wherein the process of the user or organization verifying whether the geographic information is tampered with comprises:
the user or the organization adopts a hash algorithm to extract abstract data from the decrypted geographic information data, and compares the extracted abstract data with abstract data in the data information;
if the comparison results are consistent, judging that the decrypted geographic information data is not tampered, and sending a confirmation acceptance prompt by the data access control module;
if the comparison results are inconsistent, judging that the decrypted geographic information data is tampered, sending a data error prompt to the data access control module by the user or the mechanism, and acquiring the encrypted geographic information data from the IPFS again by the data access control module according to the prompt, decrypting and then sending the encrypted geographic information data to the user or the mechanism.
8. A blockchain-based geographic information data sharing method according to any of claims 1 to 7, comprising the steps of:
step one, a user or an organization sends an identity registration request, identity information and related materials to an identity registration module, and the identity registration module generates a corresponding identity number and an identity key according to an auditing result, so that an identity data attribute set is generated based on the identity number, the identity key, the identity information of the user or the organization and the related materials;
firstly, obtaining corresponding abstract data and setting a digital signature for geographic information data uploaded by a user or a mechanism by adopting a hash algorithm, then encrypting to obtain corresponding ciphertext, sending the corresponding ciphertext to an IPFS (Internet protocol File), obtaining ciphertext storage information, and then encrypting storage position information by adopting a CP-ABE encryption scheme;
step three, setting a alliance chain and a private chain, forming a regional chain network, and storing data information formed by summary data, a digital signature and ciphertext storage information in the private chain in a keyword form, wherein the alliance chain stores keywords of private chain identification and data information;
step four, the data access control module examines the data access request according to the data access request of the user or the organization and the identity data attribute set thereof, if the data access request passes the examination, the data access control module sends corresponding data to the user or the organization, and if the data access request does not pass the examination, the data access request is refused;
and fifthly, after the user or the organization confirms that the data is received, the data access control module automatically generates a data access record.
CN202310244130.9A 2023-03-15 2023-03-15 System and method for sharing geographic information data based on blockchain Pending CN117251859A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310244130.9A CN117251859A (en) 2023-03-15 2023-03-15 System and method for sharing geographic information data based on blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310244130.9A CN117251859A (en) 2023-03-15 2023-03-15 System and method for sharing geographic information data based on blockchain

Publications (1)

Publication Number Publication Date
CN117251859A true CN117251859A (en) 2023-12-19

Family

ID=89131986

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310244130.9A Pending CN117251859A (en) 2023-03-15 2023-03-15 System and method for sharing geographic information data based on blockchain

Country Status (1)

Country Link
CN (1) CN117251859A (en)

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111245837A (en) * 2020-01-13 2020-06-05 电子科技大学 Block chain-based vehicle networking data sharing fine-grained access control method
CN111916173A (en) * 2020-08-07 2020-11-10 安徽师范大学 Medical data safety sharing system and method based on IPFS and alliance chain
CN112836229A (en) * 2021-02-10 2021-05-25 北京深安信息科技有限公司 Attribute-based encryption and block-chaining combined trusted data access control scheme
CN113067857A (en) * 2021-03-15 2021-07-02 新疆大学 Electronic medical record cross-hospital sharing method based on double-chain structure
CN113360925A (en) * 2021-06-04 2021-09-07 中国电力科学研究院有限公司 Method and system for storing and accessing trusted data in electric power information physical system
CN113642024A (en) * 2021-08-30 2021-11-12 西安邮电大学 Block chain-based medical data fine-grained management method and system
CN114238501A (en) * 2021-12-10 2022-03-25 重庆邮电大学 Mine industry internet data sharing method based on block chain
CN114745201A (en) * 2022-05-07 2022-07-12 北京航空航天大学 Data access privacy protection system and method based on block chain and attribute encryption
CN114826652A (en) * 2022-03-10 2022-07-29 南京邮电大学 Traceable access control method based on double block chains
CN115085902A (en) * 2022-06-09 2022-09-20 深圳供电局有限公司 Power grid dispatching log management method and system
CN115801276A (en) * 2022-11-28 2023-03-14 北京航空航天大学 Automobile network threat information security sharing method, system and storage medium

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111245837A (en) * 2020-01-13 2020-06-05 电子科技大学 Block chain-based vehicle networking data sharing fine-grained access control method
CN111916173A (en) * 2020-08-07 2020-11-10 安徽师范大学 Medical data safety sharing system and method based on IPFS and alliance chain
CN112836229A (en) * 2021-02-10 2021-05-25 北京深安信息科技有限公司 Attribute-based encryption and block-chaining combined trusted data access control scheme
CN113067857A (en) * 2021-03-15 2021-07-02 新疆大学 Electronic medical record cross-hospital sharing method based on double-chain structure
CN113360925A (en) * 2021-06-04 2021-09-07 中国电力科学研究院有限公司 Method and system for storing and accessing trusted data in electric power information physical system
CN113642024A (en) * 2021-08-30 2021-11-12 西安邮电大学 Block chain-based medical data fine-grained management method and system
CN114238501A (en) * 2021-12-10 2022-03-25 重庆邮电大学 Mine industry internet data sharing method based on block chain
CN114826652A (en) * 2022-03-10 2022-07-29 南京邮电大学 Traceable access control method based on double block chains
CN114745201A (en) * 2022-05-07 2022-07-12 北京航空航天大学 Data access privacy protection system and method based on block chain and attribute encryption
CN115085902A (en) * 2022-06-09 2022-09-20 深圳供电局有限公司 Power grid dispatching log management method and system
CN115801276A (en) * 2022-11-28 2023-03-14 北京航空航天大学 Automobile network threat information security sharing method, system and storage medium

Similar Documents

Publication Publication Date Title
EP3361408B1 (en) Verifiable version control on authenticated and/or encrypted electronic documents
CN109409122B (en) File storage method, electronic device and storage medium
Kaaniche et al. A secure client side deduplication scheme in cloud storage environments
CN111914027A (en) Searchable encryption method and system for block chain transaction keywords
US20100005318A1 (en) Process for securing data in a storage unit
CN112311537B (en) Block chain-based equipment access authentication system and method
CN111970299A (en) Block chain-based distributed Internet of things equipment identity authentication device and method
US20220045863A1 (en) Transaction mode-based electronic contract forensics method and system
CN113872932B (en) SGX-based micro-service interface authentication method, system, terminal and storage medium
CN111683090A (en) Block chain digital signature method and device based on distributed storage
CN114244508B (en) Data encryption method, device, equipment and storage medium
CN112311538A (en) Identity authentication method, device, storage medium and equipment
CN112906056A (en) Cloud storage key security management method based on block chain
CN110188545B (en) Data encryption method and device based on chained database
US20220020019A1 (en) Smart Contract-Based Electronic Contract Forensics Method and System
CN113489710B (en) File sharing method, device, equipment and storage medium
CN117097476B (en) Data processing method, equipment and medium based on industrial Internet
CN113709734A (en) Unmanned aerial vehicle distributed identity authentication method based on block chain
CN102299927A (en) Content security supervision system and method
US20220020010A1 (en) Decentralized electronic contract attestation platform
CN115865461A (en) Method and system for distributing data in high-performance computing cluster
CN112637128B (en) Identity mutual trust method and system for data center host
CN113285934B (en) Method and device for detecting IP (Internet protocol) of server cryptographic machine client based on digital signature
CN117251859A (en) System and method for sharing geographic information data based on blockchain
CN115114648A (en) Data processing method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination