CN117786763A - Data processing method, medium and computer device - Google Patents

Data processing method, medium and computer device Download PDF

Info

Publication number
CN117786763A
CN117786763A CN202311778863.7A CN202311778863A CN117786763A CN 117786763 A CN117786763 A CN 117786763A CN 202311778863 A CN202311778863 A CN 202311778863A CN 117786763 A CN117786763 A CN 117786763A
Authority
CN
China
Prior art keywords
internet
data
things
verification
object model
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311778863.7A
Other languages
Chinese (zh)
Inventor
苟晓东
王世睿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ant Blockchain Technology Shanghai Co Ltd
Original Assignee
Ant Blockchain Technology Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ant Blockchain Technology Shanghai Co Ltd filed Critical Ant Blockchain Technology Shanghai Co Ltd
Priority to CN202311778863.7A priority Critical patent/CN117786763A/en
Publication of CN117786763A publication Critical patent/CN117786763A/en
Pending legal-status Critical Current

Links

Abstract

The data processing method, the medium and the computer equipment are applied to the Internet of things equipment, and an object model corresponding to the Internet of things equipment is maintained on an Internet of things platform corresponding to the Internet of things equipment; the method comprises the following steps: acquiring Internet of things data generated by the equipment; generating verification data for carrying out trusted verification on the data of the Internet of things; writing the verification data into an object model corresponding to the equipment maintained on the internet of things platform, so that a service system connected to the internet of things platform performs trusted verification on the internet of things data based on the verification data written into the object model after acquiring the internet of things data.

Description

Data processing method, medium and computer device
Technical Field
The present disclosure relates to the field of internet of things, and in particular, to a data processing method, medium, and computer device.
Background
In the field of the internet of things, an object model is a data structure composed of attributes, services, events and the like of equipment and is used for describing basic attributes, functions and behaviors of the equipment of the internet of things. However, the traditional object model lacks description of data security and credibility, and the internet of things data generated by the internet of things equipment is easy to tamper and forge, so that the data security and reliability are low.
Disclosure of Invention
In a first aspect, an embodiment of the present disclosure provides a data processing method, which is applied to an internet of things device, and an object model corresponding to the internet of things device is maintained on an internet of things platform corresponding to the internet of things device; the method comprises the following steps: acquiring Internet of things data generated by the equipment; generating verification data for carrying out trusted verification on the data of the Internet of things; writing the verification data into an object model corresponding to the equipment maintained on the internet of things platform, so that a service system connected to the internet of things platform performs trusted verification on the internet of things data based on the verification data written into the object model after acquiring the internet of things data.
In a second aspect, an embodiment of the present disclosure provides a data processing method, which is applied to a service system connected to an internet of things platform, where an object model corresponding to an internet of things device connected to the internet of things platform is maintained on the internet of things platform; the method comprises the following steps: acquiring Internet of things data generated by Internet of things equipment; acquiring the object model maintained by the Internet of things platform; the object model comprises verification data, and the verification data is written into the object model after being generated by the internet of things equipment; and carrying out credibility verification on the acquired data of the Internet of things based on the verification data in the object model.
In a third aspect, the disclosed embodiments provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method of any of the embodiments of the disclosure.
In a fourth aspect, embodiments of the present disclosure provide a computer device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the method of any of the embodiments of the present disclosure when the computer program is executed.
In the embodiment of the disclosure, the internet of things device can generate the check data, and write the check data into the object model corresponding to the device maintained on the internet of things platform, so that after the service system connected to the internet of things platform acquires the internet of things data generated by the internet of things device, the internet of things data can be subjected to reliability check based on the check data in the object model, and the safety and the reliability of the internet of things data are improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this disclosure, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the technical aspects of the disclosure.
Fig. 1 is an architecture diagram of an internet of things system of an embodiment of the present disclosure.
Fig. 2 is a flow chart of a data processing method of an embodiment of the present disclosure.
Fig. 3 is a schematic illustration of an object model of an embodiment of the present disclosure.
Fig. 4 is a flow chart of a data processing method of another embodiment of the present disclosure.
Fig. 5 is a block diagram of a data processing apparatus of an embodiment of the present disclosure.
Fig. 6 is a block diagram of a data processing apparatus of another embodiment of the present disclosure.
Fig. 7 is a schematic diagram of a computer device of an embodiment of the present disclosure.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples are not representative of all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present disclosure as detailed in the accompanying claims.
The terminology used in the present disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. As used in this disclosure and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any or all possible combinations of one or more of the associated listed items. In addition, the term "at least one" herein means any one of a plurality or any combination of at least two of a plurality.
It should be understood that although the terms first, second, third, etc. may be used in this disclosure to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present disclosure. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "responsive to a determination", depending on the context.
In order to better understand the technical solutions in the embodiments of the present disclosure and make the above objects, features and advantages of the embodiments of the present disclosure more comprehensible, the technical solutions in the embodiments of the present disclosure are described in further detail below with reference to the accompanying drawings.
The Internet of things system is a system of interrelating computing devices, machines and digital machines and has the capability to transmit data over a network without human-to-human or human-to-device interaction. The internet of things system connects any object with the network through the information sensing equipment according to a stipulated protocol, and the object exchanges information and communicates through the information transmission medium so as to realize the functions of intelligent identification, positioning, tracking, supervision and the like.
As shown in fig. 1, in the internet of things system, the internet of things system includes an internet of things platform 20, one or more internet of things devices 40 connected to the internet of things platform 20, and a service system 60 connected to the internet of things platform 20. Categories of internet of things devices 40 may include, but are not limited to, refrigerators, washing machines, electric lights, smartwatches, medical devices, various sensors, and the like. Generally, each category of internet of things devices 40 may correspond to one of the object models S. The object model S is a digital representation of an entity (such as a sensor, a vehicle-mounted device, a building, a factory, etc.) in a physical space at the cloud, and describes what the entity is, what can do, and which information can be provided to the outside from dimensions of attributes, services, events, relationships, etc. The object model S is used for implementing unified management and control of the internet of things device 40. The object models S corresponding to the different types of the internet of things devices 40 may be different, and the object models corresponding to the similar functional internet of things devices 40 may be the same. The internet of things platform 20 can maintain the object model S corresponding to each internet of things device 40. The object model S may contain several data fields of data related to the internet of things device 40. The internet of things device 40 may collect internet of things data generated by itself according to the data field included in the internet of things model S, and send the collected internet of things data to the internet of things platform 20. The data fields may include some or all of an attribute field, a function field, a service field, and a relationship field of the internet of things device 40. The attribute field is used to describe attribute information of the internet of things device 40, including, but not limited to, factory time, make, model, size, basic functions, etc. The function field is used to describe an action performed by the internet of things device 40, for example, an action of sending internet of things data to the internet of things platform 20. The service field is used to describe functions that the internet of things device 40 performs in response to the control instruction sent by the internet of things platform 20, for example, starting or closing the internet of things device 40, playing a multimedia file, and the like. The relationship field is used to describe the relationship between the plurality of internet of things devices 40.
The service system 60 may be a service system integrated in the internet of things platform 20, or may be a third party system outside the internet of things platform 20. The service system 60 can acquire the internet of things data uploaded to the internet of things platform 20 by the internet of things device 40, and execute a service operation based on the internet of things data. For example, the service system 60 may determine whether the state of the internet of things device 40 is abnormal based on the internet of things data uploaded by the internet of things device 40, and determine the reliability of the internet of things device 40 according to the duration that the internet of things device 40 is in the abnormal state.
However, the conventional internet of things model lacks description of data security and reliability, and the internet of things data generated by the internet of things device 40 is easily tampered and forged, so that the data security and reliability are low, and thus the reliability of the service execution result of the service system 60 based on the internet of things data acquisition with low reliability is also low.
Based on this, the embodiment of the disclosure provides a data processing method, where the internet of things device 40 generates verification data for performing trusted verification on the internet of things data, and writes the verification data into an object model corresponding to the internet of things device 40 maintained on the internet of things platform 20, and after obtaining the internet of things data, the service system 60 can perform trusted verification on the internet of things data based on the verification data written into the object model, thereby improving reliability of the internet of things data, and further improving reliability of service execution results of the service system 60. The following is an illustration of aspects of embodiments of the present disclosure.
Referring to fig. 2, an embodiment of the present disclosure provides a data processing method, which is applied to an internet of things device 40, and an internet of things platform 20 corresponding to the internet of things device 40 maintains an object model S corresponding to the internet of things device 40; the data processing method comprises the following steps:
step S12: acquiring Internet of things data generated by the Internet of things equipment 40;
step S14: generating verification data for performing trusted verification on the data of the Internet of things;
step S16: the verification data is written into an internet of things model S corresponding to the internet of things device 40 maintained on the internet of things platform 20, so that after the internet of things data is acquired by the service system 60 connected to the internet of things platform 20, the internet of things data is subjected to trusted verification based on the verification data written into the internet of things model S.
In step S12, in the running process of the internet of things device 40, internet of things data may be generated, the generated internet of things data may be reported to the internet of things platform 20, and the internet of things platform 20 may forward the internet of things data reported by the internet of things device 40 to the service system 60. The internet of things data may include operational state data of the internet of things device 40. For example, the internet of things device 40 may update its own running state in response to the control instruction sent by the internet of things platform 20, where the updated running state data is the internet of things data. For another example, the internet of things device 40 may send a heartbeat signal to the internet of things platform 20 according to a preset time interval to indicate that the device is online, where the heartbeat signal is internet of things data. The internet of things data may also include other data, which is not described here in detail.
In some embodiments, the internet of things device 40 may be registered with the internet of things platform 20 in advance. During registration, a user may select or create an object model S corresponding to the internet of things device 40 on the internet of things platform 20. The object model S may include a number of data fields, such as an attribute field, a function field, a service field, a relationship field, and the like. After the registration is successful, the internet of things platform 20 can correlate the internet of things model S with the internet of things device 40 and send the internet of things model S to the internet of things device 40. The internet of things device 40 may determine, based on the data fields contained in the internet of things model S, internet of things data that needs to be reported to the internet of things platform 20.
In step S14, the internet of things device 40 may generate verification data for performing a trusted verification on the internet of things data. By carrying out credibility verification on the data of the Internet of things, the reliability of the data of the Internet of things can be improved. Wherein the trusted verification may include at least one of: and verifying the authenticity of the data source of the data of the Internet of things and verifying the authenticity of the data content of the data of the Internet of things. The authenticity check of the data source refers to determining whether the internet of things data is transmitted by a trusted or trusted internet of things device 40. By verifying the authenticity of the data source, the internet of things data can be ensured to come from legal internet of things equipment 40, the possibility that the internet of things system is invaded or operated is reduced, and therefore the data security of the internet of things equipment 40 is maintained. The verification of the authenticity of the data content refers to verifying the information and the content contained in the internet of things data to determine whether the information and the content are authentic, accurate and trusted. By carrying out the authenticity verification of the data content, the possibility of inaccurate data caused by falsification, false acquisition or manual operation of the data of the Internet of things can be reduced.
In contrast to conventional object models, an extension field for maintaining verification data may be included in object model S of embodiments of the present disclosure. The internet of things device 40 may write the verification data as a field value of the extension field into the extension field, so that the service system 60 accessing the internet of things platform 20 performs trusted verification on the acquired internet of things data based on the verification data in the extension field after acquiring the internet of things data.
In the case that the trusted check comprises an authenticity check of a data source of the internet of things data, the extension field comprises a first extension field for carrying out the authenticity check of the data source of the internet of things data. In some embodiments, the verification data includes signature data obtained by digitally signing the internet of things data, and the first extension field is used to maintain the signature data. On this basis, the signature data may be written as a field value in the first extension field.
Digital signatures are a technical means for verifying data integrity and authenticating the source of the data. Based on the principle of public key cryptography, the method can ensure that the data is not tampered in the transmission process, and can determine the true sender of the data. By adopting the digital signature, the authenticity of the data source of the data of the Internet of things can be verified. The digital signature involves two keys, one is a private key (private key), and the private key can be held by the internet of things device 40, so that the internet of things device 40 digitally signs internet of things data generated by the device based on the private key held by the device; the other is a public key (public key) corresponding to the private key, which may be held by service system 60 for verifying the digital signature generated by internet of things device 40. After acquiring the internet of things data, the service system 60 may acquire the signature data written in the first extension field, perform signature verification on the signature data based on the public key corresponding to the private key, and perform authenticity verification on the source of the internet of things data based on the signature verification result.
If the signature verification is successful, the service system 60 may determine that the source of the internet of things data is authentic. If the signature verification fails, the service system 60 determines that the source of the internet of things data is not authentic. In a specific embodiment, the internet of things device 40 may hash the internet of things data, convert the internet of things data into a digest with a fixed length, and encrypt the hashed digest using a private key to generate the digital signature. The service system 60 may hash the received data to generate a digest, and decrypt the digital signature using the public key corresponding to the private key to obtain the original hash digest. The service system 60 compares the decrypted digest with the digest calculated by itself. If the two abstracts are consistent, the data are complete and are not tampered, the digital signature is effective and credible, and the signature verification is determined to be successful; if not, it is stated that the data may be tampered with or the digital signature is invalid, and it is determined that the signature verification fails.
In some embodiments, a third extension field is also included in object model S for enabling or disabling signature verification. If the field value of the third extension field indicates that signature verification is enabled, the internet of things device 40 may generate a digital signature to cause the service system 60 to perform signature verification on the digital signature. If the field value of the third extension field indicates that signature verification is disabled, the internet of things device 40 does not generate a digital signature. Whether the digital signature is enabled may be determined based on conditions of security of the network environment, security requirements of the service system 60, and the like. By setting the third extension field, the requirements of different application scenes can be met, and when the requirements of the application scenes on the safety and reliability of data are higher, signature verification can be started through the third extension field; when the application scene has low requirements on the security and the reliability of the data, signature verification can be disabled through the third extension field.
The public key and the private key in the above embodiments may be generated in response to successful registration of the internet of things device 40 with the internet of things platform 20. For example, in response to the device registering successfully with the internet of things platform 20, the internet of things device 40 may invoke a key generation algorithm carried by the device to generate a public-private key pair corresponding to the device. The public key of the public-private key pair may then be sent by the internet of things device 40 to the service system 60 to cause the service system 60 to verify the signature data based on the public key. Because the service system 60 and the internet of things device 40 are both connected to the internet of things platform 20, the internet of things device 40 can send the public key to the internet of things platform 20 first, and then the internet of things platform 20 forwards the public key to the service system 60. The internet of things device 40 may store the generated private key in a secure storage area in the device. By generating the private key through the internet of things device 40, the security of the private key can be improved, and the risk of disclosure of the private key can be reduced.
In other embodiments, public and private key pairs may also be generated by the internet of things platform 20. Specifically, in response to successful registration of the internet of things device 40 to the platform, the internet of things platform 20 may invoke a key generation algorithm carried by the platform to generate a public-private key pair corresponding to the internet of things device 40. The public key is then sent to the service system 60 and the private key is sent to the internet of things device 40.
In case the trusted check comprises an authenticity check of the data content of the internet of things data, the extension field comprises a second extension field for authenticity checking of the data content of the internet of things data. In some embodiments, the verification data includes a forensic address of the internet of things data on the blockchain, and the first extension field is used to maintain the forensic address. On this basis, the memory card address can be written into the second extension field as a field value.
Blockchain is a distributed ledger technique that achieves transparency, security, and traceability to transactions and data through decentralised networking and cryptography principles. The core idea is to form the transaction records into a tamper-proof chain in time sequence. The certificate address stored in the blockchain can be the internet of things data itself or a digest of the internet of things data (such as a hash value of the internet of things data). By storing the hash value of the internet of things data on the blockchain, the risk of internet of things data leakage can be reduced. Once the data of the internet of things or the abstract thereof is written into the blockchain, the data is difficult to modify or delete, so that the tampered cost is greatly increased, and the authenticity of the data content is improved.
After the service system 60 obtains the internet of things data, the certificate address written in the second extension field can be obtained, the internet of things data of the blockchain certificate is read based on the certificate address, content matching is performed on the obtained internet of things data and the internet of things data of the blockchain certificate, and the authenticity verification is performed on the data content of the internet of things data based on the content matching result. If the obtained internet of things data is matched with the content of the internet of things data stored in the blockchain, determining that the authenticity verification is successful, otherwise, determining that the authenticity verification is failed.
In some embodiments, the internet of things device 40 may write the internet of things data into the blockchain after generating the internet of things data, obtain a certificate address of the internet of things data on the blockchain, write the certificate address as a field value into the second extension field, and send the second extension field to the service system 60. In other embodiments, the internet of things device 40 may send the internet of things data to the internet of things platform 20, the internet of things platform 20 writes the internet of things data into the blockchain, obtains a certificate address of the internet of things data on the blockchain, writes the certificate address as a field value into the second extension field, and then sends the certificate address to the service system 60.
In some embodiments, a fourth extension field is also included in object model S for enabling or disabling the authenticity check of the data source. If the field value of the fourth extension field indicates that the authenticity verification of the data source is enabled, the internet of things data can be verified on the blockchain. If the field value of the third extension field indicates that the authenticity verification of the data source is disabled, the internet of things data does not need to be verified on the blockchain. Whether or not to enable the authenticity check of the data source may be determined based on conditions of security of the network environment, security requirements of the service system 60, and the like. By setting the fourth extension field, the requirements of different application scenes can be met, and when the requirements of the application scenes on the safety and reliability of the data are high, the authenticity verification of the data source can be started through the fourth extension field; when the application scene has low requirements on the safety and reliability of the data, the authenticity verification of the data source can be forbidden through the fourth extension field.
In some embodiments, a fifth extension field is also included in object model S for indicating the writer that writes the forensic address to object model S. If the fifth extension field indicates that the internet of things platform 20 writes the certificate storage address into the internet of things model S, the internet of things device 40 may send the internet of things data to the internet of things platform 20, the internet of things platform 20 writes the internet of things data into the blockchain, obtains the certificate storage address of the internet of things data on the blockchain, and writes the certificate storage address as a field value into the second extension field. If the fifth extension field indicates that the internet of things device 40 writes the certificate address into the object model S, the internet of things device 40 may write the internet of things data into the blockchain, obtain the certificate address of the internet of things data on the blockchain, and write the certificate address as a field value into the second extension field.
In some embodiments, privacy protection may also be performed on the internet of things data based on a specified privacy algorithm. Specifically, the object model S may include a privacy algorithm type corresponding to a specified privacy algorithm. Among the types of privacy algorithms include, but are not limited to, data desensitization and local differential privacy. Data desensitization reduces the risk of sensitive information by transforming or replacing the data. The method aims at reducing the leakage risk of sensitive data to the greatest extent while keeping the availability and the effectiveness of the data. Local differential privacy protects the privacy of individual data by adding noise. In the local differential privacy, each piece of internet of things data is randomly disturbed before being collected and processed, so that sensitive information cannot be revealed in the data release or analysis process. The internet of things device 40 may acquire the type of the privacy algorithm contained in the object model S, and perform privacy protection processing on the internet of things data based on the acquired type of the privacy algorithm. Although the data desensitization operation can ensure partial privacy of the data, the data can be lost due to the operation. The local differential privacy technology ensures the availability of the data while ensuring the data privacy by carrying out noise adding and confusion on the individual data and carrying out calculation fitting on the overall data.
Further, the object model S may include data type information for specifying sensitive data in the internet of things data. Sensitive data includes, but is not limited to, user identity information (e.g., name, address, telephone number, email, etc.), user health data (e.g., heart rate, blood pressure, sleep quality, etc.), voice and image data, and the like. The internet of things device 40 may determine sensitive data in the internet of things data based on the data type information and perform privacy protection processing on the sensitive data based on a specified privacy algorithm.
In some embodiments, a sixth extension field is also included in object model S for indicating whether privacy preserving processing is enabled. If the sixth extension field indicates that privacy preserving processing is enabled, the internet of things device 40 may perform privacy preserving processing on the sensitive data based on the specified privacy algorithm. If the sixth extension field indicates that privacy protection processing is disabled, the internet of things device 40 does not perform privacy protection processing on the internet of things data. Whether the digital signature is enabled may be determined based on conditions of security of the network environment, security requirements of the service system 60, and the like. By setting the sixth extension field, the requirements of different application scenes can be met, and when the application scenes have higher requirements on privacy protection, privacy protection processing can be started through the sixth extension field; when the application scenario has low requirements for privacy protection, the privacy protection process may be disabled through the sixth extension field.
In step S16, the internet of things device 40 may write the verification data into the locally maintained object model S corresponding to the device, and upload the object model S to the internet of things platform 20, so as to perform maintenance on the internet of things platform 20. Alternatively, the internet of things device 40 may upload the verification data to the internet of things platform 20, so that the internet of things platform 20 writes the verification data into the object model S corresponding to the device maintained on the internet of things platform 20.
After the internet of things platform 20 obtains the object model S, the verification data can be parsed from the object model S, and the verification data is sent to the service system 60, so that the service system 60 performs trusted verification on the internet of things data obtained by the system based on the verification data. Or, after the internet of things platform 20 obtains the object model S, the object model S may be forwarded to the service system 60, so that the service system 60 parses the verification data from the object model S, and performs trusted verification on the internet of things data obtained by the system based on the verification data.
For example, in the case where the trusted verification includes an authenticity verification of a data source of the internet of things data, the service system 60 may perform signature verification on the signature data written in the first extension field of the object model S based on the public key corresponding to the internet of things device 40, and perform the authenticity verification on the source of the internet of things data based on the result of performing the signature verification. For another example, in the case where the trusted verification includes verifying the authenticity of the data content of the data of the internet of things, the service system 60 may perform content matching on the data of the internet of things acquired by the present system and the data of the internet of things that is verified on the blockchain, and perform the authenticity verification on the data content of the data of the internet of things based on the content matching result.
In some embodiments, the data included in the object model S corresponding to the internet of things device 40, which is maintained on the internet of things platform 20, is the data after the encoding processing is performed by adopting the designated encoding format. The specified encoding formats include, but are not limited to, JSON (JavaScript Object Notation, JS object profile) format, XML (Extensible Markup Language ) format, TLV (Tag-Length-Value) format, and the like. Description data corresponding to the data contained in the object model S may be contained in the object model S, where the description data includes the above-specified encoding format. The internet of things device 40 may acquire the description data contained in the object model S, determine a specified coding format based on the description data, code the internet of things data into the specified coding format, and report the coded data to the internet of things platform 20.
Fig. 3 shows a specific architecture of an object model S, where the object model S includes an attribute field (such as a name of an internet of things device 40, a data type, a length of internet of things data, etc.), an event field (such as an event name, a data field reported to an internet of things platform 20, a field type of a reported data field, etc.), a service field, a relationship field (such as a port number of an internet of things device 40 associated with each other, a host device or a slave device, a scene or an environment in which the device is located, etc.), a first extension field, a second extension field, a privacy algorithm type, and a coding format. Wherein the attribute field, the event field, the service field, and the relationship field are used to describe an abstract representation of a physical entity (i.e., the internet of things device 40); the first extension field is used for realizing source signature, so that the data source of the data of the Internet of things is verified, and the credibility of the data source is ensured; the second extension field is used for performing trusted storage on the internet of things data and guaranteeing the trusted flow of the internet of things data; the privacy algorithm type is used for privacy processing (such as adding random numbers, calculating statistical average values of a plurality of pieces of data and the like), so that the integrity and privacy of the data of the Internet of things are ensured; the encoding format is used for encoding the internet of things data into a specified encoding format, such as a JSON format, a TLV format and the like, and can realize multi-level nesting of the internet of things data, for example, in the JSON format, a field value of a certain data field can be data (including a field value and a field name) in another JSON format.
According to the embodiment of the disclosure, through the structure of the extended object model, the description of the trusted source, the trusted storage, the data privacy protection, the data multi-format support and the like is added on the basis of the object model of the traditional structure, so that the trusted object model with richer expression is obtained, and the object model has the safe and trusted description capability besides the basic functional description of the attribute, the behavior, the relationship and the like of the equipment foundation. The internet of things data using the trusted object model can be trusted to be described and verified, and the service which needs to be cooperated with each other on the basis of internet of things equipment is guaranteed technically.
For example, in some embodiments, the internet of things device 40 is a monitored device, the internet of things data is state information of the internet of things device 40, and the service system 60 is a monitoring system that monitors the state information of the internet of things device. In order to improve the credibility of the state information reported by the monitored equipment, the internet of things platform 20 collects internet of things data based on the credible object model, the internet of things data is reported to the monitoring system, and the monitoring system performs credibility verification on the transmitted internet of things data based on the credible object model. The traditional object model only ensures the description of the attribute, the event, the relation and the like of the internet of things equipment and the operation of the basic functions, and lacks the description and the guarantee of safety and credibility. The trusted object model is added with the description related to safety and credibility on the basis of the traditional object model, so that the service system based on the trusted object model can ensure the normal operation of the internet of things equipment and the safety and credibility of the internet of things equipment and the internet of things data.
Referring to fig. 4, the embodiment of the present disclosure further provides a data processing method, which is applied to a service system 60 connected to the internet of things platform 20, where an internet of things model S corresponding to the internet of things device 40 connected to the internet of things platform 20 is maintained on the internet of things platform 20; the data processing method comprises the following steps:
step S22: acquiring internet of things data generated by the internet of things device 40;
step S24: acquiring an object model S maintained by the Internet of things platform 20; the object model S includes verification data, and the verification data is written into the object model S after being generated by the internet of things device 40;
step S26: and carrying out credibility verification on the acquired data of the Internet of things based on the verification data in the object model S.
It will be appreciated that in this embodiment, the numbers of the steps are not used to limit the order of execution of the steps. For example, step S22 may be performed before or after step S24, or may be performed in parallel with step S24.
In some embodiments, the internet of things model S contains several data fields for maintaining data related to the internet of things device 40; the plurality of data fields comprise an extension field for maintaining check data; the check data is written as a field value in the extension field; performing trusted verification on the obtained internet of things data based on the verification data in the object model, including: and carrying out trusted verification on the acquired internet of things data based on the verification data in the extension field.
In some embodiments, the verification data includes signature data obtained by digitally signing the internet of things data based on a private key held by the internet of things device 40; the extension field includes a first extension field for maintaining signature data; the trusted verification comprises verification of authenticity of a data source of the data of the Internet of things; the method for performing trusted verification on the acquired internet of things data based on the verification data in the extension field comprises the following steps: acquiring signature data written in a first extension field; signature verification is carried out on the signature data based on the public key corresponding to the private key; and carrying out authenticity verification on the source of the data of the Internet of things based on the signature verification result.
In some embodiments, the public-private key pair including the private key and the public key corresponding to the private key is generated by the internet of things device 40 in response to successful registration with the internet of things platform 20, invoking a key generation algorithm carried by the internet of things device 40; the method further comprises the steps of: the public key sent by the internet of things device 40 is obtained.
In some embodiments, the verification data includes a certification address of the internet of things data on the blockchain; the extension field includes a second extension field for maintaining a memory card address; the trusted verification comprises verification of authenticity of data content of the internet of things data; the method for performing trusted verification on the acquired internet of things data based on the verification data in the extension field comprises the following steps: acquiring a certificate address written in a second extension field; reading the data of the Internet of things of the blockchain memory card based on the memory card address; content matching is carried out on the obtained internet of things data and the internet of things data stored in the blockchain; and carrying out authenticity verification on the data content of the Internet of things data based on the content matching result.
In some embodiments, the internet of things data that is verified on the blockchain is privacy-protected based on a specified privacy algorithm; the data included in the object model S further includes a privacy algorithm type corresponding to the specified privacy algorithm.
In some embodiments, the verification data is written into the locally maintained object model S corresponding to the device by the internet of things device 40, and the object model S is uploaded to the internet of things platform 20 to be maintained on the internet of things platform; or, the verification data is uploaded to the internet of things platform 20 by the internet of things device 40, so that the internet of things platform 20 writes the verification data into the internet of things model S corresponding to the internet of things device 40 maintained on the internet of things platform 20.
In some embodiments, the data included in the object model S corresponding to the internet of things device 40, which is maintained on the internet of things platform 20, is the data after being encoded in the specified encoding format; the object model S further includes description data corresponding to the data included in the object model S; wherein the descriptive data includes a specified encoding format.
The functions implemented by the internet of things platform 20, the internet of things device 40 and the service system 60 in this embodiment are detailed in the foregoing method embodiments, and are not described here again.
Referring to fig. 5, the embodiment of the present disclosure further provides a data processing apparatus, which is applied to the internet of things device 40, and an object model S corresponding to the internet of things device 40 is maintained on the internet of things platform 20 corresponding to the internet of things device 40; the device comprises:
the first obtaining module 102 is configured to obtain internet of things data generated by the device;
the generating module 104 is configured to generate verification data for performing trusted verification on the internet of things data;
the writing module 106 is configured to write the verification data into an object model corresponding to the device maintained on the internet of things platform 20, so that the service system 60 accessing the internet of things platform 20 performs trusted verification on the internet of things data based on the verification data written into the object model S after obtaining the internet of things data.
Details of this embodiment are detailed in the foregoing embodiments of the method applied to the internet of things device 40, and will not be described herein.
Referring to fig. 6, the embodiment of the present disclosure further provides a data processing apparatus, which is applied to a service system 60 connected to the internet of things platform 20, where an internet of things platform 20 maintains an object model S corresponding to the internet of things device 40 connected to the internet of things platform 20; the device comprises:
a second obtaining module 202, configured to obtain internet of things data generated by the internet of things device 40;
A third obtaining module 204, configured to obtain an object model S maintained by the internet of things platform 20; the object model S includes verification data, and the verification data is written into the object model S after being generated by the internet of things device 40;
the verification module 206 is configured to perform trusted verification on the obtained data of the internet of things based on the verification data in the object model S.
Details of this embodiment are detailed in the foregoing embodiments of the method applied to the service system 60, and will not be described herein.
The disclosed embodiments also provide a computer device at least comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of the preceding embodiments when executing the computer program.
FIG. 7 illustrates a more specific computing device hardware architecture diagram provided by embodiments of the present disclosure, which may include: a processor 302, a memory 304, an input/output interface 306, a communication interface 308, and a bus 310. Wherein the processor 302, the memory 304, the input/output interface 306, and the communication interface 308 are communicatively coupled to each other within the device via a bus 310.
The processor 302 may be implemented by a general-purpose central processing unit (Central Processing Unit, CPU), a microprocessor, an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits, etc. for executing relevant programs to implement the technical solutions provided by the embodiments of the present disclosure. The processor 302 may also include a graphics card, which may be an Nvidia titanium X graphics card, or a 10120Ti graphics card, or the like.
The Memory 304 may be implemented in the form of Read Only Memory (ROM), random access Memory (Random Access Memory, RAM), static storage devices, dynamic storage devices, etc. Memory 304 may store an operating system and other application programs, and associated program code is stored in memory 304 and called for execution by processor 302 when the techniques provided by embodiments of the present disclosure are implemented in software or firmware.
The input/output interface 306 is used for connecting with an input/output module to realize information input and output. The input/output module may be configured as a component in a device (not shown) or may be external to the device to provide corresponding functionality. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various types of sensors, etc., and the output devices may include a display, speaker, vibrator, indicator lights, etc.
The communication interface 308 is used to connect a communication module (not shown in the figure) to enable communication interaction between the present device and other devices. The communication module may implement communication through a wired manner (such as USB, network cable, etc.), or may implement communication through a wireless manner (such as mobile network, WIFI, bluetooth, etc.).
Bus 310 includes a path to transfer information between components of the device (e.g., processor 302, memory 304, input/output interface 306, and communication interface 308).
It should be noted that although the above-described device only shows the processor 302, the memory 304, the input/output interface 306, the communication interface 308, and the bus 310, the device may include other components necessary to achieve proper operation in a particular implementation. Furthermore, those skilled in the art will appreciate that the above-described apparatus may include only the components necessary to implement the embodiments of the present disclosure, and not all of the components shown in the figures.
The disclosed embodiments also provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method of any of the previous embodiments.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
From the foregoing description of the embodiments, it will be apparent to those skilled in the art that the disclosed embodiments may be implemented in software plus a necessary general purpose hardware platform. Based on such understanding, the technical solutions of the embodiments of the present disclosure may be embodied in essence or a part contributing to the prior art in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the embodiments or some parts of the embodiments of the present disclosure.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer apparatus or entity, or by an article of manufacture having some function. A typical implementation device is a computer, which may be in the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email device, game console, tablet computer, wearable device, or a combination of any of these devices.
The various embodiments in this disclosure are described in a progressive manner, and identical and similar parts of the various embodiments are all referred to each other, and each embodiment is mainly described as different from other embodiments. In particular, for the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points. The apparatus embodiments described above are merely illustrative, in which the modules illustrated as separate components may or may not be physically separate, and the functions of the modules may be implemented in the same piece or pieces of software and/or hardware when implementing embodiments of the present disclosure. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
The foregoing is merely a specific implementation of the embodiments of this disclosure, and it should be noted that, for a person skilled in the art, several improvements and modifications may be made without departing from the principles of the embodiments of this disclosure, which should also be considered as the protection scope of the embodiments of this disclosure.

Claims (18)

1. The data processing method is applied to the Internet of things equipment, and an object model corresponding to the Internet of things equipment is maintained on an Internet of things platform corresponding to the Internet of things equipment; the method comprises the following steps:
acquiring Internet of things data generated by the equipment;
generating verification data for carrying out trusted verification on the data of the Internet of things;
writing the verification data into an object model corresponding to the equipment maintained on the internet of things platform, so that a service system connected to the internet of things platform performs trusted verification on the internet of things data based on the verification data written into the object model after acquiring the internet of things data.
2. The method of claim 1, the object model comprising a number of data fields for maintaining data related to the internet of things device; the plurality of data fields comprise an extension field for maintaining the check data;
writing the verification data into an object model corresponding to the device maintained on the internet of things platform, wherein the method comprises the following steps:
and writing the verification data serving as a field value into the extension field, so that a service system accessing the Internet of things platform performs trusted verification on the Internet of things data based on the verification data in the extension field after acquiring the Internet of things data.
3. The method of claim 2, wherein the verification data includes signature data obtained by digitally signing the internet of things data based on a private key held by the device; the extension field includes a first extension field for maintaining the signature data; the trusted verification comprises verification of authenticity of a data source of the internet of things data;
writing the verification data into the extension field as a field value, so that a service system accessing the internet of things platform performs trusted verification on the internet of things data based on the verification data in the extension field after acquiring the internet of things data, wherein the method comprises the following steps of:
and writing the signature data into the first extension field as a field value, so that a service system accessing the Internet of things platform obtains the signature data written into the first extension field after obtaining the Internet of things data, performs signature verification on the signature data based on a public key corresponding to the private key, and performs authenticity verification on the source of the Internet of things data based on a signature verification result.
4. A method according to claim 3, the method further comprising:
Responding to successful registration of the equipment to the Internet of things platform, calling a key generation algorithm carried by the equipment, and generating a public and private key pair corresponding to the equipment;
and sending the public key in the public-private key pair to the service system so that the service system can conduct signature verification on the signature data based on the public key.
5. The method of claim 2, the verification data comprising a forensic address of the internet of things data on a blockchain; the extension field includes a second extension field for maintaining the memory address; the trusted verification comprises verification of authenticity of data content of the internet of things data;
writing the verification data into the extension field as a field value, so that a service system accessing the internet of things platform performs trusted verification on the internet of things data based on the verification data in the extension field after acquiring the internet of things data, wherein the method comprises the following steps of:
and writing the certificate address into the second extension field as a field value, so that a service system accessing the Internet of things platform can read the Internet of things data of the blockchain certificate based on the certificate address written into the second extension field after acquiring the Internet of things data, match the acquired Internet of things data with the Internet of things data of the blockchain certificate, and perform authenticity verification on the data content of the Internet of things data based on a content matching result.
6. The method of claim 5, wherein the internet of things data stored on the blockchain is privacy-protected based on a specified privacy algorithm; the data contained in the object model also contains a privacy algorithm type corresponding to the specified privacy algorithm.
7. The method of claim 1, writing the verification data into an object model corresponding to the device maintained on an internet of things platform, comprising:
writing the verification data into a locally maintained object model corresponding to the equipment, and uploading the object model to the Internet of things platform so as to maintain the Internet of things platform; or,
uploading the verification data to the internet of things platform, and writing the verification data into an object model corresponding to the equipment maintained on the internet of things platform by the internet of things platform.
8. The method of claim 1, wherein the data included in the object model corresponding to the internet of things device, which is maintained on the internet of things platform, is data after being encoded in a specified encoding format; the object model also comprises description data corresponding to the data contained in the object model; wherein the description data includes the specified encoding format.
9. The data processing method is applied to a service system accessed to an Internet of things platform, and an object model corresponding to Internet of things equipment accessed to the Internet of things platform is maintained on the Internet of things platform; the method comprises the following steps:
acquiring Internet of things data generated by Internet of things equipment;
acquiring the object model maintained by the Internet of things platform; the object model comprises verification data, and the verification data is written into the object model after being generated by the internet of things equipment;
and carrying out credibility verification on the acquired data of the Internet of things based on the verification data in the object model.
10. The method of claim 9, the object model comprising a number of data fields for maintaining data related to the internet of things device; the plurality of data fields comprise an extension field for maintaining the check data; the check data is written as a field value in the extension field; performing trusted verification on the obtained internet of things data based on the verification data in the object model, including:
and carrying out trusted verification on the acquired data of the Internet of things based on the verification data in the extension field.
11. The method of claim 10, wherein the verification data comprises signature data obtained by digitally signing the internet of things data based on a private key held by the internet of things device; the extension field includes a first extension field for maintaining the signature data; the trusted verification comprises verification of authenticity of a data source of the internet of things data;
Performing trusted verification on the obtained internet of things data based on the verification data in the extension field, including:
acquiring the signature data written in the first extension field;
signature verification is carried out on the signature data based on a public key corresponding to the private key;
and carrying out authenticity verification on the source of the data of the Internet of things based on the signature verification result.
12. The method of claim 11, comprising the private key and a public-private key pair of a public key corresponding to the private key being generated by the internet of things device by invoking a key generation algorithm carried by the internet of things device in response to successful registration with the internet of things platform; the method further comprises the steps of:
and acquiring the public key sent by the Internet of things equipment.
13. The method of claim 10, the verification data comprising a forensic address of the internet of things data on a blockchain; the extension field includes a second extension field for maintaining the memory address; the trusted verification comprises verification of authenticity of data content of the internet of things data;
performing trusted verification on the obtained internet of things data based on the verification data in the extension field, including:
Acquiring the certificate address written in the second extension field;
reading the data of the Internet of things of the blockchain certificate based on the certificate address;
performing content matching on the acquired internet of things data and the internet of things data stored on the blockchain;
and carrying out authenticity verification on the data content of the Internet of things data based on the content matching result.
14. The method of claim 13, wherein the internet of things data that is verified on the blockchain is privacy-protected based on a specified privacy algorithm; the data contained in the object model also contains a privacy algorithm type corresponding to the specified privacy algorithm.
15. The method of claim 9, wherein the verification data is written into a locally maintained object model corresponding to the device by the internet of things device, and the object model is uploaded to the internet of things platform for maintenance on the internet of things platform; or,
and uploading the verification data to the Internet of things platform by the Internet of things device, so that the Internet of things platform writes the verification data into an object model corresponding to the Internet of things device, which is maintained on the Internet of things platform.
16. The method of claim 9, wherein the data included in the object model corresponding to the internet of things device, which is maintained on the internet of things platform, is data after being encoded in a specified encoding format; the object model also comprises description data corresponding to the data contained in the object model; wherein the description data includes the specified encoding format.
17. A computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the method of any of claims 1 to 16.
18. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of any one of claims 1 to 16 when the computer program is executed.
CN202311778863.7A 2023-12-21 2023-12-21 Data processing method, medium and computer device Pending CN117786763A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311778863.7A CN117786763A (en) 2023-12-21 2023-12-21 Data processing method, medium and computer device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311778863.7A CN117786763A (en) 2023-12-21 2023-12-21 Data processing method, medium and computer device

Publications (1)

Publication Number Publication Date
CN117786763A true CN117786763A (en) 2024-03-29

Family

ID=90384590

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311778863.7A Pending CN117786763A (en) 2023-12-21 2023-12-21 Data processing method, medium and computer device

Country Status (1)

Country Link
CN (1) CN117786763A (en)

Similar Documents

Publication Publication Date Title
US11550935B2 (en) Method, apparatus, and electronic device for blockchain-based recordkeeping
US11018878B2 (en) Digital certificate management method, apparatus, and system
US11258612B2 (en) Method, apparatus, and electronic device for blockchain-based recordkeeping
TWI754795B (en) Evidence collection method, system, device and computer equipment based on blockchain evidence
CN109067791B (en) User identity authentication method and device in network
US20190163925A1 (en) System and method for monitoring and verifying software behavior
US20060200866A1 (en) Method and system for safely disclosing identity over the Internet
CN114564757A (en) Data auditing method, device and equipment of block chain and readable storage medium
CN115102744A (en) Data access method and device
CN113132363B (en) Front-end and back-end security verification method and equipment
CN117786763A (en) Data processing method, medium and computer device
CN113765674B (en) Cross-platform registration method and device based on blockchain
CN111292082B (en) Public key management method, device and equipment in block chain type account book
CN113360568A (en) Method and system for shielding alliance link data and computer readable storage medium
CN110659476A (en) Method and apparatus for resetting password
CN113689601B (en) Block chain-based pass verification method and device, electronic equipment and storage medium
CN114844650B (en) Equipment signature method and system
CN117557270B (en) Mobile terminal secure payment management method and system
EP4262142A1 (en) Communication system, communication method, and program
CN110245518B (en) Data storage method, device and equipment
CN108566278B (en) Data cooperation method and device
CN115333748A (en) Anti-counterfeiting communication method, system, electronic device and computer readable storage medium
CN117370463A (en) Block chain-based data storage method, device and storage medium
CN117407834A (en) Data processing method based on block chain network and related equipment
CN118035981A (en) Equipment fingerprint verification method, equipment fingerprint generation method and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination