TW202008202A - CSR data verification system with tamper-proof capability, related verification party subsystem, computer program product, and data verification method - Google Patents

Abstract

A CSR data verification system, related verification party subsystem, computer program product, and CSR data verification method are disclosed. The method includes: utilizing a verification party subsystem to select valid raw data for verification out of CSR raw data of a source enterprise; generating database index corresponding to the valid raw data; generating de-identification data based on the valid raw data; and transmitting the de-identification data and database index into a block chain subsystem and instructing the block chain subsystem to execute smart contracts previously deployed by the verification party subsystem to verify the de-identification data; if the de-identification data satisfies the inspection rules of the smart contracts, the block chain subsystem generates and stores a verified data containing the de-identification data, the database index, and an electronic signature of a verification party corresponding to the verification party subsystem.

Description

Corporate social responsibility data certification system with anti-tampering capabilities, related certification subsystems, computer program products, and data certification methods

The present invention relates to data authentication technology, in particular to a corporate social responsibility (CSR) data authentication system, related authentication subsystem, computer program product, and corporate social responsibility data authentication method with anti-tampering capability.

After years of promotion by the United Nations, corporate social responsibility has become an important issue of global concern. More and more investment institutions follow the United Nations' "Principles for Responsible Investment (PRI)" For performance (for example, safeguarding human rights, guaranteeing labor rights, developing sustainability and the economy, promoting corporate governance, continuous innovation, etc.), include important considerations when selecting investment targets. In addition, more and more companies or organizations will review the company's investment in corporate social responsibility to assess whether it will be included in the supply chain partners. For example, many government units, investment institutions, and various organizations will examine the performance of related companies in the three major aspects of environment, society, and corporate governance (Environmental, Social, and Corporate Governance, ESG), as a measure of whether the company is good. One of the evaluation criteria of corporate social responsibility. Therefore, if enterprises do not pay attention to the investment in various corporate social responsibilities, they may not only face punishment from relevant government regulations, but also reduce the investment willingness of many investment institutions or fail to enter the supply chain of certain target customers.

Traditionally, when a company wants to obtain a higher level of Corporate Social Responsibility certification, it needs to hire an accounting firm or a third-party certification agency with credibility or international certification to provide relevant financial data for the company Check and produce relevant corporate social responsibility reports (hereinafter referred to as CSR reports) with behavior record data (hereinafter referred to as CSR data) to measure or prove the company's investment in various aspects of corporate social responsibility.

However, the traditional CSR data certification model requires that both the enterprise and the certification body invest considerable manpower to check the accuracy and rationality of each data, so it takes a lot of time and expense to complete. Due to the shortcomings of the traditional model in terms of operating time and cost, the frequency of CSR data certification by companies is very low, usually only once a quarter or a year, so the output CSR report often fails to reflect the company’s recent CSR The latest investment status. On the other hand, the traditional CSR data authentication method cannot produce the latest CSR report immediately in response to sudden needs.

In view of this, how to overcome the aforementioned shortcomings of the traditional corporate social responsibility data certification method is really a problem to be solved.

This specification provides an embodiment of a CSR data authentication system, which includes: a blockchain subsystem; an authentication subsystem configured to access the blockchain subsystem; and a CSR data reporting service subsystem configured to pass through The network communicates with an enterprise-side device and the authentication subsystem, and after receiving the CSR original data of a target enterprise from the enterprise-end device, transmits the CSR original data to the authentication subsystem; , The certification subsystem is also configured to execute a computer program product to perform the following operations: filter out eligible raw data for certification from the CSR raw data, and store the qualified raw data into a database; generate and generate A database index corresponding to the eligible raw data; removing identifiable data from the eligible raw data to generate de-identified data; and transmitting the de-identified data and the corresponding database index to the blockchain subsystem, and Instruct the blockchain subsystem to execute one or more smart contracts to authenticate the de-identified data; where, if the de-identified data meets the verification rules in the one or more smart contracts, the blockchain subsystem generates and A post-certification data is stored, and the post-certification data includes the de-identified data, the database index, and an electronic signature of a certification body corresponding to the certification subsystem.

This specification also provides an embodiment of an authentication subsystem used in a CSR data authentication system. The CSR data certification system includes a CSR data reporting service subsystem and a blockchain subsystem, and after receiving the CSR raw data of a target company, the CSR data reporting service subsystem will send the CSR raw data to the certification Subsystem. The authentication subsystem includes: a communication circuit configured to communicate with the CSR data reporting service subsystem and the blockchain subsystem through the network; a storage circuit for storing a computer program product; and a processing circuit , Coupled to the communication circuit and the storage circuit; wherein, the processing circuit is configured to execute the computer program product to perform the following operations: filter out qualified original data that can be authenticated from the CSR original data, and convert the qualified original data Storing the data in a database; generating a database index corresponding to the qualified raw data; removing identifiable data from the qualified raw data to generate de-identified data; and using the communication circuit to de-identify the data and The corresponding database index is sent to the blockchain subsystem and instructs the blockchain subsystem to execute one or more smart contracts to authenticate the de-identified data; where, if the de-identified data matches the one or more The verification rules in the smart contract, the blockchain subsystem generates and stores a post-authentication data, and the post-authentication data includes the de-identified data, the database index, and a certification authority corresponding to the authentication subsystem Electronic signature.

This manual also provides an embodiment of a computer program product. The computer program product is stored in a storage circuit of a certification subsystem, allowing the certification subsystem to perform a CSR certification operation. The CSR certification operation includes: CSR raw data of a target company received from the certification subsystem , Select the eligible raw data that can be authenticated, and store the qualified raw data in a database; generate a database index corresponding to the qualified raw data; remove the identifiable data from the qualified raw data to generate Identify the data; and use a communication circuit to send the deidentified data and the corresponding database index to a blockchain subsystem, and instruct the blockchain subsystem to execute one or more smart contracts to authenticate the deidentification Data; where, if the de-identified data meets the verification rules in the one or more smart contracts, the blockchain subsystem generates and stores a post-authentication data, and the post-authentication data includes the de-identified data, the The database index and the electronic signature of a certification body corresponding to the certification subsystem.

This specification also provides an embodiment of a CSR data authentication method, which includes: selecting the qualified raw data for certification from the received CSR raw data of a target company, and storing the qualified raw data to a database Medium; generate a database index corresponding to the qualified raw data; remove identifiable data from the qualified raw data to generate de-identified data; and use a communication circuit to de-identify the data and the corresponding database index Send to a blockchain subsystem and instruct the blockchain subsystem to execute one or more smart contracts to authenticate the de-identified data; where, if the de-identified data conforms to the verification rules in the one or more smart contracts Then, the blockchain subsystem generates and stores a post-authentication data, and the post-authentication data includes the de-identified data, the database index, and the electronic signature of a certification authority corresponding to the authentication subsystem.

One of the advantages of the above embodiment is that it can greatly reduce the labor, time, and cost required to certify the CSR data of the company, so it can increase the frequency of CSR data certification and attract more companies and certification bodies to invest together And promote the CSR disclosure system.

Another advantage of the above-mentioned embodiment is that it can instantly use the blockchain subsystem to generate the latest specific CSR project data report in response to unexpected needs, to reflect the latest investment status of the company in various corporate social responsibility.

Another advantage of the above embodiment is that the qualified raw data of the enterprise is authenticated and stored in the blockchain subsystem, so it can effectively avoid the risk of tampering by intentional persons.

Other advantages of the present invention will be explained in more detail with the following description and drawings.

The embodiments of the present invention will be described below in conjunction with related drawings. In the drawings, the same reference numerals indicate the same or similar elements or method flows.

FIG. 1 is a simplified functional block diagram of a corporate social responsibility data authentication system (hereinafter referred to as CSR data authentication system) 100 according to an embodiment of the present invention. The CSR data certification system 100 is used to authenticate the CSR data provided by each enterprise, and can generate relevant specific CSR project data reports according to the request of the requestor.

The CSR data certification system 100 includes a corporate social responsibility data reporting service subsystem (hereinafter referred to as CSR data reporting service subsystem) 110, and one or more certification subsystems (for example, the exemplary certification subsystem shown in FIG. 1 120 and 130), a blockchain node cluster 140, and a blockchain subsystem 150 formed by the blockchain node cluster 140 and other blockchain computing circuits.

The multiple certification subsystems 120-130 in the CSR data certification system 100 correspond to different certification bodies, such as a credible accounting firm and/or a third-party certification unit that has obtained international certification qualifications. For example, the following assumes that the certification subsystem 120 corresponds to the first certification authority and the certification subsystem 130 corresponds to the second certification authority. In practice, the authentication subsystems 120-130 can be implemented with network-connectable devices such as computers or servers that are respectively installed in their respective certification bodies. Alternatively, the authentication subsystems 120 to 130 may also be implemented by different virtual machines installed on the same cloud platform, and be remotely controlled by the personnel of the corresponding certification authority.

The reference numerals 101 to 103 in FIG. 1 represent multiple different enterprise-side devices, and the reference numerals 105 to 107 represent multiple different demand-side devices. In practice, enterprise-side devices 101-103 are usually implemented with networkable devices such as computers or servers in their respective enterprises, and demand-side devices 105-107 are usually those who use their respective data needs (for example, investment institutions, enterprises or organizations The supply chain management department, or the official financial supervision unit, etc.) internal computers or servers and other networked devices to achieve.

During operation, different enterprises can send their original CSR data to the CSR data reporting service subsystem 110 through their respective enterprise-end devices. The CSR data report service subsystem 110 will send the CSR original data transmitted by the specific enterprise to the certification subsystem corresponding to the specific certification body appointed by the specific enterprise or agreed in advance.

Then, the authentication subsystem and the blockchain subsystem 150 jointly authenticate the original CSR data of the enterprise, and store the generated authenticated data in the blockchain subsystem 150 to avoid tampering of the data.

Afterwards, when any data demander needs to query the CSR data of a specific enterprise, he can send a request to the CSR data report service subsystem 110 through the corresponding demand-side device. At this time, the CSR data report service subsystem 110 may send a report creation request to the corresponding authentication subsystem, and the authentication subsystem may read the relevant post-authentication information from the blockchain subsystem 150 to generate the specific enterprise’s The specific CSR project data report, and transmits the generated specific CSR project data report to the corresponding demand-side device through the CSR data report service subsystem 110.

In the embodiment of FIG. 1, the CSR data reporting service subsystem 110 includes a website server 112, a user relationship database 114, and a blockchain computing circuit 116. The authentication subsystem 120 includes a communication circuit 121, a storage circuit 122, a database 123, a blockchain arithmetic circuit 124, and a processing circuit 125. The authentication subsystem 130 includes a communication circuit 131, a storage circuit 132, a database 133, a blockchain arithmetic circuit 134, and a processing circuit 135. The blockchain node cluster 140 includes a plurality of blockchain nodes (for example, the exemplary blockchain nodes 141-147 shown in FIG. 1).

Please note that the aforementioned CSR Data Reporting Service Subsystem 110, Authentication Subsystem 120, and Authentication Subsystem 130 can all be equipped with human-machine interface devices (such as monitors, keyboards and Mouse, touch screen, etc.), but in order to simplify the content of the picture, these man-machine interface devices are not shown in FIG. 1.

The blockchain subsystem 150 in this embodiment is composed of the blockchain operation circuit 116 in the CSR data report service subsystem 110, the blockchain operation circuit 124 in the authentication subsystem 120, and the blocks in the authentication subsystem 130 The chain operation circuit 134 and a plurality of blockchain nodes 141-147 in the blockchain node cluster 140 are composed together.

In the CSR data reporting service subsystem 110, the web server 112 is configured to communicate with the aforementioned enterprise-side devices 101-103, demand-side devices 105-107, and authentication subsystems 120-130 via the Internet or other networks. And the blockchain subsystem 150 performs data communication. The user relationship database 114 is coupled to the web server 112 and is used to store correspondence between multiple enterprises and related certification organizations for the web server 112 to query. The blockchain computing circuit 116 is coupled to the website server 112 and serves as one of the nodes of the blockchain subsystem 150, and can be used as a link between the CSR data reporting service subsystem 110 and the blockchain subsystem 150. Bridge of communication.

In the authentication subsystem 120, the communication circuit 121 is configured to communicate with the CSR data report service subsystem 110 and the blockchain subsystem 150 through the Internet or other networks. The storage circuit 122 is configured to store a corporate social responsibility data authentication program (hereinafter referred to as CSR data authentication program) 126. The blockchain computing circuit 124 is coupled to the communication circuit 121 and serves as one of the nodes of the blockchain subsystem 150 and can serve as a communication bridge between the authentication subsystem 120 and the blockchain subsystem 150. The processing circuit 125 is coupled to the communication circuit 121, the storage circuit 122, the database 123, and the blockchain operation circuit 124, and is configured to control the operation of the aforementioned device, and can execute the CSR data authentication program 126 in the storage circuit 122 for subsequent The CSR data authentication operation disclosed in the embodiment.

In the authentication subsystem 130, the communication circuit 131 is configured to communicate with the CSR data report service subsystem 110 and the blockchain subsystem 150 through the Internet or other networks. The storage circuit 132 is configured to store a CSR data authentication program 136. The blockchain computing circuit 134 is coupled to the communication circuit 131 and serves as one of the nodes of the blockchain subsystem 150 and can serve as a communication bridge between the authentication subsystem 130 and the blockchain subsystem 150. The processing circuit 135 is coupled to the communication circuit 131, the storage circuit 132, the database 133, and the blockchain operation circuit 134, and is configured to control the operation of the aforementioned device, and can execute the CSR data authentication program 136 in the storage circuit 132 for subsequent The CSR data authentication operation disclosed in the embodiment.

In practice, the website server 112 may be implemented by a single server, or may be implemented by a combination of multiple servers located in the same geographic area or in different geographic areas. Blockchain computing circuits 116, 124, 134, and blockchain nodes 141-147 can all be implemented with one or more processor modules or computers suitable for blockchain consensus algorithm (consensus algorithm) operation . Both the communication circuits 121 and 131 can be implemented by using various appropriate circuits conforming to the relevant network communication, wireless communication, or mobile communication specifications, such as a network interface card (NIC), wireless transmission (Wi-Fi) circuit, Or mobile communication circuits, etc. Both the storage circuits 122 and 132 can be implemented using various non-volatile storage devices. Both the processing circuits 125 and 126 can be implemented by one or more processor modules with appropriate computing capabilities.

The CSR data authentication programs 126 or 136 in the foregoing authentication subsystem 120 or 130 can be implemented by computer program products composed of one or more functional modules. For example, FIG. 2 is a simplified functional module diagram of the CSR data authentication program 126 (or 136) in FIG. 1. In the embodiment of FIG. 2, the CSR data authentication program 126 (or 136) all include a contract editing module 210, a data processing module 220, a data storage access module 230, a de-identification module 240, a Blockchain access module 250 and a report generation module 260.

The following describes the operation mode of CSR data authentication performed by the CSR data authentication system 100 in conjunction with FIGS. 3 to 4. 3 and 4 are simplified flowcharts of a CSR data authentication method according to an embodiment of the invention.

In the flowcharts of FIGS. 3 to 4, the process located in the field to which a specific device belongs belongs to the process performed by the specific device. For example, the part marked in the "CSR Data Reporting Service Subsystem" field is the process performed by the CSR Data Reporting Service Subsystem 110; the part marked in the "Certification Subsystem" field is the certification subsystem The process performed by one of 120~130; the part marked in the "Blockchain Subsystem" field is the process performed by the Blockchain Subsystem 150; the rest are deduced by analogy. The aforementioned logic is also applicable to other subsequent flowcharts.

When any certification body wants to participate in the operation of the CSR data certification system 100, the personnel within the certification body can use the corresponding certification subsystem with the blockchain subsystem 150 to perform the processes 302 to 306 to deploy in the blockchain subsystem 150 The relevant smart contract required for CSR data certification.

For example, the personnel of the aforementioned first certification authority may use the corresponding certification subsystem 120 to perform the processes 302-304. During operation, the processing circuit 125 of the authentication subsystem 120 executes the CSR data authentication program 126 stored in the storage circuit 122 to perform the CSR data authentication method in FIGS. 3 and 4.

In the process 302, the contract editing module 210 in the CSR data authentication program 126 can control the processing circuit 125 to edit and create one or more smart contracts containing a number of CSR data checking rules set by the first certification authority according to user control, And the electronic signature of the first certification authority is added to one of the smart contracts, so that one of the aforementioned smart contracts includes the electronic signature of the first certification authority. In practice, the contract editing module 210 can allow users of the first certification authority to flexibly adjust the number and specific content of the CSR data verification rules in the aforementioned smart contract according to the required CSR data certification level or standard.

For example, the contract editing module 210 can integrate the data checking rules of multiple specific CSR items under the same authentication level or standard into a single smart contract according to the user's instruction. In this case, the single smart contract can be used to check the information of multiple specific CSR projects.

For another example, the contract editing module 210 can configure data checking rules for multiple specific CSR items under the same authentication level or standard in multiple smart contracts according to user instructions. In this case, each smart contract can only be used to check the data of the corresponding single specific CSR project.

For another example, the contract editing module 210 can configure the data checking rules of a single specific CSR item under different authentication levels or standards in multiple smart contracts according to user instructions. In this case, the aforementioned multiple smart contracts can be used to check the data of a single specific CSR project, but the value threshold or judgment standard required by the check rules in different smart contracts will be different.

In the process 304, the blockchain access module 250 in the CSR data authentication program 126 can control the processing circuit 125 to use the communication circuit 121 to convert the established one or more smart contracts in the form of transaction messages Sent to the blockchain subsystem 150, and instructs the blockchain subsystem 150 to authenticate the smart contract established by the first certification authority. In operation, the blockchain access module 250 can control the processing circuit 125 to encode the original code of the established smart contract or smart contracts into corresponding bytecodes, and then use the communication circuit 121 to encode the aforementioned bits The meta code is transmitted to the blockchain subsystem 150 in the form of transaction information, and instructs the blockchain subsystem 150 to authenticate the smart contract in the transaction information.

Next, the blockchain subsystem 150 will perform a process 306, using multiple nodes to execute an appropriate consensus decision algorithm to authenticate one or more smart contracts established by the first certification authority. If one or more smart contracts established by the first certification authority pass the authentication of the blockchain subsystem 150, the blockchain subsystem 150 will store the one or more smart contracts established by the first certification authority in the form of data blocks In the blockchain ledger of the blockchain subsystem 150, the procedure of deploying the relevant smart contract of the first certification authority to the blockchain subsystem 150 is completed.

In practical applications, the first certification body may be entrusted by many companies using the CSR data certification system 100 to perform relevant CSR data certification procedures, but the level of CSR data certification required by different companies may be different. For example, some companies may require higher-level CSR data certification services, while others may only require lower-level CSR data certification services. Therefore, the first certification authority may use the certification subsystem 120 to deploy multiple sets of smart contracts corresponding to different CSR data certification levels to the blockchain subsystem 150 in the foregoing manner.

Similarly, the personnel of the aforementioned second certification authority can also use the corresponding certification subsystem 130 to perform the processes 302-304. During operation, the processing circuit 135 of the authentication subsystem 130 executes the CSR data authentication program 136 stored in the storage circuit 132 to perform the CSR data authentication method in FIGS. 3 and 4.

In the process 302, the contract editing module 210 in the CSR data authentication program 136 can control the processing circuit 135 to edit and create one or more smart contracts containing multiple CSR data checking rules set by the second certification body according to user control , And attach the electronic signature of the second certification authority to one of the smart contracts, so that one of the aforementioned smart contracts includes the electronic signature of the second certification authority. Similarly, the contract editing module 210 may allow the user of the second certification authority to flexibly adjust the number and specific content of the CSR data verification rules in the aforementioned smart contract according to the required CSR data certification level or standard.

In the process 304, the blockchain access module 250 in the CSR data authentication program 136 can control the processing circuit 135 to use the communication circuit 131 to transmit the established one or more smart contracts to the blockchain subsystem in the form of transaction information 150, and instructs the blockchain subsystem 150 to authenticate the smart contract established by the second certification institution. During operation, the blockchain access module 250 can control the processing circuit 135 to encode the original code of the established smart contract or smart contracts into corresponding bit codes, and then use the communication circuit 131 to encode the aforementioned bit codes into The form of transaction information is transmitted to the blockchain subsystem 150 and instructs the blockchain subsystem 150 to authenticate the smart contract in the transaction information.

Next, the blockchain subsystem 150 will perform a process 306, using multiple nodes to execute an appropriate consensus decision algorithm to authenticate one or more smart contracts established by the second certification authority. If one or more smart contracts established by the second certification authority pass the authentication of the blockchain subsystem 150, the blockchain subsystem 150 will store the one or more smart contracts established by the second certification authority in the form of data blocks In the blockchain ledger of the blockchain subsystem 150, the procedure of deploying the relevant smart contract of the second certification authority to the blockchain subsystem 150 is completed.

In practical applications, the second certification body may also be entrusted by multiple companies using the CSR data certification system 100 to perform relevant CSR data certification procedures, but the level of CSR data certification required by these companies may be different. Therefore, the second certification authority may use the certification subsystem 130 to deploy multiple sets of smart contracts corresponding to different CSR data certification levels to the blockchain subsystem 150 in the foregoing manner.

In addition, before starting to process the CSR data of the enterprise, the CSR data reporting service subsystem 110 also needs to perform the process 308 first. In the process 308, the web server 112 may establish multiple enterprises and related certification bodies according to the settings of the manager of the CSR data report service subsystem 110 or receive the configuration data from the enterprise device and/or certification subsystem The corresponding relationship between them, and store the aforementioned corresponding relationship in the user relationship database 114.

For convenience of explanation, the enterprise to which the enterprise device 101 belongs is referred to as the first enterprise, and the enterprise to which the enterprise device 103 belongs is referred to as the second enterprise, and it is assumed that the first enterprise has appointed or agreed to delegate the authentication subsystem 120 The first certification body to which it belongs performs the CSR data certification for the first enterprise, and it is assumed that the second enterprise has appointed or agreed to appoint the second certification body to which the certification subsystem 130 belongs to perform the CSR data certification for the second enterprise. In this case, the website server 112 may store the correspondence between the first enterprise and the first certification authority and the correspondence between the second enterprise and the second certification authority in the user relationship database in process 308 114.

When any enterprise wants to use the CSR data authentication system 100 to authenticate the CSR data of the enterprise, the personnel inside the enterprise (hereinafter referred to as the source enterprise) can use the corresponding enterprise-end device to perform the process 310 to provide the source enterprise’s CSR raw data (CSR raw data) to the CSR data report service subsystem 110.

For example, assume that the source company is the aforementioned first company. In an embodiment, a user within the first enterprise may periodically or irregularly control the enterprise-side device 101 to perform a process 310 to log in to the web server 112 of the CSR data reporting service subsystem 110, and generate relevant information on the web server 112. Entering the CSR raw data of the first company in the webpage causes the enterprise-side device 101 to send the CSR raw data of the first company to the web server 112 via the Internet. In another embodiment, the enterprise-side device 101 can execute a preset application program, periodically or irregularly from the first enterprise's management information system (MIS), enterprise resource planning system (ERP) system), or the front-end application system operated by the personnel of the first company, automatically retrieves the CSR raw data of the first company, and automatically transmits it to the web server 112 through the Internet.

Similarly, the enterprise-side device 103 corresponding to the second company may also perform the process 310 periodically or irregularly according to the aforementioned method to send the CSR raw data of the second company to the web server 112 through the Internet.

In the process 312, the website server 112 of the CSR data reporting service subsystem 110 receives the original CSR data of the source enterprise from the corresponding enterprise device.

In the process 314, the web server 112 queries the user relationship database 114 for the certification authority corresponding to the source company.

In the process 316, the website server 112 will send the original CSR data of the source company to the certification subsystem of the corresponding certification body. As can be seen from the foregoing description, in this embodiment, if the source enterprise is the first enterprise, the corresponding certification subsystem is the certification subsystem 120 of the first certification body, and if the source enterprise is the second enterprise, the corresponding certification subsystem It is the certification subsystem 130 of the second certification body.

For illustrative purposes, the following assumes that the aforementioned source enterprise is the first enterprise. In this case, the website server 112 will send the CSR original data of the first enterprise to the certification subsystem 120 of the corresponding first certification authority in the process 316.

In practice, the web server 112 can immediately perform the aforementioned process 316 each time it receives a piece of CSR raw data. Alternatively, the web server 112 may periodically perform the aforementioned process 316. Alternatively, the web server 112 may wait until the received CSR original data of the same source company accumulates to a predetermined amount before proceeding to the foregoing process 316.

In the process 318, the communication circuit 121 of the authentication subsystem 120 receives the CSR original data from the source company (the first company in this example) from the website server 112.

In the process 320, the data processing module 220 in the CSR data authentication program 126 can control the processing circuit 125 to select valid raw data (valid raw data) that can be authenticated from the CSR raw data of the source company. In practice, a plurality of filter rules may be set in the data processing module 220 according to appropriate financial and accounting audit principles and/or CSR data audit principles in advance. In the process 320, the processing circuit 125 can remove unreasonable, illogical, incomplete, and/or inconsistent data items from the source company's CSR raw data according to the screening rules in the data processing module 220, and The remaining data items are qualified raw data of the source company.

In other words, among the CSR raw data of the source company received by the authentication subsystem 120, only the data items that can pass the screening rules of the data processing module 220 are selected by the processing circuit 125 as the qualified raw data of the source company.

In practice, the authentication subsystem 120 can immediately perform the aforementioned process 320 after receiving a piece of CSR original data. Alternatively, the authentication subsystem 120 may periodically perform the aforementioned process 320. Alternatively, the authentication subsystem 120 may wait until the received CSR raw materials accumulate to a predetermined amount before performing the foregoing process 320. Alternatively, the certification subsystem 120 may also perform the aforementioned process 320 when the relevant personnel of the first certification institution issue an instruction.

After that, the authentication subsystem 120 and the blockchain subsystem 150 will cooperate with the second half of the CSR data authentication method, that is, the processes 402 to 414 in FIG. 4.

The following will use FIG. 5 to assist in explaining how the authentication subsystem 120 and the blockchain subsystem 150 operate in the processes 402-414. FIG. 5 is a simplified data flow diagram in the CSR data authentication process according to an embodiment of the present invention.

In the process 402, the data acquisition module 230 in the CSR data authentication program 126 can control the processing circuit 125 to store each eligible raw data in the database 123, and generate a database index corresponding to each eligible raw data . The aforementioned database index is an index data that can be used to query the storage location of the corresponding eligible original data in the database 123. During operation, the database fetching module 230 may use various existing database generation methods to generate the aforementioned database index.

For ease of understanding, the following will take the eligible raw data 510 in FIG. 5 as an example to illustrate the operation of the authentication subsystem 120 and the blockchain subsystem 150 in the processes 402-414. As shown in FIG. 5, the eligible raw data 510 includes a plurality of data fields 511 to 517, wherein the data field 511 is a company name field (company name field), and the data field 512 is a date field (date field), The data fields 513~515 are multiple common data fields, and the data fields 516~517 are multiple name fields. In the case where the source company is the aforementioned first company, the name of the first company is recorded in the company name field 511.

The date field 512 is usually used to record the date when the source company carried out or supported a specific activity, or the date the source company paid for a specific purpose or a specific accounting item. The general data fields 513~515 can be used to record the relevant data of the source company carrying out or supporting a specific activity. The name fields 516~517 can be used to record the names of the relevant participants of the source company to carry out or support a specific activity.

For example, assuming that the qualified raw data 510 is a data record of employees of the source company performing a certain carpooling behavior, the date field 512 can be used to record the date of the carpooling behavior. The general data fields 513~515 can be used to record the total mileage, starting position, ending position, vehicle brand, vehicle exhaust, vehicle fuel type, fuel consumption, number of passengers, etc. Related records. The name fields 516~517 can be used to record the names of drivers, passengers, promoters and other relevant persons participating in the carpooling carbon reduction activities.

For another example, assuming that the qualified raw data 510 is a data record of a coastal beach activity initiated by a source company, the date field 512 may be used to record the date of occurrence of the coastal beach activity. The general data fields 513~515 can be used to record the location of the coastal beach activities, the total weight of rubbish removed, the number of participants, transportation costs, total food and beverage expenses and other related records. The name fields 516~517 can be used to record the names of the conveners, members of the event and other relevant personnel participating in this coastal beach activity.

For another example, assuming that the eligible raw data 510 is a data record of a community free clinic organized by the source company, the date field 512 can be used to record the date of the free clinic. The general data fields 513~515 can be used to record the location of the free consultation, the total number of patients, the number of townships covered, the geographic area covered, the number of medical personnel involved, transportation, catering, medical supplies, total expenditures, etc. Related records. The name fields 516~517 can be used to record the names of medical personnel, community residents, residents in consultation, relevant support personnel and other relevant personnel participating in this free consultation.

For another example, assuming that the qualified raw data 510 is a data record of the internal company's internal employee education and training that values business secrets, the date field 512 can be used to record the date of the education and training. The general data fields 513~515 can be used to record the relevant records of the location of the education and training, the number of trainees, the hours of training courses, conference venue fees, catering expenses, total expenditures, etc. The name fields 516~517 can be used to record the names of the lecturers, personnel personnel, participating students, related support personnel and other relevant personnel participating in the education and training activities.

In practical applications, the number and sequence of data fields of the eligible original data 510 and the recorded content of each field can be adjusted according to actual needs, and are not limited to the foregoing embodiments.

In the process 404, the de-identification module 240 in the CSR data authentication program 126 can control the processing circuit 125 to remove the identifiable data related to the personal data from the qualified original data to generate de-identified data (de -identification data). In practice, it can be determined by the de-identification module 240 which data belongs to the identifiable data that should be removed. Alternatively, the CSR data certification system 100 may also predefine the field positions used to record the identifiable data, and notify relevant companies and certification bodies to fill in or judge according to the relevant definitions.

In the process 406, the blockchain access module 250 in the CSR data authentication program 126 can control the processing circuit 125 to merge each de-identified data of the source enterprise and the corresponding database index into a combined data (combined data) . After that, the blockchain access module 250 can control the processing circuit 125 to use the communication circuit 121 to send one or more combined data to the blockchain subsystem 150 in the form of transaction information, and instruct the blockchain subsystem 150 to execute and source One or more target smart contracts corresponding to the CSR data authentication level required by the enterprise to authenticate the de-identified data of the source enterprise. During operation, the blockchain access module 250 can control the processing circuit 125 to encode one or more pieces of combined data into corresponding bit codes, and then use the communication circuit 121 to transmit the aforementioned bit codes in the form of transaction information to The blockchain subsystem 150 instructs the blockchain subsystem 150 to authenticate the de-identified data in the transaction information.

Taking the eligible raw data 510 in FIG. 5 as an example, in the aforementioned process 402, the data acquisition module 230 may control the processing circuit 125 to store the eligible raw data 510 in the database 123, and generate corresponding to the eligible raw data 510 Index of database 520. As mentioned above, the database index 520 is index data that can be used to query the storage location of the eligible original data 510 in the database 123.

In the process 404, the de-identification module 240 can control the processing circuit 125 to remove the identifiable data related to the personal data in the qualified raw data 510, so as to generate business data that does not contain personal data and does not need to be disclosed company expense details, etc. De-identification data 530. For convenience of explanation, it is assumed that in the embodiment of FIG. 5, only the data in the data fields 516 to 517 and the partial data in the general data fields 513 to 515 belong to the identifiable data. Therefore, the de-identification module 240 can remove the data fields 516-517 related to the name of the qualified original data 510 and the partial fields in the general data fields 513-515, so that the data of the data fields 516-517 and some general data fields are not Will appear in the de-identified data 530.

In the process 406, the blockchain access module 250 can control the processing circuit 125 to merge the de-identified data 530 and the corresponding database index 520 into a combined data 540. As shown in FIG. 5, the combined data 540 includes the content of the de-identified data 530 and the content of the corresponding database index 520. After that, the blockchain access module 250 can control the processing circuit 125 to use the communication circuit 121 to transmit the combined data 540 alone (or together with other combined data) to the blockchain subsystem 150 in the form of transaction information.

As can be seen from the foregoing description, the de-identified data sent by the authentication subsystem 120 to the blockchain subsystem 150 is a simplified version of the qualified original data, so it can be used as the basis for subsequent CSR data authentication. Compared with qualified raw data, de-identified data does not contain personal information related to private data. Therefore, the authentication subsystem 120 transmits the de-identified data to the blockchain subsystem 150 for verification, and will not leak the personal data of the internal employees or related personnel of the source enterprise, so there will be no doubt about the leakage of personal information.

In practice, the timing for the authentication subsystem 120 to perform the aforementioned processes 402-406 can have many different options according to needs.

For example, the authentication subsystem 120 may immediately perform the aforementioned processes 402 to 406 after generating a piece of qualified original data.

Alternatively, the authentication subsystem 120 may periodically perform the aforementioned processes 402-406.

Alternatively, the authentication subsystem 120 may wait until the eligible raw materials accumulate to a predetermined amount before performing the foregoing processes 402-406.

Alternatively, the authentication subsystem 120 may periodically perform the aforementioned processes 402-404, but may not perform the aforementioned process 406 until the deidentified data of the same source company and the corresponding database are accumulated to a predetermined amount.

Alternatively, the authentication subsystem 120 may immediately perform the foregoing processes 402 to 404 after generating a piece of qualified original data, but may periodically perform the foregoing process 406 at a predetermined time.

Alternatively, the authentication subsystem 120 may immediately perform the aforementioned processes 402 to 404 each time a qualified source data is generated, but may wait until the deidentified data of the same source company and the corresponding database are accumulated to a predetermined When the number is reached, the aforementioned process 406 is performed.

In the process 408, multiple nodes in the blockchain subsystem 150 will jointly execute one or more target smart contracts specified by the authentication subsystem 120 to de-identify each piece of the combined data transmitted from the authentication subsystem 120 Check the contents of the documents one by one.

As mentioned above, the authentication subsystem 120 pre-deployed one or more target smart contracts in the blockchain subsystem 150, including multiple CSR data check rules set by the first certification authority, and the aforementioned target smart contract’s One of them includes the electronic signature of the first certification body. In the process 408, the blockchain subsystem 150 compares each de-identified data with multiple CSR data check rules in the target smart contract to check whether the de-identified data meets the corresponding CSR data check rules.

In the process 410, the blockchain subsystem 150 discards the de-identified data that cannot be checked by the target smart contract, and sends an authentication failure notification to the authentication subsystem 120. When the authentication subsystem 120 receives the authentication failure notification from the blockchain subsystem 150 in the process 410, the data processing module 220 can control the processing circuit 125 to generate relevant prompt information so that users of the authentication subsystem 120 can obtain Know related results.

In process 412, the blockchain subsystem 150 may extract the electronic signature of the first certification authority from the aforementioned one or more target smart contracts, and de-identify the data through verification, together with the corresponding database index and The electronic signatures of the first certification body are packaged together to generate de-identified data of the source company, the corresponding database index, and the verified data of the electronic signatures of the first certification body.

In the process 414, the blockchain subsystem 150 stores the authenticated data in the blockchain subsystem 150 in the form of data blocks for storage.

After each qualified source data of the source company is processed by the aforementioned processes 320, 402, 404, 404, 406, 408, 412, and 414, the CSR data certification process at the corresponding certification level can be completed.

After that, each node in the blockchain subsystem 150 can read the post-authentication data stored in the blockchain subsystem 150 for review or further analysis when needed.

Taking the aforementioned combined data 540 in FIG. 5 as an example, the blockchain subsystem 150 compares the de-identified data 530 in the combined data 540 with multiple CSR data check rules in the target smart contract in the process 408 to Check whether the de-identified data 530 meets the corresponding CSR data checking rules.

If the de-identified data 530 does not comply with the CSR data check rules in the target smart contract, the blockchain subsystem 150 will discard the combined data 540 and notify the authentication subsystem 120.

On the contrary, if the de-identified data 530 conforms to the CSR data check rules in the target smart contract, the blockchain subsystem 150 may pass the checked de-identified data 530 in the process 412, together with the corresponding database index 520 and the first The electronic signature of the certification body is packaged together to generate a post-certification data 550, so that the post-certification data 550 will contain the contents of the de-identified data 530, the contents of the database index 520, and the first certification to which the certification subsystem 120 belongs The organization's electronic signature is shown in Figure 5.

Next, the blockchain subsystem 150 will perform a process 414 to write the authenticated data 550 into the blockchain subsystem 150 in the form of data blocks for storage.

As shown in FIG. 5, the qualified raw data 510 of the source company can be processed through the aforementioned processes 320, 402, 404, 404, 406, 408, 412, and 414 to complete the CSR data certification process at the corresponding certification level and make The post-authentication data 550 corresponding to the eligible original data 510 is stored in the blockchain subsystem 150. In this way, anyone who has the authority to read the post-authentication data 550 from the blockchain subsystem 150 can clearly know the de-identification contained in the post-authentication data 550 based on the electronic signature in the post-authentication data 550. Data 530 has successfully passed the verification procedure of the smart contract deployed by the first certification body. From another perspective, this means that the de-identified data 530 in the post-certification data 550 has successfully passed the CSR data certification process of the first certification body.

Similarly, the aforementioned second company can also transfer the CSR raw data to the CSR data reporting service subsystem 110 according to the aforementioned method, and then the CSR data reporting service subsystem 110 is transferred to the certification subsystem 130 operated by the second certification body. deal with. The authentication subsystem 130 and the blockchain subsystem 150 can operate in conjunction with the methods of FIG. 3 and FIG. 4 described above to perform related CSR data authentication procedures on the CSR original data provided by the second company.

As can be seen from the foregoing description, the CSR data authentication methods in Figures 3 and 4 use the blockchain and smart contract architecture to automatically complete the source company's CSR data authentication process, so it can greatly improve the efficiency and accuracy of CSR data authentication. At the same time, the required manpower and time are greatly reduced, and the risk of tampering with the post-authentication data stored in the blockchain subsystem 150 can be effectively avoided.

On the other hand, the content of the de-identified data contained in the post-authentication data stored in the blockchain subsystem 150 does not include personal information related to private data. Using the blockchain subsystem 150 to store post-authentication data does not The personal data of internal employees or related personnel of the source company will be leaked, so there will be no doubts about the leakage of personal information.

Please note that the entity that traditionally authenticates CSR data for the source company is the certification body appointed by the source company, but this is not the case in the CSR data certification system 100.

It can be seen from the foregoing descriptions of the flowcharts in FIG. 3 and FIG. 4 that, in the CSR data authentication system 100, the subject of checking the de-identified data according to the relevant CSR data authentication rules is the role-neutral blockchain subsystem 150, not Any certification subsystem is not a certification body to which any certification subsystem belongs.

Taking the aforementioned de-identified data 530 in FIG. 5 as an example, after generating the de-identified data 530, the authentication subsystem 120 does not perform CSR data authentication on the de-identified data 530, but will include the de-identified data 530. The combined data 540 is sent to the blockchain subsystem 150 for authentication. The blockchain subsystem 150 will execute the target smart contract pre-deployed by the authentication subsystem 120 to check whether the content of the de-identified data 530 in the combination data 540 complies with the CSR data check rules in the target smart contract. After the content of the de-identified data 530 passes the verification of the relevant smart contract, the blockchain subsystem 150 converts the de-identified data 530 into the form of the authenticated data 550 and saves it in the blockchain subsystem 150.

Obviously, no enterprise can write fake authentication information into the blockchain subsystem 150 to deceive others.

In addition, judging from the process of CSR data authentication by the aforementioned CSR data authentication system 100, it is actually the authentication subsystem 120 that passes the power to authenticate the enterprise's CSR data to the blockchain subsystem 150 through smart contracts as a medium , The neutral blockchain subsystem 150 replaces the authentication subsystem 120 operated by the first certification body to authenticate the CSR data of the first enterprise, and saves the certified CSR data in the blockchain subsystem 150.

The smart contract of any certification authority must first be jointly authenticated by multiple nodes in the blockchain subsystem 150 before it can be deployed to the blockchain subsystem 150, and anyone with the authority to read the data in the blockchain subsystem 150 Everyone can know from the electronic signature in the post-authentication information which post-authentication information was previously checked based on which certification agency’s smart contract. Therefore, the aforementioned CSR data certification method can effectively avoid the possibility that the certification bodies appointed by the enterprises collude to falsify the CSR data certification results, so the transparency and credibility of the overall certification process of the CSR data certification system 100 can be greatly improved.

6 to 7 are used to further explain the operation of the CSR data certification system 100 to generate a specific-CSR-category data report. 6 and 7 are simplified flowcharts of a specific CSR project data report generation method according to an embodiment of the invention.

As mentioned earlier, when any data demander (for example, the investment chain, the supply chain management department of an enterprise or organization, or the official financial supervision unit, etc.) needs to query the CSR data of a specific target enterprise, the corresponding demand end can be used The device sends a request to the CSR data report service subsystem 110.

For illustrative purposes, the following uses the scenario where the user of the demand-side device 105 wants to query a specific CSR project data report of a specific target company as an example to illustrate the specific CSR project data report generation method in FIGS. 6 and 7.

First, the demand-side device 105 can perform the process 602 according to the operation of its user to remotely log in to the CSR data report service subsystem 110 through the Internet. The way for the demand-side device 105 to log in to the CSR data report service subsystem 110 can be performed by using various appropriate account checking or identity verification methods.

After the demand-side device 105 successfully logs into the CSR data reporting service subsystem 110, the website server 112 of the CSR data-reporting service subsystem 110 may generate a relevant query object selection webpage for the user of the demand-side device 105 to browse and set.

Then, the demand-side device 105 may perform the process 604, select the target company, data time range, and data category to be queried according to the user's operation, and generate and transmit a corresponding specific project data report request (specific-category data report request) to the web server 112. In practice, the aforementioned specific project data report request may include one or more selected data items. In one embodiment, the aforementioned data items are used to specify which one or several specific master data items the CSR data to be queried belongs to. In other embodiments, the aforementioned data items may be further used to specify which specific sub-data item or which specific main data items the CSR data to be queried belongs to.

In the process 606, the website server 112 receives the specific project data report request from the demand-side device 105.

In the process 608, the website server 112 generates and sends an inquiry message to the target enterprise corresponding to the specific project data report request. During operation, the web server 112 can send the query information to the enterprise-side device corresponding to the target enterprise through the Internet.

For the sake of explanation, the following assumes that the aforementioned target company is the first company. In this case, the website server 112 generates and sends a query message to the enterprise device 101 corresponding to the first enterprise in the process 608.

In the process 610, the enterprise device 101 will pick up the inquiry message from the website server 112 and generate a relevant prompt message to ask whether the internal staff of the first enterprise agrees to the CSR data reporting service subsystem 110 to provide the first enterprise related information The specific CSR project data is reported to the user of the demand side device 105.

If the internal personnel of the first enterprise are unwilling to provide the specific CSR project data report of the first enterprise to the user of the demand-side device 105, the enterprise-side device 101 may be used to perform the process 612. On the contrary, if the internal personnel of the first enterprise are willing to provide the data report of the specific CSR project related to the first enterprise to the user of the demand-side device 105, the enterprise-side device 101 may be used to perform the process 616.

In the process 612, the enterprise device 101 sends a rejection message (disapproval message) to the CSR data report service subsystem 110 according to the instructions of its user. After receiving the rejection information from the enterprise-side device 101, the website server 112 of the CSR data reporting service subsystem 110 may generate and send a corresponding rejection notice to the demand-side device 105.

In the process 614, the demand-side device 105 receives the rejection notification from the website server 112 and notifies the user of the demand-side device 105 in an appropriate form.

In the process 616, the enterprise device 101 transmits an approval message to the CSR data report service subsystem 110 according to the instructions of its user.

In one embodiment, when the web server 112 receives the consent information from the enterprise device 101, the web server 112 will query whether the specific information required by the aforementioned specific item data report request is already stored in the blockchain subsystem 150 CSR project data report. If the specific CSR project data report required by the aforementioned specific project data report request has been completed and stored in the blockchain subsystem 150, the website server 112 can simply read out the specific CSR project required from the blockchain subsystem 150 The data report is transmitted to the demand-side device 105. On the contrary, if there is no specific CSR project data report required in the blockchain subsystem 150, the website server 112 will proceed to the process 618.

In another embodiment, when the website server 112 receives the consent information from the enterprise-side device 101, whether or not the specific CSR project data report required by the aforementioned specific project data report request is already stored in the blockchain subsystem 150 , The web server 112 will perform the process 618.

In the process 618, the website server 112 generates a report generation request (report generation request) corresponding to the target enterprise selected by the demand-side device 105 (assumed to be the first enterprise in this example), the data time range, and the data item . In practice, the web server 112 can record the target enterprise, data time range, and data items selected by the demand-side device 105 in various appropriate data formats in the report production request.

In the process 620, the web server 112 queries the user relationship database 114 for the certification authority corresponding to the target enterprise.

Next, the website server 112 will perform a process 622 to send the report creation request to the certification subsystem of the corresponding certification authority. In this embodiment, it is assumed that the target enterprise is the first enterprise, and the certification authority corresponding to the first enterprise is the first certification authority. Therefore, in the process 622, the website server 112 transmits the report creation request to the certification subsystem 120 corresponding to the first certification authority.

Next, the authentication subsystem 120 and the blockchain subsystem 150 will cooperate to perform the second half of the process of generating a specific CSR project data report, that is, the processes 702 to 710 in FIG. 7.

In the process 702, the communication circuit 121 of the authentication subsystem 120 receives the report creation request from the website server 112, and the data processing module 220 in the CSR data authentication program 126 can control the processing circuit 125 to read the report creation request Recorded query parameters such as selected target enterprise, selected data time range, and selected data items.

In the process 704, the blockchain access module 250 in the CSR data authentication program 126 can control the processing circuit 125 to read out the target enterprise (in this example, the first enterprise) from the blockchain subsystem 150 in the selected Multiple relevant post-authentication data corresponding to one or more selected data items within the time range of the data.

In the process 706, the blockchain access module 250 in the CSR data authentication program 126 can control the processing circuit 125 to extract multiple database indexes from the aforementioned multiple post-authentication data.

In the process 708, the data acquisition module 230 in the CSR data authentication program 126 can control the processing circuit 125 to query the database 123 according to the aforementioned multiple database indexes to read out the target enterprise from the database 123 (in In this example, it is the first qualified source).

In the process 710, the report generation module 260 in the CSR data authentication program 126 can control the processing circuit 125 to automatically convert the aforementioned plurality of eligible original data into a specific CSR project data report according to predetermined report production rules. In practice, various rules on how to classify, count, analyze, and draw relevant records in multiple eligible raw materials can be pre-set in the report generation module 260 for the processing circuit 125 to carry out the process 710 .

For ease of understanding, FIG. 8 is used here to assist in explaining the processes 702 to 710 in FIG. 7. FIG. 8 is a simplified data flow diagram during the process of generating a specific CSR project data report according to an embodiment of the present invention.

In the aforementioned process 704, the processing circuit 125 may read from the blockchain subsystem 150 according to the control of the blockchain access module 250 that the first enterprise corresponds to one or more selected data items within the selected data time range Multiple post-authentication data, of which the post-authentication data 810 shown in FIG. 8 is one of the aforementioned multiple post-authentication data.

As shown in FIG. 8, the post-certification data 810 includes the de-identified data 812, the database index 814, and the electronic signature 816 of the corresponding certification authority (in this example, the electronic signature of the first certification authority).

In the aforementioned process 706, the processing circuit 125 may extract the database index 814 from the authenticated data 810 according to the control of the blockchain access module 250.

In the aforementioned process 708, the processing circuit 125 can query the database 123 according to the database index 814 according to the control of the data storage module 230 to read out a piece of qualified original data corresponding to the first company from the database 123 831. The data field configuration of the eligible raw data 831 is substantially the same as the eligible raw data 510 in FIG. 5 described above. Therefore, in order to simplify the drawing, the data field configuration of the eligible original data 831 is not shown in FIG. 8.

Next, the processing circuit 125 may repeat the operations of retrieving the database index and querying the database 123 for other authenticated data according to the control of the blockchain access module 250 and the data storage fetching module 230 to retrieve data from the data The library 123 successively reads other qualified raw materials 833~835.

After obtaining all eligible qualified raw materials, the processing circuit 125 can perform the aforementioned process 710 according to the control of the report generation module 260 to automatically convert the aforementioned multiple qualified raw materials into a copy according to predetermined report production rules The data report of a specific CSR project, and the statistical results or analysis results of the relevant records in the multiple eligible raw materials mentioned above can be presented in the data report of the specific CSR project in various charts.

In other words, the processing circuit 125 of the authentication subsystem 120 will immediately generate the aforementioned specific CSR project data report based on the multiple pieces of post-authentication data read from the blockchain subsystem 150.

In the process 712, the report generation module 260 can control the processing circuit 125 to use the communication circuit 121 to transmit the generated specific CSR item data report to the website server 112 of the CSR data report service subsystem 110.

At this time, the web server 112 will perform a process 714 to receive the specific CSR project data report from the authentication subsystem 120.

Next, the web server 112 will perform a process 716 to provide the specific CSR project data report generated by the authentication subsystem 120 to the demand-side device 105. In practice, the website server 112 can directly forward the specific CSR project data report generated by the authentication subsystem 120 to the demand-side device 105. Alternatively, the website server 112 may also encrypt the specific CSR project data report generated by the authentication subsystem 120 and then send it to the demand-side device 105 to improve the data security when the specific CSR project data report is delivered.

In the process 718, the demand-side device 105 receives the specific CSR project data report from the website server 112. In this way, the user of the demand-side device 105 can use the specific CSR project data report to understand the target company’s investment in one or more specific CSR aspects, so as to assess whether the target company is included in the selected investment Target or evaluate whether the target enterprise should be included as a supply chain partner.

Similarly, if the user of the demand-side device 107 wants to query the specific CSR project data report of the second company, the relevant request can also be sent to the CSR data-reporting service subsystem 110 through the demand-side device 107 as described above. The CSR data reporting service subsystem 110 will inquire through the enterprise-side device 103 whether the second company agrees to the CSR data reporting service subsystem 110 to provide the relevant specific CSR project data report of the second company to the user of the demand-side device 107. After obtaining the consent of the second enterprise, the CSR data reporting service subsystem 110 may request the certification subsystem 130 corresponding to the second certification body to make relevant CSR project data reports. Then, the authentication subsystem 130 and the blockchain subsystem 150 can operate in accordance with the method of FIG. 7 described above to generate a specific CSR project data report corresponding to the second enterprise, and send it to the demand-side device through the CSR data report service subsystem 110 107.

As can be seen from the foregoing description, after receiving the report creation request from the CSR data reporting service subsystem 110, the relevant certification subsystem will automatically generate the corresponding specific CSR project data report with the blockchain subsystem 150, so it can greatly improve the specific The generation efficiency and accuracy of the CSR project data report, while greatly reducing the manpower and time required, can more effectively ensure that the specific CSR project data report provided by the CSR data report service subsystem 110 to the demand-side device is an unaltered version .

In this way, it is possible to increase the frequency of CSR data certification by related companies, and to attract more companies and certification bodies to participate in the operation of the CSR data certification system 100 to jointly invest in and promote the CSR data certification system, thereby expanding the CSR disclosure system (CSR disclosure).

Since the CSR data reporting service subsystem 110 can ensure that the specific CSR project data report provided to the demand-side device is not tampered with, the investment institutions, supply chain management departments, or official financial supervision units of various countries can be based on CSR The data report service subsystem 110 has provided specific CSR project data reports to determine whether the target company really has long-term and continuous investment in the specific corporate social responsibility.

Please note that in the aforementioned CSR data certification system 100, the main body generating the specific CSR project data report is the relevant certification subsystem, but the certification subsystem must be based on the information provided by the blockchain subsystem 150 to generate the correct specific CSR project data report.

Taking the aforementioned post-authentication data 810 in FIG. 8 as an example, after the authentication subsystem 120 reads the post-authentication data 810 from the blockchain subsystem 150, it must first extract the database index 814 from the post-authentication data 810, and then The database index 814 queries the database 123 in order to read the corresponding qualified original data 831 from the database 123. Without obtaining the post-authentication data 810 stored in the blockchain subsystem 150, the processing circuit 125 of the authentication subsystem 120 cannot read the correct qualified original data 831 from the database 123.

Therefore, the aforementioned specific CSR project data report generation method can effectively avoid the possibility of colluding with the certification body appointed by the enterprise to jointly falsify the specific CSR project data report, and can greatly improve the specific CSR project data report information provided by the CSR data report service subsystem 110 Depth, detailed information, reliability, and credibility.

In addition, in the aforementioned CSR data certification system 100, the qualified raw data of the source company will only be stored in the database of the certification subsystem of the corresponding certification body, so any certification body has no right to access the database of other certification subsystem Under the circumstances, it cannot replace other certification bodies to generate relevant CSR project data reports.

For example, it is assumed that the aforementioned qualified raw data of the first enterprise will only be stored in the database 123 of the certification subsystem 120 of the corresponding first certification authority, and the certification subsystem 130 belonging to the second certification authority cannot access the certification subsystem 120 Of the database 123. In this case, even if the authentication subsystem 130 can read multiple pieces of post-authentication data related to the first enterprise from the blockchain subsystem 150 and extract multiple database indexes from it, the authentication subsystem 130 cannot obtain the data The correct and qualified original data in the library 123, so it is impossible to generate a detailed version of the specific CSR project data report corresponding to the first company. In other words, the aforementioned specific CSR project data report generation method can effectively ensure the authority and fairness of the specific CSR project data report provided by the CSR data report service subsystem 110, and can reduce the generation of specific CSR projects by different certification bodies in order to compete for The power of data reporting has led to vicious competition.

On the other hand, when the CSR data reporting service subsystem 110 transmits a report creation request to the corresponding authentication subsystem in response to the sudden need, the authentication subsystem can operate with the blockchain subsystem 150 to generate the latest Specific CSR project data report to reflect the latest performance of the target company in one or more specific CSR aspects.

Furthermore, since the aforementioned CSR data certification system 100 allows the data requester to flexibly set the required data time range of the specific CSR project data report, the time range of the specific CSR project data report generated by the corresponding certification subsystem can meet the data needs The needs of the authors are no longer limited to seasonal or annual units like traditional CSR reports. Therefore, the aforementioned specific CSR project data report generation method can greatly increase the flexibility and convenience of data demanders, and allow investment institutions, supply chain management departments, or official financial supervision units in various countries to use the CSR data certification system 100 Generate specific CSR project data reports to analyze and compare different companies' performance in one or more specific corporate social responsibility aspects within a certain period of non-standardized time.

Please note that the execution sequence of the flowcharts in the foregoing flowcharts is only an exemplary embodiment, and does not limit the actual implementation of the present invention. For example, the process 404 in FIG. 4 can be adjusted before the process 402 or can be performed simultaneously with the process 402. For another example, the process 620 in FIG. 6 may be adjusted to be performed before the process 618, or may be performed simultaneously with the process 618.

In some applications where the web server 112 does not need to ask whether the company is willing to provide specific CSR project data reports to data requesters, the web server 112 can directly jump to the process 618 after performing the process 606 to omit asking the target company whether to agree The CSR data reporting service subsystem 110 provides the relevant process of reporting data of the specific CSR project of the target enterprise to the data requester.

In practical applications, the data requestor may not set a special data time range and/or data item. In this case, the corresponding authentication subsystem can relax the search conditions when searching the post-authentication data from the blockchain subsystem 150 in the foregoing process 702.

In practice, the number of authentication subsystems, the number of enterprise-side devices, and the number of demand-side devices in the aforementioned CSR data authentication system 100 can be adjusted according to the needs of the actual application environment, and are not limited to those in the foregoing embodiments. The appearance shown.

In some embodiments, the blockchain computing circuit 116 in the aforementioned CSR data reporting service subsystem 110 may be omitted, or the blockchain computing circuit 116 may be independent of the CSR data reporting service subsystem 110.

In addition, in some embodiments, the blockchain computing circuit 124 in the foregoing authentication subsystem 120 may be omitted, or the blockchain computing circuit 124 may be independent of the authentication subsystem 120. Similarly, in some embodiments, the blockchain computing circuit 134 in the foregoing authentication subsystem 130 may be omitted, or the blockchain computing circuit 134 may be independent of the authentication subsystem 130.

In practice, the database 123 in the aforementioned authentication subsystem 120 can also be independent of the authentication subsystem 120. Similarly, the database 133 in the authentication subsystem 130 can be independent of the authentication subsystem 130.

Certain words are used in the specification and patent application scope to refer to specific elements, and those skilled in the art may use different terms to refer to the same element. This specification and the scope of patent application do not use the difference in names as a means of distinguishing elements, but the difference in function of elements as a basis for distinguishing. "Inclusion" mentioned in the description and the scope of patent application is an open term and should be interpreted as "including but not limited to." In addition, the term "coupled" here includes any direct and indirect connection means. Therefore, if it is described that the first element is coupled to the second element, it means that the first element can be directly connected to the second element through electrical connection, wireless transmission, optical transmission, or other signal connection, or through other elements or connections The means is indirectly electrically or signally connected to the second element.

The description method of "and/or" used in the specification includes any one of the listed items or any combination of multiple items. In addition, unless otherwise specified in the specification, any singular expressions also include the plural meaning.

The flow features in certain device claims in the claims correspond to the operation flow contents in the flowcharts in the drawings and the description. Therefore, these device claims should be understood as the functional module architecture that mainly implements the foregoing solution through the computer program described in the specification, and should not be understood as the physical device that mainly implements the solution through hardware.

The above are only preferred embodiments of the present invention, and any equivalent changes and modifications made according to the claims of the present invention shall fall within the scope of the present invention.

100‧‧‧CSR data verification system (CSR data verification system)

101~103‧‧‧enterprise device

105~107‧‧‧requester device

110‧‧‧CSR data report service subsystem (CSR data report service subsystem)

112‧‧‧Web server

114‧‧‧ user relationship database

116‧‧‧block chain computing circuit

120、130‧‧‧verification party subsystem

121, 131‧‧‧ communication circuit (communication circuit)

122, 132‧‧‧ storage circuit (storage circuit)

123, 133‧‧‧ database

124,134‧‧‧block chain computing circuit (block chain computing circuit)

125、135‧‧‧processing circuit

126、136‧‧‧CSR data verification program (CSR data verification program)

140‧‧‧block chain node cluster

141~147‧‧‧block chain node

150‧‧‧block chain subsystem

210‧‧‧contract editing module

220‧‧‧Data processing module

230‧‧‧Database accessing module (database accessing module)

240‧‧‧de-identification module

250‧‧‧block chain access module

260‧‧‧report generating module

302~320, 402~414, 602~622, 702~718

510, 831, 833, 835‧‧‧‧ qualified raw data (valid raw data)

511~517‧‧‧ data field (data field)

520, 814‧‧‧ database index (database index)

530, 812‧‧‧ de-identification data

540‧‧‧combined data

550, 810‧‧‧ verified data (verified data)

816‧‧‧Electronic signature (electronic signature)

840‧‧‧specific-CSR-category data report

FIG. 1 is a simplified functional block diagram of a CSR data authentication system according to an embodiment of the present invention.

FIG. 2 is a simplified functional module schematic diagram of an embodiment of the computer program product in the authentication subsystem in FIG. 1.

3 and 4 are simplified flowcharts of a CSR data authentication method according to an embodiment of the invention.

FIG. 5 is a simplified data flow diagram in the CSR data authentication process according to an embodiment of the present invention.

6 and 7 are simplified flowcharts of a specific CSR project data report generation method according to an embodiment of the invention.

FIG. 8 is a simplified data flow diagram during the process of generating a specific CSR project data report according to an embodiment of the present invention.

100‧‧‧CSR data certification system

101~103‧‧‧Enterprise device

105~107‧‧‧demand device

110‧‧‧CSR Data Reporting Service Subsystem

112‧‧‧Web Server

114‧‧‧User Relations Database

116‧‧‧Blockchain operation circuit

120, 130‧‧‧ certification subsystem

121、131‧‧‧Communication circuit

122, 132‧‧‧ storage circuit

123, 133‧‧‧ database

124, 134‧‧‧ Blockchain arithmetic circuit

125, 135‧‧‧ processing circuit

126、136‧‧‧CSR data certification program

140‧‧‧Blockchain node cluster

141~147‧‧‧Blockchain node

150‧‧‧Blockchain subsystem

Claims (22)

A CSR data authentication system (100), including: a blockchain subsystem (150); an authentication subsystem (120) configured to access the blockchain subsystem (150); and a CSR data reporting service subsystem (110), configured to communicate with an enterprise-side device (101) and the authentication subsystem (120) through the network, and can receive the CSR of a target enterprise from the enterprise-side device (101) After the original data, the CSR original data is sent to the certification subsystem (120); wherein, the certification subsystem (120) is also configured to execute a computer program product (126) to perform the following operations: From the CSR original data Filter out the eligible raw data that can be authenticated and store the qualified raw data in a database (123); generate a database index corresponding to the qualified raw data; remove the identifiable data from the qualified raw data to Generate de-identified data; and send the de-identified data and the corresponding database index to the blockchain subsystem (150), and instruct the blockchain subsystem (150) to execute one or more smart contracts for authentication The de-identified data; wherein, if the de-identified data conforms to the verification rules in the one or more smart contracts, the blockchain subsystem (150) generates and stores a post-authentication data, and the post-authentication data includes The de-identified data, the database index, and the electronic signature of a certification body corresponding to the certification subsystem (120). The CSR data authentication system (100) according to claim 1, wherein the authentication subsystem (120) is further configured to execute the computer program product (126) to perform the following operations: establish and implement the one or more smart contracts Deployed to the blockchain subsystem (150), and one of the one or more smart contracts includes the electronic signature. The CSR data authentication system (100) according to claim 2, wherein, if a demand-side device (105) requests the CSR data reporting service subsystem (110) to provide a specific CSR project data report corresponding to the target enterprise, The CSR data reporting service subsystem (110) will generate and send a report making request corresponding to the target enterprise to the certification subsystem (120), and the certification subsystem (120) is also configured to execute the computer program product ( 126) To perform the following operations: Obtain a selected data time range from the report production request; Read multiple relevant post-authentication data of the target enterprise within the selected data time range from the blockchain subsystem (150) ; Retrieve multiple database indexes from the multiple post-certification data; query the database (123) according to the multiple database indexes to read the multiple records of the target enterprise from the database (123) Eligible raw data; and according to a predetermined report making rule, automatically convert the plurality of eligible raw materials into a specific CSR project data report corresponding to the target company, and pass the specific CSR project data report through the CSR data reporting service The subsystem (110) is transmitted to the demand-side device (105). The CSR data authentication system (100) according to claim 3, wherein, after receiving the request from the demand-side device (105), the CSR data report service subsystem (110) transmits an inquiry message to the enterprise Device (101) to ask whether the target enterprise agrees that the CSR data reporting service subsystem (110) provides relevant specific CSR project data reports to users of the demand-side device (105), and only after receiving the enterprise-side device (101) 101) In the case of a consent message, the CSR data report service subsystem (110) will only send the report creation request to the authentication subsystem (120). The CSR data authentication system (100) according to claim 2, wherein, if a demand-side device (105) requests the CSR data reporting service subsystem (110) to provide a specific CSR project data report corresponding to the target enterprise, The CSR data reporting service subsystem (110) will generate and send a report making request corresponding to the target enterprise to the certification subsystem (120), and the certification subsystem (120) is also configured to execute the computer program product ( 126) To perform the following operations: obtain a selected data time range and one or more selected data items from the report production request; read out the target enterprise in the selected data time range from the blockchain subsystem (150) Multiple related post-authentication data corresponding to the selected data items within; extract multiple database indexes from the multiple post-authentication data; query the database (123) according to the multiple database indexes to retrieve data from the database ( 123) read out a number of eligible raw materials of the target company; and automatically convert the multiple qualified raw materials into a specific CSR project data report corresponding to the target company according to a predetermined report making rule, and convert The specific CSR project data report is transmitted to the demand-side device (105) through the CSR data report service subsystem (110). The CSR data authentication system (100) as described in claim 5, wherein the CSR data report service subsystem (110) transmits an inquiry message to the enterprise after receiving the request from the demand-side device (105) Device (101) to ask whether the target enterprise agrees that the CSR data reporting service subsystem (110) provides relevant specific CSR project data reports to users of the demand-side device (105), and only after receiving the enterprise-side device (101) 101) In the case of a consent message, the CSR data report service subsystem (110) will only send the report creation request to the authentication subsystem (120). An authentication subsystem (120) used in a CSR data authentication system (100), wherein the CSR data authentication system (100) includes a CSR data reporting service subsystem (110) and a blockchain subsystem (150) , And after receiving the CSR original data of a target company, the CSR data reporting service subsystem (110) will send the CSR original data to the certification subsystem (120), the certification subsystem (120) includes: a The communication circuit (121) is configured to communicate with the CSR data reporting service subsystem (110) and the blockchain subsystem (150) through the network; a storage circuit (122) for storing a computer program product (126); and a processing circuit (125), coupled to the communication circuit (121) and the storage circuit (122); wherein, the processing circuit (125) is configured to execute the computer program product (126) to perform the following Operation: Select the qualified raw data for certification from the CSR raw data, and store the qualified raw data in a database (123); generate a database index corresponding to the qualified raw data; remove the qualified raw data Identifiable data in the data to generate de-identified data; and use the communication circuit (121) to transfer the de-identified data and the corresponding database index to the blockchain subsystem (150) and instruct the area The blockchain subsystem (150) executes one or more smart contracts to authenticate the de-identified data; where, if the de-identified data meets the verification rules in the one or more smart contracts, the blockchain subsystem (150) ) Generate and store a post-certification data, and the post-certification data includes the de-identified data, the database index, and the electronic signature of a certification body corresponding to the certification subsystem (120). The authentication subsystem (120) according to claim 7, wherein the processing circuit (125) is further configured to execute the computer program product (126) to perform the following operations: establish and deploy the one or more smart contracts To the blockchain subsystem (150), and one of the one or more smart contracts includes the electronic signature. The authentication subsystem (120) according to claim 8, wherein if a demand-side device (105) requests the CSR data reporting service subsystem (110) to provide a specific CSR project data report corresponding to the target enterprise, the The CSR data report service subsystem (110) will generate and send a report making request corresponding to the target enterprise to the certification subsystem (120), and the processing circuit (125) is also set to execute the computer program product (126) To perform the following operations: Obtain a selected data time range from the report production request; read out multiple relevant post-authentication data of the target enterprise within the selected data time range from the blockchain subsystem (150); Extract multiple database indexes from the multiple post-certification data; query the database (123) according to the multiple database indexes to read out multiple qualified originals of the target enterprise from the database (123) Data; and according to a predetermined report production rule, automatically convert the plurality of eligible raw materials into a specific CSR project data report corresponding to the target enterprise, and pass the specific CSR project data report through the CSR data reporting service subsystem (110) Send to the demand-side device (105). The authentication subsystem (120) according to claim 9, wherein, after receiving the request from the demand-side device (105), the CSR data reporting service subsystem (110) transmits an inquiry message to the target corresponding to the target An enterprise-side device (101) of the enterprise to ask whether the target enterprise agrees that the CSR data reporting service subsystem (110) provides relevant specific CSR project data reports to users of the demand-side device (105), and only after receiving In the case of a consent message from the enterprise device (101), the CSR data report service subsystem (110) will only send the report creation request to the authentication subsystem (120). The authentication subsystem (120) according to claim 8, wherein if a demand-side device (105) requests the CSR data reporting service subsystem (110) to provide a specific CSR project data report corresponding to the target enterprise, the The CSR data reporting service subsystem (110) will generate and send a report making request corresponding to the target enterprise to the certification subsystem (120), and the certification subsystem (120) is also configured to execute the computer program product (126) ) To perform the following operations: obtain a selected data time range and one or more selected data items from the report production request; read out the target enterprise within the selected data time range from the blockchain subsystem (150) Multiple related post-certification data corresponding to the selected data item; extract multiple database indexes from the multiple post-certification data; query the database (123) according to the multiple database indexes to retrieve data from the database (123 ) Read out a number of eligible raw materials of the target company; and automatically convert the multiple qualified raw materials into a specific CSR project data report corresponding to the target company according to a predetermined report making rule, and convert the The specific CSR project data report is transmitted to the demand-side device (105) through the CSR data report service subsystem (110). The authentication subsystem (120) according to claim 11, wherein, after receiving the request from the demand-side device (105), the CSR data reporting service subsystem (110) transmits an inquiry message to the corresponding target An enterprise-side device (101) of the enterprise to ask whether the target enterprise agrees that the CSR data reporting service subsystem (110) provides relevant specific CSR project data reports to users of the demand-side device (105), and only after receiving In the case of a consent message from the enterprise device (101), the CSR data report service subsystem (110) will only send the report creation request to the authentication subsystem (120). A computer program product (126) stored in a storage circuit (122) of a certification subsystem (120), allowing the certification subsystem (120) to perform a CSR certification operation, the CSR certification operation including: from the certification sub From the CSR raw data of a target company received by the system (120), the qualified raw data that can be authenticated is filtered out, and the qualified raw data is stored in a database (123); generated corresponding to the qualified raw data Database index; remove the identifiable data from the qualified raw data to generate de-identified data; and use a communication circuit (121) to send the de-identified data and the corresponding database index to a blockchain System (150), and instruct the blockchain subsystem (150) to execute one or more smart contracts to authenticate the de-identified data; where, if the de-identified data conforms to the verification rules in the one or more smart contracts , The blockchain subsystem (150) generates and stores a post-authentication data, and the post-authentication data includes the de-identified data, the database index, and a certification authority corresponding to the authentication subsystem (120) Electronic signature. The computer program product (126) according to claim 13, wherein the CSR certification operation further includes: establishing and deploying the one or more smart contracts to the blockchain subsystem (150), and the one or more One of the smart contracts contains the electronic signature. The computer program product (126) according to claim 14, wherein the CSR certification operation further includes: obtaining a selection from a report creation request transmitted from a CSR data reporting service subsystem (110) corresponding to the target enterprise Data time range; using the communication circuit (121) to read out from the blockchain subsystem (150) multiple pieces of relevant post-authentication data of the target enterprise within the selected data time range; from the multiple pieces of post-authentication data Retrieve multiple database indexes; query the database (123) according to the multiple database indexes to read out multiple qualified original data of the target enterprise from the database (123); and according to a predetermined The report production rules automatically convert the qualified raw data into a specific CSR project data report corresponding to the target enterprise, and send the specific CSR project data report to a demand through the CSR data report service subsystem (110) End device (105). The computer program product (126) according to claim 15, wherein, when the demand-side device (105) requests the CSR data reporting service subsystem (110) to provide a specific CSR project data report corresponding to the target enterprise, The CSR data reporting service subsystem (110) sends an inquiry message to an enterprise device (101) corresponding to the target enterprise to inquire whether the target enterprise agrees that the CSR data reporting service subsystem (110) provides relevant specific The CSR project data is reported to the user of the demand-side device (105), and the CSR data report service subsystem (110) will only transmit it if it receives a consent message from the enterprise-side device (101) The report making request is sent to the authentication subsystem (120). The computer program product (126) according to claim 14, wherein the CSR certification operation further includes: obtaining a selection from a report creation request transmitted from a CSR data reporting service subsystem (110) corresponding to the target enterprise Data time range and one or more selected data items; using the communication circuit (121) to read from the blockchain subsystem (150) the target company's multiple related items of the selected data item within the selected data time range Post-authentication data; extract multiple database indexes from the multiple post-authentication data; query the database (123) according to the multiple database indexes to read the target enterprise from the database (123) Multiple eligible raw materials; and according to a predetermined report production rule, automatically convert the multiple qualified raw materials into a specific CSR project data report corresponding to the target enterprise, and pass the specific CSR project data report through the CSR The data reporting service subsystem (110) is transmitted to a demand-side device (105). The computer program product (126) according to claim 17, wherein, when the demand-side device (105) requests the CSR data reporting service subsystem (110) to provide a specific CSR project data report corresponding to the target enterprise, The CSR data reporting service subsystem (110) sends an inquiry message to an enterprise device (101) corresponding to the target enterprise to inquire whether the target enterprise agrees that the CSR data reporting service subsystem (110) provides relevant specific The CSR project data is reported to the user of the demand-side device (105), and the CSR data report service subsystem (110) will only transmit it if it receives a consent message from the enterprise-side device (101) The report making request is sent to the authentication subsystem (120). A CSR data authentication method, including: filtering out qualified raw data that can be certified from the received CSR raw data of a target company, and storing the qualified raw data in a database (123); generating and A database index corresponding to the eligible raw data; removing identifiable data from the eligible raw data to generate de-identified data; and using a communication circuit (121) to transmit the de-identified data and the corresponding database index to A blockchain subsystem (150), and instruct the blockchain subsystem (150) to execute one or more smart contracts to authenticate the de-identified data; wherein, if the de-identified data conforms to the one or more smart contracts In the verification rules in, the blockchain subsystem (150) generates and stores a post-authentication data, and the post-authentication data includes the de-identified data, the database index, and the corresponding of the authentication subsystem (120) 1. Electronic signature of certification body. The CSR data authentication method according to claim 19, further comprising: establishing and deploying the one or more smart contracts to the blockchain subsystem (150), and the one or more smart contracts One of them contains the electronic signature. The CSR data authentication method as described in claim 20, the CSR data authentication method further includes: obtaining a selected data time range from a report production request transmitted from a CSR data reporting service subsystem (110) corresponding to the target enterprise Using the communication circuit (121) to read from the blockchain subsystem (150) multiple pieces of relevant post-authentication data of the target enterprise within the selected data time range; extracting multiple pieces of data from the multiple pieces of post-authentication data Pen database index; query the database (123) according to the multiple database indexes to read multiple qualified original data of the target enterprise from the database (123); and according to a predetermined report production rule , Automatically convert the qualified raw data into a specific CSR project data report corresponding to the target enterprise, and send the specific CSR project data report to a demand-side device through the CSR data report service subsystem (110) ( 105). The CSR data authentication method as described in claim 20, the CSR data authentication method further includes: obtaining a selected data time range from a report production request transmitted from a CSR data reporting service subsystem (110) corresponding to the target enterprise And one or more selected data items; the communication circuit (121) is used to read from the blockchain subsystem (150) a plurality of relevant post-certification data of the target enterprise corresponding to the selected data items within the selected data time range ; Retrieve multiple database indexes from the multiple post-certification data; query the database (123) according to the multiple database indexes to read the multiple records of the target enterprise from the database (123) Eligible raw data; and according to a predetermined report making rule, automatically convert the plurality of eligible raw materials into a specific CSR project data report corresponding to the target company, and pass the specific CSR project data report through the CSR data reporting service The subsystem (110) is transmitted to a demand-side device (105).

Images