WO2019157810A1 - Procédé et dispositif de transmission de données et nœud de réseau - Google Patents

Procédé et dispositif de transmission de données et nœud de réseau Download PDF

Info

Publication number
WO2019157810A1
WO2019157810A1 PCT/CN2018/103046 CN2018103046W WO2019157810A1 WO 2019157810 A1 WO2019157810 A1 WO 2019157810A1 CN 2018103046 W CN2018103046 W CN 2018103046W WO 2019157810 A1 WO2019157810 A1 WO 2019157810A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
node
information
blockchain
key
Prior art date
Application number
PCT/CN2018/103046
Other languages
English (en)
Chinese (zh)
Inventor
张亮亮
张向东
常俊仁
冯淑兰
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2019157810A1 publication Critical patent/WO2019157810A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]

Definitions

  • the present application relates to the field of communications, and in particular, to a data transmission method, apparatus, and network node.
  • a method of mobile edge calculation is proposed. That is, storing data to provide services to users near a user (such as a base station or router), but the provision of services or data is still subject to a monopoly of third parties.
  • the basic idea of the Content Delivery Network is to avoid the bottlenecks and links on the Internet that may affect the speed and stability of data transmission, so that the content transmission is faster and more stable.
  • the CDN system can real-time based on network traffic and connection, load status, and distance and response time to users.
  • the integrated information redirects the user's request to the service node closest to the user.
  • the purpose is to enable users to obtain the required content in the vicinity, solve the congestion of the Internet network, and improve the response speed of users visiting the website.
  • edge computing or content distribution network in the current communication system, most of the services or data are concentrated in a certain central platform to provide services for users.
  • the providers of data and services are subject to monopoly platforms, and the interests of the providers of data or services cannot be truly protected.
  • Another aspect is that the data is stored in the cloud center or the server. When the user obtains the service or data, the user needs to obtain the centralized access from the center. From the perspective of the network transmission, the same data is repeatedly transmitted in the network.
  • the present application provides a data transmission method, apparatus and network node, which can be applied to an Internet of Things scenario, and aims to achieve access and sharing of resources between network nodes.
  • the present application provides a data transmission method, which may be applied to a data requesting party, such as a first node, the method comprising: the first node acquiring data information and data from a first blockchain node Key information, obtaining encrypted data according to the data information, obtaining a key according to the key information of the data, and decrypting the encrypted data by using the key to obtain data.
  • the data information includes: address information of the encrypted data or the encrypted data, and the address information of the encrypted data is used to indicate the location of the encrypted data.
  • the key information of the data includes key information of the encrypted data or address information of the stored encrypted data. It should be specially noted that the key information of the data can be generated by being encrypted by the public key of the first node.
  • the method provided by the present aspect utilizes the characteristics of data sharing on the blockchain, so that the requesting party, for example, the first node can directly obtain data information from any blockchain node of the blockchain, thereby reducing data information in the core network or The burden of repeated transmission between multiple routes, less transmission delay.
  • the first node obtains key information of the data through the first block chain node, and since the key information of the data is encrypted by the public key of the first node, the authorized first node can decrypt and read the data. Other nodes cannot decrypt and access the data, thereby increasing the security of data transmission.
  • the obtaining a key according to the key information of the data includes: when the key information of the data is an encrypted data key, the first node uses its own The private key decrypts the encrypted data key to obtain the key. or,
  • the first node searches for the encrypted data key according to the address information, and The encrypted data key is decrypted using its own private key to obtain the key.
  • the key information of the data is the encrypted data key or the address information of the data key
  • the data key is prevented from being sent in the plaintext in the network, thereby preventing the intermediate network node from directly obtaining the data key in the forwarding process.
  • the security and reliability of data transmission are further improved.
  • the first node obtains key information of data from the first blockchain node, including: the first node obtains transaction index information, where the transaction index information includes a block number, One or more of a block height, a transaction index number, or a blockchain identifier; determining the first blockchain transaction based on the transaction index information, wherein the data is recorded in the first blockchain transaction Key information, obtaining key information of the data according to the first blockchain transaction; or, the first node sends the transaction index information to a relay node, and receiving the relay node according to the transaction The key information of the data fed back by the index information.
  • the first node can quickly find the first blockchain transaction matching the information according to the content in the transaction index information, such as the block number or the transaction index, and then quickly obtain the information recorded in the transaction.
  • the key information of the data realizes fast acquisition of shared information on the blockchain, and the time consumption is shortened compared to the key information obtained from the data source node or the data provider.
  • the obtaining, by the first node, the data information includes: the first node receiving any blockchain node from the first blockchain, or any blockchain node of the second blockchain, Or the data information of the data source node; or the first node receives the data information from the relay node, the relay node is a node that pre-stores the data information; or the first node slave blockchain Extracting and obtaining the data information.
  • the first node may obtain the data information from any blockchain node that stores data information, and may also obtain the data from the relay node closest to the first node, thereby realizing fast acquisition of data information. Reduce transmission time and improve transmission and access efficiency.
  • the data information includes: encrypted data or address information of the encrypted data; the first node obtains the encrypted data according to the data information, and includes: when the data information is the encrypted data, the first node The encrypted data may be obtained directly from the data information; when the data information is address information of the encrypted data, the first node searches for the location of the encrypted data through the address information of the data, and obtains the encrypted data.
  • the data or the data address is transmitted in the blockchain in an encrypted manner, which improves the security of the transmitted information.
  • the method further includes: the first node will obtain key information of the data from the first block chain node, and/or obtain an event of the data information. For the first transaction, it is recorded on the third blockchain.
  • the first transaction includes one or more of the following: a data identifier, a first node identifier, a public key of the first node, a time of accessing the data, a blockchain node identifier, and a transaction identifier of the blockchain node.
  • Information transaction index information, cross-chain identification, hash hash of data, data information hash, address information hash of encrypted data, or key information hash of data.
  • the method further includes: receiving, by the first node, a request message from the second node, where the request message includes first information, where the first information includes a data identifier, and the second node One or more of an identifier, a second node public key, or transaction index information; the first node according to one or more of the data identifier, the second node identifier, the second node public key, or the transaction index information
  • the item acquires key information of the data information and/or the data; and transmits the key information of the data information and/or the data to the second node.
  • the method further includes: the first node obtaining the private key or the public key generation source of the first node according to the excitation response generated by the physical unclonable function PUF technology.
  • the method further includes: the first node generates an excitation response according to the physical unclonable function PUF technology, and uses at least one of the hash of the excitation and the excitation response as the identification information of the first node, So that the identification information of the first node is recorded on the blockchain; the transaction recorded on the blockchain includes one or more of the following: an incentive, a hash of the incentive response, a node identifier, and a time at which the response is generated.
  • the public key of the node is not limited to the public key of the node.
  • the method further includes: the first node obtains a hash of the data from the blockchain, obtains a hash of the decrypted data by using the decrypted data and a hash algorithm, and determines a hash of the data. Whether the hash of the decrypted data is the same, if the two values are the same, the data obtained by the first node is trusted data, and if not, the data obtained by the first node is the falsified data.
  • the present application further provides a data transmission method, which is applied to a node on a blockchain, such as a first blockchain node, and the method includes: obtaining, by using the first information, the first blockchain node Key information requested by a node and/or key information of the data, wherein the first information includes one or more of a data identifier, a first node identifier, a public key of the first node, and transaction index information; Transmitting, by the first blockchain node, key information of the data information and/or data to the first node, so that the first node obtains encrypted data according to the data information, and key information according to the data The key is obtained, thereby enabling decryption and reading of the encrypted data using the key.
  • the key information of the data may be provided by a blockchain node on the first blockchain, and the data information may be provided by a blockchain node on the second blockchain. It is also possible that the key information and the data information of the data are all provided by the same blockchain node, and the present application does not specifically limit the blockchain node that provides the information to the first node.
  • the first blockchain node obtains the key information of the data by using the first information, including: the first blockchain node receives the first a request message forwarded by a node or a relay node, where the request message includes the first information; according to the data identifier in the first information, the first node identifier, the public key of the first node, or the transaction index information Searching for one or more of the transactions associated with the first information, the key information of the data being recorded in the transaction; and obtaining key information of the data from the transaction, thereby utilizing the area
  • the blockchain consensus mechanism can quickly obtain key information of data and improve data transmission and access efficiency.
  • the searching for the transaction related to the first information further includes: obtaining, by the first blockchain node, a first identifier, determining, according to the first information and the first identifier, The transaction, wherein the first identifier comprises: a first blockchain node identifier, transaction identifier information of a first blockchain node, a second blockchain node identifier, transaction identifier information of a second blockchain node, or a cross-chain identifier or the like; the cross-chain identifier is used to connect the first block chain and the second block chain, and if the first block and the second block chain are the same block chain, the cross-chain Identifies the connection ID.
  • the first identifier may be pre-stored in the first blockchain or acquired by other nodes.
  • adding the first identifier to the related transaction on the basis of the first information, the data information of the first node of the requesting party and/or the key information of the data may be accurately and quickly determined, thereby improving the accuracy of the search. Sex.
  • the first blockchain node obtains the data information requested by the first node by using the first information, where: the first blockchain node obtains the first information; according to the first information Obtaining the data information from the second blockchain or the relay node or the data source node, or the first blockchain node determines, according to the first information, that the first blockchain node stores the The data information finds and obtains the data information related to the first information.
  • the first block link node stores the data information required by the first node, the data information is directly provided to the first node, thereby saving time acquired from other nodes and improving transmission efficiency.
  • the method further includes: The blockchain node generates transaction index information for determining a first blockchain transaction in which key information of the data is recorded, the transaction index information including a block number, a block height, and a transaction index One or more of the number or the blockchain identifier; the transaction index information is sent to the first node; or the first blockchain node sends the address information of the encrypted data requested by the first node to The first node or a relay node.
  • the present application further provides a data transmission method, which is applied to a relay node, such as a base station, where the method includes: the relay node obtains a request message from the first node, where the request message includes the first information.
  • the first information includes one or more of a data identifier, a first node identifier, a first node public key, and or transaction index information; and obtaining the data information and/or data density according to the first information.
  • Key information transmitting the key information of the data information and/or data to the first node.
  • the obtaining, by the relay node, the data information according to the first information includes: determining whether the first node has an access right; if yes, obtaining the data information; No, the access request of the first node is rejected, for example, a message indicating that the access is denied is fed back to the first node.
  • the relay node obtains the data information, specifically: the relay node obtains the data information from a local relay node if the data information is already stored; or, the data is not stored.
  • the data information is obtained from a first blockchain, a second blockchain, or a data source node, and then forwarded to the first node.
  • the relay node obtains the key information of the data according to the first information, including: the relay node searching, according to the first information, whether there is any information related to the first information. Transaction in which the key information of the data is recorded; if so, indicating that the first node has access rights, and the relay node obtains key information of the data from the transaction; if not, Do not have access, refuse access.
  • the relay node replies to the first node with a message for notifying the key information or the data information that the data is denied for the first node.
  • the obtaining, by the relay node, the key information of the data from the transaction including: the relay node sending the request message to the first blockchain node; receiving The first blockchain node generates key information of the data fed back according to the request message, and the key information of the data is encrypted by the public key of the first node.
  • the relay node obtains the key information of the data information and/or the data according to the first information, including: the relay node obtains the first identifier, the first identifier
  • the method includes: a first block chain node identifier, transaction identification information of a first block chain node, a second block chain node identifier, transaction identification information of a second block chain node, or a cross-chain identifier; The first information and the first identifier obtain key information of the data information and/or data.
  • the method further includes: the relay node sends the key information of the data information and/or data to the first node as a second transaction, and records the third blockchain. .
  • the second transaction includes one or more of the following: a data identifier, a first node identifier, a public key of the first node, a time of accessing the data, transaction index information, a first blockchain node identifier, and a first transaction Transaction identification information of a blockchain node, second blockchain node identifier, transaction identification information of the second blockchain node, cross-chain identification, data hash hash, data information hash, encrypted data address information hash or Key information hash of data, etc.
  • the present application further provides a data transmission method, where the method is applicable to a data source node, where the data source node is configured to provide data information and key information of the data to the first node; specifically, the method The method includes: the key information generated by the data source node to generate data; and the key information of the data is recorded on the first blockchain, so that any one of the blockchain nodes on the first blockchain stores the confidentiality of the data.
  • the key information is quickly provided to the first node of the requester, shortening the transmission delay and improving the transmission efficiency.
  • the data source node generates key information of the data, including: the data source node receives the request message forwarded from the first node or forwarded by the relay node, where the request message includes the first Information, the first information includes one or more of a data identifier, a first node identifier, or transaction index information, and the data source node determines a public key of the first node according to the first information, and uses the The public key of the first node encrypts the key of the data to generate key information of the data.
  • the data source section records the key information of the data on the first blockchain, including: the data source node sends the key information of the data to the first blockchain. a node to record key information of the data on the first blockchain by the first blockchain node; or the data source node broadcasts and stores the key information of the data to the first On the blockchain.
  • the method further includes: the data source node records, on the second blockchain, the encrypted data requested by the first node; or broadcasts and stores the encrypted data to the On the second blockchain, the data information includes encrypted data or address information of the encrypted data.
  • the data source node obtains the public key of the first node, and generates key information of the data according to the public key of the first node, specifically, the data source node uses the public key of the first node. Encrypting the key of the data to generate key information of the data; or the data source node encrypting the key of the data by using a public key of the first node, and storing the encrypted data A key, the address of the key storing the encrypted data is used as key information of the data.
  • the key information of the data includes: an encrypted data key or address information storing an encrypted data key.
  • the present application further provides a data transmission method, which is applied to a node on a second blockchain, such as a second blockchain node, where the node is used to provide data information for the first node
  • the method includes: the second block chain node acquires a request message from the first node, where the request message includes first information, where the first information includes one of a data identifier, a first node identifier, or transaction index information. And the second blockchain node determines, in the case that the first node has the access right, the data information required by the first node, and sends the data information to the first node, where the data information includes encryption Address information for data or encrypted data.
  • the second blockchain node and the relay node may be the same node, or may be the same as the foregoing first blockchain node, and may be different, which is not limited in this application.
  • the present application further provides a data transmission device, where the device includes a receiving module, a processing module, and a sending module, and may further include a storage module, etc., each module in the device is configured to execute the first aspect to the foregoing Five aspects, and data transmission methods of various implementations in various aspects.
  • the embodiment of the present application further provides another data transmission device, which is used to implement the function of the behavior of the first node in the foregoing method.
  • the functions may be implemented by hardware or by corresponding software implemented by hardware.
  • the hardware or software includes one or more modules corresponding to the above functions, and the modules may be software and/or hardware.
  • the hardware corresponding to the transceiver module may be a transceiver
  • the hardware corresponding to the processing module may be a processor.
  • a memory may also be included.
  • the application provides a network node, which may be a node requesting access to data, such as a first node, the network node comprising: a transceiver for obtaining data information and from a first blockchain Key information of the data of the node; a processor, configured to obtain the encrypted data according to the data information, and obtain a key according to the key information of the data, and decrypt the encrypted data by using the key to obtain data.
  • the key information of the data includes: an encrypted data key or address information storing an encrypted data key; the processor, specifically for the confidentiality of the data When the key information is the encrypted data key, decrypting the encrypted data key with a private key to obtain the key; or, the key information of the data is encrypted for the storage When the address information of the data key is obtained, the encrypted data key is obtained based on the address information, and the encrypted data key is decrypted using the private key to obtain the key.
  • the transceiver is specifically configured to obtain transaction index information, where the transaction index information includes one or more of a block number, a block height, a transaction index number, or a blockchain identifier.
  • the processor is specifically configured to determine, according to the transaction index information, the first blockchain transaction, where the key information of the data is recorded in the first blockchain transaction, according to the first zone Blockchain transaction obtaining key information of the data; or transmitting, by the transceiver, the transaction index information to a relay node, and receiving a key of the data fed back by the relay node according to the transaction index information information.
  • the transceiver is specifically configured to receive any blockchain node from the first blockchain, or any blockchain node of the second blockchain, or a data source node.
  • the data information; or, receiving the data information from the relay node, the relay node is a node that pre-stores the data information; or extracting and obtaining the data information from the blockchain.
  • the data information includes: encrypted data or address information of the encrypted data; the processor is specifically configured to: when the data information is the encrypted data, from the data information Obtaining the encrypted data; or, when the data information is the address information of the encrypted data, searching and obtaining the encrypted data by using the address information of the data.
  • the processor is further configured to: obtain key information of the data from the first blockchain node, and/or obtain the data information as a first transaction. , recorded on the third blockchain.
  • the first transaction includes one or more of the following: a data identifier, a first node identifier, a public key of the first node, a time of accessing the data, a blockchain node identifier, and a region.
  • Transaction identification information transaction index information, cross-chain identification, hash hash of data, data information hash, address information hash of encrypted data, or key information hash of data.
  • the application further provides a network node, where the network node may be any node on the blockchain, for example, a first blockchain node, where the network node includes: a processor, configured to pass the first The information obtains the data information requested by the first node and/or the key information of the data, wherein the first information includes: one of a data identifier, a first node identifier, a public key of the first node, or transaction index information or a plurality of transceivers, configured to send the key information of the data information and/or data to the first node.
  • the network node may be any node on the blockchain, for example, a first blockchain node
  • the network node includes: a processor, configured to pass the first The information obtains the data information requested by the first node and/or the key information of the data, wherein the first information includes: one of a data identifier, a first node identifier, a public key of the first node, or transaction index information or a plurality of transce
  • the processor is configured to receive, by using the transceiver, a request message that is forwarded from a first node or a relay node, where the request message includes the first information; And searching for a transaction related to the first information according to one or more of a data identifier, a first node identifier, a public key of the first node, and transaction index information in the first information, where the transaction records Key information of the data; and key information for obtaining the data from the transaction.
  • the processor is specifically configured to obtain a first identifier, and determining, according to the first information and the first identifier, that the first identifier of the transaction includes: a first block The chain node identifier, the transaction identifier information of the first blockchain node, the second blockchain node identifier, the transaction identifier information of the second blockchain node, or the cross-chain identifier.
  • the processor is specifically configured to obtain the first information, and obtain the foregoing information from a second blockchain or a relay node or a data source node according to the first information. Data information, or determining, according to the first information, that the data information is stored on the first blockchain node, and searching for and obtaining the data information related to the first information.
  • the processor is further configured to generate transaction index information, where the transaction index information is used to determine the record, before obtaining the key information of the data information and/or the data.
  • a first blockchain transaction of key information of the data the transaction index information including one or more of a block number, a block height, a transaction index number, and a blockchain identifier; using the transceiver
  • the transaction index information is sent to the first node; or the address information of the encrypted data that the first node requests to access is sent to the first node or the relay node by using the transceiver.
  • the application further provides a network node, where the network node may be a relay node, specifically, the network node includes: a transceiver, configured to obtain a request message from the first node, the request message Included in the first information, the first information includes one or more of a data identifier, a first node identifier, a public key of the first node, and transaction index information; and a processor, configured to obtain, according to the first information The key information of the data information and/or the data; the transceiver is further configured to send the key information of the data information and/or data to the first node.
  • the network node may be a relay node, specifically, the network node includes: a transceiver, configured to obtain a request message from the first node, the request message Included in the first information, the first information includes one or more of a data identifier, a first node identifier, a public key of the first node, and transaction index information; and a processor, configured to obtain,
  • the processor is specifically configured to determine, according to the first information, whether the first node has access rights; if yes, obtain data information; if not, reject the first node Access request;
  • the processor is specifically configured to: according to the first information, whether there is a transaction related to the first information, where the key information of the data is recorded in the transaction. If yes, the key information of the data is obtained from the transaction; if not, the access is denied.
  • the processor is specifically configured to send, by using a transceiver, the request message to the first blockchain node, and receive the first blockchain node according to the request message.
  • the key information of the fed back data, the key information of the data is generated by being encrypted by the public key of the first node.
  • the processor is specifically configured to obtain a first identifier, and obtain key information of the data information and/or data according to the first information and the first identifier.
  • the first identifier includes: a first blockchain node identifier, transaction identifier information of the first blockchain node, a second blockchain node identifier, transaction identifier information of the second blockchain node, or a cross-chain identifier.
  • the processor is further configured to send the key information of the data information and/or data to the first node as a second transaction, and record the third blockchain. on.
  • the second transaction includes one or more of the following: a data identifier, a first node identifier, a public key of the first node, a time of accessing the data, transaction index information, a first blockchain node identifier, and a first transaction Transaction identification information of a blockchain node, second blockchain node identifier, transaction identification information of the second blockchain node, cross-chain identification, data hash hash, data information hash, encrypted data address information hash or Key information hash of data, etc.
  • the application further provides a network node, such as a data source node, for providing key information of data information and data for the first node; specifically, the network node includes: a processor, configured to generate Key information of the data; recording key information of the data on the first blockchain, so that any one of the blockchain nodes on the first blockchain stores the key information of the data and Quickly provide the first node to the requester, shortening the transmission delay and improving transmission efficiency.
  • a network node such as a data source node, for providing key information of data information and data for the first node
  • the network node includes: a processor, configured to generate Key information of the data; recording key information of the data on the first blockchain, so that any one of the blockchain nodes on the first blockchain stores the key information of the data and Quickly provide the first node to the requester, shortening the transmission delay and improving transmission efficiency.
  • the method further includes: a transceiver, configured to receive a request message forwarded from the first node or forwarded by the relay node, where the request message includes first information, where the first information includes a data identifier The one or more of the first node identifier or the transaction index information, where the processor is specifically configured to determine a public key of the first node according to the first information, and utilize a public key pair of the first node The key of the data is encrypted to generate key information of the data.
  • a transceiver configured to receive a request message forwarded from the first node or forwarded by the relay node, where the request message includes first information, where the first information includes a data identifier The one or more of the first node identifier or the transaction index information, where the processor is specifically configured to determine a public key of the first node according to the first information, and utilize a public key pair of the first node The key of the data is encrypted to generate key information of the data.
  • the processor is specifically configured to send, by using the transceiver, key information of the data to a first blockchain node to pass the first blockchain node.
  • the key information of the data is recorded on the first blockchain; or the key information of the data is broadcasted and stored on the first blockchain.
  • the processor is further configured to record the encrypted data requested by the first node to be accessed on the second blockchain; or broadcast and store the encrypted data to the first On the two blockchain, the data information includes encrypted data or address information of the encrypted data.
  • the processor is further configured to: use a public key of the first node to encrypt a key of the data to generate key information of the data; or, by using a first node
  • the public key encrypts the key of the data and stores the key of the encrypted data, and the address of the key storing the encrypted data is used as the key information of the data.
  • the present application further provides a computer storage medium, where the computer storage medium can store instructions, which can implement some or all of the implementation manners or embodiments of the data transmission method provided by the application. step.
  • the computer storage medium can be stored in a memory of the network node described above.
  • a computer program product comprising instructions which, when executed on a computer, cause the computer to perform the data transmission method of the above aspects.
  • the present application further provides a data transmission system, including: a first node, a first blockchain node, and a relay node, and further includes a data source node and a second block chain node. , the second node, and so on.
  • the first node is configured to perform the method steps in the implementations of the foregoing first aspect and the first aspect;
  • the first blockchain node is configured to perform the method steps in the implementations of the foregoing second aspect and the second aspect;
  • the relay node is configured to perform the method steps in the foregoing third and third implementations;
  • the data source node is configured to perform the method steps in the foregoing fourth and fourth implementations;
  • the two-block chain node is used to perform the method steps in the implementations of the fifth and fifth aspects above.
  • each node in the data transmission system provided by the present application may be collectively referred to as a network node, and the network node may represent various network element devices, stations, base stations, user equipment UEs, terminals, and the like.
  • the two concepts of the device and the node in the various embodiments of the present application are equivalent, that is, the device may refer to a node, a station, a UE, a network element device, a sensor, and the like.
  • the technical solution disclosed in the present application combines mobile edge computing and blockchain technology to provide services for users with low latency and low load, and also ensures data transmission security and data service provider. interest.
  • the data transmission method, device and network node provided by the application utilize the characteristics of data sharing on the blockchain, so that the requesting party, for example, the first node can directly obtain data information from any blockchain node of the blockchain, thereby reducing the data information.
  • the burden of repeated transmission of data information between the core network or multiple routes reduces transmission delay and improves transmission efficiency.
  • the first node obtains key information of the data through the first block chain node, and since the key information of the data is encrypted by the public key of the first node, the authorized first node can decrypt and read the data, Other nodes cannot decrypt and access the data, thereby increasing the security of data transmission.
  • the blockchain node or the relay node verifies whether the first node has the access right according to the request message from the first node, and issues a transaction related to the request message, such as key information of the data, according to the verification result, and Nodes that do not have permission are denied access requests, which in turn improves the transmission efficiency while ensuring the rights of the data provider.
  • the first node verifies the authenticity and integrity of the decrypted data by comparing the data hash on the acquired blockchain with the hash generated by the decrypted data. A node can determine whether the acquired data has been tampered with.
  • a blockchain technology is further included, where the method includes: a first blockchain for recording key information of data; the second block The chain is used to record information of the data: the third block chain is used to record the first node to provide key information of the data to the second node.
  • the present application also provides a method for: in a scenario where multiple chains exist, different blockchains are used to process different things and record different information.
  • transactions are recorded information units, and one block includes multiple transactions, and multiple blocks are connected into one blockchain.
  • the different blockchains are related to each other, so the transactions are also related to each other. How to link multiple related transactions in a multi-chain scenario is very necessary.
  • the encrypted data is shared to the Yth node for the node X, the key information of the encrypted data is recorded in the first blockchain, and the encrypted data information such as data
  • the hash is recorded with a second blockchain, which can be used to record the node X to provide key information to the node Y, so the transactions of the three blockchains are associated, Therefore, identification is needed to associate them, facilitating multi-chain collaboration and cross-chain calling, while achieving traceability of relevant and diverse information.
  • a method for applying a blockchain technique comprising: the first blockchain and the second blockchain are the same blockchain; or The third blockchain and the second blockchain are the same blockchain; or the first blockchain and the third blockchain are the same blockchain; or the first blockchain, The second blockchain and the third blockchain are the same blockchain; in another possible implementation, the method further includes: trading of the first blockchain, and B of the second blockchain The transaction, the A transaction and the B transaction are related transactions, whereby the two blockchains use the cross-chain identification to associate the two transactions; or the first block transaction of the first block chain, the third block chain
  • the C transaction, the A transaction and the C transaction are related transactions, whereby the two blockchains use the cross-chain identifier to associate the two transactions; or the second blockchain B transaction, the third The C-transaction of the blockchain, the B-transaction and the C-transaction are related transactions, whereby the two blockchains use the cross-chain identification to close the two transactions.
  • the method further includes: when the first blockchain and the second blockchain are the same blockchain, the A transaction, the B transaction is a related transaction, and the method is The connection identifier associates the related transaction; when the first blockchain and the third blockchain are the same blockchain, the A transaction, the C transaction is a related transaction, and the related transaction is associated by using the connection identifier.
  • the Bth transaction, the Cth transaction is a related transaction, and the related transaction is associated by using a connection identifier;
  • the A transaction, the B transaction, and the C transaction are related transactions, and the related transaction is associated by using the connection identifier;
  • the connection identifier and the cross-chain identifier are the same identifier.
  • the first blockchain is used to record key information of the data
  • the first transaction of the first blockchain includes at least one of the following: a connection identifier, a cross-chain identifier, Identification information of the first node, the data identifier, the first node identifier, the device identifier of the first node, the public key of the first node, the key information of the data, the transaction index information, the time of accessing the data, the first blockchain node
  • the second blockchain is used to record information of the data
  • the B-transaction of the second blockchain includes at least one item: a connection identifier, a cross-chain identifier, identification information of the first node, data identifier, a node identifier, a device identifier of the first node, a public key of the first node, transaction index information, a second block chain node identifier, a transaction identifier information of the second block chain node, a hash hash of the data, and a data information hash
  • the third blockchain is used to record that the node X provides key information and or data information to the node Y
  • the C transaction of the third blockchain includes at least one of the following: a connection identifier, a cross-chain Identification, identification information of the first node, data identifier, first node identifier, public key of the first node, time of accessing the data, blockchain node identifier, transaction identifier information of the blockchain node, transaction index information, cross-chain Identification, data hash hash, data information hash, encrypted data address information hash, data key information hash, first node acquisition data information and data key information transaction, the first blockchain is the first node The key information of the data is provided, the second blockchain is key information for providing data to the first node, and the like.
  • the method described in this aspect may be implemented by a hardware, for example, the hardware may include a processor and a transceiver, wherein the processor performs a recording function in the above method, and the transceiver performs the above method notification function; or the method may also pass the software Execute the corresponding instructions to achieve.
  • the hardware can be used stand-alone or as an integrated module in combination with other hardware devices. This embodiment can also be used in combination with other embodiments of the present invention. In this regard, the embodiments of the present invention are not specifically limited.
  • FIG. 1 is a schematic diagram of data transmission in a network provided by the present application.
  • FIG. 2 is a schematic flowchart of a data transmission method according to an embodiment of the present application.
  • FIG. 3 is a signaling flowchart of a data transmission method according to an embodiment of the present application.
  • FIG. 4 is a signaling flowchart of another data transmission method according to an embodiment of the present application.
  • FIG. 5 is a signaling flowchart of still another data transmission method according to an embodiment of the present application.
  • FIG. 6 is a signaling flowchart of still another data transmission method according to an embodiment of the present application.
  • FIG. 7 is a schematic structural diagram of a data transmission apparatus according to an embodiment of the present application.
  • FIG. 8 is a schematic structural diagram of a network node according to an embodiment of the present disclosure.
  • FIG. 1 a schematic diagram of data flow in a network is provided, where the network includes a data source node (source D) providing data parties, and a relay node (relay) capable of forwarding data or services, for example, Following the Node B and the relay node C, the request message for receiving and forwarding the user, and the feedback data to the requesting user, and at least one user.
  • source D data source node
  • relay node relay node
  • the request message is sequentially forwarded by at least one relay node (for example, the relay node B and the relay node C), and finally reaches the data source.
  • Node D after receiving the request message, the data source node D feeds back the corresponding data to the user A for the user A to access.
  • the request message from the user E is also forwarded by the relay node to the data source node D, and the data source node D receives the request message. Then feedback the result to user E.
  • both the request message and the data are forwarded through multiple relay nodes, so a certain delay is generated, and for users far away from the data source node, obtaining feedback results is time consuming. Long, in addition, the service that requires a large amount of forwarding and feedback data at the relay node also increases the transmission burden.
  • the data source node guarantees the transmission security and the interests of the requesting party. When the data source node provides the data to the user A, that is, when the access right of the user A is allowed, the user E is denied to access the data again. Data cannot be accessed and shared between different users.
  • the technical solution provided by the following embodiments of the present application combines mobile edge computing and blockchain technology to provide services and data for users with low latency and low load, and also ensures data transmission security, and The interests of the business and data providers.
  • the technical solution of the present application relates to a blockchain, which is a distributed database, which originates from bitcoin and is the underlying technology of bitcoin.
  • a blockchain is a string of data blocks generated using cryptographic methods. Each block contains information about a bitcoin network transaction for verifying the validity of its information (anti-counterfeiting) and generating the next block.
  • a blockchain is a chained data structure that combines data blocks in a sequential manner in chronological order, and cryptographically guaranteed non-tamperable and unforgeable distributed ledgers.
  • blockchain technology uses blockchain data structures to validate and store data, use distributed node consensus algorithms to generate and update data, and use cryptography to ensure data transmission and access security, using automated scripts.
  • the code consists of a smart contract to program and manipulate data in a completely new distributed infrastructure and computing paradigm.
  • Blockchain is mainly used to solve the trust and security problems of transactions, so the use of blockchain can propose the following technological innovations:
  • the so-called distributed ledger means that transaction accounting is done by multiple nodes distributed in different places, and each node records the complete accounts, so they can all participate in supervising the legality of the transaction, and can also jointly testify for them. , thereby avoiding the possibility that a single biller is controlled or bribed to result in a false accounting situation.
  • the number of nodes for accounting is large, in theory, unless all nodes are destroyed, the accounts will not be lost, thus ensuring the security of the account data.
  • the so-called symmetric encryption and authorization technology can be considered that the transaction information stored in the blockchain is public, but the account identity information is highly encrypted, and the data can be accessed only when the data owner authorizes, thereby further ensuring data security. Sex and the privacy of the user.
  • the so-called consensus mechanism refers to how consensus is reached between all accounting nodes to determine the validity of a record. This is both a means of identification and a means of preventing tampering.
  • PoW Proof of Work
  • the smart contract is based on trusted and non-tamperable data on the blockchain and can be automated to execute some predefined rules and terms.
  • Bitcoin as an encrypted digital currency network
  • the operation and maintenance of the system is also independent of the management personnel.
  • the network node strictly encapsulates the digital fingerprint of the specific time transaction into a block by the workload proof mathematical algorithm, and quickly broadcasts to the whole network, using hash technology to form a tight chain structure between the blocks.
  • the encrypted digital currency system skillfully solves the "double flower" problem, faithfully records all transaction data, guarantees the formality and traceability of each record, and the traces of all transactions are extremely difficult to destroy. .
  • a blockchain is a data structure that is chained from back to front by blocks containing transactions. It can be stored as a file containing non-relative relationship records, or stored in a simple database.
  • a block is a containerized data structure of aggregated transactions that is contained in a blockchain. It consists of a block header containing metadata and a long list of transactions that immediately follow the body of the block.
  • the block structure specifically includes: a block size, a block header, a transaction counter, and a transaction.
  • the transaction counter is used to record the number of transactions; the transaction is used to record transaction details, and the byte length is variable.
  • a SHA256 cryptographic hash is performed on each block header to generate a hash value, and the corresponding block in the blockchain can be identified by this hash value.
  • the block header is composed of three sets of metadata, and the first set of metadata is a set of data referring to a hash value of the parent block, and the set of metadata is used to connect the block to the previous block in the blockchain. .
  • the second set of metadata includes: difficulty, time stamp, and Nonce.
  • the third set of metadata is the Merkle tree root, which is used to effectively summarize the data structure of all transactions in the block.
  • the transaction is used for the blockchain to record various types of information.
  • the transaction is used to record how many Bitcoins A gives to B; for example, for a device sharing network, the transaction is used to record that user A shares device X for user B, and the transaction contains the identifier of A, the identifier of B, and the device.
  • the identification of X may even include the time, location, location information of the device, the effective time of sharing the device, and the like.
  • the present invention is not limited to the above two examples.
  • the blockchain includes the following features:
  • the entire network has no centralized hardware or management organization.
  • the rights and obligations between any nodes are equal, and the damage or loss of any node will not affect the operation of the whole system. Therefore, the blockchain system can be considered excellent. Robustness.
  • Participating in data exchange between each node in the whole system does not need to trust each other.
  • the operating rules of the whole system are open and transparent, and all data contents are also public. Therefore, within the scope and time range specified by the system, the nodes are It is impossible and impossible to deceive other nodes.
  • the data blocks in the system are maintained by all nodes with maintenance functions in the entire system, and these nodes with maintenance functions can be participated by anyone.
  • the entire system will be in the form of a sub-database, allowing each participating node to obtain a copy of the complete database. Unless the node can control more than 51% of the nodes in the whole system at the same time, the modification of the database on a single node is invalid, and the data content on other nodes cannot be affected. Therefore, the more nodes and the more computing power in the participating system, the stronger the computing power is. The higher the data security in the system.
  • nodes and nodes do not need to trust each other, there is no need to disclose identity between nodes and nodes, and each participating node in the system is anonymous.
  • the blockchain and blockchain system described in the present application can be applied to various networks (such as in the Internet of Things), and the block or blockchain nodes can be deployed on various network devices (such as IoT devices).
  • the network device includes industrial IoT devices, such as various industrial sensors, control modules, and the like; and may also be wearable devices, home appliances, home sensors, home control modules, etc., or base stations, enhanced base stations, or have scheduling Relay of functions, or devices with base station functions, etc.
  • the base station may be an evolved Node B (eNB) in the LTE system, or may be a base station in other systems.
  • eNB evolved Node B
  • the embodiment of the present application is not limited.
  • the foregoing various types of devices may be user equipment (UE), such as a mobile phone, a smart terminal, a multimedia device, a streaming media device, and the like.
  • the UE may also be another wireless network device, such as a base station (Node B).
  • Node B the form and type of the wireless network device are not limited herein.
  • the UE may communicate with one or more core networks via a radio access network (RAN), and the UE may also access the wireless network for communication by other means, and the UE may also directly perform wireless communication with other UEs.
  • RAN radio access network
  • the embodiment does not limit this.
  • each network device is collectively referred to as a network node, and the network node may be a first node, a second node that sends a request message, or may be a blockchain node on the blockchain.
  • the forwarded relay node may also be a data source node.
  • the network node includes but is not limited to a station, a base station, a UE, and a terminal.
  • the two concepts of the device and the node in the various embodiments of the present application are equivalent, that is, the device may refer to a node, a station, a UE, a network element device, a sensor, and the like.
  • the mobile edge calculation is combined with the blockchain technology, so that the requesting party can Information related to the data to be accessed, such as data information and key information of the data, is obtained from a block chain node that is closer to its location.
  • a data transmission method provided by the present application includes the following steps:
  • Step 201 The first node obtains data information and key information of data recorded on the first blockchain.
  • the data information is used to determine encrypted data to be accessed by the first node, where the data information includes encrypted data or address information of the encrypted data.
  • the key information of the data is used to obtain a key, which is used to decrypt the encrypted data to obtain data to be accessed, and the key information of the data includes: the encrypted data key or the storage is encrypted The address information of the data key.
  • the data information can be obtained from the blockchain, or obtained by the edge device, and can also be obtained directly from the data source node, which is not specifically limited in this application.
  • the key information of the data may be obtained from the blockchain, or may be obtained according to the indication information, such as the transaction index information, and may also be obtained by other means, such as obtaining from the edge device, etc., which is not limited in this application.
  • Step 202 Obtain encrypted data according to the data information, and obtain a key according to the key information of the data.
  • the first node may obtain the encrypted data directly from the data information; if the data information is the address information of the encrypted data, the first node determines the address of the encrypted data according to the address information, and obtains the address through the address.
  • the encrypted data is the encrypted data.
  • the process of obtaining the key by using the key information of the data includes: a possible manner, the first node decrypts the key information of the data by using the private key of the first node to obtain a key. .
  • Step 203 Decrypt the encrypted data by using the key to obtain data.
  • the method provided in this embodiment utilizes the characteristics of data sharing on the blockchain, so that the requesting party, for example, the first node can directly obtain data information from any blockchain node of the blockchain, thereby reducing data information in the core network. Or the burden of repeated transmission between multiple routes, less transmission delay.
  • the first node obtains key information of the data through the first block chain node, and since the key information of the data is encrypted by the public key of the first node, the authorized first node can decrypt and read the data. Other nodes cannot decrypt and access the data, thereby increasing the security of data transmission.
  • the first node receives a request message of another node (for example, the second node) for requesting the same data, and the first node may provide the other node with the Data information or key information of the data.
  • the key information of the data is generated by the private key or the public key of the first node through the incentive response in the PUF technology, thereby ensuring the security of the data related information transmitted in the blockchain network.
  • Asymmetric encryption algorithm The key of the asymmetric encryption algorithm is divided into a public key and a private key.
  • the user or the system generates a pair of keys, one of which is disclosed as a public key, and the other is a private key.
  • the sender encrypts the information by using the public key
  • the receiver decrypts the information by using the private key to complete the communication.
  • private key encryption can also be used to decrypt the public key. Since encryption and decryption use two different keys, this algorithm is also called an asymmetric encryption algorithm.
  • a common algorithm is, for example, an elliptic curve cryptographic algorithm, but the application is not limited to an elliptic curve cryptographic algorithm.
  • Hash algorithm It is a cryptographic algorithm that can only encrypt and cannot decrypt. It can convert any length of information into a fixed length string. This string has two characteristics:
  • SHA256 is a member of the SHA (Secure Hash Algorithm) family.
  • PUF technology Physical Unclonable Functions (PUF), its essence is a function, a certain input to this function, will get the corresponding output.
  • the use of the inevitable difference in the manufacturing process of the chip (random physical properties) produces a unique excitation-response pair, which is reflected in the circuit structure, ie the symmetrical structure results in an asymmetrical result due to the manufacturing process.
  • the main implementation methods of the current PUF technology may include:
  • Non-electronic PUF optical PUF, paper PUF, CD PUF.
  • Analog Circuit PUF Coating based PUF, threshold voltage based PUF, resistance based PUF.
  • Digital circuit PUF arbiter PUF, ring oscillator PUF, SRAM-PUF, latch PUF, butterfly PUF.
  • the private key of the first node may be generated based on a PUF technology. Further, according to the asymmetric security algorithm, the private key of the first node may generate a public key. That is to say, the first node may obtain the device fingerprint information by using the PUF technology, and generate the private key of the first node by using the device fingerprint information. Further, the public key can be generated by the private key using an asymmetric key algorithm.
  • the private key of the first node may be generated based on PUF technology: Specifically, according to “the PUF technology”, an incentive is input for any one device/node, and an excitation response is generated. For different devices/nodes, the generated stimulus responses are different, and thus the [stimulus, stimulus response] combination becomes the fingerprint information of a device/node.
  • the hash value of the excitation response is used as a public key generation source or a private key of the asymmetric key algorithm, that is, the first node private key may be expressed as [stimulus, response hash], or [responsive] Hash], or use the hash value of the stimulus response to generate a private key.
  • the corresponding public key is generated according to the asymmetric key algorithm.
  • the public key of the first node may be the node identifier of the first node or the address of the first node.
  • the public key of the first node/device is used to encrypt a key of the encrypted data to generate key information of the data; the corresponding private key is used to decrypt the key information of the data, and obtain the key information. Said key.
  • the public key of the first node/device is public information, that is, each blockchain node can obtain, and the private key is not public, only the first node/device itself.
  • the technical solution of the present application is exemplified in the technical scenario of the smart shared device and/or the shared big data.
  • This application scenario is only an example for understanding the technical solution of the present invention, and the present invention includes and is not limited thereto. .
  • the application scenario may include the following devices: node U1 (representing UE1), node N1 (representing Node1), node D (representing data source node Data source), one or more blockchains, and each zone.
  • the blockchain is composed of a plurality of blockchain nodes.
  • the present invention is described by taking the above scenario as an example. However, the method provided in this embodiment includes, but is not limited to, the foregoing scenario.
  • This embodiment provides a data access method, which specifically includes the following steps:
  • Step 301 The first node (for example, the node U1) sends a first request message, where the first request message is used to request key information of the data information and/or the data.
  • the data information includes encrypted data or address information of the encrypted data
  • the key information of the data includes: an encrypted data key or address information storing an encrypted data key, and key information of the data. Used to get the key.
  • the first request message includes first information, for example, the first information includes one or more combinations of a data ID, a first node identifier, or transaction index information.
  • the first node identifier may be the device identifier of the first node, the IP address of the first node, the public key of the first node, or other types of identifiers, which is not limited in this application, as long as the first node can be identified. All fall within the scope of protection of the present invention.
  • the data identifier may be the same as or different from the first node identifier.
  • the transaction index information is used to determine a first blockchain transaction, wherein the first blockchain transaction records key information of the data, and further, the transaction index information includes: a block number One or more of the block height, the transaction index number, or the blockchain identifier.
  • the transaction index number is exemplified by the transaction index number X, and is used to indicate the serial number of the transaction in the block, for example, the Xth transaction.
  • the block number is exemplified by the block number Y, and is used to indicate that the block is the Yth block in the blockchain.
  • the block height is used to indicate the location of the block in the blockchain, that is, to indicate that the block is the number of blocks in the blockchain.
  • the first node may send the first request message directly to the data source node.
  • the first node may send the first request message to the relay node or a certain blockchain node, for example, may send the first request message to the first blockchain node, and through the relay node or The first block chain node obtains related data information and key information of the data, wherein the relay node and the first block chain node may be the same node or different nodes.
  • Step 302 After receiving the first request message sent by the first cut point, the first block chain node or the relay node sends a message to the data source node according to the content of the first request message, where the message includes the first A message for requesting data information and/or key information of data required by the first node.
  • the message sent by the first blockchain node may be the same as the first request message.
  • Step 303a The data source node records the address information of the data or the data on the second blockchain or the second blockchain node.
  • the data includes encrypted data that the first node requests to access.
  • Step 303b The data source node obtains and encrypts a key (key) of the encrypted data that the first node requests to access by using the public key of the first node, and generates key information of the data.
  • the data source node receives a request message sent by the first node or the relay node or the blockchain node, where the request message is used to request access to the data.
  • the data source node obtains the public key of the first node according to the message, and encrypts the key of the encrypted data that the first node requests to access by using the public key of the first node to generate key information of the data.
  • the data source node encrypts the data, and then puts the encrypted data on the blockchain, or puts the storage address of the encrypted data on the blockchain.
  • the blockchain may be a second blockchain or a first blockchain.
  • Step 304 The data source node records the key information of the data on the first blockchain.
  • the step 304 includes: in a first implementation manner, the first blockchain node records the event of the key information of the data as a first transaction, and records and stores the information on the first blockchain; according to the consensus of the blockchain
  • Each blockchain node on the first blockchain of the mechanism stores key information of the data, and when one of the blockchain nodes, for example, the first blockchain node receives the first node or the relay node sends the first When a message is requested, the key information of the data is sent to the first node.
  • the data source node broadcasts the key information of the data as a first transaction of the first blockchain to the first blockchain node, so that the transaction is saved in the first blockchain. In the block.
  • Step 305 The first blockchain node obtains key information of the data, and sends the key information of the data to the first node.
  • the first blockchain node may determine the first blockchain transaction by using the transaction index information, and obtain key information of the data from the first blockchain transaction.
  • the transaction index information may be generated by the data source node and sent to the first blockchain node or the relay node.
  • the first blockchain node or the data source node directly sends the key information of the data to the first node.
  • the first blockchain node or the data source node first sends the key information of the data to the relay node, and then the relay node sends the key information of the data to the first node.
  • step 304 and step 304 is not limited in the embodiment, that is, the method may first perform step 304, and the data source node may first record the key information or transaction index information of the data.
  • step 301 when the first block chain node or the relay node receives the first request message from the first node, the key information or transaction of the data in the blockchain is performed.
  • the index information is sent to the first node.
  • Step 306 The first node obtains key information of the data recorded on the first blockchain, and decrypts the key information of the data by using the private key of the first node to obtain a key (key ).
  • the first node receives the transaction index information sent by the first node, determines a first blockchain transaction according to the transaction index information, and records the key information of the data in the first blockchain transaction.
  • the first node obtains key information of the data from the first blockchain transaction.
  • the transaction index information may include at least one or a combination of a block number, a block height, a transaction index number, or a blockchain identifier, and the transaction index information may be
  • the first block chain node is generated and can also be generated by the data source node and sent to the first block chain node.
  • the first node may directly obtain the key information of the data sent by the first blockchain node, or may also be the key information that the first node acquires the data from the first blockchain.
  • Step 307 The first node obtains data information from the second blockchain node, where the data information includes: encrypted data or address information of the encrypted data, and may also have a mapping relationship with the address of the encrypted data. Information, etc.
  • the first node may obtain the data information in any of the following different manners, specifically:
  • the first node may obtain data information from the first blockchain or the second blockchain; or
  • the first node receives data information sent by the first blockchain node, where the first blockchain node may be any node in the first blockchain; or
  • the first node receives data information sent by the relay node or the data source node.
  • the first blockchain and the second blockchain may be the same or different.
  • the data information obtained from the blockchain, the blockchain node, or the relay node may be provided by the data source node, including: the data source node stores the generated data information in a second blockchain Up, or a node on the second blockchain, and then the second blockchain node sends the data information to the first node.
  • the obtaining, by the first node, the data information includes:
  • the first node obtains transaction index information, and determines a blockchain transaction according to the transaction index information, wherein the blockchain transaction is recorded on a first blockchain or a second blockchain, and the zone
  • the data information is recorded in the blockchain transaction;
  • the transaction index information includes one or more of a block number, a block height, a transaction index number, or a blockchain identifier.
  • the first node sends transaction index information to the relay node, and receives data information that is sent by the relay node according to the transaction index information.
  • the first node may obtain the data information in other manners, which is not limited by the embodiment of the present application.
  • the first node acquires data information according to the transaction index information, and can prevent the encrypted data or the address information of the encrypted data from being directly transmitted in the network, and is easily stolen, and the data information is further improved by using the transaction index information. Security of the transmission.
  • Step 308 The first node obtains encrypted data according to the data information, and decrypts the encrypted data by using a key to obtain data.
  • the data information may be encrypted data to be accessed, or address information corresponding to the encrypted data. Further, if the data information is encrypted data, when the first node receives the data information, Obtaining the encrypted data; if the data information is address information of the encrypted data, the address stored by the data may be encrypted by determining the address information, and then the encrypted data is obtained by using the address.
  • the first node decrypts the obtained encrypted data by using the key obtained by decrypting in step 306 to obtain data to be accessed.
  • the method provided in this embodiment utilizes a data consensus mechanism on the blockchain, so that the requesting party, that is, the first node, can obtain data information from the blockchain or any node on the blockchain, thereby reducing data information in the core network or
  • the burden of repeated transmission between multiple routes reduces transmission delay and improves transmission efficiency.
  • the first node obtains key information of the data from the blockchain, and since the key information of the data is encrypted by the public key of the first node, the authorized first node can decrypt and read With this data, other nodes cannot decrypt and access the data, thereby improving the security of data transmission.
  • the method may further include:
  • Step 309 The first node obtains the data information and the key information obtained from the blockchain as a transaction event, and records it on the third blockchain.
  • the transaction event may be referred to as a first transaction event or a first transaction. Further, the first node may broadcast the first transaction event to any node of the third blockchain to record the first transaction event on the third blockchain.
  • the first transaction event recorded on the third blockchain may include one or more of the following: a data identifier, a device identifier accessing the data, a time of accessing the data, transaction index information, and a first blockchain.
  • the transaction identifier information of the blockchain includes: a block number of the transaction and/or an index of the transaction.
  • the encrypted data or the data information of the encrypted data may also be recorded, stored, and stored in the second blockchain. on.
  • the first blockchain a transaction that records key information of data.
  • Second blockchain A transaction that records data information.
  • the third blockchain records the event transaction, for example, records the key information of the first blockchain node providing data for the first node, and the second blockchain node provides the first node with data information.
  • the transaction recorded by the first blockchain includes one or more of the following: a connection identifier, a cross-chain identifier, identification information of the first node, a data identifier, a first node identifier, a device identifier of the first node, and a first The public key of the node, the key information of the data, the transaction index information, the time of accessing the data, the identifier of the first block chain node, the transaction identification information of the first block chain node, the hash hash of the data, and the key information of the data Hash and so on.
  • the transaction recorded by the second blockchain includes one or more of the following: a connection identifier, a cross-chain identifier, identification information of the first node, a data identifier, a first node identifier, a device identifier of the first node, and a first The public key of the node, the transaction index information, the second block chain node identifier, the transaction identifier information of the second block chain node, the hash hash of the data, the data information hash, the address information hash of the encrypted data, or the key information of the data Hash, stimulus, hash of stimulus response, time to generate response, etc.
  • the transaction recorded by the third blockchain includes one or more of the following: a connection identifier, a cross-chain identifier, identification information of the first node, a data identifier, a first node identifier, a public key of the first node, and access data.
  • a connection identifier a connection identifier
  • a cross-chain identifier identification information of the first node
  • a data identifier a data identifier
  • a first node identifier a public key of the first node
  • access data Time, blockchain node identifier, transaction chain identification information of the blockchain node, transaction index information, cross-chain identification, data hash hash, data information hash, encrypted data address information hash, data key information hash
  • the first node acquires the transaction of the key information of the data information and the data
  • the first blockchain provides the key information of the data for the first node
  • the key information of the second blockchain for providing the data for the first node.
  • the hash hash of the data recorded in the blockchain transaction is used to verify the authenticity and integrity of the data transmission. Specifically, for example, after decrypting the data, the first node obtains the hash of the decrypted data according to the hash algorithm. The first node also retrieves the data hash from the blockchain (eg, the second blockchain). Further, the first node compares the hash of the data with the hash of the decrypted data, and if the two values are inconsistent, the data obtained by the first node is falsified data; or, if the two values are consistent, the first The data obtained by a node is trusted data.
  • the blockchain eg, the second blockchain
  • the first blockchain, the second blockchain, and the third blockchain may be the same blockchain.
  • the identifier may be identified, for example, Connect the logo to connect.
  • the three associated transactions may be connected by a cross-chain identifier, that is, by cross-chaining
  • the identity establishes an association.
  • the third blockchain recording the event transaction may be the same as the first blockchain or the second blockchain, for example, the first blockchain transaction Recording: an transaction of the key information of the data and an event transaction in which the first blockchain node provides key information for the first node; the two blockchain transaction records: a transaction of data information and an event transaction in which the second blockchain node provides data information for the first node, then two transactions in the first blockchain for the first node may be identified by a connection Establishing an association, two transactions in the second blockchain for the first node may also be associated by a connection identifier, for the first node, the first blockchain and the second blockchain Transactions in these two blockchains can be linked by cross-chain identification.
  • connection identifier In a nutshell, associated transactions in the same blockchain are associated with a connection identifier, and associated transactions in different blockchains are associated with a cross-chain identity.
  • the connection identifier and the cross-chain identifier may be two different identifiers, or the connection identifier and the cross-chain identifier may be the same identifier, thereby being in the same blockchain and different blockchains. Establish a connection relationship with related transactions.
  • the relay node may be a blockchain node, such as a first blockchain node, and then perform the method steps of the first blockchain node.
  • the relay node may also be an edge device node, for example, the base station Node1 (N1 for short), for receiving and forwarding related information of the first node, and sending various feedback information in the blockchain network to the first node. .
  • a node on the second blockchain for example, a second blockchain node
  • a node for storing or recording the data information may be the same node as the data source node. It can also be a different node.
  • the first blockchain node and the second blockchain node may be the same node, or Is a different node.
  • the first blockchain node and the data source node may be the same node or different nodes, which is not limited in this application.
  • the method of the present application further includes:
  • the first node verifies the decrypted data, and specifically includes:
  • the first node obtains a data hash, wherein the first node may be obtained from a provider second blockchain or a second blockchain node of the data information, and may also be obtained from a data source node or other nodes.
  • the data hash includes: a hash hash of the data requested to be accessed, a data information hash, an address information hash of the encrypted data, a key information hash of the data, and the like.
  • the first node determines whether the accessed data is tampered with according to the data hash.
  • the first node in step 308 uses the decrypted data to obtain a hash of the decrypted data according to the hash algorithm; the first node compares the hash of the data with the hash of the decrypted data, and if the two values are consistent, the first The data obtained by one node is trusted data. If the two values are inconsistent, the data obtained by the first node is the data that has been tampered with.
  • step 305 in the embodiment, before the first blockchain node sends the key information of the data to the first node, the first node obtains the key information of the data to be described in detail.
  • the specific process includes:
  • the first blockchain node receives a request message sent by the first node or a relay node, where the request message includes first information; the first information includes a data identifier, a first node identifier, or a transaction index. Any of the information.
  • the first blockchain node searches for the first information according to one or more of a data identifier, a first node identifier, a public key of the first node, or transaction index information in the first information.
  • a transaction in which key information of the data is recorded.
  • the method includes searching for the transaction in any of the following ways:
  • the transaction related to the data identification is searched according to the data identifier
  • the transaction related to the first node identifier is searched according to the public key of the first node;
  • the transaction related to the transaction index information is searched according to the transaction index information, where the transaction index information includes one or more of a block number, a block height, a transaction index number, or a blockchain identifier; or
  • a fifth manner searching for a transaction related to the first node identifier according to two or more of a data identifier, a first node identifier, a public key of the first node, and transaction index information;
  • the condition of the first identifier is added to improve the accuracy of the search.
  • the first block chain node obtains a first identifier, where the first identifier includes: a first block chain node identifier, a transaction identifier information of the first block chain node, a second block chain node identifier, and a second The transaction identification information, the connection identifier or the cross-chain identification of the blockchain node, and the like, determining the transaction according to the first information and the first identifier.
  • the first identifier may be pre-stored on the blockchain, or the first blockchain node may be obtained from the data source node.
  • the related information may be searched for by other means or by adding new information, thereby providing the first node with key information of the data.
  • the other methods are not limited in this application.
  • the first blockchain node can quickly find the first blockchain that matches the information by using the data identifier or the first node identifier or the transaction index information included in the first information, and the first identifier. Transaction, and then quickly obtain the key information of the data through the information recorded in the transaction, thereby realizing the rapid acquisition of the shared information on the blockchain, compared to the key information obtained from the data source node or the data provider, Reduced time.
  • the process of searching for the data information required by the first node by the first block chain node or other nodes, such as the second block chain node or the data source node may also be referred to any of the foregoing first to sixth methods.
  • the transaction is not described in this embodiment.
  • This embodiment provides a data transmission method, and the method can be used for a node that does not apply for accessing data for the first time, for example, a process in which the first node initiates data access to the blockchain network.
  • the method may also be performed on the basis of the first embodiment. After the first node applies for accessing data for the first time, the first node in this embodiment initiates an access request for the same data.
  • the method can also be performed separately, and the first node initiates a data access request to the blockchain node.
  • This embodiment is based on the method step of the first node requesting access to data for the first time in the first embodiment, and the first node requests access to the same data for detailed description.
  • the first blockchain is used to record key information of data.
  • the key information of the data has been recorded as a transaction of the first blockchain and recorded in the first blockchain.
  • the key information of the corresponding data has been recorded as a through transaction in the first blockchain.
  • the third blockchain can be used to record key information for node X to provide data information and/or data for node Y.
  • the "node X provides the key information of the node Y for the data information and/or the data" event as the transaction of the third blockchain
  • the transaction of the third blockchain may be called Specifically for the event transaction, the following may be included: "Node X provides data information for node Y", or may be "Node X provides key information for node Y", "Node X provides data information for node Y and Key information").
  • the first node needs to access the data, and the relay node provides the first node with the data information and/or the key information of the data as the third blockchain transaction (also called event transaction) recorded in the area.
  • the third blockchain transaction also called event transaction
  • the first node needs to access certain data, which is data that has been encrypted.
  • the first node needs to obtain the data, as well as the key of the data.
  • the first node obtains the data by finally obtaining the data information of the data and the key information of the data, thereby finally decrypting the encrypted data according to the two pieces of information.
  • the method includes the following steps:
  • Step 401a Recording the key information of the data as a transaction of the first blockchain in the first blockchain.
  • the data source node records the key information of the data on the first blockchain.
  • the key information of the data is key information of data that the first node needs to access, and is recorded in the first blockchain.
  • the key information of the data may be generated by the data source node encrypting the data key (key) by using the public key of the first node.
  • the key information of the data includes an encrypted data key (key) or address information of the encrypted data key.
  • Step 401b Record data information (including address information of data or data) and data hash hash on the second blockchain.
  • the data source node records the data or data-related address information as a transaction, and records it in the second.
  • the blockchain node On the blockchain node.
  • the data information is encrypted data requested by the first node, or address information of the encrypted data.
  • the information recorded in the second blockchain may further include one or more of the following: a data identifier, a first node identifier, a device identifier of the first node, a public key of the first node, transaction index information, and a second region.
  • the transaction of the second blockchain may include one or more of the following: a connection identifier, a cross-chain identifier, identification information of the first node, a data identifier, a first node identifier, a device identifier of the first node, and a Public key of a node, transaction index information, second block chain node identifier, transaction identification information of the second block chain node, data information hash, address information hash of encrypted data, or key information hash of data, incentive, incentive
  • the data hash, the data hash hash, and the data hash are the same meaning in the present invention.
  • the three words can be collectively referred to as the hash of the data.
  • Step 402 The first node sends a request message to the relay node.
  • the request message may be used to request access to certain data or the data information and/or key information requesting the data.
  • the data information may be encrypted data or address information of the encrypted data.
  • the key information of the data may be an encrypted data key or address information storing an encrypted data key.
  • the request message includes first information, where the first information includes one or more of a data identifier, a first node identifier, a first node public key, or transaction index information that the first node requests to access.
  • the second request message may further include the first identifier, where the first identifier includes transaction identifier information, a blockchain node identifier, a connection identifier, or a cross-chain identifier of the blockchain node.
  • the relay node may be the node closest to the first node, and the relay node may be a node on the blockchain.
  • Step 403a The relay node receives the request message, and searches for a transaction related to the first information according to the first information carried in the request message, and obtains corresponding data from the transaction. Key information.
  • the process of the relay node searching for the related transaction and the key information of the obtained data may refer to the specific description of step 305 in the first embodiment.
  • the relay node searches, according to the first information, whether there is a transaction related to the first information, where the key information of the data is recorded; if yes, from the transaction The key information of the data is obtained; if not, the access is denied.
  • the relay node obtains the key information of the data from the transaction, including: the relay node sends the request message to the first blockchain node, the first block The chain node receives key information of the data fed back according to the request message.
  • the relay node may further search for the key information of the data information and the data according to the first identifier and the first information, where the first identifier includes: a first blockchain The node identifier, the transaction identifier information of the first blockchain node, the second blockchain node identifier, the transaction identifier information of the second blockchain node, or the cross-chain identifier.
  • Step 403b The relay node determines whether the first node has access rights.
  • determining whether the first node has the right to access the data includes: determining whether there is a transaction related to the first information requested by the first node on the blockchain, that is, determining whether the first node acquires the corresponding data.
  • the key information if there is a related transaction, or obtains the key information of the data, indicates that the first node has access rights; otherwise, it does not have access rights.
  • the method further includes: the relay node, when determining that the first node does not have the access right, feeding back a message to the first node, where the message is used to notify the first node that the data acquisition fails, or the message includes the first node There is no permission to access the content of this data.
  • Step 404a If there is access authority, the relay node may provide data information for the first node. Specifically, when the data information is provided, it is determined whether the data information is stored locally at the first node.
  • Step 405a If stored, directly send the data information to the first node.
  • Step 405b If the first node does not store the data information, the relay node may acquire the data information from other nodes.
  • the relay node sends the request message to the second blockchain node, and the second block chain node determines, according to the first information carried in the request message, the first information. Data information and send the data information to the relay node.
  • the first node may further obtain the data information from the data source node or the first blockchain or other neighboring relay nodes.
  • the relay node sends the request message to the data source node, where the data source node determines the related data information according to the first information carried in the request message, and the data is Information is sent to the relay node.
  • Step 406 The data information sent by the relay node to the first node and the key information of the data.
  • Step 407 The first node obtains the encrypted data according to the data information, and decrypts the key information of the acquired data by using a private key of the first node to obtain a key, and then uses the key pair to Encrypted data is decrypted to obtain access data.
  • the process in which the first node obtains the encrypted data by using the data information, and obtains the key by using the key information of the data, and decrypts the obtained data is the same as that in the first embodiment, and may refer to step 306 and step 308 of the first embodiment. This embodiment will not be described again.
  • the method provided in this embodiment utilizes a data consensus mechanism of a blockchain.
  • the first node may directly obtain key information of data information and data from an edge device that is closer to the distance, such as a relay node. Therefore, the first node can be prevented from obtaining the information from the data source node that is far away, resulting in a long transmission delay, and can also avoid repeated transmission of data between the core network or the relay node.
  • the relay node verifies whether the first node has access rights according to the request message from the first node, and issues a transaction related to the request message, such as key information of the data, according to the verification result.
  • the node that does not have permission is denied access request, which improves the transmission efficiency and guarantees the rights of the data provider.
  • the relay node may be the same as or different from the first blockchain node, and the relay node may be an edge device, such as a base station.
  • the method described in this embodiment further includes:
  • Step 408 The first node records, as a block transaction, a "relay node providing data information of the first node and key information of the data" as a blockchain, which is recorded on the blockchain.
  • a “relay node providing data information of the first node and key information of the data” as a blockchain, which is recorded on the blockchain.
  • the blockchain may be a first blockchain or a third blockchain, or a new blockchain.
  • the event transaction includes one or more of the following: a data identifier, a first node identifier, a public key of the first node, a time of accessing the data, transaction index information, a first blockchain node identifier, and a first blockchain node.
  • Transaction identification information second blockchain node identifier, transaction identification information of the second block chain node, cross-chain identification, data hash hash, data information hash, encrypted data address information hash or data key information Hash and so on.
  • First blockchain a transaction that records key information of data
  • Second blockchain a transaction that records data information
  • the third blockchain recording event transactions, including: recording key information of the first blockchain node providing data for the first node, and the second blockchain node providing data information for the first node (Embodiment 1), and
  • the relay node in this embodiment provides the first node with data information and key information of the data.
  • first blockchain, the second blockchain, and the third blockchain are the same blockchain, that is, all three transactions are recorded on the same blockchain, then the various blocks on the blockchain Transactions can be connected by a connection identifier. If the three blockchains are different blockchains, then the three associated transactions can be connected by a cross-chain identity.
  • the transaction of the first blockchain is used to record key information of the data to ensure data security and access rights.
  • the transaction of the first blockchain includes information such as: data identification, device identification, data key information, data hash, and the like.
  • the second blockchain is used to record the number information to ensure traceability of the data transaction; the second blockchain transaction records information including: data identification, device identification, and transaction of the first blockchain.
  • the third blockchain is used to provide key information for the first node and the first node with data information and/or data.
  • the transaction of the third blockchain includes: data identification, device identification, data address, data hash, transaction identification information of the first blockchain, and transaction identification information of the second blockchain.
  • an event transaction in which the “relay node provides the first node with the data information and the key information of the data” may also be recorded on the first blockchain and the second blockchain respectively, for example, the relay node
  • An event transaction for providing key information of the data for the first node is recorded on the first blockchain
  • an event transaction for providing the relay node with the data information for the first node is recorded on the second blockchain.
  • the process of obtaining the key information of the data information and/or the data according to the request message from the first node is specifically implemented in the following manner:
  • Manner 1 The relay node reads, according to the first information, the key information of the data in the first blockchain, where the key information of the data is data that the first node needs to access. Data key information;
  • the relay node obtains the data key information
  • the first node has the right to access the data, whereby the relay node transmits the data information and the key information of the data to the first node.
  • the method further includes: the relay node may send a message to the first node to notify the first node to request data failure, or notify the first The node does not have access to the data, or the notification denies providing data to the first node.
  • Manner 2 The relay node sends a request message to the first blockchain node according to the first information, and is used to request the data key information, where the data key information is a data that the first node needs to access. Corresponding key information.
  • the message fed back to the relay node by the first blockchain node includes the key information of the data, it indicates that the first node has the right to access the data, and then the relay node provides the first node with the data information and The key information of the data, for example, the relay node sends the data information and the key information of the data to the first node.
  • the method further includes: the relay node sends a feedback message to the first node, where the feedback message is used to notify the first node that the data request fails, or does not have access to the data, or denies access and the like.
  • first node in the various embodiments of the present application may be the same node or the different node in the first embodiment, in order to correspond to various possible technical solutions of the present application.
  • first node is used as an example.
  • second node or the third node may be named. This application does not limit this.
  • the embodiment further provides a data transmission method.
  • the method includes a three-part process, namely, an A part, a B part, and a C part, wherein the A part method describes a process in which the first node (U1) requests access to data.
  • the Part B method describes the process by which the second node (U2) requests access to the data, and the Part C method describes the process by which the third node (U3) requests access to the data.
  • the three parts of the method flow can be independently executed, or a combination of two or two, for example, the combination of the A part and the B part, the combination of the B part and the C part, or the combination of the A part, the B part and the C part. This is not limited.
  • the method flow of Part A describes the process by which the first node U1 requests access to data.
  • FIG. 5 it includes:
  • Step A1 The data source node (for example, the data provider) records the information of the data as a transaction on the first blockchain.
  • the key information of the data may be an encrypted data key (key), or address information stored by the data key, etc.; specifically, the key information of the data is an encrypted data key (key):
  • the key of the data is encrypted by using a public key of the device accessing the data (for example, the public key of the node U1), and the key information of the data is recorded as a transaction. On a blockchain.
  • Step A2 The node U1 sends a request message to the node N1, and the request message is used to request access to the data.
  • the request message includes at least one of the following: a data identifier (Data ID), a node U1 identifier (or a device identifier of the first node), a public key of the node U1 or transaction index information, and may further include a first area.
  • Data ID data identifier
  • node U1 identifier or a device identifier of the first node
  • public key of the node U1 or transaction index information may further include a first area.
  • the identification of the blockchain etc.
  • Step A3 The node N1 (for example, the node Node1) receives the node U1 to send a request message, and obtains the key information of the data corresponding to the data requested by the node U1 according to the content carried in the request message.
  • a possible implementation manner is that the node N1 searches for a transaction (the transaction) related to the identifier of the data and the identifier of the node U1 in the first blockchain according to the data identifier and the identifier of the node U1 in the request message, if any Corresponding transaction records, the key information of the corresponding data is obtained from the first blockchain.
  • the method further includes: determining, by the node N1, whether key information of the data corresponding to the data requested by the node U1 to access the data is recorded in the blockchain, and if there is key information of the data recorded by the transaction, indicating that the node U1 has the access right; Otherwise, there is no permission to access the data.
  • the key information of the data of the node U1 may be searched according to other information in the request message, for example, the transaction index information.
  • the transaction index information For details, refer to the description in the first embodiment and the second embodiment, and details are not described herein again.
  • Step A4 The node N1 obtains key information of the data from the first blockchain.
  • Step A5 After receiving the request message sent by the node U1, the node N1 sends the data request message to the second blockchain or the second blockchain node.
  • the data request message may include, for example, one or more of a data identifier, a node U1 identifier, a public key of the node U1, transaction index information, or a first blockchain identifier.
  • Step A6 After receiving the request message from the node N1, the second blockchain node verifies the access authority of the node U1, and sends the data requested by the node U1 to the node N1.
  • the method for verifying the access authority is: determining whether the node N1 or the first block chain has a transaction, and recording the data identifier or the device identifier of the node U1, that is, determining whether there is a node on the blockchain.
  • the data is data information, and the data information includes encrypted data or address information storing the encrypted data.
  • Step A7 The node N1 transmits the data information and the key information of the data to the node U1.
  • Step A8 The node U1 receives the key information of the data information and the data from the node N1, obtains a key (key) for accessing the data through the key information of the data, and decrypts the encrypted data by using the key. Access the data.
  • the process of requesting access to data by the node U2 to the blockchain is described in the process of Part B.
  • the key information for providing data information and data to the node U2 in the process may be from the same node.
  • the process includes:
  • Step B1 The data source node records the key information of the data on the first blockchain, and the key information of the data is generated by encrypting the data key requested by the node U2 by using the public key of the node U2.
  • Step B2 The node U2 sends a request message to the node N1, where the request message includes one or more of a data identifier, a public key of the node U2, a node U2 identifier (node U2ID), or transaction index information.
  • the request message includes one or more of a data identifier, a public key of the node U2, a node U2 identifier (node U2ID), or transaction index information.
  • Step B3 After receiving the request message, the node N1 determines, according to the data identifier carried in the request message, that the data requested by the node U2 is stored on the node N1.
  • the node N1 determines whether the node U2 has the data access authority. Specifically, the implementation manner is: the node N1 determines whether the key information of the data required by the node U2 can be obtained. If yes, node U2 has access rights; otherwise, it does not have access rights.
  • the node N1 When it is determined that the node U2 has the access right, the node N1 further determines whether the data information required by the node U2 is stored locally; if the data information is stored, the data information may be directly provided to the node U2; For storage, data information can be obtained from other nodes first, and then the data information is sent to node U2.
  • the node N1 queries the related transaction according to the request message, and obtains key information of the encrypted data of the data. Specifically, the node N1 searches for a related transaction in the first blockchain according to the content in the request message, and the key information of the data is recorded in the transaction.
  • Step B4 The node N1 obtains key information of the data from the first blockchain.
  • Steps B5 and B6 The node N1 transmits the data information and the key information of the data to the node U2.
  • Step B7 The node U2 obtains a data key (key) accessing the data by using the key information of the data, and decrypts the encrypted data according to the data key key to obtain the access data.
  • a data key key
  • Step B8 Node N1 will provide data information and data key information for node U2 as a transaction, which is recorded on the third blockchain.
  • the process of requesting access to data by the node U3 to the blockchain is described in the C-part process, in which key information for providing data information and data to the node U3 may come from different nodes.
  • the process includes:
  • Step C1 The data source node records the key information of the data on the first blockchain, and the key information of the data is generated by encrypting the data key requested by the node U3 by using the public key of the node U3.
  • Step B2 The node U2 sends a request message to the node U2, where the request message includes one or more of a data identifier, a public key of the node U3, a node U3 identifier (node U3ID), or transaction index information.
  • the request message includes one or more of a data identifier, a public key of the node U3, a node U3 identifier (node U3ID), or transaction index information.
  • the node U2 is a node that is closer to the node U3.
  • Step C2 The node U2 receives the request message sent by the node U3, and provides the corresponding data information to the node U3.
  • the process of the node U2 providing the data information to the node U3 is the same as the step B2 to the step B5 in the process of the B part, and may refer to the specific steps in the process of the B part, and details are not described in detail.
  • Step C3 Node U3 obtains data key information from node N1.
  • a possible implementation manner is that the node U3 sends a request message to the node N1, and the request message is used for requesting key information of the data.
  • the node N1 searches for a transaction related to the data identifier and the node U3 device identifier in the first blockchain according to the request message, and obtains key information of the data from the record of the transaction, and the node N1 densifies the data.
  • the key information is sent to node U3.
  • the process may also refer to step 2 to step 5 of the part B process.
  • Step C4 The node U3 receives the data information from the node U2, and the key information of the data from the node N1, and obtains a data key (key) for accessing the data through the key information of the data, and according to the data key The key key decrypts the encrypted data to obtain the access data.
  • Step C5 Node U2 will provide data information for node U3 as a transaction, recorded on the third blockchain.
  • Step C6 The node N1 records the key information of the data for the node U3 as a transaction and records it on the third blockchain.
  • the transaction in the third blockchain records: a data identifier requested by the third node, a third node identifier, a public key of the third node, and a data address/address information of the third node requesting access to the data, Data/address information hash, transaction index information, transaction identification information of the first blockchain, connection identifier or cross-chain identification.
  • the node U2 after a node in the network, for example, the node U2 accesses and stores the data information, when another node adjacent thereto, for example, the node U3 requests to access the same data again, the node U2 can directly provide the node U3. Data or data information, thereby preventing node U3 from requesting data from a remote data source node, and saving repeated transmission time and load of data between the core network or multiple network devices, thereby improving transmission efficiency.
  • U1 first initiates a data access request to the blockchain network, and the first block chain node searches for and provides corresponding data according to the request message sent by the node U1.
  • the second block chain node provides data information related to the data for the first node, and sends the data information to the node U1, wherein the relay node N1 is closer to the first node Save the data information.
  • the node U2 initiates a data access request to the blockchain network. If the related data information is stored on the relay node N1, and the node U2 has the data access right, the relay node may store the stored data information.
  • the key information of the data obtained by the first blockchain transaction is provided to the node U2, that is, the data information requested by the node U2 and the key information of the data are all from the same node N1, thereby improving the transmission efficiency and reducing. delay.
  • the identity of the node U2 is verified according to the key information of the data recorded on the blockchain, and the access request is rejected for the node that does not have the access right.
  • the transmission delay is reduced while ensuring the benefit of the data source provider.
  • the node U3 initiates a data access request to the blockchain network, and the requested message is received by the node U2 that is closer to the location. Since the node U2 records and stores the data information, the node U3 can have access rights on the verification node U3. In the case of the data, the corresponding data information is sent, and the first blockchain node is notified to provide the key information of the corresponding data for the node U3.
  • the data information obtained by the node U3 is from the node U2, and the key information of the data is from the first blockchain or the first blockchain node, and the information of different nodes is provided.
  • a first blockchain a transaction for key information for recording data
  • a second blockchain for A transaction that records data information
  • a third blockchain used to record event transactions
  • more or fewer blockchains can be included to record individual transactions in the network and identify or cross-connect through the connection
  • the chain identification is associated with each transaction.
  • This application does not specifically limit the number of blockchains and the transaction content of each blockchain record.
  • the present application may include more embodiments according to the different combinations of the above three parts A to C, for example, the part A process and the part B process are combined into one embodiment, or the part A process and the C part.
  • the combination of the processes, or the combination of the B-part process and the C-part process, is not exemplified herein.
  • a transmission system includes: a terminal device, an access node, and the access node may be a relay node, an access device, or a mobile edge computing (Mobile Edge Computing). , MEC) device, at least one blockchain, and thus a data source node, such as node D.
  • MEC Mobile Edge Computing
  • This embodiment provides a data access authority control method, where the method includes:
  • Step 601 The data source node stores the encrypted data that needs to be provided in the access node.
  • Step 602 The terminal device initiates a process of interacting with the data provider to obtain data access rights when the service or data needs to be acquired.
  • the data provider interacts with the terminal device to enable the terminal device to gain access to the data.
  • Step 603A The data provider records the access control authority of the terminal device on the first blockchain.
  • the access control authority may be represented as key information.
  • the terminal device since the data provider interacts with the terminal device in step 602, the terminal device obtains access rights to the data. Thereby, the data provider encrypts the key of the encrypted data by using the public key of the terminal device, and the encrypted key is recorded as the information of the first blockchain of the key information on the first blockchain.
  • the key information includes: an encrypted key, a hash of the encrypted key, and a key
  • Step 603B The data provides that the data information of the terminal device is on the second blockchain.
  • the data information includes at least one of the following: a hash of the data, an encrypted data hash, an encrypted data, and an address of the encrypted data.
  • the data information includes at least one of the following: encrypted data that the first node needs to access, address information of the encrypted data, or a hash of the encrypted data, the data hash;
  • the key information of the data includes at least one of the following: an encrypted data key, address information of the encrypted data key, a hash of the encrypted data key, and a hash of the key address.
  • Step 604 The user equipment obtains blockchain transaction index information related to the data it wants to access.
  • the blockchain transaction index information includes: a block height, a block number, a blockchain identifier, and a transaction index number, and may also include a data identifier, a terminal device identifier, or a blockchain node identifier that the terminal device requests to access. .
  • Step 605 The user equipment sends a request message to the access device, where the request message is used to request key information of the data.
  • the first information includes one or more of a data identifier, a first node identifier, a first node public key, or transaction index information.
  • the terminal device selects an access node in a direct or indirect manner.
  • the access node is a device that is closest to the location of the terminal device, and then sends the request message to the access node.
  • Step 606 After receiving the request message, the access node checks whether the terminal device has the access right according to the transaction index information carried in the request message through the access control blockchain (for example, the first blockchain).
  • the access control blockchain for example, the first blockchain.
  • the access node may obtain, by using an access control blockchain node, key information of whether the data is saved in the blockchain.
  • the transaction index information if a corresponding transaction is found in the first blockchain, and the transaction is used to record data key information of data that the terminal device needs to access, it indicates that the terminal device has access rights; otherwise, The terminal device does not have access to the data.
  • Step 607 If the access node confirms that the terminal device has the access right, the access node provides the key information and/or the encrypted data to the terminal device.
  • this step is to provide the key information and the encrypted data as an example to illustrate the invention: if the access node confirms that the terminal device has the access right, the access node determines whether the access node saves the encrypted data, if the save The access node provides the key information and the encrypted data obtained from the first blockchain to the terminal device.
  • the access node may determine whether the encrypted data is saved according to the first information provided in the request message.
  • Step 609 The terminal device acquires key information of the encrypted data and the data, decrypts the key information of the data by using the private key of the terminal device to obtain a key, and performs the encrypted data by using the decrypted key. Decrypt, get access to the data.
  • Step 610 The terminal device obtains a hash of the data from the second blockchain.
  • the second blockchain is used to record data information.
  • the data information includes at least one of the following: a hash of the data, an address of the data, a hash of the encrypted data, an encrypted data, a storage address of the data, and the like.
  • Step 611 The terminal device obtains the hash of the decrypted data by using the decrypted data and the hash algorithm, and determines whether the hash of the data and the hash of the decrypted data are the same. If the two values are the same, the data obtained by the terminal device is Reliable data, if not the same, the data obtained by the terminal device is the data that has been tampered with.
  • Step 612 The terminal device provides the access node to the terminal device to provide data as a transaction, and records the data on the third blockchain.
  • the terminal device provides the access node to the terminal device to provide data as a transaction, and records the data on the third blockchain.
  • the transaction of the third blockchain includes at least one of the following: a connection identifier, a cross-chain identifier, a terminal device identifier, a data identifier, a public key of the terminal device, a time for accessing the data, a blockchain node identifier, and a blockchain.
  • the terminal device compares the data hash on the acquired blockchain with the hash generated by the decrypted data to verify the authenticity and integrity of the decrypted data, so that the first node It is possible to judge the reliability of the acquired data.
  • the data source node stores the data in the access device, so that the requesting terminal device can obtain data from the nearest access device or the blockchain, and reduce the repeated transmission of data between the core network or multiple routes. Burden, less transmission delay, and improved transmission efficiency.
  • the access device uses the access control permission query information to verify the access authority of the terminal device, and then delivers the service and data after the terminal device has the access right, thereby ensuring the rights of the data source node.
  • the transactions recorded in the first blockchain and the third blockchain in this embodiment include: a first blockchain for recording key information of data, and a second blockchain for recording data.
  • Information the third blockchain is used to record transactions in which a node (eg, an access node) provides data information to a terminal device.
  • the present application further provides a data transmission apparatus for implementing the method described in, for example, FIG. 3 to FIG. 6.
  • the apparatus includes: a transceiver module 701, a processing module 702, and a storage module 703. Includes other modules or units.
  • the transceiver module 701 is configured to obtain data information and key information of data recorded on the first blockchain;
  • the processing module 702 is configured to obtain encrypted data according to the data information received by the transceiver module 701, obtain a key according to the key information of the data received by the transceiver module, and encrypt the encryption by using the key The data is decrypted to obtain the data.
  • the processing module 702 is specifically configured to use the private key to encrypt the key information when the transceiver module receives the data as the encrypted data key.
  • the data key is decrypted to obtain the key; or, when the key information of the data received by the transceiver module 701 is the address information of the stored data key, the obtained address information is obtained according to the address information.
  • the encrypted data key, and the encrypted data key is decrypted using a private key to obtain the key.
  • the transceiver module 701 is specifically configured to obtain transaction index information, where the transaction index information includes one of a block number, a block height, a transaction index number, or a blockchain identifier.
  • the processing module 702 is specifically configured to determine, according to the transaction index information acquired by the transceiver module 701, the first blockchain transaction, where the key information of the data is recorded in the first blockchain transaction, according to the The first blockchain transaction obtains key information of the data; or
  • the transceiver module 701 is configured to send the transaction index information to a relay node, and receive key information of the data that is forwarded by the relay node according to the transaction index information.
  • the transceiver module 701 is specifically configured to obtain the data information from a first blockchain or a second blockchain; or receive any block of the first blockchain.
  • the transceiver module 701 is specifically configured to obtain transaction index information, where the transaction index information includes one of a block number, a block height, a transaction index number, or a blockchain identifier.
  • the processing module 702 is specifically configured to determine, according to the transaction index information obtained by the transceiver module, a blockchain transaction, where the blockchain transaction is recorded on a first blockchain or a second blockchain. And the data information is recorded in the blockchain transaction;
  • the transceiver module 701 is specifically configured to send the transaction index information to the relay node, and receive data information that is sent by the relay node according to the transaction index information.
  • the processing module 701 is specifically configured to: when the data information is the encrypted data, obtain the encrypted data from the data information; or, in the data information When the address information of the data is encrypted, the encrypted data is searched for and obtained by the address information of the data.
  • the processing module 702 is further configured to record, as a first transaction, an event that obtains data information and key information of the data, on a blockchain;
  • the first transaction includes: a data identifier, a first node identifier, a public key of the first node, a time of accessing the data, a blockchain node identifier, a transaction identifier information of the blockchain node, a transaction index information, and a cross One or more of the chain identifier, the hash hash of the data, the data information hash, the address information hash of the encrypted data, or the key information hash of the data.
  • the transceiver module 701 is further configured to receive a request message from a second node, where the request message includes first information, where the first information includes a data identifier, and a second node identifier.
  • the processing module 702 is further configured to: according to one of the data identifier, the second node identifier, the second node public key, or the transaction index information Key or multiple key information for obtaining data information and/or data;
  • the transceiver module 701 is further configured to send the key information of the data information and/or data to the second node.
  • the processing module 702 is further configured to obtain a private key or a public key generation source of the first node according to an excitation response generated by the physical unclonable function PUF technology.
  • the processing module 702 is further configured to generate an excitation response according to the physical unclonable function PUF technology, and use at least one of the hash of the excitation and the excitation response as the identification information of the first node, so that
  • the identification information of the first node is recorded on a blockchain; the transaction recorded on the blockchain includes one or more of the following: an incentive, a hash of the stimulus response, a node identifier, a time or a node to generate a response Public key.
  • the physical device corresponding to the processing module may be a processor, and the physical device corresponding to the receiving module is a receiver, and the physical device corresponding to the sending module is a transmitter, or may also be a transceiver.
  • the data transmission device can also be applied to a blockchain node on any blockchain, including:
  • the processing module 702 is configured to obtain, by using the first information, the data information requested by the first node and/or the key information of the data, where the first information includes: the data identifier, the first node identifier, and the public key of the first node Or one or more of the transaction index information;
  • the transceiver module 701 is configured to send the data information and/or key information of the data acquired by the processing module to the first node or the relay node.
  • the transceiver module 701 is further configured to receive a request message sent by the first node or the relay node, where the request message includes the first information;
  • the processing module 702 is specifically configured to: search and locate one or more of a data identifier, a first node identifier, a first node public key, or transaction index information in the first information received by the transceiver module. a first information-related transaction in which key information of the data is recorded;
  • the transceiver module 701 is further configured to obtain key information of the data from a record of the transaction.
  • the processing module 702 is specifically configured to determine the transaction according to the first information and the first identifier, where the first identifier includes at least one blockchain node identifier, at least one region. One or more of the transaction identification information or the cross-chain identification of the blockchain node.
  • the transceiver module 701 is specifically configured to receive a second blockchain, or a relay node, or a data source node according to the data identifier, the first node identifier, or the transaction index information.
  • the processing module 702 is further configured to generate transaction index information, where the transaction index information is used to determine a first blockchain transaction, where the first blockchain transaction records the Key information of the data, the transaction index information including one or more of a block number, a block height, a transaction index number, or a blockchain identifier.
  • the physical device corresponding to the processing module may be a processor, and the physical device corresponding to the receiving module is a receiver, and the physical device corresponding to the sending module is a transmitter, or may also be a transceiver.
  • the data transmission apparatus may implement the steps and functions of the relay node of the foregoing method, and the relay node N1 is taken as an example, and the apparatus is specifically configured to:
  • the transceiver module 701 is configured to obtain a request message from the first node, where the request message includes first information, where the first information includes a data identifier, a first node identifier, or transaction index information;
  • the processing module 702 is configured to obtain key information of the data information and/or data according to the first information obtained by the transceiver module 701;
  • the transceiver module 701 is further configured to send the key information of the data information and/or data to the first node.
  • the processing module 702 is specifically configured to confirm whether the first node has access rights; if yes, obtain data information; if not, reject the access request of the first node;
  • the obtaining the data information specifically includes: the device obtaining the data information from a local storage module if the data information is already stored; or, if the data information is not stored, Obtaining the data information from the first blockchain, the second blockchain, or the data source node.
  • the processing module 702 is specifically configured to: the relay node searches, according to the first information, whether there is a transaction related to the first information, where the transaction records The key information of the data; if so, the key information of the data is obtained from the transaction; if not, the access is denied.
  • the transceiver module 701 is further configured to send the request message to the first blockchain node, and the transceiver module 701 is further configured to receive the first blockchain node. And according to the key information of the data fed back by the request message, the key information of the data is generated by being encrypted by the public key of the first node.
  • the processing module 702 is specifically configured to obtain key information of the data information and/or data according to the first information and the first identifier.
  • the first identifier includes: a first blockchain node identifier, transaction identifier information of the first blockchain node, a second blockchain node identifier, transaction identifier information of the second blockchain node, or a cross-chain identifier.
  • the processing module 702 is further configured to send the key information that sends the data information and/or data to the first node as a second transaction, and record the third block. On the chain.
  • the second transaction includes one or more of the following: a data identifier, a first node identifier, a public key of the first node, a time of accessing the data, transaction index information, a first blockchain node identifier, and a first zone.
  • the physical device corresponding to the processing module may be a processor, and the physical device corresponding to the receiving module is a receiver, and the physical device corresponding to the sending module is a transmitter, or may also be a transceiver.
  • the data transmission apparatus may implement the steps and functions of the data source node of the foregoing method, and the node D is taken as an example, and the apparatus is specifically configured to:
  • the processing module 702 is configured to generate key information of the data, and record key information of the data on the first blockchain, so that any one of the blockchain nodes on the first blockchain stores the data.
  • the key information is quickly provided to the first node of the requester, shortening the transmission delay and improving the transmission efficiency.
  • the processing module 702 is specifically configured to receive, by using the transceiver module 701, a request message that is forwarded from the first node or forwarded by the relay node, where the request message includes the first information, according to the The first information is used to determine a public key of the first node, and the key of the data is encrypted by using the public key of the first node to generate key information of the data, where the first information includes a data identifier and a first node. One or more of the identification, the public key of the first node, or the transaction index information.
  • the processing module 702 is specifically configured to send, by using the transceiver module 701, key information of the data to the first blockchain node, to use the first blockchain node to The key information of the data is recorded on the first blockchain; or the key information of the data is broadcasted and stored on the first blockchain.
  • the processing module 702 is further configured to record the encrypted data requested by the first node to be accessed on the second blockchain; or broadcast and store the encrypted data to the On the second blockchain, the data information includes encrypted data or address information of the encrypted data.
  • the data transmission apparatus utilizes the data consensus feature on the blockchain, so that the requesting party, for example, the first node can directly obtain data information from any blockchain node of the blockchain, thereby reducing the data information in the core.
  • the first node obtains key information of the data through the first block chain node, and since the key information of the data is encrypted by the public key of the first node, the authorized first node can decrypt and read the data, Other nodes cannot decrypt and access the data, thereby increasing the security of data transmission.
  • the blockchain node or the relay node verifies whether the first node has the access right according to the request message from the first node, and issues a transaction related to the request message, such as key information of the data, according to the verification result, and Nodes that do not have permission are denied access requests, which in turn improves the transmission efficiency while ensuring the rights of the data provider.
  • the physical device corresponding to the processing module may be a processor, and the physical device corresponding to the receiving module is a receiver, and the physical device corresponding to the sending module is a transmitter, or may also be a transceiver.
  • the present application also provides a network node.
  • the network node may be a network element device, a site, a blockchain node, a data source node, a base station, a UE, an MEC device, a terminal, and the like in the foregoing embodiments.
  • the network node includes a transceiver 801 (transmitter/receiver), a processor/controller 802, and a memory 803.
  • a transceiver 801 transmitter/receiver
  • a processor/controller 802 the network node includes a processor/controller 802 and a memory 803.
  • more or fewer components may be included, or a combination may be included. These components, or different component arrangements, are not limited in this application.
  • the transceiver 801 may include a receiving module and a sending module, configured to implement communication transmission between each network element or node in the transmission system, such as sending and receiving data, signaling, request messages, and the like.
  • the transceiver 801 may include a wireless local area network (WLAN) module, a Bluetooth module, a baseband module, and the like, and a radio frequency (RF) circuit corresponding to the communication module.
  • WLAN wireless local area network
  • RF radio frequency
  • Bluetooth communication infrared communication
  • cellular communication system communication such as wideband code division multiple access (WCDMA) and/or high speed downlink packet access (high speed downlink packet access) , HSDPA).
  • WCDMA wideband code division multiple access
  • HSDPA high speed downlink packet access
  • the processor 802 is a control center of a network node, and connects various parts of the entire terminal device by using various interfaces and lines, by running or executing software programs and/or modules stored in the memory 803, and calling and storing in the memory 803.
  • the instructions are executed to perform the method steps of the various embodiments of Figures 2-6.
  • the processor 802 may be composed of an integrated circuit (IC), for example, may be composed of a single packaged IC, or may be composed of a plurality of packaged ICs that have the same function or different functions.
  • the processor 802 may include only a CPU, or may be a combination of a GPU, a digital signal processor (DSP), and a control chip (eg, a baseband chip) in the transceiver module.
  • the CPU may be a single computing core or may include multiple computing cores.
  • the memory 803 may include a volatile memory, such as a random access memory (RAM), and may also include a non-volatile memory, such as a flash memory.
  • RAM random access memory
  • non-volatile memory such as a flash memory.
  • HDD hard disk drive
  • SSD solid-state drive
  • Programs or code may be stored in the memory, and the processor may implement the functions of the network node by executing the program or code.
  • all of the functions of the transceiver module shown in FIG. 7 may be implemented by the transceiver 801 of the network node, or by the transceiver 801 controlled by the processor 802; the functions to be implemented by the processing module shown in FIG. It can be implemented by the processor 802.
  • the memory 803 is configured to store instructions or various information, such as a request message, a first identification, a first information, a first transaction, a second transaction, a third transaction, and the like.
  • the present application further provides a computer storage medium, wherein the computer storage medium may store a program, and the program may include some or all of the steps in each embodiment of the data transmission method provided by the application.
  • the storage medium may be a magnetic disk, an optical disk, a ROM, a RAM, or the like.
  • the terminal described in the present application is used for the data transmission between the device to device (D2D), the network element to the device, and the network element to the network element.
  • a blockchain node can be a network element or a device.
  • An exemplary storage medium is coupled to the processor to enable the processor to read information from, and write information to, the storage medium.
  • the storage medium can also be an integral part of the processor.
  • the processor and the storage medium can be located in an ASIC. Additionally, the ASIC can be located in the user equipment. Of course, the processor and the storage medium may also reside as discrete components in the user equipment.
  • the functions described herein can be implemented in hardware, software, firmware, or any combination thereof.
  • the functions may be stored in a computer readable medium or transmitted as one or more instructions or code on a computer readable medium.
  • Computer readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one location to another.
  • a storage medium may be any available media that can be accessed by a general purpose or special purpose computer.
  • the terminal device may be a device that provides voice and/or data connectivity to a user, a handheld device with a wireless connection function, or other processing device connected to a wireless modem.
  • the wireless terminal can communicate with one or more core networks via a Radio Access Network (RAN), which can be a mobile terminal, such as a mobile phone (or "cellular" phone) and a computer with a mobile terminal.
  • RAN Radio Access Network
  • RAN can be a mobile terminal, such as a mobile phone (or "cellular" phone) and a computer with a mobile terminal.
  • RAN Radio Access Network
  • it may be a portable, pocket, handheld, computer built-in or in-vehicle mobile device that exchanges language and/or data with a wireless access network.
  • a wireless terminal may also be called a system, a subscriber unit, a subscriber station, a mobile station, a mobile station, a remote station, an access point, or an access point.
  • Remote Terminal Access Terminal, User Terminal, User Agent, User Device, or User Equipment.
  • the network device involved in the embodiments of the present invention may be a base station, or an access point, or may refer to a device in the access network that communicates with the wireless terminal through one or more sectors on the air interface.
  • the base station can be used to convert the received air frame to the IP packet as a router between the wireless terminal and the rest of the access network, wherein the remainder of the access network can include an Internet Protocol (IP) network.
  • IP Internet Protocol
  • the base station can also coordinate attribute management of the air interface.
  • the base station may be a base station (BTS, Base Transceiver Station) in GSM or CDMA, or may be a base station (NodeB) in WCDMA, or may be an evolved base station (eNB or e-NodeB, evolutional Node B) in LTE. This application is not limited.
  • the present application further provides a transmission system for implementing data sharing and access authority control between network nodes, the system including a first node, at least one blockchain, and the plurality of zones on the blockchain
  • the block chain node may further include a relay node and a data source node, wherein the relay node and the data source node may be a certain block chain node.
  • each node in the transmission system is configured to perform the method steps as shown in FIGS. 2 to 6:
  • Step 1 The data source node will generate key information of the data, and record the key information of the data on the first blockchain;
  • Step 2 The first node generates a request message, where the request message includes: one or more of a data identifier or a first node identifier or transaction index information;
  • Step 3 The first node sends the request message, specifically, the first node may send the request message to a relay node, such as an MEC device, or to the first blockchain node, for example,
  • the relay node is the same node as the first blockchain node.
  • the request message is used to request access to data and data key information for the first node.
  • Step 4 The relay node obtains a request message from the first node, where the request message includes first information, where the first information includes a data identifier, a first node identifier, a public key of the first node, or transaction index information. One or more of the data; obtaining key information of the data information and/or data according to the first information.
  • a specific implementation manner is: the relay node obtains the data information from a local database, or from the first blockchain node or other, if the first node has the access right. The node obtains the data information.
  • the process of obtaining the key information of the data by the relay node may specifically include: the relay node sending the request message to the first blockchain node; the first blockchain node receiving the request message, according to the Determining, in the transaction, the data related to the first information by one or more of a data identifier carried in the request message, a first node identifier, a public key of the first node, or transaction index information. Key information; obtaining key information of the data from the transaction.
  • the first blockchain node may further search for and obtain key information of the data according to the first identifier and the first information, where the first identifier includes: a first blockchain node identifier, and a first Transaction identification information of the blockchain node, second blockchain node identifier, transaction identification information of the second blockchain node, or cross-chain identification.
  • the first block chain node transmits key information of the found data to the relay node, and the relay node receives key information of data from the first block chain node.
  • Step 5 The relay node sends the data information and the key information of the data to the first node.
  • the data information includes: encrypted data requested by the first node or address information of the encrypted data; the key information of the data includes: an encrypted data key or address information storing the encrypted data key.
  • Step 6 The first node receives the data information from the relay node and the key information of the data, obtains the encrypted data according to the data information, and obtains the key according to the key information of the data.
  • the first node obtains the encrypted data from the data information, or the first node searches for and obtains the encrypted data by using the address information of the data.
  • the obtaining, by the first node, the key information of the data includes: obtaining, by the first node, transaction index information, where the transaction index information includes a block number, a block height, a transaction index number, and a blockchain identifier. One or more; determining, according to the transaction index information, the first blockchain transaction, wherein the key information of the data is recorded in the first blockchain transaction, obtained according to the first blockchain transaction Key information of the data.
  • the first node decrypts the encrypted data key using the private key of the first node to obtain the key.
  • Step 7 The first node decrypts the encrypted data by using the key to obtain data.
  • the data information and the key information of the data may be provided by the same blockchain node, for example, the first blockchain node, and may also be provided by different nodes, for example, the key information of the data is first.
  • the blockchain node provides the data information provided by the second blockchain node or provided by the data source node.
  • step 8 the first node obtains the obtained key information of the data and the data information as a first transaction, and records it on the blockchain.
  • the first transaction includes one or more of the following: a data identifier, a first node identifier, a public key of the first node, a time of accessing the data, a blockchain node identifier, a transaction identifier information of the blockchain node, Transaction index information, cross-chain identification, hash hash of data, data information hash, address information hash of encrypted data, or key information hash of data.
  • the key information that sends the data information and/or data to the first node may be recorded by the relay node as a second transaction on the third blockchain.
  • the method further includes:
  • Step 9 The second node sends a second request message to the relay node closest to the second node, where the second request message includes one or more of the second node identifier, the data identifier of the requested access, or the transaction index information. .
  • the relay node may be a blockchain node or an accessed MEC device, such as a base station serving a second node.
  • Step 10 The relay node receives the second request message from the second node, and verifies whether the second node has the access right according to the identifier information carried in the second request message.
  • Step 11 If yes, obtain the data information of the data information and data requested by the second node on the local or blockchain node, and send the information to the second node.
  • the process of obtaining the key information of the data information and the data refers to the processes in the foregoing steps 4 to 6, or the method flow of the foregoing Embodiment 1 and Embodiment 2, and details are not described herein again.
  • Step 12 The second node receives key information of data information and data from the relay node, obtains encrypted data according to the data information, and obtains a key according to key information of the data; and uses the key pair The encrypted data is decrypted to obtain data.
  • the data requested by the first node and the second node may be the same or different.
  • the method further includes the second node or the relay node or the first block chain node generating a transaction and recording on the third blockchain.
  • the transaction includes one or more of the following: a data identifier, a first node identifier, a public key of the first node, a time of accessing the data, a blockchain node identifier, a transaction identifier information of the blockchain node, and a transaction index.
  • Information cross-chain identification, hash hash of data, data information hash, address information hash of encrypted data, or key information hash of data.
  • the system provided in this embodiment utilizes the characteristics of data sharing on the blockchain, so that the requesting party, for example, the first node can directly obtain data information from any blockchain node of the blockchain, thereby reducing data information in the core network. Or the burden of repeated transmission between multiple routes, less transmission delay, and improved transmission efficiency.
  • the first node obtains key information of the data through the first block chain node, and since the key information of the data is encrypted by the public key of the first node, the authorized first node can decrypt and read the data, Other nodes cannot decrypt and access the data, thereby increasing the security of data transmission.
  • the encrypted data can be obtained directly from the edge device, further saving the transmission delay.
  • the block chain node or the relay node verifies whether the requesting node has access rights according to the request message from the first node or the second node, and issues a transaction related to the request message according to the verification result, for example, data.
  • the key information, and the node that does not have the permission to reject the access request thereby improving the transmission efficiency and ensuring the rights of the data provider.
  • the technology in the embodiments of the present application can be implemented by means of software plus a necessary general hardware platform.
  • the technical solution in the embodiments of the present application may be embodied in the form of a software product in essence or in the form of a software product, and the computer software product may be stored in a storage medium such as a ROM/RAM. , a diskette, an optical disk, etc., including instructions for causing a computer device (which may be a personal computer, server, or network device, etc.) to perform the methods described in various embodiments of the present application or portions of the embodiments.
  • a computer device which may be a personal computer, server, or network device, etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Finance (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé et un dispositif de transmission de données et un nœud de réseau. Le procédé comprend les étapes suivantes : acquérir, par un premier nœud, des informations de données et des informations de clé de données enregistrées sur une première chaîne de blocs ; acquérir des données chiffrées selon les informations de données, et acquérir une clé selon les informations de clé des données ; et utiliser la clé pour déchiffrer les données chiffrées pour acquérir des données. Le procédé utilise les caractéristiques de partage de données sur une chaîne de blocs, de sorte qu'un premier nœud d'un demandeur peut acquérir directement des informations de données auprès de n'importe quel nœud de chaîne de blocs de la chaîne de blocs, ce qui réduit la charge de transmission répétée d'informations de données sur un réseau central ou entre de multiples routages, et réduit les retards de transmission.
PCT/CN2018/103046 2018-02-13 2018-08-29 Procédé et dispositif de transmission de données et nœud de réseau WO2019157810A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810151008.6 2018-02-13
CN201810151008.6A CN110166411B (zh) 2018-02-13 2018-02-13 一种数据传输方法、装置和网络节点

Publications (1)

Publication Number Publication Date
WO2019157810A1 true WO2019157810A1 (fr) 2019-08-22

Family

ID=67618499

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/103046 WO2019157810A1 (fr) 2018-02-13 2018-08-29 Procédé et dispositif de transmission de données et nœud de réseau

Country Status (2)

Country Link
CN (1) CN110166411B (fr)
WO (1) WO2019157810A1 (fr)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110516474A (zh) * 2019-08-27 2019-11-29 腾讯科技(深圳)有限公司 区块链网络中的用户信息处理方法、装置、电子设备及存储介质
CN110751475A (zh) * 2019-10-24 2020-02-04 杭州趣链科技有限公司 一种区块链交易的跨链方法及系统、设备和存储介质
CN111448565A (zh) * 2020-02-14 2020-07-24 支付宝(杭州)信息技术有限公司 基于去中心化标识的数据授权
WO2021034264A1 (fr) * 2019-08-22 2021-02-25 Quantumciel Pte. Ltd. Dispositif, système et procédé pour fournir une sécurité d'informations
CN112528334A (zh) * 2020-12-16 2021-03-19 平安普惠企业管理有限公司 基于区块链网络的数据获取方法、装置以及计算机设备
CN112749969A (zh) * 2020-11-16 2021-05-04 腾讯科技(深圳)有限公司 一种数据处理方法、装置、计算机设备及存储介质
CN112866222A (zh) * 2021-01-11 2021-05-28 华控清交信息科技(北京)有限公司 一种数据处理方法、装置和用于数据处理的装置
CN113486393A (zh) * 2021-06-16 2021-10-08 中国联合网络通信集团有限公司 基于区块链的个人信息共享方法、节点、设备及存储介质
US11372848B2 (en) * 2020-07-03 2022-06-28 Alipay Labs (singapore) Pte. Ltd. Managing transactions in multiple blockchain networks
CN115049493A (zh) * 2022-06-29 2022-09-13 北京知帆科技有限公司 一种区块链数据追踪方法、装置及电子设备
CN115776389A (zh) * 2022-11-01 2023-03-10 龙应斌 一种基于可信认证链路的防窃取数据安全访问方法及系统

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110572460B (zh) * 2019-09-11 2021-05-14 腾讯科技(深圳)有限公司 基于区块链系统的数据传输方法、装置及计算机设备
CN111800373B (zh) * 2019-09-27 2022-08-12 北京京东尚科信息技术有限公司 基于属性基加密区块链的数据访问方法及装置
CN110868292B (zh) * 2019-12-03 2021-12-14 湖南国奥电力设备有限公司 基于区块链的地下电缆数据传输方法和装置
CN111131254B (zh) * 2019-12-25 2022-04-15 中国联合网络通信集团有限公司 文件处理方法、区块链节点、区块链和存储介质
CN111327591A (zh) * 2020-01-19 2020-06-23 广州得众信息技术有限公司 基于区块链的数据传输方法、系统及存储介质
CN111552215B (zh) * 2020-05-22 2022-02-11 中国联合网络通信集团有限公司 物联网设备安全防护方法和系统
CN112423302B (zh) * 2020-12-02 2024-01-09 中国联合网络通信集团有限公司 无线网络接入方法、终端及无线接入设备
CN112702337A (zh) * 2020-12-22 2021-04-23 平安科技(深圳)有限公司 一种区块节点数据的授权处理方法、装置和计算机设备
CN112995211B (zh) * 2021-04-21 2021-07-23 腾讯科技(深圳)有限公司 基于区块链网络的数据处理方法、装置、设备及存储介质
CN113132944B (zh) * 2021-04-22 2023-10-20 上海银基信息安全技术股份有限公司 多通路安全通信方法、装置、车端、设备端及介质
CN113379542B (zh) * 2021-05-28 2024-01-09 中邮信息科技(北京)有限公司 一种区块链交易的查询方法、装置、介质及电子设备
CN113570479B (zh) * 2021-08-03 2023-12-12 贝壳找房(北京)科技有限公司 一种房产交易数据的区块链传输方法、系统及存储介质
CN114095499A (zh) * 2021-11-05 2022-02-25 支付宝(杭州)信息技术有限公司 区块链中继通信网络的中立性验证方法及装置
CN114285555A (zh) * 2021-12-15 2022-04-05 支付宝(杭州)信息技术有限公司 基于区块链的组播方法及装置
CN114338807B (zh) * 2021-12-30 2023-12-22 紫光云(南京)数字技术有限公司 一种主机overlay下的消息排序机制
CN117997538A (zh) * 2024-04-03 2024-05-07 江苏元信网安科技有限公司 基于puf技术的流媒体加密解密系统及加密解密方法

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106789920A (zh) * 2016-11-25 2017-05-31 深圳前海微众银行股份有限公司 区块链的节点连接方法及装置
CN107248994A (zh) * 2017-06-26 2017-10-13 联动优势科技有限公司 一种信息发送方法、处理方法及装置
CN107332658A (zh) * 2017-08-11 2017-11-07 浙江赛佳控股有限公司 基于链式区块链技术的接口实现方法及装置
CN107493162A (zh) * 2017-07-25 2017-12-19 中国联合网络通信集团有限公司 区块链节点的实现方法及装置
WO2018024061A1 (fr) * 2016-08-02 2018-02-08 华为技术有限公司 Procédé, dispositif et système de concession de licence de contenu numérique partagé

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101340267B (zh) * 2007-07-03 2015-05-13 财团法人工业技术研究院 通讯系统的传输控制方法与装置
CN102118869B (zh) * 2010-01-05 2015-01-21 财团法人工业技术研究院 用于数据中继传输的系统及方法
US9853819B2 (en) * 2013-08-05 2017-12-26 Guardtime Ip Holdings Ltd. Blockchain-supported, node ID-augmented digital record signature method
CN106992990A (zh) * 2017-05-19 2017-07-28 北京牛链科技有限公司 数据共享方法和系统以及区块链系统和计算设备
CN107579951B (zh) * 2017-07-14 2020-06-19 创新先进技术有限公司 一种业务数据处理方法、业务处理方法及设备

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018024061A1 (fr) * 2016-08-02 2018-02-08 华为技术有限公司 Procédé, dispositif et système de concession de licence de contenu numérique partagé
CN106789920A (zh) * 2016-11-25 2017-05-31 深圳前海微众银行股份有限公司 区块链的节点连接方法及装置
CN107248994A (zh) * 2017-06-26 2017-10-13 联动优势科技有限公司 一种信息发送方法、处理方法及装置
CN107493162A (zh) * 2017-07-25 2017-12-19 中国联合网络通信集团有限公司 区块链节点的实现方法及装置
CN107332658A (zh) * 2017-08-11 2017-11-07 浙江赛佳控股有限公司 基于链式区块链技术的接口实现方法及装置

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021034264A1 (fr) * 2019-08-22 2021-02-25 Quantumciel Pte. Ltd. Dispositif, système et procédé pour fournir une sécurité d'informations
CN110516474A (zh) * 2019-08-27 2019-11-29 腾讯科技(深圳)有限公司 区块链网络中的用户信息处理方法、装置、电子设备及存储介质
CN110751475A (zh) * 2019-10-24 2020-02-04 杭州趣链科技有限公司 一种区块链交易的跨链方法及系统、设备和存储介质
CN111448565A (zh) * 2020-02-14 2020-07-24 支付宝(杭州)信息技术有限公司 基于去中心化标识的数据授权
CN111448565B (zh) * 2020-02-14 2024-04-05 支付宝(杭州)信息技术有限公司 基于去中心化标识的数据授权
US11372848B2 (en) * 2020-07-03 2022-06-28 Alipay Labs (singapore) Pte. Ltd. Managing transactions in multiple blockchain networks
CN112749969A (zh) * 2020-11-16 2021-05-04 腾讯科技(深圳)有限公司 一种数据处理方法、装置、计算机设备及存储介质
CN112528334B (zh) * 2020-12-16 2024-01-23 海南博盈电子竞技有限公司 基于区块链网络的数据获取方法、装置以及计算机设备
CN112528334A (zh) * 2020-12-16 2021-03-19 平安普惠企业管理有限公司 基于区块链网络的数据获取方法、装置以及计算机设备
CN112866222A (zh) * 2021-01-11 2021-05-28 华控清交信息科技(北京)有限公司 一种数据处理方法、装置和用于数据处理的装置
CN112866222B (zh) * 2021-01-11 2023-04-18 华控清交信息科技(北京)有限公司 一种数据处理方法、装置和用于数据处理的装置
CN113486393A (zh) * 2021-06-16 2021-10-08 中国联合网络通信集团有限公司 基于区块链的个人信息共享方法、节点、设备及存储介质
CN115049493A (zh) * 2022-06-29 2022-09-13 北京知帆科技有限公司 一种区块链数据追踪方法、装置及电子设备
CN115776389A (zh) * 2022-11-01 2023-03-10 龙应斌 一种基于可信认证链路的防窃取数据安全访问方法及系统
CN115776389B (zh) * 2022-11-01 2023-11-07 龙应斌 一种基于可信认证链路的防窃取数据安全访问方法及系统

Also Published As

Publication number Publication date
CN110166411A (zh) 2019-08-23
CN110166411B (zh) 2022-05-06

Similar Documents

Publication Publication Date Title
WO2019157810A1 (fr) Procédé et dispositif de transmission de données et nœud de réseau
CN110290094B (zh) 一种数据访问权限的控制方法和装置
US10523707B2 (en) Secure transport channel using multiple cipher suites
US11159307B2 (en) Ad-hoc trusted groups on a blockchain
KR102116399B1 (ko) 서비스 레이어에서의 콘텐츠 보안
KR101636028B1 (ko) 로컬 기능을 갖는 아이덴티티 관리
CN106664561B (zh) 用于确保预关联服务发现安全的系统和方法
Jiang et al. User centric three‐factor authentication protocol for cloud‐assisted wearable devices
CN109413645B (zh) 接入认证的方法和装置
KR20200034728A (ko) 복수의 스토리지 노드를 통해 대규모 블록체인의 안전한 저장을 가능하게 하는 컴퓨터 구현 시스템 및 방법
JP2023504535A (ja) アイデンティティ(id)ベース公開鍵生成プロトコル
WO2023065969A1 (fr) Procédé, appareil, et système de contrôle d'accès
Hasan et al. WORAL: A witness oriented secure location provenance framework for mobile devices
CN117396869A (zh) 用于使用分布式账本技术进行安全密钥管理的系统和方法
Ma NFC Communications-based Mutual Authentication Scheme for the Internet of Things.
Rathore et al. Simple, secure, efficient, lightweight and token based protocol for mutual authentication in wireless sensor networks
KR102271201B1 (ko) 블록체인을 이용한 개인정보 관리 방법 및 그 방법이 적용된 블록체인 네트워크 관리자
Gao et al. Bc-aka: Blockchain based asymmetric authentication and key agreement protocol for distributed 5g core network
CN114866244B (zh) 基于密文分组链接加密的可控匿名认证方法、系统及装置
Lu et al. A novel smart card based user authentication and key agreement scheme for heterogeneous wireless sensor networks
Yan et al. Power blockchain guarantee mechanism based on trusted computing
Alekseev et al. The threat of forcing the identical roles for authenticated key establishment protocols
Omori et al. Extended inter-device digital rights sharing and transfer based on device-owner equality verification using homomorphic encryption
Vishwakarma et al. BLISS: blockchain-based integrated security system for internet of things (IoT) applications
CN117749474A (zh) 地址密文的存储方法和装置、存储介质及电子装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18906161

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18906161

Country of ref document: EP

Kind code of ref document: A1