WO2019179277A1 - 一种数据访问权限的控制方法和装置 - Google Patents

一种数据访问权限的控制方法和装置 Download PDF

Info

Publication number
WO2019179277A1
WO2019179277A1 PCT/CN2019/075719 CN2019075719W WO2019179277A1 WO 2019179277 A1 WO2019179277 A1 WO 2019179277A1 CN 2019075719 W CN2019075719 W CN 2019075719W WO 2019179277 A1 WO2019179277 A1 WO 2019179277A1
Authority
WO
WIPO (PCT)
Prior art keywords
node
proxy
key
encrypted
requesting
Prior art date
Application number
PCT/CN2019/075719
Other languages
English (en)
French (fr)
Inventor
胡瑞丰
蒋飞虎
阮子瀚
姜耀国
周皓隽
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to KR1020207029445A priority Critical patent/KR102503515B1/ko
Priority to EP19770357.2A priority patent/EP3761588B1/en
Priority to SG11202009089SA priority patent/SG11202009089SA/en
Priority to JP2020550788A priority patent/JP2021516917A/ja
Publication of WO2019179277A1 publication Critical patent/WO2019179277A1/zh
Priority to US17/025,873 priority patent/US11563569B2/en
Priority to US18/069,049 priority patent/US12058253B2/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0884Network architectures or network communication protocols for network security for authentication of entities by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/062Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption

Definitions

  • the present application relates to the field of blockchain, and in particular, to a method and device for controlling data access rights.
  • Block Chain also known as distributed ledger, is that transaction accounting is done by multiple nodes distributed in different places, and each node records the complete account.
  • the blockchain is a chained data structure in which data blocks are sequentially connected in a chronological order, and is cryptographically guaranteed to be non-tamperable and unforgeable. Account book.
  • blockchain has the characteristics of decentralization and de-trust.
  • the decentralization means that the entire blockchain network has no centralized hardware or management mechanism, and the rights and obligations between any nodes are equal, and the damage or loss of any node will not affect the entire network system. The operation, therefore, ensures that the blockchain network is robust.
  • the de-trust means that the data exchange between each node participating in the entire network does not need to trust each other, and the operation rules of the entire blockchain network system are open and transparent, and the data content on all the blockchain nodes is also It is public, therefore, within the rules or time range specified by the system, each node cannot and cannot spoof each other.
  • the client requests access to data from a node in the blockchain, and the blockchain node provides the client with encrypted data and a decryption key, and then the client decrypts the encrypted data by using the decryption key to obtain access data, and Keep it on the blockchain.
  • the decryption key is distributed. After the key is deleted, it cannot be revoked. As a result, when the user needs to be banned from accessing the user, the user cannot be prevented from accessing the data, which makes the data access have certain risks and insecurity.
  • the present application provides a method and apparatus for controlling data access rights, so as to be able to control the issuance of data or ciphertext requested by a user when a user's access rights change.
  • the present application provides a method for controlling data access rights, the method comprising the steps of: a first proxy node receiving a first request message from a requesting node, where the first request message includes an identity of the requesting node And identifying, by the first proxy node, the first encrypted ciphertext in the blockchain network according to the data identifier to be accessed, and determining, according to the identity identifier of the requesting node, whether the requesting node has Reading the first encrypted ciphertext; if yes, initiating a rights verification request for the requesting node to the at least one second proxy node, and determining, according to the feedback result of the at least one second proxy node The issuance of the first encrypted ciphertext.
  • the first proxy node determines, according to the identity identifier of the requesting node, that the requesting node rejects the first request of the requesting node if the requesting node does not have the right to read the first encrypted ciphertext.
  • the method provided by the aspect by adding a proxy node in the blockchain network, realizes that the data source node can freely grant or revoke the permission of the requesting node without modifying the ciphertext, that is, the proxy node is in the blockchain.
  • the reading of the latest permission of the requesting node is performed to determine whether to authorize or deny the access request. If the latest permission is to deny access, the user can be prevented from continuing to access the data, thereby ensuring the security of the information in the network.
  • further verification of the identity of the requesting party by using at least one second proxy node can prevent the possibility of cheating when only one first proxy node is used for verification, further improving the accuracy of the verification, thereby ensuring the security of information transmission.
  • determining, according to the identity identifier of the requesting node, whether the requesting node has the right to read the first encrypted ciphertext comprises: according to the requesting node The identity identifier reads the authorization information of the requesting node closest to the end of the blockchained storage structure on the blockchain, the authorization information including permission or disallow.
  • the latest access right of the requesting party can be obtained by reading the authorization information of the requesting node that is closest to the end of the blockchained storage structure, thereby preparing for verifying whether the requesting node can obtain the encrypted ciphertext and the key. .
  • the requesting, by the at least one second proxy node, a rights verification request for the requesting node includes: determining, by the first proxy node, m second a proxy node, m is a positive integer greater than or equal to 1; generating the rights verification request, where the rights verification request includes an identity identifier of the requesting node and the first encrypted ciphertext, and the first encrypted ciphertext is And generating, by encrypting the access data, sending the rights verification request to the m second proxy nodes.
  • determining, according to the feedback result of the at least one second proxy node, determining the issuance of the first encrypted ciphertext including:
  • the first proxy node receives a partial key sent from at least k second proxy nodes, the partial key is the second proxy node, and verifying the request node according to the identity identifier of the requesting node Generating and transmitting after accessing the data, and k ⁇ m; restoring the at least k partial keys to generate a conversion key; converting the first encrypted ciphertext into the first by using the conversion key and an encryption algorithm And encrypting the ciphertext, the second encrypted ciphertext is generated by encrypting the public key of the requesting node, and sending the second encrypted ciphertext to the requesting node.
  • the first proxy node sends the permission verification request to the multiple second proxy nodes, and after obtaining a sufficient number of partial keys sent by the second proxy node, the conversion key can be restored, that is,
  • the second proxy node participates in and jointly decrypts to generate the conversion key, and the single node or the key participant cannot obtain the conversion key or ciphertext, thereby effectively preventing a few nodes from obtaining the ciphertext by cheating the access control.
  • the method increases the complexity of decryption, thereby effectively ensuring the security of ciphertext transmission and reading, and preventing unauthorized users from reading ciphertext or data.
  • determining, according to the feedback result of the at least one second proxy node, the issuing of the first encrypted ciphertext including: if the first proxy node Receiving a partial key sent by less than k second proxy nodes, or receiving a reject message fed back by at least one of the second proxy nodes, sending a message rejecting the access to the requesting node.
  • the first proxy node receives the first request message from the requesting node, including: the first proxy node receiving the network through the blockchain The first request message forwarded by any of the blockchain nodes.
  • the present application further provides a data transmission method, which may be applied to a data source node or a data owner.
  • the first node is taken as an example, and the method includes the following steps:
  • the first node obtains an identity of the second node, where the identity identifier is used to determine authorization information of the second node, the authorization information includes permission and disallow, and the second node is a request node or a data requester; If the authorization information is allowed, the first node generates a conversion key by using a private key of the first node, a public key of the second node, and an encryption algorithm; the first node utilizes a proxy node in the blockchain network The public key encrypts the conversion key to generate an encrypted partial key; the first node generates first transaction information, and records the first transaction information on the blockchain network, The first transaction information includes: an identity of the second node, authorization information of the second node, and an encrypted partial key.
  • the first node encrypts the conversion key by using a public key of a proxy node in the blockchain network to generate an encrypted partial key.
  • the method includes: the first node decomposes the conversion key into n partial keys by using a secret sharing algorithm, where n is a positive integer greater than or equal to 1; the first node selects m in the blockchain network a proxy node, and encrypting the n partial keys using the public keys of the m proxy nodes to generate n encrypted partial keys, m ⁇ n.
  • the first transaction information further includes: an identifier of the m proxy nodes and a quantity k of the minimum partial key for restoring the conversion key, When the number of partial keys obtained is less than k, the required conversion key cannot be restored, thereby preventing a few or a part of the proxy nodes from cheating, thereby improving the security and reliability of the verification.
  • the recording, by the first node, the first transaction information is sent to the blockchain network, A block chain node in the blockchain network, and the first transaction information is saved by broadcasting and consensus on the entire network through the blockchain node.
  • the method further includes: if the authorization information is not allowed, canceling the authorization information of the second node; generating the second transaction information,
  • the second transaction information includes an identity of the second node and authorization information of the second node; and the second transaction information is recorded on the blockchain network.
  • the method before the first node obtains the identity of the second node, the method further includes: the first node using the public key of the first node to pass the proxy The re-encryption algorithm encrypts the access data to generate a first encrypted ciphertext; the first node saves the first encrypted ciphertext as a transaction in the blockchain network.
  • the present application further provides a data transmission method, which may be applied to a second proxy node, where the second proxy node may also be a first proxy node or a primary proxy node, and the method includes the following step:
  • the second proxy node receives the rights verification request from the first proxy node, where the rights verification request includes the identity identifier of the requesting node and the first encrypted ciphertext, and the first encrypted ciphertext is generated by encrypting the data to be accessed.
  • the second proxy node determines, according to the identity of the requesting node, whether the requesting node has the right to read the first encrypted ciphertext; if yes, generates a partial key, and sends the partial key To the first proxy node.
  • the second proxy node further verifies the authority of the requesting node when the first proxy node verifies that the requesting node is allowed to access, and sends the generated partial key to the first proxy node when the verification is to allow access. So that the first proxy node collects and synthesizes the final conversion key, so that the first proxy node can be effectively prevented from cheating, and the security of the verification is improved.
  • the generating a partial key includes: obtaining, by the second proxy node, an encrypted partial key in a blockchain network, the encrypted The partial key is generated by encrypting with the public key of the second proxy node; the second proxy node decrypts the encrypted partial key with its own private key to generate the partial key.
  • the method further includes: the second proxy node determining, according to the identity identifier of the requesting node, that the requesting node does not have the right to read the first Upon encrypting the ciphertext, the first request of the first proxy node is rejected.
  • the present application further provides a control device for data access rights, for example, the device may be a network node or configured on the network node, where the device or network node may be the above aspect.
  • the first proxy node, the first node or the second proxy node, the apparatus includes means for performing the first to third aspects, and the method steps in various implementations of the aspects.
  • the device includes a receiving unit, a processing unit, and a sending unit.
  • a receiving unit receives a signal from the base station
  • a processing unit receives a signal from the base station
  • a sending unit receives a signal from the base station
  • other units or modules such as a transmission line.
  • storage unit may also be included, and the present application is not limited thereto.
  • the application further provides a network node, where the network node includes a processor, a transceiver, and a memory, where the network node is a first proxy node,
  • the transceiver is configured to receive a first request message from a requesting node, where the first request message includes an identity identifier of the requesting node and a data identifier to be accessed;
  • the processor is configured to determine, according to the to-be-accessed data identifier, a first encrypted ciphertext in the blockchain network, and determine, according to the identity identifier of the requesting node, whether the requesting node has the right to read the first Encrypting the ciphertext; if not, rejecting the first request of the requesting node; if so, initiating a rights verification request to the requesting node to the at least one second proxy node, and according to the at least one second proxy node
  • the feedback result determines the issuance of the first encrypted ciphertext.
  • the processor is specifically configured to: read, according to the identity identifier of the request node, the end of the blockchain chain storage structure closest to the blockchain
  • the authorization information of the requesting node includes permission and disallow.
  • the processor is specifically configured to determine m second proxy nodes, where m is a positive integer greater than or equal to 1; and the permission verification request is generated.
  • the permission verification request includes an identifier of the requesting node and the first encrypted ciphertext, where the first encrypted ciphertext is generated by encrypting the data to be accessed; and the permission verification request is performed by using the transceiver And sent to the m second proxy nodes respectively.
  • the transceiver is configured to receive a partial key sent by at least k second proxy nodes, where the partial key is the second The proxy node is generated and sent according to the identity of the requesting node after verifying that the requesting node has access to the data, and k ⁇ m;
  • the processor is specifically configured to restore the at least k partial keys to generate a conversion key, and convert the first encrypted ciphertext into a second encrypted ciphertext by using the conversion key and an encryption algorithm.
  • the second encrypted ciphertext is generated by encrypting the public key of the requesting node;
  • the transceiver is specifically configured to send the second encrypted ciphertext to the requesting node.
  • the processor is specifically configured to: if the first proxy node receives a partial key sent by less than k second proxy nodes, or receives at least A reject message fed back by the second proxy node is used by the transceiver to send a message rejecting the access to the requesting node.
  • the transceiver is specifically configured to receive the first request message that is forwarded by any blockchain node in the blockchain network.
  • the transceiver is configured to receive a rights verification request from a first proxy node, where the rights verification request includes an identity identifier of the requesting node and a first encryption.
  • the ciphertext, the first encrypted ciphertext is generated by encrypting the data to be accessed;
  • the processor is configured to determine, according to the identity identifier of the requesting node, whether the requesting node has the right to read the first encrypted ciphertext; if not, reject the first request of the first proxy node; Yes, a partial key is generated;
  • the transceiver is further configured to send the partial key to the first proxy node.
  • the processor is specifically configured to obtain an encrypted partial key in a blockchain network, where the encrypted partial key is generated by using a public key of the second proxy node to be encrypted;
  • the encrypted partial key is decrypted with its own private key to generate the partial key.
  • the present application further provides a network node, where the network node includes a processor, a transceiver, and a memory, where the network node is a data source node or a data owner, such as a first node. ,
  • the transceiver is configured to obtain an identity of the second node, where the identity identifier is used to determine authorization information of the second node, where the authorization information includes permission and disallowment;
  • the processor configured to generate a conversion key by using a private key of the network node, a public key of the second node, and an encryption algorithm if the authorization information is allowed; and using a proxy node in the blockchain network
  • the public key encrypts the conversion key to generate an encrypted partial key; and generates first transaction information, and records the first transaction information on the blockchain network;
  • the first transaction information includes: an identity identifier of the second node, authorization information of the second node, and an encrypted partial key.
  • the processor is specifically configured to decompose the conversion key into n partial keys by using a secret sharing algorithm, where n is a positive integer greater than or equal to Selecting m proxy nodes in the blockchain network, and encrypting the n partial keys using the public keys of the m proxy nodes to generate n encrypted partial keys, m ⁇ n .
  • the first transaction information further includes: an identity identifier of the m proxy nodes and a quantity k of the minimum partial key that restores the translation key.
  • the processor is configured to send, by using a sending unit, the first transaction information to a blockchain node in a blockchain network, and pass the The blockchain node broadcasts and consensus on the entire network to save the first transaction information.
  • the processor is further configured to: when the authorization information is not allowed, cancel the authorization information of the second node; generate a second Transmitting the information and recording the second transaction information on the blockchain network, the second transaction information including an identity of the second node and authorization information of the second node.
  • the processor is further configured to: before the obtaining the identity of the second node, use a public key to encrypt the access data by using a proxy re-encryption algorithm to generate First encrypting the ciphertext; and storing the first encrypted ciphertext as a transaction in the blockchain network.
  • the present application further provides a computer storage medium, where the computer storage medium can store instructions, which can implement the first to third aspects provided by the present application, and the first to third aspects Part or all of the steps of the method of controlling data access rights in various implementations.
  • the present application also provides a computer program product comprising instructions for performing the methods described in the various aspects above when the instructions are run on a computer.
  • FIG. 1 is a schematic diagram of a fabric architecture provided by the present application.
  • FIG. 3 is a flowchart of a client requesting access to data in a blockchain network according to the present application
  • 4a is a schematic structural diagram of a blockchain system provided by the present application.
  • 4b is a flowchart of a method for controlling data access rights provided by the present application.
  • FIG. 5 is a flowchart of another method for controlling data access rights provided by the present application.
  • FIG. 6 is a flowchart of another method for controlling data access rights provided by the present application.
  • FIG. 7 is a flowchart of a role of a proxy re-encryption system provided by the present application.
  • FIG. 8 is a flowchart of still another method for controlling data access rights provided by the present application.
  • FIG. 9 is a schematic structural diagram of a network node provided by the present application.
  • FIG. 10 is a schematic diagram of an apparatus for a network node according to the present application.
  • a blockchain which is a distributed database, which originates from bitcoin and is the underlying technology of bitcoin.
  • a blockchain is a string of data blocks generated using cryptographic methods. Each block contains information about a bitcoin network transaction for verifying the validity of its information (anti-counterfeiting) and generating the next block ( Block).
  • a blockchain is a chained data structure that combines data blocks in a sequential manner in chronological order, and cryptographically guaranteed non-tamperable and unforgeable distributed ledgers.
  • a blockchain is a distributed ledger that holds the same records through multiple independent distributed nodes.
  • Blockchain technology is a technical solution for collectively maintaining a reliable database through decentralization and trust. Whenever new data needs to be written into the blockchain, the data is aggregated into a block and added at the end of the existing blockchain. The consensus algorithm ensures that the newly added blocks of each node are identical. .
  • each block records several transaction records, and contains the hash of the previous block. All the blocks store the information in the previous block in this way, and are connected in order to form the area.
  • the blockchain is difficult to be tampered with. Based on the blockchain technology, a consistent direct transaction (Tx) can be achieved, eliminating the need for trusted third-party centralization agencies.
  • a smart contract is an event-driven, stateful program that runs on a distributed blockchain and is capable of managing data on the ledger.
  • a smart contract can be seen as an ordinary computer-executable program that satisfies the accuracy and auto-execution.
  • the code content of the smart contract specifies the rules and logic of the transaction.
  • the user signing the smart contract means that the contract content will be executed and written into the blockchain ledger.
  • the consensus algorithm in the blockchain solves the consensus scenario for Byzantine fault tolerance. That is, the nodes in the blockchain network do not trust each other, and there may be malicious lying nodes. Each node in the blockchain network has a "lie" node, but many nodes are clustered into one network, and the result of their consensus is a credible result.
  • the main function of the consensus algorithm is to let all nodes in the blockchain record the same valid transaction block content.
  • blockchain is a technical mechanism to solve the problem of trust between multiple parties.
  • the premise of multi-party trust is that the technical mechanism itself is credible, so the blockchain needs to be auditable.
  • Blockchain systems, smart contracts, and consensus algorithms must be open sourced and open between multiple parties.
  • Hyperfolder's Fabric project uses a mechanism for accelerating consensus.
  • the core of the mechanism is that multiple endorser peers run smart contracts and endorsements of endorsements, such as endorsements.
  • the content of the contract running result of the node itself is signed to ensure that the result is sent by a specific endorsement node.
  • the user can set the endorsement node to be trusted by the smart contract and the verification strategy for multiple results according to actual needs, such as setting an endorse policy.
  • the client can send a smart contract running request to the three endorsement nodes.
  • the endorsement strategy can require that the contents of the three running results must be consistent, or that the contents of at least two running results are consistent.
  • the client collects the running result of the feedback of the endorsement node, and broadcasts the running result recorded on one transaction to the blockchain network through the Orderer peer, and the node in the blockchain network, for example, the endorsement node reads the transaction, And to verify that the transaction is considered a valid transaction when the endorsement strategy is met, and accept the modification of the data in the transaction and write it into the blockchain.
  • the client (client) or client application use the software development kit (SDK) to interact with the fabric system, construct a legitimate transaction, and provide the transaction to the endorsement node; when the collection is sufficient
  • SDK software development kit
  • the endorsement node required by the endorsement strategy can construct a legitimate transaction request and send it to the sorting node or the proxy node.
  • Endorser peer responsible for checking the legality and permissions of transactions from the client. If the requirements are met, the signature is signed and the result is returned to the client.
  • Orderer peer Responsible for sorting each transaction and broadcasting the ordered transactions to other nodes.
  • the sorting node includes a node or a cluster that provides a consensus service.
  • Confirmation node used to check the status of the batch transaction result in the agreed order, verify whether the transaction meets the requirements of the endorsement policy and ensure that the status of the read set variable of the ledger is unchanged, execute the legal transaction, generate the block, and write Enter the book.
  • the technical solution of the present application also relates to a threshold cryptosyste.
  • the threshold cryptosystem shares the private key corresponding to the public key in multiple members. Only when a specified number of members work together can the ciphertext encrypted by the public key be decrypted. Among them, the basis of the threshold cryptosystem is secret sharing.
  • a scheme of a threshold cryptosystem is to divide a key into a plurality of shares, for example, into n shares, and send the shares one-to-one to n participants, any t of the n participants (t ⁇ n) or more than t participants can cooperate to complete the decryption operation, and if the participants are less than t, the decryption operation cannot be completed.
  • Figure 2 shows a flow diagram of decryption in a threshold cryptosystem.
  • the key cipher system involves a key distributor, a key participant, and a key compositor.
  • the key distributor which is used to establish a trusted entity of the threshold cryptosystem, is responsible for generating various parameters involved in the threshold cryptosystem and securely transmitting the parameters to the respective key sharers.
  • the key participant is a single entity participating in a threshold cryptosystem decryption operation; the key compositor acquires decryption shares of a plurality of participants and performs verification and decryption operations on the decrypted shares.
  • step 1 Threshold initialization settings
  • the key distributor enters security parameters
  • the threshold cryptosystem returns a set of common parameters (represented by PK), such as n, t, and SK, where n indicates key participation.
  • PK common parameters
  • n indicates key participation.
  • Step 2 Encryption, using the public parameter PK of the system and the identity ID of the key participant, encrypting the plaintext message, and generating and outputting the encrypted ciphertext c;
  • Step 3 Share key generation, the key distributor uses the system common parameter PK, the encrypted ciphertext c and the master key SK to calculate the key share Ui;
  • Step 4 The key distributor sends the key share Ui to a number of key participants
  • Step 5 The key participant obtains the key share Ui, and each key participant decrypts the key share Ui to generate a decrypted share, such as decrypting the share 1, ..., decrypting the share t;
  • Step 6 Each key participant sends the decrypted share generated by decrypting itself to the key compositor;
  • Step 7 Joint decryption, the key synthesizer obtains the decrypted share, for example, obtains t decrypted shares, and verifies the t decrypted shares, and synthesizes the t decrypted shares by using the common parameter PK to obtain the encrypted ciphertext c, Finally, the encrypted ciphertext is decrypted to obtain a plaintext message.
  • the technical solution provided by the present application is used to solve the technical problem that the access rights in the blockchain cannot be changed or revoked once authorized and delivered, so that the unauthorized users can access the data.
  • the process by which the client requests access to data and decrypts the key in the blockchain network is as follows:
  • step 1 user A uses client 1 to register information to generate information, such as plaintext information;
  • Step 2 Client 1 encrypts the information using a symmetric key
  • Step 3 The client 1 sends the encrypted information, and the encrypted information is recorded on the blockchain node 1 as a transaction on the blockchain;
  • Step 4 The blockchain node 1 verifies and broadcasts the transaction
  • Step 5 Blockchain nodes 1, 2 and 3 make a consensus on the block containing the transaction; the block chain nodes 1, 2 and 3 are nodes located on the same blockchain.
  • the consensus can be understood as the block chain nodes 1, 2, and 3 respectively verifying whether the transaction conforms to the policy, and generating a corresponding verification result, and the verification results generated by the three block chain nodes are the same.
  • Step 6 The blockchain node confirms and generates a block, and adds the block to the end of the chain structure of the existing blockchain of the local ledger;
  • Step 7 User B uses client 2 to obtain information, such as plaintext information;
  • Step 8 The client 2 requests the client 1 to obtain the access permission of the user B to request access to the plaintext information.
  • Step 9 The client 1 sends the access rights information to the client 2, where the access rights information includes a symmetric key;
  • Step 10 The client 2 requests the blockchain node 3 to acquire the encrypted information stored in the blockchain ledger;
  • Step 11 Client 2 decrypts the information using a symmetric key.
  • the main idea of the technical solution of the embodiments of the present application is to add multiple proxy nodes in the blockchain system, and each proxy node is used for jointly verifying user access in addition to the functions of the common node. Permissions and perform ciphertext conversion operations.
  • the blockchain system includes a data source node or a data owner, at least one proxy node (Proxy), a plurality of common nodes, and a data request node.
  • the data source node or the data owner is a saver of the data and an authorized party of the access authority; the common node may be used to perform functions such as broadcasting, consensus, and record saving of the transaction on the blockchain.
  • the user requesting node is a node or client requesting access to data.
  • the technical solution provided by the present application mainly includes a three-part process, namely: data saving, authority granting, and request data.
  • the data source or data owner encrypts the original ciphertext and records and saves it on the blockchain.
  • the data source node or the data owner authorizes, the permission information is written on the blockchain, and a conversion key corresponding to the authorized node is generated.
  • the data source node or data owner divides the conversion key into several parts and sends them to different agent nodes.
  • each proxy node initiates a consensus, reads the latest access rights of the data requesting node, and verifies whether the data requesting node has the right. If the right is, the proxy node collects the conversion key, and the original secret is obtained. The text is converted to another ciphertext that can only be decrypted by the authorized node itself, and is returned to the requesting node; if there is no right, the access is denied.
  • each network device is collectively referred to as a network node, and the network node may be a first node, a second node that sends a request message, or may be a certain part of the blockchain.
  • a blockchain node such as a first blockchain node or a first proxy node, a forwarded relay node, an arbitrary normal node, or a data source node.
  • the network node includes, but is not limited to, a site, a base station, a user equipment, a client, and a terminal.
  • the two concepts of the device and the node in the various embodiments of the present application are equivalent, that is, the device may refer to a node, a station, a UE, a network element device, a sensor, and the like.
  • the blockchain and blockchain system described in the present application can be applied to various networks (such as in the Internet of Things), and the block or blockchain nodes can be deployed on various network devices (such as IoT devices).
  • the network device includes industrial IoT devices, such as various industrial sensors, control modules, and the like; and may also be wearable devices, home appliances, home sensors, home control modules, etc., or base stations, enhanced base stations, or have scheduling Relay of functions, or devices with base station functions, etc.
  • the base station may be an evolved Node B (eNB) in the LTE system, or may be a base station in other systems.
  • eNB evolved Node B
  • the embodiment of the present application is not limited.
  • the foregoing various types of devices may be user equipment (UE), such as a mobile phone, a smart terminal, a multimedia device, a streaming media device, and the like.
  • the UE may also be another wireless network device, such as a base station (Node B).
  • Node B the form and type of the wireless network device are not limited herein.
  • the UE may communicate with one or more core networks via a radio access network (RAN), and the UE may also access the wireless network for communication by other means, and the UE may also directly perform wireless communication with other UEs.
  • RAN radio access network
  • the embodiment does not limit this.
  • an embodiment of the present application provides a method for controlling data access rights, where the method includes:
  • Step 401 The first proxy node receives a first request message from the requesting node, where the first request message includes an identifier of the requesting node and a data identifier to be accessed.
  • an implementation manner includes: the first proxy node receives the first request message forwarded by any blockchain node in the blockchain network.
  • Step 402 The first proxy node determines, according to the to-be-accessed data identifier, a first encrypted ciphertext in the blockchain network, and determines, according to the identity identifier of the requesting node, whether the requesting node has the right to read the first Encrypt ciphertext.
  • step 402 determining, according to the identity identifier of the requesting node, whether the requesting node has the right to read the first encrypted ciphertext comprises: reading on the blockchain according to the identity identifier of the requesting node.
  • Step 403 If the first encrypted ciphertext is authorized to be read, that is, the authorization information is allowed, the permission verification request for the requesting node is initiated to the at least one second proxy node, and according to the at least one The feedback result of the second proxy node determines the issuance of the first encrypted ciphertext.
  • the first proxy node determines that it is not authorized to read the first encrypted ciphertext, the first request of the requesting node is rejected.
  • the first proxy node initiates a rights verification request to the requesting node to the at least one second proxy node, including:
  • the ciphertext, the first encrypted ciphertext is generated by encrypting the data to be accessed; and the rights verification request is separately sent to the m second proxy nodes.
  • the first proxy node determines, according to the feedback result of the at least one second proxy node, the issuance of the first encrypted ciphertext, including:
  • the first proxy node receives a partial key sent from at least k second proxy nodes, the partial key is the second proxy node, and verifying the request node according to the identity identifier of the requesting node Generating and transmitting after accessing the data, and k ⁇ m; restoring the at least k partial keys to generate a conversion key; converting the first encrypted ciphertext into the first by using the conversion key and an encryption algorithm And encrypting the ciphertext, the second encrypted ciphertext is generated by encrypting the public key of the requesting node, and sending the second encrypted ciphertext to the requesting node.
  • the first proxy node determines, according to the feedback result of the at least one second proxy node, the issuance of the first encrypted ciphertext, including: if the first proxy node receives less than k second proxy nodes, The partial key, or receiving the reject message fed back by the at least one of the second proxy nodes, sends a message rejecting the access to the requesting node.
  • the method provided in this embodiment by adding a proxy node in the blockchain network, realizes that the data source node can freely grant or revoke the permission of the requesting node without modifying the ciphertext, that is, the proxy node is in the block.
  • the reading of the latest permission of the requesting node is performed on the chain to determine whether to authorize or deny the access request. If the latest permission is to deny access, the user can be prevented from continuing to access the data, thereby ensuring the security of the information in the network.
  • further verification of the identity of the requesting party by using at least one second proxy node can prevent the possibility of cheating when only one first proxy node is used for verification, further improving the accuracy of the verification, thereby ensuring the security of information transmission.
  • the second proxy node receives the rights verification request from the first proxy node, where the rights verification request includes the identity identifier of the requesting node and the first encrypted ciphertext, and the first encrypted ciphertext is encrypted by the data to be accessed.
  • the generating part of the key includes: the second proxy node obtains an encrypted partial key in a blockchain network, and the encrypted partial key is utilized by the second proxy node
  • the public key is generated after the encryption; the second proxy node decrypts the encrypted partial key by using its own private key to generate the partial key.
  • the second proxy node further verifies the authority of the requesting node when the first proxy node verifies that the requesting node is allowed to access, and sends the generated partial key to the first when the authentication is to allow access.
  • the proxy node is configured to enable the first proxy node to collect and synthesize the final conversion key, thereby effectively preventing the first proxy node from cheating and improving the security of the verification.
  • the main body of the operation performed in the “data saving process” may be a data source node or a data owner, and may also be another node having a save data and an authorization function.
  • the “first node” is used to represent the execution data.
  • other names such as the data owner, may be used, and the present application does not limit this.
  • the public key encryption technology is involved in the data saving process.
  • the public key cryptograph may also be called asymmetric cryptography, which is an algorithm of cryptography. Two keys are involved: one is a public key, called a "public key”, and the other is a private key, called a "private key.”
  • the two keys function differently, one for encryption and the other for decryption. For example, if one of the keys is used to encrypt the plaintext, and the encrypted ciphertext is obtained, only the corresponding other key can be used to decrypt the original plaintext. That is, the ciphertext cannot be decrypted and accessed using the encrypted key. Since two different keys are used for the encryption and decryption of the plaintext, this process can be called asymmetric encryption. Symmetric encryption with the same key for encryption and decryption, using asymmetric encryption is more secure, because even if one of the two keys is acquired, the encrypted ciphertext cannot be decrypted and cannot be calculated. Another key, therefore, the public key can be published, published to the outside, for example, on the blockchain; the private key is kept by the client or the UE itself.
  • the first node mainly performs the following method flow:
  • the first node uses the public key of the first node to encrypt the ciphertext by using an encryption algorithm, such as a proxy re-encryption algorithm, to generate a first encrypted ciphertext Ea;
  • an encryption algorithm such as a proxy re-encryption algorithm
  • the first node saves the first encrypted ciphertext Ea as a transaction in a blockchain network.
  • a manner of saving the transaction is: the first node sends a transaction request to any one of the ordinary nodes in the blockchain network, where the transaction request includes the first encrypted ciphertext Ea; and the transaction request is received.
  • the ordinary nodes broadcast in the blockchain network, so that the respective blockchain nodes on the blockchain agree and save the related transactions of the first encrypted ciphertext Ea.
  • another way of saving the transaction is that the first node directly sends the transaction request including the first encrypted ciphertext to any one of the proxy nodes, for example, the first proxy node, and passes the first proxy node. Broadcast and consensus the transaction to the blockchain.
  • the method includes:
  • Step 501 The first node records the identity I of the second node, and the access authority information R of the second node to the first encrypted ciphertext Ea.
  • the second node is an authorized user, and the identity I of the second node may be a second node identifier, a user ID, a device ID, or a device identifier.
  • the access right information R includes: granting authority and canceling authorization.
  • Step 502 Determine whether the access authority information R includes content that grants permission or cancels authorization.
  • Step 503a If the access right information R carries the content that grants the right, the first node generates the conversion key T by using the private key of the first node, the public key of the second node, and an encryption algorithm.
  • Step 503b If the access right information R carries the content of the cancellation authority, the first node sends a transaction request to any one of the node chain networks, where the transaction request includes the access authority information R and The identity I of the second node.
  • Step 504 The flow of step 503a is continued.
  • the first node decomposes the conversion key T into n partial keys by using a secret sharing algorithm, where n is a positive integer greater than or equal to 1.
  • the conversion key T is decomposed into (m, Tn), where Tn represents any partial key after decomposition, and m represents a minimum Tn number capable of restoring the conversion key T.
  • Step 505 The first node randomly selects m proxy nodes in the blockchain network, and encrypts the n partial keys Tn by using the public keys of the m proxy nodes to generate n encrypted Partial key Tne, and m ⁇ n.
  • Step 506 The first node generates first transaction information, and sends the first transaction information to any common node or blockchain node, where the first transaction information includes at least one of the following: an identity of the second node.
  • the first transaction information further includes: an identifier of the m proxy nodes and a quantity m of the minimum partial key Tne that restores the conversion key.
  • Step 507 The normal node or the proxy node broadcasts and saves the first transaction information (I, R, Tne, m) in the blockchain network, or, based on the flow of the above step 503b, broadcasts and records.
  • the process of requesting a node to initiate a data access request to the blockchain and decrypting and accessing the encrypted ciphertext in the case of satisfying the authorized access is described in the "Request Data Flow”. Specifically, as shown in FIG. 6, the process includes The following steps:
  • Step 601 The data requesting node sends a first request message to any common node, where the first request message includes: an identity identifier of the requesting node and a data identifier to be accessed, or a corresponding data identifier to be accessed.
  • First encrypted ciphertext Ea
  • Step 602 The normal node receives and forwards the first request message to the first proxy node Pm;
  • the first proxy node Pm can be used as the primary node of the current request.
  • Step 603 The first proxy node Pm receives the first request message, determines the first encrypted ciphertext Ea in the blockchain network according to the to-be-accessed data identifier carried in the first request message, and according to the request The identity I of the node determines whether it has the right to read the first encrypted ciphertext Ea;
  • the first proxy node Pm reads the authorization information of the requesting node closest to the end of the blockchained storage structure on the blockchain according to the identity identifier I of the requesting node, and the authorization information includes permission and disallowment. .
  • the block number of the authorization information is the largest
  • Step 604a If there is no or no permission, reject the current access request of the data requesting node;
  • Step 604b If the right or permission is allowed, initiate a rights verification request to the request node to the at least one second proxy node P;
  • the selection of the second proxy node may be set in advance on the blockchain, or the system default blockchain nodes may be mutually discoverable.
  • the mutual discovery of the default blockchain nodes refers to the second agent information that the first agent node can know by the transaction information stored in the blockchain in the “rights grant process”, for example, the first transaction information.
  • the node encrypts the partial key Tn and generates the encrypted partial key Tne, and then transmits the rights verification request to the second proxy nodes.
  • the rights verification request includes: an identity identifier I of the requesting node and a first encrypted ciphertext Ea.
  • Step 605 The second proxy node P receives the rights verification request (I, Ea) from the first proxy node Pm, and determines, according to the identity identifier I of the requesting node, whether the data requesting node has the right to read the first encrypted ciphertext.
  • Ea the rights verification request
  • the first encrypted ciphertext Ea is generated by encrypting the data to be accessed.
  • Step 606a If no (no right), reject the current access request of the data requesting node, for example, the second proxy node P feeds back the message rejecting the access to the first proxy node Pm;
  • Step 606b If yes (right), generate a partial key Tn and send the partial key Tn to the first proxy node Pm.
  • the second proxy node P reads the encrypted partial key Tne on the blockchain, and decrypts the Tne with its own private key to obtain the partial key Tn.
  • Step 607 The first proxy node Pm receives the partial key Tn sent by the at least k second proxy nodes P, k ⁇ m, m is the second proxy node determined by the first proxy node Pm to send the rights verification request m quantity.
  • Step 608 The first proxy node Pm restores the at least k partial keys Tn to generate a conversion key T;
  • Step 609 The first proxy node Pm converts the first encrypted ciphertext Ea into a second encrypted ciphertext Eb by using the conversion key T and an encryption algorithm, and the second encrypted ciphertext Eb is requested by the data requesting node.
  • the public key is generated after encryption.
  • Step 610 The first proxy node Pm sends the second encrypted ciphertext Eb to the common node.
  • Step 611 The normal node receives and sends the second encrypted ciphertext Eb to the data requesting node, so that the data requesting node decrypts the second encrypted ciphertext Eb by using its own private key, to obtain the Pending data.
  • the method provided in the embodiment of the present application realizes that the data source node can freely grant or revoke the permission of the requesting node without modifying the ciphertext, that is, the proxy node is in the zone.
  • the block chain performs the reading of the latest permission of the requesting node to determine whether to authorize or deny the access request. If the latest permission is to deny access, the user can be prevented from continuing to access the data, thereby ensuring the security of the information in the network.
  • the data source node decomposes the conversion key into multiple partial keys and is chained to multiple agent nodes, so that only a sufficient number of partial secrets are obtained in the “request data flow”.
  • the conversion key can be restored.
  • a single node or key participant cannot obtain the conversion key or ciphertext, thereby effectively preventing a few nodes from bypassing the permission control and obtaining the ciphertext by cheating.
  • This method adds decryption. The complexity, in turn, effectively ensures the security of ciphertext transmission and reading, preventing unauthorized users from reading ciphertext or data.
  • the unauthorized party such as the first proxy node and the second proxy node, cannot obtain the plaintext, and thus the plaintext content cannot be read, thereby protecting the privacy of the data.
  • the proxy node in this embodiment may be a proxy node or proxy in the proxy re-encryption system, and the proxy re-encryption is a new public key with a ciphertext security conversion function. Encryption system.
  • the system includes: a delegate (Delegator), a semi-trusted proxy (Proxy), and a delegate (Delegatee).
  • step 701 the consignor encrypts the plaintext message by using the public key of the delegator to generate an encrypted ciphertext
  • Step 702 The client sends the encrypted ciphertext to a semi-trusted agent.
  • Step 703 The principal acquires the public key of the delegatee
  • Step 704 The delegator authorizes a ciphertext conversion key for the delegatee
  • Step 705 The requester sends the ciphertext conversion key to the semi-trusted agent.
  • Step 706 The semi-trusted agent obtains the encrypted ciphertext from the delegator, and the ciphertext conversion key for the entrusted party, and the semi-trusted agent converts the encrypted ciphertext, specifically, Converting the encrypted ciphertext into a ciphertext encrypted by the principal of the delegatee;
  • Step 707 The semi-trusted agent sends the converted ciphertext to the delegatee
  • Step 708 The delegated party acquires the converted ciphertext, and decrypts the converted ciphertext by using the private key of the delegatee to generate the plaintext message.
  • a rights verification process is added at the agent node, and then the node that does not satisfy the authorized access right is denied access, thereby implementing the control of each authority in the blockchain. And changes to improve the security and reliability of data transmission.
  • the method provided by the present application is described in detail by implementing Alice to store its own age in the super-book fabric block chain and controlling Bob to access.
  • the new proxy node has the functions of performing permission verification and ciphertext conversion, and adding three proxy nodes (X, Y, Z) to the following configuration file to In the fabric blockchain network.
  • Alice can perform the following method steps as the data owner or data source node:
  • Step 801 Alice uses his own public key Pa to perform his own age a, and performs a proxy re-encryption algorithm to generate a second layer of ciphertext Ea.
  • the proxy re-encryption algorithm may be a second layer encryption algorithm (E2) in the proxy re-encryption algorithm described in the paper "Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage”.
  • Step 802 Alice packs Ea into a transaction and sends it to any ordinary node in the blockchain network; the normal node receives the transaction and broadcasts and consensus confirms the transaction.
  • Step 803 Alice uses its own private key Sa, and Bob's public key Pb, to execute the re-encryption key generation algorithm (RG) in the above proxy re-encryption algorithm to generate a re-encryption key T or a conversion key T.
  • RG re-encryption key generation algorithm
  • the re-encryption key T is decomposed into three partial keys T1, T2, T3 by the Shamir key sharing algorithm.
  • Step 805 Alice encrypts the partial keys T1, T2, and T3 by using the public keys of the proxy nodes X, Y, and Z respectively to generate encrypted partial keys, for example, T1x, T2y, and T3z, respectively.
  • Step 806 The Alice record requester Bob has the right to access the second layer ciphertext Ea, the ciphertext processing node is X, Y, Z, and at least 2 nodes need to be processed together.
  • Step 807 Alice packs the above information into a transaction and sends it to a common node, which broadcasts the information of the transaction and confirms the transaction.
  • the authorization pseudo code is as follows:
  • the pseudo code of the record authorization information performed by the common node is as follows:
  • Step 808 Bob initiates a data request to any ordinary node, the data request includes its own identity information Bob and access data object 1;
  • Step 809 The ordinary node forwards the data request to the proxy node X, and the proxy node X will serve as the primary node or the first proxy node of the current request;
  • Step 810 The proxy node X reads the latest authority of the Bob to the data object 1 on the blockchain, and the result of the reading is allow;
  • Step 811 The proxy node X reads the key processing node of the data object 1 as [X, Y, Z], and the proxy node X respectively initiates a key request to the node X, Y, Z, and the key request includes the Bob identity and Data object 1, and start waiting for feedback results;
  • Step 812 The proxy node X, Y, Z reads the latest permission of the Bob on the data object 1 in the chain, and the result of the reading is allow;
  • Step 813 In the case that the read result is allow, the proxy nodes X, Y, and Z respectively read the encrypted partial keys T1x, T2y, T3z recorded on the chain, and use the private keys of the proxy nodes X, Y, and Z. Decrypting the encrypted partial keys to obtain partial keys T1, T2, T3, and then sending them to the proxy node X;
  • Step 814 The proxy node X receives any at least two of the partial keys T1, T2, and T3, for example, T1 and T2, and restores the decomposed partial key to the conversion key T using the Shamir secret sharing algorithm;
  • Step 815 The proxy node X reads the second layer ciphertext Ea corresponding to the data object 1, and performs the re-encryption method (R) in the proxy re-encryption algorithm to perform the second layer ciphertext using the conversion key T.
  • Ea is converted into the first layer ciphertext Eb encrypted by Bob's public key Pb;
  • Step 816 The proxy node X sends the first layer ciphertext Eb to Bob;
  • Step 817 Bob receives and performs the decryption method (D) in the proxy re-encryption algorithm to obtain the age a of Alice according to the first layer ciphertext Eb, using its own private key Sb.
  • the method provided in this embodiment adds a proxy node to the blockchain, and implements the access control of any node between the data transmissions on the chain, that is, the data request node can change or reject the data request if the data request node does not have access to the data.
  • the current request of the node prevents it from continuing to access the data, thereby ensuring the security of the information in the network.
  • the conversion key is decomposed into multiple partial keys, and the uplink is held by multiple proxy nodes, so that only the "request data flow" is included.
  • the conversion key can be restored, and a single node or key participant cannot obtain the conversion key or ciphertext, thereby effectively preventing a few nodes from obtaining the ciphertext by cheating the access control.
  • This method increases the complexity of decryption and improves the security of data transmission and reading.
  • the pseudo data of the read data executed by the proxy node X is as follows:
  • the read key pseudo code executed by the proxy node X, Y, Z is as follows:
  • the agent node X finds that the rights information indicates that access is not allowed during the process of reading the rights information, the access request of the requesting node is rejected.
  • proxy node X can also be a master proxy node, such as a first proxy node, and can also be other proxy nodes, such as proxy nodes Y and Z.
  • the access permission control method in the foregoing embodiment of the present application may also prevent a certain proxy node from cheating.
  • the conversion key is decomposed into 3 shares, and the threshold number of the key sharing participant is limited. For example 2, there are the following cheating situations:
  • the conversion key can be obtained, and Bob can also decrypt the plaintext.
  • the cost of the cheat is higher than the way Bob caches the plaintext during the authorization period, so only Bob has obtained the authorized data. Will affect other data.
  • FIG. 9 is a schematic structural diagram of a data access authority control apparatus according to an embodiment of the present disclosure.
  • the apparatus includes a proxy node, and the apparatus may be a proxy node in the foregoing embodiment, or may be configured on a proxy node. Or the application and the first proxy node are used to execute the permission control method corresponding to FIG. 5 and FIG. 6.
  • the network node includes: a receiving unit 901, a processing unit 902, and a transmitting unit 903.
  • a receiving unit 901 receives data from a network node.
  • a processing unit 902 receives data from a network node.
  • a transmitting unit 903. receives data from a network node.
  • other units and modules such as a storage unit, etc., may also be included.
  • the receiving unit 901 is configured to receive a first request message from the requesting node, where the first request message includes an identifier of the requesting node and a data identifier to be accessed;
  • the processing unit 902 is configured to determine, according to the data identifier to be accessed, a first encrypted ciphertext in the blockchain network, and determine, according to the identity identifier of the requesting node, whether the requesting node has the right to read the first encryption. Cipher text
  • the sending unit 903 is configured to reject the first request of the requesting node if the first encrypted ciphertext is not authorized to read, and initiate the speaking to the at least one second proxy node if the right is authorized Request a permission verification request from the node,
  • the processing unit 902 is further configured to determine, according to the feedback result of the at least one second proxy node, the issuance of the first encrypted ciphertext in the case of the right.
  • the sending unit 903 is specifically configured to: read, according to the identity identifier of the requesting node, the end of the closest chain block chain storage structure on the blockchain.
  • the authorization information of the requesting node, the authorization information includes permission and disallow.
  • the processing unit 902 is specifically configured to determine the m second proxy nodes, and generate the rights verification request, where the rights verification request includes Determining an identity of the requesting node and the first encrypted ciphertext, where the first encrypted ciphertext is generated by encrypting the data to be accessed, and m is a positive integer greater than or equal to 1;
  • the sending unit 903 is specifically configured to separately send the rights verification request to the m second agent nodes.
  • the receiving unit 901 is further configured to receive a partial key sent by at least k second proxy nodes, where the partial key is the a second proxy node, according to the identity identifier of the requesting node, after verifying that the requesting node has access to data, and generating and transmitting, and k ⁇ m;
  • the processing unit 902 is specifically configured to restore the at least k partial keys to generate a conversion key, and convert the first encrypted ciphertext into a second encrypted ciphertext by using the conversion key and an encryption algorithm.
  • the second encrypted ciphertext is generated by encrypting the public key of the requesting node;
  • the sending unit 903 is further configured to send the second encrypted ciphertext to the requesting node.
  • the processing unit 902 is specifically configured to receive, by using the receiving unit, a partial key sent by less than k second proxy nodes, or And receiving, by the sending unit, a message rejecting the access by the sending unit, when receiving the reject message fed back by the at least one second proxy node.
  • the receiving unit 901 is specifically configured to receive the first request that is forwarded by using any blockchain node in the blockchain network. Message.
  • the network node may also be applied to the second proxy node for performing functions such as authority verification and result feedback of the second proxy node.
  • the receiving unit 901 is configured to receive a rights verification request from the first proxy node, where the rights verification request includes an identity identifier of the requesting node and a first encrypted ciphertext, where the first encrypted ciphertext is treated by accessing Data is generated after encryption;
  • the processing unit 902 is configured to determine, according to the identity identifier of the requesting node, whether the requesting node has the right to read the first encrypted ciphertext; if not, reject the first request of the first proxy node; , generating a partial key;
  • the sending unit 903 is configured to send the partial key to the first proxy node.
  • processing unit 902 is specifically configured to obtain an encrypted partial key in the blockchain network, where the encrypted partial key is encrypted by using the public key of the second proxy node. Generating; decrypting the encrypted partial key with its own private key to generate the partial key.
  • the network node may also be a data source node or a data owner, such as a first node, and the structure of the first node is the same as that of the network node shown in FIG. 9, but each unit in the network node is further Has the following features.
  • the receiving unit 901 is configured to obtain an identity identifier of the second node, where the identity identifier is used to determine authorization information of the second node, where the authorization information includes permission or disallowment;
  • the processing unit 902 is configured to generate a conversion key by using a private key of the network node, a public key of the second node, and an encryption algorithm if the authorization information is allowed; and using a proxy node in the blockchain network
  • the public key encrypts the conversion key to generate an encrypted partial key; and generates first transaction information, and records the first transaction information on the blockchain network;
  • the first transaction information includes: an identity of the second node, authorization information of the second node, and an encrypted partial key.
  • the processing unit 902 is specifically configured to decompose the conversion key into n partial keys by using a secret sharing algorithm, where n is greater than or equal to 1. a positive integer; selecting m proxy nodes in the blockchain network, and encrypting the n partial keys using the public keys of the m proxy nodes to generate n encrypted partial keys, m ⁇ n.
  • the first transaction information further includes: an identity identifier of the m proxy nodes and a quantity k of the minimum partial key for restoring the conversion key.
  • the processing unit 902 is specifically configured to send, by using a sending unit, the first transaction information to a blockchain node in a blockchain network, And storing, by the blockchain node, the first transaction information in a whole network broadcast and consensus.
  • the processing unit 902 is further configured to: if the authorization information is not allowed, cancel the authorization information of the second node; generate The second transaction information is recorded on the blockchain network, and the second transaction information includes an identity of the second node and authorization information of the second node.
  • the processing unit 902 is further configured to: use the public key to encrypt the access data by using a proxy re-encryption algorithm before obtaining the identity of the second node. Generating a first encrypted ciphertext; and storing the first encrypted ciphertext as a transaction in the blockchain network.
  • the network node in the foregoing embodiment includes: a transceiver 1201, a processor 1202, and a memory 1203, and the network node may further include more or less components, or a combination thereof. Some components, or different component arrangements, are not limited in this application.
  • the transceiver 1001 is configured to acquire and send a request message and feedback information, and perform data transmission with other nodes in the network.
  • the transceiver may include a transceiver module, and the transceiver module may include a wireless local area network (WLAN) module, a Bluetooth module, a base band module, and the like, and a radio frequency corresponding to the communication module. (radio frequency, RF) circuit for wireless local area network communication, Bluetooth communication, infrared communication, and/or cellular communication system communication, such as wideband code division multiple access (WCDMA) and/or high speed High speed downlink packet access (HSDPA).
  • WCDMA wideband code division multiple access
  • HSDPA high speed High speed downlink packet access
  • the transceiver module is configured to control communication of components in the terminal device and can support direct memory access.
  • the processor 1002 is a control center of the switch that connects various portions of the entire switch using various interfaces and lines, by running or executing software programs and/or modules stored in the memory 1203, and recalling data stored in the memory 1203. To perform various functions and/or process data of the switch device.
  • the processor 1202 may be composed of an integrated circuit (IC), for example, may be composed of a single packaged IC, or may be composed of a plurality of packaged ICs that have the same function or different functions.
  • the processor may only include a central processing unit (CPU), or may be a GPU, a digital signal processor (DSP), and a control chip (for example, a baseband chip) in the transceiver. combination.
  • the CPU may be a single computing core or may include multiple computing cores.
  • the memory 1003 may include a volatile memory, such as a random access memory (RAM), and may also include a non-volatile memory, such as a flash memory. ), Hard Sisk Drive (HDD) or Solid-State Drive (SSD); the memory may also include a combination of the above types of memories.
  • Programs or code may be stored in the memory, and the processor 1002 in the switch may implement the functions of the network node by executing the program or code.
  • the function to be implemented by the transceiver 1001 may be implemented by the receiving unit 901 and the transmitting unit 903 shown in FIG. 9, or by the transceiver 1001 controlled by the processor 1002; The implemented functionality can then be implemented by processor 1002.
  • the present application further provides a computer storage medium, wherein the computer storage medium may store a program, where the program may include a control method of data access rights provided by the present application, and a part of each embodiment of the data transmission method. Or all steps.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory ROM or a random access memory RAM.
  • the computer program product includes one or more computer instructions, such as verification instructions.
  • the computer loads and executes the computer program, the processes or functions described in accordance with the above-described embodiments of the present application are generated in whole or in part.
  • the computer can be a general purpose computer, a special purpose computer, a computer network, or other programmable device.
  • the computer instructions can be stored in a computer readable storage medium or transferred from one computer readable storage medium to another computer readable storage medium, for example, the computer instructions can be from a network site, computer, server or data center Transfer to another site, computer, or server by wire or wirelessly.
  • the computer readable storage medium can be any available media that can be accessed by a computer or a storage device such as a server, data center, or the like that includes one or more available media.
  • the usable medium may be a magnetic medium such as a floppy disk, a hard disk, a magnetic tape, an optical medium (such as a DVD), or a semiconductor medium such as a solid state hard disk SSD or the like.
  • the network node described in this embodiment may be a base station or an access point.
  • the base station may be a base station (BTS, Base Transceiver Station) in GSM or CDMA, or may be a base station (NodeB) in WCDMA, or may be an evolved base station (eNB or e-NodeB, evolutional Node B) in LTE.
  • BTS Base Transceiver Station
  • NodeB base station
  • eNB or e-NodeB, evolutional Node B evolutional Node B
  • the network node may also be a client and a terminal device, and the terminal device may be a device that provides voice and/or data connectivity to the user, a handheld device with a wireless connection function, or a wireless modem. Other processing equipment.
  • a wireless terminal can communicate with one or more nodes via a radio access network RAN, which can be a mobile terminal, such as a mobile telephone (or "cellular" telephone) and a computer having a mobile terminal, for example, can be Portable, pocket, handheld, computer built-in or in-vehicle mobile devices that exchange language and/or data with a wireless access network.
  • a radio access network RAN can be a mobile terminal, such as a mobile telephone (or "cellular" telephone) and a computer having a mobile terminal, for example, can be Portable, pocket, handheld, computer built-in or in-vehicle mobile devices that exchange language and/or data with a wireless access network.
  • PCS Personal communication service
  • SIP Session Initiation Protocol
  • WLL Wireless Local Loop
  • PDA Personal Digital Assistant
  • a wireless terminal may also be called a system, a subscriber unit, a subscriber station, a mobile station, a mobile station, a remote station, an access point, or an access point.
  • Remote Terminal Access Terminal, User Terminal, User Agent, User Device, or User Equipment.
  • the techniques in the embodiments of the present invention can be implemented by means of software plus a necessary general hardware platform. Based on such understanding, the technical solution in the embodiments of the present invention may be embodied in the form of a software product in essence or in the form of a software product, which may be stored in a storage medium such as a ROM/RAM. , a disk, an optical disk, etc., including instructions for causing a computer device (which may be a personal computer, server, or network device, etc.) to perform the methods described in various embodiments of the present invention or portions of the embodiments.
  • a computer device which may be a personal computer, server, or network device, etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Storage Device Security (AREA)

Abstract

公开了一种数据访问权限的控制方法和装置,所述方法包括:第一代理节点接收来自请求节点的第一请求消息,所述第一请求消息中包括请求节点的身份标识和待访问的数据标识;根据所述待访问的数据标识在区块链网络中确定第一加密密文,根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;如果是,则向至少一个第二代理节点发起对所述请求节点的权限验证请求,并根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放。本方法通过在区块链网络中加入代理节点,实现了数据源节点在不修改密文的情况下也能够自由地授予或撤销请求节点的权限,从而保证了网络中信息的安全。

Description

一种数据访问权限的控制方法和装置
本申请要求于2018年3月19日提交中国国家知识产权局、申请号为201810224356.1,发明名称为“一种数据访问权限的控制方法和装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本申请涉及区块链领域,尤其涉及一种数据访问权限的控制方法和装置。
背景技术
区块链(Block Chain)又称作分布式账本,就是交易记账由分布在不同地方的多个节点共同完成,并且每一个节点都记录完整的账目。狭义来说,所述区块链是一种按照时间顺序将数据区块以顺序相连的方式组合成的一种链式数据结构,并以密码学方式保证的不可篡改和不可伪造的一种分布式账本。
对于区块链技术而言,区块链具有去中心化和去信任的特征。所述去中心化是指,整个区块链网络没有中心化的硬件或管理机制,任意节点之间的权利和义务都是均等的,且任一个节点的损坏或者丢失都不会影响整个网络系统的运作,因此,保证区块链网络具有良好的健壮性。所述去信任是指,参与整个网络中的每个节点之间进行数据交换是无需互相信任的,整个区块链网络系统的运作规则是公开透明的,所有区块链节点上的数据内容也是公开的,因此,在系统指定的规则或时间范围内,各个节点之间是不能也无法相互欺骗。
客户端向区块链中的一个节点请求访问数据,该区块链节点向该客户端提供加密数据和解密密钥,然后客户端再利用解密密钥对该加密数据进行解密得到访问数据,并将其记账在区块链上。在这一过程中,由于对区块链节点的账本的历史交易数据无法做修改或删除操作,并且区块链上数据都是公开的无法取消,所以一旦授予某一用户访问权限,分发解密密钥后,就无法撤销,进而导致当需要禁止该用户访问权限时,无法阻止该用户对数据进行访问,使得对数据访问存在一定风险和不安全性。
发明内容
本申请提供了一种数据访问权限的控制方法和装置,以解决在用户的访问权限发生变化时,能够控制对用户请求的数据或密文的发放。
具体地,为了解决上述技术问题,本申请公开了如下技术方案:
第一方面,本申请提供了一种数据访问权限的控制方法,所述方法包括步骤如下:第一代理节点接收来自请求节点的第一请求消息,所述第一请求消息中包括请求节点的身份标识和待访问的数据标识;所述第一代理节点根据所述待访问的数据标识在区块链网络中确定第一加密密文,根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;如果是,则向至少一个第二代理节点发起对所述请求节点的权限验证请求,并根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放。
可选的,所述第一代理节点根据所述请求节点的身份标识判断所述请求节点如果无 权读取所述第一加密密文,则拒绝所述请求节点的第一请求。
本方面提供的方法,通过在区块链网络中加入代理节点,实现了数据源节点在不修改密文的情况下也能够自由地授予或撤销请求节点的权限,即通过代理节点在区块链上对请求节点最新权限的读取来确定是否授权或拒绝访问请求,如果最新权限是拒绝访问,则可以阻止该用户对数据继续进行访问,从而保证了网络中信息的安全。
另外,利用至少一个第二代理节点对请求方的身份进一步验证,可以防止只利用一个第一代理节点验证时发生作弊的可能,进一步地提高了验证的准确性,进而保证了信息传输的安全性。
结合第一方面,在第一方面的一种实现方式中,根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文,包括:根据所述请求节点的身份标识,在区块链上读取最接近区块链链式存储结构末端的请求节点的授权信息,所述授权信息包括允许或不允许。
本实现方式中,通过读取最接近区块链链式存储结构末端的请求节点的授权信息可以获取到请求方的最近访问权限,从而为验证请求节点是否可以获取加密密文和密钥做准备。
结合第一方面,在第一方面的另一种实现方式中,所述向至少一个第二代理节点发起对所述请求节点的权限验证请求,包括:所述第一代理节点确定m个第二代理节点,m为大于等于1的正整数;生成所述权限验证请求,所述权限验证请求中包括所述请求节点的身份标识和所述第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成;将所述权限验证请求分别发送给所述m个第二代理节点。
结合第一方面,在第一方面的又一种实现方式中,根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放,包括:
所述第一代理节点接收来自至少k个第二代理节点发送的部分密钥,所述部分密钥是所述第二代理节点,根据所述请求节点的身份标识在验证所述请求节点有权访问数据后生成并发送的,且k≤m;对所述至少k个部分密钥进行还原,生成转换密钥;利用所述转换密钥和加密算法将所述第一加密密文转换为第二加密密文,所述第二加密密文由所述请求节点的公钥加密后生成;将所述第二加密密文发送给所述请求节点。
本实现方式中,第一代理节点将权限验证请求发送给多个第二代理节点,并在获取到足够数量的第二代理节点发送的部分密钥后才能还原出转换密钥,即需要通过多个第二代理节点共同参与和联合解密才能生成转换密钥,单一的节点或者密钥参与者无法获取转换密钥或密文,从而有效地防止少数节点通过作弊方式绕过权限控制获取密文,本方法增加了解密的复杂度,进而有效地保证密文传输和读取的安全性,防止非授权用户读取密文或数据。
结合第一方面,在第一方面的又一种实现方式中,根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放,包括:如果所述第一代理节点接收小于k个第二代理节点发送的部分密钥,或者,接收至少一个所述第二代理节点反馈的拒绝消息,则向所述请求节点发送拒绝访问的消息。
结合第一方面,在第一方面的又一种实现方式中,所述第一代理节点接收来自请求节点的第一请求消息,包括:所述第一代理节点接收通过所述区块链网络中的任一区块链节点转发的所述第一请求消息。
第二方面,本申请还提供了一种数据传输方法,该方法可以应用于数据源节点或数据所有方,本方面中以第一节点为例,所述方法包括如下步骤:
第一节点获得第二节点的身份标识,所述身份标识用于确定所述第二节点的授权信息,所述授权信息包括允许和不允许,所述第二节点为请求节点或数据请求方;如果所述授权信息为允许,则所述第一节点利用第一节点的私钥、第二节点的公钥和加密算法生成转换密钥;所述第一节点利用区块链网络中的代理节点的公钥对所述转换密钥进行加密,生成加密后的部分密钥;所述第一节点生成第一交易信息,并将所述第一交易信息记录在所述区块链网络上,所述第一交易信息包括:第二节点的身份标识、第二节点的授权信息和加密后的部分密钥。
结合第二方面,在第二方面的一种实现方式中,所述第一节点利用区块链网络中的代理节点的公钥对所述转换密钥进行加密,生成加密后的部分密钥,包括:所述第一节点利用秘密分享算法将所述转换密钥分解成n个部分密钥,n为大于等于1的正整数;所述第一节点在所述区块链网络中选取m个代理节点,并使用所述m个代理节点的公钥对所述n个部分密钥进行加密,生成n个加密后的部分密钥,m≤n。
结合第二方面,在第二方面的另一种实现方式中,所述第一交易信息中还包括:m个代理节点的身份标识和还原所述转换密钥的最小部分密钥的数量k,当获取的部分密钥的数量小于k个时,则不能还原出所需的转换密钥,进而可以防止少数或部分代理节点作弊,从而提高验证的安全性和可靠性。
结合第二方面,在第二方面的又一种实现方式中,将所述第一交易信息记录在所述区块链网络上,包括:所述第一节点将所述第一交易信息发送给区块链网络中的区块链节点,并通过所述区块链节点在全网广播和共识,保存所述第一交易信息。
结合第二方面,在第二方面的又一种实现方式中,所述方法还包括:如果所述授权信息为不允许,则取消所述第二节点的授权信息;生成第二交易信息,所述第二交易信息包括第二节点的身份标识和第二节点的授权信息;将所述第二交易信息记录在所述区块链网络上。
结合第二方面,在第二方面的又一种实现方式中,在第一节点获得第二节点的身份标识之前,所述方法还包括:所述第一节点使用第一节点的公钥通过代理重加密算法对待访问数据进行加密,生成第一加密密文;所述第一节点将所述第一加密密文作为一个交易保存在所述区块链网络中。
第三方面,本申请还提供了一种数据传输方法,该方法可以应用于第二代理节点,所述第二代理节点也可以是一种第一代理节点或主代理节点,所述方法包括如下步骤:
第二代理节点接收来自第一代理节点的权限验证请求,所述权限验证请求中包括请求节点的身份标识和第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成;所述第二代理节点根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;如果是,则生成部分密钥,并将所述部分密钥发送给所述第一代理节点。
本方面中,第二代理节点在第一代理节点验证允许请求节点访问的情况下,对请求节点的权限进一步验证,并在验证是允许访问时,将生成的部分密钥发送给第一代理节点,以使得第一代理节点收集并合成最终的转换密钥,从而可以有效地防止第一代理节点作弊,提高了验证的安全性。
结合第三方面,在第三方面的一种实现方式中,所述生成部分密钥,包括:所述第二代理节点在区块链网络中获得加密后的部分密钥,所述加密后的部分密钥是利用所述第二代理节点的公钥加密后生成的;所述第二代理节点利用自己的私钥对所述加密后的部分密钥进行解密,生成所述部分密钥。
结合第三方面,在第三方面的另一种实现方式中,所述方法还包括:所述第二代理节点根据所述请求节点的身份标识判断所述请求节点如果无权读取所述第一加密密文,则拒绝所述第一代理节点的第一请求。
第四方面,本申请还提供了一种数据访问权限的控制装置,例如所述装置可以是一种网络节点,或配置在所述网络节点上,其中,所述装置或网络节点可以是以上方面所述的第一代理节点、第一节点或第二代理节点,所述装置中包括用于执行上述第一方面至第三方面,以及各方面的各种实现方式中方法步骤的单元。
具体地,所述装置包括接收单元、处理单元和发送单元,此外,还可以还包括存储单元等其他单元或模块等,本申请不予限制。
第五方面,本申请还提供了一种网络节点,所述网络节点包括处理器,收发器和存储器,其中,在所述网络节点为第一代理节点的情况下,
所述收发器,用于接收来自请求节点的第一请求消息,所述第一请求消息中包括请求节点的身份标识和待访问的数据标识;
所述处理器,用于根据所述待访问的数据标识在区块链网络中确定第一加密密文,根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;如果否,则拒绝所述请求节点的第一请求;如果是,则向至少一个第二代理节点发起对所述请求节点的权限验证请求,并根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放。
结合第五方面,在第五方面的一种实现方式中,所述处理器,具体用于根据所述请求节点的身份标识,在区块链上读取最接近区块链链式存储结构末端的请求节点的授权信息,所述授权信息包括允许和不允许。
结合第五方面,在第五方面的另一种实现方式中,所述处理器,具体用于确定m个第二代理节点,m为大于等于1的正整数;生成所述权限验证请求,所述权限验证请求中包括所述请求节点的身份标识和所述第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成;利用所述收发器将所述权限验证请求分别发送给所述m个第二代理节点。
结合第五方面,在第五方面的又一种实现方式中,所述收发器,具体用于接收来自至少k个第二代理节点发送的部分密钥,所述部分密钥是所述第二代理节点,根据所述请求节点的身份标识在验证所述请求节点有权访问数据后生成并发送的,且k≤m;
所述处理器,具体用于对所述至少k个部分密钥进行还原,生成转换密钥;利用所述转换密钥和加密算法将所述第一加密密文转换为第二加密密文,所述第二加密密文由所述请求节点的公钥加密后生成;
所述收发器,具体用于将所述第二加密密文发送给所述请求节点。
结合第五方面,在第五方面的又一种实现方式中,所述处理器,具体用于如果所述第一代理节点接收小于k个第二代理节点发送的部分密钥,或者,接收至少一个所述第二代理节点反馈的拒绝消息,则利用所述收发器向所述请求节点发送拒绝访问的消息。
结合第五方面,在第五方面的又一种实现方式中,所述收发器,具体用于接收通过所述区块链网络中的任一区块链节点转发的所述第一请求消息。
此外,在所述网络节点为第一代理节点的情况下,所述收发器,用于接收来自第一代理节点的权限验证请求,所述权限验证请求中包括请求节点的身份标识和第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成;
所述处理器,用于根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;如果否,则拒绝所述第一代理节点的第一请求;如果是,则生成部分密钥;
所述收发器,还用于将所述部分密钥发送给所述第一代理节点。
可选的,所述处理器,具体用于在区块链网络中获得加密后的部分密钥,所述加密后的部分密钥是利用所述第二代理节点的公钥加密后生成的;利用自己的私钥对所述加密后的部分密钥进行解密,生成所述部分密钥。
第六方面,本申请还提供了一种网络节点,所述网络节点包括处理器,收发器和存储器,其中,在所述网络节点为数据源节点或数据所有方,例如第一节点的情况下,
所述收发器,用于获得第二节点的身份标识,所述身份标识用于确定所述第二节点的授权信息,所述授权信息包括允许和不允许;
所述处理器,用于在所述授权信息为允许的情况下,利用所述网络节点的私钥、第二节点的公钥和加密算法生成转换密钥;利用区块链网络中的代理节点的公钥对所述转换密钥进行加密,生成加密后的部分密钥;以及,生成第一交易信息,并将所述第一交易信息记录在所述区块链网络上;
其中,所述第一交易信息包括:第二节点的身份标识、第二节点的授权信息和加密后的部分密钥。
结合第五方面,在第五方面的一种实现方式中,所述处理器,具体用于利用秘密分享算法将所述转换密钥分解成n个部分密钥,n为大于等于1的正整数;在所述区块链网络中选取m个代理节点,并使用所述m个代理节点的公钥对所述n个部分密钥进行加密,生成n个加密后的部分密钥,m≤n。
结合第五方面,在第五方面的另一种实现方式中,所述第一交易信息中还包括:m个代理节点的身份标识和还原所述转换密钥的最小部分密钥的数量k。
结合第五方面,在第五方面的又一种实现方式中,所述处理器,具体用于利用发送单元将所述第一交易信息发送给区块链网络中的区块链节点,并通过所述区块链节点在全网广播和共识,保存所述第一交易信息。
结合第五方面,在第五方面的又一种实现方式中,所述处理器,还用于在所述授权信息为不允许的情况下,取消所述第二节点的授权信息;生成第二交易信息,并将所述第二交易信息记录在所述区块链网络上,所述第二交易信息包括第二节点的身份标识和第二节点的授权信息。
结合第五方面,在第五方面的又一种实现方式中,所述处理器,还用于在获得第二节点的身份标识之前,使用公钥通过代理重加密算法对待访问数据进行加密,生成第一加密密文;以及,将所述第一加密密文作为一个交易保存在所述区块链网络中。
第七方面,本申请还提供了一种计算机存储介质,该计算机存储介质可存储有指令,该指令执行时可实现本申请提供的第一方面至第三方面,以及第一方面至第三方面中的 各种实现方式中的数据访问权限的控制方法的部分或全部步骤。
第八方面,本申请还提供了一种包含指令的计算机程序产品,当所述指令在计算机上运行时,所述计算机执行上述各个方面所述的方法。
附图说明
图1为本申请提供的一种Fabric架构的示意图;
图2为本申请提供的一种在门限密码系统中解密的流程图;
图3为本申请提供的一种客户端在区块链网络中请求访问数据的流程图;
图4a为本申请提供的一种区块链系统的结构示意图;
图4b为本申请提供的一种数据访问权限的控制方法的流程图;
图5为本申请提供的另一种数据访问权限的控制方法的流程图;
图6为本申请提供的另一种数据访问权限的控制方法的流程图;
图7为本申请提供的一种代理重加密体系的角色流程图;
图8为本申请提供的又一种数据访问权限的控制方法的流程图;
图9为本申请提供的一种网络节点的结构示意图;
图10为本申请提供的一种网络节点的装置示意图。
具体实施方式
为了使本技术领域的人员更好地理解本申请实施例中的技术方案,并使本申请实施例的上述目的、特征和优点能够更加明显易懂,下面结合附图对本申请实施例中的技术方案作进一步详细的说明。
首先,对本申请涉及到的基本概念进行详细地介绍和说明。
本申请的技术方案涉及区块链,所述区块链(Block Chain)是一种分布式数据库,起源自比特币,是比特币的底层技术。区块链是一串使用密码学方法相关联产生的数据块,每一个数据块中包含了一次比特币网络交易的信息,用于验证其信息的有效性(防伪)和生成下一个区块(block)。
狭义来讲,区块链是一种按照时间顺序将数据区块以顺序相连的方式组合成的一种链式数据结构,并以密码学方式保证的不可篡改和不可伪造的分布式账本。广义来讲,区块链是一个分布式的账本,通过多个独立的分布式节点保存相同的记录。
区块链技术是一种通过去中心化、去信任的方式集体维护一个可靠数据库的技术方案。每当有新的数据需要写入区块链时,这些数据会汇总到一个区块中,添加在已有区块链的末端,通过共识算法保证每个节点新添加的区块是完全相同的。
其中,每个区块内记录了若干条交易记录,同时包含了前一个区块的哈希值(hash),所有区块就是通过这样保存前一个块中的信息,按顺序相连,组成了区块链,难以被篡改。基于区块链技术,可以达成一致的双方直接交易(Transaction,Tx),从而不需要可信赖的第三方中心化中介机构的参与。
智能合约(smart contract)是由事件驱动、具有状态的、运行在一个分布式区块链账本之上的、且能够管理账本上数据的程序。智能合约可以看作是一段普通的计算机执行程序,满足可准确自动执行即可。智能合约的代码内容规定了交易的规则和逻辑,使用者签署调用智能合约就意味着合约内容会被执行并写入区块链账本。
区块链的核心技术之一就是共识算法,例如比特币中所使用的工作量证明(Proof of  Work,PoW)算法。区块链中的共识算法,要解决的是面向拜占庭容错的共识场景,即区块链网络中的节点相互之间并不信任,有可能存在恶意说谎节点。区块链网络中的每个节点都有可能是“说谎”的节点,但是众多的节点聚到一个网络中,它们共识的结果就是一个可信的结果。共识算法的主要作用,就是让区块链中的所有节点记录相同的有效交易区块内容。
另外,区块链还是一种解决多方之间信任问题的技术机制。多方信任的前提是技术机制本身就是可信的,因此区块链需要可审计。区块链系统、智能合约和共识算法在多方之间是必须要开源公开。
超级账本(Hyperledger)的Fabric项目使用了一种机制用于加快共识的达成,该机制的核心在于多个背书节点(endorser peer)运行智能合约并对运行结果(endorsement)进行背书,例如通过对背书节点本身的合约运行结果内容进行签名,保证是由特定背书节点发出的结果。用户可以根据实际需求设置自己的智能合约要信任的背书节点及对多个结果的验证策略,例如设置背书策略(endorse policy)。
如图1所示,客户端可以向3个背书节点发送智能合约运行请求(proposal),背书策略可以要求3个运行结果内容必须一致,也可以要求至少两个运行结果的内容一致。客户端收集背书节点反馈的运行结果,通过排序节点(Orderer peer)将记录在一个交易上的运行结果广播到区块链网络中,区块链网络中的节点,例如背书节点读取该交易,并检验当满足背书策略的情况下,才认为该交易是一个有效交易,并接受该交易中对数据的修改,并写入到区块链中。
其中,客户端(client)或客户端应用:使用软件开发工具包(Software Development Kit,SDK)和Fabric系统进行交互,构造合法的交易,并将所述交易提供给背书节点;当收集到足够符合背书策略要求的背书节点支持后可以构造合法的交易请求,并发给排序节点或代理节点。
背书节点(endorser peer):负责对来自客户端的交易进行合法性和权限检查,如果符合要求,则签名并返回结果给客户端。
排序节点(orderer peer):负责为各个交易做排序,并将排好序的交易广播到其它节点。其中,所述排序节点包括提供共识服务的节点或者集群。
确认节点(committer peer):用于将达成一致顺序的批量交易结果进行状态检查,验证交易是否符合背书策略要求并且确保账本的read集变量状态不变,执行合法的交易,生成区块,并写入账本。
为了提高信息传输的安全性和身份验证的准确性,本申请的技术方案还涉及门限密码系统(Threshold cryptosyste)。所述门限密码系统,是将与公钥对应的私钥分享在多个成员中,只有当指定数目的成员共同协作,才能完成对公钥加密的密文进行解密的操作。其中,门限密码系统的基础是秘密共享(secret sharing)。
具体地,一种门限密码系统的方案是将密钥分割成若干份额,比如分割成n份,并将这些份额一对一地发送给n个参与者,n个参与者中任意t(t<n)个或t个以上的参与者可以协作完成解密操作,如果参与者小于t个则不能完成解密操作。
下面对门限密码系统中的各角色的功能和解密过程进行介绍和说明。
图2示出了一种在门限密码系统中解密的流程示意图。其中,所述门限密码系统中涉及密钥分发者、密钥参与者和密钥合成者。进一步地,密钥分发者,用于建立门限密码系统的可信实体,负责生成门限密码系统中涉及到的各个参数,以及将这些参数安全地发送给各个密钥共享者。所述密钥参与者为参与门限密码系统解密操作的单个实体;所述密钥合成者,获取多个参与者的解密份额,并对这些解密份额进行验证和解密操作。
例如,图2所示,步骤1:门限初始化设置,密钥分发者输入安全参数,门限密码系统返回一组公共参数(可用PK表示),例如n,t和SK,其中,n表示密钥参与者的数量,t表示门限值,SK表示门限密码系统生成主密钥,可选的,SK=(SK1,SK2,…SKn);
步骤2:加密,利用所述系统的公共参数PK和密钥参与者的身份ID,对明文消息进行加密,并生成和输出加密密文c;
步骤3:密钥份额生成(Share key Gen),密钥分发者利用系统公共参数PK、加密密文c和主密钥SK,计算得到密钥份额Ui;
步骤4:密钥分发者将密钥份额Ui发送给若干个密钥参与者;
步骤5:密钥参与者获取密钥份额Ui,每个密钥参与者对密钥份额Ui进行解密生成解密份额,例如解密份额1,…,解密份额t;
步骤6:各个密钥参与者将自己解密后生成的解密份额发送给密钥合成者;
步骤7:联合解密,密钥合成者获取所述解密份额,例如获取t个解密份额,并验证这t个解密份额,利用公共参数PK将t个解密份额进行合成得到所述加密密文c,最后再对所述加密密文进行解密获得明文消息。
本申请提供的技术方案用于解决在区块链中的访问权限一旦授权和下发,就无法更改或撤销,导致非授权用户可以对数据进行访问的技术问题。具体地,客户端在区块链网络中请求访问数据和对密钥解密的过程如下:
如图3所示,步骤1:用户A利用客户端1登记信息生成信息,例如明文信息;
步骤2:客户端1使用对称密钥加密信息;
步骤3:客户端1发送所述加密信息,并将所述加密信息所为区块链上的一个交易记录在区块链节点1上;
步骤4:区块链节点1验证和广播所述交易;
步骤5:区块链节点1、2和3对包含该交易的区块进行共识;所述区块链节点1、2和3是位于同一区块链上的节点。
所述共识可以理解为区块链节点1、2和3分别对该交易是否符合策略进行验证,生成对应的验证结果,且三个区块链节点生成的验证结果都相同。
步骤6:区块链节点确认并生成区块,将所述区块添加在本地账本已有区块链的链式结构的末端;
步骤7:用户B使用客户端2获取信息,例如明文信息;
步骤8:客户端2向客户端1请求获取用户B请求访问所述明文信息的访问权限;
步骤9:客户端1将访问权限信息发送给客户端2,其中,所述访问权限信息中包含对称密钥;
步骤10:客户端2向区块链节点3请求获取保存在区块链账本中的加密信息;
步骤11:客户端2使用对称密钥解密信息。
在上述访问权限下发和解密数据的过程中,由于对区块链节点的账本的历史交易数据无法做修改或删除操作,并且区块链上数据都是公开的无法取消,所以一旦授予某一用户访问权限,分发解密密钥后,就无法撤销,进而导致当需要禁止该用户访问权限时,无法阻止该用户对数据进行访问,使得非授权用户对数据访问存在一定风险和不安全性。
为解决上述问题,本申请各实施例的技术方案的主要思想是:在区块链系统中加入多个代理节点,每个代理节点除了具备普通节点的功能外,还用于联合验证用户的访问权限,并执行密文的转换操作。
如图4所示,区块链系统中包括数据源节点或数据所有者、至少一个代理节点(Proxy)、多个普通节点和数据请求节点。其中,所述数据源节点或数据所有者为数据的保存者和访问权限的授权方;所述普通节点可以用于执行区块链上交易的广播、共识和记录保存等功能。所述用户请求节点为请求访问数据的节点或客户端。
本申请提供的技术方案主要包括三部分流程,分别是:数据保存、权限授予和请求数据。概况地,首先,数据源节点(data source)或者数据所有者对原始密文进行加密,并记录和保存在区块链上。
然后,当数据源节点或数据所有者进行授权时,在区块链上写入权限信息,并生成与被授权节点对应的一个转换密钥。数据源节点或数据所有者将所述转换密钥分为若干个部分,发送给不同的代理节点。
最后,当数据请求节点请求访问数据时,各个代理节点发起共识,读取数据请求节点最新的访问权限,验证数据请求节点是否有权,若有权,则代理节点收集转换密钥,将原始密文转换为仅能由被授权节点自己能够解密的另一份密文返回给请求节点;若无权,则拒绝访问。
需要说明的是,在本申请的以下各个实施例中,各个网络设备统称为网络节点,所述网络节点可以是发送请求消息的第一节点、第二节点,还可以是区块链上的某一个区块链节点,例如第一区块链节点或第一代理节点,转发的中继节点,任意的普通节点,还可以是数据源节点。
进一步地,所述网络节点包括但不限于站点、基站、用户设备、客户端和终端。另外,本申请各个实施例中的设备和节点这两个概念等同,即所述设备可以指代节点、站点、UE、网元设备、传感器等。
本申请所述的区块链和区块链系统可以应用于各种网络中(例如物联网中),所述区块或者区块链节点可以部署在各种网络设备(例如物联网设备)上。所述网络设备包括工业物联网设备,例如各类工业传感器、控制模块等等;还可以是可穿戴设备、家用电器、家居传感器、家居控制模块等,或者是基站、增强型基站、或具有调度功能的中继、或具有基站功能的设备等。其中,基站可以是LTE系统中的演进型基站(evolved Node B,eNB),也可以其他系统中的基站,本申请实施例并不限定。
另外,上述各类设备可以是用户设备(user equipment,UE),例如手机、智能终端、多媒体设备、流媒体设备等。所述UE还可以是其它无线网络设备,例如基站(Node B),具体地该无线网络设备的形式和类型本申请不予限制。
UE可以经无线接入网(radio access network,RAN)与一个或多个核心网进行通信,UE还可以通过其它方式接入无线网络进行通信,UE也可以与其它UE直接进行无线通信,本申请实施例对此不作限定。
参见图4b,本申请实施例提供了一种数据访问权限的控制方法,所述方法包括:
步骤401:第一代理节点接收来自请求节点的第一请求消息,所述第一请求消息中包括请求节点的身份标识和待访问的数据标识。
其中,一种实现方式包括:第一代理节点接收通过所述区块链网络中的任一区块链节点转发的所述第一请求消息。
步骤402:第一代理节点根据所述待访问的数据标识在区块链网络中确定第一加密密文,根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文。
其中,步骤402中,根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文,包括:根据所述请求节点的身份标识,在区块链上读取最接近区块链链式存储结构末端的请求节点的授权信息,所述授权信息包括允许或不允许。
步骤403:如果有权读取所述第一加密密文,即所述授权信息为允许,则向至少一个第二代理节点发起对所述请求节点的权限验证请求,并根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放。
此外,如果第一代理节点判断无权读取所述第一加密密文,则拒绝所述请求节点的第一请求。
在步骤403中,第一代理节点所述向至少一个第二代理节点发起对所述请求节点的权限验证请求,包括:
所述第一代理节点确定m个第二代理节点,m为大于等于1的正整数;生成所述权限验证请求,所述权限验证请求中包括所述请求节点的身份标识和所述第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成;将所述权限验证请求分别发送给所述m个第二代理节点。
可选的,第一代理节点根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放,包括:
所述第一代理节点接收来自至少k个第二代理节点发送的部分密钥,所述部分密钥是所述第二代理节点,根据所述请求节点的身份标识在验证所述请求节点有权访问数据后生成并发送的,且k≤m;对所述至少k个部分密钥进行还原,生成转换密钥;利用所述转换密钥和加密算法将所述第一加密密文转换为第二加密密文,所述第二加密密文由所述请求节点的公钥加密后生成;将所述第二加密密文发送给所述请求节点。
进一步地,第一代理节点根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放,包括:如果所述第一代理节点接收小于k个第二代理节点发送的部分密钥,或者,接收至少一个所述第二代理节点反馈的拒绝消息,则向所述请求节点发送拒绝访问的消息。
本实施例提供的方法,通过在区块链网络中加入代理节点,实现了数据源节点在不修改密文的情况下也能够自由地授予或撤销请求节点的权限,即通过代理节点在区块链上对请求节点最新权限的读取来确定是否授权或拒绝访问请求,如果最新权限是拒绝访 问,则可以阻止该用户对数据继续进行访问,从而保证了网络中信息的安全。
另外,利用至少一个第二代理节点对请求方的身份进一步验证,可以防止只利用一个第一代理节点验证时发生作弊的可能,进一步地提高了验证的准确性,进而保证了信息传输的安全性。
其中,第二代理节点接收来自第一代理节点的权限验证请求,所述权限验证请求中包括请求节点的身份标识和第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成;
所述第二代理节点根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;如果否,则拒绝所述第一代理节点的第一请求;如果是,则生成部分密钥,并将所述部分密钥发送给所述第一代理节点。
可选的,所述生成部分密钥,包括:所述第二代理节点在区块链网络中获得加密后的部分密钥,所述加密后的部分密钥是利用所述第二代理节点的公钥加密后生成的;所述第二代理节点利用自己的私钥对所述加密后的部分密钥进行解密,生成所述部分密钥。
在本实施例中,第二代理节点在第一代理节点验证允许请求节点访问的情况下,对请求节点的权限进一步验证,并在验证是允许访问时,将生成的部分密钥发送给第一代理节点,以使得第一代理节点收集并合成最终的转换密钥,从而可以有效地防止第一代理节点作弊,提高了验证的安全性。
在一个具体实施例中,对本申请所公开的技术方案,按照上述三部分流程进行详细地说明。
a.数据保存流程
在“数据保存流程”中所执行操作的主体可以是数据源节点或者数据所有者,还可以是其它具有保存数据和给予授权功能的节点,本实施例中以“第一节点”来表示执行数据保存流程的主体,可以理解地,还可以采用其它名称,例如数据所有方等,本申请对此不进行限制。
在所述数据保存流程中涉及公开密钥加密技术,具体地,所述公开密钥加密(Public key cryptograph)也可称为非对称加密(asymmetric cryptography),它是密码学的一种算法,主要涉及两个密钥:一个是公开密钥,被称为“公钥”,另一个是私有密钥,被称为“私钥”。
两个密钥的功能不同,一个用作加密,另一个则用作解密。例如,使用其中一个密钥对明文进行加密,得到加密密文后,只能用相对应的另一个密钥才能解密得到原本的明文。即不能利用加密的密钥对密文进行解密和访问数据,由于对明文的加密和解密分别使用了两个不同的密钥,故这一过程又可以被称为非对称加密,相比于利用同一个密钥进行加密和解密的对称加密,采用非对称加密的方式安全性更高,因为即使获取到两个密钥中的一个,也不能对加密密文进行解密,并且也不能通过计算得到另一个密钥,因此,其中的公钥可以公开,向外发布,例如记录在区块链上;私钥则由客户端或UE自己单独保管。
在“数据保存流程”中,第一节点主要执行以下方法流程:
第一节点使用第一节点的公钥通过加密算法,例如代理重加密算法对密文进行加 密,生成第一加密密文Ea;
第一节点将所述第一加密密文Ea作为一个交易(transaction)保存在区块链网络中。
可选的,一种保存交易的方式是,第一节点向区块链网络中的任意一个普通节点发送交易请求,所述交易请求中包括第一加密密文Ea;接收到所述交易请求的普通节点在区块链网络中进行广播,使得区块链上的各个区块链节点共识和保存所述第一加密密文Ea的相关交易。
另外,可选的,另一种保存交易的方式是,第一节点直接将包含所述第一加密密文的交易请求发送给任意一个代理节点,例如第一代理节点,并通过第一代理节点广播和共识该交易到区块链上。
b.权限授予流程
如图5所示,方法包括:
步骤501:第一节点记录第二节点的身份标识I,以及所述第二节点对第一加密密文Ea的访问权限信息R。
其中,所述第二节点为被授权用户,所述第二节点的身份标识I可以是第二节点标识、用户ID,设备ID或设备标识等。所述访问权限信息R包括:授予权限和取消授权。
步骤502:判断所述访问权限信息R中是包括授予权限还是取消授权的内容。
步骤503a:如果所述访问权限信息R中携带授予权限的内容,则所述第一节点利用第一节点的私钥、第二节点的公钥和加密算法生成转换密钥T。
步骤503b:如果所述访问权限信息R中携带取消权限的内容,则所述第一节点向区块链网络中的任意一个节点发送交易请求,所述交易请求中包括所述访问权限信息R和第二节点的身份标识I。
步骤504:继续步骤503a的流程,第一节点利用秘密分享算法将所述转换密钥T分解成n个部分密钥,n为大于等于1的正整数。
可选的,将所述转换密钥T分解为(m,Tn),其中,Tn表示分解后的任意一个部分密钥,m表示能够还原转换密钥T的最小Tn数量。
步骤505:第一节点在所述区块链网络中随机选取m个代理节点,并使用所述m个代理节点的公钥对所述n个部分密钥Tn进行加密,生成n个加密后的部分密钥Tne,且m≤n。
步骤506:第一节点生成第一交易信息,并将所述第一交易信息发送给任意一个普通节点或区块链节点,所述第一交易信息包括以下至少一项:第二节点的身份标识I、第二节点的授权信息(或访问权限信息R)和加密后的部分密钥Tne。
可选的,所述第一交易信息中还包括:m个代理节点的身份标识和还原所述转换密钥的最小部分密钥Tne的数量m。
步骤507:普通节点或代理节点在所述区块链网络中广播和保存所述第一交易信息(I,R,Tne,m),或者,在上述步骤503b的流程基础上,广播和记录所述交易请求(I,R)。
c.请求数据流程
本“请求数据流程”中介绍请求节点向区块链发起数据访问请求,并在满足授权访问的情况下,对加密密文解密和访问的过程,具体地,如图6所示,该流程包括以下步骤:
步骤601:数据请求节点向任意一个普通节点发送第一请求消息,所述第一请求消息中包括:请求节点的身份标识I和待访问的数据标识,或者是所述待访问数据标识所对应的第一加密密文Ea;
步骤602:普通节点接收并转发所述第一请求消息给第一代理节点Pm;
可选的,第一代理节点Pm可作为本次请求的主节点。
步骤603:第一代理节点Pm接收所述第一请求消息,根据第一请求消息中携带的所述待访问的数据标识在区块链网络中确定第一加密密文Ea,以及根据所述请求节点的身份标识I判断其是否有权读取所述第一加密密文Ea;
例如,第一代理节点Pm根据所述请求节点的身份标识I,在区块链上读取最接近区块链链式存储结构末端的请求节点的授权信息,所述授权信息包括允许和不允许。
可选的,如果存在多个授权信息,以授权信息所在区块编号最大的为准;
步骤604a:如果无权或者不允许,则拒绝数据请求节点的本次访问请求;
步骤604b:如果有权或者允许访问,则向至少一个第二代理节点P发起对所述请求节点的权限验证请求;
其中,所述第二代理节点的选择可以是预先在区块链上设置的,或者系统默认区块链节点是可以相互发现的。
进一步地,所述默认区块链节点间互相发现是指,通过在“权限授予流程”中保存在区块链上的交易信息,例如第一交易信息,第一代理节点可以知道哪些第二代理节点对部分密钥Tn进行了加密,并生成了加密后的部分密钥Tne,然后将所述权限验证请求发送给这些第二代理节点。
其中,所述权限验证请求中包括:所述请求节点的身份标识I和第一加密密文Ea。
步骤605:第二代理节点P接收来自第一代理节点Pm的权限验证请求(I,Ea),根据所述请求节点的身份标识I判断所述数据请求节点是否有权读取第一加密密文Ea;
其中,所述第一加密密文Ea是通过对待访问数据进行加密后生成。
步骤606a:如果否(无权),则拒绝数据请求节点的本次访问请求,例如第二代理节点P向第一代理节点Pm反馈拒绝访问的消息;
步骤606b:如果是(有权),则生成部分密钥Tn,并将所述部分密钥Tn发送给所述第一代理节点Pm。
具体地,第二代理节点P在区块链上读取加密后的部分密钥Tne,利用自己的私钥对所述Tne进行解密得到所述部分密钥Tn。
步骤607:第一代理节点Pm接收来自至少k个第二代理节点P发送的部分密钥Tn,k≤m,m为第一代理节点Pm确定的发送所述权限验证请求的第二代理节点的m数量。
步骤608:第一代理节点Pm对所述至少k个部分密钥Tn进行还原,生成转换密钥T;
步骤609:第一代理节点Pm利用所述转换密钥T和加密算法将所述第一加密密文Ea转换为第二加密密文Eb,所述第二加密密文Eb由所述数据请求节点的公钥加密后生成的。
步骤610:第一代理节点Pm将所述第二加密密文Eb发送给普通节点;
步骤611:所述普通节点接收并发送所述第二加密密文Eb给数据请求节点,以使所述数据请求节点利用自己的私钥对所述第二加密密文Eb进行解密,得到所述待访问数 据。
有益效果
本申请实施例提供的方法,通过在区块链网络中加入代理节点,实现了数据源节点在不修改密文的情况下也能够自由地授予或撤销请求节点的权限,即通过代理节点在区块链上对请求节点最新权限的读取来确定是否授权或拒绝访问请求,如果最新权限是拒绝访问,则可以阻止该用户对数据继续进行访问,从而保证了网络中信息的安全。
在“权限授予流程”中数据源节点通过将转换密钥分解成多个部分密钥,并上链给多个代理节点持有,使得在“请求数据流程”中只有在获取足够数量的部分密钥后才能够还原出转换密钥,单一的节点或者密钥参与者无法获取转换密钥或密文,从而有效地防止少数节点通过作弊方式绕过权限控制,获取密文,本方法增加了解密的复杂度,进而有效地保证密文传输和读取的安全性,防止非授权用户读取密文或数据。
另外,在读取数据时非授权方,例如第一代理节点和第二代理节点都无法获取明文,进而也就无法读取明文内容,从而保护了数据的隐私。
需要说明的是,本实施例中的“权限授予流程”和“请求数据流程”中关于转换密钥的分解和还原过程可以参考前述介绍的门限密码系统中各个角色的功能和流程图(图2所示)。
另外,本实施例中的代理节点可以是基于代理重加密体系中的一个代理节点或代理者,所述代理重加密(Proxy re-encryption)是一种具有对密文安全转换功能的新型公钥加密体系。
参见图7,为本实施例提供的一种代理重加密体系的角色流程图;该体系中包括:委托者(Delegator)、一个半可信代理者(Proxy)和被委托者(Delegatee)。
具体地,步骤701:委托者使用委托者自身的公钥加密明文消息生成加密密文;
步骤702:委托者将所述加密密文发送给一个半可信代理者;
步骤703:委托者获取被委托者的公钥;
步骤704:委托者授权一个针对所述被委托者的密文转换密钥;
步骤705:委托者将所述密文转换密钥发送给所述半可信代理者;
步骤706:半可信代理者获取来自所述委托者的加密密文,和针对被委托者的密文转换秘钥,半可信代理者对所述加密密文做转换,具体地,将所述加密密文转换为由所述被委托者的公钥加密后的密文;
步骤707:半可信代理者将转换后的密文发送给被委托者;
步骤708:被委托者获取所述转换后的密文,并使用被委托者自身的私钥对所述转换后的密文进行解密生成所述明文消息。
本实施例中,基于代理重加密体系的角色功能,在代理节点处增加了权限验证过程,进而对不满足授权访问权限的节点,拒绝其访问,进而实现了对区块链中各个权限的控制和变更,进而提高数据传输的安全性和可靠性。
在一个具体的实施例中,以在超级账本Fabric区块链中实现Alice存储自己的年龄,控制Bob可以进行访问为例,对本申请提供的方法进行详细地说明。
本实施例中预先所有参与者已进行过系统建立,并生成了自己的一对密钥(公钥和私钥),且公钥已记录和公开在区块链网络中。
在现有的Fabric区块链网络中增加新的代理节点,所述新的代理节点具备执行权限验证和密文转换等功能,通过如下配置文件增加三个代理节点(X,Y,Z)到所述Fabric区块链网络中。
具体的流程如图8所示,
在数据保存流程中,Alice可作为数据所有者或数据源节点执行以下方法步骤:
步骤801:Alice使用自己的公钥Pa将自己的年龄a,执行代理重加密算法生成第二层密文Ea。
其中,所述代理重加密算法可以是论文《Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage》所描述代理重加密算法中的第二层加密算法(E2)。
步骤802:Alice将Ea的打包为一个交易发送给区块链网络中的任意一个普通节点;所述普通节点接收该交易,并进行广播和共识确认该交易。
可选的,
保存数据伪码如下:
Figure PCTCN2019075719-appb-000001
打包的交易如表1所示
Figure PCTCN2019075719-appb-000002
表1
普通节点执行的记录数据的伪码如下:
Figure PCTCN2019075719-appb-000003
交易完成后,在Fabric区块链上记录的world state状态以表2的方式显示为:
Key Value Version
Data {id:1,data:Ea,owner:Alice} 1
表2
权限授予流程
步骤803:Alice使用自己的私钥Sa,与Bob的公钥Pb,执行上述代理重加密算法中的重加密密钥生成算法(RG),生成重加密密钥T或称转换密钥T。
步骤804:Alice使用所述重加密密钥T,设置n=3,k=2,所述n表示将重加密密钥T分解的份数,k表示还原所述T的最少代理节点的数量;通过Shamir密钥分享算法将重加密密钥T分解为三个部分密钥T1,T2,T3。
步骤805:Alice使用代理节点X,Y,Z的公钥对所述部分密钥T1,T2,T3分别加密生成加密后的部分密钥,例如分别为T1x,T2y,T3z。
步骤806:Alice记录请求者Bob对所述第二层密文Ea有权进行访问,密文处理节点为X,Y,Z,且最少需要2个节点共同处理。
步骤807:Alice将上述信息打包为交易发送给一个普通节点,该普通节点对该交易的信息进行广播和共识确认该交易。
可选的,
授权伪码如下:
Figure PCTCN2019075719-appb-000004
打包的交易如表3所示
Figure PCTCN2019075719-appb-000005
Figure PCTCN2019075719-appb-000006
表3
可选的,所述普通节点执行的记录授权信息的伪码如下:
Figure PCTCN2019075719-appb-000007
交易完成后,在Fabric区块链上记录的world state状态以表4的方式显示为:
Figure PCTCN2019075719-appb-000008
表4
请求数据流程
步骤808:Bob向任意一个普通节点发起数据请求,所述数据请求包含自身身份信息Bob和访问数据对象1;
步骤809:普通节点将所述数据请求转发给代理节点X,所述代理节点X将作为本次请求的主节点或第一代理节点;
步骤810:代理节点X读取区块链上Bob对数据对象1的最新权限,所述读取的结果为allow;
步骤811:代理节点X读取数据对象1的密钥处理节点为[X,Y,Z],代理节点X分别向节点X,Y,Z发起密钥请求,该密钥请求包含Bob身份标识和数据对象1,并开始等待反馈结果;
步骤812:代理节点X,Y,Z读取链上Bob对数据对象1的最新权限,所述读取的结果为allow;
步骤813:在读取结果为allow的情况下,代理节点X,Y,Z分别读取链上记录的加密后的部分密钥T1x,T2y,T3z,使用代理节点X,Y,Z的私钥解密这些加密后的部分密钥得到部分密钥T1,T2,T3,然后发送给代理节点X;
步骤814:代理节点X收到部分密钥T1、T2和T3中的任意至少两个,例如T1和T2,使用Shamir秘密分享算法将分解的部分密钥还原成转换密钥T;
步骤815:代理节点X读取数据对象1对应的第二层密文Ea,使用所述转换密钥T,执行前述代理重加密算法中的重加密方法(R)将所述第二层密文Ea转换为以Bob的公钥Pb加密后的第一层密文Eb;
步骤816:代理节点X将所述第一层密文Eb发送给Bob;
步骤817:Bob接收并根据第一层密文Eb,使用自己的私钥Sb,执行前述代理重加密算法中的解密方法(D)获得Alice的年龄a。
本实施例提供的方法,在区块链上增加代理节点,实现了对链上数据传输间任意节点的权限控制,即可以在发现数据请求节点无权访问数据的情况下,变更或拒绝数据请求节点的本次请求,防止其继续访问数据,从而保证网络中信息的安全。
另外,基于门限密码系统中各个参与者协同工作,完成解密的特点,将转换密钥分解成多个部分密钥,并上链给多个代理节点持有,使得在“请求数据流程”中只有在获取足够数量的部分密钥后才能够还原出转换密钥,单一的节点或者密钥参与者无法获取转换密钥或密文,从而有效地防止少数节点通过作弊方式绕过权限控制获取密文,本方法增加了解密的复杂度,提高了数据传输和读取的安全性。
可选的,代理节点X执行的读取数据伪码如下:
Figure PCTCN2019075719-appb-000009
代理节点X,Y,Z执行的读取密钥伪码如下:
Figure PCTCN2019075719-appb-000010
Figure PCTCN2019075719-appb-000011
撤销授权流程:
在上述实施例中,如果Alice读取Bob的最新访问权限为disallow时,则撤销之前对Bob的授权,具体地过程如下:
Alice在区块链上追加Bob的权限为disallow。
此时,在Fabric区块链上记录的world state状态以表5的方式显示为:
Figure PCTCN2019075719-appb-000012
表5
当代理节点X读取权限信息过程中发现该权限信息指示不允许访问时,则拒绝请求节点的访问请求。
可以理解地,所述代理节点X也可以是主代理节点,例如第一代理节点,还可以是其它代理节点,例如代理节点Y和Z。
可选的,本申请上述实施例中的访问权限控制方法还可以防止某个代理节点作弊,具体地,以本实施例中将转换密钥分解为3份,且密钥共享参与者的门限数量为2为例,存在以下作弊情况:
情况一:代理节点X作弊,权限是disallow时继续申请部分密钥,代理节点Y和Z未作弊,对发现是disallow的权限信息时拒绝请求节点的访问请求,则代理节点X无法获得转换密钥。
情况二:代理节点X和Y联合作弊,虽然可以获取转换密钥,但是对转换密钥转换后的结果是Bob的密文,代理节点X和Y没有Bob的私钥,所以不能解密获取明文。
情况三:Bob作弊,无法获得转换密钥。
情况四:代理节点X、Y和Bob联合作弊:
若Bob未获得过授权,则不会获得转换密钥;
若Bob的授权被撤销,则可以获得转换密钥,也能由Bob解密出明文,但是,该作弊成本高于Bob在授权期间缓存明文的方式,所以只会泄漏Bob获得过授权的数据,不会影响其他数据。
参见图9,为本申请一实施例提供的一种数据访问权限控制装置的结构示意图,所述装置包括代理节点,所述装置可以为前述实施例中的代理节点,也可以设置在代理节点上,或应用与第一代理节点,用于执行图5和图6所对应的权限控制方法。
如图9所示,该网络节点包括:接收单元901、处理单元902和发送单元903,此外,还可以包括其它单元和模块,例如存储单元等。
具体地,接收单元901,用于接收来自请求节点的第一请求消息,所述第一请求消息中包括请求节点的身份标识和待访问的数据标识;
处理单元902,用于根据所述待访问的数据标识在区块链网络中确定第一加密密文,根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;
发送单元903,用于在无权读取所述第一加密密文的情况下,拒绝所述请求节点的第一请求;在有权的情况下,向至少一个第二代理节点发起对所述请求节点的权限验证请求,
所述处理单元902,还用于在所述有权的情况下,根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放。
可选的,在本实施例的一种可能的实现方式中,发送单元903,具体用于根据所述请求节点的身份标识,在区块链上读取最接近区块链链式存储结构末端的请求节点的授权信息,所述授权信息包括允许和不允许。
可选的,在本实施例的另一种可能的实现方式中,所述处理单元902,具体用于确定m个第二代理节点,生成所述权限验证请求,所述权限验证请求中包括所述请求节点的身份标识和所述第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成,m为大于等于1的正整数;
所述发送单元903,具体用于将所述权限验证请求分别发送给所述m个第二代理节点。
可选的,在本实施例的又一种可能的实现方式中,所述接收单元901,还用于接收来自至少k个第二代理节点发送的部分密钥,所述部分密钥是所述第二代理节点,根据所述请求节点的身份标识在验证所述请求节点有权访问数据后生成并发送的,且k≤m;
所述处理单元902,具体用于对所述至少k个部分密钥进行还原,生成转换密钥;利用所述转换密钥和加密算法将所述第一加密密文转换为第二加密密文,所述第二加密密文由所述请求节点的公钥加密后生成;
发送单元903,还用于将所述第二加密密文发送给所述请求节点。
可选的,在本实施例的又一种可能的实现方式中,所述处理单元902,具体用于通过所述接收单元在接收到小于k个第二代理节点发送的部分密钥,或者,接收至少一个所述第二代理节点反馈的拒绝消息的情况下,通过所述发送单元向所述请求节点发送拒绝访问的消息。
可选的,在本实施例的又一种可能的实现方式中,所述接收单元901,具体用于接收通过所述区块链网络中的任一区块链节点转发的所述第一请求消息。
其中,所述网络节点还可以应用于第二代理节点,用于执行第二代理节点的权限验证和结果反馈等功能。
具体地,接收单元901,用于接收来自第一代理节点的权限验证请求,所述权限验证请求中包括请求节点的身份标识和第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成;
处理单元902,用于根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;如果否,则拒绝所述第一代理节点的第一请求;如果是,则生成部分密钥;
发送单元903,用于将所述部分密钥发送给所述第一代理节点。
另外,可选的,所述处理单元902,具体用于在区块链网络中获得加密后的部分密钥,所述加密后的部分密钥是利用所述第二代理节点的公钥加密后生成的;利用自己的私钥对所述加密后的部分密钥进行解密,生成所述部分密钥。
此外,所述网络节点还可以是数据源节点或数据所有者,例如第一节点,且该第一节点的结构与图9所示的网络节点的结构相同,但该网络节点中的各个单元还具备以下功能。
具体地,接收单元901,用于获得第二节点的身份标识,所述身份标识用于确定所述第二节点的授权信息,所述授权信息包括允许或不允许;
处理单元902,用于在所述授权信息为允许的情况下,利用所述网络节点的私钥、第二节点的公钥和加密算法生成转换密钥;利用区块链网络中的代理节点的公钥对所述转换密钥进行加密,生成加密后的部分密钥;以及,生成第一交易信息,并将所述第一交易信息记录在所述区块链网络上;
所述第一交易信息包括:第二节点的身份标识、第二节点的授权信息和加密后的部分密钥。
可选的,在本实施例的一种可能的实现方式中,所述处理单元902,具体用于利用秘密分享算法将所述转换密钥分解成n个部分密钥,n为大于等于1的正整数;在所述区块链网络中选取m个代理节点,并使用所述m个代理节点的公钥对所述n个部分密钥进行加密,生成n个加密后的部分密钥,m≤n。
其中,所述第一交易信息中还包括:m个代理节点的身份标识和还原所述转换密钥的最小部分密钥的数量k。
可选的,在本实施例的另一种可能的实现方式中,所述处理单元902,具体用于利用发送单元将所述第一交易信息发送给区块链网络中的区块链节点,并通过所述区块链节点在全网广播和共识,保存所述第一交易信息。
可选的,在本实施例的又一种可能的实现方式中,所述处理单元902,还用于在所述授权信息为不允许的情况下,取消所述第二节点的授权信息;生成第二交易信息,并将所述第二交易信息记录在所述区块链网络上,所述第二交易信息包括第二节点的身份标识和第二节点的授权信息。
可选的,在本实施例的又一种可能的实现方式中,所述处理单元902,还用于在获得第二节点的身份标识之前,使用公钥通过代理重加密算法对待访问数据进行加密,生成第一加密密文;以及,将所述第一加密密文作为一个交易保存在所述区块链网络中。
在具体的硬件实现中,如图10所示,上述实施例中的网络节点包括:收发器1201、处理器1202和存储器1203,所述网络节点还可以包括更多或更少的部件,或者组合某些部件,或者不同的部件布置,本申请对此不进行限定。
所述收发器1001用于获取请求消息和反馈信息的收发,并与网络中的其他节点进行数据传输。其中,所述收发器可以包括收发模块,所述收发模块可以包括无线局域网(wireless local area network,WLAN)模块、蓝牙模块、基带(base band)模块等通信模块,以及所述通信模块对应的射频(radio frequency,RF)电路,用于进行无线局域网络通信、蓝牙通信、红外线通信及/或蜂窝式通信系统通信,例如宽带码分多 重接入(wideband code division multiple access,WCDMA)及/或高速下行封包存取(high speed downlink packet access,HSDPA)。所述收发模块用于控制终端设备中的各组件的通信,并且可以支持直接内存存取(direct memory access)。
所述处理器1002为交换机的控制中心,利用各种接口和线路连接整个交换机的各个部分,通过运行或执行存储在存储器1203内的软件程序和/或模块,以及调用存储在存储器1203内的数据,以执行交换机设备的各种功能和/或处理数据。
所述处理器1202可以由集成电路(Integrated Circuit,IC)组成,例如可以由单颗封装的IC所组成,也可以由连接多颗相同功能或不同功能的封装IC而组成。举例来说,处理器可以仅包括中央处理器(Central Processing Unit,CPU),也可以是GPU、数字信号处理器(Digital Signal Processor,DSP)、及收发器中的控制芯片(例如基带芯片)的组合。在本申请的各种实施方式中,CPU可以是单运算核心,也可以包括多运算核心。
所述存储器1003可以包括易失性存储器(volatile memory),例如随机存取内存(Random Access Memory,RAM);还可以包括非易失性存储器(non-volatile memory),例如快闪存储器(flash memory),硬盘(Hard Sisk Drive,HDD)或固态硬盘(Solid-State Drive,SSD);存储器还可以包括上述种类的存储器的组合。所述存储器中可以存储有程序或代码,交换机中的处理器1002通过执行所述程序或代码可以实现所述网络节点的功能。
在本实施例中,所述收发器1001所要实现的功能可以由图9所示的接收单元901和发送单元903来实现,或者由处理器1002控制的收发器1001实现;所述处理单元902所要实现的功能则可以由处理器1002实现。
此外,本申请还提供一种计算机存储介质,其中,该计算机存储介质可存储有程序,该程序执行时可包括本申请提供的数据访问权限的控制方法、数据传输方法的各实施例中的部分或全部步骤。所述的存储介质可为磁碟、光盘、只读存储记忆体ROM或随机存储记忆体RAM等。
在上述实施例中,可以全部或部分通过软件、硬件、固件或者其任意组合来实现。当使用软件实现时,可以全部或部分地以计算机程序产品的形式实现。
所述计算机程序产品包括一个或多个计算机指令,例如验证指令。在计算机加载和执行所述计算机程序时,全部或部分地产生按照本申请上述实施例所述的流程或功能。所述计算机可以是通用计算机、专用计算机、计算机网络或者其他可编程装置。
所述计算机指令可以存储在计算机可读存储介质中,或者从一个计算机可读存储介质向另一个计算机可读存储介质传输,例如,所述计算机指令可以从一个网络站点、计算机、服务器或数据中心通过有线或无线方式向另一个站点、计算机或服务器进行传输。
所述计算机可读存储介质可以是计算机能够存取的任何可用介质或者是包含一个或多个可用介质集成的服务器、数据中心等存储设备。所述可用介质可以是磁性介质,例如软盘、硬盘、磁带、光介质(例如DVD)、或半导体介质,例如固态硬盘SSD等。
另外,需要说明的是,本申请个实施例中所述的网络节点可以是基站,或者接入点。例如,基站可以是GSM或CDMA中的基站(BTS,Base Transceiver Station),也可以是WCDMA中的基站(NodeB),还可以是LTE中的演进型基站(eNB或e-NodeB,evolutional Node B),本申请不予限定。
另外,所述网络节点还可以是客户端、终端设备,所述终端设备,可以是指向用户提供语音和/或数据连通性的设备,具有无线连接功能的手持式设备、或连接到无线调制解调器的其他处理设备。
无线终端可以经无线接入网RAN与一个或多个节点进行通信,所述无线终端可以是移动终端,如移动电话(或称为“蜂窝”电话)和具有移动终端的计算机,例如,可以是便携式、袖珍式、手持式、计算机内置的或者车载的移动装置,它们与无线接入网交换语言和/或数据。例如,个人通信业务(PCS,Personal Communication Service)电话、无绳电话、会话发起协议(SIP)话机、无线本地环路(WLL,Wireless Local Loop)站、个人数字助理(PDA,Personal Digital Assistant)等设备。无线终端也可以称为系统、订户单元(Subscriber Unit)、订户站(Subscriber Station),移动站(Mobile Station)、移动台(Mobile)、远程站(Remote Station)、接入点(Access Point)、远程终端(Remote Terminal)、接入终端(Access Terminal)、用户终端(User Terminal)、用户代理(User Agent)、用户设备(User Device)、或用户装备(User Equipment)。
本申请的说明书和权利要求书及上述附图中的术语“第一”、“第二”等(如果存在)是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的实施例能够以除了在这里图示或描述的内容以外的顺序实施。此外,术语“包括”和“具有”以及他们的任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。
本领域的技术人员可以清楚地了解到本发明实施例中的技术可借助软件加必需的通用硬件平台的方式来实现。基于这样的理解,本发明实施例中的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品可以存储在存储介质中,如ROM/RAM、磁碟、光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例或者实施例的某些部分所述的方法。
本说明书中各个实施例之间相同相似的部分互相参见即可。尤其,对于网络节点或装置设备而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例中的说明即可。
以上所述的本申请实施方式并不构成对本申请保护范围的限定。

Claims (32)

  1. 一种数据访问权限的控制方法,其特征在于,所述方法包括:
    第一代理节点接收来自请求节点的第一请求消息,所述第一请求消息中包括请求节点的身份标识和待访问的数据标识;
    所述第一代理节点根据所述待访问的数据标识在区块链网络中确定第一加密密文,根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;
    如果是,则向至少一个第二代理节点发起对所述请求节点的权限验证请求,并根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放。
  2. 根据权利要求1所述的方法,其特征在于,根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文,包括:
    根据所述请求节点的身份标识,在区块链上读取最接近区块链链式存储结构末端的请求节点的授权信息,所述授权信息包括允许或不允许。
  3. 根据权利要求1所述的方法,其特征在于,所述向至少一个第二代理节点发起对所述请求节点的权限验证请求,包括:
    所述第一代理节点确定m个第二代理节点,m为大于等于1的正整数;
    生成所述权限验证请求,所述权限验证请求中包括所述请求节点的身份标识和所述第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成;
    将所述权限验证请求分别发送给所述m个第二代理节点。
  4. 根据权利要求1-3任一项所述的方法,其特征在于,根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放,包括:
    所述第一代理节点接收来自至少k个第二代理节点发送的部分密钥,所述部分密钥是所述第二代理节点,根据所述请求节点的身份标识在验证所述请求节点有权访问数据后生成并发送的,且k≤m;
    对所述至少k个部分密钥进行还原,生成转换密钥;
    利用所述转换密钥和加密算法将所述第一加密密文转换为第二加密密文,所述第二加密密文由所述请求节点的公钥加密后生成;
    将所述第二加密密文发送给所述请求节点。
  5. 根据权利要求3所述的方法,其特征在于,根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放,包括:
    如果所述第一代理节点接收小于k个第二代理节点发送的部分密钥,或者,接收至少一个所述第二代理节点反馈的拒绝消息,则向所述请求节点发送拒绝访问的消息。
  6. 根据权利要求1-5任一项所述的方法,其特征在于,所述第一代理节点接收来自请求节点的第一请求消息,包括:
    所述第一代理节点接收通过所述区块链网络中的任一区块链节点转发的所述第一请求消息。
  7. 根据权利要求1-5任一项所述的方法,其特征在于,所述方法还包括:
    所述第一代理节点根据所述请求节点的身份标识判断所述请求节点如果无权读取所述第一加密密文,则拒绝所述请求节点的第一请求。
  8. 一种数据传输方法,其特征在于,所述方法包括:
    第一节点获得第二节点的身份标识,所述身份标识用于确定所述第二节点的授权信息;
    如果所述授权信息为允许,则所述第一节点利用第一节点的私钥、第二节点的公钥和加密算法生成转换密钥;
    所述第一节点利用区块链网络中的代理节点的公钥对所述转换密钥进行加密,生成加密后的部分密钥;
    所述第一节点生成第一交易信息,并将所述第一交易信息记录在所述区块链网络上,所述第一交易信息包括:第二节点的身份标识、第二节点的授权信息和加密后的部分密钥。
  9. 根据权利要求8所述的方法,其特征在于,所述第一节点利用区块链网络中的代理节点的公钥对所述转换密钥进行加密,生成加密后的部分密钥,包括:
    所述第一节点利用秘密分享算法将所述转换密钥分解成n个部分密钥,n为大于等于1的正整数;
    所述第一节点在所述区块链网络中选取m个代理节点,并使用所述m个代理节点的公钥对所述n个部分密钥进行加密,生成n个加密后的部分密钥,m≤n。
  10. 根据权利要求9所述的方法,其特征在于,
    所述第一交易信息中还包括:m个代理节点的身份标识和还原所述转换密钥的最小部分密钥的数量k。
  11. 根据权利要求8-10任一项所述的方法,其特征在于,将所述第一交易信息记录在所述区块链网络上,包括:
    所述第一节点将所述第一交易信息发送给区块链网络中的区块链节点,并通过所述区块链节点在全网广播和共识,保存所述第一交易信息。
  12. 根据权利要求8所述的方法,其特征在于,所述方法还包括:
    如果所述授权信息为不允许,则取消所述第二节点的授权信息;
    生成第二交易信息,所述第二交易信息包括第二节点的身份标识和第二节点的授权信息;
    将所述第二交易信息记录在所述区块链网络上。
  13. 根据权利要求8-10任一项所述的方法,其特征在于,在第一节点获得第二节点的身份标识之前,所述方法还包括:
    所述第一节点使用第一节点的公钥通过代理重加密算法对待访问数据进行加密,生成第一加密密文;
    所述第一节点将所述第一加密密文作为一个交易保存在所述区块链网络中。
  14. 一种数据传输方法,其特征在于,所述方法包括:
    第二代理节点接收来自第一代理节点的权限验证请求,所述权限验证请求中包括请求节点的身份标识和第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成;
    所述第二代理节点根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;
    如果是,则生成部分密钥,并将所述部分密钥发送给所述第一代理节点。
  15. 根据权利要求14所述的方法,其特征在于,所述生成部分密钥,包括:
    所述第二代理节点在区块链网络中获得加密后的部分密钥,所述加密后的部分密钥是利用所述第二代理节点的公钥加密后生成的;
    所述第二代理节点利用自己的私钥对所述加密后的部分密钥进行解密,生成所述部分密钥。
  16. 根据权利要求14或15所述的方法,其特征在于,所述方法还包括:
    所述第二代理节点根据所述请求节点的身份标识判断所述请求节点如果无权读取所述第一加密密文,则拒绝所述第一代理节点的第一请求。
  17. 一种网络节点,其特征在于,应用于第一代理节点,包括:
    接收单元,用于接收来自请求节点的第一请求消息,所述第一请求消息中包括请求节点的身份标识和待访问的数据标识;
    处理单元,用于根据所述待访问的数据标识在区块链网络中确定第一加密密文,根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;
    发送单元,用于在有权读取所述第一加密密文的情况下,向至少一个第二代理节点发起对所述请求节点的权限验证请求;
    所述处理单元,还用于在所述有权读取所述第一加密密文的情况下,根据所述至少一个第二代理节点的反馈结果,确定所述第一加密密文的发放。
  18. 根据权利要求17所述的网络节点,其特征在于,
    发送单元,具体用于根据所述请求节点的身份标识,在区块链上读取最接近区块链链式存储结构末端的请求节点的授权信息,所述授权信息包括允许或不允许。
  19. 根据权利要求17所述的网络节点,其特征在于,
    所述处理单元,具体用于确定m个第二代理节点,生成所述权限验证请求,所述权限验证请求中包括所述请求节点的身份标识和所述第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成,m为大于等于1的正整数;
    所述发送单元,具体用于将所述权限验证请求分别发送给所述m个第二代理节点。
  20. 根据权利要求17-19任一项所述的网络节点,其特征在于,
    所述接收单元,还用于接收来自至少k个第二代理节点发送的部分密钥,所述部分密钥是所述第二代理节点,根据所述请求节点的身份标识在验证所述请求节点有权访问数据后生成并发送的,且k≤m;
    所述处理单元,具体用于对所述至少k个部分密钥进行还原,生成转换密钥;利用所述转换密钥和加密算法将所述第一加密密文转换为第二加密密文,所述第二加密密文由所述请求节点的公钥加密后生成;
    发送单元,还用于将所述第二加密密文发送给所述请求节点。
  21. 根据权利要求20所述的网络节点,其特征在于,
    所述处理单元,具体用于通过所述接收单元在接收到小于k个第二代理节点发送的部分密钥,或者,接收至少一个所述第二代理节点反馈的拒绝消息的情况下,通过所述发送单元向所述请求节点发送拒绝访问的消息。
  22. 根据权利要求17-21任一项所述的网络节点,其特征在于,
    所述接收单元,具体用于接收通过所述区块链网络中的任一区块链节点转发的所述 第一请求消息。
  23. 根据权利要求17-21任一项所述的网络节点,其特征在于,
    所述处理单元,还用于根据所述请求节点的身份标识判断所述请求节点如果无权读取所述第一加密密文,则拒绝所述请求节点的第一请求。
  24. 一种网络节点,其特征在于,应用于第一节点,包括:
    接收单元,用于获得第二节点的身份标识,所述身份标识用于确定所述第二节点的授权信息;
    处理单元,用于在所述授权信息为允许的情况下,利用所述网络节点的私钥、第二节点的公钥和加密算法生成转换密钥;利用区块链网络中的代理节点的公钥对所述转换密钥进行加密,生成加密后的部分密钥;以及,生成第一交易信息,并将所述第一交易信息记录在所述区块链网络上;
    所述第一交易信息包括:第二节点的身份标识、第二节点的授权信息和加密后的部分密钥。
  25. 根据权利要求24所述的网络节点,其特征在于,
    所述处理单元,具体用于利用秘密分享算法将所述转换密钥分解成n个部分密钥,n为大于等于1的正整数;在所述区块链网络中选取m个代理节点,并使用所述m个代理节点的公钥对所述n个部分密钥进行加密,生成n个加密后的部分密钥,m≤n。
  26. 根据权利要求25所述的网络节点,其特征在于,
    所述第一交易信息中还包括:m个代理节点的身份标识和还原所述转换密钥的最小部分密钥的数量k。
  27. 根据权利要求24-26任一项所述的网络节点,其特征在于,
    所述处理单元,具体用于利用发送单元将所述第一交易信息发送给区块链网络中的区块链节点,并通过所述区块链节点在全网广播和共识,保存所述第一交易信息。
  28. 根据权利要求27所述的网络节点,其特征在于,
    所述处理单元,还用于在所述授权信息为不允许的情况下,取消所述第二节点的授权信息;生成第二交易信息,并将所述第二交易信息记录在所述区块链网络上,所述第二交易信息包括第二节点的身份标识和第二节点的授权信息。
  29. 根据权利要求24-26任一项所述的网络节点,其特征在于,
    所述处理单元,还用于在获得第二节点的身份标识之前,使用公钥通过代理重加密算法对待访问数据进行加密,生成第一加密密文;以及,将所述第一加密密文作为一个交易保存在所述区块链网络中。
  30. 一种网络节点,其特征在于,应用于第二代理节点,包括:
    接收单元,用于接收来自第一代理节点的权限验证请求,所述权限验证请求中包括请求节点的身份标识和第一加密密文,所述第一加密密文是通过对待访问数据进行加密后生成;
    处理单元,用于根据所述请求节点的身份标识判断所述请求节点是否有权读取所述第一加密密文;如果是,则生成部分密钥;
    发送单元,用于将所述部分密钥发送给所述第一代理节点。
  31. 根据权利要求30所述的网络节点,其特征在于,
    所述处理单元,具体用于在区块链网络中获得加密后的部分密钥,所述加密后的部分密钥是利用所述第二代理节点的公钥加密后生成的;利用自己的私钥对所述加密后的部分密钥进行解密,生成所述部分密钥。
  32. 根据权利要求30或31所述的网络节点,其特征在于,
    所述处理单元,还用于根据所述请求节点的身份标识判断所述请求节点如果无权读取所述第一加密密文,则拒绝所述第一代理节点的第一请求。
PCT/CN2019/075719 2018-03-19 2019-02-21 一种数据访问权限的控制方法和装置 WO2019179277A1 (zh)

Priority Applications (6)

Application Number Priority Date Filing Date Title
KR1020207029445A KR102503515B1 (ko) 2018-03-19 2019-02-21 데이터 액세스 권한 제어 방법 및 장치
EP19770357.2A EP3761588B1 (en) 2018-03-19 2019-02-21 Data access rights control method and device
SG11202009089SA SG11202009089SA (en) 2018-03-19 2019-02-21 Method and apparatus for controlling data access right
JP2020550788A JP2021516917A (ja) 2018-03-19 2019-02-21 データアクセス権限を制御するための方法および装置
US17/025,873 US11563569B2 (en) 2018-03-19 2020-09-18 Method and apparatus for controlling data access right to data stored on a blockchain
US18/069,049 US12058253B2 (en) 2018-03-19 2022-12-20 Method and apparatus for controlling data access right to data stored on a blockchain

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810224356.1A CN110290094B (zh) 2018-03-19 2018-03-19 一种数据访问权限的控制方法和装置
CN201810224356.1 2018-03-19

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US17/025,873 Continuation US11563569B2 (en) 2018-03-19 2020-09-18 Method and apparatus for controlling data access right to data stored on a blockchain

Publications (1)

Publication Number Publication Date
WO2019179277A1 true WO2019179277A1 (zh) 2019-09-26

Family

ID=67986654

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/075719 WO2019179277A1 (zh) 2018-03-19 2019-02-21 一种数据访问权限的控制方法和装置

Country Status (7)

Country Link
US (2) US11563569B2 (zh)
EP (1) EP3761588B1 (zh)
JP (1) JP2021516917A (zh)
KR (1) KR102503515B1 (zh)
CN (1) CN110290094B (zh)
SG (1) SG11202009089SA (zh)
WO (1) WO2019179277A1 (zh)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110611911A (zh) * 2019-10-18 2019-12-24 中国联合网络通信集团有限公司 一种移动通信方法及装置
CN111050317A (zh) * 2019-12-07 2020-04-21 江西理工大学 一种基于联盟区块链的智能交通数据安全共享方法
CN111241574A (zh) * 2019-12-19 2020-06-05 广州宏算信息科技有限公司 基于区块链的隐私保护方法、装置及存储介质
CN111601280A (zh) * 2020-05-14 2020-08-28 中国联合网络通信集团有限公司 一种接入验证方法及装置
CN112328984A (zh) * 2020-11-24 2021-02-05 深圳市鹰硕技术有限公司 一种应用于大数据的数据安全管理方法和系统
WO2021088728A1 (zh) * 2019-11-06 2021-05-14 阿里巴巴集团控股有限公司 数据加密、解密和共享方法、设备、系统及存储介质
CN112953986A (zh) * 2019-12-10 2021-06-11 华为技术有限公司 一种边缘应用的管理方法及装置
US20210328785A1 (en) * 2020-04-15 2021-10-21 Open Invention Network Llc Document control system for blockchain
CN113536388A (zh) * 2020-04-16 2021-10-22 中移物联网有限公司 一种基于区块链的数据共享方法及系统
CN114666064A (zh) * 2022-03-25 2022-06-24 广东启链科技有限公司 基于区块链的数字资产管理方法、装置、存储介质及设备
CN115174235A (zh) * 2022-07-08 2022-10-11 慧之安信息技术股份有限公司 一种基于区块链的物联网可撤销属性加密方法
CN116455571A (zh) * 2023-06-16 2023-07-18 广州广杰网络科技有限公司 一种基于区块链网络通讯的数据交互方法及终端

Families Citing this family (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114788226B (zh) * 2019-09-24 2024-06-07 魔术实验室公司 用于建立分散式计算机应用的非托管工具
CN110909379B (zh) * 2019-11-08 2022-03-22 浪潮电子信息产业股份有限公司 一种存储集群的权限确定方法、装置、设备及存储介质
CN111008855B (zh) * 2019-12-10 2024-02-13 上海信联信息发展股份有限公司 一种基于改进代理重加密的追溯数据访问控制方法
CN111092958B (zh) * 2019-12-27 2022-10-21 深圳市迅雷网络技术有限公司 一种节点接入方法、装置、系统及存储介质
CN111447174A (zh) * 2020-02-19 2020-07-24 江苏荣泽信息科技股份有限公司 一种基于区块链的数据加密方法
CN111404895A (zh) * 2020-03-06 2020-07-10 湖南智慧政务区块链科技有限公司 一种共享数据可读权限分配与回收方法、设备及存储介质
CN111461710B (zh) * 2020-03-06 2023-06-23 重庆邮电大学 一种基于联盟链的分布式账本访问控制方法
CN111159750B (zh) * 2020-04-07 2021-02-05 南京邮电大学 基于联盟链的汽车维修数据存储方法
CN111625869B (zh) * 2020-04-23 2022-02-25 腾讯科技(深圳)有限公司 数据处理方法及数据处理装置
CN111639987A (zh) * 2020-05-15 2020-09-08 博泰车联网(南京)有限公司 定制功能开通方法及系统
US11909859B2 (en) * 2020-06-02 2024-02-20 Sap Se Removing access to blockchain data
CN111858611B (zh) * 2020-07-28 2024-09-13 北京金山云网络技术有限公司 数据访问方法、装置、计算机设备及存储介质
CN112118224B (zh) * 2020-08-12 2021-07-23 北京大学 一种大数据区块链的可信机制权限管理方法和系统
CN112182644B (zh) * 2020-09-11 2023-05-12 华控清交信息科技(北京)有限公司 一种数据处理方法、装置和电子设备
CN112182646B (zh) * 2020-09-16 2024-08-13 天星数科科技有限公司 数据读取方法及装置、数据授权方法及装置、存储介质
CN112307116A (zh) * 2020-09-17 2021-02-02 北京沃东天骏信息技术有限公司 基于区块链的数据访问控制方法、装置及设备
US12081979B2 (en) * 2020-11-05 2024-09-03 Visa International Service Association One-time wireless authentication of an Internet-of-Things device
CN112839092A (zh) * 2021-01-11 2021-05-25 北京信息科技大学 一种基于区块链的数据共享系统
KR102446967B1 (ko) 2021-02-19 2022-09-23 부경대학교 산학협력단 퍼블릭 블록체인에서의 개인 간 데이터 거래 및 공유를 지원하는 액세스 제어 시스템 및 방법
CN113112354A (zh) * 2021-03-04 2021-07-13 卓尔智联(武汉)研究院有限公司 一种区块链网络的交易处理方法、区块链网络及存储介质
US12041036B2 (en) * 2021-03-11 2024-07-16 Blackberry Limited Method and system for performing identity checks in a distributed system
US11620363B1 (en) 2021-03-15 2023-04-04 SHAYRE, Inc. Systems and methods for authentication and authorization for software license management
CN113162762B (zh) * 2021-04-16 2022-07-19 北京深思数盾科技股份有限公司 密钥授权方法、加密机、终端及存储介质
CN113329408B (zh) * 2021-04-20 2022-02-01 北京连山科技股份有限公司 一种军用lte与民用无线拨号网络混合组网的多路并发系统
CN112995211B (zh) * 2021-04-21 2021-07-23 腾讯科技(深圳)有限公司 基于区块链网络的数据处理方法、装置、设备及存储介质
KR102494215B1 (ko) * 2021-04-29 2023-02-06 주식회사 리드포인트시스템 뉴럴 블록 신속 전파 프로토콜 기반의 블록체인을 구축하는 장치 및 그 동작 방법
CN113315758B (zh) * 2021-05-11 2022-09-13 支付宝(杭州)信息技术有限公司 信息代理方法和装置
EP4095731A1 (en) * 2021-05-27 2022-11-30 Billon Sp. z o.o. Method and system of rescinding access to blockchain data
CN113438205B (zh) * 2021-05-31 2022-12-20 东软集团股份有限公司 区块链数据访问控制方法、节点以及系统
CN115438336A (zh) * 2021-06-04 2022-12-06 华为技术有限公司 一种用户数据管理方法以及相关设备
CN113259124A (zh) * 2021-06-08 2021-08-13 清华大学 一种区块链数据写入、访问方法及装置
CN114039753B (zh) * 2021-10-27 2024-03-12 中国联合网络通信集团有限公司 一种访问控制方法、装置、存储介质及电子设备
KR102467441B1 (ko) * 2021-10-28 2022-11-17 (주)씨큐하이 텐더민트 bft를 이용한 비정형 데이터의 암호화 방법, 장치 및 컴퓨터-판독가능 기록매체
CN113742782B (zh) * 2021-11-04 2022-02-08 中国信息通信研究院 基于隐私保护的区块链访问权限控制方法和区块链系统
KR102391187B1 (ko) * 2021-11-24 2022-04-28 엘에스웨어(주) 피드백 정보 블록체인 기록 방법 및 시스템
CN114172665A (zh) * 2021-12-07 2022-03-11 东软集团股份有限公司 区块链零信任系统以及用于区块链零信任系统的方法
CN114513533B (zh) * 2021-12-24 2023-06-27 北京理工大学 一种分类分级健身健康大数据共享系统及方法
CN114679264B (zh) * 2022-03-16 2023-12-08 亚信科技(成都)有限公司 一种密码生成方法、装置及存储介质
CN114785516B (zh) * 2022-03-31 2024-04-05 浙江数秦科技有限公司 基于区块链的限时加解密系统
CN114448732B (zh) * 2022-04-08 2022-06-21 中国信息通信研究院 标识隐私数据网络传输的保护方法和装置、介质、设备
CN117009983A (zh) * 2022-04-29 2023-11-07 华为技术有限公司 一种节点集群以及数据备份方法
KR102549385B1 (ko) * 2022-11-03 2023-06-29 주식회사 커먼컴퓨터 데이터 액세스 제어 제공 방법 및 시스템
CN117692151B (zh) * 2024-02-02 2024-05-31 杭州天谷信息科技有限公司 基于服务网络的通证撤销方法和通信方法

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140205089A1 (en) * 2013-01-24 2014-07-24 Raytheon Company System and method for differential encryption
CN105871538A (zh) * 2015-01-22 2016-08-17 阿里巴巴集团控股有限公司 量子密钥分发系统、量子密钥分发方法及装置
CN107103252A (zh) * 2017-04-27 2017-08-29 电子科技大学 基于区块链的数据访问控制方法
CN107241360A (zh) * 2017-08-04 2017-10-10 北京明朝万达科技股份有限公司 一种数据安全共享交换方法和数据安全共享交换平台系统
CN107395349A (zh) * 2017-08-16 2017-11-24 深圳国微技术有限公司 一种基于自认证公钥体制的区块链网络密钥分发方法

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001312468A (ja) * 2000-04-28 2001-11-09 Konami Co Ltd ネットワーク接続制御方法及び接続制御システム
US10490304B2 (en) * 2012-01-26 2019-11-26 Netspective Communications Llc Device-driven non-intermediated blockchain system over a social integrity network
US10984913B2 (en) * 2012-04-27 2021-04-20 Netspective Communications Llc Blockchain system for natural language processing
EP3036875A4 (en) * 2013-08-20 2017-04-19 Nokia Technologies Oy A method and apparatus for privacy-enhanced evidence evaluation
US10586063B2 (en) * 2015-03-20 2020-03-10 Samsung Electronics Co., Ltd. Method and apparatus for storing file by using a plurality of cloud storages
US9881300B2 (en) * 2015-03-27 2018-01-30 Intel Corporation Technologies for split key security
US10404450B2 (en) * 2016-05-02 2019-09-03 Cisco Technology, Inc. Schematized access control in a content centric network
WO2018039722A1 (en) * 2016-08-30 2018-03-08 Commonwealth Scientific And Industrial Research Organisation Dynamic access control on blockchain
CN107070938A (zh) * 2017-04-27 2017-08-18 电子科技大学 基于区块链的数据访问控制系统
JP6302592B2 (ja) * 2017-06-23 2018-03-28 株式会社エヌ・ティ・ティ・データ 情報処理装置、情報処理方法およびプログラム
CN107181599B (zh) * 2017-07-18 2020-01-21 天津理工大学 基于区块链的路由位置数据保密存储及共享方法
US10735202B2 (en) * 2017-07-24 2020-08-04 International Business Machines Corporation Anonymous consent and data sharing on a blockchain
US10567168B2 (en) * 2017-11-16 2020-02-18 International Business Machines Corporation Blockchain transaction privacy enhancement through broadcast encryption
US11218409B2 (en) * 2018-10-16 2022-01-04 Eluvio, Inc. Decentralized content fabric
US11316668B2 (en) * 2018-11-16 2022-04-26 Safetech Bv Methods and systems for cryptographic private key management for secure multiparty storage and transfer of information

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140205089A1 (en) * 2013-01-24 2014-07-24 Raytheon Company System and method for differential encryption
CN105871538A (zh) * 2015-01-22 2016-08-17 阿里巴巴集团控股有限公司 量子密钥分发系统、量子密钥分发方法及装置
CN107103252A (zh) * 2017-04-27 2017-08-29 电子科技大学 基于区块链的数据访问控制方法
CN107241360A (zh) * 2017-08-04 2017-10-10 北京明朝万达科技股份有限公司 一种数据安全共享交换方法和数据安全共享交换平台系统
CN107395349A (zh) * 2017-08-16 2017-11-24 深圳国微技术有限公司 一种基于自认证公钥体制的区块链网络密钥分发方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3761588A4

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110611911B (zh) * 2019-10-18 2022-08-26 中国联合网络通信集团有限公司 一种移动通信方法及装置
CN110611911A (zh) * 2019-10-18 2019-12-24 中国联合网络通信集团有限公司 一种移动通信方法及装置
WO2021088728A1 (zh) * 2019-11-06 2021-05-14 阿里巴巴集团控股有限公司 数据加密、解密和共享方法、设备、系统及存储介质
CN111050317B (zh) * 2019-12-07 2022-08-02 江西理工大学 一种基于联盟区块链的智能交通数据安全共享方法
CN111050317A (zh) * 2019-12-07 2020-04-21 江西理工大学 一种基于联盟区块链的智能交通数据安全共享方法
CN112953986A (zh) * 2019-12-10 2021-06-11 华为技术有限公司 一种边缘应用的管理方法及装置
CN112953986B (zh) * 2019-12-10 2024-03-12 华为云计算技术有限公司 一种边缘应用的管理方法及装置
CN111241574B (zh) * 2019-12-19 2024-04-30 广州宏算信息科技有限公司 基于区块链的隐私保护方法、装置及存储介质
CN111241574A (zh) * 2019-12-19 2020-06-05 广州宏算信息科技有限公司 基于区块链的隐私保护方法、装置及存储介质
US20210328785A1 (en) * 2020-04-15 2021-10-21 Open Invention Network Llc Document control system for blockchain
US11658816B2 (en) * 2020-04-15 2023-05-23 Philips North America Llc Document control system for blockchain
CN113536388A (zh) * 2020-04-16 2021-10-22 中移物联网有限公司 一种基于区块链的数据共享方法及系统
CN113536388B (zh) * 2020-04-16 2023-02-28 中移物联网有限公司 一种基于区块链的数据共享方法及系统
CN111601280B (zh) * 2020-05-14 2022-08-19 中国联合网络通信集团有限公司 一种接入验证方法及装置
CN111601280A (zh) * 2020-05-14 2020-08-28 中国联合网络通信集团有限公司 一种接入验证方法及装置
CN112328984B (zh) * 2020-11-24 2024-02-09 深圳市鹰硕技术有限公司 一种应用于大数据的数据安全管理方法和系统
CN112328984A (zh) * 2020-11-24 2021-02-05 深圳市鹰硕技术有限公司 一种应用于大数据的数据安全管理方法和系统
CN114666064A (zh) * 2022-03-25 2022-06-24 广东启链科技有限公司 基于区块链的数字资产管理方法、装置、存储介质及设备
CN115174235A (zh) * 2022-07-08 2022-10-11 慧之安信息技术股份有限公司 一种基于区块链的物联网可撤销属性加密方法
CN116455571A (zh) * 2023-06-16 2023-07-18 广州广杰网络科技有限公司 一种基于区块链网络通讯的数据交互方法及终端
CN116455571B (zh) * 2023-06-16 2023-12-22 广州广杰网络科技有限公司 一种基于区块链网络通讯的数据交互方法及终端

Also Published As

Publication number Publication date
EP3761588A4 (en) 2021-01-13
US11563569B2 (en) 2023-01-24
US20230119065A1 (en) 2023-04-20
JP2021516917A (ja) 2021-07-08
EP3761588B1 (en) 2023-08-02
CN110290094B (zh) 2022-03-11
US12058253B2 (en) 2024-08-06
US20210006400A1 (en) 2021-01-07
EP3761588A1 (en) 2021-01-06
SG11202009089SA (en) 2020-10-29
KR20200131307A (ko) 2020-11-23
CN110290094A (zh) 2019-09-27
KR102503515B1 (ko) 2023-02-23

Similar Documents

Publication Publication Date Title
WO2019179277A1 (zh) 一种数据访问权限的控制方法和装置
US11159307B2 (en) Ad-hoc trusted groups on a blockchain
WO2019157810A1 (zh) 一种数据传输方法、装置和网络节点
US11038682B2 (en) Communication method, apparatus and system, electronic device, and computer readable storage medium
CN109413645B (zh) 接入认证的方法和装置
EP2912800B1 (en) Methods and apparatus for data access control
JP4199074B2 (ja) 安全なデータ通信リンクのための方法と装置
CN114615095A (zh) 区块链跨链数据处理方法、中继链、应用链及跨链网络
CN111797415A (zh) 基于区块链的数据共享方法、电子设备和存储介质
WO2019041802A1 (zh) 基于服务化架构的发现方法及装置
US20170033925A1 (en) Methods and apparatus for implementing a communications system secured using one-time pads
CN109891423B (zh) 使用多个控制机构的数据加密控制
JP6181077B2 (ja) 特権に基づく鍵を生成するための方法および装置
CN105103578A (zh) 安全端对端和组通信
JP2004180280A (ja) 適応性のある委任のための方法とシステム
CN107113314B (zh) 用于云计算中的异构数据存储管理的方法和装置
US20180063105A1 (en) Management of enciphered data sharing
US20090180621A1 (en) Adaptive secure authenticated channels for direct sharing of protected content between devices
US20080313085A1 (en) System and method to share a guest version of rights between devices
JP2020507243A (ja) ネットワークデバイス及び信頼できるサードパーティデバイス
Cao New trends of information security—how to change people’s life style?
CN115715004A (zh) 一种针对大规模异构网络的隐私保护跨域认证方法
CN112019553B (zh) 一种基于ibe/ibbe数据共享方法
Alston Attribute-based encryption for attribute-based authentication, authorization, storage, and transmission in distributed storage systems
De Oliveira et al. Red Alert: break-glass protocol to access encrypted medical records in the cloud

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19770357

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2020550788

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2019770357

Country of ref document: EP

Effective date: 20200929

ENP Entry into the national phase

Ref document number: 20207029445

Country of ref document: KR

Kind code of ref document: A