WO2020186726A1 - 基于区块链的黑名单数据共享方法及系统 - Google Patents
基于区块链的黑名单数据共享方法及系统 Download PDFInfo
- Publication number
- WO2020186726A1 WO2020186726A1 PCT/CN2019/109349 CN2019109349W WO2020186726A1 WO 2020186726 A1 WO2020186726 A1 WO 2020186726A1 CN 2019109349 W CN2019109349 W CN 2019109349W WO 2020186726 A1 WO2020186726 A1 WO 2020186726A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- blacklist data
- key
- points
- business
- data
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/17—Details of further file system functions
- G06F16/176—Support for shared access to files; File sharing support
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/14—Details of searching files based on file metadata
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/14—Details of searching files based on file metadata
- G06F16/148—File search processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/16—File or folder operations, e.g. details of user interfaces specifically adapted to file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/16—File or folder operations, e.g. details of user interfaces specifically adapted to file systems
- G06F16/162—Delete operations
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Definitions
- the present invention relates to the technical field of block chains, in particular to a method and system for sharing blacklist data based on block chains.
- the blacklist is a list of actors or legal persons who record serious negative credit. Once they are included in the blacklist, it means that the credit of the actor has problems. Cooperation with the actors or legal persons on the blacklist will increase their cooperation risks.
- sources of blacklist data such as financial institutions, credit card issuing institutions, courts, and telecommunications companies. Since the sources of blacklist data include government functional agencies and large and medium-sized enterprises, due to its scattered sources, In the process of operation, it is difficult to effectively integrate and share the blacklist data of the above-mentioned units. Therefore, many private organizations that specialize in collecting the blacklist data of each unit and then sell them for profit have been derived, allowing enterprises to purchase by paying.
- the blacklist data is open, fragmented and open and opaque, the blacklist data obtained by different private organizations are different in quantity and quality. Therefore, even if the company purchases the blacklist at a high price The list data also cannot guarantee the integrity and validity of the blacklist data.
- the purpose of the present invention is to provide a blacklist data sharing method and system based on blockchain, which can ensure the convenience and effectiveness of blacklist data acquisition by introducing blockchain technology into the blacklist data application scenario, and improve the blacklist data The shared value of list data.
- one aspect of the present invention provides a method for sharing blacklist data based on blockchain, including:
- Member institutions build their own network nodes, and sequentially network the network nodes to which each member institution belongs to build a blockchain, and the network nodes include business nodes and points nodes;
- a blacklist data query request is initiated via any business node.
- the associated point node will pay the points to the point address of the target blacklist data holder, and pay the points at the holding institution After monitoring the credits into the account, use the private key matching the random public key to decrypt the packaged target blacklist data, and at the same time call the public key of the query institution to reversely encrypt the decrypted target blacklist data and return it to the query institution for decryption and query; or,
- the business node of the blacklist data holding institution initiates a blacklist data deletion request, and deletes the target blacklist data after the signature verification is passed, and deducts the points in the associated point address.
- the blockchain includes a business alliance chain and a point alliance chain.
- the business alliance chain is composed of a plurality of business nodes networking
- the point alliance chain is composed of a plurality of points node networking.
- the blacklist data upload request is initiated via any service node, and the generated symmetric key is used to encrypt the blacklist data while using a random public key to encrypt the symmetric key, and the encrypted blacklist data is encrypted with the encrypted blacklist data.
- the symmetric key is packaged on the chain, and when the account is settled on the chain, the associated point node requests the transfer of points to the designated point address.
- the member institution initiates a blacklist data upload request to the business alliance chain through its business node, and at the same time specifies the point address of the income points;
- the associated point node When the on-chain operation of the blacklist data is monitored and triggered, the associated point node requests the point alliance chain to transfer points to the designated point address.
- the method of encrypting the blacklist data by using a randomly generated symmetric key and encrypting the symmetric key by using the random public key and performing a packing and uploading operation includes:
- blacklist data Associating and marking the blacklist data, the point address and the random public key, where the blacklist data includes name, ID, and detailed data;
- the blacklist data query request is initiated via any business node, and when the target blacklist data is not uploaded by the query organization, the points are transferred to the point address of the target blacklist data holder through the associated point node , And use the private key matching the random public key to decrypt the packaged target blacklist data after the holding institution monitors that the points are entered into the account, and at the same time call the public key of the query institution to reversely encrypt the decrypted target blacklist data and return
- the methods to decrypt the inquiry to the inquiry organization include:
- the member institution initiates a blacklist data query request to the business alliance chain through its business node, and judges whether it is uploaded by the query institution according to the point address associated with the blacklist data to be queried;
- the points node includes multiple points addresses, and the query institution can select any point address with sufficient points to pay points to the point address of the target blacklist data holding institution.
- the process of querying blacklist data further includes:
- a request for basic information of blacklist data is initiated via any business node, the name and ID of the target blacklist data are entered as key values into the business alliance chain, and the basic information of the target blacklist data is returned by calling the smart contract.
- the method of initiating a blacklist data deletion request by the business node of the blacklist data holding institution itself, and deleting the target blacklist data after the signature verification is passed, and deducting the points in the associated point address includes:
- the blacklist data holding institution initiates a blacklist data deletion request through its own business node, and judges whether there are sufficient points in its associated point address through the business alliance chain;
- the block chain-based blacklist data sharing method provided by the present invention has the following beneficial effects:
- the block chain is constructed by sequentially connecting the network nodes corresponding to each member institution to the network, and each network node includes mutually related business nodes and points nodes, Among them, the business node is used to initiate a business request and store blacklist data, and the point node is used to execute the corresponding point transaction and record the point information when the business request is settled; for example, any member institution can pass the corresponding business
- the node initiates a blacklist data upload request, uses the generated symmetric secret key to encrypt the blacklist data, and uses a random public key to encrypt the symmetric secret key.
- the encrypted blacklist data and the encrypted symmetric secret key are packaged and uploaded to the chain.
- the associated point node When the chain is settled, the associated point node requests to transfer points to the designated point address; or any member institution can initiate a blacklist data query request through the corresponding business node.
- the target blacklist data When the target blacklist data is not uploaded by the query institution, Then, through the associated point node, the points are paid to the point address of the target blacklist data holder, and the private key matching the random public key is used to decrypt the packaged target blacklist data after the holder monitors that the points are entered into the account.
- Call the public key of the query organization to reversely encrypt the decrypted target blacklist data and return it to the query organization for decryption and query; or, any member organization can initiate a blacklist data deletion request through the corresponding business node, and delete it after the signature verification is passed.
- any member institution broadcasts a business request to the business alliance chain through its business node, it can execute the corresponding business request operation in the business alliance chain according to the consensus result.
- the executed business request is a blacklist data upload request
- any of the blacklist data query request and the blacklist data deletion request a certain point reward or deduction is given to the relevant parties who perform this operation through the point alliance chain, creating a way of using shared blacklist data to exchange points
- the “paid” model in turn encourages member institutions to share blacklist data in the business alliance chain in a timely and proactive manner based on the above-mentioned point incentive policy, increasing the scale and value of blacklist data sharing; in addition, due to the decentralized nature of the blockchain Therefore, the use of the block chain-based blacklist data sharing method provided by the present invention does not require a centralized operating organization and has the characteristics of low operating cost. Through the encrypted storage of key data, it can also effectively protect the privacy of customers and is safe and reliable. specialty.
- Another aspect of the present invention provides a block chain-based blacklist data sharing system, which is applied to the block chain-based blacklist data sharing method described in the above technical solution, and the system includes:
- the block chain construction unit is used for member institutions to build their own network nodes, and sequentially network the network nodes to which each member institution belongs to build a blockchain, and the network nodes include business nodes and points nodes;
- the blacklist data uploading unit is used to initiate a blacklist data upload request via any business node, use the generated symmetric key to encrypt the blacklist data while using a random public key to encrypt the symmetric key, and pass the encrypted blacklist
- the data and the encrypted symmetric key are packaged on the chain, and when the account is settled on the chain, the associated point node requests the transfer of points to the designated point address;
- the blacklist data query unit is used to initiate a blacklist data query request via any business node.
- the associated point node will send the point address of the target blacklist data holder institution Pay the points, and use the private key matching the random public key to decrypt the packaged target blacklist data after the holding institution monitors that the points are credited, and at the same time call the public key of the query institution to reverse the decrypted target blacklist data Encrypt and return to the query agency for decryption query;
- the blacklist data deletion unit is used to initiate a blacklist data deletion request via the business node of the blacklist data holding institution, and delete the target blacklist data and deduct the points in the associated point address after the signature verification is passed.
- the blacklist data uploading unit includes:
- Upload request module used by member institutions to initiate a blacklist data upload request to the business alliance chain through their business node, and at the same time specify the point address of the income points;
- Duplicate checking module used to calculate the key value of the blacklist data to be uploaded, and judge whether the blacklist data to be uploaded has been stored in the business alliance chain by the key value;
- the first execution module is used to encrypt the blacklist data with a randomly generated symmetric key and use a random public key to encrypt the symmetric key and perform the packaging and chaining operation when the judgment result is no. If the result is yes, end the current uploading of blacklist data;
- the point transaction module is used to request the point alliance chain to transfer points to the designated point address when the linking operation of the blacklist data is triggered.
- the blacklist data query unit includes:
- the query request module is used for member institutions to initiate a blacklist data query request to the business alliance chain through their business nodes, and judge whether it is uploaded by the query institution according to the point address associated with the blacklist data to be queried;
- the second execution module is used to, when the judgment result is yes, call the private key associated with the credit address to decrypt the encrypted symmetric key to extract the plaintext symmetric key, and then use the plaintext symmetric key to decrypt the folder
- the judgment result is no, request the point alliance chain to pay points to the point address of the target blacklist data holder through the associated point node, and use it to match the associated point address after the holding institution monitors that the points are credited to the account
- the private key decrypts the encrypted symmetric secret key, extracts the plaintext symmetric secret key, calls the public key of the query agency to reverse the plaintext symmetric secret key, and then packages the reverse encrypted symmetric secret key and the undecrypted details data to return Decrypt and obtain it from the inquiry agency.
- the blacklist data deletion unit includes:
- the deletion request module is used for the blacklist data holding institution to initiate a blacklist data deletion request via its own business node, and determine whether there are sufficient points in its associated point address through the business alliance chain;
- the third execution module is used to sign the target blacklist data with the private key matching the random public key when the judgment result is yes, and send the signature information along with the blacklist data deletion request to the business alliance chain, After verification by the business alliance chain, delete the target blacklist data and deduct the points in the associated point address. Otherwise, the current blacklist data deletion operation is ended; when the judgment result is no, the current blacklist data deletion operation is directly ended .
- the beneficial effects of the block chain-based blacklist data sharing system provided by the present invention are the same as the beneficial effects of the block chain-based blacklist data sharing method provided by the above technical solutions, and will not be repeated here. .
- FIG. 1 is a schematic flowchart of a method for sharing blacklist data based on a blockchain in Embodiment 1 of the present invention
- Figure 2 is a schematic diagram of the architecture of the business alliance chain and the point alliance chain;
- Fig. 3 is a schematic diagram of the process of obtaining points by uploading blacklist data through any business node in Fig. 1;
- Fig. 4 is a schematic diagram of the process of querying blacklist data and paying points through any business node in Fig. 1;
- FIG. 5 is a schematic diagram of the process of deleting blacklist data and deducting points through any business node in FIG.
- Fig. 6 is a block diagram of the block chain-based blacklist data sharing system in the second embodiment of the present invention.
- This embodiment provides a method for sharing blacklist data based on blockchain, including:
- the member institutions build their own network nodes, and sequentially network the network nodes of each member institution to build a blockchain.
- the network nodes include business nodes and points nodes; a blacklist data upload request is initiated via any business node, and the generated symmetric secret is used.
- the key encrypts the blacklist data while using the random public key to encrypt the symmetric secret key.
- the encrypted blacklist data and the encrypted symmetric secret key are packaged on the chain, and the associated point node requests the designated The points address is transferred into points; or, a blacklist data query request is initiated through any business node, and when the target blacklist data is not uploaded by the query institution, the associated point node will send the points address of the target blacklist data holder institution Pay the points, and use the private key matching the random public key to decrypt the packaged target blacklist data after the holding institution monitors that the points are entered into the account.
- the public key of the query institution is called to reversely encrypt the decrypted target blacklist data and return Decrypt the query to the query institution; or, initiate a blacklist data deletion request via the business node of the blacklist data holding institution itself, and delete the target blacklist data after the signature verification is passed, and deduct the points in the associated point address.
- a blockchain is constructed by sequentially connecting network nodes corresponding to each member institution to the network, and each network node includes interrelated business nodes And points nodes, where the business nodes are used to initiate business requests and store blacklist data, and the points nodes are used to execute corresponding points transactions and record points information when the business request is settled; for example, any member institution may Initiate a blacklist data upload request through the corresponding business node, use the generated symmetric key to encrypt the blacklist data while using a random public key to encrypt the symmetric key, and pack the encrypted blacklist data and the encrypted symmetric key on the chain , And when the account is settled on the chain, the associated point node requests to transfer points to the designated point address; or any member institution can initiate a blacklist data query request through the corresponding business node.
- the target blacklist data When the target blacklist data is not queried by When the institution uploads, it will pay the points to the point address of the holding institution of the target blacklist data through the associated point node, and use the private key matching the random public key to package the target blacklist after the holding institution monitors the credit entry Data decryption, and at the same time, the public key of the query organization is called to reversely encrypt the decrypted target blacklist data and return it to the query organization for decryption and query; or, any member organization can initiate a blacklist data deletion request through the corresponding business node and sign it After the verification is passed, delete the target blacklist data and deduct the points in the associated point address.
- any member institution broadcasts a business request to the business alliance chain through its business node, it can execute the corresponding business request operation in the business alliance chain according to the consensus result.
- the executed business request is a blacklist data upload request
- any of the blacklist data query request and the blacklist data deletion request a certain point reward or deduction is given to the relevant parties who perform this operation through the point alliance chain, creating a way of using shared blacklist data to exchange points
- the “paid” model in turn encourages member institutions to share blacklist data in the business alliance chain in a timely and proactive manner based on the above-mentioned point incentive policy, increasing the scale and value of blacklist data sharing; in addition, due to the decentralized nature of the blockchain Therefore, the use of the block chain-based blacklist data sharing method provided by the present invention does not require a centralized operating organization and has the characteristics of low operating cost. Through the encrypted storage of key data, it can also effectively protect the privacy of customers and is safe and reliable. specialty.
- blacklist service request in the above embodiment is not limited to the three methods of blacklist data upload request, blacklist data query request and blacklist data deletion request, and may also include other achievable services. Requests, such as blacklist data download requests, blacklist data modification requests, etc.
- the blockchain in the above embodiment includes a business alliance chain, a point alliance chain, and an API server.
- the business alliance chain is composed of multiple business nodes networked, and the point alliance chain is networked by multiple point nodes.
- the API server encapsulates the SDK package of the business alliance chain and the point alliance chain and the external service framework.
- the function of the API server is to connect the business alliance chain and the point alliance chain and provide external service interfaces; among them, the business alliance chain includes the business alliance chain ontology
- the business alliance chain ontology is used for the operation of smart contracts and provides blacklist data storage and sharing services
- the event monitoring server is used to monitor events sent by the business alliance chain ontology, and at the same time initiate a point transfer request to the point alliance chain.
- a blacklist data upload request is initiated via any service node, and the generated symmetric key is used to encrypt the blacklist data while using a random public key to encrypt the symmetric key.
- the blacklist data and the encrypted symmetric key are packaged on the chain, and when the account is set on the chain, the associated point node requests the transfer of points to the designated point address.
- the methods include:
- the member institution initiates a blacklist data upload request to the business alliance chain through its business node, and at the same time specifies the point address of the income points; calculates the key value of the blacklist data to be uploaded, and judges whether the business alliance chain has stored the blacklist data to be uploaded by the key value List data; when the judgment result is no, use the randomly generated symmetric key to encrypt the blacklist data and use the random public key to encrypt the symmetric key and perform the packaging and chaining operation. When the judgment result is yes, end the current The uploading operation of blacklist data; when the on-chain operation of monitoring the blacklist data is triggered, the associated point node requests the point alliance chain to transfer points to the designated point address.
- the above-mentioned method of encrypting the blacklist data using a randomly generated symmetric key and using a random public key to encrypt the symmetric key and performing the packing and chaining operation includes:
- the blacklist data includes the name, ID and detail data; use the randomly generated symmetric key to encrypt the detail data, and store the name, ID and encrypted detail data In the same folder; use a random public key to encrypt the symmetric secret key twice, and then package the symmetric secret key and the folder for the second encryption and upload it to the business alliance chain.
- a member institution when a member institution needs to upload the blacklist data it has to the business alliance chain, it will first desensitize the name and ID of the blacklist data, and specify a point address and random public key and the blacklist to be uploaded Data association mark, and then calculate the key value of the blacklist data to be uploaded based on the name, ID and detailed data of the blacklist data to be uploaded, and compare it with the key value of the blacklist data stored in the business alliance chain to determine the blacklist to be uploaded Whether the list data already exists in the business alliance chain, when the judgment result is no, use the randomly generated symmetric key to encrypt the detail data, and store the name, ID and encrypted detail data in the same folder, and then use it later
- the above-mentioned associated random public key encrypts the symmetric secret key twice, and finally packs the second encrypted symmetric secret key and folder and uploads it to the business alliance chain.
- the judgment result is yes, the current upload operation of blacklist data is ended. Until the event monitoring server monitors the blacklist data
- the blacklist data storage field of the package and chain includes the symmetric key and the folder encrypted with the symmetric key
- a random public address associated with the uploading organization address must be used.
- the key separately encrypts the symmetric secret key twice.
- the encrypted symmetric secret key is stored in the business alliance chain together with the encrypted folder. It is not necessary for this member institution to use each blacklist data
- the symmetric secret key of each business node is maintained, which reduces the complexity of the system while ensuring security.
- the accounting characteristics of each business node can be fully utilized to prevent Loss of the symmetric key.
- this embodiment For the query of blacklist data, this embodiment provides two query modes, namely a charged query mode and a free query mode.
- the specific implementation steps of this embodiment are described as follows:
- For the basic information query mode initiate a basic information query request for blacklist data through any business node, enter the name and ID of the target blacklist data as a key value into the business alliance chain, and return the basic information of the target blacklist data by calling the smart contract .
- the member institution initiates a blacklist data query request to the business alliance chain through its business node, and judges whether it is uploaded by the query institution according to the point address associated with the blacklist data to be queried; when the judgment result is If yes, call the private key associated with the point address to decrypt the encrypted symmetric key to extract the clear text symmetric key, and then use the clear text symmetric key to decrypt the detailed data in the folder; when the judgment result is no, pass the associated points
- the node requests the point alliance chain to pay points to the point address of the target blacklist data holder, and after the holder monitors that the points are entered into the account, the private key matching the associated point address is used to decrypt the encrypted symmetric key and extract the plaintext symmetric
- the public key of the query agency is called to reversely encrypt the plaintext symmetric secret key, and then the reverse encrypted symmetric key and the undecrypted detailed data are packaged and returned to the query agency for decryption.
- the points node includes multiple points addresses, and the query institution can choose any point address with sufficient points to pay points to the point address of the target blacklist data holding institution.
- the method in which the business node of the blacklist data holding institution initiates a blacklist data deletion request, and deletes the target blacklist data and deducts the points in the associated point address after the signature verification is passed. include:
- the blacklist data holding institution initiates a blacklist data deletion request through its own business node, and judges whether there are sufficient points in its associated point address through the business alliance chain; when the judgment result is yes, use the private key that matches the random public key Sign the target blacklist data, and send the signature information along with the blacklist data deletion request to the business alliance chain. After the business alliance chain has passed the verification, delete the target blacklist data and deduct the points in the associated point address. Otherwise, end the current The deletion operation of the blacklist data; when the judgment result is no, the current deletion operation of the blacklist data is directly ended.
- a blacklist data holder when a blacklist data holder needs to delete a certain blacklist data, it first initiates a blacklist data deletion request through its own business node, and then determines whether there are sufficient points in the point address associated with the blacklist data. When the associated point address has sufficient points, use the private key matching the encrypted random public key to sign the target blacklist data, and send the signature information along with the blacklist data deletion request to the business alliance chain, which is verified by the business alliance chain After passing, delete the target blacklist data and deduct the points in the associated point address, otherwise, end the deletion of the current blacklist data; when the associated point address is insufficient in points, you can choose to use other point addresses with sufficient points of the holding institution The corresponding points are deducted, and then the blacklist data deletion operation is performed. If the points of all the points of the holding institution are insufficient, the current blacklist data deletion operation is directly ended.
- this embodiment provides a block chain-based blacklist data sharing system, including:
- Blockchain construction unit 1 is used for member institutions to build their own network nodes, and sequentially connect the network nodes of each member institution to build a blockchain.
- the network nodes include business nodes and points nodes;
- the blacklist data uploading unit 2 is used to initiate a blacklist data upload request via any business node, use the generated symmetric secret key to encrypt the blacklist data while using a random public key to encrypt the symmetric secret key, and by encrypting the encrypted blacklist data Pack it with the encrypted symmetric key and put it on the chain, and when the account is settled on the chain, the associated point node requests to transfer points to the designated point address;
- the blacklist data query unit 3 is used to initiate a blacklist data query request via any business node.
- the associated point node will send the points of the target blacklist data holder institution Pay points by address, and use the private key matching the random public key to decrypt the packaged target blacklist data after the holding institution monitors that the points are credited, and at the same time call the public key of the query institution to reversely encrypt the decrypted target blacklist data Return to the inquiry agency to decrypt the inquiry;
- the blacklist data deletion unit 4 is used to initiate a blacklist data deletion request via the business node of the blacklist data holding institution, and delete the target blacklist data and deduct the points in the associated point address after the signature verification is passed.
- the blacklist data uploading unit 2 includes:
- the upload request module 21 is used for member institutions to initiate a blacklist data upload request to the business alliance chain through their business nodes, and at the same time specify the point address of the income points;
- the duplicate checking module 22 is used to calculate the key value of the blacklist data to be uploaded, and judge whether the blacklist data to be uploaded has been stored in the business alliance chain by the key value;
- the first execution module 23 is used to encrypt the blacklist data with a randomly generated symmetric key and use a random public key to encrypt the symmetric key and perform the packaging and chaining operation when the judgment result is no, and when the judgment result is yes When the current blacklist data upload operation ends;
- the point transaction module 24 is used to request the point alliance chain to transfer points to the designated point address by the associated point node when the on-chain operation of the blacklist data is triggered.
- the blacklist data query unit 3 includes:
- the query request module 31 is used for member institutions to initiate a blacklist data query request to the business alliance chain through their business nodes, and determine whether it is uploaded by the querying institution according to the point address associated with the blacklist data to be queried;
- the second execution module 32 is configured to, when the judgment result is yes, call the private key associated with the point address to decrypt the encrypted symmetric key to extract the plain text symmetric key, and then use the plain text symmetric key to decrypt the detailed data in the folder ;
- the judgment result is no, request the points alliance chain to pay points to the point address of the target blacklist data holder through the associated point node, and use the private key that matches the associated point address after the holding institution monitors the crediting of the points
- Decrypt the encrypted symmetric secret key extract the plaintext symmetric secret key, call the public key of the query agency to reverse encrypt the plaintext symmetric secret key, and then package the reverse encrypted symmetric secret key and undecrypted detailed data back to the query agency Get decrypted.
- the blacklist data query unit 3 includes:
- the query request module 31 is used by the member institution to initiate a blacklist data query request to the business alliance chain through its business node, and determine whether it is uploaded by the query institution according to the point address associated with the blacklist data to be queried;
- the second execution module 32 is configured to, when the judgment result is yes, call the private key associated with the point address to decrypt the encrypted symmetric key to extract the plain text symmetric key, and then use the plain text symmetric key to decrypt the detailed data in the folder ;
- the judgment result is no, request the points alliance chain to pay points to the point address of the target blacklist data holder through the associated point node, and use the private key that matches the associated point address after the holding institution monitors the crediting of the points
- Decrypt the encrypted symmetric secret key extract the plaintext symmetric secret key, call the public key of the query agency to reverse encrypt the plaintext symmetric secret key, and then package the reverse encrypted symmetric secret key and undecrypted detailed data back to the query agency Get decrypted.
- the blacklist data deletion unit 4 includes:
- the deletion request module 41 is used for the blacklist data holding institution to initiate a blacklist data deletion request via its own business node, and determine whether there are sufficient points in its associated point address through the business alliance chain;
- the third execution module 42 is configured to use the private key matching the random public key to sign the target blacklist data when the judgment result is yes, and send the signature information along with the blacklist data deletion request to the business alliance chain , After the verification of the business alliance chain is passed, delete the target blacklist data and deduct the points in the associated point address. Otherwise, end the deletion of the current blacklist data; if the judgment result is no, directly end the deletion of the current blacklist data operating.
- the beneficial effects of the block chain-based blacklist data sharing system provided by the embodiment of the present invention are the same as the beneficial effects of the block chain-based blacklist data sharing method provided in the first embodiment. Do not repeat it.
- the above-mentioned inventive method can be implemented by a program instructing relevant hardware.
- the above-mentioned program can be stored in a computer-readable storage medium.
- the storage medium may be: ROM/RAM, magnetic disk, optical disk, memory card, etc.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Data Mining & Analysis (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Human Computer Interaction (AREA)
- Library & Information Science (AREA)
- Medical Informatics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
Claims (12)
- 一种基于区块链的黑名单数据共享方法,其特征在于,包括:成员机构搭建各自的网络节点,依序将各成员机构所属的网络节点联网构建区块链,所述网络节点包括业务节点和积分节点;经由任一业务节点发起黑名单数据上传请求,利用生成的对称秘钥加密黑名单数据的同时使用随机公钥对所述对称秘钥加密,通过将加密的黑名单数据和加密的对称秘钥打包上链,并在上链落账时由关联的积分节点请求向指定的积分地址转入积分;或者,经由任一业务节点发起黑名单数据查询请求,当目标黑名单数据并非由查询机构上传时,则通过关联的积分节点向目标黑名单数据的持有机构的积分地址支付积分,并在持有机构监听到积分入账后使用与所述随机公钥匹配的私钥将打包的目标黑名单数据解密,同时调用查询机构的公钥对解密后的目标黑名单数据反向加密返回至查询机构解密查询;或者,经由黑名单数据持有机构自身的业务节点发起黑名单数据删除请求,并在签名验证通过后删除目标黑名单数据并扣除关联积分地址中的积分。
- 根据权利要求1所述的方法,其特征在于,所述区块链包括业务联盟链和积分联盟链,业务联盟链由多个业务节点联网组成,积分联盟链由多个积分节点联网组成。
- 根据权利要求2所述的方法,其特征在于,所述经由任一业务节点发起黑名单数据上传请求,利用生成的对称秘钥加密黑名单数据的同时使用随机公钥对所述对称秘钥加密,通过将加密的黑名单数据和加密的对称秘钥打包上链,并在上链落账时由关联的积分节点请求向指定的积分地址转入积分的方法包括:成员机构通过所属业务节点向业务联盟链发起黑名单数据上传请求,同时指定收入积分的积分地址;计算待上传黑名单数据的key值,通过所述key值判断业务联盟链中是否 已经存储了待上传黑名单数据;在判断结果为否时,利用随机生成的对称秘钥对所述黑名单数据加密以及使用随机公钥对所述对称秘钥进行加密并执行打包上链操作,在判断结果为是时,结束当前的黑名单数据的上传操作;当监听到黑名单数据的上链操作落账触发时,由关联的积分节点请求积分联盟链向指定的所述积分地址转入积分。
- 根据权利要求3所述的方法,其特征在于,所述利用随机生成的对称秘钥对所述黑名单数据加密以及使用所述随机公钥对所述对称秘钥进行加密并执行打包上链操作的方法包括:将所述黑名单数据、所述积分地址和所述随机公钥关联标记,其中,所述黑名单数据包括名称、ID和详情数据;使用随机生成的对称秘钥将详情数据加密,并将名称、ID和加密的详情数据存储于同一文件夹中;利用所述随机公钥对所述对称秘钥进行二次加密,然后将二次加密的对称秘钥和所述文件夹打包上传业务联盟链。
- 根据权利要求4所述的方法,其特征在于,所述经由任一业务节点发起黑名单数据查询请求,当目标黑名单数据并非由查询机构上传时,则通过关联的积分节点向目标黑名单数据的持有机构的积分地址转入积分,并在持有机构监听到积分入账后使用与所述随机公钥匹配的私钥将打包的目标黑名单数据解密,同时调用查询机构的公钥对解密后的目标黑名单数据反向加密返回至查询机构解密查询的方法包括:成员机构通过所属业务节点向业务联盟链发起黑名单数据查询请求,并根据待查询黑名单数据关联的积分地址判断是否为查询机构上传;当判断结果为是时,调用与所述积分地址关联的私钥将加密的对称秘钥解密提取明文对称秘钥,之后再利用明文对称秘钥解密所述文件夹中的详情 数据;当判断结果为否时,通过关联的积分节点请求积分联盟链向目标黑名单数据持有机构的积分地址支付积分,并在持有机构监听到积分入账后使用与关联积分地址匹配的私钥解密被加密的对称秘钥,提取出明文对称秘钥后调用查询机构的公钥将明文对称秘钥反向加密,之后将反向加密的对称秘钥和未解密的详情数据打包返回至查询机构解密获取。
- 根据权利要求5所述的方法,其特征在于,所述积分节点中包括多个积分地址,查询机构可选择积分充足的任一积分地址向目标黑名单数据持有机构的积分地址支付积分。
- 根据权利要求1所述的方法,其特征在于,在黑名单数据查询的过程中还包括:经由任一业务节点发起黑名单数据的基本信息查询请求,将目标黑名单数据的名称和ID作为键值输入业务联盟链,通过调用智能合约返回目标黑名单数据的基本信息。
- 根据权利要求4所述的方法,其特征在于,所述经黑名单数据持有机构自身的业务节点发起黑名单数据删除请求,并在签名验证通过后删除目标黑名单数据并扣除关联积分地址中的积分的方法包括:黑名单数据持有机构经自身的业务节点发起黑名单数据删除请求,通过业务联盟链判断其关联的积分地址中是否存在充足积分;在判断结果为是时,使用与所述随机公钥匹配的私钥对目标黑名单数据进行签名,并将签名信息随黑名单数据的删除请求一同发送业务联盟链,经业务联盟链验证通过后删除目标黑名单数据并扣除关联积分地址中的积分,否则,结束当前的黑名单数据的删除操作;在判断结果为否时,直接结束当前黑名单数据的删除操作。
- 一种基于区块链的黑名单数据共享系统,其特征在于,包括:区块链构建单元,用于成员机构搭建各自的网络节点,依序将各成员机构所属的网络节点联网构建区块链,所述网络节点包括业务节点和积分节点;黑名单数据上传单元,用于经由任一业务节点发起黑名单数据上传请求,利用生成的对称秘钥加密黑名单数据的同时使用随机公钥对所述对称秘钥加密,通过将加密的黑名单数据和加密的对称秘钥打包上链,并在上链落账时由关联的积分节点请求向指定的积分地址转入积分;黑名单数据查询单元,用于经由任一业务节点发起黑名单数据查询请求,当目标黑名单数据并非由查询机构上传时,则通过关联的积分节点向目标黑名单数据的持有机构的积分地址支付积分,并在持有机构监听到积分入账后使用与所述随机公钥匹配的私钥将打包的目标黑名单数据解密,同时调用查询机构的公钥对解密后的目标黑名单数据反向加密返回至查询机构解密查询;黑名单数据删除单元,用于经黑名单数据持有机构自身的业务节点发起黑名单数据删除请求,并在签名验证通过后删除目标黑名单数据并扣除关联积分地址中的积分。
- 根据权利要求9所述的系统,其特征在于,所述黑名单数据上传单元包括:上传请求模块,用于成员机构通过所属业务节点向业务联盟链发起黑名单数据上传请求,同时指定收入积分的积分地址;查重模块,用于计算待上传黑名单数据的key值,通过所述key值判断业务联盟链中是否已经存储了待上传黑名单数据;第一执行模块,用于在判断结果为否时,利用随机生成的对称秘钥对所述黑名单数据加密以及使用随机公钥对所述对称秘钥进行加密并执行打包上链操作,在判断结果为是时,结束当前的黑名单数据的上传操作;积分交易模块,用于当监听到黑名单数据的上链操作落账触发时,由关 联的积分节点请求积分联盟链向指定的所述积分地址转入积分。
- 根据权利要求9所述的系统,其特征在于,所述黑名单数据查询单元包括:查询请求模块,用于成员机构通过所属业务节点向业务联盟链发起黑名单数据查询请求,并根据待查询黑名单数据关联的积分地址判断是否为查询机构上传;第二执行模块,用于当判断结果为是时,调用与所述积分地址关联的私钥将加密的对称秘钥解密提取明文对称秘钥,之后再利用明文对称秘钥解密所述文件夹中的详情数据;当判断结果为否时,通过关联的积分节点请求积分联盟链向目标黑名单数据持有机构的积分地址支付积分,并在持有机构监听到积分入账后使用与关联积分地址匹配的私钥解密被加密的对称秘钥,提取出明文对称秘钥后调用查询机构的公钥将明文对称秘钥反向加密,之后将反向加密的对称秘钥和未解密的详情数据打包返回至查询机构解密获取。
- 根据权利要求9所述的系统,其特征在于,所述黑名单数据删除单元包括:删除请求模块,用于黑名单数据持有机构经自身的业务节点发起黑名单数据删除请求,通过业务联盟链判断其关联的积分地址中是否存在充足积分;第三执行模块,用于在判断结果为是时,使用与所述随机公钥匹配的私钥对目标黑名单数据进行签名,并将签名信息随黑名单数据的删除请求一同发送业务联盟链,经业务联盟链验证通过后删除目标黑名单数据并扣除关联积分地址中的积分,否则,结束当前的黑名单数据的删除操作;在判断结果为否时,直接结束当前的黑名单数据的删除操作。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA3175939A CA3175939C (en) | 2019-03-18 | 2019-09-30 | Blacklist data sharing method and system based on blockchain |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910203937.1 | 2019-03-18 | ||
CN201910203937.1A CN111723060B (zh) | 2019-03-18 | 2019-03-18 | 基于区块链的黑名单数据共享方法及系统 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020186726A1 true WO2020186726A1 (zh) | 2020-09-24 |
Family
ID=72518994
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2019/109349 WO2020186726A1 (zh) | 2019-03-18 | 2019-09-30 | 基于区块链的黑名单数据共享方法及系统 |
Country Status (3)
Country | Link |
---|---|
CN (1) | CN111723060B (zh) |
CA (1) | CA3175939C (zh) |
WO (1) | WO2020186726A1 (zh) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112488834A (zh) * | 2020-11-24 | 2021-03-12 | 成都质数斯达克科技有限公司 | 节点管理方法、装置、电子设备及可读存储介质 |
CN114240349A (zh) * | 2021-12-09 | 2022-03-25 | 数字未来(福建)信息科技有限公司 | 一种基于区块链的生态环境监管方法及其系统 |
CN114971896A (zh) * | 2022-03-31 | 2022-08-30 | 华润网络(深圳)有限公司 | 一种联盟链的积分管理方法 |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112446702A (zh) * | 2020-11-17 | 2021-03-05 | 深圳市元征科技股份有限公司 | 一种数据验证方法、装置及节点设备 |
CN112583802B (zh) * | 2020-12-03 | 2023-02-17 | 重庆新致金服信息技术有限公司 | 基于区块链的数据共享平台系统、设备以及数据共享方法 |
CN114386086A (zh) * | 2021-09-24 | 2022-04-22 | 浙江甲骨文超级码科技股份有限公司 | 黑名单数据共享方法及获取方法 |
CN114584283A (zh) * | 2022-03-21 | 2022-06-03 | 深圳壹账通智能科技有限公司 | 黑名单匹配的隐私保护方法、装置、设备及存储介质 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108462724A (zh) * | 2018-05-17 | 2018-08-28 | 北京京东金融科技控股有限公司 | 数据共享方法、装置、系统、成员节点和可读存储介质 |
CN108650270A (zh) * | 2018-05-16 | 2018-10-12 | 苏宁易购集团股份有限公司 | 基于联盟链和激励机制的数据共享方法及系统 |
CN108848081A (zh) * | 2018-06-01 | 2018-11-20 | 深圳崀途科技有限公司 | 基于联盟链存储校验和积分激励机制的数据共享方法 |
CN109447643A (zh) * | 2018-10-31 | 2019-03-08 | 中国银联股份有限公司 | 一种基于区块链的数据共享系统及数据共享方法 |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170344988A1 (en) * | 2016-05-24 | 2017-11-30 | Ubs Ag | System and method for facilitating blockchain-based validation |
CN106651346A (zh) * | 2016-11-28 | 2017-05-10 | 上海凯岸信息科技有限公司 | 基于区块链的征信数据共享与交易系统 |
-
2019
- 2019-03-18 CN CN201910203937.1A patent/CN111723060B/zh active Active
- 2019-09-30 CA CA3175939A patent/CA3175939C/en active Active
- 2019-09-30 WO PCT/CN2019/109349 patent/WO2020186726A1/zh active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108650270A (zh) * | 2018-05-16 | 2018-10-12 | 苏宁易购集团股份有限公司 | 基于联盟链和激励机制的数据共享方法及系统 |
CN108462724A (zh) * | 2018-05-17 | 2018-08-28 | 北京京东金融科技控股有限公司 | 数据共享方法、装置、系统、成员节点和可读存储介质 |
CN108848081A (zh) * | 2018-06-01 | 2018-11-20 | 深圳崀途科技有限公司 | 基于联盟链存储校验和积分激励机制的数据共享方法 |
CN109447643A (zh) * | 2018-10-31 | 2019-03-08 | 中国银联股份有限公司 | 一种基于区块链的数据共享系统及数据共享方法 |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112488834A (zh) * | 2020-11-24 | 2021-03-12 | 成都质数斯达克科技有限公司 | 节点管理方法、装置、电子设备及可读存储介质 |
CN112488834B (zh) * | 2020-11-24 | 2024-03-19 | 成都质数斯达克科技有限公司 | 节点管理方法、装置、电子设备及可读存储介质 |
CN114240349A (zh) * | 2021-12-09 | 2022-03-25 | 数字未来(福建)信息科技有限公司 | 一种基于区块链的生态环境监管方法及其系统 |
CN114971896A (zh) * | 2022-03-31 | 2022-08-30 | 华润网络(深圳)有限公司 | 一种联盟链的积分管理方法 |
Also Published As
Publication number | Publication date |
---|---|
CN111723060A (zh) | 2020-09-29 |
CN111723060B (zh) | 2023-04-21 |
CA3175939A1 (en) | 2020-09-24 |
CA3175939C (en) | 2024-06-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2020186726A1 (zh) | 基于区块链的黑名单数据共享方法及系统 | |
US11810080B2 (en) | Systems and method for tracking enterprise events using hybrid public-private blockchain ledgers | |
WO2020024968A1 (zh) | 资源转移数据管理方法、装置及存储介质 | |
CN108765240B (zh) | 基于区块链的机构间客户验证方法、交易监管方法和装置 | |
CN109359974B (zh) | 区块链交易方法及装置、电子设备 | |
CN108009917B (zh) | 数字货币的交易验证和登记方法及系统 | |
US11962681B2 (en) | Symmetric encryption for private smart contracts among multiple parties in a private peer-to-peer network | |
WO2020103566A1 (zh) | 一种区块链存证方法、装置和计算机设备 | |
CN111026789B (zh) | 基于区块链的电子票据查询方法及装置、电子设备 | |
WO2020156088A1 (zh) | 基于区块链的信息交互方法、区块链节点和征信系统 | |
CN111724153B (zh) | 一种基于区块链的预付式消费监管系统、方法及存储介质 | |
US20230087360A1 (en) | Stake pool of a system digital asset-backed data interaction system | |
CN108564353A (zh) | 基于区块链的支付系统及方法 | |
US20150348017A1 (en) | Method for integrating cryptocurrency transfer on a social network interface | |
US11431683B2 (en) | Secure and trusted data communication system | |
US20080263645A1 (en) | Privacy identifier remediation | |
CN105871923B (zh) | 信息处理方法、信息记录节点及参与节点 | |
CN108717659A (zh) | 一种基于区块链的税收方法和架构 | |
WO2022237588A1 (zh) | 基于区块链的数据存证方法、装置、设备和存储介质 | |
WO2020186727A1 (zh) | 基于区块链的敏感数据交易方法及系统 | |
CN113947394A (zh) | 云存储中重复数据可删除的基于区块链的公平支付方法 | |
KR20200073803A (ko) | 블록체인 전자지갑 관리 시스템 | |
CN111491024A (zh) | 一种基于区块链的银行函证方法、系统、终端及存储介质 | |
CN111461881A (zh) | 数据管理方法、装置、计算机设备及存储介质 | |
KR102085997B1 (ko) | 블록체인 기반의 부동산 거래 서비스 방법 및 시스템 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19920559 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19920559 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 22/04/2022) |
|
ENP | Entry into the national phase |
Ref document number: 3175939 Country of ref document: CA |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19920559 Country of ref document: EP Kind code of ref document: A1 |